2 // +----------------------------------------------------------------------+
3 // | Anuko Time Tracker
4 // +----------------------------------------------------------------------+
5 // | Copyright (c) Anuko International Ltd. (https://www.anuko.com)
6 // +----------------------------------------------------------------------+
7 // | LIBERAL FREEWARE LICENSE: This source code document may be used
8 // | by anyone for any purpose, and freely redistributed alone or in
9 // | combination with other software, provided that the license is obeyed.
11 // | There are only two ways to violate the license:
13 // | 1. To redistribute this code in source form, with the copyright
14 // | notice or license removed or altered. (Distributing in compiled
15 // | forms without embedded copyright notices is permitted).
17 // | 2. To redistribute modified versions of this code in *any* form
18 // | that bears insufficient indications that the modifications are
19 // | not the work of the original author(s).
21 // | This license applies to this document only, not any other software
22 // | that it may be combined with.
24 // +----------------------------------------------------------------------+
26 // | https://www.anuko.com/time_tracker/credits.htm
27 // +----------------------------------------------------------------------+
29 // ttFileHelper class is used for attachment handling.
31 var $errors = null; // Errors go here. Set in constructor by reference.
32 var $storage_uri = null; // Location of file storage facility.
33 var $register_uri = null; // URI to register with file storage facility.
34 var $putfile_uri = null; // URI to put file in file storage.
35 var $deletefile_uri = null; // URI to delete file from file storage.
36 var $deletefiles_uri = null; // URI to delete multiple files from file storage.
37 var $getfile_uri = null; // URI to get file from file storage.
38 var $site_id = null; // Site id for file storage.
39 var $site_key = null; // Site key for file storage.
40 var $file_data = null; // Downloaded file data.
43 function __construct(&$errors) {
44 $this->errors = &$errors;
46 if (defined('FILE_STORAGE_URI')) {
47 $this->storage_uri = FILE_STORAGE_URI;
48 $this->register_uri = $this->storage_uri.'register';
49 $this->putfile_uri = $this->storage_uri.'putfile';
50 $this->deletefile_uri = $this->storage_uri.'deletefile';
51 $this->deletefiles_uri = $this->storage_uri.'deletefiles';
52 $this->getfile_uri = $this->storage_uri.'getfile';
53 $this->checkSiteRegistration();
57 // checkSiteRegistration - obtains site id and key from local database.
58 // If not found, it tries to register with file storage facility.
59 function checkSiteRegistration() {
62 $mdb2 = getConnection();
65 $sql = "select param_value as id from tt_site_config where param_name = 'locker_id'";
66 $res = $mdb2->query($sql);
67 $val = $res->fetchRow();
69 // No site id found, need to register.
70 $fields = array('name' => urlencode('time tracker'),
71 'origin' => urlencode('time tracker source'));
73 // Urlify the data for the POST.
74 foreach($fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
75 $fields_string = rtrim($fields_string, '&');
80 // Set the url, number of POST vars, POST data.
81 curl_setopt($ch, CURLOPT_URL, $this->register_uri);
82 curl_setopt($ch, CURLOPT_POST, true);
83 curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string);
84 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
86 // Execute a post request.
87 $result = curl_exec($ch);
92 $result_array = json_decode($result, true);
94 $this->errors->add($i18n->get('error.file_storage'));
96 else if ($result_array['error']) {
97 // Add an error from file storage facility if we have it.
98 $this->errors->add($result_array['error']);
100 else if ($result_array['id'] && $result_array['key']) {
101 $this->site_id = $result_array['id'];
102 $this->site_key = $result_array['key'];
104 // Registration successful. Store id and key locally for future use.
105 $sql = "insert into tt_site_config values('locker_id', $this->site_id, now(), null)";
107 $sql = "insert into tt_site_config values('locker_key', ".$mdb2->quote($this->site_key).", now(), null)";
110 $this->errors->add($i18n->get('error.file_storage'));
114 $this->site_id = $val['id'];
117 $sql = "select param_value as site_key from tt_site_config where param_name = 'locker_key'";
118 $res = $mdb2->query($sql);
119 $val = $res->fetchRow();
120 $this->site_key = $val['site_key'];
124 // putFile - puts uploaded file in remote storage.
125 function putFile($fields) {
128 $mdb2 = getConnection();
130 $group_id = $user->getGroup();
131 $org_id = $user->org_id;
133 $curl_fields = array('site_id' => urlencode($this->site_id),
134 'site_key' => urlencode($this->site_key),
135 'org_id' => urlencode($org_id),
136 'org_key' => urlencode($this->getOrgKey()),
137 'group_id' => urlencode($group_id),
138 'group_key' => urlencode($this->getGroupKey()),
139 'entity_type' => urlencode($fields['entity_type']),
140 'entity_id' => urlencode($fields['entity_id']),
141 'file_name' => urlencode($fields['file_name']),
142 'description' => urlencode($fields['description']),
143 'content' => urlencode(base64_encode(file_get_contents($_FILES['newfile']['tmp_name'])))
146 // url-ify the data for the POST.
147 foreach($curl_fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
148 $fields_string = rtrim($fields_string, '&');
153 // Set the url, number of POST vars, POST data.
154 curl_setopt($ch, CURLOPT_URL, $this->putfile_uri);
155 curl_setopt($ch, CURLOPT_POST, true);
156 curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string);
157 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
159 // Execute a post request.
160 $result = curl_exec($ch);
165 // Delete uploaded file.
166 unlink($_FILES['newfile']['tmp_name']);
169 $this->errors->add($i18n->get('error.file_storage'));
173 $result_array = json_decode($result, true);
174 $file_id = (int) $result_array['file_id'];
175 $file_key = $result_array['file_key'];
176 $error = $result_array['error'];
178 if ($error || !$file_id || !$file_key) {
180 // Add an error from file storage facility if we have it.
181 $this->errors->add($error);
186 // File put was successful. Store file attributes locally.
187 $file_key = $mdb2->quote($file_key);
188 $entity_type = $mdb2->quote($fields['entity_type']);
189 $entity_id = (int) $fields['entity_id'];
190 $file_name = $mdb2->quote($fields['file_name']);
191 $description = $mdb2->quote($fields['description']);
193 $created_ip = $mdb2->quote($_SERVER['REMOTE_ADDR']);
194 $created_by = $user->id;
196 $columns = '(group_id, org_id, remote_id, file_key, entity_type, entity_id, file_name, description, created, created_ip, created_by)';
197 $values = "values($group_id, $org_id, $file_id, $file_key, $entity_type, $entity_id, $file_name, $description, $created, $created_ip, $created_by)";
198 $sql = "insert into tt_files $columns $values";
199 $affected = $mdb2->exec($sql);
200 return (!is_a($affected, 'PEAR_Error'));
203 // deleteFile - deletes a file from remote storage and its details from local database.
204 function deleteFile($fields) {
207 $mdb2 = getConnection();
209 $group_id = $user->getGroup();
210 $org_id = $user->org_id;
212 $curl_fields = array('site_id' => urlencode($this->site_id),
213 'site_key' => urlencode($this->site_key),
214 'org_id' => urlencode($org_id),
215 'org_key' => urlencode($this->getOrgKey()),
216 'group_id' => urlencode($group_id),
217 'group_key' => urlencode($this->getGroupKey()),
218 'entity_type' => urlencode($fields['entity_type']),
219 'entity_id' => urlencode($fields['entity_id']),
220 'file_id' => urlencode($fields['remote_id']),
221 'file_key' => urlencode($fields['file_key']),
222 'file_name' => urlencode($fields['file_name']));
224 // url-ify the data for the POST.
225 foreach($curl_fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
226 $fields_string = rtrim($fields_string, '&');
231 // Set the url, number of POST vars, POST data.
232 curl_setopt($ch, CURLOPT_URL, $this->deletefile_uri);
233 curl_setopt($ch, CURLOPT_POST, true);
234 curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string);
235 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
237 // Execute a post request.
238 $result = curl_exec($ch);
244 $this->errors->add($i18n->get('error.file_storage'));
248 $result_array = json_decode($result, true);
249 $status = (int) $result_array['status'];
250 $error = $result_array['error'];
253 // Add an error from file storage facility if we have it.
254 $this->errors->add($error);
257 // There is no explicit error message, but still something not right.
258 $this->errors->add($i18n->get('error.file_storage'));
261 // Delete file reference from database even when remote file storage call fails.
262 // This is by design to keep things simple.
263 $file_id = (int) $fields['id'];
264 $entity_id = (int) $fields['entity_id'];
265 $sql = "delete from tt_files".
266 " where id = $file_id and org_id = $org_id and group_id = $group_id and entity_id = $entity_id";
267 $affected = $mdb2->exec($sql);
268 if (is_a($affected, 'PEAR_Error')) {
269 $this->errors->add($i18n->get('error.db'));
273 // File successfully deleted from both file storage and database.
277 // deleteEntityFiles - deletes all files associated with an entity.
278 // TODO: decide whether deleteGroupFiles and deleteOrgFiles should be
279 // separate functions.
280 function deleteEntityFiles($entity_id, $entity_type) {
284 $mdb2 = getConnection();
286 $group_id = $user->getGroup();
287 $org_id = $user->org_id;
289 $curl_fields = array('site_id' => urlencode($this->site_id),
290 'site_key' => urlencode($this->site_key),
291 'org_id' => urlencode($org_id),
292 'org_key' => urlencode($this->getOrgKey()),
293 'group_id' => urlencode($group_id),
294 'group_key' => urlencode($this->getGroupKey()),
295 'entity_type' => urlencode($entity_type),
296 'entity_id' => urlencode($entity_id));
298 // url-ify the data for the POST.
299 foreach($curl_fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
300 $fields_string = rtrim($fields_string, '&');
305 // Set the url, number of POST vars, POST data.
306 curl_setopt($ch, CURLOPT_URL, $this->deletefiles_uri);
307 curl_setopt($ch, CURLOPT_POST, true);
308 curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string);
309 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
311 // Execute a post request.
312 $result = curl_exec($ch);
318 $this->errors->add($i18n->get('error.file_storage'));
322 $result_array = json_decode($result, true);
323 $status = (int) $result_array['status'];
324 $error = $result_array['error'];
327 // Add an error from file storage facility if we have it.
328 $this->errors->add($error);
331 // There is no explicit error message, but still something not right.
332 $this->errors->add($i18n->get('error.file_storage'));
335 // Many things can go wrong with a remote call to file storage facility.
336 // By design, we ignore such errors, and proceed with removal of entity
337 // records from the database.
339 // Delete all entity records from the database.
340 $file_id = $fields['id'];
341 $sql = "delete from tt_files".
342 " where entity_id = $entity_id".
343 " and entity_type = ".$mdb2->quote($entity_type).
344 " and org_id = $org_id and group_id = $group_id";
345 $affected = $mdb2->exec($sql);
346 if (is_a($affected, 'PEAR_Error')) {
347 $this->errors->add($i18n->get('error.db'));
354 // getOrgKey obtains organization key from the database.
355 private function getOrgKey() {
357 $mdb2 = getConnection();
359 $org_id = $user->org_id;
360 $sql = "select group_key from tt_groups where id = $org_id and status = 1";
361 $res = $mdb2->query($sql);
362 $val = $res->fetchRow();
363 return $val['group_key'];
366 // getGrtoupKey obtains group key from the database.
367 private function getGroupKey() {
369 $mdb2 = getConnection();
371 $group_id = $user->getGroup();
372 $org_id = $user->org_id;
374 $sql = "select group_key from tt_groups where id = $group_id and org_id = $org_id and status = 1";
375 $res = $mdb2->query($sql);
376 $val = $res->fetchRow();
377 return $val['group_key'];
380 // getEntityFiles obtains a list of files for an entity.
381 static function getEntityFiles($id, $type) {
383 $mdb2 = getConnection();
385 $group_id = $user->getGroup();
386 $org_id = $user->org_id;
389 $entity_type = $mdb2->quote($type);
390 $sql = "select id, remote_id, file_key, file_name as name, description from tt_files".
391 " where entity_type = $entity_type and entity_id = $id".
392 " and group_id = $group_id and org_id = $org_id and status = 1 order by id";
393 $res = $mdb2->query($sql);
394 if (!is_a($res, 'PEAR_Error')) {
395 while ($val = $res->fetchRow()) {
402 // get - obtains file details from local database.
403 static function get($id) {
405 $mdb2 = getConnection();
407 $group_id = $user->getGroup();
408 $org_id = $user->org_id;
410 $sql = "select id, remote_id, file_key, entity_type, entity_id, file_name, description, status from tt_files".
411 " where id = $id and group_id = $group_id and org_id = $org_id and (status = 0 or status = 1)";
412 $res = $mdb2->query($sql);
413 if (!is_a($res, 'PEAR_Error')) {
414 $val = $res->fetchRow();
415 if ($val && $val['id'])
421 // update - updates file details in local database.
422 static function update($fields) {
424 $mdb2 = getConnection();
426 $group_id = $user->getGroup();
427 $org_id = $user->org_id;
429 $file_id = (int) $fields['id'];
430 $description = $mdb2->quote($fields['description']);
432 $sql = "update tt_files set description = $description where id = $file_id".
433 " and group_id = $group_id and org_id = $org_id and (status = 0 or status = 1)";
434 $affected = $mdb2->exec($sql);
435 return !is_a($affected, 'PEAR_Error');
439 // getFile - downloads file from remote storage to memory.
440 function getFile($fields) {
443 $mdb2 = getConnection();
445 $group_id = $user->getGroup();
446 $org_id = $user->org_id;
448 $curl_fields = array('site_id' => urlencode($this->site_id),
449 'site_key' => urlencode($this->site_key),
450 'org_id' => urlencode($org_id),
451 'org_key' => urlencode($this->getOrgKey()),
452 'group_id' => urlencode($group_id),
453 'group_key' => urlencode($this->getGroupKey()),
454 'entity_type' => urlencode($fields['entity_type']),
455 'entity_id' => urlencode($fields['entity_id']),
456 'file_id' => urlencode($fields['remote_id']),
457 'file_key' => urlencode($fields['file_key']),
458 'file_name' => urlencode($fields['file_name']));
460 // url-ify the data for the POST.
461 foreach($curl_fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
462 $fields_string = rtrim($fields_string, '&');
467 // Set the url, number of POST vars, POST data.
468 curl_setopt($ch, CURLOPT_URL, $this->getfile_uri);
469 curl_setopt($ch, CURLOPT_POST, true);
470 curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string);
471 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
473 // Execute a post request.
474 $result = curl_exec($ch);
476 $error = curl_error();
477 $result_array2 = json_decode($result, true);
483 $this->errors->add($i18n->get('error.file_storage'));
487 $result_array = json_decode($result, true);
488 $status = (int) $result_array['status'];
489 $error = $result_array['error'];
492 // Add an error from file storage facility if we have it.
493 $this->errors->add($error);
497 // There is no explicit error message, but still something not right.
498 $this->errors->add($i18n->get('error.file_storage'));
502 $this->file_data = $result_array['content'];
507 // getFileData - returns file data from memory.
508 function getFileData() {
509 return base64_decode($this->file_data);