function uploadFiles($uid, $pid, $type, $file)
{
if (!canViewPuzzle($uid, $pid)) {
utilsError("You do not have permission to modify this puzzle.");
}
if ($type == 'draft' && !canAcceptDrafts($pid)) {
utilsError("This puzzle has been finalized. No new drafts can be uploaded.");
}
$extension = "";
$target_path = "uploads/puzzle_files/" . uniqid();
$filename_parts = explode(".", $file['name']);
if (count($filename_parts) > 1) {
$target_path = $target_path . "." . end($filename_parts);
$extension = end($filename_parts);
}
if (USING_AWS) {
$client = S3Client::factory(array('key' => AWS_ACCESS_KEY, 'secret' => AWS_SECRET_KEY));
}
if ($extension == "zip") {
$filetype = "dir";
if (move_uploaded_file($file['tmp_name'], $target_path)) {
if (USING_AWS) {
$key = $target_path;
$result = $client->putObject(array('Bucket' => AWS_BUCKET, 'Key' => $key, 'Body' => file_get_contents($target_path), 'ContentDisposition' => 'inline'));
}
$new_path = $target_path . "_" . $filetype;
#echo "target_path is $target_path<br>";
#echo "new_path is $new_path<br>";
$res = exec("/usr/bin/unzip {$target_path} -d {$new_path}");
if (USING_AWS) {
$result = $client->uploadDirectory($new_path, AWS_BUCKET, $new_path);
}
$sql = sprintf("INSERT INTO uploaded_files (filename, pid, uid, cid, type) VALUES ('%s', '%s', '%s', '%s', '%s')", mysql_real_escape_string($new_path), mysql_real_escape_string($pid), mysql_real_escape_string($uid), mysql_real_escape_string(-1), mysql_real_escape_string($type));
query_db($sql);
$sql = sprintf("INSERT INTO uploaded_files (filename, pid, uid, cid, type) VALUES ('%s', '%s', '%s', '%s', '%s')", mysql_real_escape_string($target_path), mysql_real_escape_string($pid), mysql_real_escape_string($uid), mysql_real_escape_string(-1), mysql_real_escape_string($type));
query_db($sql);
if (USING_AWS) {
addComment($uid, $pid, "A new <a href=\"https://" . AWS_BUCKET . ".s3.amazonaws.com/list.html?prefix={$new_path}\">{$type}</a> has been uploaded.", TRUE);
} else {
addComment($uid, $pid, "A new <a href=\"{$new_path}\">{$type}</a> has been uploaded.", TRUE);
}
} else {
$_SESSION['upload_error'] = "There was an error uploading the file, please try again. (Note: file max size may be limited)";
}
} else {
$upload_error = "";
if (move_uploaded_file($file['tmp_name'], $target_path)) {
if (USING_AWS) {
$key = $target_path;
$result = $client->putObject(array('Bucket' => AWS_BUCKET, 'Key' => $key, 'Body' => file_get_contents($target_path), 'ContentDisposition' => 'inline'));
}
$sql = sprintf("INSERT INTO uploaded_files (filename, pid, uid, cid, type) VALUES ('%s', '%s', '%s', '%s', '%s')", mysql_real_escape_string($target_path), mysql_real_escape_string($pid), mysql_real_escape_string($uid), mysql_real_escape_string(-1), mysql_real_escape_string($type));
query_db($sql);
if (USING_AWS) {
addComment($uid, $pid, "A new <a href=\"https://" . AWS_BUCKET . ".s3.amazonaws.com/{$target_path}\">{$type}</a> has been uploaded.", TRUE);
} else {
addComment($uid, $pid, "A new <a href=\"{$target_path}\">{$type}</a> has been uploaded.", TRUE);
}
} else {
$_SESSION['upload_error'] = "There was an error uploading the file, please try again. (Note: file max size may be limited) " . serialize($file);
}
}
if ($type == "postprod") {
// pushToPostProd($uid, $pid);
}
}
addFactcheckers($uid, $pid, array($uid));
header("Location: " . URL . "/factcheck.php");
exit(0);
}
if (isset($_POST['TestAdminPuzzle'])) {
$pid = $_POST['pid'];
if (!addToTestAdminQueue($uid, $pid)) {
$_SESSION['failedToAdd'] = TRUE;
}
header("Location: " . URL . "/testadmin.php");
exit(0);
}
if (isset($_POST['getTestId'])) {
$pid = $_POST['pid'];
if (!validPuzzleId($pid)) {
utilsError("Invalid puzzle ID.");
}
if (isTestingAdmin($uid)) {
header("Location: " . URL . "/test.php?pid=" . $pid);
exit(0);
}
if (canTestPuzzle($uid, $pid, TRUE) && !isTesterOnPuzzle($uid, $pid)) {
addPuzzleToTestQueue($uid, $pid);
header("Location: " . URL . "/test.php?pid=" . $pid);
} else {
if (isTesterOnPuzzle($uid, $pid)) {
header("Location: " . URL . "/test.php?pid=" . $pid);
} else {
if (!isset($_SESSION['testError'])) {
$_SESSION['testError'] = "Could not add Puzzle {$pid} to your queue";
}