示例#1
0
/**
 * Add a file to the system using the configured storage method
 *
 * @param integer $p_bug_id          The bug id (should be 0 when adding project doc).
 * @param array   $p_file            The uploaded file info, as retrieved from gpc_get_file().
 * @param string  $p_table           Either 'bug' or 'project' depending on attachment type.
 * @param string  $p_title           File title.
 * @param string  $p_desc            File description.
 * @param integer $p_user_id         User id (defaults to current user).
 * @param integer $p_date_added      Date added.
 * @param boolean $p_skip_bug_update Skip bug last modification update (useful when importing bug attachments).
 * @return void
 */
function file_add($p_bug_id, array $p_file, $p_table = 'bug', $p_title = '', $p_desc = '', $p_user_id = null, $p_date_added = 0, $p_skip_bug_update = false)
{
    file_ensure_uploaded($p_file);
    $t_file_name = $p_file['name'];
    $t_tmp_file = $p_file['tmp_name'];
    if (!file_type_check($t_file_name)) {
        trigger_error(ERROR_FILE_NOT_ALLOWED, ERROR);
    }
    $t_org_filename = $t_file_name;
    $t_suffix_id = 1;
    while (!file_is_name_unique($t_file_name, $p_bug_id)) {
        $t_suffix_id++;
        $t_dot_index = strripos($t_org_filename, '.');
        if ($t_dot_index === false) {
            $t_file_name = $t_org_filename . '-' . $t_suffix_id;
        } else {
            $t_extension = substr($t_org_filename, $t_dot_index, strlen($t_org_filename) - $t_dot_index);
            $t_file_name = substr($t_org_filename, 0, $t_dot_index) . '-' . $t_suffix_id . $t_extension;
        }
    }
    antispam_check();
    $t_file_size = filesize($t_tmp_file);
    if (0 == $t_file_size) {
        trigger_error(ERROR_FILE_NO_UPLOAD_FAILURE, ERROR);
    }
    $t_max_file_size = (int) min(ini_get_number('upload_max_filesize'), ini_get_number('post_max_size'), config_get('max_file_size'));
    if ($t_file_size > $t_max_file_size) {
        trigger_error(ERROR_FILE_TOO_BIG, ERROR);
    }
    if ('bug' == $p_table) {
        $t_project_id = bug_get_field($p_bug_id, 'project_id');
        $t_id = (int) $p_bug_id;
    } else {
        $t_project_id = helper_get_current_project();
        $t_id = $t_project_id;
    }
    if ($p_user_id === null) {
        $p_user_id = auth_get_current_user_id();
    }
    if ($p_date_added <= 0) {
        $p_date_added = db_now();
    }
    if ($t_project_id == ALL_PROJECTS) {
        $t_file_path = config_get('absolute_path_default_upload_folder');
    } else {
        $t_file_path = project_get_field($t_project_id, 'file_path');
        if (is_blank($t_file_path)) {
            $t_file_path = config_get('absolute_path_default_upload_folder');
        }
    }
    $t_unique_name = file_generate_unique_name($t_file_path);
    $t_method = config_get('file_upload_method');
    switch ($t_method) {
        case DISK:
            file_ensure_valid_upload_path($t_file_path);
            $t_disk_file_name = $t_file_path . $t_unique_name;
            if (!file_exists($t_disk_file_name)) {
                if (!move_uploaded_file($t_tmp_file, $t_disk_file_name)) {
                    trigger_error(ERROR_FILE_MOVE_FAILED, ERROR);
                }
                chmod($t_disk_file_name, config_get('attachments_file_permissions'));
                $c_content = '';
            } else {
                trigger_error(ERROR_FILE_DUPLICATE, ERROR);
            }
            break;
        case DATABASE:
            $c_content = db_prepare_binary_string(fread(fopen($t_tmp_file, 'rb'), $t_file_size));
            $t_file_path = '';
            break;
        default:
            trigger_error(ERROR_GENERIC, ERROR);
    }
    $t_file_table = db_get_table($p_table . '_file');
    $t_id_col = $p_table . '_id';
    $t_param = array($t_id_col => $t_id, 'title' => $p_title, 'description' => $p_desc, 'diskfile' => $t_unique_name, 'filename' => $t_file_name, 'folder' => $t_file_path, 'filesize' => $t_file_size, 'file_type' => $p_file['type'], 'date_added' => $p_date_added, 'user_id' => (int) $p_user_id);
    # Oracle has to update BLOBs separately
    if (!db_is_oracle()) {
        $t_param['content'] = $c_content;
    }
    $t_query_param = db_param();
    for ($i = 1; $i < count($t_param); $i++) {
        $t_query_param .= ', ' . db_param();
    }
    $t_query = 'INSERT INTO ' . $t_file_table . '
		( ' . implode(', ', array_keys($t_param)) . ' )
	VALUES
		( ' . $t_query_param . ' )';
    db_query($t_query, array_values($t_param));
    if (db_is_oracle()) {
        db_update_blob($t_file_table, 'content', $c_content, "diskfile='{$t_unique_name}'");
    }
    if ('bug' == $p_table) {
        # update the last_updated date
        if (!$p_skip_bug_update) {
            bug_update_date($p_bug_id);
        }
        # log file added to bug history
        history_log_event_special($p_bug_id, FILE_ADDED, $t_file_name);
    }
}
示例#2
0
function mci_file_add($p_id, $p_name, $p_content, $p_file_type, $p_table, $p_title = '', $p_desc = '', $p_user_id = null)
{
    if (!file_type_check($p_name)) {
        return new soap_fault('Client', '', 'File type not allowed.');
    }
    if (!file_is_name_unique($p_name, $p_id)) {
        return new soap_fault('Client', '', 'Duplicate filename.');
    }
    $t_file_size = strlen($p_content);
    $t_max_file_size = (int) min(ini_get_number('upload_max_filesize'), ini_get_number('post_max_size'), config_get('max_file_size'));
    if ($t_file_size > $t_max_file_size) {
        return new soap_fault('Client', '', 'File is too big.');
    }
    if ('bug' == $p_table) {
        $t_project_id = bug_get_field($p_id, 'project_id');
        $t_issue_id = bug_format_id($p_id);
    } else {
        $t_project_id = $p_id;
        $t_issue_id = 0;
    }
    # prepare variables for insertion
    $c_issue_id = db_prepare_int($t_issue_id);
    $c_project_id = db_prepare_int($t_project_id);
    $c_file_type = db_prepare_string($p_file_type);
    $c_title = db_prepare_string($p_title);
    $c_desc = db_prepare_string($p_desc);
    if ($p_user_id === null) {
        $c_user_id = auth_get_current_user_id();
    } else {
        $c_user_id = (int) $p_user_id;
    }
    if ($t_project_id == ALL_PROJECTS) {
        $t_file_path = config_get('absolute_path_default_upload_folder');
    } else {
        $t_file_path = project_get_field($t_project_id, 'file_path');
        if ($t_file_path == '') {
            $t_file_path = config_get('absolute_path_default_upload_folder');
        }
    }
    $c_file_path = db_prepare_string($t_file_path);
    $c_new_file_name = db_prepare_string($p_name);
    $t_file_hash = $t_issue_id;
    $t_disk_file_name = $t_file_path . file_generate_unique_name($t_file_hash . '-' . $p_name, $t_file_path);
    $c_disk_file_name = db_prepare_string($t_disk_file_name);
    $t_file_size = strlen($p_content);
    $c_file_size = db_prepare_int($t_file_size);
    $t_method = config_get('file_upload_method');
    switch ($t_method) {
        case FTP:
        case DISK:
            if (!file_exists($t_file_path) || !is_dir($t_file_path) || !is_writable($t_file_path) || !is_readable($t_file_path)) {
                return new soap_fault('Server', '', "Upload folder '{$t_file_path}' doesn't exist.");
            }
            file_ensure_valid_upload_path($t_file_path);
            if (!file_exists($t_disk_file_name)) {
                mci_file_write_local($t_disk_file_name, $p_content);
                if (FTP == $t_method) {
                    $conn_id = file_ftp_connect();
                    file_ftp_put($conn_id, $t_disk_file_name, $t_disk_file_name);
                    file_ftp_disconnect($conn_id);
                    file_delete_local($t_disk_file_name);
                } else {
                    chmod($t_disk_file_name, config_get('attachments_file_permissions'));
                }
                $c_content = "''";
            }
            break;
        case DATABASE:
            $c_content = db_prepare_binary_string($p_content);
            break;
    }
    $t_file_table = db_get_table($p_table . '_file');
    $c_id = 'bug' == $p_table ? $c_issue_id : $c_project_id;
    $query = "INSERT INTO {$t_file_table}\n\t\t\t(" . $p_table . "_id, title, description, diskfile, filename, folder, filesize, file_type, date_added, content, user_id)\n\t\tVALUES\n\t\t\t({$c_id}, '{$c_title}', '{$c_desc}', '{$c_disk_file_name}', '{$c_new_file_name}', '{$c_file_path}', {$c_file_size}, '{$c_file_type}', '" . db_now() . "', {$c_content}, {$c_user_id})";
    db_query($query);
    # get attachment id
    $t_attachment_id = db_insert_id($t_file_table);
    if ('bug' == $p_table) {
        # updated the last_updated date
        $result = bug_update_date($c_issue_id);
        # log new bug
        history_log_event_special($c_issue_id, FILE_ADDED, $c_new_file_name);
    }
    return $t_attachment_id;
}
示例#3
0
/**
 * Add a file to the system using the configured storage method
 *
 * @param integer $p_bug_id          The bug id (should be 0 when adding project doc).
 * @param array   $p_file            The uploaded file info, as retrieved from gpc_get_file().
 * @param string  $p_table           Either 'bug' or 'project' depending on attachment type.
 * @param string  $p_title           File title.
 * @param string  $p_desc            File description.
 * @param integer $p_user_id         User id (defaults to current user).
 * @param integer $p_date_added      Date added.
 * @param boolean $p_skip_bug_update Skip bug last modification update (useful when importing bug attachments).
 * @return void
 */
function file_add($p_bug_id, array $p_file, $p_table = 'bug', $p_title = '', $p_desc = '', $p_user_id = null, $p_date_added = 0, $p_skip_bug_update = false)
{
    file_ensure_uploaded($p_file);
    $t_file_name = $p_file['name'];
    $t_tmp_file = $p_file['tmp_name'];
    if (!file_type_check($t_file_name)) {
        trigger_error(ERROR_FILE_NOT_ALLOWED, ERROR);
    }
    if (!file_is_name_unique($t_file_name, $p_bug_id)) {
        trigger_error(ERROR_FILE_DUPLICATE, ERROR);
    }
    $t_file_size = filesize($t_tmp_file);
    if (0 == $t_file_size) {
        trigger_error(ERROR_FILE_NO_UPLOAD_FAILURE, ERROR);
    }
    $t_max_file_size = (int) min(ini_get_number('upload_max_filesize'), ini_get_number('post_max_size'), config_get('max_file_size'));
    if ($t_file_size > $t_max_file_size) {
        trigger_error(ERROR_FILE_TOO_BIG, ERROR);
    }
    if ('bug' == $p_table) {
        $t_project_id = bug_get_field($p_bug_id, 'project_id');
        $t_id = (int) $p_bug_id;
        $t_bug_id = bug_format_id($p_bug_id);
    } else {
        $t_project_id = helper_get_current_project();
        $t_id = $t_project_id;
        $t_bug_id = 0;
    }
    if ($p_user_id === null) {
        $p_user_id = auth_get_current_user_id();
    }
    if ($p_date_added <= 0) {
        $p_date_added = db_now();
    }
    if ($t_project_id == ALL_PROJECTS) {
        $t_file_path = config_get('absolute_path_default_upload_folder');
    } else {
        $t_file_path = project_get_field($t_project_id, 'file_path');
        if (is_blank($t_file_path)) {
            $t_file_path = config_get('absolute_path_default_upload_folder');
        }
    }
    $t_unique_name = file_generate_unique_name($t_file_path);
    $t_method = config_get('file_upload_method');
    switch ($t_method) {
        case DISK:
            file_ensure_valid_upload_path($t_file_path);
            $t_disk_file_name = $t_file_path . $t_unique_name;
            if (!file_exists($t_disk_file_name)) {
                if (!move_uploaded_file($t_tmp_file, $t_disk_file_name)) {
                    trigger_error(ERROR_FILE_MOVE_FAILED, ERROR);
                }
                chmod($t_disk_file_name, config_get('attachments_file_permissions'));
                $c_content = '';
            } else {
                trigger_error(ERROR_FILE_DUPLICATE, ERROR);
            }
            break;
        case DATABASE:
            $c_content = db_prepare_binary_string(fread(fopen($t_tmp_file, 'rb'), $t_file_size));
            $t_file_path = '';
            break;
        default:
            trigger_error(ERROR_GENERIC, ERROR);
    }
    $t_file_table = db_get_table($p_table . '_file');
    $t_id_col = $p_table . '_id';
    $t_query = 'INSERT INTO ' . $t_file_table . ' ( ' . $t_id_col . ', title, description, diskfile, filename, folder,
		filesize, file_type, date_added, user_id )
	VALUES
		( ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ' )';
    db_query($t_query, array($t_id, $p_title, $p_desc, $t_unique_name, $t_file_name, $t_file_path, $t_file_size, $p_file['type'], $p_date_added, (int) $p_user_id));
    $t_attachment_id = db_insert_id($t_file_table);
    if (db_is_oracle()) {
        db_update_blob($t_file_table, 'content', $c_content, 'diskfile=\'$t_unique_name\'');
    } else {
        $t_query = 'UPDATE ' . $t_file_table . ' SET content=' . db_param() . ' WHERE id = ' . db_param();
        db_query($t_query, array($c_content, $t_attachment_id));
    }
    if ('bug' == $p_table) {
        # update the last_updated date
        if (!$p_skip_bug_update) {
            bug_update_date($p_bug_id);
        }
        # log file added to bug history
        history_log_event_special($p_bug_id, FILE_ADDED, $t_file_name);
    }
}
示例#4
0
/**
 * Add a file to the system using the configured storage method
 *
 * @param integer $p_bug_id the bug id
 * @param array $p_file the uploaded file info, as retrieved from gpc_get_file()
 */
function file_add($p_bug_id, $p_file, $p_table = 'bug', $p_title = '', $p_desc = '', $p_user_id = null)
{
    file_ensure_uploaded($p_file);
    $t_file_name = $p_file['name'];
    $t_tmp_file = $p_file['tmp_name'];
    if (!file_type_check($t_file_name)) {
        trigger_error(ERROR_FILE_NOT_ALLOWED, ERROR);
    }
    if (!file_is_name_unique($t_file_name, $p_bug_id)) {
        trigger_error(ERROR_FILE_DUPLICATE, ERROR);
    }
    if ('bug' == $p_table) {
        $t_project_id = bug_get_field($p_bug_id, 'project_id');
        $t_bug_id = bug_format_id($p_bug_id);
    } else {
        $t_project_id = helper_get_current_project();
        $t_bug_id = 0;
    }
    if ($p_user_id === null) {
        $c_user_id = auth_get_current_user_id();
    } else {
        $c_user_id = (int) $p_user_id;
    }
    # prepare variables for insertion
    $c_bug_id = db_prepare_int($p_bug_id);
    $c_project_id = db_prepare_int($t_project_id);
    $c_file_type = db_prepare_string($p_file['type']);
    $c_title = db_prepare_string($p_title);
    $c_desc = db_prepare_string($p_desc);
    if ($t_project_id == ALL_PROJECTS) {
        $t_file_path = config_get('absolute_path_default_upload_folder');
    } else {
        $t_file_path = project_get_field($t_project_id, 'file_path');
        if (is_blank($t_file_path)) {
            $t_file_path = config_get('absolute_path_default_upload_folder');
        }
    }
    $c_file_path = db_prepare_string($t_file_path);
    $c_new_file_name = db_prepare_string($t_file_name);
    $t_file_hash = 'bug' == $p_table ? $t_bug_id : config_get('document_files_prefix') . '-' . $t_project_id;
    $t_unique_name = file_generate_unique_name($t_file_hash . '-' . $t_file_name, $t_file_path);
    $t_disk_file_name = $t_file_path . $t_unique_name;
    $c_unique_name = db_prepare_string($t_unique_name);
    $t_file_size = filesize($t_tmp_file);
    if (0 == $t_file_size) {
        trigger_error(ERROR_FILE_NO_UPLOAD_FAILURE, ERROR);
    }
    $t_max_file_size = (int) min(ini_get_number('upload_max_filesize'), ini_get_number('post_max_size'), config_get('max_file_size'));
    if ($t_file_size > $t_max_file_size) {
        trigger_error(ERROR_FILE_TOO_BIG, ERROR);
    }
    $c_file_size = db_prepare_int($t_file_size);
    $t_method = config_get('file_upload_method');
    switch ($t_method) {
        case FTP:
        case DISK:
            file_ensure_valid_upload_path($t_file_path);
            if (!file_exists($t_disk_file_name)) {
                if (FTP == $t_method) {
                    $conn_id = file_ftp_connect();
                    file_ftp_put($conn_id, $t_disk_file_name, $t_tmp_file);
                    file_ftp_disconnect($conn_id);
                }
                if (!move_uploaded_file($t_tmp_file, $t_disk_file_name)) {
                    trigger_error(ERROR_FILE_MOVE_FAILED, ERROR);
                }
                chmod($t_disk_file_name, config_get('attachments_file_permissions'));
                $c_content = "''";
            } else {
                trigger_error(ERROR_FILE_DUPLICATE, ERROR);
            }
            break;
        case DATABASE:
            $c_content = db_prepare_binary_string(fread(fopen($t_tmp_file, 'rb'), $t_file_size));
            break;
        default:
            trigger_error(ERROR_GENERIC, ERROR);
    }
    $t_file_table = db_get_table('mantis_' . $p_table . '_file_table');
    $c_id = 'bug' == $p_table ? $c_bug_id : $c_project_id;
    $query = "INSERT INTO {$t_file_table}\n\t\t\t\t\t\t(" . $p_table . "_id, title, description, diskfile, filename, folder, filesize, file_type, date_added, content, user_id)\n\t\t\t\t\t  VALUES\n\t\t\t\t\t\t({$c_id}, '{$c_title}', '{$c_desc}', '{$c_unique_name}', '{$c_new_file_name}', '{$c_file_path}', {$c_file_size}, '{$c_file_type}', '" . db_now() . "', {$c_content}, {$c_user_id})";
    db_query($query);
    if ('bug' == $p_table) {
        # updated the last_updated date
        $result = bug_update_date($p_bug_id);
        # log new bug
        history_log_event_special($p_bug_id, FILE_ADDED, $t_file_name);
    }
}
示例#5
0
 private function add_file($p_bug_id, &$p_part)
 {
     # Handle the file upload
     $t_part_name = isset($p_part['name']) ? trim($p_part['name']) : NULL;
     $t_strlen_body = strlen($p_part['body']);
     if (is_blank($t_part_name)) {
         // Try setting the file extension according to it's mime type
         $t_ext = array_search($p_part['ctype'], $this->_plugin_mime_types, TRUE);
         if ($t_ext === FALSE) {
             $t_ext = 'erp';
         }
         $t_part_name = md5(microtime()) . '.' . $t_ext;
     }
     $t_body_md5 = !empty($this->_mail_block_attachments_md5) ? md5($p_part['body']) : NULL;
     if (!file_type_check($t_part_name)) {
         return $t_part_name . ' = filetype not allowed' . "\n";
     } elseif (0 === $t_strlen_body) {
         return $t_part_name . ' = attachment size is zero (0 / ' . $this->_max_file_size . ')' . "\n";
     } elseif ($t_strlen_body > $this->_max_file_size) {
         return $t_part_name . ' = attachment size exceeds maximum allowed file size (' . $t_strlen_body . ' / ' . $this->_max_file_size . ')' . "\n";
     } elseif (in_array($t_body_md5, $this->_mail_block_attachments_md5, TRUE)) {
         if ($this->_mail_block_attachments_logging) {
             return $t_part_name . ' = attachment refused as it matched the md5 on the attachment blocklist (' . $t_body_md5 . ')' . "\n";
         } else {
             return TRUE;
         }
     } else {
         $t_file_number = 0;
         $t_opt_name = '';
         while (!file_is_name_unique($t_opt_name . $t_part_name, $p_bug_id)) {
             $t_file_number++;
             $t_opt_name = $t_file_number . '-';
         }
         mci_file_add($p_bug_id, $t_opt_name . $t_part_name, $p_part['body'], $p_part['ctype'], 'bug');
     }
     return TRUE;
 }
示例#6
0
/**
 * Add a file
 * @param integer $p_id        File id.
 * @param string  $p_name      File name.
 * @param string  $p_content   File content to write.
 * @param string  $p_file_type File type.
 * @param string  $p_table     Database table name.
 * @param string  $p_title     Title.
 * @param string  $p_desc      Description.
 * @param string  $p_user_id   User id.
 * @return mixed
 */
function mci_file_add($p_id, $p_name, $p_content, $p_file_type, $p_table, $p_title = '', $p_desc = '', $p_user_id = null)
{
    if (!file_type_check($p_name)) {
        return SoapObjectsFactory::newSoapFault('Client', 'File type not allowed.');
    }
    if (!file_is_name_unique($p_name, $p_id)) {
        return SoapObjectsFactory::newSoapFault('Client', 'Duplicate filename.');
    }
    $t_file_size = strlen($p_content);
    $t_max_file_size = (int) min(ini_get_number('upload_max_filesize'), ini_get_number('post_max_size'), config_get('max_file_size'));
    if ($t_file_size > $t_max_file_size) {
        return SoapObjectsFactory::newSoapFault('Client', 'File is too big.');
    }
    if ('bug' == $p_table) {
        $t_project_id = bug_get_field($p_id, 'project_id');
        $t_id = (int) $p_id;
        $t_issue_id = bug_format_id($p_id);
    } else {
        $t_project_id = $p_id;
        $t_id = $t_project_id;
        $t_issue_id = 0;
    }
    if ($p_user_id === null) {
        $p_user_id = auth_get_current_user_id();
    }
    if ($t_project_id == ALL_PROJECTS) {
        $t_file_path = config_get('absolute_path_default_upload_folder');
    } else {
        $t_file_path = project_get_field($t_project_id, 'file_path');
        if (is_blank($t_file_path)) {
            $t_file_path = config_get('absolute_path_default_upload_folder');
        }
    }
    $t_unique_name = file_generate_unique_name($t_file_path);
    $t_disk_file_name = $t_file_path . $t_unique_name;
    $t_method = config_get('file_upload_method');
    switch ($t_method) {
        case DISK:
            if (!file_exists($t_file_path) || !is_dir($t_file_path) || !is_writable($t_file_path) || !is_readable($t_file_path)) {
                return SoapObjectsFactory::newSoapFault('Server', 'Upload folder \'' . $t_file_path . '\' doesn\'t exist.');
            }
            file_ensure_valid_upload_path($t_file_path);
            if (!file_exists($t_disk_file_name)) {
                mci_file_write_local($t_disk_file_name, $p_content);
                chmod($t_disk_file_name, config_get('attachments_file_permissions'));
                $c_content = "''";
            }
            break;
        case DATABASE:
            $c_content = db_prepare_binary_string($p_content);
            $t_file_path = '';
            break;
    }
    $t_file_table = db_get_table($p_table . '_file');
    $t_id_col = $p_table . '_id';
    $t_param = array($t_id_col => $t_id, 'title' => $p_title, 'description' => $p_desc, 'diskfile' => $t_unique_name, 'filename' => $p_name, 'folder' => $t_file_path, 'filesize' => $t_file_size, 'file_type' => $p_file_type, 'date_added' => db_now(), 'user_id' => (int) $p_user_id);
    # Oracle has to update BLOBs separately
    if (!db_is_oracle()) {
        $t_param['content'] = $c_content;
    }
    $t_query_param = db_param();
    for ($i = 1; $i < count($t_param); $i++) {
        $t_query_param .= ', ' . db_param();
    }
    $t_query = 'INSERT INTO ' . $t_file_table . '
		( ' . implode(', ', array_keys($t_param)) . ' )
	VALUES
		( ' . $t_query_param . ' )';
    db_query($t_query, array_values($t_param));
    # get attachment id
    $t_attachment_id = db_insert_id($t_file_table);
    if (db_is_oracle()) {
        db_update_blob($t_file_table, 'content', $c_content, "diskfile='{$t_unique_name}'");
    }
    if ('bug' == $p_table) {
        # bump the last_updated date
        bug_update_date($t_issue_id);
        # add history entry
        history_log_event_special($t_issue_id, FILE_ADDED, $p_name);
    }
    return $t_attachment_id;
}
示例#7
0
/**
 * Add a file to the system using the configured storage method
 *
 * @param integer $p_bug_id the bug id (should be 0 when adding project doc)
 * @param array $p_file the uploaded file info, as retrieved from gpc_get_file()
 * @param string $p_table 'bug' or 'project' depending on attachment type
 * @param string $p_title file title
 * @param string $p_desc file description
 * @param int $p_user_id user id (defaults to current user)
 * @param int $p_date_added date added
 * @param bool $p_skip_bug_update skip bug last modification update (useful when importing bug attachments)
 */
function file_add($p_bug_id, $p_file, $p_table = 'bug', $p_title = '', $p_desc = '', $p_user_id = null, $p_date_added = 0, $p_skip_bug_update = false)
{
    file_ensure_uploaded($p_file);
    $t_file_name = $p_file['name'];
    $t_tmp_file = $p_file['tmp_name'];
    if (!file_type_check($t_file_name)) {
        trigger_error(ERROR_FILE_NOT_ALLOWED, ERROR);
    }
    if (!file_is_name_unique($t_file_name, $p_bug_id)) {
        trigger_error(ERROR_FILE_DUPLICATE, ERROR);
    }
    $t_file_size = filesize($t_tmp_file);
    if (0 == $t_file_size) {
        trigger_error(ERROR_FILE_NO_UPLOAD_FAILURE, ERROR);
    }
    $t_max_file_size = (int) min(ini_get_number('upload_max_filesize'), ini_get_number('post_max_size'), config_get('max_file_size'));
    if ($t_file_size > $t_max_file_size) {
        trigger_error(ERROR_FILE_TOO_BIG, ERROR);
    }
    if ('bug' == $p_table) {
        $t_project_id = bug_get_field($p_bug_id, 'project_id');
        $t_id = (int) $p_bug_id;
        $t_bug_id = bug_format_id($p_bug_id);
    } else {
        $t_project_id = helper_get_current_project();
        $t_id = $t_project_id;
        $t_bug_id = 0;
    }
    if ($p_user_id === null) {
        $p_user_id = auth_get_current_user_id();
    }
    if ($p_date_added <= 0) {
        $p_date_added = db_now();
    }
    if ($t_project_id == ALL_PROJECTS) {
        $t_file_path = config_get('absolute_path_default_upload_folder');
    } else {
        $t_file_path = project_get_field($t_project_id, 'file_path');
        if (is_blank($t_file_path)) {
            $t_file_path = config_get('absolute_path_default_upload_folder');
        }
    }
    $t_file_hash = 'bug' == $p_table ? $t_bug_id : config_get('document_files_prefix') . '-' . $t_project_id;
    $t_unique_name = file_generate_unique_name($t_file_hash . '-' . $t_file_name, $t_file_path);
    $t_disk_file_name = $t_file_path . $t_unique_name;
    $t_method = config_get('file_upload_method');
    switch ($t_method) {
        case FTP:
        case DISK:
            file_ensure_valid_upload_path($t_file_path);
            if (!file_exists($t_disk_file_name)) {
                if (FTP == $t_method) {
                    $conn_id = file_ftp_connect();
                    file_ftp_put($conn_id, $t_disk_file_name, $t_tmp_file);
                    file_ftp_disconnect($conn_id);
                }
                if (!move_uploaded_file($t_tmp_file, $t_disk_file_name)) {
                    trigger_error(ERROR_FILE_MOVE_FAILED, ERROR);
                }
                chmod($t_disk_file_name, config_get('attachments_file_permissions'));
                $c_content = '';
            } else {
                trigger_error(ERROR_FILE_DUPLICATE, ERROR);
            }
            break;
        case DATABASE:
            $c_content = db_prepare_binary_string(fread(fopen($t_tmp_file, 'rb'), $t_file_size));
            break;
        default:
            trigger_error(ERROR_GENERIC, ERROR);
    }
    $t_file_table = db_get_table($p_table . '_file');
    $t_id_col = $p_table . "_id";
    $t_query_fields = "\n\t\t{$t_id_col}, title, description, diskfile, filename, folder,\n\t\tfilesize, file_type, date_added, user_id";
    $t_param = array($t_id, $p_title, $p_desc, $t_unique_name, $t_file_name, $t_file_path, $t_file_size, $p_file['type'], $p_date_added, (int) $p_user_id);
    # oci8 stores contents in a BLOB, which is updated separately
    if (!db_is_oracle()) {
        $t_query_fields .= ", content";
        $t_param[] = $c_content;
    }
    $t_query_param = db_param();
    for ($i = 1; $i < count($t_param); $i++) {
        $t_query_param .= ", " . db_param();
    }
    $t_query = "INSERT INTO {$t_file_table} ( {$t_query_fields} )\n\tVALUES\n\t\t( {$t_query_param} )";
    db_query_bound($t_query, $t_param);
    if (db_is_oracle()) {
        db_update_blob($t_file_table, 'content', $c_content, "diskfile='{$t_unique_name}'");
    }
    if ('bug' == $p_table) {
        # update the last_updated date
        if (!$p_skip_bug_update) {
            $result = bug_update_date($p_bug_id);
        }
        # log file added to bug history
        history_log_event_special($p_bug_id, FILE_ADDED, $t_file_name);
    }
}