public function onBeforeSolrQuery(&$p) { $p['rows'] = 15; $p['params']['fl'] = array('id', 'name'); $ip =& $p['inputParams']; if (!empty($ip['view']['field'])) { $fn = \CB\Purify::solrFieldName($ip['view']['field']); if (!empty($fn)) { $this->solrFieldName = $fn; $p['params']['fl'][] = $fn; //exclude items with empty field value $p['params']['fq'][] = "{$fn}:[-90,-180 TO 90,180]"; } } unset($p['params']['sort']); }
public function create($p) { $rez = array('succes' => false, 'data' => array()); if (empty($p['node_id']) || empty($p['data'])) { return $rez; } $data = array('name' => Purify::filename($p['data']['name']), 'path' => $p['data']['path'], 'pathText' => empty($p['data']['pathText']) ? '' : $p['data']['pathText']); if (is_numeric($p['node_id'])) { $data['template_id'] = Objects::getTemplateId($p['node_id']); $data['iconCls'] = Browser::getIcon($data); } elseif (!empty($p['data']['iconCls'])) { $data['iconCls'] = $p['data']['iconCls']; } $d = array('user_id' => User::getId(), 'node_id' => $p['node_id'], 'data' => Util\jsonEncode($data)); $id = DM\Favorites::create($d); $rez = array('success' => true, 'data' => array('id' => $id, 'node_id' => $d['node_id'], 'data' => $data)); return $rez; }
/** * download files * * outputs file content and set corresponding header params * * @param int $id file id * @return void */ public static function download($id, $versionId = null, $asAttachment = true, $forUseId = false) { $r = empty($versionId) ? DM\Files::read($id) : DM\FilesVersions::read($versionId); if (!empty($r)) { $content = DM\FilesContent::read($r['content_id']); //check if can download file if (!Security::canDownload($r['id'], $forUseId)) { throw new \Exception(L\get('Access_denied')); } header('Content-Description: File Transfer'); header('Content-Type: ' . $content['type'] . '; charset=UTF-8'); if ($asAttachment || $content['type'] !== 'application/pdf') { //purify filename for cases when we have a wrong filename in the system already header('Content-Disposition: attachment; filename="' . Purify::filename($r['name']) . '"'); } header('Content-Transfer-Encoding: binary'); header('Expires: 0'); header('Cache-Control: must-revalidate'); header('Pragma: public'); header('Content-Length: ' . $content['size']); readfile(Config::get('files_dir') . $content['path'] . DIRECTORY_SEPARATOR . $content['id']); } else { throw new \Exception(L\get('Object_not_found')); } }
/** * filter a given value * @param varchar $value * @param boolean $purify * @param boolean $htmlEncode * @return varchar */ protected function filterFieldValue($value, $purify = false, $htmlEncode = false) { if ($purify) { $value = \CB\Purify::html($value); } if ($htmlEncode) { $value = htmlspecialchars($value, ENT_COMPAT); } return $value; }
/** * download files * * outputs file content and set corresponding header params * * @param int $id file id * @return void */ public static function download($id, $versionId = null, $asAttachment = true, $forUseId = false) { $sql = empty($versionId) ? 'SELECT f.id ,f.content_id ,c.path ,f.name ,c.`type` ,c.size FROM files f LEFT JOIN files_content c ON f.content_id = c.id WHERE f.id = $1' : 'SELECT f.file_id `id` ,f.id `version_id` ,f.content_id ,c.path ,f.name ,c.`type` ,c.size FROM files_versions f LEFT JOIN files_content c ON f.content_id = c.id WHERE f.id = $1'; $res = DB\dbQuery($sql, Util\coalesce($versionId, $id)) or die(DB\dbQueryError()); if ($r = $res->fetch_assoc()) { //check if can download file if (!Security::canDownload($r['id'], $forUseId)) { throw new \Exception(L\get('Access_denied')); } header('Content-Description: File Transfer'); header('Content-Type: ' . $r['type'] . '; charset=UTF-8'); if ($asAttachment || $r['type'] !== 'application/pdf') { //purify filename for cases when we have a wrong filename in the system already header('Content-Disposition: attachment; filename="' . Purify::filename($r['name']) . '"'); } header('Content-Transfer-Encoding: binary'); header('Expires: 0'); header('Cache-Control: must-revalidate'); header('Pragma: public'); header('Content-Length: ' . $r['size']); readfile(Config::get('files_dir') . $r['path'] . DIRECTORY_SEPARATOR . $r['content_id']); } else { throw new \Exception(L\get('Object_not_found')); } $res->close(); }
/** * get display name of a user * @param $idOrData id or user data array * @return varchar */ public static function getDisplayName($idOrData = false, $withEmail = false) { $data = array(); if ($idOrData === false) { //use current logged users $id = static::getId(); } elseif (is_numeric($idOrData)) { //id specified $id = $idOrData; } elseif (is_array($idOrData) && !empty($idOrData['id']) && is_numeric($idOrData['id'])) { $id = $idOrData['id']; $data = $idOrData; } else { return ''; } $var_name = 'users[' . $id . "]['displayName{$withEmail}']"; if (!Cache::exist($var_name)) { if (empty($data)) { $data = DM\Users::read($id); } $name = @Purify::humanName($data['first_name'] . ' ' . $data['last_name']); if (empty($name)) { $name = @$data['name']; } if ($withEmail == true && !empty($r['email'])) { $name .= "\n(" . $r['email'] . ")"; } $name = htmlentities($name, ENT_QUOTES, 'UTF-8'); Cache::set($var_name, $name); } return Cache::get($var_name); }
/** * Rename group */ public function renameGroup($p) { if (!User::isVerified()) { return array('success' => false, 'verify' => true); } $title = Purify::humanName($p['title']); if (empty($title)) { throw new \Exception(L\get('Wrong_input_data')); } $id = $this->extractId($p['id']); if (!Security::canEditUser($id)) { throw new \Exception(L\get('Access_denied')); } DB\dbQuery('UPDATE users_groups SET name = $2, uid = $3 WHERE id = $1 AND type = 1', array($id, $title, $_SESSION['user']['id'])) or die(DB\dbQueryError()); return array('success' => true, 'title' => $title); }
public function confirmUploadRequest($p) { //if cancel then delete all uploaded files from incomming $files = new Files(); $a = $files->getUploadParams(); $a['response'] = $p['response']; switch ($p['response']) { case 'rename': $a['newName'] = Purify::filename($p['newName']); //check if the new name does not also exist if (empty($a['response'])) { return array('success' => false, 'msg' => L\get('FilenameCannotBeEmpty')); } reset($a['files']); $k = key($a['files']); $a['files'][$k]['name'] = $a['newName']; if ($files->fileExists($a['pid'], $a['newName'])) { $files->saveUploadParams($a); return array('success' => false, 'type' => 'filesexist', 'allow_new_version' => Files::getMFVC($a['newName']) > 0, 'suggestedFilename' => Objects::getAvailableName($a['pid'], $a['newName']), 'msg' => str_replace('{filename}', '"' . $a['newName'] . '"', L\get('FilenameExistsInTarget'))); } // $files->storeFiles($a); // break; // $files->storeFiles($a); // break; case 'newversion': case 'replace': case 'autorename': $files->storeFiles($a); break; default: //cancel $files->removeIncomingFiles($a['files']); return array('success' => true, 'data' => array()); break; } Solr\Client::runCron(); $rez = array('success' => true, 'data' => array('pid' => $a['pid'])); $files->attachPostUploadInfo($a['files'], $rez); return $rez; }