/** * Upload a file to the item directory * * @throws common_exception_MissingParameter */ public function upload() { //as upload may be called multiple times, we remove the session lock as soon as possible try { session_write_close(); if ($this->hasRequestParameter('uri')) { $itemUri = $this->getRequestParameter('uri'); $item = new core_kernel_classes_Resource($itemUri); } if ($this->hasRequestParameter('lang')) { $itemLang = $this->getRequestParameter('lang'); } if (!$this->hasRequestParameter('path')) { throw new common_exception_MissingParameter('path', __METHOD__); } if (!$this->hasRequestParameter('filters')) { throw new common_exception_MissingParameter('filters', __METHOD__); } $filters = $this->getRequestParameter('filters'); $resolver = new ItemMediaResolver($item, $itemLang); $asset = $resolver->resolve($this->getRequestParameter('relPath')); $file = tao_helpers_Http::getUploadedFile('content'); $fileTmpName = $file['tmp_name'] . '_' . $file['name']; if (!tao_helpers_File::copy($file['tmp_name'], $fileTmpName)) { throw new common_exception_Error('impossible to copy ' . $file['tmp_name'] . ' to ' . $fileTmpName); } $mime = \tao_helpers_File::getMimeType($fileTmpName); if (is_string($filters)) { // the mime type is part of the $filters $filters = explode(',', $filters); if (in_array($mime, $filters)) { $filedata = $asset->getMediaSource()->add($fileTmpName, $file['name'], $asset->getMediaIdentifier()); } else { throw new \oat\tao\helpers\FileUploadException(__('The file you tried to upload is not valid')); } } else { $valid = false; // OR the extension is part of the filter and it correspond to the mime type foreach ($filters as $filter) { if ($filter['mime'] === $mime && (!isset($filter['extension']) || $filter['extension'] === \tao_helpers_File::getFileExtention($fileTmpName))) { $valid = true; } } if ($valid) { $filedata = $asset->getMediaSource()->add($fileTmpName, $file['name'], $asset->getMediaIdentifier()); } else { throw new \oat\tao\helpers\FileUploadException(__('The file you tried to upload is not valid')); } } $this->returnJson($filedata); return; } catch (\oat\tao\model\accessControl\data\PermissionException $e) { $message = $e->getMessage(); } catch (\oat\tao\helpers\FileUploadException $e) { $message = $e->getMessage(); } catch (common_Exception $e) { common_Logger::w($e->getMessage()); $message = _('Unable to upload file'); } $this->returnJson(array('error' => $message)); }