Index: includes/file.inc
===================================================================
RCS file: /cvs/drupal/drupal/includes/file.inc,v
retrieving revision 1.124
diff -u -r1.124 file.inc
--- includes/file.inc 23 Apr 2008 18:17:41 -0000 1.124
+++ includes/file.inc 15 May 2008 21:06:02 -0000
@@ -195,25 +195,79 @@
}
/**
- * Copies a file to a new location. This is a powerful function that in many ways
+ * Copy a file to a new location and adds a file record to the database.
+ *
+ * This function should be used when manipulating files that have records
+ * stored in the database. This is a powerful function that in many ways
* performs like an advanced version of copy().
* - Checks if $source and $dest are valid and readable/writable.
* - Performs a file copy if $source is not equal to $dest.
* - If file already exists in $dest either the call will error out, replace the
* file or rename the file based on the $replace parameter.
+ * - Adds the new file to the files database. If the source file is a
+ * temporary file, the resulting file will also be a temporary file.
*
- * @param $source A string specifying the file location of the original file.
- * This parameter will contain the resulting destination filename in case of
- * success.
- * @param $dest A string containing the directory $source should be copied to.
- * If this value is omitted, Drupal's 'files' directory will be used.
- * @param $replace Replace behavior when the destination file already exists.
- * - FILE_EXISTS_REPLACE - Replace the existing file
- * - FILE_EXISTS_RENAME - Append _{incrementing number} until the filename is unique
+ * @param $source
+ * A file object of the original file.
+ * @param $dest
+ * A string containing the directory $source should be copied to. If this
+ * value is omitted, Drupal's 'files' directory will be used.
+ * @param $replace
+ * Replace behavior when the destination file already exists:
+ * - FILE_EXISTS_REPLACE - Replace the existing file.
+ * - FILE_EXISTS_RENAME - Append _{incrementing number} until the filename is unique.
* - FILE_EXISTS_ERROR - Do nothing and return FALSE.
- * @return True for success, FALSE for failure.
+ * @return
+ * File object if the copy is successful, or FALSE in the event of an error.
+ *
+ * @see file_copy_plain()
*/
-function file_copy(&$source, $dest = 0, $replace = FILE_EXISTS_RENAME) {
+function file_copy($source, $dest = 0, $replace = FILE_EXISTS_RENAME) {
+ if ($result = file_copy_plain($source->filepath, $dest, $replace)) {
+ $file = clone($source);
+ $file->fid = NULL;
+ $file->filename = basename($result);
+ $file->filepath = $result;
+ if ($file = file_save($file)) {
+ module_invoke_all('file_copy', $file, $source);
+ return $file;
+ }
+ }
+ return FALSE;
+}
+
+/**
+ * Copy a file to a new location without saving a record in the database.
+ *
+ * This is a powerful function that in many ways performs like an advanced
+ * version of copy().
+ * - Checks if $source and $dest are valid and readable/writable.
+ * - Performs a file copy if $source is not equal to $dest.
+ * - If file already exists in $dest either the call will error out, replace the
+ * file or rename the file based on the $replace parameter.
+ *
+ * @param $source
+ * A string specifying the file location of the original file.
+ * @param $dest
+ * A string containing the directory $source should be copied to. If this
+ * value is omitted, Drupal's 'files' directory will be used.
+ * @param $replace
+ * Replace behavior when the destination file already exists:
+ * - FILE_EXISTS_REPLACE - Replace the existing file.
+ * - FILE_EXISTS_RENAME - Append _{incrementing number} until the filename is unique.
+ * - FILE_EXISTS_ERROR - Do nothing and return FALSE.
+ * @return
+ * The path to the new file, or FALSE in the event of an error.
+ *
+ * @see file_copy()
+ */
+function file_copy_plain($source, $dest = 0, $replace = FILE_EXISTS_RENAME) {
+ $source = realpath($source);
+ if (!file_exists($source)) {
+ drupal_set_message(t('The selected file %file could not be copied, because no file by that name exists. Please check that you supplied the correct filename.', array('%file' => $source)), 'error');
+ return FALSE;
+ }
+
$dest = file_create_path($dest);
$directory = $dest;
@@ -221,25 +275,8 @@
// Make sure we at least have a valid directory.
if ($basename === FALSE) {
- $source = is_object($source) ? $source->filepath : $source;
- drupal_set_message(t('The selected file %file could not be uploaded, because the destination %directory is not properly configured.', array('%file' => $source, '%directory' => $dest)), 'error');
- watchdog('file system', 'The selected file %file could not be uploaded, because the destination %directory could not be found, or because its permissions do not allow the file to be written.', array('%file' => $source, '%directory' => $dest), WATCHDOG_ERROR);
- return 0;
- }
-
- // Process a file upload object.
- if (is_object($source)) {
- $file = $source;
- $source = $file->filepath;
- if (!$basename) {
- $basename = $file->filename;
- }
- }
-
- $source = realpath($source);
- if (!file_exists($source)) {
- drupal_set_message(t('The selected file %file could not be copied, because no file by that name exists. Please check that you supplied the correct filename.', array('%file' => $source)), 'error');
- return 0;
+ drupal_set_message(t('The selected file %file could not be copied, because the destination %directory is not properly configured.', array('%file' => $source, '%directory' => $dest)), 'error');
+ return FALSE;
}
// If the destination file is not specified then use the filename of the source file.
@@ -257,7 +294,7 @@
if (!@copy($source, $dest)) {
drupal_set_message(t('The selected file %file could not be copied.', array('%file' => $source)), 'error');
- return 0;
+ return FALSE;
}
// Give everyone read access so that FTP'd users or
@@ -267,16 +304,7 @@
@chmod($dest, 0664);
}
- if (isset($file) && is_object($file)) {
- $file->filename = $basename;
- $file->filepath = $dest;
- $source = $file;
- }
- else {
- $source = $dest;
- }
-
- return 1; // Everything went ok.
+ return $dest;
}
/**
@@ -310,35 +338,66 @@
}
/**
- * Moves a file to a new location.
+ * Move a file to a new location and update the file's database entry.
+ *
+ * Moving a file is performed by copying the file to the new location and then
+ * deleting the original.
* - Checks if $source and $dest are valid and readable/writable.
* - Performs a file move if $source is not equal to $dest.
* - If file already exists in $dest either the call will error out, replace the
* file or rename the file based on the $replace parameter.
+ * - Adds the new file to the files database.
*
- * @param $source A string specifying the file location of the original file.
- * This parameter will contain the resulting destination filename in case of
- * success.
- * @param $dest A string containing the directory $source should be copied to.
- * If this value is omitted, Drupal's 'files' directory will be used.
- * @param $replace Replace behavior when the destination file already exists.
- * - FILE_EXISTS_REPLACE - Replace the existing file
- * - FILE_EXISTS_RENAME - Append _{incrementing number} until the filename is unique
+ * @param $source
+ * A file object for the original file.
+ * @param $dest
+ * A string containing the directory $source should be copied to. If this
+ * value is omitted, Drupal's 'files' directory will be used.
+ * @param $replace
+ * Replace behavior when the destination file already exists:
+ * - FILE_EXISTS_REPLACE - Replace the existing file.
+ * - FILE_EXISTS_RENAME - Append _{incrementing number} until the filename is unique.
* - FILE_EXISTS_ERROR - Do nothing and return FALSE.
- * @return True for success, FALSE for failure.
+ * @return
+ * Resulting file object for success, or FALSE in the event of an error.
*/
-function file_move(&$source, $dest = 0, $replace = FILE_EXISTS_RENAME) {
- $path_original = is_object($source) ? $source->filepath : $source;
-
- if (file_copy($source, $dest, $replace)) {
- $path_current = is_object($source) ? $source->filepath : $source;
+function file_move($source, $dest = 0, $replace = FILE_EXISTS_RENAME) {
+ if ($result = file_move_plain($source->filepath, $dest, $replace)) {
+ $file = clone($source);
+ $file->filename = basename($result);
+ $file->filepath = $result;
+ if ($file = file_save($file)) {
+ module_invoke_all('file_move', $file, $source);
+ return $file;
+ }
+ drupal_set_message(t('The removal of the original file %file has failed.', array('%file' => $source->filepath)), 'error');
+ }
+ return FALSE;
+}
- if ($path_original == $path_current || file_delete($path_original)) {
- return 1;
+/**
+ * Move a file to a new location.
+ *
+ * @param $source
+ * A file object for the original file.
+ * @param $dest
+ * A string containing the directory $source should be copied to. If this
+ * value is omitted, Drupal's 'files' directory will be used.
+ * @param $replace
+ * Replace behavior when the destination file already exists:
+ * - FILE_EXISTS_REPLACE - Replace the existing file.
+ * - FILE_EXISTS_RENAME - Append _{incrementing number} until the filename is unique.
+ * - FILE_EXISTS_ERROR - Do nothing and return FALSE.
+ * @return
+ * The filepath of the moved file, or FALSE in the event of an error.
+ */
+function file_move_plain($source, $dest = 0, $replace = FILE_EXISTS_RENAME) {
+ if ($result = file_copy_plain($source, $dest, $replace)) {
+ if (!file_delete_plain($source)) {
+ $result = FALSE;
}
- drupal_set_message(t('The removal of the original file %file has failed.', array('%file' => $path_original)), 'error');
}
- return 0;
+ return $result;
}
/**
@@ -425,29 +484,81 @@
}
/**
+ * Delete a file and its database record.
+ *
+ * @param $path
+ * A file object.
+ * @param $force
+ * Force File Deletion ignoring reference counting.
+ * @return mixed
+ * TRUE for success, Array for reference count block, or FALSE in the event of an error.
+ */
+function file_delete($file, $force = FALSE) {
+ // If any module returns a value from the reference hook, the
+ // file will not be deleted from Drupal, but file_delete will
+ // return a populated array that tests as TRUE.
+ if (!$force && $references = module_invoke_all('file_references', $file)) {
+ return $references;
+ }
+
+ // Let other modules clean up on delete.
+ module_invoke_all('file_delete', $file);
+
+ // Make sure the file is deleted before removing its row from the
+ // database, so UIs can still find the file in the database.
+ if (file_delete_plain($file->filepath)) {
+ db_query('DELETE FROM {files} WHERE fid = %d', $file->fid);
+ return TRUE;
+ }
+ return FALSE;
+}
+
+/**
* Delete a file.
*
- * @param $path A string containing a file path.
- * @return TRUE for success, FALSE for failure.
+ * This function should be used when the file to be deleted does not have an
+ * entry recorded in the files table.
+ *
+ * @param $path
+ * A string containing a file path.
+ * @return
+ * TRUE for success or path does not exist, or FALSE in the event of an error.
*/
-function file_delete($path) {
+function file_delete_plain($path) {
if (is_file($path)) {
return unlink($path);
}
+ if (is_dir($path)) {
+ watchdog('file', t('%path is a directory and cannot be removed with file_delete_plain.', array('%path' => $path)), WATCHDOG_ERROR);
+ return FALSE;
+ }
+ // Return TRUE for non-existant file, but log that nothing was actually
+ // deleted, as the intended result of file_delete_plain is in fact the current
+ // state.
+ if (!file_exists($path)) {
+ watchdog('file', t('The file %path was not deleted, because it does not exist.', array('%path' => $path)), WATCHDOG_NOTICE);
+ return TRUE;
+ }
+ return FALSE;
}
/**
* Determine total disk space used by a single user or the whole filesystem.
*
* @param $uid
- * An optional user id. A NULL value returns the total space used
- * by all files.
+ * Optional. A user id, specifying NULL returns the total space used by all
+ * non-temporary files.
+ * @param $status
+ * Optional. File Status to return. Combine with a bitwise OR(|) to return
+ * multiple statuses. The default status is FILE_STATUS_PERMANENT.
+ * @return
+ * An integer containing the number of bytes used.
*/
-function file_space_used($uid = NULL) {
+function file_space_used($uid = NULL, $status = FILE_STATUS_PERMANENT) {
if (isset($uid)) {
- return (int) db_result(db_query('SELECT SUM(filesize) FROM {files} WHERE uid = %d', $uid));
+ return db_result(db_query('SELECT SUM(filesize) FROM {files} WHERE uid = %d AND status & %d', $uid, $status));
}
- return (int) db_result(db_query('SELECT SUM(filesize) FROM {files}'));
+ return (int) db_result(db_query('SELECT SUM(filesize) FROM {files} WHERE status & %d', $status));
}
/**
@@ -475,7 +586,8 @@
* destination directory should overwritten. A false value will generate a
* new, unique filename in the destination directory.
* @return
- * An object containing the file information, or 0 in the event of an error.
+ * An object containing the file information, or FALSE in the event of an
+ * error.
*/
function file_save_upload($source, $validators = array(), $dest = FALSE, $replace = FILE_EXISTS_RENAME) {
global $user;
@@ -492,8 +604,8 @@
// If a file was uploaded, process it.
if (isset($_FILES['files']) && $_FILES['files']['name'][$source] && is_uploaded_file($_FILES['files']['tmp_name'][$source])) {
- // Check for file upload errors and return FALSE if a
- // lower level system error occurred.
+ // Check for file upload errors and return FALSE if a lower level system
+ // error occurred.
switch ($_FILES['files']['error'][$source]) {
// @see http://php.net/manual/en/features.file-upload.errors.php
case UPLOAD_ERR_OK:
@@ -502,17 +614,17 @@
case UPLOAD_ERR_INI_SIZE:
case UPLOAD_ERR_FORM_SIZE:
drupal_set_message(t('The file %file could not be saved, because it exceeds %maxsize, the maximum allowed size for uploads.', array('%file' => $source, '%maxsize' => format_size(file_upload_max_size()))), 'error');
- return 0;
+ return FALSE;
case UPLOAD_ERR_PARTIAL:
case UPLOAD_ERR_NO_FILE:
drupal_set_message(t('The file %file could not be saved, because the upload did not complete.', array('%file' => $source)), 'error');
- return 0;
+ return FALSE;
// Unknown error
default:
drupal_set_message(t('The file %file could not be saved. An unknown error has occurred.', array('%file' => $source)), 'error');
- return 0;
+ return FALSE;
}
// Build the list of non-munged extensions.
@@ -525,9 +637,12 @@
// Begin building file object.
$file = new stdClass();
+ $file->uid = $user->uid;
+ $file->status = FILE_STATUS_TEMPORARY;
$file->filename = file_munge_filename(trim(basename($_FILES['files']['name'][$source]), '.'), $extensions);
$file->filepath = $_FILES['files']['tmp_name'][$source];
$file->filemime = $_FILES['files']['type'][$source];
+ $file->filesize = $_FILES['files']['size'][$source];
// Rename potentially executable files, to help prevent exploits.
if (preg_match('/\.(php|pl|py|cgi|asp|js)$/i', $file->filename) && (substr($file->filename, -4) != '.txt')) {
@@ -544,16 +659,18 @@
$file->source = $source;
$file->destination = file_destination(file_create_path($dest . '/' . $file->filename), $replace);
- $file->filesize = $_FILES['files']['size'][$source];
- // Call the validation functions.
+ // Call the validation functions specified by this function's caller.
$errors = array();
foreach ($validators as $function => $args) {
array_unshift($args, $file);
$errors = array_merge($errors, call_user_func_array($function, $args));
}
- // Check for validation errors.
+ // Let other modules perform validation on the new file.
+ $errors = array_merge($errors, module_invoke_all('file_validate', $file));
+
+ // Check for errors.
if (!empty($errors)) {
$message = t('The selected file %name could not be uploaded.', array('%name' => $file->filename));
if (count($errors) > 1) {
@@ -563,29 +680,26 @@
$message .= ' ' . array_pop($errors);
}
form_set_error($source, $message);
- return 0;
+ return FALSE;
}
- // Move uploaded files from PHP's upload_tmp_dir to Drupal's temporary directory.
- // This overcomes open_basedir restrictions for future file operations.
+ // Move uploaded files from PHP's upload_tmp_dir to Drupal's temporary
+ // directory. This overcomes open_basedir restrictions for future file
+ // operations.
$file->filepath = $file->destination;
if (!move_uploaded_file($_FILES['files']['tmp_name'][$source], $file->filepath)) {
form_set_error($source, t('File upload error. Could not move uploaded file.'));
- watchdog('file', 'Upload error. Could not move uploaded file %file to destination %destination.', array('%file' => $file->filename, '%destination' => $file->filepath));
- return 0;
+ watchdog('file', 'Upload error. Could not move uploaded file %file to destination %destination.', array('%file' => $file->filename, '%destination', $file->filepath));
+ return FALSE;
}
- // If we made it this far it's safe to record this file in the database.
- $file->uid = $user->uid;
- $file->status = FILE_STATUS_TEMPORARY;
- $file->timestamp = time();
- drupal_write_record('files', $file);
-
- // Add file to the cache.
- $upload_cache[$source] = $file;
- return $file;
+ if ($file = file_save($file)) {
+ // Add file to the cache.
+ $upload_cache[$source] = $file;
+ return $file;
+ }
}
- return 0;
+ return FALSE;
}
/**
@@ -739,47 +853,89 @@
}
/**
- * Save a string to the specified destination.
+ * Save a string to the specified destination and create a database file entry.
*
- * @param $data A string containing the contents of the file.
- * @param $dest A string containing the destination location.
- * @param $replace Replace behavior when the destination file already exists.
- * - FILE_EXISTS_REPLACE - Replace the existing file
- * - FILE_EXISTS_RENAME - Append _{incrementing number} until the filename is unique
+ * @param $data
+ * A string containing the contents of the file.
+ * @param $dest
+ * A string containing the destination location.
+ * @param $replace
+ * Replace behavior when the destination file already exists:
+ * - FILE_EXISTS_REPLACE - Replace the existing file.
+ * - FILE_EXISTS_RENAME - Append _{incrementing number} until the filename is unique.
* - FILE_EXISTS_ERROR - Do nothing and return FALSE.
- *
- * @return A string containing the resulting filename or 0 on error
+ * @return
+ * A string containing the resulting filename or FALSE on error
*/
function file_save_data($data, $dest, $replace = FILE_EXISTS_RENAME) {
- $temp = file_directory_temp();
- // On Windows, tempnam() requires an absolute path, so we use realpath().
- $file = tempnam(realpath($temp), 'file');
- if (!$fp = fopen($file, 'wb')) {
+ global $user;
+
+ if ($filepath = file_save_data_plain($data, $dest, $replace)) {
+ // Create a file object.
+ $file = new stdClass();
+ $file->filepath = $filepath;
+ $file->filename = basename($file->filepath);
+ $file->filemime = 'text/plain';
+ $file->uid = $user->uid;
+ $file->status = FILE_STATUS_PERMANENT;
+ return file_save($file);
+ }
+ return FALSE;
+}
+
+/**
+ * Save a string to the specified destination.
+ *
+ * This function is identical to file_save_data() except the file will not be
+ * saved to the files table.
+ *
+ * @param $data
+ * A string containing the contents of the file.
+ * @param $dest
+ * A string containing the destination location.
+ * @param $replace
+ * Replace behavior when the destination file already exists:
+ * - FILE_EXISTS_REPLACE - Replace the existing file.
+ * - FILE_EXISTS_RENAME - Append _{incrementing number} until the filename is unique.
+ * - FILE_EXISTS_ERROR - Do nothing and return FALSE.
+ * @return
+ * A string with the path of the resulting file, or FALSE on error.
+ */
+function file_save_data_plain($data, $dest, $replace = FILE_EXISTS_RENAME) {
+ global $user;
+
+ // Write the data to a temporary file.
+ $temp_name = tempnam(file_directory_temp(), 'file');
+ if (!$fp = fopen($temp_name, 'wb')) {
drupal_set_message(t('The file could not be created.'), 'error');
- return 0;
+ return FALSE;
}
fwrite($fp, $data);
fclose($fp);
- if (!file_move($file, $dest, $replace)) {
- return 0;
- }
-
- return $file;
+ // Move the file to its final destination.
+ return file_move_plain($temp_name, $dest, $replace);
}
/**
* Set the status of a file.
*
- * @param file A Drupal file object
- * @param status A status value to set the file to.
- * @return FALSE on failure, TRUE on success and $file->status will contain the
- * status.
+ * @param $file
+ * A Drupal file object
+ * @param $status
+ * A status value to set the file to.
+ * - FILE_STATUS_TEMPORARY - A temporary file that Drupal's garbage
+ * collection will remove.
+ * - FILE_STATUS_PERMANENT - A permanent file that Drupal's garbage
+ * collection will not remove.
+ * @return
+ * File object if the change is successful, or FALSE in the event of an error.
*/
-function file_set_status(&$file, $status) {
+function file_set_status($file, $status = FILE_STATUS_PERMANENT) {
if (db_query('UPDATE {files} SET status = %d WHERE fid = %d', $status, $file->fid)) {
$file->status = $status;
- return TRUE;
+ module_invoke_all('file_status', $file);
+ return $file;
}
return FALSE;
}
@@ -980,5 +1136,64 @@
}
/**
+ * Load a file object from the database.
+ *
+ * @param $file_id
+ * A numeric file id or string containing the file path.
+ * @param $reset
+ * Whether to reset the internal file_load cache.
+ */
+function file_load($file_id, $reset = NULL) {
+ static $files = array();
+
+ if ($reset) {
+ $files = array();
+ }
+
+ if (is_numeric($file_id)) {
+ if (isset($files[$file_id])) {
+ return clone($files[$file_id]);
+ }
+ $file = db_fetch_object(db_query('SELECT f.* FROM {files} f WHERE f.fid = %d', $file_id));
+ }
+ else {
+ $file = db_fetch_object(db_query("SELECT f.* FROM {files} f WHERE f.filepath = '%s'", $file_id));
+ }
+
+ module_invoke_all('file_load', $file);
+
+ // Cache the fully loaded value.
+ $files[$file->fid] = clone($file);
+ return $file;
+}
+
+/**
+ * Save a file object to the database.
+ *
+ * If the $file->fid is not set a new record will be added. Re-saving an
+ * existing file will not change its status.
+ *
+ * @param $file
+ * A file object.
+ * @return
+ * The updated file object.
+ */
+function file_save($file) {
+ $file->timestamp = time();
+ $file->filesize = filesize($file->filepath);
+
+ if (empty($file->fid)) {
+ drupal_write_record('files', $file);
+ module_invoke_all('file_insert', $file);
+ }
+ else {
+ drupal_write_record('files', $file, 'fid');
+ module_invoke_all('file_update', $file);
+ }
+
+ return $file;
+}
+
+/**
* @} End of "defgroup file".
*/
Index: includes/common.inc
===================================================================
RCS file: /cvs/drupal/drupal/includes/common.inc,v
retrieving revision 1.766
diff -u -r1.766 common.inc
--- includes/common.inc 14 May 2008 13:15:09 -0000 1.766
+++ includes/common.inc 15 May 2008 21:06:02 -0000
@@ -1782,7 +1782,7 @@
$data = implode('', $matches[0]) . $data;
// Create the CSS file.
- file_save_data($data, $csspath . '/' . $filename, FILE_EXISTS_REPLACE);
+ file_save_data_plain($data, $csspath . '/' . $filename, FILE_EXISTS_REPLACE);
}
return $csspath . '/' . $filename;
}
@@ -1883,7 +1883,7 @@
* Delete all cached CSS files.
*/
function drupal_clear_css_cache() {
- file_scan_directory(file_create_path('css'), '.*', array('.', '..', 'CVS'), 'file_delete', TRUE);
+ file_scan_directory(file_create_path('css'), '.*', array('.', '..', 'CVS'), 'file_delete_plain', TRUE);
}
/**
@@ -2241,7 +2241,7 @@
}
// Create the JS file.
- file_save_data($contents, $jspath . '/' . $filename, FILE_EXISTS_REPLACE);
+ file_save_data_plain($contents, $jspath . '/' . $filename, FILE_EXISTS_REPLACE);
}
return $jspath . '/' . $filename;
@@ -2251,7 +2251,7 @@
* Delete all cached JS files.
*/
function drupal_clear_js_cache() {
- file_scan_directory(file_create_path('js'), '.*', array('.', '..', 'CVS'), 'file_delete', TRUE);
+ file_scan_directory(file_create_path('js'), '.*', array('.', '..', 'CVS'), 'file_delete_plain', TRUE);
variable_set('javascript_parsed', array());
}
Index: modules/user/user.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/user/user.module,v
retrieving revision 1.907
diff -u -r1.907 user.module
--- modules/user/user.module 7 May 2008 19:34:24 -0000 1.907
+++ modules/user/user.module 15 May 2008 21:06:03 -0000
@@ -388,8 +388,8 @@
);
if ($file = file_save_upload('picture_upload', $validators)) {
// Remove the old picture.
- if (isset($form_state['values']['_account']->picture) && file_exists($form_state['values']['_account']->picture)) {
- file_delete($form_state['values']['_account']->picture);
+ if (isset($form_state['values']['_account']->picture)) {
+ file_delete_plain($form_state['values']['_account']->picture);
}
// The image was saved using file_save_upload() and was added to the
@@ -397,8 +397,8 @@
// collector delete the original upload.
$info = image_get_info($file->filepath);
$destination = variable_get('user_picture_path', 'pictures') . '/picture-' . $form['#uid'] . '.' . $info['extension'];
- if (file_copy($file, $destination, FILE_EXISTS_REPLACE)) {
- $form_state['values']['picture'] = $file->filepath;
+ if (file_copy_plain($file->filepath, $destination, FILE_EXISTS_REPLACE)) {
+ $form_state['values']['picture'] = $destination;
}
else {
form_set_error('picture_upload', t("Failed to upload the picture image; the %directory directory doesn't exist or is not writable.", array('%directory' => variable_get('user_picture_path', 'pictures'))));
@@ -821,7 +821,7 @@
$variables['picture'] = '';
if (variable_get('user_pictures', 0)) {
$account = $variables['account'];
- if (!empty($account->picture) && file_exists($account->picture)) {
+ if (!empty($account->picture) && file_exists(file_create_path($account->picture))) {
$picture = file_create_url($account->picture);
}
else if (variable_get('user_picture_default', '')) {
@@ -1514,8 +1514,8 @@
$user = user_load(array('uid' => $uid));
// Delete picture if requested, and if no replacement picture was given.
if (!empty($edit['picture_delete'])) {
- if ($user->picture && file_exists($user->picture)) {
- file_delete($user->picture);
+ if ($user->picture) {
+ file_delete_plain($user->picture);
}
$edit['picture'] = '';
}
Index: modules/upload/upload.admin.inc
===================================================================
RCS file: /cvs/drupal/drupal/modules/upload/upload.admin.inc,v
retrieving revision 1.9
diff -u -r1.9 upload.admin.inc
--- modules/upload/upload.admin.inc 20 Apr 2008 07:58:38 -0000 1.9
+++ modules/upload/upload.admin.inc 15 May 2008 21:06:02 -0000
@@ -74,11 +74,10 @@
'#field_suffix' => '' . t('WIDTHxHEIGHT') . ''
);
$form['settings_general']['upload_list_default'] = array(
- '#type' => 'select',
+ '#type' => 'checkbox',
'#title' => t('List files by default'),
'#default_value' => variable_get('upload_list_default', 1),
- '#options' => array(0 => t('No'), 1 => t('Yes')),
- '#description' => t('Display attached files when viewing a post.'),
+ '#description' => t('Determines whether attached files are shown to users by default.'),
);
$form['settings_general']['upload_extensions_default'] = array(
Index: modules/upload/upload.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/upload/upload.module,v
retrieving revision 1.202
diff -u -r1.202 upload.module
--- modules/upload/upload.module 14 May 2008 13:19:48 -0000 1.202
+++ modules/upload/upload.module 15 May 2008 21:06:02 -0000
@@ -147,12 +147,12 @@
* Implementation of hook_file_download().
*/
function upload_file_download($filepath) {
- $filepath = file_create_path($filepath);
- $result = db_query("SELECT f.* FROM {files} f INNER JOIN {upload} u ON f.fid = u.fid WHERE filepath = '%s'", $file);
+ if (!user_access('view uploaded files')) {
+ return -1;
+ }
+ $filepath = file_create_path($file);
+ $result = db_query("SELECT f.* FROM {files} f INNER JOIN {upload} u ON f.fid = u.fid WHERE filepath = '%s'", $filepath);
if ($file = db_fetch_object($result)) {
- if (!user_access('view uploaded files')) {
- return -1;
- }
return array(
'Content-Type: ' . $file->filemime,
'Content-Length: ' . $file->filesize,
@@ -263,6 +263,38 @@
}
/**
+ * Implementation of hook_file_load().
+ */
+function upload_file_load(&$file, $source = NULL) {
+ // Add the upload specific data into the file object.
+ $values = db_fetch_array(db_query('SELECT * FROM {upload} u WHERE u.fid = %d', $file->fid));
+ foreach ((array) $values as $key => $value) {
+ $file->{$key} = $value;
+ }
+}
+
+/**
+ * Implementation of hook_file_references().
+ */
+function upload_file_references(&$file, $source = NULL) {
+ // If upload.module is still using a file, do not let other modules delete it.
+ $count = db_result(db_query('SELECT count(*) FROM {upload} WHERE fid = %d', $file->fid));
+ if ($count) {
+ // return the name of the module and how many references it has to the file.
+ return array('upload' => $count);
+ }
+}
+
+/**
+ * Implementation of hook_file_delete().
+ */
+function upload_file_delete(&$file, $source = NULL) {
+ // Delete all information associated with the file.
+ db_query('DELETE FROM {upload} WHERE fid = %d', $file->fid);
+}
+
+
+/**
* Implementation of hook_nodeapi().
*/
function upload_nodeapi(&$node, $op, $teaser) {
@@ -406,13 +438,15 @@
// If the file isn't used by any other revisions delete it.
$count = db_result(db_query('SELECT COUNT(fid) FROM {upload} WHERE fid = %d', $fid));
if ($count < 1) {
- file_delete($file->filepath);
+ file_delete($file);
db_query('DELETE FROM {files} WHERE fid = %d', $fid);
}
// Remove it from the session in the case of new uploads,
// that you want to disassociate before node submission.
unset($_SESSION['upload_files'][$fid]);
+ // Try to clean up a file that is no longer in use.
+ file_delete($file);
// Move on, so the removed file won't be added to new revisions.
continue;
}
@@ -420,13 +454,12 @@
// Create a new revision, or associate a new file needed.
if (!empty($node->old_vid) || isset($_SESSION['upload_files'][$fid])) {
db_query("INSERT INTO {upload} (fid, nid, vid, list, description, weight) VALUES (%d, %d, %d, %d, '%s', %d)", $file->fid, $node->nid, $node->vid, $file->list, $file->description, $file->weight);
- file_set_status($file, FILE_STATUS_PERMANENT);
}
// Update existing revision.
else {
db_query("UPDATE {upload} SET list = %d, description = '%s', weight = %d WHERE fid = %d AND vid = %d", $file->list, $file->description, $file->weight, $file->fid, $node->vid);
- file_set_status($file, FILE_STATUS_PERMANENT);
}
+ file_set_status($file, FILE_STATUS_PERMANENT);
}
// Empty the session storage after save. We use this variable to track files
// that haven't been related to the node yet.
@@ -434,38 +467,23 @@
}
function upload_delete($node) {
- $files = array();
- $result = db_query('SELECT DISTINCT f.* FROM {upload} u INNER JOIN {files} f ON u.fid = f.fid WHERE u.nid = %d', $node->nid);
- while ($file = db_fetch_object($result)) {
- $files[$file->fid] = $file;
+ db_query('DELETE FROM {upload} WHERE nid = %d', $node->nid);
+ if (!is_array($node->files)) {
+ return;
}
-
- foreach ($files as $fid => $file) {
- // Delete all files associated with the node
- db_query('DELETE FROM {files} WHERE fid = %d', $fid);
- file_delete($file->filepath);
+ foreach($node->files as $file) {
+ file_delete($file);
}
-
- // Delete all file revision information associated with the node
- db_query('DELETE FROM {upload} WHERE nid = %d', $node->nid);
}
function upload_delete_revision($node) {
- if (is_array($node->files)) {
- foreach ($node->files as $file) {
- // Check if the file will be used after this revision is deleted
- $count = db_result(db_query('SELECT COUNT(fid) FROM {upload} WHERE fid = %d', $file->fid));
-
- // if the file won't be used, delete it
- if ($count < 2) {
- db_query('DELETE FROM {files} WHERE fid = %d', $file->fid);
- file_delete($file->filepath);
- }
- }
- }
-
- // delete the revision
db_query('DELETE FROM {upload} WHERE vid = %d', $node->vid);
+ if (!is_array($node->files)) {
+ return;
+ }
+ foreach ($node->files as $file) {
+ file_delete($file);
+ }
}
function _upload_form($node) {
@@ -479,11 +497,17 @@
if (!empty($node->files) && is_array($node->files)) {
$form['files']['#theme'] = 'upload_form_current';
$form['files']['#tree'] = TRUE;
- foreach ($node->files as $key => $file) {
- $file = (object)$file;
- $description = file_create_url($file->filepath);
- $description = "" . check_plain($description) . "";
- $form['files'][$key]['description'] = array('#type' => 'textfield', '#default_value' => !empty($file->description) ? $file->description : $file->filename, '#maxlength' => 256, '#description' => $description );
+ foreach ($node->files as $file) {
+ $file = (object) $file;
+ $key = $file->fid;
+
+ $form['files'][$key]['description'] = array(
+ '#type' => 'textfield',
+ '#default_value' => !empty($file->description) ? $file->description : $file->filename,
+ '#maxlength' => 256,
+ '#description' => '' . file_create_url($file->filepath) . '',
+ );
+
$form['files'][$key]['size'] = array('#value' => format_size($file->filesize));
$form['files'][$key]['remove'] = array('#type' => 'checkbox', '#default_value' => !empty($file->remove));
$form['files'][$key]['list'] = array('#type' => 'checkbox', '#default_value' => $file->list);
@@ -498,12 +522,26 @@
if (user_access('upload files')) {
$limits = _upload_file_limits($user);
+
+ $limit_description = t('The maximum size of file uploads is %filesize. ', array('%filesize' => format_size($limits['file_size'])));
+ if (!empty($limits['resolution'])) {
+ if (image_get_toolkit()) {
+ $limit_description .= t('Images larger than %resolution will be resized. ', array('%resolution' => $limits['resolution']));
+ }
+ else {
+ $limit_description .= t('Images may not be larger than %resolution. ', array('%resolution' => $limits['resolution']));
+ }
+ }
+ if ($user->uid != 1) {
+ $limit_description .= t('Only files with the following extensions may be uploaded: %extensions. ', array('%extensions' => $limits['extensions']));
+ }
+
$form['new']['#weight'] = 10;
$form['new']['upload'] = array(
'#type' => 'file',
'#title' => t('Attach new file'),
'#size' => 40,
- '#description' => ($limits['resolution'] ? t('Images are larger than %resolution will be resized. ', array('%resolution' => $limits['resolution'])) : '') . t('The maximum upload size is %filesize. Only files with the following extensions may be uploaded: %extensions. ', array('%extensions' => $limits['extensions'], '%filesize' => format_size($limits['file_size']))),
+ '#description' => $limit_description,
);
$form['new']['attach'] = array(
'#type' => 'submit',
@@ -565,9 +603,9 @@
$files = array();
if ($node->vid) {
- $result = db_query('SELECT * FROM {files} f INNER JOIN {upload} r ON f.fid = r.fid WHERE r.vid = %d ORDER BY r.weight, f.fid', $node->vid);
+ $result = db_query('SELECT fid FROM {upload} u WHERE u.vid = %d ORDER BY u.fid', $node->vid);
while ($file = db_fetch_object($result)) {
- $files[$file->fid] = $file;
+ $files[$file->fid] = file_load($file->fid);
}
}
Index: modules/system/system.admin.inc
===================================================================
RCS file: /cvs/drupal/drupal/modules/system/system.admin.inc,v
retrieving revision 1.76
diff -u -r1.76 system.admin.inc
--- modules/system/system.admin.inc 10 May 2008 07:32:02 -0000 1.76
+++ modules/system/system.admin.inc 15 May 2008 21:06:02 -0000
@@ -338,9 +338,9 @@
// The image was saved using file_save_upload() and was added to the
// files table as a temporary file. We'll make a copy and let the garbage
// collector delete the original upload.
- if (file_copy($file, $filename, FILE_EXISTS_REPLACE)) {
+ if ($filepath = file_copy_plain($file->filepath, $filename, FILE_EXISTS_REPLACE)) {
$_POST['default_logo'] = 0;
- $_POST['logo_path'] = $file->filepath;
+ $_POST['logo_path'] = $filepath;
$_POST['toggle_logo'] = 1;
}
}
@@ -353,9 +353,9 @@
// The image was saved using file_save_upload() and was added to the
// files table as a temporary file. We'll make a copy and let the garbage
// collector delete the original upload.
- if (file_copy($file, $filename)) {
+ if ($filepath = file_copy_plain($file->filepath, $filename, FILE_EXISTS_REPLACE)) {
$_POST['default_favicon'] = 0;
- $_POST['favicon_path'] = $file->filepath;
+ $_POST['favicon_path'] = $filepath;
$_POST['toggle_favicon'] = 1;
}
}
Index: modules/system/system.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/system/system.module,v
retrieving revision 1.602
diff -u -r1.602 system.module
--- modules/system/system.module 7 May 2008 19:17:50 -0000 1.602
+++ modules/system/system.module 15 May 2008 21:06:02 -0000
@@ -1382,12 +1382,14 @@
if (file_exists($file->filepath)) {
// If files that exist cannot be deleted, continue so the database remains
// consistent.
- if (!file_delete($file->filepath)) {
- watchdog('file system', 'Could not delete temporary file "%path" during garbage collection', array('%path' => $file->filepath), 'error');
+ if (!file_delete($file)) {
+ watchdog('file system', t('Could not delete temporary file "%path" during garbage collection', array('%path' => $file->filepath)), 'error');
continue;
}
}
- db_query('DELETE FROM {files} WHERE fid = %d', $file->fid);
+ else {
+ db_query('DELETE FROM {files} WHERE fid = %d', $file->fid);
+ }
}
}
Index: modules/blogapi/blogapi.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/blogapi/blogapi.module,v
retrieving revision 1.119
diff -u -r1.119 blogapi.module
--- modules/blogapi/blogapi.module 13 May 2008 18:13:43 -0000 1.119
+++ modules/blogapi/blogapi.module 15 May 2008 21:06:02 -0000
@@ -379,12 +379,12 @@
return blogapi_error(t('No file sent.'));
}
- if (!$file = file_save_data($data, $name)) {
+ if (!$filepath = file_save_data_plain($data, $name)) {
return blogapi_error(t('Error storing file.'));
}
// Return the successful result.
- return array('url' => file_create_url($file), 'struct');
+ return array('url' => file_create_url($filepath), 'struct');
}
/**
* Blogging API callback. Returns a list of the taxonomy terms that can be