$id = abs($_REQUEST['id']); $sql = "SELECT file_name, folder_id, description FROM %sfiles WHERE file_id=%d AND owner_type=%d AND owner_id=%d"; $row = queryDB($sql, array(TABLE_PREFIX, $id, $owner_type, $owner_id), TRUE); if (count($row) == 0) { $msg->printErrors('FILE_NOT_EXIST'); require AT_INCLUDE_PATH . 'footer.inc.php'; exit; } if (isset($_POST['description'])) { $row['description'] = $stripslashes($_POST['description']); $row['file_name'] = $stripslashes($_POST['name']); $row['comment'] = $stripslashes($_POST['comment']); $_POST['body'] = $stripslashes($_POST['body']); } $ext = fs_get_file_extension($row['file_name']); $file_path = fs_get_file_path($id); ?> <form method="post" action="<?php echo $_SERVER['PHP_SELF'] . $owner_arg_prefix; ?> " name="form"> <input type="hidden" name="id" value="<?php echo $id; ?> " /> <input type="hidden" name="folder" value="<?php echo $row['folder_id']; ?> " /> <input type="submit" name="submit" style="display:none;"/>
header('Location: ' . AT_BASE_HREF . 'mods/_standard/file_storage/index.php'); exit; } } if (!$msg->containsErrors()) { $_POST['description'] = $addslashes(trim($_POST['description'])); $_FILES['file']['name'] = addslashes($_FILES['file']['name']); if ($_POST['comments']) { $num_comments = 1; } else { $num_comments = 0; } $sql = "INSERT INTO " . TABLE_PREFIX . "files VALUES (NULL, {$owner_type}, {$owner_id}, {$_SESSION['member_id']}, {$parent_folder_id}, 0, NOW(), {$num_comments}, 0, '{$_FILES['file']['name']}', {$_FILES['file']['size']}, '{$_POST['description']}')"; $result = mysql_query($sql, $db); if ($result && ($file_id = mysql_insert_id($db))) { $path = fs_get_file_path($file_id); move_uploaded_file($_FILES['file']['tmp_name'], $path . $file_id); // check if this file name already exists $sql = "SELECT file_id, num_revisions FROM " . TABLE_PREFIX . "files WHERE owner_type={$owner_type} AND owner_id={$owner_id} AND folder_id={$parent_folder_id} AND file_id<>{$file_id} AND file_name='{$_FILES['file']['name']}' AND parent_file_id=0 ORDER BY file_id DESC LIMIT 1"; $result = mysql_query($sql, $db); if ($row = mysql_fetch_assoc($result)) { if ($_config['fs_versioning']) { $sql = "UPDATE " . TABLE_PREFIX . "files SET parent_file_id={$file_id}, date=date WHERE file_id={$row['file_id']}"; $result = mysql_query($sql, $db); $sql = "UPDATE " . TABLE_PREFIX . "files SET num_revisions={$row['num_revisions']}+1, date=date WHERE file_id={$file_id}"; $result = mysql_query($sql, $db); } else { fs_delete_file($row['file_id'], $owner_type, $owner_id); } } $msg->addFeedback('FILE_UPLOADED');
/** * copies a file to another workspace. * currently only used for submitting assignments. **/ function fs_copy_file($file_id, $src_owner_type, $src_owner_id, $dest_owner_type, $dest_owner_id, $dest_folder_id) { $sql = "SELECT file_name, file_size, description FROM %sfiles WHERE file_id=%d AND owner_type=%d AND owner_id=%d"; $row = queryDB($sql, array(TABLE_PREFIX, $file_id, $src_owner_type, $src_owner_id), TRUE); if (count($row) == 0) { return false; } $sql = "INSERT INTO %sfiles VALUES (NULL, %d, %d, %d, %d, 0, NOW(), 0, 0, '%s', %d, '%s')"; $result = queryDB($sql, array(TABLE_PREFIX, $dest_owner_type, $dest_owner_id, $_SESSION['member_id'], $dest_folder_id, $row['file_name'], $row['file_size'], $row['description'])); $id = at_insert_id(); $src_file = fs_get_file_path($file_id) . $file_id; $dest_file = fs_get_file_path($id) . $id; copy($src_file, $dest_file); }
/** * copies a file to another workspace. * currently only used for submitting assignments. **/ function fs_copy_file($file_id, $src_owner_type, $src_owner_id, $dest_owner_type, $dest_owner_id, $dest_folder_id) { global $db; $sql = "SELECT file_name, file_size, description FROM ".TABLE_PREFIX."files WHERE file_id=$file_id AND owner_type=$src_owner_type AND owner_id=$src_owner_id"; $result = mysql_query($sql, $db); if (!$row = mysql_fetch_assoc($result)) { return false; } $sql = "INSERT INTO ".TABLE_PREFIX."files VALUES (NULL, $dest_owner_type, $dest_owner_id, $_SESSION[member_id], $dest_folder_id, 0, NOW(), 0, 0, '$row[file_name]', '$row[file_size]', '$row[description]')"; $result = mysql_query($sql, $db); $id = mysql_insert_id($db); $src_file = fs_get_file_path($file_id) . $file_id; $dest_file = fs_get_file_path($id) . $id; copy($src_file, $dest_file); }
/** * copies a file to another workspace. * currently only used for submitting assignments. **/ function fs_copy_file($file_id, $src_owner_type, $src_owner_id, $dest_owner_type, $dest_owner_id, $dest_folder_id) { global $db; $sql = "SELECT file_name, file_size, description FROM " . TABLE_PREFIX . "files WHERE file_id={$file_id} AND owner_type={$src_owner_type} AND owner_id={$src_owner_id}"; $result = mysql_query($sql, $db); if (!($row = mysql_fetch_assoc($result))) { return false; } $sql = "INSERT INTO " . TABLE_PREFIX . "files VALUES (NULL, {$dest_owner_type}, {$dest_owner_id}, {$_SESSION['member_id']}, {$dest_folder_id}, 0, NOW(), 0, 0, '{$row['file_name']}', '{$row['file_size']}', '{$row['description']}')"; $result = mysql_query($sql, $db); $id = mysql_insert_id($db); $src_file = fs_get_file_path($file_id) . $file_id; $dest_file = fs_get_file_path($id) . $id; copy($src_file, $dest_file); }