Location: PHPKode > projects > HikaShop > back/classes/file.php
<?php
/**
 * @package		HikaShop for Joomla!
 * @version		1.4.3
 * @author		hikashop.com
 * @copyright	(C) 2010 HIKARI SOFTWARE. All rights reserved.
 * @license		GNU/GPLv3 http://www.gnu.org/licenses/gpl-3.0.html
 */
defined('_JEXEC') or die('Restricted access');
?>
<?php
class hikashopFileClass extends hikashopClass{
	var $tables = array('file');
	var $pkeys = array('file_id');
	var $namekeys = array();
	var $deleteToggle = array('file'=>array('file_type','file_ref_id'));
	function saveFile($var_name='files',$type = 'image'){
		$file = JRequest::getVar( $var_name, array(), 'files', 'array' );
		if(empty($file['name'])){
			return false;
		}
		$app =& JFactory::getApplication();
		$config =& hikashop::config();
		if($type=='file'){
			$allowed = explode(',',strtolower($config->get('allowedfiles')));
		}else{
			$allowed = explode(',',strtolower($config->get('allowedimages')));
		}
		$uploadPath = $this->getPath($type);
		$tempData = array();
		if(empty($file['name'])) return false;
		$file_path = strtolower(JFile::makeSafe($file['name']));
		$extension = strtolower(substr($file_path,strrpos($file_path,'.')+1));
		if(!in_array($extension,$allowed)){
			$app->enqueueMessage(JText::sprintf( 'ACCEPTED_TYPE',$extension,implode(',',$allowed)), 'notice');
			return false;
		}
		if(JFile::exists($uploadPath . $file_path)){
			$pos = strrpos($file_path,'.');
			$file_path = substr($file_path,0,$pos).'_'.rand().'.'.substr($file_path,$pos+1);
		}
		if ( !move_uploaded_file($file['tmp_name'], $uploadPath . $file_path)) {
			if(!JFile::upload($file['tmp_name'], $uploadPath . $file_path)){
				$app->enqueueMessage(JText::sprintf( 'FAIL_UPLOAD',$file['tmp_name'],$uploadPath . $file_path), 'error');
				return false;
			}
		}
		return $file_path;
	}
	function storeFiles($type,$pkey,$var_name = 'files'){
		$ids = array();
		$files = JRequest::getVar( $var_name, array(), 'files', 'array' );
		if(!empty($files['name'][0]) OR !empty($files['name'][1])){
			$app =& JFactory::getApplication();
			$config =& hikashop::config();
			if($type=='file'){
				$allowed = explode(',',strtolower($config->get('allowedfiles')));
			}else{
				$allowed = explode(',',strtolower($config->get('allowedimages')));
				$imageHelper = hikashop::get('helper.image');
			}
			$uploadPath = $this->getPath($type);
			$tempData = array();
			foreach($files['name'] as $id => $filename){
				if(empty($filename)) continue;
				$file_path = strtolower(JFile::makeSafe($filename));
				$extension = strtolower(substr($file_path,strrpos($file_path,'.')+1));
				if(!in_array($extension,$allowed)){
					$app->enqueueMessage(JText::sprintf( 'ACCEPTED_TYPE',$extension,implode(',',$allowed)), 'notice');
					continue;
				}
				$tempData[$id]= $file_path;
			}
			if(!empty($tempData)){
				switch($type){
					case 'category':
						$query = 'SELECT * FROM '.hikashop::table(end($this->tables)).' WHERE file_ref_id = '.$pkey.' AND file_type=\'category\'';
						$this->database->setQuery($query);
						$oldEntries = $this->database->loadObjectList();
						foreach($oldEntries as $old){
							if(JFile::exists( $uploadPath . $old->file_path)) JFile::delete( $uploadPath . $old->file_path );
						}
						break;
				}
				foreach( $tempData as $id => $file_path){
					if(JFile::exists($uploadPath . $file_path)){
						$pos = strrpos($file_path,'.');
						$file_path = substr($file_path,0,$pos).'_'.rand().'.'.substr($file_path,$pos+1);
					}
					if ( !move_uploaded_file($files['tmp_name'][$id], $uploadPath . $file_path)) {
						if(!JFile::upload($files['tmp_name'][$id], $uploadPath . $file_path)){
							$app->enqueueMessage(JText::sprintf( 'FAIL_UPLOAD',$files['tmp_name'][$id],$uploadPath . $file_path), 'error');
							continue;
						}
					}
					if(!in_array($type,array('file','watermark'))){
						$imageHelper->resizeImage($file_path);
						$imageHelper->generateThumbnail($file_path);
					}
					$element = null;
					$element->file_path = $file_path;
					$element->file_type = $type;
					$element->file_ref_id = $pkey;
					$status = $this->save($element);
					if($status){
						$ids[$id] = $status;
					}
				}
			}
		}elseif(JRequest::getVar('ctrl')=='product'){
			$app =& JFactory::getApplication();
			$app->enqueueMessage(JText::_( 'ADD_FILE_VIA_BROWSE_BUTTON'),'error');
		}
		if(!empty($ids)){
			switch($type){
				case 'category':
					$query = 'DELETE FROM '.hikashop::table(end($this->tables)).' WHERE file_id NOT IN ('.implode(',',$ids).') AND file_ref_id = '.$pkey.' AND file_type=\'category\'';
					$this->database->setQuery($query);
					$this->database->query();
					break;
			}
		}
		return $ids;
	}
	function deleteFiles($type,$pkeys){
		if(!is_array($pkeys)) $pkeys = array($pkeys);
		$uploadPath = $this->getPath($type);
		$query = 'SELECT * FROM '.hikashop::table(end($this->tables)).' WHERE file_ref_id IN ('.implode(',',$pkeys).') AND file_type=\''.$type.'\'';
		$this->database->setQuery($query);
		$oldEntries = $this->database->loadObjectList();
		if(!empty($oldEntries)){
			$paths = array();
			$ids = array();
			foreach($oldEntries as $old){
				$paths[] = $this->database->Quote($old->file_path);
				$ids[] = $old->file_id;
			}
			$query = 'SELECT file_path FROM '.hikashop::table(end($this->tables)).' WHERE file_path IN ('.implode(',',$paths).') AND file_id NOT IN ('.implode(',',$ids).')';
			$this->database->setQuery($query);
			$stillUsed = $this->database->loadResultArray();
			foreach($oldEntries as $old){
				if((empty($stillUsed) || !in_array($old->file_path,$stillUsed))&&JFile::exists( $uploadPath . $old->file_path)){
					JFile::delete( $uploadPath . $old->file_path );
					if(!in_array($type,array('file','watermark')) && JFile::exists(  $uploadPath .'thumbnail'.DS. $old->file_path)){
						JFile::delete( $uploadPath .'thumbnail'.DS. $old->file_path );
					}
				} 
			}
			$query = 'DELETE FROM '.hikashop::table(end($this->tables)).' WHERE file_ref_id IN ('.implode(',',$pkeys).') AND file_type=\''.$type.'\'';
			$this->database->setQuery($query);
			$this->database->query();
			$elements = array();
			foreach($oldEntries as $old){
				$elements[]=$old->file_id;
			}
			$class = hikashop::get('helper.translation');
			$class->deleteTranslations('file',$elements);
		}
	}
	function download($file_id,$order_id=0){
		$app =& JFactory::getApplication();
		$file = $this->get($file_id);
		if(!$app->isAdmin()){
			$user_id = hikashop::loadUser();
			if(empty($user_id)){
				$app->enqueueMessage(JText::_('PLEASE_LOGIN_FIRST'));
				return false;
			}
			$orderClass = hikashop::get('class.order');
			$order = $orderClass->get($order_id);
			if(empty($order) || $order->order_user_id != $user_id){
				$app->enqueueMessage('ORDER_NOT_FOUND');
				return false;
			}
			$config =& hikashop::config();
			$order_status_for_download = $config->get('order_status_for_download','confirmed,shipped');
			if(!in_array($order->order_status,explode(',',$order_status_for_download))){
				$app->enqueueMessage(JText::_('BECAUSE_STATUS_NO_DOWNLOAD'));
				return false;
			}
			$download_time_limit = $config->get('download_time_limit',0);			
			if(!empty($download_time_limit) && ($download_time_limit+$order->order_created)<time()){
				$app->enqueueMessage(JText::_('TOO_LATE_NO_DOWNLOAD'));
				return false;
			}
			$query = 'SELECT a.* FROM '.hikashop::table('order_product').' AS a WHERE a.order_id = '.$order_id;
			$this->database->setQuery($query);
			$order->products = $this->database->loadObjectList();
			$product_ids = array();
			foreach($order->products as $product){
				$products_ids[]=$product->product_id;
			}
			$query = 'SELECT * FROM '.hikashop::table('product').' WHERE product_id IN ('.implode(',',$products_ids).') AND product_type=\'variant\'';
			$this->database->setQuery($query);
			$products = $this->database->loadObjectList();
			if(!empty($products)){
				foreach($products as $product){
					foreach($order->products as $item){
						if($product->product_id == $item->product_id && !empty($product->product_parent_id)){
							$item->product_parent_id = $product->product_parent_id;
							$products_ids[]=$product->product_parent_id;
						}
					}
				}
			}
			$filters = array('a.file_ref_id IN ('.implode(',',$products_ids).')','a.file_type=\'file\'','a.file_id='.$file_id);
			$query = 'SELECT a.*,b.* FROM '.hikashop::table('file').' AS a LEFT JOIN '.hikashop::table('download').' AS b ON b.order_id='.$order->order_id.' AND a.file_id = b.file_id WHERE '.implode(' AND ',$filters);
			$this->database->setQuery($query);
			$fileData = $this->database->loadObject();
			if(!empty($fileData)){
				$download_number_limit = $config->get('download_number_limit',0);
				if(!empty($download_number_limit) && $download_number_limit<=$fileData->download_number){
					$app->enqueueMessage(JText::_('MAX_REACHED_NO_DOWNLOAD'));
					return false;
				}
			}else{
				$app->enqueueMessage(JText::_('FILE_NOT_FOUND'));
				return false;
			}
		}
		if(!empty($file)){
			$path = $this->getPath('file');
			if($data = JFile::read( $path . $file->file_path)){
				if(!$app->isAdmin()){
					$query = 'SELECT * FROM '.hikashop::table('download').' WHERE file_id='.$file->file_id.' AND order_id='.$order_id;
					$this->database->setQuery($query);
					$download = $this->database->loadObject();
					if(empty($download)){
						$query = 'INSERT INTO '.hikashop::table('download').'(file_id,order_id,download_number) VALUES('.$file->file_id.','.$order_id.',1);';
					}else{
						$query = 'UPDATE '.hikashop::table('download').' SET download_number=download_number+1 WHERE file_id='.$file->file_id.' AND order_id='.$order_id;
					}
					$this->database->setQuery($query);
					$this->database->query();
				}
				header("Expires: 0");
				header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
				header("Content-type: application/octet-stream");
				header("Content-Transfer-Encoding: binary");
				$len = strlen($data);
				header("Content-Length: $len");
				header("Cache-Control: maxage=1");
				header("Pragma: public");
				header("Content-Disposition: attachment; filename=\"".$file->file_path."\"");
				echo $data;
				exit;
			}
		}
		$app->enqueueMessage(JText::_('FILE_NOT_FOUND'));
		return true;
	}
	function downloadFieldFile($name,$field_table,$field_namekey){
		$app =& JFactory::getApplication();
		if(!$app->isAdmin()){
			$found = false;
			switch($field_table){
				case 'entry':
					$entriesData = $app->getUserState(HIKASHOP_COMPONENT.'.entries_fields');
					if(!empty($entriesData)){
						foreach($entriesData as $entryData){
							if(@$entryData->$field_namekey==$name){
								$found = true;
							}
						}
					}
					break;
				case 'order':
					$orderData = $app->getUserState( HIKASHOP_COMPONENT.'.checkout_fields');
					if(@$orderData->$field_namekey==$name){
						$found = true;
					}
					break;
				default:
					break;
			}
			if(!$found){
				switch($field_table){
					case 'order':
						$this->database->setQuery('SELECT order_id FROM '.hikashop::table('order').' WHERE order_user_id='.hikashop::loadUser().' AND '.$field_namekey.' = '.$this->database->Quote($name));
						break;
					case 'entry':
						$this->database->setQuery('SELECT b.entry_id FROM '.hikashop::table('order').' AS a LEFT JOIN '.hikashop::table('entry').' AS b ON a.order_id=b.order_id WHERE a.order_user_id='.hikashop::loadUser().' AND b.'.$field_namekey.' = '.$this->database->Quote($name));
						break;
					case 'user':
						$this->database->setQuery('SELECT user_id FROM '.hikashop::table('user').' WHERE user_id='.hikashop::loadUser().' AND '.$field_namekey.' = '.$this->database->Quote($name));
						break;
					case 'address':
						$this->database->setQuery('SELECT address_id FROM '.hikashop::table('address').' WHERE address_user_id='.hikashop::loadUser().' AND '.$field_namekey.' = '.$this->database->Quote($name));
						break;
					case 'product':
						$filters = array($field_namekey.' = '.$this->database->Quote($name));
						hikashop::addACLFilters($filters,'product_access','product');
						$this->database->setQuery('SELECT product_id FROM '.hikashop::table('product').' WHERE '.implode(' AND ',$filters));
						break;
					default:
						return false;
				}
				$result = $this->database->loadResult();
				if($result){
					$found = true;
				}
			}
			if(!$found){
				return false;
			}
		}
		$path = $this->getPath('file');
		if($data = JFile::read( $path . $name)){
			header("Expires: 0");
			header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
			header("Content-type: application/octet-stream");
			header("Content-Transfer-Encoding: binary");
			$len = strlen($data);
			header("Content-Length: $len");
			header("Cache-Control: maxage=1");
			header("Pragma: public");
			header("Content-Disposition: attachment; filename=\"".$name."\"");
			echo $data;
			exit;
		}
		return false;
	}
	function getPath($type){
		$app =& JFactory::getApplication();
		jimport('joomla.filesystem.file');
		$config =& hikashop::config();
		if($type=='file'){
			$uploadFolder=$config->get('uploadsecurefolder');
		}else{
			$uploadFolder=$config->get('uploadfolder');
		}
		$uploadFolder = rtrim(JPath::clean(html_entity_decode($uploadFolder)),DS.' ').DS;
		if(!preg_match('#^([A-Z]:)?/.*#',$uploadFolder)){
			if(!$uploadFolder[0]=='/' || !is_dir($uploadFolder)){
				$uploadFolder = JPath::clean(HIKASHOP_ROOT.DS.trim($uploadFolder,DS.' ').DS);
			}
		}
		$this->checkFolder($uploadFolder);
		if($type!='file'){
			$this->checkFolder($uploadFolder.'thumbnail'.DS);
		}		
		return $uploadFolder;
	}
	function checkFolder($uploadPath){
		if(!is_dir($uploadPath)){
			jimport('joomla.filesystem.folder');
			JFolder::create($uploadPath);
		}
		if(!is_writable($uploadPath)){
			@chmod($uploadPath,'0755');
			if(!is_writable($uploadPath)){
				$app =& JFactory::getApplication();
				$app->enqueueMessage(JText::sprintf( 'WRITABLE_FOLDER',$uploadPath), 'notice');
				return false;
			}
		}
		return true;
	}
}
Return current item: HikaShop