public function __construct($file, $roomId) { // get file $this->name = Fari_Escape::file($file['name'], TRUE); $this->mime = $file['type']; // db instance $db = Fari_Db::getConnection(); $type = explode('/', $this->mime); $type = count($type) > 1 ? $type[1] : $type[0]; // set generic filetype for files we don't have icons for :) if (!in_array($type, $this->fileTypes)) { $type = 'generic'; } $stream = fopen($file['tmp_name'], 'rb'); $code = $this->randomCode($db); $date = SystemTime::timestampToDate(); // let's associate the file with a transcript (there better be a transcript...) $transcript = $db->selectRow('room_transcripts', 'key', array('date' => $date, 'room' => $roomId)); // insert the file $db->query("INSERT INTO files (mime, data, code, room, filename, type, date, transcript)\n VALUES (?, ?, ?, ?, ?, ?, ?, ?)", array($this->mime, $stream, $this->code = $code, $roomId, $this->name, $this->type = $type, $date, $transcript['key'])); fclose($stream); // create a thumbnail if required $thumbnail = new UploadThumbnail($file); if ($thumbnail->isCreated()) { // yes we do have one $this->thumbnail = TRUE; $thumb = fopen($thumbnail->getPath(), 'rb'); // insert the thumbnail $db->query("INSERT INTO thumbs (data, code) VALUES (?, ?)", array($thumb, $this->code)); fclose($thumb); //$thumbnail->destroy(); } }
/** * File upload. * * @param string $directoryPath Where to upload to * @param string $inputUserFile The <input> element name passed from a form * @return array Status and a message */ public static function upload($directoryPath, $inputUserFile = 'userfile') { // only allow uploads in 'our' directory $directoryPath = BASEPATH . self::addTrailingSlash($directoryPath); // check that a file was selected if (!isset($_FILES[$inputUserFile])) { return array('status' => 'fail', 'message' => 'No file selected.'); } // check that path is valid if (!is_dir($directoryPath) || !is_writable($directoryPath)) { return array('status' => 'fail', 'message' => 'The upload path is not writable.'); } // was the file uploaded? if (!is_uploaded_file($_FILES[$inputUserFile]['tmp_name'])) { // determine the cause of upload error return self::_findUploadError($inputUserFile); } // convert (escape) new filename $fileName = Fari_Escape::file($_FILES[$inputUserFile]['name'], TRUE); // move to destination directory if (!@move_uploaded_file($_FILES[$inputUserFile]['tmp_name'], $directoryPath . $fileName)) { return array('status' => 'fail', 'message' => 'File upload error.'); } return array('status' => 'success', 'message' => 'File \'' . $fileName . '\' uploaded succesfully.'); }