static function check_uploaded_file($files, $unused = null, $field = array())
{
$files = explode("|", $files);
$size = 0;
if (!empty($field["SIMPLE_FILE_SIZE"])) {
$size = str_replace(array("M", "K"), array("000000", "000"), $field["SIMPLE_FILE_SIZE"]);
}
$exts = explode(",", INVALID_EXTENSIONS);
foreach ($files as $file) {
if ($file == "") {
continue;
}
if (!file_exists($file)) {
return "{t}Error{/t}: {t}file not found.{/t}";
}
if ($size != 0 and filesize($file) > $size) {
return "{t}Error{/t}: {t}file is too big. Please upload a smaller one.{/t} (" . modify::basename($file) . " > " . $field["SIMPLE_FILE_SIZE"] . ")";
}
$ext = modify::getfileext($file);
if (in_array($ext, $exts)) {
return sprintf("{t}this file extension is not allowed{/t} (%s)", $ext);
}
}
return "";
}
static function build_history($type, $value, $data_old)
{
if ($value == "0" and in_array($type, array("folder", "date", "datetime", "time"))) {
return "";
}
switch ($type) {
case "folder":
$value = modify::getpathfull($value, false, "/") . " ([/" . $value . "])";
break;
case "password":
$value = "";
break;
case "date":
$value = sys_date("{t}m/d/Y{/t}", $value);
break;
case "datetime":
$value = sys_date("{t}m/d/Y g:i a{/t}", $value);
break;
case "time":
$value = sys_date("{t}g:i a{/t}", $value);
break;
case "dateselect":
$data = array();
foreach (explode("|", trim($value, "|")) as $date) {
$data[] = sys_date("{t}m/d/Y{/t}", $date);
}
$value = implode(", ", $data);
break;
case "files":
$new = explode("|", trim($value, "|"));
$old = explode("|", trim($data_old, "|"));
$value = array("");
foreach ($new as $file) {
if ($file != "" and !in_array($file, $old)) {
$value[] = "+ " . modify::basename($file);
}
}
foreach ($old as $file) {
if ($file != "" and !in_array($file, $new)) {
$value[] = "- " . modify::basename($file);
}
}
$value = rtrim(implode("\n ", $value));
break;
case "select":
$value = str_replace("|", ", ", trim($value, "|"));
break;
case "checkbox":
$value = $value ? "{t}yes{/t}" : "{t}no{/t}";
break;
case "textarea":
$value = self::build_diff($data_old, $value);
break;
default:
if (is_call_type($type)) {
$value = call_type($type, "build_history", $data_old, $value);
}
break;
}
return $value;
}
private static function _restore($filename)
{
ob_end_flush();
$filename = str_replace(" ", "+", $filename);
$filename = SIMPLE_STORE . "/backup/" . basename($filename);
if (!file_exists($filename)) {
return "{t}file not found.{/t} (" . $filename . ")";
}
if (filesize($filename) == 0) {
return "{t}No entries found.{/t} (" . $filename . ")";
}
self::_out("{t}Extracting files{/t}: " . $filename);
self::_out("");
if (self::$_restore_here) {
$ftitle = str_replace(array("__", "---", "--"), array("/", " ", " "), substr(modify::basename($filename), 0, -4));
$ftitle = substr($ftitle, strrpos($ftitle, "/") + 1);
$id = folders::create(substr($ftitle, 0, 40), "blank", "", $_SESSION["folder"], false);
self::$_restore_folder = $id;
self::_out("{t}Insert{/t}: simple_sys_tree: " . $ftitle . " [" . $id . "]");
}
$result = sys_exec(sys_find_bin("tar") . " -tf " . modify::realfilename($filename));
$file_list = explode("\n", $result);
if (count($file_list) == 0) {
return "";
}
$base_dir = SIMPLE_STORE . "/restore_" . NOW . "/";
sys_mkdir($base_dir);
$cmd = "cd " . modify::realfilename($base_dir) . " && " . sys_find_bin("tar") . " -xf " . modify::realfilename($filename);
if (DEBUG) {
self::_out("TAR: " . $cmd . "\n\n");
}
echo sys_exec($cmd);
$update_ids = array();
$update_folders = array();
$restore_maps = array();
$xml_file = array_shift($file_list);
self::_out("{t}Parsing{/t}: " . $xml_file);
$xml = simplexml_load_file($base_dir . $xml_file);
foreach ($xml->table as $data) {
$data = get_object_vars($data->assetfolder);
unset($data["@attributes"]);
$id = $data["id"];
if (!empty($data["anchor"])) {
$existing = db_select_first("simple_sys_tree", array("id", "'' as lastmodified"), "anchor=@anchor@", "", array("anchor" => $data["anchor"]));
if (!empty($existing["id"])) {
unset($data["anchor"]);
}
} else {
$existing = db_select_first("simple_sys_tree", array("id", "lastmodified"), "id=@id@", "", array("id" => $id));
}
if (!isset($data["fdescription"])) {
$data["fdescription"] = "";
}
$ftype = $data["ftype"];
$keys = array("fsizecount", "fchsizecount", "fcount", "fchcount", "ffcount", "lft", "rgt", "flevel", "folder", "id", "ftype");
foreach ($keys as $key) {
unset($data[$key]);
}
if (isset($restore_maps[$data["parent"]])) {
$data["parent"] = $restore_maps[$data["parent"]];
}
if (empty($existing["id"]) or self::$_restore_here) {
$parent = db_select_value("simple_sys_tree", "id", "id=@id@", array("id" => $data["parent"]));
if (empty($parent) or count($restore_maps) == 0 and self::$_restore_here) {
$data["parent"] = self::$_restore_folder;
}
$id2 = folders::create($data["ftitle"], $ftype, $data["fdescription"], $data["parent"], false);
self::_out("{t}Insert{/t}: simple_sys_tree: " . $data["ftitle"] . " [ID " . $id . " -> parent/id: " . $data["parent"] . "/" . $id2 . "]");
$restore_maps[$id] = $id2;
$id = $id2;
} else {
$restore_maps[$id] = $existing["id"];
}
if (!self::$_restore_missing and (!self::$_restore_onlynewer or $data["lastmodified"] > $existing["lastmodified"])) {
self::_out("{t}Update{/t}: simple_sys_tree " . $id);
$error = db_update("simple_sys_tree", $data, array("id=@id@"), array("id" => $id));
if ($error) {
self::_out($error);
}
}
}
foreach ($xml->table as $table_item) {
if (!isset($table_item->asset) or count($table_item->asset) == 0) {
continue;
}
foreach ($table_item->asset as $asset) {
$table = $table_item["name"];
if ($table == "simple_sys_tree") {
continue;
}
$data = get_object_vars($asset);
unset($data["@attributes"]);
foreach ($data as $dkey => $val) {
$obj = $asset->{$dkey};
if (!isset($obj["is_file"]) or $val == "") {
continue;
}
$file_arr[$key] = "";
$file_arr = explode("|", trim($val, "|"));
foreach ($file_arr as $key => $value) {
foreach ($file_list as $file) {
if (basename($file) != basename($value)) {
continue;
}
$value = $base_dir . $file;
break;
}
$file_arr[$key] = $value;
}
$data[$dkey] = "|" . implode("|", $file_arr) . "|";
}
$id = $data["id"];
$existing = db_select_first($table, array("id", "lastmodified"), "id=@id@", "", array("id" => $id));
$folder = $data["folder"];
if (isset($restore_maps[$folder])) {
$data["folder"] = $restore_maps[$folder];
}
if (empty($existing["id"]) or self::$_restore_here) {
if (self::$_restore_missing) {
$data["id"] = $id;
} else {
$data["id"] = sql_genID($table) * 100;
}
self::_out("{t}Insert{/t}: " . $table . ": " . $data["id"]);
$error = db_insert($table, $data);
if ($error) {
self::_out($error);
}
$update_folders[$data["folder"]] = $table;
$update_ids[$data["folder"]][] = $data["id"];
} else {
if (!self::$_restore_missing) {
if (!self::$_restore_onlynewer or $data["lastmodified"] > $existing["lastmodified"]) {
self::_out("{t}Update{/t}: " . $table . " " . $id);
$error = db_update($table, $data, array("id=@id@"), array("id" => $id));
if ($error) {
self::_out($error);
}
$update_folders[$data["folder"]] = $table;
$update_ids[$data["folder"]][] = $id;
}
}
}
}
}
if (count($update_folders) > 0) {
foreach ($update_folders as $folder => $table) {
if (strpos($table, "nodb_")) {
continue;
}
db_update_treesize($table, $folder);
$ftype = str_replace("simple_", "", $table);
$schema = db_get_schema(sys_find_module($ftype));
if (empty($schema["views"]["display"])) {
continue;
}
if (!empty($schema["att"]["SQL_HANDLER"]) or !empty($schema["att"]["NO_SEARCH_INDEX"])) {
continue;
}
self::_out("... ");
$fields = $schema["fields"];
if (folder_in_trash($folder)) {
continue;
}
foreach ($update_ids[$folder] as $id) {
self::_out("{t}Rebuild search index{/t}: " . $table . " [" . $id . "]");
db_search_update($table, $id, $fields);
}
}
}
self::_out("");
$message = "{t}Restore complete{/t}: " . str_replace(array("__", "---", "--"), array("/", "] [", " ["), substr(modify::basename($filename), 0, -4)) . "]";
sys_log_message_log("info", $message);
self::_out($message);
return "";
}
function output()
{
if ($this->pagename == "rss") {
$this->_output_rss();
}
if ($this->pagename == "sitemap") {
$this->_output_sitemap();
}
$this->template->cms = $this;
$this->template->page = $this->page;
$template = sys_custom("templates/cms/" . basename($this->page["template"]));
if (!file_exists($template)) {
$template = sys_custom("templates/cms/pmwiki.php");
}
$output = $this->template->render($template);
echo $output;
if (self::$cache_file != "" and $output != "" and $this->page["staticcache"] == "1" and sys_is_guest($_SESSION["username"]) and strpos($this->page["rread_users"], "|anonymous|") !== false) {
sys_mkdir(dirname(self::$cache_file));
file_put_contents(self::$cache_file, $output, LOCK_EX);
if ($this->page["attachment"] == "") {
return;
}
$files = explode("|", trim($this->page["attachment"], "|"));
foreach ($files as $file) {
copy($file, dirname(self::$cache_file) . "/" . modify::basename($file));
}
}
}
static function update($path, $data, $where, $vars, $mfolder)
{
if (empty($vars["id"])) {
return "";
}
if (!empty($data["filedata"])) {
$source = $data["filedata"];
} else {
$source = $vars["id"];
}
if (!empty($vars["folder_source"])) {
return self::_move_file($vars["id"], $vars["folder_source"], $path, $mfolder);
}
$drop = array("filedata", "folder", "lastmodified", "handler", "mfolder", "dsize");
$meta = sys_build_meta_str($data, array_diff(array_keys($data), $drop));
$content = "<?xml version='1.0' encoding='UTF-8'?>" . "<entry xmlns='http://www.w3.org/2005/Atom' xmlns:docs='http://schemas.google.com/docs/2007'>" . "<category scheme='http://schemas.google.com/g/2005#kind' term='http://schemas.google.com/docs/2007#document'/>" . "<title>" . q(modify::basename($source)) . "</title>" . "<docs:description>" . q($meta) . "</docs:description></entry>";
if (file_exists($source) and sys_strbegins($source, SIMPLE_CACHE . "/upload/")) {
$url = "https://docs.google.com/feeds/upload/create-session/default/private/full/" . $vars["id"] . "?convert=false";
$header = "X-Upload-Content-Type: application/octet-stream\r\n";
$context = self::_get_context_action($mfolder, "PUT", $content, $header);
$http_response_header = array();
$response = file_get_contents($url, false, $context);
preg_match("/Location: (.+)/m", implode("\n", $http_response_header), $match);
if (!strpos($http_response_header[0], "200") or empty($match[1])) {
return "{t}Error{/t} [update] " . implode("\n", $http_response_header) . "\n" . $response;
}
$header = "PUT " . $match[1] . " HTTP/1.0\r\n";
$header .= "Host: docs.google.com\r\n";
$header .= "Content-Length: " . filesize($source) . "\r\n\r\n";
$errorNumber = 0;
$errorString = "";
$fp = fsockopen("ssl://docs.google.com", "443", $errorNumber, $errorString, 5);
$fin = fopen($source, "rb");
if (is_resource($fp) and is_resource($fin)) {
fwrite($fp, $header);
while (!feof($fin)) {
fwrite($fp, fread($fin, 8192));
}
$resp = "";
while (!feof($fp)) {
$resp .= fread($fp, 8192);
}
fclose($fp);
fclose($fin);
if (!sys_strbegins($resp, "HTTP/1.0 200")) {
return "{t}Error{/t} [update2] " . $resp;
}
} else {
return "{t}Error{/t} [update3] " . $errorString . " " . $errorNumber;
}
} else {
$url = "https://docs.google.com/feeds/default/private/full/" . $vars["id"] . "?convert=false";
$context = self::_get_context_action($mfolder, "PUT", $content);
$http_response_header = array();
$response = file_get_contents($url, false, $context);
if (!strpos($http_response_header[0], "200")) {
return "{t}Error{/t} [update4] " . $http_response_header . "\n" . $response;
}
}
sys_cache_remove("gdocs_xml_" . md5(serialize(sys_credentials($mfolder)) . $path));
return "";
}
/**
* Upload a file to the temp directory (data comes from php://input)
*
* @param string $filename Filename
* @return array Array( tmp_path=>Path of the file, basename=>filename, filesize=>filesize)
*/
static function upload_file($filename)
{
if (empty($filename) or empty($_SESSION["username"])) {
exit("{t}Upload failed{/t}");
}
if (strpos($filename, "://")) {
$target = sgsml::getfile_url($filename);
} else {
$target = sgsml::getfile_upload($filename);
}
if ($target == "" or !file_exists($target)) {
exit("{t}Upload failed{/t}: {t}Failed to write file to disk.{/t}");
}
return array("tmp_path" => $target, "basename" => modify::basename($target), "filesize" => modify::filesize($target));
}
function db_search_update($table, $id, $fields, $field_arr = array())
{
if (strpos($table, "_nodb_")) {
return;
}
$row = db_select_first($table, "*", "id=@id@", "", array("id" => $id));
if (empty($row["id"])) {
return;
}
if ($table == "simple_sys_tree") {
$id = 0;
} else {
$id = $row["id"];
}
if ($table == "simple_sys_events") {
$folder = db_select_value("simple_sys_tree", "id", "ftype=@ftype@", array("ftype" => "sys_events"));
if (empty($folder)) {
return;
}
} else {
$folder = $row["folder"];
}
$rread_users = "|anonymous|";
$rread_groups = "";
$searchindex = "";
$searchindex_snd = "";
$searchcontent = "";
foreach ($row as $data_key => $data) {
if ($data_key == "rread_users") {
$rread_users = $data;
}
if ($data_key == "rread_groups") {
$rread_groups = $data;
}
if (count($field_arr) > 0 and isset($field_arr[$data_key])) {
$fields[$data_key] = array("SIMPLE_TYPE" => $field_arr[$data_key]);
}
if (isset($fields[$data_key]) and $data != "" and (!is_numeric($data) or $data != 0) and $data != "null") {
$field = $fields[$data_key];
if (isset($field["NOTINALL"]) or isset($field["NO_SEARCH_INDEX"])) {
continue;
}
$data = trim($data, "|");
$data2 = $data;
switch ($field["SIMPLE_TYPE"]) {
case "pid":
case "password":
$data = "";
$data2 = "";
break;
case "folder":
case "id":
$data2 = "";
break;
case "checkbox":
if ($data) {
$data = $data_key;
} else {
$data = "";
}
$data2 = $data;
break;
case "time":
$data = sys_date("{t}g:i a{/t}", $data);
$data2 = $data;
break;
case "date":
$data = sys_date("{t}m/d/Y{/t}", $data);
$data2 = $data;
break;
case "dateselect":
$data2 = "";
foreach (explode("|", $data) as $date) {
$data2 .= " " . sys_date("{t}m/d/Y g:i a{/t}", $date);
}
$data = $data2;
break;
case "datetime":
$data = sys_date("{t}m/d/Y g:i a{/t}", $data);
$data2 = $data;
break;
case "files":
$data2 = "";
foreach (explode("|", $data) as $file) {
$text = modify::displayfile($table, $file, true);
$data2 .= " " . strip_tags($text) . " " . modify::basename($file);
}
$data = $data2;
break;
case "select":
$data = str_replace("|", " ", $data);
$data2 = $data;
break;
case "multitext":
$data = str_replace(",", " ", $data);
$data2 = $data;
break;
}
if ($data != "") {
$searchindex .= " " . preg_replace("/[ ]+/i", " ", modify::searchindex(trim($data)));
}
if ($data2 != "") {
$searchcontent .= " " . trim(preg_replace("/[ ]+/i", " ", $data2));
}
}
}
$searchcontent = trim($searchcontent);
$searchindex = trim($searchindex);
if (strlen($searchindex) > INDEX_LIMIT) {
$pos = strpos($searchindex, " ", INDEX_LIMIT);
if ($pos > 0) {
$searchindex = substr($searchindex, 0, $pos);
}
}
$search_arr = array_unique(explode(" ", $searchindex));
foreach ($search_arr as $key => $value) {
$val = soundex($value);
if ($val != "0000") {
$search_arr[$key] = $val;
} else {
unset($search_arr[$key]);
}
}
$searchindex_snd = implode(" ", $search_arr);
if (strlen($searchindex_snd) > 8192) {
$pos = strpos($searchindex_snd, " ", 8192);
if ($pos > 0) {
$searchindex_snd = substr($searchindex_snd, 0, $pos);
}
}
$data = array("sindex" => $searchindex, "sindex_snd" => $searchindex_snd, "searchcontent" => $searchcontent, "lastmodifiedby" => !empty($row["lastmodifiedby"]) ? $row["lastmodifiedby"] : "anonymous", "lastmodified" => !empty($row["lastmodified"]) ? $row["lastmodified"] : 0, "rread_users" => $rread_users, "rread_groups" => $rread_groups);
$count = db_count("simple_sys_search", array("id=@id@", "folder=@folder@"), array("id" => $id, "folder" => $folder));
if ($count > 0) {
db_update("simple_sys_search", $data, array("id=@id@", "folder=@folder@"), array("id" => $id, "folder" => $folder));
} else {
$data = array_merge($data, array("id" => $id, "folder" => $folder, "history" => ""));
db_insert("simple_sys_search", $data);
}
}
} else {
$field = ltrim($_REQUEST["field"], "_");
}
if (empty($_REQUEST["folder"]) and !empty($_REQUEST["folder2"])) {
$_REQUEST["folder"] = $_REQUEST["folder2"];
}
if (empty($_REQUEST["view"]) and !empty($_REQUEST["view2"])) {
$_REQUEST["view"] = $_REQUEST["view2"];
}
if (empty($_REQUEST["folder"])) {
header("Content-Length: 0");
exit;
}
$folder = folder_from_path($_REQUEST["folder"]);
$row_filename = ajax::file_download($folder, @$_REQUEST["view"], @$_REQUEST["item"], $field, @$_REQUEST["subitem"], false);
$filename = modify::basename($row_filename);
$ext = substr(modify::getfileext($filename), 0, 3);
if (in_array($ext, $bad_extensions)) {
sys_error(trans("{t}Access to this file has been denied.{/t} ({t}this file extension is not allowed{/t})"), "403 Forbidden");
}
if ($dispo == "inline" and !in_array($ext, $inline_extensions)) {
$dispo = "attachment";
}
$modified = filemtime($row_filename);
$etag = '"' . md5($row_filename . $modified) . '"';
header("Last-Modified: " . gmdate("D, d M Y H:i:s", $modified) . " GMT");
header("ETag: {$etag}");
if (!empty($_SERVER["HTTP_IF_NONE_MATCH"]) and $etag == stripslashes($_SERVER["HTTP_IF_NONE_MATCH"]) and !DEBUG) {
header("HTTP/1.0 304 Not Modified");
exit;
}
static function insert($path, $data, $mfolder)
{
if (sys_allowedpath($path) != "" or !is_dir($path)) {
return "";
}
$sources = explode("|", trim($data["filedata"], "|"));
foreach ($sources as $source) {
$target = $path . modify::basename($source);
if (is_dir($source) or !file_exists($source)) {
continue;
}
if (file_exists($target)) {
return "{t}Access denied.{/t}";
}
if ($source != $target and !rename($source, $target)) {
return "{t}Access denied.{/t}";
}
self::_set_meta($data, $target);
}
return "";
}
sys_error("Missing parameters.", "403 Forbidden");
}
$folder = $_REQUEST["folder"];
sys_check_auth();
import::header();
if (isset($_FILES["file"]) and is_array($_FILES["file"])) {
$files = import::process_files();
if (!empty($files)) {
if (!sys_validate_token()) {
sys_die(t("{t}Invalid security token{/t}"));
}
$folder = folder_from_path($folder);
$validate_only = isset($_REQUEST["validate_only"]);
foreach ($files as $file) {
$message = $validate_only ? t("{t}Validating %s ...{/t}") : t("{t}Processing %s ...{/t}");
setup::out(sprintf("<b>" . $message . "</b>", q(modify::basename($file))));
ajax::file_import($folder, $file, array("setup", "out"), $validate_only);
setup::out("<hr>");
}
}
}
$sgsml = new sgsml($folder, "new");
$view = $sgsml->view;
$required_fields = array();
foreach ($sgsml->current_fields as $name => $field) {
if (empty($field["REQUIRED"])) {
continue;
}
$required_fields[$name] = !empty($field["DISPLAYNAME"]) ? $field["DISPLAYNAME"] : $name;
}
import::form($folder, $required_fields);
private static function _paste_item_copyfile($file, $id, $tname)
{
list($target, $filename) = sys_build_filename(modify::basename($file), $tname);
dirs_checkdir($target);
$target .= sys_get_pathnum($id) . "/";
dirs_checkdir($target);
$target .= $id . $filename;
copy($file, $target);
return $target;
}
private function _save(array &$data, $id = -1)
{
$insert = ($id > 0 or !is_numeric($id)) ? false : true;
if (count($data) == 0) {
return array();
}
if (!empty($this->att["DEFAULT_SQL"]) and $this->att["DEFAULT_SQL"] == "no_select") {
return self::_error("{t}Module{/t}", "{t}Access denied.{/t}");
}
if (!empty($data["folder"])) {
// check permissions
if (!db_get_right($data["folder"], "write", $this->view)) {
return self::_error("{t}Folder{/t}", "{t}Access denied.{/t}", "folder");
}
$this->folder = $data["folder"];
} else {
$data["folder"] = $this->folder;
}
// fill data array
list($rdata, $data_row, $error) = $this->_complete_data($data, $id);
if ($error) {
return $error;
}
// validate
if ($result = $this->_validate($rdata, $id)) {
return $result;
}
if ($insert) {
$id = sql_genID($this->tname) * 100;
$sql_data = array("id" => $id, "dsize" => 0, "history" => sprintf("{t}Item created by %s at %s{/t}\n", $_SESSION["username"], sys_date("{t}m/d/y g:i:s a{/t}")));
} else {
$sql_data = array("dsize" => 0, "history" => sprintf("{t}Item edited (%s) by %s at %s{/t}\n", "@fields@", $_SESSION["username"], sys_date("{t}m/d/y g:i:s a{/t}")));
}
// count sizes, move files to store, delete old files
foreach ($this->current_fields as $field_name => $field) {
if ($field["SIMPLE_TYPE"] == "id") {
continue;
}
if ($field["SIMPLE_TYPE"] == "files" and !empty($rdata[$field_name])) {
foreach ($rdata[$field_name] as $val) {
if (file_exists($val)) {
$sql_data["dsize"] += filesize($val);
}
}
// TODO 2 store handler?
if (!empty($data_row[$field_name])) {
$data_old = explode("|", trim($data_row[$field_name], "|"));
foreach ($data_old as $filekey => $file) {
if (in_array($file, $rdata[$field_name])) {
continue;
}
if (ARCHIVE_DELETED_FILES and file_exists($file)) {
$i = 1;
$m = "";
$trash_name = SIMPLE_STORE . "/trash/" . $this->folder . "_" . $id . "_";
$trash_file = modify::basename($file);
while (file_exists($trash_name . $m . $trash_file)) {
$m = $i++ . "_";
}
rename($file, $trash_name . $m . $trash_file);
touch($trash_name . $m . $trash_file);
} else {
@unlink($file);
}
}
}
foreach ($rdata[$field_name] as $filekey => $file) {
if ($file == "") {
unset($rdata[$field_name][$filekey]);
$data[$field_name] = implode("|", $rdata[$field_name]);
continue;
}
if (file_exists(SIMPLE_CACHE . "/upload/" . basename($file))) {
$filebase = modify::basename(basename($file));
list($target, $filename) = sys_build_filename($filebase, $this->tname);
dirs_checkdir($target);
$target .= sys_get_pathnum($id) . "/";
dirs_checkdir($target);
$target .= md5($id) . $filename;
rename(SIMPLE_CACHE . "/upload/" . basename($file), $target);
$rdata[$field_name][$filekey] = $target;
$data[$field_name] = implode("|", $rdata[$field_name]);
}
}
$basenames = array();
foreach (array_reverse($rdata[$field_name]) as $filekey => $file) {
$basename = modify::basename($file);
if (isset($basenames[$basename])) {
$old_filekey = $basenames[$basename];
$basename = preg_replace("|_rev\\d+|", "", $basename);
$base = $basename;
$i = 1;
while (isset($basenames[$basename])) {
if ($pos = strrpos($base, ".")) {
$basename = substr($base, 0, $pos) . "_rev" . $i++ . substr($base, $pos);
} else {
$basename = $base . "_rev" . $i++;
}
}
$target = str_replace(modify::basename($file), $basename, $file);
if (rename($file, $target)) {
// swap
$rdata[$field_name][$filekey] = $rdata[$field_name][$old_filekey];
$rdata[$field_name][$old_filekey] = $target;
$data[$field_name] = implode("|", $rdata[$field_name]);
}
}
$basenames[$basename] = $filekey;
}
}
if (!empty($field["STORE"]) and is_array($field["STORE"])) {
foreach ($field["STORE"] as $store) {
list($class, $function, $params) = sys_find_callback("modify", $store["FUNCTION"]);
$rdata[$field_name] = call_user_func(array($class, $function), $rdata[$field_name], $rdata, $params);
}
}
if (!isset($sql_data[$field_name]) and !is_null($rdata[$field_name])) {
$sql_data[$field_name] = $rdata[$field_name];
}
}
// transform
foreach ($sql_data as $key => $value) {
$sql_data[$key] = self::scalarize($value, $this->fields[$key]);
}
// reduce to new values
$sys_fields = array("history" => "", "dsize" => "", "seen" => "");
foreach ($sql_data as $data_key => $data_value) {
if (isset($sys_fields[$data_key])) {
continue;
}
$addfield = true;
$field = $this->fields[$data_key];
if (!isset($this->current_fields[$data_key])) {
$addfield = false;
}
if (isset($field["NOTINALL"])) {
$addfield = false;
}
if (isset($field["NOTIN"]) and in_array($this->view, $field["NOTIN"])) {
$addfield = false;
}
if (isset($field["READONLYIN"]) and (in_array($this->view, $field["READONLYIN"]) or in_array("all", $field["READONLYIN"]))) {
$addfield = false;
}
if (isset($field["ONLYIN"])) {
if (in_array($this->view, $field["ONLYIN"])) {
$addfield = true;
} else {
$addfield = false;
}
}
if (!$addfield) {
unset($sql_data[$data_key]);
}
}
// build history
$sql_data = $this->build_history($sql_data, $data_row);
if (!array_diff(array_keys($sql_data), array("history", "seen"))) {
$sql_data = array();
}
// save in db
if ($insert) {
$error_sql = db_insert($this->tname, $sql_data, array("handler" => $this->handler));
if ($error_sql != "") {
return self::_error("{t}SQL failed.{/t}", $error_sql);
}
if ($this->notification) {
sys_notification("{t}Item successfully created.{/t} (" . $id . ")");
}
} else {
if (count($sql_data) == 0) {
return $id;
}
$error_sql = db_update($this->tname, $sql_data, array("id=@id@"), array("id" => $id, "folder" => $this->folder), array("handler" => $this->handler));
if ($error_sql != "") {
return self::_error("{t}SQL failed.{/t}", $error_sql);
}
if ($this->notification) {
sys_notification("{t}Item successfully updated.{/t} (" . (is_numeric($id) ? $id : 1) . ")");
}
}
if (empty($this->handler)) {
db_update("simple_sys_tree", array("history" => "[" . $id . "/details] " . $sql_data["history"]), array("id=@id@"), array("id" => $this->folder));
db_update_treesize($this->tname, $this->folder);
if (!$insert and $this->folder != $data_row["folder"]) {
db_update("simple_sys_tree", array("history" => "[" . $id . "/details] " . $sql_data["history"]), array("id=@id@"), array("id" => $data_row["folder"]));
db_update_treesize($this->tname, $data_row["folder"]);
db_search_delete($this->tname, $id, $data_row["folder"]);
}
if (empty($this->att["NO_SEARCH_INDEX"])) {
db_search_update($this->tname, $id, $this->fields);
}
sys_log_stat($insert ? "new_records" : "changed_records", 1);
}
// call triggers
$trigger = "";
if ($insert and !empty($this->att["TRIGGER_NEW"])) {
$trigger = $this->att["TRIGGER_NEW"];
}
if (!$insert and !empty($this->att["TRIGGER_EDIT"])) {
$trigger = $this->att["TRIGGER_EDIT"];
}
if ($trigger and $result = asset_process_trigger($trigger, $id, $rdata, $this->tname)) {
return self::_error("{t}Trigger failed{/t}", $result);
}
// send notification
$tree_notification = db_select_value("simple_sys_tree", "notification", "id=@id@", array("id" => $this->folder));
if ($tree_notification != "") {
$rdata["notification"] .= "," . $tree_notification;
}
if (!$insert and $this->folder != $data_row["folder"]) {
$tree_notification = db_select_value("simple_sys_tree", "notification", "id=@id@", array("id" => $data_row["folder"]));
if ($tree_notification != "") {
$rdata["notification"] .= "," . $tree_notification;
}
}
if (!empty($rdata["notification"])) {
$rdata["notification"] = trim($rdata["notification"], ",");
$smtp_data = asset::build_notification($this->att["NAME"], $this->current_fields, $rdata, $sql_data, $id, $data_row);
if ($result = asset_process_trigger("sendmail", $id, $smtp_data)) {
return self::_error("{t}Trigger failed{/t}", $result);
}
}
// update stats
if (!empty($this->handler)) {
foreach ($sql_data as $data_key => $data_value) {
$field = $this->fields[$data_key];
if ($field["SIMPLE_TYPE"] != "files") {
continue;
}
foreach (explode("|", $data_value) as $file) {
if (sys_strbegins($file, SIMPLE_CACHE . "/upload/")) {
@unlink($file);
}
}
}
}
return $id;
}
static function select($path, $fields, $where, $order, $limit, $vars, $mfolder)
{
$path = SIMPLE_STORE . "/backup/";
if (sys_allowedpath($path) != "") {
return array();
}
$file_array = array();
if (!($handle = @opendir($path))) {
return array();
}
while (false !== ($file = readdir($handle))) {
if ($file == '.' or $file == '..' or is_dir($path . $file)) {
continue;
}
if (modify::getfileext($file) != "tar") {
continue;
}
$file_array[] = $file;
}
closedir($handle);
$rows = array();
foreach ($file_array as $filename) {
$data = stat($path . $filename);
$row = array();
foreach ($fields as $field) {
switch ($field) {
case "filedata":
case "id":
$row[$field] = $path . $filename;
break;
case "folder":
$row[$field] = $vars["folder"];
break;
case "category":
$row[$field] = str_replace(array("__"), array("/"), substr(modify::basename($filename), 0, strpos(modify::basename($filename), "--")));
break;
case "filename":
$row[$field] = basename(str_replace(array("__"), array("/"), modify::basename($filename)));
$row[$field] = substr($row[$field], 0, strpos($row[$field], "--"));
if ($row[$field] == "") {
$row[$field] = $filename;
}
break;
case "searchcontent":
$row[$field] = $filename;
break;
case "createdby":
case "lastmodifiedby":
$row[$field] = "";
break;
case "created":
$row[$field] = $data["ctime"];
break;
case "lastmodified":
$row[$field] = $data["mtime"];
break;
case "filesize":
$row[$field] = $data["size"];
break;
default:
$row[$field] = "";
break;
}
}
if (sys_select_where($row, $where, $vars)) {
$rows[] = $row;
}
}
$rows = sys_select($rows, $order, $limit, $fields);
return $rows;
}
function _upload_append_file($row, $field, $target, $newfilename)
{
$t = $GLOBALS["t"];
if (!file_exists($target) and $fp = fopen("php://input", "r") and $ft = fopen($target, "wb")) {
while (!feof($fp)) {
fwrite($ft, fread($fp, 8192));
}
fclose($fp);
fclose($ft);
}
if (!file_exists($target)) {
return false;
}
if ($row[$field] != "") {
$files = explode("|", trim($row[$field], "|"));
} else {
$files = array();
}
$files[] = $newfilename;
$size = filesize($newfilename) + $row["dsize"];
$history = t("{t}Item edited (%s) by %s at %s{/t}", $field, $_SESSION["username"], sys_date("{t}m/d/y g:i:s a{/t}")) . "\n" . t("{t}File{/t}") . ": + " . modify::basename($newfilename) . "\n\n";
$error_sql = db_update($GLOBALS["tname"], array($field => "|" . implode("|", $files) . "|", "dsize" => $size, "history" => $history), $t["sqlwhere"], $t["sqlvars"], array("sqlvarsnoquote" => $t["sqlvarsnoquote"]));
if ($error_sql == "") {
db_update_treesize($GLOBALS["tname"], $row["folder"]);
db_search_update($GLOBALS["tname"], $t["sqlvars"]["item"], $GLOBALS["table"]["fields"]);
_upload_success("204 No Content");
}
return false;
}
static function preview_bin($filename, $ext)
{
if (!function_exists("proc_open")) {
return "ERROR {t}Cannot call 'proc_open'. Please remove 'proc_open' from 'disable_functions' in php.ini and disable 'safe_mode'.{/t}";
}
$result = "";
switch ($ext) {
case "zip":
$src = self::realfilename($filename);
$result = sys_exec(sys_find_bin("unzip") . " -l -V " . $src);
$result = substr($result, strpos($result, "\n") + 1);
break;
case "tar":
$src = self::realfilename($filename);
$result = sys_exec(sys_find_bin("tar") . " -tf " . $src);
break;
case "gz":
case "tgz":
if (!strpos(strtolower($filename), ".tar.gz") and !strpos(strtolower($filename), ".tgz")) {
break;
}
$src = self::realfilename($filename);
$cmd = sys_find_bin("gzip") . " -cd " . $src . " | " . sys_find_bin("tar") . " -t";
if (strpos(PHP_OS, "WIN") !== false) {
$cmd = str_replace("/", "\\", $cmd);
}
$result = sys_exec($cmd);
break;
case "ppt":
$tmp = SIMPLE_CACHE . "/debug/sys_exec_" . md5($_SESSION["username"] . NOW) . ".ppt";
copy($filename, $tmp);
$result = sys_exec(sys_find_bin("ppthtml") . " " . self::realfilename($tmp));
unlink($tmp);
if ($pos = strpos($result, "<BODY")) {
$result = substr($result, $pos);
}
$result = utf8_decode(strip_tags($result));
break;
case "doc":
$src = self::realfilename($filename);
$result = sys_exec(sys_find_bin("catdoc") . " -d utf-8 " . $src);
break;
case "xls":
$src = self::realfilename($filename);
$result = sys_exec(sys_find_bin("xls2csv") . " -d utf-8 " . $src);
// $result = sys_exec(sys_find_bin("xlhtml")." -nh ".$src);
break;
case "docx":
case "xlsx":
case "pptx":
case "ods":
// oo-xls
// oo-xls
case "sxc":
case "odt":
// oo-doc
// oo-doc
case "sxw":
case "odp":
// oo-ppt
// oo-ppt
case "sxi":
if ($ext == "docx") {
$file = "word/document.xml";
$replace = array("</w:p>" => "\n");
} else {
if ($ext == "xlsx") {
$file = "xl/sharedStrings.xml";
$replace = array("</si>" => " ");
} else {
if ($ext == "pptx") {
$file = "ppt/slides/*.xml";
$replace = array("</a:p>" => "\n");
} else {
$file = "content.xml";
$replace = array("</text:p>" => "\n");
}
}
}
$src = self::realfilename($filename);
$result = sys_exec(sys_find_bin("unzip") . " -p " . $src . " " . $file);
$result = utf8_decode(strip_tags(str_replace(array_keys($replace), array_values($replace), $result)));
break;
case "url":
$match = array();
preg_match("/^URL=(.+)/m", file_get_contents($filename), $match);
if (!empty($match[1])) {
$result = "<a href='" . q(trim($match[1])) . "' target='_blank'>" . modify::basename(substr($filename, 0, -4)) . "</a>";
}
break;
case "pdf":
$src = self::realfilename($filename);
$result = sys_exec(sys_find_bin("pdfinfo") . " " . $src);
$result .= sys_exec(sys_find_bin("pdftotext") . " " . $src . " @file@");
break;
case "mp3":
$src = self::realfilename($filename);
$result = sys_exec(sys_find_bin("mp3info") . " -x " . $src);
$result = substr($result, strpos($result, "\n") + 1);
break;
case "jpg":
case "jpeg":
$src = self::realfilename($filename);
$result = sys_exec(sys_find_bin("exiv2") . " " . $src);
$result = str_replace("\r", "", $result) . "\n";
$result = preg_replace("!(^.*No Exif.*|File ?name.*|File ?size.*|MIME type.*|.*?:\\s*)\n!im", "", $result);
$gps = sys_exec(sys_find_bin("exiv2") . " -PEnv " . $src);
$match = array();
preg_match("!GPSLatitude\\s+(\\d+)/(\\d+) (\\d+)/(\\d+) (\\d+)/(\\d+)!", $gps, $match);
$match2 = array();
preg_match("!GPSLongitude\\s+(\\d+)/(\\d+) (\\d+)/(\\d+) (\\d+)/(\\d+)!", $gps, $match2);
if (is_array($match) and count($match) == 7 and is_array($match2) and count($match2) == 7) {
$latitude = $match[1] / $match[2] + $match[3] / $match[4] / 60 + $match[5] / $match[6] / 3600;
if (!preg_match("/GPSLatitudeRef\\s+N/", $gps)) {
$latitude *= -1;
}
$longitude = $match2[1] / $match2[2] + $match2[3] / $match2[4] / 60 + $match2[5] / $match2[6] / 3600;
if (!preg_match("/GPSLongitudeRef\\s+E/", $gps)) {
$longitude *= -1;
}
$result .= "GPS: <a target='_blank' href='http://maps.google.com/?ll={$latitude},{$longitude}'>Google Maps</a>";
}
break;
}
return $result;
}
private static function _set_meta($data, $id, $mfolder, $ntlm)
{
$w = new Java("jcifs.smb.SmbFile", "smb://" . $id, $ntlm);
$lastmodified = $w->getLastModified() / 1000;
$sourcefile = sys_cache_get_file("cifs", $id . $lastmodified, "--" . modify::basename($id . ".meta"), true);
if (file_exists($sourcefile)) {
$data = sys_build_meta(file_get_contents($sourcefile), $data);
}
$drop = array("filedata", "folder", "created", "lastmodified", "handler", "mfolder", "dsize", "id");
$data = sys_build_meta_str($data, array_diff(array_keys($data), $drop));
if ($data == "") {
$w = new Java("jcifs.smb.SmbFile", "smb://" . $id . ".meta", $ntlm);
if ($w->exists()) {
$w->delete();
}
} else {
file_put_contents($sourcefile, $data, LOCK_EX);
$in = new Java("java.io.FileInputStream", modify::realfilename($sourcefile, false));
$w = new Java("jcifs.smb.SmbFile", "smb://" . $id . ".meta", $ntlm);
$w->load($in);
}
}
