function upload() { $this->set_upload_headers(); if (!isset($_POST['object']) || !isset($_POST['id'])) { return false; } //the file might be uploaded to an object that isn't a project (i.e. a task), so we need to figure out the project id $context = Project::context($_POST['object'], $_POST['id']); if (!isset($context['project_id'])) { return false; } $project_id = $context['project_id']; $project = new Project($project_id); if (!current_user()->can_access($project)) { return false; } if (!current_user()->is('admin') && !$this->allow_client_uploads()) { return false; } //we need to set the project id, before we generate the upload paths $this->set('project_id', $project_id); $this->set('client_id', $project->client_id); //perform the upload $upload_options = $project->file_paths(); $upload = new Upload(array('upload_dir' => $upload_options['upload_path'], 'upload_url' => $upload_options['web_path'])); $status = $upload->post(); $status = $status[0]; if ($status->size > 0) { $name = $status->name; $this->set('entity_type', $context['entity_type']); $this->set('entity_id', $context['entity_id']); $this->set('uploader_id', current_user()->id); $this->set('name', $name); $this->set('size', $status->size); $this->set('created', time()); //prevent the save function from calling import_parameters. This would cause the object id that is sent //as a post parameter to be imported as the id of this file, and then the model would try to do an update. //this is not the desired behavior. This is a new file and does not have an id yet... $this->params_imported = true; $this->save(); ActivityManager::file_created($this); return true; } else { if (isset($status->error)) { $this->set_error('file', $status->error); } return false; } }