aboutsummaryrefslogtreecommitdiff
path: root/mod/file/actions/file/upload.php
diff options
context:
space:
mode:
Diffstat (limited to 'mod/file/actions/file/upload.php')
-rw-r--r--mod/file/actions/file/upload.php222
1 files changed, 222 insertions, 0 deletions
diff --git a/mod/file/actions/file/upload.php b/mod/file/actions/file/upload.php
new file mode 100644
index 000000000..e20c4079f
--- /dev/null
+++ b/mod/file/actions/file/upload.php
@@ -0,0 +1,222 @@
+<?php
+/**
+ * Elgg file uploader/edit action
+ *
+ * @package ElggFile
+ */
+
+// Get variables
+$title = htmlspecialchars(get_input('title', '', false), ENT_QUOTES, 'UTF-8');
+$desc = get_input("description");
+$access_id = (int) get_input("access_id");
+$container_guid = (int) get_input('container_guid', 0);
+$guid = (int) get_input('file_guid');
+$tags = get_input("tags");
+
+if ($container_guid == 0) {
+ $container_guid = elgg_get_logged_in_user_guid();
+}
+
+elgg_make_sticky_form('file');
+
+// check if upload failed
+if (!empty($_FILES['upload']['name']) && $_FILES['upload']['error'] != 0) {
+ register_error(elgg_echo('file:cannotload'));
+ forward(REFERER);
+}
+
+// check whether this is a new file or an edit
+$new_file = true;
+if ($guid > 0) {
+ $new_file = false;
+}
+
+if ($new_file) {
+ // must have a file if a new file upload
+ if (empty($_FILES['upload']['name'])) {
+ $error = elgg_echo('file:nofile');
+ register_error($error);
+ forward(REFERER);
+ }
+
+ $file = new FilePluginFile();
+ $file->subtype = "file";
+
+ // if no title on new upload, grab filename
+ if (empty($title)) {
+ $title = htmlspecialchars($_FILES['upload']['name'], ENT_QUOTES, 'UTF-8');
+ }
+
+} else {
+ // load original file object
+ $file = new FilePluginFile($guid);
+ if (!$file) {
+ register_error(elgg_echo('file:cannotload'));
+ forward(REFERER);
+ }
+
+ // user must be able to edit file
+ if (!$file->canEdit()) {
+ register_error(elgg_echo('file:noaccess'));
+ forward(REFERER);
+ }
+
+ if (!$title) {
+ // user blanked title, but we need one
+ $title = $file->title;
+ }
+}
+
+$file->title = $title;
+$file->description = $desc;
+$file->access_id = $access_id;
+$file->container_guid = $container_guid;
+$file->tags = string_to_tag_array($tags);
+
+// we have a file upload, so process it
+if (isset($_FILES['upload']['name']) && !empty($_FILES['upload']['name'])) {
+
+ $prefix = "file/";
+
+ // if previous file, delete it
+ if ($new_file == false) {
+ $filename = $file->getFilenameOnFilestore();
+ if (file_exists($filename)) {
+ unlink($filename);
+ }
+
+ // use same filename on the disk - ensures thumbnails are overwritten
+ $filestorename = $file->getFilename();
+ $filestorename = elgg_substr($filestorename, elgg_strlen($prefix));
+ } else {
+ $filestorename = elgg_strtolower(time().$_FILES['upload']['name']);
+ }
+
+ $file->setFilename($prefix . $filestorename);
+ $mime_type = ElggFile::detectMimeType($_FILES['upload']['tmp_name'], $_FILES['upload']['type']);
+
+ // hack for Microsoft zipped formats
+ $info = pathinfo($_FILES['upload']['name']);
+ $office_formats = array('docx', 'xlsx', 'pptx');
+ if ($mime_type == "application/zip" && in_array($info['extension'], $office_formats)) {
+ switch ($info['extension']) {
+ case 'docx':
+ $mime_type = "application/vnd.openxmlformats-officedocument.wordprocessingml.document";
+ break;
+ case 'xlsx':
+ $mime_type = "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet";
+ break;
+ case 'pptx':
+ $mime_type = "application/vnd.openxmlformats-officedocument.presentationml.presentation";
+ break;
+ }
+ }
+
+ // check for bad ppt detection
+ if ($mime_type == "application/vnd.ms-office" && $info['extension'] == "ppt") {
+ $mime_type = "application/vnd.ms-powerpoint";
+ }
+
+ $file->setMimeType($mime_type);
+ $file->originalfilename = $_FILES['upload']['name'];
+ $file->simpletype = file_get_simple_type($mime_type);
+
+ // Open the file to guarantee the directory exists
+ $file->open("write");
+ $file->close();
+ move_uploaded_file($_FILES['upload']['tmp_name'], $file->getFilenameOnFilestore());
+
+ $guid = $file->save();
+
+ // if image, we need to create thumbnails (this should be moved into a function)
+ if ($guid && $file->simpletype == "image") {
+ $file->icontime = time();
+
+ $thumbnail = get_resized_image_from_existing_file($file->getFilenameOnFilestore(), 60, 60, true);
+ if ($thumbnail) {
+ $thumb = new ElggFile();
+ $thumb->setMimeType($_FILES['upload']['type']);
+
+ $thumb->setFilename($prefix."thumb".$filestorename);
+ $thumb->open("write");
+ $thumb->write($thumbnail);
+ $thumb->close();
+
+ $file->thumbnail = $prefix."thumb".$filestorename;
+ unset($thumbnail);
+ }
+
+ $thumbsmall = get_resized_image_from_existing_file($file->getFilenameOnFilestore(), 153, 153, true);
+ if ($thumbsmall) {
+ $thumb->setFilename($prefix."smallthumb".$filestorename);
+ $thumb->open("write");
+ $thumb->write($thumbsmall);
+ $thumb->close();
+ $file->smallthumb = $prefix."smallthumb".$filestorename;
+ unset($thumbsmall);
+ }
+
+ $thumblarge = get_resized_image_from_existing_file($file->getFilenameOnFilestore(), 600, 600, false);
+ if ($thumblarge) {
+ $thumb->setFilename($prefix."largethumb".$filestorename);
+ $thumb->open("write");
+ $thumb->write($thumblarge);
+ $thumb->close();
+ $file->largethumb = $prefix."largethumb".$filestorename;
+ unset($thumblarge);
+ }
+ } elseif ($file->icontime) {
+ // if it is not an image, we do not need thumbnails
+ unset($file->icontime);
+
+ $thumb = new ElggFile();
+
+ $thumb->setFilename($prefix . "thumb" . $filestorename);
+ $thumb->delete();
+ unset($file->thumbnail);
+
+ $thumb->setFilename($prefix . "smallthumb" . $filestorename);
+ $thumb->delete();
+ unset($file->smallthumb);
+
+ $thumb->setFilename($prefix . "largethumb" . $filestorename);
+ $thumb->delete();
+ unset($file->largethumb);
+ }
+} else {
+ // not saving a file but still need to save the entity to push attributes to database
+ $file->save();
+}
+
+// file saved so clear sticky form
+elgg_clear_sticky_form('file');
+
+
+// handle results differently for new files and file updates
+if ($new_file) {
+ if ($guid) {
+ $message = elgg_echo("file:saved");
+ system_message($message);
+ add_to_river('river/object/file/create', 'create', elgg_get_logged_in_user_guid(), $file->guid);
+ } else {
+ // failed to save file object - nothing we can do about this
+ $error = elgg_echo("file:uploadfailed");
+ register_error($error);
+ }
+
+ $container = get_entity($container_guid);
+ if (elgg_instanceof($container, 'group')) {
+ forward("file/group/$container->guid/all");
+ } else {
+ forward("file/owner/$container->username");
+ }
+
+} else {
+ if ($guid) {
+ system_message(elgg_echo("file:saved"));
+ } else {
+ register_error(elgg_echo("file:uploadfailed"));
+ }
+
+ forward($file->getURL());
+}
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-01 22:26:17 +0000