Clean up some PHP warnings.
[project/filefield.git] / filefield.module
1 <?php // $Id$
2
3 /**
4 * @file
5 * FileField: Defines a CCK file field type.
6 *
7 * Uses content.module to store the fid and field specific metadata,
8 * and Drupal's {files} table to store the actual file data.
9 */
10
11 include_once('field_file.inc');
12
13 /**
14 * Implementation of hook_init().
15 */
16 function filefield_init() {
17 // file hooks and callbacks.
18 module_load_include('inc', 'filefield', 'filefield_widget');
19
20 drupal_add_js(drupal_get_path('module', 'filefield') .'/filefield.js');
21 drupal_add_css(drupal_get_path('module', 'filefield') .'/filefield.css');
22 }
23
24 /**
25 * Implementation of hook_menu().
26 */
27 function filefield_menu() {
28 $items = array();
29
30 $items['filefield/ahah/%/%/%'] = array(
31 'page callback' => 'filefield_js',
32 'page arguments' => array(2,3,4),
33 'access callback' => 'filefield_edit_access',
34 'access arguments' => array(3),
35 'type' => MENU_CALLBACK,
36 'file' => 'filefield_widget.inc',
37 );
38 return $items;
39 }
40
41 /**
42 * Implementation of hook_elements().
43 * @todo: autogenerate element registry entries for widgets.
44 */
45 function filefield_elements() {
46 $elements = array();
47 $elements['filefield_widget'] = array(
48 '#input' => TRUE,
49 '#columns' => array('fid', 'list', 'data'),
50 '#process' => array('filefield_widget_process'),
51 '#value_callback' => 'filefield_widget_value',
52 '#element_validate' => array('filefield_widget_validate'),
53 '#description' => t('Changes made to the attachments are not permanent until you save this post.'),
54 );
55 $elements['filefield_extensible'] = array(
56 '#input' => TRUE,
57 '#columns' => array('fid', 'list', 'data'),
58 '#process' => array('filefield_process'),
59 '#value_callback' => 'filefield_value',
60 '#description' => t('Changes made to the attachments are not permanent until you save this post.'),
61 );
62 return $elements;
63 }
64
65 /**
66 * Implementation of hook_theme().
67 * @todo: autogenerate theme registry entrys for widgets.
68 */
69 function filefield_theme() {
70 return array(
71 'filefield_file' => array(
72 'arguments' => array('file' => NULL),
73 'file' => 'filefield_formatter.inc',
74 ),
75 'filefield_icon' => array(
76 'arguments' => array('file' => NULL),
77 'file' => 'filefield.theme.inc',
78 ),
79 'filefield_widget' => array(
80 'arguments' => array('element' => NULL),
81 'file' => 'filefield_widget.inc',
82 ),
83 'filefield_widget_item' => array(
84 'arguments' => array('element' => NULL),
85 'file' => 'filefield_widget.inc',
86 ),
87 'filefield_widget_preview' => array(
88 'arguments' => array('element' => NULL),
89 'file' => 'filefield_widget.inc',
90 ),
91
92
93 'filefield_formatter_default' => array(
94 'arguments' => array('element' => NULL),
95 'file' => 'filefield_formatter.inc',
96 ),
97 'filefield_item' => array(
98 'arguments' => array('file' => NULL, 'field' => NULL),
99 'file' => 'filefield_formatter.inc',
100 ),
101 'filefield_file' => array(
102 'arguments' => array('file' => NULL),
103 'file' => 'filefield_formatter.inc',
104 ),
105
106 );
107 }
108
109 /**
110 * Implementation of hook_file_download(). Yes, *that* hook that causes
111 * any attempt for file upload module interoperability to fail spectacularly.
112 */
113 function filefield_file_download($file) {
114 $file = file_create_path($file);
115
116 $result = db_query("SELECT * FROM {files} WHERE filepath = '%s'", $file);
117 if (!$file = db_fetch_object($result)) {
118 // We don't really care about this file.
119 return;
120 }
121
122 // Find out if any filefield contains this file, and if so, which field
123 // and node it belongs to. Required for later access checking.
124 $cck_files = array();
125 foreach (content_fields() as $field) {
126 if ($field['type'] == 'filefield' || $field['type'] == 'image') {
127 $db_info = content_database_info($field);
128 $table = $db_info['table'];
129 $fid_column = $db_info['columns']['fid']['column'];
130
131 $columns = array('vid', 'nid');
132 foreach ($db_info['columns'] as $property_name => $column_info) {
133 $columns[] = $column_info['column'] .' AS '. $property_name;
134 }
135 $result = db_query("SELECT ". implode(', ', $columns) ."
136 FROM {". $table ."}
137 WHERE ". $fid_column ." = %d", $file->fid);
138
139 while ($content = db_fetch_array($result)) {
140 $content['field'] = $field;
141 $cck_files[$field['field_name']][$content['vid']] = $content;
142 }
143 }
144 }
145 // If no filefield item is involved with this file, we don't care about it.
146 if (empty($cck_files)) {
147 return;
148 }
149
150 // If any node includes this file but the user may not view this field,
151 // then deny the download.
152 foreach ($cck_files as $field_name => $field_files) {
153 if (!filefield_view_access($field_name)) {
154 return -1;
155 }
156 }
157
158 // So the overall field view permissions are not denied, but if access is
159 // denied for a specific node containing the file, deny the download as well.
160 // It's probably a little too restrictive, but I can't think of a
161 // better way at the moment. Input appreciated.
162 // (And yeah, node access checks also include checking for 'access content'.)
163 $nodes = array();
164 foreach ($cck_files as $field_name => $field_files) {
165 foreach ($field_files as $revision_id => $content) {
166 // Checking separately for each revision is probably not the best idea -
167 // what if 'view revisions' is disabled? So, let's just check for the
168 // current revision of that node.
169 if (isset($nodes[$content['nid']])) {
170 continue; // don't check the same node twice
171 }
172 $node = node_load($content['nid']);
173 if (!node_access('view', $node)) {
174 // You don't have permission to view the node this file is attached to.
175 return -1;
176 }
177 $nodes[$content['nid']] = $node;
178 }
179 }
180
181 // Well I guess you can see this file.
182 $name = mime_header_encode($file->filename);
183 $type = mime_header_encode($file->filemime);
184 // Serve images and text inline for the browser to display rather than download.
185 $disposition = ereg('^(text/|image/)', $file->filemime) ? 'inline' : 'attachment';
186 return array(
187 'Content-Type: '. $type .'; name='. $name,
188 'Content-Length: '. $file->filesize,
189 'Content-Disposition: '. $disposition .'; filename='. $name,
190 'Cache-Control: private',
191 );
192 }
193
194
195 /**
196 * Implementation of CCK's hook_field_info().
197 */
198 function filefield_field_info() {
199 return array(
200 'filefield' => array(
201 'label' => 'File',
202 'description' => t('Store an arbitrary file.'),
203 ),
204 );
205 }
206
207 /**
208 * Implementation of hook_field_settings().
209 */
210 function filefield_field_settings($op, $field) {
211 $return = array();
212
213 module_load_include('inc', 'filefield', 'filefield_field');
214 $op = str_replace(' ', '_', $op);
215 // add filefield specific handlers...
216 $function = 'filefield_field_settings_'. $op;
217 if (function_exists($function)) {
218 $return = $function($field);
219 }
220
221 // dynamically load widgets file and callbacks for other fields utilizing
222 // filefield's hook_field_settings implementation.
223 module_load_include('inc', $field['module'], $field['type'] .'_field');
224 $function = $field['module'] .'_'. $field['type'] .'_field_settings_'. $op;
225 if (function_exists($function)) {
226 $return = array_merge($return, $function($field));
227 }
228
229 return $return;
230
231 }
232
233 /**
234 * Implementtation of CCK's hook_field().
235 */
236 function filefield_field($op, $node, $field, &$items, $teaser, $page) {
237 module_load_include('inc', 'filefield', 'filefield_field');
238 $op = str_replace(' ', '_', $op);
239 // add filefield specific handlers...
240 $function = 'filefield_field_'. $op;
241 if (function_exists($function)) {
242 return $function($node, $field, $items, $teaser, $page);
243 }
244 }
245
246 /**
247 * Implementation of CCK's hook_widget_settings().
248 */
249 function filefield_widget_settings($op, $widget) {
250 $return = array();
251 // load our widget settings callbacks..
252 $op = str_replace(' ', '_', $op);
253 $function = 'filefield_widget_settings_'. $op;
254 if (function_exists($function)) {
255 $return = $function($widget);
256 }
257
258 // sometimes widget_settings is called with widget, sometimes with field.
259 // CCK needs to make up it's mind here or get with the new hook formats.
260 $widget_type = isset($widget['widget_type']) ? $widget['widget_type'] : $widget['type'];
261 $widget_module = isset($widget['widget_module']) ? $widget['widget_module'] : $widget['module'];
262
263 // dynamically load widgets file and callbacks for other fields and widgets utilizing
264 // filefield's hook_widget_settings implementation.
265 module_load_include('inc', $widget_module, $widget_module .'_widget');
266
267 $function = $widget_type .'_widget_settings_'. $op;
268 if (function_exists($function)) {
269 $return = array_merge($return, $function($widget));
270 }
271
272 return $return;
273 }
274
275 /**
276 * Implementation of hook_widget().
277 */
278 function filefield_widget(&$form, &$form_state, $field, $items, $delta = 0) {
279 // CCK doesn't give a validate callback at the field level...
280 // and FAPI's #require is naieve to complex structures...
281 // we validate at the field level ourselves.
282 if (empty($form['#validate']) || !in_array('filefield_node_form_validate', $form['#validate'])) {
283 $form['#validate'][] = 'filefield_node_form_validate';
284 }
285 if (empty($form['#submit']) || !in_array('filefield_node_form_submit', $form['#submit'])) {
286 $form['#submit'][] = 'filefield_node_form_submit';
287 }
288 $form['#attributes'] = array('enctype' => 'multipart/form-data');
289
290 module_load_include('inc', 'filefield', 'field_widget');
291 module_load_include('inc', $field['widget']['module'], $field['widget']['module'] .'_widget');
292
293 $item = array('fid' => 0, 'list' => $field['list_default'], 'data' => array('description' => ''));
294 if (isset($items[$delta])) {
295 $item = array_merge($item, $items[$delta]);
296 }
297 $element = array(
298 '#title' => $field['widget']['label'],
299 '#type' => $field['widget']['type'],
300 '#default_value' => $item,
301 '#upload_validators' => filefield_widget_upload_validators($field),
302 );
303
304 return $element;
305 }
306
307 /**
308 * Get the upload validators for a file field.
309 *
310 * @param $field CCK Field
311 * @return array suitable for passing to file_save_upload() or the filefield
312 * element's '#upload_validators' property.
313 */
314 function filefield_widget_upload_validators($field) {
315 $max_filesize = parse_size(file_upload_max_size());
316 if (!empty($field['widget']['max_filesize_per_file']) && parse_size($field['widget']['max_filesize_per_file']) < $max_filesize) {
317 $max_filesize = parse_size($field['widget']['max_filesize_per_file']);
318 }
319
320 $validators = array(
321 'filefield_validate_size' => array($max_filesize),
322 // override core since it excludes uid 1 on the extension check.. I only want to
323 // excuse uid 1 of quota requirements. - dopry.
324 'filefield_validate_extensions' => array($field['widget']['file_extensions']),
325 );
326 return $validators;
327 }
328
329
330 /**
331 * Implementation of CCK's hook_content_is_empty().
332 *
333 * The result of this determines whether content.module will save
334 * the value of the field.
335 */
336 function filefield_content_is_empty($item, $field) {
337 return empty($item['fid']) || (int)$item['fid'] == 0;
338 }
339
340 /**
341 * Implementation of CCK's hook_widget_info().
342 */
343 function filefield_widget_info() {
344 return array(
345 'filefield_widget' => array(
346 'label' => t('File Upload'),
347 'field types' => array('filefield'),
348 'multiple values' => CONTENT_HANDLE_CORE,
349 'callbacks' => array('default value' => CONTENT_CALLBACK_CUSTOM),
350 'description' => t('A plain file upload widget.'),
351 ),
352 'filefield_combo' => array(
353 'label' => 'Extensible File',
354 'field types' => array('filefield'),
355 'multiple values' => CONTENT_HANDLE_CORE,
356 'callbacks' => array('default value' => CONTENT_CALLBACK_CUSTOM),
357 'description' => t('(Experimental)An extensible file upload widget.'),
358 ),
359 );
360 }
361
362 /**
363 * Implementation of CCK's hook_field_formatter_info().
364 */
365 function filefield_field_formatter_info() {
366 return array(
367 'default' => array(
368 'label' => t('Generic files'),
369 'suitability callback' => TRUE,
370 'field types' => array('filefield','image'),
371 'multiple values' => CONTENT_HANDLE_CORE,
372 'description' => t('Displays all kinds of files with an icon and a linked file description.'),
373 ),
374 'filefield_dynamic' => array(
375 'label' => t('Dynamic file formatters'),
376 'suitability callback' => TRUE,
377 'field types' => array('file'),
378 'multiple values' => CONTENT_HANDLE_CORE,
379 'description' => t('(experimental) An extensible formatter for filefield.'),
380 ),
381 );
382 }
383
384 /**
385 * Determine the most appropriate icon for the given file's mimetype.
386 *
387 * @return The URL of the icon image file, or FALSE if no icon could be found.
388 */
389
390 function filefield_icon_url($file) {
391 include_once(drupal_get_path('module', 'filefield') .'/filefield.theme.inc');
392 return _filefield_icon_url($file);
393 }
394
395 /**
396 * Access callback for the JavaScript upload and deletion AHAH callbacks.
397 * The content_permissions module provides nice fine-grained permissions for
398 * us to check, so we can make sure that the user may actually edit the file.
399 */
400 function filefield_edit_access($field_name) {
401 if (module_exists('content_permissions')) {
402 return user_access('edit '. $field_name);
403 }
404 // No content permissions to check, so let's fall back to a more general permission.
405 return user_access('access content');
406 }
407
408 /**
409 * Access callback that checks if the current user may view the filefield.
410 */
411 function filefield_view_access($field_name) {
412 if (module_exists('content_permissions')) {
413 return user_access('view '. $field_name);
414 }
415 // No content permissions to check, so let's fall back to a more general permission.
416 return user_access('access content');
417 }
418
419 /**
420 * Shared AHAH callback for uploads and deletions... It rebuilds the form element
421 * for a particular field item. As long as the form processing is properly
422 * encapsulated in the widget element the form should rebuild correctly using
423 * FAPI without the need for additional callbacks or processing.
424 */
425 function filefield_js($type_name, $field_name, $delta) {
426 $field = content_fields($field_name, $type_name);
427
428 if (empty($field) || empty($_POST['form_build_id'])) {
429 // Invalid request.
430 print drupal_to_js(array('data' => ''));
431 exit;
432 }
433
434 // Build the new form.
435 $form_state = array('submitted' => FALSE);
436 $form_build_id = $_POST['form_build_id'];
437 $form = form_get_cache($form_build_id, $form_state);
438
439 if (!$form) {
440 // Invalid form_build_id.
441 print drupal_to_js(array('data' => ''));
442 exit;
443 }
444
445 // form_get_cache() doesn't yield the original $form_state,
446 // but form_builder() does. Needed for retrieving the file array.
447 $built_form = $form;
448 $built_form_state = $form_state;
449
450 $built_form += array('#post' => $_POST);
451 $built_form = form_builder($_POST['form_id'], $built_form, $built_form_state);
452
453 // Clean ids, so that the same element doesn't get a different element id
454 // when rendered once more further down.
455 form_clean_id(NULL, TRUE);
456
457 // Ask CCK for the replacement form element. Going through CCK gets us
458 // the benefit of nice stuff like '#required' merged in correctly.
459 module_load_include('inc', 'content', 'includes/content.node_form');
460 $field_element = content_field_form($form, $built_form_state, $field, $delta);
461 $delta_element = $field_element[$field_name][0]; // there's only one element in there
462
463 // Add the new element at the right place in the form.
464 if (module_exists('fieldgroup') && ($group_name = _fieldgroup_field_get_group($type_name, $field_name))) {
465 $form[$group_name][$field_name][$delta] = $delta_element;
466 }
467 else {
468 $form[$field_name][$delta] = $delta_element;
469 }
470
471 // Render the form for output.
472 $form += array(
473 '#post' => $_POST,
474 '#programmed' => FALSE,
475 );
476 drupal_alter('form', $form, array(), 'filefield_js');
477 $form_state = array('submitted' => FALSE);
478 $form = form_builder('filefield_js', $form, $built_form_state);
479 $field_form = empty($group_name) ? $form[$field_name] : $form[$group_name][$field_name];
480
481 // We add a div around the new content to tell AHAH to let this fade in.
482 $field_form[$delta]['#prefix'] = '<div class="ahah-new-content">';
483 $field_form[$delta]['#suffix'] = '</div>';
484
485 $output = theme('status_messages') . drupal_render($field_form[$delta]);
486
487 // AHAH is not being nice to us and doesn't know the "other" button (that is,
488 // either "Upload" or "Delete") yet. Which in turn causes it not to attach
489 // AHAH behaviours after replacing the element. So we need to tell it first.
490 $javascript = drupal_add_js(NULL, NULL);
491 if (isset($javascript['setting'])) {
492 $output .= '<script type="text/javascript">jQuery.extend(Drupal.settings, '. drupal_to_js(call_user_func_array('array_merge_recursive', $javascript['setting'])) .');</script>';
493 }
494
495 // For some reason, file uploads don't like drupal_json() with its manual
496 // setting of the text/javascript HTTP header. So use this one instead.
497 $GLOBALS['devel_shutdown'] = false;
498 print drupal_to_js(array('status' => TRUE, 'data' => $output));
499 exit;
500 }
501
502 /**
503 * set the default values for imagefield.
504 * This seems to work for all but add a new item on unlimited values which doesn't
505 * get assigned a proper default.
506 */
507 function filefield_default_value(&$form, &$form_state, $field, $delta) {
508 $items = array();
509 $field_name = $field['field_name'];
510
511 switch ($field['multiple']) {
512 case 0:
513 $max = 1;
514 break;
515 case 1:
516 $max = isset($form_state['item_count'][$field_name]) ? $form_state['item_count'][$field_name] : 1;
517 break;
518 default:
519 $max = $field['multiple'];
520 break;
521 }
522
523 for ($delta = 0; $delta < $max; $delta++) {
524 $items[$delta] = array('fid' => 0, 'list' => $field['list_default'], 'data' => array('description' => ''));
525 }
526 return $items;
527 }
528
529
530
531 /**
532 * Implementation of hook_file_references().
533 */
534 function filefield_file_references($file) {
535 $references = 0;
536 foreach(content_fields() as $field) {
537 if ($field['type'] != 'file') {
538 continue;
539 }
540 $references += field_file_references($file, $field);
541 }
542 return array('filefield' => $references);
543 }
544
545 /**
546 * Implementation of hook_file_delete().
547 */
548 function filefield_file_delete($file) {
549 // foreach field... remove items referencing $file.
550 }
551
552
553
554 /**
555 * Check that the filename ends with an allowed extension. This check is
556 * enforced for the user #1.
557 *
558 * @param $file
559 * A Drupal file object.
560 * @param $extensions
561 * A string with a space separated
562 * @return
563 * An array. If the file extension is not allowed, it will contain an error message.
564 */
565 function filefield_validate_extensions($file, $extensions) {
566 global $user;
567 $errors = array();
568
569 if (!empty($extensions)) {
570 $regex = '/\.('. ereg_replace(' +', '|', preg_quote($extensions)) .')$/i';
571 if (!preg_match($regex, $file->filename)) {
572 $errors[] = t('Only files with the following extensions are allowed: %files-allowed.', array('%files-allowed' => $extensions));
573 }
574 }
575
576 return $errors;
577 }
578
579 // These three functions return messages for file_validate_size, and file_validate_extensions.
580 // They're a neat hack that gets the job done. Even though it's evil to put a
581 // function into a namespace not owned by your module...
582 function filefield_validate_extensions_help($extensions) {
583 if (!empty($extensions)) {
584 return t('Allowed Extensions: %ext', array('%ext' => $extensions));
585 }
586 else {
587 return '';
588 }
589 }
590
591
592 function filefield_validate_size($file, $file_limit = 0, $user_limit = 0) {
593 global $user;
594
595 $errors = array();
596
597 if ($file_limit && $file->filesize > $file_limit) {
598 $errors[] = t('The file is %filesize exceeding the maximum file size of %maxsize.', array('%filesize' => format_size($file->filesize), '%maxsize' => format_size($file_limit)));
599 }
600
601 // Bypass user limits for uid = 1.
602 if ($user->uid != 1) {
603 $total_size = file_space_used($user->uid) + $file->filesize;
604 if ($user_limit && $total_size > $user_limit) {
605 $errors[] = t('The file is %filesize which would exceed your disk quota of %quota.', array('%filesize' => format_size($file->filesize), '%quota' => format_size($user_limit)));
606 }
607 }
608 return $errors;
609 }
610
611 function filefield_validate_size_help($size) {
612 return t('Maximum Filesize: %size', array('%size' => format_size(parse_size($size))));
613 }
614
615 function filefield_validate_image_resolution(&$file, $maximum_dimensions = 0, $minimum_dimensions = 0) {
616 $errors = array();
617
618 // Check first that the file is an image.
619 if ($info = image_get_info($file->filepath)) {
620 if ($maximum_dimensions) {
621 // Check that it is smaller than the given dimensions.
622 list($width, $height) = explode('x', $maximum_dimensions);
623 if ($info['width'] > $width || $info['height'] > $height) {
624 // Try to resize the image to fit the dimensions.
625 if (image_get_toolkit() && image_scale($file->filepath, $file->filepath, $width, $height)) {
626 drupal_set_message(t('The image was resized to fit within the maximum allowed dimensions of %dimensions pixels.', array('%dimensions' => $maximum_dimensions)));
627
628 // Clear the cached filesize and refresh the image information.
629 clearstatcache();
630 $info = image_get_info($file->filepath);
631 $file->filesize = $info['file_size'];
632 }
633 else {
634 $errors[] = t('The image is too large; the maximum dimensions are %dimensions pixels.', array('%dimensions' => $maximum_dimensions));
635 }
636 }
637 }
638
639 if ($minimum_dimensions) {
640 // Check that it is larger than the given dimensions.
641 list($width, $height) = explode('x', $minimum_dimensions);
642 if ($info['width'] < $width || $info['height'] < $height) {
643 $errors[] = t('The image is too small; the minimum dimensions are %dimensions pixels.', array('%dimensions' => $minimum_dimensions));
644 }
645 }
646 }
647
648 return $errors;
649 }
650
651 function filefield_validate_image_resolution_help($max_size = '0', $min_size = '0') {
652 if (!empty($max_size)) {
653 if (!empty($min_size)) {
654 if ($max_size == $min_size) {
655 return t('Images must be exactly @min_size pixels', array('@min_size' => $min_size));
656 }
657 else {
658 return t('Images must be between @min_size pixels and @max_size', array('@max_size' => $max_size, '@min_size' => $min_size));
659 }
660 }
661 else {
662 if (image_get_toolkit()) {
663 return t('Images larger than @max_size pixels will be scaled', array('@max_size' => $max_size));
664 }
665 else {
666 return t('Images must be smaller than @max_size pixels', array('@max_size' => $max_size));
667 }
668 }
669 }
670 if (!empty($min_size)) {
671 return t('Images must be larger than @max_size pixels', array('@max_size' => $min_size));
672 }
673 }
674
675 function filefield_validate_is_image(&$file) {
676 $errors = array();
677
678 $info = image_get_info($file->filepath);
679 if (!$info || empty($info['extension'])) {
680 $errors[] = t('Only JPEG, PNG and GIF images are allowed.');
681 }
682
683 return $errors;
684 }
685
686
687 function filefield_validate_is_image_help($arguments = null) {
688 return t('Must be a JPEG, PNG or GIF image');
689 }