/**
* Display a form for updating/editing an attachment
*/
public function update()
{
// Call with: index.php?option=com_attachments&task=update&id=1&tmpl=component
// or: component/attachments/update/id/1/tmpl/component
// Make sure we have a valid attachment ID
$id = JRequest::getInt('id');
if (is_numeric($id)) {
$id = (int) $id;
} else {
$errmsg = JText::sprintf('ATTACH_ERROR_INVALID_ATTACHMENT_ID_N', $id) . ' (ERR 24)';
JError::raiseError(500, $errmsg);
}
// Get the attachment record
require_once JPATH_COMPONENT_SITE . '/models/attachment.php';
$model = new AttachmentsModelAttachment();
$model->setId($id);
$attachment = $model->getAttachment();
if (!$attachment) {
$errmsg = JText::sprintf('ATTACH_ERROR_CANNOT_UPDATE_ATTACHMENT_INVALID_ID_N', $id) . ' (ERR 25)';
JError::raiseError(500, $errmsg);
}
// Get the component parameters
jimport('joomla.application.component.helper');
$params = JComponentHelper::getParams('com_attachments');
// Get the article/parent handler
$parent_id = $attachment->parent_id;
$parent_type = $attachment->parent_type;
$parent_entity = $attachment->parent_entity;
JPluginHelper::importPlugin('attachments');
$apm = getAttachmentsPluginManager();
if (!$apm->attachmentsPluginInstalled($parent_type)) {
$errmsg = JText::sprintf('ATTACH_ERROR_INVALID_PARENT_TYPE_S', $parent_type) . ' (ERR 26)';
JError::raiseError(500, $errmsg);
}
$parent = $apm->getAttachmentsPlugin($parent_type);
// Check to make sure we can edit it
if (!$parent->userMayEditAttachment($attachment)) {
return JError::raiseError(404, JText::_('JERROR_ALERTNOAUTHOR') . ' (ERR 27)');
}
// Set up the entity name for display
$parent_entity_name = JText::_('ATTACH_' . $parent_entity);
// Verify that this user may add attachments to this parent
$user = JFactory::getUser();
$new_parent = false;
if ($parent_id === null) {
$parent_id = 0;
$new_parent = true;
}
// Make sure the attachments directory exists
$upload_dir = JPATH_BASE . '/' . AttachmentsDefines::$ATTACHMENTS_SUBDIR;
$secure = $params->get('secure', false);
if (!AttachmentsHelper::setup_upload_directory($upload_dir, $secure)) {
$errmsg = JText::sprintf('ATTACH_ERROR_UNABLE_TO_SETUP_UPLOAD_DIR_S', $upload_dir) . ' (ERR 28)';
JError::raiseError(500, $errmsg);
}
// Make sure the update parameter is legal
$update = JRequest::getWord('update');
if ($update && !in_array($update, AttachmentsDefines::$LEGAL_URI_TYPES)) {
$update = false;
}
// Suppress the display filename if we are switching from file to url
$display_name = $attachment->display_name;
if ($update && $update != $attachment->uri_type) {
$attachment->display_name = '';
}
// Set up the view
require_once JPATH_COMPONENT_SITE . '/views/update/view.html.php';
$view = new AttachmentsViewUpdate();
$from = JRequest::getWord('from', 'closeme');
AttachmentsHelper::add_view_urls($view, 'update', $parent_id, $attachment->parent_type, $id, $from);
$view->update = $update;
$view->new_parent = $new_parent;
$view->attachment = $attachment;
$view->parent = $parent;
$view->params = $params;
$view->from = $from;
$view->Itemid = JRequest::getInt('Itemid', 1);
$view->error = false;
$view->error_msg = false;
$view->display();
}
/**
* Download an attachment (in secure mode)
*
* @param int $id the attachment id
*/
public static function download_attachment($id)
{
// Get the info about the attachment
require_once JPATH_COMPONENT_SITE . '/models/attachment.php';
$model = new AttachmentsModelAttachment();
$model->setId($id);
$attachment = $model->getAttachment();
if (!$attachment) {
$errmsg = JText::sprintf('ATTACH_ERROR_INVALID_ATTACHMENT_ID_N', $id) . ' (ERR 41)';
JError::raiseError(500, $errmsg);
}
$parent_id = $attachment->parent_id;
$parent_type = $attachment->parent_type;
$parent_entity = $attachment->parent_entity;
// Get the article/parent handler
JPluginHelper::importPlugin('attachments');
$apm = getAttachmentsPluginManager();
if (!$apm->attachmentsPluginInstalled($parent_type)) {
$errmsg = JText::sprintf('ATTACH_ERROR_UNKNOWN_PARENT_TYPE_S', $parent_type) . ' (ERR 42)';
JError::raiseError(500, $errmsg);
}
$parent = $apm->getAttachmentsPlugin($parent_type);
// Get the component parameters
jimport('joomla.application.component.helper');
$params = JComponentHelper::getParams('com_attachments');
// Make sure that the user can access the attachment
if (!$parent->userMayAccessAttachment($attachment)) {
// If not logged in, warn them to log in
$user = JFactory::getUser();
if ($user->get('username') == '') {
$guest_levels = $params->get('show_guest_access_levels', array('1'));
if (in_array($attachment->access, $guest_levels)) {
// Construct the login request with return URL
$app = JFactory::getApplication();
$return = $app->getUserState('com_attachments.current_url', '');
$redirect_to = JRoute::_('index.php?option=com_attachments&task=requestLogin' . $return);
$app = JFactory::getApplication();
$app->redirect($redirect_to);
}
}
// Otherwise, just error out
$errmsg = JText::_('ATTACH_ERROR_NO_PERMISSION_TO_DOWNLOAD') . ' (ERR 43)';
JError::raiseError(500, $errmsg);
}
// Get the other info about the attachment
$download_mode = $params->get('download_mode', 'attachment');
$content_type = $attachment->file_type;
if ($attachment->uri_type == 'file') {
$filename = $attachment->filename;
$filename_sys = $attachment->filename_sys;
// Make sure the file exists
jimport('joomla.filesystem.file');
if (!JFile::exists($filename_sys)) {
$errmsg = JText::sprintf('ATTACH_ERROR_FILE_S_NOT_FOUND_ON_SERVER', $filename) . ' (ERR 44)';
JError::raiseError(500, $errmsg);
}
$file_size = filesize($filename_sys);
// Construct the downloaded filename
$filename_info = pathinfo($filename);
$extension = "." . $filename_info['extension'];
$basename = basename($filename, $extension);
// Modify the following line insert a string into
// the filename of the downloaded file, for example:
// $mod_filename = $basename . "(yoursite)" . $extension;
$mod_filename = $basename . $extension;
$model->incrementDownloadCount();
// Begin writing headers
ob_clean();
// Clear any previously written headers in the output buffer
// Handle MSIE differently...
jimport('joomla.environment.browser');
$browser = JBrowser::getInstance();
$browserType = $browser->getBrowser();
$browserVersion = $browser->getMajor();
// Handle older versions of MS Internet Explorer
if ($browserType == 'msie' and $browserVersion <= 8) {
// Ensure UTF8 characters in filename are encoded correctly in IE
$mod_filename = rawurlencode($mod_filename);
// Tweak the headers for MSIE
header('Pragma: private');
header('Cache-control: private, must-revalidate');
header("Content-Length: " . $file_size);
// MUST be a number for IE
} else {
header('Cache-Control: private, max-age=0, must-revalidate, no-store');
header("Content-Length: " . (string) $file_size);
}
// Force the download
if ($download_mode == 'attachment') {
// attachment
header("Content-Disposition: attachment; filename=\"{$mod_filename}\"");
} else {
// inline
header("Content-Disposition: inline; filename=\"{$mod_filename}\"");
}
header('Content-Transfer-Encoding: binary');
header("Content-Type: {$content_type}");
// If x-sendfile is available, use it
if (function_exists('apache_get_modules') && in_array('mod_xsendfile', apache_get_modules())) {
header("X-Sendfile: {$filename_sys}");
} else {
if ($file_size <= 1048576) {
// If the file size is one MB or less, use readfile
// ??? header("Content-Length: ".$file_size);
@readfile($filename_sys);
} else {
// Send it in 8K chunks
set_time_limit(0);
$file = @fopen($filename_sys, "rb");
while (!feof($file) and connection_status() == 0) {
print @fread($file, 8 * 1024);
ob_flush();
flush();
}
}
}
exit;
} else {
if ($attachment->uri_type == 'url') {
// Note the download
$model->incrementDownloadCount();
// Forward to the URL
ob_clean();
// Clear any previously written headers in the output buffer
header("Location: {$attachment->url}");
}
}
}