bachir/popsu-d7
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
popsu-d7/sites/all/modules/swfupload/swfupload.module
Bachir Soussi Chiadmi 1bc61b12ad first import
2015-04-08 11:40:19 +02:00

285 lines
8.8 KiB
Plaintext
Raw Blame History

<?php
// $Id: swfupload.info, v 0.1, 2008/10/13 10:02:46, skilip Exp $
include_once dirname(__FILE__) . '/swfupload_widget.inc';
/**
* @file
*
* A widget for file field which enables multiple file uploads using the SWFUpload library.
*/
/**
* Implements hook_perm().
*/
function swfupload_perm() {
return array('upload files with swfupload');
}
/**
* Implements hook_menu().
*/
function swfupload_menu() {
$items['swfupload'] = array(
'page callback' => 'swfupload_js',
'access callback' => 'swfupload_upload_access',
'type' => MENU_CALLBACK,
'file' => 'swfupload.admin.inc',
);
return $items;
}
/**
* Validate access to the swfuploadpath
*/
function swfupload_upload_access() {
$result = FALSE;
$p = (object) $_POST;
// Validate the request.
if (!empty($p->sid)) {
// $hash_arr[0] is the uid the user wants to athenticate for.
// $hash_arr[1] is the md5-hashed sid of drupals authetication token.
$hash_arr = explode('*', _swfupload_hex2bin($p->sid));
$uid = $hash_arr[0];
$token = $hash_arr[1];
if ($uid == 0) {
// If the uid is 0, there will be no session id.
// We'll check if the hash of the current remote address matches the sent one.
return ($token == md5($_SERVER['REMOTE_ADDR']));
}
// Get all session for the provided user
$result = db_query('SELECT sid FROM {sessions} WHERE uid = :uid', array(':uid' => $uid));
// There is no user with that uid, deny permission.
if ($result == FALSE) {
return FALSE;
}
$valid_sids = array();
// create our hashes we need for verification
foreach ($result as $row) {
$valid_sids[$row->sid] = md5($row->sid);
}
// If the hashed session is is present in the stored hashed session ids from the database,
// and if there weren't more that 5 invalid attempts for matching,
// make the user account global so other modules can use its credentials.
if (in_array($token, $valid_sids) && flood_is_allowed('swfupload_restore_session', 5)) {
// Use the global user, as we are about to store the loaded account object in it.
global $user;
// Now load the global user object to "login". We use the $uid provided, as we verfified
// that the token is correct (and matches this user)
$user = user_load($uid);
// This is needed. Most people forget about this - thats why forms wont work anymore ... the validation fails (token).
session_id(array_search($token, $valid_sids));
// As the user session is restored, check for general rights to use swfupload
return user_access('upload files with swfupload');
}
else {
// Register unwanted attempts to rstore the session.
flood_register_event('swfupload_restore_session');
}
// The sid doesn't exist for this user or its a flood attack
return FALSE;
}
// No session ID is set, we can assume we're still in the same session
return (!empty($p->op) && user_access('upload files with swfupload'));
}
/**
* Implements hook_theme().
*/
function swfupload_theme() {
return array(
'swfupload_widget' => array(
'render element' => 'element',
),
);
}
/**
* Implements hook_elements().
*/
function swfupload_element_info() {
$path = drupal_get_path('module', 'swfupload');
return array(
'swfupload_widget' => array(
'#process' => array('swfupload_widget_process'),
'#value_callback' => 'swfupload_widget_value',
'#input' => TRUE,
'#attached' => array(
'js' => array(
'misc/tabledrag.js' => array('weight' => -10),
$path . '/js/swfupload_widget.js' => array('weight' => 10),
),
'css' => array(
$path . '/swfupload.css',
),
),
'#theme' => 'swfupload_widget',
'#theme_wrappers' => array('form_element'),
),
);
}
/**
* Implements hook_swfupload().
*/
function swfupload_swfupload(&$file, $op, &$instance, $instance_settings) {
switch ($op) {
case 'init':
$columns = 0;
if ($instance_settings->description_field) {
$instance->elements['description'] = $instance->elements['filename'];
$instance->elements['description']['type'] = 'textfield';
$instance->elements['drag']['title'] = t('Description');
unset($instance->elements['filename']);
}
if ($instance_settings->display_field) {
$instance->elements['display'] = array(
'title' => t('Display'),
'type' => 'checkbox',
'default_value' => $instance_settings->display_default,
'class' => 'checkbox',
'contains_progressbar' => TRUE,
'add_separator' => TRUE,
);
$columns++;
}
foreach (array('alt' => t('Alt'), 'title' => t('Title')) as $elem => $title) {
if (!empty($instance_settings->{$elem . '_field'})) {
$instance->elements[$elem] = array(
'title' => $title,
'type' => ($instance_settings->{$elem . '_type'} ? $instance_settings->{$elem . '_type'} : 'textfield'),
'default_value' => $instance_settings->{$elem},
'class' => 'text',
'contains_progressbar' => TRUE,
'add_separator' => TRUE,
);
// Replace tokens.
if (module_exists('token')) {
$instance->elements[$elem]['default_value'] = token_replace($instance->elements[$elem]['default_value']);
}
$columns++;
}
}
if ($columns == 0) {
$instance->elements['progress'] = array(
'type' => 'markup',
'value' => '<span>&nbsp;</span>',
'class' => 'checkbox',
'contains_progressbar' => TRUE,
);
}
unset($instance->elements[$elem]['add_separator']);
break;
case 'move_uploaded_file':
if (isset($_FILES["Filedata"]) && is_uploaded_file($_FILES["Filedata"]["tmp_name"]) && $_FILES["Filedata"]["error"] == 0) {
// Set a message of the type 'swfupload_error' in order to place the message in the progressbar.
drupal_set_message(t('There was an error uploading the file'), 'swfupload_error');
return;
}
$_FILES['files']['name'][$instance->name] = reset($_FILES[$instance->name]['name']);
$_FILES['files']['type'][$instance->name] = reset($_FILES[$instance->name]['type']);
$_FILES['files']['tmp_name'][$instance->name] = reset($_FILES[$instance->name]['tmp_name']);
$_FILES['files']['error'][$instance->name] = reset($_FILES[$instance->name]['error']);
$_FILES['files']['size'][$instance->name] = reset($_FILES[$instance->name]['size']);
// Replace tokens.
if (module_exists('token')) {
$file->file_path = token_replace($file->file_path, 'user');
}
// Check if the file directory exists
file_prepare_directory($file->file_path, FILE_CREATE_DIRECTORY);
if (user_access('upload files with swfupload') && ($file = file_save_upload($instance->name, $file->validators, $file->file_path))) {
if (image_get_info($file->uri)) {
$file->thumb = swfupload_thumb($file);
}
break;
}
drupal_set_message(t('There was an error uploading the file'), 'swfupload_error');
break;
}
}
/**
* Implements hook_library().
*/
function swfupload_libraries_info() {
$libraries = array(
'swfupload' => array(
'name' => 'SWFUpload',
'vendor url' => 'http://code.google.com/p/swfupload/',
'version arguments' => array(
'file' => 'swfupload.js',
'pattern' => '/SWFUpload.version \= \"([0-9.]{1,}) ([0-9-]{1,})\"/',
'lines' => 60,
),
'files' => array(
'js' => array('swfupload.js'),
),
),
);
return $libraries;
}
/**
* Implements hook_requirements().
*/
function swfupload_requirements($phase) {
$requirements = array();
$library = libraries_load('swfupload');
// Ensure translations don't break at install time
$t = get_t();
// Report Drupal version
if ($phase == 'runtime') {
$requirements['swfupload'] = array(
'title' => $t('SWFUpload'),
'value' => empty($library) ? t('SWFUpload library was not found!') : $library['version'],
'severity' => empty($library) ? REQUIREMENT_ERROR : REQUIREMENT_OK,
);
}
return $requirements;
}
/**
* Generates an unique key, used for validating upload requests
*/
function _swfupload_post_key() {
global $user;
return bin2hex($user->uid . '*' . md5(($user->uid && $user->sid) ? $user->sid : $_SERVER['REMOTE_ADDR']));
}
/**
* Converts an hexadecimal string to binairy
*/
function _swfupload_hex2bin($h) {
if (!is_string($h)) {
return NULL;
}
$r = '';
for ($a = 0; $a < drupal_strlen($h); $a += 2) {
$r .= chr(hexdec($h{$a} . $h{($a + 1)}));
}
return $r;
}
/**
* Create a thumbnail to be shown in the swfupload table.
*/
function swfupload_thumb($file) {
// Force an object.
$file = (object) $file;
return image_style_url('thumbnail', $file->uri);
}
Reference in New Issue View Git Blame Copy Permalink