1: <?php
  2: 
  3: /**
  4:  * This file contains the DBFS collection and item class.
  5:  *
  6:  * @package Core
  7:  * @subpackage GenericDB_Model
  8:  * @author Murat Purc <murat@purc.de>
  9:  * @copyright four for business AG <www.4fb.de>
 10:  * @license http://www.contenido.org/license/LIZENZ.txt
 11:  * @link http://www.4fb.de
 12:  * @link http://www.contenido.org
 13:  */
 14: 
 15: defined('CON_FRAMEWORK') || die('Illegal call: Missing framework initialization - request aborted.');
 16: 
 17: cInclude('includes', 'functions.file.php');
 18: 
 19: /**
 20:  * DFFS item collection
 21:  *
 22:  * @package Core
 23:  * @subpackage GenericDB_Model
 24:  */
 25: class cApiDbfsCollection extends ItemCollection {
 26:     /**
 27:      * Constructor to create an instance of this class.
 28:      *
 29:      * @throws cInvalidArgumentException
 30:      */
 31:     public function __construct() {
 32:         global $cfg;
 33:         parent::__construct($cfg['tab']['dbfs'], 'iddbfs');
 34:         $this->_setItemClass('cApiDbfs');
 35: 
 36:         // set the join partners so that joins can be used via link() method
 37:         $this->_setJoinPartner('cApiClientCollection');
 38:     }
 39: 
 40:     /**
 41:      * Outputs dbfs file related by it's path property
 42:      *
 43:      * @param string $path
 44:      *
 45:      * @throws cDbException
 46:      * @throws cException
 47:      */
 48:     public function outputFile($path) {
 49:         global $cfg, $client, $auth;
 50: 
 51:         $path = $this->escape($path);
 52:         $client = (int) $client;
 53:         $path = cApiDbfs::stripPath($path);
 54:         $dir = dirname($path);
 55:         $file = basename($path);
 56: 
 57:         if ($dir == '.') {
 58:             $dir = '';
 59:         }
 60: 
 61:         $this->select("dirname = '" . $dir . "' AND filename = '" . $file . "' AND idclient = " . $client . " LIMIT 1");
 62: 
 63:         if (($item = $this->next()) !== false) {
 64:             $properties = new cApiPropertyCollection();
 65:             // Check if we're allowed to access it
 66:             $protocol = cApiDbfs::PROTOCOL_DBFS;
 67: 
 68:             if ($properties->getValue('upload', $protocol . $dir . '/' . $file, 'file', 'protected') == '1') {
 69:                 if ($auth->auth['uid'] == 'nobody') {
 70:                     header('HTTP/1.0 403 Forbidden');
 71:                     return;
 72:                 }
 73:             }
 74:             $mimetype = $item->get('mimetype');
 75: 
 76:             header('Cache-Control: '); // leave blank to avoid IE errors
 77:             header('Pragma: '); // leave blank to avoid IE errors
 78:             header("Content-Type: $mimetype");
 79:             header('Etag: ' . md5(mt_rand()));
 80: 
 81:             // Check, if output of Content-Disposition header should be skipped
 82:             // for the mimetype
 83:             $contentDispositionHeader = true;
 84:             foreach ($cfg['dbfs']['skip_content_disposition_header_for_mimetypes'] as $mt) {
 85:                 if (cString::toLowerCase($mt) == cString::toLowerCase($mimetype)) {
 86:                     $contentDispositionHeader = false;
 87:                     break;
 88:                 }
 89:             }
 90:             if ($contentDispositionHeader) {
 91:                 header('Content-Disposition: attachment; filename=' . $file);
 92:             }
 93: 
 94:             echo $item->get('content');
 95:         }
 96:     }
 97: 
 98:     /**
 99:      * Writes physical existing file into dbfs
100:      *
101:      * @param string $localfile
102:      * @param string $targetfile
103:      *
104:      * @throws cDbException
105:      * @throws cException
106:      * @throws cInvalidArgumentException
107:      */
108:     public function writeFromFile($localfile, $targetfile) {
109:         $targetfile = cApiDbfs::stripPath($targetfile);
110:         $stat = cFileHandler::info($localfile);
111:         $mimetype = $stat['mime'];
112: 
113:         $this->write($targetfile, cFileHandler::read($localfile), $mimetype);
114:     }
115: 
116:     /**
117:      * Writes dbfs file into phsical file system
118:      *
119:      * @param string $sourcefile
120:      * @param string $localfile
121:      *
122:      * @throws cDbException
123:      * @throws cException
124:      * @throws cInvalidArgumentException
125:      */
126:     public function writeToFile($sourcefile, $localfile) {
127:         $sourcefile = cApiDbfs::stripPath($sourcefile);
128: 
129:         cFileHandler::write($localfile, $this->read($sourcefile));
130:     }
131: 
132:     /**
133:      * Writes dbfs file, creates if if not exists.
134:      *
135:      * @param string $file
136:      * @param string $content  [optional]
137:      * @param string $mimetype [optional]
138:      * @throws cDbException
139:      * @throws cException
140:      * @throws cInvalidArgumentException
141:      */
142:     public function write($file, $content = '', $mimetype = '') {
143:         $file = cApiDbfs::stripPath($file);
144: 
145:         if (!$this->fileExists($file)) {
146:             $this->create($file, $mimetype);
147:         }
148:         $this->setContent($file, $content);
149:     }
150: 
151:     /**
152:      * Checks if passed dbfs path has any files.
153:      *
154:      * @param string $path
155:      * @return bool
156:      * @throws cDbException
157:      * @global int   $client
158:      */
159:     public function hasFiles($path) {
160:         global $client;
161: 
162:         $path = cApiDbfs::stripPath($path);
163:         $client = (int) $client;
164: 
165:         // Are there any subdirs?
166:         $this->select("dirname LIKE '" . $path . "/%' AND idclient = " . $client . " LIMIT 1");
167:         if ($this->count() > 0) {
168:             return true;
169:         }
170: 
171:         $this->select("dirname LIKE '" . $path . "%' AND idclient = " . $client . " LIMIT 2");
172:         if ($this->count() > 1) {
173:             return true;
174:         } else {
175:             return false;
176:         }
177:     }
178: 
179:     /**
180:      * Reads content from dbfs file.
181:      *
182:      * @param string $file
183:      * @return string
184:      * @throws cDbException
185:      * @throws cException
186:      */
187:     public function read($file) {
188:         return $this->getContent($file);
189:     }
190: 
191:     /**
192:      * Checks, if a dbfs file exists.
193:      *
194:      * @param string $path
195:      * @return bool
196:      * @throws cDbException
197:      * @throws cException
198:      * @global int   $client
199:      */
200:     public function fileExists($path) {
201:         global $client;
202: 
203:         $path = cApiDbfs::stripPath($path);
204:         $dir = dirname($path);
205:         $file = basename($path);
206: 
207:         if ($dir == '.') {
208:             $dir = '';
209:         }
210: 
211:         $client = (int) $client;
212: 
213:         $this->select("dirname = '" . $dir . "' AND filename = '" . $file . "' AND idclient = " . $client . " LIMIT 1");
214:         if ($this->next()) {
215:             return true;
216:         } else {
217:             return false;
218:         }
219:     }
220: 
221:     /**
222:      * Checks, if a dbfs directory exists.
223:      *
224:      * @param string $path
225:      * @return bool
226:      * @throws cDbException
227:      * @throws cException
228:      * @global int   $client
229:      */
230:     public function dirExists($path) {
231:         global $client;
232: 
233:         $path = cApiDbfs::stripPath($path);
234: 
235:         if ($path == '') {
236:             return true;
237:         }
238: 
239:         $client = (int) $client;
240: 
241:         $this->select("dirname = '" . $path . "' AND filename = '.' AND idclient = " . $client . " LIMIT 1");
242:         if ($this->next()) {
243:             return true;
244:         } else {
245:             return false;
246:         }
247:     }
248: 
249:     /**
250:      *
251:      * @param string $path
252:      * @return string
253:      */
254:     public function parentDir($path) {
255:         $path = dirname($path);
256: 
257:         return $path;
258:     }
259: 
260:     /**
261:      * Creates a dbfs item entry
262:      * @param string $path
263:      * @param string $mimetype [optional]
264:      * @param string $content  [optional]
265:      * @return cApiDbfs|false
266:      * @throws cDbException
267:      * @throws cException
268:      * @throws cInvalidArgumentException
269:      */
270:     public function create($path, $mimetype = '', $content = '') {
271:         global $client, $auth;
272: 
273:         $client = (int) $client;
274:         $item = false;
275: 
276:         if (cString::getPartOfString($path, 0, 1) == '/') {
277:             $path = cString::getPartOfString($path, 1);
278:         }
279: 
280:         $dir = dirname($path);
281:         $file = basename($path);
282: 
283:         if ($dir == '.') {
284:             $dir = '';
285:         }
286: 
287:         if ($file == '') {
288:             return $item;
289:         }
290: 
291:         if ($file != '.') {
292:             if ($dir != '') {
293:                 // Check if the directory exists. If not, create it.
294:                 $this->select("dirname = '" . $dir . "' AND filename = '.' AND idclient = " . $client . " LIMIT 1");
295:                 if (!$this->next()) {
296:                     $this->create($dir . '/.');
297:                 }
298:             }
299:         } else {
300:             $parent = $this->parentDir($dir);
301: 
302:             if ($parent != '.') {
303:                 if (!$this->dirExists($parent)) {
304:                     $this->create($parent . '/.');
305:                 }
306:             }
307:         }
308: 
309:         if ($dir && !$this->dirExists($dir) || $file != '.') {
310:             $item = $this->createNewItem();
311:             $item->set('idclient', $client);
312:             $item->set('dirname', $dir);
313:             $item->set('filename', $file);
314:             $item->set('size', cString::getStringLength($content));
315: 
316:             if ($mimetype != '') {
317:                 $item->set('mimetype', $mimetype);
318:             }
319: 
320:             $item->set('content', $content);
321:             $item->set('created', date('Y-m-d H:i:s'), false);
322:             $item->set('author', $auth->auth['uid']);
323:             $item->store();
324:         }
325: 
326:         return $item;
327:     }
328: 
329:     /**
330:      *
331:      * @param string $path
332:      * @param string $content
333:      * @throws cDbException
334:      * @throws cException
335:      * @throws cInvalidArgumentException
336:      */
337:     public function setContent($path, $content) {
338:         global $client;
339: 
340:         $client = (int) $client;
341:         $path = cApiDbfs::stripPath($path);
342:         $dirname = dirname($path);
343:         $filename = basename($path);
344: 
345:         if ($dirname == '.') {
346:             $dirname = '';
347:         }
348: 
349:         $this->select("dirname = '" . $dirname . "' AND filename = '" . $filename . "' AND idclient = " . $client . " LIMIT 1");
350:         if (($item = $this->next()) !== false) {
351:             $item->set('content', $content);
352:             $item->set('size', cString::getStringLength($content));
353:             $item->store();
354:         }
355:     }
356: 
357:     /**
358:      *
359:      * @param string $path
360:      * @return int
361:      * @throws cDbException
362:      * @throws cException
363:      */
364:     public function getSize($path) {
365:         global $client;
366: 
367:         $client = (int) $client;
368:         $path = cApiDbfs::stripPath($path);
369:         $dirname = dirname($path);
370:         $filename = basename($path);
371: 
372:         if ($dirname == '.') {
373:             $dirname = '';
374:         }
375: 
376:         $this->select("dirname = '" . $dirname . "' AND filename = '" . $filename . "' AND idclient = " . $client . " LIMIT 1");
377:         if (($item = $this->next()) !== false) {
378:             return $item->get('size');
379:         }
380:         
381:         return 0;
382:     }
383: 
384:     /**
385:      *
386:      * @param string $path
387:      * @return Ambigous <mixed, bool>
388:      * @throws cDbException
389:      * @throws cException
390:      */
391:     public function getContent($path) {
392:         global $client;
393: 
394:         $client = (int) $client;
395:         $dirname = dirname($path);
396:         $filename = basename($path);
397: 
398:         if ($dirname == '.') {
399:             $dirname = '';
400:         }
401: 
402:         $this->select("dirname = '" . $dirname . "' AND filename = '" . $filename . "' AND idclient = " . $client . " LIMIT 1");
403:         if (($item = $this->next()) !== false) {
404:             return $item->get("content");
405:         }
406:     }
407: 
408:     /**
409:      *
410:      * @param string $path
411:      *
412:      * @throws cDbException
413:      * @throws cException
414:      * @throws cInvalidArgumentException
415:      */
416:     public function remove($path) {
417:         global $client;
418: 
419:         $client = (int) $client;
420:         $path = cApiDbfs::stripPath($path);
421:         $dirname = dirname($path);
422:         $filename = basename($path);
423: 
424:         if ($dirname == '.') {
425:             $dirname = '';
426:         }
427: 
428:         $this->select("dirname = '" . $dirname . "' AND filename = '" . $filename . "' AND idclient = " . $client . " LIMIT 1");
429:         if (($item = $this->next()) !== false) {
430:             $this->delete($item->get('iddbfs'));
431:         }
432:     }
433: 
434:     /**
435:      * Checks if time management is activated and if yes then check if file is
436:      * in period
437:      *
438:      * @param string                 $sPath
439:      * @param cApiPropertyCollection $oProperties
440:      *
441:      * @return bool $bAvailable
442:      *              
443:      * @throws cDbException
444:      * @throws cException
445:      */
446:     public function checkTimeManagement($sPath, $oProperties) {
447:         global $contenido;
448:         if ($contenido) {
449:             return true;
450:         }
451:         $sPath = cSecurity::toString($sPath);
452:         $bAvailable = true;
453:         $iTimeMng = cSecurity::toInteger($oProperties->getValue('upload', $sPath, 'file', 'timemgmt'));
454:         if ($iTimeMng == 0) {
455:             return true;
456:         }
457:         $sStartDate = $oProperties->getValue('upload', $sPath, 'file', 'datestart');
458:         $sEndDate = $oProperties->getValue('upload', $sPath, 'file', 'dateend');
459: 
460:         $iNow = time();
461: 
462:         if ($iNow < $this->dateToTimestamp($sStartDate) || ($iNow > $this->dateToTimestamp($sEndDate) && (int) $this->dateToTimestamp($sEndDate) > 0)) {
463: 
464:             return false;
465:         }
466:         return $bAvailable;
467:     }
468: 
469:     /**
470:      * converts date to timestamp:
471:      *
472:      * @param string $sDate
473:      * @return int $iTimestamp
474:      */
475:     public function dateToTimestamp($sDate) {
476:         return strtotime($sDate);
477:     }
478: }
479: 
480: /**
481:  * DBFS item
482:  *
483:  * @package Core
484:  * @subpackage GenericDB_Model
485:  */
486: class cApiDbfs extends Item {
487: 
488:     /**
489:      * DBFS protocol
490:      *
491:      * @var string
492:      */
493:     const PROTOCOL_DBFS = 'dbfs:';
494: 
495:     /**
496:      * Constructor to create an instance of this class.
497:      *
498:      * @param mixed $mId [optional]
499:      *                   Specifies the ID of item to load
500:      *
501:      * @throws cDbException
502:      * @throws cException
503:      */
504:     public function __construct($mId = false) {
505:         global $cfg;
506:         parent::__construct($cfg['tab']['dbfs'], 'iddbfs');
507:         if ($mId !== false) {
508:             $this->loadByPrimaryKey($mId);
509:         }
510:     }
511: 
512:     /**
513:      * Stores the loaded and modified item to the database.
514:      * The properties "modified" & "modifiedby" are set automatically.
515:      *
516:      * @see Item::store()
517:      * @return bool
518:      */
519:     public function store() {
520:         global $auth;
521: 
522:         $this->set('modified', date('Y-m-d H:i:s'), false);
523:         $this->set('modifiedby', $auth->auth['uid']);
524: 
525:         return parent::store();
526:     }
527: 
528:     /**
529:      * Sets the value of a specific field.
530:      * Ensures to bypass any set inFilter for 'content' field which is a blob.
531:      *
532:      * @param string $sField
533:      *         Field name
534:      * @param string $mValue
535:      *         Value to set
536:      * @param bool $bSafe [optional]
537:      *         Flag to run defined inFilter on passed value
538:      * @return bool
539:      */
540:     public function setField($sField, $mValue, $bSafe = true) {
541:         if ('content' === $sField) {
542:             // Disable always filter for field 'content'
543:             return parent::setField($sField, $mValue, false);
544:         } else {
545:             return parent::setField($sField, $mValue, $bSafe);
546:         }
547:     }
548: 
549:     /**
550:      * User defined value getter for cApiDbfs.
551:      * Ensures to bypass any set outFilter for 'content' field which is a blob.
552:      *
553:      * @param string $sField
554:      *         Specifies the field to retrieve
555:      * @param bool $bSafe [optional]
556:      *         Flag to run defined outFilter on passed value
557:      * @return mixed
558:      *         Value of the field
559:      */
560:     public function getField($sField, $bSafe = true) {
561:         if ('content' === $sField) {
562:             // Disable always filter for field 'content'
563:             return parent::getField($sField, false);
564:         } else {
565:             return parent::getField($sField, $bSafe);
566:         }
567:     }
568: 
569:     /**
570:      * Removes the DBFS protocol and leading '/' from received path.
571:      *
572:      * @param string $path
573:      * @return string
574:      */
575:     public static function stripPath($path) {
576:         $path = self::stripProtocol($path);
577:         if (cString::getPartOfString($path, 0, 1) == '/') {
578:             $path = cString::getPartOfString($path, 1);
579:         }
580:         return $path;
581:     }
582: 
583:     /**
584:      * Removes the DBFS protocol received path.
585:      *
586:      * @param string $path
587:      * @return string
588:      */
589:     public static function stripProtocol($path) {
590:         if (self::isDbfs($path)) {
591:             $path = cString::getPartOfString($path, cString::getStringLength(cApiDbfs::PROTOCOL_DBFS));
592:         }
593:         return $path;
594:     }
595: 
596:     /**
597:      * Checks if passed file id a DBFS
598:      *
599:      * @param string $file
600:      * @return bool
601:      */
602:     public static function isDbfs($file) {
603:         return cString::getPartOfString($file, 0, 5) == self::PROTOCOL_DBFS;
604:     }
605: }
606: