/**
*
* @param object &$a
*/
function filestorage_post(&$a)
{
$channel_id = x($_POST, 'uid') ? intval($_POST['uid']) : 0;
if (!$channel_id || !local_channel() || $channel_id != local_channel()) {
notice(t('Permission denied.') . EOL);
return;
}
$recurse = x($_POST, 'recurse') ? intval($_POST['recurse']) : 0;
$resource = x($_POST, 'filehash') ? notags($_POST['filehash']) : '';
$notify = x($_POST, 'notify') ? intval($_POST['notify']) : 0;
if (!$resource) {
notice(t('Item not found.') . EOL);
return;
}
$str_group_allow = perms2str($_REQUEST['group_allow']);
$str_contact_allow = perms2str($_REQUEST['contact_allow']);
$str_group_deny = perms2str($_REQUEST['group_deny']);
$str_contact_deny = perms2str($_REQUEST['contact_deny']);
$channel = $a->get_channel();
$cloudPath = get_parent_cloudpath($channel_id, $channel['channel_address'], $resource);
//get the object before permissions change so we can catch eventual former allowed members
$object = get_file_activity_object($channel_id, $resource, $cloudPath);
attach_change_permissions($channel_id, $resource, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny, $recurse);
file_activity($channel_id, $object, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny, 'post', $notify);
goaway($cloudPath);
}
/**
*
* @param object &$a
*/
function filestorage_post(&$a)
{
$channel_id = x($_POST, 'uid') ? intval($_POST['uid']) : 0;
if (!$channel_id || !local_channel() || $channel_id != local_channel()) {
notice(t('Permission denied.') . EOL);
return;
}
$recurse = x($_POST, 'recurse') ? intval($_POST['recurse']) : 0;
$resource = x($_POST, 'filehash') ? notags($_POST['filehash']) : '';
$notify = x($_POST, 'notify') ? intval($_POST['notify']) : 0;
if (!$resource) {
notice(t('Item not found.') . EOL);
return;
}
$channel = $a->get_channel();
$acl = new AccessList($channel);
$acl->set_from_array($_REQUEST);
$x = $acl->get();
$cloudPath = get_parent_cloudpath($channel_id, $channel['channel_address'], $resource);
//get the object before permissions change so we can catch eventual former allowed members
$object = get_file_activity_object($channel_id, $resource, $cloudPath);
attach_change_permissions($channel_id, $resource, $x['allow_cid'], $x['allow_gid'], $x['deny_cid'], $x['deny_gid'], $recurse);
file_activity($channel_id, $object, $x['allow_cid'], $x['allow_gid'], $x['deny_cid'], $x['deny_gid'], 'post', $notify);
goaway($cloudPath);
}
/**
* @brief Delete a file/directory from a channel.
*
* If the provided resource hash is from a directory it will delete everything
* recursively under this directory.
*
* @param int $channel_id
* The id of the channel
* @param string $resource
* The hash to delete
* @return void
*/
function attach_delete($channel_id, $resource, $is_photo = 0)
{
$c = q("SELECT channel_address FROM channel WHERE channel_id = %d LIMIT 1", intval($channel_id));
$channel_address = $c ? $c[0]['channel_address'] : 'notfound';
$photo_sql = $is_photo ? " and is_photo = 1 " : '';
$r = q("SELECT hash, flags, is_dir, is_photo, folder FROM attach WHERE hash = '%s' AND uid = %d {$photo_sql} limit 1", dbesc($resource), intval($channel_id));
if (!$r) {
return;
}
$cloudpath = get_parent_cloudpath($channel_id, $channel_address, $resource);
$object = get_file_activity_object($channel_id, $resource, $cloudpath);
// If resource is a directory delete everything in the directory recursive
if (intval($r[0]['is_dir'])) {
$x = q("SELECT hash, os_storage, is_dir, flags FROM attach WHERE folder = '%s' AND uid = %d", dbesc($resource), intval($channel_id));
if ($x) {
foreach ($x as $xx) {
attach_delete($channel_id, $xx['hash']);
}
}
}
// delete a file from filesystem
if (intval($r[0]['os_storage'])) {
$y = q("SELECT data FROM attach WHERE hash = '%s' AND uid = %d LIMIT 1", dbesc($resource), intval($channel_id));
if ($y) {
$f = 'store/' . $channel_address . '/' . $y[0]['data'];
if (is_dir($y[0]['data'])) {
@rmdir($y[0]['data']);
} elseif (file_exists($f)) {
unlink($f);
}
}
}
// delete from database
$z = q("DELETE FROM attach WHERE hash = '%s' AND uid = %d", dbesc($resource), intval($channel_id));
if ($r[0]['is_photo']) {
$x = q("select id, item_hidden from item where resource_id = '%s' and resource_type = 'photo' and uid = %d", dbesc($resource), intval($channel_id));
if ($x) {
drop_item($x[0]['id'], false, $x[0]['item_hidden'] ? DROPITEM_NORMAL : DROPITEM_PHASE1, true);
q("DELETE FROM photo WHERE uid = %d AND resource_id = '%s'", intval($channel_id), dbesc($resource));
}
}
// update the parent folder's lastmodified timestamp
$e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d", dbesc(datetime_convert()), dbesc($r[0]['folder']), intval($channel_id));
file_activity($channel_id, $object, $object['allow_cid'], $object['allow_gid'], $object['deny_cid'], $object['deny_gid'], 'update', $notify = 0);
}
/**
* @brief Delete a file/directory from a channel.
*
* If the provided resource hash is from a directory it will delete everything
* recursively under this directory.
*
* @param int $channel_id
* The id of the channel
* @param string $resource
* The hash to delete
* @return void
*/
function attach_delete($channel_id, $resource)
{
$c = q("SELECT channel_address FROM channel WHERE channel_id = %d LIMIT 1", intval($channel_id));
$channel_address = $c ? $c[0]['channel_address'] : 'notfound';
$r = q("SELECT hash, flags, folder FROM attach WHERE hash = '%s' AND uid = %d limit 1", dbesc($resource), intval($channel_id));
if (!$r) {
return;
}
$cloudpath = get_parent_cloudpath($channel_id, $channel_address, $resource);
$object = get_file_activity_object($channel_id, $resource, $cloudpath);
// If resource is a directory delete everything in the directory recursive
if ($r[0]['flags'] & ATTACH_FLAG_DIR) {
$x = q("SELECT hash, flags FROM attach WHERE folder = '%s' AND uid = %d", dbesc($resource), intval($channel_id));
if ($x) {
foreach ($x as $xx) {
attach_delete($channel_id, $xx['hash']);
}
}
}
// delete a file from filesystem
if ($r[0]['flags'] & ATTACH_FLAG_OS) {
$y = q("SELECT data FROM attach WHERE hash = '%s' AND uid = %d LIMIT 1", dbesc($resource), intval($channel_id));
if ($y) {
$f = 'store/' . $channel_address . '/' . $y[0]['data'];
if (is_dir($f)) {
@rmdir($f);
} elseif (file_exists($f)) {
unlink($f);
}
}
}
// delete from database
$z = q("DELETE FROM attach WHERE hash = '%s' AND uid = %d", dbesc($resource), intval($channel_id));
// update the parent folder's lastmodified timestamp
$e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d", dbesc(datetime_convert()), dbesc($r[0]['folder']), intval($channel_id));
file_activity($channel_id, $object, $object['allow_cid'], $object['allow_gid'], $object['deny_cid'], $object['deny_gid'], 'update', $no_activity = false);
}
