function process()
{
if ('plupload' == $_REQUEST['_process']) {
if (!self::can_i('edit', 'Files') && !self::can_i('create', 'Files')) {
die('{"jsonrpc" : "2.0", "error" : {"code": 102, "message": "Permission error."}, "id" : "id"}');
}
@ob_end_clean();
// HTTP headers for no cache etc
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
// Settings
$targetDir = _FILE_UPLOAD_PATH . "plupload";
//$targetDir = 'uploads';
$cleanupTargetDir = true;
// Remove old files
$maxFileAge = 5 * 3600;
// Temp file age in seconds
// 5 minutes execution time
@set_time_limit(5 * 60);
// Uncomment this one to fake upload time
// usleep(5000);
// Get parameters
$chunk = isset($_REQUEST["chunk"]) ? intval($_REQUEST["chunk"]) : 0;
$chunks = isset($_REQUEST["chunks"]) ? intval($_REQUEST["chunks"]) : 0;
$fileName = isset($_REQUEST["plupload_key"]) ? $_REQUEST["plupload_key"] : '';
$fileName .= isset($_REQUEST["fileid"]) ? '-' . $_REQUEST["fileid"] : '';
$fileName = preg_replace('/[^a-zA-Z0-9-_]+/', '', $fileName);
if (!$fileName) {
die('{"jsonrpc" : "2.0", "error" : {"code": 102, "message": "No plupload_key defined."}, "id" : "id"}');
}
// Make sure the fileName is unique but only if chunking is disabled
if ($chunks < 2 && file_exists($targetDir . DIRECTORY_SEPARATOR . $fileName)) {
$ext = strrpos($fileName, '.');
$fileName_a = substr($fileName, 0, $ext);
$fileName_b = substr($fileName, $ext);
$count = 1;
while (file_exists($targetDir . DIRECTORY_SEPARATOR . $fileName_a . '_' . $count . $fileName_b)) {
$count++;
}
$fileName = $fileName_a . '_' . $count . $fileName_b;
}
$filePath = $targetDir . DIRECTORY_SEPARATOR . $fileName;
// Create target dir
if (!file_exists($targetDir)) {
@mkdir($targetDir);
}
// Remove old temp files
if ($cleanupTargetDir) {
if (!is_dir($targetDir) || !($dir = opendir($targetDir))) {
die('{"jsonrpc" : "2.0", "error" : {"code": 100, "message": "Failed to open temp directory."}, "id" : "id"}');
}
while (($file = readdir($dir)) !== false) {
$tmpfilePath = $targetDir . DIRECTORY_SEPARATOR . $file;
// If temp file is current file proceed to the next
if ($tmpfilePath == "{$filePath}.part") {
continue;
}
// Remove temp file if it is older than the max age and is not the current file
if (preg_match('/\\.part$/', $file) && filemtime($tmpfilePath) < time() - $maxFileAge) {
@unlink($tmpfilePath);
}
}
closedir($dir);
}
/// Open temp file
if (!($out = @fopen("{$filePath}.part", $chunks ? "ab" : "wb"))) {
die('{"jsonrpc" : "2.0", "error" : {"code": 102, "message": "Failed to open output stream."}, "id" : "id"}');
}
if (!empty($_FILES)) {
if ($_FILES["file"]["error"] || !is_uploaded_file($_FILES["file"]["tmp_name"])) {
die('{"jsonrpc" : "2.0", "error" : {"code": 103, "message": "Failed to move uploaded file."}, "id" : "id"}');
}
// Read binary input stream and append it to temp file
if (!($in = @fopen($_FILES["file"]["tmp_name"], "rb"))) {
die('{"jsonrpc" : "2.0", "error" : {"code": 101, "message": "Failed to open input stream."}, "id" : "id"}');
}
} else {
if (!($in = @fopen("php://input", "rb"))) {
die('{"jsonrpc" : "2.0", "error" : {"code": 101, "message": "Failed to open input stream."}, "id" : "id"}');
}
}
while ($buff = fread($in, 4096)) {
fwrite($out, $buff);
}
@fclose($out);
@fclose($in);
// Check if file has been uploaded
if (!$chunks || $chunk == $chunks - 1) {
// Strip the temp .part suffix off
rename("{$filePath}.part", $filePath);
}
die('{"jsonrpc" : "2.0", "result" : null, "id" : "id"}');
} else {
if ('download' == $_REQUEST['_process']) {
@ob_end_clean();
$file_id = (int) $_REQUEST['file_id'];
$file_data = $this->get_file($file_id);
if (isset($file_data['file_url']) && strlen($file_data['file_url'])) {
redirect_browser($file_data['file_url']);
} else {
if (is_file($file_data['file_path'])) {
header("Pragma: public");
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Cache-Control: private", false);
//header("Content-Type: application/pdf");
header("Content-type: " . dtbaker_mime_type($file_data['file_name'], $file_data['file_path']));
header("Content-Disposition: attachment; filename=\"" . $file_data['file_name'] . "\";");
header("Content-Transfer-Encoding: binary");
header("Content-Length: " . filesize($file_data['file_path']));
//readfile($file_data['file_path']);
$size = @readfile($file_data['file_path']);
if (!$size) {
echo file_get_contents($file_data['file_path']);
}
} else {
echo 'Not found';
}
}
exit;
} else {
if ('save_file_popup' == $_REQUEST['_process']) {
$file_id = $_REQUEST['file_id'];
$file_path = false;
$file_name = false;
$options = unserialize(base64_decode($_REQUEST['options']));
// have we uploaded anything
if (isset($_FILES['file_upload']) && is_uploaded_file($_FILES['file_upload']['tmp_name'])) {
// copy to file area.
$file_name = basename($_FILES['file_upload']['name']);
if ($file_name) {
$file_path = _FILE_UPLOAD_PATH . md5(time() . $file_name);
if (move_uploaded_file($_FILES['file_upload']['tmp_name'], $file_path)) {
// it worked. umm.. do something.
} else {
?>
<script type="text/javascript">
alert('Unable to save file. Please check permissions.');
</script>
<?php
// it didnt work. todo: display error.
$file_path = false;
$file_name = false;
//set_error('Unable to save file');
}
}
}
if (isset($_REQUEST['file_name']) && $_REQUEST['file_name']) {
$file_name = $_REQUEST['file_name'];
}
if (!$file_path && !$file_name) {
return false;
}
if (!$file_id || $file_id == 'new') {
$file_data = array('file_id' => $file_id, 'owner_id' => (int) $_REQUEST['owner_id'], 'owner_table' => $_REQUEST['owner_table'], 'file_time' => time(), 'file_name' => $file_name, 'file_path' => $file_path);
} else {
// some fields we dont want to overwrite on existing files:
$file_data = array('file_id' => $file_id, 'file_path' => $file_path, 'file_name' => $file_name);
}
// make sure we're saving a file we have access too.
module_security::sanatise_data('file', $file_data);
$file_id = update_insert('file_id', $file_id, 'file', $file_data);
$file_data = $this->get_file($file_id);
// we've updated from a popup.
// this means we have to replace an existing file id with the updated output.
// or if none exists on the page, we add a new one to the holder.
$layout_type = isset($_REQUEST['layout']) && $_REQUEST['layout'] ? $_REQUEST['layout'] : 'gallery';
?>
<script type="text/javascript">
// check if it exists in parent window
var new_html = '<?php
echo addcslashes(preg_replace('/\\s+/', ' ', $this->print_file($file_id, $layout_type, true, $options)), "'");
?>
';
parent.new_file_added<?php
echo $file_data['owner_table'];
?>
_<?php
echo $file_data['owner_id'];
?>
(<?php
echo $file_id;
?>
,'<?php
echo $file_data['owner_table'];
?>
',<?php
echo $file_data['owner_id'];
?>
,new_html);
</script>
<?php
exit;
} else {
if ('save_file' == $_REQUEST['_process']) {
$file_id = (int) $_REQUEST['file_id'];
$file_path = false;
$file_name = false;
$file_url = '';
if (isset($_REQUEST['butt_del']) && self::can_i('delete', 'Files')) {
if (module_form::confirm_delete('file_id', 'Really delete this file?')) {
$ucm_file = new ucm_file($file_id);
$ucm_file->delete();
set_message('File removed successfully');
}
redirect_browser(module_file::link_open(false));
} else {
$files_to_save = array();
// pump data in to here for multiple file uploads.
// todo: stop people changing the "file_id" to another file they don't own.
if (self::can_i('edit', 'Files') || self::can_i('create', 'Files')) {
// have we uploaded anything
$file_changed = false;
if (isset($_REQUEST['plupload_key']) && isset($_REQUEST['plupload_file_name']) && is_array($_REQUEST['plupload_file_name']) && strlen(preg_replace('/[^a-zA-Z0-9-_]+/', '', basename($_REQUEST['plupload_key'])))) {
$plupload_key = preg_replace('/[^a-zA-Z0-9-_]+/', '', basename($_REQUEST['plupload_key']));
foreach ($_REQUEST['plupload_file_name'] as $plupload_file_name_key => $file_name) {
$plupload_file_name_key = preg_replace('/[^a-zA-Z0-9-_]+/', '', basename($plupload_file_name_key));
if ($plupload_key && $plupload_file_name_key && $file_name && is_file(_FILE_UPLOAD_PATH . 'plupload' . DIRECTORY_SEPARATOR . $plupload_key . '-' . $plupload_file_name_key)) {
$file_path = _FILE_UPLOAD_PATH . time() . '-' . md5(time() . $file_name);
if (rename(_FILE_UPLOAD_PATH . 'plupload' . DIRECTORY_SEPARATOR . $plupload_key . '-' . $plupload_file_name_key, $file_path)) {
// it worked. umm.. do something.
$file_changed = true;
$files_to_save[] = array('file_path' => $file_path, 'file_name' => $file_name);
} else {
// it didnt work. todo: display error.
$file_path = false;
$file_name = false;
set_error('Unable to save file via plupload.');
}
}
}
}
// the old file upload method, no plupload:
if (!$file_changed && isset($_FILES['file_upload']) && is_uploaded_file($_FILES['file_upload']['tmp_name'])) {
// copy to file area.
$file_name = basename($_FILES['file_upload']['name']);
if ($file_name) {
$file_path = _FILE_UPLOAD_PATH . time() . '-' . md5(time() . $file_name);
if (move_uploaded_file($_FILES['file_upload']['tmp_name'], $file_path)) {
// it worked. umm.. do something.
$file_changed = true;
$files_to_save[] = array('file_path' => $file_path, 'file_name' => $file_name);
} else {
// it didnt work. todo: display error.
$file_path = false;
$file_name = false;
set_error('Unable to save file');
}
}
}
if (!$file_path && isset($_REQUEST['file_url']) && isset($_REQUEST['file_name'])) {
$files_to_save[] = array('file_path' => '', 'file_url' => $_REQUEST['file_url'], 'file_name' => $_REQUEST['file_name']);
}
if (!$file_path && isset($_REQUEST['bucket'])) {
$files_to_save[] = array('file_name' => $_REQUEST['file_name'], 'bucket' => 1);
}
// make sure we have a valid customer_id and job_id selected.
$possible_customers = $possible_jobs = array();
if (class_exists('module_customer', false)) {
$possible_customers = module_customer::get_customers();
}
if (class_exists('module_job', false)) {
$possible_jobs = module_job::get_jobs();
}
$original_file_data = array();
if ($file_id > 0) {
$original_file_data = self::get_file($file_id);
if (!$original_file_data || $original_file_data['file_id'] != $file_id) {
die('No permissions to update this file');
}
}
$new_file = false;
if (!$file_id) {
$file_data = array('file_id' => $file_id, 'bucket_parent_file_id' => isset($_REQUEST['bucket_parent_file_id']) ? (int) $_REQUEST['bucket_parent_file_id'] : false, 'customer_id' => isset($_REQUEST['customer_id']) ? (int) $_REQUEST['customer_id'] : false, 'job_id' => isset($_REQUEST['job_id']) ? (int) $_REQUEST['job_id'] : false, 'quote_id' => isset($_REQUEST['quote_id']) ? (int) $_REQUEST['quote_id'] : false, 'website_id' => isset($_REQUEST['website_id']) ? (int) $_REQUEST['website_id'] : false, 'status' => isset($_REQUEST['status']) ? $_REQUEST['status'] : false, 'pointers' => isset($_REQUEST['pointers']) ? $_REQUEST['pointers'] : false, 'description' => isset($_REQUEST['description']) ? $_REQUEST['description'] : false, 'file_time' => time());
if (!isset($possible_customers[$file_data['customer_id']])) {
$file_data['customer_id'] = 0;
}
if (!isset($possible_jobs[$file_data['job_id']])) {
$file_data['job_id'] = 0;
}
$new_file = true;
} else {
// some fields we dont want to overwrite on existing files:
$file_data = array('file_id' => $file_id, 'bucket_parent_file_id' => isset($_REQUEST['bucket_parent_file_id']) ? (int) $_REQUEST['bucket_parent_file_id'] : false, 'pointers' => isset($_REQUEST['pointers']) ? $_REQUEST['pointers'] : false, 'customer_id' => isset($_REQUEST['customer_id']) ? (int) $_REQUEST['customer_id'] : false, 'job_id' => isset($_REQUEST['job_id']) ? (int) $_REQUEST['job_id'] : false, 'quote_id' => isset($_REQUEST['quote_id']) ? (int) $_REQUEST['quote_id'] : false, 'website_id' => isset($_REQUEST['website_id']) ? (int) $_REQUEST['website_id'] : false, 'status' => isset($_REQUEST['status']) ? $_REQUEST['status'] : false, 'description' => isset($_REQUEST['description']) ? $_REQUEST['description'] : false);
if (!isset($possible_customers[$file_data['customer_id']]) && $file_data['customer_id'] != $original_file_data['customer_id']) {
$file_data['customer_id'] = $original_file_data['customer_id'];
}
if ($file_data['job_id'] && !isset($possible_jobs[$file_data['job_id']]) && $file_data['job_id'] != $original_file_data['job_id']) {
$file_data['job_id'] = $original_file_data['job_id'];
}
}
$sub_bucket_fields = array('customer_id', 'job_id', 'quote_id', 'website_id');
if ($file_data['bucket_parent_file_id']) {
// we're saving a sub bucket file, pull in the file data from the parent file.
$parent_file = new ucm_file($file_data['bucket_parent_file_id']);
$parent_file_data = $parent_file->get_data();
foreach ($sub_bucket_fields as $sub_bucket_field) {
$file_data[$sub_bucket_field] = $parent_file_data[$sub_bucket_field];
}
}
if (!count($files_to_save)) {
$files_to_save[] = array();
}
foreach ($files_to_save as $id => $file_to_save) {
$file_data_to_save = array_merge($file_data, $file_to_save);
$files_to_save[$id]['file_id'] = update_insert('file_id', $file_data['file_id'], 'file', $file_data_to_save);
$file_data['file_id'] = 0;
// incease we're uploading multiple files
if (isset($_POST['staff_ids_save']) && (int) $files_to_save[$id]['file_id'] > 0) {
delete_from_db('file_user_rel', array('file_id'), array($files_to_save[$id]['file_id']));
if (isset($_POST['staff_ids']) && is_array($_POST['staff_ids'])) {
foreach ($_POST['staff_ids'] as $staff_id) {
$sql = "REPLACE INTO `" . _DB_PREFIX . "file_user_rel` SET ";
$sql .= " `user_id` = " . (int) $staff_id;
$sql .= ", `file_id` = " . (int) $files_to_save[$id]['file_id'];
query($sql);
}
}
}
if ($files_to_save[$id]['file_id'] > 0 && isset($file_data_to_save['bucket']) && $file_data_to_save['bucket']) {
// update certain fields of all the child files to match the parent bucket.
$search = array('bucket_parent_file_id' => $files_to_save[$id]['file_id']);
$sub_files = module_file::get_files($search);
$vals = array();
foreach ($sub_bucket_fields as $field) {
$vals[$field] = isset($file_data_to_save[$field]) ? $file_data_to_save[$field] : false;
}
foreach ($sub_files as $sub_file) {
update_insert('file_id', $sub_file['file_id'], 'file', $vals);
// and save the staff assignment manually too
if (isset($_POST['staff_ids_save']) && (int) $sub_file['file_id'] > 0) {
delete_from_db('file_user_rel', array('file_id'), array($sub_file['file_id']));
if (isset($_POST['staff_ids']) && is_array($_POST['staff_ids'])) {
foreach ($_POST['staff_ids'] as $staff_id) {
$sql = "REPLACE INTO `" . _DB_PREFIX . "file_user_rel` SET ";
$sql .= " `user_id` = " . (int) $staff_id;
$sql .= ", `file_id` = " . (int) $sub_file['file_id'];
query($sql);
}
}
}
}
}
module_extra::save_extras('file', 'file_id', $files_to_save[$id]['file_id']);
if ($file_changed) {
$this->send_file_changed_notice($files_to_save[$id]['file_id'], $new_file);
}
// file changed
}
}
if (module_file::can_i('create', 'File Comments')) {
$this->save_file_comments($file_id);
}
if (isset($_REQUEST['delete_file_comment_id']) && $_REQUEST['delete_file_comment_id']) {
$file_comment_id = (int) $_REQUEST['delete_file_comment_id'];
$comment = get_single('file_comment', 'file_comment_id', $file_comment_id);
if ($comment['create_user_id'] == module_security::get_loggedin_id() || module_file::can_i('delete', 'File Comments')) {
$sql = "DELETE FROM `" . _DB_PREFIX . "file_comment` WHERE file_id = '" . (int) $file_id . "' AND file_comment_id = '{$file_comment_id}' ";
$sql .= " LIMIT 1";
query($sql);
}
}
if (isset($_REQUEST['butt_email']) && $_REQUEST['butt_email'] && module_file::can_i('edit', 'File Approval')) {
redirect_browser($this->link_open_email($file_id));
}
if (count($files_to_save)) {
if (count($files_to_save) > 1) {
$file_id = false;
set_message(_l('%s Files saved successfully', count($files_to_save)));
} else {
set_message(_l('File saved successfully'));
$file_id = $files_to_save[0]['file_id'];
}
}
redirect_browser($this->link_open($file_id));
}
} else {
if ('delete_file_popup' == $_REQUEST['_process']) {
$file_id = (int) $_REQUEST['file_id'];
if (!$file_id || $file_id == 'new') {
// cant delete a new file.. do nothing.
} else {
$file_data = $this->get_file($file_id);
if (true) {
//module_security::can_access_data('file',$file_data,$file_id)){
// delete the physical file.
if (is_file($file_data['file_path'])) {
unlink($file_data['file_path']);
}
// delete the db entry.
delete_from_db('file', 'file_id', $file_id);
// update ui with changes.
?>
<script type="text/javascript">
var new_html = '';
parent.new_file_added<?php
echo $file_data['owner_table'];
?>
_<?php
echo $file_data['owner_id'];
?>
(<?php
echo $file_id;
?>
,'<?php
echo $file_data['owner_table'];
?>
',<?php
echo $file_data['owner_id'];
?>
,new_html);
</script>
<?php
}
}
exit;
}
}
}
}
}
}
return array();
};
$table_manager->set_rows($files);
$table_manager->pagination = false;
$table_manager->print_table();
$buttons = array();
$buttons[] = array('url' => module_file::link_open('new', false, $file_id), 'title' => _l('Add New File'), 'type' => 'add');
if (count($files)) {
$buttons[] = array('url' => module_file::link_public_download_bucket($file_id), 'title' => _l('Download All'), 'type' => 'button');
}
$fieldset_data = array('heading' => array('title' => _l('Bucket Files'), 'type' => 'h3', 'button' => $buttons), 'elements_before' => ob_get_clean());
echo module_form::generate_fieldset($fieldset_data);
unset($fieldset_data);
}
hook_handle_callback('layout_column_half', 'end');
$form_actions = array('class' => 'action_bar action_bar_center action_bar_single', 'elements' => array(array('type' => 'save_button', 'name' => 'butt_save', 'id' => 'butt_save', 'value' => _l('Save Bucket')), array('ignore' => !((int) $file_id && module_file::can_i('delete', 'Files')), 'type' => 'delete_button', 'name' => 'butt_del', 'value' => _l('Delete')), array('type' => 'button', 'name' => 'cancel', 'value' => _l('Cancel'), 'class' => 'submit_button', 'onclick' => "window.location.href='" . module_file::link_open(false) . "';")));
echo module_form::generate_form_actions($form_actions);
if ((int) $file_id > 0 && isset($file['file_path']) && $file['file_path'] && is_file($file['file_path']) && module_file::can_i('view', 'File Comments')) {
?>
<h2><?php
echo _l('File Comments');
?>
</h2>
<div>
<div style="width:70%;float:left;border:1px solid #EFEFEF; overflow:auto;" id="file_preview">
<?php
echo module_file::generate_preview($file_id, $file['file_name'], $file);
?>
<?php
module_form::print_form_auth();
?>
<?php
$search_bar = array('elements' => array('name' => array('title' => _l('File Name / Description:'), 'field' => array('type' => 'text', 'name' => 'search[generic]', 'value' => isset($search['generic']) ? $search['generic'] : ''))));
if (class_exists('module_job', false)) {
$search_bar['elements']['job'] = array('title' => _l('Job:'), 'field' => array('type' => 'select', 'name' => 'search[job_id]', 'value' => isset($search['job_id']) ? $search['job_id'] : '', 'options' => module_job::get_jobs(), 'options_array_id' => 'name'));
}
echo module_form::search_bar($search_bar);
$table_manager = module_theme::new_table_manager();
$columns = array();
$columns['file_name'] = array('title' => 'File Name', 'callback' => function ($file) {
echo module_file::link_open($file['file_id'], true);
if (isset($file['file_url']) && strlen($file['file_url'])) {
echo ' ';
echo '<a href="' . htmlspecialchars($file['file_url']) . '">' . htmlspecialchars($file['file_url']) . '</a>';
}
}, 'cell_class' => 'row_action');
$columns['file_description'] = array('title' => 'Description', 'callback' => function ($file) {
echo module_security::purify_html($file['description']);
});
$columns['file_status'] = array('title' => 'Status', 'callback' => function ($file) {
echo nl2br(htmlspecialchars($file['status']));
});
$columns['file_size'] = array('title' => 'Size', 'callback' => function ($file) {
if ($file['bucket']) {
// how many files are under this bucket?
$search = array();
// find available "to" recipients.
// customer contacts.
$to_select = false;
if ($file['customer_id']) {
$customer = module_customer::get_customer($file['customer_id']);
$file['customer_name'] = $customer['customer_name'];
$to = module_user::get_contacts(array('customer_id' => $file['customer_id']));
if ($customer['primary_user_id']) {
$primary = module_user::get_user($customer['primary_user_id']);
if ($primary) {
$to_select = $primary['email'];
}
}
} else {
$to = array();
}
if (class_exists('module_extra', false) && module_extra::is_plugin_enabled()) {
$all_extra_fields = module_extra::get_defaults('file');
foreach ($all_extra_fields as $e) {
$file[$e['key']] = _l('N/A');
}
// and find the ones with values:
$extras = module_extra::get_extras(array('owner_table' => 'file', 'owner_id' => $file_id));
foreach ($extras as $e) {
$file[$e['extra_key']] = $e['extra'];
}
}
$template->assign_values($file);
ob_start();
module_email::print_compose(array('title' => _l('Email File: %s', $file['file_name']), 'find_other_templates' => 'file_approval_email', 'current_template' => $template_name, 'customer_id' => $file['customer_id'], 'job_id' => $file['job_id'], 'file_id' => $file['file_id'], 'debug_message' => 'Sending file as email', 'to' => $to, 'to_select' => $to_select, 'bcc' => module_config::c('admin_email_address', ''), 'content' => $template->render('html'), 'subject' => $template->replace_description(), 'success_url' => module_file::link_open($file_id), 'success_callback' => 'module_file::email_sent', 'success_callback_args' => array('file_id' => $file_id), 'cancel_url' => module_file::link_open($file_id)));
?>
'); $('#butt_save_note').click(); } return false;" style="color:#FF0000">x</a>
<?php
}
?>
</div>
</div>
<?php
}
$fieldset_data = array('heading' => array('title' => _l('File Comments'), 'type' => 'h3'), 'elements_before' => ob_get_clean());
echo module_form::generate_fieldset($fieldset_data);
unset($fieldset_data);
}
hook_handle_callback('layout_column_half', 'end');
$form_actions = array('class' => 'action_bar action_bar_center action_bar_single', 'elements' => array(array('type' => 'save_button', 'name' => 'butt_save', 'id' => 'butt_save', 'value' => _l('Save File')), array('type' => 'save_button', 'name' => 'butt_email', 'ignore' => !$file_id || !module_file::can_i('edit', 'File Approval'), 'value' => _l('Email For Approval')), array('ignore' => !((int) $file_id && module_file::can_i('delete', 'Files')), 'type' => 'delete_button', 'name' => 'butt_del', 'value' => _l('Delete')), array('type' => 'button', 'name' => 'cancel', 'value' => _l('Cancel'), 'class' => 'submit_button', 'onclick' => "window.location.href='" . ($is_bucket_file ? module_file::link_open($file['bucket_parent_file_id']) : module_file::link_open(false)) . "';")));
echo module_form::generate_form_actions($form_actions);
if ((int) $file_id > 0 && isset($file['file_path']) && $file['file_path'] && is_file($file['file_path']) && module_file::can_i('view', 'File Comments')) {
?>
<h2><?php
echo _l('File Comments');
?>
</h2>
<div>
<div style="width:70%;float:left;border:1px solid #EFEFEF; overflow:auto;" id="file_preview">
<?php
echo module_file::generate_preview($file_id, $file['file_name'], $file);
?>
public function external_hook($hook)
{
switch ($hook) {
case 'public_signup_form':
$signup_form = module_template::get_template_by_key('customer_signup_form_wrapper');
$signup_form->page_title = $signup_form->description;
$signup_form->assign_values(array('signup_form' => self::get_customer_signup_form_html()));
echo $signup_form->render('pretty_html');
exit;
case 'public_signup':
// sign out if testing.
if (module_security::is_logged_in()) {
set_message('Logged out due to signup');
module_security::logout();
}
$result = array('messages' => array());
function customer_signup_complete($result)
{
if (isset($_REQUEST['via_ajax'])) {
echo json_encode($result);
} else {
echo implode('<br/>', $result['messages']);
}
exit;
}
if (!module_config::c('customer_signup_allowed', 0)) {
$result['error'] = 1;
$result['messages'][] = 'Customer signup disabled';
customer_signup_complete($result);
}
//recaptcha on signup form.
if (module_config::c('captcha_on_signup_form', 0)) {
if (!module_captcha::check_captcha_form()) {
$result['error'] = 1;
$result['messages'][] = 'Captcha fail, please go back and enter correct captcha code.';
customer_signup_complete($result);
}
}
$customer = isset($_POST['customer']) && is_array($_POST['customer']) ? $_POST['customer'] : array();
$contact = isset($_POST['contact']) && is_array($_POST['contact']) ? $_POST['contact'] : array();
$contact_extra = isset($contact['extra']) && is_array($contact['extra']) ? $contact['extra'] : array();
$contact_group = isset($contact['group_ids']) && is_array($contact['group_ids']) ? $contact['group_ids'] : array();
$customer_extra = isset($customer['extra']) ? $customer['extra'] : array();
$customer_group = isset($customer['group_ids']) && is_array($customer['group_ids']) ? $customer['group_ids'] : array();
$address = isset($_POST['address']) ? $_POST['address'] : array();
$website = isset($_POST['website']) ? $_POST['website'] : array();
$website_extra = isset($website['extra']) ? $website['extra'] : array();
$website_group = isset($website['group_ids']) && is_array($website['group_ids']) ? $website['group_ids'] : array();
$job = isset($_POST['job']) ? $_POST['job'] : array();
$job_extra = isset($job['extra']) ? $job['extra'] : array();
$subscription = isset($_POST['subscription']) ? $_POST['subscription'] : array();
// sanatise possibly problematic fields:
// customer:
$allowed = array('name', 'last_name', 'customer_name', 'email', 'phone', 'mobile', 'extra', 'type');
foreach ($customer as $key => $val) {
if (!in_array($key, $allowed)) {
unset($customer[$key]);
}
}
if (isset($customer['type']) && $customer['type'] != _CUSTOMER_TYPE_NORMAL && $customer['type'] != _CUSTOMER_TYPE_LEAD) {
unset($customer['type']);
}
// added multiple contact support in the form of arrays.
$contact_fields = array('name', 'last_name', 'email', 'phone');
if (module_config::c('customer_signup_password', 0)) {
$contact_fields[] = 'password';
}
foreach ($contact_fields as $multi_value) {
if (isset($contact[$multi_value])) {
if (!is_array($contact[$multi_value])) {
$contact[$multi_value] = array($contact[$multi_value]);
}
} else {
if (isset($customer[$multi_value])) {
$contact[$multi_value] = array($customer[$multi_value]);
} else {
$contact[$multi_value] = array();
}
}
}
$valid_contact_email = false;
$name_fallback = false;
$primary_email = false;
foreach ($contact['email'] as $contact_key => $email) {
if (!$name_fallback && isset($contact['name'][$contact_key])) {
$name_fallback = $contact['name'][$contact_key];
}
$contact['email'][$contact_key] = filter_var(strtolower(trim($email)), FILTER_VALIDATE_EMAIL);
if ($contact['email'][$contact_key]) {
$valid_contact_email = true;
if (!$primary_email) {
$primary_email = $contact['email'][$contact_key];
// set the primary contact details here by adding them to the master customer array
foreach ($contact_fields as $primary_contact_field) {
$customer[$primary_contact_field] = isset($contact[$primary_contact_field][$contact_key]) ? $contact[$primary_contact_field][$contact_key] : '';
unset($contact[$primary_contact_field][$contact_key]);
}
}
}
}
// start error checking / required fields
if (!isset($customer['customer_name']) || !strlen($customer['customer_name'])) {
$customer['customer_name'] = $name_fallback;
}
if (!strlen($customer['customer_name'])) {
$result['error'] = 1;
$result['messages'][] = "Failed, please go back and provide a customer name.";
}
if (!$valid_contact_email || !$primary_email) {
$result['error'] = 1;
$result['messages'][] = "Failed, please go back and provide an email address.";
}
// check all posted required fields.
function check_required($postdata, $messages = array())
{
if (is_array($postdata)) {
foreach ($postdata as $key => $val) {
if (strpos($key, '_required') && strlen($val)) {
$required_key = str_replace('_required', '', $key);
if (!isset($postdata[$required_key]) || !$postdata[$required_key]) {
$messages[] = 'Required field missing: ' . htmlspecialchars($val);
}
}
if (is_array($val)) {
$messages = check_required($val, $messages);
}
}
}
return $messages;
}
$messages = check_required($_POST);
if (count($messages)) {
$result['error'] = 1;
$result['messages'] = array_merge($result['messages'], $messages);
}
if (isset($result['error'])) {
customer_signup_complete($result);
}
// end error checking / required fields.
// check if this customer already exists in the system, based on email address
$customer_id = false;
$creating_new = true;
$_REQUEST['user_id'] = 0;
if (isset($customer['email']) && strlen($customer['email']) && !module_config::c('customer_signup_always_new', 0)) {
$users = module_user::get_contacts(array('email' => $customer['email']));
foreach ($users as $user) {
if (isset($user['customer_id']) && (int) $user['customer_id'] > 0) {
// this user exists as a customer! yey!
// add them to this listing.
$customer_id = $user['customer_id'];
$creating_new = false;
$_REQUEST['user_id'] = $user['user_id'];
// dont let signups update existing passwords.
if (isset($customer['password'])) {
unset($customer['password']);
}
if (isset($customer['new_password'])) {
unset($customer['new_password']);
}
}
}
}
$_REQUEST['extra_customer_field'] = array();
$_REQUEST['extra_user_field'] = array();
module_extra::$config['allow_new_keys'] = false;
module_extra::$config['delete_existing_empties'] = false;
// save customer extra fields.
if (count($customer_extra)) {
// format the address so "save_customer" handles the save for us
foreach ($customer_extra as $key => $val) {
$_REQUEST['extra_customer_field'][] = array('key' => $key, 'val' => $val);
}
}
// save customer and customer contact details:
$customer_id = $this->save_customer($customer_id, $customer);
if (!$customer_id) {
$result['error'] = 1;
$result['messages'][] = 'System error: failed to create customer.';
customer_signup_complete($result);
}
$customer_data = module_customer::get_customer($customer_id);
// todo - merge primary and secondary contact/extra/group saving into a single loop
if (!$customer_data['primary_user_id']) {
$result['error'] = 1;
$result['messages'][] = 'System error: Failed to create customer contact.';
customer_signup_complete($result);
} else {
$role_id = module_config::c('customer_signup_role', 0);
if ($role_id > 0) {
module_user::add_user_to_role($customer_data['primary_user_id'], $role_id);
}
// save contact extra data (repeated below for additional contacts)
if (isset($contact_extra[0]) && count($contact_extra[0])) {
$_REQUEST['extra_user_field'] = array();
foreach ($contact_extra[0] as $key => $val) {
$_REQUEST['extra_user_field'][] = array('key' => $key, 'val' => $val);
}
module_extra::save_extras('user', 'user_id', $customer_data['primary_user_id']);
}
// save contact groups
if (isset($contact_group[0]) && count($contact_group[0])) {
foreach ($contact_group[0] as $group_id => $tf) {
if ($tf) {
module_group::add_to_group($group_id, $customer_data['primary_user_id'], 'user');
}
}
}
}
foreach ($contact['email'] as $contact_key => $email) {
// add any additional contacts to the customer.
$users = module_user::get_contacts(array('email' => $email, 'customer_id' => $customer_id));
if (count($users)) {
// this contact already exists for this customer, dont update/change it.
continue;
}
$new_contact = array('customer_id' => $customer_id);
foreach ($contact_fields as $primary_contact_field) {
$new_contact[$primary_contact_field] = isset($contact[$primary_contact_field][$contact_key]) ? $contact[$primary_contact_field][$contact_key] : '';
}
// dont let additional contacts have passwords.
if (isset($new_contact['password'])) {
unset($new_contact['password']);
}
if (isset($new_contact['new_password'])) {
unset($new_contact['new_password']);
}
global $plugins;
$contact_user_id = $plugins['user']->create_user($new_contact, 'signup');
if ($contact_user_id) {
$role_id = module_config::c('customer_signup_role', 0);
if ($role_id > 0) {
module_user::add_user_to_role($contact_user_id, $role_id);
}
// save contact extra data (repeated below for primary contacts)
if (isset($contact_extra[$contact_key]) && count($contact_extra[$contact_key])) {
$_REQUEST['extra_user_field'] = array();
foreach ($contact_extra[$contact_key] as $key => $val) {
$_REQUEST['extra_user_field'][] = array('key' => $key, 'val' => $val);
}
module_extra::save_extras('user', 'user_id', $contact_user_id);
}
// save contact groups
if (isset($contact_group[$contact_key]) && count($contact_group[$contact_key])) {
foreach ($contact_group[$contact_key] as $group_id => $tf) {
if ($tf) {
module_group::add_to_group($group_id, $contact_user_id, 'user');
}
}
}
}
}
if (count($customer_group)) {
// format the address so "save_customer" handles the save for us
foreach ($customer_group as $group_id => $tf) {
if ($tf) {
module_group::add_to_group($group_id, $customer_id, 'customer');
}
}
}
$note_keys = array('customer', 'website', 'job', 'address', 'subscription');
$note_text = _l('Customer signed up from Signup Form:');
$note_text .= "\n\n";
foreach ($note_keys as $note_key) {
$note_text .= "\n" . ucwords(_l($note_key)) . "\n";
if (isset($_POST[$note_key]) && is_array($_POST[$note_key])) {
foreach ($_POST[$note_key] as $post_key => $post_val) {
$note_text .= "\n - " . _l($post_key) . ": ";
if (is_array($post_val)) {
foreach ($post_val as $p => $v) {
$note_text .= "\n - - " . _l($p) . ': ' . $v;
}
} else {
$note_text .= $post_val;
}
}
}
}
$note_data = array('note_id' => false, 'owner_id' => $customer_id, 'owner_table' => 'customer', 'note_time' => time(), 'note' => $note_text, 'rel_data' => module_customer::link_open($customer_id), 'reminder' => 0, 'user_id' => 0);
update_insert('note_id', false, 'note', $note_data);
// save customer address fields.
if (count($address)) {
$address_db = module_address::get_address($customer_id, 'customer', 'physical');
$address_id = $address_db && isset($address_db['address_id']) ? (int) $address_db['address_id'] : false;
$address['owner_id'] = $customer_id;
$address['owner_table'] = 'customer';
$address['address_type'] = 'physical';
// we have post data to save, write it to the table!!
module_address::save_address($address_id, $address);
}
// website:
$allowed = array('url', 'name', 'extra', 'notes');
foreach ($website as $key => $val) {
if (!in_array($key, $allowed)) {
unset($website[$key]);
}
}
$website['url'] = isset($website['url']) ? strtolower(trim($website['url'])) : '';
$website_id = 0;
if (count($website) && class_exists('module_website', false) && module_website::is_plugin_enabled()) {
if (strlen($website['url'])) {
// see if website already exists, don't create or update existing one for now.
$existing_websites = module_website::get_websites(array('customer_id' => $customer_id, 'url' => $website['url']));
foreach ($existing_websites as $existing_website) {
$website_id = $existing_website['website_id'];
}
}
// echo $website_id;echo $website['url']; print_r($website_extra);exit;
if (!$website_id) {
$website_data = module_website::get_website($website_id);
$website_data['url'] = isset($website['url']) ? $website['url'] : 'N/A';
$website_data['name'] = isset($website['url']) ? $website['url'] : 'N/A';
$website_data['customer_id'] = $customer_id;
$website_id = update_insert('website_id', false, 'website', $website_data);
// save website extra data.
if ($website_id && count($website_extra)) {
$_REQUEST['extra_website_field'] = array();
foreach ($website_extra as $key => $val) {
$_REQUEST['extra_website_field'][] = array('key' => $key, 'val' => $val);
}
module_extra::save_extras('website', 'website_id', $website_id);
}
if ($website_id && isset($website['notes']) && strlen($website['notes'])) {
// add notes to this website.
$note_data = array('note_id' => false, 'owner_id' => $website_id, 'owner_table' => 'website', 'note_time' => time(), 'note' => $website['notes'], 'rel_data' => module_website::link_open($website_id), 'reminder' => 0, 'user_id' => $customer_data['primary_user_id']);
$note_id = update_insert('note_id', false, 'note', $note_data);
}
}
if ($website_id) {
if (count($website_group)) {
// format the address so "save_customer" handles the save for us
foreach ($website_group as $group_id => $tf) {
if ($tf) {
module_group::add_to_group($group_id, $website_id, 'website');
}
}
}
}
}
// generate jobs for this customer.
$job_created = array();
if ($job && isset($job['type']) && is_array($job['type'])) {
if (module_config::c('customer_signup_any_job_type', 0)) {
foreach ($job['type'] as $type_name) {
// we have a match in our system. create the job.
$job_data = module_job::get_job(false);
$job_data['type'] = $type_name;
if (!$job_data['name']) {
$job_data['name'] = $type_name;
}
$job_data['website_id'] = $website_id;
$job_data['customer_id'] = $customer_id;
$job_id = update_insert('job_id', false, 'job', $job_data);
// todo: add default tasks for this job type.
$job_created[] = $job_id;
}
} else {
foreach (module_job::get_types() as $type_id => $type) {
foreach ($job['type'] as $type_name) {
if ($type_name == $type) {
// we have a match in our system. create the job.
$job_data = module_job::get_job(false);
$job_data['type'] = $type;
if (!$job_data['name']) {
$job_data['name'] = $type;
}
$job_data['website_id'] = $website_id;
$job_data['customer_id'] = $customer_id;
$job_id = update_insert('job_id', false, 'job', $job_data);
// todo: add default tasks for this job type.
$job_created[] = $job_id;
}
}
}
}
if (count($job_created) && count($job_extra)) {
// save job extra data.
foreach ($job_created as $job_created_id) {
if ($job_created_id && count($job_extra)) {
$_REQUEST['extra_job_field'] = array();
foreach ($job_extra as $key => $val) {
$_REQUEST['extra_job_field'][] = array('key' => $key, 'val' => $val);
}
module_extra::save_extras('job', 'job_id', $job_created_id);
}
}
}
}
// save files against customer
$uploaded_files = array();
if (isset($_FILES['customerfiles']) && isset($_FILES['customerfiles']['tmp_name'])) {
foreach ($_FILES['customerfiles']['tmp_name'] as $file_id => $tmp_file) {
if (is_uploaded_file($tmp_file)) {
// save to file module for this customer
$file_name = basename($_FILES['customerfiles']['name'][$file_id]);
if (strlen($file_name)) {
$file_path = 'includes/plugin_file/upload/' . md5(time() . $file_name);
if (move_uploaded_file($tmp_file, $file_path)) {
// success! write to db.
$file_data = array('customer_id' => $customer_id, 'job_id' => current($job_created), 'website_id' => $website_id, 'status' => module_config::c('file_default_status', 'Uploaded'), 'pointers' => false, 'description' => "Uploaded from Customer Signup form", 'file_time' => time(), 'file_name' => $file_name, 'file_path' => $file_path, 'file_url' => false);
$file_id = update_insert('file_id', false, 'file', $file_data);
$uploaded_files[] = $file_id;
}
}
}
}
}
// we create subscriptions for this customer/website (if none already exist)
$subscription['subscription_name'] = array();
$subscription['subscription_invoice'] = array();
if (class_exists('module_subscription', false) && module_subscription::is_plugin_enabled() && isset($subscription['for']) && isset($subscription['subscriptions'])) {
if ($subscription['for'] == 'website' && $website_id > 0) {
$owner_table = 'website';
$owner_id = $website_id;
} else {
$owner_table = 'customer';
$owner_id = $customer_id;
}
$available_subscriptions = module_subscription::get_subscriptions();
$members_subscriptions = module_subscription::get_subscriptions_by($owner_table, $owner_id);
foreach ($subscription['subscriptions'] as $subscription_id => $tf) {
if (isset($available_subscriptions[$subscription_id])) {
if (isset($members_subscriptions[$subscription_id])) {
// we don't allow a member to sign up to the same subscription twice (just yet)
} else {
$subscription['subscription_name'][$subscription_id] = $available_subscriptions[$subscription_id]['name'];
$start_date = date('Y-m-d');
$start_modifications = module_config::c('customer_signup_subscription_start', '');
if ($start_modifications == 'hidden') {
$start_modifications = isset($_REQUEST['customer_signup_subscription_start']) ? $_REQUEST['customer_signup_subscription_start'] : '';
}
if (!empty($start_modifications)) {
$start_date = date('Y-m-d', strtotime($start_modifications));
}
$sql = "INSERT INTO `" . _DB_PREFIX . "subscription_owner` SET ";
$sql .= " owner_id = '" . (int) $owner_id . "'";
$sql .= ", owner_table = '" . mysql_real_escape_string($owner_table) . "'";
$sql .= ", subscription_id = '" . (int) $subscription_id . "'";
$sql .= ", start_date = '{$start_date}'";
query($sql);
module_subscription::update_next_due_date($subscription_id, $owner_table, $owner_id, true);
// and the same option here to send a subscription straight away upon signup
if (module_config::c('subscription_send_invoice_straight_away', 0)) {
global $plugins;
$plugins['subscription']->run_cron();
// check if there are any invoices for this subscription
$history = module_subscription::get_subscription_history($subscription_id, $owner_table, $owner_id);
if (count($history) > 0) {
foreach ($history as $h) {
if ($h['invoice_id']) {
$invoice_data = module_invoice::get_invoice($h['invoice_id']);
if ($invoice_data['date_cancel'] != '0000-00-00') {
continue;
}
$subscription['subscription_invoice'][] = '<a href="' . module_invoice::link_public($h['invoice_id']) . '">' . _l('Invoice #%s for %s', htmlspecialchars($invoice_data['name']), dollar($invoice_data['total_amount'], true, $invoice_data['currency_id'])) . '</a>';
}
}
}
}
}
}
}
}
if (!count($subscription['subscription_name'])) {
$subscription['subscription_name'][] = _l('N/A');
}
if (!count($subscription['subscription_invoice'])) {
$subscription['subscription_invoice'][] = _l('N/A');
}
$subscription['subscription_name'] = implode(', ', $subscription['subscription_name']);
$subscription['subscription_invoice'] = implode(', ', $subscription['subscription_invoice']);
// email the admin when a customer signs up.
$values = array_merge($customer, $customer_extra, $website, $website_extra, $address, $subscription);
$values['customer_name'] = $customer['customer_name'];
$values['CUSTOMER_LINK'] = module_customer::link_open($customer_id);
$values['CUSTOMER_NAME_LINK'] = module_customer::link_open($customer_id, true);
if ($website_id) {
$values['WEBSITE_LINK'] = module_website::link_open($website_id);
$values['WEBSITE_NAME_LINK'] = module_website::link_open($website_id, true);
} else {
$values['WEBSITE_LINK'] = _l('N/A');
$values['WEBSITE_NAME_LINK'] = _l('N/A');
}
$values['JOB_LINKS'] = '';
if (count($job_created)) {
$values['JOB_LINKS'] .= 'The customer created ' . count($job_created) . ' jobs in the system: <br>';
foreach ($job_created as $job_created_id) {
$values['JOB_LINKS'] .= module_job::link_open($job_created_id, true) . "<br>\n";
}
} else {
$values['JOB_LINKS'] = _l('N/A');
}
if (count($uploaded_files)) {
$values['uploaded_files'] = 'The customer uploaded ' . count($uploaded_files) . " files:<br>\n";
foreach ($uploaded_files as $uploaded_file) {
$values['uploaded_files'] .= module_file::link_open($uploaded_file, true) . "<br>\n";
}
} else {
$values['uploaded_files'] = 'No files were uploaded';
}
$values['WEBSITE_NAME'] = isset($website['url']) ? $website['url'] : 'N/A';
if (!$creating_new) {
$values['system_note'] = "Note: this signup updated the existing customer record in the system.";
} else {
$values['system_note'] = "Note: this signup created a new customer record in the system.";
}
$customer_signup_template = module_config::c('customer_signup_email_admin_template', 'customer_signup_email_admin');
if (isset($_REQUEST['customer_signup_email_admin_template'])) {
$customer_signup_template = $_REQUEST['customer_signup_email_admin_template'];
}
if ($customer_signup_template) {
$template = module_template::get_template_by_key($customer_signup_template);
if ($template->template_id) {
$template->assign_values($values);
$html = $template->render('html');
$email = module_email::new_email();
$email->replace_values = $values;
$email->set_subject($template->description);
$email->set_to_manual(module_config::c('customer_signup_admin_email', module_config::c('admin_email_address')));
// do we send images inline?
$email->set_html($html);
if ($email->send()) {
// it worked successfully!!
} else {
/// log err?
}
}
}
$customer_signup_template = module_config::c('customer_signup_email_welcome_template', 'customer_signup_email_welcome');
if (isset($_REQUEST['customer_signup_email_welcome_template'])) {
$customer_signup_template = $_REQUEST['customer_signup_email_welcome_template'];
}
if ($customer_signup_template) {
$template = module_template::get_template_by_key($customer_signup_template);
if ($template->template_id) {
$template->assign_values($values);
$html = $template->render('html');
$email = module_email::new_email();
$email->customer_id = $customer_id;
$email->replace_values = $values;
$email->set_subject($template->description);
$email->set_to('user', $customer_data['primary_user_id']);
// do we send images inline?
$email->set_html($html);
if ($email->send()) {
// it worked successfully!!
} else {
/// log err?
}
}
}
//todo: optional redirect to url
if (isset($_REQUEST['via_ajax'])) {
echo json_encode(array('success' => 1, 'customer_id' => $customer_id));
exit;
}
if (module_config::c('customer_signup_redirect', '')) {
redirect_browser(module_config::c('customer_signup_redirect', ''));
}
// load up the thank you template.
$template = module_template::get_template_by_key('customer_signup_thank_you_page');
$template->page_title = _l("Customer Signup");
foreach ($values as $key => $val) {
if (!is_array($val)) {
$values[$key] = htmlspecialchars($val);
}
}
$template->assign_values($values);
echo $template->render('pretty_html');
exit;
break;
}
}
if (isset($data[$key]) && (int) $data[$key] > 0) {
switch ($key) {
case 'customer_id':
echo module_customer::link_open($data[$key], true);
break;
case 'job_id':
echo module_job::link_open($data[$key], true);
break;
case 'invoice_id':
echo module_invoice::link_open($data[$key], true);
break;
case 'quote_id':
echo module_quote::link_open($data[$key], true);
break;
case 'file_id':
echo module_file::link_open($data[$key], true);
break;
}
}
}
?>
</td>
<?php
}
/*<td><a href="<?php echo $module->link('',array("data_record_id"=>$data['data_record_id'],"customer_id"=>isset($_REQUEST['customer_id']) ? $_REQUEST['customer_id'] : false)); ?>"><?php echo $module->format_record_id($data['data_type_id'],$data['data_record_id']); ?></a></td>
<td><?php echo $data['status']; ?></td>
<td><?php echo print_date($data['date_updated']); ?></td>
<?php */
$first = true;
foreach ($list_fields as $list_field) {
$settings = @unserialize($list_data_items[$list_field['data_field_id']]['data_field_settings']);
<tr>
<td align="center" colspan="2">
<input type="submit" name="butt_save" id="butt_save" value="<?php
echo _l('Save file');
?>
" class="submit_button save_button" />
<?php
if ((int) $file_id) {
?>
<input type="submit" name="butt_del" id="butt_del" value="<?php
echo _l('Delete');
?>
" class="submit_button delete_button" />
<?php
}
?>
<input type="button" name="cancel" value="<?php
echo _l('Cancel');
?>
" onclick="window.location.href='<?php
echo module_file::link_open(false);
?>
';" class="submit_button" />
</td>
</tr>
</tbody>
</table>
</form>