public function upload()
{
//this is the name of the field in the html form, filedata is the default name for swfupload
//so we will leave it as that
$fieldName = 'document';
//any errors the server registered on uploading
$fileError = $_FILES[$fieldName]['error'];
if ($fileError > 0) {
switch ($fileError) {
case 1:
echo TextHelper::_('FILE TO LARGE THAN PHP INI ALLOWS');
return;
case 2:
echo TextHelper::_('FILE TO LARGE THAN HTML FORM ALLOWS');
return;
case 3:
echo TextHelper::_('ERROR PARTIAL UPLOAD');
return;
case 4:
echo TextHelper::_('ERROR NO FILE');
return;
}
}
//check for filesize
$fileSize = $_FILES[$fieldName]['size'];
if ($fileSize > 2000000) {
echo TextHelper::_('FILE BIGGER THAN 2MB');
}
//check the file extension is ok
$fileName = $_FILES[$fieldName]['name'];
$uploadedFileNameParts = explode('.', $fileName);
$uploadedFileExtension = array_pop($uploadedFileNameParts);
$validFileExts = explode(',', 'jpeg,jpg,png,gif,pdf,doc,docx,odt,rtf,ppt,xls,txt');
//assume the extension is false until we know its ok
$extOk = false;
//go through every ok extension, if the ok extension matches the file extension (case insensitive)
//then the file extension is ok
foreach ($validFileExts as $key => $value) {
if (preg_match("/{$value}/i", $uploadedFileExtension)) {
$extOk = true;
}
}
if ($extOk == false) {
echo TextHelper::_('INVALID EXTENSION');
return;
}
//the name of the file in PHP's temp directory that we are going to move to our folder
$fileTemp = $_FILES[$fieldName]['tmp_name'];
//for security purposes, we will also do a getimagesize on the temp file (before we have moved it
//to the folder) to check the MIME type of the file, and whether it has a width and height
$imageinfo = getimagesize($fileTemp);
//lose any special characters in the filename
$fileName = ereg_replace("[^A-Za-z0-9.]", "-", $fileName);
$hash = md5($fileName) . "." . $uploadedFileExtension;
//always use constants when making file paths, to avoid the possibilty of remote file inclusion
$uploadPath = JPATH_SITE . '/uploads/' . $hash;
$app = \Cobalt\Container::fetch('app');
if (!File::upload($fileTemp, $uploadPath)) {
$msg = TextHelper::_('COBALT_DOC_UPLOAD_FAIL');
$app->redirect('index.php?view=admindocuments', $msg);
} else {
//update the database
//date generation
$date = date('Y-m-d H:i:s');
$data = array('name' => $fileName, 'filename' => $hash, 'filetype' => $uploadedFileExtension, 'size' => $fileSize / 1024, 'created' => $date, 'shared' => 1, 'is_image' => is_array(getimagesize($uploadPath)) ? true : false);
$model = new static();
$session = JFactory::getSession();
if ($model->store($data)) {
$msg = TextHelper::_('COM_CRMERY_DOC_UPLOAD_SUCCESS');
$app->redirect('index.php?view=admindocuments&layout=upload_success&format=raw', $msg);
$session->set("upload_success", true);
} else {
$msg = TextHelper::_('COM_CRMERY_DOC_UPLOAD_FAIL');
$app->redirect('index.php?view=admindocuments&layout=upload_success&format=raw', $msg);
$session->set("upload_success", false);
}
}
}
public function uploadLogo()
{
if ($_FILES['logo']['error']) {
return false;
}
//uploading image
$allowedImageTypes = array("image/pjpeg", "image/jpeg", "image/jpg", "image/png", "image/x-png", "image/gif");
if (!in_array($_FILES['logo']['type'], $allowedImageTypes)) {
$this->setError(Text::_('INSTL_ERROR_LOGO_FILE_TYPE'));
return false;
} else {
if (!JFile::upload($_FILES['logo']['tmp_name'], JPATH_ROOT . '/uploads/logo/' . JFile::makeSafe($_FILES['logo']['name']))) {
$this->setError(Text::_('INSTL_ERROR_UPLOAD_LOGO'));
return false;
}
}
return true;
}
public function store()
{
//Load Tables
$app = \Cobalt\Container::fetch('app');
$row = new BrandingTable();
$data = $app->input->getRequest('post');
//date generation
$date = DateHelper::formatDBDate(date('Y-m-d H:i:s'));
$data['modified'] = $date;
$this->changeDefault($data['id']);
$fieldName = 'site_logo';
//any errors the server registered on uploading
$fileError = $_FILES[$fieldName]['error'];
if ($fileError > 0) {
unset($data['site_logo']);
} else {
//check the file extension is ok
$fileName = $_FILES[$fieldName]['name'];
$fileTemp = $_FILES[$fieldName]['tmp_name'];
$uploadedFileNameParts = explode('.', $fileName);
$uploadedFileExtension = array_pop($uploadedFileNameParts);
$validFileExts = explode(',', 'jpeg,jpg,png,gif,pdf,doc,docx,odt,rtf,ppt,xls,txt');
//assume the extension is false until we know its ok
$extOk = false;
//go through every ok extension, if the ok extension matches the file extension (case insensitive)
//then the file extension is ok
foreach ($validFileExts as $key => $value) {
if (preg_match("/{$value}/i", $uploadedFileExtension)) {
$extOk = true;
}
}
if ($extOk == false) {
echo TextHelper::_('INVALID EXTENSION');
return;
}
//data generation
$hashFilename = md5($fileName . $date) . "." . $uploadedFileExtension;
//lose any special characters in the filename
//$fileName = preg_replace("[^A-Za-z0-9.]", "-", $fileName);
//always use constants when making file paths, to avoid the possibilty of remote file inclusion
$uploadPath = JPATH_SITE . '/src/Cobalt/media/logos/' . $hashFilename;
if (!File::upload($fileTemp, $uploadPath)) {
echo TextHelper::_('ERROR MOVING FILE');
return;
}
$fileSize = filesize($uploadPath);
$this->updateSiteLogo($hashFilename);
unset($data['site_logo']);
}
// Bind the form fields to the table
if (!$row->bind($data)) {
$this->setError($this->db->getErrorMsg());
return false;
}
// Make sure the record is valid
if (!$row->check()) {
$this->setError($this->db->getErrorMsg());
return false;
}
// Store the web link table to the database
if (!$row->store()) {
$this->setError($this->db->getErrorMsg());
return false;
}
return true;
}
/**
* Save user avatars
* @return [type] [description]
*/
public function saveAvatar()
{
//this is the name of the field in the html form, filedata is the default name for swfupload
//so we will leave it as that
$fieldName = 'avatar';
//any errors the server registered on uploading
$fileError = $_FILES[$fieldName]['error'];
if ($fileError > 0) {
switch ($fileError) {
case 1:
echo TextHelper::_('FILE TO LARGE THAN PHP INI ALLOWS');
return false;
case 2:
echo TextHelper::_('FILE TO LARGE THAN HTML FORM ALLOWS');
return false;
case 3:
echo TextHelper::_('ERROR PARTIAL UPLOAD');
return false;
case 4:
echo TextHelper::_('ERROR NO FILE');
return false;
}
}
//check the file extension is ok
$fileName = $_FILES[$fieldName]['name'];
$fileTemp = $_FILES[$fieldName]['tmp_name'];
$uploadedFileNameParts = explode('.', $fileName);
$uploadedFileExtension = array_pop($uploadedFileNameParts);
$validFileExts = explode(',', 'jpeg,jpg,png,gif,bmp');
//assume the extension is false until we know its ok
$extOk = false;
//go through every ok extension, if the ok extension matches the file extension (case insensitive)
//then the file extension is ok
foreach ($validFileExts as $key => $value) {
if (preg_match("/{$value}/i", $uploadedFileExtension)) {
$extOk = true;
}
}
if ($extOk == false) {
echo TextHelper::_('INVALID EXTENSION');
return false;
}
//data generation
$date = DateHelper::formatDBDate(date('Y-m-d H:i:s'));
$hashFilename = md5($fileName . $date) . "." . $uploadedFileExtension;
//lose any special characters in the filename
//$fileName = preg_replace("[^A-Za-z0-9.]", "-", $fileName);
//always use constants when making file paths, to avoid the possibilty of remote file inclusion
$uploadPath = JPATH_SITE . '/src/Cobalt/media/avatars/' . $hashFilename;
if (!File::upload($fileTemp, $uploadPath)) {
echo TextHelper::_('ERROR MOVING FILE');
return false;
}
$image = new Image();
$image->loadFile($uploadPath);
$image->resize(50, 50, false);
$image->toFile($uploadPath);
$data = array('id' => $this->state->get('item_id'), 'avatar' => $hashFilename);
$item_type = $this->state->get('item_type');
$this->deleteOldAvatar($data['id'], $item_type);
switch ($item_type) {
case "people":
$model_name = "people";
break;
case "companies":
$model_name = "company";
break;
}
$modelClass = "Cobalt\\Model\\" . ucwords($model_name);
$model = new $modelClass($this->db);
$model->store($data);
return JUri::base() . 'src/Cobalt/media/avatars/' . $hashFilename;
}
/**
* Method to store a record
*
* @return boolean True on success
*/
public function store($data = null)
{
if ($data) {
$data = (array) $data;
$_FILES = array();
$_FILES['document'] = $data;
$_FILES['tmp_name'] = $data['attachment'];
$fileName = $data['value'];
$fileTemp = $data['attachment'];
$association_id = $data['association_id'];
$association_type = $data['association_type'];
$uploadedFileExtension = substr(strrchr($fileName, '.'), 1);
$data['is_attachment'] = 1;
$data['email'] = 1;
} else {
$association_id = $_POST['association_id'];
$association_type = $_POST['association_type'];
//this is the name of the field in the html form, filedata is the default name for swfupload
//so we will leave it as that
$fieldName = 'document';
//any errors the server registered on uploading
$fileError = $_FILES[$fieldName]['error'];
if ($fileError > 0) {
switch ($fileError) {
case 1:
echo TextHelper::_('FILE TO LARGE THAN PHP INI ALLOWS');
return;
case 2:
echo TextHelper::_('FILE TO LARGE THAN HTML FORM ALLOWS');
return;
case 3:
echo TextHelper::_('ERROR PARTIAL UPLOAD');
return;
case 4:
echo TextHelper::_('ERROR NO FILE');
return;
}
}
//check the file extension is ok
$fileName = $_FILES[$fieldName]['name'];
$fileTemp = $_FILES[$fieldName]['tmp_name'];
}
$uploadedFileNameParts = explode('.', $fileName);
$uploadedFileExtension = array_pop($uploadedFileNameParts);
$validFileExts = explode(',', 'jpeg,jpg,png,gif,pdf,doc,docx,odt,rtf,ppt,xls,txt');
//assume the extension is false until we know its ok
$extOk = false;
//go through every ok extension, if the ok extension matches the file extension (case insensitive)
//then the file extension is ok
foreach ($validFileExts as $key => $value) {
if (preg_match("/{$value}/i", $uploadedFileExtension)) {
$extOk = true;
}
}
if ($extOk == false) {
echo TextHelper::_('INVALID EXTENSION');
return;
}
//data generation
$date = DateHelper::formatDBDate(date('Y-m-d H:i:s'));
$hashFilename = md5($fileName . $date) . "." . $uploadedFileExtension;
//lose any special characters in the filename
$fileName = preg_replace("[^A-Za-z0-9.]", "-", $fileName);
//always use constants when making file paths, to avoid the possibilty of remote file inclusion
$uploadPath = JPATH_SITE . '//documents/' . $hashFilename;
if ($data['is_attachment']) {
if (!File::write($uploadPath, $fileTemp)) {
echo TextHelper::_('ERROR MOVING FILE');
return;
}
} else {
if (!File::upload($fileTemp, $uploadPath)) {
echo TextHelper::_('ERROR MOVING FILE');
return;
}
}
$fileSize = filesize($uploadPath);
//update the database
$newData = array('name' => $fileName, 'filename' => $hashFilename, 'association_id' => $association_id, 'association_type' => $association_type, 'filetype' => $uploadedFileExtension, 'size' => $fileSize / 1024, 'created' => $date);
if (array_key_exists('email', $data) && $data['email']) {
$newData['email'] = 1;
}
//Load Tables
$row = new DocumentTable();
$oldRow = new DocumentTable();
//date generation
$date = DateHelper::formatDBDate(date('Y-m-d H:i:s'));
if (!array_key_exists('id', $newData)) {
$newData['created'] = $date;
$status = "created";
} else {
$row->load($data['id']);
$oldRow->load($data['id']);
$status = "updated";
}
$is_image = is_array(getimagesize($uploadPath)) ? true : false;
$newData['modified'] = $date;
$newData['owner_id'] = UsersHelper::getUserId();
$newData['is_image'] = $is_image;
// Bind the form fields to the table
if (!$row->bind($newData)) {
$this->setError($this->db->getErrorMsg());
return false;
}
$app = \Cobalt\Container::fetch('app');
//$app->triggerEvent('onBeforeDocumentSave', array(&$row));
// Make sure the record is valid
if (!$row->check()) {
$this->setError($this->db->getErrorMsg());
return false;
}
// Store the web link table to the database
if (!$row->store()) {
$this->setError($this->db->getErrorMsg());
return false;
}
$id = array_key_exists('id', $data) ? $data['id'] : $this->db->insertId();
ActivityHelper::saveActivity($oldRow, $row, 'document', $status);
//$app->triggerEvent('onAfterDocumentSave', array(&$row));
return $id;
}
