|
1
|
|
|
<?php |
|
|
|
|
|
|
2
|
|
|
// |
|
3
|
|
|
// ------------------------------------------------------------------------ // |
|
4
|
|
|
// XOOPS - PHP Content Management System // |
|
5
|
|
|
// Copyright (c) 2000-2016 XOOPS.org // |
|
6
|
|
|
// <http://xoops.org/> // |
|
7
|
|
|
// ------------------------------------------------------------------------ // |
|
8
|
|
|
// This program is free software; you can redistribute it and/or modify // |
|
9
|
|
|
// it under the terms of the GNU General Public License as published by // |
|
10
|
|
|
// the Free Software Foundation; either version 2 of the License, or // |
|
11
|
|
|
// (at your option) any later version. // |
|
12
|
|
|
// // |
|
13
|
|
|
// You may not change or alter any portion of this comment or credits // |
|
14
|
|
|
// of supporting developers from this source code or any supporting // |
|
15
|
|
|
// source code which is considered copyrighted (c) material of the // |
|
16
|
|
|
// original comment or credit authors. // |
|
17
|
|
|
// // |
|
18
|
|
|
// This program is distributed in the hope that it will be useful, // |
|
19
|
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of // |
|
20
|
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // |
|
21
|
|
|
// GNU General Public License for more details. // |
|
22
|
|
|
// // |
|
23
|
|
|
// You should have received a copy of the GNU General Public License // |
|
24
|
|
|
// along with this program; if not, write to the Free Software // |
|
25
|
|
|
// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA // |
|
26
|
|
|
// ------------------------------------------------------------------------- // |
|
27
|
|
|
// defined('XOOPS_ROOT_PATH') || exit('XOOPS root path not defined'); |
|
28
|
|
|
|
|
29
|
|
|
include_once XOOPS_ROOT_PATH . '/modules/news/class/class.mimetype.php'; |
|
30
|
|
|
|
|
31
|
|
|
/** |
|
32
|
|
|
* Class sFiles |
|
33
|
|
|
*/ |
|
34
|
|
|
class sFiles |
|
|
|
|
|
|
35
|
|
|
{ |
|
36
|
|
|
public $db; |
|
37
|
|
|
public $table; |
|
38
|
|
|
public $fileid; |
|
39
|
|
|
public $filerealname; |
|
40
|
|
|
public $storyid; |
|
41
|
|
|
public $date; |
|
42
|
|
|
public $mimetype; |
|
43
|
|
|
public $downloadname; |
|
44
|
|
|
public $counter; |
|
45
|
|
|
|
|
46
|
|
|
/** |
|
47
|
|
|
* @param $fileid |
|
48
|
|
|
*/ |
|
49
|
|
|
public function __construct($fileid = -1) |
|
50
|
|
|
{ |
|
51
|
|
|
$this->db = XoopsDatabaseFactory::getDatabaseConnection(); |
|
52
|
|
|
$this->table = $this->db->prefix('news_stories_files'); |
|
53
|
|
|
$this->storyid = 0; |
|
54
|
|
|
$this->filerealname = ''; |
|
55
|
|
|
$this->date = 0; |
|
56
|
|
|
$this->mimetype = ''; |
|
57
|
|
|
$this->downloadname = 'downloadfile'; |
|
58
|
|
|
$this->counter = 0; |
|
59
|
|
|
if (is_array($fileid)) { |
|
60
|
|
|
$this->makeFile($fileid); |
|
61
|
|
|
} elseif ($fileid != -1) { |
|
62
|
|
|
$this->getFile((int)$fileid); |
|
63
|
|
|
} |
|
64
|
|
|
} |
|
65
|
|
|
|
|
66
|
|
|
/** |
|
67
|
|
|
* @param $folder |
|
68
|
|
|
* @param $filename |
|
69
|
|
|
* @param bool $trimname |
|
70
|
|
|
* |
|
71
|
|
|
* @return string |
|
72
|
|
|
*/ |
|
73
|
|
|
public function createUploadName($folder, $filename, $trimname = false) |
|
|
|
|
|
|
74
|
|
|
{ |
|
75
|
|
|
$workingfolder = $folder; |
|
76
|
|
|
if (xoops_substr($workingfolder, strlen($workingfolder) - 1, 1) !== '/') { |
|
77
|
|
|
$workingfolder .= '/'; |
|
78
|
|
|
} |
|
79
|
|
|
$ext = basename($filename); |
|
80
|
|
|
$ext = explode('.', $ext); |
|
81
|
|
|
$ext = '.' . $ext[count($ext) - 1]; |
|
82
|
|
|
$true = true; |
|
83
|
|
|
while ($true) { |
|
84
|
|
|
$ipbits = explode('.', $_SERVER['REMOTE_ADDR']); |
|
85
|
|
|
list($usec, $sec) = explode(' ', microtime()); |
|
86
|
|
|
|
|
87
|
|
|
$usec = (integer)($usec * 65536); |
|
88
|
|
|
$sec = ((integer)$sec) & 0xFFFF; |
|
89
|
|
|
|
|
90
|
|
|
if ($trimname) { |
|
91
|
|
|
$uid = sprintf('%06x%04x%04x', ($ipbits[0] << 24) | ($ipbits[1] << 16) | ($ipbits[2] << 8) | $ipbits[3], $sec, $usec); |
|
92
|
|
|
} else { |
|
93
|
|
|
$uid = sprintf('%08x-%04x-%04x', ($ipbits[0] << 24) | ($ipbits[1] << 16) | ($ipbits[2] << 8) | $ipbits[3], $sec, $usec); |
|
94
|
|
|
} |
|
95
|
|
|
if (!file_exists($workingfolder . $uid . $ext)) { |
|
96
|
|
|
$true = false; |
|
97
|
|
|
} |
|
98
|
|
|
} |
|
99
|
|
|
|
|
100
|
|
|
return $uid . $ext; |
|
|
|
|
|
|
101
|
|
|
} |
|
102
|
|
|
|
|
103
|
|
|
/** |
|
104
|
|
|
* @param string $filename |
|
105
|
|
|
* |
|
106
|
|
|
* @return string |
|
107
|
|
|
*/ |
|
108
|
|
|
public function giveMimetype($filename = '') |
|
109
|
|
|
{ |
|
110
|
|
|
$cmimetype = new cmimetype(); |
|
111
|
|
|
$workingfile = $this->downloadname; |
|
|
|
|
|
|
112
|
|
|
if (xoops_trim($filename) != '') { |
|
113
|
|
|
$workingfile = $filename; |
|
114
|
|
|
|
|
115
|
|
|
return $cmimetype->getType($workingfile); |
|
116
|
|
|
} else { |
|
117
|
|
|
return ''; |
|
118
|
|
|
} |
|
119
|
|
|
} |
|
120
|
|
|
|
|
121
|
|
|
/** |
|
122
|
|
|
* @param $storyid |
|
123
|
|
|
* |
|
124
|
|
|
* @return array |
|
125
|
|
|
*/ |
|
126
|
|
|
public function getAllbyStory($storyid) |
|
127
|
|
|
{ |
|
128
|
|
|
$ret = array(); |
|
129
|
|
|
$sql = 'SELECT * FROM ' . $this->table . ' WHERE storyid=' . (int)$storyid; |
|
130
|
|
|
$result = $this->db->query($sql); |
|
131
|
|
|
while ($myrow = $this->db->fetchArray($result)) { |
|
132
|
|
|
$ret[] = new sFiles($myrow); |
|
133
|
|
|
} |
|
134
|
|
|
|
|
135
|
|
|
return $ret; |
|
136
|
|
|
} |
|
137
|
|
|
|
|
138
|
|
|
/** |
|
139
|
|
|
* @param $id |
|
140
|
|
|
*/ |
|
141
|
|
|
public function getFile($id) |
|
142
|
|
|
{ |
|
143
|
|
|
$sql = 'SELECT * FROM ' . $this->table . ' WHERE fileid=' . (int)$id; |
|
144
|
|
|
$array = $this->db->fetchArray($this->db->query($sql)); |
|
145
|
|
|
$this->makeFile($array); |
|
146
|
|
|
} |
|
147
|
|
|
|
|
148
|
|
|
/** |
|
149
|
|
|
* @param $array |
|
150
|
|
|
*/ |
|
151
|
|
|
public function makeFile($array) |
|
152
|
|
|
{ |
|
153
|
|
|
foreach ($array as $key => $value) { |
|
154
|
|
|
$this->$key = $value; |
|
155
|
|
|
} |
|
156
|
|
|
} |
|
157
|
|
|
|
|
158
|
|
|
/** |
|
159
|
|
|
* @return bool |
|
160
|
|
|
*/ |
|
161
|
|
|
public function store() |
|
162
|
|
|
{ |
|
163
|
|
|
$myts = MyTextSanitizer::getInstance(); |
|
164
|
|
|
$fileRealName = $myts->addSlashes($this->filerealname); |
|
165
|
|
|
$downloadname = $myts->addSlashes($this->downloadname); |
|
166
|
|
|
$date = time(); |
|
167
|
|
|
$mimetype = $myts->addSlashes($this->mimetype); |
|
168
|
|
|
$counter = (int)$this->counter; |
|
169
|
|
|
$storyid = (int)$this->storyid; |
|
170
|
|
|
|
|
171
|
|
|
if (!isset($this->fileid)) { |
|
172
|
|
|
$newid = (int)$this->db->genId($this->table . '_fileid_seq'); |
|
173
|
|
|
$sql = 'INSERT INTO ' . $this->table . ' (fileid, storyid, filerealname, date, mimetype, downloadname, counter) ' . 'VALUES (' . $newid . ',' . $storyid . ",'" . $fileRealName . "','" . $date . "','" . $mimetype . "','" . $downloadname . "'," . $counter . ')'; |
|
174
|
|
|
$this->fileid = $newid; |
|
175
|
|
|
} else { |
|
176
|
|
|
$sql = 'UPDATE ' . $this->table . ' SET storyid=' . $storyid . ",filerealname='" . $fileRealName . "',date=" . $date . ",mimetype='" . $mimetype . "',downloadname='" . $downloadname . "',counter=" . $counter . ' WHERE fileid=' . $this->getFileid(); |
|
177
|
|
|
} |
|
178
|
|
|
if (!$result = $this->db->query($sql)) { |
|
179
|
|
|
return false; |
|
180
|
|
|
} |
|
181
|
|
|
|
|
182
|
|
|
return true; |
|
183
|
|
|
} |
|
184
|
|
|
|
|
185
|
|
|
/** |
|
186
|
|
|
* @param string $workdir |
|
187
|
|
|
* |
|
188
|
|
|
* @return bool |
|
189
|
|
|
*/ |
|
190
|
|
|
public function delete($workdir = XOOPS_UPLOAD_PATH) |
|
191
|
|
|
{ |
|
192
|
|
|
$sql = 'DELETE FROM ' . $this->table . ' WHERE fileid=' . $this->getFileid(); |
|
193
|
|
|
if (!$result = $this->db->query($sql)) { |
|
194
|
|
|
return false; |
|
195
|
|
|
} |
|
196
|
|
|
if (file_exists($workdir . '/' . $this->downloadname)) { |
|
197
|
|
|
unlink($workdir . '/' . $this->downloadname); |
|
198
|
|
|
} |
|
199
|
|
|
|
|
200
|
|
|
return true; |
|
201
|
|
|
} |
|
202
|
|
|
|
|
203
|
|
|
/** |
|
204
|
|
|
* @return bool |
|
205
|
|
|
*/ |
|
206
|
|
|
public function updateCounter() |
|
207
|
|
|
{ |
|
208
|
|
|
$sql = 'UPDATE ' . $this->table . ' SET counter=counter+1 WHERE fileid=' . $this->getFileid(); |
|
209
|
|
|
if (!$result = $this->db->queryF($sql)) { |
|
210
|
|
|
return false; |
|
211
|
|
|
} |
|
212
|
|
|
|
|
213
|
|
|
return true; |
|
214
|
|
|
} |
|
215
|
|
|
|
|
216
|
|
|
// **************************************************************************************************************** |
|
217
|
|
|
// All the Sets |
|
218
|
|
|
// **************************************************************************************************************** |
|
219
|
|
|
/** |
|
220
|
|
|
* @param $filename |
|
221
|
|
|
*/ |
|
222
|
|
|
public function setFileRealName($filename) |
|
223
|
|
|
{ |
|
224
|
|
|
$this->filerealname = $filename; |
|
225
|
|
|
} |
|
226
|
|
|
|
|
227
|
|
|
/** |
|
228
|
|
|
* @param $id |
|
229
|
|
|
*/ |
|
230
|
|
|
public function setStoryid($id) |
|
231
|
|
|
{ |
|
232
|
|
|
$this->storyid = (int)$id; |
|
233
|
|
|
} |
|
234
|
|
|
|
|
235
|
|
|
/** |
|
236
|
|
|
* @param $value |
|
237
|
|
|
*/ |
|
238
|
|
|
public function setMimetype($value) |
|
239
|
|
|
{ |
|
240
|
|
|
$this->mimetype = $value; |
|
241
|
|
|
} |
|
242
|
|
|
|
|
243
|
|
|
/** |
|
244
|
|
|
* @param $value |
|
245
|
|
|
*/ |
|
246
|
|
|
public function setDownloadname($value) |
|
247
|
|
|
{ |
|
248
|
|
|
$this->downloadname = $value; |
|
249
|
|
|
} |
|
250
|
|
|
|
|
251
|
|
|
// **************************************************************************************************************** |
|
252
|
|
|
// All the Gets |
|
253
|
|
|
// **************************************************************************************************************** |
|
254
|
|
|
/** |
|
255
|
|
|
* @return int |
|
256
|
|
|
*/ |
|
257
|
|
|
public function getFileid() |
|
258
|
|
|
{ |
|
259
|
|
|
return (int)$this->fileid; |
|
260
|
|
|
} |
|
261
|
|
|
|
|
262
|
|
|
/** |
|
263
|
|
|
* @return int |
|
264
|
|
|
*/ |
|
265
|
|
|
public function getStoryid() |
|
266
|
|
|
{ |
|
267
|
|
|
return (int)$this->storyid; |
|
268
|
|
|
} |
|
269
|
|
|
|
|
270
|
|
|
/** |
|
271
|
|
|
* @return int |
|
272
|
|
|
*/ |
|
273
|
|
|
public function getCounter() |
|
274
|
|
|
{ |
|
275
|
|
|
return (int)$this->counter; |
|
276
|
|
|
} |
|
277
|
|
|
|
|
278
|
|
|
/** |
|
279
|
|
|
* @return int |
|
280
|
|
|
*/ |
|
281
|
|
|
public function getDate() |
|
282
|
|
|
{ |
|
283
|
|
|
return (int)$this->date; |
|
284
|
|
|
} |
|
285
|
|
|
|
|
286
|
|
|
/** |
|
287
|
|
|
* @param string $format |
|
288
|
|
|
* |
|
289
|
|
|
* @return mixed |
|
290
|
|
|
*/ |
|
291
|
|
View Code Duplication |
public function getFileRealName($format = 'S') |
|
|
|
|
|
|
292
|
|
|
{ |
|
293
|
|
|
$myts = MyTextSanitizer::getInstance(); |
|
294
|
|
|
switch ($format) { |
|
295
|
|
|
case 'S': |
|
296
|
|
|
case 'Show': |
|
297
|
|
|
$filerealname = $myts->htmlSpecialChars($this->filerealname); |
|
298
|
|
|
break; |
|
299
|
|
|
case 'E': |
|
300
|
|
|
case 'Edit': |
|
301
|
|
|
$filerealname = $myts->htmlSpecialChars($this->filerealname); |
|
302
|
|
|
break; |
|
303
|
|
|
case 'P': |
|
304
|
|
|
case 'Preview': |
|
305
|
|
|
$filerealname = $myts->htmlSpecialChars($myts->stripSlashesGPC($this->filerealname)); |
|
306
|
|
|
break; |
|
307
|
|
|
case 'F': |
|
308
|
|
|
case 'InForm': |
|
309
|
|
|
$filerealname = $myts->htmlSpecialChars($myts->stripSlashesGPC($this->filerealname)); |
|
310
|
|
|
break; |
|
311
|
|
|
} |
|
312
|
|
|
|
|
313
|
|
|
return $filerealname; |
|
|
|
|
|
|
314
|
|
|
} |
|
315
|
|
|
|
|
316
|
|
|
/** |
|
317
|
|
|
* @param string $format |
|
318
|
|
|
* |
|
319
|
|
|
* @return mixed |
|
320
|
|
|
*/ |
|
321
|
|
View Code Duplication |
public function getMimetype($format = 'S') |
|
|
|
|
|
|
322
|
|
|
{ |
|
323
|
|
|
$myts = MyTextSanitizer::getInstance(); |
|
324
|
|
|
switch ($format) { |
|
325
|
|
|
case 'S': |
|
326
|
|
|
case 'Show': |
|
327
|
|
|
$filemimetype = $myts->htmlSpecialChars($this->mimetype); |
|
328
|
|
|
break; |
|
329
|
|
|
case 'E': |
|
330
|
|
|
case 'Edit': |
|
331
|
|
|
$filemimetype = $myts->htmlSpecialChars($this->mimetype); |
|
332
|
|
|
break; |
|
333
|
|
|
case 'P': |
|
334
|
|
|
case 'Preview': |
|
335
|
|
|
$filemimetype = $myts->htmlSpecialChars($myts->stripSlashesGPC($this->mimetype)); |
|
336
|
|
|
break; |
|
337
|
|
|
case 'F': |
|
338
|
|
|
case 'InForm': |
|
339
|
|
|
$filemimetype = $myts->htmlSpecialChars($myts->stripSlashesGPC($this->mimetype)); |
|
340
|
|
|
break; |
|
341
|
|
|
} |
|
342
|
|
|
|
|
343
|
|
|
return $filemimetype; |
|
|
|
|
|
|
344
|
|
|
} |
|
345
|
|
|
|
|
346
|
|
|
/** |
|
347
|
|
|
* @param string $format |
|
348
|
|
|
* |
|
349
|
|
|
* @return mixed |
|
350
|
|
|
*/ |
|
351
|
|
View Code Duplication |
public function getDownloadname($format = 'S') |
|
|
|
|
|
|
352
|
|
|
{ |
|
353
|
|
|
$myts = MyTextSanitizer::getInstance(); |
|
354
|
|
|
switch ($format) { |
|
355
|
|
|
case 'S': |
|
356
|
|
|
case 'Show': |
|
357
|
|
|
$filedownname = $myts->htmlSpecialChars($this->downloadname); |
|
358
|
|
|
break; |
|
359
|
|
|
case 'E': |
|
360
|
|
|
case 'Edit': |
|
361
|
|
|
$filedownname = $myts->htmlSpecialChars($this->downloadname); |
|
362
|
|
|
break; |
|
363
|
|
|
case 'P': |
|
364
|
|
|
case 'Preview': |
|
365
|
|
|
$filedownname = $myts->htmlSpecialChars($myts->stripSlashesGPC($this->downloadname)); |
|
366
|
|
|
break; |
|
367
|
|
|
case 'F': |
|
368
|
|
|
case 'InForm': |
|
369
|
|
|
$filedownname = $myts->htmlSpecialChars($myts->stripSlashesGPC($this->downloadname)); |
|
370
|
|
|
break; |
|
371
|
|
|
} |
|
372
|
|
|
|
|
373
|
|
|
return $filedownname; |
|
|
|
|
|
|
374
|
|
|
} |
|
375
|
|
|
|
|
376
|
|
|
// Deprecated |
|
377
|
|
|
/** |
|
378
|
|
|
* @param $storyid |
|
379
|
|
|
* |
|
380
|
|
|
* @return mixed |
|
381
|
|
|
*/ |
|
382
|
|
View Code Duplication |
public function getCountbyStory($storyid) |
|
|
|
|
|
|
383
|
|
|
{ |
|
384
|
|
|
$sql = 'SELECT count(fileid) as cnt FROM ' . $this->table . ' WHERE storyid=' . (int)$storyid . ''; |
|
385
|
|
|
$result = $this->db->query($sql); |
|
386
|
|
|
$myrow = $this->db->fetchArray($result); |
|
387
|
|
|
|
|
388
|
|
|
return $myrow['cnt']; |
|
389
|
|
|
} |
|
390
|
|
|
|
|
391
|
|
|
/** |
|
392
|
|
|
* @param $stories |
|
393
|
|
|
* |
|
394
|
|
|
* @return array |
|
395
|
|
|
*/ |
|
396
|
|
|
public function getCountbyStories($stories) |
|
397
|
|
|
{ |
|
398
|
|
|
$ret = array(); |
|
399
|
|
|
if (count($stories) > 0) { |
|
400
|
|
|
$sql = 'SELECT storyid, count(fileid) as cnt FROM ' . $this->table . ' WHERE storyid IN ('; |
|
401
|
|
|
$sql .= implode(',', $stories) . ') GROUP BY storyid'; |
|
402
|
|
|
$result = $this->db->query($sql); |
|
403
|
|
|
while ($myrow = $this->db->fetchArray($result)) { |
|
404
|
|
|
$ret[$myrow['storyid']] = $myrow['cnt']; |
|
405
|
|
|
} |
|
406
|
|
|
} |
|
407
|
|
|
|
|
408
|
|
|
return $ret; |
|
409
|
|
|
} |
|
410
|
|
|
} |
|
411
|
|
|
|
XoopsModules25x /
news
Loading history...
The PSR-1: Basic Coding Standard recommends that a file should either introduce new symbols, that is classes, functions, constants or similar, or have side effects. Side effects are anything that executes logic, like for example printing output, changing ini settings or writing to a file.
The idea behind this recommendation is that merely auto-loading a class should not change the state of an application. It also promotes a cleaner style of programming and makes your code less prone to errors, because the logic is not spread out all over the place.
To learn more about the PSR-1, please see the PHP-FIG site on the PSR-1.