2011-04-16 21:18:06 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
// Firefox and Konqueror tries to download application/json for me. --Arthur
|
2012-05-03 10:23:29 +00:00
|
|
|
OCP\JSON::setContentTypeHeader('text/plain');
|
2011-04-16 21:18:06 +00:00
|
|
|
|
2013-06-25 10:24:14 +00:00
|
|
|
// If a directory token is sent along check if public upload is permitted.
|
|
|
|
// If not, check the login.
|
|
|
|
// If no token is sent along, rely on login only
|
|
|
|
|
2013-10-17 08:46:55 +00:00
|
|
|
$allowedPermissions = OCP\PERMISSION_ALL;
|
2014-01-22 16:17:58 +00:00
|
|
|
$errorCode = null;
|
2013-10-17 08:46:55 +00:00
|
|
|
|
2013-01-18 23:31:09 +00:00
|
|
|
$l = OC_L10N::get('files');
|
2013-07-01 13:39:11 +00:00
|
|
|
if (empty($_POST['dirToken'])) {
|
2013-07-01 13:37:52 +00:00
|
|
|
// The standard case, files are uploaded through logged in users :)
|
|
|
|
OCP\JSON::checkLoggedIn();
|
|
|
|
$dir = isset($_POST['dir']) ? $_POST['dir'] : "";
|
|
|
|
if (!$dir || empty($dir) || $dir === false) {
|
|
|
|
OCP\JSON::error(array('data' => array_merge(array('message' => $l->t('Unable to set upload directory.')))));
|
|
|
|
die();
|
|
|
|
}
|
2013-06-25 10:24:14 +00:00
|
|
|
} else {
|
2013-10-17 08:46:55 +00:00
|
|
|
// return only read permissions for public upload
|
|
|
|
$allowedPermissions = OCP\PERMISSION_READ;
|
2014-02-12 10:43:34 +00:00
|
|
|
$public_directory = !empty($_POST['subdir']) ? $_POST['subdir'] : '/';
|
2013-10-17 08:46:55 +00:00
|
|
|
|
2013-07-01 13:37:52 +00:00
|
|
|
$linkItem = OCP\Share::getShareByToken($_POST['dirToken']);
|
|
|
|
if ($linkItem === false) {
|
|
|
|
OCP\JSON::error(array('data' => array_merge(array('message' => $l->t('Invalid Token')))));
|
|
|
|
die();
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!($linkItem['permissions'] & OCP\PERMISSION_CREATE)) {
|
|
|
|
OCP\JSON::checkLoggedIn();
|
|
|
|
} else {
|
2013-07-05 15:39:41 +00:00
|
|
|
// resolve reshares
|
|
|
|
$rootLinkItem = OCP\Share::resolveReShare($linkItem);
|
|
|
|
|
2014-01-21 10:32:30 +00:00
|
|
|
OCP\JSON::checkUserExists($rootLinkItem['uid_owner']);
|
2013-07-05 15:39:41 +00:00
|
|
|
// Setup FS with owner
|
2013-07-05 11:45:21 +00:00
|
|
|
OC_Util::tearDownFS();
|
2013-07-05 15:39:41 +00:00
|
|
|
OC_Util::setupFS($rootLinkItem['uid_owner']);
|
2013-07-01 13:37:52 +00:00
|
|
|
|
|
|
|
// The token defines the target directory (security reasons)
|
2013-07-05 15:39:41 +00:00
|
|
|
$path = \OC\Files\Filesystem::getPath($linkItem['file_source']);
|
2013-07-01 13:37:52 +00:00
|
|
|
$dir = sprintf(
|
|
|
|
"/%s/%s",
|
2013-07-05 15:39:41 +00:00
|
|
|
$path,
|
2014-02-12 10:43:34 +00:00
|
|
|
$public_directory
|
2013-07-01 13:37:52 +00:00
|
|
|
);
|
|
|
|
|
|
|
|
if (!$dir || empty($dir) || $dir === false) {
|
|
|
|
OCP\JSON::error(array('data' => array_merge(array('message' => $l->t('Unable to set upload directory.')))));
|
|
|
|
die();
|
|
|
|
}
|
|
|
|
}
|
2013-06-25 10:24:14 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
OCP\JSON::callCheck();
|
2014-03-24 16:34:37 +00:00
|
|
|
if (!\OCP\App::isEnabled('files_encryption')) {
|
|
|
|
// encryption app need to create keys later, so can't close too early
|
|
|
|
\OC::$session->close();
|
|
|
|
}
|
2011-04-16 21:18:06 +00:00
|
|
|
|
2013-02-01 19:29:02 +00:00
|
|
|
|
2013-01-18 23:31:09 +00:00
|
|
|
// get array with current storage stats (e.g. max file size)
|
2013-09-20 14:46:33 +00:00
|
|
|
$storageStats = \OCA\Files\Helper::buildFileStorageStatistics($dir);
|
2012-12-20 16:16:01 +00:00
|
|
|
|
2011-09-23 18:03:39 +00:00
|
|
|
if (!isset($_FILES['files'])) {
|
2013-01-18 23:31:09 +00:00
|
|
|
OCP\JSON::error(array('data' => array_merge(array('message' => $l->t('No file was uploaded. Unknown error')), $storageStats)));
|
2011-09-23 18:03:39 +00:00
|
|
|
exit();
|
|
|
|
}
|
2013-01-02 21:15:43 +00:00
|
|
|
|
2011-09-23 18:03:39 +00:00
|
|
|
foreach ($_FILES['files']['error'] as $error) {
|
|
|
|
if ($error != 0) {
|
|
|
|
$errors = array(
|
2013-01-28 20:09:18 +00:00
|
|
|
UPLOAD_ERR_OK => $l->t('There is no error, the file uploaded with success'),
|
|
|
|
UPLOAD_ERR_INI_SIZE => $l->t('The uploaded file exceeds the upload_max_filesize directive in php.ini: ')
|
2013-07-01 13:37:52 +00:00
|
|
|
. ini_get('upload_max_filesize'),
|
2013-02-15 15:04:18 +00:00
|
|
|
UPLOAD_ERR_FORM_SIZE => $l->t('The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form'),
|
2013-01-28 20:09:18 +00:00
|
|
|
UPLOAD_ERR_PARTIAL => $l->t('The uploaded file was only partially uploaded'),
|
|
|
|
UPLOAD_ERR_NO_FILE => $l->t('No file was uploaded'),
|
2013-01-18 23:31:09 +00:00
|
|
|
UPLOAD_ERR_NO_TMP_DIR => $l->t('Missing a temporary folder'),
|
|
|
|
UPLOAD_ERR_CANT_WRITE => $l->t('Failed to write to disk'),
|
2011-09-23 18:03:39 +00:00
|
|
|
);
|
2013-01-18 23:31:09 +00:00
|
|
|
OCP\JSON::error(array('data' => array_merge(array('message' => $errors[$error]), $storageStats)));
|
2011-09-23 18:03:39 +00:00
|
|
|
exit();
|
|
|
|
}
|
|
|
|
}
|
2013-01-18 23:31:09 +00:00
|
|
|
$files = $_FILES['files'];
|
2011-07-19 18:23:33 +00:00
|
|
|
|
2013-09-06 15:53:58 +00:00
|
|
|
$error = false;
|
2011-08-15 18:37:50 +00:00
|
|
|
|
2013-07-05 15:39:41 +00:00
|
|
|
$maxUploadFileSize = $storageStats['uploadMaxFilesize'];
|
|
|
|
$maxHumanFileSize = OCP\Util::humanFileSize($maxUploadFileSize);
|
2013-01-28 20:09:18 +00:00
|
|
|
|
2013-01-18 23:31:09 +00:00
|
|
|
$totalSize = 0;
|
|
|
|
foreach ($files['size'] as $size) {
|
|
|
|
$totalSize += $size;
|
2011-08-15 18:37:50 +00:00
|
|
|
}
|
2013-07-05 15:39:41 +00:00
|
|
|
if ($maxUploadFileSize >= 0 and $totalSize > $maxUploadFileSize) {
|
2013-02-07 22:59:14 +00:00
|
|
|
OCP\JSON::error(array('data' => array('message' => $l->t('Not enough storage available'),
|
2013-07-05 15:39:41 +00:00
|
|
|
'uploadMaxFilesize' => $maxUploadFileSize,
|
|
|
|
'maxHumanFilesize' => $maxHumanFileSize)));
|
2011-08-15 18:37:50 +00:00
|
|
|
exit();
|
|
|
|
}
|
|
|
|
|
2013-01-18 23:31:09 +00:00
|
|
|
$result = array();
|
|
|
|
if (strpos($dir, '..') === false) {
|
|
|
|
$fileCount = count($files['name']);
|
|
|
|
for ($i = 0; $i < $fileCount; $i++) {
|
2012-11-16 10:50:57 +00:00
|
|
|
// $path needs to be normalized - this failed within drag'n'drop upload to a sub-folder
|
2013-09-06 15:53:58 +00:00
|
|
|
if (isset($_POST['resolution']) && $_POST['resolution']==='autorename') {
|
|
|
|
// append a number in brackets like 'filename (2).ext'
|
|
|
|
$target = OCP\Files::buildNotExistingFileName(stripslashes($dir), $files['name'][$i]);
|
2013-08-12 10:33:22 +00:00
|
|
|
} else {
|
2013-09-06 15:53:58 +00:00
|
|
|
$target = \OC\Files\Filesystem::normalizePath(stripslashes($dir).'/'.$files['name'][$i]);
|
2013-08-12 10:33:22 +00:00
|
|
|
}
|
2014-02-12 10:43:34 +00:00
|
|
|
|
|
|
|
$directory = \OC\Files\Filesystem::normalizePath(stripslashes($dir));
|
|
|
|
if (isset($public_directory)) {
|
|
|
|
// If we are uploading from the public app,
|
|
|
|
// we want to send the relative path in the ajax request.
|
|
|
|
$directory = $public_directory;
|
|
|
|
}
|
|
|
|
|
2013-09-06 15:53:58 +00:00
|
|
|
if ( ! \OC\Files\Filesystem::file_exists($target)
|
|
|
|
|| (isset($_POST['resolution']) && $_POST['resolution']==='replace')
|
|
|
|
) {
|
|
|
|
// upload and overwrite file
|
2013-10-08 13:03:24 +00:00
|
|
|
try
|
|
|
|
{
|
|
|
|
if (is_uploaded_file($files['tmp_name'][$i]) and \OC\Files\Filesystem::fromTmpFile($files['tmp_name'][$i], $target)) {
|
|
|
|
|
|
|
|
// updated max file size after upload
|
|
|
|
$storageStats = \OCA\Files\Helper::buildFileStorageStatistics($dir);
|
|
|
|
|
|
|
|
$meta = \OC\Files\Filesystem::getFileInfo($target);
|
|
|
|
if ($meta === false) {
|
2014-01-22 16:17:58 +00:00
|
|
|
$error = $l->t('The target folder has been moved or deleted.');
|
|
|
|
$errorCode = 'targetnotfound';
|
2013-10-08 13:03:24 +00:00
|
|
|
} else {
|
|
|
|
$result[] = array('status' => 'success',
|
|
|
|
'mime' => $meta['mimetype'],
|
|
|
|
'mtime' => $meta['mtime'],
|
|
|
|
'size' => $meta['size'],
|
|
|
|
'id' => $meta['fileid'],
|
|
|
|
'name' => basename($target),
|
2013-10-28 10:22:34 +00:00
|
|
|
'etag' => $meta['etag'],
|
2013-10-08 13:03:24 +00:00
|
|
|
'originalname' => $files['tmp_name'][$i],
|
|
|
|
'uploadMaxFilesize' => $maxUploadFileSize,
|
|
|
|
'maxHumanFilesize' => $maxHumanFileSize,
|
2014-02-07 11:53:42 +00:00
|
|
|
'permissions' => $meta['permissions'] & $allowedPermissions,
|
2014-02-12 10:43:34 +00:00
|
|
|
'directory' => $directory,
|
2013-10-08 13:03:24 +00:00
|
|
|
);
|
|
|
|
}
|
|
|
|
|
2013-09-06 16:16:40 +00:00
|
|
|
} else {
|
2013-10-08 13:03:24 +00:00
|
|
|
$error = $l->t('Upload failed. Could not find uploaded file');
|
2013-09-06 16:16:40 +00:00
|
|
|
}
|
2013-10-08 13:03:24 +00:00
|
|
|
} catch(Exception $ex) {
|
|
|
|
$error = $ex->getMessage();
|
2013-09-06 15:53:58 +00:00
|
|
|
}
|
|
|
|
|
2013-08-12 10:33:22 +00:00
|
|
|
} else {
|
2013-09-06 15:53:58 +00:00
|
|
|
// file already exists
|
2013-09-06 16:16:40 +00:00
|
|
|
$meta = \OC\Files\Filesystem::getFileInfo($target);
|
|
|
|
if ($meta === false) {
|
|
|
|
$error = $l->t('Upload failed. Could not get file info.');
|
|
|
|
} else {
|
|
|
|
$result[] = array('status' => 'existserror',
|
|
|
|
'mime' => $meta['mimetype'],
|
|
|
|
'mtime' => $meta['mtime'],
|
|
|
|
'size' => $meta['size'],
|
|
|
|
'id' => $meta['fileid'],
|
|
|
|
'name' => basename($target),
|
2013-10-28 10:22:34 +00:00
|
|
|
'etag' => $meta['etag'],
|
2013-09-06 16:16:40 +00:00
|
|
|
'originalname' => $files['tmp_name'][$i],
|
|
|
|
'uploadMaxFilesize' => $maxUploadFileSize,
|
2013-09-18 09:22:29 +00:00
|
|
|
'maxHumanFilesize' => $maxHumanFileSize,
|
2014-02-07 11:53:42 +00:00
|
|
|
'permissions' => $meta['permissions'] & $allowedPermissions,
|
2014-02-12 10:43:34 +00:00
|
|
|
'directory' => $directory,
|
2013-09-06 16:16:40 +00:00
|
|
|
);
|
|
|
|
}
|
2011-07-19 18:23:33 +00:00
|
|
|
}
|
2011-04-16 21:18:06 +00:00
|
|
|
}
|
2012-08-28 22:50:12 +00:00
|
|
|
} else {
|
2013-01-18 23:31:09 +00:00
|
|
|
$error = $l->t('Invalid directory.');
|
2011-04-16 21:18:06 +00:00
|
|
|
}
|
|
|
|
|
2013-09-06 16:16:40 +00:00
|
|
|
if ($error === false) {
|
|
|
|
OCP\JSON::encodedPrint($result);
|
|
|
|
exit();
|
|
|
|
} else {
|
2014-01-22 16:17:58 +00:00
|
|
|
OCP\JSON::error(array(array('data' => array_merge(array('message' => $error, 'code' => $errorCode), $storageStats))));
|
2013-09-06 16:16:40 +00:00
|
|
|
}
|