/**
* Add a file to the submission queue
*
* Most of the code in this function has been lifted from the File Management
* plugin's submit.php
*
*/
function submit_file($submitter, $filename, $title, $desc, $version, $homepage, $cid = 0)
{
global $_CONF, $_USER, $_FM_TABLES, $_FMDOWNLOAD, $filemgmt_FileStore;
$myts = new MyTextSanitizer();
// MyTextSanitizer object
$name = basename($filename);
$url = rawurlencode($name);
$name = $myts->makeTboxData4Save($name);
$url = $myts->makeTboxData4Save($url);
if (DB_count($_FM_TABLES['filemgmt_filedetail'], 'url', $name) > 0) {
COM_errorLog("FM submit_file: file '" . $name . "' already exists in DB");
return false;
}
$title = $myts->makeTboxData4Save($title);
$homepage = $myts->makeTboxData4Save($homepage);
$version = $myts->makeTboxData4Save($version);
$size = sprintf('%u', filesize($filename));
$description = $myts->makeTareaData4Save($desc);
//$comments = ($_CONF['comment_code'] == 0) ? 1 : 0;
$comments = 0;
// prefer no comments on Geeklog tarballs
$date = time();
$tmpfilename = randomfilename();
$uploadfilename = basename($filename);
$pos = strrpos($uploadfilename, '.') + 1;
$fileExtension = strtolower(substr($uploadfilename, $pos));
if (array_key_exists($fileExtension, $_FMDOWNLOAD)) {
if ($_FMDOWNLOAD[$fileExtension] == 'reject') {
COM_errorLog("FM submit_file: file extension '" . $fileExtension . "' not allowed.");
return false;
}
$fileExtension = $_FMDOWNLOAD[$fileExtension];
$tmpfilename = $tmpfilename . '.' . $fileExtension;
$pos = strrpos($url, '.') + 1;
$url = strtolower(substr($url, 0, $pos)) . $fileExtension;
} else {
$tmpfilename = $tmpfilename . '.' . $fileExtension;
}
// would have preferred rename (i.e. move), but ran into file permission
// problems on www.geeklog.net ...
copy($filename, $filemgmt_FileStore . 'tmp/' . $tmpfilename);
$logourl = '';
DB_query("INSERT INTO {$_FM_TABLES['filemgmt_filedetail']} (cid, title, url, homepage, version, size, platform, logourl, submitter, status, date, hits, rating, votes, comments) VALUES ('{$cid}', '{$title}', '{$url}', '{$homepage}', '{$version}', '{$size}', '{$tmpfilename}', '{$logourl}', '{$submitter}', 0, '{$date}', 0, 0, 0, '{$comments}')");
$newid = DB_insertId();
DB_query("INSERT INTO {$_FM_TABLES['filemgmt_filedesc']} (lid, description) VALUES ({$newid}, '{$description}')");
return true;
}
$eh->show("1108");
}
if (!empty($_POST['cid'])) {
$cid = (int) COM_applyFilter($_POST['cid'], true);
} else {
$cid = 0;
$eh->show("1109");
}
$AddNewFile = false;
// Set true if fileupload was sucessfull
$name = $myts->makeTboxData4Save($name);
$title = $myts->makeTboxData4Save($_POST['title']);
$homepage = $myts->makeTboxData4Save($_POST['homepage']);
$version = $myts->makeTboxData4Save($_POST['version']);
$size = intval($_FILES['newfile']['size']);
$description = $myts->makeTareaData4Save($_POST['description']);
$comments = (int) COM_applyFilter($_POST['commentoption'], true);
$date = time();
$tmpfilename = randomfilename();
// Determine write group access to this category
$grp_writeaccess = DB_getItem($_TABLES['filemgmt_cat'], 'grp_writeaccess', "cid=" . (int) $cid);
if (SEC_inGroup($grp_writeaccess)) {
$directUploadAccess = true;
} else {
$directUploadAccess = false;
}
// Upload New file
if ($uploadfilename != '') {
$pos = strrpos($uploadfilename, '.') + 1;
$fileExtension = strtolower(substr($uploadfilename, $pos));
if (array_key_exists($fileExtension, $_FMDOWNLOAD)) {
