예제 #1
0
$in_widget = !empty($in_widget);
$in_editor = !empty($in_editor);
$update = $multi_edit ? !empty($item) : isset($item) && is_object($item) && !empty($item->file_id);
$exform = $update || !empty($exform);
if (empty($item)) {
    $file = new WPFB_File();
} else {
    $file =& $item;
}
if (!empty($post_id)) {
    $file->file_post_id = $post_id;
}
$action = $update ? 'updatefile' : 'addfile';
$title = $update ? __('Edit File', WPFB) : __('Add File', WPFB);
$default_roles = WPFB_Core::$settings->default_roles;
$user_roles = $update || empty($default_roles) ? $file->GetReadPermissions() : $default_roles;
$file_members_only = !empty($user_roles);
if (empty($form_url)) {
    $form_url = $in_editor ? remove_query_arg(array('file_id', 'page', 'action')) : add_query_arg('page', 'wpfilebase_files', admin_url('admin.php'));
}
if (!empty($_GET['redirect_to'])) {
    $form_url = add_query_arg(array('redirect' => 1, 'redirect_to' => urlencode($_GET['redirect_to'])), $form_url);
}
if (empty($nonce_action)) {
    $nonce_action = WPFB . "-" . $action;
    if ($update) {
        $nonce_action .= $multi_edit ? $item_ids : $file->file_id;
    }
    if ($in_editor) {
        $nonce_action .= "-editor";
    }
예제 #2
0
파일: Admin.php 프로젝트: parsonsc/dofe
 static function InsertFile($data, $in_gui = false)
 {
     if (!is_object($data)) {
         $data = (object) $data;
     }
     $file_id = isset($data->file_id) ? (int) $data->file_id : 0;
     $file = null;
     if ($file_id > 0) {
         $file = WPFB_File::GetFile($file_id);
         if ($file == null) {
             $file_id = 0;
         }
     }
     $update = $file_id > 0 && $file != null && $file->is_file;
     if (!$update) {
         $file = new WPFB_File(array('file_id' => 0));
     }
     $file->Lock(true);
     $add_existing = !empty($data->add_existing);
     // if the file is added by a sync (not uploaded)
     if (!$add_existing) {
         self::SyncCustomFields();
     }
     // dont sync custom fields when file syncing!
     if (!empty($data->file_flash_upload)) {
         // check for flash upload and validate!
         $file_flash_upload = json_decode($data->file_flash_upload, true);
         $file_flash_upload['tmp_name'] = WPFB_Core::UploadDir() . '/' . str_replace('../', '', $file_flash_upload['tmp_name']);
         if (is_file($file_flash_upload['tmp_name'])) {
             $data->file_upload = $file_flash_upload;
         }
     }
     // are we uploading a file?
     $upload = !$add_existing && ((@is_uploaded_file($data->file_upload['tmp_name']) || !empty($data->file_flash_upload)) && !empty($data->file_upload['name']));
     $remote_upload = !$add_existing && !$upload && !empty($data->file_is_remote) && !empty($data->file_remote_uri) && (!$update || $file->file_remote_uri != $data->file_remote_uri);
     $remote_redirect = !empty($data->file_remote_redirect) && !empty($data->file_remote_uri);
     if ($remote_redirect) {
         $remote_scan = !empty($data->file_remote_scan);
     }
     // are we uploading a thumbnail?
     $upload_thumb = !$add_existing && @is_uploaded_file($data->file_upload_thumb['tmp_name']);
     if ($upload_thumb && !(WPFB_FileUtils::FileHasImageExt($data->file_upload_thumb['name']) && WPFB_FileUtils::IsValidImage($data->file_upload_thumb['tmp_name']))) {
         return array('error' => __('Thumbnail is not a valid image!.', WPFB));
     }
     if ($remote_upload) {
         unset($file_src_path);
         $remote_file_info = self::GetRemoteFileInfo($data->file_remote_uri);
         if (empty($remote_file_info)) {
             return array('error' => sprintf(__('Could not get file information from %s!', WPFB), $data->file_remote_uri));
         }
         $file_name = $remote_file_info['name'];
         if ($remote_file_info['size'] > 0) {
             $file->file_size = $remote_file_info['size'];
         }
         if ($remote_file_info['time'] > 0) {
             $file->SetModifiedTime($remote_file_info['time']);
         }
     } else {
         $file_src_path = $upload ? $data->file_upload['tmp_name'] : ($add_existing ? $data->file_path : null);
         $file_name = $upload ? str_replace('\\', '', $data->file_upload['name']) : (empty($file_src_path) && $update ? $file->file_name : basename($file_src_path));
     }
     if ($upload) {
         $data->file_rename = null;
     }
     // VALIDATION
     $current_user = wp_get_current_user();
     if (empty($data->frontend_upload) && !$add_existing && empty($current_user->ID)) {
         return array('error' => __('Could not get user id!', WPFB));
     }
     if (!$update && !$add_existing && !$upload && !$remote_upload) {
         return array('error' => __('No file was uploaded.', WPFB));
     }
     // check extension
     if ($upload || $add_existing) {
         if (!self::IsAllowedFileExt($file_name)) {
             if (isset($file_src_path)) {
                 @unlink($file_src_path);
             }
             return array('error' => sprintf(__('The file extension of the file <b>%s</b> is forbidden!', WPFB), $file_name));
         }
     }
     // check url
     if ($remote_upload && !preg_match('/^(https?|file):\\/\\//', $data->file_remote_uri)) {
         return array('error' => __('Only HTTP links are supported.', WPFB));
     }
     // do some simple file stuff
     if ($update && (!empty($data->file_delete_thumb) || $upload_thumb)) {
         $file->DeleteThumbnail();
     }
     // delete thumbnail if user wants to
     if ($update && ($upload || $remote_upload)) {
         $file->Delete(true);
     }
     // if we update, delete the old file (keep thumb!)
     // handle display name and version
     if (isset($data->file_version)) {
         $file->file_version = $data->file_version;
     }
     if (isset($data->file_display_name)) {
         $file->file_display_name = $data->file_display_name;
     }
     $result = self::ParseFileNameVersion($file_name, $file->file_version);
     if (empty($file->file_version)) {
         $file->file_version = $result['version'];
     }
     if (empty($file->file_display_name)) {
         $file->file_display_name = $result['title'];
     }
     // handle category & name
     $file_category = intval($data->file_category);
     $new_cat = null;
     if ($file_category > 0 && ($new_cat = WPFB_Category::GetCat($file_category)) == null) {
         $file_category = 0;
     }
     // this inherits permissions as well:
     $result = $file->ChangeCategoryOrName($file_category, empty($data->file_rename) ? $file_name : $data->file_rename, $add_existing, !empty($data->overwrite));
     if (is_array($result) && !empty($result['error'])) {
         return $result;
     }
     $prev_read_perms = $file->file_offline ? array('administrator') : $file->GetReadPermissions();
     // explicitly set permissions:
     if (!empty($data->file_perm_explicit) && isset($data->file_user_roles)) {
         $file->SetReadPermissions(empty($data->file_user_roles) || count(array_filter($data->file_user_roles)) == 0 ? array() : $data->file_user_roles);
     }
     // if there is an uploaded file
     if ($upload) {
         $file_dest_path = $file->GetLocalPath();
         $file_dest_dir = dirname($file_dest_path);
         if (@file_exists($file_dest_path)) {
             return array('error' => sprintf(__('File %s already exists. You have to delete it first!', WPFB), $file->GetLocalPath()));
         }
         if (!is_dir($file_dest_dir)) {
             self::Mkdir($file_dest_dir);
         }
         // try both move_uploaded_file for http, rename for flash uploads!
         if (!(move_uploaded_file($file_src_path, $file_dest_path) || rename($file_src_path, $file_dest_path)) || !@file_exists($file_dest_path)) {
             return array('error' => sprintf(__('Unable to move file %s! Is the upload directory writeable?', WPFB), $file->file_name) . ' ' . $file->GetLocalPathRel());
         }
     } elseif ($remote_upload) {
         if (!$remote_redirect || $remote_scan) {
             $tmp_file = self::GetTmpFile($file->file_name);
             $result = self::SideloadFile($data->file_remote_uri, $tmp_file, $in_gui ? $remote_file_info['size'] : -1);
             if (is_array($result) && !empty($result['error'])) {
                 return $result;
             }
             if (!rename($tmp_file, $file->GetLocalPath())) {
                 return array('error' => 'Could not rename temp file!');
             }
         }
     } elseif (!$add_existing && !$update) {
         return array('error' => __('No file was uploaded.', WPFB));
     }
     // handle date/time stuff
     if (!empty($data->file_date)) {
         $file->file_date = $data->file_date;
     } elseif ($add_existing || empty($file->file_date)) {
         $file->file_date = gmdate('Y-m-d H:i:s', file_exists($file->GetLocalPath()) ? filemtime($file->GetLocalPath()) : time());
     }
     self::fileApplyMeta($file, $data);
     // set the user id
     if (!$update && !empty($current_user)) {
         $file->file_added_by = $current_user->ID;
     }
     // save into db
     $file->Lock(false);
     $result = $file->DBSave();
     if (is_array($result) && !empty($result['error'])) {
         return $result;
     }
     $file_id = (int) $result['file_id'];
     // get file info
     if (!($update && $remote_redirect) && is_file($file->GetLocalPath()) && empty($data->no_scan)) {
         $file->file_size = isset($data->file_size) ? $data->file_size : WPFB_FileUtils::GetFileSize($file->GetLocalPath());
         $file->file_mtime = filemtime($file->GetLocalPath());
         $old_hash = $file->file_hash;
         $file->file_hash = WPFB_Admin::GetFileHash($file->GetLocalPath());
         // only analyze files if changed!
         if ($upload || !$update || $file->file_hash != $old_hash) {
             wpfb_loadclass('GetID3');
             $file_info = WPFB_GetID3::UpdateCachedFileInfo($file);
             if (!$upload_thumb && empty($data->file_thumbnail)) {
                 if (!empty($file_info['comments']['picture'][0]['data'])) {
                     $cover_img =& $file_info['comments']['picture'][0]['data'];
                 } elseif (!empty($file_info['id3v2']['APIC'][0]['data'])) {
                     $cover_img =& $file_info['id3v2']['APIC'][0]['data'];
                 } else {
                     $cover_img = null;
                 }
                 // TODO unset pic in info?
                 if (!empty($cover_img)) {
                     $cover = $file->GetLocalPath();
                     $cover = substr($cover, 0, strrpos($cover, '.')) . '.jpg';
                     file_put_contents($cover, $cover_img);
                     $file->CreateThumbnail($cover, true);
                     @unlink($cover);
                 }
             }
         }
     } else {
         if (isset($data->file_size)) {
             $file->file_size = $data->file_size;
         }
         if (isset($data->file_hash)) {
             $file->file_hash = $data->file_hash;
         }
     }
     if ($remote_redirect) {
         if (file_exists($file->GetLocalPath())) {
             @unlink($file->GetLocalPath());
         }
         // when download redircet the actual files is not needed anymore
     } else {
         // set permissions
         @chmod($file->GetLocalPath(), octdec(WPFB_PERM_FILE));
         $file->file_remote_uri = $data->file_remote_uri = '';
         // no redirection, URI is not neede anymore
     }
     // handle thumbnail
     if ($upload_thumb) {
         $file->DeleteThumbnail();
         // delete the old thumbnail (if existing)
         $thumb_dest_path = dirname($file->GetLocalPath()) . '/thumb_' . $data->file_upload_thumb['name'];
         if (@move_uploaded_file($data->file_upload_thumb['tmp_name'], $thumb_dest_path)) {
             $file->CreateThumbnail($thumb_dest_path, true);
         }
     } else {
         if ($upload || $remote_upload || $add_existing) {
             if ($add_existing && !empty($data->file_thumbnail)) {
                 $file->file_thumbnail = $data->file_thumbnail;
                 // we already got the thumbnail on disk!
             } elseif (empty($file->file_thumbnail) && !$upload_thumb && (!$remote_redirect || $remote_scan) && empty($data->no_scan)) {
                 $file->CreateThumbnail();
                 // check if the file is an image and create thumbnail
             }
         }
     }
     // save into db again
     $result = $file->DBSave();
     if (is_array($result) && !empty($result['error'])) {
         return $result;
     }
     return array('error' => false, 'file_id' => $file_id, 'file' => $file);
 }