2 // +----------------------------------------------------------------------+
3 // | Anuko Time Tracker
4 // +----------------------------------------------------------------------+
5 // | Copyright (c) Anuko International Ltd. (https://www.anuko.com)
6 // +----------------------------------------------------------------------+
7 // | LIBERAL FREEWARE LICENSE: This source code document may be used
8 // | by anyone for any purpose, and freely redistributed alone or in
9 // | combination with other software, provided that the license is obeyed.
11 // | There are only two ways to violate the license:
13 // | 1. To redistribute this code in source form, with the copyright
14 // | notice or license removed or altered. (Distributing in compiled
15 // | forms without embedded copyright notices is permitted).
17 // | 2. To redistribute modified versions of this code in *any* form
18 // | that bears insufficient indications that the modifications are
19 // | not the work of the original author(s).
21 // | This license applies to this document only, not any other software
22 // | that it may be combined with.
24 // +----------------------------------------------------------------------+
26 // | https://www.anuko.com/time_tracker/credits.htm
27 // +----------------------------------------------------------------------+
29 // ttFileHelper class is used for attachment handling.
31 var $errors = null; // Errors go here. Set in constructor by reference.
32 var $storage_uri = null; // Location of file storage facility.
33 var $register_uri = null; // URI to register with file storage facility.
34 var $putfile_uri = null; // URI to put file in file storage.
35 var $deletefile_uri = null; // URI to delete file from file storage.
36 var $deletefiles_uri = null; // URI to delete multiple files from file storage.
37 var $getfile_uri = null; // URI to get file from file storage.
38 var $site_id = null; // Site id for file storage.
39 var $site_key = null; // Site key for file storage.
40 var $file_data = null; // Downloaded file data.
43 function __construct(&$errors) {
44 $this->errors = &$errors;
46 if (defined('FILE_STORAGE_URI')) {
47 $this->storage_uri = FILE_STORAGE_URI;
48 $this->register_uri = $this->storage_uri.'register';
49 $this->putfile_uri = $this->storage_uri.'putfile';
50 $this->deletefile_uri = $this->storage_uri.'deletefile';
51 $this->deletefiles_uri = $this->storage_uri.'deletefiles';
52 $this->getfile_uri = $this->storage_uri.'getfile';
53 $this->checkSiteRegistration();
57 // checkSiteRegistration - obtains site id and key from local database.
58 // If not found, it tries to register with file storage facility.
59 function checkSiteRegistration() {
62 $mdb2 = getConnection();
65 $sql = "select param_value as id from tt_site_config where param_name = 'locker_id'";
66 $res = $mdb2->query($sql);
67 $val = $res->fetchRow();
69 // No site id found, need to register.
70 $fields = array('name' => urlencode('time tracker'),
71 'origin' => urlencode('time tracker source'));
73 // Urlify the data for the POST.
74 foreach($fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
75 $fields_string = rtrim($fields_string, '&');
80 // Set the url, number of POST vars, POST data.
81 curl_setopt($ch, CURLOPT_URL, $this->register_uri);
82 curl_setopt($ch, CURLOPT_POST, true);
83 curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string);
84 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
86 // Execute a post request.
87 $result = curl_exec($ch);
92 $result_array = json_decode($result, true);
94 $this->errors->add($i18n->get('error.file_storage'));
96 else if ($result_array['error']) {
97 // Add an error from file storage facility if we have it.
98 $this->errors->add($result_array['error']);
100 else if ($result_array['id'] && $result_array['key']) {
101 $this->site_id = $result_array['id'];
102 $this->site_key = $result_array['key'];
104 // Registration successful. Store id and key locally for future use.
105 $sql = "insert into tt_site_config values('locker_id', $this->site_id, now(), null)";
107 $sql = "insert into tt_site_config values('locker_key', ".$mdb2->quote($this->site_key).", now(), null)";
110 $this->errors->add($i18n->get('error.file_storage'));
114 $this->site_id = $val['id'];
117 $sql = "select param_value as site_key from tt_site_config where param_name = 'locker_key'";
118 $res = $mdb2->query($sql);
119 $val = $res->fetchRow();
120 $this->site_key = $val['site_key'];
124 // putFile - puts uploaded file in remote storage.
125 function putFile($fields) {
128 $mdb2 = getConnection();
130 $group_id = $user->getGroup();
131 $org_id = $user->org_id;
133 $curl_fields = array('site_id' => urlencode($this->site_id),
134 'site_key' => urlencode($this->site_key),
135 'org_id' => urlencode($org_id),
136 'org_key' => urlencode($this->getOrgKey()),
137 'group_id' => urlencode($group_id),
138 'group_key' => urlencode($this->getGroupKey()),
139 'entity_type' => urlencode($fields['entity_type']),
140 'entity_id' => urlencode($fields['entity_id']),
141 'file_name' => urlencode($fields['file_name']),
142 'description' => urlencode($fields['description']),
143 'content' => urlencode(base64_encode(file_get_contents($_FILES['newfile']['tmp_name'])))
146 // url-ify the data for the POST.
147 foreach($curl_fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
148 $fields_string = rtrim($fields_string, '&');
153 // Set the url, number of POST vars, POST data.
154 curl_setopt($ch, CURLOPT_URL, $this->putfile_uri);
155 curl_setopt($ch, CURLOPT_POST, true);
156 curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string);
157 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
159 // Execute a post request.
160 $result = curl_exec($ch);
165 // Delete uploaded file.
166 unlink($_FILES['newfile']['tmp_name']);
169 $this->errors->add($i18n->get('error.file_storage'));
173 $result_array = json_decode($result, true);
174 $file_id = (int) $result_array['file_id'];
175 $file_key = $result_array['file_key'];
176 $error = $result_array['error'];
178 if ($error || !$file_id || !$file_key) {
180 // Add an error from file storage facility if we have it.
181 $this->errors->add($error);
186 // File put was successful. Store file attributes locally.
187 $file_key = $mdb2->quote($file_key);
188 $entity_type = $mdb2->quote($fields['entity_type']);
189 $entity_id = (int) $fields['entity_id'];
190 $file_name = $mdb2->quote($fields['file_name']);
191 $description = $mdb2->quote($fields['description']);
193 $created_ip = $mdb2->quote($_SERVER['REMOTE_ADDR']);
194 $created_by = $user->id;
196 $columns = '(group_id, org_id, remote_id, file_key, entity_type, entity_id, file_name, description, created, created_ip, created_by)';
197 $values = "values($group_id, $org_id, $file_id, $file_key, $entity_type, $entity_id, $file_name, $description, $created, $created_ip, $created_by)";
198 $sql = "insert into tt_files $columns $values";
199 $affected = $mdb2->exec($sql);
200 return (!is_a($affected, 'PEAR_Error'));
203 // deleteFile - deletes a file from remote storage and its details from local database.
204 function deleteFile($fields) {
207 $mdb2 = getConnection();
209 $group_id = $user->getGroup();
210 $org_id = $user->org_id;
212 $curl_fields = array('site_id' => urlencode($this->site_id),
213 'site_key' => urlencode($this->site_key),
214 'org_id' => urlencode($org_id),
215 'org_key' => urlencode($this->getOrgKey()),
216 'group_id' => urlencode($group_id),
217 'group_key' => urlencode($this->getGroupKey()),
218 'entity_type' => urlencode($fields['entity_type']),
219 'entity_id' => urlencode($fields['entity_id']),
220 'file_id' => urlencode($fields['remote_id']),
221 'file_key' => urlencode($fields['file_key']),
222 'file_name' => urlencode($fields['file_name']));
224 // url-ify the data for the POST.
225 foreach($curl_fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
226 $fields_string = rtrim($fields_string, '&');
231 // Set the url, number of POST vars, POST data.
232 curl_setopt($ch, CURLOPT_URL, $this->deletefile_uri);
233 curl_setopt($ch, CURLOPT_POST, true);
234 curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string);
235 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
237 // Execute a post request.
238 $result = curl_exec($ch);
244 $this->errors->add($i18n->get('error.file_storage'));
248 $result_array = json_decode($result, true);
249 $status = (int) $result_array['status'];
250 $error = $result_array['error'];
253 // Add an error from file storage facility if we have it.
254 $this->errors->add($error);
257 // There is no explicit error message, but still something not right.
258 $this->errors->add($i18n->get('error.file_storage'));
261 // Delete file reference from database even when remote file storage call fails.
262 // This is by design to keep things simple.
263 $file_id = (int) $fields['id'];
264 $entity_id = (int) $fields['entity_id'];
265 $sql = "delete from tt_files".
266 " where id = $file_id and org_id = $org_id and group_id = $group_id and entity_id = $entity_id";
267 $affected = $mdb2->exec($sql);
268 if (is_a($affected, 'PEAR_Error')) {
269 $this->errors->add($i18n->get('error.db'));
273 // File successfully deleted from both file storage and database.
277 // deleteEntityFiles - deletes all files associated with an entity.
278 function deleteEntityFiles($entity_id, $entity_type) {
280 if (!$this->entityHasFiles($entity_id, $entity_type))
281 return true; // No files to delete.
285 $mdb2 = getConnection();
287 $group_id = $user->getGroup();
288 $org_id = $user->org_id;
290 $curl_fields = array('site_id' => urlencode($this->site_id),
291 'site_key' => urlencode($this->site_key),
292 'org_id' => urlencode($org_id),
293 'org_key' => urlencode($this->getOrgKey()),
294 'group_id' => urlencode($group_id),
295 'group_key' => urlencode($this->getGroupKey()),
296 'entity_type' => urlencode($entity_type),
297 'entity_id' => urlencode($entity_id));
299 // url-ify the data for the POST.
300 foreach($curl_fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
301 $fields_string = rtrim($fields_string, '&');
306 // Set the url, number of POST vars, POST data.
307 curl_setopt($ch, CURLOPT_URL, $this->deletefiles_uri);
308 curl_setopt($ch, CURLOPT_POST, true);
309 curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string);
310 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
312 // Execute a post request.
313 $result = curl_exec($ch);
319 $this->errors->add($i18n->get('error.file_storage'));
323 $result_array = json_decode($result, true);
324 $status = (int) $result_array['status'];
325 $error = $result_array['error'];
328 // Add an error from file storage facility if we have it.
329 $this->errors->add($error);
332 // There is no explicit error message, but still something not right.
333 $this->errors->add($i18n->get('error.file_storage'));
336 // Many things can go wrong with a remote call to file storage facility.
337 // By design, we ignore such errors, and proceed with removal of entity
338 // records from the database.
340 // Delete all entity records from the database.
341 $file_id = $fields['id'];
342 $sql = "delete from tt_files".
343 " where entity_id = $entity_id".
344 " and entity_type = ".$mdb2->quote($entity_type).
345 " and org_id = $org_id and group_id = $group_id";
346 $affected = $mdb2->exec($sql);
347 if (is_a($affected, 'PEAR_Error')) {
348 $this->errors->add($i18n->get('error.db'));
355 // entityHasFiles determines if an entity has any files referenced in database.
356 private function entityHasFiles($entity_id, $entity_type) {
358 $mdb2 = getConnection();
360 $group_id = $user->getGroup();
361 $org_id = $user->org_id;
363 $sql = "select id from tt_files where org_id = $org_id and group_id = $group_id".
364 " and entity_type = ".$mdb2->quote($entity_type)." and entity_id = $entity_id limit 1";
365 $res = $mdb2->query($sql);
366 $val = $res->fetchRow();
367 return $val['id'] > 0;
370 // getOrgKey obtains organization key from the database.
371 private function getOrgKey() {
373 $mdb2 = getConnection();
375 $org_id = $user->org_id;
376 $sql = "select group_key from tt_groups where id = $org_id and status = 1";
377 $res = $mdb2->query($sql);
378 $val = $res->fetchRow();
379 return $val['group_key'];
382 // getGrtoupKey obtains group key from the database.
383 private function getGroupKey() {
385 $mdb2 = getConnection();
387 $group_id = $user->getGroup();
388 $org_id = $user->org_id;
390 $sql = "select group_key from tt_groups where id = $group_id and org_id = $org_id and status = 1";
391 $res = $mdb2->query($sql);
392 $val = $res->fetchRow();
393 return $val['group_key'];
396 // getEntityFiles obtains a list of files for an entity.
397 static function getEntityFiles($id, $type) {
399 $mdb2 = getConnection();
401 $group_id = $user->getGroup();
402 $org_id = $user->org_id;
405 $entity_type = $mdb2->quote($type);
406 $sql = "select id, remote_id, file_key, file_name as name, description from tt_files".
407 " where entity_type = $entity_type and entity_id = $id".
408 " and group_id = $group_id and org_id = $org_id and status = 1 order by id";
409 $res = $mdb2->query($sql);
410 if (!is_a($res, 'PEAR_Error')) {
411 while ($val = $res->fetchRow()) {
418 // get - obtains file details from local database.
419 static function get($id) {
421 $mdb2 = getConnection();
423 $group_id = $user->getGroup();
424 $org_id = $user->org_id;
426 $sql = "select id, remote_id, file_key, entity_type, entity_id, file_name, description, status from tt_files".
427 " where id = $id and group_id = $group_id and org_id = $org_id and (status = 0 or status = 1)";
428 $res = $mdb2->query($sql);
429 if (!is_a($res, 'PEAR_Error')) {
430 $val = $res->fetchRow();
431 if ($val && $val['id'])
437 // update - updates file details in local database.
438 static function update($fields) {
440 $mdb2 = getConnection();
442 $group_id = $user->getGroup();
443 $org_id = $user->org_id;
445 $file_id = (int) $fields['id'];
446 $description = $mdb2->quote($fields['description']);
448 $sql = "update tt_files set description = $description where id = $file_id".
449 " and group_id = $group_id and org_id = $org_id and (status = 0 or status = 1)";
450 $affected = $mdb2->exec($sql);
451 return !is_a($affected, 'PEAR_Error');
455 // getFile - downloads file from remote storage to memory.
456 function getFile($fields) {
459 $mdb2 = getConnection();
461 $group_id = $user->getGroup();
462 $org_id = $user->org_id;
464 $curl_fields = array('site_id' => urlencode($this->site_id),
465 'site_key' => urlencode($this->site_key),
466 'org_id' => urlencode($org_id),
467 'org_key' => urlencode($this->getOrgKey()),
468 'group_id' => urlencode($group_id),
469 'group_key' => urlencode($this->getGroupKey()),
470 'entity_type' => urlencode($fields['entity_type']),
471 'entity_id' => urlencode($fields['entity_id']),
472 'file_id' => urlencode($fields['remote_id']),
473 'file_key' => urlencode($fields['file_key']),
474 'file_name' => urlencode($fields['file_name']));
476 // url-ify the data for the POST.
477 foreach($curl_fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
478 $fields_string = rtrim($fields_string, '&');
483 // Set the url, number of POST vars, POST data.
484 curl_setopt($ch, CURLOPT_URL, $this->getfile_uri);
485 curl_setopt($ch, CURLOPT_POST, true);
486 curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string);
487 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
489 // Execute a post request.
490 $result = curl_exec($ch);
492 $error = curl_error();
493 $result_array2 = json_decode($result, true);
499 $this->errors->add($i18n->get('error.file_storage'));
503 $result_array = json_decode($result, true);
504 $status = (int) $result_array['status'];
505 $error = $result_array['error'];
508 // Add an error from file storage facility if we have it.
509 $this->errors->add($error);
513 // There is no explicit error message, but still something not right.
514 $this->errors->add($i18n->get('error.file_storage'));
518 $this->file_data = $result_array['content'];
523 // getFileData - returns file data from memory.
524 function getFileData() {
525 return base64_decode($this->file_data);