nextcloud/apps/files/ajax/upload.php

158 lines
5.2 KiB
PHP
Raw Normal View History

2011-04-17 01:18:06 +04:00
<?php
// Firefox and Konqueror tries to download application/json for me. --Arthur
2012-05-03 14:23:29 +04:00
OCP\JSON::setContentTypeHeader('text/plain');
2011-04-17 01:18:06 +04:00
2013-06-25 14:24:14 +04:00
// If a directory token is sent along check if public upload is permitted.
// If not, check the login.
// If no token is sent along, rely on login only
$l = OC_L10N::get('files');
if (empty($_POST['dirToken'])) {
2013-07-01 17:37:52 +04:00
// The standard case, files are uploaded through logged in users :)
OCP\JSON::checkLoggedIn();
$dir = isset($_POST['dir']) ? $_POST['dir'] : "";
if (!$dir || empty($dir) || $dir === false) {
OCP\JSON::error(array('data' => array_merge(array('message' => $l->t('Unable to set upload directory.')))));
die();
}
2013-06-25 14:24:14 +04:00
} else {
2013-07-01 17:37:52 +04:00
$linkItem = OCP\Share::getShareByToken($_POST['dirToken']);
if ($linkItem === false) {
OCP\JSON::error(array('data' => array_merge(array('message' => $l->t('Invalid Token')))));
die();
}
if (!($linkItem['permissions'] & OCP\PERMISSION_CREATE)) {
OCP\JSON::checkLoggedIn();
} else {
// resolve reshares
$rootLinkItem = OCP\Share::resolveReShare($linkItem);
// Setup FS with owner
OC_Util::tearDownFS();
OC_Util::setupFS($rootLinkItem['uid_owner']);
2013-07-01 17:37:52 +04:00
// The token defines the target directory (security reasons)
$path = \OC\Files\Filesystem::getPath($linkItem['file_source']);
2013-07-01 17:37:52 +04:00
$dir = sprintf(
"/%s/%s",
$path,
2013-07-01 17:37:52 +04:00
isset($_POST['subdir']) ? $_POST['subdir'] : ''
);
if (!$dir || empty($dir) || $dir === false) {
OCP\JSON::error(array('data' => array_merge(array('message' => $l->t('Unable to set upload directory.')))));
die();
}
}
2013-06-25 14:24:14 +04:00
}
OCP\JSON::callCheck();
2011-04-17 01:18:06 +04:00
2013-02-01 23:29:02 +04:00
// get array with current storage stats (e.g. max file size)
$storageStats = \OCA\files\lib\Helper::buildFileStorageStatistics($dir);
if (!isset($_FILES['files'])) {
OCP\JSON::error(array('data' => array_merge(array('message' => $l->t('No file was uploaded. Unknown error')), $storageStats)));
exit();
}
2013-01-03 01:15:43 +04:00
foreach ($_FILES['files']['error'] as $error) {
if ($error != 0) {
$errors = array(
UPLOAD_ERR_OK => $l->t('There is no error, the file uploaded with success'),
UPLOAD_ERR_INI_SIZE => $l->t('The uploaded file exceeds the upload_max_filesize directive in php.ini: ')
2013-07-01 17:37:52 +04:00
. ini_get('upload_max_filesize'),
2013-02-15 19:04:18 +04:00
UPLOAD_ERR_FORM_SIZE => $l->t('The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form'),
UPLOAD_ERR_PARTIAL => $l->t('The uploaded file was only partially uploaded'),
UPLOAD_ERR_NO_FILE => $l->t('No file was uploaded'),
UPLOAD_ERR_NO_TMP_DIR => $l->t('Missing a temporary folder'),
UPLOAD_ERR_CANT_WRITE => $l->t('Failed to write to disk'),
);
OCP\JSON::error(array('data' => array_merge(array('message' => $errors[$error]), $storageStats)));
exit();
}
}
$files = $_FILES['files'];
$error = '';
$maxUploadFileSize = $storageStats['uploadMaxFilesize'];
$maxHumanFileSize = OCP\Util::humanFileSize($maxUploadFileSize);
$totalSize = 0;
foreach ($files['size'] as $size) {
$totalSize += $size;
}
if ($maxUploadFileSize >= 0 and $totalSize > $maxUploadFileSize) {
OCP\JSON::error(array('data' => array('message' => $l->t('Not enough storage available'),
'uploadMaxFilesize' => $maxUploadFileSize,
'maxHumanFilesize' => $maxHumanFileSize)));
exit();
}
$result = array();
if (strpos($dir, '..') === false) {
$fileCount = count($files['name']);
for ($i = 0; $i < $fileCount; $i++) {
// $path needs to be normalized - this failed within drag'n'drop upload to a sub-folder
2013-08-16 13:40:55 +04:00
if (isset($_POST['newname'])) {
$newName = $_POST['newname'];
} else {
$newName = $files['name'][$i];
}
if (isset($_POST['replace']) && $_POST['replace'] == true) {
$replace = true;
} else {
$replace = false;
}
2013-08-16 13:40:55 +04:00
$target = \OC\Files\Filesystem::normalizePath(stripslashes($dir).'/'.$newName);
if ( ! $replace && \OC\Files\Filesystem::file_exists($target)) {
2012-10-27 01:05:02 +04:00
$meta = \OC\Files\Filesystem::getFileInfo($target);
$result[] = array('status' => 'existserror',
2013-08-16 13:40:55 +04:00
'type' => $meta['mimetype'],
'mtime' => $meta['mtime'],
'size' => $meta['size'],
'id' => $meta['fileid'],
'name' => basename($target),
'originalname' => $newName,
'uploadMaxFilesize' => $maxUploadFileSize,
'maxHumanFilesize' => $maxHumanFileSize
2013-01-18 23:09:03 +04:00
);
} else {
//$target = OCP\Files::buildNotExistingFileName(stripslashes($dir), $files['name'][$i]);
if (is_uploaded_file($files['tmp_name'][$i]) and \OC\Files\Filesystem::fromTmpFile($files['tmp_name'][$i], $target)) {
$meta = \OC\Files\Filesystem::getFileInfo($target);
// updated max file size after upload
$storageStats = \OCA\files\lib\Helper::buildFileStorageStatistics($dir);
if ($meta === false) {
OCP\JSON::error(array('data' => array_merge(array('message' => $l->t('Upload failed')), $storageStats)));
exit();
} else {
$result[] = array('status' => 'success',
'mime' => $meta['mimetype'],
'mtime' => $meta['mtime'],
'size' => $meta['size'],
'id' => $meta['fileid'],
'name' => basename($target),
'originalname' => $newName,
'uploadMaxFilesize' => $maxUploadFileSize,
'maxHumanFilesize' => $maxHumanFileSize
);
}
}
}
2011-04-17 01:18:06 +04:00
}
2012-05-03 14:23:29 +04:00
OCP\JSON::encodedPrint($result);
exit();
2012-08-29 02:50:12 +04:00
} else {
$error = $l->t('Invalid directory.');
2011-04-17 01:18:06 +04:00
}
OCP\JSON::error(array('data' => array_merge(array('message' => $error), $storageStats)));