public $linkurl; // string(254) not_null
public $descript; // blob(65535) not_null blob
public $title; // string(128) not_null
-
/* the code above is auto generated do not remove the tag below */
###END_AUTOCODE
+
+ function checkPerm($perm, $au)
+ {
+ // default permissons are to
+ // allow create / edit / if the user has
+
+ if (!$au) {
+
+
+
+ return false;
+ }
+
+ $o = $this->object();
+ //print_r($o);
+ if (method_exists($o, 'hasPerm')) {
+ // edit permissions on related object needed...
+ return $o->hasPerm( $perm == 'S' ? 'S' : 'E' , $au);
+
+ }
+
+ return true; //// ??? not really that safe...
+
+ }
+
+
+
+
+
+
/**
* create an email from file.
* these must have been set first.
$f = $this->getStoreName();
$dest = dirname($f);
if (!file_exists($dest)) {
-
+ // currently this is 0775 due to problems using shared hosing (FTP)
+ // it makes all the files unaccessable..
+ // you can normally solve this by giving the storedirectory better perms
+ // if needed on a dedicated server..
$oldumask = umask(0);
- mkdir($dest, 0770, true);
+ mkdir($dest, 0775, true);
umask($oldumask);
}
));
}
-
/**
* deletes all the image instances of it...
}
// direct via roo...
+ /// ctrl not used??
function onUpload($ctrl)
{
}
+
+
/**
* return a list of images for an object, optionally with a mime regex.
* eg. '%/pdf' or 'image/%'
function object($obj=false)
{
if ($obj === false) {
+ if (empty($this->ontable) || empty($this->onid)) {
+ return false;
+ }
$ret = DB_DataObject::factory($this->ontable);
$ret->get($this->onid);
return $ret;
}
+
+
$this->ontable = $obj->tableName();
$this->onid = $obj->id; /// assumes our nice standard of using ids..
return $obj;
// echo '<PRE>';print_r($req);exit;
$ret= $this->toArray();
-
+ static $ff = false;
+ if (!$ff) {
+ $ff = HTML_FlexyFramework::get();
+ }
+
+ $ret['public_baseURL'] = isset($ff->Pman_Images['public_baseURL']) ?
+ $ff->Pman_Images['public_baseURL'] : $ff->baseURL;
+
if (!empty($req['query']['imagesize'])) {
$baseURL = isset($req['query']['imageBaseURL']) ? $req['query']['imageBaseURL'] : false;
$ff = HTML_FlexyFramework::get();
$baseURL = $baseURL ? $baseURL : $ff->baseURL ;
+ if (preg_match('#^http[s]*://#', $provider)) {
+ $baseURL = '';
+ }
+
if ($size < 0) {
+ $provider = preg_replace('#/Thumb$#', '', $provider);
+
return $baseURL . $provider . "/{$this->id}/{$this->filename}";
}
//-- max?
$sy = $sz[1];
}
// create it?
-
-
+
return '<img src="' . $this->URL($size, $provider) . '" width="'. $sx . '" height="'. $sy . '">';
+ }
+
+ /**
+ * to Fileconvert object..
+ *
+ *
+ *
+ */
+ function toFileConvert()
+ {
+ require_once 'File/Convert.php';
+ $fc = new File_Convert($this->getStoreName(), $this->mimetype);
+ return $fc;
+
}
+ function fileExt()
+ {
+ require_once 'File/MimeType.php';
+
+ $y = new File_MimeType();
+ return $y->toExt($this->mimetype);
+
+
+ }
+ /**
+ *
+ *
+ *
+ */
function setFromRoo($ar, $roo)
{
// not sure why we do this..
+
+
+
+
// if imgtype starts with '-' ? then we set the 'old' (probably to delete later)
if (!empty($ar['imgtype']) && !empty($ar['ontable']) && !empty($ar['onid']) && ($ar['imgtype'][0] == '-')) {
$this->setFrom($ar);
if (!empty($ar['_copy_from'])) {
+
+ if (!$this->checkPerm( 'A' , $roo->authUser)) {
+ $roo->jerr("IMAGE UPLOAD PERMISSION DENIED");
+ }
+
$copy = DB_DataObject::factory('Images');
$copy->get($ar['_copy_from']);
$this->setFrom($copy->toArray());
// FIXME - we should be checking perms here...
- //if (method_exists($x, 'checkPerm') && !$x->checkPerm('E', $this->authUser)) {
- // $this->jerr("PERMISSION DENIED");
- // }
+
// this should be doign update
$this->setFrom($ar);
+
+ if (!$this->checkPerm($this->id ? 'A' : 'E', $roo->authUser)) {
+ $roo->jerr("IMAGE UPLOAD PERMISSION DENIED");
+ }
if (!isset($_FILES['imageUpload'])) {
return; // standard update...
}
if ( !$this->onUpload($this)) {
- $this->jerr("File upload failed");
+ $roo->jerr("File upload failed : ". $this->err);
}
+
$roo->addEvent("ADD", $this, $this->toEventString());
$r = DB_DataObject::factory($this->tableName());
$roo->jok($r->toArray());
}
+
function toEventString()
{