static function delete_items($folder, $view, $items, $mode = "delete")
{
if (empty($folder) or empty($view) or !is_array($items) or $mode == "") {
return;
}
$sgsml = new sgsml($folder, $view, $items);
$tname = $sgsml->tname;
$handler = $sgsml->handler;
if (!isset($sgsml->buttons[$mode]) or $mode == "delete" and count($items) == 0) {
return;
}
if ($mode == "empty") {
$sgsml->where = array("folder in (@folders@)");
}
if ($mode == "purgeall") {
$sgsml->where = array();
}
if (in_array($mode, array("purge", "purgeall"))) {
$delete = true;
} else {
$delete = false;
}
if (folder_in_trash($folder)) {
$delete = true;
}
if ($handler == "") {
$file_fields = $sgsml->get_fields_by_type("files");
} else {
$file_fields = array();
}
if (!empty($sgsml->att["TRIGGER_DELETE"])) {
$fields = array("*");
} else {
if (isset($sgsml->fields["notification"])) {
$fields = array("id", "folder", "notification");
foreach ($sgsml->fields as $key => $field) {
if (isset($field["REQUIRED"]) and $field["SIMPLE_TYPE"] != "files" and !in_array($key, $fields)) {
$fields[] = $key;
}
}
} else {
$fields = array("id");
}
$fields = array_unique(array_merge($fields, $file_fields));
}
$rows = $sgsml->get_rows($fields);
if (!is_array($rows) or count($rows) == 0 or count($rows) < count($items)) {
exit("{t}Item(s) not found or access denied.{/t}");
}
if ($delete) {
foreach ($rows as $row) {
foreach ($file_fields as $field) {
$files = explode("|", $row[$field]);
sys_unlink($files);
}
$data = array("id" => $row["id"], "folder" => $folder);
db_delete($tname, array("id=@id@"), $data, array("handler" => $handler));
}
} else {
$trash = db_select_value("simple_sys_tree", "id", "anchor=@anchor@", array("anchor" => "trash"));
if (empty($trash)) {
exit("{t}Error{/t}: {t}Trash folder not found.{/t}");
}
foreach ($rows as $row) {
$id = folders::create(sys_date("{t}m/d/Y{/t}"), "blank", "", $trash, true);
$tid = folders::create($sgsml->att["MODULENAME"], str_replace("simple_", "", $tname), "", $id, true);
$data = array("folder" => $tid, "history" => sprintf("{t}Item deleted by %s at %s{/t}\n", $_SESSION["username"], sys_date("{t}m/d/y g:i:s a{/t}")));
db_update($tname, $data, array("id=@id@"), array("id" => $row["id"]), array("handler" => $handler));
db_update_treesize($tname, $tid);
if (!isset($row["notification"])) {
$row["notification"] = "";
}
$tree_notification = db_select_value("simple_sys_tree", "notification", "id=@id@", array("id" => $folder));
if ($tree_notification) {
$row["notification"] .= "," . $tree_notification;
}
if (!empty($row["notification"])) {
$smtp_data = self::build_notification($tname, $sgsml->fields, $row, $data, $id);
asset_process_trigger("sendmail", $row["id"], $smtp_data);
}
if (!empty($sgsml->att["TRIGGER_DELETE"])) {
asset_process_trigger($sgsml->att["TRIGGER_DELETE"], $row["id"], $row, $tname);
}
db_update("simple_sys_tree", array("history" => "[" . $row["id"] . "/details] " . $data["history"]), array("id=@id@"), array("id" => $folder));
db_search_delete($tname, $row["id"], $folder);
db_notification_delete($tname, $row["id"]);
}
}
db_update_treesize($tname, $folder);
sys_log_stat("deleted_records", count($rows));
}
private static function _import_delete($folder, $id, $tname, $module)
{
$where = array("folder=@folder@");
if ($id[0] == "_") {
$where[] = "id=@id@";
} else {
$where[] = "syncid=@id@";
}
$row_id = db_select_value($tname, "id", $where, array("id" => trim($id, "_"), "folder" => $folder));
if (!empty($row_id)) {
$trash = db_select_value("simple_sys_tree", "id", "anchor=@anchor@", array("anchor" => "trash"));
if (empty($trash)) {
sys_warning("{t}Error{/t}: {t}Trash folder not found.{/t}");
return;
}
$id = folders::create(sys_date("{t}m/d/Y{/t}"), "blank", "", $trash, true);
$id2 = folders::create($module, str_replace("simple_", "", $tname), "", $id, true);
$data = array("folder" => $id2, "history" => sprintf("{t}Item deleted by %s at %s{/t}\n", $_SESSION["username"], sys_date("{t}m/d/y g:i:s a{/t}")));
db_update($tname, $data, array("id=@id@"), array("id" => $row_id));
db_update_treesize($tname, $folder);
db_search_delete($tname, $row_id, $folder);
sys_log_stat("deleted_records", 1);
}
}
static function process_login($username, $password = "")
{
$id = session_id();
if (!APC_SESSION and $id and (empty($_SESSION["username"]) or $_SESSION["username"] != $username)) {
$row = db_select_first("simple_sys_session", array("id", "data", "expiry"), "username=@username@", "lastmodified desc", array("username" => $username));
if (!empty($row["id"])) {
$_SESSION = array();
session_decode(rawurldecode($row["data"]));
if ($row["expiry"] < NOW) {
db_delete("simple_sys_session", array("id=@id@"), array("id" => $row["id"]));
}
}
if (!db_count("simple_sys_session", array("id=@id@"), array("id" => $id))) {
db_insert("simple_sys_session", array("expiry" => NOW + LOGIN_TIMEOUT, "id" => $id));
}
}
$_SESSION["username"] = $username;
if ($password != "") {
$_SESSION["password"] = sys_encrypt($password, $id);
}
if (!isset($_SESSION["history"])) {
$_SESSION["history"] = array();
}
$_SESSION["groups"] = array();
$_SESSION["folder_states"] = array();
$base = dirname($_SERVER["SCRIPT_FILENAME"]) . "/";
if (sys_is_super_admin($_SESSION["username"])) {
$_SESSION["ALLOWED_PATH"] = array($base . SIMPLE_STORE . "/home/", $base . SIMPLE_CACHE . "/debug/", $base . SIMPLE_STORE . "/trash/", $base . SIMPLE_CACHE . "/preview/", $base . SIMPLE_STORE . "/backup/");
} else {
$_SESSION["ALLOWED_PATH"] = array($base . SIMPLE_STORE . "/home/" . $_SESSION["username"] . "/", $base . SIMPLE_CACHE . "/preview/");
}
foreach (explode(",", SIMPLE_IMPORT) as $folder) {
if ($folder == "" or !is_dir($folder)) {
continue;
}
if ($folder[0] != "/" and !strpos($folder, ":")) {
$folder = $base . $folder;
}
$_SESSION["ALLOWED_PATH"][] = rtrim(str_replace("\\", "/", $folder), "/") . "/";
}
// TODO2 put in extra function and configure it with setup to fetch groups from somewhere else
if (sys_is_super_admin($_SESSION["username"])) {
$_SESSION["permission_sql"] = "1=1";
$_SESSION["permission_sql_exception"] = "1=0";
$_SESSION["disabled_modules"] = array();
} else {
$_SESSION["permission_sql"] = sql_regexp("r@right@_users", array($username, "anonymous"));
$_SESSION["permission_sql_exception"] = "(rexception_users!='' and " . sql_regexp("rexception_users", array($username, "anonymous"), "|@view@:@right@:%s|") . ")";
$_SESSION["disabled_modules"] = array_flip(explode("|", DISABLED_MODULES));
$rows = db_select("simple_sys_groups", "groupname", array("activated=1", "members like @username_sql@"), "", "", array("username_sql" => "%|" . $username . "|%"));
if (is_array($rows) and count($rows) > 0) {
foreach ($rows as $val) {
$_SESSION["groups"][] = $val["groupname"];
}
$_SESSION["permission_sql"] = "(" . $_SESSION["permission_sql"] . " or " . sql_regexp("r@right@_groups", $_SESSION["groups"]) . ")";
$_SESSION["permission_sql_exception"] = "(" . $_SESSION["permission_sql_exception"] . " or (rexception_groups!='' and " . sql_regexp("rexception_groups", $_SESSION["groups"], "|@view@:@right@:%s|") . "))";
}
}
$_SESSION["permission_sql_read"] = str_replace("@right@", "read", $_SESSION["permission_sql"]);
$_SESSION["permission_sql_write"] = str_replace("@right@", "write", $_SESSION["permission_sql"]);
$_SESSION["ip"] = _login_get_remoteaddr();
$_SESSION["tickets"] = array("templates" => array("dbselect", "simple_templates", array("tplcontent", "tplname"), array("tplname like @search@"), "tplname asc"));
$_SESSION["treevisible"] = true;
$row = db_select_first("simple_sys_users", "*", "username=@username@", "", array("username" => $username));
if (!empty($row["cal_day_begin"])) {
$_SESSION["day_begin"] = sys_date("G", $row["cal_day_begin"] - 1) * 3600;
$_SESSION["day_end"] = sys_date("G", $row["cal_day_end"]) * 3600;
} else {
$_SESSION["day_begin"] = 25200;
// 7:00 = 7*3600
$_SESSION["day_end"] = 64800;
// 18:00 = 18*3600
}
if (!empty($row["enabled_modules"])) {
$row["enabled_modules"] = array_flip(explode("|", trim($row["enabled_modules"], "|")));
$_SESSION["disabled_modules"] = array_diff_key($_SESSION["disabled_modules"], $row["enabled_modules"]);
}
if (!empty($row["timezone"])) {
$_SESSION["timezone"] = $row["timezone"];
} else {
$_SESSION["timezone"] = "";
}
if (!empty($row["theme"])) {
$_SESSION["theme"] = $row["theme"];
} else {
$_SESSION["theme"] = "core";
}
if (!empty($row["home_folder"])) {
$_SESSION["home_folder"] = "index.php?folder=" . rawurlencode($row["home_folder"]);
} else {
if (sys_is_super_admin($username)) {
$anchor = "system";
} else {
$anchor = "home_" . $username;
}
$_SESSION["home_folder"] = "index.php?folder=^" . $anchor;
}
if ($id or isset($_REQUEST["login"])) {
sys_log_stat("logins", 1);
sys_log_message_log("login", sprintf("{t}login %s from %s with %s{/t}", $_SESSION["username"], $_SESSION["ip"], sys::$browser));
}
trigger::login();
if (!empty($row["pwdexpires"]) and $row["pwdexpires"] < NOW) {
sys_warning(sprintf("{t}Password expired. (password of %s has expired){/t}", $username));
self::_redirect("index.php?view=changepwd&find=asset|simple_sys_users|1|username="******"username"]);
} else {
if (!empty($_REQUEST["page"])) {
if (CMS_REAL_URL) {
self::_redirect(CMS_REAL_URL . $_REQUEST["page"]);
}
self::_redirect("cms.php/" . $_REQUEST["page"]);
} else {
if (!empty($_REQUEST["redirect"])) {
self::_redirect($_SESSION["home_folder"]);
}
}
}
}
static function shutdown()
{
// check execution time
self::$time_end = number_format(sys_get_microtime() - self::$time_start, 2);
if (self::$time_end > SYSTEM_SLOW) {
sys_log_message_log("system-slow", sprintf("{t}%s secs{/t}", self::$time_end) . " " . basename(_sys_request_uri()), _sys_request_uri());
}
// process error.txt
$size = @filesize(SIMPLE_CACHE . "/debug/error.txt");
if ($size > 0 and $size <= 2097152 and $msgs = @file_get_contents(SIMPLE_CACHE . "/debug/error.txt")) {
// 2M
@unlink(SIMPLE_CACHE . "/debug/error.txt");
$msgs = array_reverse(explode("\n", $msgs));
foreach ($msgs as $msg) {
if ($msg == "") {
continue;
}
$vars = unserialize($msg);
sys_log_message($vars[0], $vars[1], $vars[2], $vars[3], true, $vars[4]);
}
} else {
if ($size > 0) {
sys_die("{t}The error logfile cannot be processed, too large:{/t} " . SIMPLE_CACHE . "/debug/error.txt");
}
}
// logging
sys_log_stat("pages", 1);
}
static function delete($folder)
{
$row = db_select_first("simple_sys_tree", array("id", "rgt", "lft", "ftitle", "parent"), "id=@id@", "", array("id" => $folder));
$rows = array();
if (!empty($row["id"])) {
$rows = db_select("simple_sys_tree", array("id", "ftype"), "lft between @left@ and @right@", "lft asc", "", array("left" => $row["lft"], "right" => $row["rgt"]));
}
if (!is_array($rows) or count($rows) == 0) {
return "";
}
if (!folder_in_trash($folder)) {
$trash = db_select_value("simple_sys_tree", "id", "anchor=@anchor@", array("anchor" => "trash"));
if (empty($trash)) {
exit("{t}Error{/t}: {t}Trash folder not found.{/t}");
}
$id = self::create(sys_date("{t}m/d/Y{/t}"), "blank", "", $trash, true);
$old_path = modify::getpath($folder);
if (!self::move($row["id"], $id, true)) {
exit("{t}The folder cannot be deleted.{/t}");
}
$data = array("rread_users" => "", "rread_groups" => "", "rwrite_users" => "", "rwrite_groups" => "", "radmin_users" => "", "radmin_groups" => "", "rexception_users" => "", "rexception_groups" => "", "anchor" => "");
$data["history"] = sprintf("{t}Item deleted by %s at %s{/t}\n", $_SESSION["username"], sys_date("{t}m/d/y g:i:s a{/t}"));
foreach ($rows as $folder) {
db_update("simple_sys_tree", $data, array("id=@id@"), array("id" => $folder["id"]));
}
db_update("simple_sys_tree", array("history" => "{t}Origin{/t}: " . $old_path . "\n"), array("id=@id@"), array("id" => $rows[0]["id"]));
sys_log_stat("deleted_folders", count($rows));
} else {
foreach ($rows as $folder) {
if ($folder["ftype"] != "sys_tree") {
$schema_data = db_get_schema(sys_find_module($folder["ftype"]));
$tname = $schema_data["att"]["NAME"];
if (!strpos($tname, "_nodb_")) {
$delete_fields = array();
foreach ($schema_data["fields"] as $key => $field) {
if ($field["SIMPLE_TYPE"] == "files") {
$delete_fields[] = $key;
}
}
if (count($delete_fields) > 0) {
$data = db_select($tname, $delete_fields, "folder=@folder@", "created asc", "", array("folder" => $folder["id"]));
if (is_array($data) and count($data) > 0) {
foreach ($data as $ditem) {
foreach ($delete_fields as $field) {
$files = explode("|", $ditem[$field]);
sys_unlink($files);
}
}
}
}
db_delete($tname, array("folder=@folder@"), array("folder" => $folder["id"]));
}
}
db_search_delete("simple_sys_tree", $folder["id"], $folder["id"]);
db_search_delete_folder($folder["id"]);
db_delete("simple_sys_tree", array("id=@id@"), array("id" => $folder["id"]));
}
db_update_subfolder_count($row["parent"]);
}
$folder = $row["id"];
if (isset($_SESSION["folder_states"][$folder])) {
foreach ($_SESSION["folder_states"][$folder] as $child) {
unset($_SESSION["folder_states"][$child]);
}
unset($_SESSION["folder_states"][$folder]);
}
return $row["parent"];
}
static function folder_create($folder, $title, $type, $description, $icon, $first = false)
{
if ($title == "") {
return "";
}
if (!is_numeric($folder) and strpos($folder, "*")) {
$folders = folders_from_path($folder);
if (!is_array($folders) or count($folders) == 0) {
return "";
}
foreach ($folders as $folder_item) {
self::_require_access($folder_item, "write");
}
foreach ($folders as $folder_item) {
self::folder_create($folder_item, $title, $type, $description, $icon, $first);
}
return $folder . $title . "/";
}
self::_require_access($folder, "write");
if (!is_numeric($folder)) {
$url = sys_parse_folder($folder);
$handler = "lib_" . $url["handler"];
self::require_method("create_folder", $handler);
$title = str_replace(array(".", "\\", "/"), "", $title);
$return = call_user_func(array($handler, "create_folder"), $title, $url["mountpoint"], $url["mfolder"]);
if ($return == "ok") {
return $folder . $title . "/";
} else {
if ($return != "") {
exit($return);
}
}
} else {
$new_folder = folders::create($title, $type, $description, $folder, $first, array("noduplicate" => true, "icon" => $icon));
if ($new_folder == "") {
exit("{t}Folder already exists.{/t}");
}
if ($folder != $new_folder) {
sys_log_stat("new_folders", 1);
}
return $new_folder;
}
return "";
}
function _download_file($row_filename, $filename, $dispo)
{
if ($fp = fopen($row_filename, "rb")) {
if (strpos($_SERVER["HTTP_USER_AGENT"], "MSIE")) {
$filename = rawurlencode($filename);
}
sys_log_stat("downloads", 1);
header("Expires: " . gmdate("D, d M Y H:i:s", NOW) . " GMT");
header("Content-Type: " . ($dispo == "inline" ? "image/jpg" : "application/octet-stream") . "; charset=utf-8");
header("Content-Disposition: " . $dispo . "; filename=\"" . $filename . "\"");
header("Content-Length: " . (int) filesize($row_filename));
header("Content-Transfer-Encoding: binary");
while (!feof($fp)) {
echo fread($fp, 8192);
}
fclose($fp);
exit;
}
}
private static function _copy($ccp, $folder, $sgsml, $delete)
{
$tname = $sgsml->tname;
$vars = array("handler" => $ccp["handler"], "sqlvarsnoquote" => $ccp["vars_noquote"], "custom_name" => $ccp["custom_name"], "default_sql" => $ccp["default_sql"]);
$rows = db_select($ccp["tname"], $ccp["data_fields"], $ccp["where"], "", "", array("item" => $ccp["items"], "folder" => $ccp["folder"], "folders" => $ccp["folders"]), $vars);
if (is_array($rows) and count($rows) < count($ccp["items"])) {
exit("{t}Item(s) not found or access denied.{/t}");
}
foreach (self::_get_mappings("->") as $mapping) {
if (!strpos($mapping[1], "=")) {
continue;
}
$mapping[1] = explode(".", $mapping[1]);
if ("simple_" . $mapping[0] == $ccp["tname"] and "simple_" . $mapping[1][0] == $tname) {
$sgsml->patch_fields(array_slice($mapping[1], 1));
}
}
$mappings = array();
foreach (self::_get_mappings("|") as $mapping) {
if (strpos($mapping[0], "->")) {
continue;
}
$mapping1 = explode(".", $mapping[0]);
$mapping2 = explode(".", $mapping[1]);
$key = "simple_" . $mapping1[0] . ".simple_" . $mapping2[0];
$mappings[$key][$mapping2[1]] = $mapping1[1];
$key = "simple_" . $mapping2[0] . ".simple_" . $mapping1[0];
$mappings[$key][$mapping1[1]] = $mapping2[1];
}
$default_values = folder_get_default_values($folder);
$messages = array();
foreach ($rows as $row) {
if (empty($row["folder"]) or !db_get_right($row["folder"], "read")) {
continue;
}
if (isset($mappings[$ccp["tname"] . "." . $tname])) {
foreach ($mappings[$ccp["tname"] . "." . $tname] as $to => $from) {
$row[$to] = $row[$from];
}
}
$row = array_merge($row, $default_values);
foreach (array_keys($row) as $key) {
if (!isset($sgsml->fields[$key])) {
unset($row[$key]);
continue;
}
$field = $sgsml->fields[$key];
if ((isset($field["KEY"]) or isset($field["IS_UNIQUE"])) and !empty($row[$key]) and !isset($field["READONLYIN"])) {
$val = $row[$key];
$step = 1;
while ($step < 100 and validate::itemexists($tname, array($key => $val), -1) != "") {
$step++;
$val = $row[$key] . "_" . $step;
}
$row[$key] = $val;
}
if (isset($field["RESTORE"])) {
$row[$key] = self::_restore_value($row, $key, $field["RESTORE"]);
}
}
$id = $row["id"];
$row["id"] = -1;
$row["folder"] = $folder;
if (isset($row["syncid"])) {
$row["syncid"] = "";
}
$newfiles = array();
if (is_array($ccp["file_fields"]) and count($ccp["file_fields"]) > 0) {
foreach ($ccp["file_fields"] as $file_field) {
if (!empty($row[$file_field])) {
$data_files = explode("|", trim($row[$file_field], "|"));
$row[$file_field] = array();
foreach ($data_files as $file) {
if (!file_exists($file)) {
continue;
}
$target = self::_paste_item_copyfile($file, $row["id"], $tname);
$row[$file_field][] = $target;
$newfiles[] = $target;
}
$row[$file_field] = implode("|", $row[$file_field]);
}
}
}
if (!empty($sgsml->att["DISABLE_TRIGGER_CCP"])) {
unset($sgsml->att["TRIGGER_NEW"]);
}
$result = $sgsml->insert($row);
if (!is_numeric($result)) {
if (is_array($result) and count($result) > 0) {
$message = "{t}Error pasting asset{/t}:";
foreach ($result as $field => $errors) {
foreach ($errors as $error) {
$message .= "\n" . $error[0] . ": " . $error[1];
}
}
} else {
$message = $result;
}
$messages[] = $message;
} else {
if ($delete) {
asset::delete_items($ccp["folder"], "display", array($id), $ccp["delete_mode"]);
}
sys_log_stat("copied_records", 1);
}
foreach ($newfiles as $file) {
if (sys_strbegins($file, SIMPLE_CACHE . "/upload/")) {
@unlink($file);
}
}
}
return $messages;
}
private static function _createlocation($name)
{
$row_id = db_select_value("simple_locations", "id", "locationname=@name@", array("name" => $name));
$folder = folder_from_path("^locations");
if (empty($row_id) and !empty($folder)) {
$id = sql_genID("simple_locations") * 100;
$data = array("id" => $id, "locationname" => $name, "folder" => $folder);
$error_sql = db_insert("simple_locations", $data);
if ($error_sql == "") {
db_update_treesize("simple_locations", $folder);
db_search_update("simple_locations", $id, array(), array("locationname" => "text"));
sys_log_stat("new_records", 1);
} else {
return $error_sql;
}
}
return "";
}
private function _save(array &$data, $id = -1)
{
$insert = ($id > 0 or !is_numeric($id)) ? false : true;
if (count($data) == 0) {
return array();
}
if (!empty($this->att["DEFAULT_SQL"]) and $this->att["DEFAULT_SQL"] == "no_select") {
return self::_error("{t}Module{/t}", "{t}Access denied.{/t}");
}
if (!empty($data["folder"])) {
// check permissions
if (!db_get_right($data["folder"], "write", $this->view)) {
return self::_error("{t}Folder{/t}", "{t}Access denied.{/t}", "folder");
}
$this->folder = $data["folder"];
} else {
$data["folder"] = $this->folder;
}
// fill data array
list($rdata, $data_row, $error) = $this->_complete_data($data, $id);
if ($error) {
return $error;
}
// validate
if ($result = $this->_validate($rdata, $id)) {
return $result;
}
if ($insert) {
$id = sql_genID($this->tname) * 100;
$sql_data = array("id" => $id, "dsize" => 0, "history" => sprintf("{t}Item created by %s at %s{/t}\n", $_SESSION["username"], sys_date("{t}m/d/y g:i:s a{/t}")));
} else {
$sql_data = array("dsize" => 0, "history" => sprintf("{t}Item edited (%s) by %s at %s{/t}\n", "@fields@", $_SESSION["username"], sys_date("{t}m/d/y g:i:s a{/t}")));
}
// count sizes, move files to store, delete old files
foreach ($this->current_fields as $field_name => $field) {
if ($field["SIMPLE_TYPE"] == "id") {
continue;
}
if ($field["SIMPLE_TYPE"] == "files" and !empty($rdata[$field_name])) {
foreach ($rdata[$field_name] as $val) {
if (file_exists($val)) {
$sql_data["dsize"] += filesize($val);
}
}
// TODO 2 store handler?
if (!empty($data_row[$field_name])) {
$data_old = explode("|", trim($data_row[$field_name], "|"));
foreach ($data_old as $filekey => $file) {
if (in_array($file, $rdata[$field_name])) {
continue;
}
if (ARCHIVE_DELETED_FILES and file_exists($file)) {
$i = 1;
$m = "";
$trash_name = SIMPLE_STORE . "/trash/" . $this->folder . "_" . $id . "_";
$trash_file = modify::basename($file);
while (file_exists($trash_name . $m . $trash_file)) {
$m = $i++ . "_";
}
rename($file, $trash_name . $m . $trash_file);
touch($trash_name . $m . $trash_file);
} else {
@unlink($file);
}
}
}
foreach ($rdata[$field_name] as $filekey => $file) {
if ($file == "") {
unset($rdata[$field_name][$filekey]);
$data[$field_name] = implode("|", $rdata[$field_name]);
continue;
}
if (file_exists(SIMPLE_CACHE . "/upload/" . basename($file))) {
$filebase = modify::basename(basename($file));
list($target, $filename) = sys_build_filename($filebase, $this->tname);
dirs_checkdir($target);
$target .= sys_get_pathnum($id) . "/";
dirs_checkdir($target);
$target .= md5($id) . $filename;
rename(SIMPLE_CACHE . "/upload/" . basename($file), $target);
$rdata[$field_name][$filekey] = $target;
$data[$field_name] = implode("|", $rdata[$field_name]);
}
}
$basenames = array();
foreach (array_reverse($rdata[$field_name]) as $filekey => $file) {
$basename = modify::basename($file);
if (isset($basenames[$basename])) {
$old_filekey = $basenames[$basename];
$basename = preg_replace("|_rev\\d+|", "", $basename);
$base = $basename;
$i = 1;
while (isset($basenames[$basename])) {
if ($pos = strrpos($base, ".")) {
$basename = substr($base, 0, $pos) . "_rev" . $i++ . substr($base, $pos);
} else {
$basename = $base . "_rev" . $i++;
}
}
$target = str_replace(modify::basename($file), $basename, $file);
if (rename($file, $target)) {
// swap
$rdata[$field_name][$filekey] = $rdata[$field_name][$old_filekey];
$rdata[$field_name][$old_filekey] = $target;
$data[$field_name] = implode("|", $rdata[$field_name]);
}
}
$basenames[$basename] = $filekey;
}
}
if (!empty($field["STORE"]) and is_array($field["STORE"])) {
foreach ($field["STORE"] as $store) {
list($class, $function, $params) = sys_find_callback("modify", $store["FUNCTION"]);
$rdata[$field_name] = call_user_func(array($class, $function), $rdata[$field_name], $rdata, $params);
}
}
if (!isset($sql_data[$field_name]) and !is_null($rdata[$field_name])) {
$sql_data[$field_name] = $rdata[$field_name];
}
}
// transform
foreach ($sql_data as $key => $value) {
$sql_data[$key] = self::scalarize($value, $this->fields[$key]);
}
// reduce to new values
$sys_fields = array("history" => "", "dsize" => "", "seen" => "");
foreach ($sql_data as $data_key => $data_value) {
if (isset($sys_fields[$data_key])) {
continue;
}
$addfield = true;
$field = $this->fields[$data_key];
if (!isset($this->current_fields[$data_key])) {
$addfield = false;
}
if (isset($field["NOTINALL"])) {
$addfield = false;
}
if (isset($field["NOTIN"]) and in_array($this->view, $field["NOTIN"])) {
$addfield = false;
}
if (isset($field["READONLYIN"]) and (in_array($this->view, $field["READONLYIN"]) or in_array("all", $field["READONLYIN"]))) {
$addfield = false;
}
if (isset($field["ONLYIN"])) {
if (in_array($this->view, $field["ONLYIN"])) {
$addfield = true;
} else {
$addfield = false;
}
}
if (!$addfield) {
unset($sql_data[$data_key]);
}
}
// build history
$sql_data = $this->build_history($sql_data, $data_row);
if (!array_diff(array_keys($sql_data), array("history", "seen"))) {
$sql_data = array();
}
// save in db
if ($insert) {
$error_sql = db_insert($this->tname, $sql_data, array("handler" => $this->handler));
if ($error_sql != "") {
return self::_error("{t}SQL failed.{/t}", $error_sql);
}
if ($this->notification) {
sys_notification("{t}Item successfully created.{/t} (" . $id . ")");
}
} else {
if (count($sql_data) == 0) {
return $id;
}
$error_sql = db_update($this->tname, $sql_data, array("id=@id@"), array("id" => $id, "folder" => $this->folder), array("handler" => $this->handler));
if ($error_sql != "") {
return self::_error("{t}SQL failed.{/t}", $error_sql);
}
if ($this->notification) {
sys_notification("{t}Item successfully updated.{/t} (" . (is_numeric($id) ? $id : 1) . ")");
}
}
if (empty($this->handler)) {
db_update("simple_sys_tree", array("history" => "[" . $id . "/details] " . $sql_data["history"]), array("id=@id@"), array("id" => $this->folder));
db_update_treesize($this->tname, $this->folder);
if (!$insert and $this->folder != $data_row["folder"]) {
db_update("simple_sys_tree", array("history" => "[" . $id . "/details] " . $sql_data["history"]), array("id=@id@"), array("id" => $data_row["folder"]));
db_update_treesize($this->tname, $data_row["folder"]);
db_search_delete($this->tname, $id, $data_row["folder"]);
}
if (empty($this->att["NO_SEARCH_INDEX"])) {
db_search_update($this->tname, $id, $this->fields);
}
sys_log_stat($insert ? "new_records" : "changed_records", 1);
}
// call triggers
$trigger = "";
if ($insert and !empty($this->att["TRIGGER_NEW"])) {
$trigger = $this->att["TRIGGER_NEW"];
}
if (!$insert and !empty($this->att["TRIGGER_EDIT"])) {
$trigger = $this->att["TRIGGER_EDIT"];
}
if ($trigger and $result = asset_process_trigger($trigger, $id, $rdata, $this->tname)) {
return self::_error("{t}Trigger failed{/t}", $result);
}
// send notification
$tree_notification = db_select_value("simple_sys_tree", "notification", "id=@id@", array("id" => $this->folder));
if ($tree_notification != "") {
$rdata["notification"] .= "," . $tree_notification;
}
if (!$insert and $this->folder != $data_row["folder"]) {
$tree_notification = db_select_value("simple_sys_tree", "notification", "id=@id@", array("id" => $data_row["folder"]));
if ($tree_notification != "") {
$rdata["notification"] .= "," . $tree_notification;
}
}
if (!empty($rdata["notification"])) {
$rdata["notification"] = trim($rdata["notification"], ",");
$smtp_data = asset::build_notification($this->att["NAME"], $this->current_fields, $rdata, $sql_data, $id, $data_row);
if ($result = asset_process_trigger("sendmail", $id, $smtp_data)) {
return self::_error("{t}Trigger failed{/t}", $result);
}
}
// update stats
if (!empty($this->handler)) {
foreach ($sql_data as $data_key => $data_value) {
$field = $this->fields[$data_key];
if ($field["SIMPLE_TYPE"] != "files") {
continue;
}
foreach (explode("|", $data_value) as $file) {
if (sys_strbegins($file, SIMPLE_CACHE . "/upload/")) {
@unlink($file);
}
}
}
}
return $id;
}
function _upload_create_file($db_path, $target_lnk, $path, $filename)
{
list($id, $left, $unused) = _upload_process_folder_string($db_path . "/");
if ($left != 0 or $id == 0) {
sys_error("path not found", "409 Conflict");
}
$ftype = db_select_value("simple_sys_tree", "ftype", "id=@id@", array("id" => $id));
if (db_get_right($id, "write") and !empty($ftype) and $ftype == "files") {
list($target, $a_filename) = sys_build_filename($filename, "simple_files");
dirs_checkdir($target);
$target .= sys_get_pathnum($id) . "/";
dirs_checkdir($target);
$target .= md5($id) . $a_filename;
if ($fp = fopen("php://input", "r") and $ft = fopen($target, "wb")) {
while (!feof($fp)) {
fwrite($ft, fread($fp, 8192));
}
fclose($fp);
fclose($ft);
$a_id = sql_genID("simple_files") * 100;
$data = array("id" => $a_id, "folder" => $id, "dsize" => filesize($target), "filedata" => "|" . $target . "|", "filename" => $filename, "rread_users" => "|anonymous|", "rwrite_users" => "|anonymous|", "history" => t("{t}Item created by %s at %s{/t}", $_SESSION["username"], sys_date(t("{t}m/d/y g:i:s a{/t}"))) . "\n");
$error_sql = db_insert("simple_files", $data);
if ($error_sql == "") {
db_update_treesize("simple_files", $id);
$fields = array("filename" => "text", "filedata" => "files", "folder" => "id", "id" => "id");
db_search_update("simple_files", $a_id, array(), $fields);
sys_log_stat("new_records", 1);
file_put_contents($target_lnk, $path . "/" . $a_id . "_0__" . $filename . "\n" . $target, LOCK_EX);
_upload_success();
}
}
}
sys_error("cant write new", "403 Forbidden");
}