tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

2014-04-09 Alejandro Gallardo <alejandro.gallardo@artica.es> 

* extensions/files_repo/files_repo_get_file.php: Added file
	to download files from files_repo extension via public links.

	* extensions/files_repo/sql/files_repo.sql,
	  extensions/files_repo/sql/files_repo.oracle.sql,
	  extensions/files_repo/sql/files_repo.postgreSQL.sql: Added
	the new column 'hash'.

	* extensions/files_repo/functions_files_repo.php,
	  extensions/files_repo/files_repo_list.php,
	  extensions/files_repo/files_repo_form.php,
	  extensions/files_repo.php: Now an user can make the files
	public and get the public download links. Error fixes.


git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@9745 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
alexhigh 2014-04-09 13:14:15 +00:00
parent 840522d44f
commit 53f5a2dbda
9 changed files with 199 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
pandora_console/ChangeLog
View File

@ -1,3 +1,19 @@
2014-04-09 Alejandro Gallardo <alejandro.gallardo@artica.es>
* extensions/files_repo/files_repo_get_file.php: Added file
to download files from files_repo extension via public links.
* extensions/files_repo/sql/files_repo.sql,
extensions/files_repo/sql/files_repo.oracle.sql,
extensions/files_repo/sql/files_repo.postgreSQL.sql: Added
the new column 'hash'.
* extensions/files_repo/functions_files_repo.php,
extensions/files_repo/files_repo_list.php,
extensions/files_repo/files_repo_form.php,
extensions/files_repo.php: Now an user can make the files
public and get the public download links. Error fixes.
2014-04-08 Alejandro Gallardo <alejandro.gallardo@artica.es>
* include/functions.php: Added the functions

16
pandora_console/extensions/files_repo.php
View File

@ -63,19 +63,25 @@ function pandora_files_repo_uninstall () {
case "mysql":
db_process_sql ('DROP TABLE `tfiles_repo_group`');
db_process_sql ('DROP TABLE `tfiles_repo`');
db_process_sql ('DELETE FROM `tconfig`
WHERE `token` LIKE "files_repo_%"');
break;
case "postgresql":
db_process_sql ('DROP TABLE `tfiles_repo_group`');
db_process_sql ('DROP TABLE `tfiles_repo`');
db_process_sql ('DELETE FROM "tconfig"
WHERE "token" LIKE \'files_repo_%\'');
break;
case "oracle":
db_process_sql ('DROP TABLE `tfiles_repo_group`');
db_process_sql ('DROP TABLE `tfiles_repo`');
db_process_sql ('DELETE FROM tconfig
WHERE token LIKE \'files_repo_%\'');
break;
}
$full_extensions_dir = $config['homedir'].DIRECTORY_SEPARATOR.EXTENSIONS_DIR.DIRECTORY_SEPARATOR;
delete_dir($full_extensions_dir."files_repo");
if (!empty($config['attachment_store']))
delete_dir($config['attachment_store'].DIRECTORY_SEPARATOR."files_repo");
}
function pandora_files_repo_godmode () {
@ -126,6 +132,7 @@ function pandora_files_repo_godmode () {
// File add or update
if ( $add_file || ($update_file && $file_id > 0) ) {
$groups = get_parameter ("groups", array());
$public = (bool) get_parameter ("public");
$description = io_safe_output((string) get_parameter ("description"));
if (mb_strlen($description, "UTF-8") > 200) {
$description = mb_substr($description, 0, 200, "UTF-8");
@ -133,9 +140,9 @@ function pandora_files_repo_godmode () {
$description = io_safe_input($description);
if ($add_file) {
$result = files_repo_add_file("upfile", $description, $groups);
$result = files_repo_add_file("upfile", $description, $groups, $public);
} elseif ($update_file) {
$result = files_repo_update_file($file_id, $description, $groups);
$result = files_repo_update_file($file_id, $description, $groups, $public);
$file_id = 0;
}
if ($result['status'] == false) {
@ -200,6 +207,7 @@ extensions_add_main_function('pandora_files_repo_operation');
extensions_add_godmode_menu_option(__('Files repository manager'), 'PM', null, null, "v1r1");
extensions_add_godmode_function('pandora_files_repo_godmode');
//pandora_files_repo_uninstall();
pandora_files_repo_install();
?>

60
pandora_console/extensions/files_repo/files_repo_form.php
View File

@ -14,6 +14,7 @@
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
global $config;
$full_extensions_dir = $config['homedir'].DIRECTORY_SEPARATOR.EXTENSIONS_DIR.DIRECTORY_SEPARATOR;
@ -22,6 +23,7 @@ require_once ($full_extensions_dir."files_repo".DIRECTORY_SEPARATOR."functions_f
$file = array();
$file['name'] = '';
$file['description'] = '';
$file['hash'] = '';
$file['groups'] = array();
if (isset($file_id) && $file_id > 0) {
$file = files_repo_get_files(array('id' => $file_id));
@ -46,17 +48,23 @@ $groups = groups_get_all();
// Use this instead array_unshift to keep the array keys
$groups = array(0 => __('All')) + $groups;
$html = "";
$style = "style=\"vertical-align: middle; min-width: 60px;\"";
$style = "style=\"padding: 2px 10px; display: inline-block;\"";
foreach ($groups as $id => $name) {
$checked = in_array($id, $file['groups']);
$checkbox = html_print_checkbox_extended ('groups[]', $id, $checked, false, '', 'class="chkb_group"', true);
$html .= "<span $style>$name&nbsp;$checkbox</span>&nbsp;&nbsp;&nbsp;";
$all_checked = false;
if ($id === 0) {
$checkbox = html_print_checkbox_extended ('groups[]', $id, $checked, false, '', 'class="chkb_all"', true);
$all_checked = $checked;
} else {
$checkbox = html_print_checkbox_extended ('groups[]', $id, $checked, $all_checked, '', 'class="chkb_group"', true);
}
$html .= "<div $style>$name&nbsp;$checkbox</div>";
}
$row = array();
$row[0] = __('Groups');
$row[1] = $html;
$table->data[] = $row;
$table->colspan[][1] = 2;
$table->colspan[][1] = 3;
// DESCRIPTION
$row = array();
@ -64,20 +72,26 @@ $row[0] = __('Description');
$row[0] .= ui_print_help_tip(__('Only 200 characters are permitted'), true);
$row[1] = html_print_textarea('description', 3, 20, $file['description'], 'style="min-height: 40px; max-height: 40px; width: 98%;"', true);
$table->data[] = $row;
$table->colspan[][1] = 2;
$table->colspan[][1] = 3;
// FILE and SUBMIT BUTTON
$row = array();
// Public checkbox
$checkbox = html_print_checkbox('public', 1, (bool)!empty($file['hash']), true);
$style = "style=\"padding: 2px 10px; display: inline-block;\"";
$row[0] = __('File');
if ($file_id > 0) {
$row[1] = $file['name'];
$row[2] = html_print_submit_button(__('Update'), 'submit', false, 'class="sub upd"', true);
$row[2] .= html_print_input_hidden('update_file', 1, true);
$row[2] .= html_print_input_hidden('file_id', $file_id, true);
$row[2] = "<div $style>".__('Public link')."&nbsp;$checkbox</div>";
$row[3] = html_print_submit_button(__('Update'), 'submit', false, 'class="sub upd"', true);
$row[3] .= html_print_input_hidden('update_file', 1, true);
$row[3] .= html_print_input_hidden('file_id', $file_id, true);
} else {
$row[1] = html_print_input_file('upfile', true);
$row[2] = html_print_submit_button(__('Add'), 'submit', false, 'class="sub add"', true);
$row[2] .= html_print_input_hidden('add_file', 1, true);
$row[2] = "<div $style>".__('Public link')."&nbsp;$checkbox</div>";
$row[3] = html_print_submit_button(__('Add'), 'submit', false, 'class="sub add"', true);
$row[3] .= html_print_input_hidden('add_file', 1, true);
}
$table->data[] = $row;
$table->colspan[][1] = 1;
@ -87,4 +101,28 @@ echo "<form method='post' action='$url' enctype='multipart/form-data'>";
html_print_table($table);
echo "</form>";
?>
?>
<script language="javascript" type="text/javascript">
$(document).ready (function () {
var all_enabled = $(".chkb_all").prop("checked");
if (all_enabled) {
$(".chkb_group").prop("checked", false);
$(".chkb_group").prop("disabled", true);
}
$(".chkb_all").click(function () {
all_enabled = $(".chkb_all").prop("checked");
if (all_enabled) {
$(".chkb_group").prop("checked", false);
$(".chkb_group").prop("disabled", true);
} else {
$(".chkb_group").prop("disabled", false);
}
});
});
</script>

72
pandora_console/extensions/files_repo/files_repo_get_file.php Normal file
View File

@ -0,0 +1,72 @@
<?php
// Pandora FMS - http://pandorafms.com
// ==================================================
// Copyright (c) 2005-2010 Artica Soluciones Tecnologicas
// Please see http://pandorafms.org for full contribution list
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU Lesser General Public License
// as published by the Free Software Foundation; version 2
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
$ds = DIRECTORY_SEPARATOR;
require_once ("..".$ds."..".$ds."include".$ds."config.php");
$file_hash = (string) get_parameter('file');
// Only allow 1 parameter in the request
$check_request = (count($_REQUEST) === 1) ? true : false;
$check_get = (count($_GET) === 1) ? true : false;
$check_post = (count($_POST) === 0) ? true : false;
// Only allow the parameter 'file'
$check_parameter = (!empty($file_hash)) ? true : false;
$check_string = (preg_match("/^[0-9a-zA-Z]{8}$/", $file_hash) === 1) ? true : false;
$checks = ($check_request && $check_get && $check_post && $check_parameter && $check_string);
if (!$checks) {
throw_error(15); // ERROR
}
// Get the db file row
$file = db_get_row_filter("tfiles_repo", array('hash' => $file_hash));
if (!$file) {
throw_error(10); // ERROR
}
// Case sensitive check
$check_hash = ($file['hash'] == $file_hash) ? true : false;
if (!$check_hash) {
throw_error(10); // ERROR
}
// Get the location
$files_repo_path = $config['attachment_store'].$ds."files_repo";
$location = $files_repo_path.$ds.$file['id']."_".$file['name'];
if (!file_exists($location) || !is_readable($location) || !is_file($location)) {
throw_error(5); // ERROR
}
// All checks are fine. Download the file!
header('Content-type: aplication/octet-stream;');
header('Content-type: ' . mime_content_type($location) . ';');
header("Content-Length: " . filesize($location));
header('Content-Disposition: attachment; filename="' . $file['name'] . '"');
readfile($location);
///
function throw_error ($time = 15) {
sleep ($time);
$styleError = "background:url(\"../images/err.png\") no-repeat scroll 0 0 transparent; padding:4px 1px 6px 30px; color:#CC0000;";
echo "<h3 style='" . $styleError . "'>" .
__('Unreliable petition') . ". " . __('Please contact the administrator') .
"</h3>";
exit;
}
?>

25
pandora_console/extensions/files_repo/files_repo_list.php
View File

@ -14,6 +14,7 @@
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
global $config;
$full_extensions_dir = $config['homedir'].DIRECTORY_SEPARATOR.EXTENSIONS_DIR.DIRECTORY_SEPARATOR;
@ -67,16 +68,30 @@ if (!empty($files)) {
$data[1] = $file['description']; // Description
$data[2] = ui_format_filesize($file['size']); // Size
$data[3] = date('F j, Y - H:m', $file['mtime']); // Last modification
$data[4] = "<a href=\"$url\" target=\"_blank\">";
// Public URL
if (!empty($file['hash'])) {
$public_url = ui_get_full_url(EXTENSIONS_DIR . "/files_repo/files_repo_get_file.php?file=" . $file['hash']);
$message = __('Copy to clipboard') . ": Ctrl+C -> Enter";
$action = "window.prompt('$message', '$public_url');";
$data[4] .= "<a href=\"javascript:;\" onclick=\"$action\">";
$data[4] .= html_print_image('images/world.png', true, array('title' => __('Public link'))); // Public link image
$data[4] .= "</a> ";
}
$data[4] .= "<a href=\"$url\" target=\"_blank\">";
$data[4] .= html_print_image('images/download.png', true, array('title' => __('Download'))); // Download image
$data[4] .= "</a>";
if ($manage) {
$url = ui_get_full_url("index.php?sec=gextensions&sec2=extensions/files_repo&file_id=$file_id");
$data[4] .= " <a href=\"$url\">";
$config_url = ui_get_full_url("index.php?sec=gextensions&sec2=extensions/files_repo&file_id=$file_id");
$data[4] .= " <a href=\"$config_url\">";
$data[4] .= html_print_image('images/config.png', true, array('title' => __('Edit'))); // Edit image
$data[4] .= "</a>";
$url = ui_get_full_url("index.php?sec=gextensions&sec2=extensions/files_repo&delete=1&file_id=$file_id");
$data[4] .= " <a href=\"$url\" onClick=\"if (!confirm('".__('Are you sure?')."')) return false;\">";
$delete_url = ui_get_full_url("index.php?sec=gextensions&sec2=extensions/files_repo&delete=1&file_id=$file_id");
$data[4] .= " <a href=\"$delete_url\" onClick=\"if (!confirm('".__('Are you sure?')."')) return false;\">";
$data[4] .= html_print_image('images/cross.png', true, array('title' => __('Delete'))); // Delete image
$data[4] .= "</a>";
}

30
pandora_console/extensions/files_repo/functions_files_repo.php
View File

@ -70,6 +70,11 @@ function files_repo_check_file_acl ($file_id, $user_id = false, $file_groups = f
$file_groups = array();
}
}
if (in_array(0, $file_groups)) {
return true;
}
if (!$user_groups) {
$user_groups = users_get_groups ($user_id, false, true);
if (empty($user_groups)) {
@ -150,6 +155,7 @@ function files_repo_get_files ($filter = false, $count = false) {
// Last modification time in unix timestamp
$data['mtime'] = filemtime($data['location']);
$data['groups'] = $file_groups;
$data['hash'] = $file['hash'];
$files_data[$file['id']] = $data;
}
@ -160,7 +166,7 @@ function files_repo_get_files ($filter = false, $count = false) {
return $files_data;
}
function files_repo_add_file ($file_input_name = "upfile", $description = "", $groups = array()) {
function files_repo_add_file ($file_input_name = "upfile", $description = "", $groups = array(), $public = false) {
global $config;
$attachment_path = realpath($config['attachment_store']);
@ -183,9 +189,16 @@ function files_repo_add_file ($file_input_name = "upfile", $description = "", $g
$filename = mb_substr($filename, 0, 200, "UTF-8");
}
$hash = "";
if ($public) {
$hash = md5(time() . $config['dbpass']);
$hash = mb_substr($hash, 0, 8, "UTF-8");
}
$values = array(
'name' => $filename,
'description' => $description
'description' => $description,
'hash' => $hash
);
$file_id = db_process_sql_insert('tfiles_repo', $values);
@ -224,14 +237,23 @@ function files_repo_add_file ($file_input_name = "upfile", $description = "", $g
return $result;
}
function files_repo_update_file ($file_id, $description = "", $groups = array()) {
function files_repo_update_file ($file_id, $description = "", $groups = array(), $public = false) {
global $config;
$result = array();
$result["status"] = false;
$result["message"] = "";
$values = array('description' => $description);
$hash = "";
if ($public) {
$hash = md5(time() . $config['dbpass']);
$hash = mb_substr($hash, 0, 8, "UTF-8");
}
$values = array(
'description' => $description,
'hash' => $hash
);
$filter = array('id' => $file_id);
$res = db_process_sql_update('tfiles_repo', $values, $filter);
if ($res !== false) {

2
pandora_console/extensions/files_repo/sql/files_repo.oracle.sql
View File

@ -1,4 +1,4 @@
CREATE TABLE IF NOT EXISTS tfiles_repo (id NUMBER(5, 0) NOT NULL PRIMARY KEY, name VARCHAR(255) NOT NULL, description VARCHAR(500) default '');
CREATE TABLE IF NOT EXISTS tfiles_repo (id NUMBER(5, 0) NOT NULL PRIMARY KEY, name VARCHAR(255) NOT NULL, description VARCHAR(500) NULL default '', hash VARCHAR(8) NULL default '');
CREATE SEQUENCE tfiles_repo_s INCREMENT BY 1 START WITH 1;
CREATE OR REPLACE TRIGGER tfiles_repo_inc BEFORE INSERT ON tfiles_repo REFERENCING NEW AS NEW FOR EACH ROW BEGIN SELECT tfiles_repo_s.nextval INTO :NEW.ID FROM dual; END;;
CREATE TABLE IF NOT EXISTS tfiles_repo_group (id NUMBER(10, 0) NOT NULL PRIMARY KEY, id_file NUMBER(5, 0) NOT NULL REFERENCES tfiles_repo(id) ON DELETE CASCADE, id_group NUMBER(4, 0) NOT NULL);

4
pandora_console/extensions/files_repo/sql/files_repo.postgreSQL.sql
View File

@ -1,2 +1,2 @@
CREATE TABLE IF NOT EXISTS "tfiles_repo" ("id" SERIAL NOT NULL PRIMARY KEY, "name" VARCHAR(255) NOT NULL, "description" VARCHAR(500) NULL default '');
CREATE TABLE IF NOT EXISTS "tfiles_repo_group" ("id" SERIAL NOT NULL PRIMARY KEY, "id_file" INTEGER NOT NULL REFERENCES tfiles_repo("id") ON DELETE CASCADE, "id_group" INTEGER NOT NULL);
CREATE TABLE IF NOT EXISTS "tfiles_repo" ("id" SERIAL NOT NULL PRIMARY KEY, "name" VARCHAR(255) NOT NULL, "description" VARCHAR(500) NULL default '', "hash" VARCHAR(8) NULL default '');
CREATE TABLE IF NOT EXISTS "tfiles_repo_group" ("id" SERIAL NOT NULL PRIMARY KEY, "id_file" INTEGER NOT NULL REFERENCES tfiles_repo("id") ON DELETE CASCADE, "id_group" INTEGER NOT NULL);

2
pandora_console/extensions/files_repo/sql/files_repo.sql
View File

@ -1,2 +1,2 @@
CREATE TABLE IF NOT EXISTS `tfiles_repo` (`id` int(5) unsigned NOT NULL auto_increment, `name` varchar(255) NOT NULL, `description` varchar(500) NULL default '', PRIMARY KEY (`id`)) ENGINE=InnoDB DEFAULT CHARSET=utf8;
CREATE TABLE IF NOT EXISTS `tfiles_repo` (`id` int(5) unsigned NOT NULL auto_increment, `name` varchar(255) NOT NULL, `description` varchar(500) NULL default '', `hash` varchar(8) NULL default '', PRIMARY KEY (`id`)) ENGINE=InnoDB DEFAULT CHARSET=utf8;
CREATE TABLE IF NOT EXISTS `tfiles_repo_group` (`id` int(10) unsigned NOT NULL auto_increment, `id_file` int(5) unsigned NOT NULL, `id_group` int(4) unsigned NOT NULL, PRIMARY KEY (`id`), FOREIGN KEY (`id_file`) REFERENCES tfiles_repo(`id`) ON DELETE CASCADE) ENGINE=InnoDB DEFAULT CHARSET=utf8;