function getMIMEType($ext, $filename = null) { if ($filename) { return Misc::getMIMEType(Misc::getFileExtension($filename)); } else { switch (strtolower($ext)) { // Image case 'gif': return 'image/gif'; case 'jpeg': case 'jpg': case 'jpe': return 'image/jpeg'; case 'png': return 'image/png'; case 'tiff': case 'tif': return 'image/tiff'; case 'bmp': return 'image/bmp'; // Sound // Sound case 'wav': return 'audio/x-wav'; case 'mpga': case 'mp2': case 'mp3': return 'audio/mpeg'; case 'm3u': return 'audio/x-mpegurl'; case 'wma': return 'audio/x-msaudio'; case 'ra': return 'audio/x-realaudio'; // Document // Document case 'css': return 'text/css'; case 'html': case 'htm': case 'xhtml': return 'text/html'; case 'rtf': return 'text/rtf'; case 'sgml': case 'sgm': return 'text/sgml'; case 'xml': case 'xsl': return 'text/xml'; case 'hwp': case 'hwpml': return 'application/x-hwp'; case 'pdf': return 'application/pdf'; case 'odt': case 'ott': return 'application/vnd.oasis.opendocument.text'; case 'ods': case 'ots': return 'application/vnd.oasis.opendocument.spreadsheet'; case 'odp': case 'otp': return 'application/vnd.oasis.opendocument.presentation'; case 'sxw': case 'stw': return ' application/vnd.sun.xml.writer'; case 'sxc': case 'stc': return ' application/vnd.sun.xml.calc'; case 'sxi': case 'sti': return ' application/vnd.sun.xml.impress'; case 'doc': return 'application/vnd.ms-word'; case 'xls': case 'xla': case 'xlt': case 'xlb': return 'application/vnd.ms-excel'; case 'ppt': case 'ppa': case 'pot': case 'pps': return 'application/vnd.mspowerpoint'; case 'vsd': case 'vss': case 'vsw': return 'application/vnd.visio'; case 'docx': case 'docm': case 'pptx': case 'pptm': case 'xlsx': case 'xlsm': return 'application/vnd.openxmlformats'; case 'csv': return 'text/comma-separated-values'; // Multimedia // Multimedia case 'mpeg': case 'mpg': case 'mpe': return 'video/mpeg'; case 'qt': case 'mov': return 'video/quicktime'; case 'avi': case 'wmv': return 'video/x-msvideo'; // Compression // Compression case 'bz2': return 'application/x-bzip2'; case 'gz': case 'tgz': return 'application/x-gzip'; case 'tar': return 'application/x-tar'; case 'zip': return 'application/zip'; case 'rar': return 'application/x-rar-compressed'; case '7z': return 'application/x-7z-compressed'; case 'alz': return 'application/x-alzip'; } } return ''; }
function addAttachment($blogid, $parent, $file) { global $database; if (empty($file['name']) || $file['error'] != 0) { return false; } $filename = $file['name']; $pool = DBModel::getInstance(); $pool->reset('Attachments'); $pool->setQualifier('blogid', 'equals', $blogid); $pool->setQualifier('parent', 'equals', $parent); $pool->setQualifier('label', 'equals', $filename, true); if ($pool->getCell('count(*)') > 0) { return false; } $attachment = array(); $attachment['parent'] = $parent ? $parent : 0; $attachment['label'] = Path::getBaseName($file['name']); $attachment['size'] = $file['size']; $extension = Misc::getFileExtension($attachment['label']); switch (strtolower($extension)) { case 'exe': case 'php': case 'sh': case 'com': case 'bat': $extension = 'xxx'; break; } if (strlen($extension) > 6 || $extension == '') { $extension = 'xxx'; } $path = ROOT . "/attach/{$blogid}"; if (!is_dir($path)) { mkdir($path); if (!is_dir($path)) { return false; } @chmod($path, 0777); } do { $attachment['name'] = rand(1000000000, 9999999999) . ".{$extension}"; $attachment['path'] = "{$path}/{$attachment['name']}"; } while (file_exists($attachment['path'])); if ($imageAttributes = @getimagesize($file['tmp_name'])) { $attachment['mime'] = $imageAttributes['mime']; $attachment['width'] = $imageAttributes[0]; $attachment['height'] = $imageAttributes[1]; } else { $attachment['mime'] = Misc::getMIMEType($extension); $attachment['width'] = 0; $attachment['height'] = 0; } if (!move_uploaded_file($file['tmp_name'], $attachment['path'])) { return false; } @chmod($attachment['path'], 0666); $attachment['label'] = UTF8::lessenAsEncoding($attachment['label'], 64); $attachment['mime'] = UTF8::lessenAsEncoding($attachment['mime'], 32); $pool->reset('Attachments'); $pool->setAttribute('blogid', $blogid); $pool->setAttribute('parent', $attachment['parent']); $pool->setAttribute('name', $attachment['name'], true); $pool->setAttribute('label', $attachment['label'], true); $pool->setAttribute('mime', $attachment['mime'], true); $pool->setAttribute('size', $attachment['size'], true); $pool->setAttribute('width', $attachment['width']); $pool->setAttribute('height', $attachment['height']); $pool->setAttribute('attached', Timestamp::getUNIXtime()); $pool->setAttribute('downloads', 0); $pool->setAttribute('enclosure', 0); $result = $pool->insert(); if (!$result) { @unlink($attachment['path']); return false; } return $attachment; }
function api_addAttachment($blogid, $parent, $file) { $pool = DBModel::getInstance(); $attachment = array(); $attachment['parent'] = $parent ? $parent : 0; $attachment['label'] = Path::getBaseName($file['name']); $label = Utils_Unicode::lessenAsEncoding($attachment['label'], 64); $attachment['size'] = $file['size']; $extension = Path::getExtension($attachment['label']); switch (strtolower($extension)) { case '.exe': case '.php': case '.sh': case '.com': case '.bat': $extension = '.xxx'; break; } /* Create directory for owner */ $path = __TEXTCUBE_ATTACH_DIR__ . "/{$blogid}"; if (!is_dir($path)) { mkdir($path); if (!is_dir($path)) { return false; } @chmod($path, 0777); } $pool->reset('Attachments'); $pool->setQualifier('blogid', 'eq', $blogid); $pool->setQualifier('parent', 'eq', $parent); $pool->setQualifier('label', 'eq', $label, true); $oldFile = $pool->getCell('name'); // $oldFile = POD::queryCell("SELECT name FROM {$database['prefix']}Attachments WHERE blogid=$blogid AND parent=$parent AND label = '$label'"); if ($oldFile !== null) { $attachment['name'] = $oldFile; } else { $attachment['name'] = rand(1000000000, 9999999999.0) . $extension; while (Attachment::doesExist($attachment['name'])) { $attachment['name'] = rand(1000000000, 9999999999.0) . $extension; } } $attachment['path'] = "{$path}/{$attachment['name']}"; deleteAttachment($blogid, -1, $attachment['name']); if ($file['content']) { $f = fopen($attachment['path'], "w"); if (!$f) { return false; } $attachment['size'] = fwrite($f, $file['content']); fclose($f); $file['tmp_name'] = $attachment['path']; } if ($imageAttributes = @getimagesize($file['tmp_name'])) { $attachment['mime'] = $imageAttributes['mime']; $attachment['width'] = $imageAttributes[0]; $attachment['height'] = $imageAttributes[1]; } else { $attachment['mime'] = Misc::getMIMEType($extension); $attachment['width'] = 0; $attachment['height'] = 0; } $attachment['mime'] = Utils_Unicode::lessenAsEncoding($attachment['mime'], 32); @chmod($attachment['path'], 0666); $pool->reset('Attachments'); $pool->setAttribute('blogid', $blogid); $pool->setAttribute('parent', $attachment['parent']); $pool->setAttribute('name', $attachment['name'], true); $pool->setAttribute('label', $label, true); $pool->setAttribute('mime', $attachment['mime'], true); $pool->setAttribute('size', $attachment['size'], true); $pool->setAttribute('width', $attachment['width']); $pool->setAttribute('height', $attachment['height']); $pool->setAttribute('attached', Timestamp::getUNIXtime()); $pool->setAttribute('downloads', 0); $pool->setAttribute('enclosure', 0); $result = $pool->insert(); if (!$result) { @unlink($attachment['path']); return false; } return $attachment; }
function api_addAttachment($blogid, $parent, $file) { global $database; $attachment = array(); $attachment['parent'] = $parent ? $parent : 0; $attachment['label'] = Path::getBaseName($file['name']); $label = POD::escapeString(UTF8::lessenAsEncoding($attachment['label'], 64)); $attachment['size'] = $file['size']; $extension = Path::getExtension($attachment['label']); switch (strtolower($extension)) { case '.exe': case '.php': case '.sh': case '.com': case '.bat': $extension = '.xxx'; break; } /* Create directory for owner */ $path = ROOT . "/attach/{$blogid}"; if (!is_dir($path)) { mkdir($path); if (!is_dir($path)) { return false; } @chmod($path, 0777); } $oldFile = POD::queryCell("SELECT name FROM {$database['prefix']}Attachments WHERE blogid={$blogid} AND parent={$parent} AND label = '{$label}'"); if ($oldFile !== null) { $attachment['name'] = $oldFile; } else { $attachment['name'] = rand(1000000000, 9999999999) . $extension; while (Attachment::doesExist($attachment['name'])) { $attachment['name'] = rand(1000000000, 9999999999) . $extension; } } $attachment['path'] = "{$path}/{$attachment['name']}"; deleteAttachment($blogid, -1, $attachment['name']); if ($file['content']) { $f = fopen($attachment['path'], "w"); if (!$f) { return false; } $attachment['size'] = fwrite($f, $file['content']); fclose($f); $file['tmp_name'] = $attachment['path']; } if ($imageAttributes = @getimagesize($file['tmp_name'])) { $attachment['mime'] = $imageAttributes['mime']; $attachment['width'] = $imageAttributes[0]; $attachment['height'] = $imageAttributes[1]; } else { $attachment['mime'] = Misc::getMIMEType($extension); $attachment['width'] = 0; $attachment['height'] = 0; } $attachment['mime'] = UTF8::lessenAsEncoding($attachment['mime'], 32); @chmod($attachment['path'], 0666); $result = POD::query("insert into {$database['prefix']}Attachments values ({$blogid}, {$attachment['parent']}, '{$attachment['name']}', '{$label}', '{$attachment['mime']}', {$attachment['size']}, {$attachment['width']}, {$attachment['height']}, UNIX_TIMESTAMP(), 0,0)"); if (!$result) { @unlink($attachment['path']); return false; } return $attachment; }