| [ Index ] |
PHP Cross Reference of MantisBT |
[Summary view] [Print] [Text view]
1 <?php 2 # MantisConnect - A webservice interface to Mantis Bug Tracker 3 # Copyright (C) 2004-2011 Victor Boctor - vboctor@users.sourceforge.net 4 # This program is distributed under dual licensing. These include 5 # GPL and a commercial licenses. Victor Boctor reserves the right to 6 # change the license of future releases. 7 # See docs/ folder for more details 8 9 # Check if the current user can download attachments for the specified bug. 10 function mci_file_can_download_bug_attachments( $p_bug_id, $p_user_id ) { 11 $t_can_download = access_has_bug_level( config_get( 'download_attachments_threshold' ), $p_bug_id ); 12 if( $t_can_download ) { 13 return true; 14 } 15 16 $t_reported_by_me = bug_is_user_reporter( $p_bug_id, $p_user_id ); 17 return( $t_reported_by_me && config_get( 'allow_download_own_attachments' ) ); 18 } 19 20 # Read a local file and return its content. 21 function mci_file_read_local( $p_diskfile ) { 22 $t_handle = fopen( $p_diskfile, "r" ); 23 $t_content = fread( $t_handle, filesize( $p_diskfile ) ); 24 fclose( $t_handle ); 25 return $t_content; 26 } 27 28 # Write a local file. 29 function mci_file_write_local( $p_diskfile, $p_content ) { 30 $t_handle = fopen( $p_diskfile, "w" ); 31 fwrite( $t_handle, $p_content ); 32 fclose( $t_handle ); 33 } 34 35 function mci_file_add( $p_id, $p_name, $p_content, $p_file_type, $p_table, $p_title = '', $p_desc = '', $p_user_id = null ) { 36 if( !file_type_check( $p_name ) ) { 37 return new soap_fault( 'Client', '', 'File type not allowed.' ); 38 } 39 if( !file_is_name_unique( $p_name, $p_id ) ) { 40 return new soap_fault( 'Client', '', 'Duplicate filename.' ); 41 } 42 43 $t_file_size = strlen( $p_content ); 44 $t_max_file_size = (int) min( ini_get_number( 'upload_max_filesize' ), ini_get_number( 'post_max_size' ), config_get( 'max_file_size' ) ); 45 if( $t_file_size > $t_max_file_size ) { 46 return new soap_fault( 'Client', '', 'File is too big.' ); 47 } 48 49 if( 'bug' == $p_table ) { 50 $t_project_id = bug_get_field( $p_id, 'project_id' ); 51 $t_issue_id = bug_format_id( $p_id ); 52 } else { 53 $t_project_id = $p_id; 54 $t_issue_id = 0; 55 } 56 57 # prepare variables for insertion 58 $c_issue_id = db_prepare_int( $t_issue_id ); 59 $c_project_id = db_prepare_int( $t_project_id ); 60 $c_file_type = db_prepare_string( $p_file_type ); 61 $c_title = db_prepare_string( $p_title ); 62 $c_desc = db_prepare_string( $p_desc ); 63 64 if( $p_user_id === null ) { 65 $c_user_id = auth_get_current_user_id(); 66 } else { 67 $c_user_id = (int)$p_user_id; 68 } 69 70 71 if( $t_project_id == ALL_PROJECTS ) { 72 $t_file_path = config_get( 'absolute_path_default_upload_folder' ); 73 } else { 74 $t_file_path = project_get_field( $t_project_id, 'file_path' ); 75 if( $t_file_path == '' ) { 76 $t_file_path = config_get( 'absolute_path_default_upload_folder' ); 77 } 78 } 79 80 $c_file_path = db_prepare_string( $t_file_path ); 81 $c_new_file_name = db_prepare_string( $p_name ); 82 83 $t_file_hash = $t_issue_id; 84 $t_disk_file_name = $t_file_path . file_generate_unique_name( $t_file_hash . '-' . $p_name, $t_file_path ); 85 $c_disk_file_name = db_prepare_string( $t_disk_file_name ); 86 87 $t_file_size = strlen( $p_content ); 88 $c_file_size = db_prepare_int( $t_file_size ); 89 90 $t_method = config_get( 'file_upload_method' ); 91 92 switch( $t_method ) { 93 case FTP: 94 case DISK: 95 if( !file_exists( $t_file_path ) || !is_dir( $t_file_path ) || !is_writable( $t_file_path ) || !is_readable( $t_file_path ) ) { 96 return new soap_fault( 'Server', '', "Upload folder '{$t_file_path}' doesn't exist." ); 97 } 98 99 file_ensure_valid_upload_path( $t_file_path ); 100 101 if( !file_exists( $t_disk_file_name ) ) { 102 mci_file_write_local( $t_disk_file_name, $p_content ); 103 104 if( FTP == $t_method ) { 105 $conn_id = file_ftp_connect(); 106 file_ftp_put( $conn_id, $t_disk_file_name, $t_disk_file_name ); 107 file_ftp_disconnect( $conn_id ); 108 file_delete_local( $t_disk_file_name ); 109 } else { 110 chmod( $t_disk_file_name, config_get( 'attachments_file_permissions' ) ); 111 } 112 113 $c_content = "''"; 114 } 115 break; 116 case DATABASE: 117 $c_content = db_prepare_binary_string( $p_content ); 118 break; 119 } 120 121 $t_file_table = db_get_table( $p_table . '_file' ); 122 $c_id = ( 'bug' == $p_table ) ? $c_issue_id : $c_project_id; 123 $query = "INSERT INTO $t_file_table 124 (" . $p_table . "_id, title, description, diskfile, filename, folder, filesize, file_type, date_added, content, user_id) 125 VALUES 126 ($c_id, '$c_title', '$c_desc', '$c_disk_file_name', '$c_new_file_name', '$c_file_path', $c_file_size, '$c_file_type', '" . db_now() . "', $c_content, $c_user_id)"; 127 db_query( $query ); 128 129 # get attachment id 130 $t_attachment_id = db_insert_id( $t_file_table ); 131 132 if( 'bug' == $p_table ) { 133 134 # updated the last_updated date 135 $result = bug_update_date( $c_issue_id ); 136 137 # log new bug 138 history_log_event_special( $c_issue_id, FILE_ADDED, $c_new_file_name ); 139 } 140 141 return $t_attachment_id; 142 } 143 /** 144 * Returns the attachment contents 145 * 146 * @param int $p_file_id 147 * @param string $p_type The file type, bug or doc 148 * @param int $p_user_id 149 * @return string|soap_fault the string contents, or a soap_fault 150 */ 151 function mci_file_get( $p_file_id, $p_type, $p_user_id ) { 152 153 # we handle the case where the file is attached to a bug 154 # or attached to a project as a project doc. 155 $query = ''; 156 switch( $p_type ) { 157 case 'bug': 158 $t_bug_file_table = db_get_table( 'bug_file' ); 159 $query = "SELECT * 160 FROM $t_bug_file_table 161 WHERE id='$p_file_id'"; 162 break; 163 case 'doc': 164 $t_project_file_table = db_get_table( 'project_file' ); 165 $query = "SELECT * 166 FROM $t_project_file_table 167 WHERE id='$p_file_id'"; 168 break; 169 default: 170 return new soap_fault( 'Server', '', 'Invalid file type '.$p_type. ' .' ); 171 } 172 173 $result = db_query( $query ); 174 175 if ( $result->EOF ) { 176 return new soap_fault( 'Client', '', 'Unable to find an attachment with type ' . $p_type. ' and id ' . $p_file_id . ' .' ); 177 } 178 179 $row = db_fetch_array( $result ); 180 181 if ( $p_type == 'doc' ) { 182 $t_project_id = $row['project_id']; 183 } else if ( $p_type == 'bug' ) { 184 $t_bug_id = $row['bug_id']; 185 $t_project_id = bug_get_field( $t_bug_id, 'project_id' ); 186 } 187 188 $t_diskfile = file_normalize_attachment_path( $row['diskfile'], $t_project_id ); 189 $t_content = $row['content']; 190 191 # Check access rights 192 switch( $p_type ) { 193 case 'bug': 194 if( !mci_file_can_download_bug_attachments( $t_bug_id, $p_user_id ) ) { 195 return mci_soap_fault_access_denied( $t_user_id ); 196 } 197 break; 198 case 'doc': 199 # Check if project documentation feature is enabled. 200 if( OFF == config_get( 'enable_project_documentation' ) ) { 201 return mci_soap_fault_access_denied( $t_user_id ); 202 } 203 if( !access_has_project_level( config_get( 'view_proj_doc_threshold' ), $t_project_id, $p_user_id ) ) { 204 return mci_soap_fault_access_denied( $t_user_id ); 205 } 206 break; 207 } 208 209 # dump file content to the connection. 210 switch( config_get( 'file_upload_method' ) ) { 211 case DISK: 212 if( file_exists( $t_diskfile ) ) { 213 return mci_file_read_local( $t_diskfile ) ; 214 } else { 215 return new soap_fault( 'Client', '', 'Unable to find an attachment with type ' . $p_type. ' and id ' . $p_file_id . ' .' ); 216 } 217 case FTP: 218 if( file_exists( $t_diskfile ) ) { 219 return mci_file_read_local( $t_diskfile ); 220 } else { 221 $ftp = file_ftp_connect(); 222 file_ftp_get( $ftp, $t_diskfile, $t_diskfile ); 223 file_ftp_disconnect( $ftp ); 224 return mci_file_read_local( $t_diskfile ); 225 } 226 default: 227 return $t_content; 228 } 229 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Thu Jul 28 15:48:31 2011 | Cross-referenced by PHPXref 0.7 |