/**
* Upload a resume
*
* @param object $database Database
* @param string $option Component name
* @param object $member Profile
* @return string
*/
protected function _upload($database, $option, $member)
{
$path = $this->build_path($member->get('id'));
$emp = Request::getInt('emp', 0);
if (!$path) {
$this->setError(Lang::txt('PLG_MEMBERS_RESUME_SUPPORT_NO_UPLOAD_DIRECTORY'));
return $this->_view($database, $option, $member, $emp);
}
// Check for request forgeries
Request::checkToken(['get', 'post']);
// Incoming file
$file = Request::getVar('uploadres', '', 'files', 'array');
if (!$file['name']) {
$this->setError(Lang::txt('PLG_MEMBERS_RESUME_SUPPORT_NO_FILE'));
return $this->_view($database, $option, $member, $emp);
}
// Incoming
$title = Request::getVar('title', '');
$default_title = $member->get('firstname') ? $member->get('firstname') . ' ' . $member->get('lastname') . ' ' . ucfirst(Lang::txt('PLG_MEMBERS_RESUME_RESUME')) : $member->get('name') . ' ' . ucfirst(Lang::txt('PLG_MEMBERS_RESUME_RESUME'));
$path = PATH_APP . $path;
// Replace file title with user name
$file_ext = substr($file['name'], strripos($file['name'], '.'));
$file['name'] = $member->get('firstname') ? $member->get('firstname') . ' ' . $member->get('lastname') . ' ' . ucfirst(Lang::txt('PLG_MEMBERS_RESUME_RESUME')) : $member->get('name') . ' ' . ucfirst(Lang::txt('PLG_MEMBERS_RESUME_RESUME'));
$file['name'] .= $file_ext;
// Make the filename safe
$file['name'] = Filesystem::clean($file['name']);
$file['name'] = str_replace(' ', '_', $file['name']);
$ext = strtolower(Filesystem::extension($file['name']));
if (!in_array($ext, explode(',', $this->params->get('file_ext', 'jpg,jpeg,jpe,bmp,tif,tiff,png,gif,pdf,txt,rtf,doc,docx,ppt')))) {
$this->setError(Lang::txt('Disallowed file type.'));
return $this->_view($database, $option, $member, $emp);
}
$row = new \Components\Jobs\Tables\Resume($database);
if (!$row->loadResume($member->get('id'))) {
$row = new \Components\Jobs\Tables\Resume($database);
$row->id = 0;
$row->uid = $member->get('id');
$row->main = 1;
} else {
if (file_exists($path . DS . $row->filename)) {
Filesystem::delete($path . DS . $row->filename);
// Remove stats for prev resume
$jobstats = new \Components\Jobs\Tables\JobStats($database);
$jobstats->deleteStats($member->get('id'), 'seeker');
}
}
// Perform the upload
if (!Filesystem::upload($file['tmp_name'], $path . DS . $file['name'])) {
$this->setError(Lang::txt('ERROR_UPLOADING'));
} else {
$fpath = $path . DS . $file['name'];
if (!Filesystem::isSafe($fpath)) {
Filesystem::delete($fpath);
$this->setError(Lang::txt('File rejected because the anti-virus scan failed.'));
return $this->_view($database, $option, $member, $emp);
}
// File was uploaded, create database entry
$title = htmlspecialchars($title);
$row->created = Date::toSql();
$row->filename = $file['name'];
$row->title = $title ? $title : $default_title;
if (!$row->check()) {
$this->setError($row->getError());
}
if (!$row->store()) {
$this->setError($row->getError());
}
}
return $this->_view($database, $option, $member, $emp);
}
/**
* Create method for this handler
*
* @return array of assets created
**/
public function create()
{
// Include needed files
require_once dirname(dirname(__DIR__)) . DS . 'tables' . DS . 'asset.association.php';
require_once dirname(dirname(__DIR__)) . DS . 'tables' . DS . 'asset.php';
require_once dirname(__DIR__) . DS . 'asset.php';
// Get the file
if (isset($_FILES['files'])) {
$file = $_FILES['files']['name'][0];
$size = (int) $_FILES['files']['size'];
// Get the file extension
$pathinfo = pathinfo($file);
$filename = $pathinfo['filename'];
$ext = $pathinfo['extension'];
} else {
return array('error' => 'No files provided');
}
// @FIXME: should these come from the global settings, or should they be courses specific
// Get config
$config = Component::params('com_media');
// Max upload size
$sizeLimit = (int) $config->get('upload_maxsize');
$sizeLimit = $sizeLimit * 1024 * 1024;
// Check to make sure we have a file and its not too big
if ($size == 0) {
return array('error' => 'File is empty');
}
if ($size > $sizeLimit) {
$max = preg_replace('/<abbr \\w+=\\"\\w+\\">(\\w{1,3})<\\/abbr>/', '$1', \Hubzero\Utility\Number::formatBytes($sizeLimit));
return array('error' => "File is too large. Max file upload size is {$max}");
}
// Create our asset table object
$assetObj = new Tables\Asset($this->db);
$this->asset['title'] = $filename;
$this->asset['type'] = !empty($this->asset['type']) ? $this->asset['type'] : 'file';
$this->asset['subtype'] = !empty($this->asset['subtype']) ? $this->asset['subtype'] : 'file';
$this->asset['url'] = $file;
$this->asset['created'] = Date::toSql();
$this->asset['created_by'] = App::get('authn')['user_id'];
$this->asset['course_id'] = Request::getInt('course_id', 0);
// Save the asset
if (!$assetObj->save($this->asset)) {
return array('error' => 'Asset save failed');
}
// Create asset assoc object
$assocObj = new Tables\AssetAssociation($this->db);
$this->assoc['asset_id'] = $assetObj->get('id');
$this->assoc['scope'] = Request::getCmd('scope', 'asset_group');
$this->assoc['scope_id'] = Request::getInt('scope_id', 0);
// Save the asset association
if (!$assocObj->save($this->assoc)) {
return array('error' => 'Asset association save failed');
}
// Get courses config
$cconfig = Component::params('com_courses');
// Build the upload path if it doesn't exist
$uploadDirectory = PATH_APP . DS . trim($cconfig->get('uploadpath', '/site/courses'), DS) . DS . $this->asset['course_id'] . DS . $this->assoc['asset_id'] . DS;
// Make sure upload directory exists and is writable
if (!is_dir($uploadDirectory)) {
if (!Filesystem::makeDirectory($uploadDirectory, 0755, true)) {
return array('error' => 'Server error. Unable to create upload directory');
}
}
if (!is_writable($uploadDirectory)) {
return array('error' => 'Server error. Upload directory isn\'t writable');
}
// Get the final file path
$target_path = $uploadDirectory . $filename . '.' . $ext;
// Move the file to the site folder
set_time_limit(60);
// Scan for viruses
if (!Filesystem::isSafe($_FILES['files']['tmp_name'][0])) {
// Scan failed, delete asset and association and return an error
$assetObj->delete();
$assocObj->delete();
Filesystem::deleteDirectory($uploadDirectory);
return array('error' => 'File rejected because the anti-virus scan failed.');
}
if (!($move = move_uploaded_file($_FILES['files']['tmp_name'][0], $target_path))) {
// Move failed, delete asset and association and return an error
$assetObj->delete();
$assocObj->delete();
Filesystem::deleteDirectory($uploadDirectory);
return array('error' => 'Move file failed');
}
// Get the url to return to the page
$course_id = Request::getInt('course_id', 0);
$offering_alias = Request::getCmd('offering', '');
$course = new \Components\Courses\Models\Course($course_id);
$url = Route::url('index.php?option=com_courses&controller=offering&gid=' . $course->get('alias') . '&offering=' . $offering_alias . '&asset=' . $assetObj->get('id'));
$url = rtrim(str_replace('/api', '', Request::root()), '/') . '/' . ltrim($url, '/');
$return_info = array('asset_id' => $this->assoc['asset_id'], 'asset_title' => $this->asset['title'], 'asset_type' => $this->asset['type'], 'asset_subtype' => $this->asset['subtype'], 'asset_url' => $url, 'course_id' => $this->asset['course_id'], 'offering_alias' => Request::getCmd('offering', ''), 'scope_id' => $this->assoc['scope_id'], 'asset_ext' => $ext, 'upload_path' => $uploadDirectory, 'target_path' => $target_path);
// Return info
return array('assets' => $return_info);
}
/**
* Upload a file to the wiki
*
* @return void
*/
public function _fileUpload()
{
// Check if they're logged in
if (User::isGuest()) {
return $this->_files();
}
if (Request::getVar('no_html', 0)) {
return $this->_ajaxUpload();
}
// Check for request forgeries
Request::checkToken();
// Ensure we have an ID to work with
$listdir = Request::getInt('listdir', 0, 'post');
if (!$listdir) {
$this->setError(Lang::txt('PLG_COURSES_PAGES_ERROR_NO_ID_PROVIDED'));
return $this->_files();
}
// Incoming file
$file = Request::getVar('upload', '', 'files', 'array');
if (!$file['name']) {
$this->setError(Lang::txt('PLG_COURSES_PAGES_ERROR_NO_FILE_PROVIDED'));
return $this->_files();
}
// Build the upload path if it doesn't exist
$path = $this->_path();
if (!is_dir($path)) {
if (!Filesystem::makeDirectory($path)) {
$this->setError(Lang::txt('PLG_COURSES_PAGES_ERROR_UNABLE_TO_MAKE_PATH'));
return $this->_files();
}
}
// Make the filename safe
$file['name'] = urldecode($file['name']);
$file['name'] = Filesystem::clean($file['name']);
$file['name'] = str_replace(' ', '_', $file['name']);
// Upload new files
if (!Filesystem::upload($file['tmp_name'], $path . DS . $file['name'])) {
$this->setError(Lang::txt('PLG_COURSES_PAGES_ERROR_UNABLE_TO_UPLOAD'));
}
if (!Filesystem::isSafe($path . DS . $file['name'])) {
Filesystem::delete($path . DS . $file['name']);
$this->setError(Lang::txt('PLG_COURSES_PAGES_ERROR_UNSAFE_FILE'));
}
// Push through to the media view
return $this->_files();
}
/**
* Upload a file
*
* @return void
*/
public function uploadTask()
{
// Check if they're logged in
/*if (User::isGuest())
{
$this->displayTask();
return;
}*/
if (Request::getVar('no_html', 0)) {
return $this->ajaxUploadTask();
}
// Ensure we have an ID to work with
$ticket = Request::getInt('ticket', 0, 'post');
$comment = Request::getInt('comment', 0, 'post');
if (!$ticket) {
$this->setError(Lang::txt('COM_SUPPORT_NO_ID'));
$this->displayTask();
return;
}
// Incoming file
$file = Request::getVar('upload', '', 'files', 'array');
if (!$file['name']) {
$this->setError(Lang::txt('COM_SUPPORT_NO_FILE'));
$this->displayTask();
return;
}
// Build the upload path if it doesn't exist
$path = PATH_APP . DS . trim($this->config->get('filepath', '/site/tickets'), DS) . DS . $ticket;
if (!is_dir($path)) {
if (!Filesystem::makeDirectory($path)) {
$this->setError(Lang::txt('Error uploading. Unable to create path.'));
$this->displayTask();
return;
}
}
// Make the filename safe
$file['name'] = urldecode($file['name']);
$file['name'] = Filesystem::clean($file['name']);
$file['name'] = str_replace(' ', '_', $file['name']);
$ext = Filesystem::extension($file['name']);
$filename = Filesystem::name($file['name']);
while (file_exists($path . DS . $filename . '.' . $ext)) {
$filename .= rand(10, 99);
}
//make sure that file is acceptable type
if (!in_array($ext, explode(',', $this->config->get('file_ext')))) {
$this->setError(Lang::txt('COM_SUPPORT_ERROR_INCORRECT_FILE_TYPE'));
echo $this->getError();
return;
}
$filename .= '.' . $ext;
// Upload new files
if (!\Filesystem::upload($file['tmp_name'], $path . DS . $filename)) {
$this->setError(Lang::txt('ERROR_UPLOADING'));
} else {
$fle = $path . DS . $filename;
if (!\Filesystem::isSafe($file)) {
if (\Filesystem::delete($file)) {
$this->setError(Lang::txt('ATTACHMENT: File rejected because the anti-virus scan failed.'));
echo $this->getError();
return;
}
}
// Create database entry
$asset = new Attachment();
$asset->bind(array('id' => 0, 'ticket' => $ticket, 'comment_id' => $comment, 'filename' => $filename, 'description' => Request::getVar('description', '')));
if (!$asset->store(true)) {
$this->setError($asset->getError());
}
}
// Push through to the media view
$this->displayTask();
}
/**
* Save a billboard
*
* @return void
*/
public function saveTask()
{
// Check for request forgeries
Request::checkToken();
// Incoming, make sure to allow HTML to pass through
$data = Request::getVar('billboard', array(), 'post', 'array', JREQUEST_ALLOWHTML);
// Create object
$billboard = Billboard::oneOrNew($data['id'])->set($data);
// Check to make sure collection exists
$collection = Collection::oneOrNew($billboard->collection_id);
if ($collection->isNew()) {
$collection->set('name', 'Default Collection')->save();
$billboard->set('collection_id', $collection->id);
}
if (!$billboard->save()) {
// Something went wrong...return errors
foreach ($billboard->getErrors() as $error) {
$this->view->setError($error);
}
$this->view->setLayout('edit');
$this->view->task = 'edit';
$this->editTask($billboard);
return;
}
// See if we have an image coming in as well
$billboard_image = Request::getVar('billboard-image', false, 'files', 'array');
// If so, proceed with saving the image
if (isset($billboard_image['name']) && $billboard_image['name']) {
// Build the upload path if it doesn't exist
$image_location = $this->config->get('image_location', 'app' . DS . 'site' . DS . 'media' . DS . 'images' . DS . 'billboards');
$uploadDirectory = PATH_ROOT . DS . trim($image_location, DS) . DS;
// Make sure upload directory exists and is writable
if (!is_dir($uploadDirectory)) {
if (!\Filesystem::makeDirectory($uploadDirectory)) {
$this->view->setError(Lang::txt('COM_BILLBOARDS_ERROR_UNABLE_TO_CREATE_UPLOAD_PATH'));
$this->view->setLayout('edit');
$this->view->task = 'edit';
$this->editTask($billboard);
return;
}
}
// Scan for viruses
if (!\Filesystem::isSafe($billboard_image['tmp_name'])) {
$this->view->setError(Lang::txt('COM_BILLBOARDS_ERROR_FAILED_VIRUS_SCAN'));
$this->view->setLayout('edit');
$this->view->task = 'edit';
$this->editTask($billboard);
return;
}
if (!move_uploaded_file($billboard_image['tmp_name'], $uploadDirectory . $billboard_image['name'])) {
$this->view->setError(Lang::txt('COM_BILLBOARDS_ERROR_FILE_MOVE_FAILED'));
$this->view->setLayout('edit');
$this->view->task = 'edit';
$this->editTask($billboard);
return;
} else {
// Move successful, save the image url to the billboard entry
$billboard->set('background_img', $billboard_image['name'])->save();
}
}
// Check in the billboard now that we've saved it
$billboard->checkin();
// Redirect
App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller, false), Lang::txt('COM_BILLBOARDS_BILLBOARD_SUCCESSFULLY_SAVED'));
}
/**
* Upload a file
*
* @param integer $listdir Wish ID
* @return string
*/
public function uploadTask($listdir)
{
if (!$listdir) {
$this->setError(Lang::txt('COM_WISHLIST_ERROR_NO_UPLOAD_DIRECTORY'));
return '';
}
// Incoming file
$file = Request::getVar('upload', array(), 'files', 'array');
if (!isset($file['name']) || !$file['name']) {
$this->setError(Lang::txt('COM_WISHLIST_ERROR_NO_FILE'));
return '';
}
// Make the filename safe
$file['name'] = \Filesystem::clean($file['name']);
$file['name'] = str_replace(' ', '_', $file['name']);
//make sure that file is acceptable type
$attachment = new Attachment(array('id' => 0, 'description' => Request::getVar('description', ''), 'wish' => $listdir, 'filename' => $file['name']));
// make sure that file is acceptable type
if (!$attachment->isAllowedType()) {
$this->setError(Lang::txt('ATTACHMENT: Incorrect file type.'));
return Lang::txt('ATTACHMENT: Incorrect file type.');
}
$path = $attachment->link('dir');
// Build the path if it doesn't exist
if (!is_dir($path)) {
if (!\Filesystem::makeDirectory($path)) {
$this->setError(Lang::txt('COM_WISHLIST_UNABLE_TO_CREATE_UPLOAD_PATH'));
return 'ATTACHMENT: ' . Lang::txt('COM_WISHLIST_UNABLE_TO_CREATE_UPLOAD_PATH');
}
}
// Perform the upload
if (!\Filesystem::upload($file['tmp_name'], $path . DS . $file['name'])) {
$this->setError(Lang::txt('COM_WISHLIST_ERROR_UPLOADING'));
return 'ATTACHMENT: ' . Lang::txt('COM_WISHLIST_ERROR_UPLOADING');
} else {
// Scan for viruses
$path = $path . DS . $file['name'];
//PATH_CORE . DS . 'virustest';
if (!\Filesystem::isSafe($path)) {
if (\Filesystem::delete($path)) {
$this->setError(Lang::txt('ATTACHMENT: File rejected because the anti-virus scan failed.'));
return Lang::txt('ATTACHMENT: File rejected because the anti-virus scan failed.');
}
}
if (!$attachment->store(true)) {
$this->setError($attachment->getError());
}
return '{attachment#' . $attachment->get('id') . '}';
}
}
/**
* Upload a file
*
* @return void
*/
public function uploadTask()
{
if (Request::getVar('no_html', 0)) {
return $this->ajaxUploadTask();
}
// Check for request forgeries
Request::checkToken();
// Incoming
$id = Request::getInt('id', 0);
if (!$id) {
$this->setError(Lang::txt('COM_STOREFRONT_ERROR_NO_ID'));
$this->displayTask('', $id);
return;
}
// Build the path
$type = strtolower(Request::getWord('type', ''));
$path = $this->_path($type, $id);
if (!$path) {
$this->displayTask('', $id);
return;
}
// Incoming file
$file = Request::getVar('upload', '', 'files', 'array');
if (!$file['name']) {
$this->setError(Lang::txt('COM_STOREFRONT_NO_FILE'));
$this->displayTask('', $id);
return;
}
$curfile = Request::getVar('curfile', '');
if (!is_dir($path)) {
if (!Filesystem::makeDirectory($path)) {
$this->setError(Lang::txt('COM_STOREFRONT_ERROR_UNABLE_TO_CREATE_UPLOAD_PATH'));
$this->displayTask('', $id);
return;
}
}
// Make the filename safe
$file['name'] = Filesystem::clean($file['name']);
$file['name'] = str_replace(' ', '_', $file['name']);
// Perform the upload
if (!Filesystem::upload($file['tmp_name'], $path . DS . $file['name'])) {
$this->setError(Lang::txt('COM_STOREFRONT_ERROR_UPLOADING'));
$file = $curfile;
} else {
if (!Filesystem::isSafe($path . DS . $file['name'])) {
Filesystem::delete($path . DS . $file['name']);
$this->setError(Lang::txt('COM_STOREFRONT_ERROR_FILE_UNSAFE'));
$this->displayTask($curfile, $id);
return;
}
// Do we have an old file we're replacing?
if ($curfile = Request::getVar('currentfile', '')) {
// Remove old image
if (file_exists($path . DS . $curfile)) {
if (!Filesystem::delete($path . DS . $curfile)) {
$this->setError(Lang::txt('COM_COURSES_ERROR_UNABLE_TO_DELETE_FILE'));
$this->displayTask($file['name'], $id);
return;
}
}
}
switch ($type) {
case 'product':
// Instantiate a model, change some info and save
$product = new Product($id);
$product->setImage($file['name']);
break;
default:
echo json_encode(array('error' => Lang::txt('COM_STOREFRONT_ERROR_INVALID_TYPE')));
return;
break;
}
if (!$product->update()) {
$this->setError('Error updating product');
}
$file = $file['name'];
}
// Push through to the image view
$this->displayTask($file, $id);
}
/**
* Uploads a file to a given directory and returns an attachment string
* that is appended to report/comment bodies
*
* @param string $listdir Directory to upload files to
* @return string A string that gets appended to messages
*/
public function uploadTask($listdir, $comment_id = 0)
{
if (!$listdir) {
$this->setError(Lang::txt('COM_SUPPORT_ERROR_MISSING_UPLOAD_DIRECTORY'));
return '';
}
// Construct our file path
$path = PATH_APP . DS . trim($this->config->get('webpath', '/site/tickets'), DS) . DS . $listdir;
$row = new Tables\Attachment($this->database);
// Rename temp directories
if ($tmp = Request::getInt('tmp_dir')) {
$tmpPath = PATH_APP . DS . trim($this->config->get('webpath', '/site/tickets'), DS) . DS . $tmp;
if (is_dir($tmpPath)) {
if (!\Filesystem::move($tmpPath, $path)) {
$this->setError(Lang::txt('COM_SUPPORT_ERROR_UNABLE_TO_MOVE_UPLOAD_PATH'));
throw new Exception(Lang::txt('COM_SUPPORT_ERROR_UNABLE_TO_MOVE_UPLOAD_PATH'), 500);
return '';
}
$row->updateTicketId($tmp, $listdir);
}
}
// Incoming file
$file = Request::getVar('upload', '', 'files', 'array');
if (!isset($file['name']) || !$file['name']) {
//$this->setError(Lang::txt('SUPPORT_NO_FILE'));
return '';
}
// Incoming
$description = Request::getVar('description', '');
// Build the path if it doesn't exist
if (!is_dir($path)) {
if (!Filesystem::makeDirectory($path)) {
$this->setError(Lang::txt('COM_SUPPORT_ERROR_UNABLE_TO_CREATE_UPLOAD_PATH'));
return '';
}
}
// Make the filename safe
$file['name'] = Filesystem::clean($file['name']);
$file['name'] = str_replace(' ', '_', $file['name']);
$ext = strtolower(Filesystem::extension($file['name']));
//make sure that file is acceptable type
if (!in_array($ext, explode(',', $this->config->get('file_ext')))) {
$this->setError(Lang::txt('COM_SUPPORT_ERROR_INCORRECT_FILE_TYPE'));
return Lang::txt('COM_SUPPORT_ERROR_INCORRECT_FILE_TYPE');
}
$filename = Filesystem::name($file['name']);
while (file_exists($path . DS . $filename . '.' . $ext)) {
$filename .= rand(10, 99);
}
$finalfile = $path . DS . $filename . '.' . $ext;
// Perform the upload
if (!Filesystem::upload($file['tmp_name'], $finalfile)) {
$this->setError(Lang::txt('COM_SUPPORT_ERROR_UPLOADING'));
return '';
} else {
// Scan for viruses
if (!\Filesystem::isSafe($finalfile)) {
if (\Filesystem::delete($finalfile)) {
$this->setError(Lang::txt('COM_SUPPORT_ERROR_FAILED_VIRUS_SCAN'));
return Lang::txt('COM_SUPPORT_ERROR_FAILED_VIRUS_SCAN');
}
}
// File was uploaded
// Create database entry
$description = htmlspecialchars($description);
$row->bind(array('id' => 0, 'ticket' => $listdir, 'comment_id' => $comment_id, 'filename' => $filename . '.' . $ext, 'description' => $description));
if (!$row->check()) {
$this->setError($row->getError());
}
if (!$row->store()) {
$this->setError($row->getError());
}
if (!$row->id) {
$row->getID();
}
return '{attachment#' . $row->id . '}';
}
}
/**
* Save an attachment
*
* @return void
*/
public function saveTask()
{
if (Request::getVar('no_html', 0)) {
return $this->ajaxUploadTask();
}
// Incoming
$pid = Request::getInt('pid', 0);
if (!$pid) {
$this->setError(Lang::txt('CONTRIBUTE_NO_ID'));
$this->displayTask($pid);
return;
}
// Incoming file
$file = Request::getVar('upload', '', 'files', 'array');
if (!$file['name']) {
$this->setError(Lang::txt('CONTRIBUTE_NO_FILE'));
$this->displayTask($pid);
return;
}
// Make the filename safe
$file['name'] = \Filesystem::clean($file['name']);
// Ensure file names fit.
$ext = \Filesystem::extension($file['name']);
$file['name'] = str_replace(' ', '_', $file['name']);
if (strlen($file['name']) > 230) {
$file['name'] = substr($file['name'], 0, 230);
$file['name'] .= '.' . $ext;
}
// Instantiate a new resource object
$row = new Resource($this->database);
if (!$row->bind($_POST)) {
$this->setError($row->getError());
$this->displayTask($pid);
return;
}
$row->title = $row->title ? $row->title : $file['name'];
$row->introtext = $row->title;
$row->created = Date::toSql();
$row->created_by = User::get('id');
$row->published = 1;
$row->publish_up = Date::toSql();
$row->publish_down = '0000-00-00 00:00:00';
$row->standalone = 0;
$row->path = '';
// make sure no path is specified just yet
// Check content
if (!$row->check()) {
$this->setError($row->getError());
$this->displayTask($pid);
return;
}
// File already exists
if ($row->loadByFile($file['name'], $pid)) {
$this->setError(Lang::txt('A file with this name and type appears to already exist.'));
$this->displayTask($pid);
return;
}
// Store new content
if (!$row->store()) {
$this->setError($row->getError());
$this->displayTask($pid);
return;
}
if (!$row->id) {
$row->id = $row->insertid();
}
// Build the path
$listdir = $this->_buildPathFromDate($row->created, $row->id, '');
$path = $this->_buildUploadPath($listdir, '');
// Make sure the upload path exist
if (!is_dir($path)) {
if (!\Filesystem::makeDirectory($path)) {
$this->setError(Lang::txt('COM_CONTRIBUTE_UNABLE_TO_CREATE_UPLOAD_PATH'));
$this->displayTask($pid);
return;
}
}
// Perform the upload
if (!\Filesystem::upload($file['tmp_name'], $path . DS . $file['name'])) {
$this->setError(Lang::txt('COM_CONTRIBUTE_ERROR_UPLOADING'));
} else {
// File was uploaded
// Check the file type
$row->type = $this->_getChildType($file['name']);
// If it's a package (ZIP, etc) ...
/*
Breeze presentations haven't been used for some time.
Completely unnecessary code?
if ($row->type == 38)
{
require_once(PATH_CORE . DS . 'includes' . DS . 'pcl' . DS . 'pclzip.lib.php');
if (!extension_loaded('zlib'))
{
$this->setError(Lang::txt('COM_CONTRIBUTE_ZLIB_PACKAGE_REQUIRED'));
}
else
{
// Check the table of contents and look for a Breeze viewer.swf file
$isbreeze = 0;
$zip = new PclZip($path . DS . $file['name']);
$file_to_unzip = preg_replace('/(.+)\..*$/', '$1', $path . DS . $file['name']);
if (($list = $zip->listContent()) == 0)
{
die('Error: '.$zip->errorInfo(true));
}
for ($i=0; $i<sizeof($list); $i++)
{
if (substr($list[$i]['filename'], strlen($list[$i]['filename']) - 10, strlen($list[$i]['filename'])) == 'viewer.swf')
{
$isbreeze = $list[$i]['filename'];
break;
}
//$this->setError(substr($list[$i]['filename'], strlen($list[$i]['filename']), -4).' '.substr($file['name'], strlen($file['name']), -4));
}
if (!$isbreeze)
{
for ($i=0; $i<sizeof($list); $i++)
{
if (strtolower(substr($list[$i]['filename'], -3)) == 'swf'
&& substr($list[$i]['filename'], strlen($list[$i]['filename']), -4) == substr($file['name'], strlen($file['name']), -4))
{
$isbreeze = $list[$i]['filename'];
break;
}
//$this->setError(substr($list[$i]['filename'], strlen($list[$i]['filename']), -4).' '.substr($file['name'], strlen($file['name']), -4));
}
}
// It IS a breeze presentation
if ($isbreeze)
{
// unzip the file
$do = $zip->extract($path);
if (!$do)
{
$this->setError(Lang::txt('COM_CONTRIBUTE_UNABLE_TO_EXTRACT_PACKAGE'));
}
else
{
$row->path = $listdir . DS . $isbreeze;
@unlink($path . DS . $file['name']);
}
$row->type = $this->_getChildType($row->path);
$row->title = $isbreeze;
}
}
}*/
}
// Scan for viruses
$fpath = $path . DS . $file['name'];
if (!\Filesystem::isSafe($fpath)) {
if (\Filesystem::delete($fpath)) {
// Delete associations to the resource
$row->deleteExistence();
// Delete resource
$row->delete();
}
$this->setError(Lang::txt('File rejected because the anti-virus scan failed.'));
$this->displayTask($pid);
return;
}
if (!$row->path) {
$row->path = $listdir . DS . $file['name'];
}
$row->path = ltrim($row->path, DS);
// Store new content
if (!$row->store()) {
$this->setError($row->getError());
$this->displayTask($pid);
return;
}
// Instantiate a Resources Assoc object
$assoc = new Assoc($this->database);
// Get the last child in the ordering
$assoc->ordering = $assoc->getLastOrder($pid);
$assoc->ordering = $assoc->ordering ? $assoc->ordering : 0;
// Increase the ordering - new items are always last
$assoc->ordering++;
// Create new parent/child association
$assoc->parent_id = $pid;
$assoc->child_id = $row->id;
$assoc->grouping = 0;
if (!$assoc->check()) {
$this->setError($assoc->getError());
}
if (!$assoc->store(true)) {
$this->setError($assoc->getError());
} else {
if (is_readable($path . DS . $file['name'])) {
$hash = @sha1_file($path . DS . $file['name']);
if (!empty($hash)) {
$this->database->setQuery('SELECT id FROM `#__document_text_data` WHERE hash = \'' . $hash . '\'');
if (!($doc_id = $this->database->loadResult())) {
$this->database->execute('INSERT INTO `#__document_text_data` (hash) VALUES (\'' . $hash . '\')');
$doc_id = $this->database->insertId();
}
$this->database->execute('INSERT IGNORE INTO `#__document_resource_rel` (document_id, resource_id) VALUES (' . (int) $doc_id . ', ' . (int) $row->id . ')');
system('/usr/bin/textifier ' . escapeshellarg($path . DS . $file['name']) . ' >/dev/null');
}
}
}
// Push through to the attachments view
$this->displayTask($pid);
}
/**
* Create method for this handler
*
* @return array of assets created
**/
public function create()
{
$this->asset['title'] = Request::getString('title', '');
$this->asset['type'] = 'text';
$this->asset['subtype'] = 'wiki';
if (!Request::getString('title', false)) {
return array('error' => 'Please provide a title!');
}
if (!Request::getInt('id', false)) {
// Create asset
$this->asset['course_id'] = Request::getInt('course_id');
$return = parent::create();
} else {
$this->asset['course_id'] = Request::getInt('course_id');
$this->assoc['asset_id'] = Request::getInt('id');
$this->assoc['scope_id'] = Request::getInt('scope_id');
// Save asset
$return = parent::save();
}
// If files are included, save them as well
// @FIXME: share this with file upload if possible
if (isset($_FILES['files'])) {
// @FIXME: should these come from the global settings, or should they be courses specific
// Get config
$config = Component::params('com_media');
// Max upload size
$sizeLimit = $config->get('upload_maxsize');
$sizeLimit = $sizeLimit * 1024 * 1024;
// Get courses config
$cconfig = Component::params('com_courses');
// Loop through files and save them (they will potentially be coming in together, in a single request)
for ($i = 0; $i < count($_FILES['files']['name']); $i++) {
$file = $_FILES['files']['name'][$i];
$size = (int) $_FILES['files']['size'][$i];
// Get the file extension
$pathinfo = pathinfo($file);
$filename = $pathinfo['filename'];
$ext = $pathinfo['extension'];
// Check to make sure we have a file and its not too big
if ($size == 0) {
return array('error' => 'File is empty');
}
if ($size > $sizeLimit) {
$max = preg_replace('/<abbr \\w+=\\"\\w+\\">(\\w{1,3})<\\/abbr>/', '$1', \Hubzero\Utility\Number::formatBytes($sizeLimit));
return array('error' => "File is too large. Max file upload size is {$max}");
}
// Build the upload path if it doesn't exist
require_once PATH_CORE . DS . 'components' . DS . 'com_courses' . DS . 'models' . DS . 'asset.php';
$asset = new \Components\Courses\Models\Asset($this->assoc['asset_id']);
$uploadDirectory = PATH_APP . DS . $asset->path($this->asset['course_id']);
// Make sure upload directory exists and is writable
if (!is_dir($uploadDirectory)) {
if (!\Filesystem::makeDirectory($uploadDirectory)) {
return array('error' => 'Server error. Unable to create upload directory');
}
}
if (!is_writable($uploadDirectory)) {
return array('error' => 'Server error. Upload directory isn\'t writable');
}
// Get the final file path
$target_path = $uploadDirectory . $filename . '.' . $ext;
// Move the file to the site folder
set_time_limit(60);
// Scan for viruses
if (!\Filesystem::isSafe($_FILES['files']['tmp_name'][$i])) {
// Scan failed, return an error
return array('error' => 'File rejected because the anti-virus scan failed.');
}
if (!($move = move_uploaded_file($_FILES['files']['tmp_name'][$i], $target_path))) {
return array('error' => 'Move file failed');
}
}
}
// Return info
return $return;
}
public function addFile($currentfile, $filename, $ticketid)
{
$config = Component::params('com_support');
// Construct our file path for new file
$path = PATH_APP . DS . trim($config->get('webpath', '/site/tickets'), DS) . DS . $ticketid;
// Build the path if it doesn't exist
if (!is_dir($path)) {
if (!Filesystem::makeDirectory($path)) {
$this->setError(Lang::txt('COM_SUPPORT_ERROR_UNABLE_TO_CREATE_UPLOAD_PATH'));
return '';
}
}
// Make the filename safe
$filename = Filesystem::clean($filename);
$filename = str_replace(' ', '_', $filename);
$ext = strtolower(Filesystem::extension($filename));
//make sure that file is acceptable type
if (!in_array($ext, explode(',', $config->get('file_ext')))) {
$this->setError(Lang::txt('COM_SUPPORT_ERROR_INCORRECT_FILE_TYPE'));
return Lang::txt('COM_SUPPORT_ERROR_INCORRECT_FILE_TYPE');
}
$newname = Filesystem::name($filename);
while (file_exists($path . DS . $newname . '.' . $ext)) {
$newname .= rand(10, 99);
}
$newname = $newname . '.' . $ext;
// We should ask the model if the name we generated is OK
$data = array();
$data['filename'] = $newname;
$newname = $this->automaticFilename($data);
$finalfile = $path . DS . $newname;
// Perform the upload
if (!Filesystem::upload($currentfile, $finalfile)) {
$this->setError(Lang::txt('COM_SUPPORT_ERROR_UPLOADING'));
return '';
} else {
// Scan for viruses
if (!\Filesystem::isSafe($finalfile)) {
if (\Filesystem::delete($finalfile)) {
$this->setError(Lang::txt('COM_SUPPORT_ERROR_FAILED_VIRUS_SCAN'));
return Lang::txt('COM_SUPPORT_ERROR_FAILED_VIRUS_SCAN');
}
}
}
$this->set('filename', $newname);
}
