diff -r 000791abdc7e -r 4f4d63a281cd includes/namespaces/file.php --- a/includes/namespaces/file.php Sat Sep 12 09:56:39 2009 -0400 +++ b/includes/namespaces/file.php Tue Sep 15 14:37:03 2009 -0400 @@ -87,17 +87,22 @@ $html .= $lang->get('onpage_filebox_lbl_size', array('size' => $size)); $html .= '
' . $lang->get('onpage_filebox_lbl_uploaded') . ' ' . $datestring . '

'; - if ( substr($mimetype, 0, 6) != 'image/' && ( substr($mimetype, 0, 5) != 'text/' || $mimetype == 'text/html' || $mimetype == 'text/javascript' ) ) + // are we dealing with an image? + $is_image = substr($mimetype, 0, 6) == 'image/'; + + // for anything other than plain text and + if ( !$is_image && ( substr($mimetype, 0, 5) != 'text/' || $mimetype == 'text/html' || $mimetype == 'text/javascript' ) ) { $html .= '
' . $lang->get('onpage_filebox_msg_virus_warning') . '
'; } - if ( substr($mimetype, 0, 6) == 'image/' ) + if ( $is_image ) { + // show a thumbnail of the image $html .= '

- '.$paths->page.' + ' . htmlspecialchars($paths->page) . '

'; } @@ -105,13 +110,24 @@ ' . $lang->get('onpage_filebox_btn_download') . ' '; - if(!$paths->page_protected && ( $paths->wiki_mode || $session->get_permissions('upload_new_version') )) + // allow reupload if: + // * we are allowed to upload new versions, and + // - the file is unprotected, or + // - we have permission to override protection + + if ( !$this->perms ) + $this->perms = $session->fetch_page_acl($this->page_id, $this->namespace); + + if ( $this->perms->get_permissions('upload_new_version') && ( !$this->page_protected || $this->perms->get_permissions('even_when_protected') ) ) { - $html .= ' | + // upload new version link + $html .= ' | ' . $lang->get('onpage_filebox_btn_upload_new') . ' '; } + // close off paragraph $html .= '

'; + // only show this if there's more than one revision if ( $db->numrows() > 1 ) { // requery, sql_result_seek() doesn't work on postgres @@ -132,9 +148,10 @@ $html .= '

' . $lang->get('onpage_filebox_heading_history') . '

'; $last_rollback_id = false; + $download_flag = $is_image ? false : 'download'; while ( $r = $db->fetchrow($q) ) { - $html .= '(' . $lang->get('onpage_filebox_btn_this_version') . ') '; + $html .= '(' . $lang->get('onpage_filebox_btn_this_version') . ') '; if ( $session->get_permissions('history_rollback') && $last_rollback_id ) $html .= ' (' . $lang->get('onpage_filebox_btn_revert') . ') '; else if ( $session->get_permissions('history_rollback') && !$last_rollback_id ) @@ -174,5 +191,77 @@ $html .= '
'; return $html; } + + /** + * Delete a file from the database and filesystem based on file ID. + * @param int File ID + * @return null + */ + + public static function delete_file($file_id) + { + global $db, $session, $paths, $template, $plugins; // Common objects + + if ( !is_int($file_id) ) + // seriously? + return null; + + // pull file info + $q = $db->sql_query('SELECT filename, page_id, time_id, file_extension, file_key FROM ' . table_prefix . "files WHERE file_id = $file_id;"); + if ( !$q ) + $db->_die(); + + if ( $db->numrows() < 1 ) + { + $db->free_result(); + return null; + } + + $row = $db->fetchrow(); + $db->free_result(); + + // make sure the image isn't used by multiple revisions + $q = $db->sql_query('SELECT 1 FROM ' . table_prefix . "files WHERE file_key = '{$row['file_key']}';"); + if ( !$q ) + $db->_die(); + if ( $db->numrows() < 1 ) + { + // remove from filesystem + $file_path = ENANO_ROOT . "/files/{$row['file_key']}{$row['file_extension']}"; + @unlink($file_path); + // old filename standard + $file_path = ENANO_ROOT . "/files/{$row['file_key']}-{$row['time_id']}{$row['file_extension']}"; + @unlink($file_path); + } + $db->free_result(); + + // remove from cache + if ( $dp = @opendir(ENANO_ROOT . '/cache/') ) + { + $regexp = '#' . preg_quote($row['filename']) . '-' . $row['time_id'] . '-[0-9]+x[0-9]+' . preg_quote($row['file_extension']) . '#'; + while ( $dh = @readdir($dp) ) + { + if ( preg_match($regexp, $dh) ) + { + // it's a match, delete the cached thumbnail + @unlink(ENANO_ROOT . "/cache/$dh"); + } + } + closedir($dp); + } + + // remove from database + $q = $db->sql_query('DELETE FROM ' . table_prefix . "files WHERE file_id = $file_id;"); + if ( !$q ) + $db->_die(); + + // remove from logs + $page_id_db = $db->escape($row['page_id']); + $q = $db->sql_query('DELETE FROM ' . table_prefix . "logs WHERE page_id = '{$page_id_db}' AND namespace = 'File' AND action = 'reupload' AND time_id = {$row['time_id']};"); + if ( !$q ) + $db->_die(); + + return true; + } }