public function processUpload(HTTPRequest $request) { $attch = new PHPWikiAttachment(); $request_uri = preg_replace('/^\\/wiki/', PHPWIKI_PLUGIN_BASE_URL, $request->getFromServer('REQUEST_URI')); $attch->setUri($request_uri); if ($attch->exist() && $attch->isActive()) { if ($attch->isAutorized(user_getid())) { $attch->htmlDump(); } } else { exit_error($GLOBALS['Language']->getText('global', 'error'), $GLOBALS['Language']->getText('plugin_phpwiki_attachment_upload', 'err_not_exist')); } }
public function getListWithCounter($gid = null, $uid = null, $limit = null) { if ($gid !== null) { $gid = (int) $gid; } else { $gid = $this->gid; } $uid = (int) $uid; $offset = 0; $max = null; if (is_array($limit)) { // Due to permissions, we cannot use SQL limit // This will be possible when whe will have the // possibility to join the permission table and // the attachement table /*$qry .= sprintf(' LIMIT %d,%d', $limit['offset'], $limit['nb']);*/ if (array_key_exists('offset', $limit)) { $offset = (int) $limit['offset']; } if (array_key_exists('nb', $limit)) { $max = (int) $limit['nb']; } } $dao =& PHPWikiAttachment::getDao(); $dar =& $dao->getListWithCounterOrderedByRevDate($gid); $i = 0; $j = 0; // count viewable attch for offset $waArray = array(); $stop = false; while (($row = $dar->getRow()) && !$stop) { if ($max !== null && $i >= $max) { $stop = true; break; } $wa = new PHPWikiAttachment($gid); $wa->setFromRow($row); // Check for user rights $isAllowedToSee = false; if (!$wa->permissionExist() || $wa->isAutorized($uid)) { if ($j >= $offset) { $wa->setRevisionCounter($row['nb']); $waArray[] =& $wa; $i++; } $j++; } unset($wa); } return new ArrayIterator($waArray); }
/** * Perform wiki attachment removal. */ function deleteAttachments() { $request = HTTPRequest::instance(); if ($request->isPost() && $request->exist('attachments_to_delete')) { $args = $request->get('attachments_to_delete'); $deleteStatus = true; $um = UserManager::instance(); $user = $um->getCurrentUser(); foreach ($args as $id) { $valid = new Valid_UInt('repo_id'); $valid->required(); if ($valid->validate($id)) { $wa = new PHPWikiAttachment(); $wa->initWithId($id); if ($wa->validate() && $wa->gid == $_REQUEST['group_id'] && $wa->isAutorized($user->getId())) { if (!$wa->deleteAttachment()) { $deleteStatus = false; } } else { $deleteStatus = false; } } else { $deleteStatus = false; } } if ($deleteStatus) { $GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('plugin_phpwiki_actions_wikiserviceadmin', 'delete_attachment_success')); } else { $GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_phpwiki_actions_wikiserviceadmin', 'delete_attachment_failure')); } } }