/**
* detects MIME type of a file. Includes workarounds for buggy detection
*
* @param string $path path to file
* @return string the MIME type
*/
protected function fileMime($path, $restrictHtml = false)
{
if (file_exists($path)) {
$mime = FileMime::mime($path);
} else {
$mime = false;
}
if (!$mime || $mime == "application/msword") {
$mime = "application/octet-stream";
}
if ($restrictHtml && preg_match(self::$HTML_MIME_TYPES, $mime)) {
$mime = self::$HTML_SERVE_AS;
}
return $mime;
}
public function uploadAvatarUriEvent($runData)
{
$pl = $runData->getParameterList();
$uri = $pl->getParameterValue("uri");
if (preg_match("/^(http[s]?:\\/\\/)|(ftp:\\/\\/)[a-zA-Z0-9\\-]+\\/.*/", $uri) == 0) {
$runData->ajaxResponseAdd("status", "wrong_uri");
return;
}
$fileContent = file_get_contents($uri);
if (!$fileContent) {
$runData->ajaxResponseAdd("status", "fetch_failed");
return;
}
$dir = WIKIDOT_ROOT . '/web/files--common/tmp/avatars-upload';
$tmpname = tempnam($dir, "uriup");
file_put_contents($tmpname, $fileContent);
$fmime = FileMime::mime($tmpname);
if ($fmime != "image/png" && $fmime != "image/jpeg" && $fmime != "image/gif") {
$status = "wrong_mime";
$runData->ajaxResponseAdd("status", $status);
$runData->ajaxResponseAdd("mime", $fmime);
return;
}
$size = getimagesize($tmpname);
if ($size == false) {
$status = "not_image";
$runData->ajaxResponseAdd("status", $status);
return;
}
if ($size[0] < 16 || $size[1] < 16) {
$status = "too_small";
$runData->contextAdd("status", $status);
return;
}
$im48fn = tempnam($dir, "av") . ".png";
$im16fn = tempnam($dir, "av") . ".png";
if ($size[0] != 100 && $size[1] != 100) {
// need to resize...
$w = $size[0];
$h = $size[1];
$r = $h / $w;
$cmd = "convert -resize '100x100>' " . escapeshellarg($tmpname) . " " . escapeshellarg($im48fn);
exec($cmd, $out);
$runData->contextAdd("originalSize", $size);
$runData->contextAdd("resized", true);
} else {
$cmd = "convert " . escapeshellarg($tmpname) . " " . escapeshellarg($im48fn);
exec($cmd);
}
$cmd = "convert -resize 16x16! -unsharp 0x1.0+1.0+0.10 " . escapeshellarg($im48fn) . " " . escapeshellarg($im16fn);
exec($cmd);
$runData->ajaxResponseAdd("im48", basename($im48fn));
$runData->ajaxResponseAdd("im16", basename($im16fn));
}
public function uploadFileEvent($runData)
{
try {
// the event method will not use OZONE functionality for file processing but
// rather a low-level approach.
$status = "ok";
// status variable that will be passed to template
$pl = $runData->getParameterList();
$site = $runData->getTemp("site");
$pageId = $pl->getParameterValue("page_id");
$page = DB_PagePeer::instance()->selectByPrimaryKey($pageId);
if ($page == null || $page->getSiteId() != $site->getSiteId()) {
$status = "error";
$runData->contextAdd("status", $status);
$runData->contextAdd("message", _("Page does not exist???"));
return;
}
$category = $page->getCategory();
// now check for permissions!!!
$user = $runData->getUser();
WDPermissionManager::instance()->hasPagePermission('attach_file', $user, $category, $page);
$userId = $runData->getUserId();
if ($userId == null) {
$userString = $runData->createIpString();
}
$file = $_FILES['userfile'];
$comments = trim($pl->getParameterValue("comments"));
$comments = substr($comments, 0, 110);
if ($file['error'] === 2 || $file['error'] === 1) {
$status = "size_error";
$runData->contextAdd("status", $file['error']);
$runData->contextAdd("message", _("Error uploading file - file size exceeds limit."));
return;
}
if ($file['error'] === 3) {
$status = "partial_error";
$runData->contextAdd("status", $file['error']);
$runData->contextAdd("message", _("Error uploading file - file only partially uploaded."));
return;
}
if ($file['error'] == 4) {
$status = "no_file";
$runData->contextAdd("status", $file['error']);
$runData->contextAdd("message", _("Error uploading file - no file uploaded."));
return;
}
if ($file['error'] != 0) {
$status = "other_error";
$runData->contextAdd("status", $file['error']);
$runData->contextAdd("message", _("Error uploading file - no file uploaded."));
return;
}
if ($file['size'] == 0) {
$status = "zero_size";
$runData->contextAdd("status", $status);
$runData->contextAdd("message", _("Error uploading file - the file has 0 bytes size."));
return;
}
if (!is_uploaded_file($file['tmp_name'])) {
$status = "invalid_file";
$runData->contextAdd("status", $status);
$runData->contextAdd("message", _("Error uploading file - invalid file."));
return;
}
$totalSize = FileHelper::totalSiteFilesSize($site->getSiteId());
$allowed = $site->getSettings()->getFileStorageSize();
$maxUpload = min($allowed - $totalSize, $site->getSettings()->getMaxUploadFileSize());
if ($file['size'] > $maxUpload) {
$status = "too_big";
$runData->contextAdd("status", $status);
$runData->contextAdd("message", _("Error uploading file - file size exceeds limit."));
return;
}
// check if destination file exists!
$destinationFilename = $pl->getParameterValue("dfilename");
if ($destinationFilename === "" || $destinationFilename == null) {
// use the original name
$destinationFilename = $file['name'];
}
$c = new Criteria();
$c->add("filename", $destinationFilename);
$c->add("site_id", $site->getSiteId());
$c->add("page_id", $pageId);
$conflictFiles = DB_FilePeer::instance()->select($c);
if (count($conflictFiles) > 0) {
// file already exists!!!
try {
WDPermissionManager::instance()->hasPagePermission('replace_file', $user, $category, $page);
$overwritePermission = true;
} catch (Exception $e) {
$overwritePermission = false;
}
if ($pl->getParameterValue("force") && $overwritePermission) {
DB_FilePeer::instance()->delete($c);
} else {
$status = "file_exists";
$runData->contextAdd("status", $status);
$runData->contextAdd("message", _("Error uploading file - file by that name already exists."));
return;
}
}
// determine mime type using file cmd
$fdesc = FileMime::description($file['tmp_name']);
$fmime = FileMime::mime($file['tmp_name']);
$uploadDir = $site->getLocalFilesPath() . "/files/" . $page->getUnixName();
mkdirfull($uploadDir);
$dest = $uploadDir . "/" . $destinationFilename;
move_uploaded_file($file['tmp_name'], $dest);
// check if image and resize
// DO NOT RUN identify ON ALL FILES!!!!!!!!!!!!
// OR limit the resources please
$cmd = 'identify ' . escapeshellarg($dest);
$res = exec_time($cmd, 8, $out);
if ($res) {
// is at least "imageable" - can have thumbnails
// resized images dir
$resizedDir = $site->getLocalFilesPath() . "/resized-images/" . $page->getUnixName() . '/' . $destinationFilename;
mkdirfull($resizedDir);
$hasResized = $this->resizeImages($resizedDir, $dest);
}
$db = Database::connection();
$db->begin();
// if successfull create new file object and insert into database.
$f = new DB_File();
$f->setPageId($pageId);
$f->setFilename($destinationFilename);
$f->setSize($file['size']);
$f->setDateAdded(new ODate());
if ($userId) {
$f->setUserId($userId);
} else {
$f->setUserId(0);
$f->setUserString($userString);
}
$f->setSiteId($site->getSiteId());
$f->setComment($comments);
$f->setMimetype($fmime);
$f->setDescription($fdesc);
$f->setHasResized($hasResized);
$sdesc = explode(",", $fdesc);
$sdesc = $sdesc[0];
$f->setDescriptionShort($sdesc);
$f->save();
// create a new revision
$revision = $page->getCurrentRevision();
$revision->setNew(true);
$revision->setRevisionId(null);
$revision->resetFlags();
$revision->setFlagFile(true);
$revision->setComments("Uploaded file \"{$destinationFilename}\".");
if ($userId) {
$revision->setUserId($userId);
$page->setLastEditUserId($userId);
} else {
$revision->setUserId(0);
$page->setLastEditUserId(0);
$revision->setUserString($userString);
$page->setLastEditUserString($userString);
}
$revision->setRevisionNumber($revision->getRevisionNumber() + 1);
$now = new ODate();
$revision->setDateLastEdited($now);
$revision->save();
$page->setRevisionId($revision->getRevisionId());
$page->setDateLastEdited($now);
$page->setRevisionNumber($revision->getRevisionNumber());
$page->save();
// in case there is a gallery plugin or an image pointing
// to the file - simpy recompile the page
$od = new Outdater();
$od->pageEvent('file_change', $page);
$db->commit();
$runData->contextAdd("status", "ok");
} catch (Exception $e) {
$status = "not_ok";
$runData->contextAdd("status", $status);
$runData->contextAdd("message", _("Error uploading file."));
$db->rollback();
}
}