/**
* Save an attachment
*
* @return void
*/
public function saveTask()
{
if (Request::getVar('no_html', 0)) {
return $this->ajaxUploadTask();
}
// Incoming
$pid = Request::getInt('pid', 0);
if (!$pid) {
$this->setError(Lang::txt('CONTRIBUTE_NO_ID'));
$this->displayTask($pid);
return;
}
// Incoming file
$file = Request::getVar('upload', '', 'files', 'array');
if (!$file['name']) {
$this->setError(Lang::txt('CONTRIBUTE_NO_FILE'));
$this->displayTask($pid);
return;
}
// Make the filename safe
$file['name'] = \Filesystem::clean($file['name']);
// Ensure file names fit.
$ext = \Filesystem::extension($file['name']);
$file['name'] = str_replace(' ', '_', $file['name']);
if (strlen($file['name']) > 230) {
$file['name'] = substr($file['name'], 0, 230);
$file['name'] .= '.' . $ext;
}
// Instantiate a new resource object
$row = new Resource($this->database);
if (!$row->bind($_POST)) {
$this->setError($row->getError());
$this->displayTask($pid);
return;
}
$row->title = $row->title ? $row->title : $file['name'];
$row->introtext = $row->title;
$row->created = Date::toSql();
$row->created_by = User::get('id');
$row->published = 1;
$row->publish_up = Date::toSql();
$row->publish_down = '0000-00-00 00:00:00';
$row->standalone = 0;
$row->path = '';
// make sure no path is specified just yet
// Check content
if (!$row->check()) {
$this->setError($row->getError());
$this->displayTask($pid);
return;
}
// File already exists
if ($row->loadByFile($file['name'], $pid)) {
$this->setError(Lang::txt('A file with this name and type appears to already exist.'));
$this->displayTask($pid);
return;
}
// Store new content
if (!$row->store()) {
$this->setError($row->getError());
$this->displayTask($pid);
return;
}
if (!$row->id) {
$row->id = $row->insertid();
}
// Build the path
$listdir = $this->_buildPathFromDate($row->created, $row->id, '');
$path = $this->_buildUploadPath($listdir, '');
// Make sure the upload path exist
if (!is_dir($path)) {
if (!\Filesystem::makeDirectory($path)) {
$this->setError(Lang::txt('COM_CONTRIBUTE_UNABLE_TO_CREATE_UPLOAD_PATH'));
$this->displayTask($pid);
return;
}
}
// Perform the upload
if (!\Filesystem::upload($file['tmp_name'], $path . DS . $file['name'])) {
$this->setError(Lang::txt('COM_CONTRIBUTE_ERROR_UPLOADING'));
} else {
// File was uploaded
// Check the file type
$row->type = $this->_getChildType($file['name']);
// If it's a package (ZIP, etc) ...
/*
Breeze presentations haven't been used for some time.
Completely unnecessary code?
if ($row->type == 38)
{
require_once(PATH_CORE . DS . 'includes' . DS . 'pcl' . DS . 'pclzip.lib.php');
if (!extension_loaded('zlib'))
{
$this->setError(Lang::txt('COM_CONTRIBUTE_ZLIB_PACKAGE_REQUIRED'));
}
else
{
// Check the table of contents and look for a Breeze viewer.swf file
$isbreeze = 0;
$zip = new PclZip($path . DS . $file['name']);
$file_to_unzip = preg_replace('/(.+)\..*$/', '$1', $path . DS . $file['name']);
if (($list = $zip->listContent()) == 0)
{
die('Error: '.$zip->errorInfo(true));
}
for ($i=0; $i<sizeof($list); $i++)
{
if (substr($list[$i]['filename'], strlen($list[$i]['filename']) - 10, strlen($list[$i]['filename'])) == 'viewer.swf')
{
$isbreeze = $list[$i]['filename'];
break;
}
//$this->setError(substr($list[$i]['filename'], strlen($list[$i]['filename']), -4).' '.substr($file['name'], strlen($file['name']), -4));
}
if (!$isbreeze)
{
for ($i=0; $i<sizeof($list); $i++)
{
if (strtolower(substr($list[$i]['filename'], -3)) == 'swf'
&& substr($list[$i]['filename'], strlen($list[$i]['filename']), -4) == substr($file['name'], strlen($file['name']), -4))
{
$isbreeze = $list[$i]['filename'];
break;
}
//$this->setError(substr($list[$i]['filename'], strlen($list[$i]['filename']), -4).' '.substr($file['name'], strlen($file['name']), -4));
}
}
// It IS a breeze presentation
if ($isbreeze)
{
// unzip the file
$do = $zip->extract($path);
if (!$do)
{
$this->setError(Lang::txt('COM_CONTRIBUTE_UNABLE_TO_EXTRACT_PACKAGE'));
}
else
{
$row->path = $listdir . DS . $isbreeze;
@unlink($path . DS . $file['name']);
}
$row->type = $this->_getChildType($row->path);
$row->title = $isbreeze;
}
}
}*/
}
// Scan for viruses
$fpath = $path . DS . $file['name'];
if (!\Filesystem::isSafe($fpath)) {
if (\Filesystem::delete($fpath)) {
// Delete associations to the resource
$row->deleteExistence();
// Delete resource
$row->delete();
}
$this->setError(Lang::txt('File rejected because the anti-virus scan failed.'));
$this->displayTask($pid);
return;
}
if (!$row->path) {
$row->path = $listdir . DS . $file['name'];
}
$row->path = ltrim($row->path, DS);
// Store new content
if (!$row->store()) {
$this->setError($row->getError());
$this->displayTask($pid);
return;
}
// Instantiate a Resources Assoc object
$assoc = new Assoc($this->database);
// Get the last child in the ordering
$assoc->ordering = $assoc->getLastOrder($pid);
$assoc->ordering = $assoc->ordering ? $assoc->ordering : 0;
// Increase the ordering - new items are always last
$assoc->ordering++;
// Create new parent/child association
$assoc->parent_id = $pid;
$assoc->child_id = $row->id;
$assoc->grouping = 0;
if (!$assoc->check()) {
$this->setError($assoc->getError());
}
if (!$assoc->store(true)) {
$this->setError($assoc->getError());
} else {
if (is_readable($path . DS . $file['name'])) {
$hash = @sha1_file($path . DS . $file['name']);
if (!empty($hash)) {
$this->database->setQuery('SELECT id FROM `#__document_text_data` WHERE hash = \'' . $hash . '\'');
if (!($doc_id = $this->database->loadResult())) {
$this->database->execute('INSERT INTO `#__document_text_data` (hash) VALUES (\'' . $hash . '\')');
$doc_id = $this->database->insertId();
}
$this->database->execute('INSERT IGNORE INTO `#__document_resource_rel` (document_id, resource_id) VALUES (' . (int) $doc_id . ', ' . (int) $row->id . ')');
system('/usr/bin/textifier ' . escapeshellarg($path . DS . $file['name']) . ' >/dev/null');
}
}
}
// Push through to the attachments view
$this->displayTask($pid);
}