? .cache ? .project ? .projectOptions ? files ? test.patch ? misc/Thumbs.db ? misc/farbtastic/Thumbs.db ? modules/gd ? modules/imagemagick ? sites/all/modules ? sites/default/settings.php Index: includes/common.inc =================================================================== RCS file: /cvs/drupal/drupal/includes/common.inc,v retrieving revision 1.652 diff -u -r1.652 common.inc --- includes/common.inc 8 Jun 2007 12:51:58 -0000 1.652 +++ includes/common.inc 8 Jun 2007 17:57:28 -0000 @@ -1621,7 +1621,7 @@ >x', '\1', $data); // Create the CSS file. - file_save_data($data, $csspath .'/'. $filename, FILE_EXISTS_REPLACE); + _file_save_data($data, $csspath .'/'. $filename, FILE_EXISTS_REPLACE); } return $csspath .'/'. $filename; } @@ -1630,7 +1630,7 @@ * Delete all cached CSS files. */ function drupal_clear_css_cache() { - file_scan_directory(file_create_path('css'), '.*', array('.', '..', 'CVS'), 'file_delete', TRUE); + file_scan_directory(file_create_path('css'), '.*', array('.', '..', 'CVS'), '_file_delete', TRUE); } /** @@ -1837,7 +1837,7 @@ } // Create the JS file. - file_save_data($contents, $jspath .'/'. $filename, FILE_EXISTS_REPLACE); + _file_save_data($contents, $jspath .'/'. $filename, FILE_EXISTS_REPLACE); } return $jspath .'/'. $filename; @@ -2071,7 +2071,7 @@ * Delete all cached JS files. */ function drupal_clear_js_cache() { - file_scan_directory(file_create_path('js'), '.*', array('.', '..', 'CVS'), 'file_delete', TRUE); + file_scan_directory(file_create_path('js'), '.*', array('.', '..', 'CVS'), '_file_delete', TRUE); variable_set('javascript_parsed', ''); } Index: includes/file.inc =================================================================== RCS file: /cvs/drupal/drupal/includes/file.inc,v retrieving revision 1.101 diff -u -r1.101 file.inc --- includes/file.inc 5 Jun 2007 12:13:20 -0000 1.101 +++ includes/file.inc 8 Jun 2007 17:56:18 -0000 @@ -66,11 +66,13 @@ if (!$dest) { return $file_path; } - // file_check_location() checks whether the destination is inside the Drupal files directory. + // file_check_location() checks whether the destination is inside the Drupal + // files directory. if (file_check_location($dest, $file_path)) { return $dest; } - // check if the destination is instead inside the Drupal temporary files directory. + // Check if the destination is instead inside the Drupal temporary files + // directory. else if (file_check_location($dest, file_directory_temp())) { return $dest; } @@ -195,25 +197,64 @@ } /** - * Copies a file to a new location. This is a powerful function that in many ways - * performs like an advanced version of copy(). + * Copies a file to a new location and adds a record for the new file to the + * database. This is a powerful function that in many ways performs like an + * advanced version of copy(). + * - Checks if $source and $dest are valid and readable/writable. + * - Performs a file copy if $source is not equal to $dest. + * - If file already exists in $dest either the call will error out, replace the + * file or rename the file based on the $replace parameter. + * - Adds thew new file to the files database. If the source file is a + * temporary file, the resulting file will also be a temporary file. + * + * @param $source A file object location of the original file. + * @param $dest A string containing the directory $source should be copied to. + * If this value is omitted, Drupal's 'files' directory will be used. + * @param $replace Replace behavior when the destination file already exists. + * - FILE_EXISTS_REPLACE - Replace the existing file + * - FILE_EXISTS_RENAME - Append _{incrementing number} until the filename is unique + * - FILE_EXISTS_ERROR - Do nothing and return FALSE. + * @return File object if the copy is successful, or FALSE in the event of an + * error. + */ +function file_copy($source, $dest = 0, $replace = FILE_EXISTS_RENAME) { + if ($result = _file_copy($source, $dest, $replace)) { + $file = drupal_clone($source); + $file->fid = NULL; + $file->filename = basename($result); + $file->filepath = $result; + if ($file = file_save($file)) { + module_invoke_all('file', 'copy', $file, $source); + return $file; + } + } + return FALSE; +} + +/** + * Copies a file to a new location. This is a powerful function that in many + * ways performs like an advanced version of copy(). * - Checks if $source and $dest are valid and readable/writable. * - Performs a file copy if $source is not equal to $dest. * - If file already exists in $dest either the call will error out, replace the * file or rename the file based on the $replace parameter. * * @param $source A string specifying the file location of the original file. - * This parameter will contain the resulting destination filename in case of - * success. * @param $dest A string containing the directory $source should be copied to. * If this value is omitted, Drupal's 'files' directory will be used. * @param $replace Replace behavior when the destination file already exists. * - FILE_EXISTS_REPLACE - Replace the existing file * - FILE_EXISTS_RENAME - Append _{incrementing number} until the filename is unique * - FILE_EXISTS_ERROR - Do nothing and return FALSE. - * @return True for success, FALSE for failure. + * @return The name of the new file, or FALSE in the event of an error. */ -function file_copy(&$source, $dest = 0, $replace = FILE_EXISTS_RENAME) { +function _file_copy($source, $dest = 0, $replace = FILE_EXISTS_RENAME) { + $source = realpath($source); + if (!file_exists($source)) { + drupal_set_message(t('The selected file %file could not be copied, because no file by that name exists. Please check that you supplied the correct filename.', array('%file' => $source)), 'error'); + return FALSE; + } + $dest = file_create_path($dest); $directory = $dest; @@ -221,25 +262,8 @@ // Make sure we at least have a valid directory. if ($basename === FALSE) { - $source = is_object($source) ? $source->filepath : $source; - drupal_set_message(t('The selected file %file could not be uploaded, because the destination %directory is not properly configured.', array('%file' => $source, '%directory' => $dest)), 'error'); - watchdog('file system', 'The selected file %file could not be uploaded, because the destination %directory could not be found, or because its permissions do not allow the file to be written.', array('%file' => $source, '%directory' => $dest), WATCHDOG_ERROR); - return 0; - } - - // Process a file upload object. - if (is_object($source)) { - $file = $source; - $source = $file->filepath; - if (!$basename) { - $basename = $file->filename; - } - } - - $source = realpath($source); - if (!file_exists($source)) { - drupal_set_message(t('The selected file %file could not be copied, because no file by that name exists. Please check that you supplied the correct filename.', array('%file' => $source)), 'error'); - return 0; + drupal_set_message(t('The selected file %file could not be copied, because the destination %directory is not properly configured.', array('%file' => $source, '%directory' => $dest)), 'error'); + return FALSE; } // If the destination file is not specified then use the filename of the source file. @@ -257,26 +281,16 @@ if (!@copy($source, $dest)) { drupal_set_message(t('The selected file %file could not be copied.', array('%file' => $source)), 'error'); - return 0; + return FALSE; } - // Give everyone read access so that FTP'd users or - // non-webserver users can see/read these files, - // and give group write permissions so group memebers + // Give everyone read access so that FTP'd users or non-webserver users can + // see/read these files, and give group write permissions so group memebers // can alter files uploaded by the webserver. @chmod($dest, 0664); } - if (isset($file) && is_object($file)) { - $file->filename = $basename; - $file->filepath = $dest; - $source = $file; - } - else { - $source = $dest; - } - - return 1; // Everything went ok. + return $dest; } /** @@ -310,35 +324,38 @@ } /** - * Moves a file to a new location. + * Moves a file to a new location and updates the file's database entry. The + * move is performed by copying the file to the new location and the deleting + * the original. * - Checks if $source and $dest are valid and readable/writable. * - Performs a file move if $source is not equal to $dest. * - If file already exists in $dest either the call will error out, replace the * file or rename the file based on the $replace parameter. + * - Adds thew new file to the files database. * - * @param $source A string specifying the file location of the original file. - * This parameter will contain the resulting destination filename in case of - * success. + * @param $source A file object for the original file. * @param $dest A string containing the directory $source should be copied to. * If this value is omitted, Drupal's 'files' directory will be used. * @param $replace Replace behavior when the destination file already exists. * - FILE_EXISTS_REPLACE - Replace the existing file * - FILE_EXISTS_RENAME - Append _{incrementing number} until the filename is unique * - FILE_EXISTS_ERROR - Do nothing and return FALSE. - * @return True for success, FALSE for failure. + * @return Resulting file object for success, or FALSE in the event of an error. */ -function file_move(&$source, $dest = 0, $replace = FILE_EXISTS_RENAME) { - $path_original = is_object($source) ? $source->filepath : $source; - - if (file_copy($source, $dest, $replace)) { - $path_current = is_object($source) ? $source->filepath : $source; - - if ($path_original == $path_current || file_delete($path_original)) { - return 1; +function file_move($source, $dest = 0, $replace = FILE_EXISTS_RENAME) { + if ($result = _file_copy($source->filepath, $dest, $replace)) { + if ($source->filepath == $result || _file_delete($source->filepath)) { + $file = drupal_clone($source); + $file->filename = basename($result); + $file->filepath = $result; + if ($file = file_save($file)) { + module_invoke_all('file', 'move', $file, $source); + return $file; + } } - drupal_set_message(t('The removal of the original file %file has failed.', array('%file' => $path_original)), 'error'); + drupal_set_message(t('The removal of the original file %file has failed.', array('%file' => $source->filepath)), 'error'); } - return 0; + return FALSE; } /** @@ -425,12 +442,30 @@ } /** + * Delete a file and its database record. + * + * @param $path A file object. + * @return TRUE for success, or FALSE in the event of an error. + */ +function file_delete($file) { + if (_file_delete($file->filepath)) { + module_invoke_all('file', 'delete', $file); + + db_query('DELETE FROM {files} WHERE fid = %d', $file->fid); + + return TRUE; + } + + return FALSE; +} + +/** * Delete a file. * * @param $path A string containing a file path. - * @return TRUE for success, FALSE for failure. + * @return TRUE for success, or FALSE in the event of an error. */ -function file_delete($path) { +function _file_delete($path) { if (is_file($path)) { return unlink($path); } @@ -475,7 +510,8 @@ * destination directory should overwritten. A false value will generate a * new, unique filename in the destination directory. * @return - * An object containing the file information, or 0 in the event of an error. + * An object containing the file information, or FALSE in the event of an + * error. */ function file_save_upload($source, $validators = array(), $dest = FALSE, $replace = FILE_EXISTS_RENAME) { global $user; @@ -492,8 +528,8 @@ // If a file was uploaded, process it. if (isset($_FILES['files']) && $_FILES['files']['name'][$source] && is_uploaded_file($_FILES['files']['tmp_name'][$source])) { - // Check for file upload errors and return FALSE if a - // lower level system error occurred. + // Check for file upload errors and return FALSE if a lower level system + // error occurred. switch ($_FILES['files']['error'][$source]) { // @see http://php.net/manual/en/features.file-upload.errors.php case UPLOAD_ERR_OK: @@ -502,17 +538,17 @@ case UPLOAD_ERR_INI_SIZE: case UPLOAD_ERR_FORM_SIZE: drupal_set_message(t('The file %file could not be saved, because it exceeds %maxsize, the maximum allowed size for uploads.', array('%file' => $source, '%maxsize' => format_size(file_upload_max_size()))), 'error'); - return 0; + return FALSE; case UPLOAD_ERR_PARTIAL: case UPLOAD_ERR_NO_FILE: drupal_set_message(t('The file %file could not be saved, because the upload did not complete.', array('%file' => $source)), 'error'); - return 0; + return FALSE; // Unknown error default: drupal_set_message(t('The file %file could not be saved. An unknown error has occurred.', array('%file' => $source)), 'error'); - return 0; + return FALSE; } // Build the list of non-munged extensions. @@ -525,9 +561,12 @@ // Begin building file object. $file = new stdClass(); + $file->uid = $user->uid; + $file->status = FILE_STATUS_TEMPORARY; $file->filename = file_munge_filename(trim(basename($_FILES['files']['name'][$source]), '.'), $extensions); $file->filepath = $_FILES['files']['tmp_name'][$source]; $file->filemime = $_FILES['files']['type'][$source]; + $file->filesize = $_FILES['files']['size'][$source]; // Rename potentially executable files, to help prevent exploits. if (preg_match('/\.(php|pl|py|cgi|asp|js)$/i', $file->filename) && (substr($file->filename, -4) != '.txt')) { @@ -542,16 +581,18 @@ } $file->source = $source; $file->destination = $dest; - $file->filesize = $_FILES['files']['size'][$source]; - // Call the validation functions. + // Call the validation functions specified by this function's caller. $errors = array(); foreach ($validators as $function => $args) { array_unshift($args, $file); $errors = array_merge($errors, call_user_func_array($function, $args)); } - // Check for validation errors. + // Let other modules perform validation on the new file. + $errors = array_merge($errors, module_invoke_all('file', 'validate', $file)); + + // Check for errors. if (!empty($errors)) { $message = t('The selected file %name could not be uploaded. ', array('%name' => $file->filename)); if (count($errors) > 1) { @@ -561,27 +602,27 @@ $message .= array_pop($errors); } form_set_error($source, $message); - return 0; + return FALSE; } - // Move uploaded files from PHP's upload_tmp_dir to Drupal's temporary directory. - // This overcomes open_basedir restrictions for future file operations. + // Move uploaded files from PHP's upload_tmp_dir to Drupal's temporary + // directory. This overcomes open_basedir restrictions for future file + // operations. $file->filepath = $file->destination; if (!move_uploaded_file($_FILES['files']['tmp_name'][$source], $file->filepath)) { form_set_error($source, t('File upload error. Could not move uploaded file.')); watchdog('file', t('Upload error. Could not move uploaded file %file to destination %destination.', array('%file' => $file->filename, '%destination', $file->filepath))); - return 0; + return FALSE; } - // If we made it this far it's safe to record this file in the database. - db_query("INSERT INTO {files} (uid, filename, filepath, filemime, filesize, status, timestamp) VALUES (%d, '%s', '%s', '%s', %d, %d, %d)", $user->uid, $file->filename, $file->filepath, $file->filemime, $file->filesize, FILE_STATUS_TEMPORARY, time()); - $file->fid = db_last_insert_id('files', 'fid'); + if ($file = file_save($file)) { + // Add file to the cache. + $upload_cache[$source] = $file; - // Add file to the cache. - $upload_cache[$source] = $file; - return $file; + return $file; + } } - return 0; + return FALSE; } /** @@ -735,7 +776,8 @@ } /** - * Save a string to the specified destination. + * Save a string to the specified destination. The file will be added to the + * database as a permanent file. * * @param $data A string containing the contents of the file. * @param $dest A string containing the destination location. @@ -744,23 +786,53 @@ * - FILE_EXISTS_RENAME - Append _{incrementing number} until the filename is unique * - FILE_EXISTS_ERROR - Do nothing and return FALSE. * - * @return A string containing the resulting filename or 0 on error + * @return A file object for the resulting file, or FALSE in the event of an + * error. */ function file_save_data($data, $dest, $replace = FILE_EXISTS_RENAME) { - $temp = file_directory_temp(); - $file = tempnam($temp, 'file'); - if (!$fp = fopen($file, 'wb')) { + global $user; + + if ($filepath = _file_save_data($data, $dest, $replace)) { + // Create a file object. + $file = new stdClass(); + $file->filepath = $filepath; + $file->filename = basename($file->filepath); + $file->filemime = 'text/plain'; + $file->uid = $user->uid; + $file->status = FILE_STATUS_PERMANENT; + + return file_save($file); + } + return FALSE; +} + +/** + * Save a string to the specified destination. + * + * @param $data A string containing the contents of the file. + * @param $dest A string containing the destination location. + * @param $replace Replace behavior when the destination file already exists. + * - FILE_EXISTS_REPLACE - Replace the existing file + * - FILE_EXISTS_RENAME - Append _{incrementing number} until the filename is unique + * - FILE_EXISTS_ERROR - Do nothing and return FALSE. + * + * @return A string with the path of the resulting file, or FALSE in the event + * of an error. + */ +function _file_save_data($data, $dest, $replace = FILE_EXISTS_RENAME) { + global $user; + + // Write the data to a temporary file. + $temp_name = tempnam(file_directory_temp(), 'file'); + if (!$fp = fopen($temp_name, 'wb')) { drupal_set_message(t('The file could not be created.'), 'error'); - return 0; + return FALSE; } fwrite($fp, $data); fclose($fp); - if (!file_move($file, $dest, $replace)) { - return 0; - } - - return $file; + // Move the file to its final destination. + return _file_move($temp_name, $dest, $replace); } /** @@ -768,13 +840,16 @@ * * @param file A Drupal file object * @param status A status value to set the file to. - * @return FALSE on failure, TRUE on success and $file->status will contain the - * status. + * @return File object if the change is successful, or FALSE in the event of + * an error. */ -function file_set_status(&$file, $status) { +function file_set_status($file, $status) { if (db_query('UPDATE {files} SET status = %d WHERE fid = %d', $status, $file->fid)) { $file->status = $status; - return TRUE; + + module_invoke_all('file', 'status', $file); + + return $file; } return FALSE; } @@ -972,3 +1047,64 @@ } return $max_size; } + +/** + * Load a file object from the database. + * + * @param $file_id + * A numeric file id or string containg the file path. + * @param $reset + * Whether to reset the internal file_load cache. + */ +function file_load($file_id, $reset = NULL) { + static $files = array(); + + if ($reset) { + $files = array(); + } + + if (is_numeric($file_id)) { + if (isset($files[$file_id])) { + return drupal_clone($files[$file_id]); + } + $file = db_fetch_object(db_query('SELECT f.* FROM {files} f WHERE f.fid = %d', $file_id)); + } + else { + $file = db_fetch_object(db_query("SELECT f.* FROM {files} f WHERE f.filepath = '%s'", $file_id)); + } + + module_invoke_all('file', 'load', $file); + + // Cache the fully loaded value. + $files[$file->fid] = drupal_clone($file); + + return $file; +} + +/** + * Save a file object to the database. If the $file->fid is not set a new record + * will be added. Re-saving an existing file will not change its status. + * + * @param $file + * A file object. + * @return + * The updated file object. + */ +function file_save($file) { + $file->timestamp = time(); + $file->filesize = filesize($file->filepath); + + if (empty($file->fid)) { + db_query("INSERT INTO {files} (uid, filename, filepath, filemime, filesize, status, timestamp) VALUES (%d, '%s', '%s', '%s', %d, %d, %d)", $file->uid, $file->filename, $file->filepath, $file->filemime, $file->filesize, $file->status, $file->timestamp); + $file->fid = db_last_insert_id('files', 'fid'); + + module_invoke_all('file', 'insert', $file); + } + else { + db_query("UPDATE {files} SET uid = %d, filename = '%s', filepath = '%s', filemime = '%s', filesize = %d, timestamp = %d WHERE fid = %d", $file->uid, $file->filename, $file->filepath, $file->filemime, $file->filesize, $file->timestamp, $file->fid); + + module_invoke_all('file', 'update', $file); + } + + return $file; +} Index: modules/blogapi/blogapi.module =================================================================== RCS file: /cvs/drupal/drupal/modules/blogapi/blogapi.module,v retrieving revision 1.106 diff -u -r1.106 blogapi.module --- modules/blogapi/blogapi.module 30 Apr 2007 17:03:23 -0000 1.106 +++ modules/blogapi/blogapi.module 8 Jun 2007 17:56:19 -0000 @@ -362,12 +362,12 @@ return blogapi_error(t('No file sent.')); } - if (!$file = file_save_data($data, $name)) { + if (!$filepath = _file_save_data($data, $name)) { return blogapi_error(t('Error storing file.')); } // Return the successful result. - return array('url' => file_create_url($file), 'struct'); + return array('url' => _file_create_url($filepath), 'struct'); } /** * Blogging API callback. Returns a list of the taxonomy terms that can be Index: modules/system/system.module =================================================================== RCS file: /cvs/drupal/drupal/modules/system/system.module,v retrieving revision 1.491 diff -u -r1.491 system.module --- modules/system/system.module 8 Jun 2007 12:51:59 -0000 1.491 +++ modules/system/system.module 8 Jun 2007 17:56:19 -0000 @@ -2221,9 +2221,9 @@ // The image was saved using file_save_upload() and was added to the // files table as a temorary file. We'll make a copy and let the garbage // collector delete the original upload. - if (file_copy($file, $filename, FILE_EXISTS_REPLACE)) { + if ($filepath = _file_copy($file['filepath'], $filename, FILE_EXISTS_REPLACE)) { $_POST['default_logo'] = 0; - $_POST['logo_path'] = $file->filepath; + $_POST['logo_path'] = $filepath; $_POST['toggle_logo'] = 1; } } @@ -2236,9 +2236,9 @@ // The image was saved using file_save_upload() and was added to the // files table as a temorary file. We'll make a copy and let the garbage // collector delete the original upload. - if (file_copy($file, $filename)) { + if ($filepath = _file_copy($file['filepath'], $filename, FILE_EXISTS_REPLACE)) { $_POST['default_favicon'] = 0; - $_POST['favicon_path'] = $file->filepath; + $_POST['favicon_path'] = $filepath; $_POST['toggle_favicon'] = 1; } } @@ -2694,12 +2694,14 @@ if (file_exists($file->filepath)) { // If files that exist cannot be deleted, continue so the database remains // consistant. - if (!file_delete($file->filepath)) { + if (!file_delete($file)) { watchdog('file system', t('Could not delete temporary file "%path" during garbage collection', array('%path' => $file->filepath)), 'error'); continue; } } - db_query('DELETE FROM {files} WHERE fid = %d', $file->fid); + else { + db_query('DELETE FROM {files} WHERE fid = %d', $file->fid); + } } } Index: modules/upload/upload.module =================================================================== RCS file: /cvs/drupal/drupal/modules/upload/upload.module,v retrieving revision 1.164 diff -u -r1.164 upload.module --- modules/upload/upload.module 4 Jun 2007 07:22:22 -0000 1.164 +++ modules/upload/upload.module 8 Jun 2007 18:11:52 -0000 @@ -291,12 +291,12 @@ /** * Implementation of hook_file_download(). */ -function upload_file_download($file) { +function upload_file_download($filepath) { if (!user_access('view uploaded files')) { return -1; } - $file = file_create_path($file); - $result = db_query("SELECT f.* FROM {files} f INNER JOIN {upload} u ON f.fid = u.uid WHERE filepath = '%s'", $file); + $filepath = file_create_path($filepath); + $result = db_query("SELECT f.* FROM {files} f INNER JOIN {upload} u ON f.fid = u.uid WHERE filepath = '%s'", $filepath); if ($file = db_fetch_object($result)) { return array( 'Content-Type: '. $file->filemime, @@ -411,6 +411,32 @@ } /** + * Implementation of hook_file(). + */ +function upload_file($op, &$file) { + switch ($op) { + case 'load': + $values = db_fetch_array(db_query('SELECT vid, description, list FROM {upload} u WHERE u.fid = %d', $file->fid)); + foreach ($values as $key => $value) { + $file->{$key} = $value; + } + break; + + case 'insert': + break; + + case 'update': + break; + + case 'delete': + // Delete all file revision information associated with the file. + db_query('DELETE FROM {upload} WHERE fid = %d', $file->fid); + break; + } +} + + +/** * Implementation of hook_nodeapi(). */ function upload_nodeapi(&$node, $op, $teaser) { @@ -553,13 +579,12 @@ // Create a new revision, or associate a new file needed. if (!empty($node->old_vid) || array_key_exists($fid, $_SESSION['upload_files'])) { db_query("INSERT INTO {upload} (fid, nid, vid, list, description) VALUES (%d, %d, %d, %d, '%s')", $file->fid, $node->nid, $node->vid, $file->list, $file->description); - file_set_status($file, FILE_STATUS_PERMANENT); } // Update existing revision. else { db_query("UPDATE {upload} SET list = %d, description = '%s' WHERE fid = %d AND vid = %d", $file->list, $file->description, $file->fid, $node->vid); - file_set_status($file, FILE_STATUS_PERMANENT); } + file_set_status($file, FILE_STATUS_PERMANENT); } // Empty the session storage after save. We use this variable to track files // that haven't been related to the node yet. @@ -575,12 +600,8 @@ foreach ($files as $fid => $file) { // Delete all files associated with the node - db_query('DELETE FROM {files} WHERE fid = %d', $fid); - file_delete($file->filepath); + file_delete($file); } - - // Delete all file revision information associated with the node - db_query('DELETE FROM {upload} WHERE nid = %d', $node->nid); } function upload_delete_revision($node) { @@ -591,14 +612,10 @@ // if the file won't be used, delete it if ($count < 2) { - db_query('DELETE FROM {files} WHERE fid = %d', $file->fid); - file_delete($file->filepath); + file_delete($file); } } } - - // delete the revision - db_query('DELETE FROM {upload} WHERE vid = %d', $node->vid); } function _upload_form($node) { @@ -695,9 +712,9 @@ $files = array(); if ($node->vid) { - $result = db_query('SELECT * FROM {files} f INNER JOIN {upload} r ON f.fid = r.fid WHERE r.vid = %d ORDER BY f.fid', $node->vid); + $result = db_query('SELECT fid FROM {upload} u WHERE u.vid = %d ORDER BY u.fid', $node->vid); while ($file = db_fetch_object($result)) { - $files[$file->fid] = $file; + $files[$file->fid] = file_load($file->fid); } } Index: modules/user/user.module =================================================================== RCS file: /cvs/drupal/drupal/modules/user/user.module,v retrieving revision 1.794 diff -u -r1.794 user.module --- modules/user/user.module 8 Jun 2007 06:04:15 -0000 1.794 +++ modules/user/user.module 8 Jun 2007 17:59:46 -0000 @@ -330,7 +330,7 @@ // collector delete the original upload. $info = image_get_info($file->filepath); $destination = variable_get('user_picture_path', 'pictures') .'/picture-'. $form['#uid'] .'.'. $info['extension']; - if (file_copy($file, $destination, FILE_EXISTS_REPLACE)) { + if ($file = file_copy($file, $destination, FILE_EXISTS_REPLACE)) { $form_state['values']['picture'] = $file->filepath; } else { @@ -1528,8 +1528,8 @@ $user = user_load(array('uid' => $uid)); // Delete picture if requested, and if no replacement picture was given. if (!empty($edit['picture_delete'])) { - if ($user->picture && file_exists($user->picture)) { - file_delete($user->picture); + if ($user->picture && $file = file_load($user->picture)) { + file_delete($file); } $edit['picture'] = ''; }