You are here

Home » API reference » Album Photos 6.2 » photos_swfu.module

function photos_swfu_upload in Album Photos 6.2

Same name and namespace in other branches
  1. 7.3 photos_swfu/photos_swfu.module \photos_swfu_upload()
1 string reference to 'photos_swfu_upload'
photos_swfu_menu in photos_swfu/photos_swfu.module

File

photos_swfu/photos_swfu.module, line 115

Code

function photos_swfu_upload($node = 0) {
  if ($_GET['uid'] && $node) {
    $ac = db_fetch_object(db_query("SELECT s.uid, u.name FROM {users} u LEFT JOIN {sessions} s ON u.uid = s.uid WHERE s.sid = '%s' AND s.hostname = '%s'", $_POST['PHPSESSID'], ip_address()));
    if ($_GET['uid'] == $ac->uid) {
      $ac->roles = array();
      $ac->roles[DRUPAL_AUTHENTICATED_RID] = 'authenticated user';
      $result = db_query('SELECT r.rid, r.name FROM {role} r INNER JOIN {users_roles} ur ON ur.rid = r.rid WHERE ur.uid = %d', $_GET['uid']);
      while ($role = db_fetch_object($result)) {
        $ac->roles[$role->rid] = $role->name;
      }
      $file = new stdClass();
      if (node_access('update', $node, $ac) && $node->type == 'photos') {
        $file->pid = $node->nid;
        if ($_GET['nid']) {
          $photo = db_fetch_object(db_query('SELECT r.format, n.* FROM {node} n INNER JOIN {node_revisions} r ON n.nid = r.nid WHERE n.nid = %d', $_GET['nid']));
          if (node_access('update', $photo, $ac)) {
            $file->nid = $photo->nid;
          }
          else {
            watchdog('photos_swfu', 'User do not have permission to update the node');
            return header("HTTP/1.0 403.3 Internal Server Error");
          }
        }
      }
      else {
        watchdog('photos_swfu', 'User do not have permission to update the node');
        return header("HTTP/1.0 403.3 Internal Server Error");
      }
      if (is_uploaded_file($_FILES['Filedata']['tmp_name']) && !$_FILES['Filedata']['error']) {
        $file->filepath = file_destination(file_create_path(photos_check_path('default', '', $ac) . '/' . trim(basename(_photos_rename($_FILES['Filedata']['name'])))), FILE_EXISTS_RENAME);
        if (move_uploaded_file($_FILES['Filedata']['tmp_name'], $file->filepath)) {
          $info = image_get_info($file->filepath);
          if ($info['extension'] && $info['width']) {
            $limits = _upload_file_limits($ac);
            $validators = array(
              'file_validate_image_resolution' => array(
                $limits['resolution'],
              ),
              '_file_validate_size' => array(
                $limits['file_size'],
                $limits['user_size'],
                $ac,
              ),
            );
            $file->uid = $ac->uid;
            $file->filename = $_FILES['Filedata']['name'];
            $file->filesize = $info['file_size'];
            $file->filemime = $info['mime_type'];
            if ($file->fid = _photos_save_data($file, $validators)) {
              photos_image_date($file);
              return true;
            }
          }
          else {
            file_delete($file->filepath);
            watchdog('photos_swfu', 'Wrong file type');
            return header("HTTP/1.0 403.3 Internal Server Error");
          }
        }
        else {
          watchdog('photos_swfu', 'Upload error.');
          return header("HTTP/1.0 403.3 Internal Server Error");
        }
      }
      else {
        watchdog('photos_swfu', 'Upload error.');
        return header("HTTP/1.0 403.3 Internal Server Error");
      }
    }
    else {
      watchdog('photos_swfu', 'Upload path may have been illegally modified');
      return header("HTTP/1.0 530 Internal Server Error");
    }
  }
  watchdog('photos_swfu', 'Album or user is not correct');
  return header("HTTP/1.0 530 Internal Server Error");
}