public static function do_download_file($type) {
global $wf;
// used by the "From URL" control
if (isset($_REQUEST["url"])) {
$url = trim($_REQUEST["url"]);
if ($url) {
MPC::incl("files");
$model_id = $_REQUEST["model_id"];
// need to check the extensions
$pi = pathinfo(urldecode($url));
$field = MPM_Field::find_by_id($model_id);
if ($field) {
$type_options = $field->type_options;
$extensions = $type_options["allowed_types"];
if (!in_array(strtolower($pi["extension"]), $extensions)) {
self::ajax_error( sprintf( __("Cannot download %s. This field only allows the file types %s", MASTERPRESS_DOMAIN ), $type, implode(", ", $extensions)));
}
list($dir, $sub) = MPC_Files::upload_dir($field);
$name = MPC_Files::sanitize_filename($pi["filename"], $type_options).".".md5($url);
if ($type == "image") {
$file = $wf->image_from_url($url, $name, $dir);
} else {
$file = $wf->file_from_url($url, $name, $dir);
}
if ($file->exists()) {
// check the file size
$limit = self::get_filesize_limit();
if (isset($type_options["allowed_maxsize"])) {
if (is_numeric($type_options["allowed_maxsize"])) {
$limit = WOOF_File::to_bytes($type_options["allowed_maxsize"]."M");
}
}
if ($file->filesizeinbytes() > $limit) {
$file->delete();
self::ajax_error( sprintf( __("The %s was downloaded, but it could not saved as it was too large. This field only allows files up to %s", MASTERPRESS_DOMAIN ), $type, WOOF_File::format_filesize($limit, "MB", TRUE, $sep = " ")));
}
$info = array( "url" => $file->permalink() );
self::ajax_success($info);
} else {
self::ajax_error( sprintf( __("The %s could not be downloaded. Please check the URL is valid and try again", MASTERPRESS_DOMAIN ), $type ) );
}
} else {
self::ajax_error( sprintf( __( "This %s field could not be found in the database to check the validity of this download.", MASTERPRESS_DOMAIN ), $type ) );
}
}
}
self::ajax_error(__("No URL specified", MASTERPRESS_DOMAIN));
}
public static function options_form( $options ) {
$mfs = WOOF_File::to_bytes(ini_get('upload_max_filesize'));
$mps = WOOF_File::to_bytes(ini_get('post_max_size'));
$html = "";
$limit = self::get_filesize_limit();
$limit_mb = WOOF_File::format_filesize($limit, "MB", false);
$defaults = array(
"filename_case" => "lowercase",
"filename_sanitize" => "dashes",
"filename_dashes_underscores" => "dashes",
"allowed_maxsize" => $limit_mb,
"allowed_types" => array("jpg","jpeg","png","gif")
);
$options = wp_parse_args( $options, $defaults );
$p = self::type_prefix(__CLASS__);
$allowed_types_label = __("Allowed File Types:", MASTERPRESS_DOMAIN);
$allowed_maxsize_label = __("Maximum Size:", MASTERPRESS_DOMAIN);
$filename_label = __("File Name Handling", MASTERPRESS_DOMAIN);
$filename_label_note = __("specify how file names should be sanitized on upload", MASTERPRESS_DOMAIN);
$filename_sanitize_label = __("Sanitize file name:", MASTERPRESS_DOMAIN);
$filename_sanitize_note = __("Sanitization removes special characters and replaces word boundaries with the specified character", MASTERPRESS_DOMAIN);
$filename_case_label = __("Change case to:", MASTERPRESS_DOMAIN);
$filename_case_select = WOOF_HTML::select(
array("id" => $p."filename_case", "name" => "type_options[filename_case]"),
array(
"lower-case" => "lowercase",
"Title-Case" => "titlecase",
"UPPER-CASE" => "uppercase",
"Preserve (No Change)" => "none"
),
$options["filename_case"]
);
$filename_sanitize_select = WOOF_HTML::select(
array("id" => $p."filename_sanitize", "name" => "type_options[filename_sanitize]"),
array(
__("With Dashes ( - )", MASTERPRESS_DOMAIN) => "dashes",
__("With Underscores ( _ )", MASTERPRESS_DOMAIN) => "underscores",
__("None (Don't Sanitize)", MASTERPRESS_DOMAIN) => "none"
),
$options["filename_sanitize"]
);
$allowed_maxsize_note = __("( MB )", MASTERPRESS_DOMAIN);
$allowed_maxsize_blank_note = sprintf(__("This value <strong>cannot exceed</strong> the maximum upload size<br />for your server, which is currently set to <strong>%s</strong>.", MASTERPRESS_DOMAIN), WOOF_File::format_filesize($limit, "MB", true, " "));
$allowed_label = __("File Restrictions", MASTERPRESS_DOMAIN);
$allowed_label_note = __("restrict allowable files by type and file size", MASTERPRESS_DOMAIN);
$allowed_types_note = __("The image field type is intended only for images that are displayable on a website.<br />For other image types, use the <em>file</em> field type instead", MASTERPRESS_DOMAIN);
MPFT::incl("file");
foreach (array("jpg","jpeg","png","gif") as $ext) {
$file_types_items[ MPFT_File::file_type_label($ext) ] = $ext;
}
$allowed_types_checkboxes = WOOF_HTML::input_checkbox_group( "type_options[allowed_types][]", $p."allowed-types-", $file_types_items, $options["allowed_types"], WOOF_HTML::open("div", "class=fwi"), WOOF_HTML::close("div"));
// setup variables to insert into the heredoc string
// (this is required where we cannot call functions within heredoc strings)
$html .= <<<HTML
<div class="filename-handling-wrap">
<h4><i class="highlighter"></i>{$filename_label}<span> - {$filename_label_note}</span></h4>
<div class="f">
<label for="{$p}filename_sanitize">{$filename_sanitize_label}</label>
<div id="fw-{$p}filename_sanitize" class="fw">
{$filename_sanitize_select}
<p class="note">{$filename_sanitize_note}</p>
</div>
</div>
<!-- /.f -->
<div class="f">
<label for="{$p}filename_case">{$filename_case_label}</label>
<div id="fw-{$p}filename_case" class="fw">
{$filename_case_select}
</div>
</div>
<!-- /.f -->
</div>
<div class="allowed-wrap divider">
<h4><i class="warning-shield"></i>{$allowed_label}<span> - {$allowed_label_note}</span></h4>
<div class="f">
<label for="{$p}allowed_maxsize">{$allowed_maxsize_label}</label>
<div id="fw-{$p}allowed_maxsize" class="fw">
<input id="{$p}allowed_maxsize" name="type_options[allowed_maxsize]" type="text" maxlength="4" value="{$options['allowed_maxsize']}" class="text" /><span class="note">{$allowed_maxsize_note}</span>
<p class="note">{$allowed_maxsize_blank_note}</p>
</div>
</div>
<!-- /.f -->
<div class="f f-allowed-types">
<p class="label">{$allowed_types_label}</p>
<div class="fw">
{$allowed_types_checkboxes}
<div class="controls"><button type="button" class="button button-small select-all">Select All</button><button type="button" class="button button-small select-none">Select None</button></div>
<p class="note">{$allowed_types_note}</p>
</div>
</div>
<!-- /.f -->
</div>
HTML;
return $html;
}
public static function options_form( $options ) {
$html = "";
$limit = self::get_filesize_limit();
$limit_mb = WOOF_File::format_filesize($limit, "MB", false);
$defaults = array(
"filename_case" => "lowercase",
"filename_sanitize" => "dashes",
"allowed_types" => array("csv","doc","docx","gz","m4a", "md", "pdf","pps","ppt","pptx","psd","rar","rtf","swf","txt","vcf","xls","xlsx","xml","zip")
);
$options = wp_parse_args( $options, $defaults );
$p = self::type_prefix(__CLASS__);
$allowed_maxsize = self::option_value($options, "allowed_maxsize");
$allowed_types = self::option_value($options, "allowed_types");
$allowed_field = implode(",", $allowed_types);
$allowed_types_label = __("Allowed File Types:", MASTERPRESS_DOMAIN);
$allowed_maxsize_label = __("Maximum Size:", MASTERPRESS_DOMAIN);
$allowed_field_label = __("More Allowed Types:", MASTERPRESS_DOMAIN);
$allowed_field_note = __("Separate file extensions that you would like to allow with commas.<br /><strong>Important:</strong> in the interests of security, take care to avoid file types that are executable on your server that may be exploitable by malicious users.<br /><br />Alternatively, you can populate the list by selecting from the list of typical field types below:", MASTERPRESS_DOMAIN);
$filename_label = __("File Name Handling", MASTERPRESS_DOMAIN);
$filename_label_note = __("specify how file names should be sanitized on upload", MASTERPRESS_DOMAIN);
$filename_sanitize_label = __("Sanitize file name:", MASTERPRESS_DOMAIN);
$filename_sanitize_note = __("Sanitization removes special characters and replaces word boundaries with the specified character", MASTERPRESS_DOMAIN);
$filename_case_label = __("Change case to:", MASTERPRESS_DOMAIN);
$filename_case_select = WOOF_HTML::select(
array("id" => $p."filename_case", "name" => "type_options[filename_case]"),
array(
"lower-case" => "lowercase",
"Title-Case" => "titlecase",
"UPPER-CASE" => "uppercase",
"Preserve (No Change)" => "none"
),
$options["filename_case"]
);
$filename_sanitize_select = WOOF_HTML::select(
array("id" => $p."filename_sanitize", "name" => "type_options[filename_sanitize]"),
array(
__("With Dashes ( - )", MASTERPRESS_DOMAIN) => "dashes",
__("With Underscores ( _ )", MASTERPRESS_DOMAIN) => "underscores",
__("None (Don't Sanitize)", MASTERPRESS_DOMAIN) => "none"
),
$options["filename_sanitize"]
);
$allowed_maxsize_note = __("( MB )", MASTERPRESS_DOMAIN);
$allowed_maxsize_blank_note = sprintf(__("This value <strong>cannot exceed</strong> the maximum upload size<br />for your server, which is currently set to <strong>%s</strong>.", MASTERPRESS_DOMAIN), WOOF_File::format_filesize($limit, "MB", true, " "));
$allowed_label = __("File Restrictions", MASTERPRESS_DOMAIN);
$allowed_label_note = __("restrict allowable files by type and file size", MASTERPRESS_DOMAIN);
// setup variables to insert into the heredoc string
// (this is required where we cannot call functions within heredoc strings)
$html .= <<<HTML
<div class="filename-handling-wrap">
<h4><i class="highlighter"></i>{$filename_label}<span> - {$filename_label_note}</span></h4>
<div class="f">
<label for="{$p}filename_sanitize">{$filename_sanitize_label}</label>
<div id="fw-{$p}filename_sanitize" class="fw">
{$filename_sanitize_select}
<p class="note">{$filename_sanitize_note}</p>
</div>
</div>
<!-- /.f -->
<div class="f">
<label for="{$p}filename_case">{$filename_case_label}</label>
<div id="fw-{$p}filename_case" class="fw">
{$filename_case_select}
</div>
</div>
<!-- /.f -->
</div>
<div class="allowed-wrap divider">
<h4><i class="warning-shield"></i>{$allowed_label}<span> - {$allowed_label_note}</span></h4>
<div class="f">
<label for="{$p}allowed_maxsize">{$allowed_maxsize_label}</label>
<div id="fw-{$p}allowed_maxsize" class="fw">
<input id="{$p}allowed_maxsize" name="type_options[allowed_maxsize]" type="text" maxlength="4" value="{$allowed_maxsize}" class="text" /><span class="note">{$allowed_maxsize_note}</span>
<p class="note">{$allowed_maxsize_blank_note}</p>
</div>
</div>
<!-- /.f -->
<div class="f f-allowed-types">
<p class="label">{$allowed_types_label}</p>
<div class="fw">
<div class="clearfix">
<textarea id="{$p}allowed_field" class="mono" name="allowed_field">{$allowed_field}</textarea>
<p id="allowed-field-note" class="note">{$allowed_field_note}</p>
</div>
<div id="{$p}allowed-types-wrap">
HTML;
foreach (WOOF_File::file_type_categories() as $header => $exts) {
$html .= '<div class="file-category">';
$html .= "<h5>".$header."</h5>";
$file_types_items = array();
$proxy = "";
if ($header == "Camera RAW Files") {
$proxy = "file-type-raw";
}
foreach ($exts as $ext) {
$file_types_items[ self::file_type_label($ext, $proxy) ] = $ext;
}
$html .= WOOF_HTML::input_checkbox_group( "type_options[allowed_types][]", $p."allowed-types-", $file_types_items, $allowed_types, WOOF_HTML::open("div", "class=fwi"), WOOF_HTML::close("div"));
$html .= '<div class="controls"><button type="button" class="button button-small select-all">Select All</button><button type="button" class="button button-small select-none">Select None</button></div>';
$html .= '</div>';
}
$html .= <<<HTML
</div>
<div id="{$p}allowed-types-custom">
</div>
</div>
</div>
<!-- /.f -->
</div>
HTML;
return $html;
}
public static function mem($label) {
pr( "MEMORY $label - ". WOOF_File::format_filesize( memory_get_usage(), "AUTO" ) . "<br/>" );
}
