function uploadFileToBlob($FILE_DESCRIPTOR, $SAFETY_CHECK = true)
{
global $CFG, $CONTEXT, $PDOX;
if ($SAFETY_CHECK && checkFileSafety($FILE_DESCRIPTOR) !== true) {
return false;
}
if ($FILE_DESCRIPTOR['error'] == 1) {
return false;
}
if ($FILE_DESCRIPTOR['error'] == 0) {
$filename = basename($FILE_DESCRIPTOR['name']);
if (strpos($filename, '.php') !== false) {
return false;
}
// $data = file_get_contents($FILE_DESCRIPTOR['tmp_name']);
// $sha256 = lti_sha256($data);
$sha256 = hash_file('sha256', $FILE_DESCRIPTOR['tmp_name']);
$stmt = $PDOX->queryDie("SELECT file_id, file_sha256 from {$CFG->dbprefix}blob_file\n WHERE context_id = :CID AND file_sha256 = :SHA", array(":CID" => $CONTEXT->id, ":SHA" => $sha256));
$row = $stmt->fetch(PDO::FETCH_NUM);
if ($row !== false) {
error_log("Already had instance of {$filename}");
$row[0] = $row[0] + 0;
// Make sure the id is an integer
return $row;
}
$fp = fopen($FILE_DESCRIPTOR['tmp_name'], "rb");
$stmt = $PDOX->prepare("INSERT INTO {$CFG->dbprefix}blob_file\n (context_id, file_sha256, file_name, contenttype, content, created_at)\n VALUES (?, ?, ?, ?, ?, NOW())");
$stmt->bindParam(1, $CONTEXT->id);
$stmt->bindParam(2, $sha256);
$stmt->bindParam(3, $filename);
$stmt->bindParam(4, $FILE_DESCRIPTOR['type']);
$stmt->bindParam(5, $fp, PDO::PARAM_LOB);
// $stmt->bindParam(5, $data, PDO::PARAM_LOB);
$PDOX->beginTransaction();
$stmt->execute();
$id = 0 + $PDOX->lastInsertId();
$PDOX->commit();
fclose($fp);
return array($id, $sha256);
}
return false;
}
$fname = 'uploaded_file_' . $partno;
if (!isset($_FILES[$fname])) {
$_SESSION['error'] = 'Problem with uploaded files - perhaps your files were too large';
header('Location: ' . addSession('index.php'));
return;
}
$fdes = $_FILES[$fname];
$filename = isset($fdes['name']) ? basename($fdes['name']) : false;
// Check to see if they left off a file
if ($fdes['error'] == 4) {
$_SESSION['error'] = 'Missing file, make sure to select all files before pressing submit';
header('Location: ' . addSession('index.php'));
return;
}
// Sanity-check the file
$safety = checkFileSafety($fdes);
if ($safety !== true) {
$_SESSION['error'] = "Error: " . $safety;
error_log("Upload Error: " . $safety);
header('Location: ' . addSession('index.php'));
return;
}
// Check the kind of file
if (!isPngOrJpeg($fdes)) {
$_SESSION['error'] = 'Files must either contain JPG, or PNG images: ' . $filename;
error_log("Upload Error - Not an Image: " . $filename);
header('Location: ' . addSession('index.php'));
return;
}
$blob_id = uploadFileToBlob($fdes);
if ($blob_id === false) {
function uploadFileToString($FILE_DESCRIPTOR, $SAFETY_CHECK = true)
{
global $CFG, $CONTEXT, $PDOX;
if ($SAFETY_CHECK && checkFileSafety($FILE_DESCRIPTOR) !== true) {
return false;
}
if ($FILE_DESCRIPTOR['error'] == 1) {
return false;
}
if ($FILE_DESCRIPTOR['error'] == 0) {
$filename = basename($FILE_DESCRIPTOR['name']);
if (strpos($filename, '.php') !== false) {
return false;
}
$data = file_get_contents($FILE_DESCRIPTOR['tmp_name']);
return $data;
}
return false;
}