<?php if (!defined('PmWiki')) exit();
/* === Attachtable ===
* Copyright 2007 Eemeli Aro <eemeli.aro@tkk.fi>
*
* Adds actions to delete & restore deleted attachments, as
* well as an attachlist replacement to use those actions.
*
* Developed and tested using the PmWiki 2.2.0-beta series.
*
* To install, add the following line to your configuration file :
include_once("$FarmD/cookbook/attachtable.php");
*
* For more information, please see the online documentation at
* http://www.pmwiki.org/wiki/Cookbook/Attachtable
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License, Version 2, as
* published by the Free Software Foundation.
* http://www.gnu.org/copyleft/gpl.html
*/
/*
* Modified 9 Feb 2008 by Aidin Abedi <fooguru@msn.com>
* use UserAuth recipe to support specific page and group auth access
*/
$RecipeInfo['Attachtable']['Version'] = '2008-02-09';
SDVA( $HandleActions, array(
'delattach' => 'HandleDeleteAttachment',
'renameattach' => 'HandleRenameAttachment',
'downloaddeleted' => 'HandleDownloadDeleted' ) );
SDVA( $AttachTableActions, array(
'upload' => 'upload'
) );
SDVA( $AttachTableActions, array(
'delattach' => $AttachTableActions['upload'], # deleting a file from PmWiki while keeping it on disk
'deldelattach' => $AttachTableActions['upload'] # deleting a file from disk
) );
SDVA( $AttachTableActions, array(
'undelattach' => $AttachTableActions['delattach'], # restoring a file
'renameattach' => $AttachTableActions['deldelattach'] # renaming a file
) );
SDVA( $AttachTableActions, array(
'downloaddeleted' => $AttachTableActions['undelattach'] # download a deleted file
) );
XLSDV( 'en', array(
'ULdelsuccess' => 'successfully deleted',
'ULundelsuccess' => 'successfully restored',
'ULrenamesuccess' => 'successfully renamed',
'ULisdir' => 'can\'t act on directory',
'ULdelfail' => 'file delete error',
'ULrenamefail' => 'file rename error' ) );
Markup('attachtable', 'directives',
'/\\(:attachtable\\s*(.*?):\\)/ei',
"Keep(FmtAttachtable('$pagename',PSS('$1')))");
## action to delete attachment
## usage: ?action=delattach&upname=filename
function HandleDeleteAttachment($pagename, $auth = 'upload') {
global $UploadFileFmt, $LastModFile, $EnableUploadVersions, $Now, $AttachTableActions;
$upname = $_REQUEST['upname'];
if ($upname=='') Abort("?no attachment name");
$deleted = preg_match( '/^(.*?)(,[0-9]+)$/', $upname, $delmatch );
$delfromdisk = $deleted || !IsEnabled($EnableUploadVersions, 0);
if ( $delfromdisk ) $auth = $AttachTableActions['deldelattach'];
//$page = RetrieveAuthPage( $pagename, $auth, true, READPAGE_CURRENT );
$page = UserAuth($pagename, $auth, false);
if (!$page) Abort("?cannot delete attachment from $pagename");
$upname = $deleted ?
MakeUploadName( $pagename, $delmatch[1] ) . $delmatch[2] :
MakeUploadName( $pagename, $upname );
$filepath = FmtPageName("$UploadFileFmt/$upname",$pagename);
if ( file_exists($filepath) ) {
if ( is_dir($filepath) ) $result = 'isdir';
else {
$r = $delfromdisk ?
unlink($filepath) :
rename($filepath, "$filepath,$Now");
if ($LastModFile) { touch($LastModFile); fixperms($LastModFile); }
$result = $r ? 'delsuccess' : ( $delfromdisk ? 'delfail' : 'renamefail' );
}
} else
$result = 'badname';
Redirect($pagename,"{\$PageUrl}?action=upload&uprname=$upname&upresult=$result");
}
## action to rename attachment
## usage: ?action=renameattach&upname=filename&newname=filename
function HandleRenameAttachment($pagename, $auth = 'upload') {
global $AttachTableActions, $UploadFileFmt, $LastModFile;
## check file
$upname = $_REQUEST['upname'];
if ($upname=='') Abort("?no attachment name");
$deleted = preg_match( '/^(.*?)(,[0-9]+)$/', $upname, $delmatch );
if ($deleted) {
$dname = MakeUploadName( $pagename, $delmatch[1] );
$upname = $dname . $delmatch[2];
} else {
$upname = MakeUploadName( $pagename, $upname );
}
$oldfilepath = FmtPageName( "$UploadFileFmt/$upname", $pagename );
if ( !file_exists($oldfilepath) ) Abort("?no such attachment: $upname");
if ( is_dir($oldfilepath) ) {
Redirect( $pagename, "{\$PageUrl}?action=upload&uprname=$upname&upresult=isdir" );
return;
}
## new name
$upname = $_REQUEST['newname'];
if ($upname=='') Abort("?no new attachment name<noscript> - enable JavaScript to prompt for filename or add <code>&newname=[filename]</code> to this page's URL</noscript>");
$upname = MakeUploadName( $pagename, $upname );
## check authorization
if ($deleted) {
//if ( !RetrieveAuthPage( $pagename, $HandleAuth['undelattach'], TRUE, READPAGE_CURRENT ) )
if ( !UserAuth($pagename, $AttachTableActions['undelattach'], false) )
Abort("?cannot restore attachment from $pagename");
//if ( ( $dname != $upname ) && !RetrieveAuthPage( $pagename, $HandleAuth['renameattach'], TRUE, READPAGE_CURRENT ) )
if ( ( $dname != $upname ) && !UserAuth($pagename, $AttachTableActions['renameattach'], false) )
Abort("?cannot restore attachment from $pagename with a different name");
} else {
//if ( !RetrieveAuthPage( $pagename, $HandleAuth['renameattach'], TRUE, READPAGE_CURRENT ) )
if ( !UserAuth($pagename, $AttachTableActions['renameattach'], false) )
Abort("?cannot rename attachment from $pagename");
}
## verify & rename
if ($upname=='') {
$upname = $_REQUEST['newname'];
$result = 'upresult=badname';
} else {
$newfilepath = FmtPageName( "$UploadFileFmt/$upname", $pagename );
$result = UploadVerifyRename( $oldfilepath, $newfilepath );
if ( $result == '' ) {
$r = rename( $oldfilepath, $newfilepath );
if ($LastModFile) { touch($LastModFile); fixperms($LastModFile); }
$result = $r ? ( $deleted ? 'upresult=undelsuccess' : 'upresult=renamesuccess' ) : 'upresult=renamefail';
}
}
Redirect( $pagename, "{\$PageUrl}?action=upload&uprname=$upname&$result" );
}
function UploadVerifyRename( $oldfilepath, $newfilepath ) {
global $UploadExtSize;
if ( file_exists( $newfilepath ) ) return 'upresult=exists';
preg_match( '/\\.([^.\\/]+)$/', $newfilepath, $match ); $ext = @$match[1];
$maxsize = $UploadExtSize[$ext];
if ( $maxsize <= 0 ) return "upresult=badtype&upext=$ext";
$size = filesize($oldfilepath);
if ( $size > $maxsize ) return "upresult=toobigext&upext=$ext&upmax=$maxsize";
/* for now, can't rename across directories so no point in checking $UploadPrefixQuota or $UploadDirQuota
global $UploadPrefixQuota;
$filedirs = preg_replace( '#/[^/]*$#', '', array( $oldfilepath, $newfilepath ) );
if ( $UploadPrefixQuota && ( $filedirs[0] != $filedirs[1] ) && ( ( dirsize($filedirs[1]) + $size ) > $UploadPrefixQuota ) )
return 'upresult=pquota';
*/
return '';
}
## action to download deleted (ie. renamed) attachment
## usage: ?action=downloaddeleted&upname=filename,timestamp
function HandleDownloadDeleted( $pagename, $auth = 'upload' ) {
global $UploadFileFmt, $UploadExts, $DownloadDisposition;
SDV($DownloadDisposition, "inline");
$upname = $_REQUEST['upname'];
if ( !preg_match( '/^(.*?)(,[0-9]+)$/', $upname, $delmatch ) )
Redirect($pagename,"{\$PageUrl}?action=download&upname=$upname");
//$page = RetrieveAuthPage( $pagename, $auth, true, READPAGE_CURRENT );
$page = UserAuth($pagename, 'auth', false);
if (!$page) Abort("?cannot read $pagename");
$upname = MakeUploadName( $pagename, $delmatch[1] ) . $delmatch[2];
$filepath = FmtPageName("$UploadFileFmt/$upname", $pagename);
if ( !$upname || !file_exists($filepath) ) {
header("HTTP/1.0 404 Not Found");
Abort("?requested file not found");
exit();
}
preg_match( '/\\.([^.]+)$/', $delmatch[1], $match );
if ( $UploadExts[@$match[1]] ) header( "Content-Type: {$UploadExts[@$match[1]]}" );
header( "Content-Length: ".filesize($filepath) );
header( "Content-disposition: $DownloadDisposition; filename={$delmatch[1]}" );
$fp = fopen( $filepath, "r" );
if ($fp) {
while (!feof($fp)) echo fread($fp, 4096);
fclose($fp);
}
exit();
}
## show attachments
## based on FmtUploadList in upload.php
function FmtAttachtable($pagename, $args) {
global $UploadDir, $UploadPrefixFmt, $UploadUrlFmt, $TimeFmt, $AttachTableActions,
$EnableUploadOverwrite, $EnableUploadVersions, $EnableDirectDownload,
$DefaultGroup, $DefaultName, $AttachtableDataFields, $AttachtableFileCheck;
SDV( $AttachtableDataFields, array( 'size', 'modtime' ) );
## options
$opt = ParseArgs($args);
if (@$opt[''][0]) $pagename = MakePageName($pagename, $opt[''][0]);
else $pagename = MakePageName("$DefaultGroup.$DefaultName",$pagename);
if (@$opt['ext'])
$matchext = '/\\.(' . implode('|', preg_split('/\\W+/', $opt['ext'], -1, PREG_SPLIT_NO_EMPTY)) . ')(?:,[0-9]+)?$/i';
if ( array_key_exists( 'data', $opt ) )
switch( $opt['data'] ) {
case 'all':
$data = array( 'size', 'mimetype', 'modtime' );
break;
case 'none':
$data = array();
break;
case 'default':
$data = array_unique($AttachtableDataFields);
break;
default:
$data = array_unique( preg_split( '/\\W+/', $opt['data'], -1, PREG_SPLIT_NO_EMPTY ) );
}
else $data = array_unique($AttachtableDataFields);
$cols = array();
foreach( $data as $x ) {
if ( in_array( $x, $AttachtableDataFields ) )
$cols[$x] = 1;
}
$hidedeleted = ( array_key_exists('-',$opt) && in_array( 'deleted', $opt['-'] ) );
## authorization check
$auth = array(
'upload' => 0,
'delattach' => 0,
'undelattach' => 0,
'renameattach' => 0,
'deldelattach' => 0,
'downloaddeleted' => 0
);
switch( @$opt['actions'] ) {
case 'all':
foreach( $auth as $n => $a ) $auth[$n] = 1;
case 'none':
break;
default:
if ( @$opt[''][0] != '*' ) {
$ac = array();
foreach( $auth as $n => $a ) {
$h = $AttachTableActions[$n];
if (!UserAuth($pagename, $h, false)) $h = '';
if ( !array_key_exists( $h, $ac ) ) $ac[$h] = CondAuth( $pagename, $h );
$auth[$n] = $a || $ac[$h];
}
}
}
if ( !$EnableUploadOverwrite ) $auth['upload'] = 0;
$confirmdel = !IsEnabled( $EnableUploadVersions, 0 );
if ( $confirmdel ) $auth['delattach'] = $auth['deldelattach'];
## locations
$pageurl = FmtPageName( '$PageUrl', $pagename );
$uploaddir = FmtPageName( "$UploadDir$UploadPrefixFmt", $pagename );
$uploadurl = FmtPageName(
IsEnabled($EnableDirectDownload, 1) ? "$UploadUrlFmt$UploadPrefixFmt/" : "\$PageUrl?action=download&upname=",
$pagename );
## external file check
if( $extfc = function_exists(@$AttachtableFileCheck) )
$AttachtableFileCheck( $pagename, '', $uploaddir, $opt );
## read files
$dirp = @opendir($uploaddir);
if (!$dirp) return '(no attached files)';
$filelist = array();
while ( ( $file = readdir($dirp) ) !== false ) {
if ( $file{0} == '.' ) continue;
if ( @$matchext && !preg_match(@$matchext, $file) ) continue;
if ( $extfc && !$AttachtableFileCheck( $pagename, $file ) ) continue;
$filelist[$file] = $file;
}
closedir($dirp);
natcasesort($filelist);
## output
$restore = $deldel = $change = $rename = $delete = '';
$out = array();
if ( !array_key_exists('-',$opt) || !in_array('titlerow',$opt['-']) ) {
$s = '<tr class=\'titlerow\'><td></td>';
foreach( $data as $d )
switch($d) {
case 'size':
$s .= '<td>size (bytes)</td>';
break;
case 'mimetype':
$s .= '<td>MIME type</td>';
break;
case 'modtime':
$s .= '<td>last modified</td>';
}
$out[] = $s;
}
foreach( $filelist as $file ) {
$name = PUE("$uploadurl$file");
$filepath = "$uploaddir/$file";
$stat = stat($filepath);
if ( is_dir($filepath) ) {
if ($EnableDirectDownload) {
$s = "<tr class='dir'><td align='left'><a href='$name' title='View directory'>$file/</a></td>";
foreach( $data as $d )
switch($d) {
case 'size':
$s .= '<td></td>';
break;
case 'mimetype':
$s .= '<td>directory</td>';
break;
case 'modtime':
$s .= '<td>'.strftime($TimeFmt, $stat['mtime']).'</td>';
}
$out[] = $s;
}
continue;
}
$confirm = "onclick=\"return confirm('Really delete $file?')\"";
$aopt = "rel='nofollow' class='createlink' href='$pageurl?upname=$file&action";
if ( preg_match( '/^(.*?),([0-9]+)$/', $file, $delmatch ) ) {
if ( $hidedeleted ) continue;
$dname = $delmatch[1];
$dtime = strftime( $TimeFmt, $delmatch[2] );
if ($auth['undelattach']) $restore = "<a $aopt=renameattach&newname=$dname' title='Restore (removed $dtime)'" .
( $auth['renameattach'] ?
" onclick='if(n=prompt(\"Restore $dname (removed $dtime) as:\",\"$dname\")) document.location=\"$pageurl?action=renameattach&upname=$file&newname=\"+n; return false;'" :
'' ) .
'> R </a>';
if ($auth['deldelattach']) $deldel = "<a $aopt=delattach' title='Delete from disk (removed $dtime)' $confirm> X </a>";
if ($auth['downloaddeleted']) $dname = "<a rel='nofollow' href='$pageurl?action=downloaddeleted&upname=$file' title='Download (removed $dtime)'>$dname</a>";
$s = "<tr class='del' title='File removed $dtime'><td align='left'>$dname $restore $deldel</td>";
} else {
if ($auth['upload']) $change = "<a $aopt=upload' title='Upload new version'> Δ </a>";
if ($auth['renameattach']) $rename = "<a $aopt=renameattach' class='' title='Rename' onclick='if(n=prompt(\"Rename $file as:\",\"$file\")) document.location=\"$pageurl?action=renameattach&upname=$file&newname=\"+n; return false;'> R </a>";
if ($auth['delattach']) $delete = ( $confirmdel ?
"<a $aopt=delattach' title='Delete from disk' $confirm> X </a>" :
"<a $aopt=delattach' title='Delete'> X </a>" );
$s = "<tr><td align='left'><a href='$name' title='View'>$file</a> $change $rename $delete</td>";
}
foreach( $data as $d )
switch($d) {
case 'size':
$s .= '<td>'.number_format($stat['size']).'</td>';
break;
case 'mimetype':
$s .= '<td>'.mimetype($filepath).'</td>';
break;
case 'modtime':
$s .= '<td>'.strftime($TimeFmt, $stat['mtime']).'</td>';
}
$out[] = $s;
}
return '<table style=\'text-align:right;\' class=\'attachtable\'>'.implode("</tr>\n",$out).'</tr></table>';
}
/* a framework to use for defining a custom file check function
$AttachtableFileCheck = 'MyFileCheck';
function MyFileCheck( $pagename, $file, $dir=FALSE, $opt=FALSE ) {
// the use of the 'skip' parameter is completely optional
## $file is the file name
## defined only when initialising, $dir is the files' directory
## defined only when initialising, $opt is the output of the ParseArgs function
static $skip = FALSE;
if ($opt) {
if ( @$opt['skip'] && ( $skip = $opt['skip'] ) ) { # note assignment
// $skip here has the string value that was passed to it using (:attachtable skip=...:)
}
// more initialisation code
}
if ( $skip && $file ) {
// check that file is ok
}
return TRUE; ## return indicates whether the file should (TRUE) or should not (FALSE) be listed
}
*/
function mimetype($filename) {
if ( function_exists('mime_content_type') ) {
$m = mime_content_type($filename);
} else if ( function_exists('finfo_open') ) {
$finfo = finfo_open(FILEINFO_MIME);
$m = finfo_file($finfo, $filename);
finfo_close($finfo);
} else $m = '';
if ( !$m || ( $m == 'text/plain' ) ) {
$m = trim( exec( 'file -bi ' . escapeshellarg($filename) ) );
if ( $n = strpos($m,';') ) $m = substr($m,0,$n);
if (!$m) {
global $UploadExts;
preg_match( '/\\.([^.]+)$/', $filename, $ext );
if ( @$ext[1] && array_key_exists( $ext[1], $UploadExts ) )
$m = $UploadExts[$ext[1]];
}
}
return $m;
}