/** * Upload a file to the wiki via AJAX * * @return string */ public function ajaxUploadTask() { // Check if they're logged in if (User::isGuest()) { echo json_encode(array('error' => Lang::txt('COM_COLLECTIONS_ERROR_LOGIN_REQUIRED'))); return; } // Ensure we have an ID to work with $listdir = strtolower(Request::getVar('dir', '')); if (!$listdir) { echo json_encode(array('error' => Lang::txt('COM_COLLECTIONS_NO_ID'))); return; } if (substr($listdir, 0, 3) == 'tmp') { $item = new Item($listdir); if (!$item->exists()) { $item->set('state', 0); $item->set('title', $listdir); if (!$item->store()) { echo json_encode(array('error' => $item->getError())); return; } } $listdir = $item->get('id'); } //max upload size $sizeLimit = $this->config->get('maxAllowed', 40000000); // get the file if (isset($_GET['qqfile'])) { $stream = true; $file = $_GET['qqfile']; $size = (int) $_SERVER["CONTENT_LENGTH"]; } elseif (isset($_FILES['qqfile'])) { $stream = false; $file = $_FILES['qqfile']['name']; $size = (int) $_FILES['qqfile']['size']; } else { echo json_encode(array('error' => Lang::txt('COM_COLLECTIONS_FILE_NOT_FOUND'))); return; } $asset = new Asset(); //define upload directory and make sure its writable $path = $asset->filespace() . DS . $listdir; if (!is_dir($path)) { if (!Filesystem::makeDirectory($path)) { echo json_encode(array('error' => Lang::txt('COM_COLLECTIONS_ERROR_UNABLE_TO_CREATE_UPLOAD_DIR'))); return; } } if (!is_writable($path)) { echo json_encode(array('error' => Lang::txt('COM_COLLECTIONS_ERROR_UPLOAD_DIR_NOT_WRITABLE'))); return; } //check to make sure we have a file and its not too big if ($size == 0) { echo json_encode(array('error' => Lang::txt('COM_COLLECTIONS_ERROR_EMPTY_FILE'))); return; } if ($size > $sizeLimit) { $max = preg_replace('/<abbr \\w+=\\"\\w+\\">(\\w{1,3})<\\/abbr>/', '$1', \Hubzero\Utility\Number::formatBytes($sizeLimit)); echo json_encode(array('error' => Lang::txt('COM_COLLECTIONS_ERROR_FILE_TOO_LARGE', $max))); return; } // don't overwrite previous files that were uploaded $pathinfo = pathinfo($file); $filename = $pathinfo['filename']; // Make the filename safe $filename = urldecode($filename); $filename = Filesystem::clean($filename); $filename = str_replace(' ', '_', $filename); $ext = $pathinfo['extension']; while (file_exists($path . DS . $filename . '.' . $ext)) { $filename .= rand(10, 99); } $file = $path . DS . $filename . '.' . $ext; if ($stream) { //read the php input stream to upload file $input = fopen("php://input", "r"); $temp = tmpfile(); $realSize = stream_copy_to_stream($input, $temp); fclose($input); //move from temp location to target location which is user folder $target = fopen($file, "w"); fseek($temp, 0, SEEK_SET); stream_copy_to_stream($temp, $target); fclose($target); } else { move_uploaded_file($_FILES['qqfile']['tmp_name'], $file); } // Create database entry $asset->set('item_id', intval($listdir)); $asset->set('filename', $filename . '.' . $ext); $asset->set('description', Request::getVar('description', '', 'post')); $asset->set('state', 1); $asset->set('type', 'file'); if (!$asset->store()) { echo json_encode(array('error' => $asset->getError())); return; } $view = new \Hubzero\Component\View(array('name' => 'media', 'layout' => '_asset')); $view->i = Request::getInt('i', 0); $view->option = $this->_option; $view->controller = $this->_controller; $view->asset = $asset; $view->no_html = 1; //echo result echo json_encode(array('success' => true, 'file' => $filename . '.' . $ext, 'directory' => str_replace(PATH_APP, '', $path), 'id' => $listdir, 'html' => str_replace('>', '>', $view->loadTemplate()))); }