static function InsertFile($data, $in_gui = false)
{
if (!is_object($data)) {
$data = (object) $data;
}
$file_id = isset($data->file_id) ? (int) $data->file_id : 0;
$file = null;
if ($file_id > 0) {
$file = WPFB_File::GetFile($file_id);
if ($file == null) {
$file_id = 0;
}
}
$update = $file_id > 0 && $file != null && $file->is_file;
if (!$update) {
$file = new WPFB_File(array('file_id' => 0));
}
$file->Lock(true);
$add_existing = !empty($data->add_existing);
// if the file is added by a sync (not uploaded)
if (!$add_existing) {
self::SyncCustomFields();
}
// dont sync custom fields when file syncing!
if (!empty($data->file_flash_upload)) {
// check for flash upload and validate!
$file_flash_upload = json_decode($data->file_flash_upload, true);
$file_flash_upload['tmp_name'] = WPFB_Core::UploadDir() . '/' . str_replace('../', '', $file_flash_upload['tmp_name']);
if (is_file($file_flash_upload['tmp_name'])) {
$data->file_upload = $file_flash_upload;
}
}
// are we uploading a file?
$upload = !$add_existing && ((@is_uploaded_file($data->file_upload['tmp_name']) || !empty($data->file_flash_upload)) && !empty($data->file_upload['name']));
$remote_upload = !$add_existing && !$upload && !empty($data->file_remote_uri) && (!$update || $file->file_remote_uri != $data->file_remote_uri);
$remote_redirect = !empty($data->file_remote_redirect) && !empty($data->file_remote_uri);
if ($remote_redirect) {
$remote_scan = !empty($data->file_remote_scan);
}
// if we change the actual file on disk
$change = $upload || $remote_upload;
if ($update && ($change || !empty($data->file_rename) && $data->file_rename != $file->file_name) && $file->IsScanLocked()) {
return array('error' => sprintf(__('%s is currently locked. Please try again in %s.', 'wp-filebase'), $file, human_time_diff(time(), $file->file_scan_lock)));
}
// are we uploading a thumbnail?
$upload_thumb = !$add_existing && @is_uploaded_file($data->file_upload_thumb['tmp_name']);
if ($upload_thumb && !(WPFB_FileUtils::FileHasImageExt($data->file_upload_thumb['name']) && WPFB_FileUtils::IsValidImage($data->file_upload_thumb['tmp_name']))) {
return array('error' => __('Thumbnail is not a valid image!.', 'wp-filebase'));
}
if ($remote_upload) {
unset($file_src_path);
$remote_file_info = self::GetRemoteFileInfo($data->file_remote_uri);
if (is_wp_error($remote_file_info)) {
return array('error' => sprintf(__('Could not get file information from %s!', 'wp-filebase'), $data->file_remote_uri) . ' (' . $remote_file_info->get_error_message() . ')');
}
$file_name = $remote_file_info['name'];
if ($remote_file_info['size'] > 0) {
$file->file_size = $remote_file_info['size'];
}
if ($remote_file_info['time'] > 0) {
$file->SetModifiedTime($remote_file_info['time']);
}
} else {
$file_src_path = $upload ? $data->file_upload['tmp_name'] : ($add_existing ? $data->file_path : null);
$file_name = $upload ? str_replace('\\', '', $data->file_upload['name']) : (empty($file_src_path) && $update ? $file->file_name : substr(strrchr(str_replace('\\', '/', $file_src_path), '/'), 1));
// no basename here!
}
if ($upload) {
$data->file_rename = null;
}
// VALIDATION
$current_user = wp_get_current_user();
if (empty($data->frontend_upload) && !$add_existing && empty($current_user->ID)) {
return array('error' => __('Could not get user id!', 'wp-filebase'));
}
if (!$update && !$add_existing && !$upload && !$remote_upload) {
return array('error' => __('No file was uploaded.', 'wp-filebase'));
}
// check extension
if ($upload || $add_existing) {
if (!self::IsAllowedFileExt($file_name)) {
if (isset($file_src_path)) {
@unlink($file_src_path);
}
return array('error' => sprintf(__('The file extension of the file <b>%s</b> is forbidden!', 'wp-filebase'), $file_name));
}
}
// check url
if ($remote_upload && !preg_match('/^(https?|file):\\/\\//', $data->file_remote_uri)) {
return array('error' => __('Only HTTP links are supported.', 'wp-filebase'));
}
// do some simple file stuff
if ($update && (!empty($data->file_delete_thumb) || $upload_thumb)) {
$file->DeleteThumbnail();
}
// delete thumbnail if user wants to
if ($update && ($upload || $remote_upload)) {
$file->Delete(true);
}
// if we update, delete the old file (keep thumb!)
// handle display name and version
if (isset($data->file_version)) {
$file->file_version = $data->file_version;
}
if (isset($data->file_display_name)) {
$file->file_display_name = $data->file_display_name;
}
$result = self::ParseFileNameVersion($file_name, $file->file_version);
if (empty($file->file_version)) {
$file->file_version = $result['version'];
}
if (empty($file->file_display_name)) {
$file->file_display_name = $result['title'];
}
// handle category & name
$file_category = isset($data->file_category) ? is_object($data->file_category) ? $data->file_category->GetId() : 0 + $data->file_category : 0;
$new_cat = null;
if ($file_category > 0 && ($new_cat = WPFB_Category::GetCat($file_category)) == null) {
$file_category = 0;
}
// this inherits permissions as well:
$result = $file->ChangeCategoryOrName($file_category, empty($data->file_rename) ? $file_name : $data->file_rename, $add_existing, !empty($data->overwrite));
if (is_array($result) && !empty($result['error'])) {
return $result;
}
$prev_read_perms = $file->file_offline ? array('administrator') : $file->GetReadPermissions();
// explicitly set permissions:
if (!empty($data->file_perm_explicit) && isset($data->file_user_roles)) {
$file->SetReadPermissions(empty($data->file_user_roles) || count(array_filter($data->file_user_roles)) == 0 ? array() : $data->file_user_roles);
}
// if there is an uploaded file
if ($upload) {
$file_dest_path = $file->GetLocalPath();
$file_dest_dir = dirname($file_dest_path);
if (@file_exists($file_dest_path)) {
return array('error' => sprintf(__('File %s already exists. You have to delete it first!', 'wp-filebase'), $file->GetLocalPath()));
}
if (!is_dir($file_dest_dir)) {
self::Mkdir($file_dest_dir);
}
// try both move_uploaded_file for http, rename for flash uploads!
if (!(move_uploaded_file($file_src_path, $file_dest_path) || rename($file_src_path, $file_dest_path)) || !@file_exists($file_dest_path)) {
return array('error' => sprintf(__('Unable to move file %s! Is the upload directory writeable?', 'wp-filebase'), $file->file_name) . ' ' . $file->GetLocalPathRel());
}
} elseif ($remote_upload) {
if (!$remote_redirect || $remote_scan) {
$tmp_file = self::GetTmpFile($file->file_name);
$result = self::SideloadFile($data->file_remote_uri, $tmp_file, $in_gui ? $remote_file_info['size'] : -1);
if (is_array($result) && !empty($result['error'])) {
return $result;
}
if (!rename($tmp_file, $file->GetLocalPath())) {
return array('error' => "Could not rename temp file {$tmp_file} -> {$file->GetLocalPath()} !");
}
if (!$remote_redirect) {
$data->file_remote_uri = '';
}
}
} elseif (!$add_existing && !$update) {
return array('error' => __('No file was uploaded.', 'wp-filebase'));
}
// handle date/time stuff
if (!empty($data->file_date)) {
$file->file_date = $data->file_date;
} elseif ($add_existing || empty($file->file_date)) {
$file->file_date = file_exists($file->GetLocalPath()) ? gmdate('Y-m-d H:i:s', min(filemtime($file->GetLocalPath()), time()) + get_option('gmt_offset') * HOUR_IN_SECONDS) : current_time('mysql');
}
if (!$update) {
// since 4.4, wpdb will acutally set NULL values, so make sure everything is an empty string
$file->file_hash = '';
$file->file_remote_uri = '';
$file->file_tags = '';
$file->file_license = '';
$file->file_password = '';
$file->file_last_dl_ip = '';
$file->file_added_by = empty($current_user) ? 0 : $current_user->ID;
}
self::fileApplyMeta($file, $data);
// save into db
$file->Lock(false);
$result = $file->DBSave();
if (is_array($result) && !empty($result['error'])) {
return $result;
}
$file_id = (int) $result['file_id'];
if (!$update) {
// on new file, remove any existing data
global $wpdb;
$wpdb->query("DELETE FROM {$wpdb->wpfilebase_files_id3} WHERE file_id = {$file_id}");
}
if (!empty($data->no_scan) && !empty($data->add_rsync)) {
$file->file_rescan_pending = 1;
}
// get file info
if ((!$update || !$remote_redirect) && is_file($file->GetLocalPath())) {
$old_size = $file->file_size;
$old_mtime = $file->file_mtime;
$old_hash = $file->file_hash;
$file->file_size = isset($data->file_size) ? $data->file_size : WPFB_FileUtils::GetFileSize($file->GetLocalPath());
$file->file_mtime = filemtime($file->GetLocalPath());
$size_or_mtime_changed = $old_size != $file->file_size || $old_mtime != $file->file_mtime;
$file->file_hash = empty($data->no_scan) ? WPFB_Admin::GetFileHash($file->GetLocalPath()) : ($size_or_mtime_changed ? '' : $old_hash);
// TODO: revise conditions / make more readable
if (!empty($data->no_scan) && ($upload || $add_existing || $size_or_mtime_changed)) {
$file->file_rescan_pending = 1;
} elseif (empty($data->no_scan) && ($upload || !$update || $file->file_hash != $old_hash)) {
wpfb_loadclass('Sync');
WPFB_Sync::ScanFile($file, false, !$remote_redirect);
// dont do async scan if temporary file
}
} else {
if (isset($data->file_size)) {
$file->file_size = $data->file_size;
}
if (isset($data->file_hash)) {
$file->file_hash = $data->file_hash;
}
}
if ($remote_redirect) {
if (file_exists($file->GetLocalPath())) {
@unlink($file->GetLocalPath());
}
// when download redircet the actual files is not needed anymore
} else {
// set permissions
is_file($file->GetLocalPath()) && @chmod($file->GetLocalPath(), octdec(WPFB_PERM_FILE));
$file->file_remote_uri = $data->file_remote_uri = '';
// no redirection, URI is not neede anymore
}
// handle thumbnail
if ($upload_thumb) {
$file->DeleteThumbnail();
// delete the old thumbnail (if existing)
$thumb_dest_path = dirname($file->GetLocalPath()) . '/thumb_' . $data->file_upload_thumb['name'];
if (@move_uploaded_file($data->file_upload_thumb['tmp_name'], $thumb_dest_path)) {
$file->CreateThumbnail($thumb_dest_path, true);
}
} else {
if ($upload || $remote_upload || $add_existing) {
if ($add_existing && !empty($data->file_thumbnail)) {
$file->file_thumbnail = $data->file_thumbnail;
// we already got the thumbnail on disk!
} elseif (empty($file->file_thumbnail) && !$upload_thumb && (!$remote_redirect || $remote_scan) && empty($data->no_scan)) {
// WPFB_Sync::ScanFile should've done this, this may never be reached
$file->CreateThumbnail();
// check if the file is an image and create thumbnail
}
}
}
// save into db again
$result = $file->DBSave();
if (is_array($result) && !empty($result['error'])) {
return $result;
}
return array('error' => false, 'file_id' => $file_id, 'file' => $file);
}
<input type="hidden" name="action" id="file_form_action" value="<?php
echo $action;
?>
" />
<input type="hidden" name="file_id" id="file_id" value="<?php
echo $update ? $multi_edit ? $item_ids : $file->file_id : "";
?>
" />
<?php
wp_nonce_field($nonce_action, 'wpfb-file-nonce');
?>
<div class="wpfb-upload-box">
<?php
if ($update && ($file->IsScanLocked() || $file->GetRemoteSyncMeta())) {
?>
<div class="overlay-locked"><?php
echo WPFB_Admin::Icon('lock', 70);
?>
<span><?php
$file->IsScanLocked() && printf(__('This file is locked for %s or until the scan process completes.', 'wp-filebase'), human_time_diff(time(), $file->file_scan_lock));
echo ' ' . __('You can edit meta data only.', 'wp-filebase');
?>
</span>
</div>
<?php
}
?>
<div id="wpfilebase-upload-menu" class="admin-scheme-bgcolor-0">
<input type="hidden" name="action" id="file_form_action" value="<?php
echo $action;
?>
" />
<input type="hidden" name="file_id" id="file_id" value="<?php
echo $update ? $multi_edit ? $item_ids : $file->file_id : "";
?>
" />
<?php
wp_nonce_field($nonce_action, 'wpfb-file-nonce');
?>
<div class="wpfb-upload-box">
<?php
if ($update && $file->IsScanLocked()) {
?>
<div class="overlay-locked"><?php
echo WPFB_Admin::Icon('lock', 80);
?>
<span><?php
printf(__('This file is locked for %s or until the scan process completes.', 'wp-filebase'), human_time_diff(time(), $file->file_scan_lock));
echo ' ' . __('You can edit meta data only.', 'wp-filebase');
?>
</span>
</div>
<?php
}
?>
<div id="wpfilebase-upload-menu" class="admin-scheme-bgcolor-0">
<a href="#" <?php
