You are here

Home » API reference » filedepot 6 » filedepot.class.php » filedepot

function filedepot::clientUploadFile in filedepot 6

File

./filedepot.class.php, line 1152
filedepot.class.php Main class for the Filedepot module

Class

filedepot
@file filedepot.class.php Main class for the Filedepot module

Code

function clientUploadFile($fileArray, $username = '', $password = '') {
  $outputInformation = '';

  // Check for allowable file type.
  if (!$this
    ->checkFilter($_FILES['file']['name'], $_FILES['file']['type'])) {
    $message = t('The file %name could not be uploaded. Mimetype %mimetype or extension not permitted.', array(
      '%name' => $_FILES['file']['name'],
      '%mimetype' => $_FILES['file']['type'],
    ));
    watchdog('filedepot', 'The file %name could not be uploaded. Mimetype %mimetype or extension not permitted.', array(
      '%name' => $_FILES['file']['name'],
      '%mimetype' => $_FILES['file']['type'],
    ));
    return FALSE;
  }
  watchdog('filedepot', 'Processing client upload of file @file', array(
    '@file' => "{$_FILES['file']['name']}",
  ));

  // Need to setup $_FILES the way Drupal field_file_save_file wants it
  $_FILES['files'] = $_FILES['file'];
  $filename = $_FILES['files']['name'];
  $filesize = intval($_FILES['files']['size']);
  $uid = intval(db_result(db_query("SELECT uid FROM {users} WHERE name = '%s' AND pass = '%s'", $_POST['username'], $_POST['password'])));

  //format is ....{t..token...}.extension if its an actual upload
  $matchesArray = array();
  preg_match_all("|{[^}]+t}|", $filename, $matchesArray);

  // Client could be uploading a file that has been downloaded with a unique token in the filename
  // If the token matches for this filename then replace the file - this is the download for editing feature
  // Check that $matchesArray[0][0] contains valid data - should contain the token.
  if ($matchesArray[0][0] != '' && isset($matchesArray[0][0])) {
    $token = str_replace("{", "", $matchesArray[0][0]);
    $token = str_replace("t}", "", $token);
    watchdog('filedepot', 'Processing a edit file upload - token:@token - uid:@uid', array(
      '@token' => $token,
      '@uid' => $uid,
    ));
    $fid = db_result(db_query("SELECT fid FROM {filedepot_export_queue} WHERE token = '%s'", $token));

    // Using the fid and token, we align this to the export table and ensure this is a valid upload!
    $res = db_query("SELECT id,orig_filename,extension,timestamp,fid FROM {filedepot_export_queue} WHERE token='%s'", $token);
    $A = db_fetch_object($res);
    if ($A->fid > 0) {
      $cid = db_result(db_query("SELECT cid FROM {filedepot_files} WHERE fid=%d", $A->fid));
      watchdog('filedepot', 'rename @fromfile to @tofile', array(
        '@fromfile' => "{$fileArray['tmp_name']}",
        '@tofile' => "{$this->root_storage_path}/{$cid}/{$A->orig_filename}",
      ));

      // Update the repository with the new file - PHP/Windows will not rename a file if it exists
      // Rename is atomic and fast vs copy and unlink as there is a chance someone may be trying to download the file
      if (@rename($fileArray['tmp_name'], "{$this->root_storage_path}{$cid}/{$A->orig_filename}") == FALSE) {
        @copy($fileArray['tmp_name'], "{$this->root_storage_path}{$cid}/{$A->orig_filename}");
        @unlink($fileArray['tmp_name']);
      }

      // Update information in the repository
      db_query("UPDATE {filedepot_files} SET status='1', status_changedby_uid=%d WHERE fid=%d", $uid, $fid);
    }
    else {
      watchdog('filedepot', 'Save file to the import queue');

      // Save file via Drupal file API to the temporary incoming folder
      $nodefile = field_file_save_file($_FILES['files']['tmp_name'], array(), $this->tmp_incoming_path);
      if (is_array($nodefile) and $nodefile['fid'] > 0) {

        // Update the incoming queue.
        $mimetype = $_FILES['files']['type'];
        $tempfilename = substr($filename, $this->upload_prefix_character_count);
        $description = "Uploaded by {$_POST['username']} on " . date("F j, Y, g:i a") . ', via the Filedepot desktop agent';
        $sql = "INSERT INTO {filedepot_import_queue} (orig_filename,queue_filename,timestamp,uid,cckfid,size,mimetype,description ) ";
        $sql .= "values ('%s','%s',%d,%d,%d,%d,'%s','%s')";
        db_query($sql, $tempfilename, $filename, time(), $uid, $nodefile['fid'], $filesize, $mimetype, $description);
        $outputInformation .= "File: {$filename} has been updated...\n";
      }
      else {
        watchdog('filedepot', 'Client error 9001 uploading file @file', array(
          '@file' => "{$filename}",
        ));
      }
    }
  }
  else {

    // Save file via Drupal file API to the temporary incoming folder
    $nodefile = field_file_save_file($_FILES['files']['tmp_name'], array(), $this->tmp_incoming_path);
    if (is_array($nodefile) and $nodefile['fid'] > 0) {

      // Update the incoming queue.
      $tempfilename = substr($filename, $this->upload_prefix_character_count);
      $description = "Uploaded by {$_POST['username']} on " . date("F j, Y, g:i a") . ', via the Filedepot desktop agent';
      $sql = "INSERT INTO {filedepot_import_queue} (orig_filename,queue_filename,timestamp,uid,cckfid,size,mimetype,description ) ";
      $sql .= "values ('%s','%s',%d,%d,%d,%d,'%s','%s')";
      db_query($sql, $tempfilename, $filename, time(), $uid, $nodefile['fid'], $filesize, $mimetype, $description);
      $outputInformation .= "File: {$filename} has been added to incoming queue...\n";
    }
    else {
      watchdog('filedepot', 'Client error 9002 uploading file @file', array(
        '@file' => "{$filename}",
      ));
    }
  }
  return $outputInformation;
}