← Back to branch summary

~ubuntu-branches/ubuntu/maverick/mahara/maverick-updates

« back to all changes in this revision

Viewing changes to htdocs/artefact/file/lib.php

  • Committer: Bazaar Package Importer
  • Author(s): Francois Marier
  • Date: 2010-04-06 21:07:03 UTC
  • mfrom: (6.3.5 sid)
  • Revision ID: james.westby@ubuntu.com-20100406210703-rsxif0e1yyzr3a18
Tags: 1.2.4-1
* New upstream release
  - fix for SQL injection (CVE-2010-0400)

Show diffs side-by-side

added added

removed removed

Lines of Context:
htdocs/artefact/file/lib.php
205
205
        db_commit();
206
206
    }
207
207
 
 
208
    public static function get_mimetypes_from_description($description=null) {
 
209
        if (is_null($description)) {
 
210
            return get_column('artefact_file_mime_types', 'mimetype');
 
211
        }
 
212
        return get_column('artefact_file_mime_types', 'mimetype', 'description', $description);
 
213
    }
 
214
 
208
215
    public static function can_be_disabled() {
209
216
        return false;
210
217
    }
224
231
 
225
232
    public static function recalculate_quota() {
226
233
        $data = get_records_sql_assoc("
227
 
            SELECT a.owner, SUM(f.size) AS usage
 
234
            SELECT a.owner, SUM(f.size) AS bytes
228
235
            FROM {artefact} a JOIN {artefact_file_files} f ON a.id = f.artefact
229
236
            WHERE a.artefacttype IN ('file', 'image', 'profileicon', 'archive')
230
237
            AND a.owner IS NOT NULL
231
238
            GROUP BY a.owner", array()
232
239
        );
233
240
        if ($data) {
234
 
            return array_map(create_function('$a', 'return $a->usage;'), $data);
 
241
            return array_map(create_function('$a', 'return $a->bytes;'), $data);
235
242
        }
236
243
        return array();
237
244
    }
850
857
                throw new QuotaExceededException(get_string('uploadexceedsquota', 'artefact.file'));
851
858
            }
852
859
        }
853
 
        $data->size         = $size;
854
 
        $data->filetype     = $um->file['type'];
 
860
        $data->size = $size;
 
861
 
 
862
        // the browser wasn't sure, so use mime_content_type to guess
 
863
        if($um->file['type'] == 'application/octet-stream') {
 
864
            $data->filetype = mime_content_type($um->file['tmp_name']);
 
865
        }
 
866
        else {
 
867
            $data->filetype = $um->file['type'];
 
868
        }
 
869
 
855
870
        $data->oldextension = $um->original_filename_extension();
856
871
        $f = self::new_file($um->file['tmp_name'], $data);
857
872
        $f->commit();
1701
1716
        $this->info = $zipinfo;
1702
1717
    }
1703
1718
 
 
1719
    private function read_entry($name, $isfolder, $size) {
 
1720
        $path = split('/', $name);
 
1721
        if ($isfolder) {
 
1722
            array_pop($path);
 
1723
        }
 
1724
 
 
1725
        $folder = '';
 
1726
        for ($i = 0; $i < count($path) - 1; $i++) {
 
1727
            $folder .= $path[$i] . '/';
 
1728
            if (!isset($this->foldernames[$folder])) {
 
1729
                $this->foldernames[$folder] = 1;
 
1730
                $this->info->names[] = $folder;
 
1731
                $this->info->folders++;
 
1732
            }
 
1733
        }
 
1734
 
 
1735
        if (!$isfolder) {
 
1736
            $this->info->names[] = $name;
 
1737
            $this->info->files++;
 
1738
            $this->info->totalsize += $size;
 
1739
        }
 
1740
    }
 
1741
 
1704
1742
    public function read_archive() {
1705
1743
        if (!$this->handle) {
1706
1744
            $this->open_archive();
1714
1752
            'totalsize' => 0,
1715
1753
            'names'     => array(),
1716
1754
        );
 
1755
 
 
1756
        $this->foldernames = array();
 
1757
 
1717
1758
        if ($this->archivetype == 'zip') {
1718
1759
            while ($entry = zip_read($this->handle)) {
1719
1760
                $name = zip_entry_name($entry);
1720
 
                $this->info->names[] = $name;
1721
 
                if (substr($name, -1) == '/') {
1722
 
                    $this->info->folders++;
1723
 
                }
1724
 
                else {
1725
 
                    $this->info->files++;
1726
 
                    if ($size = zip_entry_filesize($entry)) {
1727
 
                        $this->info->totalsize += $size;
1728
 
                    }
1729
 
                }
 
1761
                $isfolder = substr($name, -1) == '/';
 
1762
                $size = $isfolder ? 0 : zip_entry_filesize($entry);
 
1763
                $this->read_entry($name, $isfolder, $size);
1730
1764
            }
1731
1765
        }
1732
1766
        else if ($this->archivetype == 'tar') {
1733
 
            $foldernames = array();
1734
1767
            $list = $this->handle->listContent();
1735
1768
            if (empty($list)) {
1736
1769
                throw new SystemException("Unknown archive type");
1737
1770
            }
1738
 
 
1739
1771
            foreach ($list as $entry) {
1740
 
                $path = split('/', $entry['filename']);
1741
 
                if ($isfolder = substr($entry['filename'], -1) == '/') {
1742
 
                    array_pop($path);
1743
 
                }
1744
 
 
1745
 
                $folder = '';
1746
 
                for ($i = 0; $i < count($path) - 1; $i++) {
1747
 
                    $folder .= $path[$i] . '/';
1748
 
                    if (!isset($foldernames[$folder])) {
1749
 
                        $foldernames[$folder] = 1;
1750
 
                        $this->info->names[] = $folder;
1751
 
                        $this->info->folders++;
1752
 
                    }
1753
 
                }
1754
 
 
1755
 
                if (!$isfolder) {
1756
 
                    $this->info->names[] = $entry['filename'];
1757
 
                    $this->info->files++;
1758
 
                    $this->info->totalsize += $entry['size'];
1759
 
                }
 
1772
                $isfolder = substr($entry['filename'], -1) == '/';
 
1773
                $size = $isfolder ? 0 : $entry['size'];
 
1774
                $this->read_entry($entry['filename'], $isfolder, $size);
1760
1775
            }
1761
1776
        }
1762
1777
        else {
1826
1841
        $tempdir = get_config('dataroot') . 'artefact/file/temp';
1827
1842
        check_dir_exists($tempdir);
1828
1843
 
1829
 
        $this->read_archive();
1830
 
 
1831
1844
        if ($this->archivetype == 'tar') {
1832
1845
 
 
1846
            $this->read_archive();
 
1847
 
1833
1848
            // Untar everything into a temp directory first
1834
1849
            $tempsubdir = tempnam($tempdir, '');
1835
1850
            unlink($tempsubdir);
1857
1872
 
1858
1873
        } else if ($this->archivetype == 'zip') {
1859
1874
 
 
1875
            $this->open_archive();
 
1876
 
1860
1877
            $tempfile = tempnam($tempdir, '');
1861
1878
            $i = 0;
1862
1879
 
1863
1880
            while ($entry = zip_read($this->handle)) {
1864
1881
                $name = zip_entry_name($entry);
1865
1882
                $folder = dirname($name);
 
1883
 
 
1884
                // Create parent folders if necessary
 
1885
                if (!isset($this->data['folderids'][$folder])) {
 
1886
                    $parent = '.';
 
1887
                    $child = '';
 
1888
                    $path = split('/', $folder);
 
1889
                    for ($i = 0; $i < count($path); $i++) {
 
1890
                        $child .= $path[$i] . '/';
 
1891
                        if (!isset($this->data['folderids'][$child])) {
 
1892
                            $this->data['template']->parent = $this->data['folderids'][$parent];
 
1893
                            $this->data['template']->title = $path[$i];
 
1894
                            $this->create_folder($parent);
 
1895
                        }
 
1896
                        $parent = $child;
 
1897
                    }
 
1898
                }
 
1899
 
1866
1900
                $this->data['template']->parent = $this->data['folderids'][$folder];
1867
1901
                $this->data['template']->title = basename($name);
1868
1902
                if (substr($name, -1) == '/') {