/**
* Upload a file to the profile via AJAX
*
* @return string
*/
public function doajaxuploadTask()
{
//allowed extensions for uplaod
$allowedExtensions = array('png', 'jpe', 'jpeg', 'jpg', 'gif');
//max upload size
$sizeLimit = $this->config->get('maxAllowed', '40000000');
// get the file
if (isset($_GET['qqfile'])) {
$stream = true;
$file = $_GET['qqfile'];
$size = (int) $_SERVER["CONTENT_LENGTH"];
} elseif (isset($_FILES['qqfile'])) {
$stream = false;
$file = $_FILES['qqfile']['name'];
$size = (int) $_FILES['qqfile']['size'];
} else {
echo json_encode(array('error' => Lang::txt('Please select a file to upload')));
return;
}
//check to make sure we have a file and its not too big
if ($size == 0) {
echo json_encode(array('error' => Lang::txt('File is empty')));
return;
}
if ($size > $sizeLimit) {
$max = preg_replace('/<abbr \\w+=\\"\\w+\\">(\\w{1,3})<\\/abbr>/', '$1', \Hubzero\Utility\Number::formatBytes($sizeLimit));
echo json_encode(array('error' => Lang::txt('File is too large. Max file upload size is ') . $max));
return;
}
//check to make sure we have an allowable extension
$pathinfo = pathinfo($file);
$filename = $pathinfo['filename'];
$ext = $pathinfo['extension'];
if ($allowedExtensions && !in_array(strtolower($ext), $allowedExtensions)) {
$these = implode(', ', $allowedExtensions);
echo json_encode(array('error' => Lang::txt('File has an invalid extension, it should be one of ' . $these . '.')));
return;
}
// Make the filename safe
$file = Filesystem::clean($file);
// Check project exists
if (!$this->model->exists()) {
echo json_encode(array('error' => Lang::txt('Error loading project')));
return;
}
// Make sure user is authorized (project manager)
if (!$this->model->access('manager')) {
echo json_encode(array('error' => Lang::txt('Unauthorized action')));
return;
}
// Build project image path
$path = PATH_APP . DS . trim($this->config->get('imagepath', '/site/projects'), DS);
$path .= DS . $this->model->get('alias') . DS . 'images';
if (!is_dir($path)) {
if (!Filesystem::makeDirectory($path, 0755, true, true)) {
echo json_encode(array('error' => Lang::txt('COM_PROJECTS_UNABLE_TO_CREATE_UPLOAD_PATH')));
return;
}
}
// Delete older file with same name
if (file_exists($path . DS . $file)) {
Filesystem::delete($path . DS . $file);
}
if ($stream) {
//read the php input stream to upload file
$input = fopen("php://input", "r");
$temp = tmpfile();
$realSize = stream_copy_to_stream($input, $temp);
fclose($input);
if (Helpers\Html::virusCheck($temp)) {
echo json_encode(array('error' => Lang::txt('Virus detected, refusing to upload')));
return;
}
//move from temp location to target location which is user folder
$target = fopen($path . DS . $file, "w");
fseek($temp, 0, SEEK_SET);
stream_copy_to_stream($temp, $target);
fclose($target);
} else {
move_uploaded_file($_FILES['qqfile']['tmp_name'], $path . DS . $file);
}
// Perform the upload
if (!is_file($path . DS . $file)) {
echo json_encode(array('error' => Lang::txt('COM_PROJECTS_ERROR_UPLOADING')));
return;
} else {
//resize image to max 200px and rotate in case user didnt before uploading
$hi = new \Hubzero\Image\Processor($path . DS . $file);
if (count($hi->getErrors()) == 0) {
$hi->autoRotate();
$hi->resize(200);
$hi->setImageType(IMAGETYPE_PNG);
$hi->save($path . DS . $file);
} else {
echo json_encode(array('error' => $hi->getError()));
return;
}
// Delete previous thumb
if (file_exists($path . DS . 'thumb.png')) {
Filesystem::delete($path . DS . 'thumb.png');
}
// create thumb
$hi = new \Hubzero\Image\Processor($path . DS . $file);
if (count($hi->getErrors()) == 0) {
$hi->resize(50, false, true, true);
$hi->save($path . DS . 'thumb.png');
} else {
echo json_encode(array('error' => $hi->getError()));
return;
}
// Save picture name
$this->model->set('picture', $file);
if (!$this->model->store()) {
echo json_encode(array('error' => $this->model->getError()));
return;
} elseif (!$this->model->inSetup()) {
// Record activity
$this->model->recordActivity(Lang::txt('COM_PROJECTS_REPLACED_PROJECT_PICTURE'));
}
}
echo json_encode(array('success' => true));
return;
}
/**
* Pre-insert checks
*
* @return boolean
*/
protected function _check($file, $tmp_name, $size, &$available, $virusChecked = FALSE)
{
if (!isset($this->_sizeLimit)) {
$pParams = Plugin::params('projects', 'files');
$this->_sizeLimit = $pParams->get('maxUpload', '104857600');
}
// Check against upload size limit
if (intval($this->_sizeLimit) && $size > intval($this->_sizeLimit)) {
$this->setError(Lang::txt('COM_PROJECTS_FILES_ERROR_EXCEEDS_LIMIT') . ' ' . \Hubzero\Utility\Number::formatBytes($this->_sizeLimit) . '. ' . Lang::txt('COM_PROJECTS_FILES_ERROR_TOO_LARGE_USE_OTHER_METHOD'));
return false;
}
// Check against quota
if ($size >= $available) {
$this->setError(Lang::txt('COM_PROJECTS_FILES_ERROR_OVER_QUOTA'));
return false;
}
// One last check
if ($tmp_name && ($virusChecked !== TRUE || $virusChecked === FALSE)) {
if (Helpers\Html::virusCheck($tmp_name)) {
$this->setError(Lang::txt('COM_PROJECTS_FILES_ERROR_VIRUS'));
return false;
}
}
// Reduce available space
$available = $available - $size;
return true;
}
