Пример #1
0
function uploadFiles($uid, $pid, $type, $file)
{
    if (!canViewPuzzle($uid, $pid)) {
        utilsError("You do not have permission to modify this puzzle.");
    }
    if ($type == 'draft' && !canAcceptDrafts($pid)) {
        utilsError("This puzzle has been finalized. No new drafts can be uploaded.");
    }
    $extension = "";
    $target_path = "uploads/puzzle_files/" . uniqid();
    $filename_parts = explode(".", $file['name']);
    if (count($filename_parts) > 1) {
        $target_path = $target_path . "." . end($filename_parts);
        $extension = end($filename_parts);
    }
    if (USING_AWS) {
        $client = S3Client::factory(array('key' => AWS_ACCESS_KEY, 'secret' => AWS_SECRET_KEY));
    }
    if ($extension == "zip") {
        $filetype = "dir";
        if (move_uploaded_file($file['tmp_name'], $target_path)) {
            if (USING_AWS) {
                $key = $target_path;
                $result = $client->putObject(array('Bucket' => AWS_BUCKET, 'Key' => $key, 'Body' => file_get_contents($target_path), 'ContentDisposition' => 'inline'));
            }
            $new_path = $target_path . "_" . $filetype;
            #echo "target_path is $target_path<br>";
            #echo "new_path is $new_path<br>";
            $res = exec("/usr/bin/unzip {$target_path} -d {$new_path}");
            if (USING_AWS) {
                $result = $client->uploadDirectory($new_path, AWS_BUCKET, $new_path);
            }
            $sql = sprintf("INSERT INTO uploaded_files (filename, pid, uid, cid, type) VALUES ('%s', '%s', '%s', '%s', '%s')", mysql_real_escape_string($new_path), mysql_real_escape_string($pid), mysql_real_escape_string($uid), mysql_real_escape_string(-1), mysql_real_escape_string($type));
            query_db($sql);
            $sql = sprintf("INSERT INTO uploaded_files (filename, pid, uid, cid, type) VALUES ('%s', '%s', '%s', '%s', '%s')", mysql_real_escape_string($target_path), mysql_real_escape_string($pid), mysql_real_escape_string($uid), mysql_real_escape_string(-1), mysql_real_escape_string($type));
            query_db($sql);
            if (USING_AWS) {
                addComment($uid, $pid, "A new <a href=\"https://" . AWS_BUCKET . ".s3.amazonaws.com/list.html?prefix={$new_path}\">{$type}</a> has been uploaded.", TRUE);
            } else {
                addComment($uid, $pid, "A new <a href=\"{$new_path}\">{$type}</a> has been uploaded.", TRUE);
            }
        } else {
            $_SESSION['upload_error'] = "There was an error uploading the file, please try again. (Note: file max size may be limited)";
        }
    } else {
        $upload_error = "";
        if (move_uploaded_file($file['tmp_name'], $target_path)) {
            if (USING_AWS) {
                $key = $target_path;
                $result = $client->putObject(array('Bucket' => AWS_BUCKET, 'Key' => $key, 'Body' => file_get_contents($target_path), 'ContentDisposition' => 'inline'));
            }
            $sql = sprintf("INSERT INTO uploaded_files (filename, pid, uid, cid, type) VALUES ('%s', '%s', '%s', '%s', '%s')", mysql_real_escape_string($target_path), mysql_real_escape_string($pid), mysql_real_escape_string($uid), mysql_real_escape_string(-1), mysql_real_escape_string($type));
            query_db($sql);
            if (USING_AWS) {
                addComment($uid, $pid, "A new <a href=\"https://" . AWS_BUCKET . ".s3.amazonaws.com/{$target_path}\">{$type}</a> has been uploaded.", TRUE);
            } else {
                addComment($uid, $pid, "A new <a href=\"{$target_path}\">{$type}</a> has been uploaded.", TRUE);
            }
        } else {
            $_SESSION['upload_error'] = "There was an error uploading the file, please try again. (Note: file max size may be limited) " . serialize($file);
        }
    }
    if ($type == "postprod") {
        // pushToPostProd($uid, $pid);
    }
}
Пример #2
0
    addFactcheckers($uid, $pid, array($uid));
    header("Location: " . URL . "/factcheck.php");
    exit(0);
}
if (isset($_POST['TestAdminPuzzle'])) {
    $pid = $_POST['pid'];
    if (!addToTestAdminQueue($uid, $pid)) {
        $_SESSION['failedToAdd'] = TRUE;
    }
    header("Location: " . URL . "/testadmin.php");
    exit(0);
}
if (isset($_POST['getTestId'])) {
    $pid = $_POST['pid'];
    if (!validPuzzleId($pid)) {
        utilsError("Invalid puzzle ID.");
    }
    if (isTestingAdmin($uid)) {
        header("Location: " . URL . "/test.php?pid=" . $pid);
        exit(0);
    }
    if (canTestPuzzle($uid, $pid, TRUE) && !isTesterOnPuzzle($uid, $pid)) {
        addPuzzleToTestQueue($uid, $pid);
        header("Location: " . URL . "/test.php?pid=" . $pid);
    } else {
        if (isTesterOnPuzzle($uid, $pid)) {
            header("Location: " . URL . "/test.php?pid=" . $pid);
        } else {
            if (!isset($_SESSION['testError'])) {
                $_SESSION['testError'] = "Could not add Puzzle {$pid} to your queue";
            }