|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
/** |
|
4
|
|
|
* This file handles the uploading and creation of attachments |
|
5
|
|
|
* as well as the auto management of the attachment directories. |
|
6
|
|
|
* |
|
7
|
|
|
* Simple Machines Forum (SMF) |
|
8
|
|
|
* |
|
9
|
|
|
* @package SMF |
|
10
|
|
|
* @author Simple Machines https://www.simplemachines.org |
|
11
|
|
|
* @copyright 2022 Simple Machines and individual contributors |
|
12
|
|
|
* @license https://www.simplemachines.org/about/smf/license.php BSD |
|
13
|
|
|
* |
|
14
|
|
|
* @version 2.1.2 |
|
15
|
|
|
*/ |
|
16
|
|
|
|
|
17
|
|
|
if (!defined('SMF')) |
|
18
|
|
|
die('No direct access...'); |
|
19
|
|
|
|
|
20
|
|
|
/** |
|
21
|
|
|
* Check if the current directory is still valid or not. |
|
22
|
|
|
* If not creates the new directory |
|
23
|
|
|
* |
|
24
|
|
|
* @return void|bool False if any error occurred |
|
25
|
|
|
*/ |
|
26
|
|
|
function automanage_attachments_check_directory() |
|
27
|
|
|
{ |
|
28
|
|
|
global $smcFunc, $boarddir, $modSettings, $context; |
|
29
|
|
|
|
|
30
|
|
|
// Not pretty, but since we don't want folders created for every post. It'll do unless a better solution can be found. |
|
31
|
|
|
if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'admin') |
|
32
|
|
|
$doit = true; |
|
33
|
|
|
elseif (empty($modSettings['automanage_attachments'])) |
|
34
|
|
|
return; |
|
35
|
|
|
elseif (!isset($_FILES)) |
|
36
|
|
|
return; |
|
37
|
|
|
elseif (isset($_FILES['attachment'])) |
|
38
|
|
|
foreach ($_FILES['attachment']['tmp_name'] as $dummy) |
|
39
|
|
|
if (!empty($dummy)) |
|
40
|
|
|
{ |
|
41
|
|
|
$doit = true; |
|
42
|
|
|
break; |
|
43
|
|
|
} |
|
44
|
|
|
|
|
45
|
|
|
if (!isset($doit)) |
|
46
|
|
|
return; |
|
47
|
|
|
|
|
48
|
|
|
$year = date('Y'); |
|
49
|
|
|
$month = date('m'); |
|
50
|
|
|
|
|
51
|
|
|
$rand = md5(mt_rand()); |
|
52
|
|
|
$rand1 = $rand[1]; |
|
53
|
|
|
$rand = $rand[0]; |
|
54
|
|
|
|
|
55
|
|
|
if (!empty($modSettings['attachment_basedirectories']) && !empty($modSettings['use_subdirectories_for_attachments'])) |
|
56
|
|
|
{ |
|
57
|
|
|
if (!is_array($modSettings['attachment_basedirectories'])) |
|
58
|
|
|
$modSettings['attachment_basedirectories'] = $smcFunc['json_decode']($modSettings['attachment_basedirectories'], true); |
|
59
|
|
|
$base_dir = array_search($modSettings['basedirectory_for_attachments'], $modSettings['attachment_basedirectories']); |
|
60
|
|
|
} |
|
61
|
|
|
else |
|
62
|
|
|
$base_dir = 0; |
|
63
|
|
|
|
|
64
|
|
|
if ($modSettings['automanage_attachments'] == 1) |
|
65
|
|
|
{ |
|
66
|
|
|
if (!isset($modSettings['last_attachments_directory'])) |
|
67
|
|
|
$modSettings['last_attachments_directory'] = array(); |
|
68
|
|
|
if (!is_array($modSettings['last_attachments_directory'])) |
|
69
|
|
|
$modSettings['last_attachments_directory'] = $smcFunc['json_decode']($modSettings['last_attachments_directory'], true); |
|
70
|
|
|
if (!isset($modSettings['last_attachments_directory'][$base_dir])) |
|
71
|
|
|
$modSettings['last_attachments_directory'][$base_dir] = 0; |
|
72
|
|
|
} |
|
73
|
|
|
|
|
74
|
|
|
$basedirectory = (!empty($modSettings['use_subdirectories_for_attachments']) ? ($modSettings['basedirectory_for_attachments']) : $boarddir); |
|
75
|
|
|
//Just to be sure: I don't want directory separators at the end |
|
76
|
|
|
$sep = (DIRECTORY_SEPARATOR === '\\') ? '\/' : DIRECTORY_SEPARATOR; |
|
77
|
|
|
$basedirectory = rtrim($basedirectory, $sep); |
|
78
|
|
|
|
|
79
|
|
|
switch ($modSettings['automanage_attachments']) |
|
80
|
|
|
{ |
|
81
|
|
|
case 1: |
|
82
|
|
|
$updir = $basedirectory . DIRECTORY_SEPARATOR . 'attachments_' . (isset($modSettings['last_attachments_directory'][$base_dir]) ? $modSettings['last_attachments_directory'][$base_dir] : 0); |
|
83
|
|
|
break; |
|
84
|
|
|
case 2: |
|
85
|
|
|
$updir = $basedirectory . DIRECTORY_SEPARATOR . $year; |
|
86
|
|
|
break; |
|
87
|
|
|
case 3: |
|
88
|
|
|
$updir = $basedirectory . DIRECTORY_SEPARATOR . $year . DIRECTORY_SEPARATOR . $month; |
|
89
|
|
|
break; |
|
90
|
|
|
case 4: |
|
91
|
|
|
$updir = $basedirectory . DIRECTORY_SEPARATOR . (empty($modSettings['use_subdirectories_for_attachments']) ? 'attachments-' : 'random_') . $rand; |
|
92
|
|
|
break; |
|
93
|
|
|
case 5: |
|
94
|
|
|
$updir = $basedirectory . DIRECTORY_SEPARATOR . (empty($modSettings['use_subdirectories_for_attachments']) ? 'attachments-' : 'random_') . $rand . DIRECTORY_SEPARATOR . $rand1; |
|
95
|
|
|
break; |
|
96
|
|
|
default : |
|
97
|
|
|
$updir = ''; |
|
98
|
|
|
} |
|
99
|
|
|
|
|
100
|
|
|
if (!is_array($modSettings['attachmentUploadDir'])) |
|
101
|
|
|
$modSettings['attachmentUploadDir'] = $smcFunc['json_decode']($modSettings['attachmentUploadDir'], true); |
|
102
|
|
|
if (!in_array($updir, $modSettings['attachmentUploadDir']) && !empty($updir)) |
|
103
|
|
|
$outputCreation = automanage_attachments_create_directory($updir); |
|
104
|
|
|
elseif (in_array($updir, $modSettings['attachmentUploadDir'])) |
|
105
|
|
|
$outputCreation = true; |
|
106
|
|
|
|
|
107
|
|
|
if ($outputCreation) |
|
|
|
|
|
|
108
|
|
|
{ |
|
109
|
|
|
$modSettings['currentAttachmentUploadDir'] = array_search($updir, $modSettings['attachmentUploadDir']); |
|
110
|
|
|
$context['attach_dir'] = $modSettings['attachmentUploadDir'][$modSettings['currentAttachmentUploadDir']]; |
|
111
|
|
|
|
|
112
|
|
|
updateSettings(array( |
|
113
|
|
|
'currentAttachmentUploadDir' => $modSettings['currentAttachmentUploadDir'], |
|
114
|
|
|
)); |
|
115
|
|
|
} |
|
116
|
|
|
|
|
117
|
|
|
return $outputCreation; |
|
118
|
|
|
} |
|
119
|
|
|
|
|
120
|
|
|
/** |
|
121
|
|
|
* Creates a directory |
|
122
|
|
|
* |
|
123
|
|
|
* @param string $updir The directory to be created |
|
124
|
|
|
* |
|
125
|
|
|
* @return bool False on errors |
|
126
|
|
|
*/ |
|
127
|
|
|
function automanage_attachments_create_directory($updir) |
|
128
|
|
|
{ |
|
129
|
|
|
global $smcFunc, $modSettings, $context, $boarddir; |
|
130
|
|
|
|
|
131
|
|
|
$tree = get_directory_tree_elements($updir); |
|
132
|
|
|
$count = count($tree); |
|
133
|
|
|
|
|
134
|
|
|
$directory = attachments_init_dir($tree, $count); |
|
135
|
|
|
if ($directory === false) |
|
136
|
|
|
{ |
|
137
|
|
|
// Maybe it's just the folder name |
|
138
|
|
|
$tree = get_directory_tree_elements($boarddir . DIRECTORY_SEPARATOR . $updir); |
|
139
|
|
|
$count = count($tree); |
|
140
|
|
|
|
|
141
|
|
|
$directory = attachments_init_dir($tree, $count); |
|
142
|
|
|
if ($directory === false) |
|
143
|
|
|
return false; |
|
144
|
|
|
} |
|
145
|
|
|
|
|
146
|
|
|
$directory .= DIRECTORY_SEPARATOR . array_shift($tree); |
|
147
|
|
|
|
|
148
|
|
|
while ($count != -1) |
|
149
|
|
|
{ |
|
150
|
|
|
if (is_path_allowed($directory) && !@is_dir($directory)) |
|
151
|
|
|
{ |
|
152
|
|
|
if (!@mkdir($directory, 0755)) |
|
153
|
|
|
{ |
|
154
|
|
|
$context['dir_creation_error'] = 'attachments_no_create'; |
|
155
|
|
|
return false; |
|
156
|
|
|
} |
|
157
|
|
|
} |
|
158
|
|
|
|
|
159
|
|
|
$directory .= DIRECTORY_SEPARATOR . array_shift($tree); |
|
160
|
|
|
$count--; |
|
161
|
|
|
} |
|
162
|
|
|
|
|
163
|
|
|
// Check if the dir is writable. |
|
164
|
|
|
if (!smf_chmod($directory)) |
|
165
|
|
|
{ |
|
166
|
|
|
$context['dir_creation_error'] = 'attachments_no_write'; |
|
167
|
|
|
return false; |
|
168
|
|
|
} |
|
169
|
|
|
|
|
170
|
|
|
// Everything seems fine...let's create the .htaccess |
|
171
|
|
|
if (!file_exists($directory . DIRECTORY_SEPARATOR . '.htaccess')) |
|
172
|
|
|
secureDirectory($updir, true); |
|
173
|
|
|
|
|
174
|
|
|
$sep = (DIRECTORY_SEPARATOR === '\\') ? '\/' : DIRECTORY_SEPARATOR; |
|
175
|
|
|
$updir = rtrim($updir, $sep); |
|
176
|
|
|
|
|
177
|
|
|
// Only update if it's a new directory |
|
178
|
|
|
if (!in_array($updir, $modSettings['attachmentUploadDir'])) |
|
179
|
|
|
{ |
|
180
|
|
|
$modSettings['currentAttachmentUploadDir'] = max(array_keys($modSettings['attachmentUploadDir'])) + 1; |
|
181
|
|
|
$modSettings['attachmentUploadDir'][$modSettings['currentAttachmentUploadDir']] = $updir; |
|
182
|
|
|
|
|
183
|
|
|
updateSettings(array( |
|
184
|
|
|
'attachmentUploadDir' => $smcFunc['json_encode']($modSettings['attachmentUploadDir']), |
|
185
|
|
|
'currentAttachmentUploadDir' => $modSettings['currentAttachmentUploadDir'], |
|
186
|
|
|
), true); |
|
187
|
|
|
$modSettings['attachmentUploadDir'] = $smcFunc['json_decode']($modSettings['attachmentUploadDir'], true); |
|
188
|
|
|
} |
|
189
|
|
|
|
|
190
|
|
|
$context['attach_dir'] = $modSettings['attachmentUploadDir'][$modSettings['currentAttachmentUploadDir']]; |
|
191
|
|
|
return true; |
|
192
|
|
|
} |
|
193
|
|
|
|
|
194
|
|
|
/** |
|
195
|
|
|
* Check if open_basedir restrictions are in effect. |
|
196
|
|
|
* If so check if the path is allowed. |
|
197
|
|
|
* |
|
198
|
|
|
* @param string $path The path to check |
|
199
|
|
|
* |
|
200
|
|
|
* @return bool True if the path is allowed, false otherwise. |
|
201
|
|
|
*/ |
|
202
|
|
|
function is_path_allowed($path) |
|
203
|
|
|
{ |
|
204
|
|
|
$open_basedir = ini_get('open_basedir'); |
|
205
|
|
|
|
|
206
|
|
|
if (empty($open_basedir)) |
|
207
|
|
|
return true; |
|
208
|
|
|
|
|
209
|
|
|
$restricted_paths = explode(PATH_SEPARATOR, $open_basedir); |
|
210
|
|
|
|
|
211
|
|
|
foreach ($restricted_paths as $restricted_path) |
|
212
|
|
|
{ |
|
213
|
|
|
if (mb_strpos($path, $restricted_path) === 0) |
|
214
|
|
|
return true; |
|
215
|
|
|
} |
|
216
|
|
|
|
|
217
|
|
|
return false; |
|
218
|
|
|
} |
|
219
|
|
|
|
|
220
|
|
|
/** |
|
221
|
|
|
* Called when a directory space limit is reached. |
|
222
|
|
|
* Creates a new directory and increments the directory suffix number. |
|
223
|
|
|
* |
|
224
|
|
|
* @return void|bool False on errors, true if successful, nothing if auto-management of attachments is disabled |
|
225
|
|
|
*/ |
|
226
|
|
|
function automanage_attachments_by_space() |
|
227
|
|
|
{ |
|
228
|
|
|
global $smcFunc, $modSettings, $boarddir; |
|
229
|
|
|
|
|
230
|
|
|
if (!isset($modSettings['automanage_attachments']) || (!empty($modSettings['automanage_attachments']) && $modSettings['automanage_attachments'] != 1)) |
|
231
|
|
|
return; |
|
232
|
|
|
|
|
233
|
|
|
$basedirectory = !empty($modSettings['use_subdirectories_for_attachments']) ? $modSettings['basedirectory_for_attachments'] : $boarddir; |
|
234
|
|
|
// Just to be sure: I don't want directory separators at the end |
|
235
|
|
|
$sep = (DIRECTORY_SEPARATOR === '\\') ? '\/' : DIRECTORY_SEPARATOR; |
|
236
|
|
|
$basedirectory = rtrim($basedirectory, $sep); |
|
237
|
|
|
|
|
238
|
|
|
// Get the current base directory |
|
239
|
|
|
if (!empty($modSettings['use_subdirectories_for_attachments']) && !empty($modSettings['attachment_basedirectories'])) |
|
240
|
|
|
{ |
|
241
|
|
|
$base_dir = array_search($modSettings['basedirectory_for_attachments'], $modSettings['attachment_basedirectories']); |
|
242
|
|
|
$base_dir = !empty($modSettings['automanage_attachments']) ? $base_dir : 0; |
|
243
|
|
|
} |
|
244
|
|
|
else |
|
245
|
|
|
$base_dir = 0; |
|
246
|
|
|
|
|
247
|
|
|
// Get the last attachment directory for that base directory |
|
248
|
|
|
if (empty($modSettings['last_attachments_directory'][$base_dir])) |
|
249
|
|
|
$modSettings['last_attachments_directory'][$base_dir] = 0; |
|
250
|
|
|
// And increment it. |
|
251
|
|
|
$modSettings['last_attachments_directory'][$base_dir]++; |
|
252
|
|
|
|
|
253
|
|
|
$updir = $basedirectory . DIRECTORY_SEPARATOR . 'attachments_' . $modSettings['last_attachments_directory'][$base_dir]; |
|
254
|
|
|
if (automanage_attachments_create_directory($updir)) |
|
255
|
|
|
{ |
|
256
|
|
|
$modSettings['currentAttachmentUploadDir'] = array_search($updir, $modSettings['attachmentUploadDir']); |
|
257
|
|
|
updateSettings(array( |
|
258
|
|
|
'last_attachments_directory' => $smcFunc['json_encode']($modSettings['last_attachments_directory']), |
|
259
|
|
|
'currentAttachmentUploadDir' => $modSettings['currentAttachmentUploadDir'], |
|
260
|
|
|
)); |
|
261
|
|
|
$modSettings['last_attachments_directory'] = $smcFunc['json_decode']($modSettings['last_attachments_directory'], true); |
|
262
|
|
|
|
|
263
|
|
|
return true; |
|
264
|
|
|
} |
|
265
|
|
|
else |
|
266
|
|
|
return false; |
|
267
|
|
|
} |
|
268
|
|
|
|
|
269
|
|
|
/** |
|
270
|
|
|
* Split a path into a list of all directories and subdirectories |
|
271
|
|
|
* |
|
272
|
|
|
* @param string $directory A path |
|
273
|
|
|
* |
|
274
|
|
|
* @return array|bool An array of all the directories and subdirectories or false on failure |
|
275
|
|
|
*/ |
|
276
|
|
|
function get_directory_tree_elements($directory) |
|
277
|
|
|
{ |
|
278
|
|
|
/* |
|
279
|
|
|
In Windows server both \ and / can be used as directory separators in paths |
|
280
|
|
|
In Linux (and presumably *nix) servers \ can be part of the name |
|
281
|
|
|
So for this reasons: |
|
282
|
|
|
* in Windows we need to explode for both \ and / |
|
283
|
|
|
* while in linux should be safe to explode only for / (aka DIRECTORY_SEPARATOR) |
|
284
|
|
|
*/ |
|
285
|
|
|
if (DIRECTORY_SEPARATOR === '\\') |
|
286
|
|
|
$tree = preg_split('#[\\\/]#', $directory); |
|
287
|
|
|
else |
|
288
|
|
|
{ |
|
289
|
|
|
if (substr($directory, 0, 1) != DIRECTORY_SEPARATOR) |
|
290
|
|
|
return false; |
|
291
|
|
|
|
|
292
|
|
|
$tree = explode(DIRECTORY_SEPARATOR, trim($directory, DIRECTORY_SEPARATOR)); |
|
293
|
|
|
} |
|
294
|
|
|
return $tree; |
|
295
|
|
|
} |
|
296
|
|
|
|
|
297
|
|
|
/** |
|
298
|
|
|
* Return the first part of a path (i.e. c:\ or / + the first directory), used by automanage_attachments_create_directory |
|
299
|
|
|
* |
|
300
|
|
|
* @param array $tree An array |
|
301
|
|
|
* @param int $count The number of elements in $tree |
|
302
|
|
|
* |
|
303
|
|
|
* @return string|bool The first part of the path or false on error |
|
304
|
|
|
*/ |
|
305
|
|
|
function attachments_init_dir(&$tree, &$count) |
|
306
|
|
|
{ |
|
307
|
|
|
$directory = ''; |
|
308
|
|
|
// If on Windows servers the first part of the path is the drive (e.g. "C:") |
|
309
|
|
|
if (DIRECTORY_SEPARATOR === '\\') |
|
310
|
|
|
{ |
|
311
|
|
|
//Better be sure that the first part of the path is actually a drive letter... |
|
312
|
|
|
//...even if, I should check this in the admin page...isn't it? |
|
313
|
|
|
//...NHAAA Let's leave space for users' complains! :P |
|
314
|
|
|
if (preg_match('/^[a-z]:$/i', $tree[0])) |
|
315
|
|
|
$directory = array_shift($tree); |
|
316
|
|
|
else |
|
317
|
|
|
return false; |
|
318
|
|
|
|
|
319
|
|
|
$count--; |
|
320
|
|
|
} |
|
321
|
|
|
return $directory; |
|
322
|
|
|
} |
|
323
|
|
|
|
|
324
|
|
|
/** |
|
325
|
|
|
* Moves an attachment to the proper directory and set the relevant data into $_SESSION['temp_attachments'] |
|
326
|
|
|
*/ |
|
327
|
|
|
function processAttachments() |
|
328
|
|
|
{ |
|
329
|
|
|
global $context, $modSettings, $smcFunc, $txt, $user_info; |
|
330
|
|
|
|
|
331
|
|
|
// Make sure we're uploading to the right place. |
|
332
|
|
|
if (!empty($modSettings['automanage_attachments'])) |
|
333
|
|
|
automanage_attachments_check_directory(); |
|
334
|
|
|
|
|
335
|
|
|
if (!is_array($modSettings['attachmentUploadDir'])) |
|
336
|
|
|
$modSettings['attachmentUploadDir'] = $smcFunc['json_decode']($modSettings['attachmentUploadDir'], true); |
|
337
|
|
|
|
|
338
|
|
|
$context['attach_dir'] = $modSettings['attachmentUploadDir'][$modSettings['currentAttachmentUploadDir']]; |
|
339
|
|
|
|
|
340
|
|
|
// Is the attachments folder actualy there? |
|
341
|
|
|
if (!empty($context['dir_creation_error'])) |
|
342
|
|
|
$initial_error = $context['dir_creation_error']; |
|
343
|
|
|
elseif (!is_dir($context['attach_dir'])) |
|
344
|
|
|
{ |
|
345
|
|
|
$initial_error = 'attach_folder_warning'; |
|
346
|
|
|
log_error(sprintf($txt['attach_folder_admin_warning'], $context['attach_dir']), 'critical'); |
|
347
|
|
|
} |
|
348
|
|
|
|
|
349
|
|
|
if (!isset($initial_error) && !isset($context['attachments'])) |
|
350
|
|
|
{ |
|
351
|
|
|
// If this isn't a new post, check the current attachments. |
|
352
|
|
|
if (isset($_REQUEST['msg'])) |
|
353
|
|
|
{ |
|
354
|
|
|
$request = $smcFunc['db_query']('', ' |
|
355
|
|
|
SELECT COUNT(*), SUM(size) |
|
356
|
|
|
FROM {db_prefix}attachments |
|
357
|
|
|
WHERE id_msg = {int:id_msg} |
|
358
|
|
|
AND attachment_type = {int:attachment_type}', |
|
359
|
|
|
array( |
|
360
|
|
|
'id_msg' => (int) $_REQUEST['msg'], |
|
361
|
|
|
'attachment_type' => 0, |
|
362
|
|
|
) |
|
363
|
|
|
); |
|
364
|
|
|
list ($context['attachments']['quantity'], $context['attachments']['total_size']) = $smcFunc['db_fetch_row']($request); |
|
365
|
|
|
$smcFunc['db_free_result']($request); |
|
366
|
|
|
} |
|
367
|
|
|
else |
|
368
|
|
|
$context['attachments'] = array( |
|
369
|
|
|
'quantity' => 0, |
|
370
|
|
|
'total_size' => 0, |
|
371
|
|
|
); |
|
372
|
|
|
} |
|
373
|
|
|
|
|
374
|
|
|
// Hmm. There are still files in session. |
|
375
|
|
|
$ignore_temp = false; |
|
376
|
|
|
if (!empty($_SESSION['temp_attachments']['post']['files']) && count($_SESSION['temp_attachments']) > 1) |
|
377
|
|
|
{ |
|
378
|
|
|
// Let's try to keep them. But... |
|
379
|
|
|
$ignore_temp = true; |
|
380
|
|
|
// If new files are being added. We can't ignore those |
|
381
|
|
|
foreach ($_FILES['attachment']['tmp_name'] as $dummy) |
|
382
|
|
|
if (!empty($dummy)) |
|
383
|
|
|
{ |
|
384
|
|
|
$ignore_temp = false; |
|
385
|
|
|
break; |
|
386
|
|
|
} |
|
387
|
|
|
|
|
388
|
|
|
// Need to make space for the new files. So, bye bye. |
|
389
|
|
|
if (!$ignore_temp) |
|
390
|
|
|
{ |
|
391
|
|
|
foreach ($_SESSION['temp_attachments'] as $attachID => $attachment) |
|
392
|
|
|
if (strpos($attachID, 'post_tmp_' . $user_info['id']) !== false) |
|
393
|
|
|
unlink($attachment['tmp_name']); |
|
394
|
|
|
|
|
395
|
|
|
$context['we_are_history'] = $txt['error_temp_attachments_flushed']; |
|
396
|
|
|
$_SESSION['temp_attachments'] = array(); |
|
397
|
|
|
} |
|
398
|
|
|
} |
|
399
|
|
|
|
|
400
|
|
|
if (!isset($_FILES['attachment']['name'])) |
|
401
|
|
|
$_FILES['attachment']['tmp_name'] = array(); |
|
402
|
|
|
|
|
403
|
|
|
if (!isset($_SESSION['temp_attachments'])) |
|
404
|
|
|
$_SESSION['temp_attachments'] = array(); |
|
405
|
|
|
|
|
406
|
|
|
// Remember where we are at. If it's anywhere at all. |
|
407
|
|
|
if (!$ignore_temp) |
|
408
|
|
|
$_SESSION['temp_attachments']['post'] = array( |
|
409
|
|
|
'msg' => !empty($_REQUEST['msg']) ? $_REQUEST['msg'] : 0, |
|
410
|
|
|
'last_msg' => !empty($_REQUEST['last_msg']) ? $_REQUEST['last_msg'] : 0, |
|
411
|
|
|
'topic' => !empty($topic) ? $topic : 0, |
|
|
|
|
|
|
412
|
|
|
'board' => !empty($board) ? $board : 0, |
|
|
|
|
|
|
413
|
|
|
); |
|
414
|
|
|
|
|
415
|
|
|
// If we have an initial error, lets just display it. |
|
416
|
|
|
if (!empty($initial_error)) |
|
417
|
|
|
{ |
|
418
|
|
|
$_SESSION['temp_attachments']['initial_error'] = $initial_error; |
|
419
|
|
|
|
|
420
|
|
|
// And delete the files 'cos they ain't going nowhere. |
|
421
|
|
|
foreach ($_FILES['attachment']['tmp_name'] as $n => $dummy) |
|
422
|
|
|
if (file_exists($_FILES['attachment']['tmp_name'][$n])) |
|
423
|
|
|
unlink($_FILES['attachment']['tmp_name'][$n]); |
|
424
|
|
|
|
|
425
|
|
|
$_FILES['attachment']['tmp_name'] = array(); |
|
426
|
|
|
} |
|
427
|
|
|
|
|
428
|
|
|
// Loop through $_FILES['attachment'] array and move each file to the current attachments folder. |
|
429
|
|
|
foreach ($_FILES['attachment']['tmp_name'] as $n => $dummy) |
|
430
|
|
|
{ |
|
431
|
|
|
if ($_FILES['attachment']['name'][$n] == '') |
|
432
|
|
|
continue; |
|
433
|
|
|
|
|
434
|
|
|
// First, let's first check for PHP upload errors. |
|
435
|
|
|
$errors = array(); |
|
436
|
|
|
if (!empty($_FILES['attachment']['error'][$n])) |
|
437
|
|
|
{ |
|
438
|
|
|
if ($_FILES['attachment']['error'][$n] == 2) |
|
439
|
|
|
$errors[] = array('file_too_big', array($modSettings['attachmentSizeLimit'])); |
|
440
|
|
|
elseif ($_FILES['attachment']['error'][$n] == 6) |
|
441
|
|
|
log_error($_FILES['attachment']['name'][$n] . ': ' . $txt['php_upload_error_6'], 'critical'); |
|
442
|
|
|
else |
|
443
|
|
|
log_error($_FILES['attachment']['name'][$n] . ': ' . $txt['php_upload_error_' . $_FILES['attachment']['error'][$n]]); |
|
444
|
|
|
if (empty($errors)) |
|
445
|
|
|
$errors[] = 'attach_php_error'; |
|
446
|
|
|
} |
|
447
|
|
|
|
|
448
|
|
|
// Try to move and rename the file before doing any more checks on it. |
|
449
|
|
|
$attachID = 'post_tmp_' . $user_info['id'] . '_' . md5(mt_rand()); |
|
450
|
|
|
$destName = $context['attach_dir'] . '/' . $attachID; |
|
451
|
|
|
if (empty($errors)) |
|
452
|
|
|
{ |
|
453
|
|
|
// The reported MIME type of the attachment might not be reliable. |
|
454
|
|
|
$detected_mime_type = get_mime_type($_FILES['attachment']['tmp_name'][$n], true); |
|
|
|
|
|
|
455
|
|
|
if ($detected_mime_type !== false) |
|
456
|
|
|
$_FILES['attachment']['type'][$n] = $detected_mime_type; |
|
457
|
|
|
|
|
458
|
|
|
$_SESSION['temp_attachments'][$attachID] = array( |
|
459
|
|
|
'name' => $smcFunc['htmlspecialchars'](basename($_FILES['attachment']['name'][$n])), |
|
460
|
|
|
'tmp_name' => $destName, |
|
461
|
|
|
'size' => $_FILES['attachment']['size'][$n], |
|
462
|
|
|
'type' => $_FILES['attachment']['type'][$n], |
|
463
|
|
|
'id_folder' => $modSettings['currentAttachmentUploadDir'], |
|
464
|
|
|
'errors' => array(), |
|
465
|
|
|
); |
|
466
|
|
|
|
|
467
|
|
|
// Move the file to the attachments folder with a temp name for now. |
|
468
|
|
|
if (@move_uploaded_file($_FILES['attachment']['tmp_name'][$n], $destName)) |
|
469
|
|
|
smf_chmod($destName, 0644); |
|
470
|
|
|
else |
|
471
|
|
|
{ |
|
472
|
|
|
$_SESSION['temp_attachments'][$attachID]['errors'][] = 'attach_timeout'; |
|
473
|
|
|
if (file_exists($_FILES['attachment']['tmp_name'][$n])) |
|
474
|
|
|
unlink($_FILES['attachment']['tmp_name'][$n]); |
|
475
|
|
|
} |
|
476
|
|
|
} |
|
477
|
|
|
else |
|
478
|
|
|
{ |
|
479
|
|
|
$_SESSION['temp_attachments'][$attachID] = array( |
|
480
|
|
|
'name' => $smcFunc['htmlspecialchars'](basename($_FILES['attachment']['name'][$n])), |
|
481
|
|
|
'tmp_name' => $destName, |
|
482
|
|
|
'errors' => $errors, |
|
483
|
|
|
); |
|
484
|
|
|
|
|
485
|
|
|
if (file_exists($_FILES['attachment']['tmp_name'][$n])) |
|
486
|
|
|
unlink($_FILES['attachment']['tmp_name'][$n]); |
|
487
|
|
|
} |
|
488
|
|
|
// If there's no errors to this point. We still do need to apply some additional checks before we are finished. |
|
489
|
|
|
if (empty($_SESSION['temp_attachments'][$attachID]['errors'])) |
|
490
|
|
|
attachmentChecks($attachID); |
|
|
|
|
|
|
491
|
|
|
} |
|
492
|
|
|
// Mod authors, finally a hook to hang an alternate attachment upload system upon |
|
493
|
|
|
// Upload to the current attachment folder with the file name $attachID or 'post_tmp_' . $user_info['id'] . '_' . md5(mt_rand()) |
|
494
|
|
|
// Populate $_SESSION['temp_attachments'][$attachID] with the following: |
|
495
|
|
|
// name => The file name |
|
496
|
|
|
// tmp_name => Path to the temp file ($context['attach_dir'] . '/' . $attachID). |
|
497
|
|
|
// size => File size (required). |
|
498
|
|
|
// type => MIME type (optional if not available on upload). |
|
499
|
|
|
// id_folder => $modSettings['currentAttachmentUploadDir'] |
|
500
|
|
|
// errors => An array of errors (use the index of the $txt variable for that error). |
|
501
|
|
|
// Template changes can be done using "integrate_upload_template". |
|
502
|
|
|
call_integration_hook('integrate_attachment_upload', array()); |
|
503
|
|
|
} |
|
504
|
|
|
|
|
505
|
|
|
/** |
|
506
|
|
|
* Performs various checks on an uploaded file. |
|
507
|
|
|
* - Requires that $_SESSION['temp_attachments'][$attachID] be properly populated. |
|
508
|
|
|
* |
|
509
|
|
|
* @param int $attachID The ID of the attachment |
|
510
|
|
|
* @return bool Whether the attachment is OK |
|
511
|
|
|
*/ |
|
512
|
|
|
function attachmentChecks($attachID) |
|
513
|
|
|
{ |
|
514
|
|
|
global $modSettings, $context, $sourcedir, $smcFunc; |
|
515
|
|
|
|
|
516
|
|
|
// No data or missing data .... Not necessarily needed, but in case a mod author missed something. |
|
517
|
|
|
if (empty($_SESSION['temp_attachments'][$attachID])) |
|
518
|
|
|
$error = '$_SESSION[\'temp_attachments\'][$attachID]'; |
|
519
|
|
|
|
|
520
|
|
|
elseif (empty($attachID)) |
|
521
|
|
|
$error = '$attachID'; |
|
522
|
|
|
|
|
523
|
|
|
elseif (empty($context['attachments'])) |
|
524
|
|
|
$error = '$context[\'attachments\']'; |
|
525
|
|
|
|
|
526
|
|
|
elseif (empty($context['attach_dir'])) |
|
527
|
|
|
$error = '$context[\'attach_dir\']'; |
|
528
|
|
|
|
|
529
|
|
|
// Let's get their attention. |
|
530
|
|
|
if (!empty($error)) |
|
531
|
|
|
fatal_lang_error('attach_check_nag', 'debug', array($error)); |
|
532
|
|
|
|
|
533
|
|
|
// Just in case this slipped by the first checks, we stop it here and now |
|
534
|
|
|
if ($_SESSION['temp_attachments'][$attachID]['size'] == 0) |
|
535
|
|
|
{ |
|
536
|
|
|
$_SESSION['temp_attachments'][$attachID]['errors'][] = 'attach_0_byte_file'; |
|
537
|
|
|
return false; |
|
538
|
|
|
} |
|
539
|
|
|
|
|
540
|
|
|
// First, the dreaded security check. Sorry folks, but this shouldn't be avoided. |
|
541
|
|
|
$size = @getimagesize($_SESSION['temp_attachments'][$attachID]['tmp_name']); |
|
542
|
|
|
if (is_array($size) && isset($size[2], $context['valid_image_types'][$size[2]])) |
|
543
|
|
|
{ |
|
544
|
|
|
require_once($sourcedir . '/Subs-Graphics.php'); |
|
545
|
|
|
if (!checkImageContents($_SESSION['temp_attachments'][$attachID]['tmp_name'], !empty($modSettings['attachment_image_paranoid']))) |
|
546
|
|
|
{ |
|
547
|
|
|
// It's bad. Last chance, maybe we can re-encode it? |
|
548
|
|
|
if (empty($modSettings['attachment_image_reencode']) || (!reencodeImage($_SESSION['temp_attachments'][$attachID]['tmp_name'], $size[2]))) |
|
549
|
|
|
{ |
|
550
|
|
|
// Nothing to do: not allowed or not successful re-encoding it. |
|
551
|
|
|
$_SESSION['temp_attachments'][$attachID]['errors'][] = 'bad_attachment'; |
|
552
|
|
|
return false; |
|
553
|
|
|
} |
|
554
|
|
|
// Success! However, successes usually come for a price: |
|
555
|
|
|
// we might get a new format for our image... |
|
556
|
|
|
$old_format = $size[2]; |
|
557
|
|
|
$size = @getimagesize($_SESSION['temp_attachments'][$attachID]['tmp_name']); |
|
558
|
|
|
if (!(empty($size)) && ($size[2] != $old_format)) |
|
559
|
|
|
$_SESSION['temp_attachments'][$attachID]['type'] = 'image/' . $context['valid_image_types'][$size[2]]; |
|
560
|
|
|
} |
|
561
|
|
|
} |
|
562
|
|
|
|
|
563
|
|
|
// Is there room for this sucker? |
|
564
|
|
|
if (!empty($modSettings['attachmentDirSizeLimit']) || !empty($modSettings['attachmentDirFileLimit'])) |
|
565
|
|
|
{ |
|
566
|
|
|
// Check the folder size and count. If it hasn't been done already. |
|
567
|
|
|
if (empty($context['dir_size']) || empty($context['dir_files'])) |
|
568
|
|
|
{ |
|
569
|
|
|
$request = $smcFunc['db_query']('', ' |
|
570
|
|
|
SELECT COUNT(*), SUM(size) |
|
571
|
|
|
FROM {db_prefix}attachments |
|
572
|
|
|
WHERE id_folder = {int:folder_id} |
|
573
|
|
|
AND attachment_type != {int:type}', |
|
574
|
|
|
array( |
|
575
|
|
|
'folder_id' => $modSettings['currentAttachmentUploadDir'], |
|
576
|
|
|
'type' => 1, |
|
577
|
|
|
) |
|
578
|
|
|
); |
|
579
|
|
|
list ($context['dir_files'], $context['dir_size']) = $smcFunc['db_fetch_row']($request); |
|
580
|
|
|
$smcFunc['db_free_result']($request); |
|
581
|
|
|
} |
|
582
|
|
|
$context['dir_size'] += $_SESSION['temp_attachments'][$attachID]['size']; |
|
583
|
|
|
$context['dir_files']++; |
|
584
|
|
|
|
|
585
|
|
|
// Are we about to run out of room? Let's notify the admin then. |
|
586
|
|
|
if (empty($modSettings['attachment_full_notified']) && !empty($modSettings['attachmentDirSizeLimit']) && $modSettings['attachmentDirSizeLimit'] > 4000 && $context['dir_size'] > ($modSettings['attachmentDirSizeLimit'] - 2000) * 1024 |
|
|
|
|
|
|
587
|
|
|
|| (!empty($modSettings['attachmentDirFileLimit']) && $modSettings['attachmentDirFileLimit'] * .95 < $context['dir_files'] && $modSettings['attachmentDirFileLimit'] > 500)) |
|
588
|
|
|
{ |
|
589
|
|
|
require_once($sourcedir . '/Subs-Admin.php'); |
|
590
|
|
|
emailAdmins('admin_attachments_full'); |
|
591
|
|
|
updateSettings(array('attachment_full_notified' => 1)); |
|
592
|
|
|
} |
|
593
|
|
|
|
|
594
|
|
|
// // No room left.... What to do now??? |
|
595
|
|
|
if (!empty($modSettings['attachmentDirFileLimit']) && $context['dir_files'] > $modSettings['attachmentDirFileLimit'] |
|
|
|
|
|
|
596
|
|
|
|| (!empty($modSettings['attachmentDirSizeLimit']) && $context['dir_size'] > $modSettings['attachmentDirSizeLimit'] * 1024)) |
|
597
|
|
|
{ |
|
598
|
|
|
if (!empty($modSettings['automanage_attachments']) && $modSettings['automanage_attachments'] == 1) |
|
599
|
|
|
{ |
|
600
|
|
|
// Move it to the new folder if we can. |
|
601
|
|
|
if (automanage_attachments_by_space()) |
|
602
|
|
|
{ |
|
603
|
|
|
rename($_SESSION['temp_attachments'][$attachID]['tmp_name'], $context['attach_dir'] . '/' . $attachID); |
|
604
|
|
|
$_SESSION['temp_attachments'][$attachID]['tmp_name'] = $context['attach_dir'] . '/' . $attachID; |
|
605
|
|
|
$_SESSION['temp_attachments'][$attachID]['id_folder'] = $modSettings['currentAttachmentUploadDir']; |
|
606
|
|
|
$context['dir_size'] = 0; |
|
607
|
|
|
$context['dir_files'] = 0; |
|
608
|
|
|
} |
|
609
|
|
|
// Or, let the user know that it ain't gonna happen. |
|
610
|
|
|
else |
|
611
|
|
|
{ |
|
612
|
|
|
if (isset($context['dir_creation_error'])) |
|
613
|
|
|
$_SESSION['temp_attachments'][$attachID]['errors'][] = $context['dir_creation_error']; |
|
614
|
|
|
else |
|
615
|
|
|
$_SESSION['temp_attachments'][$attachID]['errors'][] = 'ran_out_of_space'; |
|
616
|
|
|
} |
|
617
|
|
|
} |
|
618
|
|
|
else |
|
619
|
|
|
$_SESSION['temp_attachments'][$attachID]['errors'][] = 'ran_out_of_space'; |
|
620
|
|
|
} |
|
621
|
|
|
} |
|
622
|
|
|
|
|
623
|
|
|
// Is the file too big? |
|
624
|
|
|
$context['attachments']['total_size'] += $_SESSION['temp_attachments'][$attachID]['size']; |
|
625
|
|
|
if (!empty($modSettings['attachmentSizeLimit']) && $_SESSION['temp_attachments'][$attachID]['size'] > $modSettings['attachmentSizeLimit'] * 1024) |
|
626
|
|
|
$_SESSION['temp_attachments'][$attachID]['errors'][] = array('file_too_big', array(comma_format($modSettings['attachmentSizeLimit'], 0))); |
|
627
|
|
|
|
|
628
|
|
|
// Check the total upload size for this post... |
|
629
|
|
|
if (!empty($modSettings['attachmentPostLimit']) && $context['attachments']['total_size'] > $modSettings['attachmentPostLimit'] * 1024) |
|
630
|
|
|
$_SESSION['temp_attachments'][$attachID]['errors'][] = array('attach_max_total_file_size', array(comma_format($modSettings['attachmentPostLimit'], 0), comma_format($modSettings['attachmentPostLimit'] - (($context['attachments']['total_size'] - $_SESSION['temp_attachments'][$attachID]['size']) / 1024), 0))); |
|
631
|
|
|
|
|
632
|
|
|
// Have we reached the maximum number of files we are allowed? |
|
633
|
|
|
$context['attachments']['quantity']++; |
|
634
|
|
|
|
|
635
|
|
|
// Set a max limit if none exists |
|
636
|
|
|
if (empty($modSettings['attachmentNumPerPostLimit']) && $context['attachments']['quantity'] >= 50) |
|
637
|
|
|
$modSettings['attachmentNumPerPostLimit'] = 50; |
|
638
|
|
|
|
|
639
|
|
|
if (!empty($modSettings['attachmentNumPerPostLimit']) && $context['attachments']['quantity'] > $modSettings['attachmentNumPerPostLimit']) |
|
640
|
|
|
$_SESSION['temp_attachments'][$attachID]['errors'][] = array('attachments_limit_per_post', array($modSettings['attachmentNumPerPostLimit'])); |
|
641
|
|
|
|
|
642
|
|
|
// File extension check |
|
643
|
|
|
if (!empty($modSettings['attachmentCheckExtensions'])) |
|
644
|
|
|
{ |
|
645
|
|
|
$allowed = explode(',', strtolower($modSettings['attachmentExtensions'])); |
|
646
|
|
|
foreach ($allowed as $k => $dummy) |
|
647
|
|
|
$allowed[$k] = trim($dummy); |
|
648
|
|
|
|
|
649
|
|
|
if (!in_array(strtolower(substr(strrchr($_SESSION['temp_attachments'][$attachID]['name'], '.'), 1)), $allowed)) |
|
650
|
|
|
{ |
|
651
|
|
|
$allowed_extensions = strtr(strtolower($modSettings['attachmentExtensions']), array(',' => ', ')); |
|
652
|
|
|
$_SESSION['temp_attachments'][$attachID]['errors'][] = array('cant_upload_type', array($allowed_extensions)); |
|
653
|
|
|
} |
|
654
|
|
|
} |
|
655
|
|
|
|
|
656
|
|
|
// Undo the math if there's an error |
|
657
|
|
|
if (!empty($_SESSION['temp_attachments'][$attachID]['errors'])) |
|
658
|
|
|
{ |
|
659
|
|
|
if (isset($context['dir_size'])) |
|
660
|
|
|
$context['dir_size'] -= $_SESSION['temp_attachments'][$attachID]['size']; |
|
661
|
|
|
if (isset($context['dir_files'])) |
|
662
|
|
|
$context['dir_files']--; |
|
663
|
|
|
$context['attachments']['total_size'] -= $_SESSION['temp_attachments'][$attachID]['size']; |
|
664
|
|
|
$context['attachments']['quantity']--; |
|
665
|
|
|
return false; |
|
666
|
|
|
} |
|
667
|
|
|
|
|
668
|
|
|
return true; |
|
669
|
|
|
} |
|
670
|
|
|
|
|
671
|
|
|
/** |
|
672
|
|
|
* Create an attachment, with the given array of parameters. |
|
673
|
|
|
* - Adds any additional or missing parameters to $attachmentOptions. |
|
674
|
|
|
* - Renames the temporary file. |
|
675
|
|
|
* - Creates a thumbnail if the file is an image and the option enabled. |
|
676
|
|
|
* |
|
677
|
|
|
* @param array $attachmentOptions An array of attachment options |
|
678
|
|
|
* @return bool Whether the attachment was created successfully |
|
679
|
|
|
*/ |
|
680
|
|
|
function createAttachment(&$attachmentOptions) |
|
681
|
|
|
{ |
|
682
|
|
|
global $modSettings, $sourcedir, $smcFunc, $context, $txt; |
|
683
|
|
|
|
|
684
|
|
|
require_once($sourcedir . '/Subs-Graphics.php'); |
|
685
|
|
|
|
|
686
|
|
|
// If this is an image we need to set a few additional parameters. |
|
687
|
|
|
$size = @getimagesize($attachmentOptions['tmp_name']); |
|
688
|
|
|
list ($attachmentOptions['width'], $attachmentOptions['height']) = $size; |
|
689
|
|
|
|
|
690
|
|
|
if (function_exists('exif_read_data') && ($exif_data = @exif_read_data($attachmentOptions['tmp_name'])) !== false && !empty($exif_data['Orientation'])) |
|
691
|
|
|
if (in_array($exif_data['Orientation'], [5, 6, 7, 8])) |
|
692
|
|
|
{ |
|
693
|
|
|
$new_width = $attachmentOptions['height']; |
|
694
|
|
|
$new_height = $attachmentOptions['width']; |
|
695
|
|
|
$attachmentOptions['width'] = $new_width; |
|
696
|
|
|
$attachmentOptions['height'] = $new_height; |
|
697
|
|
|
} |
|
698
|
|
|
|
|
699
|
|
|
// If it's an image get the mime type right. |
|
700
|
|
|
if (empty($attachmentOptions['mime_type']) && $attachmentOptions['width']) |
|
701
|
|
|
{ |
|
702
|
|
|
// Got a proper mime type? |
|
703
|
|
|
if (!empty($size['mime'])) |
|
704
|
|
|
$attachmentOptions['mime_type'] = $size['mime']; |
|
705
|
|
|
|
|
706
|
|
|
// Otherwise a valid one? |
|
707
|
|
|
elseif (isset($context['valid_image_types'][$size[2]])) |
|
708
|
|
|
$attachmentOptions['mime_type'] = 'image/' . $context['valid_image_types'][$size[2]]; |
|
709
|
|
|
} |
|
710
|
|
|
|
|
711
|
|
|
// It is possible we might have a MIME type that isn't actually an image but still have a size. |
|
712
|
|
|
// For example, Shockwave files will be able to return size but be 'application/shockwave' or similar. |
|
713
|
|
|
if (!empty($attachmentOptions['mime_type']) && strpos($attachmentOptions['mime_type'], 'image/') !== 0) |
|
714
|
|
|
{ |
|
715
|
|
|
$attachmentOptions['width'] = 0; |
|
716
|
|
|
$attachmentOptions['height'] = 0; |
|
717
|
|
|
} |
|
718
|
|
|
|
|
719
|
|
|
// Get the hash if no hash has been given yet. |
|
720
|
|
|
if (empty($attachmentOptions['file_hash'])) |
|
721
|
|
|
$attachmentOptions['file_hash'] = getAttachmentFilename($attachmentOptions['name'], false, null, true); |
|
|
|
|
|
|
722
|
|
|
|
|
723
|
|
|
// Assuming no-one set the extension let's take a look at it. |
|
724
|
|
|
if (empty($attachmentOptions['fileext'])) |
|
725
|
|
|
{ |
|
726
|
|
|
$attachmentOptions['fileext'] = strtolower(strrpos($attachmentOptions['name'], '.') !== false ? substr($attachmentOptions['name'], strrpos($attachmentOptions['name'], '.') + 1) : ''); |
|
727
|
|
|
if (strlen($attachmentOptions['fileext']) > 8 || '.' . $attachmentOptions['fileext'] == $attachmentOptions['name']) |
|
728
|
|
|
$attachmentOptions['fileext'] = ''; |
|
729
|
|
|
} |
|
730
|
|
|
|
|
731
|
|
|
// This defines which options to use for which columns in the insert query. |
|
732
|
|
|
// Mods using the hook can add columns and even change the properties of existing columns, |
|
733
|
|
|
// but if they delete one of these columns, it will be reset to the default defined here. |
|
734
|
|
|
$attachmentStandardInserts = $attachmentInserts = array( |
|
735
|
|
|
// Format: 'column' => array('type', 'option') |
|
736
|
|
|
'id_folder' => array('int', 'id_folder'), |
|
737
|
|
|
'id_msg' => array('int', 'post'), |
|
738
|
|
|
'filename' => array('string-255', 'name'), |
|
739
|
|
|
'file_hash' => array('string-40', 'file_hash'), |
|
740
|
|
|
'fileext' => array('string-8', 'fileext'), |
|
741
|
|
|
'size' => array('int', 'size'), |
|
742
|
|
|
'width' => array('int', 'width'), |
|
743
|
|
|
'height' => array('int', 'height'), |
|
744
|
|
|
'mime_type' => array('string-20', 'mime_type'), |
|
745
|
|
|
'approved' => array('int', 'approved'), |
|
746
|
|
|
); |
|
747
|
|
|
|
|
748
|
|
|
// Last chance to change stuff! |
|
749
|
|
|
call_integration_hook('integrate_createAttachment', array(&$attachmentOptions, &$attachmentInserts)); |
|
750
|
|
|
|
|
751
|
|
|
// Make sure the folder is valid... |
|
752
|
|
|
$tmp = is_array($modSettings['attachmentUploadDir']) ? $modSettings['attachmentUploadDir'] : $smcFunc['json_decode']($modSettings['attachmentUploadDir'], true); |
|
753
|
|
|
$folders = array_keys($tmp); |
|
754
|
|
|
if (empty($attachmentOptions['id_folder']) || !in_array($attachmentOptions['id_folder'], $folders)) |
|
755
|
|
|
$attachmentOptions['id_folder'] = $modSettings['currentAttachmentUploadDir']; |
|
756
|
|
|
|
|
757
|
|
|
// Make sure all required columns are present, in case a mod screwed up. |
|
758
|
|
|
foreach ($attachmentStandardInserts as $column => $insert_info) |
|
759
|
|
|
if (!isset($attachmentInserts[$column])) |
|
760
|
|
|
$attachmentInserts[$column] = $insert_info; |
|
761
|
|
|
|
|
762
|
|
|
// Set up the columns and values to insert, in the correct order. |
|
763
|
|
|
$attachmentColumns = array(); |
|
764
|
|
|
$attachmentValues = array(); |
|
765
|
|
|
foreach ($attachmentInserts as $column => $insert_info) |
|
766
|
|
|
{ |
|
767
|
|
|
$attachmentColumns[$column] = $insert_info[0]; |
|
768
|
|
|
|
|
769
|
|
|
if (!empty($insert_info[0]) && $insert_info[0] == 'int') |
|
770
|
|
|
$attachmentValues[] = (int) $attachmentOptions[$insert_info[1]]; |
|
771
|
|
|
else |
|
772
|
|
|
$attachmentValues[] = $attachmentOptions[$insert_info[1]]; |
|
773
|
|
|
} |
|
774
|
|
|
|
|
775
|
|
|
// Create the attachment in the database. |
|
776
|
|
|
$attachmentOptions['id'] = $smcFunc['db_insert']('', |
|
777
|
|
|
'{db_prefix}attachments', |
|
778
|
|
|
$attachmentColumns, |
|
779
|
|
|
$attachmentValues, |
|
780
|
|
|
array('id_attach'), |
|
781
|
|
|
1 |
|
782
|
|
|
); |
|
783
|
|
|
|
|
784
|
|
|
// Attachment couldn't be created. |
|
785
|
|
|
if (empty($attachmentOptions['id'])) |
|
786
|
|
|
{ |
|
787
|
|
|
loadLanguage('Errors'); |
|
788
|
|
|
log_error($txt['attachment_not_created'], 'general'); |
|
789
|
|
|
return false; |
|
790
|
|
|
} |
|
791
|
|
|
|
|
792
|
|
|
// Now that we have the attach id, let's rename this sucker and finish up. |
|
793
|
|
|
$attachmentOptions['destination'] = getAttachmentFilename(basename($attachmentOptions['name']), $attachmentOptions['id'], $attachmentOptions['id_folder'], false, $attachmentOptions['file_hash']); |
|
794
|
|
|
rename($attachmentOptions['tmp_name'], $attachmentOptions['destination']); |
|
795
|
|
|
|
|
796
|
|
|
// If it's not approved then add to the approval queue. |
|
797
|
|
|
if (!$attachmentOptions['approved']) |
|
798
|
|
|
{ |
|
799
|
|
|
$smcFunc['db_insert']('', |
|
800
|
|
|
'{db_prefix}approval_queue', |
|
801
|
|
|
array( |
|
802
|
|
|
'id_attach' => 'int', 'id_msg' => 'int', |
|
803
|
|
|
), |
|
804
|
|
|
array( |
|
805
|
|
|
$attachmentOptions['id'], (int) $attachmentOptions['post'], |
|
806
|
|
|
), |
|
807
|
|
|
array() |
|
808
|
|
|
); |
|
809
|
|
|
|
|
810
|
|
|
// Queue background notification task. |
|
811
|
|
|
$smcFunc['db_insert']( |
|
812
|
|
|
'insert', |
|
813
|
|
|
'{db_prefix}background_tasks', |
|
814
|
|
|
array( |
|
815
|
|
|
'task_file' => 'string', |
|
816
|
|
|
'task_class' => 'string', |
|
817
|
|
|
'task_data' => 'string', |
|
818
|
|
|
'claimed_time' => 'int' |
|
819
|
|
|
), |
|
820
|
|
|
array( |
|
821
|
|
|
'$sourcedir/tasks/CreateAttachment-Notify.php', |
|
822
|
|
|
'CreateAttachment_Notify_Background', |
|
823
|
|
|
$smcFunc['json_encode']( |
|
824
|
|
|
array( |
|
825
|
|
|
'id' => $attachmentOptions['id'], |
|
826
|
|
|
) |
|
827
|
|
|
), |
|
828
|
|
|
0 |
|
829
|
|
|
), |
|
830
|
|
|
array( |
|
831
|
|
|
'id_task' |
|
832
|
|
|
) |
|
833
|
|
|
); |
|
834
|
|
|
} |
|
835
|
|
|
|
|
836
|
|
|
if (empty($modSettings['attachmentThumbnails']) || (empty($attachmentOptions['width']) && empty($attachmentOptions['height']))) |
|
837
|
|
|
return true; |
|
838
|
|
|
|
|
839
|
|
|
// Like thumbnails, do we? |
|
840
|
|
|
if (!empty($modSettings['attachmentThumbWidth']) && !empty($modSettings['attachmentThumbHeight']) && ($attachmentOptions['width'] > $modSettings['attachmentThumbWidth'] || $attachmentOptions['height'] > $modSettings['attachmentThumbHeight'])) |
|
841
|
|
|
{ |
|
842
|
|
|
if (createThumbnail($attachmentOptions['destination'], $modSettings['attachmentThumbWidth'], $modSettings['attachmentThumbHeight'])) |
|
843
|
|
|
{ |
|
844
|
|
|
// Figure out how big we actually made it. |
|
845
|
|
|
$size = @getimagesize($attachmentOptions['destination'] . '_thumb'); |
|
846
|
|
|
list ($thumb_width, $thumb_height) = $size; |
|
847
|
|
|
|
|
848
|
|
|
if (!empty($size['mime'])) |
|
849
|
|
|
$thumb_mime = $size['mime']; |
|
850
|
|
|
elseif (isset($context['valid_image_types'][$size[2]])) |
|
851
|
|
|
$thumb_mime = 'image/' . $context['valid_image_types'][$size[2]]; |
|
852
|
|
|
// Lord only knows how this happened... |
|
853
|
|
|
else |
|
854
|
|
|
$thumb_mime = ''; |
|
855
|
|
|
|
|
856
|
|
|
$thumb_filename = $attachmentOptions['name'] . '_thumb'; |
|
857
|
|
|
$thumb_size = filesize($attachmentOptions['destination'] . '_thumb'); |
|
858
|
|
|
$thumb_file_hash = getAttachmentFilename($thumb_filename, false, null, true); |
|
859
|
|
|
$thumb_path = $attachmentOptions['destination'] . '_thumb'; |
|
860
|
|
|
|
|
861
|
|
|
// We should check the file size and count here since thumbs are added to the existing totals. |
|
862
|
|
|
if (!empty($modSettings['automanage_attachments']) && $modSettings['automanage_attachments'] == 1 && !empty($modSettings['attachmentDirSizeLimit']) || !empty($modSettings['attachmentDirFileLimit'])) |
|
|
|
|
|
|
863
|
|
|
{ |
|
864
|
|
|
$context['dir_size'] = isset($context['dir_size']) ? $context['dir_size'] += $thumb_size : $context['dir_size'] = 0; |
|
865
|
|
|
$context['dir_files'] = isset($context['dir_files']) ? $context['dir_files']++ : $context['dir_files'] = 0; |
|
866
|
|
|
|
|
867
|
|
|
// If the folder is full, try to create a new one and move the thumb to it. |
|
868
|
|
|
if ($context['dir_size'] > $modSettings['attachmentDirSizeLimit'] * 1024 || $context['dir_files'] + 2 > $modSettings['attachmentDirFileLimit']) |
|
869
|
|
|
{ |
|
870
|
|
|
if (automanage_attachments_by_space()) |
|
871
|
|
|
{ |
|
872
|
|
|
rename($thumb_path, $context['attach_dir'] . '/' . $thumb_filename); |
|
873
|
|
|
$thumb_path = $context['attach_dir'] . '/' . $thumb_filename; |
|
874
|
|
|
$context['dir_size'] = 0; |
|
875
|
|
|
$context['dir_files'] = 0; |
|
876
|
|
|
} |
|
877
|
|
|
} |
|
878
|
|
|
} |
|
879
|
|
|
// If a new folder has been already created. Gotta move this thumb there then. |
|
880
|
|
|
if ($modSettings['currentAttachmentUploadDir'] != $attachmentOptions['id_folder']) |
|
881
|
|
|
{ |
|
882
|
|
|
rename($thumb_path, $context['attach_dir'] . '/' . $thumb_filename); |
|
883
|
|
|
$thumb_path = $context['attach_dir'] . '/' . $thumb_filename; |
|
884
|
|
|
} |
|
885
|
|
|
|
|
886
|
|
|
// To the database we go! |
|
887
|
|
|
$attachmentOptions['thumb'] = $smcFunc['db_insert']('', |
|
888
|
|
|
'{db_prefix}attachments', |
|
889
|
|
|
array( |
|
890
|
|
|
'id_folder' => 'int', 'id_msg' => 'int', 'attachment_type' => 'int', 'filename' => 'string-255', 'file_hash' => 'string-40', 'fileext' => 'string-8', |
|
891
|
|
|
'size' => 'int', 'width' => 'int', 'height' => 'int', 'mime_type' => 'string-20', 'approved' => 'int', |
|
892
|
|
|
), |
|
893
|
|
|
array( |
|
894
|
|
|
$modSettings['currentAttachmentUploadDir'], (int) $attachmentOptions['post'], 3, $thumb_filename, $thumb_file_hash, $attachmentOptions['fileext'], |
|
895
|
|
|
$thumb_size, $thumb_width, $thumb_height, $thumb_mime, (int) $attachmentOptions['approved'], |
|
896
|
|
|
), |
|
897
|
|
|
array('id_attach'), |
|
898
|
|
|
1 |
|
899
|
|
|
); |
|
900
|
|
|
|
|
901
|
|
|
if (!empty($attachmentOptions['thumb'])) |
|
902
|
|
|
{ |
|
903
|
|
|
$smcFunc['db_query']('', ' |
|
904
|
|
|
UPDATE {db_prefix}attachments |
|
905
|
|
|
SET id_thumb = {int:id_thumb} |
|
906
|
|
|
WHERE id_attach = {int:id_attach}', |
|
907
|
|
|
array( |
|
908
|
|
|
'id_thumb' => $attachmentOptions['thumb'], |
|
909
|
|
|
'id_attach' => $attachmentOptions['id'], |
|
910
|
|
|
) |
|
911
|
|
|
); |
|
912
|
|
|
|
|
913
|
|
|
rename($thumb_path, getAttachmentFilename($thumb_filename, $attachmentOptions['thumb'], $modSettings['currentAttachmentUploadDir'], false, $thumb_file_hash)); |
|
914
|
|
|
} |
|
915
|
|
|
} |
|
916
|
|
|
} |
|
917
|
|
|
|
|
918
|
|
|
return true; |
|
919
|
|
|
} |
|
920
|
|
|
|
|
921
|
|
|
/** |
|
922
|
|
|
* Assigns the given attachments to the given message ID. |
|
923
|
|
|
* |
|
924
|
|
|
* @param $attachIDs array of attachment IDs to assign. |
|
925
|
|
|
* @param $msgID integer the message ID. |
|
926
|
|
|
* |
|
927
|
|
|
* @return boolean false on error or missing params. |
|
928
|
|
|
*/ |
|
929
|
|
|
function assignAttachments($attachIDs = array(), $msgID = 0) |
|
930
|
|
|
{ |
|
931
|
|
|
global $smcFunc; |
|
932
|
|
|
|
|
933
|
|
|
// Oh, come on! |
|
934
|
|
|
if (empty($attachIDs) || empty($msgID)) |
|
935
|
|
|
return false; |
|
936
|
|
|
|
|
937
|
|
|
// "I see what is right and approve, but I do what is wrong." |
|
938
|
|
|
call_integration_hook('integrate_assign_attachments', array(&$attachIDs, &$msgID)); |
|
939
|
|
|
|
|
940
|
|
|
// One last check |
|
941
|
|
|
if (empty($attachIDs)) |
|
942
|
|
|
return false; |
|
943
|
|
|
|
|
944
|
|
|
// Perform. |
|
945
|
|
|
$smcFunc['db_query']('', ' |
|
946
|
|
|
UPDATE {db_prefix}attachments |
|
947
|
|
|
SET id_msg = {int:id_msg} |
|
948
|
|
|
WHERE id_attach IN ({array_int:attach_ids})', |
|
949
|
|
|
array( |
|
950
|
|
|
'id_msg' => $msgID, |
|
951
|
|
|
'attach_ids' => $attachIDs, |
|
952
|
|
|
) |
|
953
|
|
|
); |
|
954
|
|
|
|
|
955
|
|
|
return true; |
|
956
|
|
|
} |
|
957
|
|
|
|
|
958
|
|
|
/** |
|
959
|
|
|
* Gets an attach ID and tries to load all its info. |
|
960
|
|
|
* |
|
961
|
|
|
* @param int $attachID the attachment ID to load info from. |
|
962
|
|
|
* |
|
963
|
|
|
* @return mixed If succesful, it will return an array of loaded data. String, most likely a $txt key if there was some error. |
|
964
|
|
|
*/ |
|
965
|
|
|
function parseAttachBBC($attachID = 0) |
|
966
|
|
|
{ |
|
967
|
|
|
global $board, $modSettings, $context, $scripturl, $smcFunc, $user_info; |
|
968
|
|
|
static $view_attachment_boards; |
|
969
|
|
|
|
|
970
|
|
|
if (!isset($view_attachment_boards)) |
|
971
|
|
|
$view_attachment_boards = boardsAllowedTo('view_attachments'); |
|
972
|
|
|
|
|
973
|
|
|
// Meh... |
|
974
|
|
|
if (empty($attachID)) |
|
975
|
|
|
return 'attachments_no_data_loaded'; |
|
976
|
|
|
|
|
977
|
|
|
// Make it easy. |
|
978
|
|
|
$msgID = !empty($_REQUEST['msg']) ? (int) $_REQUEST['msg'] : 0; |
|
979
|
|
|
|
|
980
|
|
|
// Perhaps someone else wants to do the honors? Yes, this also includes dealing with previews ;) |
|
981
|
|
|
$externalParse = call_integration_hook('integrate_pre_parseAttachBBC', array($attachID, $msgID)); |
|
982
|
|
|
|
|
983
|
|
|
// "I am innocent of the blood of this just person: see ye to it." |
|
984
|
|
|
if (!empty($externalParse) && (is_string($externalParse) || is_array($externalParse))) |
|
985
|
|
|
return $externalParse; |
|
986
|
|
|
|
|
987
|
|
|
// Are attachments enabled? |
|
988
|
|
|
if (empty($modSettings['attachmentEnable'])) |
|
989
|
|
|
return 'attachments_not_enable'; |
|
990
|
|
|
|
|
991
|
|
|
$check_board_perms = !isset($_SESSION['attachments_can_preview'][$attachID]) && $view_attachment_boards !== array(0); |
|
992
|
|
|
|
|
993
|
|
|
// There is always the chance someone else has already done our dirty work... |
|
994
|
|
|
// If so, all pertinent checks were already done. Hopefully... |
|
995
|
|
|
if (!empty($context['current_attachments']) && !empty($context['current_attachments'][$attachID])) |
|
996
|
|
|
return $context['current_attachments'][$attachID]; |
|
997
|
|
|
|
|
998
|
|
|
// Can the user view attachments on this board? |
|
999
|
|
|
if ($check_board_perms && !empty($board) && !in_array($board, $view_attachment_boards)) |
|
1000
|
|
|
return 'attachments_not_allowed_to_see'; |
|
1001
|
|
|
|
|
1002
|
|
|
// Get the message info associated with this particular attach ID. |
|
1003
|
|
|
$attachInfo = getAttachMsgInfo($attachID); |
|
1004
|
|
|
|
|
1005
|
|
|
// There is always the chance this attachment no longer exists or isn't associated to a message anymore... |
|
1006
|
|
|
if (empty($attachInfo)) |
|
1007
|
|
|
return 'attachments_no_data_loaded'; |
|
1008
|
|
|
|
|
1009
|
|
|
if (empty($attachInfo['msg']) && empty($context['preview_message'])) |
|
1010
|
|
|
return 'attachments_no_msg_associated'; |
|
1011
|
|
|
|
|
1012
|
|
|
// Can the user view attachments on the board that holds the attachment's original post? |
|
1013
|
|
|
// (This matters when one post quotes another on a different board.) |
|
1014
|
|
|
if ($check_board_perms && !in_array($attachInfo['board'], $view_attachment_boards)) |
|
1015
|
|
|
return 'attachments_not_allowed_to_see'; |
|
1016
|
|
|
|
|
1017
|
|
|
if (empty($context['loaded_attachments'][$attachInfo['msg']])) |
|
1018
|
|
|
prepareAttachsByMsg(array($attachInfo['msg'])); |
|
1019
|
|
|
|
|
1020
|
|
|
if (isset($context['loaded_attachments'][$attachInfo['msg']][$attachID])) |
|
1021
|
|
|
$attachContext = $context['loaded_attachments'][$attachInfo['msg']][$attachID]; |
|
1022
|
|
|
|
|
1023
|
|
|
// In case the user manually typed the thumbnail's ID into the BBC |
|
1024
|
|
|
elseif (!empty($context['loaded_attachments'][$attachInfo['msg']])) |
|
1025
|
|
|
{ |
|
1026
|
|
|
foreach ($context['loaded_attachments'][$attachInfo['msg']] as $foundAttachID => $foundAttach) |
|
1027
|
|
|
{ |
|
1028
|
|
|
if (array_key_exists('id_thumb', $foundAttach) && $foundAttach['id_thumb'] == $attachID) |
|
1029
|
|
|
{ |
|
1030
|
|
|
$attachContext = $context['loaded_attachments'][$attachInfo['msg']][$foundAttachID]; |
|
1031
|
|
|
$attachID = $foundAttachID; |
|
1032
|
|
|
break; |
|
1033
|
|
|
} |
|
1034
|
|
|
} |
|
1035
|
|
|
} |
|
1036
|
|
|
|
|
1037
|
|
|
// Load this particular attach's context. |
|
1038
|
|
|
if (!empty($attachContext)) |
|
1039
|
|
|
{ |
|
1040
|
|
|
// Skip unapproved attachment, unless they belong to the user or the user can approve them. |
|
1041
|
|
|
if (!$context['loaded_attachments'][$attachInfo['msg']][$attachID]['approved'] && |
|
1042
|
|
|
$modSettings['postmod_active'] && !allowedTo('approve_posts') && |
|
1043
|
|
|
$context['loaded_attachments'][$attachInfo['msg']][$attachID]['id_member'] != $user_info['id']) |
|
1044
|
|
|
{ |
|
1045
|
|
|
unset($context['loaded_attachments'][$attachInfo['msg']][$attachID]); |
|
1046
|
|
|
return 'attachments_unapproved'; |
|
1047
|
|
|
} |
|
1048
|
|
|
$attachLoaded = loadAttachmentContext($attachContext['id_msg'], $context['loaded_attachments']); |
|
1049
|
|
|
} |
|
1050
|
|
|
else |
|
1051
|
|
|
return 'attachments_no_data_loaded'; |
|
1052
|
|
|
|
|
1053
|
|
|
if (empty($attachLoaded)) |
|
1054
|
|
|
return 'attachments_no_data_loaded'; |
|
1055
|
|
|
|
|
1056
|
|
|
else |
|
1057
|
|
|
$attachContext = $attachLoaded[$attachID]; |
|
1058
|
|
|
|
|
1059
|
|
|
// It's theoretically possible that prepareAttachsByMsg() changed the board id, so check again. |
|
1060
|
|
|
if ($check_board_perms && !in_array($attachContext['board'], $view_attachment_boards)) |
|
1061
|
|
|
return 'attachments_not_allowed_to_see'; |
|
1062
|
|
|
|
|
1063
|
|
|
// You may or may not want to show this under the post. |
|
1064
|
|
|
if (!empty($modSettings['dont_show_attach_under_post']) && !isset($context['show_attach_under_post'][$attachID])) |
|
1065
|
|
|
$context['show_attach_under_post'][$attachID] = $attachID; |
|
1066
|
|
|
|
|
1067
|
|
|
// Last minute changes? |
|
1068
|
|
|
call_integration_hook('integrate_post_parseAttachBBC', array(&$attachContext)); |
|
1069
|
|
|
|
|
1070
|
|
|
// Don't do any logic with the loaded data, leave it to whoever called this function. |
|
1071
|
|
|
return $attachContext; |
|
1072
|
|
|
} |
|
1073
|
|
|
|
|
1074
|
|
|
/** |
|
1075
|
|
|
* Gets raw info directly from the attachments table. |
|
1076
|
|
|
* |
|
1077
|
|
|
* @param array $attachIDs An array of attachments IDs. |
|
1078
|
|
|
* |
|
1079
|
|
|
* @return array |
|
1080
|
|
|
*/ |
|
1081
|
|
|
function getRawAttachInfo($attachIDs) |
|
1082
|
|
|
{ |
|
1083
|
|
|
global $smcFunc, $modSettings; |
|
1084
|
|
|
|
|
1085
|
|
|
if (empty($attachIDs)) |
|
1086
|
|
|
return array(); |
|
1087
|
|
|
|
|
1088
|
|
|
$return = array(); |
|
1089
|
|
|
|
|
1090
|
|
|
$request = $smcFunc['db_query']('', ' |
|
1091
|
|
|
SELECT a.id_attach, a.id_msg, a.id_member, a.size, a.mime_type, a.id_folder, a.filename' . (empty($modSettings['attachmentShowImages']) || empty($modSettings['attachmentThumbnails']) ? '' : ', |
|
1092
|
|
|
COALESCE(thumb.id_attach, 0) AS id_thumb, thumb.width AS thumb_width, thumb.height AS thumb_height') . ' |
|
1093
|
|
|
FROM {db_prefix}attachments AS a' . (empty($modSettings['attachmentShowImages']) || empty($modSettings['attachmentThumbnails']) ? '' : ' |
|
1094
|
|
|
LEFT JOIN {db_prefix}attachments AS thumb ON (thumb.id_attach = a.id_thumb)') . ' |
|
1095
|
|
|
WHERE a.id_attach IN ({array_int:attach_ids}) |
|
1096
|
|
|
LIMIT 1', |
|
1097
|
|
|
array( |
|
1098
|
|
|
'attach_ids' => (array) $attachIDs, |
|
1099
|
|
|
) |
|
1100
|
|
|
); |
|
1101
|
|
|
|
|
1102
|
|
|
if ($smcFunc['db_num_rows']($request) != 1) |
|
1103
|
|
|
return array(); |
|
1104
|
|
|
|
|
1105
|
|
|
while ($row = $smcFunc['db_fetch_assoc']($request)) |
|
1106
|
|
|
$return[$row['id_attach']] = array( |
|
1107
|
|
|
'name' => $smcFunc['htmlspecialchars']($row['filename']), |
|
1108
|
|
|
'size' => $row['size'], |
|
1109
|
|
|
'attachID' => $row['id_attach'], |
|
1110
|
|
|
'unchecked' => false, |
|
1111
|
|
|
'approved' => 1, |
|
1112
|
|
|
'mime_type' => $row['mime_type'], |
|
1113
|
|
|
'thumb' => $row['id_thumb'], |
|
1114
|
|
|
); |
|
1115
|
|
|
$smcFunc['db_free_result']($request); |
|
1116
|
|
|
|
|
1117
|
|
|
return $return; |
|
1118
|
|
|
} |
|
1119
|
|
|
|
|
1120
|
|
|
/** |
|
1121
|
|
|
* Gets all needed message data associated with an attach ID |
|
1122
|
|
|
* |
|
1123
|
|
|
* @param int $attachID the attachment ID to load info from. |
|
1124
|
|
|
* |
|
1125
|
|
|
* @return array |
|
1126
|
|
|
*/ |
|
1127
|
|
|
function getAttachMsgInfo($attachID) |
|
1128
|
|
|
{ |
|
1129
|
|
|
global $smcFunc, $context; |
|
1130
|
|
|
|
|
1131
|
|
|
if (empty($attachID)) |
|
1132
|
|
|
return array(); |
|
1133
|
|
|
|
|
1134
|
|
|
if (!isset($context['loaded_attachments'])) |
|
1135
|
|
|
$context['loaded_attachments'] = array(); |
|
1136
|
|
|
|
|
1137
|
|
|
foreach ($context['loaded_attachments'] as $msgRows) |
|
1138
|
|
|
{ |
|
1139
|
|
|
if (empty($msgRows[$attachID])) |
|
1140
|
|
|
continue; |
|
1141
|
|
|
|
|
1142
|
|
|
$row = array( |
|
1143
|
|
|
'msg' => $msgRows[$attachID]['id_msg'], |
|
1144
|
|
|
'topic' => $msgRows[$attachID]['topic'], |
|
1145
|
|
|
'board' => $msgRows[$attachID]['board'], |
|
1146
|
|
|
); |
|
1147
|
|
|
|
|
1148
|
|
|
return $row; |
|
1149
|
|
|
} |
|
1150
|
|
|
|
|
1151
|
|
|
$request = $smcFunc['db_query']('', ' |
|
1152
|
|
|
SELECT a.id_msg AS msg, m.id_topic AS topic, m.id_board AS board |
|
1153
|
|
|
FROM {db_prefix}attachments AS a |
|
1154
|
|
|
LEFT JOIN {db_prefix}messages AS m ON (m.id_msg = a.id_msg) |
|
1155
|
|
|
WHERE id_attach = {int:id_attach} |
|
1156
|
|
|
LIMIT 1', |
|
1157
|
|
|
array( |
|
1158
|
|
|
'id_attach' => (int) $attachID, |
|
1159
|
|
|
) |
|
1160
|
|
|
); |
|
1161
|
|
|
|
|
1162
|
|
|
if ($smcFunc['db_num_rows']($request) != 1) |
|
1163
|
|
|
return array(); |
|
1164
|
|
|
|
|
1165
|
|
|
$row = $smcFunc['db_fetch_assoc']($request); |
|
1166
|
|
|
$smcFunc['db_free_result']($request); |
|
1167
|
|
|
|
|
1168
|
|
|
return $row; |
|
1169
|
|
|
} |
|
1170
|
|
|
|
|
1171
|
|
|
/** |
|
1172
|
|
|
* This loads an attachment's contextual data including, most importantly, its size if it is an image. |
|
1173
|
|
|
* It requires the view_attachments permission to calculate image size. |
|
1174
|
|
|
* It attempts to keep the "aspect ratio" of the posted image in line, even if it has to be resized by |
|
1175
|
|
|
* the max_image_width and max_image_height settings. |
|
1176
|
|
|
* |
|
1177
|
|
|
* @param int $id_msg ID of the post to load attachments for |
|
1178
|
|
|
* @param array $attachments An array of already loaded attachments. This function no longer depends on having $topic declared, thus, you need to load the actual topic ID for each attachment. |
|
1179
|
|
|
* @return array An array of attachment info |
|
1180
|
|
|
*/ |
|
1181
|
|
|
function loadAttachmentContext($id_msg, $attachments) |
|
1182
|
|
|
{ |
|
1183
|
|
|
global $modSettings, $txt, $scripturl, $sourcedir, $smcFunc, $context; |
|
1184
|
|
|
|
|
1185
|
|
|
if (empty($attachments) || empty($attachments[$id_msg])) |
|
1186
|
|
|
return array(); |
|
1187
|
|
|
|
|
1188
|
|
|
// Set up the attachment info - based on code by Meriadoc. |
|
1189
|
|
|
$attachmentData = array(); |
|
1190
|
|
|
$have_unapproved = false; |
|
1191
|
|
|
if (isset($attachments[$id_msg]) && !empty($modSettings['attachmentEnable'])) |
|
1192
|
|
|
{ |
|
1193
|
|
|
foreach ($attachments[$id_msg] as $i => $attachment) |
|
1194
|
|
|
{ |
|
1195
|
|
|
$attachmentData[$i] = array( |
|
1196
|
|
|
'id' => $attachment['id_attach'], |
|
1197
|
|
|
'name' => preg_replace('~&#(\\d{1,7}|x[0-9a-fA-F]{1,6});~', '&#\\1;', $smcFunc['htmlspecialchars']($attachment['filename'])), |
|
1198
|
|
|
'downloads' => $attachment['downloads'], |
|
1199
|
|
|
'size' => ($attachment['filesize'] < 1024000) ? round($attachment['filesize'] / 1024, 2) . ' ' . $txt['kilobyte'] : round($attachment['filesize'] / 1024 / 1024, 2) . ' ' . $txt['megabyte'], |
|
1200
|
|
|
'byte_size' => $attachment['filesize'], |
|
1201
|
|
|
'href' => $scripturl . '?action=dlattach;attach=' . $attachment['id_attach'], |
|
1202
|
|
|
'link' => '<a href="' . $scripturl . '?action=dlattach;attach=' . $attachment['id_attach'] . '" class="bbc_link">' . $smcFunc['htmlspecialchars']($attachment['filename']) . '</a>', |
|
1203
|
|
|
'is_image' => !empty($attachment['width']) && !empty($attachment['height']), |
|
1204
|
|
|
'is_approved' => $attachment['approved'], |
|
1205
|
|
|
'topic' => $attachment['topic'], |
|
1206
|
|
|
'board' => $attachment['board'], |
|
1207
|
|
|
'mime_type' => $attachment['mime_type'], |
|
1208
|
|
|
); |
|
1209
|
|
|
|
|
1210
|
|
|
// If something is unapproved we'll note it so we can sort them. |
|
1211
|
|
|
if (!$attachment['approved']) |
|
1212
|
|
|
$have_unapproved = true; |
|
1213
|
|
|
|
|
1214
|
|
|
if (!$attachmentData[$i]['is_image']) |
|
1215
|
|
|
continue; |
|
1216
|
|
|
|
|
1217
|
|
|
$attachmentData[$i]['real_width'] = $attachment['width']; |
|
1218
|
|
|
$attachmentData[$i]['width'] = $attachment['width']; |
|
1219
|
|
|
$attachmentData[$i]['real_height'] = $attachment['height']; |
|
1220
|
|
|
$attachmentData[$i]['height'] = $attachment['height']; |
|
1221
|
|
|
|
|
1222
|
|
|
// Let's see, do we want thumbs? |
|
1223
|
|
|
if (!empty($modSettings['attachmentShowImages']) && !empty($modSettings['attachmentThumbnails']) && !empty($modSettings['attachmentThumbWidth']) && !empty($modSettings['attachmentThumbHeight']) && ($attachment['width'] > $modSettings['attachmentThumbWidth'] || $attachment['height'] > $modSettings['attachmentThumbHeight']) && strlen($attachment['filename']) < 249) |
|
1224
|
|
|
{ |
|
1225
|
|
|
// A proper thumb doesn't exist yet? Create one! |
|
1226
|
|
|
if (empty($attachment['id_thumb']) || $attachment['thumb_width'] > $modSettings['attachmentThumbWidth'] || $attachment['thumb_height'] > $modSettings['attachmentThumbHeight'] || ($attachment['thumb_width'] < $modSettings['attachmentThumbWidth'] && $attachment['thumb_height'] < $modSettings['attachmentThumbHeight'])) |
|
1227
|
|
|
{ |
|
1228
|
|
|
$filename = getAttachmentFilename($attachment['filename'], $attachment['id_attach'], $attachment['id_folder']); |
|
1229
|
|
|
|
|
1230
|
|
|
require_once($sourcedir . '/Subs-Graphics.php'); |
|
1231
|
|
|
if (createThumbnail($filename, $modSettings['attachmentThumbWidth'], $modSettings['attachmentThumbHeight'])) |
|
1232
|
|
|
{ |
|
1233
|
|
|
// So what folder are we putting this image in? |
|
1234
|
|
|
if (!empty($modSettings['currentAttachmentUploadDir'])) |
|
1235
|
|
|
{ |
|
1236
|
|
|
if (!is_array($modSettings['attachmentUploadDir'])) |
|
1237
|
|
|
$modSettings['attachmentUploadDir'] = $smcFunc['json_decode']($modSettings['attachmentUploadDir'], true); |
|
1238
|
|
|
$id_folder_thumb = $modSettings['currentAttachmentUploadDir']; |
|
1239
|
|
|
} |
|
1240
|
|
|
else |
|
1241
|
|
|
{ |
|
1242
|
|
|
$id_folder_thumb = 1; |
|
1243
|
|
|
} |
|
1244
|
|
|
|
|
1245
|
|
|
// Calculate the size of the created thumbnail. |
|
1246
|
|
|
$size = @getimagesize($filename . '_thumb'); |
|
1247
|
|
|
list ($attachment['thumb_width'], $attachment['thumb_height']) = $size; |
|
1248
|
|
|
$thumb_size = filesize($filename . '_thumb'); |
|
1249
|
|
|
|
|
1250
|
|
|
// What about the extension? |
|
1251
|
|
|
$thumb_ext = isset($context['valid_image_types'][$size[2]]) ? $context['valid_image_types'][$size[2]] : ''; |
|
1252
|
|
|
|
|
1253
|
|
|
// Figure out the mime type. |
|
1254
|
|
|
if (!empty($size['mime'])) |
|
1255
|
|
|
$thumb_mime = $size['mime']; |
|
1256
|
|
|
else |
|
1257
|
|
|
$thumb_mime = 'image/' . $thumb_ext; |
|
1258
|
|
|
|
|
1259
|
|
|
$thumb_filename = $attachment['filename'] . '_thumb'; |
|
1260
|
|
|
$thumb_hash = getAttachmentFilename($thumb_filename, false, null, true); |
|
|
|
|
|
|
1261
|
|
|
$old_id_thumb = $attachment['id_thumb']; |
|
1262
|
|
|
|
|
1263
|
|
|
// Add this beauty to the database. |
|
1264
|
|
|
$attachment['id_thumb'] = $smcFunc['db_insert']('', |
|
1265
|
|
|
'{db_prefix}attachments', |
|
1266
|
|
|
array('id_folder' => 'int', 'id_msg' => 'int', 'attachment_type' => 'int', 'filename' => 'string', 'file_hash' => 'string', 'size' => 'int', 'width' => 'int', 'height' => 'int', 'fileext' => 'string', 'mime_type' => 'string'), |
|
1267
|
|
|
array($id_folder_thumb, $id_msg, 3, $thumb_filename, $thumb_hash, (int) $thumb_size, (int) $attachment['thumb_width'], (int) $attachment['thumb_height'], $thumb_ext, $thumb_mime), |
|
1268
|
|
|
array('id_attach'), |
|
1269
|
|
|
1 |
|
1270
|
|
|
); |
|
1271
|
|
|
|
|
1272
|
|
|
if (!empty($attachment['id_thumb'])) |
|
1273
|
|
|
{ |
|
1274
|
|
|
$smcFunc['db_query']('', ' |
|
1275
|
|
|
UPDATE {db_prefix}attachments |
|
1276
|
|
|
SET id_thumb = {int:id_thumb} |
|
1277
|
|
|
WHERE id_attach = {int:id_attach}', |
|
1278
|
|
|
array( |
|
1279
|
|
|
'id_thumb' => $attachment['id_thumb'], |
|
1280
|
|
|
'id_attach' => $attachment['id_attach'], |
|
1281
|
|
|
) |
|
1282
|
|
|
); |
|
1283
|
|
|
|
|
1284
|
|
|
$thumb_realname = getAttachmentFilename($thumb_filename, $attachment['id_thumb'], $id_folder_thumb, false, $thumb_hash); |
|
1285
|
|
|
rename($filename . '_thumb', $thumb_realname); |
|
1286
|
|
|
|
|
1287
|
|
|
// Do we need to remove an old thumbnail? |
|
1288
|
|
|
if (!empty($old_id_thumb)) |
|
1289
|
|
|
{ |
|
1290
|
|
|
require_once($sourcedir . '/ManageAttachments.php'); |
|
1291
|
|
|
removeAttachments(array('id_attach' => $old_id_thumb), '', false, false); |
|
1292
|
|
|
} |
|
1293
|
|
|
} |
|
1294
|
|
|
} |
|
1295
|
|
|
} |
|
1296
|
|
|
|
|
1297
|
|
|
// Only adjust dimensions on successful thumbnail creation. |
|
1298
|
|
|
if (!empty($attachment['thumb_width']) && !empty($attachment['thumb_height'])) |
|
1299
|
|
|
{ |
|
1300
|
|
|
$attachmentData[$i]['width'] = $attachment['thumb_width']; |
|
1301
|
|
|
$attachmentData[$i]['height'] = $attachment['thumb_height']; |
|
1302
|
|
|
} |
|
1303
|
|
|
} |
|
1304
|
|
|
|
|
1305
|
|
|
if (!empty($attachment['id_thumb'])) |
|
1306
|
|
|
$attachmentData[$i]['thumbnail'] = array( |
|
1307
|
|
|
'id' => $attachment['id_thumb'], |
|
1308
|
|
|
'href' => $scripturl . '?action=dlattach;attach=' . $attachment['id_thumb'] . ';image', |
|
1309
|
|
|
); |
|
1310
|
|
|
$attachmentData[$i]['thumbnail']['has_thumb'] = !empty($attachment['id_thumb']); |
|
1311
|
|
|
|
|
1312
|
|
|
// If thumbnails are disabled, check the maximum size of the image. |
|
1313
|
|
|
if (!$attachmentData[$i]['thumbnail']['has_thumb'] && ((!empty($modSettings['max_image_width']) && $attachment['width'] > $modSettings['max_image_width']) || (!empty($modSettings['max_image_height']) && $attachment['height'] > $modSettings['max_image_height']))) |
|
1314
|
|
|
{ |
|
1315
|
|
|
if (!empty($modSettings['max_image_width']) && (empty($modSettings['max_image_height']) || $attachment['height'] * $modSettings['max_image_width'] / $attachment['width'] <= $modSettings['max_image_height'])) |
|
1316
|
|
|
{ |
|
1317
|
|
|
$attachmentData[$i]['width'] = $modSettings['max_image_width']; |
|
1318
|
|
|
$attachmentData[$i]['height'] = floor($attachment['height'] * $modSettings['max_image_width'] / $attachment['width']); |
|
1319
|
|
|
} |
|
1320
|
|
|
elseif (!empty($modSettings['max_image_width'])) |
|
1321
|
|
|
{ |
|
1322
|
|
|
$attachmentData[$i]['width'] = floor($attachment['width'] * $modSettings['max_image_height'] / $attachment['height']); |
|
1323
|
|
|
$attachmentData[$i]['height'] = $modSettings['max_image_height']; |
|
1324
|
|
|
} |
|
1325
|
|
|
} |
|
1326
|
|
|
elseif ($attachmentData[$i]['thumbnail']['has_thumb']) |
|
1327
|
|
|
{ |
|
1328
|
|
|
// If the image is too large to show inline, make it a popup. |
|
1329
|
|
|
if (((!empty($modSettings['max_image_width']) && $attachmentData[$i]['real_width'] > $modSettings['max_image_width']) || (!empty($modSettings['max_image_height']) && $attachmentData[$i]['real_height'] > $modSettings['max_image_height']))) |
|
1330
|
|
|
$attachmentData[$i]['thumbnail']['javascript'] = 'return reqWin(\'' . $attachmentData[$i]['href'] . ';image\', ' . ($attachment['width'] + 20) . ', ' . ($attachment['height'] + 20) . ', true);'; |
|
1331
|
|
|
else |
|
1332
|
|
|
$attachmentData[$i]['thumbnail']['javascript'] = 'return expandThumb(' . $attachment['id_attach'] . ');'; |
|
1333
|
|
|
} |
|
1334
|
|
|
|
|
1335
|
|
|
if (!$attachmentData[$i]['thumbnail']['has_thumb']) |
|
1336
|
|
|
$attachmentData[$i]['downloads']++; |
|
1337
|
|
|
} |
|
1338
|
|
|
} |
|
1339
|
|
|
|
|
1340
|
|
|
// Do we need to instigate a sort? |
|
1341
|
|
|
if ($have_unapproved) |
|
1342
|
|
|
uasort( |
|
1343
|
|
|
$attachmentData, |
|
1344
|
|
|
function($a, $b) |
|
1345
|
|
|
{ |
|
1346
|
|
|
if ($a['is_approved'] == $b['is_approved']) |
|
1347
|
|
|
return 0; |
|
1348
|
|
|
|
|
1349
|
|
|
return $a['is_approved'] > $b['is_approved'] ? -1 : 1; |
|
1350
|
|
|
} |
|
1351
|
|
|
); |
|
1352
|
|
|
|
|
1353
|
|
|
return $attachmentData; |
|
1354
|
|
|
} |
|
1355
|
|
|
|
|
1356
|
|
|
/** |
|
1357
|
|
|
* prepare the Attachment api for all messages |
|
1358
|
|
|
* |
|
1359
|
|
|
* @param int array $msgIDs the message ID to load info from. |
|
1360
|
|
|
* |
|
1361
|
|
|
* @return void |
|
1362
|
|
|
*/ |
|
1363
|
|
|
function prepareAttachsByMsg($msgIDs) |
|
1364
|
|
|
{ |
|
1365
|
|
|
global $context, $modSettings, $smcFunc; |
|
1366
|
|
|
|
|
1367
|
|
|
if (empty($context['loaded_attachments'])) |
|
1368
|
|
|
$context['loaded_attachments'] = array(); |
|
1369
|
|
|
// Remove all $msgIDs that we already processed |
|
1370
|
|
|
else |
|
1371
|
|
|
$msgIDs = array_diff($msgIDs, array_keys($context['loaded_attachments']), array(0)); |
|
1372
|
|
|
|
|
1373
|
|
|
if (!empty($msgIDs)) |
|
1374
|
|
|
{ |
|
1375
|
|
|
$request = $smcFunc['db_query']('', ' |
|
1376
|
|
|
SELECT |
|
1377
|
|
|
a.id_attach, a.id_folder, a.id_msg, a.filename, a.file_hash, COALESCE(a.size, 0) AS filesize, a.downloads, a.approved, m.id_topic AS topic, m.id_board AS board, m.id_member, a.mime_type, |
|
1378
|
|
|
a.width, a.height' . (empty($modSettings['attachmentShowImages']) || empty($modSettings['attachmentThumbnails']) ? '' : ', |
|
1379
|
|
|
COALESCE(thumb.id_attach, 0) AS id_thumb, thumb.width AS thumb_width, thumb.height AS thumb_height') . ' |
|
1380
|
|
|
FROM {db_prefix}attachments AS a' . (empty($modSettings['attachmentShowImages']) || empty($modSettings['attachmentThumbnails']) ? '' : ' |
|
1381
|
|
|
LEFT JOIN {db_prefix}attachments AS thumb ON (thumb.id_attach = a.id_thumb)') . ' |
|
1382
|
|
|
LEFT JOIN {db_prefix}messages AS m ON (m.id_msg = a.id_msg) |
|
1383
|
|
|
WHERE a.attachment_type = {int:attachment_type} |
|
1384
|
|
|
AND (a.id_msg IN ({array_int:message_id})' . (!empty($context['preview_message']) && !empty($_SESSION['attachments_can_preview']) ? 'OR a.id_attach IN ({array_int:preview_attachments})' : '') . ')', |
|
1385
|
|
|
array( |
|
1386
|
|
|
'message_id' => $msgIDs, |
|
1387
|
|
|
'attachment_type' => 0, |
|
1388
|
|
|
'preview_attachments' => !empty($_SESSION['attachments_can_preview']) ? array_keys(array_filter($_SESSION['attachments_can_preview'])) : array(0), |
|
1389
|
|
|
) |
|
1390
|
|
|
); |
|
1391
|
|
|
$rows = $smcFunc['db_fetch_all']($request); |
|
1392
|
|
|
$smcFunc['db_free_result']($request); |
|
1393
|
|
|
|
|
1394
|
|
|
foreach ($rows as $row) |
|
1395
|
|
|
{ |
|
1396
|
|
|
if (empty($context['loaded_attachments'][$row['id_msg']])) |
|
1397
|
|
|
$context['loaded_attachments'][$row['id_msg']] = array(); |
|
1398
|
|
|
|
|
1399
|
|
|
$context['loaded_attachments'][$row['id_msg']][$row['id_attach']] = $row; |
|
1400
|
|
|
|
|
1401
|
|
|
// This is better than sorting it with the query... |
|
1402
|
|
|
ksort($context['loaded_attachments'][$row['id_msg']]); |
|
1403
|
|
|
} |
|
1404
|
|
|
} |
|
1405
|
|
|
} |
|
1406
|
|
|
|
|
1407
|
|
|
?> |
SimpleMachines /
SMF2.1
Loading history...
