function download($VAR) { if (empty($VAR['id'])) { return false; } $id = $VAR['id']; // get ticket id $db =& DB(); $rs = $db->Execute(sqlSelect($db, array("ticket_attachment", "ticket"), "A.ticket_id,B.department_id,B.account_id", "A.id=::{$id}:: AND A.ticket_id=B.id")); if (!$rs || $rs->RecordCount() == 0) { return false; } // is this an admin? global $C_auth; if ($C_auth->auth_method_by_name("ticket", "view")) { // get the data & type $rs = $db->Execute(sqlSelect($db, "ticket_attachment", "*", "id=::{$id}::")); // set the header require_once PATH_CORE . 'file_extensions.inc.php'; $ft = new file_extensions(); $type = $ft->set_headers_ext($rs->fields['type'], $rs->fields['name']); if (empty($type)) { echo imap_qprint($rs->fields['content']); } elseif (preg_match("/^text/i", $type)) { echo imap_base64($rs->fields['content']); } else { echo imap_base64($rs->fields['content']); } exit; } }
function add($VAR) { global $_FILES, $smarty, $C_debug, $C_translate; if ($VAR['file_location_type'] == '') { return false; } $lt = $VAR['file_location_type']; // UPLOADED FILE FROM LOCAL PC if ($lt == 0) { ### Validate the file upoad: if (!isset($_FILES['upload_file']) || $_FILES['upload_file']['size'] <= 0) { global $C_debug; $C_debug->alert('You must go back and enter a file for upload!'); return; } $VAR['file_size'] = $_FILES['upload_file']['size']; $VAR['file_type'] = $_FILES['upload_file']['type']; $VAR['file_name'] = $_FILES['upload_file']['name']; } elseif ($lt == 1) { ### Validate the remote file can be opened and is greater than 0K $file = $VAR['url_file']; if (empty($file) || !($fp = fopen($file, "r"))) { # error $C_debug->alert($C_translate->translate('remote_file_err', 'file', '')); return; } else { $VAR['file_location'] = $file; $fn = explode("/", $file); $count = count($fn) - 1; $VAR['file_name'] = $fn[$count]; $headers = stream_get_meta_data($fp); $headers = $headers['wrapper_data']; for ($i = 0; $i < count($headers); $i++) { if (preg_match('/^Content-Type:/i', $headers[$i])) { $VAR['file_type'] = preg_replace('/Content-Type: /i', '', $headers[$i]); } elseif (preg_match('/^Content-Length:/i', $headers[$i])) { $VAR['file_size'] = preg_replace('/Content-Length: /i', '', $headers[$i]); } } } } elseif ($lt == 2) { @($file = $VAR['local_file']); if (is_file($file) && is_readable($file)) { if (preg_match("@/@", $file)) { $fn = explode("/", $file); } else { if (preg_match("@\\@", $file)) { $fn = explode("\\", $file); } else { $fn[0] = $file; } } $count = count($fn) - 1; $VAR['file_name'] = $fn[$count]; $VAR['file_size'] = filesize($file); $VAR['file_location'] = $file; include_once PATH_CORE . 'file_extensions.inc.php'; $ext = new file_extensions(); $VAR['file_type'] = $ext->content_type($file); } else { $C_debug->alert($C_translate->translate('local_file_err', 'file', '')); return; } } else { return false; } ### Create the record $type = "add"; $this->method["{$type}"] = explode(",", $this->method["{$type}"]); $db = new CORE_database(); $id = $db->add($VAR, $this, $type); ### Copy the uploaded file, or exit if fail: if ($lt == 0) { if (isset($id) && $id > 0) { if (!copy($_FILES['upload_file']['tmp_name'], PATH_FILES . 'file_' . $id . '.dat')) { $C_debug->alert($C_translate->translate('copy_file_err', 'file', '')); } } unlink($_FILES['upload_file']['tmp_name']); } }