#833054: argument 2 for filefield_view_access() revisited.
[project/filefield.git] / filefield.module
CommitLineData
a679aaae
NH
1<?php
2// $Id$
d2f124d5 3
d93afe47
DP
4/**
5 * @file
0da420f9 6 * FileField: Defines a CCK file field type.
6413f0f6 7 *
945e9f37
JP
8 * Uses content.module to store the fid and field specific metadata,
9 * and Drupal's {files} table to store the actual file data.
d93afe47
DP
10 */
11
8bc19ff9 12// FileField API hooks should always be available.
437de506
NH
13require_once dirname(__FILE__) . '/field_file.inc';
14require_once dirname(__FILE__) . '/filefield_widget.inc';
c7acc8fb 15
d2f124d5
DP
16/**
17 * Implementation of hook_init().
18 */
db33b245 19function filefield_init() {
6040fe25 20 // File hooks and callbacks may be used by any module.
bad2b17f 21 drupal_add_css(drupal_get_path('module', 'filefield') .'/filefield.css');
6040fe25
NH
22
23 // Conditional module support.
24 if (module_exists('token')) {
25 module_load_include('inc', 'filefield', 'filefield.token');
26 }
d2f124d5 27}
9412a7cc 28
382b6b6f
JP
29/**
30 * Implementation of hook_menu().
31 */
32function filefield_menu() {
d93afe47
DP
33 $items = array();
34
aa3a8ca0 35 $items['filefield/ahah/%/%/%'] = array(
382b6b6f 36 'page callback' => 'filefield_js',
e76d77f0 37 'page arguments' => array(2, 3, 4),
f1113abd 38 'access callback' => 'filefield_edit_access',
8c7a91fb 39 'access arguments' => array(2, 3),
382b6b6f
JP
40 'type' => MENU_CALLBACK,
41 );
e3623331
NH
42 $items['filefield/progress'] = array(
43 'page callback' => 'filefield_progress',
44 'access arguments' => array('access content'),
45 'type' => MENU_CALLBACK,
46 );
47
d93afe47
DP
48 return $items;
49}
50
51/**
0c08790f
JP
52 * Implementation of hook_elements().
53 */
54function filefield_elements() {
55 $elements = array();
b5b36882 56 $elements['filefield_widget'] = array(
0c08790f 57 '#input' => TRUE,
28b1c58e 58 '#columns' => array('fid', 'list', 'data'),
d2f124d5 59 '#process' => array('filefield_widget_process'),
d2f124d5 60 '#value_callback' => 'filefield_widget_value',
ecbb2c26 61 '#element_validate' => array('filefield_widget_validate'),
0c08790f 62 );
0c08790f
JP
63 return $elements;
64}
65
66/**
382b6b6f 67 * Implementation of hook_theme().
22e736e6 68 * @todo: autogenerate theme registry entrys for widgets.
382b6b6f
JP
69 */
70function filefield_theme() {
71 return array(
c147cceb
DP
72 'filefield_file' => array(
73 'arguments' => array('file' => NULL),
74 'file' => 'filefield_formatter.inc',
75 ),
76 'filefield_icon' => array(
77 'arguments' => array('file' => NULL),
78 'file' => 'filefield.theme.inc',
79 ),
d2f124d5 80 'filefield_widget' => array(
5983a6bc 81 'arguments' => array('element' => NULL),
d2f124d5 82 'file' => 'filefield_widget.inc',
5983a6bc 83 ),
c4c7e990 84 'filefield_widget_item' => array(
bad2b17f
DP
85 'arguments' => array('element' => NULL),
86 'file' => 'filefield_widget.inc',
87 ),
c4c7e990 88 'filefield_widget_preview' => array(
8a154cf2 89 'arguments' => array('element' => NULL),
db33b245 90 'file' => 'filefield_widget.inc',
8a154cf2 91 ),
3897ed27
NH
92 'filefield_widget_file' => array(
93 'arguments' => array('element' => NULL),
94 'file' => 'filefield_widget.inc',
95 ),
c4c7e990
DP
96
97
bc63d6a9 98 'filefield_formatter_default' => array(
382b6b6f 99 'arguments' => array('element' => NULL),
c147cceb 100 'file' => 'filefield_formatter.inc',
382b6b6f 101 ),
3dd27e3f
NH
102 'filefield_formatter_url_plain' => array(
103 'arguments' => array('element' => NULL),
104 'file' => 'filefield_formatter.inc',
105 ),
106 'filefield_formatter_path_plain' => array(
107 'arguments' => array('element' => NULL),
108 'file' => 'filefield_formatter.inc',
109 ),
c4c7e990 110 'filefield_item' => array(
a1f1332d 111 'arguments' => array('file' => NULL, 'field' => NULL),
c147cceb 112 'file' => 'filefield_formatter.inc',
b85662ff 113 ),
c4c7e990
DP
114 'filefield_file' => array(
115 'arguments' => array('file' => NULL),
c147cceb 116 'file' => 'filefield_formatter.inc',
382b6b6f 117 ),
7e784adc 118
c4c7e990 119 );
cdf9e275
JP
120}
121
122/**
a4d358d4 123 * Implementation of hook_file_download().
f1113abd 124 */
e98b8da6
NH
125function filefield_file_download($filepath) {
126 $filepath = file_create_path($filepath);
127 $result = db_query("SELECT * FROM {files} WHERE filepath = '%s'", $filepath);
128
129 // Ensure case-sensitivity of uploaded file names.
130 while ($file = db_fetch_object($result)) {
131 if (strcmp($file->filepath, $filepath) == 0) {
132 break;
133 }
134 }
8a29f595 135
e98b8da6
NH
136 // If the file is not found in the database, we're not responsible for it.
137 if (!isset($file)) {
cdf9e275
JP
138 return;
139 }
8a29f595 140
a4d358d4 141 // Find out if any file field contains this file, and if so, which field
f1113abd
JP
142 // and node it belongs to. Required for later access checking.
143 $cck_files = array();
144 foreach (content_fields() as $field) {
2d140ce4 145 if ($field['type'] == 'filefield' || $field['type'] == 'image') {
f1113abd
JP
146 $db_info = content_database_info($field);
147 $table = $db_info['table'];
148 $fid_column = $db_info['columns']['fid']['column'];
149
150 $columns = array('vid', 'nid');
151 foreach ($db_info['columns'] as $property_name => $column_info) {
152 $columns[] = $column_info['column'] .' AS '. $property_name;
153 }
154 $result = db_query("SELECT ". implode(', ', $columns) ."
155 FROM {". $table ."}
156 WHERE ". $fid_column ." = %d", $file->fid);
157
158 while ($content = db_fetch_array($result)) {
159 $content['field'] = $field;
160 $cck_files[$field['field_name']][$content['vid']] = $content;
161 }
162 }
382b6b6f 163 }
0b168c78
NH
164
165 // If no file field item is involved with this file, we don't care about it,
166 // unless it's a newly uploaded image that isn't yet associated with a field.
167 if (empty($cck_files) && !($file->status == 0 && isset($_SESSION['filefield_access']) && in_array($file->fid, $_SESSION['filefield_access']))) {
f1113abd
JP
168 return;
169 }
170
f1113abd 171 // So the overall field view permissions are not denied, but if access is
a4d358d4
NH
172 // denied for ALL nodes containing the file, deny the download as well.
173 // Node access checks also include checking for 'access content'.
f1113abd 174 $nodes = array();
07083e2f 175 $denied = TRUE;
f1113abd
JP
176 foreach ($cck_files as $field_name => $field_files) {
177 foreach ($field_files as $revision_id => $content) {
178 // Checking separately for each revision is probably not the best idea -
179 // what if 'view revisions' is disabled? So, let's just check for the
180 // current revision of that node.
181 if (isset($nodes[$content['nid']])) {
e59fd0df 182 continue; // Don't check the same node twice.
f1113abd 183 }
7d1bd72d 184 if (($node = node_load($content['nid'])) && (node_access('view', $node) && filefield_view_access($field_name))) {
07083e2f
NH
185 $denied = FALSE;
186 break 2;
f1113abd
JP
187 }
188 $nodes[$content['nid']] = $node;
189 }
07083e2f
NH
190 }
191
192 if ($denied) {
193 return -1;
59b7732d 194 }
cdf9e275 195
e59fd0df 196 // Access is granted.
cdf9e275
JP
197 $name = mime_header_encode($file->filename);
198 $type = mime_header_encode($file->filemime);
f460ded7
NH
199 // By default, serve images, text, and flash content for display rather than
200 // download. Or if variable 'filefield_inline_types' is set, use its patterns.
201 $inline_types = variable_get('filefield_inline_types', array('^text/', '^image/', 'flash$'));
202 $disposition = 'attachment';
203 foreach ($inline_types as $inline_type) {
204 // Exclamation marks are used as delimiters to avoid escaping slashes.
205 if (preg_match('!' . $inline_type . '!', $file->filemime)) {
206 $disposition = 'inline';
207 }
208 }
cdf9e275 209 return array(
bfad3097 210 'Content-Type: ' . $type . '; name="' . $name . '"',
798efe06
NH
211 'Content-Length: ' . $file->filesize,
212 'Content-Disposition: ' . $disposition . '; filename="' . $name . '"',
cdf9e275
JP
213 'Cache-Control: private',
214 );
59b7732d
DP
215}
216
175b9f21 217/**
f6e58c1c
NH
218 * Implementation of hook_views_api().
219 */
220function filefield_views_api() {
221 return array(
222 'api' => 2.0,
223 'path' => drupal_get_path('module', 'filefield') . '/views',
224 );
225}
226
227/**
175b9f21 228 * Implementation of hook_form_alter().
229 *
fb9dd5b8 230 * Set the enctype on forms that need to accept file uploads.
175b9f21 231 */
232function filefield_form_alter(&$form, $form_state, $form_id) {
fb9dd5b8 233 // Field configuration (for default images).
d8161e7c
NH
234 if ($form_id == 'content_field_edit_form' && isset($form['#field']) && $form['#field']['type'] == 'filefield') {
235 $form['#attributes']['enctype'] = 'multipart/form-data';
236 }
237
fb9dd5b8 238 // Node forms.
d8161e7c
NH
239 if (preg_match('/_node_form$/', $form_id)) {
240 $form['#attributes']['enctype'] = 'multipart/form-data';
175b9f21 241 }
242}
c985d8bc 243
45f2943f 244/**
d2f124d5
DP
245 * Implementation of CCK's hook_field_info().
246 */
247function filefield_field_info() {
248 return array(
249 'filefield' => array(
7982f68b 250 'label' => t('File'),
d2f124d5
DP
251 'description' => t('Store an arbitrary file.'),
252 ),
253 );
254}
255
256/**
257 * Implementation of hook_field_settings().
258 */
259function filefield_field_settings($op, $field) {
b4620340
DP
260 $return = array();
261
56f3f61b 262 module_load_include('inc', 'filefield', 'filefield_field');
d2f124d5 263 $op = str_replace(' ', '_', $op);
d2f124d5
DP
264 $function = 'filefield_field_settings_'. $op;
265 if (function_exists($function)) {
90b9a66c 266 $result = $function($field);
267 if (isset($result) && is_array($result)) {
268 $return = $result;
269 }
d2f124d5 270 }
b4620340 271
b4620340
DP
272 return $return;
273
d2f124d5
DP
274}
275
276/**
8a669752 277 * Implementation of CCK's hook_field().
45f2943f 278 */
d2f124d5 279function filefield_field($op, $node, $field, &$items, $teaser, $page) {
56f3f61b 280 module_load_include('inc', 'filefield', 'filefield_field');
d2f124d5
DP
281 $op = str_replace(' ', '_', $op);
282 // add filefield specific handlers...
283 $function = 'filefield_field_'. $op;
284 if (function_exists($function)) {
285 return $function($node, $field, $items, $teaser, $page);
cdf9e275
JP
286 }
287}
288
c985d8bc 289/**
d2f124d5 290 * Implementation of CCK's hook_widget_settings().
c985d8bc 291 */
d2f124d5 292function filefield_widget_settings($op, $widget) {
eb21e5bd
NH
293 switch ($op) {
294 case 'form':
295 return filefield_widget_settings_form($widget);
296 case 'save':
297 return filefield_widget_settings_save($widget);
29d050ce 298 }
cdf9e275 299}
d2f124d5
DP
300
301/**
302 * Implementation of hook_widget().
303 */
304function filefield_widget(&$form, &$form_state, $field, $items, $delta = 0) {
0b168c78
NH
305 if (module_exists('devel_themer') && (user_access('access devel theme information') || user_access('access devel information'))) {
306 drupal_set_message(t('Files may not be uploaded while the Theme Developer tool is enabled. It is highly recommended to <a href="!url">disable this module</a> unless it is actively being used.', array('!url' => url('admin/build/modules'))), 'error');
307 }
308
2be7e4b0 309 // CCK doesn't give a validate callback at the field level...
0b168c78 310 // and FAPI's #require is naive to complex structures...
2be7e4b0 311 // we validate at the field level ourselves.
195dd796 312 if (empty($form['#validate']) || !in_array('filefield_node_form_validate', $form['#validate'])) {
2be7e4b0
DP
313 $form['#validate'][] = 'filefield_node_form_validate';
314 }
17b5e95f 315 $form['#attributes']['enctype'] = 'multipart/form-data';
5af49125 316
6f0f10d4 317 module_load_include('inc', 'filefield', 'field_widget');
c02fd5eb 318 module_load_include('inc', $field['widget']['module'], $field['widget']['module'] .'_widget');
6f0f10d4 319
c02fd5eb 320 $item = array('fid' => 0, 'list' => $field['list_default'], 'data' => array('description' => ''));
321 if (isset($items[$delta])) {
322 $item = array_merge($item, $items[$delta]);
323 }
d2f124d5 324 $element = array(
6e7782b4 325 '#title' => $field['widget']['label'],
d2f124d5 326 '#type' => $field['widget']['type'],
c02fd5eb 327 '#default_value' => $item,
dce479a8 328 '#upload_validators' => filefield_widget_upload_validators($field),
d2f124d5 329 );
c02fd5eb 330
d2f124d5
DP
331 return $element;
332}
333
334/**
dce479a8 335 * Get the upload validators for a file field.
336 *
87d3e491
NH
337 * @param $field
338 * A CCK field array.
339 * @return
340 * An array suitable for passing to file_save_upload() or the file field
dce479a8 341 * element's '#upload_validators' property.
342 */
343function filefield_widget_upload_validators($field) {
f92ea317
DP
344 $max_filesize = parse_size(file_upload_max_size());
345 if (!empty($field['widget']['max_filesize_per_file']) && parse_size($field['widget']['max_filesize_per_file']) < $max_filesize) {
346 $max_filesize = parse_size($field['widget']['max_filesize_per_file']);
dce479a8 347 }
348
1370eafc
NH
349 // Match the default value if no file extensions have been saved at all.
350 if (!isset($field['widget']['file_extensions'])) {
351 $field['widget']['file_extensions'] = 'txt';
352 }
353
dce479a8 354 $validators = array(
ad6bb31f
DP
355 // associate the field to the file on validation.
356 'filefield_validate_associate_field' => array($field),
f92ea317 357 'filefield_validate_size' => array($max_filesize),
ad6bb31f
DP
358 // Override core since it excludes uid 1 on the extension check.
359 // Filefield only excuses uid 1 of quota requirements.
dce479a8 360 'filefield_validate_extensions' => array($field['widget']['file_extensions']),
361 );
362 return $validators;
363}
364
dce479a8 365/**
d2f124d5
DP
366 * Implementation of CCK's hook_content_is_empty().
367 *
87d3e491
NH
368 * The result of this determines whether content.module will save the value of
369 * the field. Note that content module has some interesting behaviors for empty
370 * values. It will always save at least one record for every node revision,
371 * even if the values are all NULL. If it is a multi-value field with an
372 * explicit limit, CCK will save that number of empty entries.
d2f124d5
DP
373 */
374function filefield_content_is_empty($item, $field) {
6f0f10d4 375 return empty($item['fid']) || (int)$item['fid'] == 0;
d2f124d5
DP
376}
377
d2f124d5 378/**
a5e8cb10
NH
379 * Implementation of CCK's hook_content_diff_values().
380 */
381function filefield_content_diff_values($node, $field, $items) {
382 $return = array();
383 foreach ($items as $item) {
384 if (is_array($item) && !empty($item['filepath'])) {
385 $return[] = $item['filepath'];
386 }
387 }
388 return $return;
389}
390
391/**
8a669752
NH
392 * Implementation of CCK's hook_default_value().
393 *
394 * Note this is a widget-level hook, so it does not affect ImageField or other
395 * modules that extend FileField.
396 *
397 * @see content_default_value()
398 */
399function filefield_default_value(&$form, &$form_state, $field, $delta) {
00f6ebad
NH
400 // Reduce the default number of upload fields to one. CCK 2 (but not 3) will
401 // automatically add one more field than necessary. We use the
402 // content_multiple_value_after_build function to determine the version.
403 if (!function_exists('content_multiple_value_after_build') && !isset($form_state['item_count'][$field['field_name']])) {
8a669752
NH
404 $form_state['item_count'][$field['field_name']] = 0;
405 }
406
407 // The default value is actually handled in hook_widget().
408 // hook_default_value() is only helpful for new nodes, and we need to affect
409 // all widgets, such as when a new field is added via "Add another item".
410 return array();
411}
412
413/**
d2f124d5
DP
414 * Implementation of CCK's hook_widget_info().
415 */
416function filefield_widget_info() {
417 return array(
418 'filefield_widget' => array(
419 'label' => t('File Upload'),
57d2397f 420 'field types' => array('filefield'),
d2f124d5
DP
421 'multiple values' => CONTENT_HANDLE_CORE,
422 'callbacks' => array('default value' => CONTENT_CALLBACK_CUSTOM),
423 'description' => t('A plain file upload widget.'),
1370eafc 424 'file_extensions' => 'txt',
d2f124d5 425 ),
d2f124d5
DP
426 );
427}
428
429/**
430 * Implementation of CCK's hook_field_formatter_info().
431 */
432function filefield_field_formatter_info() {
433 return array(
bc63d6a9 434 'default' => array(
d2f124d5 435 'label' => t('Generic files'),
eb21e5bd 436 'field types' => array('filefield'),
d2f124d5
DP
437 'multiple values' => CONTENT_HANDLE_CORE,
438 'description' => t('Displays all kinds of files with an icon and a linked file description.'),
439 ),
3dd27e3f
NH
440 'path_plain' => array(
441 'label' => t('Path to file'),
442 'field types' => array('filefield'),
443 'description' => t('Displays the file system path to the file.'),
444 ),
445 'url_plain' => array(
446 'label' => t('URL to file'),
447 'field types' => array('filefield'),
448 'description' => t('Displays a full URL to the file.'),
449 ),
d2f124d5
DP
450 );
451}
452
d2f124d5 453/**
293cf420
NH
454 * Implementation of CCK's hook_content_generate(). Used by generate.module.
455 */
456function filefield_content_generate($node, $field) {
457 module_load_include('inc', 'filefield', 'filefield.devel');
458
459 if (content_handle('widget', 'multiple values', $field) == CONTENT_HANDLE_MODULE) {
460 return content_devel_multiple('_filefield_content_generate', $node, $field);
461 }
462 else {
463 return _filefield_content_generate($node, $field);
464 }
465}
466
467/**
d2f124d5
DP
468 * Determine the most appropriate icon for the given file's mimetype.
469 *
2c8026f2
NH
470 * @param $file
471 * A file object.
472 * @return
473 * The URL of the icon image file, or FALSE if no icon could be found.
d2f124d5
DP
474 */
475function filefield_icon_url($file) {
437de506 476 module_load_include('inc', 'filefield', 'filefield.theme');
d2f124d5
DP
477 return _filefield_icon_url($file);
478}
479
d2f124d5
DP
480/**
481 * Access callback for the JavaScript upload and deletion AHAH callbacks.
87d3e491 482 *
d2f124d5
DP
483 * The content_permissions module provides nice fine-grained permissions for
484 * us to check, so we can make sure that the user may actually edit the file.
485 */
8c7a91fb
NH
486function filefield_edit_access($type_name, $field_name) {
487 if (!content_access('edit', content_fields($field_name, $type_name))) {
ba13e2d4 488 return FALSE;
d2f124d5
DP
489 }
490 // No content permissions to check, so let's fall back to a more general permission.
8c7a91fb 491 return user_access('access content') || user_access('administer nodes');
d2f124d5
DP
492}
493
494/**
495 * Access callback that checks if the current user may view the filefield.
496 */
7d1bd72d
NH
497function filefield_view_access($field_name) {
498 if (!content_access('view', content_fields($field_name))) {
ba13e2d4 499 return FALSE;
d2f124d5
DP
500 }
501 // No content permissions to check, so let's fall back to a more general permission.
8c7a91fb 502 return user_access('access content') || user_access('administer nodes');
d2f124d5
DP
503}
504
22e736e6 505/**
87d3e491
NH
506 * Menu callback; Shared AHAH callback for uploads and deletions.
507 *
508 * This rebuilds the form element for a particular field item. As long as the
509 * form processing is properly encapsulated in the widget element the form
510 * should rebuild correctly using FAPI without the need for additional callbacks
511 * or processing.
22e736e6 512 */
aa3a8ca0 513function filefield_js($type_name, $field_name, $delta) {
22e736e6 514 $field = content_fields($field_name, $type_name);
7e784adc 515
22e736e6
DP
516 if (empty($field) || empty($_POST['form_build_id'])) {
517 // Invalid request.
a1144a54
NH
518 drupal_set_message(t('An unrecoverable error occurred. The uploaded file likely exceeded the maximum file size (@size) that this server supports.', array('@size' => format_size(file_upload_max_size()))), 'error');
519 print drupal_to_js(array('data' => theme('status_messages')));
22e736e6
DP
520 exit;
521 }
522
523 // Build the new form.
524 $form_state = array('submitted' => FALSE);
525 $form_build_id = $_POST['form_build_id'];
526 $form = form_get_cache($form_build_id, $form_state);
527
528 if (!$form) {
529 // Invalid form_build_id.
a1144a54
NH
530 drupal_set_message(t('An unrecoverable error occurred. This form was missing from the server cache. Try reloading the page and submitting again.'), 'error');
531 print drupal_to_js(array('data' => theme('status_messages')));
22e736e6
DP
532 exit;
533 }
aa3a8ca0 534
4b58ccde
NH
535 // Build the form. This calls the file field's #value_callback function and
536 // saves the uploaded file. Since this form is already marked as cached
537 // (the #cache property is TRUE), the cache is updated automatically and we
538 // don't need to call form_set_cache().
539 $args = $form['#parameters'];
540 $form_id = array_shift($args);
541 $form['#post'] = $_POST;
542 $form = form_builder($form_id, $form, $form_state);
543
544 // Update the cached form with the new element at the right place in the form.
22e736e6 545 if (module_exists('fieldgroup') && ($group_name = _fieldgroup_field_get_group($type_name, $field_name))) {
0ad570e2
NH
546 if (isset($form['#multigroups']) && isset($form['#multigroups'][$group_name][$field_name])) {
547 $form_element = $form[$group_name][$delta][$field_name];
548 }
549 else {
550 $form_element = $form[$group_name][$field_name][$delta];
551 }
22e736e6
DP
552 }
553 else {
4b58ccde 554 $form_element = $form[$field_name][$delta];
22e736e6
DP
555 }
556
4b58ccde
NH
557 if (isset($form_element['_weight'])) {
558 unset($form_element['_weight']);
559 }
22e736e6 560
4b58ccde 561 $output = drupal_render($form_element);
22e736e6
DP
562
563 // AHAH is not being nice to us and doesn't know the "other" button (that is,
564 // either "Upload" or "Delete") yet. Which in turn causes it not to attach
565 // AHAH behaviours after replacing the element. So we need to tell it first.
ad98c19d
NH
566
567 // Loop through the JS settings and find the settings needed for our buttons.
22e736e6 568 $javascript = drupal_add_js(NULL, NULL);
ad98c19d 569 $filefield_ahah_settings = array();
22e736e6 570 if (isset($javascript['setting'])) {
ad98c19d
NH
571 foreach ($javascript['setting'] as $settings) {
572 if (isset($settings['ahah'])) {
573 foreach ($settings['ahah'] as $id => $ahah_settings) {
574 if (strpos($id, 'filefield-upload') || strpos($id, 'filefield-remove')) {
575 $filefield_ahah_settings[$id] = $ahah_settings;
576 }
577 }
578 }
579 }
22e736e6
DP
580 }
581
ad98c19d
NH
582 // Add the AHAH settings needed for our new buttons.
583 if (!empty($filefield_ahah_settings)) {
584 $output .= '<script type="text/javascript">jQuery.extend(Drupal.settings.ahah, '. drupal_to_js($filefield_ahah_settings) .');</script>';
585 }
586
587 $output = theme('status_messages') . $output;
588
22e736e6
DP
589 // For some reason, file uploads don't like drupal_json() with its manual
590 // setting of the text/javascript HTTP header. So use this one instead.
e76d77f0 591 $GLOBALS['devel_shutdown'] = FALSE;
22e736e6
DP
592 print drupal_to_js(array('status' => TRUE, 'data' => $output));
593 exit;
594}
1bffec9e 595
7e784adc 596/**
e3623331
NH
597 * Menu callback for upload progress.
598 */
599function filefield_progress($key) {
600 $progress = array(
601 'message' => t('Starting upload...'),
602 'percentage' => -1,
603 );
604
605 $implementation = filefield_progress_implementation();
606 if ($implementation == 'uploadprogress') {
607 $status = uploadprogress_get_info($key);
608 if (isset($status['bytes_uploaded']) && !empty($status['bytes_total'])) {
5c4d0dd8 609 $progress['message'] = t('Uploading... (@current of @total)', array('@current' => format_size($status['bytes_uploaded']), '@total' => format_size($status['bytes_total'])));
e3623331
NH
610 $progress['percentage'] = round(100 * $status['bytes_uploaded'] / $status['bytes_total']);
611 }
612 }
613 elseif ($implementation == 'apc') {
614 $status = apc_fetch('upload_' . $key);
615 if (isset($status['current']) && !empty($status['total'])) {
5c4d0dd8 616 $progress['message'] = t('Uploading... (@current of @total)', array('@current' => format_size($status['current']), '@total' => format_size($status['total'])));
e3623331
NH
617 $progress['percentage'] = round(100 * $status['current'] / $status['total']);
618 }
619 }
620
621 drupal_json($progress);
622}
623
624/**
625 * Determine which upload progress implementation to use, if any available.
626 */
627function filefield_progress_implementation() {
628 static $implementation;
629 if (!isset($implementation)) {
630 $implementation = FALSE;
631
632 // We prefer the PECL extension uploadprogress because it supports multiple
633 // simultaneous uploads. APC only supports one at a time.
634 if (extension_loaded('uploadprogress')) {
635 $implementation = 'uploadprogress';
636 }
637 elseif (extension_loaded('apc') && ini_get('apc.rfc1867')) {
638 $implementation = 'apc';
639 }
640 }
641 return $implementation;
642}
643
644/**
9ff38ea7 645 * Implementation of hook_file_references().
646 */
647function filefield_file_references($file) {
dd21ac56
NH
648 $count = filefield_get_file_reference_count($file);
649 return $count ? array('filefield' => $count) : NULL;
ad6c5ff0
DP
650}
651
d6caa409 652/**
9ff38ea7 653 * Implementation of hook_file_delete().
654 */
655function filefield_file_delete($file) {
6a189547 656 filefield_delete_file_references($file);
9ff38ea7 657}
658
9ff38ea7 659/**
87d3e491
NH
660 * An #upload_validators callback. Check the file matches an allowed extension.
661 *
662 * If the mimedetect module is available, this will also validate that the
663 * content of the file matches the extension. User #1 is included in this check.
d6caa409
DP
664 *
665 * @param $file
666 * A Drupal file object.
667 * @param $extensions
87d3e491 668 * A string with a space separated list of allowed extensions.
d6caa409 669 * @return
87d3e491 670 * An array of any errors cause by this file if it failed validation.
d6caa409
DP
671 */
672function filefield_validate_extensions($file, $extensions) {
673 global $user;
674 $errors = array();
675
76cc1a41
DP
676 if (!empty($extensions)) {
677 $regex = '/\.('. ereg_replace(' +', '|', preg_quote($extensions)) .')$/i';
6e2a8176
NH
678 $matches = array();
679 if (preg_match($regex, $file->filename, $matches)) {
680 $extension = $matches[1];
681 // If the extension validates, check that the mimetype matches.
682 if (module_exists('mimedetect')) {
683 $type = mimedetect_mime($file);
684 if ($type != $file->filemime) {
f4dd3d44 685 $errors[] = t('The file contents (@type) do not match its extension (@extension).', array('@type' => $type, '@extension' => $extension));
6e2a8176
NH
686 }
687 }
688 }
689 else {
76cc1a41
DP
690 $errors[] = t('Only files with the following extensions are allowed: %files-allowed.', array('%files-allowed' => $extensions));
691 }
d6caa409 692 }
76cc1a41 693
d6caa409
DP
694 return $errors;
695}
696
87d3e491
NH
697/**
698 * Help text automatically appended to fields that have extension validation.
699 */
d6caa409 700function filefield_validate_extensions_help($extensions) {
76cc1a41
DP
701 if (!empty($extensions)) {
702 return t('Allowed Extensions: %ext', array('%ext' => $extensions));
703 }
704 else {
705 return '';
706 }
d6caa409
DP
707}
708
87d3e491
NH
709/**
710 * An #upload_validators callback. Check the file size does not exceed a limit.
711 *
712 * @param $file
713 * A Drupal file object.
714 * @param $file_limit
715 * An integer value limiting the maximum file size in bytes.
716 * @param $file_limit
717 * An integer value limiting the maximum size in bytes a user can upload on
718 * the entire site.
719 * @return
720 * An array of any errors cause by this file if it failed validation.
721 */
f92ea317
DP
722function filefield_validate_size($file, $file_limit = 0, $user_limit = 0) {
723 global $user;
724
725 $errors = array();
726
727 if ($file_limit && $file->filesize > $file_limit) {
728 $errors[] = t('The file is %filesize exceeding the maximum file size of %maxsize.', array('%filesize' => format_size($file->filesize), '%maxsize' => format_size($file_limit)));
729 }
730
731 // Bypass user limits for uid = 1.
732 if ($user->uid != 1) {
733 $total_size = file_space_used($user->uid) + $file->filesize;
734 if ($user_limit && $total_size > $user_limit) {
735 $errors[] = t('The file is %filesize which would exceed your disk quota of %quota.', array('%filesize' => format_size($file->filesize), '%quota' => format_size($user_limit)));
736 }
737 }
738 return $errors;
739}
740
87d3e491
NH
741/**
742 * Automatic help text appended to fields that have file size validation.
743 */
f92ea317
DP
744function filefield_validate_size_help($size) {
745 return t('Maximum Filesize: %size', array('%size' => format_size(parse_size($size))));
746}
747
87d3e491
NH
748/**
749 * An #upload_validators callback. Check an image resolution.
750 *
751 * @param $file
752 * A Drupal file object.
753 * @param $max_size
754 * A string in the format WIDTHxHEIGHT. If the image is larger than this size
755 * the image will be scaled to fit within these dimensions.
756 * @param $min_size
757 * A string in the format WIDTHxHEIGHT. If the image is smaller than this size
758 * a validation error will be returned.
759 * @return
760 * An array of any errors cause by this file if it failed validation.
761 */
f92ea317
DP
762function filefield_validate_image_resolution(&$file, $maximum_dimensions = 0, $minimum_dimensions = 0) {
763 $errors = array();
764
894255af
NH
765 @list($max_width, $max_height) = explode('x', $maximum_dimensions);
766 @list($min_width, $min_height) = explode('x', $minimum_dimensions);
d4081684 767
f92ea317
DP
768 // Check first that the file is an image.
769 if ($info = image_get_info($file->filepath)) {
770 if ($maximum_dimensions) {
771 // Check that it is smaller than the given dimensions.
d4081684
NH
772 if ($info['width'] > $max_width || $info['height'] > $max_height) {
773 $ratio = min($max_width/$info['width'], $max_height/$info['height']);
774 // Check for exact dimension requirements (scaling allowed).
775 if (strcmp($minimum_dimensions, $maximum_dimensions) == 0 && $info['width']/$max_width != $info['height']/$max_height) {
776 $errors[] = t('The image must be exactly %dimensions pixels.', array('%dimensions' => $maximum_dimensions));
777 }
778 // Check that scaling won't drop the image below the minimum dimensions.
4d5dcc26 779 elseif ((image_get_toolkit() || module_exists('imageapi')) && (($info['width'] * $ratio < $min_width) || ($info['height'] * $ratio < $min_height))) {
d4081684
NH
780 $errors[] = t('The image will not fit between the dimensions of %min_dimensions and %max_dimensions pixels.', array('%min_dimensions' => $minimum_dimensions, '%max_dimensions' => $maximum_dimensions));
781 }
4d5dcc26
NH
782 // Try resizing the image with ImageAPI if available.
783 elseif (module_exists('imageapi') && imageapi_default_toolkit()) {
784 $res = imageapi_image_open($file->filepath);
785 imageapi_image_scale($res, $max_width, $max_height);
786 imageapi_image_close($res, $file->filepath);
787 }
f92ea317 788 // Try to resize the image to fit the dimensions.
596fff08 789 elseif (image_get_toolkit() && @image_scale($file->filepath, $file->filepath, $max_width, $max_height)) {
f92ea317
DP
790 drupal_set_message(t('The image was resized to fit within the maximum allowed dimensions of %dimensions pixels.', array('%dimensions' => $maximum_dimensions)));
791
792 // Clear the cached filesize and refresh the image information.
793 clearstatcache();
794 $info = image_get_info($file->filepath);
795 $file->filesize = $info['file_size'];
796 }
797 else {
798 $errors[] = t('The image is too large; the maximum dimensions are %dimensions pixels.', array('%dimensions' => $maximum_dimensions));
799 }
800 }
801 }
802
d4081684 803 if ($minimum_dimensions && empty($errors)) {
f92ea317 804 // Check that it is larger than the given dimensions.
d4081684 805 if ($info['width'] < $min_width || $info['height'] < $min_height) {
f92ea317
DP
806 $errors[] = t('The image is too small; the minimum dimensions are %dimensions pixels.', array('%dimensions' => $minimum_dimensions));
807 }
808 }
809 }
810
811 return $errors;
d6caa409 812}
6ce28b69 813
87d3e491
NH
814/**
815 * Automatic help text appended to fields that have image resolution validation.
816 */
f92ea317 817function filefield_validate_image_resolution_help($max_size = '0', $min_size = '0') {
6ce28b69
DP
818 if (!empty($max_size)) {
819 if (!empty($min_size)) {
a5811c0f 820 if ($max_size == $min_size) {
821 return t('Images must be exactly @min_size pixels', array('@min_size' => $min_size));
822 }
823 else {
824 return t('Images must be between @min_size pixels and @max_size', array('@max_size' => $max_size, '@min_size' => $min_size));
825 }
6ce28b69
DP
826 }
827 else {
4ece7959 828 if (image_get_toolkit()) {
829 return t('Images larger than @max_size pixels will be scaled', array('@max_size' => $max_size));
830 }
831 else {
832 return t('Images must be smaller than @max_size pixels', array('@max_size' => $max_size));
833 }
6ce28b69
DP
834 }
835 }
836 if (!empty($min_size)) {
4ece7959 837 return t('Images must be larger than @max_size pixels', array('@max_size' => $min_size));
6ce28b69
DP
838 }
839}
b7ed071d 840
87d3e491
NH
841
842/**
843 * An #upload_validators callback. Check that a file is an image.
844 *
845 * This check should allow any image that PHP can identify, including png, jpg,
846 * gif, tif, bmp, psd, swc, iff, jpc, jp2, jpx, jb2, xbm, and wbmp.
847 *
848 * This check should be combined with filefield_validate_extensions() to ensure
849 * only web-based images are allowed, however it provides a better check than
850 * extension checking alone if the mimedetect module is not available.
851 *
852 * @param $file
853 * A Drupal file object.
854 * @return
855 * An array of any errors cause by this file if it failed validation.
856 */
f92ea317
DP
857function filefield_validate_is_image(&$file) {
858 $errors = array();
f92ea317
DP
859 $info = image_get_info($file->filepath);
860 if (!$info || empty($info['extension'])) {
6e2a8176 861 $errors[] = t('The file is not a known image format.');
f92ea317 862 }
f92ea317
DP
863 return $errors;
864}
865
87d3e491
NH
866/**
867 * An #upload_validators callback. Add the field to the file object.
868 *
869 * This validation function adds the field to the file object for later
870 * use in field aware modules implementing hook_file. It's not truly a
871 * validation at all, rather a convient way to add properties to the uploaded
872 * file.
ad6bb31f
DP
873 */
874function filefield_validate_associate_field(&$file, $field) {
875 $file->field = $field;
876 return array();
877}
ab6a2015
NH
878
879/*******************************************************************************
880 * Public API functions for FileField.
881 ******************************************************************************/
882
883/**
f800ae83
NH
884 * Return an array of file fields within a node type or by field name.
885 *
886 * @param $field
887 * Optional. May be either a field array or a field name.
888 * @param $node_type
889 * Optional. The node type to filter the list of fields.
890 */
891function filefield_get_field_list($node_type = NULL, $field = NULL) {
892 // Build the list of fields to be used for retrieval.
893 if (isset($field)) {
894 if (is_string($field)) {
895 $field = content_fields($field, $node_type);
896 }
897 $fields = array($field['field_name'] => $field);
898 }
899 elseif (isset($node_type)) {
900 $type = content_types($node_type);
901 $fields = $type['fields'];
902 }
903 else {
904 $fields = content_fields();
905 }
906
907 // Filter down the list just to file fields.
908 foreach ($fields as $key => $field) {
909 if ($field['type'] != 'filefield') {
910 unset($fields[$key]);
911 }
912 }
913
914 return $fields;
915}
916
917/**
ab6a2015
NH
918 * Count the number of times the file is referenced within a field.
919 *
920 * @param $file
921 * A file object.
922 * @param $field
f800ae83 923 * Optional. The CCK field array or field name as a string.
ab6a2015
NH
924 * @return
925 * An integer value.
926 */
f800ae83
NH
927function filefield_get_file_reference_count($file, $field = NULL) {
928 $fields = filefield_get_field_list(NULL, $field);
929 $file = (object) $file;
930
931 $references = 0;
932 foreach ($fields as $field) {
933 $db_info = content_database_info($field);
934 $references += db_result(db_query(
935 'SELECT count('. $db_info['columns']['fid']['column'] .')
936 FROM {'. $db_info['table'] .'}
937 WHERE '. $db_info['columns']['fid']['column'] .' = %d', $file->fid
938 ));
939
940 // If a field_name is present in the file object, the file is being deleted
941 // from this field.
942 if (isset($file->field_name) && $field['field_name'] == $file->field_name) {
943 // If deleting the entire node, count how many references to decrement.
944 if (isset($file->delete_nid)) {
945 $node_references = db_result(db_query(
946 'SELECT count('. $db_info['columns']['fid']['column'] .')
947 FROM {'. $db_info['table'] .'}
948 WHERE '. $db_info['columns']['fid']['column'] .' = %d AND nid = %d', $file->fid, $file->delete_nid
949 ));
950 $references = $references - $node_references;
951 }
952 else {
953 $references = $references - 1;
954 }
ab6a2015 955 }
f800ae83
NH
956 }
957
958 return $references;
959}
960
961/**
962 * Get a list of node IDs that reference a file.
963 *
964 * @param $file
965 * The file object for which to find references.
966 * @param $field
967 * Optional. The CCK field array or field name as a string.
968 * @return
969 * An array of IDs grouped by NID: array([nid] => array([vid1], [vid2])).
970 */
971function filefield_get_file_references($file, $field = NULL) {
972 $fields = filefield_get_field_list(NULL, $field);
973 $file = (object) $file;
974
975 $references = array();
976 foreach ($fields as $field) {
977 $db_info = content_database_info($field);
978 $sql = 'SELECT nid, vid FROM {'. $db_info['table'] .'} WHERE '. $db_info['columns']['fid']['column'] .' = %d';
979 $result = db_query($sql, $file->fid);
980 while ($row = db_fetch_object($result)) {
981 $references[$row->nid][$row->vid] = $row->vid;
ab6a2015
NH
982 }
983 }
f800ae83 984
ab6a2015
NH
985 return $references;
986}
f800ae83
NH
987
988/**
989 * Get all FileField files connected to a node ID.
990 *
991 * @param $nid
992 * The node object.
993 * @param $field_name
994 * Optional. The CCK field array or field name as a string.
995 * @return
996 * An array of all files attached to that field (or all fields).
997 */
998function filefield_get_node_files($node, $field = NULL) {
999 $fields = filefield_get_field_list($node->type, $field);
263f62ad 1000 $files = array();
f800ae83
NH
1001
1002 // Get the file rows.
1003 foreach ($fields as $field) {
1004 $db_info = content_database_info($field);
65dac21c
NH
1005 $fields = 'f.*';
1006 $fields .= ', c.'. $db_info['columns']['list']['column'] .' AS list';
1007 $fields .= ', c.'. $db_info['columns']['data']['column'] .' AS data';
1008 $sql = 'SELECT '. $fields .' FROM {files} f INNER JOIN {' . $db_info['table'] . '} c ON f.fid = c.' . $db_info['columns']['fid']['column'] . ' AND c.vid = %d';
f800ae83
NH
1009 $result = db_query($sql, $node->vid);
1010 while ($file = db_fetch_array($result)) {
65dac21c 1011 $file['data'] = unserialize($file['data']);
f800ae83
NH
1012 $files[$file['fid']] = $file;
1013 }
1014 }
1015
1016 return $files;
1017}
6a189547
NH
1018
1019/**
1020 * Delete all node references of a file.
1021 *
1022 * @param $file
1023 * The file object for which to find references.
1024 * @param $field
1025 * Optional. The CCK field array or field name as a string.
1026 */
1027function filefield_delete_file_references($file, $field = NULL) {
1028 $fields = filefield_get_field_list(NULL, $field);
1029 $file = (object) $file;
1030
1031 $references = filefield_get_file_references($file, $field);
1032 foreach ($references as $nid => $node_references) {
1033 // Do not update a node if it is already being deleted directly by the user.
1034 if (isset($file->delete_nid) && $file->delete_nid == $nid) {
1035 continue;
1036 }
1037
1038 foreach ($node_references as $vid) {
1039 // Do not update the node revision if that revision is already being
1040 // saved or deleted directly by the user.
1041 if (isset($file->delete_vid) && $file->delete_vid == $vid) {
1042 continue;
1043 }
1044
1045 $node = node_load(array('vid' => $vid));
1046 foreach ($fields as $field_name => $field) {
1047 if (isset($node->$field_name)) {
1048 foreach ($node->$field_name as $delta => $item) {
1049 if ($item['fid'] == $file->fid) {
1050 unset($node->{$field_name}[$delta]);
1051 }
1052 }
1053 $node->$field_name = array_values(array_filter($node->$field_name));
1054 }
1055 }
1056
1057 // Save the node after removing the file references. This flag prevents
1058 // FileField from attempting to delete the file again.
1059 $node->skip_filefield_delete = TRUE;
1060 node_save($node);
1061 }
1062 }
1063}