diff --git a/includes/media.admin.inc b/includes/media.admin.inc index 069003f..49299ed 100644 --- a/includes/media.admin.inc +++ b/includes/media.admin.inc @@ -318,6 +318,14 @@ function media_admin_config_browser($form, &$form_state) { $form['wysiwyg'][media_variable_name('wysiwyg_browser_plugins')]['#options'][$key] = !empty($plugin['title']) ? $plugin['title'] : $key; } + $form['wysiwyg'][media_variable_name('wysiwyg_allowed_types')] = array( + '#type' => 'checkboxes', + '#title' => t('Allowed types in WYSIWYG'), + '#options' => file_type_get_names(), + '#default_value' => media_variable_get('wysiwyg_allowed_types'), + ); + $form['array_filter'] = array('#type' => 'value', '#value' => TRUE); + $form['#submit'][] = 'media_admin_config_browser_pre_submit'; return system_settings_form($form); } diff --git a/media.media.inc b/media.media.inc index 8e3e0cb..ca1098a 100644 --- a/media.media.inc +++ b/media.media.inc @@ -54,19 +54,19 @@ function media_query_media_browser_alter($query) { // I think PDO should protect them, but I'm not 100% certain. array_walk_recursive($params, 'media_recursive_check_plain'); - $remote_types = !empty($params['types']) ? $params['types'] : NULL; + $types = !empty($params['types']) ? $params['types'] : NULL; $url_include_patterns = !empty($params['url_include_patterns']) ? $params['url_include_patterns'] : NULL; $url_exclude_patterns = !empty($params['url_exclude_patterns']) ? $params['url_exclude_patterns'] : NULL; $allowed_schemes = !empty($params['schemes']) ? array_filter($params['schemes']) : array(); + $extensions = !empty($params['file_extensions']) ? array_filter(explode(' ', $params['file_extensions'])) : array(); - // Add conditions based on remote file type *or* local allowed extensions. $or_condition = db_or(); - // Include local files with the allowed extensions. - if (!empty($params['file_extensions'])) { - $extensions = array_filter(explode(' ', $params['file_extensions'])); + if (!empty($allowed_schemes)) { + // Include local files with the allowed extensions and types. $local_wrappers = array_intersect_key(media_get_local_stream_wrappers(), $allowed_schemes); - if (!empty($local_wrappers) && !empty($extensions)) { + if (!empty($extensions) && !empty($local_wrappers)) { + // Extension filtering. $local_condition = db_or(); foreach (array_keys($local_wrappers) as $scheme) { foreach ($extensions as $extension) { @@ -75,22 +75,40 @@ function media_query_media_browser_alter($query) { } $or_condition->condition($local_condition); } - } + if (!empty($types) && !empty($local_wrappers)) { + // Type filtering. + $local_condition = db_or(); + foreach (array_keys($local_wrappers) as $scheme) { + $local_condition->condition($alias . '.type', $types, 'IN'); + } + $or_condition->condition($local_condition); + } - // Include remote files with the allowed file types. - if (!empty($remote_types)) { + // Include remote files with the allowed file types. + // We cant filter extensions here, because remote file filenames usually + // are a url or a parameter of a query. $remote_wrappers = array_intersect_key(media_get_remote_stream_wrappers(), $allowed_schemes); - if (!empty($remote_wrappers)) { + if (!empty($types) && !empty($remote_wrappers)) { $remote_condition = db_and(); $wrapper_condition = db_or(); foreach (array_keys($remote_wrappers) as $scheme) { $wrapper_condition->condition($alias . '.uri', db_like($scheme . '://') . '%', 'LIKE'); } $remote_condition->condition($wrapper_condition); - $remote_condition->condition($alias . '.type', $remote_types, 'IN'); + $remote_condition->condition($alias . '.type', $types, 'IN'); $or_condition->condition($remote_condition); } } + else { + if (!empty($types)) { + $query->condition($alias . '.type', $types, 'IN'); + } + if (!empty($extensions)) { + foreach ($extensions as $extension) { + $or_condition->condition($alias . '.uri', db_like('.' . $extension), 'LIKE'); + } + } + } if ($or_condition->count()) { $query->condition($or_condition);