function uploadFiles($uid, $pid, $type, $file)
{
if (!canViewPuzzle($uid, $pid)) {
utilsError("You do not have permission to modify this puzzle.");
}
if ($type == 'draft' && !canAcceptDrafts($pid)) {
utilsError("This puzzle has been finalized. No new drafts can be uploaded.");
}
$extension = "";
$target_path = "uploads/puzzle_files/" . uniqid();
$filename_parts = explode(".", $file['name']);
if (count($filename_parts) > 1) {
$target_path = $target_path . "." . end($filename_parts);
$extension = end($filename_parts);
}
if (USING_AWS) {
$client = S3Client::factory(array('key' => AWS_ACCESS_KEY, 'secret' => AWS_SECRET_KEY));
}
if ($extension == "zip") {
$filetype = "dir";
if (move_uploaded_file($file['tmp_name'], $target_path)) {
if (USING_AWS) {
$key = $target_path;
$result = $client->putObject(array('Bucket' => AWS_BUCKET, 'Key' => $key, 'Body' => file_get_contents($target_path), 'ContentDisposition' => 'inline'));
}
$new_path = $target_path . "_" . $filetype;
#echo "target_path is $target_path<br>";
#echo "new_path is $new_path<br>";
$res = exec("/usr/bin/unzip {$target_path} -d {$new_path}");
if (USING_AWS) {
$result = $client->uploadDirectory($new_path, AWS_BUCKET, $new_path);
}
$sql = sprintf("INSERT INTO uploaded_files (filename, pid, uid, cid, type) VALUES ('%s', '%s', '%s', '%s', '%s')", mysql_real_escape_string($new_path), mysql_real_escape_string($pid), mysql_real_escape_string($uid), mysql_real_escape_string(-1), mysql_real_escape_string($type));
query_db($sql);
$sql = sprintf("INSERT INTO uploaded_files (filename, pid, uid, cid, type) VALUES ('%s', '%s', '%s', '%s', '%s')", mysql_real_escape_string($target_path), mysql_real_escape_string($pid), mysql_real_escape_string($uid), mysql_real_escape_string(-1), mysql_real_escape_string($type));
query_db($sql);
if (USING_AWS) {
addComment($uid, $pid, "A new <a href=\"https://" . AWS_BUCKET . ".s3.amazonaws.com/list.html?prefix={$new_path}\">{$type}</a> has been uploaded.", TRUE);
} else {
addComment($uid, $pid, "A new <a href=\"{$new_path}\">{$type}</a> has been uploaded.", TRUE);
}
} else {
$_SESSION['upload_error'] = "There was an error uploading the file, please try again. (Note: file max size may be limited)";
}
} else {
$upload_error = "";
if (move_uploaded_file($file['tmp_name'], $target_path)) {
if (USING_AWS) {
$key = $target_path;
$result = $client->putObject(array('Bucket' => AWS_BUCKET, 'Key' => $key, 'Body' => file_get_contents($target_path), 'ContentDisposition' => 'inline'));
}
$sql = sprintf("INSERT INTO uploaded_files (filename, pid, uid, cid, type) VALUES ('%s', '%s', '%s', '%s', '%s')", mysql_real_escape_string($target_path), mysql_real_escape_string($pid), mysql_real_escape_string($uid), mysql_real_escape_string(-1), mysql_real_escape_string($type));
query_db($sql);
if (USING_AWS) {
addComment($uid, $pid, "A new <a href=\"https://" . AWS_BUCKET . ".s3.amazonaws.com/{$target_path}\">{$type}</a> has been uploaded.", TRUE);
} else {
addComment($uid, $pid, "A new <a href=\"{$target_path}\">{$type}</a> has been uploaded.", TRUE);
}
} else {
$_SESSION['upload_error'] = "There was an error uploading the file, please try again. (Note: file max size may be limited) " . serialize($file);
}
}
if ($type == "postprod") {
// pushToPostProd($uid, $pid);
}
}
// Get puzzle id
$pid = isValidPuzzleURL();
// Start HTML
$title = "Puzzle {$pid}";
if (USING_CODENAMES) {
$title .= ": " . getCodename($pid);
}
head("", $title);
// Is the user testing this puzzle?
if (isTesterOnPuzzle($uid, $pid)) {
echo "You are currently testing this puzzle.";
foot();
exit(0);
}
// Does the user have permission to see this page?
if (!canViewPuzzle($uid, $pid)) {
echo "<div class='errormsg'>You do not have permission to view this puzzle.</div>";
foot();
exit(0);
}
// Record this user's visit (in two ways)
$lastVisit = updateLastVisit($uid, $pid);
if (!isEditorChief($uid) && !isCohesion($uid)) {
addSpoiledUserQuietly($uid, $pid);
if ($_GET['discuss'] && isEditorAvailable($uid, $pid) && !isEditorChief($uid)) {
changeEditors($uid, $pid, array($uid), array());
} else {
if ($_GET['approve'] && isApproverAvailable($uid, $pid) && !isEditorChief($uid)) {
changeApprovers($uid, $pid, array($uid), array());
} else {
if ($_GET['factcheck'] && isFactcheckerAvailable($uid, $pid) && !isEditorChief($uid)) {
