/* * This file is a part of Winix * and is not publicly distributed * * Copyright (c) 2008-2010, Tomasz Sowa * All rights reserved. * */ #include #include #include #include #include "upload.h" #include "core/misc.h" #include "functions/functions.h" namespace Fun { Upload::Upload() { fun.url = "upload"; } bool Upload::HasAccess(const Item & item) { // you can use 'upload' only in a directory if( item.type != Item::dir ) return false; // we must know where to store the file if( !system->mounts.pmount ) return false; if( system->mounts.pmount->fs == Mount::simplefs && config->auth_simplefs_dir.empty() ) { log << log1 << "Request: can't use upload function, auth_simplefs_dir must be set in the config file" << logend; return false; } if( system->mounts.pmount->fs == Mount::hashfs && config->auth_hashfs_dir.empty() ) { log << log1 << "Request: can't use upload function, auth_hashfs_dir must be set in the config file" << logend; return false; } if( config->auth_tmp_dir.empty() ) { log << log1 << "Request: can't use upload function, auth_tmp_dir must be set in the config file" << logend; return false; } if( request->session->puser && request->session->puser->super_user ) // super user can use upload everywhere return true; if( !system->HasWriteAccess(item) ) return false; return true; } bool Upload::HasAccess() { if( request->is_item || !HasAccess(*request->dir_tab.back()) ) return false; return true; } bool Upload::UploadCreatePath() { if( !system->MakePath(request->item, true) ) { request->status = WINIX_ERR_PERMISSION_DENIED; return false; } return true; } void Upload::UploadSaveFile(const std::string & tmp_filename, const std::string & destination) { if( rename(tmp_filename.c_str(), destination.c_str()) == 0 ) { log << log1 << "Content: uploaded a new file: " << destination << logend; } else { int err = errno; // !! skasowac takze plik z bazy danych? log << log1 << "Content: can't move the tmp file from: " << tmp_filename << ", to: " << destination << ", "; log.SystemErr(err); log << logend; request->status = WINIX_ERR_PERMISSION_DENIED; } } bool Upload::FunUploadCheckAbuse() { if( !system->rebus.CheckRebus() ) { request->status = WINIX_ERR_INCORRECT_REBUS; return false; } functions->CheckGetPostTimes(4); if( request->session->spam_score > 0 ) { request->status = WINIX_ERR_SPAM; log << log1 << "Content: ignoring due to suspected spamming" << logend; return false; } return true; } void Upload::UploadMulti() { request->item.Clear(); // clearing and setting date request->item.parent_id = request->dir_tab.back()->id; request->item.type = Item::file; request->item.privileges = 0644; // !! tymczasowo functions->SetUser(request->item); PostFileTab::iterator i = request->post_file_tab.begin(); for( ; i != request->post_file_tab.end() ; ++i) { const char * file_name = i->second.filename.c_str(); request->item.subject = file_name; request->item.url = file_name; request->item.auth = SelectFileType(file_name); system->PrepareUrl(request->item); request->status = system->AddFile(request->item); if( !UploadCreatePath() ) return; if( request->status == WINIX_ERR_OK ) { UploadSaveFile(i->second.tmp_filename, request->item.auth_path); request->status = db->EditAuthById(request->item, request->item.id); } } system->RedirectToLastDir(); } void Upload::UploadSingle() { std::string * new_subject = request->PostVar("subject"); std::string * new_url = request->PostVar("url"); bool has_subject = (new_subject && (*new_subject)[0] != 0 ); bool has_url = (new_url && (*new_url)[0] != 0 ); functions->ReadItem(request->item, Item::file); // ReadItem() changes the url if it is empty functions->SetUser(request->item); request->item.privileges = 0644; // !! tymczasowo const char * file_name = request->post_file_tab.begin()->second.filename.c_str(); request->item.auth = SelectFileType(file_name); if( !has_subject ) request->item.subject = file_name; if( !has_url ) { request->item.url = file_name; system->PrepareUrl(request->item); } request->status = system->AddFile(request->item); // url can be changed by PostFunEmacsAdd() if( !UploadCreatePath() ) return; if( request->status == WINIX_ERR_OK ) { const std::string & tmp_filename = request->post_file_tab.begin()->second.tmp_filename; UploadSaveFile(tmp_filename, request->item.auth_path); request->status = db->EditAuthById(request->item, request->item.id); } if( request->status == WINIX_ERR_OK ) system->RedirectTo(request->item, "/cat"); } // !! dodac usuwanie plikow statycznych przez rm void Upload::MakePost() { if( request->post_file_tab.empty() ) { request->status = WINIX_ERR_PERMISSION_DENIED; return; } if( !FunUploadCheckAbuse() ) return; if( request->post_file_tab.size() > 1 ) UploadMulti(); else UploadSingle(); } } // namespace