Skip to content

Commit

Permalink
File Upload sessions: pass file index for deletion instead of file na…
Browse files Browse the repository at this point in the history 
…mes [Work in Progress]

git-svn-id: file:///Users/Shitiz/Downloads/lssvn/source/limesurvey_dev@9490 b72ed6b6-b9f8-46b5-92b4-906544132732
  • Loading branch information
Amit Shanker committed Nov 17, 2010
1 parent 8bc9a42 commit 788f37f
Show file tree
Hide file tree
Showing 6 changed files with 157 additions and 24 deletions.
70 changes: 65 additions & 5 deletions delete.php
View file
@@ -1,14 +1,74 @@
<?php

require_once(dirname(__FILE__).'/classes/core/startup.php');
require_once(dirname(__FILE__).'/config-defaults.php');
require_once(dirname(__FILE__).'/common.php');
require_once($homedir.'/classes/core/class.progressbar.php');
require_once(dirname(__FILE__).'/classes/core/language.php');

$filename = "upload/tmp/".$_GET['file'];
if (!isset($surveyid))
{
$surveyid=returnglobal('sid');
}
else
{
//This next line ensures that the $surveyid value is never anything but a number.
$surveyid=sanitize_int($surveyid);
}

$fh = fopen($filename, 'w') or die("can't open file");

// Compute the Session name
// Session name is based:
// * on this specific limesurvey installation (Value SessionName in DB)
// * on the surveyid (from Get or Post param). If no surveyid is given we are on the public surveys portal
$usquery = "SELECT stg_value FROM ".db_table_name("settings_global")." where stg_name='SessionName'";
$usresult = db_execute_assoc($usquery,'',true); //Checked
if ($usresult)
{
$usrow = $usresult->FetchRow();
$stg_SessionName=$usrow['stg_value'];
if ($surveyid)
{
@session_name($stg_SessionName.'-runtime-'.$surveyid);
}
else
{
@session_name($stg_SessionName.'-runtime-publicportal');
}
}
else
{
session_name("LimeSurveyRuntime-$surveyid");
}
session_set_cookie_params(0,$relativeurl.'/admin/');
@session_start();

if (empty($_SESSION) || !isset($_SESSION['fieldname']))
{
die("You don't have a valid session !");
}

$file_index = $_GET['file_index'];

$fileid = "upload/tmp/".$_SESSION['files'][$file_index]['id'];
$filename = $_SESSION['files'][$file_index]['name'];
$fh = fopen($fileid, 'w') or die("can't open file");
fclose($fh);

if (unlink($filename))
echo 'File '.basename($filename).' deleted';
if (unlink($fileid))
{
echo 'File '.rawurldecode($filename).' deleted';
for ($i = $file_index; $i < $_SESSION['filecount']; $i++)
{
$_SESSION['files'][$i]['name'] = $_SESSION['files'][$i + 1]['name'];
$_SESSION['files'][$i]['size'] = $_SESSION['files'][$i + 1]['size'];
$_SESSION['files'][$i]['ext'] = $_SESSION['files'][$i + 1]['ext'];
$_SESSION['files'][$i]['id'] = $_SESSION['files'][$i + 1]['id'];
}
$_SESSION['files'][$_SESSION['filecount']] = NULL;
$_SESSION['filecount'] -= 1;
}
else
echo 'Oops, There was an error deleting the file';

?>
2 changes: 1 addition & 1 deletion group.php
View file
Expand Up @@ -447,7 +447,7 @@
$upload_file = TRUE;
} //end iteration

if ($thissurvey['showprogress'] == 'Y')
if (isset($thissurvey['showprogress']) && $thissurvey['showprogress'] == 'Y')
{
if ($show_empty_group)
{
Expand Down
2 changes: 1 addition & 1 deletion scripts/uploader.css
View file
Expand Up @@ -28,7 +28,7 @@ img {

.upload-button {
border: 1px solid #79B7E7;
background: url("../images/ui-bg_glass_85_dfeffc_1x400.png") repeat-x scroll 50% 50% #DFEFFC;
background: url("jquery/css/start/images/ui-bg_glass_85_dfeffc_1x400.png") repeat-x scroll 50% 50% #DFEFFC;
color: #5670A1;
font-weight: bold;
outline: medium none;
Expand Down
17 changes: 11 additions & 6 deletions scripts/uploader.js
View file
@@ -1,5 +1,5 @@
$(document).ready(function(){

var ia = $('#ia').val();

/* Load the previously uploaded files */
Expand Down Expand Up @@ -52,12 +52,13 @@ $(document).ready(function(){
var button = $('#button1'), interval;

new AjaxUpload(button, {
action: 'upload.php',
action: 'upload.php?sid='+surveyid,
name: 'uploadfile',
data: {
valid_extensions : $('#allowed_filetypes').val(),
maxfilesize : $('#maxfilesize').val(),
preview : $('#preview').val()
preview : $('#preview').val(),
surveyid : surveyid
},
onSubmit : function(file, ext){

Expand Down Expand Up @@ -122,7 +123,7 @@ $(document).ready(function(){
var count = parseInt($('#licount').val());

var image_extensions = new Array("gif", "jpeg", "jpg", "png", "swf", "psd", "bmp", "tiff", "jp2", "iff", "bmp", "xbm", "ico");

if (metadata.success)
{
var previewblock = "<li id='li_"+count+"' class='previewblock'><div>"+
Expand All @@ -131,7 +132,7 @@ $(document).ready(function(){

// If the file is not an image, use a placeholder
if (isValueInArray(image_extensions, metadata.ext))
previewblock += "<img src='upload/tmp/"+decodeURIComponent(metadata.name)+"' height='60px' />";
previewblock += "<img src='upload/tmp/"+decodeURIComponent(metadata.id)+"' height='60px' />";
else
previewblock += "<img src='images/placeholder.png' height='60px' />";

Expand All @@ -146,6 +147,7 @@ $(document).ready(function(){
previewblock += "<td align='center' width='20%'><img style='cursor:pointer' src='images/delete.png' onclick='deletefile("+count+")'/></td>"+
"</tr></table>"+
"<input type='hidden' id='size_"+count+"' value="+metadata.size+" />"+
"<input type='hidden' id='file_index_"+count+"' value="+metadata.file_index+" />"+
"<input type='hidden' id='name_"+count+"' value="+metadata.name+" />"+
"<input type='hidden' id='filename_"+count+"' value="+metadata.filename+" />"+
"<input type='hidden' id='ext_" +count+"' value="+metadata.ext+" />"+
Expand Down Expand Up @@ -232,7 +234,10 @@ function saveAndExit() {
{
var confirmans = confirm("You need to upload " + (minfiles - filecount) + " more files for this question.\n\Are you sure you want to exit ?")
if (confirmans)
{
passJSON();
return true
}
else
return false;
}
Expand Down Expand Up @@ -260,7 +265,7 @@ function deletefile(i) {
}, 5000);
}
}
xmlhttp.open('GET','delete.php?file='+$("#name_"+i).val(),true);
xmlhttp.open('GET','delete.php?sid='+surveyid+'&file_index='+$("#file_index_"+i).val(),true);
xmlhttp.send();

$("#li_"+i).hide();
Expand Down
84 changes: 74 additions & 10 deletions upload.php
View file
@@ -1,7 +1,57 @@
<?php

require_once(dirname(__FILE__).'/classes/core/startup.php');
require_once(dirname(__FILE__).'/config-defaults.php');
require_once(dirname(__FILE__).'/common.php');
require_once($homedir.'/classes/core/class.progressbar.php');
require_once(dirname(__FILE__).'/classes/core/language.php');

if (!isset($surveyid))
{
$surveyid=returnglobal('sid');
}
else
{
//This next line ensures that the $surveyid value is never anything but a number.
$surveyid=sanitize_int($surveyid);
}


// Compute the Session name
// Session name is based:
// * on this specific limesurvey installation (Value SessionName in DB)
// * on the surveyid (from Get or Post param). If no surveyid is given we are on the public surveys portal
$usquery = "SELECT stg_value FROM ".db_table_name("settings_global")." where stg_name='SessionName'";
$usresult = db_execute_assoc($usquery,'',true); //Checked
if ($usresult)
{
$usrow = $usresult->FetchRow();
$stg_SessionName=$usrow['stg_value'];
if ($surveyid)
{
@session_name($stg_SessionName.'-runtime-'.$surveyid);
}
else
{
@session_name($stg_SessionName.'-runtime-publicportal');
}
}
else
{
session_name("LimeSurveyRuntime-$surveyid");
}
session_set_cookie_params(0,$relativeurl.'/admin/');
@session_start();

if (empty($_SESSION) || !isset($_SESSION['fieldname']))
{
die("You don't have a valid session !");
}

$id = randomkey(15);
$uploaddir = 'upload/tmp/';
$file = $uploaddir . basename($_FILES['uploadfile']['name']);
$file_id = $uploaddir . $id;
$filename = $_FILES['uploadfile']['name'];
$size = 0.001 * $_FILES['uploadfile']['size'];
$valid_extensions = strtolower($_POST['valid_extensions']);
$maxfilesize = $_POST['maxfilesize'];
Expand Down Expand Up @@ -39,17 +89,19 @@
echo json_encode($return);
}

else if (move_uploaded_file($_FILES['uploadfile']['tmp_name'], $file))
else if (move_uploaded_file($_FILES['uploadfile']['tmp_name'], $file_id))
{
$return = array(
"success" => true,
"size" => $size,
"name" => rawurlencode(basename($file)),
"name" => rawurlencode(basename($filename)),
"ext" => $ext,
"msg" => "The file has been successfuly uploaded."
);
echo json_encode($return);

// TODO : unlink this file since this is just a preview
// unlink($file_id);
}
}
else
Expand All @@ -64,15 +116,27 @@
echo json_encode($return);
}

if (move_uploaded_file($_FILES['uploadfile']['tmp_name'], $file))
if (move_uploaded_file($_FILES['uploadfile']['tmp_name'], $file_id))
{
if (!isset($_SESSION['filecount']))
$_SESSION['filecount'] = 0;

$_SESSION['filecount'] += 1;
$_SESSION['files'][$_SESSION['filecount']]['name'] = rawurlencode(basename($filename));
$_SESSION['files'][$_SESSION['filecount']]['size'] = $size;
$_SESSION['files'][$_SESSION['filecount']]['ext'] = $ext;
$_SESSION['files'][$_SESSION['filecount']]['id'] = $id;

$return = array(
"success" => true,
"size" => $size,
"name" => rawurlencode(basename($file)),
"ext" => $ext,
"msg" => "The file has been successfuly uploaded"
);
"success" => true,
"file_index" => $_SESSION['filecount'],
"size" => $size,
"name" => rawurlencode(basename($filename)),
"ext" => $ext,
"id" => $id,
"msg" => "The file has been successfuly uploaded"
);

echo json_encode($return);
}
// if there was some error, report error message
Expand Down
6 changes: 5 additions & 1 deletion uploader.php
View file
Expand Up @@ -15,7 +15,11 @@
$surveyid=sanitize_int($surveyid);
}

$meta ='<script type="text/javascript" src="scripts/ajaxupload.js"></script>
$meta = '<script type="text/javascript">
var surveyid = "'.$surveyid.'";
</script>';

$meta .='<script type="text/javascript" src="scripts/ajaxupload.js"></script>
<script type="text/javascript" src="scripts/uploader.js"></script>
<link type="text/css" href="scripts/uploader.css" rel="stylesheet" />';

Expand Down

0 comments on commit 788f37f

Please sign in to comment.