123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672 |
- <?php
- /**
- * @file
- * Webform module file component.
- */
- /**
- * Implements _webform_defaults_component().
- */
- function _webform_defaults_file() {
- // If private file storage is enabled, make it the default for security
- // reasons. See: https://www.drupal.org/psa-2016-003
- $available_schemes = file_get_stream_wrappers(STREAM_WRAPPERS_WRITE_VISIBLE);
- $scheme = isset($available_schemes['private']) ? 'private' : 'public';
- return array(
- 'name' => '',
- 'form_key' => NULL,
- 'required' => 0,
- 'pid' => 0,
- 'weight' => 0,
- 'extra' => array(
- 'filtering' => array(
- 'types' => array('gif', 'jpg', 'png'),
- 'addextensions' => '',
- 'size' => '2 MB',
- ),
- 'rename' => '',
- 'scheme' => $scheme,
- 'directory' => '',
- 'progress_indicator' => 'throbber',
- 'title_display' => 0,
- 'description' => '',
- 'description_above' => FALSE,
- 'attributes' => array(),
- 'private' => FALSE,
- 'analysis' => FALSE,
- ),
- );
- }
- /**
- * Implements _webform_theme_component().
- */
- function _webform_theme_file() {
- return array(
- 'webform_edit_file_extensions' => array(
- 'render element' => 'element',
- 'file' => 'components/file.inc',
- ),
- 'webform_display_file' => array(
- 'render element' => 'element',
- 'file' => 'components/file.inc',
- ),
- 'webform_managed_file' => array(
- 'render element' => 'element',
- 'file' => 'components/file.inc',
- ),
- );
- }
- /**
- * Implements _webform_edit_component().
- */
- function _webform_edit_file($component) {
- $form = array();
- $form['#element_validate'] = array('_webform_edit_file_check_directory');
- $form['#after_build'] = array('_webform_edit_file_check_directory');
- $form['validation']['size'] = array(
- '#type' => 'textfield',
- '#title' => t('Max upload size'),
- '#default_value' => $component['extra']['filtering']['size'],
- '#description' => t('Enter the max file size a user may upload such as 2 MB or 800 KB. Your server has a max upload size of @size.', array('@size' => format_size(file_upload_max_size()))),
- '#size' => 10,
- '#parents' => array('extra', 'filtering', 'size'),
- '#element_validate' => array('_webform_edit_file_size_validate'),
- '#weight' => 1,
- );
- $form['validation']['extensions'] = array(
- '#element_validate' => array('_webform_edit_file_extensions_validate'),
- '#parents' => array('extra', 'filtering'),
- '#theme' => 'webform_edit_file_extensions',
- '#theme_wrappers' => array('form_element'),
- '#title' => t('Allowed file extensions'),
- '#attached' => array(
- 'js' => array(drupal_get_path('module', 'webform') . '/js/webform-admin.js'),
- 'css' => array(drupal_get_path('module', 'webform') . '/css/webform-admin.css'),
- ),
- '#type' => 'webform_file_extensions',
- '#weight' => 2,
- );
- // Find the list of all currently valid extensions.
- $current_types = isset($component['extra']['filtering']['types']) ? $component['extra']['filtering']['types'] : array();
- $types = array('gif', 'jpg', 'png');
- $form['validation']['extensions']['types']['webimages'] = array(
- '#type' => 'checkboxes',
- '#title' => t('Web images'),
- '#options' => drupal_map_assoc($types),
- '#default_value' => array_intersect($current_types, $types),
- );
- $types = array('bmp', 'eps', 'tif', 'pict', 'psd');
- $form['validation']['extensions']['types']['desktopimages'] = array(
- '#type' => 'checkboxes',
- '#title' => t('Desktop images'),
- '#options' => drupal_map_assoc($types),
- '#default_value' => array_intersect($current_types, $types),
- );
- $types = array('txt', 'rtf', 'html', 'pdf', 'doc', 'docx', 'odt', 'ppt', 'pptx', 'odp', 'xls', 'xlsx', 'ods', 'xml');
- $form['validation']['extensions']['types']['documents'] = array(
- '#type' => 'checkboxes',
- '#title' => t('Documents'),
- '#options' => drupal_map_assoc($types),
- '#default_value' => array_intersect($current_types, $types),
- );
- $types = array('avi', 'mov', 'mp3', 'ogg', 'wav');
- $form['validation']['extensions']['types']['media'] = array(
- '#type' => 'checkboxes',
- '#title' => t('Media'),
- '#options' => drupal_map_assoc($types),
- '#default_value' => array_intersect($current_types, $types),
- );
- $types = array('bz2', 'dmg', 'gz', 'jar', 'rar', 'sit', 'tar', 'zip');
- $form['validation']['extensions']['types']['archives'] = array(
- '#type' => 'checkboxes',
- '#title' => t('Archives'),
- '#options' => drupal_map_assoc($types),
- '#default_value' => array_intersect($current_types, $types),
- );
- $form['validation']['extensions']['addextensions'] = array(
- '#type' => 'textfield',
- '#title' => t('Additional extensions'),
- '#default_value' => $component['extra']['filtering']['addextensions'],
- '#description' => t('Enter a list of additional file extensions for this upload field, separated by commas.<br /> Entered extensions will be appended to checked items above.'),
- '#size' => 20,
- '#weight' => 3,
- );
- $scheme_options = array();
- foreach (file_get_stream_wrappers(STREAM_WRAPPERS_WRITE_VISIBLE) as $scheme => $stream_wrapper) {
- $scheme_options[$scheme] = $stream_wrapper['name'];
- }
- $form['extra']['scheme'] = array(
- '#type' => 'radios',
- '#title' => t('Upload destination'),
- '#options' => $scheme_options,
- '#default_value' => $component['extra']['scheme'],
- '#description' => t('Public files upload destination is dangerous for forms that are available to anonymous and/or untrusted users. For more information, see <a href="@psa">DRUPAL-PSA-2016-003</a>.', array('@psa' => 'https://www.drupal.org/psa-2016-003')),
- '#weight' => 4,
- '#access' => count($scheme_options) > 1,
- );
- $form['extra']['directory'] = array(
- '#type' => 'textfield',
- '#title' => t('Upload directory'),
- '#default_value' => $component['extra']['directory'],
- '#description' => t('You may optionally specify a sub-directory to store your files.') . ' ' . theme('webform_token_help'),
- '#weight' => 5,
- '#field_prefix' => 'webform/',
- );
- $form['extra']['rename'] = array(
- '#type' => 'textfield',
- '#title' => t('Rename files'),
- '#default_value' => $component['extra']['rename'],
- '#description' => t('You may optionally use tokens to create a pattern used to rename files upon submission. Omit the extension; it will be added automatically.') . ' ' . theme('webform_token_help', array('groups' => array('node', 'submission'))),
- '#weight' => 6,
- '#element_validate' => array('_webform_edit_file_rename_validate'),
- '#access' => webform_variable_get('webform_token_access'),
- );
- $form['display']['progress_indicator'] = array(
- '#type' => 'radios',
- '#title' => t('Progress indicator'),
- '#options' => array(
- 'throbber' => t('Throbber'),
- 'bar' => t('Bar with progress meter'),
- ),
- '#default_value' => $component['extra']['progress_indicator'],
- '#description' => t('The throbber display does not show the status of uploads but takes up less space. The progress bar is helpful for monitoring progress on large uploads.'),
- '#weight' => 16,
- '#access' => file_progress_implementation(),
- '#parents' => array('extra', 'progress_indicator'),
- );
- return $form;
- }
- /**
- * Form API validator ensures rename string is empty or contains one token.
- *
- * A Form API element validate function to ensure that the rename string is
- * either empty or contains at least one token.
- */
- function _webform_edit_file_rename_validate($element, &$form_state, $form) {
- $rename = trim($form_state['values']['extra']['rename']);
- form_set_value($element, $rename, $form_state);
- if (strlen($rename) && !count(token_scan($rename))) {
- form_error($element, t('To create unique file names, use at least one token in the file name pattern.'));
- }
- }
- /**
- * A Form API element validate function to check filesize is valid.
- */
- function _webform_edit_file_size_validate($element) {
- if (!empty($element['#value'])) {
- $set_filesize = parse_size($element['#value']);
- if ($set_filesize == FALSE) {
- form_error($element, t('File size @value is not a valid file size. Use a value such as 2 MB or 800 KB.', array('@value' => $element['#value'])));
- }
- else {
- $max_filesize = parse_size(file_upload_max_size());
- if ($max_filesize < $set_filesize) {
- form_error($element, t('An upload size of @value is too large. You are allowed to upload files that are @max or less.', array('@value' => $element['#value'], '@max' => format_size($max_filesize))));
- }
- }
- }
- }
- /**
- * A Form API after build and validate function.
- *
- * Ensure that the destination directory exists and is writable.
- */
- function _webform_edit_file_check_directory($element) {
- $scheme = $element['extra']['scheme']['#value'];
- $directory = $element['extra']['directory']['#value'];
- $destination_dir = file_stream_wrapper_uri_normalize($scheme . '://webform/' . $directory);
- $tokenized_dir = drupal_strtolower(webform_replace_tokens($destination_dir, $element['#node']));
- // Sanity check input to prevent use parent (../) directories.
- if (preg_match('/\.\.[\/\\\]/', $tokenized_dir . '/')) {
- form_error($element['extra']['directory'], t('The save directory %directory is not valid.', array('%directory' => $tokenized_dir)));
- }
- else {
- if (!file_prepare_directory($tokenized_dir, FILE_CREATE_DIRECTORY)) {
- form_error($element['extra']['directory'], t('The save directory %directory could not be created. Check that the webform files directory is writable.', array('%directory' => $tokenized_dir)));
- }
- }
- return $element;
- }
- /**
- * A Form API element validate function.
- *
- * Change the submitted values of the component so that all filtering extensions
- * are saved as a single array.
- */
- function _webform_edit_file_extensions_validate($element, &$form_state) {
- // Predefined types.
- $extensions = array();
- foreach (element_children($element['types']) as $category) {
- foreach (array_keys($element['types'][$category]['#value']) as $extension) {
- if ($element['types'][$category][$extension]['#value']) {
- $extensions[] = $extension;
- // "jpeg" is an exception. It is allowed anytime "jpg" is allowed.
- if ($extension == 'jpg') {
- $extensions[] = 'jpeg';
- }
- }
- }
- }
- // Additional types.
- $additional_extensions = explode(',', $element['addextensions']['#value']);
- foreach ($additional_extensions as $extension) {
- $clean_extension = drupal_strtolower(trim($extension));
- if (!empty($clean_extension) && !in_array($clean_extension, $extensions)) {
- $extensions[] = $clean_extension;
- }
- }
- form_set_value($element['types'], $extensions, $form_state);
- }
- /**
- * Output the list of allowed extensions as checkboxes.
- */
- function theme_webform_edit_file_extensions($variables) {
- $element = $variables['element'];
- // Format the components into a table.
- $rows = array();
- foreach (element_children($element['types']) as $filtergroup) {
- $row = array();
- if ($element['types'][$filtergroup]['#type'] == 'checkboxes') {
- $select_link = ' <a href="#" class="webform-select-link webform-select-link-' . $filtergroup . '">(' . t('select') . ')</a>';
- $row[] = $element['types'][$filtergroup]['#title'];
- $row[] = array('data' => $select_link, 'width' => 40);
- $row[] = array('data' => drupal_render_children($element['types'][$filtergroup]), 'class' => array('webform-file-extensions', 'webform-select-group-' . $filtergroup));
- $rows[] = array('data' => $row);
- unset($element['types'][$filtergroup]);
- }
- }
- // Add the row for additional types.
- if (!isset($element['addextensions']['#access']) || $element['addextensions']['#access']) {
- $row = array();
- $title = $element['addextensions']['#title'];
- $element['addextensions']['#title'] = NULL;
- $row[] = array('data' => $title, 'colspan' => 2);
- $row[] = drupal_render($element['addextensions']);
- $rows[] = $row;
- }
- $header = array(array('data' => t('Category'), 'colspan' => '2'), array('data' => t('Types')));
- // Create the table inside the form.
- $element['types']['table'] = array(
- '#theme' => 'table',
- '#header' => $header,
- '#rows' => $rows,
- '#attributes' => array('class' => array('webform-file-extensions')),
- );
- return drupal_render_children($element);
- }
- /**
- * Implements _webform_render_component().
- */
- function _webform_render_file($component, $value = NULL, $filter = TRUE, $submission = NULL) {
- $node = isset($component['nid']) ? node_load($component['nid']) : NULL;
- // Cap the upload size according to the PHP limit.
- $max_filesize = parse_size(file_upload_max_size());
- $set_filesize = $component['extra']['filtering']['size'];
- if (!empty($set_filesize) && parse_size($set_filesize) < $max_filesize) {
- $max_filesize = parse_size($set_filesize);
- }
- $element = array(
- '#type' => 'managed_file',
- '#theme' => 'webform_managed_file',
- '#title' => $filter ? webform_filter_xss($component['name']) : $component['name'],
- '#title_display' => $component['extra']['title_display'] ? $component['extra']['title_display'] : 'before',
- '#required' => $component['required'],
- '#default_value' => isset($value[0]) ? $value[0] : NULL,
- '#attributes' => $component['extra']['attributes'],
- '#upload_validators' => array(
- 'file_validate_size' => array($max_filesize),
- 'file_validate_extensions' => array(implode(' ', $component['extra']['filtering']['types'])),
- ),
- '#pre_render' => array_merge(element_info_property('managed_file', '#pre_render'), array('webform_file_allow_access')),
- '#upload_location' => $component['extra']['scheme'] . '://webform/' . ($filter
- ? drupal_strtolower(webform_replace_tokens($component['extra']['directory'], $node))
- : $component['extra']['directory']),
- '#progress_indicator' => $component['extra']['progress_indicator'],
- '#description' => $filter ? webform_filter_descriptions($component['extra']['description'], $node) : $component['extra']['description'],
- '#weight' => $component['weight'],
- '#theme_wrappers' => array('webform_element'),
- '#translatable' => array('title', 'description'),
- );
- if ($filter) {
- $element['#description'] = theme('file_upload_help', array('description' => $element['#description'], 'upload_validators' => $element['#upload_validators']));
- }
- return $element;
- }
- /**
- * Returns HTML for a webform managed file element.
- *
- * See #2495821 and #2497909. The core theme_file_managed_file creates a
- * wrapper around the element with the element's id, thereby creating 2 elements
- * with the same id.
- *
- * @param array $variables
- * An associative array containing:
- * - element: A render element representing the file.
- *
- * @return string
- * The HTML.
- */
- function theme_webform_managed_file($variables) {
- $element = $variables['element'];
- $attributes = array();
- // For webform use, do not add the id to the wrapper.
- // @code
- // if (isset($element['#id'])) {
- // $attributes['id'] = $element['#id'];
- // }
- // @endcode
- if (!empty($element['#attributes']['class'])) {
- $attributes['class'] = (array) $element['#attributes']['class'];
- }
- $attributes['class'][] = 'form-managed-file';
- // This wrapper is required to apply JS behaviors and CSS styling.
- $output = '';
- $output .= '<div' . drupal_attributes($attributes) . '>';
- $output .= drupal_render_children($element);
- $output .= '</div>';
- return $output;
- }
- /**
- * Implements _webform_submit_component().
- */
- function _webform_submit_file($component, $value) {
- $fid = is_array($value)
- ? (!empty($value['fid']) ? $value['fid'] : '')
- : (!empty($value) ? $value : '');
- // Extend access to this file, even if the submission has not been saved yet.
- // This may happen when previewing a private file which was selected but not
- // explicitly uploaded, and then previewed.
- if ($fid) {
- $_SESSION['webform_files'][$fid] = $fid;
- }
- return $fid;
- }
- /**
- * Pre-render callback to allow access to uploaded files.
- *
- * Files that have not yet been saved into a submission must be accessible to
- * the user who uploaded it, but no one else. After the submission is saved,
- * access is granted through the file_usage table. Before then, we use a
- * $_SESSION value to record a user's upload.
- *
- * @see webform_file_download()
- */
- function webform_file_allow_access($element) {
- if (!empty($element['#value']['fid'])) {
- $fid = $element['#value']['fid'];
- $_SESSION['webform_files'][$fid] = $fid;
- }
- return $element;
- }
- /**
- * Implements _webform_display_component().
- */
- function _webform_display_file($component, $value, $format = 'html', $submission = array()) {
- $fid = isset($value[0]) ? $value[0] : NULL;
- return array(
- '#title' => $component['name'],
- '#title_display' => $component['extra']['title_display'] ? $component['extra']['title_display'] : 'before',
- '#value' => $fid ? webform_get_file($fid) : NULL,
- '#weight' => $component['weight'],
- '#theme' => 'webform_display_file',
- '#theme_wrappers' => $format == 'text' ? array('webform_element_text') : array('webform_element'),
- '#format' => $format,
- '#translatable' => array('title'),
- );
- }
- /**
- * Format the output of text data for this component.
- */
- function theme_webform_display_file($variables) {
- $element = $variables['element'];
- $file = $element['#value'];
- $url = !empty($file) ? webform_file_url($file->uri) : t('no upload');
- return !empty($file) ? ($element['#format'] == 'text' ? $url : l($file->filename, $url)) : ' ';
- }
- /**
- * Implements _webform_delete_component().
- */
- function _webform_delete_file($component, $value) {
- // Delete an individual submission file.
- if (!empty($value[0]) && ($file = webform_get_file($value[0]))) {
- file_usage_delete($file, 'webform');
- file_delete($file);
- }
- }
- /**
- * Implements _webform_attachments_component().
- */
- function _webform_attachments_file($component, $value) {
- $file = (array) webform_get_file($value[0]);
- $files = array($file);
- return $files;
- }
- /**
- * Implements _webform_analysis_component().
- */
- function _webform_analysis_file($component, $sids = array(), $single = FALSE, $join = NULL) {
- $query = db_select('webform_submitted_data', 'wsd', array('fetch' => PDO::FETCH_ASSOC))
- ->fields('wsd', array('no', 'data'))
- ->condition('wsd.nid', $component['nid'])
- ->condition('wsd.cid', $component['cid']);
- if (count($sids)) {
- $query->condition('wsd.sid', $sids, 'IN');
- }
- if ($join) {
- $query->innerJoin($join, 'ws2_', 'wsd.sid = ws2_.sid');
- }
- $nonblanks = 0;
- $sizetotal = 0;
- $submissions = 0;
- $result = $query->execute();
- foreach ($result as $data) {
- $file = webform_get_file($data['data']);
- if (isset($file->filesize)) {
- $nonblanks++;
- $sizetotal += $file->filesize;
- }
- $submissions++;
- }
- $rows[0] = array(t('Left Blank'), ($submissions - $nonblanks));
- $rows[1] = array(t('User uploaded file'), $nonblanks);
- $other[0] = array(t('Average uploaded file size'), ($sizetotal != 0 ? (int) (($sizetotal / $nonblanks) / 1024) . ' KB' : '0'));
- return array(
- 'table_rows' => $rows,
- 'other_data' => $other,
- );
- }
- /**
- * Implements _webform_table_component().
- */
- function _webform_table_file($component, $value) {
- $output = '';
- $file = webform_get_file($value[0]);
- if (!empty($file->fid)) {
- $output = '<a href="' . webform_file_url($file->uri) . '">' . check_plain(webform_file_name($file->uri)) . '</a>';
- $output .= ' (' . (int) ($file->filesize / 1024) . ' KB)';
- }
- return $output;
- }
- /**
- * Implements _webform_csv_headers_component().
- */
- function _webform_csv_headers_file($component, $export_options) {
- $header = array();
- // Two columns in header.
- $header[0] = array('', '');
- $header[1] = array($export_options['header_keys'] ? $component['form_key'] : $component['name'], '');
- $header[2] = array(t('Name'), t('Filesize (KB)'));
- return $header;
- }
- /**
- * Implements _webform_csv_data_component().
- */
- function _webform_csv_data_file($component, $export_options, $value) {
- $file = webform_get_file($value[0]);
- return empty($file->filename) ? array('', '') : array(webform_file_url($file->uri), (int) ($file->filesize / 1024));
- }
- /**
- * Helper function to create proper file names for uploaded file.
- */
- function webform_file_name($filepath) {
- if (!empty($filepath)) {
- $info = pathinfo($filepath);
- $file_name = $info['basename'];
- }
- return isset($file_name) ? $file_name : '';
- }
- /**
- * Helper function to create proper URLs for uploaded file.
- */
- function webform_file_url($uri) {
- if (!empty($uri)) {
- $file_url = file_create_url($uri);
- }
- return isset($file_url) ? $file_url : '';
- }
- /**
- * Helper function to load a file from the database.
- */
- function webform_get_file($fid) {
- // Simple check to prevent loading of NULL values, which throws an entity
- // system error.
- return $fid ? file_load($fid) : FALSE;
- }
- /**
- * Given a submission with file_usage set, add or remove file usage entries.
- */
- function webform_file_usage_adjust($submission) {
- if (isset($submission->file_usage)) {
- $files = file_load_multiple($submission->file_usage['added_fids']);
- foreach ($files as $file) {
- $file->status = 1;
- file_save($file);
- file_usage_add($file, 'webform', 'submission', $submission->sid);
- }
- $files = file_load_multiple($submission->file_usage['deleted_fids']);
- foreach ($files as $file) {
- file_usage_delete($file, 'webform', 'submission', $submission->sid);
- file_delete($file);
- }
- }
- }
- /**
- * Rename any files which are eligible for renaming.
- *
- * Renames if this submission is being submitted for the first time.
- */
- function webform_file_rename($node, $submission) {
- if (isset($submission->file_usage)) {
- foreach ($submission->file_usage['renameable'] as $cid => $fids) {
- foreach ($fids as $fid) {
- webform_file_process_rename($node, $submission, $node->webform['components'][$cid], $fid);
- }
- }
- }
- }
- /**
- * Renames the uploaded file name using tokens.
- *
- * @param object $node
- * The webform node object.
- * @param object $submission
- * The webform submission object.
- * @param array $component
- * Component settings array for which fid is going to be processed.
- * @param int $fid
- * A file id to be processed.
- */
- function webform_file_process_rename($node, $submission, $component, $fid) {
- $file = webform_get_file($fid);
- if ($file) {
- // Get the destination uri.
- $destination_dir = $component['extra']['scheme'] . '://webform/' . drupal_strtolower(webform_replace_tokens($component['extra']['directory'], $node));
- $destination_dir = file_stream_wrapper_uri_normalize($destination_dir);
- // Get the file extension.
- $info = pathinfo($file->uri);
- $extension = $info['extension'];
- // Prepare new file name without extension.
- $new_file_name = webform_replace_tokens($component['extra']['rename'], $node, $submission, NULL, TRUE);
- $new_file_name = trim($new_file_name);
- $new_file_name = _webform_transliterate($new_file_name);
- $new_file_name = str_replace('/', '_', $new_file_name);
- $new_file_name = preg_replace('/[^a-zA-Z0-9_\- ]/', '', $new_file_name);
- if (strlen($new_file_name)) {
- // Prepare the new uri with new filename.
- $destination = "$destination_dir/$new_file_name.$extension";
- // Compare the uri and Rename the file name.
- if ($file->uri != $destination) {
- file_move($file, $destination, FILE_EXISTS_RENAME);
- }
- }
- }
- }
|