From 5ec3fefc5fc0983d6fdc0efdaed2e78e0d09a868 Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Fri, 5 Nov 2010 11:18:31 +0100 Subject: handle mailfrom replacements in a central place FS#2091 --- inc/media.php | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) (limited to 'inc/media.php') diff --git a/inc/media.php b/inc/media.php index 3dacd12b7..69441352b 100644 --- a/inc/media.php +++ b/inc/media.php @@ -407,14 +407,9 @@ function media_notify($id,$file,$mime){ $text = str_replace('@MEDIA@',ml($id,'',true,'&',true),$text); $text = str_replace('@SIZE@',filesize_h(filesize($file)),$text); - $from = $conf['mailfrom']; - $from = str_replace('@USER@',$_SERVER['REMOTE_USER'],$from); - $from = str_replace('@NAME@',$INFO['userinfo']['name'],$from); - $from = str_replace('@MAIL@',$INFO['userinfo']['mail'],$from); - $subject = '['.$conf['title'].'] '.$lang['mail_upload'].' '.$id; - mail_send($conf['notify'],$subject,$text,$from); + mail_send($conf['notify'],$subject,$text,$conf['mailfrom']); } /** -- cgit v1.2.3 From 87229c84afbda98679146558235bc7212ea404ee Mon Sep 17 00:00:00 2001 From: Adrian Lang Date: Sun, 6 Feb 2011 12:51:09 +0100 Subject: XML-RPC deleteAttachment now uses media_delete Functionality changes: * deleteAttachment now triggers MEDIA_DELETE_FILE (closes FS#1568) * deletion success msg in mediamanager is correct, even when the ns dir was deleted * media_delete changed quite a bit --- inc/media.php | 25 +++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) (limited to 'inc/media.php') diff --git a/inc/media.php b/inc/media.php index 69441352b..c63bea5a9 100644 --- a/inc/media.php +++ b/inc/media.php @@ -141,7 +141,7 @@ function media_metaform($id,$auth){ } /** - * Conveinience function to check if a media file is still in use + * Convenience function to check if a media file is still in use * * @author Michael Klier */ @@ -160,19 +160,26 @@ function media_inuse($id) { } } +define('DOKU_MEDIA_DELETED', 1); +define('DOKU_MEDIA_NOT_AUTH', 2); +define('DOKU_MEDIA_INUSE', 4); +define('DOKU_MEDIA_EMPTY_NS', 8); + /** * Handles media file deletions * * If configured, checks for media references before deletion * * @author Andreas Gohr - * @return mixed false on error, true on delete or array with refs + * @return int One of: 0, + DOKU_MEDIA_DELETED, + DOKU_MEDIA_DELETED | DOKU_MEDIA_EMPTY_NS, + DOKU_MEDIA_NOT_AUTH, + DOKU_MEDIA_INUSE */ function media_delete($id,$auth){ - if($auth < AUTH_DELETE) return false; - if(!checkSecurityToken()) return false; - global $conf; - global $lang; + if($auth < AUTH_DELETE) return DOKU_MEDIA_NOT_AUTH; + if(media_inuse($id)) return DOKU_MEDIA_INUSE; $file = mediaFN($id); @@ -196,12 +203,10 @@ function media_delete($id,$auth){ unset($evt); if($data['unl'] && $data['del']){ - // current namespace was removed. redirecting to root ns passing msg along - send_redirect(DOKU_URL.'lib/exe/mediamanager.php?msg1='. - rawurlencode(sprintf(noNS($id),$lang['deletesucc']))); + return DOKU_MEDIA_DELETED | DOKU_MEDIA_EMPTY_NS; } - return $data['unl']; + return $data['unl'] ? DOKU_MEDIA_DELETED : 0; } /** -- cgit v1.2.3 From ffb291f214dd47aa34d4e84b166de6e62714307f Mon Sep 17 00:00:00 2001 From: Adrian Lang Date: Sun, 6 Feb 2011 14:25:05 +0100 Subject: Use common media_save in media_upload and putAttachment Changes: * XML-RPC now correctly allows leading and trailing _ * Error messages from XML-RPC are correct * MEDIA_UPLOAD_FINISH has a sixth param specifying the move function * Not having upload rights when using media_upload throws a msg --- inc/media.php | 125 ++++++++++++++++++++++++++++++++++------------------------ 1 file changed, 74 insertions(+), 51 deletions(-) (limited to 'inc/media.php') diff --git a/inc/media.php b/inc/media.php index c63bea5a9..3c9340d51 100644 --- a/inc/media.php +++ b/inc/media.php @@ -212,27 +212,13 @@ function media_delete($id,$auth){ /** * Handles media file uploads * - * This generates an action event and delegates to _media_upload_action(). - * Action plugins are allowed to pre/postprocess the uploaded file. - * (The triggered event is preventable.) - * - * Event data: - * $data[0] fn_tmp: the temporary file name (read from $_FILES) - * $data[1] fn: the file name of the uploaded file - * $data[2] id: the future directory id of the uploaded file - * $data[3] imime: the mimetype of the uploaded file - * $data[4] overwrite: if an existing file is going to be overwritten - * - * @triggers MEDIA_UPLOAD_FINISH * @author Andreas Gohr * @author Michael Klier * @return mixed false on error, id of the new file on success */ function media_upload($ns,$auth){ - if($auth < AUTH_UPLOAD) return false; if(!checkSecurityToken()) return false; global $lang; - global $conf; // get file and id $id = $_POST['id']; @@ -254,8 +240,50 @@ function media_upload($ns,$auth){ msg(sprintf($lang['mediaextchange'],$fext,$iext)); } + $res = media_save(array('name' => $file['tmp_name'], + 'mime' => $imime, + 'ext' => $iext), $ns.':'.$id, + $_REQUEST['ow'], $auth, 'move_uploaded_file'); + if (is_array($res)) { + msg($res[0], $res[1]); + return false; + } + return $res; +} + +/** + * This generates an action event and delegates to _media_upload_action(). + * Action plugins are allowed to pre/postprocess the uploaded file. + * (The triggered event is preventable.) + * + * Event data: + * $data[0] fn_tmp: the temporary file name (read from $_FILES) + * $data[1] fn: the file name of the uploaded file + * $data[2] id: the future directory id of the uploaded file + * $data[3] imime: the mimetype of the uploaded file + * $data[4] overwrite: if an existing file is going to be overwritten + * + * @triggers MEDIA_UPLOAD_FINISH + */ +function media_save($file, $id, $ow, $auth, $move) { + if($auth < AUTH_UPLOAD) { + return array("You don't have permissions to upload files.", -1); + } + + if (!isset($file['mime']) || !isset($file['ext'])) { + list($ext, $mime) = mimetype($id); + if (!isset($file['mime'])) { + $file['mime'] = $mime; + } + if (!isset($file['ext'])) { + $file['ext'] = $ext; + } + } + + global $lang; + // get filename - $id = cleanID($ns.':'.$id,false,true); + $id = cleanID($id,false,true); $fn = mediaFN($id); // get filetype regexp @@ -264,40 +292,35 @@ function media_upload($ns,$auth){ $regex = join('|',$types); // because a temp file was created already - if(preg_match('/\.('.$regex.')$/i',$fn)){ - //check for overwrite - $overwrite = @file_exists($fn); - if($overwrite && (!$_REQUEST['ow'] || $auth < AUTH_DELETE)){ - msg($lang['uploadexist'],0); - return false; - } - // check for valid content - $ok = media_contentcheck($file['tmp_name'],$imime); - if($ok == -1){ - msg(sprintf($lang['uploadbadcontent'],".$iext"),-1); - return false; - }elseif($ok == -2){ - msg($lang['uploadspam'],-1); - return false; - }elseif($ok == -3){ - msg($lang['uploadxss'],-1); - return false; - } + if(!preg_match('/\.('.$regex.')$/i',$fn)) { + return array($lang['uploadwrong'],-1); + } - // prepare event data - $data[0] = $file['tmp_name']; - $data[1] = $fn; - $data[2] = $id; - $data[3] = $imime; - $data[4] = $overwrite; + //check for overwrite + $overwrite = @file_exists($fn); + if($overwrite && (!$ow || $auth < AUTH_DELETE)) { + return array($lang['uploadexist'], 0); + } + // check for valid content + $ok = media_contentcheck($file['name'], $file['mime']); + if($ok == -1){ + return array(sprintf($lang['uploadbadcontent'],'.' . $file['ext']),-1); + }elseif($ok == -2){ + return array($lang['uploadspam'],-1); + }elseif($ok == -3){ + return array($lang['uploadxss'],-1); + } - // trigger event - return trigger_event('MEDIA_UPLOAD_FINISH', $data, '_media_upload_action', true); + // prepare event data + $data[0] = $file['name']; + $data[1] = $fn; + $data[2] = $id; + $data[3] = $file['mime']; + $data[4] = $overwrite; + $data[5] = $move; - }else{ - msg($lang['uploadwrong'],-1); - } - return false; + // trigger event + return trigger_event('MEDIA_UPLOAD_FINISH', $data, '_media_upload_action', true); } /** @@ -306,8 +329,8 @@ function media_upload($ns,$auth){ */ function _media_upload_action($data) { // fixme do further sanity tests of given data? - if(is_array($data) && count($data)===5) { - return media_upload_finish($data[0], $data[1], $data[2], $data[3], $data[4]); + if(is_array($data) && count($data)===6) { + return media_upload_finish($data[0], $data[1], $data[2], $data[3], $data[4], $data[5]); } else { return false; //callback error } @@ -319,14 +342,14 @@ function _media_upload_action($data) { * @author Andreas Gohr * @author Michael Klier */ -function media_upload_finish($fn_tmp, $fn, $id, $imime, $overwrite) { +function media_upload_finish($fn_tmp, $fn, $id, $imime, $overwrite, $move = 'move_uploaded_file') { global $conf; global $lang; // prepare directory io_createNamespace($id, 'media'); - if(move_uploaded_file($fn_tmp, $fn)) { + if($move($fn_tmp, $fn)) { // Set the correct permission here. // Always chmod media because they may be saved with different permissions than expected from the php umask. // (Should normally chmod to $conf['fperm'] only if $conf['fperm'] is set.) @@ -341,7 +364,7 @@ function media_upload_finish($fn_tmp, $fn, $id, $imime, $overwrite) { } return $id; }else{ - msg($lang['uploadfail'],-1); + return array($lang['uploadfail'],-1); } } -- cgit v1.2.3