/** * Get the state of the entry as either text or numerical value * * @param string $as Format to return state in [text, number] * @param integer $shorten Number of characters to shorten text to * @return string */ public function content($as = 'parsed', $shorten = 0) { $as = strtolower($as); $options = array(); switch ($as) { case 'parsed': $content = $this->get('report_parsed', null); if ($content === null) { $config = Component::params('com_support'); $path = trim($config->get('webpath', '/site/tickets'), DS) . DS . $this->get('id'); $webpath = str_replace('//', '/', rtrim(Request::base(), '/') . '/' . $path); if (isset($_SERVER['HTTPS'])) { $webpath = str_replace('http:', 'https:', $webpath); } if (!strstr($webpath, '://')) { $webpath = str_replace(':/', '://', $webpath); } $attach = new Tables\Attachment($this->_db); $attach->webpath = $webpath; $attach->uppath = PATH_APP . DS . $path; $attach->output = 'web'; // Escape potentially bad characters $this->set('report_parsed', htmlentities($this->get('report'), ENT_COMPAT, 'UTF-8')); // Convert line breaks to <br /> tags $this->set('report_parsed', nl2br($this->get('report_parsed'))); // Convert tabs to spaces to preserve indention $this->set('report_parsed', str_replace("\t", ' ', $this->get('report_parsed'))); // Look for any attachments (old style) $this->set('report_parsed', $attach->parse($this->get('report_parsed'))); if (!$this->get('report_parsed')) { $this->set('report_parsed', Lang::txt('(no content found)')); } return $this->content('parsed'); } $options = array('html' => true); break; case 'clean': $content = strip_tags($this->content('parsed')); break; case 'raw': default: $content = stripslashes($this->get('report')); break; } if ($shorten) { $content = String::truncate($content, $shorten, $options); } return $content; }
/** * Uploads a file to a given directory and returns an attachment string * that is appended to report/comment bodies * * @param string $listdir Directory to upload files to * @return string A string that gets appended to messages */ public function uploadTask($listdir, $comment_id = 0) { if (!$listdir) { $this->setError(Lang::txt('COM_SUPPORT_ERROR_MISSING_UPLOAD_DIRECTORY')); return ''; } // Construct our file path $path = PATH_APP . DS . trim($this->config->get('webpath', '/site/tickets'), DS) . DS . $listdir; $row = new Tables\Attachment($this->database); // Rename temp directories if ($tmp = Request::getInt('tmp_dir')) { $tmpPath = PATH_APP . DS . trim($this->config->get('webpath', '/site/tickets'), DS) . DS . $tmp; if (is_dir($tmpPath)) { if (!\Filesystem::move($tmpPath, $path)) { $this->setError(Lang::txt('COM_SUPPORT_ERROR_UNABLE_TO_MOVE_UPLOAD_PATH')); throw new Exception(Lang::txt('COM_SUPPORT_ERROR_UNABLE_TO_MOVE_UPLOAD_PATH'), 500); return ''; } $row->updateTicketId($tmp, $listdir); } } // Incoming file $file = Request::getVar('upload', '', 'files', 'array'); if (!isset($file['name']) || !$file['name']) { //$this->setError(Lang::txt('SUPPORT_NO_FILE')); return ''; } // Incoming $description = Request::getVar('description', ''); // Build the path if it doesn't exist if (!is_dir($path)) { if (!Filesystem::makeDirectory($path)) { $this->setError(Lang::txt('COM_SUPPORT_ERROR_UNABLE_TO_CREATE_UPLOAD_PATH')); return ''; } } // Make the filename safe $file['name'] = Filesystem::clean($file['name']); $file['name'] = str_replace(' ', '_', $file['name']); $ext = strtolower(Filesystem::extension($file['name'])); //make sure that file is acceptable type if (!in_array($ext, explode(',', $this->config->get('file_ext')))) { $this->setError(Lang::txt('COM_SUPPORT_ERROR_INCORRECT_FILE_TYPE')); return Lang::txt('COM_SUPPORT_ERROR_INCORRECT_FILE_TYPE'); } $filename = Filesystem::name($file['name']); while (file_exists($path . DS . $filename . '.' . $ext)) { $filename .= rand(10, 99); } $finalfile = $path . DS . $filename . '.' . $ext; // Perform the upload if (!Filesystem::upload($file['tmp_name'], $finalfile)) { $this->setError(Lang::txt('COM_SUPPORT_ERROR_UPLOADING')); return ''; } else { // Scan for viruses if (!\Filesystem::isSafe($finalfile)) { if (\Filesystem::delete($finalfile)) { $this->setError(Lang::txt('COM_SUPPORT_ERROR_FAILED_VIRUS_SCAN')); return Lang::txt('COM_SUPPORT_ERROR_FAILED_VIRUS_SCAN'); } } // File was uploaded // Create database entry $description = htmlspecialchars($description); $row->bind(array('id' => 0, 'ticket' => $listdir, 'comment_id' => $comment_id, 'filename' => $filename . '.' . $ext, 'description' => $description)); if (!$row->check()) { $this->setError($row->getError()); } if (!$row->store()) { $this->setError($row->getError()); } if (!$row->id) { $row->getID(); } return '{attachment#' . $row->id . '}'; } }
/** * Uploads a file and generates a database entry for that item * * @param $listdir Sub-directory to upload files to * @return string Key to use in comment bodies (parsed into links or img tags) */ public function uploadTask($listdir, $comment = 0) { // Incoming $description = Request::getVar('description', ''); if (!$listdir) { $this->setError(Lang::txt('COM_SUPPORT_ERROR_NO_ID')); return ''; } // Incoming file $file = Request::getVar('upload', '', 'files', 'array'); if (!is_array($file) || !isset($file['name']) || !$file['name']) { $this->setError(Lang::txt('COM_SUPPORT_ERROR_NO_FILE')); return ''; } // Construct our file path $file_path = PATH_APP . DS . trim($this->config->get('webpath', '/site/tickets'), DS) . DS . $listdir; if (!is_dir($file_path)) { if (!Filesystem::makeDirectory($file_path)) { $this->setError(Lang::txt('COM_SUPPORT_ERROR_UNABLE_TO_CREATE_UPLOAD_PATH')); return ''; } } // Make the filename safe $file['name'] = Filesystem::clean($file['name']); $file['name'] = str_replace(' ', '_', $file['name']); $ext = strtolower(Filesystem::extension($file['name'])); $filename = Filesystem::name($file['name']); while (file_exists($file_path . DS . $filename . '.' . $ext)) { $filename .= rand(10, 99); } $finalfile = $file_path . DS . $filename . '.' . $ext; // Perform the upload if (!Filesystem::upload($file['tmp_name'], $finalfile)) { $this->setError(Lang::txt('COM_SUPPORT_ERROR_UPLOADING')); return ''; } else { // Scan for viruses //$path = $file_path . DS . $file['name']; //PATH_CORE . DS . 'virustest'; if (!Filesystem::isSafe($finalfile)) { if (Filesystem::delete($finalfile)) { $this->setError(Lang::txt('COM_SUPPORT_ERROR_FAILED_SECURITY_SCAN')); return ''; } } // File was uploaded // Create database entry $description = htmlspecialchars($description); $row = new Tables\Attachment($this->database); $row->bind(array('id' => 0, 'ticket' => $listdir, 'comment_id' => $comment, 'filename' => $filename . '.' . $ext, 'description' => $description)); if (!$row->check()) { $this->setError($row->getError()); } if (!$row->store()) { $this->setError($row->getError()); } if (!$row->id) { $row->getID(); } return '{attachment#' . $row->id . '}'; } }
/** * Process an attachment macro and output a link to the file * * @param array $matches Macro info * @return string HTML */ protected function _getAttachment($matches) { $tokens = explode('#', $matches[0]); $id = intval(end($tokens)); $attach = new Tables\Attachment($this->_db); $attach->load($id); if ($attach->id && !$attach->comment_id) { $attach->comment_id = $this->get('id'); $attach->created = $this->get('created'); $attach->created_by = $this->creator('id'); $attach->store(); } if (!$this->_cache['attachments.list'] instanceof ItemList) { $this->_cache['attachments.list'] = new ItemList(array()); } $this->_cache['attachments.list']->add(new Attachment($attach)); return ''; }