/**
* Upload a file to the wiki via AJAX
*
* @return string
*/
public function ajaxUploadTask()
{
// Check for request forgeries
Request::checkToken(['get', 'post']);
// Ensure we have an ID to work with
$id = Request::getInt('id', 0);
if (!$id) {
echo json_encode(array('error' => Lang::txt('COM_STOREFRONT_ERROR_NO_ID')));
return;
}
// Build the path
$type = strtolower(Request::getWord('type', ''));
$path = $this->_path($type, $id);
if (!$path) {
echo json_encode(array('error' => $this->getError()));
return;
}
// allowed extensions for uplaod
$allowedExtensions = array('png', 'jpeg', 'jpg', 'gif');
// max upload size
$sizeLimit = $this->config->get('maxAllowed', 40000000);
// get the file
if (isset($_GET['qqfile'])) {
$stream = true;
$file = $_GET['qqfile'];
$size = (int) $_SERVER["CONTENT_LENGTH"];
} elseif (isset($_FILES['qqfile'])) {
$stream = false;
$file = $_FILES['qqfile']['name'];
$size = (int) $_FILES['qqfile']['size'];
} else {
echo json_encode(array('error' => Lang::txt('COM_STOREFRONT_ERROR_NO_FILE_FOUND')));
return;
}
if (!is_dir($path)) {
if (!Filesystem::makeDirectory($path)) {
echo json_encode(array('error' => Lang::txt('COM_STOREFRONT_ERROR_UNABLE_TO_CREATE_UPLOAD_PATH')));
return;
}
}
if (!is_writable($path)) {
echo json_encode(array('error' => Lang::txt('COM_STOREFRONT_ERROR_UPLOAD_DIRECTORY_IS_NOT_WRITABLE')));
return;
}
//check to make sure we have a file and its not too big
if ($size == 0) {
echo json_encode(array('error' => Lang::txt('COM_STOREFRONT_ERROR_EMPTY_FILE')));
return;
}
if ($size > $sizeLimit) {
$max = preg_replace('/<abbr \\w+=\\"\\w+\\">(\\w{1,3})<\\/abbr>/', '$1', \Hubzero\Utility\Number::formatBytes($sizeLimit));
echo json_encode(array('error' => Lang::txt('COM_STOREFRONT_ERROR_FILE_TOO_LARGE', $max)));
return;
}
// don't overwrite previous files that were uploaded
$pathinfo = pathinfo($file);
$filename = $pathinfo['filename'];
// Make the filename safe
$filename = urldecode($filename);
$filename = Filesystem::clean($filename);
$filename = str_replace(' ', '_', $filename);
$ext = $pathinfo['extension'];
if (!in_array(strtolower($ext), $allowedExtensions)) {
echo json_encode(array('error' => Lang::txt('COM_STOREFRONT_ERROR_UNKNOWN_FILE_TYPE')));
return;
}
$file = $path . DS . $filename . '.' . $ext;
if ($stream) {
//read the php input stream to upload file
$input = fopen("php://input", "r");
$temp = tmpfile();
$realSize = stream_copy_to_stream($input, $temp);
fclose($input);
//move from temp location to target location which is user folder
$target = fopen($file, "w");
fseek($temp, 0, SEEK_SET);
stream_copy_to_stream($temp, $target);
fclose($target);
} else {
move_uploaded_file($_FILES['qqfile']['tmp_name'], $file);
}
if (!Filesystem::isSafe($file)) {
Filesystem::delete($file);
echo json_encode(array('error' => Lang::txt('COM_STOREFRONT_ERROR_FILE_UNSAFE')));
return;
}
// Do we have an old file we're replacing?
if ($curfile = Request::getVar('currentfile', '')) {
// Remove old image
if (file_exists($path . DS . $curfile)) {
if (!Filesystem::delete($path . DS . $curfile)) {
echo json_encode(array('error' => Lang::txt('COM_STOREFRONT_ERROR_UNABLE_TO_DELETE_FILE')));
return;
}
}
}
switch ($type) {
case 'product':
// Instantiate a model, change some info and save
$object = new Product($id);
$object->setImage($filename . '.' . $ext);
break;
case 'collection':
// Instantiate a model, change some info and save
$object = new Collection($id);
$object->setImage($filename . '.' . $ext);
break;
default:
echo json_encode(array('error' => Lang::txt('COM_STOREFRONT_ERROR_INVALID_TYPE')));
return;
break;
}
if (!$object->save()) {
echo json_encode(array('error' => 'Error updating the object'));
return;
}
$imgId = $object->getImage()->imgId;
$this_size = filesize($file);
list($width, $height, $type, $attr) = getimagesize($file);
//echo result
echo json_encode(array('success' => true, 'file' => $filename . '.' . $ext, 'directory' => str_replace(PATH_ROOT, '', $path), 'id' => $id, 'imgId' => $imgId, 'size' => \Hubzero\Utility\Number::formatBytes($this_size), 'width' => $width, 'height' => $height));
}
