/root/blog/includes/functions_attachments.php
PHP | 1033 lines | 743 code | 193 blank | 97 comment | 134 complexity | ba995c25b3eb561b90eeab8e89badc48 MD5 | raw file
Possible License(s): AGPL-1.0
- <?php
- /**
- *
- * @package phpBB3 User Blog
- * @version $Id: functions_attachments.php 485 2008-08-15 23:33:57Z exreaction@gmail.com $
- * @copyright (c) 2008 EXreaction
- * @license http://opensource.org/licenses/gpl-license.php GNU Public License
- *
- */
- if (!defined('IN_PHPBB'))
- {
- exit;
- }
- /**
- * Custom Attachment class for Blogs
- *
- * Most of this code is forked from the attachment code in phpBB3.
- */
- class blog_attachment
- {
- public $attachment_data = array();
- public $filename_data = array();
- public $warn_msg = array();
- /**
- * Updates some attachment data
- */
- public function update_attachment_data($blog_id, $reply_id = 0, $poster_id = 0)
- {
- global $auth, $config, $db, $user;
- if (!$config['user_blog_enable_attachments'] || !$auth->acl_get('u_blogattach'))
- {
- return;
- }
- $blog_id = (int) $blog_id;
- $reply_id = (int) $reply_id;
- $poster_id = ($poster_id == 0) ? $user->data['user_id'] : (int) $poster_id;
- $attach_ids = array();
- if (sizeof($this->attachment_data))
- {
- foreach($this->attachment_data as $attach_row)
- {
- $sql_data = array(
- 'attach_comment' => $attach_row['attach_comment'],
- 'is_orphan' => 0,
- 'blog_id' => $blog_id,
- 'reply_id' => $reply_id,
- 'poster_id' => $poster_id,
- );
- $sql = 'UPDATE ' . BLOGS_ATTACHMENT_TABLE . '
- SET ' . $db->sql_build_array('UPDATE', $sql_data) . '
- WHERE attach_id = ' . (int) $attach_row['attach_id'];
- $db->sql_query($sql);
- }
- }
- }
- /**
- * Generate inline attachment entry
- */
- public function posting_gen_attachment_entry($attachment_data, &$filename_data)
- {
- global $template, $config;
- if (!$config['user_blog_enable_attachments'])
- {
- return;
- }
- $temp = compact('attachment_data', 'filename_data');
- blog_plugins::plugin_do_ref('function_posting_gen_attachment_entry', $temp);
- extract($temp);
- $template->assign_vars(array(
- 'S_SHOW_ATTACH_BOX' => true)
- );
- if (sizeof($attachment_data))
- {
- $template->assign_vars(array(
- 'S_HAS_ATTACHMENTS' => true)
- );
- ksort($attachment_data);
- foreach ($attachment_data as $count => $attach_row)
- {
- $hidden = '';
- $attach_row['real_filename'] = basename($attach_row['real_filename']);
- foreach ($attach_row as $key => $value)
- {
- $hidden .= '<input type="hidden" name="attachment_data[' . $count . '][' . $key . ']" value="' . $value . '" />';
- }
- $download_link = blog_url(false, false, false, array('page' => 'download', 'mode' => 'download', 'id' => intval($attach_row['attach_id'])));
- $template->assign_block_vars('attach_row', array(
- 'FILENAME' => basename($attach_row['real_filename']),
- 'A_FILENAME' => addslashes(basename($attach_row['real_filename'])),
- 'FILE_COMMENT' => $attach_row['attach_comment'],
- 'ATTACH_ID' => $attach_row['attach_id'],
- 'S_IS_ORPHAN' => $attach_row['is_orphan'],
- 'ASSOC_INDEX' => $count,
- 'U_VIEW_ATTACHMENT' => $download_link,
- 'S_HIDDEN' => $hidden)
- );
- }
- }
- $template->assign_vars(array(
- 'FILESIZE' => $config['max_filesize'])
- );
- return sizeof($attachment_data);
- }
- /**
- * Get Attachment Data
- *
- * Grabs attachment data for blogs and replies.
- *
- * @param int|array $blog_ids An array of blog_ids to look up
- * @param int|array|bool $reply_ids An array of reply_ids to look up
- */
- public function get_attachment_data($blog_ids, $reply_ids = false)
- {
- global $auth, $config, $db;
- if (!$config['user_blog_enable_attachments'] || !$auth->acl_get('u_download'))
- {
- return;
- }
- if (!is_array($blog_ids))
- {
- $blog_ids = array($blog_ids);
- }
- if (!is_array($reply_ids) && $reply_ids !== false)
- {
- $reply_ids = array($reply_ids);
- }
- $temp = compact('blog_ids', 'reply_ids');
- blog_plugins::plugin_do_ref('function_get_attachment_data', $temp);
- extract($temp);
- $blog_ids = array_unique(array_map('intval', $blog_ids));
- $reply_ids = ($reply_ids === false) ? false : array_unique(array_map('intval', $reply_ids));
- $reply_sql = ($reply_ids !== false) ? ' OR ' . $db->sql_in_set('reply_id', $reply_ids) : '';
- $sql = 'SELECT * FROM ' . BLOGS_ATTACHMENT_TABLE . '
- WHERE ' . $db->sql_in_set('blog_id', $blog_ids) .
- $reply_sql . '
- ORDER BY attach_id DESC';
- $result = $db->sql_query($sql);
- while ($row = $db->sql_fetchrow($result))
- {
- if ($row['reply_id'] != 0)
- {
- blog_data::$reply[$row['reply_id']]['attachment_data'][] = $row;
- }
- else if ($row['blog_id'] != 0)
- {
- blog_data::$blog[$row['blog_id']]['attachment_data'][] = $row;
- }
- }
- $db->sql_freeresult($result);
- }
- /**
- * Parse Attachments
- */
- public function parse_attachments($form_name, $submit, $preview, $refresh, &$text)
- {
- global $config, $auth, $user, $phpbb_root_path, $phpEx, $db, $message_parser;
- if (!$config['user_blog_enable_attachments'] || !$auth->acl_get('u_blogattach'))
- {
- return;
- }
- $error = array();
- $temp = compact('form_name', 'submit', 'preview', 'refresh', 'text');
- blog_plugins::plugin_do_ref('function_parse_attachments', $temp);
- extract($temp);
- $num_attachments = sizeof($this->attachment_data);
- $this->filename_data['filecomment'] = utf8_normalize_nfc(request_var('filecomment', '', true));
- $upload_file = (isset($_FILES[$form_name]) && $_FILES[$form_name]['name'] != 'none' && trim($_FILES[$form_name]['name'])) ? true : false;
- $add_file = (isset($_POST['add_file'])) ? true : false;
- $delete_file = (isset($_POST['delete_file'])) ? true : false;
- // First of all adjust comments if changed
- $actual_comment_list = utf8_normalize_nfc(request_var('comment_list', array(''), true));
- foreach ($actual_comment_list as $comment_key => $comment)
- {
- if (!isset($this->attachment_data[$comment_key]))
- {
- continue;
- }
- if ($this->attachment_data[$comment_key]['attach_comment'] != $actual_comment_list[$comment_key])
- {
- $this->attachment_data[$comment_key]['attach_comment'] = $actual_comment_list[$comment_key];
- }
- }
- if ($submit && $upload_file)
- {
- if ($num_attachments < $config['user_blog_max_attachments'] || $auth->acl_get('u_blognolimitattach'))
- {
- $filedata = $this->upload_attachment($form_name, false, '');
- $error = $filedata['error'];
- if ($filedata['post_attach'] && !sizeof($error))
- {
- $sql_ary = array(
- 'physical_filename' => $filedata['physical_filename'],
- 'attach_comment' => $this->filename_data['filecomment'],
- 'real_filename' => $filedata['real_filename'],
- 'extension' => $filedata['extension'],
- 'mimetype' => $filedata['mimetype'],
- 'filesize' => $filedata['filesize'],
- 'filetime' => $filedata['filetime'],
- 'thumbnail' => $filedata['thumbnail'],
- 'is_orphan' => 1,
- 'poster_id' => $user->data['user_id'],
- );
- $db->sql_query('INSERT INTO ' . BLOGS_ATTACHMENT_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
- unset($sql_ary);
- $new_entry = array(
- 'attach_id' => $db->sql_nextid(),
- 'is_orphan' => 1,
- 'real_filename' => $filedata['real_filename'],
- 'attach_comment'=> $this->filename_data['filecomment'],
- );
- $this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data);
- $message_parser->message = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#e', "'[attachment='.(\\1 + 1).']\\2[/attachment]'", $message_parser->message);
- $this->filename_data['filecomment'] = '';
- // This Variable is set to false here, because Attachments are entered into the
- // Database in two modes, one if the id_list is 0 and the second one if post_attach is true
- // Since post_attach is automatically switched to true if an Attachment got added to the filesystem,
- // but we are assigning an id of 0 here, we have to reset the post_attach variable to false.
- //
- // This is very relevant, because it could happen that the post got not submitted, but we do not
- // know this circumstance here. We could be at the posting page or we could be redirected to the entered
- // post. :)
- $filedata['post_attach'] = false;
- }
- }
- else
- {
- $error[] = sprintf($user->lang['TOO_MANY_ATTACHMENTS'], $config['user_blog_max_attachments']);
- }
- }
- if ($preview || $refresh || sizeof($error))
- {
- // Perform actions on temporary attachments
- if ($delete_file)
- {
- include_once($phpbb_root_path . 'includes/functions_admin.' . $phpEx);
- $index = array_keys(request_var('delete_file', array(0 => 0)));
- $index = (!empty($index)) ? $index[0] : false;
- if ($index !== false && !empty($this->attachment_data[$index]))
- {
- // delete selected attachment
- if ($this->attachment_data[$index]['is_orphan'])
- {
- $sql = 'SELECT attach_id, physical_filename, thumbnail
- FROM ' . BLOGS_ATTACHMENT_TABLE . '
- WHERE attach_id = ' . (int) $this->attachment_data[$index]['attach_id'] . '
- AND is_orphan = 1
- AND poster_id = ' . (int) $user->data['user_id'];
- $result = $db->sql_query($sql);
- $row = $db->sql_fetchrow($result);
- $db->sql_freeresult($result);
- if ($row)
- {
- phpbb_unlink($row['physical_filename'], 'file');
- if ($row['thumbnail'])
- {
- phpbb_unlink($row['physical_filename'], 'thumbnail');
- }
- $db->sql_query('DELETE FROM ' . BLOGS_ATTACHMENT_TABLE . ' WHERE attach_id = ' . (int) $this->attachment_data[$index]['attach_id']);
- }
- }
- else
- {
- $sql = 'SELECT attach_id, physical_filename, thumbnail
- FROM ' . BLOGS_ATTACHMENT_TABLE . '
- WHERE attach_id = ' . (int) $this->attachment_data[$index]['attach_id'];
- $result = $db->sql_query($sql);
- $row = $db->sql_fetchrow($result);
- $db->sql_freeresult($result);
- if ($row)
- {
- phpbb_unlink($row['physical_filename'], 'file');
- if ($row['thumbnail'])
- {
- phpbb_unlink($row['physical_filename'], 'thumbnail');
- }
- $db->sql_query('DELETE FROM ' . BLOGS_ATTACHMENT_TABLE . ' WHERE attach_id = ' . (int) $this->attachment_data[$index]['attach_id']);
- }
- }
- unset($this->attachment_data[$index]);
- $text = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#e', "(\\1 == \$index) ? '' : ((\\1 > \$index) ? '[attachment=' . (\\1 - 1) . ']\\2[/attachment]' : '\\0')", $text);
- $message_parser->message = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#e', "(\\1 == \$index) ? '' : ((\\1 > \$index) ? '[attachment=' . (\\1 - 1) . ']\\2[/attachment]' : '\\0')", $message_parser->message);
- // Reindex Array
- $this->attachment_data = array_values($this->attachment_data);
- }
- }
- else if (($add_file || $preview) && $upload_file)
- {
- if ($num_attachments < $config['user_blog_max_attachments'] || $auth->acl_get('u_blognolimitattach'))
- {
- $filedata = $this->upload_attachment($form_name, false, '');
- $error = array_merge($error, $filedata['error']);
- if (!sizeof($error))
- {
- $sql_ary = array(
- 'physical_filename' => $filedata['physical_filename'],
- 'attach_comment' => $this->filename_data['filecomment'],
- 'real_filename' => $filedata['real_filename'],
- 'extension' => $filedata['extension'],
- 'mimetype' => $filedata['mimetype'],
- 'filesize' => $filedata['filesize'],
- 'filetime' => $filedata['filetime'],
- 'thumbnail' => $filedata['thumbnail'],
- 'is_orphan' => 1,
- 'poster_id' => $user->data['user_id'],
- );
- $db->sql_query('INSERT INTO ' . BLOGS_ATTACHMENT_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
- $new_entry = array(
- 'attach_id' => $db->sql_nextid(),
- 'is_orphan' => 1,
- 'real_filename' => $filedata['real_filename'],
- 'attach_comment'=> $this->filename_data['filecomment'],
- );
- $this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data);
- $text = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#e', "'[attachment='.(\\1 + 1).']\\2[/attachment]'", $text);
- $message_parser->message = preg_replace('#\[attachment=([0-9]+):' . $message_parser->bbcode_uid . '\](.*?)\[\/attachment:' . $message_parser->bbcode_uid . '\]#e', "'[attachment='.(\\1 + 1).':{$message_parser->bbcode_uid}]\\2[/attachment:{$message_parser->bbcode_uid}]'", $message_parser->message);
- $this->filename_data['filecomment'] = '';
- }
- }
- else
- {
- $error[] = sprintf($user->lang['TOO_MANY_ATTACHMENTS'], $config['user_blog_max_attachments']);
- }
- }
- }
- foreach ($error as $error_msg)
- {
- $this->warn_msg[] = $error_msg;
- }
- unset($error);
- }
- /**
- * Get Attachment Data
- */
- public function get_submitted_attachment_data($check_user_id = false)
- {
- global $user, $db, $config, $auth;
- if (!$config['user_blog_enable_attachments'] || !$auth->acl_get('u_blogattach'))
- {
- return;
- }
- blog_plugins::plugin_do('get_submitted_attachment_data');
- $this->filename_data['filecomment'] = utf8_normalize_nfc(request_var('filecomment', '', true));
- $attachment_data = (isset($_POST['attachment_data'])) ? $_POST['attachment_data'] : array();
- $this->attachment_data = array();
- $check_user_id = ($check_user_id === false) ? $user->data['user_id'] : $check_user_id;
- if (!sizeof($attachment_data))
- {
- return;
- }
- $not_orphan = $orphan = array();
- foreach ($attachment_data as $pos => $var_ary)
- {
- if ($var_ary['is_orphan'])
- {
- $orphan[(int) $var_ary['attach_id']] = $pos;
- }
- else
- {
- $not_orphan[(int) $var_ary['attach_id']] = $pos;
- }
- }
- // Regenerate already posted attachments
- if (sizeof($not_orphan))
- {
- // Get the attachment data, based on the poster id...
- $sql = 'SELECT attach_id, is_orphan, real_filename, attach_comment
- FROM ' . BLOGS_ATTACHMENT_TABLE . '
- WHERE ' . $db->sql_in_set('attach_id', array_unique(array_map('intval', array_keys($not_orphan)))) . '
- AND poster_id = ' . $check_user_id;
- $result = $db->sql_query($sql);
- while ($row = $db->sql_fetchrow($result))
- {
- $pos = $not_orphan[$row['attach_id']];
- $this->attachment_data[$pos] = $row;
- set_var($this->attachment_data[$pos]['attach_comment'], $_POST['attachment_data'][$pos]['attach_comment'], 'string', true);
- unset($not_orphan[$row['attach_id']]);
- }
- $db->sql_freeresult($result);
- }
- if (sizeof($not_orphan))
- {
- trigger_error('NO_ACCESS_ATTACHMENT', E_USER_ERROR);
- }
- // Regenerate newly uploaded attachments
- if (sizeof($orphan))
- {
- $sql = 'SELECT attach_id, is_orphan, real_filename, attach_comment
- FROM ' . BLOGS_ATTACHMENT_TABLE . '
- WHERE ' . $db->sql_in_set('attach_id', array_unique(array_map('intval', array_keys($orphan)))) . '
- AND poster_id = ' . $user->data['user_id'] . '
- AND is_orphan = 1';
- $result = $db->sql_query($sql);
- while ($row = $db->sql_fetchrow($result))
- {
- $pos = $orphan[$row['attach_id']];
- $this->attachment_data[$pos] = $row;
- set_var($this->attachment_data[$pos]['attach_comment'], $_POST['attachment_data'][$pos]['attach_comment'], 'string', true);
- unset($orphan[$row['attach_id']]);
- }
- $db->sql_freeresult($result);
- }
- if (sizeof($orphan))
- {
- trigger_error('NO_ACCESS_ATTACHMENT', E_USER_ERROR);
- }
- ksort($this->attachment_data);
- }
- /**
- * Upload Attachment - filedata is generated here
- * Uses upload class
- */
- public function upload_attachment($form_name, $local = false, $local_storage = '', $local_filedata = false)
- {
- global $auth, $user, $config, $db, $phpbb_root_path, $phpEx;
- if (!$config['user_blog_enable_attachments'] || !$auth->acl_get('u_blogattach'))
- {
- return;
- }
- $filedata = array(
- 'error' => array()
- );
- if (!class_exists('fileupload'))
- {
- include($phpbb_root_path . 'includes/functions_upload.' . $phpEx);
- }
- $upload = new fileupload();
- if (!$local)
- {
- $filedata['post_attach'] = ($upload->is_valid($form_name)) ? true : false;
- }
- else
- {
- $filedata['post_attach'] = true;
- }
- if (!$filedata['post_attach'])
- {
- $filedata['error'][] = $user->lang['NO_UPLOAD_FORM_FOUND'];
- return $filedata;
- }
- $extensions = $this->obtain_blog_attach_extensions();
- $upload->set_allowed_extensions(array_keys($extensions['_allowed_']));
- $file = ($local) ? $upload->local_upload($local_storage, $local_filedata) : $upload->form_upload($form_name);
- if ($file->init_error)
- {
- $filedata['post_attach'] = false;
- return $filedata;
- }
- $cat_id = (isset($extensions[$file->get('extension')]['display_cat'])) ? $extensions[$file->get('extension')]['display_cat'] : ATTACHMENT_CATEGORY_NONE;
- // Make sure the image category only holds valid images...
- if ($cat_id == ATTACHMENT_CATEGORY_IMAGE && !$file->is_image())
- {
- $file->remove();
- // If this error occurs a user tried to exploit an IE Bug by renaming extensions
- // Since the image category is displaying content inline we need to catch this.
- trigger_error($user->lang['ATTACHED_IMAGE_NOT_IMAGE']);
- }
- // Do we have to create a thumbnail?
- $filedata['thumbnail'] = ($cat_id == ATTACHMENT_CATEGORY_IMAGE && $config['img_create_thumbnail']) ? 1 : 0;
- // Check Image Size, if it is an image
- if (!$auth->acl_get('u_blognolimitattach') && $cat_id == ATTACHMENT_CATEGORY_IMAGE)
- {
- $file->upload->set_allowed_dimensions(0, 0, $config['img_max_width'], $config['img_max_height']);
- }
- // Admins and mods are allowed to exceed the allowed filesize
- if (!$auth->acl_get('u_blognolimitattach'))
- {
- if (!empty($extensions[$file->get('extension')]['max_filesize']))
- {
- $allowed_filesize = $extensions[$file->get('extension')]['max_filesize'];
- }
- else
- {
- $allowed_filesize = $config['max_filesize'];
- }
- $file->upload->set_max_filesize($allowed_filesize);
- }
- $file->clean_filename('unique', $user->data['user_id'] . '_');
- // Are we uploading an image *and* this image being within the image category? Only then perform additional image checks.
- $no_image = ($cat_id == ATTACHMENT_CATEGORY_IMAGE) ? false : true;
- if (!$file->move_file($config['upload_path'] . '/blog_mod', false, $no_image))
- {
- $file->error[] = sprintf($user->lang[$file->upload->error_prefix . 'GENERAL_UPLOAD_ERROR'], $config['upload_path'] . '/blog_mod');
- }
- if (sizeof($file->error))
- {
- $file->remove();
- $filedata['error'] = array_merge($filedata['error'], $file->error);
- $filedata['post_attach'] = false;
- return $filedata;
- }
- $filedata['filesize'] = $file->get('filesize');
- $filedata['mimetype'] = $file->get('mimetype');
- $filedata['extension'] = $file->get('extension');
- $filedata['physical_filename'] = $file->get('realname');
- $filedata['real_filename'] = $file->get('uploadname');
- $filedata['filetime'] = time();
- // Check our complete quota
- if ($config['attachment_quota'])
- {
- if ($config['upload_dir_size'] + $file->get('filesize') > $config['attachment_quota'])
- {
- $filedata['error'][] = $user->lang['ATTACH_QUOTA_REACHED'];
- $filedata['post_attach'] = false;
- $file->remove();
- return $filedata;
- }
- }
- // Check free disk space
- if ($free_space = @disk_free_space($phpbb_root_path . $config['upload_path']))
- {
- if ($free_space <= $file->get('filesize'))
- {
- $filedata['error'][] = $user->lang['ATTACH_QUOTA_REACHED'];
- $filedata['post_attach'] = false;
- $file->remove();
- return $filedata;
- }
- }
- // Create Thumbnail
- if ($filedata['thumbnail'])
- {
- $source = $file->get('destination_file');
- $destination = $file->get('destination_path') . '/thumb_' . $file->get('realname');
- if (!create_thumbnail($source, $destination, $file->get('mimetype')))
- {
- $filedata['thumbnail'] = 0;
- }
- }
- $temp = compact('form_name', 'local', 'local_storage', 'local_filedata', 'filedata');
- blog_plugins::plugin_do_ref('function_upload_attachment', $temp);
- extract($temp);
- return $filedata;
- }
- /**
- * Obtain allowed extensions
- *
- * @return array allowed extensions array.
- */
- public function obtain_blog_attach_extensions()
- {
- global $cache, $config;
- if (!$config['user_blog_enable_attachments'])
- {
- return;
- }
- if (($extensions = $cache->get('_blog_extensions')) === false)
- {
- global $db;
- $extensions = array(
- '_allowed_blog' => array(),
- );
- // The rule is to only allow those extensions defined. ;)
- $sql = 'SELECT e.extension, g.*
- FROM ' . EXTENSIONS_TABLE . ' e, ' . EXTENSION_GROUPS_TABLE . ' g
- WHERE e.group_id = g.group_id
- AND (g.allow_group = 1 OR g.allow_in_blog = 1)';
- $result = $db->sql_query($sql);
- while ($row = $db->sql_fetchrow($result))
- {
- $extension = strtolower(trim($row['extension']));
- $extensions[$extension] = array(
- 'display_cat' => (int) $row['cat_id'],
- 'download_mode' => (int) $row['download_mode'],
- 'upload_icon' => trim($row['upload_icon']),
- 'max_filesize' => (int) $row['max_filesize'],
- 'allow_group' => $row['allow_group'],
- 'allow_in_blog' => $row['allow_in_blog'],
- );
- if ($row['allow_in_blog'])
- {
- $extensions['_allowed_blog'][$extension] = 0;
- }
- }
- $db->sql_freeresult($result);
- $cache->put('_blog_extensions', $extensions);
- }
- $return = array('_allowed_' => array());
- foreach ($extensions['_allowed_blog'] as $extension => $check)
- {
- $return['_allowed_'][$extension] = 0;
- $return[$extension] = $extensions[$extension];
- }
- blog_plugins::plugin_do_ref('function_obtain_blog_attach_extensions', $return);
- return $return;
- }
- /**
- * General attachment parsing
- *
- * @param string &$message The post/private message
- * @param array &$attachments The attachments to parse for (inline) display. The attachments array will hold templated data after parsing.
- * @param array &$update_count The attachment counts to be updated - will be filled
- * @param bool $preview If set to true the attachments are parsed for preview. Within preview mode the comments are fetched from the given $attachments array and not fetched from the database.
- */
- public function parse_attachments_for_view(&$message, &$attachments, &$update_count, $preview = false)
- {
- global $template, $user, $config, $phpbb_root_path, $auth;
- if (!$config['user_blog_enable_attachments'] || !sizeof($attachments) || !$auth->acl_get('u_download'))
- {
- return;
- }
- $compiled_attachments = array();
- $temp = compact('message', 'attachments', 'update_count', 'preview', 'compiled_attachments');
- blog_plugins::plugin_do_ref('function_parse_attachments_for_view', $temp);
- extract($temp);
- if (!isset($template->filename['attachment_tpl']))
- {
- $template->set_filenames(array(
- 'attachment_tpl' => 'attachment.html')
- );
- }
- $extensions = $this->obtain_blog_attach_extensions();
- // Look for missing attachment information...
- $attach_ids = array();
- foreach ($attachments as $pos => $attachment)
- {
- // If is_orphan is set, we need to retrieve the attachments again...
- if (!isset($attachment['extension']) && !isset($attachment['physical_filename']))
- {
- $attach_ids[(int) $attachment['attach_id']] = $pos;
- }
- }
- // Grab attachments (security precaution)
- if (sizeof($attach_ids))
- {
- global $db;
- $new_attachment_data = array();
- $sql = 'SELECT *
- FROM ' . BLOGS_ATTACHMENT_TABLE . '
- WHERE ' . $db->sql_in_set('attach_id', array_unique(array_map('intval', array_keys($attach_ids))));
- $result = $db->sql_query($sql);
- while ($row = $db->sql_fetchrow($result))
- {
- if (!isset($attach_ids[$row['attach_id']]))
- {
- continue;
- }
- // If we preview attachments we will set some retrieved values here
- if ($preview)
- {
- $row['attach_comment'] = $attachments[$attach_ids[$row['attach_id']]]['attach_comment'];
- }
- $new_attachment_data[$attach_ids[$row['attach_id']]] = $row;
- }
- $db->sql_freeresult($result);
- $attachments = $new_attachment_data;
- unset($new_attachment_data);
- }
- ksort($attachments);
- foreach ($attachments as $attachment)
- {
- if (!sizeof($attachment))
- {
- continue;
- }
- // We need to reset/empty the _file block var, because this function might be called more than once
- $template->destroy_block_vars('_file');
- $block_array = array();
- // Some basics...
- $attachment['extension'] = strtolower(trim($attachment['extension']));
- $filename = $phpbb_root_path . $config['upload_path'] . '/blog_mod/' . basename($attachment['physical_filename']);
- $thumbnail_filename = $phpbb_root_path . $config['upload_path'] . '/blog_mod/thumb_' . basename($attachment['physical_filename']);
- $upload_icon = '';
- if (isset($extensions[$attachment['extension']]))
- {
- if ($user->img('icon_topic_attach', '') && !$extensions[$attachment['extension']]['upload_icon'])
- {
- $upload_icon = $user->img('icon_topic_attach', '');
- }
- else if ($extensions[$attachment['extension']]['upload_icon'])
- {
- $upload_icon = '<img src="' . $phpbb_root_path . $config['upload_icons_path'] . '/' . trim($extensions[$attachment['extension']]['upload_icon']) . '" alt="" />';
- }
- }
- $filesize = $attachment['filesize'];
- $size_lang = ($filesize >= 1048576) ? $user->lang['MB'] : ( ($filesize >= 1024) ? $user->lang['KB'] : $user->lang['BYTES'] );
- $filesize = ($filesize >= 1048576) ? round((round($filesize / 1048576 * 100) / 100), 2) : (($filesize >= 1024) ? round((round($filesize / 1024 * 100) / 100), 2) : $filesize);
- $comment = str_replace("\n", '<br />', censor_text($attachment['attach_comment']));
- $block_array += array(
- 'UPLOAD_ICON' => $upload_icon,
- 'FILESIZE' => $filesize,
- 'SIZE_LANG' => $size_lang,
- 'DOWNLOAD_NAME' => basename($attachment['real_filename']),
- 'COMMENT' => $comment,
- );
- $denied = false;
- if (!isset($extensions['_allowed_'][$attachment['extension']]))
- {
- $denied = true;
- $block_array += array(
- 'S_DENIED' => true,
- 'DENIED_MESSAGE' => sprintf($user->lang['EXTENSION_DISABLED_AFTER_POSTING'], $attachment['extension'])
- );
- }
- if (!$denied)
- {
- $l_downloaded_viewed = $download_link = '';
- $display_cat = $extensions[$attachment['extension']]['display_cat'];
- if ($display_cat == ATTACHMENT_CATEGORY_IMAGE)
- {
- if ($attachment['thumbnail'])
- {
- $display_cat = ATTACHMENT_CATEGORY_THUMB;
- }
- else
- {
- if ($config['img_display_inlined'])
- {
- if ($config['img_link_width'] || $config['img_link_height'])
- {
- $dimension = @getimagesize($filename);
- // If the dimensions could not be determined or the image being 0x0 we display it as a link for safety purposes
- if ($dimension === false || empty($dimension[0]) || empty($dimension[1]))
- {
- $display_cat = ATTACHMENT_CATEGORY_NONE;
- }
- else
- {
- $display_cat = ($dimension[0] <= $config['img_link_width'] && $dimension[1] <= $config['img_link_height']) ? ATTACHMENT_CATEGORY_IMAGE : ATTACHMENT_CATEGORY_NONE;
- }
- }
- }
- else
- {
- $display_cat = ATTACHMENT_CATEGORY_NONE;
- }
- }
- }
- // Make some descisions based on user options being set.
- if (($display_cat == ATTACHMENT_CATEGORY_IMAGE || $display_cat == ATTACHMENT_CATEGORY_THUMB) && !$user->optionget('viewimg'))
- {
- $display_cat = ATTACHMENT_CATEGORY_NONE;
- }
- if ($display_cat == ATTACHMENT_CATEGORY_FLASH && !$user->optionget('viewflash'))
- {
- $display_cat = ATTACHMENT_CATEGORY_NONE;
- }
- $download_link = blog_url(false, false, false, array('page' => 'download', 'mode' => 'download', 'id' => $attachment['attach_id']));
- switch ($display_cat)
- {
- // Images
- case ATTACHMENT_CATEGORY_IMAGE:
- $l_downloaded_viewed = 'VIEWED_COUNT';
- $inline_link = blog_url(false, false, false, array('page' => 'download', 'mode' => 'download', 'id' => $attachment['attach_id']));
- $block_array += array(
- 'S_IMAGE' => true,
- 'U_INLINE_LINK' => $inline_link,
- );
- $update_count[] = $attachment['attach_id'];
- break;
- // Images, but display Thumbnail
- case ATTACHMENT_CATEGORY_THUMB:
- $l_downloaded_viewed = 'VIEWED_COUNT';
- $thumbnail_link = blog_url(false, false, false, array('page' => 'download', 'mode' => 'thumbnail', 'id' => $attachment['attach_id']));
- $block_array += array(
- 'S_THUMBNAIL' => true,
- 'THUMB_IMAGE' => $thumbnail_link,
- );
- break;
- // Windows Media Streams
- case ATTACHMENT_CATEGORY_WM:
- $l_downloaded_viewed = 'VIEWED_COUNT';
- // Giving the filename directly because within the wm object all variables are in local context making it impossible
- // to validate against a valid session (all params can differ)
- // $download_link = $filename;
- $block_array += array(
- 'U_FORUM' => generate_board_url(),
- 'ATTACH_ID' => $attachment['attach_id'],
- 'S_WM_FILE' => true,
- );
- // Viewed/Heared File ... update the download count
- $update_count[] = $attachment['attach_id'];
- break;
- // Real Media Streams
- case ATTACHMENT_CATEGORY_RM:
- case ATTACHMENT_CATEGORY_QUICKTIME:
- $l_downloaded_viewed = 'VIEWED_COUNT';
- $block_array += array(
- 'S_RM_FILE' => ($display_cat == ATTACHMENT_CATEGORY_RM) ? true : false,
- 'S_QUICKTIME_FILE' => ($display_cat == ATTACHMENT_CATEGORY_QUICKTIME) ? true : false,
- 'U_FORUM' => generate_board_url(),
- 'ATTACH_ID' => $attachment['attach_id'],
- );
- // Viewed/Heared File ... update the download count
- $update_count[] = $attachment['attach_id'];
- break;
- // Macromedia Flash Files
- case ATTACHMENT_CATEGORY_FLASH:
- list($width, $height) = @getimagesize($filename);
- $l_downloaded_viewed = 'VIEWED_COUNT';
- $block_array += array(
- 'S_FLASH_FILE' => true,
- 'WIDTH' => $width,
- 'HEIGHT' => $height,
- );
- // Viewed/Heared File ... update the download count
- $update_count[] = $attachment['attach_id'];
- break;
- default:
- $l_downloaded_viewed = 'DOWNLOAD_COUNT';
- $block_array += array(
- 'S_FILE' => true,
- );
- break;
- }
- $l_download_count = (!isset($attachment['download_count']) || $attachment['download_count'] == 0) ? $user->lang[$l_downloaded_viewed . '_NONE'] : (($attachment['download_count'] == 1) ? sprintf($user->lang[$l_downloaded_viewed], $attachment['download_count']) : sprintf($user->lang[$l_downloaded_viewed . 'S'], $attachment['download_count']));
- $block_array += array(
- 'U_DOWNLOAD_LINK' => $download_link,
- 'L_DOWNLOAD_COUNT' => $l_download_count
- );
- }
- $template->assign_block_vars('_file', $block_array);
- $compiled_attachments[] = $template->assign_display('attachment_tpl');
- }
- $attachments = $compiled_attachments;
- unset($compiled_attachments);
- $tpl_size = sizeof($attachments);
- $unset_tpl = array();
- preg_match_all('#<!\-\- ia([0-9]+) \-\->(.*?)<!\-\- ia\1 \-\->#', $message, $matches, PREG_PATTERN_ORDER);
- $replace = array();
- foreach ($matches[0] as $num => $capture)
- {
- // Flip index if we are displaying the reverse way
- $index = ($config['display_order']) ? ($tpl_size-($matches[1][$num] + 1)) : $matches[1][$num];
- $replace['from'][] = $matches[0][$num];
- $replace['to'][] = (isset($attachments[$index])) ? $attachments[$index] : sprintf($user->lang['MISSING_INLINE_ATTACHMENT'], $matches[2][array_search($index, $matches[1])]);
- $unset_tpl[] = $index;
- }
- if (isset($replace['from']))
- {
- $message = str_replace($replace['from'], $replace['to'], $message);
- }
- $unset_tpl = array_unique($unset_tpl);
- // Needed to let not display the inlined attachments at the end of the post again
- foreach ($unset_tpl as $index)
- {
- unset($attachments[$index]);
- }
- }
- }
- ?>