posting_attachments.php

来自「这是php编的论坛的原代码」· PHP 代码 · 共 1,621 行 · 第 1/4 页

						{
							$error_msg .= '<br />';
						}
						$error_msg .= sprintf($lang['User_upload_quota_reached'], $upload_filesize_limit, $size_lang);
					}
				}
			}
					
			//
			// If we are at Private Messaging, check our PM Quota
			//
			if ($this->page == PAGE_PRIVMSGS)
			{
				$to_user = ( isset($HTTP_POST_VARS['username']) ) ? $HTTP_POST_VARS['username'] : '';
				
				if (intval($attach_config['pm_filesize_limit']) != 0)
				{
					$total_filesize = get_total_attach_pm_filesize('from_user', $userdata['user_id']);

					if ( ($total_filesize + $this->filesize > intval($attach_config['pm_filesize_limit'])) ) 
					{
						$error = TRUE;
						if(!empty($error_msg))
						{
							$error_msg .= '<br />';
						}
						$error_msg .= $lang['Attach_quota_sender_pm_reached'];
					}
				}

				//
				// Check Receivers PM Quota
				//
				if (!empty($to_user))
				{
					$sql = "SELECT user_id
					FROM " . USERS_TABLE . "
					WHERE username = '" . $to_user . "'";
					
					if ( !($result = attach_sql_query($sql)) )
					{
						message_die(GENERAL_ERROR, 'Could not query userdata', '', __LINE__, __FILE__, $sql);
					}

					$row = $db->sql_fetchrow($result);
					$user_id = intval($row['user_id']);
					
					$this->get_quota_limits($user_id);

					if (intval($attach_config['pm_filesize_limit']) != 0)
					{
						$total_filesize = get_total_attach_pm_filesize('to_user', $user_id);
						
						if ($total_filesize + $this->filesize > intval($attach_config['pm_filesize_limit'])) 
						{
							$error = TRUE;
							if(!empty($error_msg))
							{
								$error_msg .= '<br />';
							}
							$error_msg .= sprintf($lang['Attach_quota_receiver_pm_reached'], $to_user);
						}
					}
				}
			}
			
			$this->thumbnail = 0;
				
			if (!$error) 
			{
				//
				// Prepare Values
				//
				$this->filetime = time(); 
	
				$this->filename = stripslashes($r_file);

				$this->attach_filename = strtolower($this->filename);
				$this->attach_filename = str_replace(' ', '_', $this->attach_filename);
				
				$this->attach_filename = rawurlencode($this->attach_filename);
				$this->attach_filename = preg_replace("/%(\w{2})/", "_", $this->attach_filename);

				if (physical_filename_already_stored($this->attach_filename))
				{
					$this->attach_filename = delete_extension($this->attach_filename);
					$this->attach_filename = $this->attach_filename . '_' . substr(rand(), 0, 3) . '.' . $this->extension;
				}
				
				$this->filename = str_replace("'", "\'", $this->filename);

				//
				// Do we have to create a thumbnail ?
				//
				if ( ($cat_id == IMAGE_CAT) && (intval($attach_config['img_create_thumbnail'])) )
				{
					$this->thumbnail = 1;
				}
			}

			//
			// Upload Attachment
			//
			if (!$error) 
			{
				if ( !(intval($attach_config['allow_ftp_upload'])) )
				{
					//
					// Descide the Upload method
					//
					$ini_val = ( phpversion() >= '4.0.0' ) ? 'ini_get' : 'get_cfg_var';
		
					$safe_mode = @$ini_val('safe_mode');

					if ( @$ini_val('open_basedir') )
					{
						if ( @phpversion() < '4.0.3' )
						{
							$upload_mode = 'copy';
						}
						else
						{
							$upload_mode = 'move';
						}
					}
					else if ( @$ini_val('safe_mode') )
					{
						$upload_mode = 'move';
					}
					else
					{
						$upload_mode = 'copy';
					}
				}
				else
				{
					$upload_mode = 'ftp';
				}

				// 
				// Ok, upload the Attachment
				//
				if (!$error)
				{
					$this->move_uploaded_attachment($upload_mode, $file);
				}
			}

			if ($error) 
			{
				$this->post_attach = FALSE;
			}
		}
	}
	
	//
	// Copy the temporary attachment to the right location (copy, move_uploaded_file or ftp)
	//
	function move_uploaded_attachment($upload_mode, $file)
	{
		global $error, $error_msg, $lang, $upload_dir;

		switch ($upload_mode)
		{
			case 'copy':
/*
				$ini_val = ( phpversion() >= '4.0.0' ) ? 'ini_get' : 'get_cfg_var';
		
				$tmp_path = ( !@$ini_val('safe_mode') ) ? '' : $upload_dir . '/tmp';
				
				if ($tmp_path != '')
				{
					$tmp_filename = tempnam($tmp_path, 't0000');

					$fd = fopen($file, 'r');
					$data = fread ($fd, $this->filesize);
					fclose ($fd);
					
					$fptr = @fopen($tmp_filename, 'wb');
					$bytes_written = @fwrite($fptr, $data, $this->filesize);
					@fclose($fptr);
					$file = $tmp_filename;
				}
*/				
				if ( !@copy($file, $upload_dir . '/' . $this->attach_filename) ) 
				{
					if ( !@move_uploaded_file($file, $upload_dir . '/' . $this->attach_filename) ) 
					{
						$error = TRUE;
						if(!empty($error_msg))
						{
							$error_msg .= '<br />';
						}
						$error_msg .= sprintf($lang['General_upload_error'], './' . $upload_dir . '/' . $this->attach_filename);
						return;
					}
				} 
				@chmod($upload_dir . '/' . $this->attach_filename, 0666);

/*				if ($tmp_path != '')
				{
					unlink_attach($file);
				}
*/
				break;

			case 'move':
/*				$ini_val = ( phpversion() >= '4.0.0' ) ? 'ini_get' : 'get_cfg_var';
		
				$tmp_path = ( !@$ini_val('safe_mode') ) ? '' : $upload_dir . '/tmp';
				
				if ($tmp_path != '')
				{
					$tmp_filename = tempnam($tmp_path, 't0000');

					$fd = fopen($file, 'r');
					$data = fread ($fd, $this->filesize);
					fclose ($fd);

					$fptr = @fopen($tmp_filename, 'wb');
					$bytes_written = @fwrite($fptr, $data, $this->filesize);
					@fclose($fptr);
					$file = $tmp_filename;
				}
*/				
				if ( !@move_uploaded_file($file, $upload_dir . '/' . $this->attach_filename) ) 
				{ 
					if ( !@copy($file, $upload_dir . '/' . $this->attach_filename) ) 
					{
						$error = TRUE;
						if(!empty($error_msg))
						{
							$error_msg .= '<br />';
						}
						$error_msg .= sprintf($lang['General_upload_error'], './' . $upload_dir . '/' . $this->attach_filename);
						return;
					}
				} 
				@chmod($upload_dir . '/' . $this->attach_filename, 0666);

/*				if ($tmp_path != '')
				{
					unlink_attach($file);
				}*/

				break;

			case 'ftp':
				ftp_file($file, $this->attach_filename, $this->type);
				break;
		}

		if ( (!$error) && ($this->thumbnail == 1) )
		{

			if ($upload_mode == 'ftp')
			{
				$source = $file;
				$dest_file = THUMB_DIR . '/t_' . $this->attach_filename;
			}
			else
			{
				$source = $upload_dir . '/' . $this->attach_filename;
				$dest_file = $upload_dir . '/' . THUMB_DIR . '/t_' . $this->attach_filename;
			}

			if (!create_thumbnail($source, $dest_file, $this->type))
			{
				if (!create_thumbnail($file, $dest_file, $this->type))
				{
					$this->thumbnail = 0;
				}
			}
		}
	}
}


class attach_posting extends attach_parent
{

	//
	// Constructor
	//
	function attach_posting()
	{
		$this->attach_parent();
		$this->page = -1;
	}
	
	//
	// Preview Attachments in Posts
	//
	function preview_attachments()
	{
		global $attach_config, $is_auth, $userdata;

		if ( (intval($attach_config['disable_mod'])) || (!( ($is_auth['auth_attachments']) && ($is_auth['auth_read']))) )
		{
			return (FALSE);
		}
	
		display_attachments_preview($this->attachment_list, $this->attachment_filesize_list, $this->attachment_filename_list, $this->attachment_comment_list, $this->attachment_extension_list, $this->attachment_thumbnail_list);
	}
	
	//
	// Insert an Attachment into a Post (this is the second function called from posting.php)
	//
	function insert_attachment($post_id)
	{
		global $db, $is_auth, $mode, $userdata, $error, $error_msg;

		//
		// Insert Attachment ?
		//
		if ((!empty($post_id)) && ( $mode == 'newtopic' || $mode == 'reply' || $mode == 'editpost' ) && ($is_auth['auth_attachments']) && ($is_auth['auth_read']))
		{
			$this->do_insert_attachment('attach_list', 'post', $post_id);
			$this->do_insert_attachment('last_attachment', 'post', $post_id);

			if ( ( (count($this->attachment_list) > 0) || ($this->post_attach) ) && (!isset($HTTP_POST_VARS['update_attachment'])) )
			{
				$sql = "UPDATE " . POSTS_TABLE . "
				SET post_attachment = 1
				WHERE post_id = " . $post_id;

				if ( !(attach_sql_query($sql)) )
				{
					message_die(GENERAL_ERROR, 'Unable to update Posts Table.', '', __LINE__, __FILE__, $sql);
				}

				$sql = "SELECT topic_id FROM " . POSTS_TABLE . "
				WHERE post_id = " . $post_id;
				
				if ( !($result = attach_sql_query($sql)) )
				{
					message_die(GENERAL_ERROR, 'Unable to select Posts Table.', '', __LINE__, __FILE__, $sql);
				}

				$row = $db->sql_fetchrow($result);

				$sql = "UPDATE " . TOPICS_TABLE . "
				SET topic_attachment = 1
				WHERE topic_id = " . $row['topic_id'];

				if ( !(attach_sql_query($sql)) )
				{
					message_die(GENERAL_ERROR, 'Unable to update Topics Table.', '', __LINE__, __FILE__, $sql);
				}
			}
		}
	}

	//
	// Handle Attachments (Add/Delete/Edit/Show) - This is the first function called from every message handler
	//
	function posting_attachment_mod()
	{
		global $mode, $confirm, $is_auth, $post_id, $delete, $refresh, $HTTP_POST_VARS;

		if (!$refresh)
		{
			$add_attachment_box = ( !empty($HTTP_POST_VARS['add_attachment_box']) ) ? TRUE : FALSE;
			$posted_attachments_box = ( !empty($HTTP_POST_VARS['posted_attachments_box']) ) ? TRUE : FALSE;

			$refresh = $add_attachment_box || $posted_attachments_box;
		}

		//
		// Choose what to display
		//
		$result = $this->handle_attachments($mode);

		if ($result == FALSE)
		{
			return;
		}

		if ( ($confirm) && ($delete || $mode == 'delete' || $mode == 'editpost') && ($is_auth['auth_delete'] || $is_auth['auth_mod']) )
		{
			if (!empty($post_id))
			{
				delete_attachment($post_id);
			}
		}

		$this->display_attachment_bodies();
	}

}

//
// Entry Point
//
function execute_posting_attachment_handling()
{
	global $attachment_mod;

	$attachment_mod['posting'] = new attach_posting();
	$attachment_mod['posting']->posting_attachment_mod();
}

?>