public function transform(CGImageBase $src) { $_dest = new CGImageBase($src); $watermarker = \cge_setup::get_watermarker(); if ($this->_wmtext) { // clean up the text $text = strip_tags($this->_wmtext); $text = substr($text, 0, 50); $text = trim($text); if (is_null(\cge_utils::to_bool($text, TRUE))) { $watermarker->set_watermark_text($text); } } $_dest['rsrc'] = $watermarker->get_watermarked_image($_dest['rsrc']); return $_dest; }
function _uploads_AttemptUpload(&$mod, $id, &$params, $returnid) { $fieldname = $id . 'input_browse'; if (isset($params['field_name'])) { $fieldname = $params['field_name']; } // check for the filetypes param if (isset($params['file_extensions'])) { $mod->upload_extensions = $params['file_extensions']; } // check the author if (!isset($params['input_author'])) { return array(FALSE, $mod->Lang('error_invalidauthor')); } // see if there's a key $key = null; if (isset($params['input_key'])) { $key = $params['input_key']; } // validate the upload name if (!isset($_FILES[$fieldname])) { return array(FALSE, $mod->Lang('error_nofilesuploaded')); } // handle filename prefix $filePrefix = ''; if (isset($params['prefix']) && $params['prefix'] == 1) { $filePrefix = dechex(time()) . "_"; if (isset($params['prefix_feu']) && $params['prefix_feu'] == 1) { $filePrefix = $params['input_author'] . "_"; } } // handle destination name $destname = ''; if (isset($params['input_destname']) && $params['input_destname'] != '') { $destname = trim(basename($params['input_destname'])); } // handle replace existing $replace_existing = false; if (isset($params['input_replace']) && $params['input_replace'] == 1) { $replace_existing = true; } // check the summary if (!isset($params['input_summary']) || $params['input_summary'] == '') { // we'll cheat, if the summary is left as empty // we'll use the upload name $p = strpos($destname, '.'); if ($p) { $params['input_summary'] = substr($destname, 0, $p); } else { $params['input_summary'] = $destname; } //return array( FALSE, $mod->Lang('error_invalidsummary') ); } // check the category $db = $mod->GetDb(); $dbresult = ""; $row = array(); $category_id = 0; if (isset($params['category_id'])) { $category_id = $params['category_id']; $query = "SELECT upload_category_id, upload_category_name, upload_category_path FROM " . cms_db_prefix() . "module_uploads_categories WHERE upload_category_id = ?"; $dbresult = $db->Execute($query, array($category_id)); } else { if (isset($params['category'])) { // get the category info given it's name $query = "SELECT upload_category_id, upload_category_name, upload_category_path FROM " . cms_db_prefix() . "module_uploads_categories WHERE upload_category_name = ?"; $dbresult = $db->Execute($query, array($params['category'])); } } if (!$dbresult) { return array(FALSE, $mod->Lang('error_invalidcategory')); } $row = $dbresult->FetchRow(); if (!$row) { return array(FALSE, $mod->Lang('error_invalidcategory')); } $category_id = $row['upload_category_id']; $category_name = $row['upload_category_name']; // now do the upload, hopefully // first the file itself. $dir = $mod->_categoryPath($row['upload_category_path']); $result = $mod->_handleUpload($dir, $fieldname, false, $destname, true, $replace_existing, $filePrefix); if (!$result[0]) { return array(FALSE, $result[1]); } $destname = $result[1]['name']; // see about watermarking if ($mod->GetPreference('autowatermark', 0)) { $srcname = cms_join_path($dir, $destname); $wmname = cms_join_path($dir, 'wm_' . $destname); $wmobj = cge_setup::get_watermarker(); $res = $wmobj->create_watermarked_image($srcname, $wmname); if (FALSE !== $res) { @unlink($srcname); @rename($wmname, $srcname); } } // check for an existing database entry $query = "SELECT upload_id FROM " . cms_db_prefix() . "module_uploads WHERE upload_name = ? AND\n\t\t\tupload_category_id = ?"; $tmp_id = $db->GetOne($query, array($destname, $category_id)); $fileid = ''; if ($replace_existing === false && $tmp_id) { return array(FALSE, $mod->Lang('error_fileexists')); } else { if ($tmp_id) { // we're allowing overwrite $fileid = $tmp_id; $replace_existing = true; // delete field definitions. $query = 'DELETE FROM ' . cms_db_prefix() . 'module_uploads_fieldvals WHERE upload_id = ?'; $db->Execute($query, array($tmp_id)); } } // create a new upload id here. if ($fileid == '') { $newid = $db->GenID(cms_db_prefix() . "module_uploads_seq"); } // and then maybe the thumbnail $thumb_name = ''; if (isset($_FILES[$id . 'input_thumbnail']['name']) && $_FILES[$id . 'input_thumbnail']['name'] != '' && $_FILES[$id . 'input_thumbnail']['size'] > 0) { // build the thumbnail name $thumb_extension = strtolower(strrchr($_FILES[$id . 'input_thumbnail']['name'], '.')); $fileextension = strtolower(strrchr($destname, '.')); $filenamewoext = substr($destname, 0, strlen($destname) - strlen($fileextension)); $thumb_name = 'thumb_' . $filenamewoext . $thumb_extension; $fid = $fileid; if ($fid == '') { $fid = $newid; } $result2 = $mod->_handleUpload($dir, $id . 'input_thumbnail', false, $thumb_name, false, $replace_existing, $filePrefix); if (!$result2[0]) { // uh-oh, the second upload failed.... now we've gotta // delete the first file to avoid any corruption // todo unlink($result[1]['dir'] . DIRECTORY_SEPARATOR . $result[1]['name']); return array(FALSE, $result2[1]); } } else { // see if we can auto-create a thumbnail if ($mod->GetPreference('autothumbnail_extensions') != '' && $mod->GetPreference('autothumbnail_size') != '') { $fid = $fileid; if ($fid == '') { $fid = $newid; } $fileextension = strtolower(strrchr($destname, '.')); $thumb_ext_arr = explode(",", $mod->GetPreference('autothumbnail_extensions')); foreach ($thumb_ext_arr as $thumb_ext) { if ("." . $thumb_ext == $fileextension) { // woohoo, we can create a thumbnail $dest = $dir . DIRECTORY_SEPARATOR . 'thumb_' . $destname; $src = $dir . DIRECTORY_SEPARATOR . $destname; $thumb_name = 'thumb_' . $destname; $mod->imageTransform($src, $dest, $mod->GetPreference('autothumbnail_size')); break; } } } } // apparently the upload succeeded, now we have to log it $desc = ""; if (isset($params['input_description'])) { $desc = $params['input_description']; } $audit_msg = ''; if ($fileid == '') { $query = "INSERT INTO " . cms_db_prefix() . "module_uploads \n (upload_id,upload_category_id,upload_name,upload_author,\n upload_summary,upload_description,upload_ip,upload_size,\n upload_date, upload_key, upload_thumbnail)\n VALUES (?,?,?,?,?,?,?,?,?,?,?)"; $dbresult = $db->Execute($query, array($newid, $row['upload_category_id'], $destname, $params['input_author'], $params['input_summary'], $desc, getenv("REMOTE_ADDR"), $result[1]['size'], trim($db->DBTimeStamp(time()), "'"), $key, $thumb_name)); $audit_msg = $mod->lang('uploaded', array($destname, $params['input_author'])); } else { $query = "UPDATE " . cms_db_prefix() . "module_uploads\n SET upload_name = ?, upload_author = ?,\n upload_summary = ?, upload_description = ?,\n upload_ip = ?, upload_size = ?, upload_date = ?,\n upload_key = ?, upload_thumbnail = ?\n WHERE upload_id = ?"; $dbresult = $db->Execute($query, array($destname, $params['input_author'], $params['input_summary'], $desc, getenv("REMOTE_ADDR"), $result[1]['size'], trim($db->DBTimeStamp(time()), "'"), $key, $thumb_name, $fileid)); $newid = $fileid; $audit_msg = $mod->lang('replaced', $destname, $params['input_author']); } if (!$dbresult) { return array(FALSE, $mod->Lang('error_dberror')); } // do custom fields. $iquery = 'INSERT INTO ' . cms_db_prefix() . 'module_uploads_fieldvals (upload_id, fld_id, value) VALUES (?,?,?)'; foreach ($params as $key => $value) { if (!startswith($key, 'field_')) { continue; } $field_id = (int) substr($key, 6); if (is_array($value)) { $value = implode(',', $value); } $db->Execute($iquery, array($newid, $field_id, $value)); } $mod->Audit(0, $mod->lang('friendlyname'), $audit_msg); // that should do the trick // now maybe we'll send an email $to_address = $mod->GetPreference('send_upload_notifications_to'); if ($to_address && $to_address != '') { // fill out the template, and send an email $cmsmailer = $mod->GetModuleInstance('CMSMailer'); if (!$cmsmailer) { // we're not gonna return an error, but put // a message into the admin log $mod->Audit(0, $mod->Lang('friendlyname'), $mod->Lang('error_nomailermodule')); } else { $mod->smarty->assign('name', $destname); $mod->smarty->assign('size', $result[1]['size']); $mod->smarty->assign('summary', $params['input_summary']); $mod->smarty->assign('description', $desc); $mod->smarty->assign('author', $params['input_author']); $mod->smarty->assign('ip_address', getenv("REMOTE_ADDR")); $body = $mod->ProcessTemplateFromDatabase('upload_emailtemplate'); $tmp = explode(',', $to_address); foreach ($tmp as $one) { $cmsmailer->AddAddress($one); } $cmsmailer->SetBody($body); $cmsmailer->IsHTML(true); $cmsmailer->SetSubject($mod->Lang('upload_notification')); $cmsmailer->Send(); } } // update search words $search =& $mod->GetModuleInstance('Search'); if ($search != FALSE) { $str = $destname . ' ' . $params['input_author'] . ' ' . $params['input_summary'] . ' ' . $desc; $search->AddWords($mod->GetName(), $newid, 'upload', $str); } // send an event $parms = array(); $parms['categorypath'] = $dir; $parms['category'] = $category_name; $parms['name'] = $destname; $parms['size'] = $result[1]['size']; $parms['summary'] = $params['input_summary']; $parms['description'] = $desc; $parms['author'] = $params['input_author']; $parms['ip_address'] = getenv("REMOTE_ADDR"); $mod->SendEvent("OnUpload", $parms); if ($fileid == '') { return array(TRUE, $newid, $destname); } return array(TRUE, $fileid, $destname); }
/** * Get the watermark object that will be used to watermark images. * * @internal * @return cg_watermark */ public function &get_watermark_obj() { if (!is_object($this->_watermarker)) { $this->_watermarker = cge_setup::get_watermarker(); } return $this->_watermarker; }
public function handle_file() { $uploads = cms_utils::get_module('Uploads'); // validate the data. if (!isset($this->_data['src'])) { throw UploadsException('Invalid attributes... no source file set'); } if (!$this->_category) { throw UploadsException('Invalid/Null upload category speciried'); } if (!isset($this->_data['summary'])) { $sumamry = basename($this->_data['src']); $this->set_summary($summary); } if (!isset($this->_data['description'])) { $this->_data['description'] = ''; } if (!isset($this->_data['key'])) { $this->_data['key'] = ''; } if (!isset($this->_data['author'])) { // author hasn't been previously set. // try to find something we can use. global $CMS_ADMIN_PAGE; $author = 'Anonymous'; if (isset($CMS_ADMIN_PAGE)) { // it's an admin action... get the currently logged in username $uid = get_userid(FALSE); if ($uid) { $userops = cmsms()->GetUserOperations(); $user = $userops->LoadUserById($uid); if ($user) { $author = $user->username; } } } else { $feu = cms_utils::get_module('FrontEndUsers'); if ($feu) { $tmp = $feu->LoggedInName(); if ($tmp) { $author = $tmp; } } } $this->_data['author'] = $author; } $db = cmsms()->GetDb(); $destfile = $this->get_destfile(); $existing_fileid = null; if (file_exists($destfile) && !isset($this->_data['allow_overwrite'])) { // not allowing overwrite throw new UploadsException('Destination File Exists: ' . $destfile); } else { if (file_exists($destfile)) { // allowing overwrite... try to find a file id. $query = 'SELECT upload_id FROM ' . cms_db_prefix() . 'module_uploads WHERE upload_name = ? AND upload_category_id = ?'; $existing_fileid = $db->GetOne($query, basename($destname), $this->_category['uploads_category_id']); } } // see if we're gonna watermark $_created = array(); $can_unlink = FALSE; $srcfile = $this->_data['src']; if (isset($this->_data['do_watermark'])) { $dn = dirname($destfile); $fn = basename($destfile); $wmname = cms_join_path($dn, 'wm_', $fn); $wmobj = cge_setup::get_watermarker(); $res = $wmobj->create_watermarked_image($srcfile, $wmname); if ($res !== FALSE) { $can_unlink = TRUE; $srcfile = $wmname; $_created[] = $srcfile; } } // see if we're gonna thumbnail. $thumb_name = ''; if (isset($this->_data['do_thumbnail'])) { $thumb_name = basename($destname); $dn = dirname($destname); $thumbfile = cms_join_path($dn, 'thumb_' . $thumb_name); $uploads->imageTransform($srcfile, $thumbfile); $_created[] = $thumbfile; } else { if (isset($this->_data['thumbnail'])) { $thumb_name = basename($destname); $dn = dirname($destname); $thumbfile = cms_join_path($dn, 'thumb_' . $thumb_name); @copy($this->_data['thumbnail'], $thumbfile); $_created[] = $thumbfile; } } // do the copy. @unlink($destfile); @copy($srcfile, $destfile); $_created[] = $destfile; // do the insert or update $dbr = ''; if (!$existing_fileid) { $existing_fileid = $db->GenId(cms_db_prefix() . 'module_uploads_seq'); // insert $query = 'INSERT INTO ' . cms_db_prefix() . 'module_uploads (upload_id,upload_category_id,upload_name,upload_author, upload_summary,upload_description,upload_ip,upload_size, upload_date, upload_key, upload_thumbnail) VALUES (?,?,?,?,?,?,?,?,NOW(),?,?)'; $dbr = $db->Execute($query, array($existing_fileid, $this->_category['upload_category_id'], basename($destfile), $this->_data['author'], $this->_data['summary'], $this->_data['desciption'], cge_utils::get_real_ip(), filesize($this->_data['src']), $this->_data['key'], $thumb_name)); } else { // update... delete custom fields. $query = 'DELETE FROM ' . cms_db_prefix() . 'module_uploads_fieldvals WHERE upload_id = ?'; $dbr = $db->Execute($query, array($existing_fileid)); $query = 'UPDATE ' . cms_db_prefix() . 'module_uploads SET upload_name = ?, upload_author = ?, upload_summary = ?, upload_description = ?, upload_ip = ?, upload_size = ?, upload_date = NOW(), upload_key = ?, upload_thumbnail = ? WHERE upload_id = ?'; $dbr = $db->Execute($query, array(basename($destfile), $this->_data['author'], $this->_data['summary'], $this->_data['desc'], cge_array::get_real_ip(), filesize($destfile), $this->_data['key'], $thumb_name, $existing_fileid)); } if (!$dbr) { foreach ($_created as $one) { @unlink($one); } throw new UploadsException('Database operation failed: ' . $db->sql . ' -- ' . $db->ErrorMsg()); } $fields = ''; $query = 'SELECT id,name FROM ' . cms_db_prefix() . 'module_uploads_fielddefs ORDER BY iorder'; $tmp = $db->GetArray($query); if (!is_array($tmp)) { $fields = cge_array::to_hash($tmp, 'name'); } if (is_array($fields) && isset($this->_data['fields'])) { // do the custom fields. $iquery = 'INSERT INTO ' . cms_db_prefix() . 'module_uploads_fieldvals (upload_id, fld_id, value) VALUES (?,?,?)'; foreach ($this->_data['fields'] as $key => $value) { if (!isset($fields[$key])) { continue; } $field_id = $fields[$key]['id']; $db->Execute($iquery, array($existing_fileid, $ield_id, $value)); } } // add something to the audit log. audit($existing_fileid, $uploads->GetName(), 'Uploaded file ' . basename($destfile)); // and we're done... return $existing_fileid; }