Exemplo n.º 1
0
 /**
  * Process event registration
  *
  * @return     void
  */
 public function processTask()
 {
     // Get some needed info
     $offset = $this->offset;
     $year = $this->year;
     $month = $this->month;
     $day = $this->day;
     $option = $this->_option;
     // Incoming
     $id = Request::getInt('id', 0, 'post');
     // Ensure we have an ID
     if (!$id) {
         App::redirect(Route::url('index.php?option=' . $this->_option));
         return;
     }
     // Load event
     $event = new Event($this->database);
     $event->load($id);
     $this->event = $event;
     // Ensure we have an event
     if (!$event->title) {
         App::redirect(Route::url('index.php?option=' . $this->_option));
         return;
     }
     $auth = true;
     if ($this->config->getCfg('adminlevel')) {
         $auth = $this->_authorize();
     }
     $bits = explode('-', $event->publish_up);
     $eyear = $bits[0];
     $emonth = $bits[1];
     $edbits = explode(' ', $bits[2]);
     $eday = $edbits[0];
     $page = new Page($this->database);
     $page->alias = $this->_task;
     // Get the pages for this workshop
     $pages = $page->loadPages($event->id);
     // Set the page title
     Document::setTitle(Lang::txt(strtoupper($this->_name)) . ': ' . Lang::txt('EVENTS_REGISTER') . ': ' . stripslashes($event->title));
     // Set the pathway
     if (Pathway::count() <= 0) {
         Pathway::append(Lang::txt(strtoupper($this->_name)), 'index.php?option=' . $this->_option);
     }
     Pathway::append($eyear, 'index.php?option=' . $this->_option . '&year=' . $eyear);
     Pathway::append($emonth, 'index.php?option=' . $this->_option . '&year=' . $eyear . '&month=' . $emonth);
     Pathway::append($eday, 'index.php?option=' . $this->_option . '&year=' . $eyear . '&month=' . $emonth . '&day=' . $eday);
     Pathway::append(stripslashes($event->title), 'index.php?option=' . $this->_option . '&task=details&id=' . $event->id);
     Pathway::append(Lang::txt('EVENTS_REGISTER'), 'index.php?option=' . $this->_option . '&task=details&id=' . $event->id . '&page=register');
     // Incoming
     $register = Request::getVar('register', NULL, 'post');
     $arrival = Request::getVar('arrival', NULL, 'post');
     $departure = Request::getVar('departure', NULL, 'post');
     $dietary = Request::getVar('dietary', NULL, 'post');
     $bos = Request::getVar('bos', NULL, 'post');
     $dinner = Request::getVar('dinner', NULL, 'post');
     $disability = Request::getVar('disability', NULL, 'post');
     $race = Request::getVar('race', NULL, 'post');
     if ($register) {
         $register = array_map('trim', $register);
         $register = array_map(array('\\Hubzero\\Utility\\Sanitize', 'stripAll'), $register);
         $validemail = $this->_validEmail($register['email']);
     }
     if ($arrival) {
         $arrival = array_map('trim', $arrival);
         $arrival = array_map(array('\\Hubzero\\Utility\\Sanitize', 'stripAll'), $arrival);
     }
     if ($departure) {
         $departure = array_map('trim', $departure);
         $departure = array_map(array('\\Hubzero\\Utility\\Sanitize', 'stripAll'), $departure);
     }
     if ($dietary) {
         $dietary = array_map('trim', $dietary);
         $dietary = array_map(array('\\Hubzero\\Utility\\Sanitize', 'stripAll'), $dietary);
     }
     // check to make sure this is the only time registering
     if (Respondent::checkUniqueEmailForEvent($register['email'], $event->id) > 0) {
         $this->setError(Lang::txt('EVENTS_EVENT_REGISTRATION_PREVIOUS'));
         $validemail = 0;
     }
     if ($register['firstname'] && $register['lastname'] && $validemail == 1) {
         $email = $event->email;
         $subject = Lang::txt('EVENTS_EVENT_REGISTRATION') . ': ' . $event->title;
         $hub = array('email' => $register['email'], 'name' => Config::get('sitename') . ' ' . Lang::txt('EVENTS_EVENT_REGISTRATION'));
         $eview = new \Hubzero\Component\View(array('name' => 'register', 'layout' => 'email'));
         $eview->option = $this->_option;
         $eview->sitename = Config::get('sitename');
         $eview->register = $register;
         $eview->race = $race;
         $eview->dietary = $dietary;
         $eview->disability = $disability;
         $eview->arrival = $arrival;
         $eview->departure = $departure;
         $eview->dinner = $dinner;
         $eview->bos = $bos;
         $message = $eview->loadTemplate();
         $message = str_replace("\n", "\r\n", $message);
         // check to see if event manager email is configured
         if ($email != "" || $email != NULL || !isset($email)) {
             // one for the event manager
             $this->_sendEmail($hub, $email, $subject, $message);
         }
         // one for the attendee
         $this->_sendEmail($hub, $register['email'], $subject, $message);
         $this->_log($register);
         $this->view->setLayout('thanks');
     } else {
         $this->view->setLayout('default');
     }
     $this->view->setName('register');
     $this->view->state = 'open';
     $this->view->option = $this->_option;
     $this->view->title = Lang::txt(strtoupper($this->_name)) . ': ' . Lang::txt('EVENTS_REGISTER');
     $this->view->task = $this->_task;
     $this->view->year = $year;
     $this->view->month = $month;
     $this->view->day = $day;
     $this->view->offset = $offset;
     $this->view->event = $event;
     $this->view->authorized = $auth;
     $this->view->page = $page;
     $this->view->pages = $pages;
     $this->view->register = $register;
     $this->view->arrival = $arrival;
     $this->view->departure = $departure;
     if ($this->getError()) {
         $this->view->setError($this->getError());
     }
     $this->view->display();
 }
Exemplo n.º 2
0
 /**
  * Save an event
  *
  * @return     void
  */
 public function saveTask()
 {
     // Check if they are logged in
     if (User::isGuest()) {
         $this->loginTask();
         return;
     }
     // good ol' form validation
     Request::checkToken();
     Request::checkHoneypot() or die('Invalid Field Data Detected. Please try again.');
     $offset = $this->offset;
     // Incoming
     $start_time = Request::getVar('start_time', '08:00', 'post');
     $start_time = $start_time ? $start_time : '08:00';
     $start_pm = Request::getInt('start_pm', 0, 'post');
     $end_time = Request::getVar('end_time', '17:00', 'post');
     $end_time = $end_time ? $end_time : '17:00';
     $end_pm = Request::getInt('end_pm', 0, 'post');
     $time_zone = Request::getVar('time_zone', -5, 'post');
     $tags = Request::getVar('tags', '', 'post');
     // Bind the posted data to an event object
     $row = new Event($this->database);
     if (!$row->bind($_POST)) {
         throw new Exception($row->getError(), 500);
     }
     // New entry or existing?
     if ($row->id) {
         $state = 'edit';
         // Existing - update modified info
         $row->modified = strftime("%Y-%m-%d %H:%M:%S", time() + $offset * 60 * 60);
         if (User::get('id')) {
             $row->modified_by = User::get('id');
         }
     } else {
         $state = 'add';
         // New - set created info
         $row->created = strftime("%Y-%m-%d %H:%M:%S", time() + $offset * 60 * 60);
         if (User::get('id')) {
             $row->created_by = User::get('id');
         }
     }
     // Set some fields and do some cleanup work
     if ($row->catid) {
         $row->catid = intval($row->catid);
     }
     //$row->title = htmlentities($row->title);
     $row->content = $_POST['econtent'];
     $row->content = \Hubzero\Utility\Sanitize::clean($row->content);
     // Get the custom fields defined in the events configuration
     if (isset($_POST['fields'])) {
         $fields = $_POST['fields'];
         $fields = array_map('trim', $fields);
         // Wrap up the content of the field and attach it to the event content
         $fs = $this->config->fields;
         foreach ($fields as $param => $value) {
             if (trim($value) != '') {
                 $row->content .= '<ef:' . $param . '>' . $this->_clean($value) . '</ef:' . $param . '>';
             } else {
                 foreach ($fs as $f) {
                     if ($f[0] == $param && end($f) == 1) {
                         throw new Exception(Lang::txt('EVENTS_REQUIRED_FIELD_CHECK', $f[1]), 500);
                     }
                 }
             }
         }
     }
     // Clean adresse
     $row->adresse_info = $this->_clean($row->adresse_info);
     // Clean contact
     $row->contact_info = $this->_clean($row->contact_info);
     // Clean extra
     $row->extra_info = $this->_clean($row->extra_info);
     // Prepend http:// to URLs without it
     if ($row->extra_info != NULL) {
         if (substr($row->extra_info, 0, 7) != 'http://' && substr($row->extra_info, 0, 8) != 'https://') {
             $row->extra_info = 'http://' . $row->extra_info;
         }
     }
     // Reformat the time into 24hr format if necessary
     if ($this->config->getCfg('calUseStdTime') == 'YES') {
         list($hrs, $mins) = explode(':', $start_time);
         $hrs = intval($hrs);
         $mins = intval($mins);
         if ($hrs != 12 && $start_pm) {
             $hrs += 12;
         } else {
             if ($hrs == 12 && !$start_pm) {
                 $hrs = 0;
             }
         }
         if ($hrs < 10) {
             $hrs = '0' . $hrs;
         }
         if ($mins < 10) {
             $mins = '0' . $mins;
         }
         $start_time = $hrs . ':' . $mins;
         list($hrs, $mins) = explode(':', $end_time);
         $hrs = intval($hrs);
         $mins = intval($mins);
         if ($hrs != 12 && $end_pm) {
             $hrs += 12;
         } else {
             if ($hrs == 12 && !$end_pm) {
                 $hrs = 0;
             }
         }
         if ($hrs < 10) {
             $hrs = '0' . $hrs;
         }
         if ($mins < 10) {
             $mins = '0' . $mins;
         }
         $end_time = $hrs . ':' . $mins;
     }
     // hack to fix where timezones cant be found by offset int
     // really need to figure datetimes out
     switch ($row->time_zone) {
         case -12:
             $tz = 'Pacific/Kwajalein';
             break;
         case -9.5:
             $tz = 'Pacific/Marquesa';
             break;
         case -3.5:
             $tz = 'Canada/Newfoundland';
             break;
         case -2:
             $tz = 'America/Noronha';
             break;
         case 3.5:
             $tz = 'Asia/Tehran';
             break;
         case 4.5:
             $tz = 'Asia/Kabul';
             break;
         case 6:
             $tz = 'Asia/Dhaka';
             break;
         case 6.5:
             $tz = 'Asia/Rangoon';
             break;
         case 8.75:
             $tz = 'Asia/Shanghai';
             break;
         case 9.5:
             $tz = 'Australia/Adelaide';
             break;
         case 11:
             $tz = 'Asia/Vladivostok';
             break;
         case 11.5:
             $tz = 'Asia/Vladivostok';
             break;
         case 13:
             $tz = 'Pacific/Tongatapu';
             break;
         case 14:
             $tz = 'Pacific/Kiritimati';
             break;
         default:
             $tz = timezone_name_from_abbr('', $row->time_zone * 3600, NULL);
     }
     // create publish up date time string
     $rpup = $row->publish_up;
     $publishtime = date('Y-m-d 00:00:00');
     if ($row->publish_up) {
         $publishtime = $row->publish_up . ' ' . $start_time . ':00';
         $row->publish_up = \Date::of($publishtime)->toSql();
     }
     // create publish down date/time string
     $publishtime = date('Y-m-d 00:00:00');
     if ($row->publish_down) {
         $publishtime = $row->publish_down . ' ' . $end_time . ':00';
         $row->publish_down = \Date::of($publishtime)->toSql();
     }
     // Always unpublish if no Publisher otherwise publish automatically
     if ($this->config->getCfg('adminlevel')) {
         $row->state = 0;
     } else {
         $row->state = 1;
     }
     $row->state = 1;
     // Verify that the event doesn't start after it ends or ends before it starts.
     $pubdow = strtotime($row->publish_down);
     $pubup = strtotime($row->publish_up);
     if ($pubdow <= $pubup) {
         // Set the error message
         $this->setError(Lang::txt('EVENTS_EVENT_MUST_END_AFTER_START'));
         // Fall through to the edit view
         $this->editTask($row);
         return;
     }
     //set the scope to be regular events
     $row->scope = 'event';
     if (!$row->check()) {
         // Set the error message
         $this->setError($row->getError());
         $this->tags = $tags;
         // Fall through to the edit view
         $this->editTask($row);
         return;
     }
     if (!$row->store()) {
         // Set the error message
         $this->setError($row->getError());
         $this->tags = $tags;
         // Fall through to the edit view
         $this->editTask($row);
         return;
     }
     $row->checkin();
     // Save the tags
     $rt = new Tags($row->id);
     $rt->setTags($tags, User::get('id'));
     // Build the message to be e-mailed
     if ($state == 'add') {
         $subject = '[' . Config::get('sitename') . ' ' . Lang::txt('EVENTS_CAL_LANG_CAL_TITLE') . '] - ' . Lang::txt('EVENTS_CAL_LANG_MAIL_ADDED');
         $eview = new View(array('name' => 'emails', 'layout' => 'created'));
     } else {
         $subject = '[' . Config::get('sitename') . ' ' . Lang::txt('EVENTS_CAL_LANG_CAL_TITLE') . '] - ' . Lang::txt('EVENTS_CAL_LANG_MAIL_ADDED');
         $eview = new View(array('name' => 'emails', 'layout' => 'edited'));
     }
     $eview->option = $this->_option;
     $eview->sitename = Config::get('sitename');
     $eview->user = User::getInstance();
     $eview->row = $row;
     $message = $eview->loadTemplate();
     $message = str_replace("\n", "\r\n", $message);
     // Send the e-mail
     $this->_sendMail(Config::get('sitename'), Config::get('mailfrom'), $subject, $message);
     // Redirect to the details page for the event we just created
     App::redirect(Route::url('index.php?option=' . $this->_option . '&task=details&id=' . $row->id));
 }
Exemplo n.º 3
0
 /**
  * Upload a file to the wiki via AJAX
  *
  * @return  string
  */
 public function ajaxUploadTask()
 {
     // Check if they're logged in
     /*if (User::isGuest())
     		{
     			echo json_encode(array('error' => Lang::txt('Must be logged in.')));
     			return;
     		}*/
     // Ensure we have an ID to work with
     $ticket = Request::getInt('ticket', 0);
     $comment = Request::getInt('comment', 0);
     if (!$ticket) {
         echo json_encode(array('error' => Lang::txt('COM_SUPPORT_NO_ID'), 'ticket' => $ticket));
         return;
     }
     //max upload size
     $sizeLimit = $this->config->get('maxAllowed', 40000000);
     // get the file
     if (isset($_GET['qqfile']) && isset($_SERVER["CONTENT_LENGTH"])) {
         $stream = true;
         $file = $_GET['qqfile'];
         $size = (int) $_SERVER["CONTENT_LENGTH"];
     } elseif (isset($_FILES['qqfile']) && isset($_FILES['qqfile']['size'])) {
         $stream = false;
         $file = $_FILES['qqfile']['name'];
         $size = (int) $_FILES['qqfile']['size'];
     } else {
         echo json_encode(array('error' => Lang::txt('File not found')));
         return;
     }
     //define upload directory and make sure its writable
     $path = PATH_APP . DS . trim($this->config->get('webpath', '/site/tickets'), DS) . DS . $ticket;
     if (!is_dir($path)) {
         if (!Filesystem::makeDirectory($path)) {
             echo json_encode(array('error' => Lang::txt('Error uploading. Unable to create path.')));
             return;
         }
     }
     if (!is_writable($path)) {
         echo json_encode(array('error' => Lang::txt('Server error. Upload directory isn\'t writable.')));
         return;
     }
     //check to make sure we have a file and its not too big
     if ($size == 0) {
         echo json_encode(array('error' => Lang::txt('File is empty')));
         return;
     }
     if ($size > $sizeLimit) {
         $max = preg_replace('/<abbr \\w+=\\"\\w+\\">(\\w{1,3})<\\/abbr>/', '$1', Number::formatBytes($sizeLimit));
         echo json_encode(array('error' => Lang::txt('File is too large. Max file upload size is %s', $max)));
         return;
     }
     // don't overwrite previous files that were uploaded
     $pathinfo = pathinfo($file);
     $filename = $pathinfo['filename'];
     // Make the filename safe
     $filename = urldecode($filename);
     $filename = Filesystem::clean($filename);
     $filename = str_replace(' ', '_', $filename);
     $ext = $pathinfo['extension'];
     while (file_exists($path . DS . $filename . '.' . $ext)) {
         $filename .= rand(10, 99);
     }
     //make sure that file is acceptable type
     if (!in_array(strtolower($ext), explode(',', $this->config->get('file_ext')))) {
         echo json_encode(array('error' => Lang::txt('COM_SUPPORT_ERROR_INCORRECT_FILE_TYPE')));
         return;
     }
     $file = $path . DS . $filename . '.' . $ext;
     if ($stream) {
         //read the php input stream to upload file
         $input = fopen("php://input", "r");
         $temp = tmpfile();
         $realSize = stream_copy_to_stream($input, $temp);
         fclose($input);
         //move from temp location to target location which is user folder
         $target = fopen($file, "w");
         fseek($temp, 0, SEEK_SET);
         stream_copy_to_stream($temp, $target);
         fclose($target);
     } else {
         move_uploaded_file($_FILES['qqfile']['tmp_name'], $file);
     }
     if (!\Filesystem::isSafe($file)) {
         if (\Filesystem::delete($file)) {
             echo json_encode(array('success' => false, 'error' => Lang::txt('ATTACHMENT: File rejected because the anti-virus scan failed.')));
             return;
         }
     }
     // Create database entry
     $asset = new Attachment();
     $asset->bind(array('id' => 0, 'ticket' => $ticket, 'comment_id' => $comment, 'filename' => $filename . '.' . $ext, 'description' => Request::getVar('description', '')));
     if (!$asset->store(true)) {
         echo json_encode(array('success' => false, 'error' => $asset->getError()));
         return;
     }
     $view = new View(array('name' => 'media', 'layout' => '_asset'));
     $view->option = $this->_option;
     $view->controller = $this->_controller;
     $view->asset = $asset;
     $view->no_html = 1;
     //echo result
     echo json_encode(array('success' => true, 'file' => $filename . '.' . $ext, 'directory' => str_replace(PATH_APP, '', $path), 'ticket' => $ticket, 'comment_id' => $comment, 'html' => str_replace('>', '&gt;', $view->loadTemplate())));
 }
Exemplo n.º 4
0
 /**
  * Job posting
  *
  * @return     void
  */
 public function jobTask()
 {
     // Incoming
     $code = Request::getVar('code', '');
     $code = !$code && $this->_jobCode ? $this->_jobCode : $code;
     $obj = new Job($this->database);
     $job = $obj->get_opening(0, User::get('id'), $this->_masterAdmin, $code);
     // Push some styles to the template
     $this->css();
     // Push some scripts to the template
     $this->js();
     if (!$job) {
         $this->setError(Lang::txt('COM_JOBS_ERROR_JOB_INACTIVE'));
         // Set the pathway
         if (Pathway::count() <= 0) {
             Pathway::append(Lang::txt(strtoupper($this->_name)), 'index.php?option=' . $this->_option);
         }
         // Output HTML
         $view = new View(array('name' => 'error'));
         $view->title = Lang::txt(strtoupper($this->_name));
         if ($this->getError()) {
             $view->setError($this->getError());
         }
         $view->display();
         return;
     }
     if (User::get('id') == $job->employerid && !$this->_emp && !$this->_masterAdmin) {
         // check validity of subscription
         App::redirect(Route::url('index.php?option=com_jobs&task=dashboard'), Lang::txt('COM_JOBS_WARNING_SUBSCRIPTION_INVALID'), 'warning');
         return;
     }
     // Set the pathway
     $this->_jobid = $job->id;
     $this->_jobtitle = $job->title;
     $this->_buildPathway();
     if (User::isGuest() && $job->status != 1) {
         // Not authorized
         $error = Lang::txt('COM_JOBS_ERROR_NOT_AUTHORIZED_JOB_VIEW');
         $error .= User::isGuest() ? ' ' . Lang::txt('COM_JOBS_WARNING_LOGIN_REQUIRED') : '';
         $this->setError($error);
         // Output HTML
         $view = new View(array('name' => 'error'));
         $view->title = Lang::txt(strtoupper($this->_name));
         if ($this->getError()) {
             $view->setError($this->getError());
         }
         $view->display();
         return;
     }
     if ($job->status != 1 && !$this->_admin && (!$this->_emp && User::get('id') != $job->employerid)) {
         // Not authorized
         App::abort(403, Lang::txt('COM_JOBS_ERROR_NOT_AUTHORIZED_JOB_VIEW'));
     }
     // Set page title
     $this->_subtitle = $job->status == 4 ? Lang::txt('COM_JOBS_ACTION_PREVIEW_AD') . ' ' . $job->code : $job->title;
     $this->_buildTitle();
     // Get category & type names
     $jt = new JobType($this->database);
     $jc = new JobCategory($this->database);
     $job->type = $jt->getType($job->type);
     $job->cat = $jc->getCat($job->cid);
     // Get applications
     $ja = new JobApplication($this->database);
     $job->applications = ($this->_admin or $this->_emp && User::get('id') == $job->employerid) ? $ja->getApplications($job->id) : array();
     // Get profile info of applicants
     $job->withdrawnlist = array();
     if (count($job->applications) > 0) {
         $js = new JobSeeker($this->database);
         foreach ($job->applications as $ap) {
             $seeker = $js->getSeeker($ap->uid, $job->employerid);
             $ap->seeker = (!$seeker or count($seeker) == 0) ? NULL : $seeker[0];
             if ($ap->status == 2) {
                 $job->withdrawnlist[] = $ap;
             }
         }
     }
     // Output HTML
     $this->view->title = $this->_title;
     $this->view->config = $this->config;
     $this->view->emp = $this->_emp;
     $this->view->job = $job;
     $this->view->admin = $this->_admin;
     $this->view->task = $this->_task;
     $this->view->option = $this->_option;
     // Set any errors
     if ($this->getError()) {
         \Notify::error($this->getError());
     }
     $this->view->setName('job')->setLayout('default')->display();
 }
Exemplo n.º 5
0
 /**
  * Render a tag cloud
  *
  * @param   string   $rtrn     Format to render
  * @param   array    $filters  Filters to apply
  * @param   boolean  $clear    Clear cached data?
  * @return  string
  */
 public function render($rtrn = 'html', $filters = array(), $clear = false)
 {
     switch (strtolower($rtrn)) {
         case 'string':
             if (!isset($this->_cache['tags.string']) || $clear) {
                 $tags = array();
                 foreach ($this->tags('list', $filters, $clear) as $tag) {
                     $tags[] = $tag->get('raw_tag');
                 }
                 $this->_cache['tags.string'] = implode(', ', $tags);
             }
             return $this->_cache['tags.string'];
             break;
         case 'array':
             $tags = array();
             foreach ($this->tags('list', $filters, $clear) as $tag) {
                 $tags[] = $tag->get('tag');
             }
             return $tags;
             break;
         case 'cloud':
         case 'html':
         default:
             if (!isset($this->_cache['tags.cloud']) || $clear) {
                 $view = new View(array('base_path' => PATH_CORE . '/components/com_tags/site', 'name' => 'tags', 'layout' => '_cloud'));
                 $view->set('config', $this->_config)->set('tags', $this->tags('list', $filters, $clear));
                 $this->_cache['tags.cloud'] = $view->loadTemplate();
             }
             return $this->_cache['tags.cloud'];
             break;
     }
 }
Exemplo n.º 6
0
 /**
  * Upload a file to the wiki via AJAX
  *
  * @return     string
  */
 public function ajaxUploadTask()
 {
     // Check if they're logged in
     if (User::isGuest()) {
         echo json_encode(array('error' => Lang::txt('COM_COLLECTIONS_ERROR_LOGIN_REQUIRED')));
         return;
     }
     // Ensure we have an ID to work with
     $listdir = strtolower(Request::getVar('dir', ''));
     if (!$listdir) {
         echo json_encode(array('error' => Lang::txt('COM_COLLECTIONS_NO_ID')));
         return;
     }
     if (substr($listdir, 0, 3) == 'tmp') {
         $item = new Item($listdir);
         if (!$item->exists()) {
             $item->set('state', 0);
             $item->set('access', 0);
             $item->set('title', $listdir);
             if (!$item->store()) {
                 echo json_encode(array('error' => $item->getError()));
                 return;
             }
         }
         $listdir = $item->get('id');
     }
     //max upload size
     $sizeLimit = $this->config->get('maxAllowed', 40000000);
     // get the file
     if (isset($_GET['qqfile'])) {
         $stream = true;
         $file = $_GET['qqfile'];
         $size = (int) $_SERVER["CONTENT_LENGTH"];
     } elseif (isset($_FILES['qqfile'])) {
         $stream = false;
         $file = $_FILES['qqfile']['name'];
         $size = (int) $_FILES['qqfile']['size'];
     } else {
         echo json_encode(array('error' => Lang::txt('COM_COLLECTIONS_FILE_NOT_FOUND')));
         return;
     }
     $asset = new Asset();
     //define upload directory and make sure its writable
     $path = $asset->filespace() . DS . $listdir;
     if (!is_dir($path)) {
         if (!Filesystem::makeDirectory($path)) {
             echo json_encode(array('error' => Lang::txt('COM_COLLECTIONS_ERROR_UNABLE_TO_CREATE_UPLOAD_DIR')));
             return;
         }
     }
     if (!is_writable($path)) {
         echo json_encode(array('error' => Lang::txt('COM_COLLECTIONS_ERROR_UPLOAD_DIR_NOT_WRITABLE')));
         return;
     }
     //check to make sure we have a file and its not too big
     if ($size == 0) {
         echo json_encode(array('error' => Lang::txt('COM_COLLECTIONS_ERROR_EMPTY_FILE')));
         return;
     }
     if ($size > $sizeLimit) {
         $max = preg_replace('/<abbr \\w+=\\"\\w+\\">(\\w{1,3})<\\/abbr>/', '$1', Number::formatBytes($sizeLimit));
         echo json_encode(array('error' => Lang::txt('COM_COLLECTIONS_ERROR_FILE_TOO_LARGE', $max)));
         return;
     }
     // don't overwrite previous files that were uploaded
     $pathinfo = pathinfo($file);
     $filename = $pathinfo['filename'];
     // Make the filename safe
     $filename = urldecode($filename);
     $filename = Filesystem::clean($filename);
     $filename = str_replace(' ', '_', $filename);
     $ext = $pathinfo['extension'];
     while (file_exists($path . DS . $filename . '.' . $ext)) {
         $filename .= rand(10, 99);
     }
     $file = $path . DS . $filename . '.' . $ext;
     if ($stream) {
         //read the php input stream to upload file
         $input = fopen("php://input", "r");
         $temp = tmpfile();
         $realSize = stream_copy_to_stream($input, $temp);
         fclose($input);
         //move from temp location to target location which is user folder
         $target = fopen($file, "w");
         fseek($temp, 0, SEEK_SET);
         stream_copy_to_stream($temp, $target);
         fclose($target);
     } else {
         move_uploaded_file($_FILES['qqfile']['tmp_name'], $file);
     }
     // Create database entry
     $asset->set('item_id', intval($listdir));
     $asset->set('filename', $filename . '.' . $ext);
     if ($asset->image()) {
         $hi = new \Hubzero\Image\Processor($file);
         if (count($hi->getErrors()) == 0) {
             $hi->autoRotate();
             $hi->save();
         }
     }
     $asset->set('description', Request::getVar('description', '', 'post'));
     $asset->set('state', 1);
     $asset->set('type', 'file');
     if (!$asset->store()) {
         echo json_encode(array('error' => $asset->getError()));
         return;
     }
     $view = new View(array('name' => 'media', 'layout' => '_asset'));
     $view->i = Request::getInt('i', 0);
     $view->option = $this->_option;
     $view->controller = $this->_controller;
     $view->asset = $asset;
     $view->no_html = 1;
     //echo result
     echo json_encode(array('success' => true, 'file' => $filename . '.' . $ext, 'directory' => str_replace(PATH_APP, '', $path), 'id' => $listdir, 'html' => str_replace('>', '&gt;', $view->loadTemplate())));
 }