function uploadFiles($uid, $pid, $type, $file) { if (!canViewPuzzle($uid, $pid)) { utilsError("You do not have permission to modify this puzzle."); } if ($type == 'draft' && !canAcceptDrafts($pid)) { utilsError("This puzzle has been finalized. No new drafts can be uploaded."); } $extension = ""; $target_path = "uploads/puzzle_files/" . uniqid(); $filename_parts = explode(".", $file['name']); if (count($filename_parts) > 1) { $target_path = $target_path . "." . end($filename_parts); $extension = end($filename_parts); } if (USING_AWS) { $client = S3Client::factory(array('key' => AWS_ACCESS_KEY, 'secret' => AWS_SECRET_KEY)); } if ($extension == "zip") { $filetype = "dir"; if (move_uploaded_file($file['tmp_name'], $target_path)) { if (USING_AWS) { $key = $target_path; $result = $client->putObject(array('Bucket' => AWS_BUCKET, 'Key' => $key, 'Body' => file_get_contents($target_path), 'ContentDisposition' => 'inline')); } $new_path = $target_path . "_" . $filetype; #echo "target_path is $target_path<br>"; #echo "new_path is $new_path<br>"; $res = exec("/usr/bin/unzip {$target_path} -d {$new_path}"); if (USING_AWS) { $result = $client->uploadDirectory($new_path, AWS_BUCKET, $new_path); } $sql = sprintf("INSERT INTO uploaded_files (filename, pid, uid, cid, type) VALUES ('%s', '%s', '%s', '%s', '%s')", mysql_real_escape_string($new_path), mysql_real_escape_string($pid), mysql_real_escape_string($uid), mysql_real_escape_string(-1), mysql_real_escape_string($type)); query_db($sql); $sql = sprintf("INSERT INTO uploaded_files (filename, pid, uid, cid, type) VALUES ('%s', '%s', '%s', '%s', '%s')", mysql_real_escape_string($target_path), mysql_real_escape_string($pid), mysql_real_escape_string($uid), mysql_real_escape_string(-1), mysql_real_escape_string($type)); query_db($sql); if (USING_AWS) { addComment($uid, $pid, "A new <a href=\"https://" . AWS_BUCKET . ".s3.amazonaws.com/list.html?prefix={$new_path}\">{$type}</a> has been uploaded.", TRUE); } else { addComment($uid, $pid, "A new <a href=\"{$new_path}\">{$type}</a> has been uploaded.", TRUE); } } else { $_SESSION['upload_error'] = "There was an error uploading the file, please try again. (Note: file max size may be limited)"; } } else { $upload_error = ""; if (move_uploaded_file($file['tmp_name'], $target_path)) { if (USING_AWS) { $key = $target_path; $result = $client->putObject(array('Bucket' => AWS_BUCKET, 'Key' => $key, 'Body' => file_get_contents($target_path), 'ContentDisposition' => 'inline')); } $sql = sprintf("INSERT INTO uploaded_files (filename, pid, uid, cid, type) VALUES ('%s', '%s', '%s', '%s', '%s')", mysql_real_escape_string($target_path), mysql_real_escape_string($pid), mysql_real_escape_string($uid), mysql_real_escape_string(-1), mysql_real_escape_string($type)); query_db($sql); if (USING_AWS) { addComment($uid, $pid, "A new <a href=\"https://" . AWS_BUCKET . ".s3.amazonaws.com/{$target_path}\">{$type}</a> has been uploaded.", TRUE); } else { addComment($uid, $pid, "A new <a href=\"{$target_path}\">{$type}</a> has been uploaded.", TRUE); } } else { $_SESSION['upload_error'] = "There was an error uploading the file, please try again. (Note: file max size may be limited) " . serialize($file); } } if ($type == "postprod") { // pushToPostProd($uid, $pid); } }
addFactcheckers($uid, $pid, array($uid)); header("Location: " . URL . "/factcheck.php"); exit(0); } if (isset($_POST['TestAdminPuzzle'])) { $pid = $_POST['pid']; if (!addToTestAdminQueue($uid, $pid)) { $_SESSION['failedToAdd'] = TRUE; } header("Location: " . URL . "/testadmin.php"); exit(0); } if (isset($_POST['getTestId'])) { $pid = $_POST['pid']; if (!validPuzzleId($pid)) { utilsError("Invalid puzzle ID."); } if (isTestingAdmin($uid)) { header("Location: " . URL . "/test.php?pid=" . $pid); exit(0); } if (canTestPuzzle($uid, $pid, TRUE) && !isTesterOnPuzzle($uid, $pid)) { addPuzzleToTestQueue($uid, $pid); header("Location: " . URL . "/test.php?pid=" . $pid); } else { if (isTesterOnPuzzle($uid, $pid)) { header("Location: " . URL . "/test.php?pid=" . $pid); } else { if (!isset($_SESSION['testError'])) { $_SESSION['testError'] = "Could not add Puzzle {$pid} to your queue"; }