public static function do_download_file($type) {
global $wf;
// used by the "From URL" control
if (isset($_REQUEST["url"])) {
$url = trim($_REQUEST["url"]);
if ($url) {
MPC::incl("files");
$model_id = $_REQUEST["model_id"];
// need to check the extensions
$pi = pathinfo(urldecode($url));
$field = MPM_Field::find_by_id($model_id);
if ($field) {
$type_options = $field->type_options;
$extensions = $type_options["allowed_types"];
if (!in_array(strtolower($pi["extension"]), $extensions)) {
self::ajax_error( sprintf( __("Cannot download %s. This field only allows the file types %s", MASTERPRESS_DOMAIN ), $type, implode(", ", $extensions)));
}
list($dir, $sub) = MPC_Files::upload_dir($field);
$name = MPC_Files::sanitize_filename($pi["filename"], $type_options).".".md5($url);
if ($type == "image") {
$file = $wf->image_from_url($url, $name, $dir);
} else {
$file = $wf->file_from_url($url, $name, $dir);
}
if ($file->exists()) {
// check the file size
$limit = self::get_filesize_limit();
if (isset($type_options["allowed_maxsize"])) {
if (is_numeric($type_options["allowed_maxsize"])) {
$limit = WOOF_File::to_bytes($type_options["allowed_maxsize"]."M");
}
}
if ($file->filesizeinbytes() > $limit) {
$file->delete();
self::ajax_error( sprintf( __("The %s was downloaded, but it could not saved as it was too large. This field only allows files up to %s", MASTERPRESS_DOMAIN ), $type, WOOF_File::format_filesize($limit, "MB", TRUE, $sep = " ")));
}
$info = array( "url" => $file->permalink() );
self::ajax_success($info);
} else {
self::ajax_error( sprintf( __("The %s could not be downloaded. Please check the URL is valid and try again", MASTERPRESS_DOMAIN ), $type ) );
}
} else {
self::ajax_error( sprintf( __( "This %s field could not be found in the database to check the validity of this download.", MASTERPRESS_DOMAIN ), $type ) );
}
}
}
self::ajax_error(__("No URL specified", MASTERPRESS_DOMAIN));
}
/**
* Returns array('success'=>true) or array('error'=>'error message')
*/
function handleUpload() {
$dir = $this->options["dir"];
if (!is_writable($dir)){
return array('error' => "Sorry, the file could not be uploaded as the upload directory isn't writable.");
}
if (!$this->file){
return array('error' => __('No files were uploaded.', MASTERPRESS_DOMAIN));
}
$size = $this->file->getSize();
if ($size == 0) {
return array('error' => 'File is empty');
}
if ($size > $this->options["size_limit"]) {
return array('error' => sprintf( __('Sorry, the file is too large. The maximum size allowed is %s bytes', MASTERPRESS_DOMAIN), $this->options["size_limit"]));
}
$pathinfo = pathinfo($this->file->getName());
$filename = $pathinfo['filename'];
//$filename = md5(uniqid());
$ext = $pathinfo['extension'];
if($this->options["allowed_extensions"] && !in_array(strtolower($ext), $this->options["allowed_extensions"])){
$these = implode(', ', $this->options["allowed_extensions"]);
return array('error' => sprintf( __('Sorry, you cannot upload a file of this type. Files must have an extension in the following list: %s.', MASTERPRESS_DOMAIN), $these) );
}
// traversal mod to allow serial numbering for non-replace
$count = 0;
// mod the file name based on options
$v = ".v";
$filename = MPC_Files::sanitize_filename($filename, $this->options);
if (!isset($this->options["overwrite"])) {
$basefilename = $filename;
while (file_exists($dir . $filename . '.' . $ext)) {
$count++;
$filename = $basefilename.$v.$count;
}
}
if ($this->file->save($dir . $filename . '.' . $ext)) {
// traversal mod to return the eventual filename (why wasn't this included???)
return array("dir" => $this->options["sub_dir"], 'success' => true, 'filename' => $filename . '.' . $ext);
} else {
return array('error'=> __('Could not save uploaded file.', MASTERPRESS_DOMAIN) .
__('The upload was cancelled, or a server error has occurred.', MASTERPRESS_DOMAIN));
}
}