aboutsummaryrefslogtreecommitdiffstats
path: root/mod
diff options
context:
space:
mode:
Diffstat (limited to 'mod')
-rw-r--r--mod/wall_attach.php71
1 files changed, 53 insertions, 18 deletions
diff --git a/mod/wall_attach.php b/mod/wall_attach.php
index 8b8a6ddaa..305931bbb 100644
--- a/mod/wall_attach.php
+++ b/mod/wall_attach.php
@@ -41,6 +41,25 @@ function wall_attach_post(&$a) {
$filename = basename($_FILES['userfile']['name']);
$filesize = intval($_FILES['userfile']['size']);
+
+ $replace = ((x($_REQUEST,'replace')) ? intval($_REQUEST['replace']) : 0);
+ $existing_size = 0;
+
+ if($replace) {
+ $x = q("select id, filesize, allow_cid, allow_gid, deny_cid, deny_gid from attach where id = %d and uid = %d limit 1",
+ intval($replace),
+ intval($page_owner_uid)
+ );
+ if(! $x) {
+ notice('Cannot locate file to replace');
+ killme();
+ }
+ $existing_size = intval($x[0]['filesize']);
+
+ }
+
+
+
$maxfilesize = get_config('system','maxfilesize');
if(($maxfilesize) && ($filesize > $maxfilesize)) {
@@ -54,33 +73,49 @@ function wall_attach_post(&$a) {
$r = q("select sum(filesize) as total from attach where uid = %d ",
intval($page_owner_uid)
);
- if(($r) && (($r[0]['total'] + strlen($imagedata)) > $limit)) {
+ if(($r) && (($r[0]['total'] + $filesize) > ($limit - $existing_size))) {
echo upgrade_message(true) . EOL ;
@unlink($src);
killme();
}
}
+// TODO turn this into a general file upload api where permissions can be set on demand and move it out of the front end controller.
+// We're making several assumptions that we are uploading into a post, which defaults to owner privacy until the post is completed
+// and permissions are updated to match the post.
+
$filedata = @file_get_contents($src);
$mimetype = z_mime_content_type($filename);
$hash = random_string();
$created = datetime_convert();
- $r = q("INSERT INTO `attach` ( `aid`, `uid`, `hash`, `filename`, `filetype`, `filesize`, `data`, `created`, `edited`, `allow_cid`, `allow_gid`,`deny_cid`, `deny_gid` )
- VALUES ( %d, %d, '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ",
- intval($channel['channel_account_id']),
- intval($page_owner_uid),
- dbesc($hash),
- dbesc($filename),
- dbesc($mimetype),
- intval($filesize),
- dbesc($filedata),
- dbesc($created),
- dbesc($created),
- dbesc('<' . $channel['channel_hash'] . '>'),
- dbesc(''),
- dbesc(''),
- dbesc('')
- );
+ if($replace) {
+ $r = q("update attach set filename = '%s', filetype = '%s', filesize = %d, data = '%s', edited = '%s' where id = %d limit 1",
+ dbesc($filename),
+ dbesc($mimetype),
+ intval($filesize),
+ dbesc($filedata),
+ dbesc($created),
+ intval($replace)
+ );
+ }
+ else {
+ $r = q("INSERT INTO `attach` ( `aid`, `uid`, `hash`, `filename`, `filetype`, `filesize`, `data`, `created`, `edited`, `allow_cid`, `allow_gid`,`deny_cid`, `deny_gid` )
+ VALUES ( %d, %d, '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ",
+ intval($channel['channel_account_id']),
+ intval($page_owner_uid),
+ dbesc($hash),
+ dbesc($filename),
+ dbesc($mimetype),
+ intval($filesize),
+ dbesc($filedata),
+ dbesc($created),
+ dbesc($created),
+ dbesc('<' . $channel['channel_hash'] . '>'),
+ dbesc(''),
+ dbesc(''),
+ dbesc('')
+ );
+ }
@unlink($src);
@@ -95,7 +130,7 @@ function wall_attach_post(&$a) {
dbesc($hash)
);
- if(! count($r)) {
+ if(! $r) {
echo ( t('File upload failed.') . EOL);
killme();
}