new command 'addfile' for adding attachments

2025-02-11 09:35:00 +00:00 · 2021-07-16 15:55:47 +02:00 · 2021-07-16 15:55:47 +02:00 · 0072efd2ff
commit 0072efd2ff
parent c1a2411882
1 changed files with 77 additions and 0 deletions
--- a/op/op.Ajax.php
+++ b/op/op.Ajax.php
@ -830,6 +830,83 @@ switch($command) {
 		}
 		break; /* }}} */

+	case 'addfile': /* {{{ */
+		if($user) {
+			if(checkFormKey('addfile')) {
+				if (!isset($_POST["documentid"]) || !is_numeric($_POST["documentid"]) || intval($_POST["documentid"])<1) {
+					header('Content-Type: application/json');
+					echo json_encode(array('success'=>false, 'message'=>getMLText("invalid_doc_id")));
+					exit;
+				}
+
+				$documentid = $_POST["documentid"];
+				$document = $dms->getDocument($documentid);
+
+				if (!is_object($document)) {
+					header('Content-Type: application/json');
+					echo json_encode(array('success'=>false, 'message'=>getMLText("invalid_doc_id")));
+					exit;
+				}
+
+				if ($document->getAccessMode($user, 'addDocumentFile') < M_READWRITE) {
+					header('Content-Type: application/json');
+					echo json_encode(array('success'=>false, 'message'=>getMLText("access_denied")));
+					exit;
+				}
+
+				if (!is_uploaded_file($_FILES["userfile"]["tmp_name"]) || $_FILES['userfile']['error']!=0){
+					header('Content-Type: application/json');
+					echo json_encode(array('success'=>false, 'message'=>getMLText("uploading_failed")));
+					exit;
+				}
+				if ($_FILES["userfile"]["size"]==0) {
+					header('Content-Type: application/json');
+					echo json_encode(array('success'=>false, 'message'=>getMLText("uploading_zerosize")));
+					exit;
+				} 
+
+				$maxuploadsize = SeedDMS_Core_File::parse_filesize($settings->_maxUploadSize);
+				if ($maxuploadsize && $_FILES["userfile"]["size"] > $maxuploadsize) {
+					header('Content-Type: application/json');
+					echo json_encode(array('success'=>false, 'message'=>getMLText("uploading_maxsize")));
+					exit;
+				}
+
+				$userfiletmp = $_FILES["userfile"]["tmp_name"];
+				$userfiletype = $_FILES["userfile"]["type"];
+				$userfilename = $_FILES["userfile"]["name"];
+
+				$fileType = ".".pathinfo($userfilename, PATHINFO_EXTENSION);
+
+				if($settings->_overrideMimeType) {
+					$finfo = finfo_open(FILEINFO_MIME_TYPE);
+					$userfiletype = finfo_file($finfo, $userfiletmp);
+				}
+
+				if (!empty($_POST["name"]))
+					$name = $_POST["name"];
+				else
+					$name = utf8_basename($userfilename);
+				$comment = '';
+				$version = 0;
+				$public = false;
+				$res = $document->addDocumentFile($name, $comment, $user, $userfiletmp, 
+					utf8_basename($userfilename),$fileType, $userfiletype, $version, $public);
+				if (is_bool($res) && !$res) {
+					header('Content-Type: application/json');
+					echo json_encode(array('success'=>false, 'message'=>getMLText('error_occured'), 'data'=>''));
+				} else {
+					header('Content-Type: application/json');
+					echo json_encode(array('success'=>true, 'message'=>getMLText('splash_document_added'), 'data'=>$document->getID()));
+					add_log_line();
+				}
+			} else {
+				header('Content-Type: application/json');
+				echo json_encode(array('success'=>false, 'message'=>getMLText('invalid_request_token'), 'data'=>''));
+			}
+		}
+		break; /* }}} */
+
 	case 'indexdocument':
 	case 'indexfolder': /* {{{ */
 		if($user && $user->isAdmin()) {