Bootswatch, Summernote, and Captcheck mods for Mods for HESK (mods-for-hesk.com). In use at support.netsyms.com.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

attachments.inc.php 4.0KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148
  1. <?php
  2. /**
  3. *
  4. * This file is part of HESK - PHP Help Desk Software.
  5. *
  6. * (c) Copyright Klemen Stirn. All rights reserved.
  7. * https://www.hesk.com
  8. *
  9. * For the full copyright and license agreement information visit
  10. * https://www.hesk.com/eula.php
  11. *
  12. */
  13. /* Check if this is a valid include */
  14. if (!defined('IN_SCRIPT')) {
  15. die('Invalid attempt');
  16. }
  17. /***************************
  18. * Function hesk_uploadFiles()
  19. ***************************/
  20. function hesk_uploadFile($i, $isTicket = true)
  21. {
  22. global $hesk_settings, $hesklang, $trackingID, $hesk_error_buffer, $modsForHesk_settings;
  23. /* Return if name is empty */
  24. $name = $i == -1
  25. ? $_FILES['attachment']['name']
  26. : $_FILES['attachment']['name'][$i];
  27. if (empty($name)) {
  28. return '';
  29. }
  30. /* Parse the name */
  31. $file_realname = hesk_cleanFileName($name);
  32. /* Check file extension */
  33. $ext = strtolower(strrchr($file_realname, "."));
  34. if (!in_array($ext, $hesk_settings['attachments']['allowed_types'])) {
  35. return hesk_fileError(sprintf($hesklang['type_not_allowed'], $ext, $file_realname));
  36. }
  37. /* Check file size */
  38. $size = $i == -1
  39. ? $_FILES['attachment']['size']
  40. : $_FILES['attachment']['size'][$i];
  41. if ($size > $hesk_settings['attachments']['max_size']) {
  42. return hesk_fileError(sprintf($hesklang['file_too_large'], $file_realname));
  43. } else {
  44. $file_size = $size;
  45. }
  46. /* Generate a random file name */
  47. $useChars = 'AEUYBDGHJLMNPQRSTVWXZ123456789';
  48. $tmp = uniqid();
  49. for ($j = 1; $j < 10; $j++) {
  50. $tmp .= $useChars{mt_rand(0, 29)};
  51. }
  52. $file_name = substr(md5($tmp . $file_realname), 0, 200) . $ext;
  53. // Does the temporary file exist? If not, probably server-side configuration limits have been reached
  54. // Uncomment this for debugging purposes
  55. /*
  56. if ( ! file_exists($_FILES['attachment']['tmp_name'][$i]) )
  57. {
  58. return hesk_fileError($hesklang['fnuscphp']);
  59. }
  60. */
  61. /* If upload was successful let's create the headers */
  62. $directory = $hesk_settings['attach_dir'];
  63. if (!$isTicket) {
  64. $directory = $modsForHesk_settings['kb_attach_dir'];
  65. }
  66. $file_to_move = $i == -1
  67. ? $_FILES['attachment']['tmp_name']
  68. : $_FILES['attachment']['tmp_name'][$i];
  69. if (!move_uploaded_file($file_to_move, dirname(dirname(__FILE__)) . '/' . $directory . '/' . $file_name)) {
  70. return hesk_fileError($hesklang['cannot_move_tmp']);
  71. }
  72. $info = array(
  73. 'saved_name' => $file_name,
  74. 'real_name' => $file_realname,
  75. 'size' => $file_size
  76. );
  77. return $info;
  78. } // End hesk_uploadFile()
  79. function hesk_fileError($error)
  80. {
  81. global $hesk_settings, $hesklang, $trackingID;
  82. global $hesk_error_buffer;
  83. $hesk_error_buffer['attachments'] = $error;
  84. return false;
  85. } // End hesk_fileError()
  86. function hesk_removeAttachments($attachments, $isTicket = true)
  87. {
  88. global $hesk_settings, $hesklang, $modsForHesk_settings;
  89. $directory = $hesk_settings['attach_dir'];
  90. if (!$isTicket) {
  91. $directory = $modsForHesk_settings['kb_attach_dir'];
  92. }
  93. $hesk_settings['server_path'] = dirname(dirname(__FILE__)) . '/' . $directory . '/';
  94. foreach ($attachments as $myatt) {
  95. hesk_unlink($hesk_settings['server_path'] . $myatt['saved_name']);
  96. }
  97. return true;
  98. } // End hesk_removeAttachments()
  99. function mfh_getTemporaryAttachment($id) {
  100. global $hesk_settings;
  101. $rs = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "temp_attachment` WHERE `id` = " . intval($id));
  102. if (hesk_dbNumRows($rs) == 0) {
  103. return NULL;
  104. }
  105. $row = hesk_dbFetchAssoc($rs);
  106. $info = array(
  107. 'saved_name' => $row['saved_name'],
  108. 'real_name' => $row['file_name'],
  109. 'size' => $row['size']
  110. );
  111. return $info;
  112. }
  113. function mfh_deleteTemporaryAttachment($id) {
  114. global $hesk_settings;
  115. hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "temp_attachment` WHERE `id` = ".intval($id));
  116. }