/includes/functions/func_attachments.php

https://github.com/ACCORD5/TrellisDesk · PHP · 260 lines · 165 code · 65 blank · 30 comment · 35 complexity · c3d6bfd87f1758b3170a70c8b8388f11 MD5 · raw file 

    

  1. <?php
    2. 

  2. 

  3. /**
    4. 

  4.  * Trellis Desk
    5. 

  5.  *
    6. 

  6.  * @copyright  Copyright (C) 2009-2012 ACCORD5. All rights reserved.
    7. 

  7.  * @license    GNU General Public License version 3 or later; see LICENSE.txt
    8. 

  8.  */
    9. 

  9. 

  10. class td_func_attachments {
    11. 

  11. 

  12.     #=======================================
    13. 

  13.     # @ Get Attachments
    14. 

  14.     #=======================================
    15. 

  15. 

  16.     public function get($input)
    17. 

  17.     {
    18. 

  18.         $return = array();
    19. 

  19. 

  20.         $this->trellis->db->construct( array(
    21. 

  21.                                                    'select'    => $input['select'],
    22. 

  22.                                                    'from'    => 'attachments',
    23. 

  23.                                                    'where'    => $input['where'],
    24. 

  24.                                                    'order'    => $input['order'],
    25. 

  25.                                                    'limit'    => $input['limit'],
    26. 

  26.                                             )       );
    27. 

  27. 

  28.         $this->trellis->db->execute();
    29. 

  29. 

  30.         if ( ! $this->trellis->db->get_num_rows() ) return false;
    31. 

  31. 

  32.         while ( $a = $this->trellis->db->fetch_row() )
    33. 

  33.         {
    34. 

  34.             if ( $a['id'] )
    35. 

  35.             {
    36. 

  36.                 $return[ $a['id'] ] = $a;
    37. 

  37.             }
    38. 

  38.             else
    39. 

  39.             {
    40. 

  40.                 $return[] = $a;
    41. 

  41.             }
    42. 

  42.         }
    43. 

  43. 

  44.         return $return;
    45. 

  45.     }
    46. 

  46. 

  47.     #=======================================
    48. 

  48.     # @ Get Single Attachment
    49. 

  49.     #=======================================
    50. 

  50. 

  51.     public function get_single($select, $where='')
    52. 

  52.     {
    53. 

  53.         $this->trellis->db->construct( array(
    54. 

  54.                                                    'select'    => $select,
    55. 

  55.                                                    'from'    => 'attachments',
    56. 

  56.                                                    'where'    => $where,
    57. 

  57.                                                    'limit'    => array( 0, 1 ),
    58. 

  58.                                             )       );
    59. 

  59. 

  60.         $this->trellis->db->execute();
    61. 

  61. 

  62.         if ( ! $this->trellis->db->get_num_rows() ) return false;
    63. 

  63. 

  64.         return $this->trellis->db->fetch_row();
    65. 

  65.     }
    66. 

  66. 

  67.     #=======================================
    68. 

  68.     # @ Get Single Attachment By ID
    69. 

  69.     #=======================================
    70. 

  70. 

  71.     public function get_single_by_id($select, $id)
    72. 

  72.     {
    73. 

  73.         return $this->get_single( $select, array( 'id', '=', intval( $id ) ) );
    74. 

  74.     }
    75. 

  75. 

  76.     #=======================================
    77. 

  77.     # @ Upload Attachment
    78. 

  78.     #=======================================
    79. 

  79. 

  80.     public function upload(&$file, $data=array(), $response='')
    81. 

  81.     {
    82. 

  82.         if ( ! $file )
    83. 

  83.         {
    84. 

  84.             if ( $response == 'ajax' ) { $this->trellis->skin->ajax_output( json_encode( array( 'error' => true, 'errormsg' => 'no data received' ) ) ); } else { return false; };
    85. 

  85.         }
    86. 

  86. 

  87.         if ( $this->trellis->user['g_upload_max_size'] && ( $file['size'] > $this->trellis->user['g_upload_max_size'] ) )
    88. 

  88.         {
    89. 

  89.             if ( $response == 'ajax' ) { $this->trellis->skin->ajax_output( json_encode( array( 'error' => true, 'errormsg' => $this->trellis->lang['error_upload_size'] ) ) ); } else { return false; };
    90. 

  90.         }
    91. 

  91. 

  92.         $allowed_exts = array_map( create_function( '$a', 'return \'.\'. trim( $a );' ), explode( ',', $this->trellis->user['g_upload_exts'] ) );
    93. 

  93. 

  94.         $file_ext = strtolower(strrchr( $file['name'], "." ));
    95. 

  95. 

  96.         if ( ! in_array( $file_ext, $allowed_exts ) )
    97. 

  97.         {
    98. 

  98.             if ( $response == 'ajax' ) { $this->trellis->skin->ajax_output( json_encode( array( 'error' => true, 'errormsg' => $this->trellis->lang['error_upload_filetype'] ) ) ); } else { return false; };
    99. 

  99.         }
    100. 

  100. 

  101.         $file_name = md5( $file['name'] . microtime() );
    102. 

  102.         $upload_location = $this->trellis->cache->data['settings']['general']['upload_dir'] . $file_name . $file_ext;
    103. 

  103. 

  104.         if ( ! is_writeable( $this->trellis->cache->data['settings']['general']['upload_dir'] ) ) $this->trellis->skin->ajax_output( json_encode( array( 'error' => true, 'errormsg' => 'directory' ) ) );
    105. 

  105. 

  106.         if ( ! @move_uploaded_file( $file['tmp_name'], $upload_location ) ) $this->trellis->skin->ajax_output( json_encode( array( 'error' => true, 'errormsg' => $this->trellis->lang['error_upload_move'] ) ) );
    107. 

  107. 

  108.         # TODO: only run chmod if web user is 'nobody' (just have a setting)
    109. 

  109.         //@chmod( $upload_location, 0666 );
    110. 

  110. 

  111.         $data['uid'] = $this->trellis->user['id'];
    112. 

  112.         $data['real_name'] = $file_name;
    113. 

  113.         $data['original_name'] = $this->trellis->sanitize_data( $file['name'] );
    114. 

  114.         $data['extension'] = $this->trellis->sanitize_data( $file_ext );
    115. 

  115. 

  116.         if ( function_exists( 'finfo_file' ) )
    117. 

  117.         {
    118. 

  118.             $finfo = finfo_open( FILEINFO_MIME_TYPE );
    119. 

  119. 

  120.             $data['mime'] = finfo_file( $finfo, $upload_location );
    121. 

  121. 

  122.             finfo_close( $finfo );
    123. 

  123.         }
    124. 

  124. 

  125.         $data['size'] = $file['size'];
    126. 

  126.         $data['date'] = time();
    127. 

  127.         $data['ipadd'] = $this->trellis->input['ip_address'];
    128. 

  128. 

  129.         $fields = array(
    130. 

  130.                         'content_type'    => 'string',
    131. 

  131.                         'content_id'    => 'int',
    132. 

  132.                         'uid'            => 'int',
    133. 

  133.                         'real_name'        => 'string',
    134. 

  134.                         'original_name'    => 'string',
    135. 

  135.                         'extension'        => 'string',
    136. 

  136.                         'mime'            => 'string',
    137. 

  137.                         'size'            => 'int',
    138. 

  138.                         'date'            => 'int',
    139. 

  139.                         'ipadd'            => 'string',
    140. 

  140.                         );
    141. 

  141. 

  142.         $this->trellis->db->construct( array(
    143. 

  143.                                                    'insert'    => 'attachments',
    144. 

  144.                                                    'set'    => $this->trellis->process_data( $fields, $data ),
    145. 

  145.                                             )       );
    146. 

  146. 

  147.         $this->trellis->db->execute();
    148. 

  148. 

  149.         if ( $response == 'ajax' ) return array( 'id' => $this->trellis->db->get_insert_id(), 'name' => $data['original_name'] );
    150. 

  150. 

  151.         return $this->trellis->db->get_insert_id();
    152. 

  152.     }
    153. 

  153. 

  154.     #=======================================
    155. 

  155.     # @ Assign Attachments
    156. 

  156.     #=======================================
    157. 

  157. 

  158.     public function assign($ids, $cid)
    159. 

  159.     {
    160. 

  160.         if ( ! $cid = intval( $cid ) ) return false;
    161. 

  161. 

  162.         if ( ! is_array( $ids ) && intval( $ids ) )
    163. 

  163.         {
    164. 

  164.             $ids = array( $ids );
    165. 

  165.         }
    166. 

  166. 

  167.         $this->trellis->db->construct( array(
    168. 

  168.                                                    'update'    => 'attachments',
    169. 

  169.                                                    'set'    => array( 'content_id' => $cid ),
    170. 

  170.                                                    'where'    => array( 'id', 'in', $ids ),
    171. 

  171.                                             )       );
    172. 

  172. 

  173.         $this->trellis->db->execute();
    174. 

  174. 

  175.         return $this->trellis->db->get_affected_rows();
    176. 

  176.     }
    177. 

  177. 

  178.     #=======================================
    179. 

  179.     # @ Delete Attachments
    180. 

  180.     #=======================================
    181. 

  181. 

  182.     public function delete($ids)
    183. 

  183.     {
    184. 

  184.         if ( is_array( $ids ) )
    185. 

  185.         {
    186. 

  186.             if ( ! $files = $this->get( array( 'select' => array( 'real_name', 'extension' ), 'where' => array( 'id', 'in', $ids ) ) ) ) return false;
    187. 

  187. 

  188.             foreach ( $files as &$f )
    189. 

  189.             {
    190. 

  190.                 @unlink( $this->trellis->cache->data['settings']['general']['upload_dir'] . $f['real_name'] . $f['extension'] );
    191. 

  191.             }
    192. 

  192. 

  193.             $this->trellis->db->construct( array(
    194. 

  194.                                                        'delete'    => 'attachments',
    195. 

  195.                                                        'where'    => array( 'id', 'in', $ids ),
    196. 

  196.                                                 )       );
    197. 

  197. 

  198.             $this->trellis->db->execute();
    199. 

  199.         }
    200. 

  200.         else
    201. 

  201.         {
    202. 

  202.             if ( ! $ids = intval( $ids ) ) return false;
    203. 

  203. 

  204.             if ( ! $f = $this->get_single_by_id( array( 'real_name' , 'extension'), $ids ) ) return false;
    205. 

  205. 

  206.             if ( ! @unlink( $this->trellis->cache->data['settings']['general']['upload_dir'] . $f['real_name'] . $f['extension'] ) ) return false;
    207. 

  207. 

  208.             $this->trellis->db->construct( array(
    209. 

  209.                                                        'delete'    => 'attachments',
    210. 

  210.                                                        'where'    => array( 'id', '=', $ids ),
    211. 

  211.                                                        'limit'    => array( 1 ),
    212. 

  212.                                                 )       );
    213. 

  213. 

  214.             $this->trellis->db->execute();
    215. 

  215.         }
    216. 

  216. 

  217.         return $this->trellis->db->get_affected_rows();
    218. 

  218.     }
    219. 

  219. 

  220.     #=======================================
    221. 

  221.     # @ Download Attachment
    222. 

  222.     #=======================================
    223. 

  223. 

  224.     public function download($id)
    225. 

  225.     {
    226. 

  226.         if ( ! $id = intval( $id ) ) return false;
    227. 

  227. 

  228.         if ( ! $f = $this->get_single_by_id( array( 'real_name', 'original_name', 'mime', 'size', 'extension' ), $id ) ) return false;
    229. 

  229. 

  230.         if ( ! is_readable( ( $file = $this->trellis->cache->data['settings']['general']['upload_dir'] . $f['real_name'] . $f['extension'] ) ) ) return false;
    231. 

  231. 

  232.         if ( $f['mime'] )
    233. 

  233.         {
    234. 

  234.             header( "Content-type: ". $f['mime'] );
    235. 

  235.         }
    236. 

  236.         else
    237. 

  237.         {
    238. 

  238.             #header( "Content-type: application/force-download" );
    239. 

  239.         }
    240. 

  240. 

  241.         $show_types = array( 'image/gif', 'image/jpeg', 'image/jpg', 'image/png', 'image/tiff' );
    242. 

  242. 

  243.         if ( ! in_array( $f['mime'], $show_types ) )
    244. 

  244.         {
    245. 

  245.             header( "Content-Disposition: attachment; filename=". $f['original_name'] );
    246. 

  246.             header( "Content-length: ". filesize( $file_path ) );
    247. 

  247.         }
    248. 

  248. 

  249.         header( "Expires: ". gmdate( 'D, d M Y H:i:s', time() ) ." GMT" );
    250. 

  250. 

  251.         readfile( $file );
    252. 

  252. 

  253.         $this->trellis->shut_down();
    254. 

  254. 

  255.         exit();
    256. 

  256.     }
    257. 

  257. 

  258. }
    259. 

  259. 

  260. ?>
    261.