/**
* Upload a file to the wiki via AJAX
*
* @return string
*/
public function ajaxUploadTask()
{
// Check if they're logged in
if (User::isGuest()) {
echo json_encode(array('error' => Lang::txt('Must be logged in.')));
return;
}
// Ensure we have an ID to work with
$pid = strtolower(Request::getInt('pid', 0));
if (!$pid) {
echo json_encode(array('error' => Lang::txt('COM_RESOURCES_NO_ID')));
return;
}
//max upload size
$sizeLimit = $this->config->get('maxAllowed', 40000000);
// get the file
if (isset($_GET['qqfile'])) {
$stream = true;
$file = $_GET['qqfile'];
$size = (int) $_SERVER["CONTENT_LENGTH"];
} elseif (isset($_FILES['qqfile'])) {
//$files = Request::getVar('qqfile', '', 'files', 'array');
$stream = false;
$file = $_FILES['qqfile']['name'];
$size = (int) $_FILES['qqfile']['size'];
} else {
echo json_encode(array('error' => Lang::txt('File not found')));
return;
}
//check to make sure we have a file and its not too big
if ($size == 0) {
echo json_encode(array('error' => Lang::txt('File is empty')));
return;
}
if ($size > $sizeLimit) {
$max = preg_replace('/<abbr \\w+=\\"\\w+\\">(\\w{1,3})<\\/abbr>/', '$1', Number::formatBytes($sizeLimit));
echo json_encode(array('error' => Lang::txt('File is too large. Max file upload size is %s', $max)));
return;
}
// don't overwrite previous files that were uploaded
$pathinfo = pathinfo($file);
$filename = $pathinfo['filename'];
// Make the filename safe
$filename = urldecode($filename);
$filename = \Filesystem::clean($filename);
$filename = str_replace(' ', '_', $filename);
$ext = $pathinfo['extension'];
/*while (file_exists($path . DS . $filename . '.' . $ext))
{
$filename .= rand(10, 99);
}*/
// Instantiate a new resource object
$row = new Resource($this->database);
$row->title = $filename . '.' . $ext;
$row->introtext = $row->title;
$row->created = Date::toSql();
$row->created_by = User::get('id');
$row->published = 1;
$row->publish_up = Date::toSql();
$row->publish_down = '0000-00-00 00:00:00';
$row->standalone = 0;
$row->access = 0;
$row->path = '';
// make sure no path is specified just yet
$row->type = $this->_getChildType($filename . '.' . $ext);
// setup videos to auto-play in hub
if ($this->config->get('file_video_html5', 1)) {
if (in_array($ext, array('mp4', 'webm', 'ogv'))) {
$row->type = 41;
// Video type
}
}
// Check content
if (!$row->check()) {
echo json_encode(array('error' => $row->getError()));
return;
}
// File already exists
if ($row->loadByFile($filename, $pid)) {
echo json_encode(array('error' => Lang::txt('A file with this name and type appears to already exist.')));
return;
}
// Store new content
if (!$row->store()) {
echo json_encode(array('error' => $row->getError()));
return;
}
if (!$row->id) {
$row->id = $row->insertid();
}
//define upload directory and make sure its writable
$listdir = $this->_buildPathFromDate($row->created, $row->id, '');
$path = $this->_buildUploadPath($listdir, '');
if (!is_dir($path)) {
if (!\Filesystem::makeDirectory($path)) {
echo json_encode(array('error' => Lang::txt('Error uploading. Unable to create path.')));
return;
}
}
if (!is_writable($path)) {
echo json_encode(array('error' => Lang::txt('Server error. Upload directory isn\'t writable.')));
return;
}
$file = $path . DS . $filename . '.' . $ext;
if ($stream) {
//read the php input stream to upload file
$input = fopen("php://input", "r");
$temp = tmpfile();
$realSize = stream_copy_to_stream($input, $temp);
fclose($input);
//move from temp location to target location which is user folder
$target = fopen($file, "w");
fseek($temp, 0, SEEK_SET);
stream_copy_to_stream($temp, $target);
fclose($target);
} else {
move_uploaded_file($_FILES['qqfile']['tmp_name'], $file);
}
$assoc = new Assoc($this->database);
// Get the last child in the ordering
$assoc->ordering = $assoc->getLastOrder($pid);
$assoc->ordering = $assoc->ordering ? $assoc->ordering : 0;
// Increase the ordering - new items are always last
$assoc->ordering++;
// Create new parent/child association
$assoc->parent_id = $pid;
$assoc->child_id = $row->id;
$assoc->grouping = 0;
if (!$assoc->check()) {
echo json_encode(array('success' => false, 'errors' => $assoc->getErrors(), 'file' => $filename . '.' . $ext, 'directory' => '', 'parent' => $pid));
return;
}
if (!$assoc->store(true)) {
echo json_encode(array('success' => false, 'errors' => $assoc->getErrors(), 'file' => $filename . '.' . $ext, 'directory' => '', 'parent' => $pid));
return;
}
if (!\Filesystem::isSafe($file)) {
if (\Filesystem::delete($file)) {
// Delete associations to the resource
$row->deleteExistence();
// Delete resource
$row->delete();
}
$this->setError(Lang::txt('File rejected because the anti-virus scan failed.'));
echo json_encode(array('success' => false, 'errors' => $this->getErrors(), 'file' => $filename . '.' . $ext, 'directory' => str_replace(PATH_APP, '', $path), 'parent' => $pid));
return;
}
if (!$row->path) {
$row->path = $listdir . DS . $filename . '.' . $ext;
}
$row->path = ltrim($row->path, DS);
$row->store();
if (is_readable($file)) {
$hash = @sha1_file($file);
if (!empty($hash)) {
$this->database->setQuery('SELECT id FROM `#__document_text_data` WHERE hash = \'' . $hash . '\'');
if (!($doc_id = $this->database->loadResult())) {
$this->database->execute('INSERT INTO `#__document_text_data` (hash) VALUES (\'' . $hash . '\')');
$doc_id = $this->database->insertId();
}
$this->database->execute('INSERT IGNORE INTO `#__document_resource_rel` (document_id, resource_id) VALUES (' . (int) $doc_id . ', ' . (int) $row->id . ')');
system('/usr/bin/textifier ' . escapeshellarg($file) . ' >/dev/null');
}
}
echo json_encode(array('success' => true, 'errors' => $this->getErrors(), 'file' => $filename . '.' . $ext, 'directory' => str_replace(PATH_APP, '', $path), 'parent' => $pid));
}
