[Vtigercrm-commits] [vtiger-commits] r7276 - in /vtigercrm/trunk: data/ include/ include/utils/ modules/Contacts/ modules/Emails/ modules/Products/ modules/uploads/

vtigercrm-commits at vtiger.fosslabs.com vtigercrm-commits at vtiger.fosslabs.com
Mon Jun 19 19:18:06 EDT 2006 

Author: saraj
Date: Mon Jun 19 17:17:55 2006
New Revision: 7276

Log:
* Changes made for handling the attachment as generic one

Modified:
    vtigercrm/trunk/data/CRMEntity.php
    vtigercrm/trunk/include/RelatedListView.php
    vtigercrm/trunk/include/utils/DetailViewUtils.php
    vtigercrm/trunk/modules/Contacts/Save.php
    vtigercrm/trunk/modules/Emails/mail.php
    vtigercrm/trunk/modules/Products/Save.php
    vtigercrm/trunk/modules/uploads/add2db.php
    vtigercrm/trunk/modules/uploads/deleteattachments.php
    vtigercrm/trunk/modules/uploads/downloadfile.php

Modified: vtigercrm/trunk/data/CRMEntity.php
==============================================================================
--- vtigercrm/trunk/data/CRMEntity.php (original)
+++ vtigercrm/trunk/data/CRMEntity.php Mon Jun 19 17:17:55 2006
@@ -255,13 +255,27 @@
 		global $log, $adb;
 		$log->debug("Entering into insertIntoAttachment($id,$module) method.");
 		
+		$file_saved = false;
+
+		//This is to added to store the existing attachment id of the contact where we should delete this when we give new image
+		if($module == 'Contacts')
+			$old_attachmentid = $adb->query_result($adb->query("select * from vtiger_seattachmentsrel where crmid=$id"),0,'attachmentsid');
+
 		foreach($_FILES as $fileindex => $files)
 		{
 			if($files['name'] != '' && $files['size'] > 0)
 			{
-				$this->uploadAndSaveFile($id,$module,$files);
-			}
-		}
+				$file_saved = $this->uploadAndSaveFile($id,$module,$files);
+			}
+		}
+
+		//This is to handle the delete image for contacts
+		if($module == 'Contacts' && $file_saved)
+		{
+			$del_res1 = $adb->query("delete from vtiger_attachments where attachmentsid=$old_attachmentid");
+			$del_res2 = $adb->query("delete from vtiger_seattachmentsrel where attachmentsid=$old_attachmentid");
+		}
+
 
 		//Remove the deleted vtiger_attachments from db - Products
 		if($module == 'Products' && $_REQUEST['del_file_list'] != '')
@@ -291,7 +305,7 @@
 	{
 		global $log;
 		$log->debug("Entering into uploadAndSaveFile($id,$module,$file_details) method.");
-		
+
 		global $adb, $current_user;
 		global $upload_badext;
 
@@ -315,16 +329,18 @@
 		}
 		// Vulnerability fix ends
 
+		$current_id = $adb->getUniqueID("vtiger_crmentity");
+
 		$filename = basename($binFile);
 		$filetype= $file_details['type'];
 		$filesize = $file_details['size'];
 		$filetmp_name = $file_details['tmp_name'];
-		
+
 		//get the file path inwhich folder we want to upload the file
 		$upload_file_path = decideFilePath();
 
 		//upload the file in server
-		$upload_status = move_uploaded_file($filetmp_name,$upload_file_path.$binFile);
+		$upload_status = move_uploaded_file($filetmp_name,$upload_file_path.$current_id."_".$binFile);
 
 		$save_file = 'true';
 		//only images are allowed for these modules
@@ -333,10 +349,8 @@
 			$save_file = validateImageFile(&$file_details);
 		}
 
-		if($save_file == 'true')
-		{
-			$current_id = $adb->getUniqueID("vtiger_crmentity");
-
+		if($save_file == 'true' && $upload_status == 'true')
+		{
 			//This is only to update the attached filename in the vtiger_notes vtiger_table for the Notes module
 			if($module=='Notes')
 			{
@@ -365,14 +379,14 @@
 			}
 			$sql3='insert into vtiger_seattachmentsrel values('.$id.','.$current_id.')';
 			$adb->query($sql3);
+
+			return true;
 		}
 		else
 		{
 			$log->debug("Skip the save attachment process.");
-		}
-		$log->debug("Exiting from uploadAndSaveFile($id,$module,$file_details) method.");
-
-		return;
+			return false;
+		}
 	}
 
 

Modified: vtigercrm/trunk/include/RelatedListView.php
==============================================================================
--- vtigercrm/trunk/include/RelatedListView.php (original)
+++ vtigercrm/trunk/include/RelatedListView.php Mon Jun 19 17:17:55 2006
@@ -259,7 +259,7 @@
 		}
 
 		$entries[] = nl2br($row['description']); 
-		$attachmentname = ltrim($row['filename'],$id.'_');//explode('_',$row['filename'],2);
+		$attachmentname = ltrim($row['filename'],$row['attachmentsid'].'_');//explode('_',$row['filename'],2);
 
 		$entries[] = '<a href="index.php?module=uploads&action=downloadfile&entityid='.$id.'&fileid='.$row['attachmentsid'].'">'.$attachmentname.'</a>';
 

Modified: vtigercrm/trunk/include/utils/DetailViewUtils.php
==============================================================================
--- vtigercrm/trunk/include/utils/DetailViewUtils.php (original)
+++ vtigercrm/trunk/include/utils/DetailViewUtils.php Mon Jun 19 17:17:55 2006
@@ -372,10 +372,11 @@
 		if($tabid==14)
 		{
 			$images=array();
-			$query = 'select productname,vtiger_attachments.path,vtiger_attachments.name from vtiger_products left join vtiger_seattachmentsrel on vtiger_seattachmentsrel.crmid=vtiger_products.productid inner join vtiger_attachments on vtiger_attachments.attachmentsid=vtiger_seattachmentsrel.attachmentsid where productid='.$col_fields['record_id'];
+			$query = 'select productname, vtiger_attachments.path, vtiger_attachments.attachmentsid, vtiger_attachments.name from vtiger_products left join vtiger_seattachmentsrel on vtiger_seattachmentsrel.crmid=vtiger_products.productid inner join vtiger_attachments on vtiger_attachments.attachmentsid=vtiger_seattachmentsrel.attachmentsid where productid='.$col_fields['record_id'];
 			$result_image = $adb->query($query);
 			for($image_iter=0;$image_iter < $adb->num_rows($result_image);$image_iter++)	
 			{
+				$image_id_array[] = $adb->query_result($result_image,$image_iter,'attachmentsid');	
 				$image_array[] = $adb->query_result($result_image,$image_iter,'name');	
 				$imagepath_array[] = $adb->query_result($result_image,$image_iter,'path');	
 			}
@@ -392,13 +393,13 @@
 
 				for($image_iter=0;$image_iter < count($image_array);$image_iter++)
 				{
-					$images[]='"'.$imagepath_array[$image_iter].$image_array[$image_iter].'","'.$imagepath_array[$image_iter].$image_array[$image_iter].'"';
+					$images[]='"'.$imagepath_array[$image_iter].$image_id_array[$image_iter]."_".$image_array[$image_iter].'","'.$imagepath_array[$image_iter].$image_id_array[$image_iter]."_".$image_array[$image_iter].'"';
 				}	
 				$image_lists .=implode(',',$images).');</script>';
 				$label_fld[] =$image_lists;
 			}elseif(count($image_array)==1)
 			{
-				$label_fld[] ='<img src="'.$imagepath_array[0].$image_array[0].'" border="0" width="450" height="300">';
+				$label_fld[] ='<img src="'.$imagepath_array[0].$image_id_array[0]."_".$image_array[0].'" border="0" width="450" height="300">';
 			}else
 			{
 				$label_fld[] ='';
@@ -407,7 +408,13 @@
 		}	
 		if($tabid==4)
 		{
-			$imgpath = getModuleFileStoragePath('Contacts').$col_fields[$fieldname];
+			//$imgpath = getModuleFileStoragePath('Contacts').$col_fields[$fieldname];
+			$sql = "select vtiger_attachments.* from vtiger_attachments inner join vtiger_seattachmentsrel on vtiger_seattachmentsrel.attachmentsid = vtiger_attachments.attachmentsid where vtiger_seattachmentsrel.crmid=".$col_fields['record_id'];
+			$image_res = $adb->query($sql);
+			$image_id = $adb->query_result($image_res,0,'attachmentsid');
+			$image_path = $adb->query_result($image_res,0,'path');
+			$image_name = $adb->query_result($image_res,0,'name');
+			$imgpath = $image_path.$image_id."_".$image_name;
 			$label_fld[] ='<img src="'.$imgpath.'" class="reflect" width="450" height="300" alt="">';
 		}
 

Modified: vtigercrm/trunk/modules/Contacts/Save.php
==============================================================================
--- vtigercrm/trunk/modules/Contacts/Save.php (original)
+++ vtigercrm/trunk/modules/Contacts/Save.php Mon Jun 19 17:17:55 2006
@@ -60,9 +60,9 @@
 if (!isset($_REQUEST['do_not_call'])) $focus->do_not_call = 'off';
 
 //Checking If image is given or not
-$image_upload_array=SaveImage($_FILES,'contact',$focus->id,$focus->mode);
+//$image_upload_array=SaveImage($_FILES,'contact',$focus->id,$focus->mode);
 $image_name_val=$image_upload_array['imagename'];
-$image_error=$image_upload_array['imageerror'];
+$image_error="false";
 $errormessage=$image_upload_array['errormessage'];
 $saveimage=$image_upload_array['saveimage'];
 

Modified: vtigercrm/trunk/modules/Emails/mail.php
==============================================================================
--- vtigercrm/trunk/modules/Emails/mail.php (original)
+++ vtigercrm/trunk/modules/Emails/mail.php Mon Jun 19 17:17:55 2006
@@ -247,25 +247,16 @@
 
 	for($i=0;$i<$count;$i++)
 	{
+		$fileid = $adb->query_result($res,$i,'attachmentsid');
 		$filename = $adb->query_result($res,$i,'name');
-		$filewithpath = $root_directory."test/upload/".$filename;
+		$filepath = $adb->query_result($res,$i,'path');
+		$filewithpath = $root_directory.$filepath.$fileid."_".$filename;
 
 		//if the file is exist in test/upload directory then we will add directly
 		//else get the contents of the file and write it as a file and then attach (this will occur when we unlink the file)
 		if(is_file($filewithpath))
 		{
-			$mail->AddAttachment($filewithpath);
-		}
-		elseif($filename != '')
-		{
-			$contents = $adb->query_result($res,$i,'attachmentcontents');
-			$size = $adb->query_result($res,$i,'attachmentsize');
-
-			@$handle = fopen($filewithpath,'wb');
-			@fwrite($handle,base64_decode($contents),$size);
-			@fclose($handle);
-
-			$mail->AddAttachment($filewithpath);
+			$mail->AddAttachment($filewithpath,$filename);
 		}
 	}
 }

Modified: vtigercrm/trunk/modules/Products/Save.php
==============================================================================
--- vtigercrm/trunk/modules/Products/Save.php (original)
+++ vtigercrm/trunk/modules/Products/Save.php Mon Jun 19 17:17:55 2006
@@ -56,104 +56,14 @@
 }
 
 //Checking If image is given or not 
-$uploaddir = $root_directory."test/product/" ;//set this to which location you need to give the product image
-$log->info("The Location to Save the Product Image is ".$uploaddir);
 $image_lists=array();
 $count=0;
 
 $saveimage = "true";
 $image_error = "false";
-/*
-foreach($_FILES as $files)
-{
-	$file_path_name = $files['name'];
-	$image_error="false";
-	$saveimage="true";
-	$file_name = basename($file_path_name);
-	//if the image is given
-	if($file_name!="")
-	{
-		$log->debug("Product Image is given for uploading");
-		$image_name_val=file_exist_fn($file_name,0);
-		$image_lists[]=$image_name_val;
-		$encode_field_values="";
-		$errormessage="";
-
-		$move_upload_status=move_uploaded_file($files["tmp_name"],$uploaddir.$image_name_val);
-		$image_error="false";
-
-		//if there is an error in the uploading of image
-
-		$filetype= $files['type'];
-		$filesize = $files['size'];
-
-		$filetype_array=explode("/",$filetype);
-
-		$file_type_val_image=strtolower($filetype_array[0]);
-		$file_type_val=strtolower($filetype_array[1]);
-		$log->info("The File type of the Product Image is :: ".$file_type_val);
-		//checking the uploaded image is if an image type or not
-		if(!$move_upload_status) //if any error during file uploading  
-		{
-			$log->debug("Error is present in uploading product Image.");	
-			$errorCode =  $files['error'];
-			if($errorCode == 4)
-			{
-				$errorcode="no-image";
-				$saveimage="false";
-				$image_error="true";
-			}
-			else if($errorCode == 2)
-			{
-				$errormessage = 2;
-				$saveimage="false";
-				$image_error="true";
-			}
-			else if($errorCode == 3 )
-			{
-				$errormessage = 3;
-				$saveimage="false";
-				$image_error="true";
-			}
-		}
-		else 
-		{
-			$log->debug("Successfully uploaded the product Image.");
-			if($filesize != 0)
-			{
-				if (($file_type_val == "jpeg" ) || ($file_type_val == "png") || ($file_type_val == "jpg" ) || ($file_type_val == "pjpeg" ) || ($file_type_val == "x-png") || ($file_type_val == "gif") ) //Checking whether the file is an image or not
-				{
-					$saveimage="true";
-					$image_error="false";
-				}
-				else
-				{
-					$savelogo="false";
-					$image_error="true";
-					$errormessage = "image";
-				}
-
-			}
-			else
-			{	$savelogo="false";
-				$image_error="true";
-				$errormessage = "invalid";
-			}
-
-		}
-	}
-}
-
-//added to retain the pictures from db
-if($mode=="edit" && $image_error=="false" )
-{
-		$image_lists[]= getProductImageName($record_id,$del_image_array);
-		$saveimage="true";
-}
-*/
 //end of code to retain the pictures from db
 
- //code added for returning back to the current view after edit from list view
+//code added for returning back to the current view after edit from list view
 if($_REQUEST['return_viewname'] == '') $return_viewname='0';
 if($_REQUEST['return_viewname'] != '')$return_viewname=$_REQUEST['return_viewname'];
 

Modified: vtigercrm/trunk/modules/uploads/add2db.php
==============================================================================
--- vtigercrm/trunk/modules/uploads/add2db.php (original)
+++ vtigercrm/trunk/modules/uploads/add2db.php Mon Jun 19 17:17:55 2006
@@ -14,17 +14,7 @@
 global $current_user;
 $vtigerpath = $_SERVER['REQUEST_URI'];
 $vtigerpath = str_replace("/index.php?module=uploads&action=add2db", "", $vtigerpath);
-$directory = $root_directory."/storage/user_".getUserName($current_user->id)."/attachments/";
 
-if(!is_dir($directory))
-{
-	if(!mkdirs($directory, 0777))	
-	{
-		echo "Access denined to create folder";
-		die;
-	}
-}
-$uploaddir = $directory;
 $crmid = $_REQUEST['return_id'];
 
 	// Arbitrary File Upload Vulnerability fix - Philip
@@ -45,15 +35,16 @@
 	//decide the file path where we should upload the file in the server
 	$upload_filepath = decideFilePath();
 
-	if(move_uploaded_file($_FILES["filename"]["tmp_name"],$upload_filepath.$crmid."_".$_FILES["filename"]["name"])) 
+	$current_id = $adb->getUniqueID("vtiger_crmentity");
+	
+	if(move_uploaded_file($_FILES["filename"]["tmp_name"],$upload_filepath.$current_id."_".$_FILES["filename"]["name"])) 
 	{
-		$filename = $crmid.'_'.basename($binFile);
+		$filename = basename($binFile);
 		$filetype= $_FILES['filename']['type'];
 		$filesize = $_FILES['filename']['size'];
 
 		if($filesize != 0)	
 		{
-			$current_id = $adb->getUniqueID("vtiger_crmentity");
 			$desc = $_REQUEST['txtDescription'];
 			$description = addslashes($desc);
 			$date_var = date('YmdHis');

Modified: vtigercrm/trunk/modules/uploads/deleteattachments.php
==============================================================================
--- vtigercrm/trunk/modules/uploads/deleteattachments.php (original)
+++ vtigercrm/trunk/modules/uploads/deleteattachments.php Mon Jun 19 17:17:55 2006
@@ -12,10 +12,10 @@
 
 $id=$_REQUEST['record'];
 
-$sql = "delete from seattachmentsrel where attachmentsid ='".$id."'";
+$sql = "delete from vtiger_seattachmentsrel where attachmentsid ='".$id."'";
 $adb->query($sql);
 
-$sql = "delete from attachments where attachmentsid ='".$id."'";
+$sql = "delete from vtiger_attachments where attachmentsid ='".$id."'";
 $adb->query($sql);
 
 header("Location:index.php?module=".$_REQUEST['return_module']."&action=".$_REQUEST['return_action']."&record=".$_REQUEST['return_id']);

Modified: vtigercrm/trunk/modules/uploads/downloadfile.php
==============================================================================
--- vtigercrm/trunk/modules/uploads/downloadfile.php (original)
+++ vtigercrm/trunk/modules/uploads/downloadfile.php Mon Jun 19 17:17:55 2006
@@ -29,15 +29,14 @@
 	$name = @$adb->query_result($result, 0, "name");
 	$filepath = @$adb->query_result($result, 0, "path");
 
-	$filesize = filesize($filepath.$name);
-	$fileContent = fread(fopen($filepath.$name, "r"), $filesize);
-
-	$org_filename = ltrim($name,$entityid.'_');
+	$saved_filename = $attachmentsid."_".$name;
+	$filesize = filesize($filepath.$saved_filename);
+	$fileContent = fread(fopen($filepath.$saved_filename, "r"), $filesize);
 
 	header("Content-type: $fileType");
 	header("Content-length: $filesize");
 	header("Cache-Control: private");
-	header("Content-Disposition: attachment; filename=$org_filename");
+	header("Content-Disposition: attachment; filename=$name");
 	header("Content-Description: PHP Generated Data");
 	echo $fileContent;
 }

More information about the vtigercrm-commits mailing list