}
complete_procedure($dbc);
foreach ($filetypes as $filerow) {
if (sizeof($filerow) > 0) {
// an extra object appears to be initialized into the array
$typeId = $filerow['FileTypeID'];
$typeName = $filerow['FileType'];
$inName = 'fileup-' . $typeId;
if ($typeName != '' && isset($_FILES["{$inName}"]) && $_FILES["{$inName}"] != '' && isset($_FILES["{$inName}"]["type"]) && $_FILES["{$inName}"]["type"] != '') {
// adapted from prototyped file_upload_view_download
$DstFileName = $_FILES["{$inName}"]["name"];
$SrcFileType = $_FILES["{$inName}"]["type"];
$SrcFilePath = $_FILES["{$inName}"]["tmp_name"];
$FileErrorVal = $_FILES["{$inName}"]["error"];
$FileSize = $_FILES["{$inName}"]["size"];
if (is_mime_valid($SrcFileType) && $FileSize < 2097152) {
$q_create_rfmd = "CALL spCreateReviewerFileMetaData({$subID}, {$userID}, {$typeId}, '{$SrcFileType}', '{$DstFileName}', {$FileSize});";
if ($r_create_rfmd = mysqli_query($dbc, $q_create_rfmd)) {
$row_create_rfmd = mysqli_fetch_array($r_create_rfmd, MYSQLI_ASSOC);
$fmdId = $row_create_rfmd['FileMetaDataID'];
// TODO: verify this check works as intended
if (isset($row_create_rfmd['Error']) || $fmdId == 0) {
$error = true;
$incomplete = true;
$ret_err = $row_create_rfmd['Error'];
array_push($errors, "File for {$typeName} could not be uploaded because {$ret_err}.");
}
ignore_remaining_output($r_create_rfmd);
complete_procedure($dbc);
// File Processing
if (!$error && file_exists($SrcFilePath)) {
$SrcFilePath = $_FILES["{$inName}"]["tmp_name"];
$FileErrorVal = $_FILES["{$inName}"]["error"];
$FileSize = $_FILES["{$inName}"]["size"];
// TODO: get spSubmissionGetFilesList to return FileTypeID, workaround part 2
$typeId = -1;
foreach ($filetypes as $type) {
if ($type['FileType'] == $typeName) {
$typeId = $type['FileTypeID'];
}
}
if ($typeId == -1) {
$error = true;
$incomplete = true;
array_push($errors, 'Could not match uploaded file ' . $DstFileName . ' for type ' . $typeName . '.');
}
if (is_mime_valid($SrcFileType)) {
// && $FileSize < 2097152) { - no limit on Editor uploads
$q_update_fmd = "CALL spUpdateFileMetaData({$fileId}, {$typeId}, '{$SrcFileType}', '{$DstFileName}', {$FileSize});";
// check typeId BEFORE running the query, workaround part 3
if (!$error && ($r_update_fmd = mysqli_query($dbc, $q_update_fmd))) {
if ($r_update_fmd && $r_update_fmd !== true) {
$row_update_fmd = mysqli_fetch_array($r_update_fmd, MYSQLI_ASSOC);
if (isset($row_update_fmd['Error']) || $fileId == 0) {
$error = true;
$incomplete = true;
$ret_err = $row_update_fmd['Error'];
array_push($errors, "File for {$typeName} could not be uploaded because {$ret_err}.");
}
ignore_remaining_output($r_update_fmd);
}
complete_procedure($dbc);
