function attachments_attachmentListHTML($article_id, $user_can_add, $Itemid, $from) { require_once JPATH_SITE . DS . 'components' . DS . 'com_attachments' . DS . 'helper.php'; // Generate the HTML for the attachments for the specified article $alist = ""; $db =& JFactory::getDBO(); $query = "SELECT count(*) FROM #__attachments WHERE article_id='" . $article_id . "' AND published='1'"; $db->setQuery($query); $total = $db->loadResult(); if ($total > 0) { // Get the component parameters jimport('joomla.application.component.helper'); $params = JComponentHelper::getParams('com_attachments'); // Check the security status $attach_dir = JPATH_SITE . DS . $params->get('upload_dir', 'attachments'); $secure = $params->get('secure', false); $hta_filename = $attach_dir . DS . '.htaccess'; if ($secure && !file_exists($hta_filename) || !$secure && file_exists($hta_filename)) { AttachmentsHelper::setup_upload_directory($attach_dir, $secure); } $alist = AttachmentsHelper::attachmentsTableHTML($article_id, false, true, true, $from); } return $alist; }
/** * Display a form for updating/editing an attachment */ public function update() { // Call with: index.php?option=com_attachments&task=update&id=1&tmpl=component // or: component/attachments/update/id/1/tmpl/component // Make sure we have a valid attachment ID $id = JRequest::getInt('id'); if (is_numeric($id)) { $id = (int) $id; } else { $errmsg = JText::sprintf('ATTACH_ERROR_INVALID_ATTACHMENT_ID_N', $id) . ' (ERR 24)'; JError::raiseError(500, $errmsg); } // Get the attachment record require_once JPATH_COMPONENT_SITE . '/models/attachment.php'; $model = new AttachmentsModelAttachment(); $model->setId($id); $attachment = $model->getAttachment(); if (!$attachment) { $errmsg = JText::sprintf('ATTACH_ERROR_CANNOT_UPDATE_ATTACHMENT_INVALID_ID_N', $id) . ' (ERR 25)'; JError::raiseError(500, $errmsg); } // Get the component parameters jimport('joomla.application.component.helper'); $params = JComponentHelper::getParams('com_attachments'); // Get the article/parent handler $parent_id = $attachment->parent_id; $parent_type = $attachment->parent_type; $parent_entity = $attachment->parent_entity; JPluginHelper::importPlugin('attachments'); $apm = getAttachmentsPluginManager(); if (!$apm->attachmentsPluginInstalled($parent_type)) { $errmsg = JText::sprintf('ATTACH_ERROR_INVALID_PARENT_TYPE_S', $parent_type) . ' (ERR 26)'; JError::raiseError(500, $errmsg); } $parent = $apm->getAttachmentsPlugin($parent_type); // Check to make sure we can edit it if (!$parent->userMayEditAttachment($attachment)) { return JError::raiseError(404, JText::_('JERROR_ALERTNOAUTHOR') . ' (ERR 27)'); } // Set up the entity name for display $parent_entity_name = JText::_('ATTACH_' . $parent_entity); // Verify that this user may add attachments to this parent $user = JFactory::getUser(); $new_parent = false; if ($parent_id === null) { $parent_id = 0; $new_parent = true; } // Make sure the attachments directory exists $upload_dir = JPATH_BASE . '/' . AttachmentsDefines::$ATTACHMENTS_SUBDIR; $secure = $params->get('secure', false); if (!AttachmentsHelper::setup_upload_directory($upload_dir, $secure)) { $errmsg = JText::sprintf('ATTACH_ERROR_UNABLE_TO_SETUP_UPLOAD_DIR_S', $upload_dir) . ' (ERR 28)'; JError::raiseError(500, $errmsg); } // Make sure the update parameter is legal $update = JRequest::getWord('update'); if ($update && !in_array($update, AttachmentsDefines::$LEGAL_URI_TYPES)) { $update = false; } // Suppress the display filename if we are switching from file to url $display_name = $attachment->display_name; if ($update && $update != $attachment->uri_type) { $attachment->display_name = ''; } // Set up the view require_once JPATH_COMPONENT_SITE . '/views/update/view.html.php'; $view = new AttachmentsViewUpdate(); $from = JRequest::getWord('from', 'closeme'); AttachmentsHelper::add_view_urls($view, 'update', $parent_id, $attachment->parent_type, $id, $from); $view->update = $update; $view->new_parent = $new_parent; $view->attachment = $attachment; $view->parent = $parent; $view->params = $params; $view->from = $from; $view->Itemid = JRequest::getInt('Itemid', 1); $view->error = false; $view->error_msg = false; $view->display(); }
function upload_file(&$row, $article_id, $update = false, $attachment_id = false) { global $mainframe; // Get the component parameters jimport('joomla.application.component.helper'); $params = JComponentHelper::getParams('com_attachments'); // Get the auto-publish setting $auto_publish = $params->get('publish_default', false); // Make sure the attachments directory exists $upload_subdir = $params->get('attachments_subdir', 'attachments'); if ($upload_subdir == '') { $upload_subdir = 'attachments'; } $upload_dir = JPATH_SITE . DS . $upload_subdir; $secure = $params->get('secure', false); if (!AttachmentsHelper::setup_upload_directory($upload_dir, $secure)) { $errmsg = JText::_('ERROR UNABLE TO SETUP UPLOAD DIR'); JError::raiseError(500, "<p>" . $errmsg . " ({$upload_dir})</p>"); } // If we are updating, note the name of the old filename $old_filename = null; $old_filename_sys = null; if ($update) { $old_filename = $row->filename; $old_filename_sys = $row->filename_sys; } // Get the new filename $filename = $_FILES['upload']['name']; $ftype = $_FILES['upload']['type']; // Make sure a file was successfully uploaded if ($update) { $update_file = JRequest::getVar('change', true); } else { $update_file = true; } if ($update_file && $_FILES['upload']['size'] == 0 && $_FILES['upload']['tmp_name'] == '') { // Guess the type of error if ($filename == '') { $error = 'no_file'; $error_msg = JText::_('ERROR UPLOADING FILE') . ' ' . $filename; $error_msg .= ' (' . JText::_('YOU MUST SELECT A FILE TO UPLOAD') . ')'; if ($mainframe->isAdmin()) { return $error_msg; } } else { $error = 'file_too_big'; $error_msg = JText::_('ERROR UPLOADING FILE') . ' ' . $filename; $error_msg .= ' <br>(' . JText::_('ERROR MAY BE LARGER THAN LIMIT') . ' '; $error_msg .= get_cfg_var('upload_max_filesize') . ')'; if ($mainframe->isAdmin()) { return $error_msg; } } // Set up the view to redisplay the form with warnings if ($update) { require_once JPATH_COMPONENT_SITE . DS . 'views' . DS . 'update' . DS . 'view.php'; $view = new AttachmentsViewUpdate(); $view->assign('update_file', $update_file); $view->assign('attachment_id', $attachment_id); } else { require_once JPATH_COMPONENT_SITE . DS . 'views' . DS . 'upload' . DS . 'view.php'; $view = new AttachmentsViewUpload(); } $view->assign('save_url', JRoute::_("index.php?option=com_attachments&task=save&tmpl=component")); $view->assign('filename', $filename); $view->assign('article_id', $article_id); $view->assign('article_title', AttachmentsHelper::get_article_title($article_id)); $view->assign('description', $row->description); $view->assign('display_filename', $row->display_filename); $view->assign('user_field_1', $row->user_field_1); $view->assign('user_field_2', $row->user_field_2); $view->assign('user_field_3', $row->user_field_3); $view->assign('from', JRequest::getVar('from', '')); $view->assign('Itemid', JRequest::getVar('Itemid', 1)); $view->assignRef('params', $params); $view->display(null, $error, $error_msg, true); exit; } // Make sure the file type is okay (respect restrictions imposed by media manager) jimport('joomla.filesystem.file'); $cmparams =& JComponentHelper::getParams('com_media'); // First check to make sure the extension is allowed $allowable = explode(',', $cmparams->get('upload_extensions')); $ignored = explode(',', $cmparams->get('ignore_extensions')); $format = strtolower(JFile::getExt($filename)); $error = false; $error_msg = false; if (!in_array($format, $allowable) && !in_array($format, $ignored)) { $error = 'illegal_file_extension'; $error_msg = JText::_('ERROR UPLOADING FILE') . ': ' . $filename; $error_msg .= "<br>" . JText::_('ERROR ILLEGAL FILE EXTENSION') . " {$format}"; $error_msg .= "<br>" . JText::_('ERROR CHANGE IN MEDIA MANAGER'); } // Check to make sure the mime type is okay if ($cmparams->get('restrict_uploads', true)) { if ($cmparams->get('check_mime', true)) { $allowed_mime = explode(',', $cmparams->get('upload_mime')); $illegal_mime = explode(',', $cmparams->get('upload_mime_illegal')); if (strlen($ftype) && !in_array($ftype, $allowed_mime) && in_array($ftype, $illegal_mime)) { $error = 'illegal_mime_type'; $error_msg = JText::_('ERROR UPLOADING FILE') . ' ' . $filename; $error_msg .= ', ' . JText::_('ERROR ILLEGAL FILE MIME TYPE') . " {$ftype}"; $error_msg .= " <br>" . JText::_('ERROR CHANGE IN MEDIA MANAGER'); } } } // If there was an error, refresh the form with a warning if ($error) { if ($mainframe->isAdmin()) { return $error_msg; } // Set up the view to redisplay the form with warnings if ($update) { require_once JPATH_COMPONENT_SITE . DS . 'views' . DS . 'update' . DS . 'view.php'; $view = new AttachmentsViewUpdate(); $view->assign('update_file', JRequest::getVar('change', false)); $view->assign('attachment_id', $attachment_id); } else { require_once JPATH_COMPONENT_SITE . DS . 'views' . DS . 'upload' . DS . 'view.php'; $view = new AttachmentsViewUpload(); } $view->assign('save_url', JRoute::_("index.php?option=com_attachments&task=save&tmpl=component")); $view->assign('filename', $filename); $view->assign('article_id', $article_id); $view->assign('article_title', AttachmentsHelper::get_article_title($article_id)); $view->assign('description', $row->description); $view->assign('display_filename', $row->display_filename); $view->assign('user_field_1', $row->user_field_1); $view->assign('user_field_2', $row->user_field_2); $view->assign('user_field_3', $row->user_field_3); $view->assign('from', JRequest::getVar('from', '')); $view->assign('Itemid', JRequest::getVar('Itemid', 1)); $view->assignRef('params', $params); $view->display(null, $error, $error_msg, true); exit; } // Define where the attachments go $upload_url = $params->get('attachments_subdir', 'attachments'); $upload_dir = JPATH_SITE . DS . $upload_url; // Figure out the system filename $filename_sys = null; $url = null; $prepend = $params->get('prepend', 'article_id'); switch ($prepend) { case 'article_id': $prefix = sprintf("%03d_", $article_id); $filename_sys = $upload_dir . DS . $prefix . $filename; $url = $upload_url . "/" . $prefix . $filename; break; // NOTE: for attachment_id, save normally and make a second pass // to rename the file after we know the attachment ID // NOTE: for attachment_id, save normally and make a second pass // to rename the file after we know the attachment ID default: $filename_sys = $upload_dir . DS . $filename; $url = $upload_url . "/" . $filename; } // If not updating, make sure the system filename doesn't already exist $error = false; if (!$update && JFile::exists($filename_sys) && $prepend != 'attachment_id') { $error = 'file_not_on_server'; $error_msg = JText::_('ERROR FILE ALREADY ON SERVER'); $error_msg .= " ({$filename})"; if ($mainframe->isAdmin()) { return $error_msg; } // Set up the view to redisplay the form with warnings require_once JPATH_COMPONENT_SITE . DS . 'views' . DS . 'upload' . DS . 'view.php'; $view = new AttachmentsViewUpload(); $view->assign('filename', $filename); $view->assign('save_url', JRoute::_("index.php?option=com_attachments&task=save&tmpl=component")); $view->assign('article_id', $article_id); $view->assign('article_title', AttachmentsHelper::get_article_title($article_id)); $view->assign('description', $row->description); $view->assign('display_filename', $row->display_filename); $view->assign('user_field_1', $row->user_field_1); $view->assign('user_field_2', $row->user_field_2); $view->assign('user_field_3', $row->user_field_3); $view->assign('from', JRequest::getVar('from', '')); $view->assign('Itemid', JRequest::getVar('Itemid', 1)); $view->assignRef('params', $params); $view->display(null, $error, $error_msg, true); exit; } // Get the maximum allowed filename length (for the filename display) $max_filename_length = $params->get('max_filename_length', 0); if (is_numeric($max_filename_length)) { $max_filename_length = intval($max_filename_length); } else { $max_filename_length = 0; } // Create a display filename, if needed (for long filenames) if ($max_filename_length > 0 and strlen($row->display_filename) == 0 and strlen($filename) > $max_filename_length) { $row->display_filename = AttachmentsHelper::truncate_filename($filename, $max_filename_length); } // Copy the info about the uploaded file into the new record $row->filename = $filename; $row->filename_sys = $filename_sys; $row->url = $url; $row->file_type = $ftype; $row->file_size = $_FILES['upload']['size']; $row->published = $auto_publish; // Set the create/modify dates jimport('joomla.utilities.date'); $now = new JDate(); $row->create_date = $now->toMySQL(); $row->modification_date = $row->create_date; // Add the icon file type require_once JPATH_COMPONENT_SITE . DS . 'file_types.php'; $row->icon_filename = AttachmentsFileTypes::icon_filename($filename, $ftype); // Save the updated attachment if (!$row->store()) { JError::raiseError(500, $row->getError()); } // Get the upload id $db =& JFactory::getDBO(); $attachment_id = $db->insertid(); // If we're prepending attachment IDs, fix the system filename and URL and // update the attachment record (now that we know the attachment ID) if ($prepend == 'attachment_id') { $prefix = sprintf("%03d_", $attachment_id); $filename_sys = $upload_dir . DS . $prefix . $filename; $url = $upload_url . "/" . $prefix . $filename; $row->id = $attachment_id; $row->filename_sys = $filename_sys; $row->url = $url; $row->store(); } // Move the file $msg = ""; if (JFile::upload($_FILES['upload']['tmp_name'], $filename_sys)) { $size = intval($row->file_size / 1024.0); chmod($filename_sys, 0644); if ($update) { $msg = JText::_('UPDATED ATTACHMENT') . ' ' . $filename . " (" . $size . " Kb)!"; } else { $msg = JText::_('UPLOADED ATTACHMENT') . ' ' . $filename . " (" . $size . " Kb)!"; } } else { $query = "DELETE FROM #__attachments WHERE id={$attachment_id}"; $db->setQuery($query); $result = $db->query(); $msg = JText::_('ERROR MOVING FILE') . " {$_FILES['upload']['tmp_name']} -> {$filename_sys})"; } // If we are updating, we may need to delete the old file if ($update) { if ($filename != $old_filename) { JFile::delete($old_filename_sys); } } return $msg; }
/** * Save the parameters */ public function save($key = null, $urlVar = null) { // Check for request forgeries. JSession::checkToken() or jexit(JText::_('JINVALID_TOKEN')); $app = JFactory::getApplication(); // Get the old component parameters jimport('joomla.application.component.helper'); $old_params = JComponentHelper::getParams('com_attachments'); $old_secure = JRequest::getInt('old_secure'); // Set FTP credentials, if given. jimport('joomla.client.helper'); JClientHelper::setCredentialsFromRequest('ftp'); // Initialise variables. $model = new ConfigModelComponent(); $form = $model->getForm(); $data = JRequest::getVar('jform', array(), 'post', 'array'); $id = JRequest::getInt('id'); $option = JRequest::getCmd('component'); // Get the new component parameters $new_secure = $data['secure']; // Check if the user is authorized to do this. if (!JFactory::getUser()->authorise('core.admin', $option)) { JFactory::getApplication()->redirect('index.php', JText::_('JERROR_ALERTNOAUTHOR')); return; } // Validate the posted data. $return = $model->validate($form, $data); // Check for validation errors. if ($return === false) { // Get the validation messages. $errors = $model->getErrors(); // Push up to three validation messages out to the user. for ($i = 0, $n = count($errors); $i < $n && $i < 3; $i++) { if ($errors[$i] instanceof Exception) { $app->enqueueMessage($errors[$i]->getMessage(), 'warning'); } else { $app->enqueueMessage($errors[$i], 'warning'); } } // Save the data in the session. $app->setUserState('com_config.config.global.data', $data); // Redirect back to the edit screen. $this->setRedirect(JRoute::_('index.php?option=com_attachments&task=params.edit', false)); return false; } // Attempt to save the configuration. $data = array('params' => $return, 'id' => $id, 'option' => $option); $return = $model->save($data); // Check the return value. if ($return === false) { // Save the data in the session. $app->setUserState('com_config.config.global.data', $data); // Save failed, go back to the screen and display a notice. $message = JText::sprintf('JERROR_SAVE_FAILED', $model->getError()); $this->setRedirect(JRoute::_('index.php?option=com_attachments&task=params.edit'), $message, 'error'); return false; } // Deal with any changes in the 'secure mode' (or upload directories) if ($new_secure != $old_secure) { // Check/update the security status require_once JPATH_SITE . '/components/com_attachments/helper.php'; $attach_dir = JPATH_SITE . '/' . AttachmentsDefines::$ATTACHMENTS_SUBDIR; AttachmentsHelper::setup_upload_directory($attach_dir, $new_secure == 1); $msg = JText::_('ATTACH_UPDATED_ATTACHMENTS_PARAMETERS_AND_SECURITY_SETTINGS'); } else { $msg = JText::_('ATTACH_UPDATED_ATTACHMENTS_PARAMETERS'); } // Set the redirect based on the task. switch ($this->getTask()) { case 'apply': $this->setRedirect('index.php?option=com_attachments&task=params.edit', $msg, 'message'); break; case 'save': default: $this->setRedirect('index.php?option=com_attachments', $msg, 'message'); break; } return true; }
/** Insert the attachments list into the content text (for front end) * * @param object &$content the text of the content item (eg, article text) * @param int $parent_id the ID for the parent object * @param string $parent_entity the type of entity for this parent type * * @return string the modified content text (false for failure) */ public function insertAttachmentsList(&$content, $parent_id, $parent_entity) { $aparams = $this->attachmentsParams(); // Get the desired placement $attachments_placement = $aparams->get('attachments_placement', 'end'); if ($attachments_placement == 'disabled_nofilter') { return false; } // Determine where we are $from = JRequest::getCmd('view', 'closeme'); $Itemid = JRequest::getInt('Itemid', 1); // See whether we can display the links to add attachments $user_can_add = $this->userMayAddAttachment($parent_id, $parent_entity); // Get the field name for the content item's text $text_field_name = $this->getTextFieldName($content, $parent_entity); if ($text_field_name === null) { return false; } // Get the attachments tag, if present $attachments_tag = ''; $attachments_tag_args = ''; $match = false; if (JString::strpos($content->{$text_field_name}, '{attachments')) { if (preg_match('@(<span class="hide_attachments_token">)?{attachments([ ]*:*[^}]+)?}(</span>)?@', $content->{$text_field_name}, $match)) { $attachments_tag = true; } if (isset($match[1]) && $match[1]) { $attachments_tag_args_raw = $match[1]; $attachments_tag_args = ltrim($attachments_tag_args_raw, ' :'); } if ($attachments_tag) { $attachments_tag = $match[0]; } } // Check the security status $attach_dir = JPATH_SITE . '/' . AttachmentsDefines::$ATTACHMENTS_SUBDIR; $secure = $aparams->get('secure', false); $hta_filename = $attach_dir . '/ . htaccess'; if ($secure && !file_exists($hta_filename) || !$secure && file_exists($hta_filename)) { AttachmentsHelper::setup_upload_directory($attach_dir, $secure); } // Construct the attachment list (if appropriate) $html = ''; $attachments_list = false; $add_attachement_btn = false; // Get the html for the attachments list require_once JPATH_SITE . '/components/com_attachments/controllers/attachments.php'; $controller = new AttachmentsControllerAttachments(); $attachments_list = $controller->displayString($parent_id, $this->parent_type, $parent_entity, null, true, true, false, $from); // If the attachments list is empty, insert an empty div for it if ($attachments_list == '') { $class_name = $aparams->get('attachments_table_style', 'attachmentsList'); $div_id = 'attachmentsList' . '_' . $this->parent_type . '_' . $parent_entity . '_' . (string) $parent_id; $attachments_list = "\n<div class=\"{$class_name}\" id=\"{$div_id}\"></div>\n"; } $html .= $attachments_list; if ($html || $user_can_add) { // Add the style sheet JHtml::stylesheet('com_attachments/attachments_list.css', array(), true); // Handle RTL styling (if necessary) $lang = JFactory::getLanguage(); if ($lang->isRTL()) { JHtml::stylesheet('com_attachments/attachments_list_rtl.css', array(), true); } } // Construct the add-attachments button, if appropriate $hide_add_attachments_link = $aparams->get('hide_add_attachments_link', 0); if ($user_can_add && !$hide_add_attachments_link) { $add_attachments_btn = AttachmentsHelper::attachmentButtonsHTML($this->parent_type, $parent_id, $parent_entity, $Itemid, $from); $html .= $add_attachments_btn; } // Wrap both list and the Add Attachments button in another div if ($html) { $html = "<div class=\"attachmentsContainer\">\n" . $html . "\n</div>"; } // Finally, add the attachments // NOTE: Hope str_replace() below is UTF8 safe (since the token being replaced is UTF8)... switch ($attachments_placement) { case 'beginning': // Put the attachments list at the beginning if ($attachments_list || $user_can_add) { if ($attachments_tag) { $content->{$text_field_name} = $html . $content->{$text_field_name}; } else { $content->{$text_field_name} = $html . str_replace($attachments_tag, '', $content->{$text_field_name}); } } break; case 'custom': // Insert the attachments at the desired location if ($attachments_list || $user_can_add) { if ($attachments_tag) { $content->{$text_field_name} = str_replace($attachments_tag, $html, $content->{$text_field_name}); } else { // If there is no tag, insert the attachments at the end $content->{$text_field_name} .= $html; } } break; case 'disabled_filter': // Disable and strip out any attachments tags if ($attachments_tag) { $content->{$text_field_name} = str_replace($attachments_tag, '', $content->{$text_field_name}); } break; default: // Add the attachments to the end if ($attachments_list || $user_can_add) { if ($attachments_tag) { $content->{$text_field_name} = str_replace($attachments_tag, '', $content->{$text_field_name}) . $html; } else { $content->{$text_field_name} .= $html; } } break; } return $content; }
/** * Construct and return the attachments list (as HTML) * * @param int $parent_id the id of the parent * @param string $parent_type the type of the parent (usually $option) * @param string $parent_entity the parent entity * @param bool $user_can_add true if the user can add attachments to this parent * @param int $Itemid the system item id (for menus) * @param string $from a token indicating where to return to * @param bool $show_file_links true if the files should be shown as links * @param bool $allow_edit true if the user can edit/delete attachments for this parent * * @return the html as a string */ public static function attachmentsListHTML($parent_id, $parent_type, $parent_entity, $user_can_add, $Itemid, $from, $show_file_links = true, $allow_edit = true) { $app = JFactory::getApplication(); $user = JFactory::getUser(); $user_levels = implode(',', array_unique($user->getAuthorisedViewLevels())); // Make sure there are some potentially accessible attachments for // this parent before proceeding. Note that this check is not as // careful as the check in the Attachments model which is used by // the 'Attachments' view which is invoked below. $alist = ''; $db = JFactory::getDBO(); $query = $db->getQuery(true); $query->select('count(*)')->from('#__attachments'); $query->where('((parent_id=' . (int) $parent_id . ') OR (parent_id is NULL))' . ' AND parent_type=' . $db->quote($parent_type) . ' AND parent_entity=' . $db->quote($parent_entity)); if (!$user->authorise('core.admin')) { $query->where('access in (' . $user_levels . ')'); } $db->setQuery($query); $total = $db->loadResult(); if ($db->getErrorNum()) { $errmsg = $db->stderr() . ' (ERR 47)'; JError::raiseError(500, $errmsg); } // Generate the HTML for the attachments for the specified parent if ($total > 0) { // Get the component parameters jimport('joomla.application.component.helper'); $params = JComponentHelper::getParams('com_attachments'); // Check the security status $attach_dir = JPATH_SITE . '/' . AttachmentsDefines::$ATTACHMENTS_SUBDIR; $secure = $params->get('secure', false); $hta_filename = $attach_dir . '/.htaccess'; if ($secure && !file_exists($hta_filename) || !$secure && file_exists($hta_filename)) { require_once JPATH_SITE . '/components/com_attachments/helper.php'; AttachmentsHelper::setup_upload_directory($attach_dir, $secure); } if ($app->isAdmin()) { // Get the html for the attachments list require_once JPATH_ADMINISTRATOR . '/components/com_attachments/controllers/list.php'; $controller = new AttachmentsControllerList(); $alist = $controller->displayString($parent_id, $parent_type, $parent_entity, null, $show_file_links, $allow_edit, false, $from); } else { // Get the html for the attachments list require_once JPATH_SITE . '/components/com_attachments/controllers/attachments.php'; $controller = new AttachmentsControllerAttachments(); $alist = $controller->displayString($parent_id, $parent_type, $parent_entity, null, $show_file_links, $allow_edit, false, $from); } } return $alist; }
function update() { require_once JPATH_COMPONENT_SITE . DS . 'helper.php'; // Call with: index.php?option=com_attachments&task=update&id=1&tmpl=component // or: component/attachments/update/id/1/tmpl/component // Make sure we have a valid attachment ID $id = JRequest::getVar('id'); if (is_numeric($id)) { $id = intval($id); } else { $errmsg = JText::_('ERROR INVALID ATTACHMENT ID') . " ({$id})"; JError::raiseError(500, $errmsg); exit; } // Get the attachment record $attachment =& JTable::getInstance('attachments', 'Table'); if (!$attachment->load($id)) { $errmsg = JText::_('ERROR CANNOT UPDATE ATTACHMENT INVALID ID') . " ({$id})"; JError::raiseError(500, $errmsg); exit; } // Get the component parameters jimport('joomla.application.component.helper'); $params = JComponentHelper::getParams('com_attachments'); // Verify that this user may add attachments to this article $user =& JFactory::getUser(); $article_id = $attachment->article_id; $article_title = AttachmentsHelper::get_article_title($article_id); require_once JPATH_COMPONENT_SITE . DS . 'permissions.php'; if (!AttachmentsPermissions::user_may_modify_attachment($user, $attachment, $article_id, $params)) { $errmsg = JText::_('ERROR NO PERMISSION TO UPLOAD'); JError::raiseError(500, $errmsg); exit; } // Make sure the attachments directory exists $upload_subdir = $params->get('attachments_subdir', 'attachments'); if ($upload_subdir == '') { $upload_subdir = 'attachments'; } $upload_dir = JPATH_BASE . DS . $upload_subdir; $secure = $params->get('secure', false); if (!AttachmentsHelper::setup_upload_directory($upload_dir, $secure)) { $errmsg = JText::_('ERROR UNABLE TO SETUP UPLOAD DIR'); JError::raiseError(500, $errmsg); } // Set up the view require_once JPATH_COMPONENT_SITE . DS . 'views' . DS . 'update' . DS . 'view.php'; $view = new AttachmentsViewUpdate(); $view->assign('update_file', JRequest::getVar('change', false)); $view->assign('save_url', "index.php?option=com_attachments&task=save&tmpl=component"); $view->assign('attachment_id', $id); $view->assign('article_id', $article_id); $view->assign('article_title', $article_title); $view->assign('filename', $attachment->filename); $view->assign('description', $attachment->description); $view->assign('display_filename', $attachment->display_filename); $view->assign('user_field_1', $attachment->user_field_1); $view->assign('user_field_2', $attachment->user_field_2); $view->assign('user_field_3', $attachment->user_field_3); $view->assign('from', JRequest::getVar('from', 'closeme')); $view->assign('Itemid', JRequest::getVar('Itemid', 1)); $view->assignRef('params', $params); $view->display(null, false, false, false); }