/** * Processes uploaded files (only if something was uploaded) * * @access private * @param string $field field name * @return string */ public function _processFiles($field) { $vs_sql = ""; # only set file if something was uploaded # (ie. don't nuke an existing file because none # was uploaded) if (isset($this->_FILES_CLEAR[$field]) && $this->_FILES_CLEAR[$field]) { #--- delete file @unlink($this->getFilePath($field)); #--- delete conversions foreach ($this->getFileConversions($field) as $vs_format => $va_file_conversion) { @unlink($this->getFileConversionPath($field, $vs_format)); } $this->_FILES[$field] = ""; $this->_FIELD_VALUES[$field] = ""; $vs_sql = "{$field} = " . $this->quote(caSerializeForDatabase($this->_FILES[$field], true)) . ","; } else { $va_field_info = $this->getFieldInfo($field); if (file_exists($this->_SET_FILES[$field]['tmp_name'])) { $ff = new File(); $mimetype = $ff->divineFileFormat($this->_SET_FILES[$field]['tmp_name'], $this->_SET_FILES[$field]['original_filename']); if (is_array($va_field_info["FILE_FORMATS"]) && sizeof($va_field_info["FILE_FORMATS"]) > 0) { if (!in_array($mimetype, $va_field_info["FILE_FORMATS"])) { $this->postError(1605, _t("File is not a valid format"), "BaseModel->_processFiles()", $this->tableName() . '.' . $field); return false; } } $vn_dangerous = 0; if (!$mimetype) { $mimetype = "application/octet-stream"; $vn_dangerous = 1; } # get volume $vi = $this->_FILE_VOLUMES->getVolumeInformation($va_field_info["FILE_VOLUME"]); if (!is_array($vi)) { print "Invalid volume " . $va_field_info["FILE_VOLUME"] . "<br>"; exit; } if (!is_array($properties = $ff->getProperties())) { $properties = array(); } if ($properties['dangerous'] > 0) { $vn_dangerous = 1; } if (($dirhash = $this->_getDirectoryHash($vi["absolutePath"], $this->getPrimaryKey())) === false) { $this->postError(1600, _t("Could not create subdirectory for uploaded file in %1. Please ask your administrator to check the permissions of your media directory.", $vi["absolutePath"]), "BaseModel->_processFiles()", $this->tableName() . '.' . $field); return false; } $magic = rand(0, 99999); $va_pieces = explode("/", $this->_SET_FILES[$field]['original_filename']); $ext = array_pop($va_tmp = explode(".", array_pop($va_pieces))); if ($properties["dangerous"]) { $ext .= ".bin"; } if (!$ext) { $ext = "bin"; } $filestem = $vi["absolutePath"] . "/" . $dirhash . "/" . $magic . "_" . $this->_genMediaName($field); $filepath = $filestem . "." . $ext; $filesize = isset($properties["filesize"]) ? $properties["filesize"] : 0; if (!$filesize) { $properties["filesize"] = filesize($this->_SET_FILES[$field]['tmp_name']); } $file_desc = array("FILE" => 1, "VOLUME" => $va_field_info["FILE_VOLUME"], "ORIGINAL_FILENAME" => $this->_SET_FILES[$field]['original_filename'], "MIMETYPE" => $mimetype, "FILENAME" => $this->_genMediaName($field) . "." . $ext, "HASH" => $dirhash, "MAGIC" => $magic, "PROPERTIES" => $properties, "DANGEROUS" => $vn_dangerous, "CONVERSIONS" => array(), "MD5" => md5_file($this->_SET_FILES[$field]['tmp_name'])); if (!copy($this->_SET_FILES[$field]['tmp_name'], $filepath)) { $this->postError(1600, _t("File could not be copied. Ask your administrator to check permissions and file space for %1", $vi["absolutePath"]), "BaseModel->_processFiles()", $this->tableName() . '.' . $field); return false; } # -- delete old file if its name is different from the one we just wrote (otherwise, we overwrote it) if ($filepath != $this->getFilePath($field)) { @unlink($this->getFilePath($field)); } # # -- Attempt to do file conversions # if (isset($va_field_info["FILE_CONVERSIONS"]) && is_array($va_field_info["FILE_CONVERSIONS"]) && sizeof($va_field_info["FILE_CONVERSIONS"]) > 0) { foreach ($va_field_info["FILE_CONVERSIONS"] as $vs_output_format) { if ($va_tmp = $ff->convert($vs_output_format, $filepath, $filestem)) { # new extension is added to end of stem by conversion $vs_file_ext = $va_tmp["extension"]; $vs_format_name = $va_tmp["format_name"]; $vs_long_format_name = $va_tmp["long_format_name"]; $file_desc["CONVERSIONS"][$vs_output_format] = array("MIMETYPE" => $vs_output_format, "FILENAME" => $this->_genMediaName($field) . "_conv." . $vs_file_ext, "PROPERTIES" => array("filesize" => filesize($filestem . "_conv." . $vs_file_ext), "extension" => $vs_file_ext, "format_name" => $vs_format_name, "long_format_name" => $vs_long_format_name)); } } } $this->_FILES[$field] = $file_desc; $vs_sql = "{$field} = " . $this->quote(caSerializeForDatabase($this->_FILES[$field], true)) . ","; $this->_FIELD_VALUES[$field] = $this->_SET_FILES[$field] = $file_desc; } } return $vs_sql; }