3 * FusionForge Attachment manager class
5 * Copyright 1999-2001 (c) VA Linux Systems
6 * The rest Copyright 2002-2005 (c) GForge Team
7 * Copyright 2005, Daniel Perez
8 * Copyright (C) 2010-2011 Alain Peyrat - Alcatel-Lucent
9 * Copyright 2014, Franck Villaume - TrivialDev
10 * http://fusionforge.org/
12 * This file is part of FusionForge. FusionForge is free software;
13 * you can redistribute it and/or modify it under the terms of the
14 * GNU General Public License as published by the Free Software
15 * Foundation; either version 2 of the Licence, or (at your option)
18 * FusionForge is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
23 * You should have received a copy of the GNU General Public License along
24 * with FusionForge; if not, write to the Free Software Foundation, Inc.,
25 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
28 require_once $gfcommon.'forum/ForumStorage.class.php';
29 require_once $gfcommon.'forum/ForumPendingStorage.class.php';
31 class AttachManager extends FFError {
33 var $attachs = array(); //the attached files
34 var $msg_id; //the msg_id that links to the attachs
35 var $messages = array();
36 var $ForumMsg; // The Forum object
38 function Setmsgid($id) {
42 function Getmessages() {
43 return $this->messages;
47 * Function SetForumMsg
49 * Sets the forum message associated with the attachment
53 function SetForumMsg(&$ForumMsg) {
54 $this->ForumMsg =& $ForumMsg;
58 * Function GetAttachId
60 * Returns the attach id for the message id passed as a parameter or false if error
65 function GetAttachId($msg_id) {
66 $res = db_query_params ('SELECT attachmentid FROM forum_attachment WHERE msg_id=$1',
69 return db_result($res,0,0);
76 * Function PrintHelperFunctions
79 * @return string returns the javascript helper functions
82 function PrintHelperFunctions() {
83 return '<script type="text/javascript">/* <![CDATA[ */
85 function confirmDel() {
86 return confirm("Proceed with deletion? ");
89 function manageattachments(url,del) {
95 newwindow = window.open(url, \'Attach\', \'statusbar=no,menubar=no,toolbar=no,scrollbars=yes,resizable=yes,width=600,height=480\');
96 if (window.focus) {newwindow.focus()}
102 * PrintAttachLink - return the HTML code for attachment management
104 * @param object $msg The message.
105 * @param int $group_id The group id.
106 * @param int $forum_id The forum id.
108 * @return string returns link to attachment /delete if corresponding; else returns a message about no attachment found
110 function PrintAttachLink(&$msg, $group_id, $forum_id) {
112 //ask if the message has an attachment
113 $lmsg_id = $msg->getID();
114 if ($msg->isPending()) {
115 $res = db_query_params('SELECT attachmentid,filename,userid,counter FROM forum_pending_attachment where msg_id=$1',
117 $pend = "&pending=yes";
119 $res = db_query_params('SELECT attachmentid,filename,userid,counter FROM forum_attachment where msg_id=$1',
126 if ($res && db_numrows($res)) {
127 $attachid = db_result($res,0,'attachmentid');
131 <a href=\"javascript:manageattachments('".util_make_url("/forum/attachment.php?attachid=$attachid&group_id=$group_id&forum_id=$forum_id$pend")."','no');\">" . html_image('ic/attach.png', '', '') . db_result($res,0,'filename') . "</a> (" . db_result($res,0,'counter') . ") downloads";
132 $attach_userid = db_result($res,0,'userid');
134 $f = $msg->getForum();
135 if (!$f || !is_object($f)) {
136 exit_error(_('Could Not Get Forum Object'), 'forums');
138 if ( ((user_getid() == $attach_userid)
139 || (forge_check_perm ('forum_admin', $f->Group->getID())))
140 && (!$msg->isPending()) ) { //only permit the user who created the attach to delete it, or an admin
141 $attach .= " <a href=\"javascript:manageattachments('/forum/attachment.php?attachid=$attachid&group_id=$group_id&forum_id=$forum_id&msg_id=$lmsg_id&edit=yes','no');\">" . html_image('ic/attach_edit.png', '', '', array('alt'=>_("Edit"))) . "</a>";
142 $attach .= " <a href=\"javascript:manageattachments('/forum/attachment.php?attachid=$attachid&group_id=$group_id&forum_id=$forum_id&delete=yes','yes');\">" . html_image('ic/attach_delete.png', '', '', array('alt'=>_("Delete"))) . "</a>";
146 //add attach for existing message
147 $f = $msg->getForum();
148 if (!$f || !is_object($f)) {
149 exit_error(_('Could Not Get Forum Object'), 'forums');
152 if ( ((user_getid() == $msg->getPosterID())
153 || (forge_check_perm ('forum_admin', $f->Group->getID())))
154 && (!$msg->isPending()) ) { //only permit the user who created the message to insert an attach
155 $attach .= " <a href=\"javascript:manageattachments('".util_make_url ("/forum/attachment.php?attachid=0&group_id=$group_id&forum_id=$forum_id&msg_id=$lmsg_id&edit=yes")."','no');\">" . html_image('ic/attach_add.png', '', '', array('alt'=>_("Add"))) . "</a>";
164 * AddToDBOnly - DB Query Only - used for releasing pending messages
167 * @param string $dateline time format string
168 * @param string $filename
169 * @param string $filedata path to the file
170 * @param int $filesize
171 * @param int $visible
172 * @param string $filehash md5 of the content of the file
173 * @param string $mimetype mimetype of the file
174 * @return bool true / false on success
176 function AddToDBOnly($userid, $dateline, $filename, $filedata, $filesize, $visible, $filehash, $mimetype) {
177 $result=db_query_params ('SELECT max(msg_id) AS id FROM forum',
179 if (!$result || db_numrows($result) < 1) {
180 $this->messages[] = _('Could not get message id');
182 $this->msg_id = db_result($result, 0, 0);
183 $res = db_query_params('INSERT INTO forum_attachment (userid, dateline, filename, filedata, filesize, visible, msg_id , filehash, mimetype)
184 VALUES ($1 , $2, $3, $4, $5, $6, $7, $8, $9)',
196 if (is_file($filedata)) {
197 $id = db_insertid($res, 'forum_attachment', 'attachmentid');
198 if (ForumStorage::instance()->store($id, $filedata)) {
199 $this->messages[] = _('File uploaded');
202 ForumStorage::instance()->rollback();
204 $this->setError(ForumStorage::instance()->getErrorMessage());
205 $this->messages[] = _('File not uploaded');
209 $this->setError(_('Error Adding Attachment')._(': ')._('Not a file').' '.$filename);
210 $this->messages[] = _('File not uploaded');
216 $this->messages[] = _('File not uploaded');
223 * attach - saves the file in the DB
225 * @param int $attach The file to attach
226 * @param int $group_id The group.
227 * @param int $update Whether we are updating an existing attach (attachid to update or zero for new message (inserts using the hights msg id from forum table)
228 * @param int $msg_id msg id. if update is 0 and we pass a msg_id <> 0, then we are adding an attach for an existing msg
230 * @return int Attach id on success, false otherwise
233 function attach($attach, $group_id, $update = 0, $msg_id = 0) {
234 $attachment = trim($attach['tmp_name']);
235 $attachment_name = trim($attach['name']);
236 $attachment_size = trim($attach['size']);
237 $attachment_type = trim($attach['type']);
239 if ($attachment == 'none' || empty($attachment) || empty($attachment_name)) {
240 return false; //no point in continuing if there's no file
243 $attachment_name2 = strtolower($attachment_name);
244 $extension = substr(strrchr($attachment_name2, '.'), 1);
246 if ($extension == 'exe') {
248 $this->messages[] = _('Invalid Extension');
250 @unlink($attachment);
254 if (!is_uploaded_file($attachment) || !($filestuff = @file_get_contents($attachment)) ) {
255 $this->messages[] = _('Error')._(': ')._('problem with the attachment file uploaded into the server');
259 if (!session_loggedin()) {
262 $user_id = user_getid();
267 if ($this->ForumMsg->isPending()) {
269 //update the fileinfo
274 $this->msg_id = $msg_id;
276 $result = db_query_params('SELECT max(msg_id) AS id FROM forum_pending_messages',
278 if (!$result || db_numrows($result) < 1) {
279 $this->messages[] = _('Could not get message id');
280 @unlink($attachment);
283 $this->msg_id = db_result($result,0,0);
287 $res = db_query_params('INSERT INTO forum_pending_attachment (userid, dateline, filename, filedata, filesize, visible, msg_id , filehash, mimetype)
288 VALUES ($1 , $2, $3, $4, $5, 1, $6, $7, $8)',
298 if ($attachment_size) {
299 if (is_file($attachment)) {
300 $id = db_insertid($res,'forum_pending_attachment','attachmentid');
301 if (ForumPendingStorage::instance()->store($id, $attachment)) {
302 $this->messages[] = _('File uploaded');
306 ForumPendingStorage::instance()->rollback();
308 $this->setError(ForumPendingStorage::instance()->getErrorMessage());
309 $this->messages[] = _('File not uploaded');
313 $this->setError(_('Error Adding Attachment')._(': ')._('Not a file').' '.$attachment_name);
314 $this->messages[] = _('File not uploaded');
321 $this->messages[] = _('File not uploaded');
325 //update the fileinfo
327 if (db_query_params('UPDATE forum_attachment SET dateline = $1 , filedata = $2 ,
332 filesize = $6 where attachmentid=$7',
340 if ($attachment_size) {
341 if (is_file($attachment)) {
342 ForumStorage::instance()->delete($update)->commit();
343 ForumStorage::instance()->store($update, $attachment);
344 $this->messages[] = _('File uploaded');
345 $this->messages[] = _('File Updated Successfully');
349 $this->setError(_('Error Adding Attachment')._(': ')._('Not a file').' '.$attachment_name);
350 $this->messages[] = _('File not uploaded');
355 $this->messages[] = _('File uploaded');
360 $this->messages[] = _('File not uploaded');
365 $this->msg_id = $msg_id;
367 $result = db_query_params('SELECT max(msg_id) AS id FROM forum_messages',
369 if (!$result || db_numrows($result) < 1) {
370 $this->messages[] = _('Could not get message id');
371 @unlink($attachment);
374 $this->msg_id = db_result($result,0,0);
378 $res = db_query_params('INSERT INTO forum_attachment (userid, dateline, filename, filedata, filesize, visible, msg_id , filehash, mimetype)
379 VALUES ($1 , $2, $3, $4, $5, 1, $6, $7, $8)',
389 if ($attachment_size) {
390 if (is_file($attachment)) {
391 $id = db_insertid($res, 'forum_attachment', 'attachmentid');
392 if (ForumStorage::instance()->store($id, $attachment)) {
393 $this->messages[] = _('File uploaded');
397 ForumStorage::instance()->rollback();
399 $this->setError(ForumStorage::instance()->getErrorMessage());
400 $this->messages[] = _('File not uploaded');
404 $this->setError(_('Error Adding Attachment')._(': ')._('Not a file').' '.$attachment_name);
405 $this->messages[] = _('File not uploaded');
412 $this->messages[] = _('File not uploaded');
415 @unlink($attachment);
422 // c-file-style: "bsd"