diff options
Diffstat (limited to 'mod/wall_attach.php')
-rw-r--r-- | mod/wall_attach.php | 71 |
1 files changed, 53 insertions, 18 deletions
diff --git a/mod/wall_attach.php b/mod/wall_attach.php index 8b8a6ddaa..305931bbb 100644 --- a/mod/wall_attach.php +++ b/mod/wall_attach.php @@ -41,6 +41,25 @@ function wall_attach_post(&$a) { $filename = basename($_FILES['userfile']['name']); $filesize = intval($_FILES['userfile']['size']); + + $replace = ((x($_REQUEST,'replace')) ? intval($_REQUEST['replace']) : 0); + $existing_size = 0; + + if($replace) { + $x = q("select id, filesize, allow_cid, allow_gid, deny_cid, deny_gid from attach where id = %d and uid = %d limit 1", + intval($replace), + intval($page_owner_uid) + ); + if(! $x) { + notice('Cannot locate file to replace'); + killme(); + } + $existing_size = intval($x[0]['filesize']); + + } + + + $maxfilesize = get_config('system','maxfilesize'); if(($maxfilesize) && ($filesize > $maxfilesize)) { @@ -54,33 +73,49 @@ function wall_attach_post(&$a) { $r = q("select sum(filesize) as total from attach where uid = %d ", intval($page_owner_uid) ); - if(($r) && (($r[0]['total'] + strlen($imagedata)) > $limit)) { + if(($r) && (($r[0]['total'] + $filesize) > ($limit - $existing_size))) { echo upgrade_message(true) . EOL ; @unlink($src); killme(); } } +// TODO turn this into a general file upload api where permissions can be set on demand and move it out of the front end controller. +// We're making several assumptions that we are uploading into a post, which defaults to owner privacy until the post is completed +// and permissions are updated to match the post. + $filedata = @file_get_contents($src); $mimetype = z_mime_content_type($filename); $hash = random_string(); $created = datetime_convert(); - $r = q("INSERT INTO `attach` ( `aid`, `uid`, `hash`, `filename`, `filetype`, `filesize`, `data`, `created`, `edited`, `allow_cid`, `allow_gid`,`deny_cid`, `deny_gid` ) - VALUES ( %d, %d, '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ", - intval($channel['channel_account_id']), - intval($page_owner_uid), - dbesc($hash), - dbesc($filename), - dbesc($mimetype), - intval($filesize), - dbesc($filedata), - dbesc($created), - dbesc($created), - dbesc('<' . $channel['channel_hash'] . '>'), - dbesc(''), - dbesc(''), - dbesc('') - ); + if($replace) { + $r = q("update attach set filename = '%s', filetype = '%s', filesize = %d, data = '%s', edited = '%s' where id = %d limit 1", + dbesc($filename), + dbesc($mimetype), + intval($filesize), + dbesc($filedata), + dbesc($created), + intval($replace) + ); + } + else { + $r = q("INSERT INTO `attach` ( `aid`, `uid`, `hash`, `filename`, `filetype`, `filesize`, `data`, `created`, `edited`, `allow_cid`, `allow_gid`,`deny_cid`, `deny_gid` ) + VALUES ( %d, %d, '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ", + intval($channel['channel_account_id']), + intval($page_owner_uid), + dbesc($hash), + dbesc($filename), + dbesc($mimetype), + intval($filesize), + dbesc($filedata), + dbesc($created), + dbesc($created), + dbesc('<' . $channel['channel_hash'] . '>'), + dbesc(''), + dbesc(''), + dbesc('') + ); + } @unlink($src); @@ -95,7 +130,7 @@ function wall_attach_post(&$a) { dbesc($hash) ); - if(! count($r)) { + if(! $r) { echo ( t('File upload failed.') . EOL); killme(); } |