Ejemplo n.º 1
4
 /**
  * Show bbcodes and smilies in the quickreply
  * Template data for Ajax submit
  *
  * @param object $event The event object
  * @return null
  * @access public
  */
 public function viewtopic_modify_data($event)
 {
     $forum_id = $event['forum_id'];
     $topic_data = $event['topic_data'];
     $post_list = $event['post_list'];
     $topic_id = $topic_data['topic_id'];
     $s_quick_reply = false;
     if (($this->user->data['is_registered'] || $this->config['qr_allow_for_guests']) && $this->config['allow_quick_reply'] && $topic_data['forum_flags'] & FORUM_FLAG_QUICK_REPLY && $this->auth->acl_get('f_reply', $forum_id)) {
         // Quick reply enabled forum
         $s_quick_reply = $topic_data['forum_status'] == ITEM_UNLOCKED && $topic_data['topic_status'] == ITEM_UNLOCKED || $this->auth->acl_get('m_edit', $forum_id) ? true : false;
     }
     if (!$this->user->data['is_registered'] && $s_quick_reply) {
         add_form_key('posting');
         $s_attach_sig = $this->config['allow_sig'] && $this->user->optionget('attachsig') && $this->auth->acl_get('f_sigs', $forum_id) && $this->auth->acl_get('u_sig');
         $s_smilies = $this->config['allow_smilies'] && $this->user->optionget('smilies') && $this->auth->acl_get('f_smilies', $forum_id);
         $s_bbcode = $this->config['allow_bbcode'] && $this->user->optionget('bbcode') && $this->auth->acl_get('f_bbcode', $forum_id);
         $s_notify = false;
         $qr_hidden_fields = array('topic_cur_post_id' => (int) $topic_data['topic_last_post_id'], 'lastclick' => (int) time(), 'topic_id' => (int) $topic_data['topic_id'], 'forum_id' => (int) $forum_id);
         // Originally we use checkboxes and check with isset(), so we only provide them if they would be checked
         !$s_bbcode ? $qr_hidden_fields['disable_bbcode'] = 1 : true;
         !$s_smilies ? $qr_hidden_fields['disable_smilies'] = 1 : true;
         !$this->config['allow_post_links'] ? $qr_hidden_fields['disable_magic_url'] = 1 : true;
         $s_attach_sig ? $qr_hidden_fields['attach_sig'] = 1 : true;
         $s_notify ? $qr_hidden_fields['notify'] = 1 : true;
         $topic_data['topic_status'] == ITEM_LOCKED ? $qr_hidden_fields['lock_topic'] = 1 : true;
         $this->template->assign_vars(array('S_QUICK_REPLY' => true, 'U_QR_ACTION' => append_sid("{$this->phpbb_root_path}posting.{$this->php_ext}", "mode=reply&f={$forum_id}&t={$topic_id}"), 'QR_HIDDEN_FIELDS' => build_hidden_fields($qr_hidden_fields), 'USERNAME' => $this->request->variable('username', '', true)));
         if ($this->config['enable_post_confirm']) {
             $captcha = $this->captcha->get_instance($this->config['captcha_plugin']);
             $captcha->init(CONFIRM_POST);
         }
         if ($this->config['enable_post_confirm'] && (isset($captcha) && $captcha->is_solved() === false)) {
             $this->template->assign_vars(array('S_CONFIRM_CODE' => true, 'CAPTCHA_TEMPLATE' => $captcha->get_template()));
         }
         // Add the confirm id/code pair to the hidden fields, else an error is displayed on next submit/preview
         if (isset($captcha) && $captcha->is_solved() !== false) {
             $this->template->append_var('QR_HIDDEN_FIELDS', build_hidden_fields($captcha->get_hidden_fields()));
         }
     }
     // Ajaxify viewtopic data
     if ($this->request->is_ajax() && $this->request->is_set('qr_request')) {
         if (!$this->user->data['is_registered'] && $this->config['enable_post_confirm']) {
             $captcha = $this->captcha->get_instance($this->config['captcha_plugin']);
             $captcha->init(CONFIRM_POST);
             // Add the confirm id/code pair to the hidden fields, else an error is displayed on next submit/preview
             if (isset($captcha) && $captcha->is_solved() !== false) {
                 $this->template->append_var('QR_HIDDEN_FIELDS', build_hidden_fields($captcha->get_hidden_fields()));
             }
         }
         // Fix issues if the inserted post is not the first.
         if ($this->qr_insert && !$this->qr_first) {
             $this->template->alter_block_array('postrow', array('S_FIRST_ROW' => false), false, 'change');
         }
         $page_title = $event['page_title'];
         $this->template->assign_vars(array('S_QUICKREPLY_REQUEST' => true, 'S_QR_NO_FIRST_POST' => $this->qr_insert, 'S_QR_FULL_QUOTE' => $this->config['qr_full_quote']));
         $this->template->append_var('QR_HIDDEN_FIELDS', build_hidden_fields(array('qr' => 1, 'qr_cur_post_id' => (int) max($post_list))));
         // Output the page
         page_header($page_title, false, $forum_id);
         page_footer(false, false, false);
         $json_response = new \phpbb\json_response();
         $json_response->send(array('success' => true, 'result' => $this->template->assign_display('@tatiana5_quickreply/quickreply_template.html', '', true), 'insert' => $this->qr_insert));
     }
     if ($s_quick_reply) {
         include_once $this->phpbb_root_path . 'includes/functions_posting.' . $this->php_ext;
         // HTML, BBCode, Smilies, Images and Flash status
         $bbcode_status = $this->config['allow_bbcode'] && $this->config['qr_bbcode'] && $this->auth->acl_get('f_bbcode', $forum_id) ? true : false;
         $smilies_status = $this->config['allow_smilies'] && $this->config['qr_smilies'] && $this->auth->acl_get('f_smilies', $forum_id) ? true : false;
         $img_status = $bbcode_status && $this->auth->acl_get('f_img', $forum_id) ? true : false;
         $url_status = $this->config['allow_post_links'] ? true : false;
         $flash_status = $bbcode_status && $this->auth->acl_get('f_flash', $forum_id) && $this->config['allow_post_flash'] ? true : false;
         $quote_status = true;
         // Build custom bbcodes array
         if ($bbcode_status) {
             display_custom_bbcodes();
         }
         // Generate smiley listing
         if ($smilies_status) {
             generate_smilies('inline', $forum_id);
         }
         // Show attachment box for adding attachments if true
         $form_enctype = @ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off' || !$this->config['allow_attachments'] || !$this->auth->acl_get('u_attach') || !$this->auth->acl_get('f_attach', $forum_id) ? '' : '" enctype="multipart/form-data';
         $allowed = $this->auth->acl_get('f_attach', $forum_id) && $this->auth->acl_get('u_attach') && $this->config['allow_attachments'] && $form_enctype;
         $attachment_data = false;
         if ($bbcode_status || $smilies_status || $this->config['qr_attach'] && $allowed) {
             $this->user->add_lang('posting');
         }
         if ($this->config['qr_attach'] && $allowed) {
             $this->template->assign_vars(array('U_QR_ACTION' => append_sid("{$this->phpbb_root_path}posting.{$this->php_ext}", "mode=reply&f={$forum_id}&t={$topic_id}") . $form_enctype));
             include_once $this->phpbb_root_path . 'includes/message_parser.' . $this->php_ext;
             $message_parser = new \parse_message();
             $message_parser->set_plupload($this->plupload);
             $message_parser->set_mimetype_guesser($this->mimetype_guesser);
             $message_parser->get_submitted_attachment_data($this->user->data['user_id']);
             $attachment_data = $message_parser->attachment_data;
             $filename_data = $message_parser->filename_data;
             posting_gen_inline_attachments($attachment_data);
             $max_files = $this->auth->acl_get('a_') || $this->auth->acl_get('m_', $forum_id) ? 0 : (int) $this->config['max_attachments'];
             $topic_id = $topic_data['topic_id'];
             $s_action = append_sid("{$this->phpbb_root_path}posting.{$this->php_ext}", "mode=reply&f={$forum_id}&t={$topic_id}");
             $this->plupload->configure($this->cache, $this->template, $s_action, $forum_id, $max_files);
             posting_gen_attachment_entry($attachment_data, $filename_data, $allowed);
         }
         $this->template->append_var('QR_HIDDEN_FIELDS', build_hidden_fields(array('qr' => 1, 'qr_cur_post_id' => (int) max($post_list))));
         if ($this->phpbb_extension_manager->is_enabled('rxu/PostsMerging') && $this->user->data['is_registered'] && $this->config['merge_interval']) {
             // Always show the checkbox if PostsMerging extension is installed.
             $this->user->add_lang_ext('rxu/PostsMerging', 'posts_merging');
             $this->template->assign_var('POSTS_MERGING_OPTION', true);
         }
         $this->template->assign_vars(array('S_QR_COLOUR_NICKNAME' => $this->config['qr_color_nickname'], 'S_QR_NOT_CHANGE_SUBJECT' => $this->auth->acl_get('f_qr_change_subject', $forum_id) ? false : true, 'S_QR_COMMA_ENABLE' => $this->config['qr_comma'], 'S_QR_QUICKNICK_ENABLE' => $this->config['qr_quicknick'], 'S_QR_QUICKNICK_REF' => $this->config['qr_quicknick_ref'], 'S_QR_QUICKNICK_PM' => $this->config['qr_quicknick_pm'], 'S_QR_QUICKQUOTE_ENABLE' => $this->config['qr_quickquote'], 'S_QR_QUICKQUOTE_LINK' => $this->config['qr_quickquote_link'], 'S_QR_FULL_QUOTE' => $this->config['qr_full_quote'], 'S_QR_CE_ENABLE' => $this->config['qr_ctrlenter'], 'QR_SOURCE_POST' => $this->config['qr_source_post'], 'S_DISPLAY_USERNAME' => !$this->user->data['is_registered'], 'S_BBCODE_ALLOWED' => $bbcode_status ? 1 : 0, 'S_SMILIES_ALLOWED' => $smilies_status, 'S_BBCODE_IMG' => $img_status, 'S_LINKS_ALLOWED' => $url_status, 'S_BBCODE_FLASH' => $flash_status, 'S_BBCODE_QUOTE' => $quote_status, 'MESSAGE' => $this->request->variable('message', '', true), 'READ_POST_IMG' => $this->user->img('icon_post_target', 'POST'), 'S_QR_CAPS_ENABLE' => $this->config['qr_capslock_transfer'], 'S_QR_SHOW_BUTTON_TRANSLIT' => $this->config['qr_show_button_translit'], 'L_FULL_EDITOR' => $this->config['qr_ajax_submit'] ? $this->user->lang['PREVIEW'] : $this->user->lang['FULL_EDITOR'], 'S_QR_AJAX_SUBMIT' => $this->config['qr_ajax_submit'], 'S_QR_AJAX_PAGINATION' => $this->config['qr_ajax_pagination'] && $this->user->data['ajax_pagination'], 'S_QR_ENABLE_SCROLL' => $this->user->data['qr_enable_scroll'], 'S_QR_SCROLL_INTERVAL' => $this->config['qr_scroll_time'], 'S_QR_SOFT_SCROLL' => $this->config['qr_scroll_time'] && $this->user->data['qr_soft_scroll'], 'S_QR_ALLOWED_GUEST' => $this->config['qr_allow_for_guests'] && $this->user->data['user_id'] == ANONYMOUS, 'S_ABBC3_INSTALLED' => $this->phpbb_extension_manager->is_enabled('vse/abbc3'), 'S_QR_SHOW_ATTACH_BOX' => $this->config['qr_attach'] && $allowed, 'S_ATTACH_DATA' => $attachment_data ? json_encode($attachment_data) : '[]'));
         $add_re = $this->config['qr_enable_re'] ? 'Re: ' : '';
         $this->template->assign_var('SUBJECT', $this->request->variable('subject', $add_re . censor_text($topic_data['topic_title']), true));
     }
     $this->template->assign_vars(array('QR_HIDE_POSTS_SUBJECT' => $this->config['qr_show_subjects'] ? false : true));
 }
Ejemplo n.º 2
0
 protected function setUp()
 {
     global $phpbb_root_path, $phpEx;
     $this->request = $this->getMock('\\phpbb\\request\\request');
     $this->request->expects($this->any())->method('file')->willReturn(array());
     $this->filesystem = new \phpbb\filesystem\filesystem();
     $this->language = new \phpbb\language\language(new \phpbb\language\language_file_loader($phpbb_root_path, $phpEx));
     $this->php_ini = new \bantu\IniGetWrapper\IniGetWrapper();
     $this->container = new phpbb_mock_container_builder($phpbb_root_path, $phpEx);
     $this->container->set('files.filespec', new \phpbb\files\filespec($this->filesystem, $this->language, $this->php_ini, new \FastImageSize\FastImageSize(), $phpbb_root_path, new \phpbb\mimetype\guesser(array('mimetype.extension_guesser' => new \phpbb\mimetype\extension_guesser()))));
     $this->factory = new \phpbb\files\factory($this->container);
     $this->plupload = $this->getMockBuilder('\\phpbb\\plupload\\plupload')->disableOriginalConstructor()->getMock();
     $this->plupload->expects($this->any())->method('handle_upload')->willReturn(array());
     $this->path = __DIR__ . '/fixture/';
     $this->phpbb_root_path = $phpbb_root_path;
 }
Ejemplo n.º 3
0
 /**
  * @dataProvider data_upload_form
  */
 public function test_upload_form($upload, $expected, $plupload = array())
 {
     $this->request = $this->getMock('\\phpbb\\request\\request');
     $this->request->expects($this->any())->method('file')->willReturn($upload);
     $filespec = new \phpbb\files\filespec($this->filesystem, $this->language, $this->php_ini, new \FastImageSize\FastImageSize(), $this->phpbb_root_path, new \phpbb\mimetype\guesser(array('mimetype.extension_guesser' => new \phpbb\mimetype\extension_guesser())));
     $this->container->set('files.filespec', $filespec);
     $this->factory = new \phpbb\files\factory($this->container);
     $this->plupload = $this->getMockBuilder('\\phpbb\\plupload\\plupload')->disableOriginalConstructor()->getMock();
     $this->plupload->expects($this->any())->method('handle_upload')->willReturn($plupload);
     $type_form = new \phpbb\files\types\form($this->factory, $this->language, $this->php_ini, $this->plupload, $this->request);
     $upload = new \phpbb\files\upload($this->filesystem, $this->factory, $this->language, $this->php_ini, $this->request, $this->phpbb_root_path);
     $upload->set_allowed_extensions(array('png'));
     $type_form->set_upload($upload);
     $file = $type_form->upload('foobar');
     $this->assertSame($expected, $file->error);
     $this->assertInstanceOf('\\phpbb\\files\\filespec', $file);
 }
Ejemplo n.º 4
0
 /**
  * Form upload method
  * Upload file from users harddisk
  *
  * @param string $form_name Form name assigned to the file input field (if it is an array, the key has to be specified)
  *
  * @return filespec $file Object "filespec" is returned, all further operations can be done with this object
  * @access public
  */
 protected function form_upload($form_name)
 {
     $upload = $this->request->file($form_name);
     unset($upload['local_mode']);
     $result = $this->plupload->handle_upload($form_name);
     if (is_array($result)) {
         $upload = array_merge($upload, $result);
     }
     /** @var filespec $file */
     $file = $this->factory->get('filespec')->set_upload_ary($upload)->set_upload_namespace($this->upload);
     if ($file->init_error()) {
         $file->error[] = '';
         return $file;
     }
     // Error array filled?
     if (isset($upload['error'])) {
         $error = $this->upload->assign_internal_error($upload['error']);
         if ($error !== false) {
             $file->error[] = $error;
             return $file;
         }
     }
     // Check if empty file got uploaded (not catched by is_uploaded_file)
     if (isset($upload['size']) && $upload['size'] == 0) {
         $file->error[] = $this->language->lang($this->upload->error_prefix . 'EMPTY_FILEUPLOAD');
         return $file;
     }
     // PHP Upload file size check
     $file = $this->check_upload_size($file);
     if (sizeof($file->error)) {
         return $file;
     }
     // Not correctly uploaded
     if (!$file->is_uploaded()) {
         $file->error[] = $this->language->lang($this->upload->error_prefix . 'NOT_UPLOADED');
         return $file;
     }
     $this->upload->common_checks($file);
     return $file;
 }
Ejemplo n.º 5
0
 /**
  * Parse and display attachments
  *
  * @param int  $forum_id        Forum ID
  * @param int  $topic_id        Topic ID
  * @param bool $show_attach_box Whether we need to display the attachment box
  */
 public function handle_attachments($forum_id, $topic_id, $show_attach_box)
 {
     if (!class_exists('parse_message')) {
         include $this->phpbb_root_path . 'includes/message_parser.' . $this->php_ext;
     }
     $message_parser = new \parse_message();
     $message_parser->set_plupload($this->plupload);
     $message_parser->set_mimetype_guesser($this->mimetype_guesser);
     $message_parser->get_submitted_attachment_data($this->user->data['user_id']);
     $attachment_data = $message_parser->attachment_data;
     $filename_data = $message_parser->filename_data;
     posting_gen_inline_attachments($attachment_data);
     $max_files = $this->auth->acl_get('a_') || $this->auth->acl_get('m_', $forum_id) ? 0 : (int) $this->config['max_attachments'];
     $s_action = append_sid("{$this->phpbb_root_path}posting.{$this->php_ext}", "mode=reply&f={$forum_id}&t={$topic_id}");
     $this->plupload->configure($this->cache, $this->template, $s_action, $forum_id, $max_files);
     posting_gen_attachment_entry($attachment_data, $filename_data, $show_attach_box);
     $this->template->assign_vars(array('S_QR_SHOW_ATTACH_BOX' => $this->config['qr_attach'] && $show_attach_box, 'S_ATTACH_DATA' => $attachment_data ? json_encode($attachment_data) : '[]'));
 }
Ejemplo n.º 6
0
/**
* Upload Attachment - filedata is generated here
* Uses upload class
*
* @param string			$form_name		The form name of the file upload input
* @param int			$forum_id		The id of the forum
* @param bool			$local			Whether the file is local or not
* @param string			$local_storage	The path to the local file
* @param bool			$is_message		Whether it is a PM or not
* @param \filespec		$local_filedata	A filespec object created for the local file
* @param \phpbb\mimetype\guesser	$mimetype_guesser	The mimetype guesser object if used
* @param \phpbb\plupload\plupload	$plupload		The plupload object if one is being used
*
* @return object filespec
*/
function upload_attachment($form_name, $forum_id, $local = false, $local_storage = '', $is_message = false, $local_filedata = false, \phpbb\mimetype\guesser $mimetype_guesser = null, \phpbb\plupload\plupload $plupload = null)
{
    global $auth, $user, $config, $db, $cache;
    global $phpbb_root_path, $phpEx, $phpbb_dispatcher, $phpbb_container;
    $filedata = array('error' => array());
    $upload = $phpbb_container->get('files.upload');
    if ($config['check_attachment_content'] && isset($config['mime_triggers'])) {
        $upload->set_disallowed_content(explode('|', $config['mime_triggers']));
    } else {
        if (!$config['check_attachment_content']) {
            $upload->set_disallowed_content(array());
        }
    }
    $filedata['post_attach'] = $local || $upload->is_valid($form_name);
    if (!$filedata['post_attach']) {
        $filedata['error'][] = $user->lang['NO_UPLOAD_FORM_FOUND'];
        return $filedata;
    }
    $extensions = $cache->obtain_attach_extensions($is_message ? false : (int) $forum_id);
    $upload->set_allowed_extensions(array_keys($extensions['_allowed_']));
    /** @var \phpbb\files\filespec $file */
    $file = $local ? $upload->handle_upload('files.types.local', $local_storage, $local_filedata) : $upload->handle_upload('files.types.form', $form_name);
    if ($file->init_error()) {
        $filedata['post_attach'] = false;
        return $filedata;
    }
    // Whether the uploaded file is in the image category
    $is_image = isset($extensions[$file->get('extension')]['display_cat']) ? $extensions[$file->get('extension')]['display_cat'] == ATTACHMENT_CATEGORY_IMAGE : false;
    if (!$auth->acl_get('a_') && !$auth->acl_get('m_', $forum_id)) {
        // Check Image Size, if it is an image
        if ($is_image) {
            $file->upload->set_allowed_dimensions(0, 0, $config['img_max_width'], $config['img_max_height']);
        }
        // Admins and mods are allowed to exceed the allowed filesize
        if (!empty($extensions[$file->get('extension')]['max_filesize'])) {
            $allowed_filesize = $extensions[$file->get('extension')]['max_filesize'];
        } else {
            $allowed_filesize = $is_message ? $config['max_filesize_pm'] : $config['max_filesize'];
        }
        $file->upload->set_max_filesize($allowed_filesize);
    }
    $file->clean_filename('unique', $user->data['user_id'] . '_');
    // Are we uploading an image *and* this image being within the image category?
    // Only then perform additional image checks.
    $file->move_file($config['upload_path'], false, !$is_image);
    // Do we have to create a thumbnail?
    $filedata['thumbnail'] = $is_image && $config['img_create_thumbnail'] ? 1 : 0;
    if (sizeof($file->error)) {
        $file->remove();
        $filedata['error'] = array_merge($filedata['error'], $file->error);
        $filedata['post_attach'] = false;
        return $filedata;
    }
    // Make sure the image category only holds valid images...
    if ($is_image && !$file->is_image()) {
        $file->remove();
        if ($plupload && $plupload->is_active()) {
            $plupload->emit_error(104, 'ATTACHED_IMAGE_NOT_IMAGE');
        }
        // If this error occurs a user tried to exploit an IE Bug by renaming extensions
        // Since the image category is displaying content inline we need to catch this.
        trigger_error($user->lang['ATTACHED_IMAGE_NOT_IMAGE']);
    }
    $filedata['filesize'] = $file->get('filesize');
    $filedata['mimetype'] = $file->get('mimetype');
    $filedata['extension'] = $file->get('extension');
    $filedata['physical_filename'] = $file->get('realname');
    $filedata['real_filename'] = $file->get('uploadname');
    $filedata['filetime'] = time();
    /**
     * Event to modify uploaded file before submit to the post
     *
     * @event core.modify_uploaded_file
     * @var	array	filedata	Array containing uploaded file data
     * @var	bool	is_image	Flag indicating if the file is an image
     * @since 3.1.0-RC3
     */
    $vars = array('filedata', 'is_image');
    extract($phpbb_dispatcher->trigger_event('core.modify_uploaded_file', compact($vars)));
    // Check our complete quota
    if ($config['attachment_quota']) {
        if ($config['upload_dir_size'] + $file->get('filesize') > $config['attachment_quota']) {
            $filedata['error'][] = $user->lang['ATTACH_QUOTA_REACHED'];
            $filedata['post_attach'] = false;
            $file->remove();
            return $filedata;
        }
    }
    // Check free disk space
    if ($free_space = @disk_free_space($phpbb_root_path . $config['upload_path'])) {
        if ($free_space <= $file->get('filesize')) {
            if ($auth->acl_get('a_')) {
                $filedata['error'][] = $user->lang['ATTACH_DISK_FULL'];
            } else {
                $filedata['error'][] = $user->lang['ATTACH_QUOTA_REACHED'];
            }
            $filedata['post_attach'] = false;
            $file->remove();
            return $filedata;
        }
    }
    // Create Thumbnail
    if ($filedata['thumbnail']) {
        $source = $file->get('destination_file');
        $destination = $file->get('destination_path') . '/thumb_' . $file->get('realname');
        if (!create_thumbnail($source, $destination, $file->get('mimetype'))) {
            $filedata['thumbnail'] = 0;
        }
    }
    return $filedata;
}
Ejemplo n.º 7
0
    /**
     * Parse Attachments
     */
    function parse_attachments($form_name, $mode, $forum_id, $submit, $preview, $refresh, $is_message = false)
    {
        global $config, $auth, $user, $phpbb_root_path, $phpEx, $db, $request;
        global $phpbb_container;
        $error = array();
        $num_attachments = sizeof($this->attachment_data);
        $this->filename_data['filecomment'] = $request->variable('filecomment', '', true);
        $upload = $request->file($form_name);
        $upload_file = !empty($upload) && $upload['name'] !== 'none' && trim($upload['name']);
        $add_file = isset($_POST['add_file']) ? true : false;
        $delete_file = isset($_POST['delete_file']) ? true : false;
        // First of all adjust comments if changed
        $actual_comment_list = $request->variable('comment_list', array(''), true);
        foreach ($actual_comment_list as $comment_key => $comment) {
            if (!isset($this->attachment_data[$comment_key])) {
                continue;
            }
            if ($this->attachment_data[$comment_key]['attach_comment'] != $actual_comment_list[$comment_key]) {
                $this->attachment_data[$comment_key]['attach_comment'] = $actual_comment_list[$comment_key];
            }
        }
        $cfg = array();
        $cfg['max_attachments'] = $is_message ? $config['max_attachments_pm'] : $config['max_attachments'];
        $forum_id = $is_message ? 0 : $forum_id;
        if ($submit && in_array($mode, array('post', 'reply', 'quote', 'edit')) && $upload_file) {
            if ($num_attachments < $cfg['max_attachments'] || $auth->acl_get('a_') || $auth->acl_get('m_', $forum_id)) {
                /** @var \phpbb\attachment\manager $attachment_manager */
                $attachment_manager = $phpbb_container->get('attachment.manager');
                $filedata = $attachment_manager->upload($form_name, $forum_id, false, '', $is_message);
                $error = $filedata['error'];
                if ($filedata['post_attach'] && !sizeof($error)) {
                    $sql_ary = array('physical_filename' => $filedata['physical_filename'], 'attach_comment' => $this->filename_data['filecomment'], 'real_filename' => $filedata['real_filename'], 'extension' => $filedata['extension'], 'mimetype' => $filedata['mimetype'], 'filesize' => $filedata['filesize'], 'filetime' => $filedata['filetime'], 'thumbnail' => $filedata['thumbnail'], 'is_orphan' => 1, 'in_message' => $is_message ? 1 : 0, 'poster_id' => $user->data['user_id']);
                    $db->sql_query('INSERT INTO ' . ATTACHMENTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
                    $new_entry = array('attach_id' => $db->sql_nextid(), 'is_orphan' => 1, 'real_filename' => $filedata['real_filename'], 'attach_comment' => $this->filename_data['filecomment'], 'filesize' => $filedata['filesize']);
                    $this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data);
                    $this->message = preg_replace_callback('#\\[attachment=([0-9]+)\\](.*?)\\[\\/attachment\\]#', function ($match) {
                        return '[attachment=' . ($match[1] + 1) . ']' . $match[2] . '[/attachment]';
                    }, $this->message);
                    $this->filename_data['filecomment'] = '';
                    // This Variable is set to false here, because Attachments are entered into the
                    // Database in two modes, one if the id_list is 0 and the second one if post_attach is true
                    // Since post_attach is automatically switched to true if an Attachment got added to the filesystem,
                    // but we are assigning an id of 0 here, we have to reset the post_attach variable to false.
                    //
                    // This is very relevant, because it could happen that the post got not submitted, but we do not
                    // know this circumstance here. We could be at the posting page or we could be redirected to the entered
                    // post. :)
                    $filedata['post_attach'] = false;
                }
            } else {
                $error[] = $user->lang('TOO_MANY_ATTACHMENTS', (int) $cfg['max_attachments']);
            }
        }
        if ($preview || $refresh || sizeof($error)) {
            if (isset($this->plupload) && $this->plupload->is_active()) {
                $json_response = new \phpbb\json_response();
            }
            // Perform actions on temporary attachments
            if ($delete_file) {
                include_once $phpbb_root_path . 'includes/functions_admin.' . $phpEx;
                $index = array_keys($request->variable('delete_file', array(0 => 0)));
                $index = !empty($index) ? $index[0] : false;
                if ($index !== false && !empty($this->attachment_data[$index])) {
                    /** @var \phpbb\attachment\manager $attachment_manager */
                    $attachment_manager = $phpbb_container->get('attachment.manager');
                    // delete selected attachment
                    if ($this->attachment_data[$index]['is_orphan']) {
                        $sql = 'SELECT attach_id, physical_filename, thumbnail
							FROM ' . ATTACHMENTS_TABLE . '
							WHERE attach_id = ' . (int) $this->attachment_data[$index]['attach_id'] . '
								AND is_orphan = 1
								AND poster_id = ' . $user->data['user_id'];
                        $result = $db->sql_query($sql);
                        $row = $db->sql_fetchrow($result);
                        $db->sql_freeresult($result);
                        if ($row) {
                            $attachment_manager->unlink($row['physical_filename'], 'file');
                            if ($row['thumbnail']) {
                                $attachment_manager->unlink($row['physical_filename'], 'thumbnail');
                            }
                            $db->sql_query('DELETE FROM ' . ATTACHMENTS_TABLE . ' WHERE attach_id = ' . (int) $this->attachment_data[$index]['attach_id']);
                        }
                    } else {
                        $attachment_manager->delete('attach', $this->attachment_data[$index]['attach_id']);
                    }
                    unset($this->attachment_data[$index]);
                    $this->message = preg_replace_callback('#\\[attachment=([0-9]+)\\](.*?)\\[\\/attachment\\]#', function ($match) use($index) {
                        return $match[1] == $index ? '' : ($match[1] > $index ? '[attachment=' . ($match[1] - 1) . ']' . $match[2] . '[/attachment]' : $match[0]);
                    }, $this->message);
                    // Reindex Array
                    $this->attachment_data = array_values($this->attachment_data);
                    if (isset($this->plupload) && $this->plupload->is_active()) {
                        $json_response->send($this->attachment_data);
                    }
                }
            } else {
                if (($add_file || $preview) && $upload_file) {
                    if ($num_attachments < $cfg['max_attachments'] || $auth->acl_gets('m_', 'a_', $forum_id)) {
                        /** @var \phpbb\attachment\manager $attachment_manager */
                        $attachment_manager = $phpbb_container->get('attachment.manager');
                        $filedata = $attachment_manager->upload($form_name, $forum_id, false, '', $is_message);
                        $error = array_merge($error, $filedata['error']);
                        if (!sizeof($error)) {
                            $sql_ary = array('physical_filename' => $filedata['physical_filename'], 'attach_comment' => $this->filename_data['filecomment'], 'real_filename' => $filedata['real_filename'], 'extension' => $filedata['extension'], 'mimetype' => $filedata['mimetype'], 'filesize' => $filedata['filesize'], 'filetime' => $filedata['filetime'], 'thumbnail' => $filedata['thumbnail'], 'is_orphan' => 1, 'in_message' => $is_message ? 1 : 0, 'poster_id' => $user->data['user_id']);
                            $db->sql_query('INSERT INTO ' . ATTACHMENTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
                            $new_entry = array('attach_id' => $db->sql_nextid(), 'is_orphan' => 1, 'real_filename' => $filedata['real_filename'], 'attach_comment' => $this->filename_data['filecomment'], 'filesize' => $filedata['filesize']);
                            $this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data);
                            $this->message = preg_replace_callback('#\\[attachment=([0-9]+)\\](.*?)\\[\\/attachment\\]#', function ($match) {
                                return '[attachment=' . ($match[1] + 1) . ']' . $match[2] . '[/attachment]';
                            }, $this->message);
                            $this->filename_data['filecomment'] = '';
                            if (isset($this->plupload) && $this->plupload->is_active()) {
                                $download_url = append_sid("{$phpbb_root_path}download/file.{$phpEx}", 'mode=view&amp;id=' . $new_entry['attach_id']);
                                // Send the client the attachment data to maintain state
                                $json_response->send(array('data' => $this->attachment_data, 'download_url' => $download_url));
                            }
                        }
                    } else {
                        $error[] = $user->lang('TOO_MANY_ATTACHMENTS', (int) $cfg['max_attachments']);
                    }
                    if (!empty($error) && isset($this->plupload) && $this->plupload->is_active()) {
                        // If this is a plupload (and thus ajax) request, give the
                        // client the first error we have
                        $json_response->send(array('jsonrpc' => '2.0', 'id' => 'id', 'error' => array('code' => 105, 'message' => current($error))));
                    }
                }
            }
        }
        foreach ($error as $error_msg) {
            $this->warn_msg[] = $error_msg;
        }
    }
 /**
  * Form upload method
  * Upload file from users harddisk
  *
  * @param string $form_name Form name assigned to the file input field (if it is an array, the key has to be specified)
  * @param \phpbb\mimetype\guesser $mimetype_guesser Mimetype guesser
  * @param \phpbb\plupload\plupload $plupload The plupload object
  *
  * @return object $file Object "filespec" is returned, all further operations can be done with this object
  * @access public
  */
 function form_upload($form_name, \phpbb\mimetype\guesser $mimetype_guesser = null, \phpbb\plupload\plupload $plupload = null)
 {
     global $user, $request;
     $upload = $request->file($form_name);
     unset($upload['local_mode']);
     if ($plupload) {
         $result = $plupload->handle_upload($form_name);
         if (is_array($result)) {
             $upload = array_merge($upload, $result);
         }
     }
     $file = new filespec($upload, $this, $mimetype_guesser, $plupload);
     if ($file->init_error) {
         $file->error[] = '';
         return $file;
     }
     // Error array filled?
     if (isset($upload['error'])) {
         $error = $this->assign_internal_error($upload['error']);
         if ($error !== false) {
             $file->error[] = $error;
             return $file;
         }
     }
     // Check if empty file got uploaded (not catched by is_uploaded_file)
     if (isset($upload['size']) && $upload['size'] == 0) {
         $file->error[] = $user->lang[$this->error_prefix . 'EMPTY_FILEUPLOAD'];
         return $file;
     }
     // PHP Upload filesize exceeded
     if ($file->get('filename') == 'none') {
         $max_filesize = @ini_get('upload_max_filesize');
         $unit = 'MB';
         if (!empty($max_filesize)) {
             $unit = strtolower(substr($max_filesize, -1, 1));
             $max_filesize = (int) $max_filesize;
             $unit = $unit == 'k' ? 'KB' : ($unit == 'g' ? 'GB' : 'MB');
         }
         $file->error[] = empty($max_filesize) ? $user->lang[$this->error_prefix . 'PHP_SIZE_NA'] : sprintf($user->lang[$this->error_prefix . 'PHP_SIZE_OVERRUN'], $max_filesize, $user->lang[$unit]);
         return $file;
     }
     // Not correctly uploaded
     if (!$file->is_uploaded()) {
         $file->error[] = $user->lang[$this->error_prefix . 'NOT_UPLOADED'];
         return $file;
     }
     $this->common_checks($file);
     return $file;
 }