plugins/SpecialUpdownload.php
author Dan Fuhry <dan@enanocms.org>
Tue, 16 Nov 2010 12:31:41 -0500
branch1.1.7-maintenance
changeset 1317 6012710ae538
parent 1175 1e2c9819ede3
child 1227 bdac73ed481e
permissions -rw-r--r--
SECURITY: Fix SQL injection in banlist check (1.1.7 branch)
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     1
<?php
519
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 504
diff changeset
     2
/**!info**
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 504
diff changeset
     3
{
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 504
diff changeset
     4
  "Plugin Name"  : "plugin_specialupdownload_title",
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 504
diff changeset
     5
  "Plugin URI"   : "http://enanocms.org/",
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 504
diff changeset
     6
  "Description"  : "plugin_specialupdownload_desc",
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 504
diff changeset
     7
  "Author"       : "Dan Fuhry",
960
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
     8
  "Version"      : "1.1.6",
519
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 504
diff changeset
     9
  "Author URI"   : "http://enanocms.org/"
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 504
diff changeset
    10
}
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 504
diff changeset
    11
**!*/
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    12
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    13
/*
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    14
 * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
1081
745200a9cc2a Fixed some upgrade bugs; added support for choosing one's own date/time formats; rebrand as 1.1.7
Dan
parents: 1059
diff changeset
    15
 * Copyright (C) 2006-2009 Dan Fuhry
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    16
 * SpecialUpdownload.php - handles uploading and downloading of user-uploaded files - possibly the most rigorously security-enforcing script in all of Enano, although sessions.php comes in a close second
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    17
 *
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    18
 * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    19
 * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    20
 *
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    21
 * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    22
 * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    23
 */
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    24
 
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    25
global $db, $session, $paths, $template, $plugins; // Common objects
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    26
593
4f9bec0d65c1 More optimization work. Moved special page init functions to common instead of common_post hook. Allowed paths to cache page metadata on filesystem. Phased out the redundancy in $paths->pages that paired a number with every urlname as foreach loops are allowed now (and have been for some time). Fixed missing includes for several functions. Rewrote str_replace_once to be a lot more efficient.
Dan
parents: 590
diff changeset
    27
// $plugins->attachHook('session_started', 'SpecialUpDownload_paths_init();');
590
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now
Dan
parents: 564
diff changeset
    28
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now
Dan
parents: 564
diff changeset
    29
function SpecialUpDownload_paths_init()
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now
Dan
parents: 564
diff changeset
    30
{
960
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
    31
  register_special_page('UploadFile', 'specialpage_upload_file');
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
    32
  register_special_page('DownloadFile', 'specialpage_download_file');
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
    33
}
590
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now
Dan
parents: 564
diff changeset
    34
  
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    35
function page_Special_UploadFile()
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    36
{
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    37
  global $db, $session, $paths, $template, $plugins; // Common objects
366
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
    38
  global $lang;
609
ffa5decbb305 Fixed a few places where page metadata cache should have been purged (there may be a few more commits like this)
Dan
parents: 593
diff changeset
    39
  global $cache;
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    40
  global $mime_types;
366
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
    41
  if(getConfig('enable_uploads')!='1') { die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('upload_err_disabled_site') . '</p>'); }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    42
  if ( !$session->get_permissions('upload_files') )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    43
  {
366
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
    44
    die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('upload_err_disabled_acl') . '</p>');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    45
  }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    46
  if(isset($_POST['doit']))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    47
  {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    48
    if(isset($_FILES['data']))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    49
    {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    50
      $file =& $_FILES['data'];
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    51
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    52
    else
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    53
    {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    54
      $file = false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    55
    }
192
9237767a23ae Implemented cron image into Oxygen and St Patty as promised; fixed way-outdated version numbers in plugins
Dan
parents: 116
diff changeset
    56
    if ( !is_array($file) )
9237767a23ae Implemented cron image into Oxygen and St Patty as promised; fixed way-outdated version numbers in plugins
Dan
parents: 116
diff changeset
    57
    {
366
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
    58
      die_friendly($lang->get('upload_err_title'), '<p>' . $lang->get('upload_err_cant_get_file_meta') . '</p>');
192
9237767a23ae Implemented cron image into Oxygen and St Patty as promised; fixed way-outdated version numbers in plugins
Dan
parents: 116
diff changeset
    59
    }
832
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
    60
    if ( $file['size'] == 0 || $file['size'] > (int)getConfig('max_file_size', '256000') )
192
9237767a23ae Implemented cron image into Oxygen and St Patty as promised; fixed way-outdated version numbers in plugins
Dan
parents: 116
diff changeset
    61
    {
366
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
    62
      die_friendly($lang->get('upload_err_title'), '<p>' . $lang->get('upload_err_too_big_or_small') . '</p>');
192
9237767a23ae Implemented cron image into Oxygen and St Patty as promised; fixed way-outdated version numbers in plugins
Dan
parents: 116
diff changeset
    63
    }
366
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
    64
    
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    65
    $types = fetch_allowed_extensions();
445
62e1a6f3de84 Fixed case-sensitive file extensions
Dan
parents: 317
diff changeset
    66
    $ext = strtolower(substr($file['name'], strrpos($file['name'], '.')+1, strlen($file['name'])));
192
9237767a23ae Implemented cron image into Oxygen and St Patty as promised; fixed way-outdated version numbers in plugins
Dan
parents: 116
diff changeset
    67
    if ( !isset($types[$ext]) || ( isset($types[$ext]) && !$types[$ext] ) )
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    68
    {
366
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
    69
      die_friendly($lang->get('upload_err_title'), '<p>' . $lang->get('upload_err_banned_ext', array('ext' => htmlspecialchars($ext))) . '</p>');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    70
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    71
    $type = $mime_types[$ext];
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    72
    //$type = explode(';', $type); $type = $type[0];
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    73
    //if(!in_array($type, $allowed_mime_types)) die_friendly('Upload failed', '<p>The file type "'.$type.'" is not allowed.</p>');
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    74
    if($_POST['rename'] != '')
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    75
    {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    76
      $filename = $_POST['rename'];
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    77
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    78
    else
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    79
    {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    80
      $filename = $file['name'];
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    81
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    82
    $bad_chars = Array(':', '\\', '/', '<', '>', '|', '*', '?', '"', '#', '+');
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    83
    foreach($bad_chars as $ch)
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    84
    {
366
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
    85
      if(strstr($filename, $ch) || preg_match('/^([ ]+)$/is', $filename))
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
    86
      {
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
    87
        die_friendly($lang->get('upload_err_title'), '<p>' . $lang->get('upload_err_banned_chars') . '</p>');
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
    88
      }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    89
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    90
    
953
323c4cd1aa37 Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
parents: 898
diff changeset
    91
    $ns = namespace_factory($filename, 'File');
323c4cd1aa37 Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
parents: 898
diff changeset
    92
    $cdata = $ns->get_cdata();
323c4cd1aa37 Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
parents: 898
diff changeset
    93
    $is_protected = $cdata['really_protected'];
323c4cd1aa37 Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
parents: 898
diff changeset
    94
    
323c4cd1aa37 Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
parents: 898
diff changeset
    95
    if ( isPage($paths->get_pathskey($filename, 'File')) && !isset ( $_POST['update'] ) )
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    96
    {
366
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
    97
      $upload_link = makeUrlNS('Special', 'UploadFile/'.$filename);
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
    98
      die_friendly($lang->get('upload_err_title'), '<p>' . $lang->get('upload_err_already_exists', array('upload_link' => $upload_link)) . '</p>');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    99
    }
953
323c4cd1aa37 Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
parents: 898
diff changeset
   100
    else if ( isset($_POST['update']) && $is_protected )
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   101
    {
366
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
   102
      die_friendly($lang->get('upload_err_title'), '<p>' . $lang->get('upload_err_replace_protected') . '</p>');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   103
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   104
    
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   105
    $utime = time();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   106
           
721
bfde4d7402b1 Fixed filename not being sent through sanitize_page_id() during upload. Non-security.
Dan
parents: 685
diff changeset
   107
    $filename = $db->escape(sanitize_page_id($filename));
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   108
    $ext = substr($filename, strrpos($filename, '.'), strlen($filename));
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   109
    $flen = filesize($file['tmp_name']);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   110
    
1171
d42d46e13b36 Fixed php_in_pages out-of-scope error in Special:UploadFile; modified RenderMan::preprocess_text() to take a permissions object for any page
Dan
parents: 1081
diff changeset
   111
    $perms = $session->fetch_page_acl($filename, 'File');
d42d46e13b36 Fixed php_in_pages out-of-scope error in Special:UploadFile; modified RenderMan::preprocess_text() to take a permissions object for any page
Dan
parents: 1081
diff changeset
   112
    $comments = ( isset($_POST['update']) ) ? $db->escape($_POST['comments']) : $db->escape(RenderMan::preprocess_text($_POST['comments'], false, false, true, $perms));
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   113
    $chartag = sha1(microtime());
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   114
    $urln = str_replace(' ', '_', $filename);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   115
    
481
07bf15b066bc Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents: 458
diff changeset
   116
    $key = md5($filename . '_' . ( function_exists('md5_file') ? md5_file($file['tmp_name']) : file_get_contents($file['tmp_name'])));
07bf15b066bc Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents: 458
diff changeset
   117
    $targetname = ENANO_ROOT . '/files/' . $key . $ext;
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   118
    
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   119
    if(!@move_uploaded_file($file['tmp_name'], $targetname))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   120
    {
366
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
   121
      die_friendly($lang->get('upload_err_title'), '<p>' . $lang->get('upload_err_move_failed') . '</p>');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   122
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   123
    
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   124
    if(getConfig('file_history') != '1')
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   125
    {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   126
      if(!$db->sql_query('DELETE FROM  '.table_prefix.'files WHERE filename=\''.$filename.'\' LIMIT 1;')) $db->_die('The old file data could not be deleted.');
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   127
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   128
    if(!$db->sql_query('INSERT INTO '.table_prefix.'files(time_id,page_id,filename,size,mimetype,file_extension,file_key) VALUES('.$utime.', \''.$urln.'\', \''.$filename.'\', '.$flen.', \''.$type.'\', \''.$ext.'\', \''.$key.'\')')) $db->_die('The file data entry could not be inserted.');
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   129
    if(!isset($_POST['update']))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   130
    {
1175
1e2c9819ede3 Logs: Fully integrated an author_uid column. Logs are now linked by user ID instead of just username, so they survive username changes better. Database is changed. Fixes issue 6.
Dan
parents: 1171
diff changeset
   131
      if(!$db->sql_query('INSERT INTO '.table_prefix.'logs(time_id,date_string,log_type,action,author,author_uid,page_id,namespace) VALUES('.$utime.', \''.enano_date(ED_DATE | ED_TIME).'\', \'page\', \'create\', \''.$session->username.'\',' . $session->user_id . ', \''.$filename.'\', \''.'File'.'\');')) $db->_die('The page log could not be updated.');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   132
      if(!$db->sql_query('INSERT INTO '.table_prefix.'pages(name,urlname,namespace,protected,delvotes,delvote_ips) VALUES(\''.$filename.'\', \''.$urln.'\', \'File\', 0, 0, \'\')')) $db->_die('The page listing entry could not be inserted.');
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   133
      if(!$db->sql_query('INSERT INTO '.table_prefix.'page_text(page_id,namespace,page_text,char_tag) VALUES(\''.$urln.'\', \'File\', \''.$comments.'\', \''.$chartag.'\')')) $db->_die('The page text entry could not be inserted.');
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   134
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   135
    else
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   136
    {
1175
1e2c9819ede3 Logs: Fully integrated an author_uid column. Logs are now linked by user ID instead of just username, so they survive username changes better. Database is changed. Fixes issue 6.
Dan
parents: 1171
diff changeset
   137
      if(!$db->sql_query('INSERT INTO '.table_prefix.'logs(time_id,date_string,log_type,action,author,author_uid,page_id,namespace,edit_summary) VALUES('.$utime.', \''.enano_date(ED_DATE | ED_TIME).'\', \'page\', \'reupload\', \''.$session->username.'\',' . $session->user_id . ', \''.$filename.'\', \''.'File'.'\', \''.$comments.'\');')) $db->_die('The page log could not be updated.');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   138
    }
609
ffa5decbb305 Fixed a few places where page metadata cache should have been purged (there may be a few more commits like this)
Dan
parents: 593
diff changeset
   139
    $cache->purge('page_meta');
366
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
   140
    die_friendly($lang->get('upload_success_title'), '<p>' . $lang->get('upload_success_body', array('file_link' => makeUrlNS('File', $filename))) . '</p>');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   141
  }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   142
  else
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   143
  {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   144
    $template->header();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   145
    $fn = $paths->getParam(0);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   146
    if ( $fn && !$session->get_permissions('upload_new_version') )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   147
    {
366
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
   148
      die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('upload_err_replace_denied') . '<p>');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   149
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   150
    ?>
366
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
   151
    <p><?php echo $lang->get('upload_intro'); ?></p>
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
   152
    <p><?php 
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   153
      // Get the max file size, and format it in a way that is user-friendly
366
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
   154
      
832
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   155
      $fs = getConfig('max_file_size', '256000');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   156
      $fs = (int)$fs;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   157
      if($fs >= 1048576)
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   158
      {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   159
        $fs = round($fs / 1048576, 1);
366
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
   160
        $unitized = $fs . ' ' . $lang->get('etc_unit_megabytes_short');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   161
      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   162
      elseif($fs >= 1024)
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   163
      {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   164
        $fs = round($fs / 1024, 1);
366
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
   165
        $unitized = $fs . ' ' . $lang->get('etc_unit_kilobytes_short');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   166
      }
366
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
   167
      
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
   168
      echo $lang->get('upload_max_filesize', array(
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
   169
          'size' => $unitized
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
   170
        ));
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
   171
    ?></p>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   172
    <form action="<?php echo makeUrl($paths->page); ?>" method="post" enctype="multipart/form-data">
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   173
      <table border="0" cellspacing="1" cellpadding="4">
366
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
   174
        <tr><td><?php echo $lang->get('upload_field_file'); ?></td><td><input name="data" type="file" size="40" /></td></tr>
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
   175
        <tr><td><?php echo $lang->get('upload_field_renameto'); ?></td><td><input name="rename" type="text" size="40"<?php if($fn) echo ' value="'.$fn.'" readonly="readonly"'; ?> /></td></tr>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   176
        <?php
366
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
   177
        if(!$fn) echo '<tr><td>' . $lang->get('upload_field_comments') . '</td><td><textarea name="comments" rows="20" cols="60"></textarea></td></tr>';
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
   178
        else echo '<tr><td>' . $lang->get('upload_field_reason') . '</td><td><input name="comments" size="50" /></td></tr>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   179
        ?>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   180
        <tr><td colspan="2" style="text-align: center">
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   181
          <?php
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   182
          if($fn)
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   183
            echo '<input type="hidden" name="update" value="true" />';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   184
          ?>
366
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
   185
          <input type="submit" name="doit" value="<?php echo $lang->get('upload_btn_upload'); ?>" />
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   186
        </td></tr>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   187
      </table>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   188
    </form>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   189
    <?php
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   190
    $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   191
  }
242
78a94f7bb5e3 Merge changes back from Nighthawk
Dan
parents: 230
diff changeset
   192
}                                                     
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   193
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   194
function page_Special_DownloadFile()
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   195
{
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   196
  global $db, $session, $paths, $template, $plugins; // Common objects
366
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
   197
  global $lang;
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   198
  global $do_gzip;
1059
f5d2bca33bb8 Added ability to specify PNG or JPEG as the format of thumbnails/scaled images in Special:DownloadFile
Dan
parents: 960
diff changeset
   199
  $filename = $paths->getParam(0);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   200
  $timeid = $paths->getParam(1);
1059
f5d2bca33bb8 Added ability to specify PNG or JPEG as the format of thumbnails/scaled images in Special:DownloadFile
Dan
parents: 960
diff changeset
   201
  if ( $timeid && ctype_digit((string)$timeid) )
292
b3cfaf0a505c Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
Dan
parents: 230
diff changeset
   202
  {
b3cfaf0a505c Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
Dan
parents: 230
diff changeset
   203
    $tid = ' AND time_id='.$timeid;
b3cfaf0a505c Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
Dan
parents: 230
diff changeset
   204
  }
b3cfaf0a505c Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
Dan
parents: 230
diff changeset
   205
  else
b3cfaf0a505c Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
Dan
parents: 230
diff changeset
   206
  {
b3cfaf0a505c Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
Dan
parents: 230
diff changeset
   207
    $tid = '';
b3cfaf0a505c Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
Dan
parents: 230
diff changeset
   208
  }
721
bfde4d7402b1 Fixed filename not being sent through sanitize_page_id() during upload. Non-security.
Dan
parents: 685
diff changeset
   209
  $filename = $db->escape(sanitize_page_id($filename));
bfde4d7402b1 Fixed filename not being sent through sanitize_page_id() during upload. Non-security.
Dan
parents: 685
diff changeset
   210
  
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   211
  $q = $db->sql_query('SELECT page_id,size,mimetype,time_id,file_extension,file_key FROM '.table_prefix.'files WHERE filename=\''.$filename.'\''.$tid.' ORDER BY time_id DESC;');
292
b3cfaf0a505c Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
Dan
parents: 230
diff changeset
   212
  if ( !$q )
b3cfaf0a505c Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
Dan
parents: 230
diff changeset
   213
  {
b3cfaf0a505c Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
Dan
parents: 230
diff changeset
   214
    $db->_die('The file data could not be selected.');
b3cfaf0a505c Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
Dan
parents: 230
diff changeset
   215
  }
b3cfaf0a505c Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
Dan
parents: 230
diff changeset
   216
  if ( $db->numrows() < 1 )
b3cfaf0a505c Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
Dan
parents: 230
diff changeset
   217
  {
b3cfaf0a505c Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
Dan
parents: 230
diff changeset
   218
    header('HTTP/1.1 404 Not Found');
366
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
   219
    die_friendly($lang->get('upload_err_not_found_title'), '<p>' . $lang->get('upload_err_not_found_body', array('filename' => htmlspecialchars($filename))) . '</p>');
292
b3cfaf0a505c Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
Dan
parents: 230
diff changeset
   220
  }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   221
  $row = $db->fetchrow();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   222
  $db->free_result();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   223
  
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   224
  // Check permissions
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   225
  $perms = $session->fetch_page_acl($row['page_id'], 'File');
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   226
  if ( !$perms->get_permissions('read') )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   227
  {
366
7e16181545e1 Localized Special:UploadFile and Special:DownloadFile
Dan
parents: 345
diff changeset
   228
    die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   229
  }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   230
  
481
07bf15b066bc Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents: 458
diff changeset
   231
  $fname = ENANO_ROOT . '/files/' . $row['file_key'] . $row['file_extension'];
07bf15b066bc Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents: 458
diff changeset
   232
  if ( !file_exists($fname) )
07bf15b066bc Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents: 458
diff changeset
   233
  {
07bf15b066bc Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents: 458
diff changeset
   234
    $fname = ENANO_ROOT . '/files/' . $row['file_key'] . '_' . $row['time_id'] . $row['file_extension'];
07bf15b066bc Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents: 458
diff changeset
   235
  }
07bf15b066bc Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents: 458
diff changeset
   236
  if ( !file_exists($fname) )
07bf15b066bc Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents: 458
diff changeset
   237
  {
07bf15b066bc Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents: 458
diff changeset
   238
    die("Uploaded file $fname not found.");
07bf15b066bc Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents: 458
diff changeset
   239
  }
230
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   240
  
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   241
  if ( isset($_GET['preview']) && substr($row['mimetype'], 0, 6) == 'image/' )
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   242
  {
230
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   243
    // Determine appropriate width and height
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   244
    $width  = ( isset($_GET['width'])  ) ? intval($_GET['width'] ) : 320;
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   245
    $height = ( isset($_GET['height']) ) ? intval($_GET['height']) : 320;
1059
f5d2bca33bb8 Added ability to specify PNG or JPEG as the format of thumbnails/scaled images in Special:DownloadFile
Dan
parents: 960
diff changeset
   246
    
f5d2bca33bb8 Added ability to specify PNG or JPEG as the format of thumbnails/scaled images in Special:DownloadFile
Dan
parents: 960
diff changeset
   247
    // 1.1.7: allow different format output
f5d2bca33bb8 Added ability to specify PNG or JPEG as the format of thumbnails/scaled images in Special:DownloadFile
Dan
parents: 960
diff changeset
   248
    $extension = $row['file_extension'];
f5d2bca33bb8 Added ability to specify PNG or JPEG as the format of thumbnails/scaled images in Special:DownloadFile
Dan
parents: 960
diff changeset
   249
    if ( isset($_GET['fmt']) && in_array($_GET['fmt'], array('png', 'jpg')) )
f5d2bca33bb8 Added ability to specify PNG or JPEG as the format of thumbnails/scaled images in Special:DownloadFile
Dan
parents: 960
diff changeset
   250
      $extension = ".{$_GET['fmt']}";
f5d2bca33bb8 Added ability to specify PNG or JPEG as the format of thumbnails/scaled images in Special:DownloadFile
Dan
parents: 960
diff changeset
   251
    
f5d2bca33bb8 Added ability to specify PNG or JPEG as the format of thumbnails/scaled images in Special:DownloadFile
Dan
parents: 960
diff changeset
   252
    $cache_filename = ENANO_ROOT . "/cache/{$filename}-{$row['time_id']}-{$width}x{$height}$extension";
230
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   253
    if ( file_exists($cache_filename) )
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   254
    {
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   255
      $fname = $cache_filename;
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   256
    }
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   257
    else
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   258
    {
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   259
      $allow_scale = false;
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   260
      $orig_fname = $fname;
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   261
      // is caching enabled?
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   262
      if ( getConfig('cache_thumbs') == '1' )
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   263
      {
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   264
        $fname = $cache_filename;
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   265
        if ( is_writeable(dirname($fname)) )
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   266
        {
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   267
          $allow_scale = true;
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   268
        }
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   269
      }
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   270
      else
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   271
      {
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   272
        // Get a temporary file
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   273
        // In this case, the file will not be cached and will be scaled each time it's requested
481
07bf15b066bc Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents: 458
diff changeset
   274
        $temp_dir = sys_get_temp_dir();
230
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   275
        // if tempnam() cannot use the specified directory name, it will fall back on the system default
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   276
        $tempname = tempnam($temp_dir, $filename);
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   277
        if ( $tempname && is_writeable($tempname) )
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   278
        {
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   279
          $allow_scale = true;
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   280
        }
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   281
      }
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   282
      if ( $allow_scale )
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   283
      {
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   284
        $result = scale_image($orig_fname, $fname, $width, $height);
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   285
        if ( !$result )
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   286
          $fname = $orig_fname;
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   287
      }
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   288
      else
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   289
      {
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   290
        $fname = $orig_fname;
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   291
      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   292
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   293
  }
230
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   294
  $handle = @fopen($fname, 'r');
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   295
  if ( !$handle )
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   296
    die('Can\'t open output file for reading');
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   297
  
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   298
  $len = filesize($fname);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   299
  header('Content-type: '.$row['mimetype']);
230
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   300
  if ( isset($_GET['download']) )
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   301
  {
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   302
    header('Content-disposition: attachment, filename="' . $filename . '";');
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   303
  }
898
c75754f5b1da When changing namespace of a File: page, associated files are now deleted. Also fixed some issues with image scaling.
Dan
parents: 832
diff changeset
   304
  if ( !@$GLOBALS['do_gzip'] )
c75754f5b1da When changing namespace of a File: page, associated files are now deleted. Also fixed some issues with image scaling.
Dan
parents: 832
diff changeset
   305
    header('Content-length: ' . $len);
c75754f5b1da When changing namespace of a File: page, associated files are now deleted. Also fixed some issues with image scaling.
Dan
parents: 832
diff changeset
   306
  
345
4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents: 343
diff changeset
   307
  header('Last-Modified: '.enano_date('r', $row['time_id']));
230
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   308
  
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   309
  // using this method limits RAM consumption
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   310
  while ( !feof($handle) )
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   311
  {
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   312
    echo fread($handle, 512000);
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   313
  }
3daa715e0f69 Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
parents: 192
diff changeset
   314
  fclose($handle);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   315
  
80
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 23
diff changeset
   316
  gzip_output();
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   317
  
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   318
  exit;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   319
  
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   320
}
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   321
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   322
?>