/**
* Save a downloadable file to a product
*
* @since 3.8.9
* @access private
*
* @uses $wpdb WordPress database object for use in queries
* @uses _wpsc_create_ajax_nonce() Creates nonce for an ajax action
* @uses wpsc_get_mimetype() Returns mimetype of file
* @uses wp_insert_post() Inserts post to WordPress database
* @uses wp_nonce_url() Retrieve URL with nonce added to URL query.
* @uses wpsc_convert_bytes() Formats bytes
* @uses wpsc_get_extension() Gets extension of file
* @uses esc_attr() Escapes HTML attributes
* @uses _x() Retrieve translated string with gettext context
*
* @return array|WP_Error Response args if successful, WP_Error if otherwise.
*/
function _wpsc_ajax_upload_product_file()
{
global $wpdb;
$product_id = absint($_POST["product_id"]);
$output = '';
$delete_nonce = _wpsc_create_ajax_nonce('delete_file');
foreach ($_POST["select_product_file"] as $selected_file) {
// if we already use this file, there is no point doing anything more.
$sql = $wpdb->prepare("SELECT * FROM {$wpdb->posts} WHERE post_type = 'wpsc-product-file' AND post_title = %s", $selected_file);
// TODO it's safer to select by post ID, in that case we will use get_posts()
$file_post_data = $wpdb->get_row($sql, ARRAY_A);
$selected_file_path = WPSC_FILE_DIR . basename($selected_file);
$file_url = WPSC_FILE_URL . basename($selected_file);
$file_size = filesize($selected_file_path);
if (empty($file_post_data)) {
$type = wpsc_get_mimetype($selected_file_path);
$attachment = array('post_mime_type' => $type, 'post_parent' => $product_id, 'post_title' => $selected_file, 'post_content' => '', 'post_type' => "wpsc-product-file", 'post_status' => 'inherit');
$id = wp_insert_post($attachment);
} else {
// already attached
if ($file_post_data['post_parent'] == $product_id) {
continue;
}
$type = $file_post_data["post_mime_type"];
$url = $file_post_data["guid"];
$title = $file_post_data["post_title"];
$content = $file_post_data["post_content"];
// Construct the attachment
$attachment = array('post_mime_type' => $type, 'guid' => $url, 'post_parent' => absint($product_id), 'post_title' => $title, 'post_content' => $content, 'post_type' => "wpsc-product-file", 'post_status' => 'inherit');
// Save the data
$id = wp_insert_post($attachment);
}
$deletion_url = wp_nonce_url("admin.php?wpsc_admin_action=delete_file&file_name={$attachment['post_title']}&product_id={$product_id}", 'delete_file_' . $attachment['post_title']);
$output .= '<tr class="wpsc_product_download_row">';
$output .= '<td style="padding-right: 30px;">' . $attachment['post_title'] . '</td>';
$output .= '<td>' . wpsc_convert_byte($file_size) . '</td>';
$output .= '<td>.' . wpsc_get_extension($attachment['post_title']) . '</td>';
$output .= "<td><a data-file-name='" . esc_attr($attachment['post_title']) . "' data-product-id='" . esc_attr($product_id) . "' data-nonce='" . esc_attr($delete_nonce) . "' class='file_delete_button' href='{$deletion_url}' >" . _x('Delete', 'Digital Download UI row', 'wpsc') . "</a></td>";
$output .= '<td><a href=' . $file_url . '>' . _x('Download', 'Digital Download UI row', 'wpsc') . '</a></td>';
$output .= '</tr>';
}
return array('content' => $output);
}
/**
* Returns HTML for Digital Download UI
*
* @param int $product_id
* @return HTML
*/
function wpsc_select_product_file($product_id = null)
{
global $wpdb;
$product_id = absint($product_id);
$file_list = wpsc_uploaded_files();
$args = array('post_type' => 'wpsc-product-file', 'post_parent' => $product_id, 'numberposts' => -1, 'post_status' => 'all');
$attached_files = (array) get_posts($args);
$output = '<table class="wp-list-table widefat fixed posts select_product_file">';
$output .= '<thead>';
$output .= '<tr>';
$output .= '<th>' . _x('Title', 'Digital download UI', 'wpsc') . '</th>';
$output .= '<th>' . _x('Size', 'Digital download UI', 'wpsc') . '</th>';
$output .= '<th>' . _x('File Type', 'Digital download UI', 'wpsc') . '</th>';
$output .= '<th>' . _x('Trash', 'Digital download UI', 'wpsc') . '</th>';
$output .= '<th>' . _x('Preview', 'Digital download UI', 'wpsc') . '</th>';
$output .= '</tr>';
$output .= '</thead>';
$num = 0;
$output .= '<tbody>';
foreach ((array) $attached_files as $file) {
$file_dir = WPSC_FILE_DIR . $file->post_title;
$file_size = 'http://s3file' == $file->guid ? __('Remote file sizes cannot be calculated', 'wpsc') : wpsc_convert_byte(filesize($file_dir));
$file_url = WPSC_FILE_URL . $file->post_title;
$deletion_url = wp_nonce_url("admin.php?wpsc_admin_action=delete_file&file_name={$file->post_title}&product_id={$product_id}&row_number={$num}", 'delete_file_' . $file->post_title);
$class = !wpsc_is_odd($num) ? 'alternate' : '';
$output .= '<tr class="wpsc_product_download_row ' . $class . '">';
$output .= '<td style="padding-right: 30px;">' . $file->post_title . '</td>';
$output .= '<td>' . $file_size . '</td>';
$output .= '<td>.' . wpsc_get_extension($file->post_title) . '</td>';
$output .= "<td><a class='file_delete_button' href='{$deletion_url}' >" . _x('Delete', 'Digital download row UI', 'wpsc') . "</a></td>";
$output .= '<td><a href=' . $file_url . '>' . _x('Download', 'Digital download row UI', 'wpsc') . '</a></td>';
$output .= '</tr>';
$num++;
}
$output .= '</tbody>';
$output .= '</table>';
if (empty($attached_files)) {
$output .= "<p class='no-item'>" . __('There are no files attached to this product. Upload a new file or select from other product files.', 'wpsc') . "</p>";
}
$output .= "<div class='" . (is_numeric($product_id) ? 'edit_' : '') . "select_product_handle'></div>";
$output .= "<script type='text/javascript'>\r\n";
$output .= "var select_min_height = " . 25 * 3 . ";\r\n";
$output .= "var select_max_height = " . 25 * ($num + 1) . ";\r\n";
$output .= "</script>";
return $output;
}