public function addfile($file, $type, $symbol) { // return values // 1 failed to upload if (!$this->_user->entrycan("changeentry", $this)) { return false; } global $HTTP_POST_FILES; $fs_name = null; if (is_uploaded_file($HTTP_POST_FILES[$file]['tmp_name'])) { $fs_name = CodeKBFile::upload($file); } if (!$fs_name) { throw new CodeKBException(__METHOD__, "file", "uploadfailed", null, 1); } else { $size = $HTTP_POST_FILES[$file]['size']; } $db = new CodeKBDatabase(); $db->start(); // We need a random id $succ = false; while ($succ == false) { $id = mt_rand(); $db->dosql("SELECT id " . "FROM files " . "WHERE id = {$db->number($id)}"); if ($db->countrows() == 0) { break; } } $db->dosql("INSERT INTO files (id, entry, name, fs_name, size, symbol, highlight) " . "VALUES ({$db->number($id)}, " . "{$db->number($this->_id)}, " . "'{$db->string($HTTP_POST_FILES[$file]['name'])}', " . "'{$db->string($fs_name)}', " . "{$db->number($size)}, " . "'{$db->string($symbol)}', " . "'{$db->string($type)}')"); $db->commit(); if ($db->success()) { return $id; } // Insert failed so remove zombie file $file = new CodeKBFile($id, $this->_user); $file->delete(); unset($file); throw new CodeKBException(__METHOD__, "entry", "fileaddfailed"); }