/**
* Truncate the filename if it is longer than the maxlen
* Do this by deleting necessary at the end of the base filename (before the extensions)
*
* @param string $raw_filename the input filename
* @param int $maxlen the maximum allowed length (0 means no limit)
*
* @return the truncated filename
*/
public static function truncate_filename($raw_filename, $maxlen)
{
return parent::truncate_filename($raw_filename, $maxlen);
}
function upload_file(&$row, $article_id, $update = false, $attachment_id = false)
{
global $mainframe;
// Get the component parameters
jimport('joomla.application.component.helper');
$params = JComponentHelper::getParams('com_attachments');
// Get the auto-publish setting
$auto_publish = $params->get('publish_default', false);
// Make sure the attachments directory exists
$upload_subdir = $params->get('attachments_subdir', 'attachments');
if ($upload_subdir == '') {
$upload_subdir = 'attachments';
}
$upload_dir = JPATH_SITE . DS . $upload_subdir;
$secure = $params->get('secure', false);
if (!AttachmentsHelper::setup_upload_directory($upload_dir, $secure)) {
$errmsg = JText::_('ERROR UNABLE TO SETUP UPLOAD DIR');
JError::raiseError(500, "<p>" . $errmsg . " ({$upload_dir})</p>");
}
// If we are updating, note the name of the old filename
$old_filename = null;
$old_filename_sys = null;
if ($update) {
$old_filename = $row->filename;
$old_filename_sys = $row->filename_sys;
}
// Get the new filename
$filename = $_FILES['upload']['name'];
$ftype = $_FILES['upload']['type'];
// Make sure a file was successfully uploaded
if ($update) {
$update_file = JRequest::getVar('change', true);
} else {
$update_file = true;
}
if ($update_file && $_FILES['upload']['size'] == 0 && $_FILES['upload']['tmp_name'] == '') {
// Guess the type of error
if ($filename == '') {
$error = 'no_file';
$error_msg = JText::_('ERROR UPLOADING FILE') . ' ' . $filename;
$error_msg .= ' (' . JText::_('YOU MUST SELECT A FILE TO UPLOAD') . ')';
if ($mainframe->isAdmin()) {
return $error_msg;
}
} else {
$error = 'file_too_big';
$error_msg = JText::_('ERROR UPLOADING FILE') . ' ' . $filename;
$error_msg .= ' <br>(' . JText::_('ERROR MAY BE LARGER THAN LIMIT') . ' ';
$error_msg .= get_cfg_var('upload_max_filesize') . ')';
if ($mainframe->isAdmin()) {
return $error_msg;
}
}
// Set up the view to redisplay the form with warnings
if ($update) {
require_once JPATH_COMPONENT_SITE . DS . 'views' . DS . 'update' . DS . 'view.php';
$view = new AttachmentsViewUpdate();
$view->assign('update_file', $update_file);
$view->assign('attachment_id', $attachment_id);
} else {
require_once JPATH_COMPONENT_SITE . DS . 'views' . DS . 'upload' . DS . 'view.php';
$view = new AttachmentsViewUpload();
}
$view->assign('save_url', JRoute::_("index.php?option=com_attachments&task=save&tmpl=component"));
$view->assign('filename', $filename);
$view->assign('article_id', $article_id);
$view->assign('article_title', AttachmentsHelper::get_article_title($article_id));
$view->assign('description', $row->description);
$view->assign('display_filename', $row->display_filename);
$view->assign('user_field_1', $row->user_field_1);
$view->assign('user_field_2', $row->user_field_2);
$view->assign('user_field_3', $row->user_field_3);
$view->assign('from', JRequest::getVar('from', ''));
$view->assign('Itemid', JRequest::getVar('Itemid', 1));
$view->assignRef('params', $params);
$view->display(null, $error, $error_msg, true);
exit;
}
// Make sure the file type is okay (respect restrictions imposed by media manager)
jimport('joomla.filesystem.file');
$cmparams =& JComponentHelper::getParams('com_media');
// First check to make sure the extension is allowed
$allowable = explode(',', $cmparams->get('upload_extensions'));
$ignored = explode(',', $cmparams->get('ignore_extensions'));
$format = strtolower(JFile::getExt($filename));
$error = false;
$error_msg = false;
if (!in_array($format, $allowable) && !in_array($format, $ignored)) {
$error = 'illegal_file_extension';
$error_msg = JText::_('ERROR UPLOADING FILE') . ': ' . $filename;
$error_msg .= "<br>" . JText::_('ERROR ILLEGAL FILE EXTENSION') . " {$format}";
$error_msg .= "<br>" . JText::_('ERROR CHANGE IN MEDIA MANAGER');
}
// Check to make sure the mime type is okay
if ($cmparams->get('restrict_uploads', true)) {
if ($cmparams->get('check_mime', true)) {
$allowed_mime = explode(',', $cmparams->get('upload_mime'));
$illegal_mime = explode(',', $cmparams->get('upload_mime_illegal'));
if (strlen($ftype) && !in_array($ftype, $allowed_mime) && in_array($ftype, $illegal_mime)) {
$error = 'illegal_mime_type';
$error_msg = JText::_('ERROR UPLOADING FILE') . ' ' . $filename;
$error_msg .= ', ' . JText::_('ERROR ILLEGAL FILE MIME TYPE') . " {$ftype}";
$error_msg .= " <br>" . JText::_('ERROR CHANGE IN MEDIA MANAGER');
}
}
}
// If there was an error, refresh the form with a warning
if ($error) {
if ($mainframe->isAdmin()) {
return $error_msg;
}
// Set up the view to redisplay the form with warnings
if ($update) {
require_once JPATH_COMPONENT_SITE . DS . 'views' . DS . 'update' . DS . 'view.php';
$view = new AttachmentsViewUpdate();
$view->assign('update_file', JRequest::getVar('change', false));
$view->assign('attachment_id', $attachment_id);
} else {
require_once JPATH_COMPONENT_SITE . DS . 'views' . DS . 'upload' . DS . 'view.php';
$view = new AttachmentsViewUpload();
}
$view->assign('save_url', JRoute::_("index.php?option=com_attachments&task=save&tmpl=component"));
$view->assign('filename', $filename);
$view->assign('article_id', $article_id);
$view->assign('article_title', AttachmentsHelper::get_article_title($article_id));
$view->assign('description', $row->description);
$view->assign('display_filename', $row->display_filename);
$view->assign('user_field_1', $row->user_field_1);
$view->assign('user_field_2', $row->user_field_2);
$view->assign('user_field_3', $row->user_field_3);
$view->assign('from', JRequest::getVar('from', ''));
$view->assign('Itemid', JRequest::getVar('Itemid', 1));
$view->assignRef('params', $params);
$view->display(null, $error, $error_msg, true);
exit;
}
// Define where the attachments go
$upload_url = $params->get('attachments_subdir', 'attachments');
$upload_dir = JPATH_SITE . DS . $upload_url;
// Figure out the system filename
$filename_sys = null;
$url = null;
$prepend = $params->get('prepend', 'article_id');
switch ($prepend) {
case 'article_id':
$prefix = sprintf("%03d_", $article_id);
$filename_sys = $upload_dir . DS . $prefix . $filename;
$url = $upload_url . "/" . $prefix . $filename;
break;
// NOTE: for attachment_id, save normally and make a second pass
// to rename the file after we know the attachment ID
// NOTE: for attachment_id, save normally and make a second pass
// to rename the file after we know the attachment ID
default:
$filename_sys = $upload_dir . DS . $filename;
$url = $upload_url . "/" . $filename;
}
// If not updating, make sure the system filename doesn't already exist
$error = false;
if (!$update && JFile::exists($filename_sys) && $prepend != 'attachment_id') {
$error = 'file_not_on_server';
$error_msg = JText::_('ERROR FILE ALREADY ON SERVER');
$error_msg .= " ({$filename})";
if ($mainframe->isAdmin()) {
return $error_msg;
}
// Set up the view to redisplay the form with warnings
require_once JPATH_COMPONENT_SITE . DS . 'views' . DS . 'upload' . DS . 'view.php';
$view = new AttachmentsViewUpload();
$view->assign('filename', $filename);
$view->assign('save_url', JRoute::_("index.php?option=com_attachments&task=save&tmpl=component"));
$view->assign('article_id', $article_id);
$view->assign('article_title', AttachmentsHelper::get_article_title($article_id));
$view->assign('description', $row->description);
$view->assign('display_filename', $row->display_filename);
$view->assign('user_field_1', $row->user_field_1);
$view->assign('user_field_2', $row->user_field_2);
$view->assign('user_field_3', $row->user_field_3);
$view->assign('from', JRequest::getVar('from', ''));
$view->assign('Itemid', JRequest::getVar('Itemid', 1));
$view->assignRef('params', $params);
$view->display(null, $error, $error_msg, true);
exit;
}
// Get the maximum allowed filename length (for the filename display)
$max_filename_length = $params->get('max_filename_length', 0);
if (is_numeric($max_filename_length)) {
$max_filename_length = intval($max_filename_length);
} else {
$max_filename_length = 0;
}
// Create a display filename, if needed (for long filenames)
if ($max_filename_length > 0 and strlen($row->display_filename) == 0 and strlen($filename) > $max_filename_length) {
$row->display_filename = AttachmentsHelper::truncate_filename($filename, $max_filename_length);
}
// Copy the info about the uploaded file into the new record
$row->filename = $filename;
$row->filename_sys = $filename_sys;
$row->url = $url;
$row->file_type = $ftype;
$row->file_size = $_FILES['upload']['size'];
$row->published = $auto_publish;
// Set the create/modify dates
jimport('joomla.utilities.date');
$now = new JDate();
$row->create_date = $now->toMySQL();
$row->modification_date = $row->create_date;
// Add the icon file type
require_once JPATH_COMPONENT_SITE . DS . 'file_types.php';
$row->icon_filename = AttachmentsFileTypes::icon_filename($filename, $ftype);
// Save the updated attachment
if (!$row->store()) {
JError::raiseError(500, $row->getError());
}
// Get the upload id
$db =& JFactory::getDBO();
$attachment_id = $db->insertid();
// If we're prepending attachment IDs, fix the system filename and URL and
// update the attachment record (now that we know the attachment ID)
if ($prepend == 'attachment_id') {
$prefix = sprintf("%03d_", $attachment_id);
$filename_sys = $upload_dir . DS . $prefix . $filename;
$url = $upload_url . "/" . $prefix . $filename;
$row->id = $attachment_id;
$row->filename_sys = $filename_sys;
$row->url = $url;
$row->store();
}
// Move the file
$msg = "";
if (JFile::upload($_FILES['upload']['tmp_name'], $filename_sys)) {
$size = intval($row->file_size / 1024.0);
chmod($filename_sys, 0644);
if ($update) {
$msg = JText::_('UPDATED ATTACHMENT') . ' ' . $filename . " (" . $size . " Kb)!";
} else {
$msg = JText::_('UPLOADED ATTACHMENT') . ' ' . $filename . " (" . $size . " Kb)!";
}
} else {
$query = "DELETE FROM #__attachments WHERE id={$attachment_id}";
$db->setQuery($query);
$result = $db->query();
$msg = JText::_('ERROR MOVING FILE') . " {$_FILES['upload']['tmp_name']} -> {$filename_sys})";
}
// If we are updating, we may need to delete the old file
if ($update) {
if ($filename != $old_filename) {
JFile::delete($old_filename_sys);
}
}
return $msg;
}
/**
* Add the infomation about the URL to the attaachment record and then save it
*
* @param &object &$attachment the attachment object
* @param &object &$parent the attachments parent object
* @param bool $verify whether the existance of the URL should be checked
* @param bool $relative_url allow relative URLs
* @param string $update the type of update (or false if it is not an update)
* @param int $attachment_id the attachment ID, false if this is a new attachment
*
* @return an error message if there is a problem
*/
public static function add_url(&$attachment, &$parent, $verify, $relative_url = false, $update = false, $attachment_id = false)
{
$user = JFactory::getUser();
// Get the component parameters
jimport('joomla.application.component.helper');
$params = JComponentHelper::getParams('com_attachments');
// Get the auto-publish setting
$auto_publish = $params->get('publish_default', false);
// Figure out if the user has permissions to publish
$may_publish = $parent->userMayChangeAttachmentState($attachment->parent_id, $attachment->parent_entity, $attachment->created_by);
// If we are updating, note the name of the old filename (if there was one)
// (Needed for switching from a file to a URL)
$old_filename = null;
$old_filename_sys = null;
$old_display_name = null;
if ($update) {
if ($attachment->filename_sys) {
$old_filename = $attachment->filename;
$old_filename_sys = $attachment->filename_sys;
}
$old_display_name = JRequest::getString('old_display_name', null);
}
// Check to make sure the URL is valid
$from = JRequest::getWord('from');
// Get the info from the url
$result = AttachmentsHelper::get_url_info($attachment->url, $attachment, $verify, $relative_url);
// Save the info about the URL flags
$attachment->url_verify = $verify;
$attachment->url_relative = $relative_url;
// If there was an error, bow out
if ($result !== true) {
$app = JFactory::getApplication();
if ($app->isAdmin()) {
return $result;
}
$update_form = JRequest::getWord('update');
// Redisplay the upload/update form with complaints
if ($update) {
require_once JPATH_COMPONENT_SITE . '/views/update/view.html.php';
$view = new AttachmentsViewUpdate();
AttachmentsHelper::add_view_urls($view, 'update', $attachment->parent_id, $attachment->parent_type, $attachment_id, $from);
$view->update = $update_form;
} else {
require_once JPATH_COMPONENT_SITE . '/views/upload/view.html.php';
$view = new AttachmentsViewUpload();
AttachmentsHelper::add_view_urls($view, 'upload', $attachment->parent_id, $attachment->parent_type, null, $from);
}
// Suppress the display filename if we are changing from file to url
$display_name = $attachment->display_name;
if ($update && ($update == 'file' || $update != $attachment->uri_type)) {
$attachment->display_name = '';
}
// Set up the view
$view->attachment = $attachment;
$view->new_parent = $parent->new;
$view->parent = $parent;
$view->params = $params;
$view->from = $from;
$view->Itemid = JRequest::getInt('Itemid', 1);
$view->error = $result->error;
$view->error_msg = $result->error_msg;
// Display the view
$view->display();
exit;
}
// Clear out the display_name if the URL has changed
$old_url = JRequest::getString('old_url');
if ($attachment->display_name && $attachment->url != $old_url) {
$old_display_name = JRequest::getString('old_display_name');
if ($old_display_name == $attachment->display_name) {
$attachment->display_name = '';
}
}
// Get the maximum allowed filename length (for the filename display)
$max_filename_length = $params->get('max_filename_length', 0);
if (is_numeric($max_filename_length)) {
$max_filename_length = (int) $max_filename_length;
} else {
$max_filename_length = 0;
}
// Create a display filename, if needed (for long URLs)
if ($max_filename_length > 0 && strlen($attachment->display_name) == 0) {
if ($attachment->filename) {
$attachment->display_name = AttachmentsHelper::truncate_filename($attachment->filename, $max_filename_length);
} else {
$attachment->display_name = AttachmentsHelper::truncate_url($attachment->url, $max_filename_length);
}
}
// Assume relative URLs are valid
if ($relative_url) {
$attachment->url_valid = true;
}
// If there is no filename, do something about it
if (!$attachment->filename and !$attachment->display_name) {
$attachment->display_name = $attachment->url;
}
// If the user is not authorised to change the state (eg, publish/unpublish),
// ignore the form data and make sure the publish state is set correctly.
if (!$may_publish) {
$save_type = JString::strtolower(JRequest::getWord('save_type', 'update'));
if ($save_type == 'upload') {
// Use the default publish state
jimport('joomla.application.component.helper');
$params = JComponentHelper::getParams('com_attachments');
$attachment->state = $params->get('publish_default', false);
} else {
// Restore the old state
$db = JFactory::getDBO();
$query = $db->getQuery(true);
$query->select('state')->from('#__attachments')->where('id = ' . (int) $attachment->id);
$db->setQuery($query, 0, 1);
$old_state = $db->loadResult();
if ($db->getErrorNum()) {
$errmsg = $db->stderr() . ' (ERR 39)';
JError::raiseError(500, $errmsg);
}
$attachment->state = $old_state;
}
}
// Set the create/modify dates
$now = JFactory::getDate();
$attachment->created = $now->toSql();
$attachment->modified = $attachment->created;
$attachment->uri_type = 'url';
// Check the URL length
if (strlen($attachment->url) > AttachmentsDefines::$MAXIMUM_URL_LENGTH) {
$errmsg = "URL is too long! (" . strlen($attachment->url) . ")";
// ??? Convert to translated error message
JError::raiseError(500, $errmsg);
}
// Save the updated attachment
if (!$attachment->store()) {
$errmsg = JText::_('ATTACH_ERROR_SAVING_URL_ATTACHMENT_RECORD') . $attachment->getError() . ' (ERR 40)';
JError::raiseError(500, $errmsg);
}
// Delete any old attachment file
if ($old_filename_sys) {
jimport('joomla.filesystem.file');
if (JFile::exists($old_filename_sys)) {
JFile::delete($old_filename_sys);
AttachmentsHelper::clean_directory($old_filename_sys);
}
}
if ($update) {
$msg = JText::_('ATTACH_ATTACHMENT_UPDATED');
} else {
$msg = JText::_('ATTACH_ATTACHMENT_SAVED');
}
return $msg;
}
