1: <?php
  2: 
  3: /**
  4:  * This file contains the DBFS collection and item class.
  5:  *
  6:  * @package Core
  7:  * @subpackage GenericDB_Model
  8:  * @author Murat Purc <murat@purc.de>
  9:  * @copyright four for business AG <www.4fb.de>
 10:  * @license http://www.contenido.org/license/LIZENZ.txt
 11:  * @link http://www.4fb.de
 12:  * @link http://www.contenido.org
 13:  */
 14: 
 15: defined('CON_FRAMEWORK') || die('Illegal call: Missing framework initialization - request aborted.');
 16: 
 17: cInclude('includes', 'functions.file.php');
 18: 
 19: /**
 20:  * DFFS item collection
 21:  *
 22:  * @package Core
 23:  * @subpackage GenericDB_Model
 24:  */
 25: class cApiDbfsCollection extends ItemCollection {
 26: 
 27:     /**
 28:      * Constructor Function
 29:      */
 30:     public function __construct() {
 31:         global $cfg;
 32:         parent::__construct($cfg['tab']['dbfs'], 'iddbfs');
 33:         $this->_setItemClass('cApiDbfs');
 34: 
 35:         // set the join partners so that joins can be used via link() method
 36:         $this->_setJoinPartner('cApiClientCollection');
 37:     }
 38: 
 39:     /**
 40:      * Outputs dbfs file related by it's path property
 41:      *
 42:      * @param string $path
 43:      */
 44:     public function outputFile($path) {
 45:         global $cfg, $client, $auth;
 46: 
 47:         $path = $this->escape($path);
 48:         $client = (int) $client;
 49:         $path = cApiDbfs::stripPath($path);
 50:         $dir = dirname($path);
 51:         $file = basename($path);
 52: 
 53:         if ($dir == '.') {
 54:             $dir = '';
 55:         }
 56: 
 57:         $this->select("dirname = '" . $dir . "' AND filename = '" . $file . "' AND idclient = " . $client . " LIMIT 1");
 58: 
 59:         if (($item = $this->next()) !== false) {
 60:             $properties = new cApiPropertyCollection();
 61:             // Check if we're allowed to access it
 62:             $protocol = cApiDbfs::PROTOCOL_DBFS;
 63: 
 64:             if ($properties->getValue('upload', $protocol . $dir . '/' . $file, 'file', 'protected') == '1') {
 65:                 if ($auth->auth['uid'] == 'nobody') {
 66:                     header('HTTP/1.0 403 Forbidden');
 67:                     return;
 68:                 }
 69:             }
 70:             $mimetype = $item->get('mimetype');
 71: 
 72:             header('Cache-Control: '); // leave blank to avoid IE errors
 73:             header('Pragma: '); // leave blank to avoid IE errors
 74:             header("Content-Type: $mimetype");
 75:             header('Etag: ' . md5(mt_rand()));
 76: 
 77:             // Check, if output of Content-Disposition header should be skipped
 78:             // for the mimetype
 79:             $contentDispositionHeader = true;
 80:             foreach ($cfg['dbfs']['skip_content_disposition_header_for_mimetypes'] as $mt) {
 81:                 if (strtolower($mt) == strtolower($mimetype)) {
 82:                     $contentDispositionHeader = false;
 83:                     break;
 84:                 }
 85:             }
 86:             if ($contentDispositionHeader) {
 87:                 header('Content-Disposition: attachment; filename=' . $file);
 88:             }
 89: 
 90:             echo $item->get('content');
 91:         }
 92:     }
 93: 
 94:     /**
 95:      * Writes physical existing file into dbfs
 96:      *
 97:      * @param string $localfile
 98:      * @param string $targetfile
 99:      */
100:     public function writeFromFile($localfile, $targetfile) {
101:         $targetfile = cApiDbfs::stripPath($targetfile);
102:         $stat = cFileHandler::info($localfile);
103:         $mimetype = $stat['mime'];
104: 
105:         $this->write($targetfile, cFileHandler::read($localfile), $mimetype);
106:     }
107: 
108:     /**
109:      * Writes dbfs file into phsical file system
110:      *
111:      * @param string $sourcefile
112:      * @param string $localfile
113:      */
114:     public function writeToFile($sourcefile, $localfile) {
115:         $sourcefile = cApiDbfs::stripPath($sourcefile);
116: 
117:         cFileHandler::write($localfile, $this->read($sourcefile));
118:     }
119: 
120:     /**
121:      * Writes dbfs file, creates if if not exists.
122:      *
123:      * @param string $file
124:      * @param string $content [optional]
125:      * @param string $mimetype [optional]
126:      */
127:     public function write($file, $content = '', $mimetype = '') {
128:         $file = cApiDbfs::stripPath($file);
129: 
130:         if (!$this->fileExists($file)) {
131:             $this->create($file, $mimetype);
132:         }
133:         $this->setContent($file, $content);
134:     }
135: 
136:     /**
137:      * Checks if passed dbfs path has any files.
138:      *
139:      * @global int $client
140:      * @param string $path
141:      * @return bool
142:      */
143:     public function hasFiles($path) {
144:         global $client;
145: 
146:         $path = cApiDbfs::stripPath($path);
147:         $client = (int) $client;
148: 
149:         // Are there any subdirs?
150:         $this->select("dirname LIKE '" . $path . "/%' AND idclient = " . $client . " LIMIT 1");
151:         if ($this->count() > 0) {
152:             return true;
153:         }
154: 
155:         $this->select("dirname LIKE '" . $path . "%' AND idclient = " . $client . " LIMIT 2");
156:         if ($this->count() > 1) {
157:             return true;
158:         } else {
159:             return false;
160:         }
161:     }
162: 
163:     /**
164:      * Reads content from dbfs file.
165:      *
166:      * @param string $file
167:      * @return string
168:      */
169:     public function read($file) {
170:         return $this->getContent($file);
171:     }
172: 
173:     /**
174:      * Checks, if a dbfs file exists.
175:      *
176:      * @global int $client
177:      * @param string $path
178:      * @return bool
179:      */
180:     public function fileExists($path) {
181:         global $client;
182: 
183:         $path = cApiDbfs::stripPath($path);
184:         $dir = dirname($path);
185:         $file = basename($path);
186: 
187:         if ($dir == '.') {
188:             $dir = '';
189:         }
190: 
191:         $client = (int) $client;
192: 
193:         $this->select("dirname = '" . $dir . "' AND filename = '" . $file . "' AND idclient = " . $client . " LIMIT 1");
194:         if ($this->next()) {
195:             return true;
196:         } else {
197:             return false;
198:         }
199:     }
200: 
201:     /**
202:      * Checks, if a dbfs directory exists.
203:      *
204:      * @global int $client
205:      * @param string $path
206:      * @return bool
207:      */
208:     public function dirExists($path) {
209:         global $client;
210: 
211:         $path = cApiDbfs::stripPath($path);
212: 
213:         if ($path == '') {
214:             return true;
215:         }
216: 
217:         $client = (int) $client;
218: 
219:         $this->select("dirname = '" . $path . "' AND filename = '.' AND idclient = " . $client . " LIMIT 1");
220:         if ($this->next()) {
221:             return true;
222:         } else {
223:             return false;
224:         }
225:     }
226: 
227:     /**
228:      *
229:      * @param string $path
230:      * @return string
231:      */
232:     public function parentDir($path) {
233:         $path = dirname($path);
234: 
235:         return $path;
236:     }
237: 
238:     /**
239:      * Creates a dbfs item entry
240:      * @param string $path
241:      * @param string $mimetype [optional]
242:      * @param string $content [optional]
243:      * @return cApiDbfs|false
244:      */
245:     public function create($path, $mimetype = '', $content = '') {
246:         global $client, $auth;
247: 
248:         $client = (int) $client;
249:         $item = false;
250: 
251:         if (substr($path, 0, 1) == '/') {
252:             $path = substr($path, 1);
253:         }
254: 
255:         $dir = dirname($path);
256:         $file = basename($path);
257: 
258:         if ($dir == '.') {
259:             $dir = '';
260:         }
261: 
262:         if ($file == '') {
263:             return $item;
264:         }
265: 
266:         if ($file != '.') {
267:             if ($dir != '') {
268:                 // Check if the directory exists. If not, create it.
269:                 $this->select("dirname = '" . $dir . "' AND filename = '.' AND idclient = " . $client . " LIMIT 1");
270:                 if (!$this->next()) {
271:                     $this->create($dir . '/.');
272:                 }
273:             }
274:         } else {
275:             $parent = $this->parentDir($dir);
276: 
277:             if ($parent != '.') {
278:                 if (!$this->dirExists($parent)) {
279:                     $this->create($parent . '/.');
280:                 }
281:             }
282:         }
283: 
284:         if ($dir && !$this->dirExists($dir) || $file != '.') {
285:             $item = $this->createNewItem();
286:             $item->set('idclient', $client);
287:             $item->set('dirname', $dir);
288:             $item->set('filename', $file);
289:             $item->set('size', strlen($content));
290: 
291:             if ($mimetype != '') {
292:                 $item->set('mimetype', $mimetype);
293:             }
294: 
295:             $item->set('content', $content);
296:             $item->set('created', date('Y-m-d H:i:s'), false);
297:             $item->set('author', $auth->auth['uid']);
298:             $item->store();
299:         }
300: 
301:         return $item;
302:     }
303: 
304:     /**
305:      *
306:      * @param string $path
307:      * @param string $content
308:      */
309:     public function setContent($path, $content) {
310:         global $client;
311: 
312:         $client = (int) $client;
313:         $path = cApiDbfs::stripPath($path);
314:         $dirname = dirname($path);
315:         $filename = basename($path);
316: 
317:         if ($dirname == '.') {
318:             $dirname = '';
319:         }
320: 
321:         $this->select("dirname = '" . $dirname . "' AND filename = '" . $filename . "' AND idclient = " . $client . " LIMIT 1");
322:         if (($item = $this->next()) !== false) {
323:             $item->set('content', $content);
324:             $item->set('size', strlen($content));
325:             $item->store();
326:         }
327:     }
328: 
329:     /**
330:      *
331:      * @param string $path
332:      * @return Ambigous <mixed, bool>
333:      */
334:     public function getSize($path) {
335:         global $client;
336: 
337:         $client = (int) $client;
338:         $path = cApiDbfs::stripPath($path);
339:         $dirname = dirname($path);
340:         $filename = basename($path);
341: 
342:         if ($dirname == '.') {
343:             $dirname = '';
344:         }
345: 
346:         $this->select("dirname = '" . $dirname . "' AND filename = '" . $filename . "' AND idclient = " . $client . " LIMIT 1");
347:         if (($item = $this->next()) !== false) {
348:             return $item->get('size');
349:         }
350:     }
351: 
352:     /**
353:      *
354:      * @param string $path
355:      * @return Ambigous <mixed, bool>
356:      */
357:     public function getContent($path) {
358:         global $client;
359: 
360:         $client = (int) $client;
361:         $dirname = dirname($path);
362:         $filename = basename($path);
363: 
364:         if ($dirname == '.') {
365:             $dirname = '';
366:         }
367: 
368:         $this->select("dirname = '" . $dirname . "' AND filename = '" . $filename . "' AND idclient = " . $client . " LIMIT 1");
369:         if (($item = $this->next()) !== false) {
370:             return $item->get("content");
371:         }
372:     }
373: 
374:     /**
375:      *
376:      * @param string $path
377:      */
378:     public function remove($path) {
379:         global $client;
380: 
381:         $client = (int) $client;
382:         $path = cApiDbfs::stripPath($path);
383:         $dirname = dirname($path);
384:         $filename = basename($path);
385: 
386:         if ($dirname == '.') {
387:             $dirname = '';
388:         }
389: 
390:         $this->select("dirname = '" . $dirname . "' AND filename = '" . $filename . "' AND idclient = " . $client . " LIMIT 1");
391:         if (($item = $this->next()) !== false) {
392:             $this->delete($item->get('iddbfs'));
393:         }
394:     }
395: 
396:     /**
397:      * Checks if time management is activated and if yes then check if file is
398:      * in period
399:      *
400:      * @param string $sPath
401:      * @param cApiPropertyCollection $oProperties
402:      * @return bool $bAvailable
403:      */
404:     public function checkTimeManagement($sPath, $oProperties) {
405:         global $contenido;
406:         if ($contenido) {
407:             return true;
408:         }
409:         $sPath = cSecurity::toString($sPath);
410:         $bAvailable = true;
411:         $iTimeMng = cSecurity::toInteger($oProperties->getValue('upload', $sPath, 'file', 'timemgmt'));
412:         if ($iTimeMng == 0) {
413:             return true;
414:         }
415:         $sStartDate = $oProperties->getValue('upload', $sPath, 'file', 'datestart');
416:         $sEndDate = $oProperties->getValue('upload', $sPath, 'file', 'dateend');
417: 
418:         $iNow = time();
419: 
420:         if ($iNow < $this->dateToTimestamp($sStartDate) || ($iNow > $this->dateToTimestamp($sEndDate) && (int) $this->dateToTimestamp($sEndDate) > 0)) {
421: 
422:             return false;
423:         }
424:         return $bAvailable;
425:     }
426: 
427:     /**
428:      * converts date to timestamp:
429:      *
430:      * @param string $sDate
431:      * @return int $iTimestamp
432:      */
433:     public function dateToTimestamp($sDate) {
434:         return strtotime($sDate);
435:     }
436: }
437: 
438: /**
439:  * DBFS item
440:  *
441:  * @package Core
442:  * @subpackage GenericDB_Model
443:  */
444: class cApiDbfs extends Item {
445: 
446:     /**
447:      * DBFS protocol
448:      *
449:      * @var string
450:      */
451:     const PROTOCOL_DBFS = 'dbfs:';
452: 
453:     /**
454:      * Constructor Function
455:      *
456:      * @param mixed $mId [optional]
457:      *         Specifies the ID of item to load
458:      */
459:     public function __construct($mId = false) {
460:         global $cfg;
461:         parent::__construct($cfg['tab']['dbfs'], 'iddbfs');
462:         if ($mId !== false) {
463:             $this->loadByPrimaryKey($mId);
464:         }
465:     }
466: 
467:     /**
468:      * Stores the loaded and modified item to the database.
469:      * The properties "modified" & "modifiedby" are set automatically.
470:      *
471:      * @see Item::store()
472:      * @return bool
473:      */
474:     public function store() {
475:         global $auth;
476: 
477:         $this->set('modified', date('Y-m-d H:i:s'), false);
478:         $this->set('modifiedby', $auth->auth['uid']);
479: 
480:         return parent::store();
481:     }
482: 
483:     /**
484:      * Sets the value of a specific field.
485:      * Ensures to bypass any set inFilter for 'content' field which is a blob.
486:      *
487:      * @param string $sField
488:      *         Field name
489:      * @param string $mValue
490:      *         Value to set
491:      * @param bool $bSafe [optional]
492:      *         Flag to run defined inFilter on passed value
493:      * @return bool
494:      */
495:     public function setField($sField, $mValue, $bSafe = true) {
496:         if ('content' === $sField) {
497:             // Disable always filter for field 'content'
498:             return parent::setField($sField, $mValue, false);
499:         } else {
500:             return parent::setField($sField, $mValue, $bSafe);
501:         }
502:     }
503: 
504:     /**
505:      * User defined value getter for cApiDbfs.
506:      * Ensures to bypass any set outFilter for 'content' field which is a blob.
507:      *
508:      * @param string $sField
509:      *         Specifies the field to retrieve
510:      * @param bool $bSafe [optional]
511:      *         Flag to run defined outFilter on passed value
512:      * @return mixed
513:      *         Value of the field
514:      */
515:     public function getField($sField, $bSafe = true) {
516:         if ('content' === $sField) {
517:             // Disable always filter for field 'content'
518:             return parent::getField($sField, false);
519:         } else {
520:             return parent::getField($sField, $bSafe);
521:         }
522:     }
523: 
524:     /**
525:      * Removes the DBFS protocol and leading '/' from received path.
526:      *
527:      * @param string $path
528:      * @return string
529:      */
530:     public static function stripPath($path) {
531:         $path = self::stripProtocol($path);
532:         if (substr($path, 0, 1) == '/') {
533:             $path = substr($path, 1);
534:         }
535:         return $path;
536:     }
537: 
538:     /**
539:      * Removes the DBFS protocol received path.
540:      *
541:      * @param string $path
542:      * @return string
543:      */
544:     public static function stripProtocol($path) {
545:         if (self::isDbfs($path)) {
546:             $path = substr($path, strlen(cApiDbfs::PROTOCOL_DBFS));
547:         }
548:         return $path;
549:     }
550: 
551:     /**
552:      * Checks if passed file id a DBFS
553:      *
554:      * @param string $file
555:      * @return bool
556:      */
557:     public static function isDbfs($file) {
558:         return substr($file, 0, 5) == self::PROTOCOL_DBFS;
559:     }
560: }
561: