fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-09 03:32:00 +09:00
Code Issues Projects Releases Packages Wiki Activity

issue 2662 file

Browse source 
git-svn-id: http://xe-core.googlecode.com/svn/branches/maserati@12246 201d5d3c-b55e-5fd7-737f-ddc643e51545
This commit is contained in:
ovclas 2012-11-16 09:36:17 +00:00
parent a35ff711c4
commit 41d7eb8384
7 changed files with 1876 additions and 1744 deletions
Download patch file Download diff file Expand all files Collapse all files

51
modules/file/file.admin.controller.php
View file

@ -1,15 +1,16 @@
<?php
/**
/**
* admin controller class of the file module
* @author NHN (developers@xpressengine.com)
**/
class fileAdminController extends file {
*/
class fileAdminController extends file
{
/**
* Initialization
* @return void
**/
function init() {
*/
function init()
{
}
/**
@ -17,8 +18,9 @@
*
* @param int $module_srl Sequence of module to delete files
* @return Object
**/
function deleteModuleFiles($module_srl) {
*/
function deleteModuleFiles($module_srl)
{
// Get a full list of attachments
$args->module_srl = $module_srl;
$columnList = array('file_srl', 'uploaded_filename');
@ -35,7 +37,8 @@
// Remove the file list obtained from the DB
$path = array();
$cnt = count($files);
for($i=0;$i<$cnt;$i++) {
for($i=0;$i<$cnt;$i++)
{
$uploaded_filename = $files[$i]->uploaded_filename;
FileHandler::removeFile($uploaded_filename);
@ -52,8 +55,9 @@
* Delete selected files from the administrator page
*
* @return Object
**/
function procFileAdminDeleteChecked() {
*/
function procFileAdminDeleteChecked()
{
// An error appears if no document is selected
$cart = Context::get('cart');
if(!$cart) return $this->stop('msg_cart_is_null');
@ -64,7 +68,8 @@
$oFileController = &getController('file');
// Delete the post
for($i=0;$i<$file_count;$i++) {
for($i=0;$i<$file_count;$i++)
{
$file_srl = trim($file_srl_list[$i]);
if(!$file_srl) continue;
@ -81,8 +86,9 @@
* Add file information
*
* @return Object
**/
function procFileAdminInsertConfig() {
*/
function procFileAdminInsertConfig()
{
// Get configurations (using module model object)
$config->allowed_filesize = Context::get('allowed_filesize');
$config->allowed_attach_size = Context::get('allowed_attach_size');
@ -102,8 +108,9 @@
* Add file information for each module
*
* @return void
**/
function procFileAdminInsertModuleConfig() {
*/
function procFileAdminInsertModuleConfig()
{
// Get variables
$module_srl = Context::get('target_module_srl');
// In order to configure multiple modules at once
@ -133,7 +140,8 @@
return new Object(-1, 'input size over than config in php.ini');
$oModuleController = &getController('module');
for($i=0;$i<count($module_srl);$i++) {
for($i=0;$i<count($module_srl);$i++)
{
$srl = trim($module_srl[$i]);
if(!$srl) continue;
$oModuleController->insertModulePartConfig('file',$srl,$file_config);
@ -150,7 +158,7 @@
* Add to SESSION file srl
*
* @return Object
**/
*/
function procFileAdminAddCart()
{
$file_srl = (int)Context::get('file_srl');
@ -172,7 +180,7 @@
*
* @param string $size_str Size string
* @return int The byte value for input
**/
*/
function _changeBytes($size_str)
{
switch (substr ($size_str, -1))
@ -183,5 +191,6 @@
default: return $size_str;
}
}
}
?>
}
/* End of file file.admin.controller.php */
/* Location: ./modules/file/file.admin.controller.php */

42
modules/file/file.admin.model.php
View file

@ -1,15 +1,16 @@
<?php
/**
/**
* Admin model class of the file module
* @author NHN (developers@xpressengine.com)
**/
class fileAdminModel extends file {
*/
class fileAdminModel extends file
{
/**
* Initialization
* @return void
**/
function init() {
*/
function init()
{
}
/**
@ -59,8 +60,9 @@
* @param object $obj Search options
* @param array $columnList Column list to get from DB
* @return Object Object contains query result
**/
function getFileList($obj, $columnList = array()) {
*/
function getFileList($obj, $columnList = array())
{
$this->_makeSearchParam($obj, $args);
// Set valid/invalid state
@ -83,7 +85,8 @@
$oFileModel = &getModel('file');
foreach($output->data as $key => $file) {
foreach($output->data as $key => $file)
{
if($_SESSION['file_management'][$file->file_srl]) $file->isCarted = true;
else $file->isCarted = false;
@ -110,8 +113,9 @@
*
* @param object $obj Search options (not used...)
* @return array
**/
function getFilesCountByGroupValid($obj = '') {
*/
function getFilesCountByGroupValid($obj = '')
{
//$this->_makeSearchParam($obj, $args);
$output = executeQueryArray('file.getFilesCountByGroupValid', $args);
@ -123,8 +127,9 @@
*
* @param string $date Date string
* @return int
**/
function getFilesCountByDate($date = '') {
*/
function getFilesCountByDate($date = '')
{
if($date) $args->regDate = date('Ymd', strtotime($date));
$output = executeQuery('file.getFilesCount', $args);
@ -146,8 +151,10 @@
$search_target = $obj->search_target?$obj->search_target:trim(Context::get('search_target'));
$search_keyword = $obj->search_keyword?$obj->search_keyword:trim(Context::get('search_keyword'));
if($search_target && $search_keyword) {
switch($search_target) {
if($search_target && $search_keyword)
{
switch($search_target)
{
case 'filename' :
if($search_keyword) $search_keyword = str_replace(' ','%',$search_keyword);
$args->s_filename = $search_keyword;
@ -188,5 +195,6 @@
}
}
}
}
?>
}
/* End of file file.admin.model.php */
/* Location: ./modules/file/file.admin.model.php */

114
modules/file/file.admin.view.php
View file

@ -1,23 +1,25 @@
<?php
/**
/**
* Admin view of the module class file
* @author NHN (developers@xpressengine.com)
**/
class fileAdminView extends file {
*/
class fileAdminView extends file
{
/**
* Initialization
* @return void
**/
function init() {
*/
function init()
{
}
/**
* Display output list (for administrator)
*
* @return Object
**/
function dispFileAdminList() {
*/
function dispFileAdminList()
{
// Options to get a list
$args->page = Context::get('page'); // /< Page
$args->list_count = 30; // /< Number of documents that appear on a single page
@ -32,7 +34,8 @@
, 'source_filename', 'isvalid', 'file_size', 'download_count', 'files.regdate', 'ipaddress');
$output = $oFileAdminModel->getFileList($args, $columnList);
// Get the document for looping a list
if($output->data) {
if($output->data)
{
$oCommentModel = &getModel('comment');
$oDocumentModel = &getModel('document');
$oModuleModel = &getModel('module');
@ -46,32 +49,44 @@
$com_srls = array();
$mod_srls= array();
foreach($output->data as $file) {
foreach($output->data as $file)
{
$file_srl = $file->file_srl;
$target_srl = $file->upload_target_srl;
$file_update_args = null;
$file_update_args->file_srl = $file_srl;
// Find and update if upload_target_type doesn't exist
if(!$file->upload_target_type) {
if(!$file->upload_target_type)
{
// Pass if upload_target_type is already found
if($document_list[$target_srl]) {
if($document_list[$target_srl])
{
$file->upload_target_type = 'doc';
} else if($comment_list[$target_srl]) {
}
else if($comment_list[$target_srl])
{
$file->upload_target_type = 'com';
} else if($module_list[$target_srl]) {
}
else if($module_list[$target_srl])
{
$file->upload_target_type = 'mod';
} else {
}
else
{
// document
$document = $oDocumentModel->getDocument($target_srl);
if($document->isExists()) {
if($document->isExists())
{
$file->upload_target_type = 'doc';
$file_update_args->upload_target_type = $file->upload_target_type;
$document_list[$target_srl] = $document;
}
// comment
if(!$file->upload_target_type) {
if(!$file->upload_target_type)
{
$comment = $oCommentModel->getComment($target_srl);
if($comment->isExists()) {
if($comment->isExists())
{
$file->upload_target_type = 'com';
$file->target_document_srl = $comment->document_srl;
$file_update_args->upload_target_type = $file->upload_target_type;
@ -80,32 +95,40 @@
}
}
// module (for a page)
if(!$file->upload_target_type) {
if(!$file->upload_target_type)
{
$module = $oModuleModel->getModulesInfo($target_srl);
if($module) {
if($module)
{
$file->upload_target_type = 'mod';
$file_update_args->upload_target_type = $file->upload_target_type;
$module_list[$module->comment_srl] = $module;
}
}
if($file_update_args->upload_target_type) {
if($file_update_args->upload_target_type)
{
executeQuery('file.updateFileTargetType', $file_update_args);
}
}
// Check if data is already obtained
for($i = 0; $i < $com_srls_count; ++$i) {
for($i = 0; $i < $com_srls_count; ++$i)
{
if($comment_list[$com_srls[$i]]) delete($com_srls[$i]);
}
for($i = 0; $i < $doc_srls_count; ++$i) {
for($i = 0; $i < $doc_srls_count; ++$i)
{
if($document_list[$doc_srls[$i]]) delete($doc_srls[$i]);
}
for($i = 0; $i < $mod_srls_count; ++$i) {
for($i = 0; $i < $mod_srls_count; ++$i)
{
if($module_list[$mod_srls[$i]]) delete($mod_srls[$i]);
}
}
if($file->upload_target_type) {
if(!in_array($file->upload_target_srl, ${$file->upload_target_type.'_srls'})) {
if($file->upload_target_type)
{
if(!in_array($file->upload_target_srl, ${$file->upload_target_type.'_srls'}))
{
${$file->upload_target_type.'_srls'}[] = $target_srl;
}
}
@ -119,38 +142,47 @@
$mod_srls = array_unique($mod_srls);
// Comment list
$com_srls_count = count($com_srls);
if($com_srls_count) {
if($com_srls_count)
{
$comment_output = $oCommentModel->getComments($com_srls);
foreach($comment_output as $comment) {
foreach($comment_output as $comment)
{
$comment_list[$comment->comment_srl] = $comment;
$doc_srls[] = $comment->document_srl;
}
}
// Document list
$doc_srls_count = count($doc_srls);
if($doc_srls_count) {
if($doc_srls_count)
{
$document_output = $oDocumentModel->getDocuments($doc_srls);
if(is_array($document_output))
{
foreach($document_output as $document) {
foreach($document_output as $document)
{
$document_list[$document->document_srl] = $document;
}
}
}
// Module List
$mod_srls_count = count($mod_srls);
if($mod_srls_count) {
if($mod_srls_count)
{
$columnList = array('module_srl', 'mid', 'browser_title');
$module_output = $oModuleModel->getModulesInfo($mod_srls, $columnList);
if($module_output && is_array($module_output)){
foreach($module_output as $module) {
if($module_output && is_array($module_output))
{
foreach($module_output as $module)
{
$module_list[$module->module_srl] = $module;
}
}
}
foreach($file_list as $srl => $file) {
if($file->upload_target_type == 'com') {
foreach($file_list as $srl => $file)
{
if($file->upload_target_type == 'com')
{
$file_list[$srl]->target_document_srl = $comment_list[$file->upload_target_srl]->document_srl;
}
}
@ -171,15 +203,15 @@
$this->setTemplatePath($this->module_path.'tpl');
$this->setTemplateFile('file_list');
}
/**
* Set attachment information (for administrator)
*
* @return Object
**/
function dispFileAdminConfig() {
*/
function dispFileAdminConfig()
{
$oFileModel = &getModel('file');
$config = $oFileModel->getFileConfig();
Context::set('config',$config);
@ -187,6 +219,6 @@
$this->setTemplatePath($this->module_path.'tpl');
$this->setTemplateFile('adminConfig');
}
}
?>
}
/* End of file file.admin.view.php */
/* Location: ./modules/file/file.admin.view.php */

34
modules/file/file.class.php
View file

@ -1,16 +1,17 @@
<?php
/**
/**
* High class of the file module
* @author NHN (developers@xpressengine.com)
**/
class file extends ModuleObject {
*/
class file extends ModuleObject
{
/**
* Implement if additional tasks are necessary when installing
*
* @return Object
**/
function moduleInstall() {
*/
function moduleInstall()
{
// Register action forward (to use in administrator mode)
$oModuleController = &getController('module');
// Save the default settings for attachments
@ -46,8 +47,9 @@
* A method to check if successfully installed
*
* @return bool
**/
function checkUpdate() {
*/
function checkUpdate()
{
$oDB = &DB::getInstance();
$oModuleModel = &getModel('module');
// 2007. 10. 17 Create a trigger to insert, update, delete documents and comments
@ -80,8 +82,9 @@
* Execute update
*
* @return Object
**/
function moduleUpdate() {
*/
function moduleUpdate()
{
$oDB = &DB::getInstance();
$oModuleModel = &getModel('module');
$oModuleController = &getController('module');
@ -140,9 +143,10 @@
* Re-generate the cache file
*
* @return Object
**/
function recompileCache() {
*/
function recompileCache()
{
}
}
?>
}
/* End of file file.class.php */
/* Location: ./modules/file/file.class.php */

238
modules/file/file.controller.php
View file

@ -1,18 +1,18 @@
<?php
/**
/**
* Controller class of the file module
* @author NHN (developers@xpressengine.com)
**/
class fileController extends file {
*/
class fileController extends file
{
/**
* Initialization
* @return void
**/
function init() {
*/
function init()
{
}
/**
* Upload attachments in the editor
*
@ -21,8 +21,9 @@
* for sync.
*
* @return void
**/
function procFileUpload() {
*/
function procFileUpload()
{
$file_info = Context::get('Filedata');
// An error appears if not a normally uploaded file
@ -41,17 +42,16 @@
// Create if upload_target_srl is not defined in the session information
if(!$upload_target_srl) $_SESSION['upload_info'][$editor_sequence]->upload_target_srl = $upload_target_srl = getNextSequence();
return $this->insertFile($file_info, $module_srl, $upload_target_srl);
}
/**
* Iframe upload attachments
*
* @return Object
**/
function procFileIframeUpload() {
*/
function procFileIframeUpload()
{
// Basic variables setting
$editor_sequence = Context::get('editor_sequence');
$callback = Context::get('callback');
@ -80,15 +80,15 @@
$this->setTemplatePath($this->module_path.'tpl');
$this->setTemplateFile('iframe');
}
/**
* Image resize
*
* @return Object
**/
function procFileImageResize() {
*/
function procFileImageResize()
{
$source_src = Context::get('source_src');
$width = Context::get('width');
$height = Context::get('height');
@ -96,24 +96,26 @@
$output_src = Context::get('output_src');
if(!$source_src || !$width) return new Object(-1,'msg_invalid_request');
if(!$output_src){
if(!$output_src)
{
$output_src = $source_src . '.resized' . strrchr($source_src,'.');
}
if(!$type) $type = 'ratio';
if(!$height) $height = $width-1;
if(FileHandler::createImageFile($source_src,$output_src,$width,$height,'','ratio')){
if(FileHandler::createImageFile($source_src,$output_src,$width,$height,'','ratio'))
{
$output->info = getimagesize($output_src);
$output->src = $output_src;
}else{
}
else
{
return new Object(-1,'msg_invalid_request');
}
$this->add('resized_info',$output);
}
/**
* Download Attachment
*
@ -144,8 +146,9 @@
* </pre>
*
* return void
**/
function procFileDownload() {
*/
function procFileDownload()
{
$oFileModel = &getModel('file');
$file_srl = Context::get('file_srl');
@ -162,33 +165,42 @@
$filename = $file_obj->source_filename;
$file_module_config = $oFileModel->getFileModuleConfig($file_obj->module_srl);
// Not allow the file outlink
if($file_module_config->allow_outlink == 'N') {
if($file_module_config->allow_outlink == 'N')
{
// Handles extension to allow outlink
if($file_module_config->allow_outlink_format) {
if($file_module_config->allow_outlink_format)
{
$allow_outlink_format_array = array();
$allow_outlink_format_array = explode(',', $file_module_config->allow_outlink_format);
if(!is_array($allow_outlink_format_array)) $allow_outlink_format_array[0] = $file_module_config->allow_outlink_format;
foreach($allow_outlink_format_array as $val) {
foreach($allow_outlink_format_array as $val)
{
$val = trim($val);
if(preg_match("/\.{$val}$/i", $filename)) {
if(preg_match("/\.{$val}$/i", $filename))
{
$file_module_config->allow_outlink = 'Y';
break;
}
}
}
// Sites that outlink is allowed
if($file_module_config->allow_outlink != 'Y') {
if($file_module_config->allow_outlink != 'Y')
{
$referer = parse_url($_SERVER["HTTP_REFERER"]);
if($referer['host'] != $_SERVER['HTTP_HOST']) {
if($file_module_config->allow_outlink_site) {
if($referer['host'] != $_SERVER['HTTP_HOST'])
{
if($file_module_config->allow_outlink_site)
{
$allow_outlink_site_array = array();
$allow_outlink_site_array = explode("\n", $file_module_config->allow_outlink_site);
if(!is_array($allow_outlink_site_array)) $allow_outlink_site_array[0] = $file_module_config->allow_outlink_site;
foreach($allow_outlink_site_array as $val) {
foreach($allow_outlink_site_array as $val)
{
$site = parse_url(trim($val));
if($site['host'] == $referer['host']) {
if($site['host'] == $referer['host'])
{
$file_module_config->allow_outlink = 'Y';
break;
}
@ -208,11 +220,12 @@
if($value) $downloadGrantCount++;
}
if(is_array($file_module_config->download_grant) && $downloadGrantCount>0) {
if(is_array($file_module_config->download_grant) && $downloadGrantCount>0)
{
if(!Context::get('is_logged')) return $this->stop('msg_not_permitted_download');
$logged_info = Context::get('logged_info');
if($logged_info->is_admin != 'Y') {
if($logged_info->is_admin != 'Y')
{
$oModuleModel =& getModel('module');
$columnList = array('module_srl', 'site_srl');
$module_info = $oModuleModel->getModuleInfoByModuleSrl($file_obj->module_srl, $columnList);
@ -223,9 +236,11 @@
$member_groups = $oMemberModel->getMemberGroups($logged_info->member_srl, $module_info->site_srl);
$is_permitted = false;
for($i=0;$i<count($file_module_config->download_grant);$i++) {
for($i=0;$i<count($file_module_config->download_grant);$i++)
{
$group_srl = $file_module_config->download_grant[$i];
if($member_groups[$group_srl]) {
if($member_groups[$group_srl])
{
$is_permitted = true;
break;
}
@ -238,7 +253,8 @@
$output = ModuleHandler::triggerCall('file.downloadFile', 'before', $file_obj);
if(!$output->toBool()) return $this->stop(($output->message)?$output->message:'msg_not_permitted_download');
// File Output
if(strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) {
if(strstr($_SERVER['HTTP_USER_AGENT'], "MSIE"))
{
$filename = rawurlencode($filename);
$filename = preg_replace('/\./', '%2e', $filename, substr_count($filename, '.') - 1);
}
@ -259,10 +275,13 @@
header("Content-Transfer-Encoding: binary\n");
// if file size is lager than 10MB, use fread function (#18675748)
if (filesize($uploaded_filename) > 1024 * 1024) {
if(filesize($uploaded_filename) > 1024 * 1024)
{
while(!feof($fp)) echo fread($fp, 1024);
fclose($fp);
} else {
}
else
{
fpassthru($fp);
}
@ -281,8 +300,9 @@
* Delete an attachment from the editor
*
* @return Object
**/
function procFileDelete() {
*/
function procFileDelete()
{
// Basic variable setting(upload_target_srl and module_srl set)
$editor_sequence = Context::get('editor_sequence');
$file_srl = Context::get('file_srl');
@ -299,7 +319,8 @@
$srls = explode(',',$file_srl);
if(!count($srls)) return;
for($i=0;$i<count($srls);$i++) {
for($i=0;$i<count($srls);$i++)
{
$srl = (int)$srls[$i];
if(!$srl) continue;
@ -317,14 +338,13 @@
if($upload_target_srl && $file_srl) $output = $this->deleteFile($file_srl);
}
}
/**
* get file list
*
* @return Object
**/
*/
function procFileGetList()
{
if(!Context::get('is_logged')) return new Object(-1,'msg_not_permitted');
@ -332,7 +352,8 @@
if($fileSrls) $fileSrlList = explode(',', $fileSrls);
global $lang;
if(count($fileSrlList) > 0) {
if(count($fileSrlList) > 0)
{
$oFileModel = &getModel('file');
$fileList = $oFileModel->getFile($fileSrlList);
if(!is_array($fileList)) $fileList = array($fileList);
@ -360,8 +381,9 @@
*
* @param object $obj Trigger object
* @return Object
**/
function triggerCheckAttached(&$obj) {
*/
function triggerCheckAttached(&$obj)
{
$document_srl = $obj->document_srl;
if(!$document_srl) return new Object();
// Get numbers of attachments
@ -376,8 +398,9 @@
*
* @param object $obj Trigger object
* @return Object
**/
function triggerAttachFiles(&$obj) {
*/
function triggerAttachFiles(&$obj)
{
$document_srl = $obj->document_srl;
if(!$document_srl) return new Object();
@ -392,8 +415,9 @@
*
* @param object $obj Trigger object
* @return Object
**/
function triggerDeleteAttached(&$obj) {
*/
function triggerDeleteAttached(&$obj)
{
$document_srl = $obj->document_srl;
if(!$document_srl) return new Object();
@ -406,8 +430,9 @@
*
* @param object $obj Trigger object
* @return Object
**/
function triggerCommentCheckAttached(&$obj) {
*/
function triggerCommentCheckAttached(&$obj)
{
$comment_srl = $obj->comment_srl;
if(!$comment_srl) return new Object();
// Get numbers of attachments
@ -422,8 +447,9 @@
*
* @param object $obj Trigger object
* @return Object
**/
function triggerCommentAttachFiles(&$obj) {
*/
function triggerCommentAttachFiles(&$obj)
{
$comment_srl = $obj->comment_srl;
$uploaded_count = $obj->uploaded_count;
if(!$comment_srl || !$uploaded_count) return new Object();
@ -439,8 +465,9 @@
*
* @param object $obj Trigger object
* @return Object
**/
function triggerCommentDeleteAttached(&$obj) {
*/
function triggerCommentDeleteAttached(&$obj)
{
$comment_srl = $obj->comment_srl;
if(!$comment_srl) return new Object();
@ -453,8 +480,9 @@
*
* @param object $obj Trigger object
* @return Object
**/
function triggerDeleteModuleFiles(&$obj) {
*/
function triggerDeleteModuleFiles(&$obj)
{
$module_srl = $obj->module_srl;
if(!$module_srl) return new Object();
@ -468,8 +496,9 @@
* @param int $editor_sequence
* @param int $upload_target_srl
* @return void
**/
function setUploadInfo($editor_sequence, $upload_target_srl=0) {
*/
function setUploadInfo($editor_sequence, $upload_target_srl=0)
{
$_SESSION['upload_info'][$editor_sequence]->enabled = true;
$_SESSION['upload_info'][$editor_sequence]->upload_target_srl = $upload_target_srl;
}
@ -480,8 +509,9 @@
*
* @param int $upload_target_srl
* @return Object
**/
function setFilesValid($upload_target_srl) {
*/
function setFilesValid($upload_target_srl)
{
$args->upload_target_srl = $upload_target_srl;
return executeQuery('file.updateFileValid', $args);
}
@ -516,8 +546,9 @@
* @param int $download_count Initial download count
* @param bool $manual_insert If set true, pass validation check
* @return Object
**/
function insertFile($file_info, $module_srl, $upload_target_srl, $download_count = 0, $manual_insert = false) {
*/
function insertFile($file_info, $module_srl, $upload_target_srl, $download_count = 0, $manual_insert = false)
{
// Call a trigger (before)
$trigger_obj->module_srl = $module_srl;
$trigger_obj->upload_target_srl = $upload_target_srl;
@ -525,14 +556,17 @@
if(!$output->toBool()) return $output;
// A workaround for Firefox upload bug
if (preg_match('/^=\?UTF-8\?B\?(.+)\?=$/i', $file_info['name'], $match)) {
if(preg_match('/^=\?UTF-8\?B\?(.+)\?=$/i', $file_info['name'], $match))
{
$file_info['name'] = base64_decode(strtr($match[1], ':', '/'));
}
if(!$manual_insert) {
if(!$manual_insert)
{
// Get the file configurations
$logged_info = Context::get('logged_info');
if($logged_info->is_admin != 'Y') {
if($logged_info->is_admin != 'Y')
{
$oFileModel = &getModel('file');
$config = $oFileModel->getFileConfig($module_srl);
$allowed_filesize = $config->allowed_filesize * 1024 * 1024;
@ -548,7 +582,8 @@
}
// Set upload path by checking if the attachement is an image or other kinds of file
if(preg_match("/\.(jpe?g|gif|png|wm[va]|mpe?g|avi|swf|flv|mp[1-4]|as[fx]|wav|midi?|moo?v|qt|r[am]{1,2}|m4v)$/i", $file_info['name'])) {
if(preg_match("/\.(jpe?g|gif|png|wm[va]|mpe?g|avi|swf|flv|mp[1-4]|as[fx]|wav|midi?|moo?v|qt|r[am]{1,2}|m4v)$/i", $file_info['name']))
{
// Immediately remove the direct file if it has any kind of extensions for hacking
$file_info['name'] = preg_replace('/\.(php|phtm|html?|cgi|pl|exe|jsp|asp|inc)/i', '$0-x',$file_info['name']);
$file_info['name'] = str_replace(array('<','>'),array('%3C','%3E'),$file_info['name']);
@ -562,12 +597,15 @@
$_filename = md5(crypt(rand(1000000,900000), rand(0,100))).'.'.$ext;
$filename = $path.$_filename;
$idx = 1;
while(file_exists($filename)) {
while(file_exists($filename))
{
$filename = $path.preg_replace('/\.([a-z0-9]+)$/i','_'.$idx.'.$1',$_filename);
$idx++;
}
$direct_download = 'Y';
} else {
}
else
{
$path = sprintf("./files/attach/binaries/%s/%s", $module_srl, getNumberingPath($upload_target_srl,3));
$filename = $path.md5(crypt(rand(1000000,900000), rand(0,100)));
$direct_download = 'N';
@ -575,14 +613,19 @@
// Create a directory
if(!FileHandler::makeDir($path)) return new Object(-1,'msg_not_permitted_create');
// Move the file
if($manual_insert) {
if($manual_insert)
{
@copy($file_info['tmp_name'], $filename);
if(!file_exists($filename)) {
if(!file_exists($filename))
{
$filename = $path. md5(crypt(rand(1000000,900000).$file_info['name'])).'.'.$ext;
@copy($file_info['tmp_name'], $filename);
}
} else {
if(!@move_uploaded_file($file_info['tmp_name'], $filename)) {
}
else
{
if(!@move_uploaded_file($file_info['tmp_name'], $filename))
{
$filename = $path. md5(crypt(rand(1000000,900000).$file_info['name'])).'.'.$ext;
if(!@move_uploaded_file($file_info['tmp_name'], $filename)) return new Object(-1,'msg_file_upload_error');
}
@ -609,7 +652,6 @@
$trigger_output = ModuleHandler::triggerCall('file.insertFile', 'after', $args);
if(!$trigger_output->toBool()) return $trigger_output;
$_SESSION['__XE_UPLOADING_FILES_INFO__'][$args->file_srl] = true;
$output->add('file_srl', $args->file_srl);
@ -648,14 +690,16 @@
*
* @param int $file_srl Sequence of file to delete
* @return Object
**/
function deleteFile($file_srl) {
*/
function deleteFile($file_srl)
{
if(!$file_srl) return;
$srls = explode(',',$file_srl);
if(!count($srls)) return;
for($i=0;$i<count($srls);$i++) {
for($i=0;$i<count($srls);$i++)
{
$srl = (int)$srls[$i];
if(!$srl) continue;
@ -691,8 +735,9 @@
*
* @param int $upload_target_srl Upload target srl to delete files
* @return Object
**/
function deleteFiles($upload_target_srl) {
*/
function deleteFiles($upload_target_srl)
{
// Get a list of attachements
$oFileModel = &getModel('file');
$columnList = array('uploaded_filename', 'module_srl');
@ -706,7 +751,8 @@
// Delete the file
$path = array();
$file_count = count($file_list);
for($i=0;$i<$file_count;$i++) {
for($i=0;$i<$file_count;$i++)
{
$uploaded_filename = $file_list[$i]->uploaded_filename;
FileHandler::removeFile($uploaded_filename);
$module_srl = $file_list[$i]->module_srl;
@ -727,8 +773,9 @@
* @param int $target_module_srl New squence of module
* @param int $target_srl New sequence of target
* @return void
**/
function moveFile($source_srl, $target_module_srl, $target_srl) {
*/
function moveFile($source_srl, $target_module_srl, $target_srl)
{
if($source_srl == $target_srl) return;
$oFileModel = &getModel('file');
@ -737,16 +784,19 @@
$file_count = count($file_list);
for($i=0;$i<$file_count;$i++) {
for($i=0;$i<$file_count;$i++)
{
unset($file_info);
$file_info = $file_list[$i];
$old_file = $file_info->uploaded_filename;
// Determine the file path by checking if the file is an image or other kinds
if(preg_match("/\.(jpg|jpeg|gif|png|wmv|wma|mpg|mpeg|avi|swf|flv|mp1|mp2|mp3|mp4|asf|wav|asx|mid|midi|asf|mov|moov|qt|rm|ram|ra|rmm|m4v)$/i", $file_info->source_filename)) {
if(preg_match("/\.(jpg|jpeg|gif|png|wmv|wma|mpg|mpeg|avi|swf|flv|mp1|mp2|mp3|mp4|asf|wav|asx|mid|midi|asf|mov|moov|qt|rm|ram|ra|rmm|m4v)$/i", $file_info->source_filename))
{
$path = sprintf("./files/attach/images/%s/%s/", $target_module_srl,$target_srl);
$new_file = $path.$file_info->source_filename;
} else {
}
else
{
$path = sprintf("./files/attach/binaries/%s/%s/", $target_module_srl, $target_srl);
$new_file = $path.md5(crypt(rand(1000000,900000), rand(0,100)));
}
@ -773,8 +823,9 @@
* @param int $editor_sequence
* @param int $upload_target_srl
* @return void
**/
function printUploadedFileList($editor_sequence, $upload_target_srl) {
*/
function printUploadedFileList($editor_sequence, $upload_target_srl)
{
return;
}
@ -792,5 +843,6 @@
}
}
}
}
?>
}
/* End of file file.controller.php */
/* Location: ./modules/file/file.controller.php */

99
modules/file/file.model.php
View file

@ -1,15 +1,16 @@
<?php
/**
/**
* Model class of the file module
* @author NHN (developers@xpressengine.com)
**/
class fileModel extends file {
*/
class fileModel extends file
{
/**
* Initialization
* @return void
**/
function init() {
*/
function init()
{
}
/**
@ -19,8 +20,9 @@
* Attempt to replace with sever-side session if upload_target_srl is not yet determined
*
* @return void
**/
function getFileList() {
*/
function getFileList()
{
$oModuleModel = &getModel('module');
$mid = Context::get('mid');
@ -28,11 +30,13 @@
$upload_target_srl = Context::get('upload_target_srl');
if(!$upload_target_srl) $upload_target_srl = $_SESSION['upload_info'][$editor_sequence]->upload_target_srl;
if($upload_target_srl) {
if($upload_target_srl)
{
$tmp_files = $this->getFiles($upload_target_srl);
$file_count = count($tmp_files);
for($i=0;$i<$file_count;$i++) {
for($i=0;$i<$file_count;$i++)
{
$file_info = $tmp_files[$i];
if(!$file_info->file_srl) continue;
@ -47,7 +51,9 @@
$files[] = $obj;
$attached_size += $file_info->file_size;
}
} else {
}
else
{
$upload_target_srl = 0;
$attached_size = 0;
$files = array();
@ -72,8 +78,9 @@
*
* @param int $upload_target_srl The sequence to get a number of files
* @return int Returns a number of files
**/
function getFilesCount($upload_target_srl) {
*/
function getFilesCount($upload_target_srl)
{
$args->upload_target_srl = $upload_target_srl;
$output = executeQuery('file.getFilesCount', $args);
return (int)$output->data->count;
@ -85,8 +92,9 @@
* @param int $file_srl The sequence of file to get url
* @param string $sid
* @return string Returns a url
**/
function getDownloadUrl($file_srl, $sid) {
*/
function getDownloadUrl($file_srl, $sid)
{
return sprintf('?module=%s&amp;act=%s&amp;file_srl=%s&amp;sid=%s', 'file', 'procFileDownload', $file_srl, $sid);
}
@ -95,8 +103,9 @@
*
* @param int $module_srl If set this, returns specific module's configuration. Otherwise returns global configuration.
* @return object Returns configuration.
**/
function getFileConfig($module_srl = null) {
*/
function getFileConfig($module_srl = null)
{
// Get configurations (using module model object)
$oModuleModel = &getModel('module');
@ -105,7 +114,8 @@
if($module_srl) $file_config = $oModuleModel->getModulePartConfig('file',$module_srl);
if(!$file_config) $file_config = $file_module_config;
if($file_config) {
if($file_config)
{
$config->allowed_filesize = $file_config->allowed_filesize;
$config->allowed_attach_size = $file_config->allowed_attach_size;
$config->allowed_filetypes = $file_config->allowed_filetypes;
@ -138,8 +148,9 @@
* @param int $file_srl The sequence of file to get information
* @param array $columnList The list of columns to get from DB
* @return Object|object|array If error returns an instance of Object. If result set is one returns a object that contins file information. If result set is more than one returns array of object.
**/
function getFile($file_srl, $columnList = array()) {
*/
function getFile($file_srl, $columnList = array())
{
$args->file_srl = $file_srl;
$output = executeQueryArray('file.getFile', $args, $columnList);
if(!$output->toBool()) return $output;
@ -176,8 +187,9 @@
* @param array $columnList The list of columns to get from DB
* @param string $sortIndex The column that used as sort index
* @return array Returns array of object that contains file information. If no result returns null.
**/
function getFiles($upload_target_srl, $columnList = array(), $sortIndex = 'file_srl') {
*/
function getFiles($upload_target_srl, $columnList = array(), $sortIndex = 'file_srl')
{
$args->upload_target_srl = $upload_target_srl;
$args->sort_index = $sortIndex;
$output = executeQuery('file.getFiles', $args, $columnList);
@ -188,7 +200,8 @@
if($file_list && !is_array($file_list)) $file_list = array($file_list);
$file_count = count($file_list);
for($i=0;$i<$file_count;$i++) {
for($i=0;$i<$file_count;$i++)
{
$file = $file_list[$i];
$file->source_filename = stripslashes($file->source_filename);
$file->download_url = $this->getDownloadUrl($file->file_srl, $file->sid);
@ -202,17 +215,22 @@
* Return configurations of the attachement (it automatically checks if an administrator is)
*
* @return object Returns a file configuration of current module. If user is admin, returns PHP's max file size and allow all file types.
**/
function getUploadConfig() {
*/
function getUploadConfig()
{
$logged_info = Context::get('logged_info');
if($logged_info->is_admin == 'Y') {
if($logged_info->is_admin == 'Y')
{
$file_config->allowed_filesize = preg_replace("/[a-z]/is","",ini_get('upload_max_filesize'));
$file_config->allowed_attach_size = preg_replace("/[a-z]/is","",ini_get('upload_max_filesize'));
$file_config->allowed_filetypes = '*.*';
} else {
}
else
{
$module_srl = Context::get('module_srl');
// Get the current module if module_srl doesn't exist
if(!$module_srl) {
if(!$module_srl)
{
$current_module_info = Context::get('current_module_info');
$module_srl = $current_module_info->module_srl;
}
@ -226,8 +244,9 @@
*
* @param int $attached_size
* @return string
**/
function getUploadStatus($attached_size = 0) {
*/
function getUploadStatus($attached_size = 0)
{
$file_config = $this->getUploadConfig();
// Display upload status
$upload_status = sprintf(
@ -248,8 +267,9 @@
*
* @param int $module_srl The sequence of module to get configuration
* @return object
**/
function getFileModuleConfig($module_srl) {
*/
function getFileModuleConfig($module_srl)
{
return $this->getFileConfig($module_srl);
}
@ -260,10 +280,12 @@
* @param object $member_info The member information to get grant
* @return object Returns a grant of file
*/
function getFileGrant($file_info, $member_info){
if (!$file_info) return null;
function getFileGrant($file_info, $member_info)
{
if(!$file_info) return null;
if ($_SESSION['__XE_UPLOADING_FILES_INFO__'][$file_info->file_srl]) {
if($_SESSION['__XE_UPLOADING_FILES_INFO__'][$file_info->file_srl])
{
$file_grant->is_deletable = true;
return $file_grant;
}
@ -273,11 +295,12 @@
$oDocumentModel = &getModel('document');
$oDocument = $oDocumentModel->getDocument($file_info->upload_target_srl);
if ($oDocument->isExists()) $document_grant = $oDocument->isGranted();
if($oDocument->isExists()) $document_grant = $oDocument->isGranted();
$file_grant->is_deletable = ($document_grant || $member_info->is_admin == 'Y' || $member_info->member_srl == $file_info->member_srl || $grant->manager);
return $file_grant;
}
}
?>
}
/* End of file file.model.php */
/* Location: ./modules/file/file.model.php */

26
modules/file/file.view.php
View file

@ -1,15 +1,16 @@
<?php
/**
/**
* The view class file module
* @author NHN (developers@xpressengine.com)
**/
class fileView extends file {
*/
class fileView extends file
{
/**
* Initialization
* @return void
**/
function init() {
*/
function init()
{
}
/**
@ -18,12 +19,14 @@
*
* @param string $obj The html string of page of addition setup of module
* @return Object
**/
function triggerDispFileAdditionSetup(&$obj) {
*/
function triggerDispFileAdditionSetup(&$obj)
{
$current_module_srl = Context::get('module_srl');
$current_module_srls = Context::get('module_srls');
if(!$current_module_srl && !$current_module_srls) {
if(!$current_module_srl && !$current_module_srls)
{
// Get information of the current module
$current_module_info = Context::get('current_module_info');
$current_module_srl = $current_module_info->module_srl;
@ -45,5 +48,6 @@
return new Object();
}
}
?>
}
/* End of file file.view.php */
/* Location: ./modules/file/file.view.php */