/** * Upload a file to the wiki via AJAX * * @return string */ public function ajaxUploadTask() { // Check if they're logged in if (User::isGuest()) { echo json_encode(array('error' => Lang::txt('COM_COLLECTIONS_ERROR_LOGIN_REQUIRED'))); return; } // Ensure we have an ID to work with $listdir = strtolower(Request::getVar('dir', '')); if (!$listdir) { echo json_encode(array('error' => Lang::txt('COM_COLLECTIONS_NO_ID'))); return; } if (substr($listdir, 0, 3) == 'tmp') { $item = new Item($listdir); if (!$item->exists()) { $item->set('state', 0); $item->set('title', $listdir); if (!$item->store()) { echo json_encode(array('error' => $item->getError())); return; } } $listdir = $item->get('id'); } //max upload size $sizeLimit = $this->config->get('maxAllowed', 40000000); // get the file if (isset($_GET['qqfile'])) { $stream = true; $file = $_GET['qqfile']; $size = (int) $_SERVER["CONTENT_LENGTH"]; } elseif (isset($_FILES['qqfile'])) { $stream = false; $file = $_FILES['qqfile']['name']; $size = (int) $_FILES['qqfile']['size']; } else { echo json_encode(array('error' => Lang::txt('COM_COLLECTIONS_FILE_NOT_FOUND'))); return; } $asset = new Asset(); //define upload directory and make sure its writable $path = $asset->filespace() . DS . $listdir; if (!is_dir($path)) { if (!Filesystem::makeDirectory($path)) { echo json_encode(array('error' => Lang::txt('COM_COLLECTIONS_ERROR_UNABLE_TO_CREATE_UPLOAD_DIR'))); return; } } if (!is_writable($path)) { echo json_encode(array('error' => Lang::txt('COM_COLLECTIONS_ERROR_UPLOAD_DIR_NOT_WRITABLE'))); return; } //check to make sure we have a file and its not too big if ($size == 0) { echo json_encode(array('error' => Lang::txt('COM_COLLECTIONS_ERROR_EMPTY_FILE'))); return; } if ($size > $sizeLimit) { $max = preg_replace('/<abbr \\w+=\\"\\w+\\">(\\w{1,3})<\\/abbr>/', '$1', \Hubzero\Utility\Number::formatBytes($sizeLimit)); echo json_encode(array('error' => Lang::txt('COM_COLLECTIONS_ERROR_FILE_TOO_LARGE', $max))); return; } // don't overwrite previous files that were uploaded $pathinfo = pathinfo($file); $filename = $pathinfo['filename']; // Make the filename safe $filename = urldecode($filename); $filename = Filesystem::clean($filename); $filename = str_replace(' ', '_', $filename); $ext = $pathinfo['extension']; while (file_exists($path . DS . $filename . '.' . $ext)) { $filename .= rand(10, 99); } $file = $path . DS . $filename . '.' . $ext; if ($stream) { //read the php input stream to upload file $input = fopen("php://input", "r"); $temp = tmpfile(); $realSize = stream_copy_to_stream($input, $temp); fclose($input); //move from temp location to target location which is user folder $target = fopen($file, "w"); fseek($temp, 0, SEEK_SET); stream_copy_to_stream($temp, $target); fclose($target); } else { move_uploaded_file($_FILES['qqfile']['tmp_name'], $file); } // Create database entry $asset->set('item_id', intval($listdir)); $asset->set('filename', $filename . '.' . $ext); $asset->set('description', Request::getVar('description', '', 'post')); $asset->set('state', 1); $asset->set('type', 'file'); if (!$asset->store()) { echo json_encode(array('error' => $asset->getError())); return; } $view = new \Hubzero\Component\View(array('name' => 'media', 'layout' => '_asset')); $view->i = Request::getInt('i', 0); $view->option = $this->_option; $view->controller = $this->_controller; $view->asset = $asset; $view->no_html = 1; //echo result echo json_encode(array('success' => true, 'file' => $filename . '.' . $ext, 'directory' => str_replace(PATH_APP, '', $path), 'id' => $listdir, 'html' => str_replace('>', '>', $view->loadTemplate()))); }
/** * Create a post * * @apiMethod POST * @apiUri /collections/{id}/posts * @apiParameter { * "name": "collection_id", * "description": "Collection identifier", * "type": "integer", * "required": true, * "default": null * } * @apiParameter { * "name": "title", * "description": "Entry title", * "type": "string", * "required": true, * "default": null * } * @apiParameter { * "name": "description", * "description": "Entry description", * "type": "string", * "required": false, * "default": null * } * @apiParameter { * "name": "url", * "description": "Entry URL; Requires 'type'='link'", * "type": "string", * "required": false, * "default": null * } * @apiParameter { * "name": "created", * "description": "Created timestamp (YYYY-MM-DD HH:mm:ss)", * "type": "string", * "required": false, * "default": "now" * } * @apiParameter { * "name": "created_by", * "description": "User ID of entry creator", * "type": "integer", * "required": false, * "default": 0 * } * @apiParameter { * "name": "state", * "description": "Published state (0 = unpublished, 1 = published)", * "type": "integer", * "required": false, * "default": 0 * } * @apiParameter { * "name": "access", * "description": "Access level (0 = public, 1 = registered users, 4 = private)", * "type": "integer", * "required": false, * "default": 0 * } * @apiParameter { * "name": "type", * "description": "Item type", * "type": "string", * "required": false, * "default": "file" * } * @apiParameter { * "name": "object_id", * "description": "Object ID", * "type": "integer", * "required": false, * "default": 0 * } * @return void */ public function createTask() { $this->requiresAuthentication(); $fields = array('title' => Request::getVar('title', null, 'post', 'none', 2), 'description' => Request::getVar('description', null, 'post', 'none', 2), 'url' => Request::getVar('url', null, 'post'), 'created' => Request::getVar('created', new Date('now'), 'post'), 'created_by' => Request::getInt('created_by', 0, 'post'), 'state' => Request::getInt('state', 1, 'post'), 'access' => Request::getInt('access', 0, 'post'), 'type' => Request::getVar('type', 'file', 'post'), 'object_id' => Request::getInt('object_id', 0, 'post'), 'collection_id' => Request::getInt('collection_id', 0, 'post')); if (!$fields['collection_id']) { throw new Exception(Lang::txt('COM_COLLECTIONS_ERROR_MISSING_COLLECTION'), 422); } $row = new Item(); if (!$row->bind($fields)) { throw new Exception(Lang::txt('COM_COLLECTIONS_ERROR_BINDING_DATA'), 500); } if (!$row->store(true)) { throw new Exception(Lang::txt('COM_COLLECTIONS_ERROR_SAVING_DATA'), 500); } $post = new Post(); $post->set('item_id', $row->get('id')); $post->set('original', 1); $post->set('collection_id', $fields['collection_id']); if (!$post->store(true)) { throw new Exception(Lang::txt('COM_COLLECTIONS_ERROR_SAVING_DATA'), 500); } $this->send($row); }