if (!fwrite($output_handle, $buffer)) {
Safe::header('500 Internal Server Error');
Logger::error('Impossible to write to local file');
break;
}
}
fclose($output_handle);
// also update the database
$item['file_size'] = $new_size;
$item['edit_name'] = $user['nick_name'];
$item['edit_id'] = $user['id'];
$item['edit_address'] = $user['email'];
if (!($item['id'] = Files::post($item, 'A'))) {
Safe::header('500 Internal Server Error');
} else {
Files::clear($item);
Safe::header('200 OK');
}
}
// clear assignment information, if any
} elseif ($action == 'release' && ($anchor->is_assigned() || isset($item['assign_id']) && Surfer::is($item['assign_id']))) {
// change page title
$context['page_title'] = sprintf(i18n::s('%s: %s'), i18n::s('Release reservation'), $context['page_title']);
// clear assignment information
if (Files::assign($item['id'], NULL)) {
// inform surfer
$context['text'] .= '<p>' . i18n::s('You have released this file, and other surfers can reserve it for revision.') . '</p>';
// help the surfer
} else {
Logger::error(i18n::s('Operation has failed.'));
}
/**
* transcode some references
*
* @param array of pairs of strings to be used in preg_replace()
*
* @see images/images.php
*/
function transcode($transcoded)
{
global $context;
// no item bound
if (!isset($this->item['id'])) {
return;
}
// prepare preg_replace()
$from = array();
$to = array();
foreach ($transcoded as $pair) {
$from[] = $pair[0];
$to[] = $pair[1];
}
// transcode various fields
$this->item['description'] = preg_replace($from, $to, $this->item['description']);
// update the database
$query = "UPDATE " . SQL::table_name('files') . " SET " . " description = '" . SQL::escape($this->item['description']) . "'" . " WHERE id = " . SQL::escape($this->item['id']);
SQL::query($query);
// always clear the cache, even on no update
Files::clear($this->item);
}
// follow-up commands -- do not use #_attachments, because of thread layout, etc.
$menu = array();
if (is_object($anchor)) {
$menu = array_merge($menu, array($anchor->get_url('files') => i18n::s('Back to main page')));
}
if (is_object($anchor) && Surfer::may_upload()) {
$menu = array_merge($menu, array('files/edit.php?anchor=' . $anchor->get_reference() => i18n::s('Upload another file')));
}
$follow_up .= Skin::build_list($menu, 'menu_bar');
$context['text'] .= Skin::build_block($follow_up, 'bottom');
// forward to the updated page
} else {
// touch the related anchor
$anchor->touch('file:update', $_REQUEST['id'], isset($_REQUEST['silent']) && $_REQUEST['silent'] == 'Y');
// clear cache
Files::clear($_REQUEST);
// increment the post counter of the surfer
Users::increment_posts(Surfer::get_id());
// record surfer activity
Activities::post('file:' . $_REQUEST['id'], 'upload');
if ($render_overlaid) {
echo 'post done';
die;
}
// forward to the anchor page
Safe::redirect($anchor->get_url('files'));
}
// display the form on GET
} else {
$with_form = TRUE;
}
/**
* change only some attributes
*
* @param array an array of fields
* @return TRUE on success, or FALSE on error
**/
public static function put_attributes(&$fields)
{
global $context;
// id cannot be empty
if (!isset($fields['id']) || !is_numeric($fields['id'])) {
Logger::error(i18n::s('No item has the provided id.'));
return FALSE;
}
// set default values for this editor
Surfer::check_default_editor($fields);
// quey components
$query = array();
// change access rights
if (isset($fields['active_set'])) {
// anchor cannot be empty
if (!isset($fields['anchor']) || !$fields['anchor'] || !($anchor = Anchors::get($fields['anchor']))) {
Logger::error(i18n::s('No anchor has been found.'));
return FALSE;
}
// determine the actual right
$fields['active'] = $anchor->ceil_rights($fields['active_set']);
// remember these in this record
$query[] = "active='" . SQL::escape($fields['active']) . "'";
$query[] = "active_set='" . SQL::escape($fields['active_set']) . "'";
// cascade anchor access rights
Anchors::cascade('file:' . $fields['id'], $fields['active']);
}
// anchor this page to another place
if (isset($fields['anchor'])) {
$query[] = "anchor='" . SQL::escape($fields['anchor']) . "'";
$query[] = "anchor_type=SUBSTRING_INDEX('" . SQL::escape($fields['anchor']) . "', ':', 1)";
$query[] = "anchor_id=SUBSTRING_INDEX('" . SQL::escape($fields['anchor']) . "', ':', -1)";
}
// other fields that can be modified individually
if (isset($fields['behaviors'])) {
$query[] = "behaviors='" . SQL::escape($fields['behaviors']) . "'";
}
if (isset($fields['description'])) {
$query[] = "description='" . SQL::escape($fields['description']) . "'";
}
if (isset($fields['icon_url'])) {
$query[] = "icon_url='" . SQL::escape(preg_replace('/[^\\w\\/\\.,:%&\\?=-]+/', '_', $fields['icon_url'])) . "'";
}
if (isset($fields['overlay'])) {
$query[] = "overlay='" . SQL::escape($fields['overlay']) . "'";
}
if (isset($fields['overlay_id'])) {
$query[] = "overlay_id='" . SQL::escape($fields['overlay_id']) . "'";
}
if (isset($fields['rank'])) {
$query[] = "rank='" . SQL::escape($fields['rank']) . "'";
}
if (isset($fields['source'])) {
$query[] = "source='" . SQL::escape($fields['source']) . "'";
}
if (isset($fields['thumbnail_url'])) {
$query[] = "thumbnail_url='" . SQL::escape(preg_replace('/[^\\w\\/\\.,:%&\\?=-]+/', '_', $fields['thumbnail_url'])) . "'";
}
if (isset($fields['keywords'])) {
$query[] = "keywords='" . SQL::escape($fields['keywords']) . "'";
}
if (isset($fields['title'])) {
$fields['title'] = strip_tags($fields['title'], '<br>');
$query[] = "title='" . SQL::escape($fields['title']) . "'";
}
// nothing to update
if (!count($query)) {
return TRUE;
}
// maybe a silent update
if (!isset($fields['silent']) || $fields['silent'] != 'Y') {
$query[] = "edit_name='" . SQL::escape($fields['edit_name']) . "'";
$query[] = "edit_id=" . SQL::escape($fields['edit_id']);
$query[] = "edit_address='" . SQL::escape($fields['edit_address']) . "'";
$query[] = "edit_action='article:update'";
$query[] = "edit_date='" . SQL::escape($fields['edit_date']) . "'";
}
// actual update query
$query = "UPDATE " . SQL::table_name('files') . " SET " . implode(', ', $query) . " WHERE id = " . SQL::escape($fields['id']);
if (!SQL::query($query)) {
return FALSE;
}
// clear the cache
Files::clear($fields);
// end of job
return TRUE;
}
