throw new Exception('Es ist kein Footprint markiert oder es trat ein Fehler auf!'); } $selected_footprint->set_attributes(array('name' => $new_name, 'parent_id' => $new_parent_id, 'filename' => $new_filename)); } catch (Exception $e) { $messages[] = array('text' => 'Die neuen Werte konnten nicht gespeichert werden!', 'strong' => true, 'color' => 'red'); $messages[] = array('text' => 'Fehlermeldung: ' . nl2br($e->getMessage()), 'color' => 'red'); } break; case 'save_proposed_filenames': $errors = array(); for ($i = 0; $i < $broken_footprints_count; $i++) { $spf_footprint_id = isset($_REQUEST['broken_footprint_id_' . $i]) ? $_REQUEST['broken_footprint_id_' . $i] : -1; // -1 will produce an error $spf_new_filename = isset($_REQUEST['proposed_filename_' . $i]) ? to_unix_path($_REQUEST['proposed_filename_' . $i]) : NULL; $spf_checked = isset($_REQUEST['filename_checkbox_' . $i]) || $save_all_proposed_filenames; if (strlen($spf_new_filename) > 0 && !is_path_absolute_and_unix($spf_new_filename)) { $spf_new_filename = BASE . '/' . $spf_new_filename; } // switch from relative path (like "img/foo.png") to absolute path (like "/var/www/part-db/img/foo.png") try { if ($spf_checked) { $spf_broken_footprint = new Footprint($database, $current_user, $log, $spf_footprint_id); $spf_broken_footprint->set_filename($spf_new_filename); } } catch (Exception $e) { $errors[] = $e->getMessage(); } } foreach ($errors as $error) { $messages[] = array('text' => 'Fehlermeldung: ' . $error, 'color' => 'red'); }
/** * @copydoc DBElement::check_values_validity() */ public static function check_values_validity(&$database, &$current_user, &$log, &$values, $is_new, &$element = NULL) { // first, we set the basename as the name if the name is empty $values['name'] = trim($values['name']); if (strlen($values['name']) == 0) { $values['name'] = basename($values['filename']); } // then we let all parent classes to check the values parent::check_values_validity($database, $current_user, $log, $values, $is_new, $element); // set boolean attributes settype($values['show_in_table'], 'boolean'); // check "type_id" try { // type_id == 0 or NULL means "no attachement type", and this is not allowed! if ($values['type_id'] == 0) { throw new Exception('"type_id" ist Null!'); } $attachement_type = new AttachementType($database, $current_user, $log, $values['type_id']); } catch (Exception $e) { debug('warning', 'Ungültige "type_id": "' . $values['type_id'] . '"' . "\n\nUrsprüngliche Fehlermeldung: " . $e->getMessage(), __FILE__, __LINE__, __METHOD__); throw new Exception('Der gewählte Dateityp existiert nicht!'); } // check "class_name" $supported_classes = array('Part'); // to be continued (step by step)... if (!in_array($values['class_name'], $supported_classes)) { debug('error', 'Die Klasse "' . $values['class_name'] . '" unterstützt (noch) keine Dateianhänge!', __FILE__, __LINE__, __METHOD__); throw new Exception('Ungültiger Klassenname: "' . $values['class_name'] . '"'); } // check "element_id" try { // element_id == 0 is not allowed! if ($values['element_id'] == 0) { throw new Exception('"element_id" ist Null!'); } $element = new $values['class_name']($database, $current_user, $log, $values['element_id']); $element->set_attributes(array()); // save element attributes to update its "last_modified" } catch (Exception $e) { debug('warning', 'Ungültige "element_id"/"class_name": "' . $values['element_id'] . '"/"' . $values['class_name'] . '"' . "\n\nUrsprüngliche Fehlermeldung: " . $e->getMessage(), __FILE__, __LINE__, __METHOD__); throw new Exception('Das gewählte Element existiert nicht!'); } // trim $values['filename'] $values['filename'] = trim($values['filename']); // empty filenames are not allowed! if (strlen($values['filename']) == 0) { throw new Exception('Der Dateiname ist leer, das ist nicht erlaubt!'); } // check if "filename" is a valid (absolute and UNIX) filepath if (!is_path_absolute_and_unix($values['filename'])) { throw new Exception('Der Dateipfad "' . $values['filename'] . '" ist kein gültiger absoluter UNIX Dateipfad!'); } // we replace the path of the Part-DB installation directory (Constant "BASE") with a placeholder ("%BASE%") $values['filename'] = str_replace(BASE, '%BASE%', $values['filename']); }
/** * @brief Upload a file (from "<input type="file">) to a directory on the server * * @param array $file_array The file array, for example $_FILES['my_file'] * @param string $destination_directory The directory where the file should be saved. * IMPORTANT: there must be a slash at the end! * Example: BASE.'/data/media/' * @param string|NULL $destination_filename The destination filename (without path). * NULL means same filename like the uploaded file. * * @retval string the (absolute) filename of the uploaded file (the destination, not the source) * * @throws Exception if the destination file exists already * @throws Exception if there was an error */ function upload_file($file_array, $destination_directory, $destination_filename = NULL) { if (!isset($file_array['name']) || !isset($file_array['tmp_name']) || !isset($file_array['error'])) { throw new Exception('Ungültiges Array übergeben!'); } if ($destination_filename == NULL) { $destination_filename = $file_array['name']; } $destination = $destination_directory . $destination_filename; if (!is_dir($destination_directory) || mb_substr($destination_directory, -1, 1) != '/' || !is_path_absolute_and_unix($destination_directory, false)) { throw new Exception('"' . $destination_directory . '" ist kein gültiges Verzeichnis!'); } if (!is_writable($destination_directory)) { throw new Exception('Sie haben keine Schreibrechte im Verzeichnis "' . $destination_directory . '"!'); } if (file_exists($destination)) { // there is already a file with the same filename, check if it is exactly the same file $new_file_md5 = md5_file($file_array['tmp_name']); $existing_file_md5 = md5_file($destination); if ($new_file_md5 == $existing_file_md5 && $new_file_md5 != false) { return $destination; } // it's exactly the same file, we don't need to upload it again, re-use it! throw new Exception('Es existiert bereits eine Datei mit dem Dateinamen "' . $destination . '"!'); } switch ($file_array['error']) { case UPLOAD_ERR_OK: // all OK, upload was successfully break; case UPLOAD_ERR_INI_SIZE: throw new Exception('Die maximal mögliche Dateigrösse für Uploads wurde überschritten ("upload_max_filesize" in "php.ini")! ' . '<a target="_blank" href="' . BASE_RELATIVE . '/documentation/dokuwiki/doku.php?id=anforderungen">Hilfe</a>'); case UPLOAD_ERR_FORM_SIZE: throw new Exception('Die maximal mögliche Dateigrösse für Uploads wurde überschritten!'); case UPLOAD_ERR_PARTIAL: throw new Exception('Die Datei wurde nur teilweise hochgeladen!'); case UPLOAD_ERR_NO_FILE: throw new Exception('Es wurde keine Datei hochgeladen!'); case UPLOAD_ERR_NO_TMP_DIR: throw new Exception('Es gibt keinen temporären Ordner für hochgeladene Dateien!'); case UPLOAD_ERR_CANT_WRITE: throw new Exception('Das Speichern der Datei auf die Festplatte ist fehlgeschlagen!'); case UPLOAD_ERR_EXTENSION: throw new Exception('Eine PHP Erweiterung hat den Upload der Datei gestoppt!'); default: throw new Exception('Beim Hochladen der Datei trat ein unbekannter Fehler auf!'); } if (!move_uploaded_file($file_array['tmp_name'], $destination)) { throw new Exception('Beim Hochladen der Datei trat ein unbekannter Fehler auf!'); } return $destination; }
/** * @copydoc DBElement::check_values_validity() */ public static function check_values_validity(&$database, &$current_user, &$log, &$values, $is_new, &$element = NULL) { // first, we let all parent classes to check the values parent::check_values_validity($database, $current_user, $log, $values, $is_new, $element); // trim $values['filename'] $values['filename'] = trim($values['filename']); // check if "filename" is a valid (absolute and UNIX) filepath if (strlen($values['filename']) > 0 && !is_path_absolute_and_unix($values['filename'])) { throw new Exception('Der Dateipfad "' . $values['filename'] . '" ist kein gültiger absoluter UNIX Dateipfad!'); } // we replace the path of the Part-DB installation directory (Constant "BASE") with a placeholder ("%BASE%") $values['filename'] = str_replace(BASE, '%BASE%', $values['filename']); }