/**
* Determine if uploaded file exceeds space quota.
*
* @since 3.0.0
*
* @param array $file $_FILES array for a given file.
* @return array $_FILES array with 'error' key set if file exceeds quota. 'error' is empty otherwise.
*/
function check_upload_size( $file ) {
if ( get_site_option( 'upload_space_check_disabled' ) )
return $file;
if ( $file['error'] != '0' ) // there's already an error
return $file;
if ( defined( 'WP_IMPORTING' ) )
return $file;
$space_allowed = 1048576 * get_space_allowed();
$space_used = get_dirsize( BLOGUPLOADDIR );
$space_left = $space_allowed - $space_used;
$file_size = filesize( $file['tmp_name'] );
if ( $space_left < $file_size )
$file['error'] = sprintf( __( 'Not enough space to upload. %1$s KB needed.' ), number_format( ($file_size - $space_left) /1024 ) );
if ( $file_size > ( 1024 * get_site_option( 'fileupload_maxk', 1500 ) ) )
$file['error'] = sprintf(__('This file is too big. Files must be less than %1$s KB in size.'), get_site_option( 'fileupload_maxk', 1500 ) );
if ( upload_is_user_over_quota( false ) ) {
$file['error'] = __( 'You have used your space quota. Please delete files before uploading.' );
}
if ( $file['error'] != '0' && !isset($_POST['html-upload']) )
wp_die( $file['error'] . ' <a href="javascript:history.go(-1)">' . __( 'Back' ) . '</a>' );
return $file;
}
/**
* Check the Quota under WPMU. Only needed for this case
*
* @class nggWPMU
* @return bool $result
*/
function check_quota()
{
if (get_site_option('upload_space_check_disabled')) {
return false;
}
if (is_multisite() && nggWPMU::wpmu_enable_function('wpmuQuotaCheck')) {
if ($error = upload_is_user_over_quota(false)) {
nggGallery::show_error(__('Sorry, you have used your space allocation. Please delete some files to upload more files.', 'nggallery'));
return true;
}
}
return false;
}
function check_upload_size($file)
{
if ($file['error'] != '0') {
// there's already an error
return $file;
}
$space_allowed = 1048576 * get_space_allowed();
$space_used = get_dirsize(constant("ABSPATH") . constant("UPLOADS"));
$space_left = $space_allowed - $space_used;
$file_size = filesize($file['tmp_name']);
if ($space_left < $file_size) {
$file['error'] = sprintf(__('Not enough space to upload. %1$sKb needed.'), number_format(($file_size - $space_left) / 1024));
}
if ($file_size > 1024 * get_site_option('fileupload_maxk', 1500)) {
$file['error'] = sprintf(__('This file is too big. Files must be less than %1$s Kb in size.'), get_site_option('fileupload_maxk', 1500));
}
if (upload_is_user_over_quota(false)) {
$file['error'] = __('You have used your space quota. Please delete files before uploading.');
}
if ($file['error'] != '0') {
wp_die($file['error'] . ' <a href="javascript:history.go(-1)">' . __('Back') . '</a>');
}
return $file;
}
/**
* Get the remaining upload space for this blog.
*
* @since MU
* @uses upload_is_user_over_quota()
* @uses get_space_allowed()
* @uses get_dirsize()
*
* @param int $size
* @return int
*/
function fix_import_form_size( $size ) {
if ( upload_is_user_over_quota( false ) == true )
return 0;
$spaceAllowed = 1024 * 1024 * get_space_allowed();
$dirsize = get_dirsize( BLOGUPLOADDIR );
if ( $size > $spaceAllowed - $dirsize )
return $spaceAllowed - $dirsize; // remaining space
else
return $size; // default
}
/**
* Get the remaining upload space for this blog.
*
* @since MU
* @uses upload_is_user_over_quota()
* @uses get_space_allowed()
* @uses get_dirsize()
*
* @param int $size
* @return int
*/
function fix_import_form_size($size)
{
if (upload_is_user_over_quota(false) == true) {
return 0;
}
$spaceAllowed = 1024 * 1024 * get_space_allowed();
$dirName = BLOGUPLOADDIR;
$dirsize = get_dirsize($dirName);
if ($size > $spaceAllowed - $dirsize) {
return $spaceAllowed - $dirsize;
} else {
return $size;
}
// default
}
/**
* Check if user has exceeded disk quota
*
* @return bool
*/
function is_user_over_quota()
{
global $current_user, $current_blog;
if (function_exists('upload_is_user_over_quota')) {
if (upload_is_user_over_quota(1)) {
echo "Sorry, you have used your upload quota.\n";
return true;
}
}
return false;
}
/**
* @ticket 18119
*/
function test_upload_is_user_over_quota() {
$default_space_allowed = 100;
$echo = false;
$this->assertFalse( upload_is_user_over_quota( $echo ) );
$this->assertTrue( is_upload_space_available() );
update_site_option('upload_space_check_disabled', true);
$this->assertFalse( upload_is_user_over_quota( $echo ) );
$this->assertTrue( is_upload_space_available() );
update_site_option( 'blog_upload_space', 0 );
$this->assertFalse( upload_is_user_over_quota( $echo ) );
$this->assertEquals( $default_space_allowed, get_space_allowed() );
$this->assertTrue( is_upload_space_available() );
update_site_option('upload_space_check_disabled', false);
$this->assertFalse( upload_is_user_over_quota( $echo ) );
$this->assertTrue( is_upload_space_available() );
if ( defined( 'BLOGSUPLOADDIR' ) && ! file_exists( BLOGSUPLOADDIR ) )
$this->markTestSkipped( 'This test is broken when blogs.dir does not exist. ');
/*
This is broken when blogs.dir does not exist, as get_upload_space_available()
simply returns the value of blog_upload_space (converted to bytes), which would
be negative but still not false. When blogs.dir does exist, < 0 is returned as 0.
*/
update_site_option( 'blog_upload_space', -1 );
$this->assertTrue( upload_is_user_over_quota( $echo ) );
$this->assertEquals( -1, get_space_allowed() );
$this->assertFalse( is_upload_space_available() );
update_option( 'blog_upload_space', 0 );
$this->assertFalse( upload_is_user_over_quota( $echo ) );
$this->assertEquals( $default_space_allowed, get_space_allowed() );
$this->assertTrue( is_upload_space_available() );
update_option( 'blog_upload_space', -1 );
$this->assertTrue( upload_is_user_over_quota( $echo ) );
$this->assertEquals( -1, get_space_allowed() );
$this->assertFalse( is_upload_space_available() );
}
/**
* Uploads a file, following your settings.
*
* Adapted from a patch by Johann Richard.
*
* @link http://mycvs.org/archives/2004/06/30/file-upload-to-wordpress-in-ecto/
*
* @since 1.5.0
*
* @global wpdb $wpdb
*
* @param array $args {
* Method arguments. Note: arguments must be ordered as documented.
*
* @type int $blog_id (unused)
* @type string $username
* @type string $password
* @type array $data
* }
* @return array|IXR_Error
*/
public function mw_newMediaObject($args)
{
global $wpdb;
$username = $this->escape($args[1]);
$password = $this->escape($args[2]);
$data = $args[3];
$name = sanitize_file_name($data['name']);
$type = $data['type'];
$bits = $data['bits'];
if (!($user = $this->login($username, $password))) {
return $this->error;
}
/** This action is documented in wp-includes/class-wp-xmlrpc-server.php */
do_action('xmlrpc_call', 'metaWeblog.newMediaObject');
if (!current_user_can('upload_files')) {
$this->error = new IXR_Error(401, __('You do not have permission to upload files.'));
return $this->error;
}
if (is_multisite() && upload_is_user_over_quota(false)) {
$this->error = new IXR_Error(401, __('Sorry, you have used your space allocation.'));
return $this->error;
}
/**
* Filter whether to preempt the XML-RPC media upload.
*
* Passing a truthy value will effectively short-circuit the media upload,
* returning that value as a 500 error instead.
*
* @since 2.1.0
*
* @param bool $error Whether to pre-empt the media upload. Default false.
*/
if ($upload_err = apply_filters('pre_upload_error', false)) {
return new IXR_Error(500, $upload_err);
}
$upload = wp_upload_bits($name, null, $bits);
if (!empty($upload['error'])) {
$errorString = sprintf(__('Could not write file %1$s (%2$s)'), $name, $upload['error']);
return new IXR_Error(500, $errorString);
}
// Construct the attachment array
$post_id = 0;
if (!empty($data['post_id'])) {
$post_id = (int) $data['post_id'];
if (!current_user_can('edit_post', $post_id)) {
return new IXR_Error(401, __('Sorry, you cannot edit this post.'));
}
}
$attachment = array('post_title' => $name, 'post_content' => '', 'post_type' => 'attachment', 'post_parent' => $post_id, 'post_mime_type' => $type, 'guid' => $upload['url']);
// Save the data
$id = wp_insert_attachment($attachment, $upload['file'], $post_id);
wp_update_attachment_metadata($id, wp_generate_attachment_metadata($id, $upload['file']));
/**
* Fires after a new attachment has been added via the XML-RPC MovableType API.
*
* @since 3.4.0
*
* @param int $id ID of the new attachment.
* @param array $args An array of arguments to add the attachment.
*/
do_action('xmlrpc_call_success_mw_newMediaObject', $id, $args);
$struct = $this->_prepare_media_item(get_post($id));
// Deprecated values
$struct['id'] = $struct['attachment_id'];
$struct['file'] = $struct['title'];
$struct['url'] = $struct['link'];
return $struct;
}
/**
* Get the remaining upload space for this site.
*
* @since MU
*
* @param int $size Current max size in bytes
* @return int Max size in bytes
*/
function fix_import_form_size($size)
{
if (upload_is_user_over_quota(false)) {
return 0;
}
$available = get_upload_space_available();
return min($size, $available);
}
/**
* Check if user has exceeded disk quota
*
* @return bool
*/
public function is_user_over_quota()
{
if (function_exists('upload_is_user_over_quota')) {
if (upload_is_user_over_quota()) {
return true;
}
}
return false;
}
/**
* Uploads base64 file to a gallery
* @param int|stdClass|C_Gallery $gallery
* @param $data base64-encoded string of data representing the image
* @param type $filename specifies the name of the file
* @return C_Image
*/
function upload_base64_image($gallery, $data, $filename = FALSE)
{
$settings = C_NextGen_Settings::get_instance();
$memory_limit = intval(ini_get('memory_limit'));
if ($memory_limit < 256) {
@ini_set('memory_limit', '256M');
}
$retval = NULL;
if ($gallery_id = $this->object->_get_gallery_id($gallery)) {
// Ensure that there is capacity available
require_once ABSPATH . 'wp-admin/includes/ms.php';
if (is_multisite() && nggWPMU::wpmu_enable_function('wpmuQuotaCheck')) {
if (upload_is_user_over_quota(FALSE)) {
throw new E_NoSpaceAvailableException();
}
}
// Get path information. The use of get_upload_abspath() might
// not be the best for some drivers. For example, if using the
// WordPress Media Library for uploading, then the wp_upload_bits()
// function should perhaps be used
$upload_dir = $this->object->get_upload_abspath($gallery);
// Perhaps a filename was given instead of base64 data?
if ($data[0] == '/' && @file_exists($data)) {
if (!$filename) {
$filename = basename($data);
}
$data = file_get_contents($data);
}
// Determine filenames
$filename = $filename ? sanitize_title_with_dashes($filename) : uniqid('nextgen-gallery');
if (preg_match("/\\-(png|jpg|gif|jpeg)\$/i", $filename, $match)) {
$filename = str_replace($match[0], '.' . $match[1], $filename);
}
$abs_filename = path_join($upload_dir, $filename);
// Create the database record
$factory = $this->object->get_registry()->get_utility('I_Component_Factory');
$retval = $image = $factory->create('image');
$image->alttext = sanitize_title_with_dashes(basename($filename, '.' . pathinfo($filename, PATHINFO_EXTENSION)));
$image->galleryid = $this->object->_get_gallery_id($gallery);
$image->filename = $filename;
$image_key = $this->object->_image_mapper->get_primary_key_column();
// If we can't write to the directory, then there's no point in continuing
if (!@file_exists($upload_dir)) {
@wp_mkdir_p($upload_dir);
}
if (!is_writable($upload_dir)) {
throw new E_InsufficientWriteAccessException(FALSE, $upload_dir, FALSE);
}
// Save the image
if ($image_id = $this->object->_image_mapper->save($image)) {
try {
// Try writing the image
if (!@file_exists($upload_dir)) {
wp_mkdir_p($upload_dir);
}
$fp = fopen($abs_filename, 'w');
fwrite($fp, $data);
fclose($fp);
if ($settings->imgBackup) {
$this->object->backup_image($image);
}
if ($settings->imgAutoResize) {
$this->object->generate_image_clone($abs_filename, $abs_filename, $this->object->get_image_size_params($image_id, 'full'));
}
// Ensure that fullsize dimensions are added to metadata array
$dimensions = getimagesize($abs_filename);
$full_meta = array('width' => $dimensions[0], 'height' => $dimensions[1]);
if (!isset($image->meta_data) or is_string($image->meta_data) && strlen($image->meta_data) == 0) {
$image->meta_data = array();
}
$image->meta_data = array_merge($image->meta_data, $full_meta);
$image->meta_data['full'] = $full_meta;
// Generate a thumbnail for the image
$this->object->generate_thumbnail($image);
// Set gallery preview image if missing
$this->object->get_registry()->get_utility('I_Gallery_Mapper')->set_preview_image($gallery, $image_id, TRUE);
// Notify other plugins that an image has been added
do_action('ngg_added_new_image', $image);
// delete dirsize after adding new images
delete_transient('dirsize_cache');
// Seems redundant to above hook. Maintaining for legacy purposes
do_action('ngg_after_new_images_added', $gallery_id, array($image->{$image_key}));
} catch (Exception $ex) {
throw new E_InsufficientWriteAccessException(FALSE, $abs_filename, FALSE, $ex);
}
} else {
throw new E_InvalidEntityException();
}
} else {
throw new E_EntityNotFoundException();
}
@ini_set('memory_limit', $memory_limit . 'M');
return $retval;
}
/**
* Check the Quota under WPMU. Only needed for this case
*
* @class flagAdmin
* @return bool $result
*/
function check_quota()
{
if (IS_WPMU && flagGallery::flag_wpmu_enable_function('wpmuQuotaCheck')) {
if ($error = upload_is_user_over_quota(false)) {
flagGallery::show_error(__('Sorry, you have used your space allocation. Please delete some files to upload more files.', 'flag'));
return true;
}
}
return false;
}
/**
* When the upload space check is disabled, using more than the available
* quota is allowed.
*/
public function test_upload_is_user_over_check_disabled()
{
update_site_option('upload_space_check_disabled', true);
add_filter('get_space_allowed', array($this, '_filter_space_100'));
add_filter('pre_get_space_used', array($this, '_filter_space_200'));
$result = upload_is_user_over_quota(false);
remove_filter('get_space_allowed', array($this, '_filter_space_100'));
remove_filter('pre_get_space_used', array($this, '_filter_space_200'));
$this->assertFalse($result);
}
/**
* Check if user has exceeded disk quota
*
* @return bool
*/
public function is_user_over_quota()
{
if (function_exists('upload_is_user_over_quota')) {
if (upload_is_user_over_quota()) {
echo "Sorry, you have used your upload quota.\n";
return true;
}
}
return false;
}
function test_upload_is_user_over_quota_upload_space_negative() {
update_site_option( 'upload_space_check_disabled', false );
update_site_option( 'blog_upload_space', -1 );
$this->assertTrue( upload_is_user_over_quota( false ) );
}
public function is_current_user_over_quota()
{
$retval = FALSE;
$settings = C_NextGen_Settings::get_instance();
if (is_multisite() && $settings->get('wpmuQuotaCheck')) {
require_once ABSPATH . 'wp-admin/includes/ms.php';
$retval = upload_is_user_over_quota(FALSE);
}
return $retval;
}
function fix_import_form_size($size)
{
if (upload_is_user_over_quota(false) == true) {
return 0;
}
$spaceAllowed = 1024 * 1024 * get_space_allowed();
$dirName = constant("ABSPATH") . constant("UPLOADS");
$dirsize = get_dirsize($dirName);
if ($size > $spaceAllowed - $dirsize) {
return $spaceAllowed - $dirsize;
// remaining space
} else {
return $size;
// default
}
}
/**
* Copies (or moves) images into another gallery
*
* @param array $images
* @param int|object $gallery
* @param boolean $db optionally only copy the image files
* @param boolean $move move the image instead of copying
* @return mixed NULL on failure, array|image-ids on success
*/
function copy_images($images, $gallery, $db = TRUE, $move = FALSE)
{
// return values
$message = '';
$new_image_pids = array();
$settings = C_NextGen_Settings::get_instance();
$fs = $this->get_registry()->get_utility('I_Fs');
// move_images() is a wrapper to this function so we implement both features here
$func = $move ? 'rename' : 'copy';
// ngg-legacy allows for arrays of just the ID
if (!is_array($images)) {
$images = array($images);
}
// Ensure we have a valid gallery
$gallery_id = $this->object->_get_gallery_id($gallery);
if (!$gallery_id) {
return;
}
$image_key = $this->object->_image_mapper->get_primary_key_column();
// Check for folder permission
if (!is_dir($gallery->path) && !wp_mkdir_p($gallery->path)) {
$message .= sprintf(__('Unable to create directory %s.', 'nggallery'), esc_html(WINABSPATH . $gallery->path));
return;
}
if (!is_writable(WINABSPATH . $gallery->path)) {
$message .= sprintf(__('Unable to write to directory %s. Is this directory writable by the server?', 'nggallery'), esc_html(WINABSPATH . $gallery->path));
return;
}
foreach ($images as $image) {
// Ensure that there is capacity available
if (is_multisite() && $settings->get('wpmuQuotaCheck')) {
if (upload_is_user_over_quota(FALSE)) {
$message .= sprintf(__('Sorry, you have used your space allocation. Please delete some files to upload more files.', 'nggallery'));
throw new E_NoSpaceAvailableException();
}
}
// Copy the db entry
if (is_numeric($image)) {
$image = $this->object->_image_mapper->find($image);
}
$old_pid = $image->{$image_key};
if ($db) {
$new_image = clone $image;
unset($new_image->{$image_key});
$new_image->galleryid = $gallery_id;
$new_pid = $this->object->_image_mapper->save($new_image);
$new_image = $this->object->_image_mapper->find($new_image);
} else {
$new_pid = $old_pid;
}
if (!$new_pid) {
$message .= sprintf(__('Failed to copy database row for picture %s', 'nggallery'), $old_pid) . '<br />';
continue;
}
$new_image_pids[] = $new_pid;
// Copy each image size
foreach ($this->object->get_image_sizes() as $size) {
$orig_path = $this->object->get_image_abspath($image, $size, TRUE);
if (!$orig_path) {
$message .= sprintf(__('Failed to get image path for %s', 'nggallery'), esc_html($image->filename)) . '<br/>';
continue;
}
$new_path = basename($orig_path);
$prefix = '';
$prefix_count = 0;
while (@file_exists($gallery->path . DIRECTORY_SEPARATOR . $new_path)) {
$prefix = 'copy_' . $prefix_count++ . '_';
$new_path = $prefix . $new_path;
}
$new_path = $fs->join_paths($gallery->path, $new_path);
// Copy files
if (!@$func($orig_path, $new_path)) {
$message .= sprintf(__('Failed to copy image %1$s to %2$s', 'nggallery'), esc_html($orig_path), esc_html($new_path)) . '<br/>';
continue;
} else {
$message .= sprintf(__('Copied image %1$s to %2$s', 'nggallery'), esc_html($orig_path), esc_html($new_path)) . '<br/>';
}
// Copy backup file, if possible
@$func($orig_path . '_backup', $new_path . '_backup');
if ($prefix != '') {
$message .= sprintf(__('Image %1$s (%2$s) copied as image %3$s (%4$s) » The file already existed in the destination gallery.', 'nggallery'), $old_pid, esc_html($orig_path), $new_pid, esc_html($new_path)) . '<br />';
} else {
$message .= sprintf(__('Image %1$s (%2$s) copied as image %3$s (%4$s)', 'nggallery'), $old_pid, esc_html($orig_path), $new_pid, esc_html($new_path)) . '<br />';
}
// Copy tags
if ($db) {
$tags = wp_get_object_terms($old_pid, 'ngg_tag', 'fields=ids');
$tags = array_map('intval', $tags);
wp_set_object_terms($new_pid, $tags, 'ngg_tag', true);
}
}
}
$message .= '<hr />' . sprintf(__('Copied %1$s picture(s) to gallery %2$s .', 'nggallery'), count($new_image_pids), $gallery->title);
return $new_image_pids;
}
