/**
* Handles an uploaded file, stores it to the correct folder, adds an entry
* to the database and returns a TBGFile object
*
* @param string $thefile The request parameter the file was sent as
*
* @return TBGFile The TBGFile object
*/
public function handleUpload($key)
{
$apc_exists = self::CanGetUploadStatus();
if ($apc_exists && !array_key_exists($this->getParameter('APC_UPLOAD_PROGRESS'), $_SESSION['__upload_status'])) {
$_SESSION['__upload_status'][$this->getParameter('APC_UPLOAD_PROGRESS')] = array('id' => $this->getParameter('APC_UPLOAD_PROGRESS'), 'finished' => false, 'percent' => 0, 'total' => 0, 'complete' => 0);
}
try {
if ($this->getUploadedFile($key) !== null) {
$thefile = $this->getUploadedFile($key);
if (TBGSettings::isUploadsEnabled()) {
TBGLogging::log('Uploads enabled');
if ($thefile['error'] == UPLOAD_ERR_OK) {
TBGLogging::log('No upload errors');
if (filesize($thefile['tmp_name']) > TBGSettings::getUploadsMaxSize(true) && TBGSettings::getUploadsMaxSize() > 0) {
throw new Exception(TBGContext::getI18n()->__('You cannot upload files bigger than %max_size% MB', array('%max_size%' => TBGSettings::getUploadsMaxSize())));
}
TBGLogging::log('Upload filesize ok');
$extension = substr(basename($thefile['name']), strpos(basename($thefile['name']), '.'));
if ($extension == '') {
TBGLogging::log('OOps, could not determine upload filetype', 'main', TBGLogging::LEVEL_WARNING_RISK);
//throw new Exception(TBGContext::getI18n()->__('Could not determine filetype'));
} else {
TBGLogging::log('Checking uploaded file extension');
$extension = substr($extension, 1);
$upload_extensions = TBGSettings::getUploadsExtensionsList();
if (TBGSettings::getUploadsRestrictionMode() == 'blacklist') {
TBGLogging::log('... using blacklist');
foreach ($upload_extensions as $an_ext) {
if (strtolower(trim($extension)) == strtolower(trim($an_ext))) {
TBGLogging::log('Upload extension not ok');
throw new Exception(TBGContext::getI18n()->__('This filetype is not allowed'));
}
}
TBGLogging::log('Upload extension ok');
} else {
TBGLogging::log('... using whitelist');
$is_ok = false;
foreach ($upload_extensions as $an_ext) {
if (strtolower(trim($extension)) == strtolower(trim($an_ext))) {
TBGLogging::log('Upload extension ok');
$is_ok = true;
break;
}
}
if (!$is_ok) {
TBGLogging::log('Upload extension not ok');
throw new Exception(TBGContext::getI18n()->__('This filetype is not allowed'));
}
}
/*if (in_array(strtolower(trim($extension)), array('php', 'asp')))
{
TBGLogging::log('Upload extension is php or asp');
throw new Exception(TBGContext::getI18n()->__('This filetype is not allowed'));
}*/
}
if (is_uploaded_file($thefile['tmp_name'])) {
TBGLogging::log('Uploaded file is uploaded');
$files_dir = TBGSettings::getUploadsLocalpath();
$new_filename = TBGContext::getUser()->getID() . '_' . NOW . '_' . basename($thefile['name']);
TBGLogging::log('Moving uploaded file to ' . $new_filename);
if (!move_uploaded_file($thefile['tmp_name'], $files_dir . $new_filename)) {
TBGLogging::log('Moving uploaded file failed!');
throw new Exception(TBGContext::getI18n()->__('An error occured when saving the file'));
} else {
TBGLogging::log('Upload complete and ok, storing upload status and returning filename ' . $new_filename);
$content_type = TBGFile::getMimeType($files_dir . $new_filename);
$file = new TBGFile();
$file->setRealFilename($new_filename);
$file->setOriginalFilename(basename($thefile['name']));
$file->setContentType($content_type);
$file->setDescription($this->getParameter($key . '_description'));
if (TBGSettings::getUploadStorage() == 'database') {
$file->setContent(file_get_contents($files_dir . $new_filename));
}
$file->save();
//$file = TBGFile::createNew($new_filename, basename($thefile['name']), $content_type, $this->getParameter($key.'_description'), ((TBGSettings::getUploadStorage() == 'database') ? file_get_contents($files_dir.$new_filename) : null));
if ($apc_exists) {
$_SESSION['__upload_status'][$this->getParameter('APC_UPLOAD_PROGRESS')] = array('id' => $this->getParameter('APC_UPLOAD_PROGRESS'), 'finished' => true, 'percent' => 100, 'total' => 0, 'complete' => 0, 'file_id' => $file->getID());
}
return $file;
}
} else {
TBGLogging::log('Uploaded file was not uploaded correctly');
throw new Exception(TBGContext::getI18n()->__('The file was not uploaded correctly'));
}
} else {
TBGLogging::log('Upload error: ' . $thefile['error']);
switch ($thefile['error']) {
case UPLOAD_ERR_INI_SIZE:
case UPLOAD_ERR_FORM_SIZE:
throw new Exception(TBGContext::getI18n()->__('You cannot upload files bigger than %max_size% MB', array('%max_size%' => TBGSettings::getUploadsMaxSize())));
break;
case UPLOAD_ERR_PARTIAL:
throw new Exception(TBGContext::getI18n()->__('The upload was interrupted, please try again'));
break;
case UPLOAD_ERR_NO_FILE:
throw new Exception(TBGContext::getI18n()->__('No file was uploaded'));
break;
default:
throw new Exception(TBGContext::getI18n()->__('An unhandled error occured') . ': ' . $thefile['error']);
break;
}
}
} else {
TBGLogging::log('Uploads not enabled');
throw new Exception(TBGContext::getI18n()->__('Uploads are not enabled'));
}
TBGLogging::log('Uploaded file could not be uploaded');
throw new Exception(TBGContext::getI18n()->__('The file could not be uploaded'));
}
TBGLogging::log('Could not find uploaded file' . $key);
throw new Exception(TBGContext::getI18n()->__('Could not find the uploaded file. Please make sure that it is not too big.'));
} catch (Exception $e) {
TBGLogging::log('Upload exception: ' . $e->getMessage());
if ($apc_exists) {
$_SESSION['__upload_status'][$this->getParameter('APC_UPLOAD_PROGRESS')]['error'] = $e->getMessage();
$_SESSION['__upload_status'][$this->getParameter('APC_UPLOAD_PROGRESS')]['finished'] = true;
$_SESSION['__upload_status'][$this->getParameter('APC_UPLOAD_PROGRESS')]['percent'] = 100;
}
throw $e;
}
}
</td>
</tr>
<tr>
<td class="config_explanation" colspan="2"><?php
echo __('When uploads are disabled, users will not be able to attach files to issues or upload documents, images or PDFs in project planning. More fine-grained permissions are available from the permissions configuration.');
?>
</td>
</tr>
<tr>
<td><label for="upload_max_file_size"><?php
echo __('Max upload file size');
?>
</label></td>
<td>
<input type="text" name="upload_max_file_size" id="upload_max_file_size" style="width: 50px;" value="<?php
echo TBGSettings::getUploadsMaxSize();
?>
"<?php
if (!TBGSettings::isUploadsEnabled()) {
?>
disabled<?php
}
?>
> <?php
echo __('MB');
?>
</td>
</tr>
<tr>
<td class="config_explanation" colspan="2">
<?php
?>
">
<input type="hidden" name ="MAX_FILE_SIZE" value="<?php
echo TBGSettings::getUploadsMaxSize(true);
?>
">
<input type="hidden" name="APC_UPLOAD_PROGRESS" value="" />
<div>
<dl>
<dt style="width: 120px;"><label for="uploader_file"><?php
echo __('Select a file');
?>
</label></dt>
<dd style="margin-bottom: 3px;"><input type="file" name="uploader_file" id="uploader_file"></dd>
<dd style="width: 100%;"><?php
echo __('Files bigger than %max_filesize% can not be attached. Please check that the file you are attaching is not bigger than this.', array('%max_filesize%' => '<b>' . TBGSettings::getUploadsMaxSize() . 'MB</b>'));
?>
</dd>
<dt style="width: 120px;"><label for="upload_file_description"><?php
echo __('Describe the file');
?>
</label></dt>
<dd style="margin-bottom: 3px;"><input type="text" name="uploader_file_description" id="upload_file_description" style="width: 340px;"></dd>
<dd class="faded_out" style="width: 100%;"><?php
echo __('Enter a few words about the file, so people can understand what it is/does');
?>
</dd>
<?php
if ($mode == 'issue') {
?>
<dt style="width: 120px;"><label for="upload_file_comment"><?php