4 * GForge Forum Attachments download Page
6 * Portions Copyright 1999-2001 (c) VA Linux Systems
7 * The rest Copyright 2002-2004 (c) GForge Team
12 * This file is part of GForge.
14 * GForge is free software; you can redistribute it and/or modify
15 * it under the terms of the GNU General Public License as published by
16 * the Free Software Foundation; either version 2 of the License, or
17 * (at your option) any later version.
19 * GForge is distributed in the hope that it will be useful,
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 * GNU General Public License for more details.
24 * You should have received a copy of the GNU General Public License
25 * along with GForge; if not, write to the Free Software
26 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
29 /* attachment download
30 by Daniel Perez - 2005
33 require_once('../env.inc.php');
34 require_once $gfwww.'include/pre.php';
35 require_once $gfwww.'forum/include/ForumHTML.class.php';
37 if (!session_loggedin()) {
42 * goodbye - Just prints a message and a close button.
44 * @param string The message.
47 function goodbye($msg) {
48 site_header(array('title'=>_('Attachments')));
49 html_feedback_top($msg);
50 echo '<p><p><center><form method="post"><input type="button" value="Close Window" onclick="window.close()"></form></center>';
53 /*echo "<center>" . $msg . "</center><p>";
54 die ('<center><form method="post"><input type="button" value="Close Window" onclick="window.close()"></form></center>');*/
59 $attachid = getIntFromRequest("attachid");
60 $delete = getStringFromRequest("delete");
61 $edit = getStringFromRequest("edit");
62 $doedit = getStringFromRequest("doedit");
63 $pending = getStringFromRequest("pending");
64 $msg_id = getIntFromRequest("msg_id");
65 $group_id = getIntFromRequest("group_id");
66 $forum_id = getIntFromRequest("forum_id");
68 if ( !($forum_id) || !($group_id) ) {
72 $g =& group_get_object($group_id);
73 if (!$g || !is_object($g) || $g->isError()) {
77 $f=new Forum($g,$forum_id);
78 if (!$f || !is_object($f)) {
79 exit_error(_('Error'),_('Error getting Forum'));
80 } elseif ($f->isError()) {
81 exit_error(_('Error'),$f->getErrorMessage());
84 if ($delete == "yes") {
85 if ( ! session_loggedin() ) {
86 exit_not_logged_in();//only logged users can delete attachments
88 //only the user that created the attach or forum admin can delete it (safecheck)
89 if (!$pending) { //pending messages aren't deleted from this page
90 $res = db_query_params ('SELECT userid FROM forum_attachment WHERE attachmentid=$1',
96 exit_error("Attachment Download error","DB Error");
98 if (! ((db_result($res,0,'userid') == user_getid()) || ($f->userIsAdmin())) ) {
99 goodbye(_('You cannot delete this attachment'));
102 if (db_query_params ('DELETE FROM forum_attachment where attachmentid=$1',
104 goodbye(_('Attachment deleted'));
106 exit_error(db_error());
114 if ( ! session_loggedin() ) {
115 exit_not_logged_in();//only logged users can edit attachments
117 //only the user that created the attach or forum admin can edit it (safecheck)
118 if (!$pending) { //pending messages aren't deleted from this page
119 $res = db_query_params ('SELECT filename FROM forum_attachment WHERE attachmentid=$1',
121 $res2 = db_query_params ('SELECT posted_by FROM forum WHERE msg_id=$1',
127 if ( (!$res) || (!$res2) ) {
128 exit_error("Attachment error","DB Error");
130 if (! ((db_result($res2,0,'posted_by') == user_getid()) || ($f->userIsAdmin())) ) {
131 goodbye(_('You cannot edit this attachment'));
134 //actually edit the attach and save the info
135 forum_header(array('title'=>_('Attachments')));
136 $am = new AttachManager();
137 $fm = new ForumMessage($f,$msg_id,false,false);
138 $am->SetForumMsg($fm);
139 $attach = getUploadedFile("attachment1");
141 //update existing one
142 $attachok = $am->attach($attach,$group_id,$attachid,$msg_id);
143 if ($attachok!=false) {
144 $fm->fetchData($msg_id);
145 $fm->sendAttachNotice($attachok);
149 $attachok = $am->attach($attach,$group_id,$attachid, $msg_id);
150 if ($attachok!=false) {
151 $fm->fetchData($msg_id);
152 $fm->sendAttachNotice($attachok);
155 foreach ($am->Getmessages() as $item) {
156 $feedback .= "<br />" . $item;
158 echo '<p><p><center><form method="post"><input type="button" value="'._("Close Window").'" onclick="window.close()"></form></center>';
159 forum_footer(array());
162 //show the form to edit the attach
163 forum_header(array('title'=>_('Attachments')));
164 $fh = new ForumHTML($f);
165 if (!$fh || !is_object($fh)) {
166 exit_error(_('Error'),_('Error getting new ForumHTML'));
167 } elseif ($fh->isError()) {
168 exit_error(_('Error'),$fh->getErrorMessage());
170 if (!db_result($res,0,'filename')) {
171 $filename = _("No attach found");
173 $filename = db_result($res,0,'filename');
175 echo $fh->LinkAttachEditForm($filename,$group_id,$forum_id,$attachid,$msg_id);
176 forum_footer(array());
183 //only if the forum is public, or else the user is admin or has view privileges can download the attachment
184 if ( ! ( ($f->userCanView()) || ($f->userIsAdmin()) || ($f->isPublic()) ) ) {
185 exit_permission_denied();
189 exit_missing_param();
192 if ($pending=="yes") {
193 $res = db_query_params ('SELECT * FROM forum_pending_attachment where attachmentid=$1',
196 $res = db_query_params ('SELECT * FROM forum_attachment where attachmentid=$1',
200 exit_error("Attachment Download error","DB Error");
202 $extension = substr(strrchr(strtolower(db_result($res,0,'filename')), '.'), 1);
205 goodbye(_('The Attachment does not exist'));
208 $last = gmdate('D, d M Y H:i:s', db_result($res,0,'dateline'));
209 header('X-Powered-By:');
210 header('Last-Modified: ' . $last . ' GMT');
211 header('ETag: "' . db_result($res,0,'attachmentid') . '"');
213 header('Content-disposition: attachment; filename="' . db_result($res,0,'filename') . '"');
214 header('Content-Length: ' . db_result($res,0,'filesize') );
217 $mimetype = db_result($res,0,'mimetype');
219 header('Content-type: '.$mimetype);
221 header('Content-type: application/octet-stream');
225 $filedata = base64_decode(db_result($res,0,'filedata'));
226 for ($i = 0; $i < strlen($filedata); $i = $i+100) {
227 $acum = substr($filedata, $i, 100);
232 //increase the attach count
233 if (!$pending) { //we don't care for the pending attach counter, it's just for administrative purposes
234 db_query_params ('UPDATE forum_attachment set counter=counter+1 where attachmentid=$1',
241 // c-file-style: "bsd"