1 | <?php |
||||
2 | |||||
3 | /** |
||||
4 | * This file handles the uploading and creation of attachments |
||||
5 | * as well as the auto management of the attachment directories. |
||||
6 | * |
||||
7 | * Simple Machines Forum (SMF) |
||||
8 | * |
||||
9 | * @package SMF |
||||
10 | * @author Simple Machines https://www.simplemachines.org |
||||
11 | * @copyright 2022 Simple Machines and individual contributors |
||||
12 | * @license https://www.simplemachines.org/about/smf/license.php BSD |
||||
13 | * |
||||
14 | * @version 2.1.2 |
||||
15 | */ |
||||
16 | |||||
17 | if (!defined('SMF')) |
||||
18 | die('No direct access...'); |
||||
19 | |||||
20 | /** |
||||
21 | * Check if the current directory is still valid or not. |
||||
22 | * If not creates the new directory |
||||
23 | * |
||||
24 | * @return void|bool False if any error occurred |
||||
25 | */ |
||||
26 | function automanage_attachments_check_directory() |
||||
27 | { |
||||
28 | global $smcFunc, $boarddir, $modSettings, $context; |
||||
29 | |||||
30 | // Not pretty, but since we don't want folders created for every post. It'll do unless a better solution can be found. |
||||
31 | if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'admin') |
||||
32 | $doit = true; |
||||
33 | elseif (empty($modSettings['automanage_attachments'])) |
||||
34 | return; |
||||
35 | elseif (!isset($_FILES)) |
||||
36 | return; |
||||
37 | elseif (isset($_FILES['attachment'])) |
||||
38 | foreach ($_FILES['attachment']['tmp_name'] as $dummy) |
||||
39 | if (!empty($dummy)) |
||||
40 | { |
||||
41 | $doit = true; |
||||
42 | break; |
||||
43 | } |
||||
44 | |||||
45 | if (!isset($doit)) |
||||
46 | return; |
||||
47 | |||||
48 | $year = date('Y'); |
||||
49 | $month = date('m'); |
||||
50 | |||||
51 | $rand = md5(mt_rand()); |
||||
52 | $rand1 = $rand[1]; |
||||
53 | $rand = $rand[0]; |
||||
54 | |||||
55 | if (!empty($modSettings['attachment_basedirectories']) && !empty($modSettings['use_subdirectories_for_attachments'])) |
||||
56 | { |
||||
57 | if (!is_array($modSettings['attachment_basedirectories'])) |
||||
58 | $modSettings['attachment_basedirectories'] = $smcFunc['json_decode']($modSettings['attachment_basedirectories'], true); |
||||
59 | $base_dir = array_search($modSettings['basedirectory_for_attachments'], $modSettings['attachment_basedirectories']); |
||||
60 | } |
||||
61 | else |
||||
62 | $base_dir = 0; |
||||
63 | |||||
64 | if ($modSettings['automanage_attachments'] == 1) |
||||
65 | { |
||||
66 | if (!isset($modSettings['last_attachments_directory'])) |
||||
67 | $modSettings['last_attachments_directory'] = array(); |
||||
68 | if (!is_array($modSettings['last_attachments_directory'])) |
||||
69 | $modSettings['last_attachments_directory'] = $smcFunc['json_decode']($modSettings['last_attachments_directory'], true); |
||||
70 | if (!isset($modSettings['last_attachments_directory'][$base_dir])) |
||||
71 | $modSettings['last_attachments_directory'][$base_dir] = 0; |
||||
72 | } |
||||
73 | |||||
74 | $basedirectory = (!empty($modSettings['use_subdirectories_for_attachments']) ? ($modSettings['basedirectory_for_attachments']) : $boarddir); |
||||
75 | //Just to be sure: I don't want directory separators at the end |
||||
76 | $sep = (DIRECTORY_SEPARATOR === '\\') ? '\/' : DIRECTORY_SEPARATOR; |
||||
77 | $basedirectory = rtrim($basedirectory, $sep); |
||||
78 | |||||
79 | switch ($modSettings['automanage_attachments']) |
||||
80 | { |
||||
81 | case 1: |
||||
82 | $updir = $basedirectory . DIRECTORY_SEPARATOR . 'attachments_' . (isset($modSettings['last_attachments_directory'][$base_dir]) ? $modSettings['last_attachments_directory'][$base_dir] : 0); |
||||
83 | break; |
||||
84 | case 2: |
||||
85 | $updir = $basedirectory . DIRECTORY_SEPARATOR . $year; |
||||
86 | break; |
||||
87 | case 3: |
||||
88 | $updir = $basedirectory . DIRECTORY_SEPARATOR . $year . DIRECTORY_SEPARATOR . $month; |
||||
89 | break; |
||||
90 | case 4: |
||||
91 | $updir = $basedirectory . DIRECTORY_SEPARATOR . (empty($modSettings['use_subdirectories_for_attachments']) ? 'attachments-' : 'random_') . $rand; |
||||
92 | break; |
||||
93 | case 5: |
||||
94 | $updir = $basedirectory . DIRECTORY_SEPARATOR . (empty($modSettings['use_subdirectories_for_attachments']) ? 'attachments-' : 'random_') . $rand . DIRECTORY_SEPARATOR . $rand1; |
||||
95 | break; |
||||
96 | default : |
||||
97 | $updir = ''; |
||||
98 | } |
||||
99 | |||||
100 | if (!is_array($modSettings['attachmentUploadDir'])) |
||||
101 | $modSettings['attachmentUploadDir'] = $smcFunc['json_decode']($modSettings['attachmentUploadDir'], true); |
||||
102 | if (!in_array($updir, $modSettings['attachmentUploadDir']) && !empty($updir)) |
||||
103 | $outputCreation = automanage_attachments_create_directory($updir); |
||||
104 | elseif (in_array($updir, $modSettings['attachmentUploadDir'])) |
||||
105 | $outputCreation = true; |
||||
106 | |||||
107 | if ($outputCreation) |
||||
108 | { |
||||
109 | $modSettings['currentAttachmentUploadDir'] = array_search($updir, $modSettings['attachmentUploadDir']); |
||||
110 | $context['attach_dir'] = $modSettings['attachmentUploadDir'][$modSettings['currentAttachmentUploadDir']]; |
||||
111 | |||||
112 | updateSettings(array( |
||||
113 | 'currentAttachmentUploadDir' => $modSettings['currentAttachmentUploadDir'], |
||||
114 | )); |
||||
115 | } |
||||
116 | |||||
117 | return $outputCreation; |
||||
118 | } |
||||
119 | |||||
120 | /** |
||||
121 | * Creates a directory |
||||
122 | * |
||||
123 | * @param string $updir The directory to be created |
||||
124 | * |
||||
125 | * @return bool False on errors |
||||
126 | */ |
||||
127 | function automanage_attachments_create_directory($updir) |
||||
128 | { |
||||
129 | global $smcFunc, $modSettings, $context, $boarddir; |
||||
130 | |||||
131 | $tree = get_directory_tree_elements($updir); |
||||
132 | $count = count($tree); |
||||
133 | |||||
134 | $directory = attachments_init_dir($tree, $count); |
||||
135 | if ($directory === false) |
||||
136 | { |
||||
137 | // Maybe it's just the folder name |
||||
138 | $tree = get_directory_tree_elements($boarddir . DIRECTORY_SEPARATOR . $updir); |
||||
139 | $count = count($tree); |
||||
140 | |||||
141 | $directory = attachments_init_dir($tree, $count); |
||||
142 | if ($directory === false) |
||||
143 | return false; |
||||
144 | } |
||||
145 | |||||
146 | $directory .= DIRECTORY_SEPARATOR . array_shift($tree); |
||||
147 | |||||
148 | while ($count != -1) |
||||
149 | { |
||||
150 | if (is_path_allowed($directory) && !@is_dir($directory)) |
||||
151 | { |
||||
152 | if (!@mkdir($directory, 0755)) |
||||
153 | { |
||||
154 | $context['dir_creation_error'] = 'attachments_no_create'; |
||||
155 | return false; |
||||
156 | } |
||||
157 | } |
||||
158 | |||||
159 | $directory .= DIRECTORY_SEPARATOR . array_shift($tree); |
||||
160 | $count--; |
||||
161 | } |
||||
162 | |||||
163 | // Check if the dir is writable. |
||||
164 | if (!smf_chmod($directory)) |
||||
165 | { |
||||
166 | $context['dir_creation_error'] = 'attachments_no_write'; |
||||
167 | return false; |
||||
168 | } |
||||
169 | |||||
170 | // Everything seems fine...let's create the .htaccess |
||||
171 | if (!file_exists($directory . DIRECTORY_SEPARATOR . '.htaccess')) |
||||
172 | secureDirectory($updir, true); |
||||
173 | |||||
174 | $sep = (DIRECTORY_SEPARATOR === '\\') ? '\/' : DIRECTORY_SEPARATOR; |
||||
175 | $updir = rtrim($updir, $sep); |
||||
176 | |||||
177 | // Only update if it's a new directory |
||||
178 | if (!in_array($updir, $modSettings['attachmentUploadDir'])) |
||||
179 | { |
||||
180 | $modSettings['currentAttachmentUploadDir'] = max(array_keys($modSettings['attachmentUploadDir'])) + 1; |
||||
181 | $modSettings['attachmentUploadDir'][$modSettings['currentAttachmentUploadDir']] = $updir; |
||||
182 | |||||
183 | updateSettings(array( |
||||
184 | 'attachmentUploadDir' => $smcFunc['json_encode']($modSettings['attachmentUploadDir']), |
||||
185 | 'currentAttachmentUploadDir' => $modSettings['currentAttachmentUploadDir'], |
||||
186 | ), true); |
||||
187 | $modSettings['attachmentUploadDir'] = $smcFunc['json_decode']($modSettings['attachmentUploadDir'], true); |
||||
188 | } |
||||
189 | |||||
190 | $context['attach_dir'] = $modSettings['attachmentUploadDir'][$modSettings['currentAttachmentUploadDir']]; |
||||
191 | return true; |
||||
192 | } |
||||
193 | |||||
194 | /** |
||||
195 | * Check if open_basedir restrictions are in effect. |
||||
196 | * If so check if the path is allowed. |
||||
197 | * |
||||
198 | * @param string $path The path to check |
||||
199 | * |
||||
200 | * @return bool True if the path is allowed, false otherwise. |
||||
201 | */ |
||||
202 | function is_path_allowed($path) |
||||
203 | { |
||||
204 | $open_basedir = ini_get('open_basedir'); |
||||
205 | |||||
206 | if (empty($open_basedir)) |
||||
207 | return true; |
||||
208 | |||||
209 | $restricted_paths = explode(PATH_SEPARATOR, $open_basedir); |
||||
210 | |||||
211 | foreach ($restricted_paths as $restricted_path) |
||||
212 | { |
||||
213 | if (mb_strpos($path, $restricted_path) === 0) |
||||
214 | return true; |
||||
215 | } |
||||
216 | |||||
217 | return false; |
||||
218 | } |
||||
219 | |||||
220 | /** |
||||
221 | * Called when a directory space limit is reached. |
||||
222 | * Creates a new directory and increments the directory suffix number. |
||||
223 | * |
||||
224 | * @return void|bool False on errors, true if successful, nothing if auto-management of attachments is disabled |
||||
225 | */ |
||||
226 | function automanage_attachments_by_space() |
||||
227 | { |
||||
228 | global $smcFunc, $modSettings, $boarddir; |
||||
229 | |||||
230 | if (!isset($modSettings['automanage_attachments']) || (!empty($modSettings['automanage_attachments']) && $modSettings['automanage_attachments'] != 1)) |
||||
231 | return; |
||||
232 | |||||
233 | $basedirectory = !empty($modSettings['use_subdirectories_for_attachments']) ? $modSettings['basedirectory_for_attachments'] : $boarddir; |
||||
234 | // Just to be sure: I don't want directory separators at the end |
||||
235 | $sep = (DIRECTORY_SEPARATOR === '\\') ? '\/' : DIRECTORY_SEPARATOR; |
||||
236 | $basedirectory = rtrim($basedirectory, $sep); |
||||
237 | |||||
238 | // Get the current base directory |
||||
239 | if (!empty($modSettings['use_subdirectories_for_attachments']) && !empty($modSettings['attachment_basedirectories'])) |
||||
240 | { |
||||
241 | $base_dir = array_search($modSettings['basedirectory_for_attachments'], $modSettings['attachment_basedirectories']); |
||||
242 | $base_dir = !empty($modSettings['automanage_attachments']) ? $base_dir : 0; |
||||
243 | } |
||||
244 | else |
||||
245 | $base_dir = 0; |
||||
246 | |||||
247 | // Get the last attachment directory for that base directory |
||||
248 | if (empty($modSettings['last_attachments_directory'][$base_dir])) |
||||
249 | $modSettings['last_attachments_directory'][$base_dir] = 0; |
||||
250 | // And increment it. |
||||
251 | $modSettings['last_attachments_directory'][$base_dir]++; |
||||
252 | |||||
253 | $updir = $basedirectory . DIRECTORY_SEPARATOR . 'attachments_' . $modSettings['last_attachments_directory'][$base_dir]; |
||||
254 | if (automanage_attachments_create_directory($updir)) |
||||
255 | { |
||||
256 | $modSettings['currentAttachmentUploadDir'] = array_search($updir, $modSettings['attachmentUploadDir']); |
||||
257 | updateSettings(array( |
||||
258 | 'last_attachments_directory' => $smcFunc['json_encode']($modSettings['last_attachments_directory']), |
||||
259 | 'currentAttachmentUploadDir' => $modSettings['currentAttachmentUploadDir'], |
||||
260 | )); |
||||
261 | $modSettings['last_attachments_directory'] = $smcFunc['json_decode']($modSettings['last_attachments_directory'], true); |
||||
262 | |||||
263 | return true; |
||||
264 | } |
||||
265 | else |
||||
266 | return false; |
||||
267 | } |
||||
268 | |||||
269 | /** |
||||
270 | * Split a path into a list of all directories and subdirectories |
||||
271 | * |
||||
272 | * @param string $directory A path |
||||
273 | * |
||||
274 | * @return array|bool An array of all the directories and subdirectories or false on failure |
||||
275 | */ |
||||
276 | function get_directory_tree_elements($directory) |
||||
277 | { |
||||
278 | /* |
||||
279 | In Windows server both \ and / can be used as directory separators in paths |
||||
280 | In Linux (and presumably *nix) servers \ can be part of the name |
||||
281 | So for this reasons: |
||||
282 | * in Windows we need to explode for both \ and / |
||||
283 | * while in linux should be safe to explode only for / (aka DIRECTORY_SEPARATOR) |
||||
284 | */ |
||||
285 | if (DIRECTORY_SEPARATOR === '\\') |
||||
286 | $tree = preg_split('#[\\\/]#', $directory); |
||||
287 | else |
||||
288 | { |
||||
289 | if (substr($directory, 0, 1) != DIRECTORY_SEPARATOR) |
||||
290 | return false; |
||||
291 | |||||
292 | $tree = explode(DIRECTORY_SEPARATOR, trim($directory, DIRECTORY_SEPARATOR)); |
||||
293 | } |
||||
294 | return $tree; |
||||
295 | } |
||||
296 | |||||
297 | /** |
||||
298 | * Return the first part of a path (i.e. c:\ or / + the first directory), used by automanage_attachments_create_directory |
||||
299 | * |
||||
300 | * @param array $tree An array |
||||
301 | * @param int $count The number of elements in $tree |
||||
302 | * |
||||
303 | * @return string|bool The first part of the path or false on error |
||||
304 | */ |
||||
305 | function attachments_init_dir(&$tree, &$count) |
||||
306 | { |
||||
307 | $directory = ''; |
||||
308 | // If on Windows servers the first part of the path is the drive (e.g. "C:") |
||||
309 | if (DIRECTORY_SEPARATOR === '\\') |
||||
310 | { |
||||
311 | //Better be sure that the first part of the path is actually a drive letter... |
||||
312 | //...even if, I should check this in the admin page...isn't it? |
||||
313 | //...NHAAA Let's leave space for users' complains! :P |
||||
314 | if (preg_match('/^[a-z]:$/i', $tree[0])) |
||||
315 | $directory = array_shift($tree); |
||||
316 | else |
||||
317 | return false; |
||||
318 | |||||
319 | $count--; |
||||
320 | } |
||||
321 | return $directory; |
||||
322 | } |
||||
323 | |||||
324 | /** |
||||
325 | * Moves an attachment to the proper directory and set the relevant data into $_SESSION['temp_attachments'] |
||||
326 | */ |
||||
327 | function processAttachments() |
||||
328 | { |
||||
329 | global $context, $modSettings, $smcFunc, $txt, $user_info; |
||||
330 | |||||
331 | // Make sure we're uploading to the right place. |
||||
332 | if (!empty($modSettings['automanage_attachments'])) |
||||
333 | automanage_attachments_check_directory(); |
||||
334 | |||||
335 | if (!is_array($modSettings['attachmentUploadDir'])) |
||||
336 | $modSettings['attachmentUploadDir'] = $smcFunc['json_decode']($modSettings['attachmentUploadDir'], true); |
||||
337 | |||||
338 | $context['attach_dir'] = $modSettings['attachmentUploadDir'][$modSettings['currentAttachmentUploadDir']]; |
||||
339 | |||||
340 | // Is the attachments folder actualy there? |
||||
341 | if (!empty($context['dir_creation_error'])) |
||||
342 | $initial_error = $context['dir_creation_error']; |
||||
343 | elseif (!is_dir($context['attach_dir'])) |
||||
344 | { |
||||
345 | $initial_error = 'attach_folder_warning'; |
||||
346 | log_error(sprintf($txt['attach_folder_admin_warning'], $context['attach_dir']), 'critical'); |
||||
347 | } |
||||
348 | |||||
349 | if (!isset($initial_error) && !isset($context['attachments'])) |
||||
350 | { |
||||
351 | // If this isn't a new post, check the current attachments. |
||||
352 | if (isset($_REQUEST['msg'])) |
||||
353 | { |
||||
354 | $request = $smcFunc['db_query']('', ' |
||||
355 | SELECT COUNT(*), SUM(size) |
||||
356 | FROM {db_prefix}attachments |
||||
357 | WHERE id_msg = {int:id_msg} |
||||
358 | AND attachment_type = {int:attachment_type}', |
||||
359 | array( |
||||
360 | 'id_msg' => (int) $_REQUEST['msg'], |
||||
361 | 'attachment_type' => 0, |
||||
362 | ) |
||||
363 | ); |
||||
364 | list ($context['attachments']['quantity'], $context['attachments']['total_size']) = $smcFunc['db_fetch_row']($request); |
||||
365 | $smcFunc['db_free_result']($request); |
||||
366 | } |
||||
367 | else |
||||
368 | $context['attachments'] = array( |
||||
369 | 'quantity' => 0, |
||||
370 | 'total_size' => 0, |
||||
371 | ); |
||||
372 | } |
||||
373 | |||||
374 | // Hmm. There are still files in session. |
||||
375 | $ignore_temp = false; |
||||
376 | if (!empty($_SESSION['temp_attachments']['post']['files']) && count($_SESSION['temp_attachments']) > 1) |
||||
377 | { |
||||
378 | // Let's try to keep them. But... |
||||
379 | $ignore_temp = true; |
||||
380 | // If new files are being added. We can't ignore those |
||||
381 | foreach ($_FILES['attachment']['tmp_name'] as $dummy) |
||||
382 | if (!empty($dummy)) |
||||
383 | { |
||||
384 | $ignore_temp = false; |
||||
385 | break; |
||||
386 | } |
||||
387 | |||||
388 | // Need to make space for the new files. So, bye bye. |
||||
389 | if (!$ignore_temp) |
||||
390 | { |
||||
391 | foreach ($_SESSION['temp_attachments'] as $attachID => $attachment) |
||||
392 | if (strpos($attachID, 'post_tmp_' . $user_info['id']) !== false) |
||||
393 | unlink($attachment['tmp_name']); |
||||
394 | |||||
395 | $context['we_are_history'] = $txt['error_temp_attachments_flushed']; |
||||
396 | $_SESSION['temp_attachments'] = array(); |
||||
397 | } |
||||
398 | } |
||||
399 | |||||
400 | if (!isset($_FILES['attachment']['name'])) |
||||
401 | $_FILES['attachment']['tmp_name'] = array(); |
||||
402 | |||||
403 | if (!isset($_SESSION['temp_attachments'])) |
||||
404 | $_SESSION['temp_attachments'] = array(); |
||||
405 | |||||
406 | // Remember where we are at. If it's anywhere at all. |
||||
407 | if (!$ignore_temp) |
||||
408 | $_SESSION['temp_attachments']['post'] = array( |
||||
409 | 'msg' => !empty($_REQUEST['msg']) ? $_REQUEST['msg'] : 0, |
||||
410 | 'last_msg' => !empty($_REQUEST['last_msg']) ? $_REQUEST['last_msg'] : 0, |
||||
411 | 'topic' => !empty($topic) ? $topic : 0, |
||||
412 | 'board' => !empty($board) ? $board : 0, |
||||
413 | ); |
||||
414 | |||||
415 | // If we have an initial error, lets just display it. |
||||
416 | if (!empty($initial_error)) |
||||
417 | { |
||||
418 | $_SESSION['temp_attachments']['initial_error'] = $initial_error; |
||||
419 | |||||
420 | // And delete the files 'cos they ain't going nowhere. |
||||
421 | foreach ($_FILES['attachment']['tmp_name'] as $n => $dummy) |
||||
422 | if (file_exists($_FILES['attachment']['tmp_name'][$n])) |
||||
423 | unlink($_FILES['attachment']['tmp_name'][$n]); |
||||
424 | |||||
425 | $_FILES['attachment']['tmp_name'] = array(); |
||||
426 | } |
||||
427 | |||||
428 | // Loop through $_FILES['attachment'] array and move each file to the current attachments folder. |
||||
429 | foreach ($_FILES['attachment']['tmp_name'] as $n => $dummy) |
||||
430 | { |
||||
431 | if ($_FILES['attachment']['name'][$n] == '') |
||||
432 | continue; |
||||
433 | |||||
434 | // First, let's first check for PHP upload errors. |
||||
435 | $errors = array(); |
||||
436 | if (!empty($_FILES['attachment']['error'][$n])) |
||||
437 | { |
||||
438 | if ($_FILES['attachment']['error'][$n] == 2) |
||||
439 | $errors[] = array('file_too_big', array($modSettings['attachmentSizeLimit'])); |
||||
440 | elseif ($_FILES['attachment']['error'][$n] == 6) |
||||
441 | log_error($_FILES['attachment']['name'][$n] . ': ' . $txt['php_upload_error_6'], 'critical'); |
||||
442 | else |
||||
443 | log_error($_FILES['attachment']['name'][$n] . ': ' . $txt['php_upload_error_' . $_FILES['attachment']['error'][$n]]); |
||||
444 | if (empty($errors)) |
||||
445 | $errors[] = 'attach_php_error'; |
||||
446 | } |
||||
447 | |||||
448 | // Try to move and rename the file before doing any more checks on it. |
||||
449 | $attachID = 'post_tmp_' . $user_info['id'] . '_' . md5(mt_rand()); |
||||
450 | $destName = $context['attach_dir'] . '/' . $attachID; |
||||
451 | if (empty($errors)) |
||||
452 | { |
||||
453 | // The reported MIME type of the attachment might not be reliable. |
||||
454 | $detected_mime_type = get_mime_type($_FILES['attachment']['tmp_name'][$n], true); |
||||
455 | if ($detected_mime_type !== false) |
||||
456 | $_FILES['attachment']['type'][$n] = $detected_mime_type; |
||||
457 | |||||
458 | $_SESSION['temp_attachments'][$attachID] = array( |
||||
459 | 'name' => $smcFunc['htmlspecialchars'](basename($_FILES['attachment']['name'][$n])), |
||||
460 | 'tmp_name' => $destName, |
||||
461 | 'size' => $_FILES['attachment']['size'][$n], |
||||
462 | 'type' => $_FILES['attachment']['type'][$n], |
||||
463 | 'id_folder' => $modSettings['currentAttachmentUploadDir'], |
||||
464 | 'errors' => array(), |
||||
465 | ); |
||||
466 | |||||
467 | // Move the file to the attachments folder with a temp name for now. |
||||
468 | if (@move_uploaded_file($_FILES['attachment']['tmp_name'][$n], $destName)) |
||||
469 | smf_chmod($destName, 0644); |
||||
470 | else |
||||
471 | { |
||||
472 | $_SESSION['temp_attachments'][$attachID]['errors'][] = 'attach_timeout'; |
||||
473 | if (file_exists($_FILES['attachment']['tmp_name'][$n])) |
||||
474 | unlink($_FILES['attachment']['tmp_name'][$n]); |
||||
475 | } |
||||
476 | } |
||||
477 | else |
||||
478 | { |
||||
479 | $_SESSION['temp_attachments'][$attachID] = array( |
||||
480 | 'name' => $smcFunc['htmlspecialchars'](basename($_FILES['attachment']['name'][$n])), |
||||
481 | 'tmp_name' => $destName, |
||||
482 | 'errors' => $errors, |
||||
483 | ); |
||||
484 | |||||
485 | if (file_exists($_FILES['attachment']['tmp_name'][$n])) |
||||
486 | unlink($_FILES['attachment']['tmp_name'][$n]); |
||||
487 | } |
||||
488 | // If there's no errors to this point. We still do need to apply some additional checks before we are finished. |
||||
489 | if (empty($_SESSION['temp_attachments'][$attachID]['errors'])) |
||||
490 | attachmentChecks($attachID); |
||||
0 ignored issues
–
show
Bug
introduced
by
Loading history...
|
|||||
491 | } |
||||
492 | // Mod authors, finally a hook to hang an alternate attachment upload system upon |
||||
493 | // Upload to the current attachment folder with the file name $attachID or 'post_tmp_' . $user_info['id'] . '_' . md5(mt_rand()) |
||||
494 | // Populate $_SESSION['temp_attachments'][$attachID] with the following: |
||||
495 | // name => The file name |
||||
496 | // tmp_name => Path to the temp file ($context['attach_dir'] . '/' . $attachID). |
||||
497 | // size => File size (required). |
||||
498 | // type => MIME type (optional if not available on upload). |
||||
499 | // id_folder => $modSettings['currentAttachmentUploadDir'] |
||||
500 | // errors => An array of errors (use the index of the $txt variable for that error). |
||||
501 | // Template changes can be done using "integrate_upload_template". |
||||
502 | call_integration_hook('integrate_attachment_upload', array()); |
||||
503 | } |
||||
504 | |||||
505 | /** |
||||
506 | * Performs various checks on an uploaded file. |
||||
507 | * - Requires that $_SESSION['temp_attachments'][$attachID] be properly populated. |
||||
508 | * |
||||
509 | * @param int $attachID The ID of the attachment |
||||
510 | * @return bool Whether the attachment is OK |
||||
511 | */ |
||||
512 | function attachmentChecks($attachID) |
||||
513 | { |
||||
514 | global $modSettings, $context, $sourcedir, $smcFunc; |
||||
515 | |||||
516 | // No data or missing data .... Not necessarily needed, but in case a mod author missed something. |
||||
517 | if (empty($_SESSION['temp_attachments'][$attachID])) |
||||
518 | $error = '$_SESSION[\'temp_attachments\'][$attachID]'; |
||||
519 | |||||
520 | elseif (empty($attachID)) |
||||
521 | $error = '$attachID'; |
||||
522 | |||||
523 | elseif (empty($context['attachments'])) |
||||
524 | $error = '$context[\'attachments\']'; |
||||
525 | |||||
526 | elseif (empty($context['attach_dir'])) |
||||
527 | $error = '$context[\'attach_dir\']'; |
||||
528 | |||||
529 | // Let's get their attention. |
||||
530 | if (!empty($error)) |
||||
531 | fatal_lang_error('attach_check_nag', 'debug', array($error)); |
||||
532 | |||||
533 | // Just in case this slipped by the first checks, we stop it here and now |
||||
534 | if ($_SESSION['temp_attachments'][$attachID]['size'] == 0) |
||||
535 | { |
||||
536 | $_SESSION['temp_attachments'][$attachID]['errors'][] = 'attach_0_byte_file'; |
||||
537 | return false; |
||||
538 | } |
||||
539 | |||||
540 | // First, the dreaded security check. Sorry folks, but this shouldn't be avoided. |
||||
541 | $size = @getimagesize($_SESSION['temp_attachments'][$attachID]['tmp_name']); |
||||
542 | if (is_array($size) && isset($size[2], $context['valid_image_types'][$size[2]])) |
||||
543 | { |
||||
544 | require_once($sourcedir . '/Subs-Graphics.php'); |
||||
545 | if (!checkImageContents($_SESSION['temp_attachments'][$attachID]['tmp_name'], !empty($modSettings['attachment_image_paranoid']))) |
||||
546 | { |
||||
547 | // It's bad. Last chance, maybe we can re-encode it? |
||||
548 | if (empty($modSettings['attachment_image_reencode']) || (!reencodeImage($_SESSION['temp_attachments'][$attachID]['tmp_name'], $size[2]))) |
||||
549 | { |
||||
550 | // Nothing to do: not allowed or not successful re-encoding it. |
||||
551 | $_SESSION['temp_attachments'][$attachID]['errors'][] = 'bad_attachment'; |
||||
552 | return false; |
||||
553 | } |
||||
554 | // Success! However, successes usually come for a price: |
||||
555 | // we might get a new format for our image... |
||||
556 | $old_format = $size[2]; |
||||
557 | $size = @getimagesize($_SESSION['temp_attachments'][$attachID]['tmp_name']); |
||||
558 | if (!(empty($size)) && ($size[2] != $old_format)) |
||||
559 | $_SESSION['temp_attachments'][$attachID]['type'] = 'image/' . $context['valid_image_types'][$size[2]]; |
||||
560 | } |
||||
561 | } |
||||
562 | |||||
563 | // Is there room for this sucker? |
||||
564 | if (!empty($modSettings['attachmentDirSizeLimit']) || !empty($modSettings['attachmentDirFileLimit'])) |
||||
565 | { |
||||
566 | // Check the folder size and count. If it hasn't been done already. |
||||
567 | if (empty($context['dir_size']) || empty($context['dir_files'])) |
||||
568 | { |
||||
569 | $request = $smcFunc['db_query']('', ' |
||||
570 | SELECT COUNT(*), SUM(size) |
||||
571 | FROM {db_prefix}attachments |
||||
572 | WHERE id_folder = {int:folder_id} |
||||
573 | AND attachment_type != {int:type}', |
||||
574 | array( |
||||
575 | 'folder_id' => $modSettings['currentAttachmentUploadDir'], |
||||
576 | 'type' => 1, |
||||
577 | ) |
||||
578 | ); |
||||
579 | list ($context['dir_files'], $context['dir_size']) = $smcFunc['db_fetch_row']($request); |
||||
580 | $smcFunc['db_free_result']($request); |
||||
581 | } |
||||
582 | $context['dir_size'] += $_SESSION['temp_attachments'][$attachID]['size']; |
||||
583 | $context['dir_files']++; |
||||
584 | |||||
585 | // Are we about to run out of room? Let's notify the admin then. |
||||
586 | if (empty($modSettings['attachment_full_notified']) && !empty($modSettings['attachmentDirSizeLimit']) && $modSettings['attachmentDirSizeLimit'] > 4000 && $context['dir_size'] > ($modSettings['attachmentDirSizeLimit'] - 2000) * 1024 |
||||
587 | || (!empty($modSettings['attachmentDirFileLimit']) && $modSettings['attachmentDirFileLimit'] * .95 < $context['dir_files'] && $modSettings['attachmentDirFileLimit'] > 500)) |
||||
588 | { |
||||
589 | require_once($sourcedir . '/Subs-Admin.php'); |
||||
590 | emailAdmins('admin_attachments_full'); |
||||
591 | updateSettings(array('attachment_full_notified' => 1)); |
||||
592 | } |
||||
593 | |||||
594 | // // No room left.... What to do now??? |
||||
595 | if (!empty($modSettings['attachmentDirFileLimit']) && $context['dir_files'] > $modSettings['attachmentDirFileLimit'] |
||||
596 | || (!empty($modSettings['attachmentDirSizeLimit']) && $context['dir_size'] > $modSettings['attachmentDirSizeLimit'] * 1024)) |
||||
597 | { |
||||
598 | if (!empty($modSettings['automanage_attachments']) && $modSettings['automanage_attachments'] == 1) |
||||
599 | { |
||||
600 | // Move it to the new folder if we can. |
||||
601 | if (automanage_attachments_by_space()) |
||||
602 | { |
||||
603 | rename($_SESSION['temp_attachments'][$attachID]['tmp_name'], $context['attach_dir'] . '/' . $attachID); |
||||
604 | $_SESSION['temp_attachments'][$attachID]['tmp_name'] = $context['attach_dir'] . '/' . $attachID; |
||||
605 | $_SESSION['temp_attachments'][$attachID]['id_folder'] = $modSettings['currentAttachmentUploadDir']; |
||||
606 | $context['dir_size'] = 0; |
||||
607 | $context['dir_files'] = 0; |
||||
608 | } |
||||
609 | // Or, let the user know that it ain't gonna happen. |
||||
610 | else |
||||
611 | { |
||||
612 | if (isset($context['dir_creation_error'])) |
||||
613 | $_SESSION['temp_attachments'][$attachID]['errors'][] = $context['dir_creation_error']; |
||||
614 | else |
||||
615 | $_SESSION['temp_attachments'][$attachID]['errors'][] = 'ran_out_of_space'; |
||||
616 | } |
||||
617 | } |
||||
618 | else |
||||
619 | $_SESSION['temp_attachments'][$attachID]['errors'][] = 'ran_out_of_space'; |
||||
620 | } |
||||
621 | } |
||||
622 | |||||
623 | // Is the file too big? |
||||
624 | $context['attachments']['total_size'] += $_SESSION['temp_attachments'][$attachID]['size']; |
||||
625 | if (!empty($modSettings['attachmentSizeLimit']) && $_SESSION['temp_attachments'][$attachID]['size'] > $modSettings['attachmentSizeLimit'] * 1024) |
||||
626 | $_SESSION['temp_attachments'][$attachID]['errors'][] = array('file_too_big', array(comma_format($modSettings['attachmentSizeLimit'], 0))); |
||||
627 | |||||
628 | // Check the total upload size for this post... |
||||
629 | if (!empty($modSettings['attachmentPostLimit']) && $context['attachments']['total_size'] > $modSettings['attachmentPostLimit'] * 1024) |
||||
630 | $_SESSION['temp_attachments'][$attachID]['errors'][] = array('attach_max_total_file_size', array(comma_format($modSettings['attachmentPostLimit'], 0), comma_format($modSettings['attachmentPostLimit'] - (($context['attachments']['total_size'] - $_SESSION['temp_attachments'][$attachID]['size']) / 1024), 0))); |
||||
631 | |||||
632 | // Have we reached the maximum number of files we are allowed? |
||||
633 | $context['attachments']['quantity']++; |
||||
634 | |||||
635 | // Set a max limit if none exists |
||||
636 | if (empty($modSettings['attachmentNumPerPostLimit']) && $context['attachments']['quantity'] >= 50) |
||||
637 | $modSettings['attachmentNumPerPostLimit'] = 50; |
||||
638 | |||||
639 | if (!empty($modSettings['attachmentNumPerPostLimit']) && $context['attachments']['quantity'] > $modSettings['attachmentNumPerPostLimit']) |
||||
640 | $_SESSION['temp_attachments'][$attachID]['errors'][] = array('attachments_limit_per_post', array($modSettings['attachmentNumPerPostLimit'])); |
||||
641 | |||||
642 | // File extension check |
||||
643 | if (!empty($modSettings['attachmentCheckExtensions'])) |
||||
644 | { |
||||
645 | $allowed = explode(',', strtolower($modSettings['attachmentExtensions'])); |
||||
646 | foreach ($allowed as $k => $dummy) |
||||
647 | $allowed[$k] = trim($dummy); |
||||
648 | |||||
649 | if (!in_array(strtolower(substr(strrchr($_SESSION['temp_attachments'][$attachID]['name'], '.'), 1)), $allowed)) |
||||
650 | { |
||||
651 | $allowed_extensions = strtr(strtolower($modSettings['attachmentExtensions']), array(',' => ', ')); |
||||
652 | $_SESSION['temp_attachments'][$attachID]['errors'][] = array('cant_upload_type', array($allowed_extensions)); |
||||
653 | } |
||||
654 | } |
||||
655 | |||||
656 | // Undo the math if there's an error |
||||
657 | if (!empty($_SESSION['temp_attachments'][$attachID]['errors'])) |
||||
658 | { |
||||
659 | if (isset($context['dir_size'])) |
||||
660 | $context['dir_size'] -= $_SESSION['temp_attachments'][$attachID]['size']; |
||||
661 | if (isset($context['dir_files'])) |
||||
662 | $context['dir_files']--; |
||||
663 | $context['attachments']['total_size'] -= $_SESSION['temp_attachments'][$attachID]['size']; |
||||
664 | $context['attachments']['quantity']--; |
||||
665 | return false; |
||||
666 | } |
||||
667 | |||||
668 | return true; |
||||
669 | } |
||||
670 | |||||
671 | /** |
||||
672 | * Create an attachment, with the given array of parameters. |
||||
673 | * - Adds any additional or missing parameters to $attachmentOptions. |
||||
674 | * - Renames the temporary file. |
||||
675 | * - Creates a thumbnail if the file is an image and the option enabled. |
||||
676 | * |
||||
677 | * @param array $attachmentOptions An array of attachment options |
||||
678 | * @return bool Whether the attachment was created successfully |
||||
679 | */ |
||||
680 | function createAttachment(&$attachmentOptions) |
||||
681 | { |
||||
682 | global $modSettings, $sourcedir, $smcFunc, $context, $txt; |
||||
683 | |||||
684 | require_once($sourcedir . '/Subs-Graphics.php'); |
||||
685 | |||||
686 | // If this is an image we need to set a few additional parameters. |
||||
687 | $size = @getimagesize($attachmentOptions['tmp_name']); |
||||
688 | list ($attachmentOptions['width'], $attachmentOptions['height']) = $size; |
||||
689 | |||||
690 | if (function_exists('exif_read_data') && ($exif_data = @exif_read_data($attachmentOptions['tmp_name'])) !== false && !empty($exif_data['Orientation'])) |
||||
691 | if (in_array($exif_data['Orientation'], [5, 6, 7, 8])) |
||||
692 | { |
||||
693 | $new_width = $attachmentOptions['height']; |
||||
694 | $new_height = $attachmentOptions['width']; |
||||
695 | $attachmentOptions['width'] = $new_width; |
||||
696 | $attachmentOptions['height'] = $new_height; |
||||
697 | } |
||||
698 | |||||
699 | // If it's an image get the mime type right. |
||||
700 | if (empty($attachmentOptions['mime_type']) && $attachmentOptions['width']) |
||||
701 | { |
||||
702 | // Got a proper mime type? |
||||
703 | if (!empty($size['mime'])) |
||||
704 | $attachmentOptions['mime_type'] = $size['mime']; |
||||
705 | |||||
706 | // Otherwise a valid one? |
||||
707 | elseif (isset($context['valid_image_types'][$size[2]])) |
||||
708 | $attachmentOptions['mime_type'] = 'image/' . $context['valid_image_types'][$size[2]]; |
||||
709 | } |
||||
710 | |||||
711 | // It is possible we might have a MIME type that isn't actually an image but still have a size. |
||||
712 | // For example, Shockwave files will be able to return size but be 'application/shockwave' or similar. |
||||
713 | if (!empty($attachmentOptions['mime_type']) && strpos($attachmentOptions['mime_type'], 'image/') !== 0) |
||||
714 | { |
||||
715 | $attachmentOptions['width'] = 0; |
||||
716 | $attachmentOptions['height'] = 0; |
||||
717 | } |
||||
718 | |||||
719 | // Get the hash if no hash has been given yet. |
||||
720 | if (empty($attachmentOptions['file_hash'])) |
||||
721 | $attachmentOptions['file_hash'] = getAttachmentFilename($attachmentOptions['name'], false, null, true); |
||||
0 ignored issues
–
show
false of type false is incompatible with the type integer expected by parameter $attachment_id of getAttachmentFilename() .
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
Loading history...
|
|||||
722 | |||||
723 | // Assuming no-one set the extension let's take a look at it. |
||||
724 | if (empty($attachmentOptions['fileext'])) |
||||
725 | { |
||||
726 | $attachmentOptions['fileext'] = strtolower(strrpos($attachmentOptions['name'], '.') !== false ? substr($attachmentOptions['name'], strrpos($attachmentOptions['name'], '.') + 1) : ''); |
||||
727 | if (strlen($attachmentOptions['fileext']) > 8 || '.' . $attachmentOptions['fileext'] == $attachmentOptions['name']) |
||||
728 | $attachmentOptions['fileext'] = ''; |
||||
729 | } |
||||
730 | |||||
731 | // This defines which options to use for which columns in the insert query. |
||||
732 | // Mods using the hook can add columns and even change the properties of existing columns, |
||||
733 | // but if they delete one of these columns, it will be reset to the default defined here. |
||||
734 | $attachmentStandardInserts = $attachmentInserts = array( |
||||
735 | // Format: 'column' => array('type', 'option') |
||||
736 | 'id_folder' => array('int', 'id_folder'), |
||||
737 | 'id_msg' => array('int', 'post'), |
||||
738 | 'filename' => array('string-255', 'name'), |
||||
739 | 'file_hash' => array('string-40', 'file_hash'), |
||||
740 | 'fileext' => array('string-8', 'fileext'), |
||||
741 | 'size' => array('int', 'size'), |
||||
742 | 'width' => array('int', 'width'), |
||||
743 | 'height' => array('int', 'height'), |
||||
744 | 'mime_type' => array('string-20', 'mime_type'), |
||||
745 | 'approved' => array('int', 'approved'), |
||||
746 | ); |
||||
747 | |||||
748 | // Last chance to change stuff! |
||||
749 | call_integration_hook('integrate_createAttachment', array(&$attachmentOptions, &$attachmentInserts)); |
||||
750 | |||||
751 | // Make sure the folder is valid... |
||||
752 | $tmp = is_array($modSettings['attachmentUploadDir']) ? $modSettings['attachmentUploadDir'] : $smcFunc['json_decode']($modSettings['attachmentUploadDir'], true); |
||||
753 | $folders = array_keys($tmp); |
||||
754 | if (empty($attachmentOptions['id_folder']) || !in_array($attachmentOptions['id_folder'], $folders)) |
||||
755 | $attachmentOptions['id_folder'] = $modSettings['currentAttachmentUploadDir']; |
||||
756 | |||||
757 | // Make sure all required columns are present, in case a mod screwed up. |
||||
758 | foreach ($attachmentStandardInserts as $column => $insert_info) |
||||
759 | if (!isset($attachmentInserts[$column])) |
||||
760 | $attachmentInserts[$column] = $insert_info; |
||||
761 | |||||
762 | // Set up the columns and values to insert, in the correct order. |
||||
763 | $attachmentColumns = array(); |
||||
764 | $attachmentValues = array(); |
||||
765 | foreach ($attachmentInserts as $column => $insert_info) |
||||
766 | { |
||||
767 | $attachmentColumns[$column] = $insert_info[0]; |
||||
768 | |||||
769 | if (!empty($insert_info[0]) && $insert_info[0] == 'int') |
||||
770 | $attachmentValues[] = (int) $attachmentOptions[$insert_info[1]]; |
||||
771 | else |
||||
772 | $attachmentValues[] = $attachmentOptions[$insert_info[1]]; |
||||
773 | } |
||||
774 | |||||
775 | // Create the attachment in the database. |
||||
776 | $attachmentOptions['id'] = $smcFunc['db_insert']('', |
||||
777 | '{db_prefix}attachments', |
||||
778 | $attachmentColumns, |
||||
779 | $attachmentValues, |
||||
780 | array('id_attach'), |
||||
781 | 1 |
||||
782 | ); |
||||
783 | |||||
784 | // Attachment couldn't be created. |
||||
785 | if (empty($attachmentOptions['id'])) |
||||
786 | { |
||||
787 | loadLanguage('Errors'); |
||||
788 | log_error($txt['attachment_not_created'], 'general'); |
||||
789 | return false; |
||||
790 | } |
||||
791 | |||||
792 | // Now that we have the attach id, let's rename this sucker and finish up. |
||||
793 | $attachmentOptions['destination'] = getAttachmentFilename(basename($attachmentOptions['name']), $attachmentOptions['id'], $attachmentOptions['id_folder'], false, $attachmentOptions['file_hash']); |
||||
794 | rename($attachmentOptions['tmp_name'], $attachmentOptions['destination']); |
||||
795 | |||||
796 | // If it's not approved then add to the approval queue. |
||||
797 | if (!$attachmentOptions['approved']) |
||||
798 | { |
||||
799 | $smcFunc['db_insert']('', |
||||
800 | '{db_prefix}approval_queue', |
||||
801 | array( |
||||
802 | 'id_attach' => 'int', 'id_msg' => 'int', |
||||
803 | ), |
||||
804 | array( |
||||
805 | $attachmentOptions['id'], (int) $attachmentOptions['post'], |
||||
806 | ), |
||||
807 | array() |
||||
808 | ); |
||||
809 | |||||
810 | // Queue background notification task. |
||||
811 | $smcFunc['db_insert']( |
||||
812 | 'insert', |
||||
813 | '{db_prefix}background_tasks', |
||||
814 | array( |
||||
815 | 'task_file' => 'string', |
||||
816 | 'task_class' => 'string', |
||||
817 | 'task_data' => 'string', |
||||
818 | 'claimed_time' => 'int' |
||||
819 | ), |
||||
820 | array( |
||||
821 | '$sourcedir/tasks/CreateAttachment-Notify.php', |
||||
822 | 'CreateAttachment_Notify_Background', |
||||
823 | $smcFunc['json_encode']( |
||||
824 | array( |
||||
825 | 'id' => $attachmentOptions['id'], |
||||
826 | ) |
||||
827 | ), |
||||
828 | 0 |
||||
829 | ), |
||||
830 | array( |
||||
831 | 'id_task' |
||||
832 | ) |
||||
833 | ); |
||||
834 | } |
||||
835 | |||||
836 | if (empty($modSettings['attachmentThumbnails']) || (empty($attachmentOptions['width']) && empty($attachmentOptions['height']))) |
||||
837 | return true; |
||||
838 | |||||
839 | // Like thumbnails, do we? |
||||
840 | if (!empty($modSettings['attachmentThumbWidth']) && !empty($modSettings['attachmentThumbHeight']) && ($attachmentOptions['width'] > $modSettings['attachmentThumbWidth'] || $attachmentOptions['height'] > $modSettings['attachmentThumbHeight'])) |
||||
841 | { |
||||
842 | if (createThumbnail($attachmentOptions['destination'], $modSettings['attachmentThumbWidth'], $modSettings['attachmentThumbHeight'])) |
||||
843 | { |
||||
844 | // Figure out how big we actually made it. |
||||
845 | $size = @getimagesize($attachmentOptions['destination'] . '_thumb'); |
||||
846 | list ($thumb_width, $thumb_height) = $size; |
||||
847 | |||||
848 | if (!empty($size['mime'])) |
||||
849 | $thumb_mime = $size['mime']; |
||||
850 | elseif (isset($context['valid_image_types'][$size[2]])) |
||||
851 | $thumb_mime = 'image/' . $context['valid_image_types'][$size[2]]; |
||||
852 | // Lord only knows how this happened... |
||||
853 | else |
||||
854 | $thumb_mime = ''; |
||||
855 | |||||
856 | $thumb_filename = $attachmentOptions['name'] . '_thumb'; |
||||
857 | $thumb_size = filesize($attachmentOptions['destination'] . '_thumb'); |
||||
858 | $thumb_file_hash = getAttachmentFilename($thumb_filename, false, null, true); |
||||
859 | $thumb_path = $attachmentOptions['destination'] . '_thumb'; |
||||
860 | |||||
861 | // We should check the file size and count here since thumbs are added to the existing totals. |
||||
862 | if (!empty($modSettings['automanage_attachments']) && $modSettings['automanage_attachments'] == 1 && !empty($modSettings['attachmentDirSizeLimit']) || !empty($modSettings['attachmentDirFileLimit'])) |
||||
863 | { |
||||
864 | $context['dir_size'] = isset($context['dir_size']) ? $context['dir_size'] += $thumb_size : $context['dir_size'] = 0; |
||||
865 | $context['dir_files'] = isset($context['dir_files']) ? $context['dir_files']++ : $context['dir_files'] = 0; |
||||
866 | |||||
867 | // If the folder is full, try to create a new one and move the thumb to it. |
||||
868 | if ($context['dir_size'] > $modSettings['attachmentDirSizeLimit'] * 1024 || $context['dir_files'] + 2 > $modSettings['attachmentDirFileLimit']) |
||||
869 | { |
||||
870 | if (automanage_attachments_by_space()) |
||||
871 | { |
||||
872 | rename($thumb_path, $context['attach_dir'] . '/' . $thumb_filename); |
||||
873 | $thumb_path = $context['attach_dir'] . '/' . $thumb_filename; |
||||
874 | $context['dir_size'] = 0; |
||||
875 | $context['dir_files'] = 0; |
||||
876 | } |
||||
877 | } |
||||
878 | } |
||||
879 | // If a new folder has been already created. Gotta move this thumb there then. |
||||
880 | if ($modSettings['currentAttachmentUploadDir'] != $attachmentOptions['id_folder']) |
||||
881 | { |
||||
882 | rename($thumb_path, $context['attach_dir'] . '/' . $thumb_filename); |
||||
883 | $thumb_path = $context['attach_dir'] . '/' . $thumb_filename; |
||||
884 | } |
||||
885 | |||||
886 | // To the database we go! |
||||
887 | $attachmentOptions['thumb'] = $smcFunc['db_insert']('', |
||||
888 | '{db_prefix}attachments', |
||||
889 | array( |
||||
890 | 'id_folder' => 'int', 'id_msg' => 'int', 'attachment_type' => 'int', 'filename' => 'string-255', 'file_hash' => 'string-40', 'fileext' => 'string-8', |
||||
891 | 'size' => 'int', 'width' => 'int', 'height' => 'int', 'mime_type' => 'string-20', 'approved' => 'int', |
||||
892 | ), |
||||
893 | array( |
||||
894 | $modSettings['currentAttachmentUploadDir'], (int) $attachmentOptions['post'], 3, $thumb_filename, $thumb_file_hash, $attachmentOptions['fileext'], |
||||
895 | $thumb_size, $thumb_width, $thumb_height, $thumb_mime, (int) $attachmentOptions['approved'], |
||||
896 | ), |
||||
897 | array('id_attach'), |
||||
898 | 1 |
||||
899 | ); |
||||
900 | |||||
901 | if (!empty($attachmentOptions['thumb'])) |
||||
902 | { |
||||
903 | $smcFunc['db_query']('', ' |
||||
904 | UPDATE {db_prefix}attachments |
||||
905 | SET id_thumb = {int:id_thumb} |
||||
906 | WHERE id_attach = {int:id_attach}', |
||||
907 | array( |
||||
908 | 'id_thumb' => $attachmentOptions['thumb'], |
||||
909 | 'id_attach' => $attachmentOptions['id'], |
||||
910 | ) |
||||
911 | ); |
||||
912 | |||||
913 | rename($thumb_path, getAttachmentFilename($thumb_filename, $attachmentOptions['thumb'], $modSettings['currentAttachmentUploadDir'], false, $thumb_file_hash)); |
||||
914 | } |
||||
915 | } |
||||
916 | } |
||||
917 | |||||
918 | return true; |
||||
919 | } |
||||
920 | |||||
921 | /** |
||||
922 | * Assigns the given attachments to the given message ID. |
||||
923 | * |
||||
924 | * @param $attachIDs array of attachment IDs to assign. |
||||
925 | * @param $msgID integer the message ID. |
||||
926 | * |
||||
927 | * @return boolean false on error or missing params. |
||||
928 | */ |
||||
929 | function assignAttachments($attachIDs = array(), $msgID = 0) |
||||
930 | { |
||||
931 | global $smcFunc; |
||||
932 | |||||
933 | // Oh, come on! |
||||
934 | if (empty($attachIDs) || empty($msgID)) |
||||
935 | return false; |
||||
936 | |||||
937 | // "I see what is right and approve, but I do what is wrong." |
||||
938 | call_integration_hook('integrate_assign_attachments', array(&$attachIDs, &$msgID)); |
||||
939 | |||||
940 | // One last check |
||||
941 | if (empty($attachIDs)) |
||||
942 | return false; |
||||
943 | |||||
944 | // Perform. |
||||
945 | $smcFunc['db_query']('', ' |
||||
946 | UPDATE {db_prefix}attachments |
||||
947 | SET id_msg = {int:id_msg} |
||||
948 | WHERE id_attach IN ({array_int:attach_ids})', |
||||
949 | array( |
||||
950 | 'id_msg' => $msgID, |
||||
951 | 'attach_ids' => $attachIDs, |
||||
952 | ) |
||||
953 | ); |
||||
954 | |||||
955 | return true; |
||||
956 | } |
||||
957 | |||||
958 | /** |
||||
959 | * Gets an attach ID and tries to load all its info. |
||||
960 | * |
||||
961 | * @param int $attachID the attachment ID to load info from. |
||||
962 | * |
||||
963 | * @return mixed If succesful, it will return an array of loaded data. String, most likely a $txt key if there was some error. |
||||
964 | */ |
||||
965 | function parseAttachBBC($attachID = 0) |
||||
966 | { |
||||
967 | global $board, $modSettings, $context, $scripturl, $smcFunc, $user_info; |
||||
968 | static $view_attachment_boards; |
||||
969 | |||||
970 | if (!isset($view_attachment_boards)) |
||||
971 | $view_attachment_boards = boardsAllowedTo('view_attachments'); |
||||
972 | |||||
973 | // Meh... |
||||
974 | if (empty($attachID)) |
||||
975 | return 'attachments_no_data_loaded'; |
||||
976 | |||||
977 | // Make it easy. |
||||
978 | $msgID = !empty($_REQUEST['msg']) ? (int) $_REQUEST['msg'] : 0; |
||||
979 | |||||
980 | // Perhaps someone else wants to do the honors? Yes, this also includes dealing with previews ;) |
||||
981 | $externalParse = call_integration_hook('integrate_pre_parseAttachBBC', array($attachID, $msgID)); |
||||
982 | |||||
983 | // "I am innocent of the blood of this just person: see ye to it." |
||||
984 | if (!empty($externalParse) && (is_string($externalParse) || is_array($externalParse))) |
||||
985 | return $externalParse; |
||||
986 | |||||
987 | // Are attachments enabled? |
||||
988 | if (empty($modSettings['attachmentEnable'])) |
||||
989 | return 'attachments_not_enable'; |
||||
990 | |||||
991 | $check_board_perms = !isset($_SESSION['attachments_can_preview'][$attachID]) && $view_attachment_boards !== array(0); |
||||
992 | |||||
993 | // There is always the chance someone else has already done our dirty work... |
||||
994 | // If so, all pertinent checks were already done. Hopefully... |
||||
995 | if (!empty($context['current_attachments']) && !empty($context['current_attachments'][$attachID])) |
||||
996 | return $context['current_attachments'][$attachID]; |
||||
997 | |||||
998 | // Can the user view attachments on this board? |
||||
999 | if ($check_board_perms && !empty($board) && !in_array($board, $view_attachment_boards)) |
||||
1000 | return 'attachments_not_allowed_to_see'; |
||||
1001 | |||||
1002 | // Get the message info associated with this particular attach ID. |
||||
1003 | $attachInfo = getAttachMsgInfo($attachID); |
||||
1004 | |||||
1005 | // There is always the chance this attachment no longer exists or isn't associated to a message anymore... |
||||
1006 | if (empty($attachInfo)) |
||||
1007 | return 'attachments_no_data_loaded'; |
||||
1008 | |||||
1009 | if (empty($attachInfo['msg']) && empty($context['preview_message'])) |
||||
1010 | return 'attachments_no_msg_associated'; |
||||
1011 | |||||
1012 | // Can the user view attachments on the board that holds the attachment's original post? |
||||
1013 | // (This matters when one post quotes another on a different board.) |
||||
1014 | if ($check_board_perms && !in_array($attachInfo['board'], $view_attachment_boards)) |
||||
1015 | return 'attachments_not_allowed_to_see'; |
||||
1016 | |||||
1017 | if (empty($context['loaded_attachments'][$attachInfo['msg']])) |
||||
1018 | prepareAttachsByMsg(array($attachInfo['msg'])); |
||||
1019 | |||||
1020 | if (isset($context['loaded_attachments'][$attachInfo['msg']][$attachID])) |
||||
1021 | $attachContext = $context['loaded_attachments'][$attachInfo['msg']][$attachID]; |
||||
1022 | |||||
1023 | // In case the user manually typed the thumbnail's ID into the BBC |
||||
1024 | elseif (!empty($context['loaded_attachments'][$attachInfo['msg']])) |
||||
1025 | { |
||||
1026 | foreach ($context['loaded_attachments'][$attachInfo['msg']] as $foundAttachID => $foundAttach) |
||||
1027 | { |
||||
1028 | if (array_key_exists('id_thumb', $foundAttach) && $foundAttach['id_thumb'] == $attachID) |
||||
1029 | { |
||||
1030 | $attachContext = $context['loaded_attachments'][$attachInfo['msg']][$foundAttachID]; |
||||
1031 | $attachID = $foundAttachID; |
||||
1032 | break; |
||||
1033 | } |
||||
1034 | } |
||||
1035 | } |
||||
1036 | |||||
1037 | // Load this particular attach's context. |
||||
1038 | if (!empty($attachContext)) |
||||
1039 | { |
||||
1040 | // Skip unapproved attachment, unless they belong to the user or the user can approve them. |
||||
1041 | if (!$context['loaded_attachments'][$attachInfo['msg']][$attachID]['approved'] && |
||||
1042 | $modSettings['postmod_active'] && !allowedTo('approve_posts') && |
||||
1043 | $context['loaded_attachments'][$attachInfo['msg']][$attachID]['id_member'] != $user_info['id']) |
||||
1044 | { |
||||
1045 | unset($context['loaded_attachments'][$attachInfo['msg']][$attachID]); |
||||
1046 | return 'attachments_unapproved'; |
||||
1047 | } |
||||
1048 | $attachLoaded = loadAttachmentContext($attachContext['id_msg'], $context['loaded_attachments']); |
||||
1049 | } |
||||
1050 | else |
||||
1051 | return 'attachments_no_data_loaded'; |
||||
1052 | |||||
1053 | if (empty($attachLoaded)) |
||||
1054 | return 'attachments_no_data_loaded'; |
||||
1055 | |||||
1056 | else |
||||
1057 | $attachContext = $attachLoaded[$attachID]; |
||||
1058 | |||||
1059 | // It's theoretically possible that prepareAttachsByMsg() changed the board id, so check again. |
||||
1060 | if ($check_board_perms && !in_array($attachContext['board'], $view_attachment_boards)) |
||||
1061 | return 'attachments_not_allowed_to_see'; |
||||
1062 | |||||
1063 | // You may or may not want to show this under the post. |
||||
1064 | if (!empty($modSettings['dont_show_attach_under_post']) && !isset($context['show_attach_under_post'][$attachID])) |
||||
1065 | $context['show_attach_under_post'][$attachID] = $attachID; |
||||
1066 | |||||
1067 | // Last minute changes? |
||||
1068 | call_integration_hook('integrate_post_parseAttachBBC', array(&$attachContext)); |
||||
1069 | |||||
1070 | // Don't do any logic with the loaded data, leave it to whoever called this function. |
||||
1071 | return $attachContext; |
||||
1072 | } |
||||
1073 | |||||
1074 | /** |
||||
1075 | * Gets raw info directly from the attachments table. |
||||
1076 | * |
||||
1077 | * @param array $attachIDs An array of attachments IDs. |
||||
1078 | * |
||||
1079 | * @return array |
||||
1080 | */ |
||||
1081 | function getRawAttachInfo($attachIDs) |
||||
1082 | { |
||||
1083 | global $smcFunc, $modSettings; |
||||
1084 | |||||
1085 | if (empty($attachIDs)) |
||||
1086 | return array(); |
||||
1087 | |||||
1088 | $return = array(); |
||||
1089 | |||||
1090 | $request = $smcFunc['db_query']('', ' |
||||
1091 | SELECT a.id_attach, a.id_msg, a.id_member, a.size, a.mime_type, a.id_folder, a.filename' . (empty($modSettings['attachmentShowImages']) || empty($modSettings['attachmentThumbnails']) ? '' : ', |
||||
1092 | COALESCE(thumb.id_attach, 0) AS id_thumb, thumb.width AS thumb_width, thumb.height AS thumb_height') . ' |
||||
1093 | FROM {db_prefix}attachments AS a' . (empty($modSettings['attachmentShowImages']) || empty($modSettings['attachmentThumbnails']) ? '' : ' |
||||
1094 | LEFT JOIN {db_prefix}attachments AS thumb ON (thumb.id_attach = a.id_thumb)') . ' |
||||
1095 | WHERE a.id_attach IN ({array_int:attach_ids}) |
||||
1096 | LIMIT 1', |
||||
1097 | array( |
||||
1098 | 'attach_ids' => (array) $attachIDs, |
||||
1099 | ) |
||||
1100 | ); |
||||
1101 | |||||
1102 | if ($smcFunc['db_num_rows']($request) != 1) |
||||
1103 | return array(); |
||||
1104 | |||||
1105 | while ($row = $smcFunc['db_fetch_assoc']($request)) |
||||
1106 | $return[$row['id_attach']] = array( |
||||
1107 | 'name' => $smcFunc['htmlspecialchars']($row['filename']), |
||||
1108 | 'size' => $row['size'], |
||||
1109 | 'attachID' => $row['id_attach'], |
||||
1110 | 'unchecked' => false, |
||||
1111 | 'approved' => 1, |
||||
1112 | 'mime_type' => $row['mime_type'], |
||||
1113 | 'thumb' => $row['id_thumb'], |
||||
1114 | ); |
||||
1115 | $smcFunc['db_free_result']($request); |
||||
1116 | |||||
1117 | return $return; |
||||
1118 | } |
||||
1119 | |||||
1120 | /** |
||||
1121 | * Gets all needed message data associated with an attach ID |
||||
1122 | * |
||||
1123 | * @param int $attachID the attachment ID to load info from. |
||||
1124 | * |
||||
1125 | * @return array |
||||
1126 | */ |
||||
1127 | function getAttachMsgInfo($attachID) |
||||
1128 | { |
||||
1129 | global $smcFunc, $context; |
||||
1130 | |||||
1131 | if (empty($attachID)) |
||||
1132 | return array(); |
||||
1133 | |||||
1134 | if (!isset($context['loaded_attachments'])) |
||||
1135 | $context['loaded_attachments'] = array(); |
||||
1136 | |||||
1137 | foreach ($context['loaded_attachments'] as $msgRows) |
||||
1138 | { |
||||
1139 | if (empty($msgRows[$attachID])) |
||||
1140 | continue; |
||||
1141 | |||||
1142 | $row = array( |
||||
1143 | 'msg' => $msgRows[$attachID]['id_msg'], |
||||
1144 | 'topic' => $msgRows[$attachID]['topic'], |
||||
1145 | 'board' => $msgRows[$attachID]['board'], |
||||
1146 | ); |
||||
1147 | |||||
1148 | return $row; |
||||
1149 | } |
||||
1150 | |||||
1151 | $request = $smcFunc['db_query']('', ' |
||||
1152 | SELECT a.id_msg AS msg, m.id_topic AS topic, m.id_board AS board |
||||
1153 | FROM {db_prefix}attachments AS a |
||||
1154 | LEFT JOIN {db_prefix}messages AS m ON (m.id_msg = a.id_msg) |
||||
1155 | WHERE id_attach = {int:id_attach} |
||||
1156 | LIMIT 1', |
||||
1157 | array( |
||||
1158 | 'id_attach' => (int) $attachID, |
||||
1159 | ) |
||||
1160 | ); |
||||
1161 | |||||
1162 | if ($smcFunc['db_num_rows']($request) != 1) |
||||
1163 | return array(); |
||||
1164 | |||||
1165 | $row = $smcFunc['db_fetch_assoc']($request); |
||||
1166 | $smcFunc['db_free_result']($request); |
||||
1167 | |||||
1168 | return $row; |
||||
1169 | } |
||||
1170 | |||||
1171 | /** |
||||
1172 | * This loads an attachment's contextual data including, most importantly, its size if it is an image. |
||||
1173 | * It requires the view_attachments permission to calculate image size. |
||||
1174 | * It attempts to keep the "aspect ratio" of the posted image in line, even if it has to be resized by |
||||
1175 | * the max_image_width and max_image_height settings. |
||||
1176 | * |
||||
1177 | * @param int $id_msg ID of the post to load attachments for |
||||
1178 | * @param array $attachments An array of already loaded attachments. This function no longer depends on having $topic declared, thus, you need to load the actual topic ID for each attachment. |
||||
1179 | * @return array An array of attachment info |
||||
1180 | */ |
||||
1181 | function loadAttachmentContext($id_msg, $attachments) |
||||
1182 | { |
||||
1183 | global $modSettings, $txt, $scripturl, $sourcedir, $smcFunc, $context; |
||||
1184 | |||||
1185 | if (empty($attachments) || empty($attachments[$id_msg])) |
||||
1186 | return array(); |
||||
1187 | |||||
1188 | // Set up the attachment info - based on code by Meriadoc. |
||||
1189 | $attachmentData = array(); |
||||
1190 | $have_unapproved = false; |
||||
1191 | if (isset($attachments[$id_msg]) && !empty($modSettings['attachmentEnable'])) |
||||
1192 | { |
||||
1193 | foreach ($attachments[$id_msg] as $i => $attachment) |
||||
1194 | { |
||||
1195 | $attachmentData[$i] = array( |
||||
1196 | 'id' => $attachment['id_attach'], |
||||
1197 | 'name' => preg_replace('~&#(\\d{1,7}|x[0-9a-fA-F]{1,6});~', '&#\\1;', $smcFunc['htmlspecialchars']($attachment['filename'])), |
||||
1198 | 'downloads' => $attachment['downloads'], |
||||
1199 | 'size' => ($attachment['filesize'] < 1024000) ? round($attachment['filesize'] / 1024, 2) . ' ' . $txt['kilobyte'] : round($attachment['filesize'] / 1024 / 1024, 2) . ' ' . $txt['megabyte'], |
||||
1200 | 'byte_size' => $attachment['filesize'], |
||||
1201 | 'href' => $scripturl . '?action=dlattach;attach=' . $attachment['id_attach'], |
||||
1202 | 'link' => '<a href="' . $scripturl . '?action=dlattach;attach=' . $attachment['id_attach'] . '" class="bbc_link">' . $smcFunc['htmlspecialchars']($attachment['filename']) . '</a>', |
||||
1203 | 'is_image' => !empty($attachment['width']) && !empty($attachment['height']), |
||||
1204 | 'is_approved' => $attachment['approved'], |
||||
1205 | 'topic' => $attachment['topic'], |
||||
1206 | 'board' => $attachment['board'], |
||||
1207 | 'mime_type' => $attachment['mime_type'], |
||||
1208 | ); |
||||
1209 | |||||
1210 | // If something is unapproved we'll note it so we can sort them. |
||||
1211 | if (!$attachment['approved']) |
||||
1212 | $have_unapproved = true; |
||||
1213 | |||||
1214 | if (!$attachmentData[$i]['is_image']) |
||||
1215 | continue; |
||||
1216 | |||||
1217 | $attachmentData[$i]['real_width'] = $attachment['width']; |
||||
1218 | $attachmentData[$i]['width'] = $attachment['width']; |
||||
1219 | $attachmentData[$i]['real_height'] = $attachment['height']; |
||||
1220 | $attachmentData[$i]['height'] = $attachment['height']; |
||||
1221 | |||||
1222 | // Let's see, do we want thumbs? |
||||
1223 | if (!empty($modSettings['attachmentShowImages']) && !empty($modSettings['attachmentThumbnails']) && !empty($modSettings['attachmentThumbWidth']) && !empty($modSettings['attachmentThumbHeight']) && ($attachment['width'] > $modSettings['attachmentThumbWidth'] || $attachment['height'] > $modSettings['attachmentThumbHeight']) && strlen($attachment['filename']) < 249) |
||||
1224 | { |
||||
1225 | // A proper thumb doesn't exist yet? Create one! |
||||
1226 | if (empty($attachment['id_thumb']) || $attachment['thumb_width'] > $modSettings['attachmentThumbWidth'] || $attachment['thumb_height'] > $modSettings['attachmentThumbHeight'] || ($attachment['thumb_width'] < $modSettings['attachmentThumbWidth'] && $attachment['thumb_height'] < $modSettings['attachmentThumbHeight'])) |
||||
1227 | { |
||||
1228 | $filename = getAttachmentFilename($attachment['filename'], $attachment['id_attach'], $attachment['id_folder']); |
||||
1229 | |||||
1230 | require_once($sourcedir . '/Subs-Graphics.php'); |
||||
1231 | if (createThumbnail($filename, $modSettings['attachmentThumbWidth'], $modSettings['attachmentThumbHeight'])) |
||||
1232 | { |
||||
1233 | // So what folder are we putting this image in? |
||||
1234 | if (!empty($modSettings['currentAttachmentUploadDir'])) |
||||
1235 | { |
||||
1236 | if (!is_array($modSettings['attachmentUploadDir'])) |
||||
1237 | $modSettings['attachmentUploadDir'] = $smcFunc['json_decode']($modSettings['attachmentUploadDir'], true); |
||||
1238 | $id_folder_thumb = $modSettings['currentAttachmentUploadDir']; |
||||
1239 | } |
||||
1240 | else |
||||
1241 | { |
||||
1242 | $id_folder_thumb = 1; |
||||
1243 | } |
||||
1244 | |||||
1245 | // Calculate the size of the created thumbnail. |
||||
1246 | $size = @getimagesize($filename . '_thumb'); |
||||
1247 | list ($attachment['thumb_width'], $attachment['thumb_height']) = $size; |
||||
1248 | $thumb_size = filesize($filename . '_thumb'); |
||||
1249 | |||||
1250 | // What about the extension? |
||||
1251 | $thumb_ext = isset($context['valid_image_types'][$size[2]]) ? $context['valid_image_types'][$size[2]] : ''; |
||||
1252 | |||||
1253 | // Figure out the mime type. |
||||
1254 | if (!empty($size['mime'])) |
||||
1255 | $thumb_mime = $size['mime']; |
||||
1256 | else |
||||
1257 | $thumb_mime = 'image/' . $thumb_ext; |
||||
1258 | |||||
1259 | $thumb_filename = $attachment['filename'] . '_thumb'; |
||||
1260 | $thumb_hash = getAttachmentFilename($thumb_filename, false, null, true); |
||||
1261 | $old_id_thumb = $attachment['id_thumb']; |
||||
1262 | |||||
1263 | // Add this beauty to the database. |
||||
1264 | $attachment['id_thumb'] = $smcFunc['db_insert']('', |
||||
1265 | '{db_prefix}attachments', |
||||
1266 | array('id_folder' => 'int', 'id_msg' => 'int', 'attachment_type' => 'int', 'filename' => 'string', 'file_hash' => 'string', 'size' => 'int', 'width' => 'int', 'height' => 'int', 'fileext' => 'string', 'mime_type' => 'string'), |
||||
1267 | array($id_folder_thumb, $id_msg, 3, $thumb_filename, $thumb_hash, (int) $thumb_size, (int) $attachment['thumb_width'], (int) $attachment['thumb_height'], $thumb_ext, $thumb_mime), |
||||
1268 | array('id_attach'), |
||||
1269 | 1 |
||||
1270 | ); |
||||
1271 | |||||
1272 | if (!empty($attachment['id_thumb'])) |
||||
1273 | { |
||||
1274 | $smcFunc['db_query']('', ' |
||||
1275 | UPDATE {db_prefix}attachments |
||||
1276 | SET id_thumb = {int:id_thumb} |
||||
1277 | WHERE id_attach = {int:id_attach}', |
||||
1278 | array( |
||||
1279 | 'id_thumb' => $attachment['id_thumb'], |
||||
1280 | 'id_attach' => $attachment['id_attach'], |
||||
1281 | ) |
||||
1282 | ); |
||||
1283 | |||||
1284 | $thumb_realname = getAttachmentFilename($thumb_filename, $attachment['id_thumb'], $id_folder_thumb, false, $thumb_hash); |
||||
1285 | rename($filename . '_thumb', $thumb_realname); |
||||
1286 | |||||
1287 | // Do we need to remove an old thumbnail? |
||||
1288 | if (!empty($old_id_thumb)) |
||||
1289 | { |
||||
1290 | require_once($sourcedir . '/ManageAttachments.php'); |
||||
1291 | removeAttachments(array('id_attach' => $old_id_thumb), '', false, false); |
||||
1292 | } |
||||
1293 | } |
||||
1294 | } |
||||
1295 | } |
||||
1296 | |||||
1297 | // Only adjust dimensions on successful thumbnail creation. |
||||
1298 | if (!empty($attachment['thumb_width']) && !empty($attachment['thumb_height'])) |
||||
1299 | { |
||||
1300 | $attachmentData[$i]['width'] = $attachment['thumb_width']; |
||||
1301 | $attachmentData[$i]['height'] = $attachment['thumb_height']; |
||||
1302 | } |
||||
1303 | } |
||||
1304 | |||||
1305 | if (!empty($attachment['id_thumb'])) |
||||
1306 | $attachmentData[$i]['thumbnail'] = array( |
||||
1307 | 'id' => $attachment['id_thumb'], |
||||
1308 | 'href' => $scripturl . '?action=dlattach;attach=' . $attachment['id_thumb'] . ';image', |
||||
1309 | ); |
||||
1310 | $attachmentData[$i]['thumbnail']['has_thumb'] = !empty($attachment['id_thumb']); |
||||
1311 | |||||
1312 | // If thumbnails are disabled, check the maximum size of the image. |
||||
1313 | if (!$attachmentData[$i]['thumbnail']['has_thumb'] && ((!empty($modSettings['max_image_width']) && $attachment['width'] > $modSettings['max_image_width']) || (!empty($modSettings['max_image_height']) && $attachment['height'] > $modSettings['max_image_height']))) |
||||
1314 | { |
||||
1315 | if (!empty($modSettings['max_image_width']) && (empty($modSettings['max_image_height']) || $attachment['height'] * $modSettings['max_image_width'] / $attachment['width'] <= $modSettings['max_image_height'])) |
||||
1316 | { |
||||
1317 | $attachmentData[$i]['width'] = $modSettings['max_image_width']; |
||||
1318 | $attachmentData[$i]['height'] = floor($attachment['height'] * $modSettings['max_image_width'] / $attachment['width']); |
||||
1319 | } |
||||
1320 | elseif (!empty($modSettings['max_image_width'])) |
||||
1321 | { |
||||
1322 | $attachmentData[$i]['width'] = floor($attachment['width'] * $modSettings['max_image_height'] / $attachment['height']); |
||||
1323 | $attachmentData[$i]['height'] = $modSettings['max_image_height']; |
||||
1324 | } |
||||
1325 | } |
||||
1326 | elseif ($attachmentData[$i]['thumbnail']['has_thumb']) |
||||
1327 | { |
||||
1328 | // If the image is too large to show inline, make it a popup. |
||||
1329 | if (((!empty($modSettings['max_image_width']) && $attachmentData[$i]['real_width'] > $modSettings['max_image_width']) || (!empty($modSettings['max_image_height']) && $attachmentData[$i]['real_height'] > $modSettings['max_image_height']))) |
||||
1330 | $attachmentData[$i]['thumbnail']['javascript'] = 'return reqWin(\'' . $attachmentData[$i]['href'] . ';image\', ' . ($attachment['width'] + 20) . ', ' . ($attachment['height'] + 20) . ', true);'; |
||||
1331 | else |
||||
1332 | $attachmentData[$i]['thumbnail']['javascript'] = 'return expandThumb(' . $attachment['id_attach'] . ');'; |
||||
1333 | } |
||||
1334 | |||||
1335 | if (!$attachmentData[$i]['thumbnail']['has_thumb']) |
||||
1336 | $attachmentData[$i]['downloads']++; |
||||
1337 | } |
||||
1338 | } |
||||
1339 | |||||
1340 | // Do we need to instigate a sort? |
||||
1341 | if ($have_unapproved) |
||||
1342 | uasort( |
||||
1343 | $attachmentData, |
||||
1344 | function($a, $b) |
||||
1345 | { |
||||
1346 | if ($a['is_approved'] == $b['is_approved']) |
||||
1347 | return 0; |
||||
1348 | |||||
1349 | return $a['is_approved'] > $b['is_approved'] ? -1 : 1; |
||||
1350 | } |
||||
1351 | ); |
||||
1352 | |||||
1353 | return $attachmentData; |
||||
1354 | } |
||||
1355 | |||||
1356 | /** |
||||
1357 | * prepare the Attachment api for all messages |
||||
1358 | * |
||||
1359 | * @param int array $msgIDs the message ID to load info from. |
||||
1360 | * |
||||
1361 | * @return void |
||||
1362 | */ |
||||
1363 | function prepareAttachsByMsg($msgIDs) |
||||
1364 | { |
||||
1365 | global $context, $modSettings, $smcFunc; |
||||
1366 | |||||
1367 | if (empty($context['loaded_attachments'])) |
||||
1368 | $context['loaded_attachments'] = array(); |
||||
1369 | // Remove all $msgIDs that we already processed |
||||
1370 | else |
||||
1371 | $msgIDs = array_diff($msgIDs, array_keys($context['loaded_attachments']), array(0)); |
||||
1372 | |||||
1373 | if (!empty($context['preview_message'])) |
||||
1374 | $msgIDs[] = 0; |
||||
1375 | |||||
1376 | if (!empty($msgIDs)) |
||||
1377 | { |
||||
1378 | $request = $smcFunc['db_query']('', ' |
||||
1379 | SELECT |
||||
1380 | a.id_attach, a.id_folder, a.id_msg, a.filename, a.file_hash, COALESCE(a.size, 0) AS filesize, a.downloads, a.approved, m.id_topic AS topic, m.id_board AS board, m.id_member, a.mime_type, |
||||
1381 | a.width, a.height' . (empty($modSettings['attachmentShowImages']) || empty($modSettings['attachmentThumbnails']) ? '' : ', |
||||
1382 | COALESCE(thumb.id_attach, 0) AS id_thumb, thumb.width AS thumb_width, thumb.height AS thumb_height') . ' |
||||
1383 | FROM {db_prefix}attachments AS a' . (empty($modSettings['attachmentShowImages']) || empty($modSettings['attachmentThumbnails']) ? '' : ' |
||||
1384 | LEFT JOIN {db_prefix}attachments AS thumb ON (thumb.id_attach = a.id_thumb)') . ' |
||||
1385 | LEFT JOIN {db_prefix}messages AS m ON (m.id_msg = a.id_msg) |
||||
1386 | WHERE a.attachment_type = {int:attachment_type} |
||||
1387 | AND a.id_msg IN ({array_int:message_id})', |
||||
1388 | array( |
||||
1389 | 'message_id' => $msgIDs, |
||||
1390 | 'attachment_type' => 0, |
||||
1391 | ) |
||||
1392 | ); |
||||
1393 | $rows = $smcFunc['db_fetch_all']($request); |
||||
1394 | $smcFunc['db_free_result']($request); |
||||
1395 | |||||
1396 | foreach ($rows as $row) |
||||
1397 | { |
||||
1398 | if (empty($context['loaded_attachments'][$row['id_msg']])) |
||||
1399 | $context['loaded_attachments'][$row['id_msg']] = array(); |
||||
1400 | |||||
1401 | $context['loaded_attachments'][$row['id_msg']][$row['id_attach']] = $row; |
||||
1402 | |||||
1403 | // This is better than sorting it with the query... |
||||
1404 | ksort($context['loaded_attachments'][$row['id_msg']]); |
||||
1405 | } |
||||
1406 | } |
||||
1407 | } |
||||
1408 | |||||
1409 | ?> |