$conn_id = file_ftp_connect();
file_ftp_delete($conn_id, $t_disk_file_name);
file_ftp_put($conn_id, $t_disk_file_name, $v_tmp_name);
file_ftp_disconnect($conn_id);
}
if (file_exists($t_disk_file_name)) {
file_delete_local($t_disk_file_name);
}
if (!move_uploaded_file($v_tmp_name, $t_disk_file_name)) {
trigger_error(ERROR_FILE_MOVE_FAILED, ERROR);
}
chmod($t_disk_file_name, config_get('attachments_file_permissions'));
$c_content = '';
break;
case DATABASE:
$c_content = db_prepare_binary_string(fread(fopen($v_tmp_name, 'rb'), $v_size));
break;
default:
/** @todo Such errors should be checked in the admin checks */
trigger_error(ERROR_GENERIC, ERROR);
}
$query = "UPDATE {$t_project_file_table}\n\t\t\tSET title=" . db_param() . ", description=" . db_param() . ", date_added=" . db_param() . ",\n\t\t\t\tfilename=" . db_param() . ", filesize=" . db_param() . ", file_type=" . db_param() . ", content=" . db_param() . "\n\t\t\t\tWHERE id=" . db_param();
$result = db_query_bound($query, array($c_title, $c_description, db_now(), $c_file_name, $c_file_size, $c_file_type, $c_content, $c_file_id));
} else {
$query = "UPDATE {$t_project_file_table}\n\t\t\t\tSET title=" . db_param() . ", description=" . db_param() . "\n\t\t\t\tWHERE id=" . db_param();
$result = db_query_bound($query, array($c_title, $c_description, $c_file_id));
}
if (!$result) {
trigger_error(ERROR_GENERIC, ERROR);
}
form_security_purge('proj_doc_update');
function mci_file_add($p_id, $p_name, $p_content, $p_file_type, $p_table, $p_title = '', $p_desc = '', $p_user_id = null)
{
if (!file_type_check($p_name)) {
return new soap_fault('Client', '', 'File type not allowed.');
}
if (!file_is_name_unique($p_name, $p_id)) {
return new soap_fault('Client', '', 'Duplicate filename.');
}
$t_file_size = strlen($p_content);
$t_max_file_size = (int) min(ini_get_number('upload_max_filesize'), ini_get_number('post_max_size'), config_get('max_file_size'));
if ($t_file_size > $t_max_file_size) {
return new soap_fault('Client', '', 'File is too big.');
}
if ('bug' == $p_table) {
$t_project_id = bug_get_field($p_id, 'project_id');
$t_issue_id = bug_format_id($p_id);
} else {
$t_project_id = $p_id;
$t_issue_id = 0;
}
# prepare variables for insertion
$c_issue_id = db_prepare_int($t_issue_id);
$c_project_id = db_prepare_int($t_project_id);
$c_file_type = db_prepare_string($p_file_type);
$c_title = db_prepare_string($p_title);
$c_desc = db_prepare_string($p_desc);
if ($p_user_id === null) {
$c_user_id = auth_get_current_user_id();
} else {
$c_user_id = (int) $p_user_id;
}
if ($t_project_id == ALL_PROJECTS) {
$t_file_path = config_get('absolute_path_default_upload_folder');
} else {
$t_file_path = project_get_field($t_project_id, 'file_path');
if ($t_file_path == '') {
$t_file_path = config_get('absolute_path_default_upload_folder');
}
}
$c_file_path = db_prepare_string($t_file_path);
$c_new_file_name = db_prepare_string($p_name);
$t_file_hash = $t_issue_id;
$t_disk_file_name = $t_file_path . file_generate_unique_name($t_file_hash . '-' . $p_name, $t_file_path);
$c_disk_file_name = db_prepare_string($t_disk_file_name);
$t_file_size = strlen($p_content);
$c_file_size = db_prepare_int($t_file_size);
$t_method = config_get('file_upload_method');
switch ($t_method) {
case FTP:
case DISK:
if (!file_exists($t_file_path) || !is_dir($t_file_path) || !is_writable($t_file_path) || !is_readable($t_file_path)) {
return new soap_fault('Server', '', "Upload folder '{$t_file_path}' doesn't exist.");
}
file_ensure_valid_upload_path($t_file_path);
if (!file_exists($t_disk_file_name)) {
mci_file_write_local($t_disk_file_name, $p_content);
if (FTP == $t_method) {
$conn_id = file_ftp_connect();
file_ftp_put($conn_id, $t_disk_file_name, $t_disk_file_name);
file_ftp_disconnect($conn_id);
file_delete_local($t_disk_file_name);
} else {
chmod($t_disk_file_name, config_get('attachments_file_permissions'));
}
$c_content = "''";
}
break;
case DATABASE:
$c_content = db_prepare_binary_string($p_content);
break;
}
$t_file_table = db_get_table($p_table . '_file');
$c_id = 'bug' == $p_table ? $c_issue_id : $c_project_id;
$query = "INSERT INTO {$t_file_table}\n\t\t\t(" . $p_table . "_id, title, description, diskfile, filename, folder, filesize, file_type, date_added, content, user_id)\n\t\tVALUES\n\t\t\t({$c_id}, '{$c_title}', '{$c_desc}', '{$c_disk_file_name}', '{$c_new_file_name}', '{$c_file_path}', {$c_file_size}, '{$c_file_type}', '" . db_now() . "', {$c_content}, {$c_user_id})";
db_query($query);
# get attachment id
$t_attachment_id = db_insert_id($t_file_table);
if ('bug' == $p_table) {
# updated the last_updated date
$result = bug_update_date($c_issue_id);
# log new bug
history_log_event_special($c_issue_id, FILE_ADDED, $c_new_file_name);
}
return $t_attachment_id;
}
/**
* Add a file to the system using the configured storage method
*
* @param integer $p_bug_id The bug id (should be 0 when adding project doc).
* @param array $p_file The uploaded file info, as retrieved from gpc_get_file().
* @param string $p_table Either 'bug' or 'project' depending on attachment type.
* @param string $p_title File title.
* @param string $p_desc File description.
* @param integer $p_user_id User id (defaults to current user).
* @param integer $p_date_added Date added.
* @param boolean $p_skip_bug_update Skip bug last modification update (useful when importing bug attachments).
* @return void
*/
function file_add($p_bug_id, array $p_file, $p_table = 'bug', $p_title = '', $p_desc = '', $p_user_id = null, $p_date_added = 0, $p_skip_bug_update = false)
{
file_ensure_uploaded($p_file);
$t_file_name = $p_file['name'];
$t_tmp_file = $p_file['tmp_name'];
if (!file_type_check($t_file_name)) {
trigger_error(ERROR_FILE_NOT_ALLOWED, ERROR);
}
if (!file_is_name_unique($t_file_name, $p_bug_id)) {
trigger_error(ERROR_FILE_DUPLICATE, ERROR);
}
$t_file_size = filesize($t_tmp_file);
if (0 == $t_file_size) {
trigger_error(ERROR_FILE_NO_UPLOAD_FAILURE, ERROR);
}
$t_max_file_size = (int) min(ini_get_number('upload_max_filesize'), ini_get_number('post_max_size'), config_get('max_file_size'));
if ($t_file_size > $t_max_file_size) {
trigger_error(ERROR_FILE_TOO_BIG, ERROR);
}
if ('bug' == $p_table) {
$t_project_id = bug_get_field($p_bug_id, 'project_id');
$t_id = (int) $p_bug_id;
$t_bug_id = bug_format_id($p_bug_id);
} else {
$t_project_id = helper_get_current_project();
$t_id = $t_project_id;
$t_bug_id = 0;
}
if ($p_user_id === null) {
$p_user_id = auth_get_current_user_id();
}
if ($p_date_added <= 0) {
$p_date_added = db_now();
}
if ($t_project_id == ALL_PROJECTS) {
$t_file_path = config_get('absolute_path_default_upload_folder');
} else {
$t_file_path = project_get_field($t_project_id, 'file_path');
if (is_blank($t_file_path)) {
$t_file_path = config_get('absolute_path_default_upload_folder');
}
}
$t_unique_name = file_generate_unique_name($t_file_path);
$t_method = config_get('file_upload_method');
switch ($t_method) {
case DISK:
file_ensure_valid_upload_path($t_file_path);
$t_disk_file_name = $t_file_path . $t_unique_name;
if (!file_exists($t_disk_file_name)) {
if (!move_uploaded_file($t_tmp_file, $t_disk_file_name)) {
trigger_error(ERROR_FILE_MOVE_FAILED, ERROR);
}
chmod($t_disk_file_name, config_get('attachments_file_permissions'));
$c_content = '';
} else {
trigger_error(ERROR_FILE_DUPLICATE, ERROR);
}
break;
case DATABASE:
$c_content = db_prepare_binary_string(fread(fopen($t_tmp_file, 'rb'), $t_file_size));
$t_file_path = '';
break;
default:
trigger_error(ERROR_GENERIC, ERROR);
}
$t_file_table = db_get_table($p_table . '_file');
$t_id_col = $p_table . '_id';
$t_query = 'INSERT INTO ' . $t_file_table . ' ( ' . $t_id_col . ', title, description, diskfile, filename, folder,
filesize, file_type, date_added, user_id )
VALUES
( ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ' )';
db_query($t_query, array($t_id, $p_title, $p_desc, $t_unique_name, $t_file_name, $t_file_path, $t_file_size, $p_file['type'], $p_date_added, (int) $p_user_id));
$t_attachment_id = db_insert_id($t_file_table);
if (db_is_oracle()) {
db_update_blob($t_file_table, 'content', $c_content, 'diskfile=\'$t_unique_name\'');
} else {
$t_query = 'UPDATE ' . $t_file_table . ' SET content=' . db_param() . ' WHERE id = ' . db_param();
db_query($t_query, array($c_content, $t_attachment_id));
}
if ('bug' == $p_table) {
# update the last_updated date
if (!$p_skip_bug_update) {
bug_update_date($p_bug_id);
}
# log file added to bug history
history_log_event_special($p_bug_id, FILE_ADDED, $t_file_name);
}
}
/**
* Add a file to the system using the configured storage method
*
* @param integer $p_bug_id The bug id (should be 0 when adding project doc).
* @param array $p_file The uploaded file info, as retrieved from gpc_get_file().
* @param string $p_table Either 'bug' or 'project' depending on attachment type.
* @param string $p_title File title.
* @param string $p_desc File description.
* @param integer $p_user_id User id (defaults to current user).
* @param integer $p_date_added Date added.
* @param boolean $p_skip_bug_update Skip bug last modification update (useful when importing bug attachments).
* @return void
*/
function file_add($p_bug_id, array $p_file, $p_table = 'bug', $p_title = '', $p_desc = '', $p_user_id = null, $p_date_added = 0, $p_skip_bug_update = false)
{
file_ensure_uploaded($p_file);
$t_file_name = $p_file['name'];
$t_tmp_file = $p_file['tmp_name'];
if (!file_type_check($t_file_name)) {
trigger_error(ERROR_FILE_NOT_ALLOWED, ERROR);
}
$t_org_filename = $t_file_name;
$t_suffix_id = 1;
while (!file_is_name_unique($t_file_name, $p_bug_id)) {
$t_suffix_id++;
$t_dot_index = strripos($t_org_filename, '.');
if ($t_dot_index === false) {
$t_file_name = $t_org_filename . '-' . $t_suffix_id;
} else {
$t_extension = substr($t_org_filename, $t_dot_index, strlen($t_org_filename) - $t_dot_index);
$t_file_name = substr($t_org_filename, 0, $t_dot_index) . '-' . $t_suffix_id . $t_extension;
}
}
antispam_check();
$t_file_size = filesize($t_tmp_file);
if (0 == $t_file_size) {
trigger_error(ERROR_FILE_NO_UPLOAD_FAILURE, ERROR);
}
$t_max_file_size = (int) min(ini_get_number('upload_max_filesize'), ini_get_number('post_max_size'), config_get('max_file_size'));
if ($t_file_size > $t_max_file_size) {
trigger_error(ERROR_FILE_TOO_BIG, ERROR);
}
if ('bug' == $p_table) {
$t_project_id = bug_get_field($p_bug_id, 'project_id');
$t_id = (int) $p_bug_id;
} else {
$t_project_id = helper_get_current_project();
$t_id = $t_project_id;
}
if ($p_user_id === null) {
$p_user_id = auth_get_current_user_id();
}
if ($p_date_added <= 0) {
$p_date_added = db_now();
}
if ($t_project_id == ALL_PROJECTS) {
$t_file_path = config_get('absolute_path_default_upload_folder');
} else {
$t_file_path = project_get_field($t_project_id, 'file_path');
if (is_blank($t_file_path)) {
$t_file_path = config_get('absolute_path_default_upload_folder');
}
}
$t_unique_name = file_generate_unique_name($t_file_path);
$t_method = config_get('file_upload_method');
switch ($t_method) {
case DISK:
file_ensure_valid_upload_path($t_file_path);
$t_disk_file_name = $t_file_path . $t_unique_name;
if (!file_exists($t_disk_file_name)) {
if (!move_uploaded_file($t_tmp_file, $t_disk_file_name)) {
trigger_error(ERROR_FILE_MOVE_FAILED, ERROR);
}
chmod($t_disk_file_name, config_get('attachments_file_permissions'));
$c_content = '';
} else {
trigger_error(ERROR_FILE_DUPLICATE, ERROR);
}
break;
case DATABASE:
$c_content = db_prepare_binary_string(fread(fopen($t_tmp_file, 'rb'), $t_file_size));
$t_file_path = '';
break;
default:
trigger_error(ERROR_GENERIC, ERROR);
}
$t_file_table = db_get_table($p_table . '_file');
$t_id_col = $p_table . '_id';
$t_param = array($t_id_col => $t_id, 'title' => $p_title, 'description' => $p_desc, 'diskfile' => $t_unique_name, 'filename' => $t_file_name, 'folder' => $t_file_path, 'filesize' => $t_file_size, 'file_type' => $p_file['type'], 'date_added' => $p_date_added, 'user_id' => (int) $p_user_id);
# Oracle has to update BLOBs separately
if (!db_is_oracle()) {
$t_param['content'] = $c_content;
}
$t_query_param = db_param();
for ($i = 1; $i < count($t_param); $i++) {
$t_query_param .= ', ' . db_param();
}
$t_query = 'INSERT INTO ' . $t_file_table . '
( ' . implode(', ', array_keys($t_param)) . ' )
VALUES
( ' . $t_query_param . ' )';
db_query($t_query, array_values($t_param));
if (db_is_oracle()) {
db_update_blob($t_file_table, 'content', $c_content, "diskfile='{$t_unique_name}'");
}
if ('bug' == $p_table) {
# update the last_updated date
if (!$p_skip_bug_update) {
bug_update_date($p_bug_id);
}
# log file added to bug history
history_log_event_special($p_bug_id, FILE_ADDED, $t_file_name);
}
}
/**
* Add a file to the system using the configured storage method
*
* @param integer $p_bug_id the bug id
* @param array $p_file the uploaded file info, as retrieved from gpc_get_file()
*/
function file_add($p_bug_id, $p_file, $p_table = 'bug', $p_title = '', $p_desc = '', $p_user_id = null)
{
file_ensure_uploaded($p_file);
$t_file_name = $p_file['name'];
$t_tmp_file = $p_file['tmp_name'];
if (!file_type_check($t_file_name)) {
trigger_error(ERROR_FILE_NOT_ALLOWED, ERROR);
}
if (!file_is_name_unique($t_file_name, $p_bug_id)) {
trigger_error(ERROR_FILE_DUPLICATE, ERROR);
}
if ('bug' == $p_table) {
$t_project_id = bug_get_field($p_bug_id, 'project_id');
$t_bug_id = bug_format_id($p_bug_id);
} else {
$t_project_id = helper_get_current_project();
$t_bug_id = 0;
}
if ($p_user_id === null) {
$c_user_id = auth_get_current_user_id();
} else {
$c_user_id = (int) $p_user_id;
}
# prepare variables for insertion
$c_bug_id = db_prepare_int($p_bug_id);
$c_project_id = db_prepare_int($t_project_id);
$c_file_type = db_prepare_string($p_file['type']);
$c_title = db_prepare_string($p_title);
$c_desc = db_prepare_string($p_desc);
if ($t_project_id == ALL_PROJECTS) {
$t_file_path = config_get('absolute_path_default_upload_folder');
} else {
$t_file_path = project_get_field($t_project_id, 'file_path');
if (is_blank($t_file_path)) {
$t_file_path = config_get('absolute_path_default_upload_folder');
}
}
$c_file_path = db_prepare_string($t_file_path);
$c_new_file_name = db_prepare_string($t_file_name);
$t_file_hash = 'bug' == $p_table ? $t_bug_id : config_get('document_files_prefix') . '-' . $t_project_id;
$t_unique_name = file_generate_unique_name($t_file_hash . '-' . $t_file_name, $t_file_path);
$t_disk_file_name = $t_file_path . $t_unique_name;
$c_unique_name = db_prepare_string($t_unique_name);
$t_file_size = filesize($t_tmp_file);
if (0 == $t_file_size) {
trigger_error(ERROR_FILE_NO_UPLOAD_FAILURE, ERROR);
}
$t_max_file_size = (int) min(ini_get_number('upload_max_filesize'), ini_get_number('post_max_size'), config_get('max_file_size'));
if ($t_file_size > $t_max_file_size) {
trigger_error(ERROR_FILE_TOO_BIG, ERROR);
}
$c_file_size = db_prepare_int($t_file_size);
$t_method = config_get('file_upload_method');
switch ($t_method) {
case FTP:
case DISK:
file_ensure_valid_upload_path($t_file_path);
if (!file_exists($t_disk_file_name)) {
if (FTP == $t_method) {
$conn_id = file_ftp_connect();
file_ftp_put($conn_id, $t_disk_file_name, $t_tmp_file);
file_ftp_disconnect($conn_id);
}
if (!move_uploaded_file($t_tmp_file, $t_disk_file_name)) {
trigger_error(ERROR_FILE_MOVE_FAILED, ERROR);
}
chmod($t_disk_file_name, config_get('attachments_file_permissions'));
$c_content = "''";
} else {
trigger_error(ERROR_FILE_DUPLICATE, ERROR);
}
break;
case DATABASE:
$c_content = db_prepare_binary_string(fread(fopen($t_tmp_file, 'rb'), $t_file_size));
break;
default:
trigger_error(ERROR_GENERIC, ERROR);
}
$t_file_table = db_get_table('mantis_' . $p_table . '_file_table');
$c_id = 'bug' == $p_table ? $c_bug_id : $c_project_id;
$query = "INSERT INTO {$t_file_table}\n\t\t\t\t\t\t(" . $p_table . "_id, title, description, diskfile, filename, folder, filesize, file_type, date_added, content, user_id)\n\t\t\t\t\t VALUES\n\t\t\t\t\t\t({$c_id}, '{$c_title}', '{$c_desc}', '{$c_unique_name}', '{$c_new_file_name}', '{$c_file_path}', {$c_file_size}, '{$c_file_type}', '" . db_now() . "', {$c_content}, {$c_user_id})";
db_query($query);
if ('bug' == $p_table) {
# updated the last_updated date
$result = bug_update_date($p_bug_id);
# log new bug
history_log_event_special($p_bug_id, FILE_ADDED, $t_file_name);
}
}
/**
* Add a file
* @param integer $p_id File id.
* @param string $p_name File name.
* @param string $p_content File content to write.
* @param string $p_file_type File type.
* @param string $p_table Database table name.
* @param string $p_title Title.
* @param string $p_desc Description.
* @param string $p_user_id User id.
* @return mixed
*/
function mci_file_add($p_id, $p_name, $p_content, $p_file_type, $p_table, $p_title = '', $p_desc = '', $p_user_id = null)
{
if (!file_type_check($p_name)) {
return SoapObjectsFactory::newSoapFault('Client', 'File type not allowed.');
}
if (!file_is_name_unique($p_name, $p_id)) {
return SoapObjectsFactory::newSoapFault('Client', 'Duplicate filename.');
}
$t_file_size = strlen($p_content);
$t_max_file_size = (int) min(ini_get_number('upload_max_filesize'), ini_get_number('post_max_size'), config_get('max_file_size'));
if ($t_file_size > $t_max_file_size) {
return SoapObjectsFactory::newSoapFault('Client', 'File is too big.');
}
if ('bug' == $p_table) {
$t_project_id = bug_get_field($p_id, 'project_id');
$t_id = (int) $p_id;
$t_issue_id = bug_format_id($p_id);
} else {
$t_project_id = $p_id;
$t_id = $t_project_id;
$t_issue_id = 0;
}
if ($p_user_id === null) {
$p_user_id = auth_get_current_user_id();
}
if ($t_project_id == ALL_PROJECTS) {
$t_file_path = config_get('absolute_path_default_upload_folder');
} else {
$t_file_path = project_get_field($t_project_id, 'file_path');
if (is_blank($t_file_path)) {
$t_file_path = config_get('absolute_path_default_upload_folder');
}
}
$t_unique_name = file_generate_unique_name($t_file_path);
$t_disk_file_name = $t_file_path . $t_unique_name;
$t_method = config_get('file_upload_method');
switch ($t_method) {
case DISK:
if (!file_exists($t_file_path) || !is_dir($t_file_path) || !is_writable($t_file_path) || !is_readable($t_file_path)) {
return SoapObjectsFactory::newSoapFault('Server', 'Upload folder \'' . $t_file_path . '\' doesn\'t exist.');
}
file_ensure_valid_upload_path($t_file_path);
if (!file_exists($t_disk_file_name)) {
mci_file_write_local($t_disk_file_name, $p_content);
chmod($t_disk_file_name, config_get('attachments_file_permissions'));
$c_content = "''";
}
break;
case DATABASE:
$c_content = db_prepare_binary_string($p_content);
$t_file_path = '';
break;
}
$t_file_table = db_get_table($p_table . '_file');
$t_id_col = $p_table . '_id';
$t_param = array($t_id_col => $t_id, 'title' => $p_title, 'description' => $p_desc, 'diskfile' => $t_unique_name, 'filename' => $p_name, 'folder' => $t_file_path, 'filesize' => $t_file_size, 'file_type' => $p_file_type, 'date_added' => db_now(), 'user_id' => (int) $p_user_id);
# Oracle has to update BLOBs separately
if (!db_is_oracle()) {
$t_param['content'] = $c_content;
}
$t_query_param = db_param();
for ($i = 1; $i < count($t_param); $i++) {
$t_query_param .= ', ' . db_param();
}
$t_query = 'INSERT INTO ' . $t_file_table . '
( ' . implode(', ', array_keys($t_param)) . ' )
VALUES
( ' . $t_query_param . ' )';
db_query($t_query, array_values($t_param));
# get attachment id
$t_attachment_id = db_insert_id($t_file_table);
if (db_is_oracle()) {
db_update_blob($t_file_table, 'content', $c_content, "diskfile='{$t_unique_name}'");
}
if ('bug' == $p_table) {
# bump the last_updated date
bug_update_date($t_issue_id);
# add history entry
history_log_event_special($t_issue_id, FILE_ADDED, $p_name);
}
return $t_attachment_id;
}
$conn_id = file_ftp_connect();
file_ftp_delete($conn_id, $t_disk_file_name);
file_ftp_put($conn_id, $t_disk_file_name, $v_tmp_name);
file_ftp_disconnect($conn_id);
}
if (file_exists($t_disk_file_name)) {
file_delete_local($t_disk_file_name);
}
if (!move_uploaded_file($f_file['tmp_name'], $t_disk_file_name)) {
trigger_error(ERROR_FILE_MOVE_FAILED, ERROR);
}
chmod($t_disk_file_name, config_get('attachments_file_permissions'));
$c_content = '';
break;
case DATABASE:
$c_content = db_prepare_binary_string(fread(fopen($f_file['tmp_name'], 'rb'), $f_file['size']));
break;
default:
/** @todo Such errors should be checked in the admin checks */
trigger_error(ERROR_GENERIC, ERROR);
}
$query = "UPDATE {$t_project_file_table}\n\t\t\tSET title=" . db_param() . ", description=" . db_param() . ", date_added=" . db_param() . ",\n\t\t\t\tfilename=" . db_param() . ", filesize=" . db_param() . ", file_type=" . db_param() . ", content=" . db_param() . "\n\t\t\t\tWHERE id=" . db_param();
$result = db_query_bound($query, array($f_title, $f_description, db_now(), $f_file['name'], $t_file_size, $f_file['type'], $c_content, $f_file_id));
} else {
$query = "UPDATE {$t_project_file_table}\n\t\t\t\tSET title=" . db_param() . ", description=" . db_param() . "\n\t\t\t\tWHERE id=" . db_param();
$result = db_query_bound($query, array($f_title, $f_description, $f_file_id));
}
if (!$result) {
trigger_error(ERROR_GENERIC, ERROR);
}
form_security_purge('proj_doc_update');
/**
* Add a file to the system using the configured storage method
*
* @param integer $p_bug_id the bug id (should be 0 when adding project doc)
* @param array $p_file the uploaded file info, as retrieved from gpc_get_file()
* @param string $p_table 'bug' or 'project' depending on attachment type
* @param string $p_title file title
* @param string $p_desc file description
* @param int $p_user_id user id (defaults to current user)
* @param int $p_date_added date added
* @param bool $p_skip_bug_update skip bug last modification update (useful when importing bug attachments)
*/
function file_add($p_bug_id, $p_file, $p_table = 'bug', $p_title = '', $p_desc = '', $p_user_id = null, $p_date_added = 0, $p_skip_bug_update = false)
{
file_ensure_uploaded($p_file);
$t_file_name = $p_file['name'];
$t_tmp_file = $p_file['tmp_name'];
if (!file_type_check($t_file_name)) {
trigger_error(ERROR_FILE_NOT_ALLOWED, ERROR);
}
if (!file_is_name_unique($t_file_name, $p_bug_id)) {
trigger_error(ERROR_FILE_DUPLICATE, ERROR);
}
$t_file_size = filesize($t_tmp_file);
if (0 == $t_file_size) {
trigger_error(ERROR_FILE_NO_UPLOAD_FAILURE, ERROR);
}
$t_max_file_size = (int) min(ini_get_number('upload_max_filesize'), ini_get_number('post_max_size'), config_get('max_file_size'));
if ($t_file_size > $t_max_file_size) {
trigger_error(ERROR_FILE_TOO_BIG, ERROR);
}
if ('bug' == $p_table) {
$t_project_id = bug_get_field($p_bug_id, 'project_id');
$t_id = (int) $p_bug_id;
$t_bug_id = bug_format_id($p_bug_id);
} else {
$t_project_id = helper_get_current_project();
$t_id = $t_project_id;
$t_bug_id = 0;
}
if ($p_user_id === null) {
$p_user_id = auth_get_current_user_id();
}
if ($p_date_added <= 0) {
$p_date_added = db_now();
}
if ($t_project_id == ALL_PROJECTS) {
$t_file_path = config_get('absolute_path_default_upload_folder');
} else {
$t_file_path = project_get_field($t_project_id, 'file_path');
if (is_blank($t_file_path)) {
$t_file_path = config_get('absolute_path_default_upload_folder');
}
}
$t_file_hash = 'bug' == $p_table ? $t_bug_id : config_get('document_files_prefix') . '-' . $t_project_id;
$t_unique_name = file_generate_unique_name($t_file_hash . '-' . $t_file_name, $t_file_path);
$t_disk_file_name = $t_file_path . $t_unique_name;
$t_method = config_get('file_upload_method');
switch ($t_method) {
case FTP:
case DISK:
file_ensure_valid_upload_path($t_file_path);
if (!file_exists($t_disk_file_name)) {
if (FTP == $t_method) {
$conn_id = file_ftp_connect();
file_ftp_put($conn_id, $t_disk_file_name, $t_tmp_file);
file_ftp_disconnect($conn_id);
}
if (!move_uploaded_file($t_tmp_file, $t_disk_file_name)) {
trigger_error(ERROR_FILE_MOVE_FAILED, ERROR);
}
chmod($t_disk_file_name, config_get('attachments_file_permissions'));
$c_content = '';
} else {
trigger_error(ERROR_FILE_DUPLICATE, ERROR);
}
break;
case DATABASE:
$c_content = db_prepare_binary_string(fread(fopen($t_tmp_file, 'rb'), $t_file_size));
break;
default:
trigger_error(ERROR_GENERIC, ERROR);
}
$t_file_table = db_get_table($p_table . '_file');
$t_id_col = $p_table . "_id";
$t_query_fields = "\n\t\t{$t_id_col}, title, description, diskfile, filename, folder,\n\t\tfilesize, file_type, date_added, user_id";
$t_param = array($t_id, $p_title, $p_desc, $t_unique_name, $t_file_name, $t_file_path, $t_file_size, $p_file['type'], $p_date_added, (int) $p_user_id);
# oci8 stores contents in a BLOB, which is updated separately
if (!db_is_oracle()) {
$t_query_fields .= ", content";
$t_param[] = $c_content;
}
$t_query_param = db_param();
for ($i = 1; $i < count($t_param); $i++) {
$t_query_param .= ", " . db_param();
}
$t_query = "INSERT INTO {$t_file_table} ( {$t_query_fields} )\n\tVALUES\n\t\t( {$t_query_param} )";
db_query_bound($t_query, $t_param);
if (db_is_oracle()) {
db_update_blob($t_file_table, 'content', $c_content, "diskfile='{$t_unique_name}'");
}
if ('bug' == $p_table) {
# update the last_updated date
if (!$p_skip_bug_update) {
$result = bug_update_date($p_bug_id);
}
# log file added to bug history
history_log_event_special($p_bug_id, FILE_ADDED, $t_file_name);
}
}
/**
* Moves attachments from the specified list of projects from disk to database
* @param string $p_type Attachment type ('bug' or 'project')
* @param array $p_projects List of projects to process
* @return array summary of moves per project
*/
function move_attachments_to_db($p_type, $p_projects)
{
if (empty($p_projects)) {
return array();
}
# Build the SQL query based on attachment type
$t_file_table = '{' . $p_type . '_file}';
switch ($p_type) {
case 'project':
$t_query = "SELECT f.*\n\t\t\t\tFROM {project_file} f\n\t\t\t\tWHERE content = ''\n\t\t\t\t AND f.project_id = " . db_param() . "\n\t\t\t\tORDER BY f.filename";
break;
case 'bug':
$t_query = "SELECT f.*\n\t\t\t\tFROM {bug_file} f\n\t\t\t\tJOIN {bug} b ON b.id = f.bug_id\n\t\t\t\tWHERE content = ''\n\t\t\t\t AND b.project_id = " . db_param() . "\n\t\t\t\tORDER BY f.bug_id, f.filename";
break;
}
# Process projects list
foreach ($p_projects as $t_project) {
# Retrieve attachments for the project
$t_result = db_query($t_query, array($t_project));
# Project upload path
$t_upload_path = project_get_field($t_project, 'file_path');
if (is_blank($t_upload_path)) {
$t_upload_path = config_get('absolute_path_default_upload_folder', '', ALL_USERS, $t_project);
}
if (is_blank($t_upload_path) || !file_exists($t_upload_path) || !is_dir($t_upload_path)) {
# Invalid path
$t_failures = db_num_rows($t_result);
$t_data = "ERROR: Upload path '{$t_upload_path}' does not exist or is not accessible";
} else {
# Process attachments
$t_failures = 0;
$t_data = array();
while ($t_row = db_fetch_array($t_result)) {
# read file from disk
$t_filename = $t_row['folder'] . $t_row['diskfile'];
if (!file_exists($t_filename)) {
$t_status = "Original File Not Found '{$t_filename}'";
$t_failures++;
} else {
$c_content = db_prepare_binary_string(fread(fopen($t_filename, 'rb'), $t_row['filesize']));
# write file to db
if (db_is_oracle()) {
db_update_blob($t_file_table, 'content', $c_content, "id=" . (int) $t_row['id']);
$t_query = "UPDATE {$t_file_table} SET folder='' WHERE id = " . db_param();
$t_result2 = db_query($t_query, array((int) $t_row['id']));
} else {
$t_update_query = "UPDATE {$t_file_table}\n\t\t\t\t\t\t\t\t\t\tSET folder = " . db_param() . ",\n\t\t\t\t\t\t\t\t\t\tcontent = " . db_param() . "\n\t\t\t\t\t\t\t\t\t\tWHERE id = " . db_param();
$t_result2 = db_query($t_update_query, array('', $c_content, (int) $t_row['id']));
}
if (!$t_result2) {
$t_status = 'Database update failed';
$t_failures++;
} else {
$t_status = "'{$t_filename}' moved to database";
}
}
# Add the file and status to the list of processed attachments
$t_file = array('id' => $t_row['id'], 'filename' => $t_row['filename'], 'status' => $t_status);
if ($p_type == 'bug') {
$t_file['bug_id'] = $t_row['bug_id'];
}
$t_data[] = $t_file;
}
}
$t_moved[] = array('name' => project_get_name($t_project), 'path' => $t_upload_path, 'rows' => db_num_rows($t_result), 'failed' => $t_failures, 'data' => $t_data);
}
return $t_moved;
}