aboutsummaryrefslogtreecommitdiffstats
path: root/include/attach.php
diff options
context:
space:
mode:
Diffstat (limited to 'include/attach.php')
-rw-r--r--include/attach.php221
1 files changed, 188 insertions, 33 deletions
diff --git a/include/attach.php b/include/attach.php
index 0c748cba6..af1159957 100644
--- a/include/attach.php
+++ b/include/attach.php
@@ -26,6 +26,7 @@ function z_mime_content_type($filename) {
'xml' => 'application/xml',
'swf' => 'application/x-shockwave-flash',
'flv' => 'video/x-flv',
+ 'epub' => 'application/epub+zip',
// images
'png' => 'image/png',
@@ -79,17 +80,12 @@ function z_mime_content_type($filename) {
if (array_key_exists($ext, $mime_types)) {
return $mime_types[$ext];
}
+
+
}
-// can't use this because we're just passing a name, e.g. not a file that can be opened
-// elseif (function_exists('finfo_open')) {
-// $finfo = @finfo_open(FILEINFO_MIME);
-// $mimetype = @finfo_file($finfo, $filename);
-// @finfo_close($finfo);
-// return $mimetype;
-// }
- else {
- return 'application/octet-stream';
- }
+
+ return 'application/octet-stream';
+
}
@@ -193,13 +189,13 @@ function attach_by_hash($hash,$rev = 0) {
$sql_extra = permissions_sql($r[0]['uid']);
// Now we'll see if we can access the attachment
-dbg(1);
+
$r = q("SELECT * FROM attach WHERE hash = '%s' and uid = %d $sql_extra LIMIT 1",
dbesc($hash),
intval($r[0]['uid'])
);
-dbg(0);
+
if(! $r) {
$ret['message'] = t('Permission denied.');
return $ret;
@@ -242,7 +238,7 @@ function attach_by_hash_nodata($hash,$rev = 0) {
// Now we'll see if we can access the attachment
- $r = q("select id, aid, uid, hash, filename, filetype, filesize, revision, folder, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where uid = %d and hash = '%s' $sql_extra limit 1",
+ $r = q("select id, aid, uid, hash, creator, filename, filetype, filesize, revision, folder, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where uid = %d and hash = '%s' $sql_extra limit 1",
intval($r[0]['uid']),
dbesc($hash)
);
@@ -334,9 +330,10 @@ function attach_store($channel,$observer_hash,$options = '',$arr = null) {
}
$limit = service_class_fetch($channel_id,'attach_upload_limit');
+
if($limit !== false) {
- $r = q("select sum(filesize) as total from attach where uid = %d ",
- intval($channel_id)
+ $r = q("select sum(filesize) as total from attach where aid = %d ",
+ intval($channel['channel_account_id'])
);
if(($r) && (($r[0]['total'] + $filesize) > ($limit - $existing_size))) {
$ret['message'] = upgrade_message(true).sprintf(t("You have reached your limit of %1$.0f Mbytes attachment storage."),$limit / 1024000);
@@ -363,11 +360,12 @@ function attach_store($channel,$observer_hash,$options = '',$arr = null) {
);
}
elseif($options === 'revise') {
- $r = q("insert into attach ( aid, uid, hash, filename, filetype, filesize, revision, data, created, edited, allow_cid, allow_gid, deny_cid, deny_gid )
- VALUES ( %d, %d, '%s', '%s', '%s', %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ",
+ $r = q("insert into attach ( aid, uid, hash, creator, filename, filetype, filesize, revision, data, created, edited, allow_cid, allow_gid, deny_cid, deny_gid )
+ VALUES ( %d, %d, '%s', '%s', '%s', '%s', %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ",
intval($x[0]['aid']),
intval($channel_id),
dbesc($x[0]['hash']),
+ dbesc(get_observer_hash()),
dbesc($filename),
dbesc($mimetype),
intval($filesize),
@@ -398,11 +396,12 @@ function attach_store($channel,$observer_hash,$options = '',$arr = null) {
}
else {
- $r = q("INSERT INTO attach ( aid, uid, hash, filename, filetype, filesize, revision, data, created, edited, allow_cid, allow_gid,deny_cid, deny_gid )
- VALUES ( %d, %d, '%s', '%s', '%s', %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ",
+ $r = q("INSERT INTO attach ( aid, uid, hash, creator, filename, filetype, filesize, revision, data, created, edited, allow_cid, allow_gid,deny_cid, deny_gid )
+ VALUES ( %d, %d, '%s', '%s', '%s', '%s', %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ",
intval($channel['channel_account_id']),
intval($channel_id),
dbesc($hash),
+ dbesc(get_observer_hash()),
dbesc($filename),
dbesc($mimetype),
intval($filesize),
@@ -427,7 +426,7 @@ function attach_store($channel,$observer_hash,$options = '',$arr = null) {
// Caution: This re-uses $sql_options set further above
- $r = q("select id, aid, uid, hash, filename, filetype, filesize, revision, folder, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where uid = %d and hash = '%s' $sql_options limit 1",
+ $r = q("select id, aid, uid, hash, creator, filename, filetype, filesize, revision, folder, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where uid = %d and hash = '%s' $sql_options limit 1",
intval($channel_id),
dbesc($hash)
);
@@ -487,7 +486,7 @@ function z_readdir($channel_id,$observer_hash,$pathname, $parent_hash = '') {
else
$paths = array($pathname);
- $r = q("select id, aid, uid, hash, filename, filetype, filesize, revision, folder, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where id = %d and folder = '%s' and filename = '%s' and (flags & %d ) " . permissions_sql($channel_id),
+ $r = q("select id, aid, uid, hash, creator, filename, filetype, filesize, revision, folder, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where id = %d and folder = '%s' and filename = '%s' and (flags & %d ) " . permissions_sql($channel_id),
intval($channel_id),
dbesc($parent_hash),
dbesc($paths[0]),
@@ -531,11 +530,14 @@ function attach_mkdir($channel,$observer_hash,$arr = null) {
$sql_options = '';
$basepath = 'store/' . $channel['channel_address'];
+
+ logger('attach_mkdir: basepath: ' . $basepath);
+
if(! is_dir($basepath))
- @mkdir($basepath,STORAGE_DEFAULT_PERMISSIONS,true);
+ mkdir($basepath,STORAGE_DEFAULT_PERMISSIONS,true);
- if(! perm_is_allowed($channel_id, get_observer_hash(),'write_storage')) {
+ if(! perm_is_allowed($channel_id, $observer_hash,'write_storage')) {
$ret['message'] = t('Permission denied.');
return $ret;
}
@@ -571,16 +573,19 @@ function attach_mkdir($channel,$observer_hash,$arr = null) {
$lpath = '';
$lfile = $arr['folder'];
- $sql_options = permissions_sql($channel);
+ $sql_options = permissions_sql($channel['channel_id']);
do {
+
$r = q("select filename, hash, flags, folder from attach where uid = %d and hash = '%s' and ( flags & %d )
$sql_options limit 1",
intval($channel['channel_id']),
dbesc($lfile),
intval(ATTACH_FLAG_DIR)
);
+
if(! $r) {
+ logger('attach_mkdir: hash ' . $lfile . ' not found in ' . $lpath);
$ret['message'] = t('Path not found.');
return $ret;
}
@@ -598,28 +603,29 @@ function attach_mkdir($channel,$observer_hash,$arr = null) {
$created = datetime_convert();
- $r = q("INSERT INTO attach ( aid, uid, hash, filename, filetype, filesize, revision, folder, flags, data, created, edited, allow_cid, allow_gid, deny_cid, deny_gid )
- VALUES ( %d, %d, '%s', '%s', '%s', %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ",
+ $r = q("INSERT INTO attach ( aid, uid, hash, creator, filename, filetype, filesize, revision, folder, flags, data, created, edited, allow_cid, allow_gid, deny_cid, deny_gid )
+ VALUES ( %d, %d, '%s', '%s', '%s', '%s', %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ",
intval($channel['channel_account_id']),
intval($channel_id),
dbesc($arr['hash']),
+ dbesc(get_observer_hash()),
dbesc($arr['filename']),
dbesc('multipart/mixed'),
intval(0),
intval(0),
dbesc($arr['folder']),
- intval(ATTACH_FLAG_DIR),
- dbesc(''),
+ intval(ATTACH_FLAG_DIR|ATTACH_FLAG_OS),
+ dbesc($path),
dbesc($created),
dbesc($created),
- dbesc(($arr && array_key_exists('allow_cid',$arr)) ? $arr['allow_cid'] : ''),
- dbesc(($arr && array_key_exists('allow_gid',$arr)) ? $arr['allow_gid'] : ''),
- dbesc(($arr && array_key_exists('deny_cid',$arr)) ? $arr['deny_cid'] : ''),
- dbesc(($arr && array_key_exists('deny_gid',$arr)) ? $arr['deny_gid'] : '')
+ dbesc(($arr && array_key_exists('allow_cid',$arr)) ? $arr['allow_cid'] : $channel['channel_allow_cid']),
+ dbesc(($arr && array_key_exists('allow_gid',$arr)) ? $arr['allow_gid'] : $channel['channel_allow_gid']),
+ dbesc(($arr && array_key_exists('deny_cid',$arr)) ? $arr['deny_cid'] : $channel['channel_deny_cid']),
+ dbesc(($arr && array_key_exists('deny_gid',$arr)) ? $arr['deny_gid'] : $channel['channel_deny_gid'])
);
if($r) {
- if(mkdir($path,STORAGE_DEFAULT_PERMISSIONS)) {
+ if(mkdir($path,STORAGE_DEFAULT_PERMISSIONS,true)) {
$ret['success'] = true;
$ret['data'] = $arr;
}
@@ -633,4 +639,153 @@ function attach_mkdir($channel,$observer_hash,$arr = null) {
return $ret;
+}
+
+
+
+function attach_change_permissions($channel_id,$resource,$allow_cid,$allow_gid,$deny_cid,$deny_gid,$recurse = false) {
+
+ $r = q("select hash, flags from attach where hash = '%s' and uid = %d limit 1",
+ dbesc($resource),
+ intval($channel_id)
+ );
+
+ if(! $r)
+ return;
+
+ if($r[0]['flags'] & ATTACH_FLAG_DIR) {
+ if($recurse) {
+ $r = q("select hash, flags from attach where folder = '%s' and uid = %d",
+ dbesc($resource),
+ intval($channel_id)
+ );
+ if($r) {
+ foreach($r as $rr) {
+ attach_change_permissions($channel_id,$resource,$allow_cid,$allow_gid,$deny_cid,$deny_gid,$recurse);
+ }
+ }
+ }
+ }
+
+ $x = q("update attach set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where hash = '%s' and uid = %d limit 1",
+ dbesc($allow_cid),
+ dbesc($allow_gid),
+ dbesc($deny_cid),
+ dbesc($deny_gid),
+ dbesc($resource),
+ intval($channel_id)
+ );
+
+ return;
+}
+
+
+
+function attach_delete($channel_id,$resource) {
+
+
+ $c = q("select channel_address from channel where channel_id = %d limit 1",
+ intval($channel_id)
+ );
+
+ $channel_address = (($c) ? $c[0]['channel_address'] : 'notfound');
+
+ $r = q("select hash, flags from attach where hash = '%s' and uid = %d limit 1",
+ dbesc($resource),
+ intval($channel_id)
+ );
+
+
+ if(! $r)
+ return;
+
+ if($r[0]['flags'] & ATTACH_FLAG_DIR) {
+ $x = q("select hash, flags from attach where folder = '%s' and uid = %d",
+ dbesc($resource),
+ intval($channel_id)
+ );
+ if($x) {
+ foreach($x as $xx) {
+ attach_delete($channel_id,$xx['hash']);
+ }
+ }
+ }
+ if($r[0]['flags'] & ATTACH_FLAG_OS) {
+ $y = q("select data from attach where hash = '%s' and uid = %d limit 1",
+ dbesc($resource),
+ intval($channel_id)
+ );
+
+ if($y) {
+ $f = 'store/' . $channel_address . '/' . $y[0]['data'];
+ if(is_dir($f))
+ @rmdir($f);
+ elseif(file_exists($f))
+ unlink($f);
+ }
+ }
+
+ $z = q("delete from attach where hash = '%s' and uid = %d limit 1",
+ dbesc($resource),
+ intval($channel_id)
+ );
+
+ return;
+}
+
+
+
+function get_cloudpath($arr) {
+
+ $basepath = 'cloud/';
+ if($arr['uid']) {
+ $r = q("select channel_address from channel where channel_id = %d limit 1",
+ intval($arr['uid'])
+ );
+ if($r)
+ $basepath .= $r[0]['channel_address'] . '/';
+ }
+
+
+ $path = $basepath;
+
+ if($arr['folder']) {
+
+ $lpath = '';
+ $lfile = $arr['folder'];
+
+ do {
+ $r = q("select filename, hash, flags, folder from attach where uid = %d and hash = '%s' and ( flags & %d )
+ limit 1",
+ intval($arr['uid']),
+ dbesc($lfile),
+ intval(ATTACH_FLAG_DIR)
+ );
+
+ if(! $r)
+ break;
+
+ if($lfile)
+ $lpath = $r[0]['filename'] . '/' . $lpath;
+ $lfile = $r[0]['folder'];
+
+ } while ( ($r[0]['folder']) && ($r[0]['flags'] & ATTACH_FLAG_DIR)) ;
+
+ $path .= $lpath;
+
+ }
+
+ $path .= $arr['filename'];
+ return $path;
+
+}
+
+
+
+
+function pipe_streams($in, $out) {
+ $size = 0;
+ while (!feof($in))
+ $size += fwrite($out,fread($in,8192));
+ return $size;
} \ No newline at end of file
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-13 14:04:08 +0000