1: <?php
  2: 
  3: /**
  4:  * This file contains the DBFS collection and item class.
  5:  *
  6:  * @package Core
  7:  * @subpackage GenericDB_Model
  8:  * @author Murat Purc <murat@purc.de>
  9:  * @copyright four for business AG <www.4fb.de>
 10:  * @license http://www.contenido.org/license/LIZENZ.txt
 11:  * @link http://www.4fb.de
 12:  * @link http://www.contenido.org
 13:  */
 14: 
 15: defined('CON_FRAMEWORK') || die('Illegal call: Missing framework initialization - request aborted.');
 16: 
 17: cInclude('includes', 'functions.file.php');
 18: 
 19: /**
 20:  * DFFS item collection
 21:  *
 22:  * @package Core
 23:  * @subpackage GenericDB_Model
 24:  */
 25: class cApiDbfsCollection extends ItemCollection {
 26: 
 27:     /**
 28:      * Constructor to create an instance of this class.
 29:      */
 30:     public function __construct() {
 31:         global $cfg;
 32:         parent::__construct($cfg['tab']['dbfs'], 'iddbfs');
 33:         $this->_setItemClass('cApiDbfs');
 34: 
 35:         // set the join partners so that joins can be used via link() method
 36:         $this->_setJoinPartner('cApiClientCollection');
 37:     }
 38: 
 39:     /**
 40:      * Outputs dbfs file related by it's path property
 41:      *
 42:      * @param string $path
 43:      */
 44:     public function outputFile($path) {
 45:         global $cfg, $client, $auth;
 46: 
 47:         $path = $this->escape($path);
 48:         $client = (int) $client;
 49:         $path = cApiDbfs::stripPath($path);
 50:         $dir = dirname($path);
 51:         $file = basename($path);
 52: 
 53:         if ($dir == '.') {
 54:             $dir = '';
 55:         }
 56: 
 57:         $this->select("dirname = '" . $dir . "' AND filename = '" . $file . "' AND idclient = " . $client . " LIMIT 1");
 58: 
 59:         if (($item = $this->next()) !== false) {
 60:             $properties = new cApiPropertyCollection();
 61:             // Check if we're allowed to access it
 62:             $protocol = cApiDbfs::PROTOCOL_DBFS;
 63: 
 64:             if ($properties->getValue('upload', $protocol . $dir . '/' . $file, 'file', 'protected') == '1') {
 65:                 if ($auth->auth['uid'] == 'nobody') {
 66:                     header('HTTP/1.0 403 Forbidden');
 67:                     return;
 68:                 }
 69:             }
 70:             $mimetype = $item->get('mimetype');
 71: 
 72:             header('Cache-Control: '); // leave blank to avoid IE errors
 73:             header('Pragma: '); // leave blank to avoid IE errors
 74:             header("Content-Type: $mimetype");
 75:             header('Etag: ' . md5(mt_rand()));
 76: 
 77:             // Check, if output of Content-Disposition header should be skipped
 78:             // for the mimetype
 79:             $contentDispositionHeader = true;
 80:             foreach ($cfg['dbfs']['skip_content_disposition_header_for_mimetypes'] as $mt) {
 81:                 if (strtolower($mt) == strtolower($mimetype)) {
 82:                     $contentDispositionHeader = false;
 83:                     break;
 84:                 }
 85:             }
 86:             if ($contentDispositionHeader) {
 87:                 header('Content-Disposition: attachment; filename=' . $file);
 88:             }
 89: 
 90:             echo $item->get('content');
 91:         }
 92:     }
 93: 
 94:     /**
 95:      * Writes physical existing file into dbfs
 96:      *
 97:      * @param string $localfile
 98:      * @param string $targetfile
 99:      */
100:     public function writeFromFile($localfile, $targetfile) {
101:         $targetfile = cApiDbfs::stripPath($targetfile);
102:         $stat = cFileHandler::info($localfile);
103:         $mimetype = $stat['mime'];
104: 
105:         $this->write($targetfile, cFileHandler::read($localfile), $mimetype);
106:     }
107: 
108:     /**
109:      * Writes dbfs file into phsical file system
110:      *
111:      * @param string $sourcefile
112:      * @param string $localfile
113:      */
114:     public function writeToFile($sourcefile, $localfile) {
115:         $sourcefile = cApiDbfs::stripPath($sourcefile);
116: 
117:         cFileHandler::write($localfile, $this->read($sourcefile));
118:     }
119: 
120:     /**
121:      * Writes dbfs file, creates if if not exists.
122:      *
123:      * @param string $file
124:      * @param string $content [optional]
125:      * @param string $mimetype [optional]
126:      */
127:     public function write($file, $content = '', $mimetype = '') {
128:         $file = cApiDbfs::stripPath($file);
129: 
130:         if (!$this->fileExists($file)) {
131:             $this->create($file, $mimetype);
132:         }
133:         $this->setContent($file, $content);
134:     }
135: 
136:     /**
137:      * Checks if passed dbfs path has any files.
138:      *
139:      * @global int $client
140:      * @param string $path
141:      * @return bool
142:      */
143:     public function hasFiles($path) {
144:         global $client;
145: 
146:         $path = cApiDbfs::stripPath($path);
147:         $client = (int) $client;
148: 
149:         // Are there any subdirs?
150:         $this->select("dirname LIKE '" . $path . "/%' AND idclient = " . $client . " LIMIT 1");
151:         if ($this->count() > 0) {
152:             return true;
153:         }
154: 
155:         $this->select("dirname LIKE '" . $path . "%' AND idclient = " . $client . " LIMIT 2");
156:         if ($this->count() > 1) {
157:             return true;
158:         } else {
159:             return false;
160:         }
161:     }
162: 
163:     /**
164:      * Reads content from dbfs file.
165:      *
166:      * @param string $file
167:      * @return string
168:      */
169:     public function read($file) {
170:         return $this->getContent($file);
171:     }
172: 
173:     /**
174:      * Checks, if a dbfs file exists.
175:      *
176:      * @global int $client
177:      * @param string $path
178:      * @return bool
179:      */
180:     public function fileExists($path) {
181:         global $client;
182: 
183:         $path = cApiDbfs::stripPath($path);
184:         $dir = dirname($path);
185:         $file = basename($path);
186: 
187:         if ($dir == '.') {
188:             $dir = '';
189:         }
190: 
191:         $client = (int) $client;
192: 
193:         $this->select("dirname = '" . $dir . "' AND filename = '" . $file . "' AND idclient = " . $client . " LIMIT 1");
194:         if ($this->next()) {
195:             return true;
196:         } else {
197:             return false;
198:         }
199:     }
200: 
201:     /**
202:      * Checks, if a dbfs directory exists.
203:      *
204:      * @global int $client
205:      * @param string $path
206:      * @return bool
207:      */
208:     public function dirExists($path) {
209:         global $client;
210: 
211:         $path = cApiDbfs::stripPath($path);
212: 
213:         if ($path == '') {
214:             return true;
215:         }
216: 
217:         $client = (int) $client;
218: 
219:         $this->select("dirname = '" . $path . "' AND filename = '.' AND idclient = " . $client . " LIMIT 1");
220:         if ($this->next()) {
221:             return true;
222:         } else {
223:             return false;
224:         }
225:     }
226: 
227:     /**
228:      *
229:      * @param string $path
230:      * @return string
231:      */
232:     public function parentDir($path) {
233:         $path = dirname($path);
234: 
235:         return $path;
236:     }
237: 
238:     /**
239:      * Creates a dbfs item entry
240:      * @param string $path
241:      * @param string $mimetype [optional]
242:      * @param string $content [optional]
243:      * @return cApiDbfs|false
244:      */
245:     public function create($path, $mimetype = '', $content = '') {
246:         global $client, $auth;
247: 
248:         $client = (int) $client;
249:         $item = false;
250: 
251:         if (substr($path, 0, 1) == '/') {
252:             $path = substr($path, 1);
253:         }
254: 
255:         $dir = dirname($path);
256:         $file = basename($path);
257: 
258:         if ($dir == '.') {
259:             $dir = '';
260:         }
261: 
262:         if ($file == '') {
263:             return $item;
264:         }
265: 
266:         if ($file != '.') {
267:             if ($dir != '') {
268:                 // Check if the directory exists. If not, create it.
269:                 $this->select("dirname = '" . $dir . "' AND filename = '.' AND idclient = " . $client . " LIMIT 1");
270:                 if (!$this->next()) {
271:                     $this->create($dir . '/.');
272:                 }
273:             }
274:         } else {
275:             $parent = $this->parentDir($dir);
276: 
277:             if ($parent != '.') {
278:                 if (!$this->dirExists($parent)) {
279:                     $this->create($parent . '/.');
280:                 }
281:             }
282:         }
283: 
284:         if ($dir && !$this->dirExists($dir) || $file != '.') {
285:             $item = $this->createNewItem();
286:             $item->set('idclient', $client);
287:             $item->set('dirname', $dir);
288:             $item->set('filename', $file);
289:             $item->set('size', strlen($content));
290: 
291:             if ($mimetype != '') {
292:                 $item->set('mimetype', $mimetype);
293:             }
294: 
295:             $item->set('content', $content);
296:             $item->set('created', date('Y-m-d H:i:s'), false);
297:             $item->set('author', $auth->auth['uid']);
298:             $item->store();
299:         }
300: 
301:         return $item;
302:     }
303: 
304:     /**
305:      *
306:      * @param string $path
307:      * @param string $content
308:      */
309:     public function setContent($path, $content) {
310:         global $client;
311: 
312:         $client = (int) $client;
313:         $path = cApiDbfs::stripPath($path);
314:         $dirname = dirname($path);
315:         $filename = basename($path);
316: 
317:         if ($dirname == '.') {
318:             $dirname = '';
319:         }
320: 
321:         $this->select("dirname = '" . $dirname . "' AND filename = '" . $filename . "' AND idclient = " . $client . " LIMIT 1");
322:         if (($item = $this->next()) !== false) {
323:             $item->set('content', $content);
324:             $item->set('size', strlen($content));
325:             $item->store();
326:         }
327:     }
328: 
329:     /**
330:      *
331:      * @param string $path
332:      * @return int
333:      */
334:     public function getSize($path) {
335:         global $client;
336: 
337:         $client = (int) $client;
338:         $path = cApiDbfs::stripPath($path);
339:         $dirname = dirname($path);
340:         $filename = basename($path);
341: 
342:         if ($dirname == '.') {
343:             $dirname = '';
344:         }
345: 
346:         $this->select("dirname = '" . $dirname . "' AND filename = '" . $filename . "' AND idclient = " . $client . " LIMIT 1");
347:         if (($item = $this->next()) !== false) {
348:             return $item->get('size');
349:         }
350:         
351:         return 0;
352:     }
353: 
354:     /**
355:      *
356:      * @param string $path
357:      * @return Ambigous <mixed, bool>
358:      */
359:     public function getContent($path) {
360:         global $client;
361: 
362:         $client = (int) $client;
363:         $dirname = dirname($path);
364:         $filename = basename($path);
365: 
366:         if ($dirname == '.') {
367:             $dirname = '';
368:         }
369: 
370:         $this->select("dirname = '" . $dirname . "' AND filename = '" . $filename . "' AND idclient = " . $client . " LIMIT 1");
371:         if (($item = $this->next()) !== false) {
372:             return $item->get("content");
373:         }
374:     }
375: 
376:     /**
377:      *
378:      * @param string $path
379:      */
380:     public function remove($path) {
381:         global $client;
382: 
383:         $client = (int) $client;
384:         $path = cApiDbfs::stripPath($path);
385:         $dirname = dirname($path);
386:         $filename = basename($path);
387: 
388:         if ($dirname == '.') {
389:             $dirname = '';
390:         }
391: 
392:         $this->select("dirname = '" . $dirname . "' AND filename = '" . $filename . "' AND idclient = " . $client . " LIMIT 1");
393:         if (($item = $this->next()) !== false) {
394:             $this->delete($item->get('iddbfs'));
395:         }
396:     }
397: 
398:     /**
399:      * Checks if time management is activated and if yes then check if file is
400:      * in period
401:      *
402:      * @param string $sPath
403:      * @param cApiPropertyCollection $oProperties
404:      * @return bool $bAvailable
405:      */
406:     public function checkTimeManagement($sPath, $oProperties) {
407:         global $contenido;
408:         if ($contenido) {
409:             return true;
410:         }
411:         $sPath = cSecurity::toString($sPath);
412:         $bAvailable = true;
413:         $iTimeMng = cSecurity::toInteger($oProperties->getValue('upload', $sPath, 'file', 'timemgmt'));
414:         if ($iTimeMng == 0) {
415:             return true;
416:         }
417:         $sStartDate = $oProperties->getValue('upload', $sPath, 'file', 'datestart');
418:         $sEndDate = $oProperties->getValue('upload', $sPath, 'file', 'dateend');
419: 
420:         $iNow = time();
421: 
422:         if ($iNow < $this->dateToTimestamp($sStartDate) || ($iNow > $this->dateToTimestamp($sEndDate) && (int) $this->dateToTimestamp($sEndDate) > 0)) {
423: 
424:             return false;
425:         }
426:         return $bAvailable;
427:     }
428: 
429:     /**
430:      * converts date to timestamp:
431:      *
432:      * @param string $sDate
433:      * @return int $iTimestamp
434:      */
435:     public function dateToTimestamp($sDate) {
436:         return strtotime($sDate);
437:     }
438: }
439: 
440: /**
441:  * DBFS item
442:  *
443:  * @package Core
444:  * @subpackage GenericDB_Model
445:  */
446: class cApiDbfs extends Item {
447: 
448:     /**
449:      * DBFS protocol
450:      *
451:      * @var string
452:      */
453:     const PROTOCOL_DBFS = 'dbfs:';
454: 
455:     /**
456:      * Constructor to create an instance of this class.
457:      *
458:      * @param mixed $mId [optional]
459:      *         Specifies the ID of item to load
460:      */
461:     public function __construct($mId = false) {
462:         global $cfg;
463:         parent::__construct($cfg['tab']['dbfs'], 'iddbfs');
464:         if ($mId !== false) {
465:             $this->loadByPrimaryKey($mId);
466:         }
467:     }
468: 
469:     /**
470:      * Stores the loaded and modified item to the database.
471:      * The properties "modified" & "modifiedby" are set automatically.
472:      *
473:      * @see Item::store()
474:      * @return bool
475:      */
476:     public function store() {
477:         global $auth;
478: 
479:         $this->set('modified', date('Y-m-d H:i:s'), false);
480:         $this->set('modifiedby', $auth->auth['uid']);
481: 
482:         return parent::store();
483:     }
484: 
485:     /**
486:      * Sets the value of a specific field.
487:      * Ensures to bypass any set inFilter for 'content' field which is a blob.
488:      *
489:      * @param string $sField
490:      *         Field name
491:      * @param string $mValue
492:      *         Value to set
493:      * @param bool $bSafe [optional]
494:      *         Flag to run defined inFilter on passed value
495:      * @return bool
496:      */
497:     public function setField($sField, $mValue, $bSafe = true) {
498:         if ('content' === $sField) {
499:             // Disable always filter for field 'content'
500:             return parent::setField($sField, $mValue, false);
501:         } else {
502:             return parent::setField($sField, $mValue, $bSafe);
503:         }
504:     }
505: 
506:     /**
507:      * User defined value getter for cApiDbfs.
508:      * Ensures to bypass any set outFilter for 'content' field which is a blob.
509:      *
510:      * @param string $sField
511:      *         Specifies the field to retrieve
512:      * @param bool $bSafe [optional]
513:      *         Flag to run defined outFilter on passed value
514:      * @return mixed
515:      *         Value of the field
516:      */
517:     public function getField($sField, $bSafe = true) {
518:         if ('content' === $sField) {
519:             // Disable always filter for field 'content'
520:             return parent::getField($sField, false);
521:         } else {
522:             return parent::getField($sField, $bSafe);
523:         }
524:     }
525: 
526:     /**
527:      * Removes the DBFS protocol and leading '/' from received path.
528:      *
529:      * @param string $path
530:      * @return string
531:      */
532:     public static function stripPath($path) {
533:         $path = self::stripProtocol($path);
534:         if (substr($path, 0, 1) == '/') {
535:             $path = substr($path, 1);
536:         }
537:         return $path;
538:     }
539: 
540:     /**
541:      * Removes the DBFS protocol received path.
542:      *
543:      * @param string $path
544:      * @return string
545:      */
546:     public static function stripProtocol($path) {
547:         if (self::isDbfs($path)) {
548:             $path = substr($path, strlen(cApiDbfs::PROTOCOL_DBFS));
549:         }
550:         return $path;
551:     }
552: 
553:     /**
554:      * Checks if passed file id a DBFS
555:      *
556:      * @param string $file
557:      * @return bool
558:      */
559:     public static function isDbfs($file) {
560:         return substr($file, 0, 5) == self::PROTOCOL_DBFS;
561:     }
562: }
563: