/**
* Returns a unused filename in CATS_TEMP_DIR.
* // FIXME: Merge me with makeRandomFilename().
*
* @return string filename
*/
public static function makeRandomTemporaryFilePath()
{
/* Even though the possibility of generating a filename that
* already exists is small, we need to handle it just in case.
*/
do {
$filePath = CATS_TEMP_DIR . '/' . FileUtility::makeRandomFilename();
} while (file_exists($filePath));
return $filePath;
}
private function onImport()
{
if ($this->_accessLevel < ACCESS_LEVEL_EDIT) {
CommonErrors::fatal(COMMONERROR_PERMISSION, $this, 'Invalid user level for action.');
}
set_time_limit(500);
$this->setImportTypes();
$dataType = $this->getTrimmedInput('dataType', $_POST);
$importInto = $this->getTrimmedInput('importInto', $_POST);
if (empty($dataType)) {
$this->_template->assign('errorMessage', 'No data type was specified.');
$this->importSelectType();
return;
}
if (empty($importInto) && $dataType != 'Resume') {
$this->_template->assign('errorMessage', 'No destination was specified.');
$this->importSelectType();
return;
}
/* If a file was submitted, then the user sent what colums he wanted to use already. */
if (isset($_POST['fileName'])) {
if ($_SESSION['CATS']->isDemo()) {
CommonErrors::fatal(COMMONERROR_PERMISSION, $this, 'Demo user can not import data.');
}
if (!eval(Hooks::get('IMPORT_ON_IMPORT_1'))) {
return;
}
switch ($dataType) {
case 'Text File':
$this->onImportFieldsDelimited();
return;
default:
$this->_template->assign('errorMessage', 'No 2nd parser has been included for the specified data type.');
$this->import();
return;
}
}
/* Otherwise, parse the file... */
if (!eval(Hooks::get('IMPORT_ON_IMPORT_2'))) {
return;
}
if (!isset($_FILES['file']) || empty($_FILES['file']['name'])) {
$errorMessage = sprintf('No file was uploaded.');
$this->_template->assign('errorMessage', $errorMessage);
$this->importSelectType();
return;
}
/* Get file metadata. */
$originalFilename = $_FILES['file']['name'];
$tempFilename = $_FILES['file']['tmp_name'];
$contentType = $_FILES['file']['type'];
$fileSize = $_FILES['file']['size'];
$fileUploadError = $_FILES['file']['error'];
/* Recover from magic quotes. Note that tmp_name doesn't appear to
* get escaped, and stripslashes() on it breaks on Windows. - Will
*/
if (get_magic_quotes_gpc()) {
$originalFilename = stripslashes($originalFilename);
$contentType = stripslashes($contentType);
}
if ($fileUploadError != UPLOAD_ERR_OK) {
$this->_template->assign('errorMessage', FileUtility::getErrorMessage($fileUploadError));
$this->importSelectType();
return;
}
if ($fileSize <= 0) {
$this->_template->assign('errorMessage', 'File size is less than 1 byte.');
$this->importSelectType();
return;
}
/* Make sure the attachments directory exists and create it if not. */
if (!is_dir(CATS_TEMP_DIR)) {
$errorMessage = sprintf('Directory \'%s\' does not exist. CATS is not configured correctly.', CATS_TEMP_DIR);
$this->_template->assign('errorMessage', $errorMessage);
$this->importSelectType();
return;
}
/* Make a blind attempt to recover from invalid permissions. */
@chmod(CATS_TEMP_DIR, 0777);
/* Make a random file name for the file. */
if ($dataType != 'Resume') {
$randomFile = FileUtility::makeRandomFilename($tempFilename) . '.tmp';
} else {
$randomFile = $originalFilename;
}
/* Build new path information for the file. */
$newFileFullPath = CATS_TEMP_DIR . '/' . $randomFile;
if (!@copy($tempFilename, $newFileFullPath)) {
$errorMessage = sprintf('Cannot copy temporary file from %s to %s.', $tempFilename, $newFileFullPath);
$this->_template->assign('errorMessage', $errorMessage);
$this->importSelectType();
return;
}
/* Try to remove the temp file; if it fails it doesn't matter. */
@unlink($tempFilename);
/* Store the file ID as a valid file ID (so users can't inject other file ids to read
files they shouldn't be reading. */
$_SESSION['CATS']->validImportFileIDs[] = $randomFile;
if (!eval(Hooks::get('IMPORT_ON_IMPORT_3'))) {
return;
}
switch ($dataType) {
case 'Text File':
$this->onImportDelimited($randomFile);
break;
default:
$this->_template->assign('errorMessage', 'No parser exists for the specified data type.');
$this->importSelectType();
break;
}
}
/**
* Executes a shell command in a platform-independent way and returns the
* results in an array containing the exact system command executed, the
* raw output of that command, and the command's return code.
*
* @param string command to execute
* @return array command results
*/
private function _executeCommand($command)
{
/* Running on Windows? */
if (SystemUtility::isWindows()) {
/* Generate a random temp file name. */
$tempFile = sprintf('%s/%s.txt', realpath(CATS_TEMP_DIR), FileUtility::makeRandomFilename());
/* Create a new COM Windows Scripting Host Shell object. */
$WSHShell = new COM('WScript.Shell');
/* Build the command to execute. */
$command = sprintf('cmd.exe /C "%s > "%s""', $command, $tempFile);
/* Execute the command via the Windows Scripting Host Shell. */
$returnCode = $WSHShell->Run($command, 0, true);
/* Grab the contents of the temporary file and remove it. */
$output = file($tempFile);
@unlink($tempFile);
} else {
@exec($command, $output, $returnCode);
}
return array('command' => $command, 'output' => $output, 'returnCode' => $returnCode);
}
