|
Support Incident Tracker GIT4.x
|
|
Support Incident Tracker GIT4.x
|
Go to the source code of this file.
Functions | |
| encode_binary ($string) | |
| draw_file_row ($file, $incidentid, $path) | |
Variables | |
| $permission = PERM_INCIDENT_VIEW_ATTACHMENT | |
| $id = cleanvar($_REQUEST['id']) | |
| $incidentid = $id | |
| $title = $strFiles | |
| $incident_attachment_fspath = $CONFIG['attachment_fspath'] . $id | |
| $att_max_filesize = return_bytes($CONFIG['upload_max_filesize']) | |
| if($_FILES['attachment']['name']!= '') | if (isset($_REQUEST['fileselection'])) |
| draw_file_row | ( | $ | file, |
| $ | incidentid, | ||
| $ | path | ||
| ) |
Definition at line 71 of file incident_attachments.php.
References $CONFIG, $file, $fileid, $filename, $fileobj, $filesize, $incidentid, $result, $sql, $updateid, $url, cleanvar(), count, encode_binary(), mime_type(), and readable_bytes_size().
{
global $CONFIG;
$filepathparts = explode(DIRECTORY_SEPARATOR, $file);
$parts = count($filepathparts);
$filename = $filepathparts[$parts - 1];
$filedir = $filepathparts[$parts - 2];
$preview = ''; // reset the preview
$filenameparts = explode("-", $filename);
$newfilename = cleanvar($filenameparts[1]);
if ($filedir != $incidentid)
{
// files are in a subdirectory
$url = "{$CONFIG['attachment_webpath']}{$incidentid}/{$filedir}/".str_replace('+','%20',urlencode($filename));
}
else
{
// files are in the root of the incident attachment directory
$url = "{$CONFIG['attachment_webpath']}{$incidentid}/".str_replace('+','%20',urlencode($filename));
}
$filesize = filesize($file);
$file_size = readable_bytes_size($filesize);
$mime_type = mime_type($file);
$updateid = str_replace("u", "", $filedir);
$sql = "SELECT f.id FROM `{$GLOBALS['dbLinks']}`, `{$GLOBALS['dbFiles']}` AS f ";
$sql .= "WHERE linktype = '5' AND origcolref='{$updateid}' ";
$sql .= "AND f.id = linkcolref ";
$result = mysql_query($sql);
$fileobj = mysql_fetch_object($result);
$fileid = $fileobj->id;
//new-style, can assume the filename is fileid-filename.ext
if (is_numeric($filenameparts[0]))
{
$sql = "SELECT *, f.id AS fileid FROM `{$GLOBALS['dbLinks']}` AS l, ";
$sql .= "`{$GLOBALS['dbFiles']}` as f, ";
$sql .= "`{$GLOBALS['dbUpdates']}` as u ";
$sql .= "WHERE f.id = '{$filenameparts[0]}' ";
$sql .= "AND l.origcolref = u.id ";
$sql .= "AND l.linkcolref = f.id";
$result = mysql_query($sql);
$row = mysql_fetch_object($result);
$url = "download.php?id={$row->fileid}";
$filename = $row->filename;
}
$html = "<tr>";
$html .= "<td align='right' width='5%'>";
$html .= "<a href=\"{$url}\"><img src='".getattachmenticon($filename)."' alt='Icon' title='{$filename} ({$file_size})' /></a>";
$html .= " </td>";
$html .= "<td width='30%'><a href='{$url}'";
if (mb_substr($mime_type, 0, 4) == 'text' AND $filesize < 512000)
{
// The file is text, extract some of the contents of the file into a string for a preview
$handle = fopen($file, "r");
$preview = fread($handle, 512); // only read this much, we can't preview the whole thing, not enough space
fclose($handle);
// Make the preview safe to display
$preview = nl2br(encode_binary(strip_tags($preview)));
$html .= " class='info'><span>{$preview}</span>$filename</a>";
}
else $html .= ">$filename</a>";
$html .= "</td>";
$html .= "<td width='20%'>{$file_size}</td>";
$html .= "<td width='20%'>{$mime_type}</td>";
$html .= "<td width='20%'>".ldate($CONFIG['dateformat_filedatetime'],filemtime($file))."</td>";
// $html .= "<td width='5%'><input type='checkbox' name='fileselection[]' value='{$filename}' onclick=\"togglerow(this, 'tt');\"/></td>";
$html .= "</tr>\n";
return $html;
}
// append incident number to attachment path to show this users attachments
$incident_attachment_fspath = $CONFIG['attachment_fspath'] . $incidentid;
$att_max_filesize = return_bytes($CONFIG['upload_max_filesize']);
// Have a look to see if we've uploaded a file and process it if we have
if ($_FILES['attachment']['name'] != '')
{
// Check if we had an error whilst uploading
if ($_FILES['attachment']['error'] != '' AND $_FILES['attachment']['error'] != UPLOAD_ERR_OK)
{
echo get_file_upload_error_message($_FILES['attachment']['error'], $_FILES['attachment']['name']);
}
else
{
// OK to proceed
// Create an entry in the files table
$sql = "INSERT INTO `{$dbFiles}` (category, filename, size, userid, usertype, filedate) ";
$sql .= "VALUES ('public', '{$_FILES['attachment']['name']}', '{$_FILES['attachment']['size']}', '{$sit[2]}', 'user', NOW())";
mysql_query($sql);
if (mysql_error()) trigger_error(mysql_error(),E_USER_ERROR);
$fileid = mysql_insert_id();
//create update
$updatetext = $SYSLANG['strFileUploaded'].": [[att={$fileid}]]{$_FILES['attachment']['name']}[[/att]]";
$currentowner = incident_owner($incidentid);
$currentstatus = incident_status($incidentid);
$sql = "INSERT INTO `{$dbUpdates}` (incidentid, userid, `type`, `currentowner`, `currentstatus`, ";
$sql .= "bodytext, `timestamp`) ";
$sql .= "VALUES ('{$incidentid}', '{$sit[2]}', 'research', '{$currentowner}', '{$currentstatus}', ";
$sql .= "'{$updatetext}', '$now')";
mysql_query($sql);
if (mysql_error()) trigger_error(mysql_error(),E_USER_ERROR);
$updateid = mysql_insert_id();
$incident_attachment_fspath = $CONFIG['attachment_fspath'] . $incidentid . DIRECTORY_SEPARATOR;
// make incident attachment dir if it doesn't exist
$newfilename = $incident_attachment_fspath . $fileid . "-".$_FILES['attachment']['name'];
$umask = umask(0000);
$mk = TRUE;
if (!file_exists($incident_attachment_fspath))
{
$mk = mkdir($incident_attachment_fspath, 0770, TRUE);
if (!$mk)
{
trigger_error('Failed creating incident attachment directory: '.$incident_attachment_fspath, E_USER_WARNING);
}
}
// Move the uploaded file from the temp directory into the incidents attachment dir
$mv = move_uploaded_file($_FILES['attachment']['tmp_name'], $newfilename);
if (!$mv) trigger_error('!Error: Problem moving attachment from temp directory to: '.$newfilename, E_USER_WARNING);
//create link
$sql = "INSERT INTO `{$dbLinks}`(linktype, origcolref, linkcolref, direction, userid) ";
$sql .= "VALUES (5, '{$updateid}', '{$fileid}', 'left', '{$sit[2]}')";
mysql_query($sql);
if (mysql_error())
{
trigger_error("MySQL Query Error ".mysql_error(), E_USER_ERROR);
}
echo "<div class='detailinfo'>\n";
if ($mk AND $mv)
{
echo sprintf($strFileXUploadedOK,
"<strong>{$_FILES['attachment']['name']}</strong>",
"{$_FILES['attachment']['type']}",
"{$_FILES['attachment']['size']}");
}
else
{
echo "{$strErrorUploading} <strong>{$_FILES['attachment']['name']}</strong>";
}
// Debug
//echo " tmp filename: {$_FILES['attachment']['tmp_name']}<br />";
//echo "error: {$_FILES['attachment']['eroor']}<br />";
//echo "new filename: {$newfilename}<br />";
echo "</div>";
}
}
// Have a look to see if we've posted a list of files, process them if we have
if (isset($_REQUEST['fileselection']))
{
echo "<div class='detailhead'>\n";
echo "Tested these files";
echo "</div>";
echo "<div class='detailentry'>\n";
foreach ($fileselection AS $filesel)
{
echo "$filesel {$strEllipsis} ";
echo "listed";
echo "<br />";
}
echo "</div>";
}
echo "<div class='detailhead'>\n";
echo "{$strFileManagement}";
echo "</div>";
echo "<div class='detailentry'>\n";
echo "<form action='{$_SERVER['PHP_SELF']}?id={$incidentid}' method='post' name='updateform' id='updateform' enctype='multipart/form-data'>\n";
echo "<input type='hidden' name='tab' value='{$selectedtab}' />";
echo "<input type='hidden' name='action' value='{$selectedaction}' />";
echo "<input type='hidden' name='MAX_FILE_SIZE' value='{$att_max_filesize}' />";
// maxfilesize='{$att_file_size}'
echo "<input class='textbox' type='file' name='attachment' size='30' /> ";
echo "<input type='submit' value=\"{$strAttachFile}\" /> (<".readable_bytes_size($att_max_filesize).")";
echo "</form>";
echo "</div>";
if (file_exists($incident_attachment_fspath))
{
$dirarray = array();
echo "<form name='filelistform' action='{$_SERVER['PHP_SELF']}' method='post' onsubmit=\"return confirm_action('{$strAreYouSure}'\">";
//echo "<input type='submit' name='test' value='List' />";
echo "<input type='hidden' name='id' value='{$incidentid}' />";
echo "<input type='hidden' name='tab' value='{$selectedtab}' />";
echo "<input type='hidden' name='action' value='{$selectedaction}' />";
// List the directories first
$temparray = list_dir($incident_attachment_fspath, 0);
if (count($temparray) == 0)
{
echo "<p class='info'>{$strNoFiles}<p>";
}
else
{
foreach ($temparray as $value)
{
if (is_dir($value)) $dirarray[] = $value;
elseif (is_file($value) AND mb_substr($value, -1) != '.' AND mb_substr($value, -8) != 'mail.eml')
{
$rfilearray[] = $value;
}
}
if (count($rfilearray) >= 1)
{
$headhtml = "<div class='detailhead'>\n";
$headhtml .= icon('folder', 16, $strRootDirectory)." {$strFiles}";
$headhtml .= "</div>\n";
echo $headhtml;
echo "<div class='detailentry'>\n";
echo "<table>\n";
foreach ($rfilearray AS $rfile)
{
echo draw_file_row($rfile, $incidentid, $incident_attachment_fspath);
}
echo "</table>\n";
echo "</div>";
}
foreach ($dirarray AS $dir)
{
$directory = mb_substr($dir, 0, strrpos($dir, DIRECTORY_SEPARATOR));
$dirname = mb_substr($dir, strrpos($dir, DIRECTORY_SEPARATOR) + 1, mb_strlen($dir));
if (is_numeric($dirname) AND $dirname != $id AND mb_strlen($dirname) == 10)
{
$dirprettyname = ldate('l jS M Y @ g:ia',$dirname);
}
elseif ($dirname[0] == 'u')
{
$updateid = mb_substr($dirname, 1);
$sql = "SELECT userid, timestamp, type, bodytext, type FROM `{$GLOBALS['dbUpdates']}` WHERE id = {$updateid}";
$result = mysql_query($sql);
if (mysql_error()) trigger_error(mysql_error(),E_USER_WARNING);
$update = mysql_fetch_object($result);
$dirprettyname = ldate('l jS M Y @ g:ia',$update->timestamp) . " $strby ".user_realname($update->userid);
$updatetext = cleanvar($update->bodytext);
$updatetype = $update->type;
}
else
{
$dirprettyname = $dirname;
}
$headhtml = "<div class='detailhead'>\n";
$headhtml .= icon('folder', 16, $id, $dir)." {$dirprettyname}";
$headhtml .= "</div>\n";
$tempfarray = list_dir($dir, 1);
if (count($tempfarray) == 1 AND (mb_substr($tempfarray[0],-8) == 'mail.eml'))
{
// do nothing if theres only an email in the dir, don't even list the directory
}
else
{
echo $headhtml; // print the directory header bar that we drew above
echo "<div class='detailentry'>\n";
if (in_array("{$dir}" . DIRECTORY_SEPARATOR . "mail.eml", $tempfarray))
{
$updatelink = readlink($dir);
$updateid = mb_substr($updatelink, strrpos($updatelink, DIRECTORY_SEPARATOR) + 1, mb_strlen($updatelink));
echo "<p>{$strTheseFilesArrivedBy} <a href='{$CONFIG['attachment_webpath']}{$incidentid}/{$dirname}/mail.eml'>{$strEmail}</a>, <a href='incident_details.php?id={$incidentid}#{$updateid}'>{$strJumpToEntryLog}</a></p>";
}
foreach ($tempfarray as $fvalue)
{
if (is_file($fvalue) AND mb_substr($fvalue,-8) != 'mail.eml')
{
$filearray[] = $fvalue;
}
}
echo "<table>\n";
foreach ($filearray AS $file)
{
echo draw_file_row($file, DIRECTORY_SEPARATOR, $incidentid, $dirname);
}
if (!empty($updatetext) AND $updatetype == 'email' OR $updatetype == 'webupdate')
{
$updatetext = mb_substr($updatetext, 0, 80) . $strEllipsis;
echo "<span style='font-size:400%';>“</span>";
echo bbcode($updatetext);
echo "<span style='font-size:400%';>„</span>";
}
echo "</table>\n";
echo "</div>";
}
unset($filearray);
}
}
}
| encode_binary | ( | $ | string | ) |
Convert a binary string into something viewable in a web browser
Definition at line 38 of file incident_attachments.php.
Referenced by draw_file_row().
{
$chars = array();
$ent = null;
$chars = preg_split("//", $string, -1, PREG_SPLIT_NO_EMPTY);
for ($i = 0; $i < count($chars); $i++ )
{
if ( preg_match("/^(\w| )$/",$chars[$i]))
{
$ent[$i] = $chars[$i];
}
elseif ( ord($chars[$i]) < 32)
{
$ent[$i]=".";
}
else
{
$ent[$i] = "&#" . ord($chars[$i]) . ";";
}
}
if ( sizeof($ent) < 1)
{
return "";
}
return implode("",$ent);
}
| $att_max_filesize = return_bytes($CONFIG['upload_max_filesize']) |
Definition at line 147 of file incident_attachments.php.
Referenced by display_update_page(), and upload_file().
| $id = cleanvar($_REQUEST['id']) |
Definition at line 24 of file incident_attachments.php.
| $incident_attachment_fspath = $CONFIG['attachment_fspath'] . $id |
Definition at line 31 of file incident_attachments.php.
Referenced by upload_file().
| $incidentid = $id |
Definition at line 25 of file incident_attachments.php.
| $permission = PERM_INCIDENT_VIEW_ATTACHMENT |
Definition at line 15 of file incident_attachments.php.
| $title = $strFiles |
Definition at line 27 of file incident_attachments.php.
| if(file_exists($incident_attachment_fspath)) |
Definition at line 228 of file incident_attachments.php.
| For more help developing with SiT! see http://sitracker.org/wiki/DevelopmentHowTo | © 2008-2011 Support Incident Tracker |
 |