function file_save() { global $file_base_path; extract(doSlash(gpsa(array('id', 'filename', 'category', 'description', 'status', 'publish_now', 'year', 'month', 'day', 'hour', 'minute', 'second')))); $id = assert_int($id); $permissions = gps('perms'); if (is_array($permissions)) { asort($permissions); $permissions = implode(",", $permissions); } $perms = doSlash($permissions); $old_filename = fetch('filename', 'txp_file', 'id', $id); if ($old_filename != false && strcmp($old_filename, $filename) != 0) { $old_path = build_file_path($file_base_path, $old_filename); $new_path = build_file_path($file_base_path, $filename); if (file_exists($old_path) && shift_uploaded_file($old_path, $new_path) === false) { $message = gTxt('file_cannot_rename', array('{name}' => $filename)); return file_list($message); } else { file_set_perm($new_path); } } $created_ts = @safe_strtotime($year . '-' . $month . '-' . $day . ' ' . $hour . ':' . $minute . ':' . $second); if ($publish_now) { $created = 'now()'; } elseif ($created_ts > 0) { $created = "from_unixtime('" . $created_ts . "')"; } else { $created = ''; } $size = filesize(build_file_path($file_base_path, $filename)); $rs = safe_update('txp_file', "\n\t\t\tfilename = '{$filename}',\n\t\t\tcategory = '{$category}',\n\t\t\tpermissions = '{$perms}',\n\t\t\tdescription = '{$description}',\n\t\t\tstatus = '{$status}',\n\t\t\tsize = '{$size}',\n\t\t\tmodified = now()" . ($created ? ", created = {$created}" : ''), "id = {$id}"); if (!$rs) { // update failed, rollback name if (shift_uploaded_file($new_path, $old_path) === false) { $message = gTxt('file_unsynchronized', array('{name}' => $filename)); return file_list($message); } else { $message = gTxt('file_not_updated', array('{name}' => $filename)); return file_list($message); } } $message = gTxt('file_updated', array('{name}' => $filename)); file_list($message); }
function file_save() { global $file_base_path, $file_statuses, $txp_user; $varray = array_map('assert_string', gpsa(array('id', 'category', 'title', 'description', 'status', 'publish_now', 'year', 'month', 'day', 'hour', 'minute', 'second'))); extract(doSlash($varray)); $filename = $varray['filename'] = sanitizeForFile(gps('filename')); if ($filename == '') { file_list(array(gTxt('file_not_updated', array('{name}' => $filename)), E_ERROR)); return; } $id = $varray['id'] = assert_int($id); $permissions = gps('perms'); if (is_array($permissions)) { asort($permissions); $permissions = implode(",", $permissions); } $varray['permissions'] = $permissions; $perms = doSlash($permissions); $rs = safe_row('filename, author', 'txp_file', "id={$id}"); if (!has_privs('file.edit') && !($rs['author'] === $txp_user && has_privs('file.edit.own'))) { require_privs(); } $old_filename = $varray['old_filename'] = sanitizeForFile($rs['filename']); if ($old_filename != false && strcmp($old_filename, $filename) != 0) { $old_path = build_file_path($file_base_path, $old_filename); $new_path = build_file_path($file_base_path, $filename); if (file_exists($old_path) && shift_uploaded_file($old_path, $new_path) === false) { file_list(array(gTxt('file_cannot_rename', array('{name}' => $filename)), E_ERROR)); return; } else { file_set_perm($new_path); } } $created_ts = @safe_strtotime($year . '-' . $month . '-' . $day . ' ' . $hour . ':' . $minute . ':' . $second); if ($publish_now) { $created = 'now()'; } elseif ($created_ts > 0) { $created = "from_unixtime('" . $created_ts . "')"; } else { $created = ''; } $size = filesize(build_file_path($file_base_path, $filename)); $constraints = array('category' => new CategoryConstraint(gps('category'), array('type' => 'file')), 'status' => new ChoiceConstraint(gps('status'), array('choices' => array_keys($file_statuses), 'message' => 'invalid_status'))); callback_event_ref('file_ui', 'validate_save', 0, $varray, $constraints); $validator = new Validator($constraints); $rs = $validator->validate() && safe_update('txp_file', "\n filename = '" . doSlash($filename) . "',\n title = '{$title}',\n category = '{$category}',\n permissions = '{$perms}',\n description = '{$description}',\n status = '{$status}',\n size = '{$size}',\n modified = now()" . ($created ? ", created = {$created}" : ''), "id = {$id}"); if (!$rs) { // Update failed, rollback name. if (isset($old_path) && shift_uploaded_file($new_path, $old_path) === false) { file_list(array(gTxt('file_unsynchronized', array('{name}' => $filename)), E_ERROR)); return; } else { file_list(array(gTxt('file_not_updated', array('{name}' => $filename)), E_ERROR)); return; } } update_lastmod('file_saved', compact('id', 'filename', 'title', 'category', 'description', 'status', 'size')); file_list(gTxt('file_updated', array('{name}' => $filename))); }
function file_save() { global $file_base_path; extract(doSlash(gpsa(array('id', 'filename', 'category', 'description')))); $permissions = ""; if (isset($_GET['perms'])) { $permissions = urldecode($_GET['perms']); } elseif (isset($_POST['perms'])) { $permissions = $_POST['perms']; } if (is_array($permissions)) { asort($permissions); $permissions = implode(",", $permissions); } $perms = mysql_real_escape_string($permissions); $old_filename = fetch('filename', 'txp_file', 'id', '$id'); if ($old_filename != false && strcmp($old_filename, $filename) != 0) { $old_path = build_file_path($file_base_path, $old_filename); $new_path = build_file_path($file_base_path, $filename); if (file_exists($old_path) && shift_uploaded_file($old_path, $new_path) === false) { file_list(messenger("file", $filename, "could not be renamed")); return; } else { file_set_perm($new_path); } } $rs = safe_update("txp_file", "filename = '{$filename}',\n\t\t\tcategory = '{$category}',\n\t\t\tpermissions = '{$perms}',\n\t\t\tdescription = '{$description}'", "id = '{$id}'"); if (!$rs) { // update failed, rollback name if (shift_uploaded_file($new_path, $old_path) === false) { file_list(messenger("file", $filename, "has become unsyned with database. Manually fix file name.")); return; } else { file_list(messenger(gTxt('file'), $filename, "was not updated")); return; } } file_list(messenger(gTxt('file'), $filename, "updated")); }
function file_save() { global $file_base_path; extract(doSlash(gpsa(array('id', 'filename', 'category', 'description')))); $id = assert_int($id); $permissions = gps('perms'); if (is_array($permissions)) { asort($permissions); $permissions = implode(",", $permissions); } $perms = doSlash($permissions); $old_filename = fetch('filename', 'txp_file', 'id', $id); if ($old_filename != false && strcmp($old_filename, $filename) != 0) { $old_path = build_file_path($file_base_path, $old_filename); $new_path = build_file_path($file_base_path, $filename); if (file_exists($old_path) && shift_uploaded_file($old_path, $new_path) === false) { $message = gTxt('file_cannot_rename', array('{name}' => $filename)); return file_list($message); } else { file_set_perm($new_path); } } $rs = safe_update('txp_file', "\n\t\t\tfilename = '{$filename}',\n\t\t\tcategory = '{$category}',\n\t\t\tpermissions = '{$perms}',\n\t\t\tdescription = '{$description}'\n\t\t", "id = {$id}"); if (!$rs) { // update failed, rollback name if (shift_uploaded_file($new_path, $old_path) === false) { $message = gTxt('file_unsynchronized', array('{name}' => $filename)); return file_list($message); } else { $message = gTxt('file_not_updated', array('{name}' => $filename)); return file_list($message); } } $message = gTxt('file_updated', array('{name}' => $filename)); file_list($message); }