85 } |
85 } |
86 |
86 |
87 $html .= $lang->get('onpage_filebox_lbl_size', array('size' => $size)); |
87 $html .= $lang->get('onpage_filebox_lbl_size', array('size' => $size)); |
88 |
88 |
89 $html .= '<br />' . $lang->get('onpage_filebox_lbl_uploaded') . ' ' . $datestring . '</p>'; |
89 $html .= '<br />' . $lang->get('onpage_filebox_lbl_uploaded') . ' ' . $datestring . '</p>'; |
90 if ( substr($mimetype, 0, 6) != 'image/' && ( substr($mimetype, 0, 5) != 'text/' || $mimetype == 'text/html' || $mimetype == 'text/javascript' ) ) |
90 // are we dealing with an image? |
|
91 $is_image = substr($mimetype, 0, 6) == 'image/'; |
|
92 |
|
93 // for anything other than plain text and |
|
94 if ( !$is_image && ( substr($mimetype, 0, 5) != 'text/' || $mimetype == 'text/html' || $mimetype == 'text/javascript' ) ) |
91 { |
95 { |
92 $html .= '<div class="warning-box"> |
96 $html .= '<div class="warning-box"> |
93 ' . $lang->get('onpage_filebox_msg_virus_warning') . ' |
97 ' . $lang->get('onpage_filebox_msg_virus_warning') . ' |
94 </div>'; |
98 </div>'; |
95 } |
99 } |
96 if ( substr($mimetype, 0, 6) == 'image/' ) |
100 if ( $is_image ) |
97 { |
101 { |
|
102 // show a thumbnail of the image |
98 $html .= '<p> |
103 $html .= '<p> |
99 <a href="'.makeUrlNS('Special', 'DownloadFile'.'/'.$selfn).'"> |
104 <a href="'.makeUrlNS('Special', 'DownloadFile'.'/'.$selfn).'"> |
100 <img style="border: 0;" alt="'.$paths->page.'" src="'.makeUrlNS('Special', 'DownloadFile'.'/'.$selfn.htmlspecialchars(urlSeparator).'preview').'" /> |
105 <img style="border: 0;" alt="' . htmlspecialchars($paths->page) . '" src="' . makeUrlNS('Special', "DownloadFile/$selfn/{$r['time_id']}", 'preview', true) . '" /> |
101 </a> |
106 </a> |
102 </p>'; |
107 </p>'; |
103 } |
108 } |
104 $html .= '<p> |
109 $html .= '<p> |
105 <a href="'.makeUrlNS('Special', 'DownloadFile'.'/'.$selfn.'/'.$r['time_id'].htmlspecialchars(urlSeparator).'download').'"> |
110 <a href="'.makeUrlNS('Special', 'DownloadFile'.'/'.$selfn.'/'.$r['time_id'].htmlspecialchars(urlSeparator).'download').'"> |
106 ' . $lang->get('onpage_filebox_btn_download') . ' |
111 ' . $lang->get('onpage_filebox_btn_download') . ' |
107 </a>'; |
112 </a>'; |
108 if(!$paths->page_protected && ( $paths->wiki_mode || $session->get_permissions('upload_new_version') )) |
113 // allow reupload if: |
109 { |
114 // * we are allowed to upload new versions, and |
110 $html .= ' | <a href="'.makeUrlNS('Special', 'UploadFile'.'/'.$selfn).'"> |
115 // - the file is unprotected, or |
|
116 // - we have permission to override protection |
|
117 |
|
118 if ( !$this->perms ) |
|
119 $this->perms = $session->fetch_page_acl($this->page_id, $this->namespace); |
|
120 |
|
121 if ( $this->perms->get_permissions('upload_new_version') && ( !$this->page_protected || $this->perms->get_permissions('even_when_protected') ) ) |
|
122 { |
|
123 // upload new version link |
|
124 $html .= ' | <a href="'.makeUrlNS('Special', "UploadFile/$selfn", false, true).'"> |
111 ' . $lang->get('onpage_filebox_btn_upload_new') . ' |
125 ' . $lang->get('onpage_filebox_btn_upload_new') . ' |
112 </a>'; |
126 </a>'; |
113 } |
127 } |
|
128 // close off paragraph |
114 $html .= '</p>'; |
129 $html .= '</p>'; |
|
130 // only show this if there's more than one revision |
115 if ( $db->numrows() > 1 ) |
131 if ( $db->numrows() > 1 ) |
116 { |
132 { |
117 // requery, sql_result_seek() doesn't work on postgres |
133 // requery, sql_result_seek() doesn't work on postgres |
118 $db->free_result(); |
134 $db->free_result(); |
119 $q = $db->sql_query('SELECT f.mimetype,f.time_id,f.size,l.log_id FROM ' . table_prefix . "files AS f\n" |
135 $q = $db->sql_query('SELECT f.mimetype,f.time_id,f.size,l.log_id FROM ' . table_prefix . "files AS f\n" |
130 $data = $log->get_data(); |
146 $data = $log->get_data(); |
131 $i = -1; |
147 $i = -1; |
132 |
148 |
133 $html .= '<h3>' . $lang->get('onpage_filebox_heading_history') . '</h3><p>'; |
149 $html .= '<h3>' . $lang->get('onpage_filebox_heading_history') . '</h3><p>'; |
134 $last_rollback_id = false; |
150 $last_rollback_id = false; |
|
151 $download_flag = $is_image ? false : 'download'; |
135 while ( $r = $db->fetchrow($q) ) |
152 while ( $r = $db->fetchrow($q) ) |
136 { |
153 { |
137 $html .= '(<a href="'.makeUrlNS('Special', 'DownloadFile'.'/'.$selfn.'/'.$r['time_id'].htmlspecialchars(urlSeparator).'download').'">' . $lang->get('onpage_filebox_btn_this_version') . '</a>) '; |
154 $html .= '(<a href="'.makeUrlNS('Special', "DownloadFile/$selfn/{$r['time_id']}", $download_flag, true).'">' . $lang->get('onpage_filebox_btn_this_version') . '</a>) '; |
138 if ( $session->get_permissions('history_rollback') && $last_rollback_id ) |
155 if ( $session->get_permissions('history_rollback') && $last_rollback_id ) |
139 $html .= ' (<a href="#rollback:' . $last_rollback_id . '" onclick="ajaxRollback(\''.$last_rollback_id.'\'); return false;">' . $lang->get('onpage_filebox_btn_revert') . '</a>) '; |
156 $html .= ' (<a href="#rollback:' . $last_rollback_id . '" onclick="ajaxRollback(\''.$last_rollback_id.'\'); return false;">' . $lang->get('onpage_filebox_btn_revert') . '</a>) '; |
140 else if ( $session->get_permissions('history_rollback') && !$last_rollback_id ) |
157 else if ( $session->get_permissions('history_rollback') && !$last_rollback_id ) |
141 $html .= ' (' . $lang->get('onpage_filebox_btn_current') . ') '; |
158 $html .= ' (' . $lang->get('onpage_filebox_btn_current') . ') '; |
142 $last_rollback_id = $r['log_id']; |
159 $last_rollback_id = $r['log_id']; |
172 } |
189 } |
173 $db->free_result(); |
190 $db->free_result(); |
174 $html .= '</div><br />'; |
191 $html .= '</div><br />'; |
175 return $html; |
192 return $html; |
176 } |
193 } |
|
194 |
|
195 /** |
|
196 * Delete a file from the database and filesystem based on file ID. |
|
197 * @param int File ID |
|
198 * @return null |
|
199 */ |
|
200 |
|
201 public static function delete_file($file_id) |
|
202 { |
|
203 global $db, $session, $paths, $template, $plugins; // Common objects |
|
204 |
|
205 if ( !is_int($file_id) ) |
|
206 // seriously? |
|
207 return null; |
|
208 |
|
209 // pull file info |
|
210 $q = $db->sql_query('SELECT filename, page_id, time_id, file_extension, file_key FROM ' . table_prefix . "files WHERE file_id = $file_id;"); |
|
211 if ( !$q ) |
|
212 $db->_die(); |
|
213 |
|
214 if ( $db->numrows() < 1 ) |
|
215 { |
|
216 $db->free_result(); |
|
217 return null; |
|
218 } |
|
219 |
|
220 $row = $db->fetchrow(); |
|
221 $db->free_result(); |
|
222 |
|
223 // make sure the image isn't used by multiple revisions |
|
224 $q = $db->sql_query('SELECT 1 FROM ' . table_prefix . "files WHERE file_key = '{$row['file_key']}';"); |
|
225 if ( !$q ) |
|
226 $db->_die(); |
|
227 if ( $db->numrows() < 1 ) |
|
228 { |
|
229 // remove from filesystem |
|
230 $file_path = ENANO_ROOT . "/files/{$row['file_key']}{$row['file_extension']}"; |
|
231 @unlink($file_path); |
|
232 // old filename standard |
|
233 $file_path = ENANO_ROOT . "/files/{$row['file_key']}-{$row['time_id']}{$row['file_extension']}"; |
|
234 @unlink($file_path); |
|
235 } |
|
236 $db->free_result(); |
|
237 |
|
238 // remove from cache |
|
239 if ( $dp = @opendir(ENANO_ROOT . '/cache/') ) |
|
240 { |
|
241 $regexp = '#' . preg_quote($row['filename']) . '-' . $row['time_id'] . '-[0-9]+x[0-9]+' . preg_quote($row['file_extension']) . '#'; |
|
242 while ( $dh = @readdir($dp) ) |
|
243 { |
|
244 if ( preg_match($regexp, $dh) ) |
|
245 { |
|
246 // it's a match, delete the cached thumbnail |
|
247 @unlink(ENANO_ROOT . "/cache/$dh"); |
|
248 } |
|
249 } |
|
250 closedir($dp); |
|
251 } |
|
252 |
|
253 // remove from database |
|
254 $q = $db->sql_query('DELETE FROM ' . table_prefix . "files WHERE file_id = $file_id;"); |
|
255 if ( !$q ) |
|
256 $db->_die(); |
|
257 |
|
258 // remove from logs |
|
259 $page_id_db = $db->escape($row['page_id']); |
|
260 $q = $db->sql_query('DELETE FROM ' . table_prefix . "logs WHERE page_id = '{$page_id_db}' AND namespace = 'File' AND action = 'reupload' AND time_id = {$row['time_id']};"); |
|
261 if ( !$q ) |
|
262 $db->_die(); |
|
263 |
|
264 return true; |
|
265 } |
177 } |
266 } |
178 |
267 |