$id = abs($_REQUEST['id']);
$sql = "SELECT file_name, folder_id, description FROM %sfiles WHERE file_id=%d AND owner_type=%d AND owner_id=%d";
$row = queryDB($sql, array(TABLE_PREFIX, $id, $owner_type, $owner_id), TRUE);
if (count($row) == 0) {
$msg->printErrors('FILE_NOT_EXIST');
require AT_INCLUDE_PATH . 'footer.inc.php';
exit;
}
if (isset($_POST['description'])) {
$row['description'] = $stripslashes($_POST['description']);
$row['file_name'] = $stripslashes($_POST['name']);
$row['comment'] = $stripslashes($_POST['comment']);
$_POST['body'] = $stripslashes($_POST['body']);
}
$ext = fs_get_file_extension($row['file_name']);
$file_path = fs_get_file_path($id);
?>
<form method="post" action="<?php
echo $_SERVER['PHP_SELF'] . $owner_arg_prefix;
?>
" name="form">
<input type="hidden" name="id" value="<?php
echo $id;
?>
" />
<input type="hidden" name="folder" value="<?php
echo $row['folder_id'];
?>
" />
<input type="submit" name="submit" style="display:none;"/>
header('Location: ' . AT_BASE_HREF . 'mods/_standard/file_storage/index.php');
exit;
}
}
if (!$msg->containsErrors()) {
$_POST['description'] = $addslashes(trim($_POST['description']));
$_FILES['file']['name'] = addslashes($_FILES['file']['name']);
if ($_POST['comments']) {
$num_comments = 1;
} else {
$num_comments = 0;
}
$sql = "INSERT INTO " . TABLE_PREFIX . "files VALUES (NULL, {$owner_type}, {$owner_id}, {$_SESSION['member_id']}, {$parent_folder_id}, 0, NOW(), {$num_comments}, 0, '{$_FILES['file']['name']}', {$_FILES['file']['size']}, '{$_POST['description']}')";
$result = mysql_query($sql, $db);
if ($result && ($file_id = mysql_insert_id($db))) {
$path = fs_get_file_path($file_id);
move_uploaded_file($_FILES['file']['tmp_name'], $path . $file_id);
// check if this file name already exists
$sql = "SELECT file_id, num_revisions FROM " . TABLE_PREFIX . "files WHERE owner_type={$owner_type} AND owner_id={$owner_id} AND folder_id={$parent_folder_id} AND file_id<>{$file_id} AND file_name='{$_FILES['file']['name']}' AND parent_file_id=0 ORDER BY file_id DESC LIMIT 1";
$result = mysql_query($sql, $db);
if ($row = mysql_fetch_assoc($result)) {
if ($_config['fs_versioning']) {
$sql = "UPDATE " . TABLE_PREFIX . "files SET parent_file_id={$file_id}, date=date WHERE file_id={$row['file_id']}";
$result = mysql_query($sql, $db);
$sql = "UPDATE " . TABLE_PREFIX . "files SET num_revisions={$row['num_revisions']}+1, date=date WHERE file_id={$file_id}";
$result = mysql_query($sql, $db);
} else {
fs_delete_file($row['file_id'], $owner_type, $owner_id);
}
}
$msg->addFeedback('FILE_UPLOADED');
/**
* copies a file to another workspace.
* currently only used for submitting assignments.
**/
function fs_copy_file($file_id, $src_owner_type, $src_owner_id, $dest_owner_type, $dest_owner_id, $dest_folder_id)
{
$sql = "SELECT file_name, file_size, description FROM %sfiles WHERE file_id=%d AND owner_type=%d AND owner_id=%d";
$row = queryDB($sql, array(TABLE_PREFIX, $file_id, $src_owner_type, $src_owner_id), TRUE);
if (count($row) == 0) {
return false;
}
$sql = "INSERT INTO %sfiles VALUES (NULL, %d, %d, %d, %d, 0, NOW(), 0, 0, '%s', %d, '%s')";
$result = queryDB($sql, array(TABLE_PREFIX, $dest_owner_type, $dest_owner_id, $_SESSION['member_id'], $dest_folder_id, $row['file_name'], $row['file_size'], $row['description']));
$id = at_insert_id();
$src_file = fs_get_file_path($file_id) . $file_id;
$dest_file = fs_get_file_path($id) . $id;
copy($src_file, $dest_file);
}
/**
* copies a file to another workspace.
* currently only used for submitting assignments.
**/
function fs_copy_file($file_id, $src_owner_type, $src_owner_id, $dest_owner_type, $dest_owner_id, $dest_folder_id) {
global $db;
$sql = "SELECT file_name, file_size, description FROM ".TABLE_PREFIX."files WHERE file_id=$file_id AND owner_type=$src_owner_type AND owner_id=$src_owner_id";
$result = mysql_query($sql, $db);
if (!$row = mysql_fetch_assoc($result)) {
return false;
}
$sql = "INSERT INTO ".TABLE_PREFIX."files VALUES (NULL, $dest_owner_type, $dest_owner_id, $_SESSION[member_id], $dest_folder_id, 0, NOW(), 0, 0, '$row[file_name]', '$row[file_size]', '$row[description]')";
$result = mysql_query($sql, $db);
$id = mysql_insert_id($db);
$src_file = fs_get_file_path($file_id) . $file_id;
$dest_file = fs_get_file_path($id) . $id;
copy($src_file, $dest_file);
}
/**
* copies a file to another workspace.
* currently only used for submitting assignments.
**/
function fs_copy_file($file_id, $src_owner_type, $src_owner_id, $dest_owner_type, $dest_owner_id, $dest_folder_id)
{
global $db;
$sql = "SELECT file_name, file_size, description FROM " . TABLE_PREFIX . "files WHERE file_id={$file_id} AND owner_type={$src_owner_type} AND owner_id={$src_owner_id}";
$result = mysql_query($sql, $db);
if (!($row = mysql_fetch_assoc($result))) {
return false;
}
$sql = "INSERT INTO " . TABLE_PREFIX . "files VALUES (NULL, {$dest_owner_type}, {$dest_owner_id}, {$_SESSION['member_id']}, {$dest_folder_id}, 0, NOW(), 0, 0, '{$row['file_name']}', '{$row['file_size']}', '{$row['description']}')";
$result = mysql_query($sql, $db);
$id = mysql_insert_id($db);
$src_file = fs_get_file_path($file_id) . $file_id;
$dest_file = fs_get_file_path($id) . $id;
copy($src_file, $dest_file);
}
