/**
* @param $key array from a $_FILES entry
* @param $blind dont verify if is_uploaded_file(), useful when importing files from other means than HTTP uploads
* @return file id
*/
public static function import($type, &$key, $category = 0, $blind = false)
{
// ignore empty file uploads
if (!$key['name']) {
return false;
}
if (!$blind && !is_uploaded_file($key['tmp_name'])) {
throw new \Exception('Upload failed for file ' . $key['name']);
//$error->add('Upload failed for file '.$key['name'] );
//return;
}
$session = SessionHandler::getInstance();
$file = new File();
$file->type = $type;
$file->uploader = $session->id;
$file->uploader_ip = client_ip();
$file->size = $key['size'];
$file->name = $key['name'];
$file->mimetype = $key['type'];
$file->category = $category;
$file->time_uploaded = sql_datetime(time());
$file->id = $file->store();
if (!$file->id) {
return false;
}
$dst_file = self::getUploadPath($file->id);
if ($blind) {
// UGLY HACK using "@": currently gives a E_WARNING: "Operation not permitted" error,
// even though the rename suceeds???
if (!@rename($key['tmp_name'], $dst_file)) {
throw new \Exception('rename failed');
}
} elseif (!move_uploaded_file($key['tmp_name'], $dst_file)) {
throw new \Exception('Failed to move file from ' . $key['tmp_name'] . ' to ' . $dst_file);
}
chmod($dst_file, 0777);
$key['name'] = $dst_file;
$key['file_id'] = $file->id;
return $file->id;
}
/**
* Handles a single upload by given CUploadedFile and returns an array
* of informations.
*
* The 'error' attribute of the array, indicates there was an error.
*
* Informations on error:
* - error: true
* - errorMessage: some message
* - name: name of the file
* - size: file size
*
* Informations on success:
* - error: false
* - name: name of the uploaded file
* - size: file size
* - guid: of the file
* - url: url to the file
* - thumbnailUrl: url to the thumbnail if exists
*
* @param type $cFile
* @return Array Informations about the uploaded file
*/
protected function handleFileUpload($cFile)
{
$output = array();
// Set some basic information
$output['name'] = $cFile->getName();
$output['size'] = $cFile->getSize();
// Received a file?
if ($cFile == null) {
$output['error'] = true;
$output['errorMessage'] = Yii::t('FileModule.controllers_FileController', 'No file received!');
return $output;
}
// Maximum File Size
if ($cFile->getSize() > HSetting::Get('maxFileSize', 'file')) {
$output['error'] = true;
$output['errorMessage'] = Yii::t('FileModule.controllers_FileController', 'Maximum file size has been {maxFileSize} reached!', array("{maxFileSize}" => Yii::app()->format->formatSize(HSetting::Get('maxFileSize', 'file'))));
return $output;
}
if (!File::HasValidExtension($cFile->getName())) {
$output['error'] = true;
$output['errorMessage'] = Yii::t('FileModule.controllers_FileController', 'This file type is not allowed!');
return $output;
}
// Store File
$file = File::store($cFile);
// Check File Storage
if ($file == null) {
$output['state'] = 'error';
$output['errorMessage'] = Yii::t('FileModule.controllers_FileController', 'Internal Error: Could not store file!');
return $output;
}
// Write successful array
$output['error'] = false;
$output['guid'] = $file->guid;
$output['name'] = $file->file_name;
$output['title'] = $file->title;
$output['url'] = "";
$output['thumbnailUrl'] = "";
$output['size'] = $file->size;
$output['deleteUrl'] = "";
$output['deleteType'] = "";
$output['mimeIcon'] = $file->getMimeIconClass();
return $output;
}
chmod($upload_file, 0644);
}
if (filesize($upload_file) == 0) {
logError("File is empty.");
exit;
}
if (!scanFile($upload_file)) {
rename($upload_file, $upload_file . "-virus");
logError("File did not pass the virus scan.");
exit;
}
$fd = fopen("/tmp/upload.log", "a");
fwrite($fd, "Upload: " . serialize($_FILES) . " with " . serialize($_POST) . "\n");
fclose($fd);
print_r($_FILES);
$file = new File();
$file->byPath($upload_file);
if ($file->isValid()) {
$file->incrementShrinks();
} else {
$file->path = $upload_file;
$file->tag = randomTag();
$file->params['name'] = preg_replace(',[^a-zA-Z0-9_:;!@#$%^+=.~-],', '', $f['name']);
$file->params['content_type'] = $f['type'];
$file->params['size'] = filesize($upload_file);
$file->creator = new Creator($_SERVER["REMOTE_ADDR"], $_SESSION["acct_auth"] ? $_SESSION["acct_official"] : null);
$file->store();
}
$sth = getDB()->prepare("INSERT INTO upload_tracking (upload_id,file_id,error) VALUES (?,?,'f')");
$sth->execute(array($_POST["UPLOAD_IDENTIFIER"], $file->id));
}
/**
* Ensure a unique filename.
*
* @param String $name Base file name that is supposed to be unique
* @param File|null $file Optional associated file
* @return String Unique filename
*/
public function ensureUniqueFilename($name, File $file = null)
{
$changed = false;
while (($temp = $this->getEntry($name)) && ($file === null || $temp->file->id !== $file->id)) {
$changed = true;
$name = FileHelper::AdjustFilename($name);
}
if ($changed && $file !== null) {
$file->filename = $name;
$file->store();
}
return $name;
}
