function validate(&$data, $format, $strict = true)
{
global $ost;
//Call parent to Validate the structure
if (!parent::validate($data, $format, $strict) && $strict) {
$this->exerr(400, 'Unexpected or invalid data received');
}
//Nuke attachments IF API files are not allowed.
if (!$ost->getConfig()->allowAPIAttachments()) {
$data['attachments'] = array();
}
//Validate attachments: Do error checking... soft fail - set the error and pass on the request.
if ($data['attachments'] && is_array($data['attachments'])) {
foreach ($data['attachments'] as &$attachment) {
if (!$ost->isFileTypeAllowed($attachment)) {
$attachment['error'] = 'Invalid file type (ext) for ' . Format::htmlchars($attachment['name']);
} elseif ($attachment['encoding'] && !strcasecmp($attachment['encoding'], 'base64')) {
if (!($attachment['data'] = base64_decode($attachment['data'], true))) {
$attachment['error'] = sprintf('%s: Poorly encoded base64 data', Format::htmlchars($attachment['name']));
}
}
if (!$attachment['error'] && ($size = $ost->getConfig()->getMaxFileSize()) && ($fsize = $attachment['size'] ?: strlen($attachment['data'])) && $fsize > $size) {
$attachment['error'] = sprintf('File %s (%s) is too big. Maximum of %s allowed', Format::htmlchars($attachment['name']), Format::file_size($fsize), Format::file_size($size));
}
}
unset($attachment);
}
return true;
}
function getAttachmentsLinks($separator = ' ', $target = '')
{
$str = '';
if ($attachments = $this->attachments->getSeparates()) {
foreach ($attachments as $attachment) {
/* The h key must match validation in file.php */
$hash = $attachment['key'] . md5($attachment['id'] . session_id() . strtolower($attachment['key']));
if ($attachment['size']) {
$size = sprintf(' <small>(<i>%s</i>)</small>', Format::file_size($attachment['size']));
}
$str .= sprintf('<a class="Icon file no-pjax" href="file.php?h=%s" target="%s">%s</a>%s %s', $hash, $target, Format::htmlchars($attachment['name']), $size, $separator);
}
}
return $str;
}
function getAttachmentsLinks($separator = ' ', $target = '')
{
$str = '';
if ($attachments = $this->attachments->getSeparates()) {
foreach ($attachments as $attachment) {
/* The h key must match validation in file.php */
if ($attachment['size']) {
$size = sprintf(' <small>(<i>%s</i>)</small>', Format::file_size($attachment['size']));
}
$str .= sprintf('<a class="Icon file no-pjax" href="%s" target="%s">%s</a>%s %s', $attachment['download_url'], $target, Format::htmlchars($attachment['name']), $size, $separator);
}
}
return $str;
}
</option><?php
$next *= 2;
}
// Add extra option if top-limit in php.ini doesn't fall
// at a power of two
if ($next < $limit * 2) {
$selected = $limit == $config['max_file_size'] ? 'selected="selected"' : '';
?>
<option value="<?php
echo $limit;
?>
" <?php
echo $selected;
?>
><?php
echo Format::file_size($limit);
?>
</option><?php
}
?>
</select>
<i class="help-tip icon-question-sign" href="#max_file_size"></i>
<div class="error"><?php
echo $errors['max_file_size'];
?>
</div>
</td>
</tr>
<?php
if (($bks = FileStorageBackend::allRegistered()) && count($bks) > 1) {
?>
<div><?php
echo $entry->getBody()->toHtml();
?>
</div>
<div class="clear"></div>
<?php
if ($entry->has_attachments) {
?>
<div class="attachments"><?php
foreach ($entry->attachments as $A) {
if ($A->inline) {
continue;
}
$size = '';
if ($A->file->size) {
$size = sprintf('<small class="filesize faded">%s</small>', Format::file_size($A->file->size));
}
?>
<span class="attachment-info">
<i class="icon-paperclip icon-flip-horizontal"></i>
<a class="no-pjax truncate filename" href="<?php
echo $A->file->getDownloadUrl();
?>
" download="<?php
echo Format::htmlchars($A->getFilename());
?>
"
target="_blank"><?php
echo Format::htmlchars($A->getFilename());
?>
</a><?php
function getAttachmentStr($refid, $type)
{
$sql = 'SELECT attach_id,file_size,file_name FROM ' . TICKET_ATTACHMENT_TABLE . ' WHERE deleted=0 AND ticket_id=' . db_input($this->getId()) . ' AND ref_id=' . db_input($refid) . ' AND ref_type=' . db_input($type);
$res = db_query($sql);
if ($res && db_num_rows($res)) {
while (list($id, $size, $name) = db_fetch_row($res)) {
$hash = MD5($this->getId() * $refid . session_id());
$size = Format::file_size($size);
$name = Format::htmlchars($name);
$attachstr .= "<a class='Icon file' href='attachment.php?id={$id}&ref={$hash}' target='_blank'><b>{$name}</b></a> (<i>{$size}</i>) ";
}
}
return $attachstr;
}
<em>(Number of files the staff is allowed to upload simultaneously)</em>
<font class="error"> <?php
echo $errors['max_staff_file_uploads'];
?>
</font>
</td>
</tr>
<tr>
<td width="180">Maximum File Size:</td>
<td>
<input type="text" name="max_file_size" value="<?php
echo $config['max_file_size'];
?>
"> in bytes.
<em>(System Max. <?php
echo Format::file_size(ini_get('upload_max_filesize'));
?>
)</em>
<font class="error"> <?php
echo $errors['max_file_size'];
?>
</font>
</td>
</tr>
<tr>
<td width="180">Ticket Response Files:</td>
<td>
<input type="checkbox" name="email_attachments" <?php
echo $config['email_attachments'] ? 'checked="checked"' : '';
?>
>Email attachments to the user
function getConfigurationOptions()
{
// Compute size selections
$sizes = array('262144' => '— ' . __('Small') . ' —');
$next = 512 << 10;
$max = strtoupper(ini_get('upload_max_filesize'));
$limit = (int) $max;
if (!$limit) {
$limit = 2 << 20;
} elseif (strpos($max, 'K')) {
$limit <<= 10;
} elseif (strpos($max, 'M')) {
$limit <<= 20;
} elseif (strpos($max, 'G')) {
$limit <<= 30;
}
while ($next <= $limit) {
// Select the closest, larger value (in case the
// current value is between two)
$sizes[$next] = Format::file_size($next);
$next *= 2;
}
// Add extra option if top-limit in php.ini doesn't fall
// at a power of two
if ($next < $limit * 2) {
$sizes[$limit] = Format::file_size($limit);
}
$types = array();
foreach (self::getFileTypes() as $type => $info) {
$types[$type] = $info['description'];
}
global $cfg;
return array('size' => new ChoiceField(array('label' => __('Maximum File Size'), 'hint' => __('Choose maximum size of a single file uploaded to this field'), 'default' => $cfg->getMaxFileSize(), 'choices' => $sizes)), 'mimetypes' => new ChoiceField(array('label' => __('Restrict by File Type'), 'hint' => __('Optionally, choose acceptable file types.'), 'required' => false, 'choices' => $types, 'configuration' => array('multiselect' => true, 'prompt' => __('No restrictions')))), 'extensions' => new TextareaField(array('label' => __('Additional File Type Filters'), 'hint' => __('Optionally, enter comma-separated list of additional file types, by extension. (e.g .doc, .pdf).'), 'configuration' => array('html' => false, 'rows' => 2))), 'max' => new TextboxField(array('label' => __('Maximum Files'), 'hint' => __('Users cannot upload more than this many files.'), 'default' => false, 'required' => false, 'validator' => 'number', 'configuration' => array('size' => 8, 'length' => 4, 'placeholder' => __('No limit')))));
}
function getAttachmentsLinks($refId, $type, $separator = ' ', $target = '')
{
$str = '';
foreach ($this->getAttachments($refId, $type) as $attachment) {
/* The has here can be changed but must match validation in attachment.php */
$hash = md5($attachment['file_id'] . session_id() . $attachment['file_hash']);
if ($attachment['size']) {
$size = sprintf('(<i>%s</i>)', Format::file_size($attachment['size']));
}
$str .= sprintf('<a class="Icon file" href="attachment.php?id=%d&h=%s" target="%s">%s</a>%s %s', $attachment['attach_id'], $hash, $target, Format::htmlchars($attachment['name']), $size, $separator);
}
return $str;
}
function format($files, $restrict = false)
{
global $ost;
if (!$files || !is_array($files)) {
return null;
}
//Reformat $_FILE for the sane.
$attachments = array();
foreach ($files as $k => $a) {
if (is_array($a)) {
foreach ($a as $i => $v) {
$attachments[$i][$k] = $v;
}
}
}
//Basic validation.
foreach ($attachments as $i => &$file) {
//skip no file upload "error" - why PHP calls it an error is beyond me.
if ($file['error'] && $file['error'] == UPLOAD_ERR_NO_FILE) {
unset($attachments[$i]);
continue;
}
if ($file['error']) {
//PHP defined error!
$file['error'] = 'File upload error #' . $file['error'];
} elseif (!$file['tmp_name'] || !is_uploaded_file($file['tmp_name'])) {
$file['error'] = 'Invalid or bad upload POST';
} elseif ($restrict) {
// make sure file type & size are allowed.
if (!$ost->isFileTypeAllowed($file)) {
$file['error'] = 'Invalid file type for ' . Format::htmlchars($file['name']);
} elseif ($ost->getConfig()->getMaxFileSize() && $file['size'] > $ost->getConfig()->getMaxFileSize()) {
$file['error'] = sprintf('File %s (%s) is too big. Maximum of %s allowed', Format::htmlchars($file['name']), Format::file_size($file['size']), Format::file_size($ost->getConfig()->getMaxFileSize()));
}
}
}
unset($file);
return array_filter($attachments);
}
</div>
</div>
<?php
if ($entry->has_attachments && ($files = $entry->attachments)) {
?>
<div class="info">
<?php
foreach ($files as $A) {
?>
<div>
<span><?php
echo Format::htmlchars($A->file->name);
?>
</span>
<span class="faded">(<?php
echo Format::file_size($A->file->size);
?>
)</span>
</div>
<?php
}
?>
</div>
<?php
}
?>
</div>
<?php
}
}
?>
// current value is between two)
$diff = $next - $config['max_file_size'];
$selected = ($diff >= 0 && $diff < $next / 2)
? 'selected="selected"' : ''; ?>
<option value="<?php echo $next; ?>" <?php echo $selected;
?>><?php echo Format::file_size($next);
?></option><?php
$next *= 2;
}
// Add extra option if top-limit in php.ini doesn't fall
// at a power of two
if ($next < $limit * 2) {
$selected = ($limit == $config['max_file_size'])
? 'selected="selected"' : ''; ?>
<option value="<?php echo $limit; ?>" <?php echo $selected;
?>><?php echo Format::file_size($limit);
?></option><?php
}
?>
</select>
<i class="help-tip icon-question-sign" href="#max_file_size"></i>
<div class="error"><?php echo $errors['max_file_size']; ?></div>
</td>
</tr>
<?php if (($bks = FileStorageBackend::allRegistered())
&& count($bks) > 1) { ?>
<tr>
<td width="180"><?php echo __('Store Attachments'); ?>:</td>
<td><select name="default_storage_bk"><?php
foreach ($bks as $char=>$class) {
$selected = $config['default_storage_bk'] == $char
function getAttachmentsLinks($file = 'attachment.php', $target = '', $separator = ' ')
{
$str = '';
foreach ($this->getAttachments() as $attachment) {
if ($attachment['inline']) {
continue;
}
/* The hash can be changed but must match validation in @file */
$hash = md5($attachment['file_id'] . session_id() . $attachment['file_hash']);
$size = '';
if ($attachment['size']) {
$size = sprintf('<em>(%s)</em>', Format::file_size($attachment['size']));
}
$str .= sprintf('<a class="Icon file no-pjax" href="%s?id=%d&h=%s" target="%s">%s</a>%s %s', $file, $attachment['attach_id'], $hash, $target, Format::htmlchars($attachment['name']), $size, $separator);
}
return $str;
}
function getAttachmentsLinks($file = 'attachment.php', $target = '_blank', $separator = ' ')
{
$str = '';
foreach ($this->getAttachments() as $attachment) {
if ($attachment['inline']) {
continue;
}
$size = '';
if ($attachment['size']) {
$size = sprintf('<em>(%s)</em>', Format::file_size($attachment['size']));
}
$str .= sprintf('<a class="Icon file no-pjax" href="%s" target="%s">%s</a>%s %s', $attachment['download_url'], $target, Format::htmlchars($attachment['name']), $size, $separator);
}
return $str;
}
function validateFileUploads(&$files)
{
$errors = 0;
foreach ($files as &$file) {
if (!$this->isFileTypeAllowed($file)) {
$file['error'] = 'Invalid file type for ' . $file['name'];
} elseif ($file['size'] > $this->getConfig()->getMaxFileSize()) {
$file['error'] = sprintf('File (%s) is too big. Maximum of %s allowed', $file['name'], Format::file_size($this->getConfig()->getMaxFileSize()));
} elseif (!$file['error'] && !is_uploaded_file($file['tmp_name'])) {
$file['error'] = 'Invalid or bad upload POST';
}
if ($file['error']) {
$errors++;
}
}
return !$errors;
}
