[Openupload-svn-update] SF.net SVN: openupload:[370] trunk/lib/modules/default
Status: Beta
Brought to you by:
tsdogs
Menu
▾
▴
[Openupload-svn-update] SF.net SVN: openupload:[370] trunk/lib/modules/default
|
From: <ts...@us...> - 2010-03-18 18:24:21
|
Revision: 370
http://openupload.svn.sourceforge.net/openupload/?rev=370&view=rev
Author: tsdogs
Date: 2010-03-18 18:24:11 +0000 (Thu, 18 Mar 2010)
Log Message:
-----------
version 0.5 modifications
Modified Paths:
--------------
trunk/lib/modules/default/admin.inc.php
trunk/lib/modules/default/auth.inc.php
Added Paths:
-----------
trunk/lib/modules/default/invitation.inc.php
trunk/lib/modules/default/upload.inc.php
Removed Paths:
-------------
trunk/lib/modules/default/files.inc.php
Modified: trunk/lib/modules/default/admin.inc.php
===================================================================
--- trunk/lib/modules/default/admin.inc.php 2010-03-18 18:22:36 UTC (rev 369)
+++ trunk/lib/modules/default/admin.inc.php 2010-03-18 18:24:11 UTC (rev 370)
@@ -26,11 +26,11 @@
4 => "pluginoptionedit",
5 => "pluginoptiondelete",
),
- "adminfiles" => array (
- 1 => "files",
- 2 => "filedel",
- 3 => "filesplugin",
- 4 => "filemultidel",
+ "adminuploads" => array (
+ 1 => "uploads",
+ 2 => "uploaddel",
+ 3 => "uploadplugin",
+ 4 => "uploadmultidel",
),
"adminmaintenance" => array (
1 => "maintenance",
@@ -410,57 +410,61 @@
$this->tpl->assign('defaultgroup',app()->config['nologingroup']);
}
- function files() {
- $NUM = 50;
+ function uploads() {
+ global $_GET;
- $page = 1;
- if (isset($_GET['page'])) {
- $page=$_GET['page'];
- }
- $limit = ($NUM*($page-1)).','.$NUM;
- $count = app()->db->count('files');
- $this->tpl->assign('pages',ceil($count / $NUM)+1);
+ $rows = isset($_GET['limit'])?$_GET['limit']:20;
+ $page = isset($_GET['page'])?$_GET['page']:1;
+ $count = app()->db->count('uploads');
+ $pages = ceil($count / $rows)+1;
+ if ($page>$pages-1) { $page = $pages-1; }
+ if ($page<1) { $page = 1; }
+ $offset = ($page -1)*$rows;
$this->tpl->assign('pagen',$page);
- $files = app()->db->read('files',array(),array('upload_date desc'),$limit);
+ $this->tpl->assign('pages',$pages);
+ $this->tpl->assign('limit',$rows);
+ $this->tpl->assign('uploads',$uploads);
+ $files = app()->db->read('uploads',array(),array('upload_date desc'),$offset.','.$rows);
$this->tpl->assign('files',$files);
}
- function filedelete($id) {
- app()->db->delete('files',array('id' => $id));
- app()->db->delete('file_options',array('file_id' => $id));
- unlink(app()->config['DATA_PATH'].'/'.$id);
+ function uploaddelete($id) {
+
+ app()->db->delete('uploads',array('id' => $id));
+ /* delete the files from filesystem */
+ $files = app()->db->read('upload_files',array('upload_id' => $id));
+ foreach ($files as $k => $f) {
+ $file = app()->config['DATA_PATH'].'/files/'.$id.'_'.$k;
+ @unlink($file);
+ }
+ app()->db->delete('upload_files',array('upload_id' => $id));
+ app()->db->delete('upload_options',array('upload_id' => $id));
}
- function filedel() {
- global $_GET;
-
+ function uploaddel() {
if ($_GET['id']!='') {
- $f = app()->db->read('files',array('id'=>$_GET['id']));
+ $f = app()->db->read('uploads',array('id'=>$_GET['id']));
if ($f[0]['id']==$_GET['id']) {
- $this->filedelete($_GET['id']);
+ $this->uploaddelete($_GET['id']);
}
}
$this->nextStep(1);
}
- function filemultidel() {
+
+ function uploadmultidel() {
global $_POST;
foreach ($_POST as $k => $v) {
if (($v == 1) and (strpos($k,'file_'))!==FALSE) {
$fid = substr($k,5,strlen($k)-5);
- $f = app()->db->read('files',array('id'=>$fid));
- if ($f[0]['id']==$fid) {
- app()->db->delete('files',array('id' => $fid));
- app()->db->delete('file_options',array('file_id' => $fid));
- unlink(app()->config['DATA_PATH'].'/'.$fid);
- }
+ $this->uploaddelete($fid);
}
}
$this->nextStep(1);
}
- function filesplugin() {
+ function uploadplugin() {
global $_GET;
if (isset($_GET['plugin'])) {
if (isset(app()->plugins[$_GET['plugin']])) {
@@ -887,8 +891,8 @@
$ban['access']='deny';
app()->db->insert('banned',$ban);
app()->message(tr('IP %1 has been banned!',$ip));
- if (isset($_GET['nextaction']))
- $this->nextStep(1,$_GET['nextaction']);
+ if (isset($_GET['newaction']))
+ $this->nextStep(1,$_GET['newaction']);
} else {
app()->error(tr('IP %1 was already in state: %2!',$ip,$ban['access']));
if (isset($_GET['newaction']))
@@ -1070,24 +1074,25 @@
function logs() {
global $_GET;
- $NUM = 50;
- $page = 1;
- if (isset($_GET['page'])) {
- $page=$_GET['page'];
- }
$filter = array();
if (isset($_GET['level'])) {
if ($_GET['level']!='') {
$filter = array('level' => $_GET['level']);
}
}
- $limit = ($NUM*($page-1)).','.$NUM;
+ $rows = isset($_GET['limit'])?$_GET['limit']:20;
+ $page = isset($_GET['page'])?$_GET['page']:1;
$count = app()->db->count('activitylog',$filter);
- $this->tpl->assign('pages',ceil($count / $NUM)+1);
+ $pages = ceil($count / $rows)+1;
+ if ($page>$pages-1) { $page = $pages-1; }
+ if ($page<1) { $page = 1; }
+ $offset = ($page -1)*$rows;
$this->tpl->assign('pagen',$page);
+ $this->tpl->assign('pages',$pages);
+ $this->tpl->assign('limit',$rows);
$this->tpl->assign('level',$_GET['level']);
- $logs = app()->db->read('activitylog',$filter,array('log_time desc'),$limit);
+ $logs = app()->db->read('activitylog',$filter,array('log_time desc'),$offset.','.$rows);
$this->tpl->assign('logs',$logs);
}
Modified: trunk/lib/modules/default/auth.inc.php
===================================================================
--- trunk/lib/modules/default/auth.inc.php 2010-03-18 18:22:36 UTC (rev 369)
+++ trunk/lib/modules/default/auth.inc.php 2010-03-18 18:24:11 UTC (rev 370)
@@ -39,8 +39,8 @@
if (!app()->user->loggedin()) {
$this->menu['login']=tr('Login');
} else {
- if (app()->auth->features['useradmin']=='yes')
- $this->menu['profile']=tr('Preferences');
+ /*if (app()->auth->features['useradmin']=='yes')
+ $this->mainmenu['profile']=tr('Preferences');*/
$this->menu['logout']=tr('Logout');
}
if (app()->auth->features['useradmin']=='yes')
@@ -89,7 +89,7 @@
global $_POST;
if (app()->auth->features['useradmin']!='yes') {
- app()->log('error','registerForm','','ERROR','Registration not supporte by Auth Module');
+ app()->log('error','registerForm','','ERROR','Registration not supported by Auth Module');
app()->error(tr('Registration is not supported by Auth Module'));
redirect();
}
@@ -170,7 +170,7 @@
$subject = tr('[%1] User registration confirmation e-mail',app()->config['site']['title']);
$this->tpl->assign('reguser',$user);
$this->tpl->assign('reglink',app()->config['WWW_SERVER'].app()->config['WWW_ROOT'].'/?action=register®id='.$user['regid']);
- sendMail(app()->config['site']['email'],'noreply',$user['email'],$subject,'modules/auth/emailconfirm');
+ sendMail(app()->config['site']['email'],$user['email'],$subject,'modules/auth/emailconfirm');
} else {
$user['active'] = 1;
}
Deleted: trunk/lib/modules/default/files.inc.php
===================================================================
--- trunk/lib/modules/default/files.inc.php 2010-03-18 18:22:36 UTC (rev 369)
+++ trunk/lib/modules/default/files.inc.php 2010-03-18 18:24:11 UTC (rev 370)
@@ -1,608 +0,0 @@
-<?php
-
-
-function cgiupload_get_info($fid) {
- return array();
-}
-
-class FilesModule extends OpenUploadModule {
-var $actions = array (
- "u" => array (
- 1 => "uploadForm",
- 2 => "uploadOptions",
- 3 => "uploadConfirm",
- 4 => "uploadFileInfo",
- 99 => "uploadProgress",
- ),
- "d" => array (
- 1 => "downloadForm",
- 2 => "downloadRequest",
- 3 => "downloadConfirm",
- ),
- "g" => array (
- 1 => "serveFile",
- ),
- "r" => array (
- 1 => "removeRequest",
- 2 => "removeConfirm",
- 3 => "removeResult",
- ),
- "l" => array (
- 1 => "fileList",
- 2 => "fileDetail",
- ),
- );
-var $page;
-var $menu;
-
- function FilesModule() {
- if (app()->user->info('login')!='')
- $files = tr("My Files");
- else
- $files = tr("Public Files");
- $this->page = array (
- "u" => array (
- "title" => tr("File upload"),
- ),
- "d" => array (
- "title" => tr("File download"),
- ),
- "r" => array (
- "title" => tr("File Removal"),
- ),
- "l" => array (
- "title" => $files,
- ),
- );
- $this->menu = array (
- "u" => tr("File Upload"),
- "l" => $files,
- //"d" => tr("File Download"),
- //"r" => tr("File Removal"),
- );
- }
-
- function init() {
- /* initialize */
- }
-
- /* real implementation */
-
- function uploadForm() {
- global $_SESSION;
-
- unset($_SESSION['user']['u']);
- $_SESSION['user']['identifier']=randomName(40,40);
- $this->tpl->assign('uploadscript',$_SERVER['PHP_SELF']);
- switch (app()->config['progress']) {
- case 'uploadprogress':
- $this->tpl->assign('identifiername','UPLOAD_IDENTIFIER');
- break;
- case 'apc':
- $this->tpl->assign('identifiername',ini_get('apc.rfc1867_name'));
- break;
- case 'cgi':
- $_SESSION['user']['identifier']=randomName(32,32);
- $this->tpl->assign('uploadscript',app()->config['progress_cgi'].'?upload_id='.session_id());
- /* update information on the file */
-$_CGI['temp_dir'] = '/tmp/';
-$_CGI['upload_id'] = $_SESSION['user']['identifier'];
-$_CGI['upload_dir'] = '/tmp/';
-$_CGI['path_to_link_file'] = '/tmp/'.session_id().'.link';
-$_CGI['embedded_upload_results'] = 0;
-$_CGI['redirect_method'] = 1;
-$_CGI['redirect_url'] = app()->config['WWW_SERVER'].app()->config['WWW_ROOT'].'/';
-$_CGI['cgi_upload_hook'] = 0;
-$_CGI['debug_upload'] = 0;
-$_CGI['delete_link_file'] = 0;
-$_CGI['purge_temp_dirs'] = 1;
-$_CGI['purge_temp_dirs_limit'] = 1;
-$_CGI['max_upload_size'] = $_SESSION['user']['max_upload_size'];
-$c = '';
-foreach ($_CGI as $k => $value) {
- $c .= $k.'<=>'.$value."\n";
-}
- file_put_contents('/tmp/'.session_id().'.link',$c);
- $this->tpl->assign('identifiername','UPLOAD_IDENTIFIER');
- break;
- default:
- $this->tpl->assign('identifiername','UPLOAD_IDENTIFIER');
- break;
- }
- app()->tpl->assign('identifier',$_SESSION['user']['identifier']);
- $result = app()->pluginAction('uploadForm',$finfo);
- }
-
- function uploadProgress() {
- global $_SESSION;
-
- if (isset($_SESSION['user']['identifier'])) {
- ob_clean();
- header("Cache-Control: no-cache, must-revalidate");
- header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
- // need this 'cause of IE problems
- header('Content-Type: text/html; Charset=utf-8');
-
- $progress = array('complete' => 0, 'total' => 0, 'percentage' => 0, 'files' => 0);
- switch (app()->config['progress']) {
- case 'uploadprogress':
- $res = uploadprogress_get_info($_SESSION['user']['identifier']);
- if (isset($res['bytes_uploaded'])) {
- $progress['complete'] = $res['bytes_uploaded'];
- if ($res['bytes_total']>0) {
- $progress['total'] = $res['bytes_total'];
- $progress['percentage'] = floor(($res['bytes_uploaded'] / $res['bytes_total'])*100);
- }
- $progress['files'] = $res['files_uploaded'];
- }
- break;
- case 'apc':
- $res = apc_fetch(ini_get('apc.rfc1867_prefix').$_SESSION['user']['identifier']);
- if ($res) {
- $progress['complete'] = $res['current'];
- $progress['total'] = $res['total'];
- if ($res['total']>0)
- $progress['percentage'] = floor(($res['current'] / $res['total'])*100);
- $progress['files'] = 0;
- }
- break;
- case 'cgixyz':
- $res = cgiupload_get_info($_SESSION['user']['identifier']);
- if (isset($res['bytes_uploaded'])) {
- $progress['complete'] = $res['bytes_uploaded'];
- if ($res['bytes_total']>0) {
- $progress['total'] = $res['bytes_total'];
- $progress['percentage'] = floor(($res['bytes_uploaded'] / $res['bytes_total'])*100);
- }
- $progress['files'] = $res['files_uploaded'];
- }
- break;
- }
- app()->tpl->assign('progress',$progress);
- app()->display('modules/files/uploadProgress');
- exit;
- }
- echo 'user not allowed';
- exit;
- }
-
- function uploadOptions() {
- global $_SESSION;
- global $_FILES;
- global $_SERVER;
-
- switch (app()->config['progress']) {
- case 'cgi':
- /* populate the variables so that it will be available to the following code */
-
- break;
- }
- if (isset($_FILES['upload'])) {
- if ($_FILES['upload']['error']>0) {
- switch ($_FILES['upload']['error']) { /* taken from here: http://it.php.net/manual/en/features.file-upload.errors.php */
- case 1: $msg = 'Maximum upload size for site wide configuration reached'; break;
- case 2: $msg = 'Maximum file size exceeded!'; break;
- case 3: $msg = 'Partial file transfer error!'; break;
- case 4: $msg = 'No file was uploaded!'; break;
- case 6: $msg = 'Missing temporary directory'; break;
- case 7: $msg = 'Can\'t write to temporary diretory!'; break;
- case 8: $msg = 'Upload blocked by extension!'; break;
- default:
- $msg = tr('Upload failed for Unknown error code: %1',$_FILES['upload']['error']); break;
- }
- app()->log('warning','uploadOptions','','DENY','Upload error: '.$msg);
- app()->error(tr($msg));
- $this->nextStep(1);
- } else if ($_FILES['upload']['size']>app()->user->info('max_upload_size')) {
- app()->log('warning','uploadOptions','','DENY','Maximum file size exceeded!');
- app()->error(tr('Maximum file size exceeded!'));
- break;
- } else {
- /* prepare the file */
- $tmpname = app()->config['DATA_PATH'].'/tmp/'.randomName();
- for ($i = 0; $i<app()->config['multiupload']; $i++) {
- $u = 'upload';
- $tmpnamex = $tmpname;
- if ($i>0) {
- $u = 'upload_'.$i;
- $tmpnamex = $tmpname.'_'.$i;
- }
- if (isset($_FILES[$u]) and $_FILES[$u]['tmp_name']!='') {
- move_uploaded_file($_FILES[$u]['tmp_name'],$tmpnamex);
- $_SESSION['user']['u'][$i]['tmp']=$tmpnamex;
- $_SESSION['user']['u'][$i]['mime']=$_FILES[$u]['type'];
- $_SESSION['user']['u'][$i]['name']=$_FILES[$u]['name'];
- $_SESSION['user']['u'][$i]['size']=$_FILES[$u]['size'];
- $_SESSION['user']['u'][$i]['ip']=$_SERVER['REMOTE_ADDR'];
- $_SESSION['user']['u'][$i]['user_login']=app()->user->info('login');
- }
- }
- $result = app()->pluginAction('uploadComplete',$_SESSION['user']['u']);
- if (!$result) { /* some plugin blocked the upload */
- /* remove the file */
- foreach ($_SESSION['user']['u'] as $f) {
- @unlink($f['tmp']);
- }
- unset($_SESSION['user']['u']);
- redirect();
- }
- $this->nextStep(app()->step);
- }
- } else if (!isset($_SESSION['user']['u'][0])) {
- redirect();
- }
- if (!$result) { /* some plugin blocked the upload */
- /* remove the files */
- unset($_SESSION['user']['u']);
- redirect();
- }
- $this->tpl->assign('finfo',$_SESSION['user']['u'][0]);
- $this->tpl->assign('files',$_SESSION['user']['u']);
- /* ask for information on the file */
- }
-
- function uploadConfirm() {
- global $_POST;
- global $_SESSION;
-
- /* save the file */
- /* send an e-mail if requested */
- /* display the information on the upload */
- if (isset($_POST['description'])) {
- /* now check plugins and if ok add file otherwise redirect */
- $result = app()->pluginAction('uploadConfirm',$_SESSION['user']['u']);
- if (!$result)
- $this->prevStep();
- for ($i = 0; $i<count($_SESSION['user']['u']); $i++) {
- $finfo = $_SESSION['user']['u'][$i];
- $finfo['description'] = $_POST['description'];
- if ($i==0) {
- $s = isset(app()->config['id_max_length'])?app()->config['id_max_length']:30;
- $a = isset(app()->config['id_use_alpha'])?app()->config['id_use_alpha']=='yes':false;
- $finfo['id']= app()->db->newRandomId('files','id',$s,$a);
- $mainid = $finfo['id'];
- $remove = app()->db->newRandomId('files','remove',$s,$a);
- $date = date('Y-m-d H:i:s');
- } else {
- $finfo['id']=$mainid.'_'.$i;
- }
- /* everything ok then add the file */
- $finfo['remove']= $remove;
- $finfo['upload_date'] = $date;
- app()->db->insert('files',$finfo,array('id','name','mime','description','size','remove','user_login','ip','upload_date'));
- if ($i==0) {
- foreach (app()->plugins as $plugin) {
- if (count($plugin->fields)>0) {
- foreach ($plugin->fields as $f) {
- if (isset($finfo[$f])) {
- $pinfo['file_id'] = $finfo['id'];
- $pinfo['module'] = $plugin->name;
- $pinfo['name']=$f;
- $pinfo['value']=$finfo[$f];
- app()->db->insert('file_options',$pinfo,array('file_id','module','name','value'));
- }
- }
- }
- }
- } else {
- $pinfo['file_id'] = $finfo['id'];
- $pinfo['module'] = 'files';
- $pinfo['name']='group';
- $pinfo['value']=$mainid;
- app()->db->insert('file_options',$pinfo,array('file_id','module','name','value'));
- }
- /* move the file to the actual location */
- rename($_SESSION['user']['u'][$i]['tmp'],app()->config['DATA_PATH'].'/'.$finfo['id']);
- $_SESSION['user']['u'][$i]=$finfo;
- }
- app()->log('notice','uploadConfirm','','ALLOW',$mainid);
- $this->nextStep();
- }
- }
-
- function setupLinks(&$finfo) {
- /* get the file info */
- $a = 'action'; $i = 'id'; $r = 'removeid';
- if (app()->config['use_short_links']=='yes') {
- $a = 'a'; $i = 'i'; $r = 'r';
- }
- $finfo[0]['downloadlink']= app()->config['WWW_SERVER'].app()->config['WWW_ROOT'].'/?'.$a.'=d&'.$i.'='.$finfo[0]['id'];
- $finfo[0]['removelink']=app()->config['WWW_SERVER'].app()->config['WWW_ROOT'].
- '/?'.$a.'=r&'.$i.'='.$finfo[0]['id'].'&'.$r.'='.$finfo[0]['remove'];
- }
-
- function uploadFileInfo() {
- if (isset($_SESSION['user']['u'][0]['id'])) {
- $finfo = $_SESSION['user']['u'];
- $this->setupLinks($finfo);
- $result = app()->pluginAction('uploadFileInfo',$finfo,false);
- $this->tpl->assign('finfo',$finfo[0]);
- $this->tpl->assign('files',$finfo);
- $this->tpl->assign('webbase',app()->config['WWW_SERVER'].app()->config['WWW_ROOT']);
- } else {
- redirect();
- }
- }
-/**/
- function loadFile($id) {
- $finfo = app()->db->read('files',array('id'=>$id));
- $pinfo = app()->db->read('file_options',array('file_id' => $id));
- foreach ($pinfo as $v) {
- $finfo[0][$v['name']]=$v['value'];
- }
- $afiles = app()->db->read('file_options',array('module' => 'files', 'name' => 'group', 'value' => $id));
- if (count($afiles)>0) {
- foreach ($afiles as $k => $a) {
- $afile = app()->db->read('files',array('id'=>$a['file_id']));
- $finfo[$k+1]=$afile[0];
- }
- }
-//print_r($finfo); exit();
- return $finfo;
- }
-
- function downloadForm() {
- global $_SESSION;
- global $_GET;
-
- unset($_SESSION['user']['d']);
- if (isset($_GET['id']) or isset($_GET['i'])) {
- $_SESSION['user']['d'][0]['id'] = isset($_GET['id'])?$_GET['id']:$_GET['i'];
- $this->nextStep();
- }
- $finfo = array();
- app()->pluginAction('downloadForm',$finfo,false);
- }
-
- function downloadRequest() {
- global $_GET;
- global $_POST;
- global $_SESSION;
-
- $id = '';
- if (isset($_POST['id'])) {
- $id = $_POST['id'];
- } else if (isset($_SESSION['user']['d'][0]['id'])) {
- $id = $_SESSION['user']['d'][0]['id'];
- }
- /* check if download exists, and what are the properties */
- if ($id != '') {
- $finfo = $this->loadFile($id);
- if ($finfo[0]['id']!=$id or isset($finfo[0]['group'])) {
- app()->log('warning','downloadRequest','','DENY','File does not exist: ID:'.$id);
- app()->error(tr('Requested file does not exist!'));
- $this->prevStep();
- } else {
- $_SESSION['user']['d']=$finfo;
- $_SESSION['user']['d'][0]['protected'] = true;
- $this->tpl->assign('finfo',$finfo[0]);
- $this->tpl->assign('files',$finfo);
- $result = app()->pluginAction('downloadRequest',$finfo,false);
- if ($result) {
- app()->log('info','downloadRequest','','ALLOW',$id);
- $_SESSION['user']['d'][0]['protected']=false;
- $this->nextStep();
- }
- }
- }
- }
-
- function downloadConfirm() {
-
- /* here we do the actual download of the file */
- if (!isset($_SESSION['user']['d'])) {
- redirect();
- } else if ($_SESSION['user']['d'][0]['candownload']=='ok') {
- $finfo = $_SESSION['user']['d'];
- $this->tpl->assign('finfo',$finfo[0]);
- $this->tpl->assign('files',$finfo);
- /* download is allowed */
- } else {
- $finfo = $_SESSION['user']['d'];
- /* check wether the plugins are ok */
- $result = app()->pluginAction('downloadConfirm',$finfo);
- if (!$result)
- $this->prevStep();
- for ($i = 0; $i<count($finfo); $i++)
- $finfo[$i]['candownload']='ok';
- $_SESSION['user']['d']=$finfo;
- /* now the user can download it */
- $this->nextStep(app()->step);
- }
- }
-
- function serveFile() {
- global $_SESSION;
- global $_POST;
- global $_GET;
-
- $num = 0;
- if (isset($_GET['fid'])) {
- $num = $_GET['fid'];
- }
- /* here we do the actual download of the file */
- if (!isset($_SESSION['user']['d'])) {
- redirect();
- } else if ($_SESSION['user']['d'][$num]['candownload']!='ok') {
- $this->nextStep(2,'d');
- } else {
- $finfo = $_SESSION['user']['d'];
- /* check wether the plugins are ok */
- $result = app()->pluginAction('serveFile',$finfo);
- if (!$result)
- $this->nextStep(3,'d');
- //$_SESSION['user']['d'][$num]['candownload']='ok';
- /* if we got this far the download should begin serving */
- $file = app()->config['DATA_PATH'].'/'.$finfo[$num]['id'];
- $filesize = filesize($file);
- /* set to not timeout within default setting */
- if (isset(app()->config['max_download_time'])) {
- set_time_limit(app()->config['max_download_time']*60);
- } else {
- set_time_limit(7200); /* 2 hours should be enough */
- }
- app()->log('notice','serveFile','','ALLOW',$finfo[$num]['id']);
- /* disable and clean output buffer so it won't reach memory limit */
- ob_end_clean();
- header('Content-Description: File Transfer');
- header('Content-Type: '.$finfo[$num]['mime']);
- header('Content-Length: '.$filesize);
- header('Content-Disposition: attachment; filename="'.$finfo[$num]['name'].'"');
- header('Content-Transfer-Encoding: binary');
- header('Expires: 0');
- header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
- header('Pragma: public');
-
- readfile($file);
- /* file should have been sent now let's reset the download info */
- if (!$_SESSION['user']['d'][0]['protected'])
- $_SESSION['user']['d'][$num]['candownload']='ok';
- else
- $_SESSION['user']['d'][$num]['candownload']='ko';
- exit(0);
- }
- }
-
- function removeRequest() {
- global $_GET;
- global $_SESSION;
-
- $id = '';
- if (isset($_GET['id']) or isset($_GET['i'])) {
- $id = isset($_GET['id'])?$_GET['id']:$_GET['i'];
- $r = isset($_GET['removeid'])?$_GET['removeid']:$_GET['r'];
- } else if (isset($_SESSION['user']['r'][0]['id'])) {
- $id = $_SESSION['user']['r'][0]['id'];
- $r = $_SESSION['user']['r'][0]['remove'];
- }
- /* check if file exists, and what are the properties */
- if ($id != '') {
- $finfo = $this->loadFile($id);
- if ($finfo[0]['id']!=$id or isset($finfo[0]['group'])) {
- app()->error(tr('Wrong file id!'));
- redirect();
- } else if ($r!=$finfo[0]['remove']) {
- app()->error(tr('Wrong file id!')); /* don't give the user much info on this */
- redirect();
- } else {
- $_SESSION['user']['r']=$finfo;
- $this->tpl->assign('files',$finfo);
- $this->tpl->assign('finfo',$finfo[0]);
- if (app()->config['allow_unprotected_removal']=='yes')
- $result = true;
- else
- $result = app()->pluginAction('removeRequest',$finfo,false);
- if ($result) {
- app()->log('info','removeRequest','','ALLOW',$id);
- $_SESSION['user']['r'][0]['canremove']='ok'; /* file has no protection */
- $this->nextStep();
- }
- }
- } else {
- app()->error(tr('Wrong file id!'));
- redirect();
- }
- }
-
- function removeConfirm() {
- $finfo = $_SESSION['user']['r'];
-
- /* here we do the actual remove of the file */
- if (!isset($_SESSION['user']['r'])) {
- redirect();
- } else if ($_SESSION['user']['r'][0]['canremove']=='ok') {
- $finfo = $_SESSION['user']['r'];
- $this->tpl->assign('finfo',$finfo[0]);
- $this->tpl->assign('files',$finfo);
- /* removal is allowed */
- } else {
- $finfo = $_SESSION['user']['r'];
- /* check wether the plugins are ok */
- if (app()->config['allow_unprotected_removal']=='yes')
- $result = true;
- else
- $result = app()->pluginAction('removeConfirm',$finfo);
- if (!$result)
- $this->prevStep();
- /* now we can remove the file */
- $_SESSION['user']['r'][0]['canremove']='ok';
- $this->tpl->assign('finfo',$finfo[0]);
- $this->tpl->assign('files',$finfo);
- }
- }
-
- function removeResult() {
- global $_POST;
-
- if (!isset($_SESSION['user']['r'])) {
- redirect();
- } else if (isset($_POST['confirmremove']) and ($_SESSION['user']['r'][0]['canremove']=='ok')) {
- $finfo = $_SESSION['user']['r'];
- $result = app()->pluginAction('removeResult',$finfo,false);
- if (!$result)
- $this->prevStep();
- foreach ($finfo as $f) {
- app()->db->delete('files',array('id' => $f['id']));
- app()->db->delete('file_options',array('file_id' => $f['id']));
- $file = app()->config['DATA_PATH'].'/'.$f['id'];
- @unlink($file);
- }
- app()->log('notice','removeResult','','ALLOW',$finfo[0]['id']);
- unset($_SESSION['user']['r']); /* remove any file reference */
- $this->tpl->assign('files',$finfo);
- $this->tpl->assign('finfo',$finfo[0]);
- } else {
- $this->prevStep();
- }
- }
-
- function fileList() {
- global $_GET;
- /* TODO: need paging ... */
- $rows = 20;
- $page = isset($_GET['page'])?$_GET['page']:1;
- $offset = ($page -1)*$rows;
- $count = app()->db->count('files',array('user_login'=>app()->user->info('login')));
- $pages = ceil($count / $rows)+1;
- $files = app()->db->read('files',array('user_login'=>app()->user->info('login')),array('upload_date desc'),$offset.','.$rows);
- $result = app()->pluginAction('fileList',$files,false);
- if (!$result)
- redirect();
- $this->tpl->assign('pagen',$page);
- $this->tpl->assign('pages',$pages);
- $this->tpl->assign('files',$files);
- }
-
- function fileDetail() {
- global $_GET;
-
- if (!isset($_GET['id'])) {
- $this->nextStep(1);
- }
- $finfo = $this->loadFile($_GET['id']);
- if (count($finfo)==0) {
- app()->error(tr('Wrong file id!'));
- $this->nextStep(1);
- } else if ($finfo[0]['user_login']!=app()->user->info('login')) {
- /* the user has no right to access this file !!! */
- app()->error(tr('Wrong file id!'));
- $this->nextStep(1);
- } else if (isset($finfo[0]['group'])) {
- /* it's a group file */
- app()->error(tr('Wrong file id!'));
- $this->nextStep(1);
- }
- $this->setupLinks($finfo);
- if (app()->user->info('login')=='') {
- unset($finfo[0]['removelink']);
- }
- $result = app()->pluginAction('fileDetail',$finfo,false);
- if (!$result) {
- $this->nextStep(1);
- }
- $this->tpl->assign('finfo',$finfo[0]);
- $this->tpl->assign('files',$finfo);
- }
-}
-
-?>
\ No newline at end of file
Added: trunk/lib/modules/default/invitation.inc.php
===================================================================
--- trunk/lib/modules/default/invitation.inc.php (rev 0)
+++ trunk/lib/modules/default/invitation.inc.php 2010-03-18 18:24:11 UTC (rev 370)
@@ -0,0 +1,488 @@
+
+<?php
+
+class InvitationModule extends BaseUploadModule {
+var $actions = array (
+ "i" => array ( /* handle invitation creation */
+ 1 => "createForm",
+ 2 => "createOptions",
+ 3 => "createInfo",
+ ),
+ "s" => array ( /* handle invitation uploads */
+ 1 => "uploadRequest",
+ 2 => "uploadForm",
+ 3 => "uploadFiles",
+ 4 => "uploadResult",
+ 99 => "uploadProgress",
+ ),
+ "x" => array ( /* handle invitation removal */
+ 1 => "removeRequest",
+ 2 => "removeConfirm",
+ 3 => "removeResult",
+ ),
+ "n" => array ( /* list invitations */
+ 1 => "elementList",
+ 2 => "elementDetail",
+ ),
+ );
+var $page;
+var $menu;
+
+ function InvitationModule() {
+ if (app()->user->info('login')!='')
+ $inv = tr("My Invitations");
+ else
+ $inv = tr("Public Invitations");
+ $this->page = array (
+ "i" => array (
+ "title" => tr("Invitation Creation"),
+ ),
+ "s" => array (
+ "title" => tr("Invitation Upload"),
+ ),
+ "x" => array (
+ "title" => tr("Invitation Removal"),
+ ),
+ "n" => array (
+ "title" => tr("Invitation List"),
+ ),
+ );
+ $this->menu = array (
+ "i" => tr('Create Invitation'),
+ "n" => $inv,
+ );
+ }
+
+ function _loadInvitation($id) {
+ $invitation = app()->db->read('invitations',array('id'=>$id));
+ $invitation = $invitation[0];
+ $info = app()->db->read('invitation_options',array('invitation_id' => $id));
+ foreach ($info as $v) {
+ $invitation[$v['name']]=$v['value'];
+ }
+ $pinfo = app()->db->read('invitation_upload_options',array('invitation_id' => $id));
+ foreach ($pinfo as $v) {
+ $invitation['u'][$v['name']]=$v['value'];
+ }
+ return $invitation;
+ }
+
+
+ // display the invitation options
+ function createForm() {
+ global $_SESSION;
+ global $_POST;
+
+ $invitation = array();
+
+ if (isset($_POST['description'])) { /* post the values */
+ $invitation = $_SESSION['i'];
+ $invitation['description']=$_POST['description'];
+ $result = app()->pluginAction('invitationValidateCreateForm',$invitation);
+ if ($result) {
+ $_SESSION['i']=$invitation;
+ $this->nextStep(2);
+ }
+ }
+ unset($_SESSION['i']);
+ $result = app()->pluginAction('invitationDisplayCreateForm', $invitation, false);
+ $_SESSION['i']=$invitation;
+ $this->tpl->assign('invitation',$invitation);
+ }
+
+ // display the uploaded files options to assign
+ function createOptions() {
+ global $_SESSION;
+ global $_POST;
+
+ if (isset($_SESSION['i'])) {
+ $invitation = $_SESSION['i'];
+ if (isset($_POST['step']) and ($_POST['step']==2)) {
+ /* create the invitation */
+ $result = app()->pluginAction('invitationValidateCreateOptions',$invitation);
+ if ($result) {
+ $s = isset(app()->config['id_max_length'])?app()->config['id_max_length']:30;
+ $a = isset(app()->config['id_use_alpha'])?app()->config['id_use_alpha']=='yes':false;
+ $invitation['id']= app()->db->newRandomId('invitations','id',$s,$a);
+ $remove = app()->db->newRandomId('invitations','remove',$s,$a);
+ $date = date('Y-m-d H:i:s');
+ $invitation['remove']= $remove;
+ $invitation['create_date'] = $date;
+ $invitation['expire_date'] = $date;
+ $invitation['ip']=$_SERVER['REMOTE_ADDR'];
+ $invitation['user']=app()->user->info('login');
+ $invitation['group']=app()->user->group();
+ app()->db->insert('invitations',$invitation,array('id','remove','create_date','expire_date','description','user','group','ip'));
+ /* save plugin values */
+ foreach (app()->plugins as $plugin) {
+ if (count($plugin->fields)>0) {
+ foreach ($plugin->fields as $f) {
+ if (isset($invitation[$f])) {
+ $pinfo['invitation_id'] = $invitation['id'];
+ $pinfo['module'] = $plugin->name;
+ $pinfo['name']=$f;
+ $pinfo['value']=$invitation[$f];
+ app()->db->insert('invitation_options',$pinfo,array('invitation_id','module','name','value'));
+ }
+ if (isset($invitation['u'][$f])) {
+ $pinfo['invitation_id'] = $invitation['id'];
+ $pinfo['module'] = $plugin->name;
+ $pinfo['name']=$f;
+ $pinfo['value']=$invitation['u'][$f];
+ app()->db->insert('invitation_upload_options',$pinfo,array('invitation_id','module','name','value'));
+ }
+ }
+ }
+ }
+ /* invitation has been created */
+ $this->setupLinks($invitation,'s','x');
+ $result = app()->pluginAction('invitationExecuteCreateActions',$invitation,false);
+
+ $_SESSION['i']=$invitation;
+ $this->nextStep(3);
+ } else {
+ $this->nextStep(2);
+ }
+ }
+ } else {
+ $this->prevStep();
+ }
+ $result = app()->pluginAction('invitationDisplayCreateOptions', $invitation, false);
+ $_SESSION['i']=$invitation;
+ $this->tpl->assign('invitation',$invitation);
+ }
+
+ // display invitation links and options
+ function createInfo() {
+ global $_SESSION;
+
+ if (isset($_SESSION['i']['id'])) {
+ if (app()->checkACL(app()->user->group(),$this->name,'n') == 'allow') { /* redirect to the invitation detail page */
+ //app()->display('upload/uploadResult');
+ redirect('?a=n&s=2&id='.$_SESSION['i']['id']);
+ } else {
+ $invitation = $_SESSION['i'];
+ $this->setupLinks($invitation,'s','x');
+ $result = app()->pluginAction('invitationDisplayCreateInfo', $invitation, false);
+ $this->tpl->assign('invitation',$invitation);
+ }
+ } else {
+ redirect();
+ }
+ }
+
+ // handle to see if the invitation request is valid
+ function uploadRequest() {
+ global $_SESSION;
+ global $_POST;
+ global $_GET;
+
+ /* reset the upload */
+ unset($_SESSION['s']);
+ $invitation = array();
+
+ $id = '';
+ if (isset($_POST['id'])) {
+ $id = $_POST['id'];
+ } else if (isset($_GET['id']) or isset($_GET['i'])) {
+ $id = isset($_GET['id'])?$_GET['id']:$_GET['i'];
+ } else if (isset($_SESSION['s']['id'])) {
+ $id = $_SESSION['s']['id'];
+ }
+ /* check if invitation exists, and what are the properties */
+ if ($id != '') {
+ $_SESSION['s']['id'] = $id;
+ $invitation = $this->_loadInvitation($id);
+ if ($invitation['id']!=$id) {
+ app()->log('warning','sendForm','','DENY','Invitation does not exist: ID:'.$id);
+ app()->error(tr('Requested invitation does not exist!'));
+ } else {
+ /* load information based on the user which created the invitation */
+ $_SESSION['s']=$invitation;
+ $this->nextStep();
+ }
+ }
+ app()->pluginAction('invitationDisplayUploadRequest',$invitation,false);
+ }
+
+ function uploadForm() {
+ global $_GET;
+ global $_POST;
+ global $_SESSION;
+
+
+ if (isset($_SESSION['s']['id'])) {
+ $invitation = $_SESSION['s'];
+ if (isset($_POST['confirm']) and ($_POST['confirm']=='yes')) {
+ $invitation['protected'] = true;
+ $this->tpl->assign('invitation',$invitation);
+ /* check if plugins need to protect the download */
+ $result = app()->pluginAction('invitationValidateUploadForm',$invitation,false);
+ if ($result) {
+ app()->log('info','sendRequest','','ALLOW',$id);
+ $invitation['canupload']='ok';
+ $_SESSION['s']=$invitation;
+ $this->nextStep();
+ }
+ }
+ $invitation['protected'] = true;
+ $this->tpl->assign('invitation',$invitation);
+ /* check if plugins need to protect the download */
+ $result = app()->pluginAction('invitationDisplayUploadForm',$invitation,false);
+ if ($result) {
+ app()->log('info','sendRequest','','ALLOW',$id);
+ $invitation['protected']=false;
+ $invitation['canupload']='ok';
+ $_SESSION['s']=$invitation;
+ $this->nextStep();
+ }
+ $_SESSION['s']=$invitation;
+ } else {
+ app()->error(tr('Invitation ID missing!'));
+ $this->nextStep(1);
+ }
+ }
+
+ // check for protection
+ function uploadFiles() {
+ global $_FILES;
+ global $_SERVER;
+ global $_SESSION;
+
+ if (!isset($_SESSION['s'])) {
+ redirect();
+ } else if ($_SESSION['s']['canupload']=='ok') {
+ $invitation = $_SESSION['s'];
+
+ app()->pluginSetGroup($invitation['group']);
+
+ $this->setupCGIFiles();
+
+ if (count($_FILES)>0) {
+ if ($this->validateUploadedFiles($invitation['u'])) {
+ $invitation['u']['ip']=$_SERVER['REMOTE_ADDR'];
+ $invitation['u']['user']=$invitation['user'];
+ $invitation['u']['group']=$invitation['group'];
+ $description = (isset($_POST['description']) and trim($_POST['description']!=''))?$_POST['description'].' | ':'';
+ $description .= tr('Uploaded via Invitation: %1',$invitation['description']!=''?$invitation['description']:$invitation['id']);
+ $invitation['u']['description']=$description;
+ $result = app()->pluginAction('invitationValidateUploadFiles',$invitation);
+ if (!$result) { /* some plugin blocked the upload */
+ /* remove the file */
+ foreach ($invitation['u']['files'] as $f) {
+ @unlink($f['tmp']);
+ }
+ unset($invitation['u']);
+ $_SESSION['s']=$invitation;
+ $this->prevStep(3);
+ }
+ /* execute the actions for the upload */
+ $s = isset(app()->config['id_max_length'])?app()->config['id_max_length']:30;
+ $a = isset(app()->config['id_use_alpha'])?app()->config['id_use_alpha']=='yes':false;
+ $upload = $invitation['u'];
+ $upload['id']= app()->db->newRandomId('uploads','id',$s,$a);
+ $remove = app()->db->newRandomId('uploads','remove',$s,$a);
+ $date = date('Y-m-d H:i:s');
+ $upload['remove']= $remove;
+ $upload['upload_date'] = $date;
+ app()->db->insert('uploads',$upload,array('id','remove','upload_date','expire_date','description','user','group','ip','size'));
+ foreach ($upload['files'] as $k => $f) {
+ $f['upload_id']=$upload['id'];
+ /* everything ok then add the file */
+ app()->db->insert('upload_files',$f,array('upload_id','name','mime','size'));
+ /* move the file to the actual location */
+ rename($f['tmp'],app()->config['DATA_PATH'].'/files/'.$upload['id'].'_'.$k);
+ }
+ /* save plugin values */
+ foreach (app()->plugins as $plugin) {
+ if (count($plugin->fields)>0) {
+ foreach ($plugin->fields as $f) {
+ if (isset($invitation['u'][$f])) {
+ $pinfo['upload_id'] = $upload['id'];
+ $pinfo['module'] = $plugin->name;
+ $pinfo['name']=$f;
+ $pinfo['value']=$invitation['u'][$f];
+ app()->db->insert('upload_options',$pinfo,array('upload_id','module','name','value'));
+ }
+ }
+ }
+ }
+ /* everthing went fine create the upload and display next screen */
+ $this->setupLinks($upload);
+ $invitation['u']=$upload;
+ $result = app()->pluginAction('invitationExecuteUploadActions',$invitation,false);
+ unset($_SESSION['i']);
+ $_SESSION['ix']=true;
+ $this->nextStep();
+ }
+ } else {
+ /* this is dumb but it's how php works */
+ if (($_SERVER['REQUEST_METHOD']=='POST') and (ini_get('post_max_size')<$_SERVER['CONTENT_LENGTH'])) {
+ app()->log('warning','uploadFiles','','DENY','Maximum file size exceeded!');
+ app()->error(tr('Maximum file size exceeded!'));
+ $this->prevStep(3);
+ }
+ $this->tpl->assign('invitation',$invitation);
+ $upload = $this->setupUpload();
+ if (is_array($invitation['u']))
+ $upload = $invitation['u'] + $upload;
+ $invitation['u'] = $upload;
+ $this->tpl->assign('upload',$upload);
+ $_SESSION['s']=$invitation;
+ $result = app()->pluginAction('invitationDisplayUploadFiles',$invitation);
+ }
+ } else {
+ /* somebody got here not passing from the upload form (?)*/
+ $this->prevStep(2);
+ }
+ }
+
+ // display the ok
+ function uploadResult() {
+ if (!isset($_SESSION['ix'])) {
+ redirect();
+ }
+ $result = app()->pluginAction('displayInvitationUploadResult',$invitation);
+ }
+
+
+ function removeRequest() {
+ global $_GET;
+ global $_SESSION;
+
+ $id = '';
+ if (isset($_GET['id']) or isset($_GET['i'])) {
+ $id = isset($_GET['id'])?$_GET['id']:$_GET['i'];
+ $r = isset($_GET['removeid'])?$_GET['removeid']:$_GET['r'];
+ } else if (isset($_SESSION['x']['id'])) {
+ $id = $_SESSION['x']['id'];
+ $r = $_SESSION['x']['remove'];
+ }
+ /* check if invitation exists, and what are the properties */
+ if ($id != '') {
+ $invitation = $this->_loadInvitation($id);
+ if ($invitation['id']!=$id) {
+ app()->error(tr('Wrong invitation id!'));
+ redirect();
+ } else if ($r!=$invitation['remove']) {
+ app()->error(tr('Wrong invitation id!')); /* don't give the user much info on this */
+ redirect();
+ } else {
+ $_SESSION['x']=$invitation;
+ $this->tpl->assign('invitation',$invitation);
+ if (app()->config['allow_unprotected_removal']=='yes')
+ $result = true;
+ else
+ $result = app()->pluginAction('InvitationDisplayRemoveRequest',$invitation,false);
+ if ($result) {
+ app()->log('info','removeRequest','','ALLOW',$id);
+ $_SESSION['x']['canremove']='ok'; /* filne has no protection */
+ $this->nextStep();
+ }
+ return $result;
+ }
+ } else {
+ app()->error(tr('Wrong invitation id!'));
+ redirect();
+ }
+ }
+
+ function removeConfirm() {
+ $upload = $_SESSION['r'];
+
+ /* here we do the actual remove of the invitation */
+ if (!isset($_SESSION['x'])) {
+ redirect();
+ } else if ($_SESSION['x']['canremove']=='ok') {
+ $invitation = $_SESSION['x'];
+ $this->tpl->assign('invitation',$invitation);
+ /* removal is allowed */
+ } else {
+ $invitation = $_SESSION['x'];
+ /* check wether the plugins are ok */
+ if (app()->config['allow_unprotected_removal']=='yes')
+ $result = true;
+ else
+ $result = app()->pluginAction('invitationValidateRemoveConfirm',$invitation);
+ if (!$result)
+ $this->prevStep();
+ /* now we can remove the invitation */
+ $_SESSION['x']['canremove']='ok';
+ $this->tpl->assign('invitation',$invitation);
+ redirect();
+ }
+ }
+
+ function removeResult() {
+ global $_POST;
+ if (!isset($_SESSION['x'])) {
+ redirect();
+ } else if (isset($_POST['confirmremove']) and ($_SESSION['x']['canremove']=='ok')) {
+ $invitation = $_SESSION['x'];
+ $result = app()->pluginAction('invitationDisplayRemoveResult',$invitation,false);
+ if (!$result)
+ $this->prevStep();
+
+ app()->db->delete('invitations',array('id' => $invitation['id']));
+ app()->db->delete('inviation_options',array('invitation_id' => $invitation['id']));
+ app()->db->delete('invitation_upload_options',array('invitation_id' => $invitation['id']));
+ app()->log('notice','removeResult','','ALLOW',$upload['id']);
+ unset($_SESSION['x']); /* remove any file reference */
+ $this->tpl->assign('invitation',$invitation);
+ } else {
+ $this->prevStep();
+ }
+ }
+
+ function elementList() {
+ global $_GET;
+ /* TODO: need paging ... */
+ $rows = isset($_GET['limit'])?$_GET['limit']:20;
+ $page = isset($_GET['page'])?$_GET['page']:1;
+ $count = app()->db->count('invitations',array('user'=>app()->user->info('login')));
+ $pages = ceil($count / $rows)+1;
+ if ($page>$pages-1) { $page = $pages-1; }
+ if ($page<1) { $page = 1; }
+ $offset = ($page -1)*$rows;
+ $invitations = app()->db->read('invitations',array('user'=>app()->user->info('login')),array('create_date desc'),$offset.','.$rows);
+ $result = app()->pluginAction('invitationDisplayElementList',$invitations,false);
+ if (!$result)
+ redirect();
+ $this->tpl->assign('pagen',$page);
+ $this->tpl->assign('pages',$pages);
+ $this->tpl->assign('limit',$rows);
+ $this->tpl->assign('invitations',$invitations);
+ }
+
+ function elementDetail() {
+ global $_GET;
+
+ if (!isset($_GET['id'])) {
+ $this->nextStep(1);
+ }
+ $invitation = $this->_loadInvitation($_GET['id']);
+ if ($invitation['id']!=$_GET['id']) {
+ app()->error(tr('Wrong invitation id!'));
+ $this->nextStep(1);
+ } else if ($invitation['user']!=app()->user->info('login')) {
+ /* the user has no right to access this file !!! */
+ app()->error(tr('Wrong invitation id!'));
+ $this->nextStep(1);
+ } else if ($invitation['group']!=app()->user->group()) {
+ /* it's a group file */
+ app()->error(tr('Wrong invitation id!'));
+ $this->nextStep(1);
+ }
+ $this->setupLinks($invitation,'s','x');
+ if (app()->user->info('login')=='') { /* do not allow unregistere users to see remove linke */
+ unset($invitation['removelink']);
+ }
+ $this->tpl->assign('invitation',$invitation);
+ $result = app()->pluginAction('invitationDisplayElementDetail',$invitation,false);
+ if (!$result) {
+ $this->nextStep(1);
+ }
+ }
+
+}
+?>
\ No newline at end of file
Added: trunk/lib/modules/default/upload.inc.php
===================================================================
--- trunk/lib/modules/default/upload.inc.php (rev 0)
+++ trunk/lib/modules/default/upload.inc.php 2010-03-18 18:24:11 UTC (rev 370)
@@ -0,0 +1,550 @@
+<?php
+
+class UploadModule extends BaseUploadModule {
+var $actions = array (
+ "u" => array ( /* handle uploads */
+ 1 => "uploadForm",
+ 2 => "uploadOptions",
+ 3 => "uploadResult",
+ 99 => "uploadProgress",
+ ),
+ "d" => array ( /* handle file downloads */
+ 1 => "downloadForm",
+ 2 => "downloadOptions",
+ 3 => "downloadResult",
+ 99 => "downloadFile",
+ ),
+ "r" => array ( /* handle upload removal */
+ 1 => "removeForm",
+ 1 => "removeRequest",
+ 2 => "removeConfirm",
+ 3 => "removeResult",
+ ),
+ "l" => array ( /* handle uploads listing */
+ 1 => "elementList",
+ 2 => "elementDetail",
+ ),
+ );
+var $page;
+var $menu;
+
+ function UploadModule() {
+ if (app()->user->info('login')!='')
+ $files = tr("My Uploads");
+ else
+ $files = tr("Public Uploads");
+ $this->page = array (
+ "u" => array (
+ "title" => tr("File upload"),
+ ),
+ "d" => array (
+ "title" => tr("File download"),
+ ),
+ "r" => array (
+ "title" => tr("File Removal"),
+ ),
+ "l" => array (
+ "title" => $files,
+ ),
+ );
+ $this->menu = array (
+ "u" => tr("File Upload"),
+ "i" => tr('Upload Request'),
+ "l" => $files,
+ );
+ }
+
+ function init() {
+ /* initialize */
+ }
+
+
+ function _displayUploadForm() {
+ global $_SESSION;
+
+ /* setup the upload */
+ $upload = $this->setupUpload();
+ app()->tpl->assign('upload',$upload);
+ $result = app()->pluginAction('uploadDisplayUploadForm',$upload,false);
+ $_SESSION['u']=$upload;
+ }
+
+ function _validateUploadForm() {
+ global $_SESSION;
+ global $_SERVER;
+ global $_FILES;
+
+ if (count($_FILES)>0) {
+ if ($this->validateUploadedFiles($_SESSION['u'])) {
+ $_SESSION['u']['ip']=$_SERVER['REMOTE_ADDR'];
+ $_SESSION['u']['user']=app()->user->info('login');
+ $_SESSION['u']['group']=app()->user->group();
+ $result = app()->pluginAction('uploadValidateUploadForm',$_SESSION['u']);
+ if (!$result) { /* some plugin blocked the upload */
+ /* remove the file */
+ foreach ($_SESSION['u']['files'] as $f) {
+ @unlink($f['tmp']);
+ }
+ unset($_SESSION['u']);
+ return false;
+ }
+ return true;
+ } else {
+ return false;
+ }
+ } else if (!isset($_SESSION['u']['files'][0])) {
+ /* somebody got here not passing from the upload form (?)*/
+ return false;
+ }
+ return true;
+ }
+
+ function uploadForm() {
+ global $_POST;
+ global $_FILES;
+ global $_SERVER;
+
+ $this->setupCGIFiles();
+
+ if (count($_FILES)>0) {
+ $result = $this->_validateUploadForm();
+ if ($result) {
+ if (app()->config['twoclickupload'] != 'yes') {
+ $this->uploadOptions();
+ } else {
+ /* let's go with next step and ask information */
+ $this->nextStep();
+ }
+ } else {
+ /* something went wrong */
+ $this->nextStep(1);
+ }
+ } else {
+ /* this is dumb but it's how php works */
+ if (ini_get('post_max_size')<$_SERVER['CONTENT_LENGTH']) {
+ app()->log('warning','uploadFiles','','DENY','Maximum file size exceeded!');
+ app()->error(tr('Maximum file size exceeded!'));
+ redirect();
+ }
+ $result = $this->_displayUploadForm();
+ if (app()->config['twoclickupload'] != 'yes') {
+ $this->uploadOptions();
+ }
+ }
+ return $result;
+ }
+
+
+ function _displayUploadOptions() {
+ /* ask for information on the file */
+ $this->tpl->assign('upload',$_SESSION['u']);
+ $result = app()->pluginAction('uploadDisplayUploadOptions',$_SESSION['u']);
+ if (!$result) { /* some plugin blocked the upload here, strange but can be used. */
+ foreach ($_SESSION['u']['files'] as $f) {
+ @unlink($f['tmp']);
+ }
+ unset($_SESSION['u']);
+ $this->nextStep(1);
+ }
+ }
+
+
+ function _validateUploadOptions() {
+ global $_POST;
+ global $_SESSION;
+
+ if (isset($_POST['description'])) {
+ /* now check plugins and if ok add file otherwise request the data again */
+ $upload = $_SESSION['u'];
+ $upload['description'] = $_POST['description'];
+ $upload['expire_date'] = '9999-31-12';
+ $s = isset(app()->config['id_max_length'])?app()->config['id_max_length']:30;
+ $a = isset(app()->config['id_use_alpha'])?app()->config['id_use_alpha']=='yes':false;
+ $upload['id']= app()->db->newRandomId('uploads','id',$s,$a);
+ $remove = app()->db->newRandomId('uploads','remove',$s,$a);
+ $upload['remove'] = $remove;
+ $upload['upload_date'] = date('Y-m-d H:i:s');
+ if (Trim($upload['description'])=='') {
+ foreach ($upload['files'] as $f) {
+ if ($description!='') $description .= ', ';
+ $description .= $f['name'];
+ }
+ $upload['description'] = $description;
+ }
+ $result = app()->pluginAction('uploadValidateUploadOptions',$upload, false);
+ if (!$result) {
+ $_SESSION['u']=$upload;
+ $this->nextStep(2);
+ }
+ /* add the upload */
+
+ app()->db->insert('uploads',$upload,array('id','remove','upload_date','expire_date','description','user','group','ip','size'));
+ foreach ($upload['files'] as $k => $f) {
+ $f['upload_id']=$upload['id'];
+ /* everything ok then add the file */
+ app()->db->insert('upload_files',$f,array('upload_id','name','mime','size'));
+ /* move the file to the actual location */
+ rename($f['tmp'],app()->config['DATA_PATH'].'/files/'.$upload['id'].'_'.$k);
+ }
+ /* save plugin values */
+ foreach (app()->plugins as $plugin) {
+ if (count($plugin->fields)>0) {
+ foreach ($plugin->fields as $f) {
+ if (isset($upload[$f])) {
+ $pinfo['upload_id'] = $upload['id'];
+ $pinfo['module'] = $plugin->name;
+ $pinfo['name']=$f;
+ $pinfo['value']=$upload[$f];
+ app()->db->insert('upload_options',$pinfo,array('upload_id','module','name','value'));
+ }
+ }
+ }
+ }
+ app()->message(tr('Files where successfully uploaded!'));
+ $this->setupLinks($upload);
+ $result = app()->pluginAction('uploadExecuteUploadActions',$upload, false);
+ $_SESSION['u']=$upload;
+ app()->log('notice','uploadOptions','','ALLOW',$upload['id']);
+ $this->nextStep(3);
+ }
+ }
+
+
+ function uploadOptions() {
+ global $_SESSION;
+ global $_POST;
+
+ if (isset($_SESSION['u']) and
+ ((isset($_SESSION['u']['files'])) or
+ (app()->config['twoclickupload']!='yes')) ) {
+ if (isset($_POST['description'])) {
+ $this->_validateUploadOptions();
+ } else {
+ $this->_displayUploadOptions();
+ }
+ } else {
+ $this->nextStep(1);
+ }
+ }
+
+
+
+ function uploadResult() {
+ if (isset($_SESSION['u']['id'])) {
+ if (app()->checkACL(app()->user->group(),$this->name,'l') == 'allow') { /* redirect to the file detail page */
+ //app()->display('upload/uploadResult');
+ redirect('?a=l&s=2&id='.$_SESSION['u']['id']);
+ } else {
+ $upload = $_SESSION['u'];
+ $this->setupLinks($upload);
+ $result = app()->pluginAction('uploadDisplayUploadResult',$upload,false);
+ $this->tpl->assign('upload',$upload);
+ $this->tpl->assign('webbase',app()->config['WWW_SERVER'].app()->config['WWW_ROOT']);
+ }
+ } else {
+ redirect();
+ }
+ }
+
+
+
+/**/
+ function _loadFile($id) {
+ $upload = app()->db->read('uploads',array('id'=>$id));
+ $upload = $upload[0];
+ $pinfo = app()->db->read('upload_options',array('upload_id' => $id));
+ foreach ($pinfo as $v) {
+ $upload[$v['name']]=$v['value'];
+ }
+ $files = app()->db->read('upload_files', array('upload_id' => $id));
+ $upload['files']= $files;
+ return $upload;
+ }
+
+
+ function downloadForm() {
+ global $_SESSION;
+ global $_POST;
+ global $_GET;
+
+ /* reset the download */
+ unset($_SESSION['d']);
+
+ $id = '';
+ if (isset($_POST['id'])) {
+ $id = $_POST['id'];
+ } else if (isset($_GET['id']) or isset($_GET['i'])) {
+ $id = isset($_GET['id'])?$_GET['id']:$_GET['i'];
+ } else if (isset($_SESSION['d']['id'])) {
+ $id = $_SESSION['d']['id'];
+ }
+ /* check if download exists, and what are the properties */
+ if ($id != '') {
+ $_SESSION['d']['id'] = $id;
+ $upload = $this->_loadFile($id);
+ if ($upload['id']!=$id) {
+ app()->log('warning','downloadForm','','DENY','File does not exist: ID:'.$id);
+ app()->error(tr('Requested file does not exist!'));
+ } else if (($upload['expire_date']!='0000-00-00 00:00:00') and $upload['expire_date']<date('Y-m-d H:i:s')) {
+ app()->log('warning','downloadForm','','DENY','File has expired: ID:'.$id);
+ app()->error(tr('File has expired, it cannot be downloaded anymore.'));
+ $this->nextStep(1);
+ } else {
+ $this->nextStep();
+ }
+ }
+ $upload = array();
+ app()->pluginAction('uploadDisplayDownloadForm',$upload,false);
+ }
+
+ function downloadOptions() {
+ global $_GET;
+ global $_POST;
+ global $_SESSION;
+
+ if (isset($_SESSION['d']['id'])) {
+ if (isset($_POST['confirm']) and ($_POST['confirm']=='yes')) {
+ $upload = $this->_loadFile($_SESSION['d']['id']);
+ $_SESSION['d']=$upload;
+ $_SESSION['d']['protected'] = true;
+ $this->tpl->assign('upload',$upload);
+ /* check if plugins need to protect the download */
+ $result = app()->pluginAction('uploadValidateDownloadOptions',$upload,false);
+ if ($result) {
+ app()->log('info','downloadOptions','','ALLOW',$id);
+ for ($i = 0; $i<count($_SESSION['d']['files']); $i++)
+ $_SESSION['d']['files'][$i]['downloaded']=false;
+ $_SESSION['d']['candownload']='ok';
+ $this->nextStep();
+ }
+ }
+ $upload = $this->_loadFile($_SESSION['d']['id']);
+ $_SESSION['d']=$upload;
+ $_SESSION['d']['protected'] = true;
+ $this->tpl->assign('upload',$upload);
+ /* check if plugins need to protect the download */
+ $result = app()->pluginAction('uploadDisplayDownloadOptions',$upload,false);
+ if ($result) {
+ app()->log('info','downloadOptions','','ALLOW',$id);
+ $_SESSION['d']['protected']=false;
+ $_SESSION['d']['candownload']='ok';
+ for ($i = 0; $i<count($_SESSION['d']['files']); $i++)
+ $_SESSION['d']['files'][$i]['downloaded']=false;
+ $this->nextStep();
+ }
+ } else {
+ app()->error(tr('Requested file does not exist!'));
+ $this->prevStep();
+ }
+ }
+
+ function downloadResult() {
+
+ /* here we do the actual download of the file */
+ if (!isset($_SESSION['d'])) {
+ redirect();
+ } else if ($_SESSION['d']['candownload']=='ok') {
+ /* download is allowed, display the files */
+ $upload = $_SESSION['d'];
+ $this->tpl->assign('upload',$upload);
+ } else { /* download needs the user to fill in some info before re-downloading */
+ $this->prevStep(2);
+ }
+ }
+
+ function downloadFile() {
+ global $_SESSION;
+ global $_POST;
+ global $_GET;
+
+ $num = 0;
+ if (isset($_GET['fid'])) {
+ $num = $_GET['fid'];
+ }
+ /* here we do the actual download of the file */
+ if (!isset($_SESSION['d'])) {
+ redirect();
+ } else if ($_SESSION['d']['protected'] and $_SESSION['d']['files'][$num]['downloaded']) {
+ $_SESSION['d']['candownload']='ko';
+ $this->nextStep(2,'d');
+ } else {
+ $upload = $_SESSION['d'];
+ /* check wether the plugins are ok */
+ $result = app()->pluginAction('serveFile',$upload);
+ if (!$result)
+ $this->nextStep(3,'d');
+ /* if we got this far the download should be served */
+ $file = app()->config['DATA_PATH'].'/files/'.$upload['id'].'_'.$num;
+ $filesize = filesize($file);
+ /* set to not timeout within default setting */
+ if (isset(app()->config['max_download_time'])) {
+ set_time_limit(app()->config['max_download_time']*60);
+ } else {
+ set_time_limit(7200); /* 2 hours should be enough */
+ }
+ app()->log('notice','serveFile','','ALLOW',$upload['id']);
+ /* let's set that the file has been downloaded */
+ $_SESSION['d']['files'][$num]['downloaded']=true;
+ /* let's free so multiple downloads should be available */
+ session_write_close();
+ /* disable and clean output buffer so it won't reach memory limit */
+ ob_end_clean();
+ header('Content-Description: File Transfer');
+ header('Content-Type: '.$upload['files'][$nu...
[truncated message content] |
