|
1
|
|
|
<?php |
|
2
|
|
|
/* Copyright (C) NAVER <http://www.navercorp.com> */ |
|
3
|
|
|
/** |
|
4
|
|
|
* Model class of the file module |
|
5
|
|
|
* @author NAVER ([email protected]) |
|
6
|
|
|
*/ |
|
7
|
|
|
class fileModel extends file |
|
8
|
|
|
{ |
|
9
|
|
|
/** |
|
10
|
|
|
* Initialization |
|
11
|
|
|
* @return void |
|
12
|
|
|
*/ |
|
13
|
|
|
function init() |
|
14
|
|
|
{ |
|
15
|
|
|
} |
|
16
|
|
|
|
|
17
|
|
|
/** |
|
18
|
|
|
* Return a file list attached in the document |
|
19
|
|
|
* |
|
20
|
|
|
* It is used when a file list of the upload_target_srl is requested for creating/updating a document. |
|
21
|
|
|
* Attempt to replace with sever-side session if upload_target_srl is not yet determined |
|
22
|
|
|
* |
|
23
|
|
|
* @return void |
|
24
|
|
|
*/ |
|
25
|
|
|
function getFileList() |
|
26
|
|
|
{ |
|
27
|
|
|
$oModuleModel = getModel('module'); |
|
|
|
|
|
|
28
|
|
|
|
|
29
|
|
|
$mid = Context::get('mid'); |
|
|
|
|
|
|
30
|
|
|
$editor_sequence = Context::get('editor_sequence'); |
|
31
|
|
|
$upload_target_srl = Context::get('upload_target_srl'); |
|
32
|
|
|
if(!$upload_target_srl) $upload_target_srl = $_SESSION['upload_info'][$editor_sequence]->upload_target_srl; |
|
33
|
|
|
|
|
34
|
|
|
if($upload_target_srl) |
|
35
|
|
|
{ |
|
36
|
|
|
$tmp_files = $this->getFiles($upload_target_srl); |
|
37
|
|
|
if($tmp_files instanceof Object && !$tmp_files->toBool()) return $tmp_files; |
|
38
|
|
|
|
|
39
|
|
|
foreach($tmp_files as $file_info) |
|
40
|
|
|
{ |
|
41
|
|
|
if(!$file_info->file_srl) continue; |
|
42
|
|
|
|
|
43
|
|
|
$obj = new stdClass; |
|
44
|
|
|
$obj->file_srl = $file_info->file_srl; |
|
45
|
|
|
$obj->source_filename = $file_info->source_filename; |
|
46
|
|
|
$obj->file_size = $file_info->file_size; |
|
47
|
|
|
$obj->disp_file_size = FileHandler::filesize($file_info->file_size); |
|
48
|
|
|
if($file_info->direct_download=='N') $obj->download_url = $this->getDownloadUrl($file_info->file_srl, $file_info->sid, $file_info->module_srl); |
|
49
|
|
|
else $obj->download_url = str_replace('./', '', $file_info->uploaded_filename); |
|
50
|
|
|
$obj->direct_download = $file_info->direct_download; |
|
51
|
|
|
$obj->cover_image = ($file_info->cover_image === 'Y') ? true : false; |
|
52
|
|
|
$files[] = $obj; |
|
|
|
|
|
|
53
|
|
|
$attached_size += $file_info->file_size; |
|
|
|
|
|
|
54
|
|
|
} |
|
55
|
|
|
} |
|
56
|
|
|
else |
|
57
|
|
|
{ |
|
58
|
|
|
$upload_target_srl = 0; |
|
59
|
|
|
$attached_size = 0; |
|
60
|
|
|
$files = array(); |
|
61
|
|
|
} |
|
62
|
|
|
// Display upload status |
|
63
|
|
|
$upload_status = $this->getUploadStatus($attached_size); |
|
64
|
|
|
// Check remained file size until upload complete |
|
65
|
|
|
//$config = $oModuleModel->getModuleInfoByMid($mid); //perhaps config varialbles not used |
|
66
|
|
|
|
|
67
|
|
|
$file_config = $this->getUploadConfig(); |
|
68
|
|
|
$left_size = $file_config->allowed_attach_size*1024*1024 - $attached_size; |
|
69
|
|
|
// Settings of required information |
|
70
|
|
|
$attached_size = FileHandler::filesize($attached_size); |
|
71
|
|
|
$allowed_attach_size = FileHandler::filesize($file_config->allowed_attach_size*1024*1024); |
|
72
|
|
|
$allowed_filesize = FileHandler::filesize($file_config->allowed_filesize*1024*1024); |
|
73
|
|
|
$allowed_filetypes = $file_config->allowed_filetypes; |
|
74
|
|
|
$this->add("files",$files); |
|
|
|
|
|
|
75
|
|
|
$this->add("editor_sequence",$editor_sequence); |
|
76
|
|
|
$this->add("upload_target_srl",$upload_target_srl); |
|
77
|
|
|
$this->add("upload_status",$upload_status); |
|
78
|
|
|
$this->add("left_size",$left_size); |
|
79
|
|
|
$this->add('attached_size', $attached_size); |
|
80
|
|
|
$this->add('allowed_attach_size', $allowed_attach_size); |
|
81
|
|
|
$this->add('allowed_filesize', $allowed_filesize); |
|
82
|
|
|
$this->add('allowed_filetypes', $allowed_filetypes); |
|
83
|
|
|
} |
|
84
|
|
|
|
|
85
|
|
|
/** |
|
86
|
|
|
* Return number of attachments which belongs to a specific document |
|
87
|
|
|
* |
|
88
|
|
|
* @param int $upload_target_srl The sequence to get a number of files |
|
89
|
|
|
* @return int Returns a number of files |
|
90
|
|
|
*/ |
|
91
|
|
|
function getFilesCount($upload_target_srl) |
|
92
|
|
|
{ |
|
93
|
|
|
$args = new stdClass(); |
|
94
|
|
|
$args->upload_target_srl = $upload_target_srl; |
|
95
|
|
|
$output = executeQuery('file.getFilesCount', $args); |
|
96
|
|
|
return (int)$output->data->count; |
|
97
|
|
|
} |
|
98
|
|
|
|
|
99
|
|
|
/** |
|
100
|
|
|
* Get a download path |
|
101
|
|
|
* |
|
102
|
|
|
* @param int $file_srl The sequence of file to get url |
|
103
|
|
|
* @param string $sid |
|
104
|
|
|
* @return string Returns a url |
|
105
|
|
|
*/ |
|
106
|
|
|
function getDownloadUrl($file_srl, $sid, $module_srl="") |
|
107
|
|
|
{ |
|
108
|
|
|
return sprintf('?module=%s&act=%s&file_srl=%s&sid=%s&module_srl=%s', 'file', 'procFileDownload', $file_srl, $sid, $module_srl); |
|
109
|
|
|
} |
|
110
|
|
|
|
|
111
|
|
|
/** |
|
112
|
|
|
* Get file configurations |
|
113
|
|
|
* |
|
114
|
|
|
* @param int $module_srl If set this, returns specific module's configuration. Otherwise returns global configuration. |
|
115
|
|
|
* @return object Returns configuration. |
|
116
|
|
|
*/ |
|
117
|
|
|
function getFileConfig($module_srl = null) |
|
118
|
|
|
{ |
|
119
|
|
|
// Get configurations (using module model object) |
|
120
|
|
|
$oModuleModel = getModel('module'); |
|
121
|
|
|
|
|
122
|
|
|
$file_module_config = $oModuleModel->getModuleConfig('file'); |
|
123
|
|
|
|
|
124
|
|
|
if($module_srl) $file_config = $oModuleModel->getModulePartConfig('file',$module_srl); |
|
|
|
|
|
|
125
|
|
|
if(!$file_config) $file_config = $file_module_config; |
|
|
|
|
|
|
126
|
|
|
|
|
127
|
|
|
$config = new stdClass(); |
|
128
|
|
|
|
|
129
|
|
|
if($file_config) |
|
130
|
|
|
{ |
|
131
|
|
|
$config->allowed_filesize = $file_config->allowed_filesize; |
|
132
|
|
|
$config->allowed_attach_size = $file_config->allowed_attach_size; |
|
133
|
|
|
$config->allowed_filetypes = $file_config->allowed_filetypes; |
|
134
|
|
|
$config->download_grant = $file_config->download_grant; |
|
135
|
|
|
$config->allow_outlink = $file_config->allow_outlink; |
|
136
|
|
|
$config->allow_outlink_site = $file_config->allow_outlink_site; |
|
137
|
|
|
$config->allow_outlink_format = $file_config->allow_outlink_format; |
|
138
|
|
|
} |
|
139
|
|
|
// Property for all files comes first than each property |
|
140
|
|
|
if(!$config->allowed_filesize) $config->allowed_filesize = $file_module_config->allowed_filesize; |
|
141
|
|
|
if(!$config->allowed_attach_size) $config->allowed_attach_size = $file_module_config->allowed_attach_size; |
|
142
|
|
|
if(!$config->allowed_filetypes) $config->allowed_filetypes = $file_module_config->allowed_filetypes; |
|
143
|
|
|
if(!$config->allow_outlink) $config->allow_outlink = $file_module_config->allow_outlink; |
|
144
|
|
|
if(!$config->allow_outlink_site) $config->allow_outlink_site = $file_module_config->allow_outlink_site; |
|
145
|
|
|
if(!$config->allow_outlink_format) $config->allow_outlink_format = $file_module_config->allow_outlink_format; |
|
146
|
|
|
if(!$config->download_grant) $config->download_grant = $file_module_config->download_grant; |
|
147
|
|
|
// Default setting if not exists |
|
148
|
|
|
if(!$config->allowed_filesize) $config->allowed_filesize = '2'; |
|
149
|
|
|
if(!$config->allowed_attach_size) $config->allowed_attach_size = '3'; |
|
150
|
|
|
if(!$config->allowed_filetypes) $config->allowed_filetypes = '*.*'; |
|
151
|
|
|
if(!$config->allow_outlink) $config->allow_outlink = 'Y'; |
|
152
|
|
|
if(!$config->download_grant) $config->download_grant = array(); |
|
153
|
|
|
|
|
154
|
|
|
$size = ini_get('upload_max_filesize'); |
|
155
|
|
|
$unit = strtolower($size[strlen($size) - 1]); |
|
156
|
|
|
$size = (float)$size; |
|
157
|
|
|
if($unit == 'g') $size *= 1024; |
|
158
|
|
|
if($unit == 'k') $size /= 1024; |
|
159
|
|
|
|
|
160
|
|
|
if($config->allowed_filesize > $size) |
|
161
|
|
|
{ |
|
162
|
|
|
$config->allowed_filesize = $size; |
|
163
|
|
|
} |
|
164
|
|
|
if($config->allowed_attach_size > $size) |
|
165
|
|
|
{ |
|
166
|
|
|
$config->allowed_attach_size = $size; |
|
167
|
|
|
} |
|
168
|
|
|
|
|
169
|
|
|
return $config; |
|
170
|
|
|
} |
|
171
|
|
|
|
|
172
|
|
|
/** |
|
173
|
|
|
* Get file information |
|
174
|
|
|
* |
|
175
|
|
|
* @param int $file_srl The sequence of file to get information |
|
176
|
|
|
* @param array $columnList The list of columns to get from DB |
|
177
|
|
|
* @return Object|object|array If error returns an instance of Object. If result set is one returns a object that contins file information. If result set is more than one returns array of object. |
|
178
|
|
|
*/ |
|
179
|
|
|
function getFile($file_srl, $columnList = array()) |
|
180
|
|
|
{ |
|
181
|
|
|
$args = new stdClass(); |
|
182
|
|
|
$args->file_srl = $file_srl; |
|
183
|
|
|
$output = executeQueryArray('file.getFile', $args, $columnList); |
|
184
|
|
|
if(!$output->toBool()) return $output; |
|
185
|
|
|
|
|
186
|
|
|
// old version compatibility |
|
187
|
|
|
if(count($output->data) == 1) |
|
188
|
|
|
{ |
|
189
|
|
|
$file = $output->data[0]; |
|
190
|
|
|
$file->download_url = $this->getDownloadUrl($file->file_srl, $file->sid, $file->module_srl); |
|
191
|
|
|
|
|
192
|
|
|
return $file; |
|
193
|
|
|
} |
|
194
|
|
|
else |
|
195
|
|
|
{ |
|
196
|
|
|
$fileList = array(); |
|
197
|
|
|
|
|
198
|
|
|
if(is_array($output->data)) |
|
199
|
|
|
{ |
|
200
|
|
|
foreach($output->data as $key=>$value) |
|
201
|
|
|
{ |
|
202
|
|
|
$file = $value; |
|
203
|
|
|
$file->download_url = $this->getDownloadUrl($file->file_srl, $file->sid, $file->module_srl); |
|
204
|
|
|
$fileList[] = $file; |
|
205
|
|
|
} |
|
206
|
|
|
} |
|
207
|
|
|
return $fileList; |
|
208
|
|
|
} |
|
209
|
|
|
} |
|
210
|
|
|
|
|
211
|
|
|
/** |
|
212
|
|
|
* Return all files which belong to a specific document |
|
213
|
|
|
* |
|
214
|
|
|
* @param int $upload_target_srl The sequence of target to get file list |
|
215
|
|
|
* @param array $columnList The list of columns to get from DB |
|
216
|
|
|
* @param string $sortIndex The column that used as sort index |
|
217
|
|
|
* @return array Returns array of object that contains file information. If no result returns null. |
|
218
|
|
|
*/ |
|
219
|
|
|
function getFiles($upload_target_srl, $columnList = array(), $sortIndex = 'file_srl', $ckValid = false) |
|
220
|
|
|
{ |
|
221
|
|
|
$oModuleModel = getModel('module'); |
|
222
|
|
|
$oDocumentModel = getModel('document'); |
|
223
|
|
|
$oCommentModel = getModel('comment'); |
|
224
|
|
|
$logged_info = Context::get('logged_info'); |
|
225
|
|
|
|
|
226
|
|
|
$oDocument = $oDocumentModel->getDocument($upload_target_srl); |
|
227
|
|
|
|
|
228
|
|
|
// comment 권한 확인 |
|
229
|
|
|
if(!$oDocument->isExists()) |
|
230
|
|
|
{ |
|
231
|
|
|
$oComment = $oCommentModel->getComment($upload_target_srl); |
|
232
|
|
|
if($oComment->isExists() && $oComment->isSecret() && !$oComment->isGranted()) |
|
233
|
|
|
{ |
|
234
|
|
|
return $this->stop('msg_not_permitted'); |
|
|
|
|
|
|
235
|
|
|
} |
|
236
|
|
|
|
|
237
|
|
|
$oDocument = $oDocumentModel->getDocument($oComment->get('document_srl')); |
|
238
|
|
|
} |
|
239
|
|
|
|
|
240
|
|
|
// document 권한 확인 |
|
241
|
|
|
if($oDocument->isExists() && $oDocument->isSecret() && !$oDocument->isGranted()) |
|
242
|
|
|
{ |
|
243
|
|
|
return $this->stop('msg_not_permitted'); |
|
|
|
|
|
|
244
|
|
|
} |
|
245
|
|
|
|
|
246
|
|
|
// 모듈 권한 확인 |
|
247
|
|
|
$grant = $oModuleModel->getGrant($oModuleModel->getModuleInfoByModuleSrl($oDocument->get('module_srl')), $logged_info); |
|
248
|
|
|
if(!$grant->access) |
|
249
|
|
|
{ |
|
250
|
|
|
return $this->stop('msg_not_permitted'); |
|
|
|
|
|
|
251
|
|
|
} |
|
252
|
|
|
|
|
253
|
|
|
$args = new stdClass(); |
|
254
|
|
|
$args->upload_target_srl = $upload_target_srl; |
|
255
|
|
|
$args->sort_index = $sortIndex; |
|
256
|
|
|
if($ckValid) $args->isvalid = 'Y'; |
|
257
|
|
|
$output = executeQuery('file.getFiles', $args, $columnList); |
|
258
|
|
|
if(!$output->data) return; |
|
259
|
|
|
|
|
260
|
|
|
$file_list = $output->data; |
|
261
|
|
|
|
|
262
|
|
|
if($file_list && !is_array($file_list)) $file_list = array($file_list); |
|
263
|
|
|
|
|
264
|
|
|
$file_count = count($file_list); |
|
265
|
|
|
for($i=0;$i<$file_count;$i++) |
|
266
|
|
|
{ |
|
267
|
|
|
$file = $file_list[$i]; |
|
268
|
|
|
$file->source_filename = stripslashes($file->source_filename); |
|
269
|
|
|
$file->source_filename = htmlspecialchars($file->source_filename); |
|
270
|
|
|
$file->download_url = $this->getDownloadUrl($file->file_srl, $file->sid, $file->module_srl); |
|
271
|
|
|
$file_list[$i] = $file; |
|
272
|
|
|
} |
|
273
|
|
|
|
|
274
|
|
|
return $file_list; |
|
275
|
|
|
} |
|
276
|
|
|
|
|
277
|
|
|
/** |
|
278
|
|
|
* Return configurations of the attachement (it automatically checks if an administrator is) |
|
279
|
|
|
* |
|
280
|
|
|
* @return object Returns a file configuration of current module. If user is admin, returns PHP's max file size and allow all file types. |
|
281
|
|
|
*/ |
|
282
|
|
|
function getUploadConfig() |
|
283
|
|
|
{ |
|
284
|
|
|
$logged_info = Context::get('logged_info'); |
|
285
|
|
|
|
|
286
|
|
|
$module_srl = Context::get('module_srl'); |
|
287
|
|
|
// Get the current module if module_srl doesn't exist |
|
288
|
|
|
if(!$module_srl) |
|
289
|
|
|
{ |
|
290
|
|
|
$current_module_info = Context::get('current_module_info'); |
|
291
|
|
|
$module_srl = $current_module_info->module_srl; |
|
292
|
|
|
} |
|
293
|
|
|
$file_config = $this->getFileConfig($module_srl); |
|
294
|
|
|
|
|
295
|
|
|
if($logged_info->is_admin == 'Y') |
|
296
|
|
|
{ |
|
297
|
|
|
$iniPostMaxSize = FileHandler::returnbytes(ini_get('post_max_size')); |
|
298
|
|
|
$iniUploadMaxSize = FileHandler::returnbytes(ini_get('upload_max_filesize')); |
|
299
|
|
|
$size = min($iniPostMaxSize, $iniUploadMaxSize) / 1048576; |
|
300
|
|
|
$file_config->allowed_attach_size = $size; |
|
301
|
|
|
$file_config->allowed_filesize = $size; |
|
302
|
|
|
$file_config->allowed_filetypes = '*.*'; |
|
303
|
|
|
} |
|
304
|
|
|
return $file_config; |
|
305
|
|
|
} |
|
306
|
|
|
|
|
307
|
|
|
/** |
|
308
|
|
|
* Return messages for file upload and it depends whether an admin is or not |
|
309
|
|
|
* |
|
310
|
|
|
* @param int $attached_size |
|
311
|
|
|
* @return string |
|
312
|
|
|
*/ |
|
313
|
|
|
function getUploadStatus($attached_size = 0) |
|
314
|
|
|
{ |
|
315
|
|
|
$file_config = $this->getUploadConfig(); |
|
316
|
|
|
// Display upload status |
|
317
|
|
|
$upload_status = sprintf( |
|
318
|
|
|
'%s : %s/ %s<br /> %s : %s (%s : %s)', |
|
319
|
|
|
Context::getLang('allowed_attach_size'), |
|
320
|
|
|
FileHandler::filesize($attached_size), |
|
321
|
|
|
FileHandler::filesize($file_config->allowed_attach_size*1024*1024), |
|
322
|
|
|
Context::getLang('allowed_filesize'), |
|
323
|
|
|
FileHandler::filesize($file_config->allowed_filesize*1024*1024), |
|
324
|
|
|
Context::getLang('allowed_filetypes'), |
|
325
|
|
|
$file_config->allowed_filetypes |
|
326
|
|
|
); |
|
327
|
|
|
return $upload_status; |
|
328
|
|
|
} |
|
329
|
|
|
|
|
330
|
|
|
/** |
|
331
|
|
|
* Return file configuration of the module |
|
332
|
|
|
* |
|
333
|
|
|
* @param int $module_srl The sequence of module to get configuration |
|
334
|
|
|
* @return object |
|
335
|
|
|
*/ |
|
336
|
|
|
function getFileModuleConfig($module_srl) |
|
337
|
|
|
{ |
|
338
|
|
|
return $this->getFileConfig($module_srl); |
|
339
|
|
|
} |
|
340
|
|
|
|
|
341
|
|
|
/** |
|
342
|
|
|
* Returns a grant of file |
|
343
|
|
|
* |
|
344
|
|
|
* @param object $file_info The file information to get grant |
|
345
|
|
|
* @param object $member_info The member information to get grant |
|
346
|
|
|
* @return object Returns a grant of file |
|
347
|
|
|
*/ |
|
348
|
|
|
function getFileGrant($file_info, $member_info) |
|
349
|
|
|
{ |
|
350
|
|
|
if(!$file_info) return null; |
|
351
|
|
|
|
|
352
|
|
|
if($_SESSION['__XE_UPLOADING_FILES_INFO__'][$file_info->file_srl]) |
|
353
|
|
|
{ |
|
354
|
|
|
$file_grant->is_deletable = true; |
|
|
|
|
|
|
355
|
|
|
return $file_grant; |
|
356
|
|
|
} |
|
357
|
|
|
|
|
358
|
|
|
$oModuleModel = getModel('module'); |
|
359
|
|
|
$grant = $oModuleModel->getGrant($oModuleModel->getModuleInfoByModuleSrl($file_info->module_srl), $member_info); |
|
360
|
|
|
|
|
361
|
|
|
$oDocumentModel = getModel('document'); |
|
362
|
|
|
$oDocument = $oDocumentModel->getDocument($file_info->upload_target_srl); |
|
363
|
|
|
if($oDocument->isExists()) $document_grant = $oDocument->isGranted(); |
|
364
|
|
|
|
|
365
|
|
|
$file_grant->is_deletable = ($document_grant || $member_info->is_admin == 'Y' || $member_info->member_srl == $file_info->member_srl || $grant->manager); |
|
|
|
|
|
|
366
|
|
|
|
|
367
|
|
|
return $file_grant; |
|
368
|
|
|
} |
|
369
|
|
|
} |
|
370
|
|
|
/* End of file file.model.php */ |
|
371
|
|
|
/* Location: ./modules/file/file.model.php */ |
|
372
|
|
|
|
xpressengine /
xe-core
Loading history...
This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently.
Both the
$myVarassignment in line 1 and the$higherassignment in line 2 are dead. The first because$myVaris never used and the second because$higheris always overwritten for every possible time line.