public function saveFile($ajaxDeleteUrl)
{
if (isset($_POST['send'])) {
//ArtikelID?
if (isset($_POST['articleID'])) {
$articleID = trim(htmlentities($_POST['articleID'], ENT_QUOTES, "UTF-8"));
} else {
die("1");
}
if (isset($_FILES['file']) && !$_FILES['file']['error']) {
$mime = $_FILES['file']['type'];
$mimetypes = array("image/gif" => "gif", "image/jpeg" => "jpeg", "image/png" => "png", "video/mp4" => "mp4", "video/ogg" => "ogg");
if (!isset($mimetypes[$mime])) {
die("2");
} else {
$suffix = $mimetypes[$mime];
}
$filename = trim(htmlentities($filename, ENT_QUOTES, "UTF-8"));
$filename = basename($_FILES['file']['name']);
$filename = str_replace(" ", "_", $filename);
$filename = preg_replace("/\\.(jpe?g|gif|png|mp4|ogg)\$/i", "", $filename);
$filename = $filename . ".{$suffix}";
$filename = $GLOBALS['DB']->escapeString($filename);
if (!file_exists("articlefiles/{$articleID}")) {
mkdir("articlefiles/{$articleID}");
}
$dir = "articlefiles/{$articleID}/{$filename}";
if (strlen($dir) > 250) {
die("3");
}
if (file_exists($dir)) {
die("4");
}
// Prüfung nach filesize -- max 20 MB Video
if ($_FILES['file']['size'] > 20971520) {
die("5");
}
// Prüfung ob Bilder nicht mehr als 1 MB
if ($mime == "image/gif" || $mime == "image/jpeg" || $mime == "image/png") {
if ($_FILES['file']['size'] > 1048576) {
die("6");
}
}
// Prüfung es dürfen nur 3 Bild und 1 Videodatei hochgeladen werden.
$getPics = $GLOBALS['DB']->query("SELECT * FROM articlefiles WHERE articleID = '{$articleID}' AND fileType = 'image' ", true);
$getVideo = $GLOBALS['DB']->query("SELECT * FROM articlefiles WHERE articleID = '{$articleID}' AND fileType = 'video' ", true);
if ($getPics->num_rows >= 3 && ($mime == "image/gif" || $mime == "image/jpeg" || $mime == "image/png")) {
die("7");
}
if ($getVideo->num_rows >= 1 && ($mime == "video/mp4" || $mime == "video/ogg")) {
die("8");
}
if ($mime == "image/gif" || $mime == "image/jpeg" || $mime == "image/png") {
$fileType = 'image';
} else {
$fileType = 'video';
}
$write = $GLOBALS['DB']->query("INSERT INTO articlefiles (fileSource, articleID, fileType) VALUES ('{$dir}', '{$articleID}', '{$fileType}') ");
// das eigentliche Speichern
if ($write == true) {
if (move_uploaded_file($_FILES['file']['tmp_name'], $dir)) {
$idname = System\Helper::generateRandomIDName();
//Ajax Rückgabe für img
if ($mime == "image/gif" || $mime == "image/jpeg" || $mime == "image/png") {
echo "<div class='row'><div id='{$idname}'><img class='artfileimg' src='" . PROJECT_HTTP_ROOT . "/scripts/article/{$dir}'><button class='delfilebtn' id='delete{$idname}'><i class='icon-remove'></i></button></div></div> \r\n <script> \$('#delete{$idname}').click(function(){\r\n fileUrl = '{$dir}'; articleID = '{$articleID}'; \$.ajax ({type: 'POST', url: '{$ajaxDeleteUrl}', data: {'fileUrl' : fileUrl, 'articleID' : articleID}, \r\n success: function(data){ if(data == 'true'){ \$('#{$idname}').remove(); } } }); return false; }); </script>";
} else {
echo "<div class='row'><div id='{$idname}' style='height: 160px;'><video controls class='artfilesvid'><source src='" . PROJECT_HTTP_ROOT . "/scripts/article/{$dir}' type='video/ogg' /><source src='" . PROJECT_HTTP_ROOT . "/scripts/{$dir}' type='video/mp4' />\r\n Ihr Browser unterstützt keine HTML Videotags.</video><button class='delfilevidbtn' id='delete{$idname}'><i class='icon-remove'></i></button></div> </div> \r\n <script> \$('#delete{$idname}').click(function(){\r\n fileUrl = '{$dir}'; articleID = '{$articleID}'; \$.ajax ({type: 'POST', url: '{$ajaxDeleteUrl}', data: {'fileUrl' : fileUrl, 'articleID' : articleID}, \r\n success: function(data){ if(data == 'true'){ \$('#{$idname}').remove(); } } }); return false; }); </script>";
}
} else {
die("9");
}
} else {
die("9");
}
}
}
}
