private function onImport()
{
if ($this->_accessLevel < ACCESS_LEVEL_EDIT) {
CommonErrors::fatal(COMMONERROR_PERMISSION, $this, 'Invalid user level for action.');
}
set_time_limit(500);
$this->setImportTypes();
$dataType = $this->getTrimmedInput('dataType', $_POST);
$importInto = $this->getTrimmedInput('importInto', $_POST);
if (empty($dataType)) {
$this->_template->assign('errorMessage', 'No data type was specified.');
$this->importSelectType();
return;
}
if (empty($importInto) && $dataType != 'Resume') {
$this->_template->assign('errorMessage', 'No destination was specified.');
$this->importSelectType();
return;
}
/* If a file was submitted, then the user sent what colums he wanted to use already. */
if (isset($_POST['fileName'])) {
if ($_SESSION['CATS']->isDemo()) {
CommonErrors::fatal(COMMONERROR_PERMISSION, $this, 'Demo user can not import data.');
}
if (!eval(Hooks::get('IMPORT_ON_IMPORT_1'))) {
return;
}
switch ($dataType) {
case 'Text File':
$this->onImportFieldsDelimited();
return;
default:
$this->_template->assign('errorMessage', 'No 2nd parser has been included for the specified data type.');
$this->import();
return;
}
}
/* Otherwise, parse the file... */
if (!eval(Hooks::get('IMPORT_ON_IMPORT_2'))) {
return;
}
if (!isset($_FILES['file']) || empty($_FILES['file']['name'])) {
$errorMessage = sprintf('No file was uploaded.');
$this->_template->assign('errorMessage', $errorMessage);
$this->importSelectType();
return;
}
/* Get file metadata. */
$originalFilename = $_FILES['file']['name'];
$tempFilename = $_FILES['file']['tmp_name'];
$contentType = $_FILES['file']['type'];
$fileSize = $_FILES['file']['size'];
$fileUploadError = $_FILES['file']['error'];
/* Recover from magic quotes. Note that tmp_name doesn't appear to
* get escaped, and stripslashes() on it breaks on Windows. - Will
*/
if (get_magic_quotes_gpc()) {
$originalFilename = stripslashes($originalFilename);
$contentType = stripslashes($contentType);
}
if ($fileUploadError != UPLOAD_ERR_OK) {
$this->_template->assign('errorMessage', FileUtility::getErrorMessage($fileUploadError));
$this->importSelectType();
return;
}
if ($fileSize <= 0) {
$this->_template->assign('errorMessage', 'File size is less than 1 byte.');
$this->importSelectType();
return;
}
/* Make sure the attachments directory exists and create it if not. */
if (!is_dir(CATS_TEMP_DIR)) {
$errorMessage = sprintf('Directory \'%s\' does not exist. CATS is not configured correctly.', CATS_TEMP_DIR);
$this->_template->assign('errorMessage', $errorMessage);
$this->importSelectType();
return;
}
/* Make a blind attempt to recover from invalid permissions. */
@chmod(CATS_TEMP_DIR, 0777);
/* Make a random file name for the file. */
if ($dataType != 'Resume') {
$randomFile = FileUtility::makeRandomFilename($tempFilename) . '.tmp';
} else {
$randomFile = $originalFilename;
}
/* Build new path information for the file. */
$newFileFullPath = CATS_TEMP_DIR . '/' . $randomFile;
if (!@copy($tempFilename, $newFileFullPath)) {
$errorMessage = sprintf('Cannot copy temporary file from %s to %s.', $tempFilename, $newFileFullPath);
$this->_template->assign('errorMessage', $errorMessage);
$this->importSelectType();
return;
}
/* Try to remove the temp file; if it fails it doesn't matter. */
@unlink($tempFilename);
/* Store the file ID as a valid file ID (so users can't inject other file ids to read
files they shouldn't be reading. */
$_SESSION['CATS']->validImportFileIDs[] = $randomFile;
if (!eval(Hooks::get('IMPORT_ON_IMPORT_3'))) {
return;
}
switch ($dataType) {
case 'Text File':
$this->onImportDelimited($randomFile);
break;
default:
$this->_template->assign('errorMessage', 'No parser exists for the specified data type.');
$this->importSelectType();
break;
}
}
/**
* Creates an attachment to the specified data item from an HTTP POST file
* upload. This will also pass the attachment along for text extraction and
* indexing if requested.
*
* @param flag Data Item type flag.
* @param integer Data Item ID.
* @param string Name of HTTP POST file field.
* @param boolean Is this a profile image attachment?
* @param boolean Attempt to extract, store, and index the attachment's
* text?
* @return boolean Was the attachment created successfully?
*/
public function createFromUpload($dataItemType, $dataItemID, $fileField, $isProfileImage, $extractText)
{
/* Get file upload metadata. */
$originalFilename = $_FILES[$fileField]['name'];
$tempFilename = $_FILES[$fileField]['tmp_name'];
$contentType = $_FILES[$fileField]['type'];
$fileSize = $_FILES[$fileField]['size'];
$uploadError = $_FILES[$fileField]['error'];
/* Recover from magic quotes. Note that tmp_name doesn't appear to
* get escaped, and stripslashes() on it breaks on Windows. - Will
*/
if (get_magic_quotes_gpc()) {
$originalFilename = stripslashes($originalFilename);
$contentType = stripslashes($contentType);
}
/* Did a file upload error occur? */
if ($uploadError != UPLOAD_ERR_OK) {
$this->_isError = true;
$this->_error = FileUtility::getErrorMessage($uploadError);
return false;
}
/* This usually indicates an error. */
if ($fileSize <= 0) {
$this->_isError = true;
$this->_error = 'File size is less than 1 byte.';
return false;
}
return $this->createGeneric($dataItemType, $dataItemID, $isProfileImage, $extractText, false, $originalFilename, $tempFilename, $contentType, false, true);
}
