| [ Index ] |
|
Code source de Mantis 1.1.0rc3 |
1 <?php 2 # MantisConnect - A webservice interface to Mantis Bug Tracker 3 # Copyright (C) 2004-2007 Victor Boctor - vboctor@users.sourceforge.net 4 # This program is distributed under dual licensing. These include 5 # GPL and a commercial licenses. Victor Boctor reserves the right to 6 # change the license of future releases. 7 # See docs/ folder for more details 8 9 # -------------------------------------------------------- 10 # $Id: mc_file_api.php,v 1.1.2.1 2007-10-20 23:17:43 vboctor Exp $ 11 # -------------------------------------------------------- 12 13 # -------------------- 14 # Check if the current user can download attachments for the specified bug. 15 function mci_file_can_download_bug_attachments( $p_bug_id, $p_user_id ) { 16 $t_can_download = access_has_bug_level( config_get( 'download_attachments_threshold' ), $p_bug_id ); 17 if ($t_can_download) { 18 return true; 19 } 20 21 $t_reported_by_me = bug_is_user_reporter( $p_bug_id, $p_user_id ); 22 return ( $t_reported_by_me && config_get( 'allow_download_own_attachments' ) ); 23 } 24 25 # -------------------- 26 # Read a local file and return its content. 27 function mci_file_read_local( $p_diskfile ) { 28 $t_handle = fopen( $p_diskfile, "r" ); 29 $t_content = fread( $t_handle, filesize( $p_diskfile ) ); 30 fclose( $t_handle ); 31 return $t_content; 32 } 33 34 # -------------------- 35 # Write a local file. 36 function mci_file_write_local( $p_diskfile, $p_content ) { 37 $t_handle = fopen( $p_diskfile, "w" ); 38 fwrite( $t_handle, $p_content ); 39 fclose( $t_handle ); 40 } 41 42 # -------------------- 43 function mci_file_add( $p_id, $p_name, $p_content, $p_file_type, $p_table, $p_title = '', $p_desc = '' ) { 44 if ( !file_type_check( $p_name ) ) { 45 return new soap_fault( 'Client', '', 'File type not allowed.' ); 46 } 47 if ( !file_is_name_unique( $p_name, $p_id ) ) { 48 return new soap_fault( 'Client', '', 'Duplicate filename.' ); 49 } 50 51 $t_file_size = strlen( $p_content ); 52 $t_max_file_size = (int)min( ini_get_number( 'upload_max_filesize' ), ini_get_number( 'post_max_size' ), config_get( 'max_file_size' ) ); 53 if ( $t_file_size > $t_max_file_size ) { 54 return new soap_fault( 'Client', '', 'File is too big.' ); 55 } 56 57 if ( 'bug' == $p_table ) { 58 $t_project_id = bug_get_field( $p_id, 'project_id' ); 59 $t_issue_id = bug_format_id( $p_id ); 60 } else { 61 $t_project_id = $p_id; 62 $t_issue_id = 0; 63 } 64 65 # prepare variables for insertion 66 $c_issue_id = db_prepare_int( $t_issue_id ); 67 $c_project_id = db_prepare_int( $t_project_id ); 68 $c_file_type = db_prepare_string( $p_file_type ); 69 $c_title = db_prepare_string( $p_title ); 70 $c_desc = db_prepare_string( $p_desc ); 71 72 if( $t_project_id == ALL_PROJECTS ) { 73 $t_file_path = config_get( 'absolute_path_default_upload_folder' ); 74 } 75 else { 76 $t_file_path = project_get_field( $t_project_id, 'file_path' ); 77 if( $t_file_path == '' ) { 78 $t_file_path = config_get( 'absolute_path_default_upload_folder' ); 79 } 80 } 81 82 $c_file_path = db_prepare_string( $t_file_path ); 83 $c_new_file_name = db_prepare_string( $p_name ); 84 85 $t_file_hash = $t_issue_id; 86 $t_disk_file_name = $t_file_path . file_generate_unique_name( $t_file_hash . '-' . $p_name, $t_file_path ); 87 $c_disk_file_name = db_prepare_string( $t_disk_file_name ); 88 89 $t_file_size = strlen( $p_content ); 90 $c_file_size = db_prepare_int( $t_file_size ); 91 92 $t_method = config_get( 'file_upload_method' ); 93 94 switch ( $t_method ) { 95 case FTP: 96 case DISK: 97 if ( !file_exists( $t_upload_path ) || !is_dir( $t_upload_path ) || !is_writable( $t_upload_path ) || !is_readable( $t_upload_path ) ) { 98 return new soap_fault( 'Server', '', "Upload folder '{$t_file_path}' doesn't exist." ); 99 } 100 101 file_ensure_valid_upload_path( $t_file_path ); 102 103 if ( !file_exists( $t_disk_file_name ) ) { 104 mci_file_write_local( $t_disk_file_name, $p_content ); 105 if ( FTP == $t_method ) { 106 $conn_id = file_ftp_connect(); 107 file_ftp_put ( $conn_id, $t_disk_file_name, $t_disk_file_name ); 108 file_ftp_disconnect ( $conn_id ); 109 file_delete_local( $p_disk_file_name ); 110 } 111 112 chmod( $t_disk_file_name, config_get( 'attachments_file_permissions' ) ); 113 114 $c_content = ''; 115 } 116 break; 117 case DATABASE: 118 $c_content = db_prepare_string( $p_content ); 119 break; 120 } 121 122 $t_file_table = config_get( 'mantis_' . $p_table . '_file_table' ); 123 $c_id = ( 'bug' == $p_table ) ? $c_issue_id : $c_project_id; 124 $query = "INSERT INTO $t_file_table 125 (" . $p_table . "_id, title, description, diskfile, filename, folder, filesize, file_type, date_added, content) 126 VALUES 127 ($c_id, '$c_title', '$c_desc', '$c_disk_file_name', '$c_new_file_name', '$c_file_path', $c_file_size, '$c_file_type', " . db_now() .", '$c_content')"; 128 db_query( $query ); 129 130 # get attachment id 131 $t_attachment_id = db_insert_id( $t_file_table ); 132 133 if ( 'bug' == $p_table ) { 134 # updated the last_updated date 135 $result = bug_update_date( $p_bug_id ); 136 # log new bug 137 history_log_event_special( $p_bug_id, FILE_ADDED, $p_file_name ); 138 } 139 140 return $t_attachment_id; 141 } 142 143 function mci_file_get( $p_file_id, $p_type ) { 144 # we handle the case where the file is attached to a bug 145 # or attached to a project as a project doc. 146 $query = ''; 147 switch ( $p_type ) { 148 case 'bug': 149 $t_bug_file_table = config_get( 'mantis_bug_file_table' ); 150 $query = "SELECT * 151 FROM $t_bug_file_table 152 WHERE id='$p_file_id'"; 153 break; 154 case 'doc': 155 $t_project_file_table = config_get( 'mantis_project_file_table' ); 156 $query = "SELECT * 157 FROM $t_project_file_table 158 WHERE id='$p_file_id'"; 159 break; 160 default: 161 return new soap_fault( 'Client', '', 'Access Denied' ); 162 } 163 164 $result = db_query( $query ); 165 $row = db_fetch_array( $result ); 166 extract( $row, EXTR_PREFIX_ALL, 'v' ); 167 168 # Check access rights 169 switch ( $p_type ) { 170 case 'bug': 171 if ( !mci_file_can_download_bug_attachments( $v_bug_id, $t_user_id ) ) { 172 return new soap_fault( 'Client', '', 'Access Denied' ); 173 } 174 break; 175 case 'doc': 176 # Check if project documentation feature is enabled. 177 if ( OFF == config_get( 'enable_project_documentation' ) ) { 178 return new soap_fault( 'Client', '', 'Access Denied' ); 179 } 180 if ( !access_has_project_level( config_get( 'view_proj_doc_threshold' ), $v_project_id, $t_user_id ) ) { 181 return new soap_fault( 'Client', '', 'Access Denied' ); 182 } 183 break; 184 } 185 186 # dump file content to the connection. 187 switch ( config_get( 'file_upload_method' ) ) { 188 case DISK: 189 if ( file_exists( $v_diskfile ) ) { 190 return base64_encode( mci_file_read_local( $v_diskfile ) ); 191 } else { 192 return null; 193 } 194 case FTP: 195 if ( file_exists( $v_diskfile ) ) { 196 return base64_encode( mci_file_read_local( $v_diskfile ) ); 197 } else { 198 $ftp = file_ftp_connect(); 199 file_ftp_get ( $ftp, $v_diskfile, $v_diskfile ); 200 file_ftp_disconnect( $ftp ); 201 return base64_encode( mci_file_read_local( $v_diskfile ) ); 202 } 203 default: 204 return base64_encode( $v_content ); 205 } 206 } 207 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Thu Nov 29 09:42:17 2007 | par Balluche grâce à PHPXref 0.7 |
|
|