public function handle_file() { $uploads = cms_utils::get_module('Uploads'); // validate the data. if (!isset($this->_data['src'])) { throw UploadsException('Invalid attributes... no source file set'); } if (!$this->_category) { throw UploadsException('Invalid/Null upload category speciried'); } if (!isset($this->_data['summary'])) { $sumamry = basename($this->_data['src']); $this->set_summary($summary); } if (!isset($this->_data['description'])) { $this->_data['description'] = ''; } if (!isset($this->_data['key'])) { $this->_data['key'] = ''; } if (!isset($this->_data['author'])) { // author hasn't been previously set. // try to find something we can use. global $CMS_ADMIN_PAGE; $author = 'Anonymous'; if (isset($CMS_ADMIN_PAGE)) { // it's an admin action... get the currently logged in username $uid = get_userid(FALSE); if ($uid) { $userops = cmsms()->GetUserOperations(); $user = $userops->LoadUserById($uid); if ($user) { $author = $user->username; } } } else { $feu = cms_utils::get_module('FrontEndUsers'); if ($feu) { $tmp = $feu->LoggedInName(); if ($tmp) { $author = $tmp; } } } $this->_data['author'] = $author; } $db = cmsms()->GetDb(); $destfile = $this->get_destfile(); $existing_fileid = null; if (file_exists($destfile) && !isset($this->_data['allow_overwrite'])) { // not allowing overwrite throw new UploadsException('Destination File Exists: ' . $destfile); } else { if (file_exists($destfile)) { // allowing overwrite... try to find a file id. $query = 'SELECT upload_id FROM ' . cms_db_prefix() . 'module_uploads WHERE upload_name = ? AND upload_category_id = ?'; $existing_fileid = $db->GetOne($query, basename($destname), $this->_category['uploads_category_id']); } } // see if we're gonna watermark $_created = array(); $can_unlink = FALSE; $srcfile = $this->_data['src']; if (isset($this->_data['do_watermark'])) { $dn = dirname($destfile); $fn = basename($destfile); $wmname = cms_join_path($dn, 'wm_', $fn); $wmobj = cge_setup::get_watermarker(); $res = $wmobj->create_watermarked_image($srcfile, $wmname); if ($res !== FALSE) { $can_unlink = TRUE; $srcfile = $wmname; $_created[] = $srcfile; } } // see if we're gonna thumbnail. $thumb_name = ''; if (isset($this->_data['do_thumbnail'])) { $thumb_name = basename($destname); $dn = dirname($destname); $thumbfile = cms_join_path($dn, 'thumb_' . $thumb_name); $uploads->imageTransform($srcfile, $thumbfile); $_created[] = $thumbfile; } else { if (isset($this->_data['thumbnail'])) { $thumb_name = basename($destname); $dn = dirname($destname); $thumbfile = cms_join_path($dn, 'thumb_' . $thumb_name); @copy($this->_data['thumbnail'], $thumbfile); $_created[] = $thumbfile; } } // do the copy. @unlink($destfile); @copy($srcfile, $destfile); $_created[] = $destfile; // do the insert or update $dbr = ''; if (!$existing_fileid) { $existing_fileid = $db->GenId(cms_db_prefix() . 'module_uploads_seq'); // insert $query = 'INSERT INTO ' . cms_db_prefix() . 'module_uploads (upload_id,upload_category_id,upload_name,upload_author, upload_summary,upload_description,upload_ip,upload_size, upload_date, upload_key, upload_thumbnail) VALUES (?,?,?,?,?,?,?,?,NOW(),?,?)'; $dbr = $db->Execute($query, array($existing_fileid, $this->_category['upload_category_id'], basename($destfile), $this->_data['author'], $this->_data['summary'], $this->_data['desciption'], cge_utils::get_real_ip(), filesize($this->_data['src']), $this->_data['key'], $thumb_name)); } else { // update... delete custom fields. $query = 'DELETE FROM ' . cms_db_prefix() . 'module_uploads_fieldvals WHERE upload_id = ?'; $dbr = $db->Execute($query, array($existing_fileid)); $query = 'UPDATE ' . cms_db_prefix() . 'module_uploads SET upload_name = ?, upload_author = ?, upload_summary = ?, upload_description = ?, upload_ip = ?, upload_size = ?, upload_date = NOW(), upload_key = ?, upload_thumbnail = ? WHERE upload_id = ?'; $dbr = $db->Execute($query, array(basename($destfile), $this->_data['author'], $this->_data['summary'], $this->_data['desc'], cge_array::get_real_ip(), filesize($destfile), $this->_data['key'], $thumb_name, $existing_fileid)); } if (!$dbr) { foreach ($_created as $one) { @unlink($one); } throw new UploadsException('Database operation failed: ' . $db->sql . ' -- ' . $db->ErrorMsg()); } $fields = ''; $query = 'SELECT id,name FROM ' . cms_db_prefix() . 'module_uploads_fielddefs ORDER BY iorder'; $tmp = $db->GetArray($query); if (!is_array($tmp)) { $fields = cge_array::to_hash($tmp, 'name'); } if (is_array($fields) && isset($this->_data['fields'])) { // do the custom fields. $iquery = 'INSERT INTO ' . cms_db_prefix() . 'module_uploads_fieldvals (upload_id, fld_id, value) VALUES (?,?,?)'; foreach ($this->_data['fields'] as $key => $value) { if (!isset($fields[$key])) { continue; } $field_id = $fields[$key]['id']; $db->Execute($iquery, array($existing_fileid, $ield_id, $value)); } } // add something to the audit log. audit($existing_fileid, $uploads->GetName(), 'Uploaded file ' . basename($destfile)); // and we're done... return $existing_fileid; }