function file_delete($ids = array())
{
global $file_base_path;
$ids = $ids ? array_map('assert_int', $ids) : array(assert_int(ps('id')));
$fail = array();
$rs = safe_rows_start('id, filename', 'txp_file', 'id IN (' . join(',', $ids) . ')');
if ($rs) {
while ($a = nextRow($rs)) {
extract($a);
$filepath = build_file_path($file_base_path, $filename);
$rsd = safe_delete('txp_file', "id = {$id}");
$ul = false;
if ($rsd && is_file($filepath)) {
$ul = unlink($filepath);
}
if (!$rsd or !$ul) {
$fail[] = $id;
}
}
if ($fail) {
file_list(messenger(gTxt('file_delete_failed'), join(', ', $fail), ''));
} else {
file_list(gTxt('file_deleted', array('{name}' => join(', ', $ids))));
}
} else {
file_list(messenger(gTxt('file_not_found'), join(', ', $ids), ''));
}
}
if (!in_array('size', $txpfile)) {
safe_alter('txp_file', "add size bigint");
$update_files = 1;
}
if (!in_array('downloads', $txpfile)) {
safe_alter('txp_file', "ADD downloads INT DEFAULT '0' NOT NULL");
}
if (array_intersect(array('modified', 'created'), $txpfile)) {
safe_alter('txp_file', "MODIFY modified datetime NOT NULL default '0000-00-00 00:00:00', MODIFY created datetime NOT NULL default '0000-00-00 00:00:00'");
}
// copy existing file timestamps into the new database columns
if ($update_files) {
$prefs = get_prefs();
$rs = safe_rows('*', 'txp_file', '1=1');
foreach ($rs as $row) {
$path = build_file_path(@$prefs['file_base_path'], @$row['filename']);
if ($path and $stat = @stat($path)) {
safe_update('txp_file', "created='" . strftime('%Y-%m-%d %H:%M:%S', $stat['ctime']) . "', modified='" . strftime('%Y-%m-%d %H:%M:%S', $stat['mtime']) . "', size='" . doSlash(sprintf('%u', $stat['size'])) . "'", "id='" . doSlash($row['id']) . "'");
}
}
}
safe_update('textpattern', "Keywords=TRIM(BOTH ',' FROM REPLACE(REPLACE(REPLACE(REPLACE(REPLACE(REPLACE(REPLACE(REPLACE(REPLACE(REPLACE(REPLACE(Keywords,'\n',','),'\r',','),'\t',','),' ',' '),' ',' '),' ',' '),' ,',','),', ',','),',,,,',','),',,',','),',,',','))", "Keywords != ''");
// shift preferences to more intuitive spots
// give positions, leave enough room for later additions
safe_update('txp_prefs', "position = 20", "name in(\n\t\t'sitename',\n\t\t'comments_on_default',\n\t\t'img_dir',\n\t\t'comments_require_name',\n\t\t'syndicate_body_or_excerpt',\n\t\t'title_no_widow'\n\t)");
safe_update('txp_prefs', "position = 40", "name in(\n\t\t'siteurl',\n\t\t'comments_default_invite',\n\t\t'file_base_path',\n\t\t'comments_require_email',\n\t\t'rss_how_many',\n\t\t'articles_use_excerpts'\n\t)");
safe_update('txp_prefs', "position = 60", "name in('\n\t\tsite_slogan',\n\t\t'comments_moderate',\n\t\t'never_display_email',\n\t\t'file_max_upload_size',\n\t\t'show_comment_count_in_feed',\n\t\t'allow_form_override'\n\t)");
safe_update('txp_prefs', "position = 80", "name in(\n\t\t'production_status',\n\t\t'comments_disabled_after',\n\t\t'tempdir',\n\t\t'comment_nofollow',\n\t\t'include_email_atom',\n\t\t'attach_titles_to_permalinks'\n\t)");
safe_update('txp_prefs', "position = 100", "name in(\n\t\t'gmtoffset',\n\t\t'comments_auto_append',\n\t\t'plugin_cache_dir',\n\t\t'permalink_title_format',\n\t\t'use_mail_on_feeds_id'\n\t)");
safe_update('txp_prefs', "position = 120", "name in(\n\t\t'is_dst',\n\t\t'comments_mode',\n\t\t'override_emailcharset'\n\t)");
safe_update('txp_prefs', "position = 120, event = 'publish'", "name = 'send_lastmod'");
function file_download_send($event, $step)
{
// just a quick transplant from publish.php, this could stand some refactoring
global $pretext, $prefs;
extract($prefs);
extract($pretext);
// we are dealing with a download
# if (@$s == 'file_download') {
$file_error = 0;
$file = safe_row('*', 'txp_file', "id='" . doSlash($pretext['tail'][1]) . "' and status >= 4");
if (!$file) {
$file_error = 404;
}
if (!$file_error) {
extract($file);
$fullpath = build_file_path($file_base_path, $filename);
if (is_file($fullpath)) {
// discard any error php messages
ob_clean();
$filesize = filesize($fullpath);
$sent = 0;
header('Content-Description: File Download');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="' . basename($filename) . '"; size = "' . $filesize . '"');
// Fix for lame IE 6 pdf bug on servers configured to send cache headers
header('Cache-Control: private');
@ini_set("zlib.output_compression", "Off");
@set_time_limit(0);
@ignore_user_abort(true);
if ($file = fopen($fullpath, 'rb')) {
while (!feof($file) and connection_status() == 0) {
echo fread($file, 1024 * 64);
$sent += 1024 * 64;
ob_flush();
flush();
}
fclose($file);
// record download
if (connection_status() == 0 and !connection_aborted()) {
safe_update("txp_file", "downloads=downloads+1", "id='" . intval($id) . "'");
} else {
$pretext['request_uri'] .= "#aborted-at-" . floor($sent * 100 / $filesize) . "%";
logit();
}
}
} else {
$file_error = 404;
}
# }
// deal with error
if ($file_error) {
switch ($file_error) {
case 403:
txp_die(gTxt('403_forbidden'), '403');
break;
case 404:
txp_die(gTxt('404_not_found'), '404');
break;
default:
txp_die(gTxt('500_internal_server_error'), '500');
break;
}
}
// download done
exit(0);
}
}
function file_delete($ids = array())
{
global $file_base_path, $txp_user;
$ids = $ids ? array_map('assert_int', $ids) : array(assert_int(ps('id')));
$message = '';
if (!has_privs('file.delete')) {
if (has_privs('file.delete.own')) {
$ids = safe_column('id', 'txp_file', 'id IN (' . join(',', $ids) . ') AND author=\'' . doSlash($txp_user) . '\'');
} else {
$ids = array();
}
}
if (!empty($ids)) {
$fail = array();
$rs = safe_rows_start('id, filename', 'txp_file', 'id IN (' . join(',', $ids) . ')');
if ($rs) {
while ($a = nextRow($rs)) {
extract($a);
$filepath = build_file_path($file_base_path, $filename);
$rsd = safe_delete('txp_file', "id = {$id}");
$ul = false;
if ($rsd && is_file($filepath)) {
$ul = unlink($filepath);
}
if (!$rsd or !$ul) {
$fail[] = $id;
}
}
if ($fail) {
$message = messenger(gTxt('file_delete_failed'), join(', ', $fail), '');
} else {
update_lastmod();
$message = gTxt('file_deleted', array('{name}' => join(', ', $ids)));
}
} else {
$message = messenger(gTxt('file_not_found'), join(', ', $ids), '');
}
}
file_list($message);
}
function fileDownloadFetchInfo($where)
{
global $file_base_path;
$result = array('id' => 0, 'filename' => '', 'category' => '', 'description' => '', 'downloads' => 0, 'size' => 0, 'created' => 0, 'modified' => 0);
$rs = safe_row('*', 'txp_file', $where);
if ($rs) {
extract($rs);
$result['id'] = $id;
$result['filename'] = $filename;
$result['category'] = $category;
$result['description'] = $description;
$result['downloads'] = $downloads;
// get filesystem info
$filepath = build_file_path($file_base_path, $filename);
if (file_exists($filepath)) {
$filesize = filesize($filepath);
if ($filesize !== false) {
$result['size'] = $filesize;
}
$created = filectime($filepath);
if ($created !== false) {
$result['created'] = $created;
}
$modified = filemtime($filepath);
if ($modified !== false) {
$result['modified'] = $modified;
}
}
}
return $result;
}
function output_file_download($filename)
{
global $file_error, $file_base_path, $pretext;
callback_event('file_download');
if (!isset($file_error)) {
$filename = sanitizeForFile($filename);
$fullpath = build_file_path($file_base_path, $filename);
if (is_file($fullpath)) {
// Discard any error PHP messages.
ob_clean();
$filesize = filesize($fullpath);
$sent = 0;
header('Content-Description: File Download');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="' . $filename . '"; size = "' . $filesize . '"');
// Fix for IE6 PDF bug on servers configured to send cache headers.
header('Cache-Control: private');
@ini_set("zlib.output_compression", "Off");
@set_time_limit(0);
@ignore_user_abort(true);
if ($file = fopen($fullpath, 'rb')) {
while (!feof($file) and connection_status() == 0) {
echo fread($file, 1024 * 64);
$sent += 1024 * 64;
ob_flush();
flush();
}
fclose($file);
// Record download.
if (connection_status() == 0 and !connection_aborted()) {
safe_update('txp_file', "downloads = downloads + 1", "id = " . intval($pretext['id']));
} else {
$pretext['request_uri'] .= $sent >= $filesize ? '#aborted' : "#aborted-at-" . floor($sent * 100 / $filesize) . "%";
}
log_hit('200');
}
} else {
$file_error = 404;
}
}
// Deal with error.
if (isset($file_error)) {
switch ($file_error) {
case 403:
txp_die(gTxt('403_forbidden'), '403');
break;
case 404:
txp_die(gTxt('404_not_found'), '404');
break;
default:
txp_die(gTxt('500_internal_server_error'), '500');
break;
}
}
}
function file_delete()
{
global $txpcfg, $file_base_path;
extract($txpcfg);
$id = ps('id');
$rs = safe_row("*", "txp_file", "id='{$id}'");
if ($rs) {
extract($rs);
$filepath = build_file_path($file_base_path, $filename);
$rsd = safe_delete("txp_file", "id='{$id}'");
$ul = false;
if ($rsd && is_file($filepath)) {
$ul = unlink($filepath);
}
if ($rsd && $ul) {
file_list(messenger(gTxt('file'), $filename, gTxt('deleted')));
return;
} else {
file_list(messenger(gTxt('file_delete_failed'), $filename, ''));
}
} else {
file_list(messenger(gTxt('file_not_found'), $filename, ''));
}
}
callback_event('pretext_end');
extract($pretext);
// Now that everything is initialized, we can crank down error reporting
set_error_level($production_status);
if (gps('parentid') && gps('submit')) {
saveComment();
} elseif (gps('parentid') and $comments_mode == 1) {
// popup comments?
header("Content-type: text/html; charset=utf-8");
exit(popComments(gps('parentid')));
}
// we are dealing with a download
if (@$s == 'file_download') {
callback_event('file_download');
if (!isset($file_error)) {
$fullpath = build_file_path($file_base_path, $filename);
if (is_file($fullpath)) {
// discard any error php messages
ob_clean();
$filesize = filesize($fullpath);
$sent = 0;
header('Content-Description: File Download');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="' . basename($filename) . '"; size = "' . $filesize . '"');
// Fix for lame IE 6 pdf bug on servers configured to send cache headers
header('Cache-Control: private');
@ini_set("zlib.output_compression", "Off");
@set_time_limit(0);
@ignore_user_abort(true);
if ($file = fopen($fullpath, 'rb')) {
while (!feof($file) and connection_status() == 0) {
function file_delete($ids = array())
{
global $file_base_path, $txp_user;
$ids = $ids ? array_map('assert_int', $ids) : array(assert_int(ps('id')));
if (!has_privs('file.delete')) {
if (has_privs('file.delete.own')) {
$ids = safe_column('id', 'txp_file', 'id IN (' . join(',', $ids) . ') AND author=\'' . doSlash($txp_user) . '\'');
} else {
$ids = array();
}
}
if (!empty($ids)) {
$fail = array();
$rs = safe_rows_start('id, filename', 'txp_file', 'id IN (' . join(',', $ids) . ')');
if ($rs) {
while ($a = nextRow($rs)) {
extract($a);
$filepath = build_file_path($file_base_path, $filename);
// Notify plugins of pending deletion, pass file's id and path.
callback_event('file_deleted', '', false, $id, $filepath);
$rsd = safe_delete('txp_file', "id = {$id}");
$ul = false;
if ($rsd && is_file($filepath)) {
$ul = unlink($filepath);
}
if (!$rsd or !$ul) {
$fail[] = $id;
}
}
if ($fail) {
file_list(array(messenger(gTxt('file_delete_failed'), join(', ', $fail)), E_ERROR));
return;
} else {
update_lastmod('file_deleted', $ids);
file_list(gTxt('file_deleted', array('{name}' => join(', ', $ids))));
return;
}
} else {
file_list(array(messenger(gTxt('file_not_found'), join(', ', $ids), ''), E_ERROR));
return;
}
}
file_list();
}
function file_download_format_info($file)
{
global $file_base_path;
// get filesystem info
$filepath = build_file_path($file_base_path, $file['filename']);
if (file_exists($filepath)) {
$filesize = filesize($filepath);
if ($filesize !== false) {
$file['size'] = $filesize;
}
$created = filectime($filepath);
if ($created !== false) {
$file['created'] = $created;
}
$modified = filemtime($filepath);
if ($modified !== false) {
$file['modified'] = $modified;
}
}
return $file;
}
function file_delete()
{
global $txpcfg, $file_base_path;
extract($txpcfg);
$id = assert_int(ps('id'));
$rs = safe_row('*', 'txp_file', "id = {$id}");
if ($rs) {
extract($rs);
$filepath = build_file_path($file_base_path, $filename);
$rsd = safe_delete('txp_file', "id = {$id}");
$ul = false;
if ($rsd && is_file($filepath)) {
$ul = unlink($filepath);
}
if ($rsd && $ul) {
$message = gTxt('file_deleted', array('{name}' => $filename));
return file_list($message);
} else {
file_list(messenger(gTxt('file_delete_failed'), $filename, ''));
}
} else {
file_list(messenger(gTxt('file_not_found'), $filename, ''));
}
}
if (!in_array('size', $txpfile)) {
safe_alter('txp_file', "ADD size BIGINT");
}
if (!in_array('downloads', $txpfile)) {
safe_alter('txp_file', "ADD downloads INT DEFAULT '0' NOT NULL");
}
$txpfile = getThings("DESCRIBE `" . PFX . "txp_file`");
// Copy existing file timestamps into the new database columns.
if (array_intersect(array('modified', 'created', 'size'), $txpfile)) {
$rs = safe_rows("*", 'txp_file', "1 = 1");
$dir = get_pref('file_base_path', dirname(txpath) . DS . 'files');
foreach ($rs as $row) {
if (empty($row['filename'])) {
continue;
}
$path = build_file_path($dir, $row['filename']);
if ($path and $stat = @stat($path)) {
safe_update('txp_file', "created = '" . strftime('%Y-%m-%d %H:%M:%S', $stat['ctime']) . "', modified = '" . strftime('%Y-%m-%d %H:%M:%S', $stat['mtime']) . "', size = '" . doSlash(sprintf('%u', $stat['size'])) . "'", "id = '" . doSlash($row['id']) . "'");
}
}
}
safe_update('textpattern', "Keywords = TRIM(BOTH ',' FROM \n REPLACE(\n REPLACE(\n REPLACE(\n REPLACE(\n REPLACE(\n REPLACE(\n REPLACE(\n REPLACE(\n REPLACE(\n REPLACE(\n REPLACE(Keywords, '\n', ','),\n '\r', ','),\n '\t', ','),\n ' ', ' '),\n ' ', ' '),\n ' ', ' '),\n ' ,', ','),\n ', ', ','),\n ',,,,', ','),\n ',,', ','),\n ',,', ',')\n )", "Keywords != ''");
// Shift preferences to more intuitive spots.
// Give positions, leave enough room for later additions.
safe_update('txp_prefs', "position = 20", "name IN(\n 'sitename',\n 'comments_on_default',\n 'img_dir',\n 'comments_require_name',\n 'syndicate_body_or_excerpt',\n 'title_no_widow'\n)");
safe_update('txp_prefs', "position = 40", "name IN(\n 'siteurl',\n 'comments_default_invite',\n 'file_base_path',\n 'comments_require_email',\n 'rss_how_many',\n 'articles_use_excerpts'\n)");
safe_update('txp_prefs', "position = 60", "name IN(\n 'site_slogan',\n 'comments_moderate',\n 'never_display_email',\n 'file_max_upload_size',\n 'show_comment_count_in_feed',\n 'allow_form_override'\n)");
safe_update('txp_prefs', "position = 80", "name IN(\n 'production_status',\n 'comments_disabled_after',\n 'tempdir',\n 'comment_nofollow',\n 'include_email_atom',\n 'attach_titles_to_permalinks'\n)");
safe_update('txp_prefs', "position = 100", "name IN(\n 'gmtoffset',\n 'comments_auto_append',\n 'plugin_cache_dir',\n 'permalink_title_format',\n 'use_mail_on_feeds_id'\n)");
safe_update('txp_prefs', "position = 120", "name IN(\n 'is_dst',\n 'comments_mode',\n 'override_emailcharset'\n)");
safe_update('txp_prefs', "position = 120, event = 'publish'", "name = 'send_lastmod'");
function file_path($filename)
{
global $prefs;
return build_file_path($prefs['file_base_path'], $filename);
}
