/* * This file is a part of CMSLU -- Content Management System like Unix * and is not publicly distributed * * Copyright (c) 2008-2009, Tomasz Sowa * All rights reserved. * */ #include #include #include #include #include "content.h" #include "../core/request.h" #include "../core/data.h" #include "../core/misc.h" bool Content::FunUploadCheckAccess() { if( request.is_item || !request.CanUseUpload(*request.dir_table.back()) ) { request.status = Error::permission_denied; return false; } return true; } bool Content::UploadCreatePath(std::string & path) { if( !request.MakePath(path, true) ) { request.status = Error::permission_denied; return false; } return true; } void Content::UploadSaveFile(const std::string & tmp_filename, const std::string & destination) { if( rename(tmp_filename.c_str(), destination.c_str()) == 0 ) { log << log1 << "Content: uploaded a new file: " << destination << logend; } else { int err = errno; // !! skasowac takze plik z bazy danych? log << log1 << "Content: can't move the tmp file from: " << tmp_filename << ", to: " << destination << ", "; log.SystemErr(err); log << logend; request.status = Error::permission_denied; } } bool Content::FunUploadCheckAbuse() { if( !CheckRebus() ) { request.status = Error::incorrect_rebus; request.session->done = Done::added_thread; request.session->done_status = Error::incorrect_rebus; return false; } CheckGetPostTimes(4); if( request.session->spam_score > 0 ) { request.status = Error::spam; request.session->done = Done::added_thread; request.session->done_status = Error::spam; log << log1 << "Content: ignoring due to suspected spamming" << logend; return false; } return true; } void Content::UploadMulti() { request.item.Clear(); // clearing and setting date request.item.parent_id = request.dir_table.back()->id; request.item.type = Item::file; request.item.privileges = 0644; // !! tymczasowo SetUser(request.item); PostFileTable::iterator i = request.post_file_table.begin(); for( ; i != request.post_file_table.end() ; ++i) { const char * file_name = i->second.filename.c_str(); request.item.subject = file_name; request.item.url = file_name; request.item.static_auth = SelectFileType(file_name); PrepareUrl(request.item); PostFunEmacsAdd(); // always adding a new item if( !UploadCreatePath(tmp_path) ) return; if( request.session->done_status == Error::ok ) UploadSaveFile(i->second.tmp_filename, tmp_path); } RedirectToLastDir(); } void Content::UploadSingle() { std::string * new_subject = request.PostVar("subject"); std::string * new_url = request.PostVar("url"); bool has_subject = (new_subject && (*new_subject)[0] != 0 ); bool has_url = (new_url && (*new_url)[0] != 0 ); ReadItem(request.item, Item::file); // ReadItem() changes the url if it is empty request.item.privileges = 0644; // !! tymczasowo const char * file_name = request.post_file_table.begin()->second.filename.c_str(); request.item.static_auth = SelectFileType(file_name); if( !has_subject ) request.item.subject = file_name; if( !has_url ) { request.item.url = file_name; PrepareUrl(request.item); } PostFunEmacsAdd(); // always adding a new item if( request.session->done_status == Error::ok ) { const std::string & tmp_filename = request.post_file_table.begin()->second.tmp_filename; if( !UploadCreatePath(tmp_path) ) return; UploadSaveFile(tmp_filename, tmp_path); } if( request.session->done_status == Error::ok ) { if( !request.IsParam("ckeditor_upload") ) RedirectTo(request.item); } } // !! dodac usuwanie plikow statycznych przez rm void Content::PostFunUpload() { if( !FunUploadCheckAccess() ) return; if( request.post_file_table.empty() ) { request.status = Error::permission_denied; return; } if( !FunUploadCheckAbuse() ) return; if( request.post_file_table.size() > 1 ) UploadMulti(); else UploadSingle(); } void Content::FunUpload() { FunUploadCheckAccess(); }