public static function returnByFilename($filename)
{
return returnMIMEType($filename);
}
// assign file details to array, for all files or those that match search
if (!$findnow || $findnow && $exists !== false) {
$file['name'][] = $filename;
$file['modified'][] = filemtime($tinybrowser['docroot'] . $editpath . $filename);
$file['size'][] = filesize($tinybrowser['docroot'] . $editpath . $filename);
// image specific info or general
if ($typenow == 'image' && ($imginfo = getimagesize($tinybrowser['docroot'] . $editpath . $filename))) {
$file['width'][] = $imginfo[0];
$file['height'][] = $imginfo[1];
$file['dimensions'][] = $imginfo[0] + $imginfo[1];
$file['type'][] = $imginfo['mime'];
} else {
$file['width'][] = 'N/A';
$file['height'][] = 'N/A';
$file['dimensions'][] = 'N/A';
$file['type'][] = returnMIMEType($filename);
}
}
}
}
closedir($dh);
// generate alert if files deleted
if ($deleteqty > 0) {
$notify['type'][] = 'success';
$notify['message'][] = sprintf(TB_MSGDELETE, $deleteqty);
} elseif ($renameqty > 0) {
$notify['type'][] = 'success';
$notify['message'][] = sprintf(TB_MSGRENAME, $renameqty);
} elseif ($resizeqty > 0) {
$notify['type'][] = 'success';
$notify['message'][] = sprintf(TB_MSGRESIZE, $resizeqty);
$id_attachment = get_parameter("id_attachment", 0);
$data = get_db_row("tattachment", "id_attachment", $id_attachment);
if (!isset($data)) {
echo "No valid attach id";
exit;
}
$id_kb = $data["id_kb"];
if (!give_acl($config["id_user"], 0, "KR")) {
echo "You dont have access to Knoledgue base files";
exit;
}
// Beware of users trying to get access to attach of Incidents or Projects from here!
if ($id_kb == 0) {
echo "You dont have access to that file";
exit;
}
// Allow download file
$fileLocation = $config["homedir"] . "/attachment/" . $data["id_attachment"] . "_" . $data["filename"];
$last_name = $data["filename"];
if (file_exists($fileLocation)) {
header('Content-type: aplication/octet-stream;');
header('Content-type: ' . returnMIMEType($fileLocation) . ';');
header("Content-Length: " . filesize($fileLocation));
header('Content-Disposition: attachment; filename="' . $last_name . '"');
readfile($fileLocation);
} else {
echo "<h1>Error locating file</h1>";
echo "<i>" . $fileLocation . "</i>";
echo "File is missing in disk storage. Please contact the administrator";
exit;
}
else {
$fileLocation = $config["homedir"]."/attachment/".$data["id_attachment"]."_".$data["filename"];
$last_name = $data["filename"];
}
//General check to avoid hacking using wrong id of files
if (! $data) {
audit_db($config["id_user"],$config["REMOTE_ADDR"], "ACL Violation","Trying to access Downloads browser");
require ($general_error);
exit;
}
session_write_close();
// Allow download file
$mime = returnMIMEType($fileLocation); //We use a custom function because php functions are not reliable for document office
if (file_exists($fileLocation)){
header("Content-Type: $mime;");
header("Content-Length: " . filesize($fileLocation));
header('Content-Disposition: ' . $content_disposition . '; filename="' . $last_name . '"');
// If it's a large file we don't want the script to timeout, so:
set_time_limit(0);
// If it's a large file, readfile might not be able to do it in one go, so:
$chunksize = 1 * (1024 * 256); // how many bytes per chunk
if (filesize($fileLocation) > $chunksize) {
$handle = fopen($fileLocation, 'rb');
$buffer = '';
$id_src = trim($param[0]);
$id = trim($param[1]);
//$id = $_GET['id'];
//$id_src = $_GET['idsrc'];
// $id_src appartient bien au user ?
// ouvre un fichier en mode binaire
$name = $id;
$offset = last_index_of('/', $name);
if ($offset != -1) {
$name = substr($id, $offset);
}
// ' in file name
if (get_magic_quotes_gpc()) {
$id = stripcslashes($id);
}
$ct = returnMIMEType($name);
$db = db_connect($config, "", "", "", "dropbox");
if ($db) {
$token_key = '';
$token_secret = '';
$ret = db_get_value($db, "sources", "params", "id='" . $id_src . "'", $value);
$xml = simplexml_load_string($value);
$params = json_decode(json_encode($xml), TRUE);
foreach ($params as $key => $value) {
if ($key == 'token_key') {
$token_key = $value;
}
if ($key == 'token_secret') {
$token_secret = $value;
}
}
$data = $id_attachment;
}
} else {
$fileLocation = $config["homedir"] . "/attachment/" . $data["id_attachment"] . "_" . $data["filename"];
$last_name = $data["filename"];
}
}
//General check to avoid hacking using wrong id of files
if (!$data) {
audit_db($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access Downloads browser");
require $general_error;
exit;
}
session_write_close();
// Allow download file
$mime = returnMIMEType($fileLocation);
//We use a custom function because php functions are not reliable for document office
if (file_exists($fileLocation)) {
header("Content-Type: {$mime};");
header("Content-Length: " . filesize($fileLocation));
header('Content-Disposition: ' . $content_disposition . '; filename="' . $last_name . '"');
// If it's a large file we don't want the script to timeout, so:
set_time_limit(0);
// If it's a large file, readfile might not be able to do it in one go, so:
$chunksize = 1 * (1024 * 256);
// how many bytes per chunk
if (filesize($fileLocation) > $chunksize) {
$handle = fopen($fileLocation, 'rb');
$buffer = '';
while (!feof($handle)) {
$buffer = fread($handle, $chunksize);
/**
* displayFeedPhotoGallery
*
* @return void
*/
function displayFeedPhotoGallery()
{
$fcmsError = FCMS_Error::getInstance();
$fcmsDatabase = Database::getInstance($fcmsError);
$url = "http://" . $_SERVER['SERVER_NAME'] . $_SERVER['PHP_SELF'];
$urlroot = $url;
$pos = strrpos($url, "/");
if ($pos === false) {
$pos = strrpos($url, "\\");
}
if (!($pos === false)) {
$urlroot = substr($url, 0, $pos);
}
$lastday = time() - 84 * 60 * 60 * 24;
// 12 weeks
$sql = "SELECT `caption`, p.`user`, `filename`, p.`date`, `name` \n FROM `fcms_gallery_photos` AS p, `fcms_category` As c\n WHERE p.`category` = c.`id` \n AND UNIX_TIMESTAMP(p.`date`) >= ?\n ORDER BY p.`date`";
$rows = $fcmsDatabase->getRows($sql, $lastday);
if ($rows === false) {
print "Error getting data.";
return;
}
$output = "<?xml version=\"1.0\"?" . "> \n<rss version=\"2.0\"> \n<channel> \n<title>" . getSiteName() . " - " . T_('Photo Gallery') . "</title> \n<link>" . $url . "</link> \n<description>" . getSiteName() . " - " . T_('Photo Gallery') . " " . T_('RSS Feed') . "</description> \n<language>" . T_pgettext('Language Code for this translation', 'lang') . "</language> \n<managingEditor>" . getContactEmail() . "</managingEditor> \n";
if (count($rows) > 0) {
foreach ($rows as $line) {
$title = htmlentities($line['caption']);
if ($title == "") {
$title = htmlentities($line['name']);
}
$output .= "<item><title><![CDATA[{$title}]]></title> \n<pubDate>" . gmdate('D, d M Y H:i:s', strtotime($line['date'])) . " GMT</pubDate> \n<link>" . htmlentities($urlroot . "/gallery/photos/member" . $line['user'] . "/" . $line['filename']) . "</link> \n<description><![CDATA[<img src=\"{$urlroot}/gallery/photos/member" . $line['user'] . "/" . $line['filename'] . "\" border=\"0\" />]]></description> \n<enclosure url=\"" . $urlroot . "/gallery/photos/member" . $line['user'] . "/" . $line['filename'] . "\" type=\"" . returnMIMEType("./gallery/photos/member" . $line['user'] . "/" . $line['filename']) . "\" length=\"" . filesize("./gallery/photos/member" . $line['user'] . "/" . $line['filename']) . "\" /> \n<guid isPermaLink=\"true\"><![CDATA[" . $urlroot . "/gallery/photos/member" . $line['user'] . "/" . $line['filename'] . "]]></guid> \n</item> \n";
}
}
$output .= "</channel></rss>";
echo $output;
}
