/**
* Handles the uploading and db entry for a file
*
* @param UploadedFile $file
* @return array
*/
function upload_file($file)
{
global $db;
// Handle file errors
if ($file->error) {
throw new UploadException($file->error);
}
// Check if a file with the same hash and size (a file which is the same) does already exist in
// the database; if it does, delete the file just uploaded and return the proper link and data.
$q = $db->prepare('SELECT filename, COUNT(*) AS count FROM files WHERE hash = (:hash) ' . 'AND size = (:size)');
$q->bindValue(':hash', $file->get_sha1(), PDO::PARAM_STR);
$q->bindValue(':size', $file->size, PDO::PARAM_INT);
$q->execute();
$result = $q->fetch();
if ($result['count'] > 0) {
unlink($file->tempfile);
return array('hash' => $file->get_sha1(), 'name' => $file->name, 'url' => POMF_URL . $result['filename'], 'size' => $file->size);
}
// Generate a name for the file
$newname = generate_name($file);
// Attempt to move it to the static directory
if (move_uploaded_file($file->tempfile, POMF_FILES_ROOT . $newname)) {
// Need to change permissions for the new file to make it world readable
if (chmod(POMF_FILES_ROOT . $newname, 0644)) {
// Add it to the database
if (empty($_SESSION['id'])) {
// Query if user is NOT logged in
$q = $db->prepare('INSERT INTO files (hash, originalname, filename, size, date, ' . 'expire, delid) VALUES (:hash, :orig, :name, :size, :date, ' . ':exp, :del)');
} else {
// Query if user is logged in (insert user id together with other data)
$q = $db->prepare('INSERT INTO files (hash, originalname, filename, size, date, ' . 'expire, delid, user) VALUES (:hash, :orig, :name, :size, ' . ':date, :expires, :delid, :user)');
$q->bindValue(':user', $_SESSION['id'], PDO::PARAM_INT);
}
// Common parameters binding
$q->bindValue(':hash', $file->get_sha1(), PDO::PARAM_STR);
$q->bindValue(':orig', strip_tags($file->name), PDO::PARAM_STR);
$q->bindValue(':name', $newname, PDO::PARAM_STR);
$q->bindValue(':size', $file->size, PDO::PARAM_INT);
$q->bindValue(':date', date('Y-m-d'), PDO::PARAM_STR);
$q->bindValue(':exp', null, PDO::PARAM_STR);
$q->bindValue(':del', sha1($file->tempfile), PDO::PARAM_STR);
$q->execute();
return array('hash' => $file->get_sha1(), 'name' => $file->name, 'url' => POMF_URL . $newname, 'size' => $file->size);
} else {
throw new Exception('Failed to change file permissions', 500);
}
} else {
throw new Exception('Failed to move file to destination', 500);
}
}
/**
* Handles the uploading and db entry for a file.
*
* @param UploadedFile $file
*
* @return array
*/
function upload_file($file)
{
global $db;
// Handle file errors
if ($file->error) {
throw new UploadException($file->error);
}
// Check if a file with the same hash and size (a file which is the same) does already exist in
// the database; if it does, delete the file just uploaded and return the proper link and data.
$q = $db->prepare('SELECT filename, COUNT(*) AS count FROM files WHERE hash = (:hash) ' . 'AND size = (:size)');
$q->bindValue(':hash', $file->get_sha1(), PDO::PARAM_STR);
$q->bindValue(':size', $file->size, PDO::PARAM_INT);
$q->execute();
$result = $q->fetch();
if ($result['count'] > 0) {
unlink($file->tempfile);
return array('hash' => $file->get_sha1(), 'name' => $file->name, 'url' => POMF_URL . $result['filename'], 'size' => $file->size);
}
// Generate a name for the file
$newname = generate_name($file);
// Attempt to move it to the static directory
if (move_uploaded_file($file->tempfile, POMF_FILES_ROOT . $newname)) {
// Need to change permissions for the new file to make it world readable
if (chmod(POMF_FILES_ROOT . $newname, 0644)) {
// Add it to the database
$q = $db->prepare('INSERT INTO files (hash, originalname, filename, size, date, ' . 'expire, delid) VALUES (:hash, :orig, :name, :size, :date, ' . ':exp, :del)');
//Adds expire date to database for removal via python script and cron
$expTime = date("Y-m-d H:i:s", time() + 9001 * 60 * 60);
if ($_POST['Time'] == '1') {
$expTime = date("Y-m-d H:i:s", time() + 9001 * 60 * 60);
}
if ($_POST['Time'] == '2') {
$expTime = date("Y-m-d H:i:s", time() + 6 * 60 * 60);
}
if ($_POST['Time'] == '3') {
$expTime = date("Y-m-d H:i:s", time() + 24 * 60 * 60);
}
if ($_POST['Time'] == '4') {
$expTime = date("Y-m-d H:i:s", time() + 48 * 60 * 60);
}
if ($_POST['Time'] == '5') {
$expTime = date("Y-m-d H:i:s", time() + 168 * 60 * 60);
}
if ($_POST['Time'] == '6') {
$expTime = date("Y-m-d H:i:s", time() + 720 * 60 * 60);
}
// Common parameters binding
$q->bindValue(':hash', $file->get_sha1(), PDO::PARAM_STR);
$q->bindValue(':orig', strip_tags($file->name), PDO::PARAM_STR);
$q->bindValue(':name', $newname, PDO::PARAM_STR);
$q->bindValue(':size', $file->size, PDO::PARAM_INT);
$q->bindValue(':date', date('Y-m-d'), PDO::PARAM_STR);
$q->bindValue(':exp', $expTime, PDO::PARAM_STR);
$q->bindValue(':del', sha1($file->tempfile), PDO::PARAM_STR);
$q->execute();
return array('hash' => $file->get_sha1(), 'name' => $file->name, 'url' => POMF_URL . $newname, 'size' => $file->size);
} else {
throw new Exception('Failed to change file permissions', 500);
}
} else {
throw new Exception('Failed to move file to destination', 500);
}
}
