/** * * @param object &$a */ function filestorage_post(&$a) { $channel_id = x($_POST, 'uid') ? intval($_POST['uid']) : 0; if (!$channel_id || !local_channel() || $channel_id != local_channel()) { notice(t('Permission denied.') . EOL); return; } $recurse = x($_POST, 'recurse') ? intval($_POST['recurse']) : 0; $resource = x($_POST, 'filehash') ? notags($_POST['filehash']) : ''; $notify = x($_POST, 'notify') ? intval($_POST['notify']) : 0; if (!$resource) { notice(t('Item not found.') . EOL); return; } $str_group_allow = perms2str($_REQUEST['group_allow']); $str_contact_allow = perms2str($_REQUEST['contact_allow']); $str_group_deny = perms2str($_REQUEST['group_deny']); $str_contact_deny = perms2str($_REQUEST['contact_deny']); $channel = $a->get_channel(); $cloudPath = get_parent_cloudpath($channel_id, $channel['channel_address'], $resource); //get the object before permissions change so we can catch eventual former allowed members $object = get_file_activity_object($channel_id, $resource, $cloudPath); attach_change_permissions($channel_id, $resource, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny, $recurse); file_activity($channel_id, $object, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny, 'post', $notify); goaway($cloudPath); }
/** * * @param object &$a */ function filestorage_post(&$a) { $channel_id = x($_POST, 'uid') ? intval($_POST['uid']) : 0; if (!$channel_id || !local_channel() || $channel_id != local_channel()) { notice(t('Permission denied.') . EOL); return; } $recurse = x($_POST, 'recurse') ? intval($_POST['recurse']) : 0; $resource = x($_POST, 'filehash') ? notags($_POST['filehash']) : ''; $notify = x($_POST, 'notify') ? intval($_POST['notify']) : 0; if (!$resource) { notice(t('Item not found.') . EOL); return; } $channel = $a->get_channel(); $acl = new AccessList($channel); $acl->set_from_array($_REQUEST); $x = $acl->get(); $cloudPath = get_parent_cloudpath($channel_id, $channel['channel_address'], $resource); //get the object before permissions change so we can catch eventual former allowed members $object = get_file_activity_object($channel_id, $resource, $cloudPath); attach_change_permissions($channel_id, $resource, $x['allow_cid'], $x['allow_gid'], $x['deny_cid'], $x['deny_gid'], $recurse); file_activity($channel_id, $object, $x['allow_cid'], $x['allow_gid'], $x['deny_cid'], $x['deny_gid'], 'post', $notify); goaway($cloudPath); }
/** * @brief Delete a file/directory from a channel. * * If the provided resource hash is from a directory it will delete everything * recursively under this directory. * * @param int $channel_id * The id of the channel * @param string $resource * The hash to delete * @return void */ function attach_delete($channel_id, $resource, $is_photo = 0) { $c = q("SELECT channel_address FROM channel WHERE channel_id = %d LIMIT 1", intval($channel_id)); $channel_address = $c ? $c[0]['channel_address'] : 'notfound'; $photo_sql = $is_photo ? " and is_photo = 1 " : ''; $r = q("SELECT hash, flags, is_dir, is_photo, folder FROM attach WHERE hash = '%s' AND uid = %d {$photo_sql} limit 1", dbesc($resource), intval($channel_id)); if (!$r) { return; } $cloudpath = get_parent_cloudpath($channel_id, $channel_address, $resource); $object = get_file_activity_object($channel_id, $resource, $cloudpath); // If resource is a directory delete everything in the directory recursive if (intval($r[0]['is_dir'])) { $x = q("SELECT hash, os_storage, is_dir, flags FROM attach WHERE folder = '%s' AND uid = %d", dbesc($resource), intval($channel_id)); if ($x) { foreach ($x as $xx) { attach_delete($channel_id, $xx['hash']); } } } // delete a file from filesystem if (intval($r[0]['os_storage'])) { $y = q("SELECT data FROM attach WHERE hash = '%s' AND uid = %d LIMIT 1", dbesc($resource), intval($channel_id)); if ($y) { $f = 'store/' . $channel_address . '/' . $y[0]['data']; if (is_dir($y[0]['data'])) { @rmdir($y[0]['data']); } elseif (file_exists($f)) { unlink($f); } } } // delete from database $z = q("DELETE FROM attach WHERE hash = '%s' AND uid = %d", dbesc($resource), intval($channel_id)); if ($r[0]['is_photo']) { $x = q("select id, item_hidden from item where resource_id = '%s' and resource_type = 'photo' and uid = %d", dbesc($resource), intval($channel_id)); if ($x) { drop_item($x[0]['id'], false, $x[0]['item_hidden'] ? DROPITEM_NORMAL : DROPITEM_PHASE1, true); q("DELETE FROM photo WHERE uid = %d AND resource_id = '%s'", intval($channel_id), dbesc($resource)); } } // update the parent folder's lastmodified timestamp $e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d", dbesc(datetime_convert()), dbesc($r[0]['folder']), intval($channel_id)); file_activity($channel_id, $object, $object['allow_cid'], $object['allow_gid'], $object['deny_cid'], $object['deny_gid'], 'update', $notify = 0); }
/** * @brief Delete a file/directory from a channel. * * If the provided resource hash is from a directory it will delete everything * recursively under this directory. * * @param int $channel_id * The id of the channel * @param string $resource * The hash to delete * @return void */ function attach_delete($channel_id, $resource) { $c = q("SELECT channel_address FROM channel WHERE channel_id = %d LIMIT 1", intval($channel_id)); $channel_address = $c ? $c[0]['channel_address'] : 'notfound'; $r = q("SELECT hash, flags, folder FROM attach WHERE hash = '%s' AND uid = %d limit 1", dbesc($resource), intval($channel_id)); if (!$r) { return; } $cloudpath = get_parent_cloudpath($channel_id, $channel_address, $resource); $object = get_file_activity_object($channel_id, $resource, $cloudpath); // If resource is a directory delete everything in the directory recursive if ($r[0]['flags'] & ATTACH_FLAG_DIR) { $x = q("SELECT hash, flags FROM attach WHERE folder = '%s' AND uid = %d", dbesc($resource), intval($channel_id)); if ($x) { foreach ($x as $xx) { attach_delete($channel_id, $xx['hash']); } } } // delete a file from filesystem if ($r[0]['flags'] & ATTACH_FLAG_OS) { $y = q("SELECT data FROM attach WHERE hash = '%s' AND uid = %d LIMIT 1", dbesc($resource), intval($channel_id)); if ($y) { $f = 'store/' . $channel_address . '/' . $y[0]['data']; if (is_dir($f)) { @rmdir($f); } elseif (file_exists($f)) { unlink($f); } } } // delete from database $z = q("DELETE FROM attach WHERE hash = '%s' AND uid = %d", dbesc($resource), intval($channel_id)); // update the parent folder's lastmodified timestamp $e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d", dbesc(datetime_convert()), dbesc($r[0]['folder']), intval($channel_id)); file_activity($channel_id, $object, $object['allow_cid'], $object['allow_gid'], $object['deny_cid'], $object['deny_gid'], 'update', $no_activity = false); }