Xataface AJAX Upload Module 0.1
jQuery Ajax Upload Widget for Xataface
/Applications/XAMPP/xamppfiles/htdocs/nanofabrication/modules/ajax_upload/actions/ajax_upload_handleupload.php
Go to the documentation of this file.
00001 <?php
00002 class actions_ajax_upload_handleupload {
00003         
00004         const VALIDATION_ERROR=501;
00005 
00006         public function handle($params){
00007         
00008                 $app = Dataface_Application::getInstance();
00009                 $query = $app->getQuery();
00010                 try {
00011                         
00012                         if ( !@$_POST['-table'] ) throw new Exception("No table specified");
00013                         if ( !@$_POST['--field'] ) throw new Exception("No field specified");
00014                         
00015                         $fieldName = $_POST['--field'];
00016                         $tableName = $_POST['-table'];
00017                         $recordId = null;
00018                         $new = false;
00019                         if ( @$_POST['--record-id'] ){
00020                                 $recordId = $_POST['--record-id'];
00021                         }
00022                         
00023                         $record = null;
00024                         if ( $recordId ){
00025                                 $record = df_get_record_by_id($recordId);
00026                                 if ( PEAR::isError($record) ){
00027                                         throw new Exception("Record not loaded for record id ($recordId): ".$record->getMessage());
00028                                 }
00029                         }
00030                         
00031                         
00032                         
00033                         if ( !$record ){
00034                                 $record = new Dataface_Record($tableName, array());
00035                                 $new = true;
00036                         }
00037                         
00038                         if ( is_a($record, 'Dataface_RelatedRecord') ){
00039                                 $record = $record->toRecord($record->_relationship->getTable($fieldName)->tablename);
00040                         }
00041                         
00042                         if ( !$record ){
00043                                 throw new Exception("Record is null.");
00044                         }
00045                         
00046                         if ( PEAR::isError($record) ) throw new Exception($record->getMessage());
00047                         
00048                         // At this point $record should be a Dataface_Record object
00049                         
00050                         if ( $new and !$record->checkPermission('new', array('field'=>$fieldName)) ){
00051                                 throw new Exception("Permission denied.  You don't have permission to add new values to this field.", 401);
00052                                 
00053                         }
00054                         
00055                         
00056                         
00057                         if ( !$new and !$record->checkPermission('edit', array('field'=>$fieldName)) ){
00058                                 throw new Exception("Permission denied.  You don't have permission to edit this field.", 401);
00059                         }
00060                         
00061                         
00062                         
00063                         // At this point it appears that the user has permission to set this 
00064                         // field value
00065                         
00066                         // We should start to validate the file upload based on other parameters
00067                         // in the fields.ini file (e.g. mimetype, extension, file size, etc..).
00068                         
00069                         $table = $record->table();
00070                         $field =& $table->getField($fieldName);
00071                         
00072                         if ( $field['Type'] != 'container' ){
00073                                 throw new Exception("The upload field '".$fieldName."' of table '".$tableName."' is not a container.  Set it to Type=container in the fields.ini file.");
00074                         }
00075                         
00076                         $savePath = $field['savepath'];
00077                         if ( !is_dir($savePath) ){
00078                                 throw new Exception("The save path for $tableName.$fieldName is set to $savePath which does not exist.  Please create this directory in order to enable file uploads.");
00079                                 
00080                         }
00081                         
00082                         if ( !is_writable($savePath) ){
00083                                 throw new Exception("The save path for $tableName.$fieldName is set to $savePath which is not writable.  Please make this directory writable to proceed.");
00084                                 
00085                         }
00086                         
00087                         $tmpDir = $savePath.DIRECTORY_SEPARATOR.'uploads';
00088                         $tmpUrl = $field['url'].'/uploads';
00089                         if ( !is_dir($tmpDir) ){
00090                                 mkdir($tmpDir);
00091                                 if ( !is_dir($tmpDir) ){
00092                                         throw new Exception("Failed to create directory $tmpDir in order to upload files.  Please check that the webserver has permission to create this directory or create this directory first and make it writable by the webserver.");
00093                                 }
00094                         }
00095                         
00096                         // Clean all old entries in the temp dir.
00097                         $files = scandir($tmpDir);
00098                         $now = time();
00099                         $cutOff = $now-3600;
00100                         foreach ($files as $f){
00101                                 if ( $f == '.' or $f == '..' ) continue;
00102                                 $fpath = $tmpDir.DIRECTORY_SEPARATOR.$f;
00103                                 if ( filemtime($fpath) < $cutOff ){
00104                                         @unlink($fpath);
00105                                 }
00106                         }
00107                         
00108                         
00109                         // Now that we have a place to put the file we can get the file information 
00110                         // and ensure that it meets all of our requirements.
00111                         
00112                         if ( !@$_FILES['files'] ){
00113                                 throw new Exception("No files were provided");
00114                         }
00115                         
00116                         $fileInfo = array(
00117                                 'name' => $_FILES['files']['name'][0],
00118                                 'type' => $_FILES['files']['type'][0],
00119                                 'tmp_name' => $_FILES['files']['tmp_name'][0],
00120                                 'error' => $_FILES['files']['error'][0],
00121                                 'size' => $_FILES['files']['size'][0]
00122                         );
00123         
00124                                 
00125                         if ( !$fileInfo ){
00126                                 throw new Exception("No file was provided");
00127                         }
00128                         
00129                         // Let's make sure the file complies with the validation parameters
00130                         $result = array();
00131                         if ( !$this->validate($field, $fileInfo, $result) ){
00132                                 throw new Exception("Validation failure: ".$result['message'], self::VALIDATION_ERROR);
00133                         }
00134                         
00135                         
00136                         
00137                         $fileId = uniqid();
00138                         $filePath = $tmpDir.DIRECTORY_SEPARATOR.$fileId;
00139                         
00140                         if ( !move_uploaded_file($fileInfo['tmp_name'], $filePath) ){
00141                                 throw new Exception("Failed to upload file with error code: ".$fileInfo['error']);
00142                         }
00143                         $fileUrl = $tmpUrl.'/'.$fileId; 
00144                         
00145                         // Now we serialize the file info so that it will be available later when the record
00146                         // is saved.
00147                         $infoPath = $filePath.'.info';
00148                         file_put_contents($infoPath, serialize($fileInfo));
00149                         
00150                         // Now to generate the output
00151                         
00152                         $out = array();
00153                         
00154                         if ( !$recordId ){
00155                                 $recordId = '';
00156                         }
00157                         
00158                         $out[] = array(
00159                                 'id' => $fileId,
00160                                 'name' => $fileInfo['name'],
00161                                 'size' => filesize($filePath),
00162                                 'type' => $this->getMimeType($filePath),
00163                                 'url' => $fileUrl,
00164                                 'thumbnail_url' => $this->getThumbnail($fileUrl, $filePath),
00165                                 'delete_url' => DATAFACE_SITE_HREF.'?-action=ajax_upload_delete&--file='.urlencode($fileId).'&--field='.urlencode($fieldName).'&-table='.urlencode($tableName).'&--record-id='.urlencode($recordId),
00166                                 'delete_type' => 'DELETE'
00167                         );
00168                         
00169                         
00170                         header('Vary: Accept');
00171                         if (isset($_SERVER['HTTP_ACCEPT']) &&
00172                                 (strpos($_SERVER['HTTP_ACCEPT'], 'application/json') !== false)) {
00173                                 header('Content-type: application/json');
00174                         } else {
00175                                 header('Content-type: text/plain');
00176                         }
00177                         echo json_encode($out);
00178                 } catch (Exception $ex){
00179                 
00180                         if ( $ex->getCode() ){
00181                                 //echo "there";exit;
00182                                 //throw $ex;
00183                                 $out = array();
00184                                 $out[] = array(
00185                                         'code'=>$ex->getCode(),
00186                                         'message' =>$ex->getMessage(),
00187                                         'error'=>1
00188                                 );
00189                                 header('Vary: Accept');
00190                                 if (isset($_SERVER['HTTP_ACCEPT']) &&
00191                                         (strpos($_SERVER['HTTP_ACCEPT'], 'application/json') !== false)) {
00192                                         header('Content-type: application/json');
00193                                 } else {
00194                                         header('Content-type: text/plain');
00195                                 }
00196                                 echo json_encode($out);
00197                                         
00198                                 
00199                         } else {
00200                                 //echo "here";exit;
00201                                 throw $ex;
00202                         }
00203                 }
00204                 
00205         
00206                 
00207                 
00208                 
00209         }
00210         
00211         function getMimeType($path){
00212                 return Dataface_ModuleTool::getInstance()->loadModule('modules_ajax_upload')->getMimeType($path);
00213 
00214         }
00215         
00216         
00217         
00218         
00219         function getThumbnail($url, $path){
00220                 return Dataface_ModuleTool::getInstance()->loadModule('modules_ajax_upload')->getThumbnail($url, $path);
00221                 
00222                 
00223         }
00224         
00225         
00226         
00238         function validate(&$field, $value, &$params){
00239                 return Dataface_ModuleTool::getInstance()->loadModule('modules_ajax_upload')->validate($field, $value, $params);
00240         }
00241 
00242 }
 All Data Structures Files Functions Variables