Congegni/sintonia
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Attempt to fix bug #1709 - where names are not escaped before being used in database queries. Also converted some files to be partially compatible with Campware coding conventions.

Browse source
This commit is contained in:
paul 2006-09-15 13:13:38 +00:00
parent 67efd6686a
commit df89686c16
5 changed files with 1622 additions and 859 deletions
Download patch file Download diff file Expand all files Collapse all files

19
livesupport/src/modules/alib/var/class.php
View file

@ -2,26 +2,26 @@
/*------------------------------------------------------------------------------ /*------------------------------------------------------------------------------
Copyright (c) 2004 Media Development Loan Fund Copyright (c) 2004 Media Development Loan Fund
This file is part of the LiveSupport project. This file is part of the LiveSupport project.
http://livesupport.campware.org/ http://livesupport.campware.org/
To report bugs, send an e-mail to bugs@campware.org To report bugs, send an e-mail to bugs@campware.org
LiveSupport is free software; you can redistribute it and/or modify LiveSupport is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or the Free Software Foundation; either version 2 of the License, or
(at your option) any later version. (at your option) any later version.
LiveSupport is distributed in the hope that it will be useful, LiveSupport is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with LiveSupport; if not, write to the Free Software along with LiveSupport; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
Author : $Author$ Author : $Author$
Version : $Revision$ Version : $Revision$
Location : $URL$ Location : $URL$
@ -161,6 +161,7 @@ class ObjClasses extends M2tree{
*/ */
function getClassId($cname) function getClassId($cname)
{ {
$cname = pg_escape_string($cname);
return $this->dbc->getOne($query = "SELECT id FROM {$this->classTable} return $this->dbc->getOne($query = "SELECT id FROM {$this->classTable}
WHERE cname='$cname'"); WHERE cname='$cname'");
} }
@ -235,7 +236,7 @@ class ObjClasses extends M2tree{
))."\n"; ))."\n";
return $r; return $r;
} }
/** /**
* Delete all classes and membeship records * Delete all classes and membeship records
* *
@ -261,7 +262,7 @@ class ObjClasses extends M2tree{
$this->addObj2Class($o['cl2'], $this->tdata['tree']['pb']); $this->addObj2Class($o['cl2'], $this->tdata['tree']['pb']);
$this->tdata['classes'] = $o; $this->tdata['classes'] = $o;
} }
/** /**
* Make basic test * Make basic test
* *
@ -280,7 +281,7 @@ class ObjClasses extends M2tree{
$this->test_dump .= $this->dumpClasses(); $this->test_dump .= $this->dumpClasses();
$this->deleteData(); $this->deleteData();
if($this->test_dump==$this->test_correct){ if($this->test_dump==$this->test_correct){
$this->test_log.="class: OK\n"; return TRUE; $this->test_log.="class: OK\n"; return TRUE;
}else return PEAR::raiseError( }else return PEAR::raiseError(
'ObjClasses::test:', 1, PEAR_ERROR_DIE, '%s'. 'ObjClasses::test:', 1, PEAR_ERROR_DIE, '%s'.
"<pre>\ncorrect:\n{$this->test_correct}\n". "<pre>\ncorrect:\n{$this->test_correct}\n".

2
livesupport/src/modules/alib/var/m2tree.php
View file

@ -323,6 +323,7 @@ class M2tree{
if ($this->dbc->isError($xid)) { if ($this->dbc->isError($xid)) {
return $xid; return $xid;
} }
$newName = pg_escape_string($newName);
$r = $this->dbc->query(" $r = $this->dbc->query("
UPDATE {$this->treeTable} UPDATE {$this->treeTable}
SET name='$newName' SET name='$newName'
@ -348,6 +349,7 @@ class M2tree{
if ( ($name == '') && is_null($parId)) { if ( ($name == '') && is_null($parId)) {
$name = $this->rootNodeName; $name = $this->rootNodeName;
} }
$name = pg_escape_string($name);
$parcond = (is_null($parId) ? "parid is null" : $parcond = (is_null($parId) ? "parid is null" :
"parid='$parId' AND level=1"); "parid='$parId' AND level=1");
$r = $this->dbc->getOne(" $r = $this->dbc->getOne("

1333
livesupport/src/modules/storageServer/var/BasicStor.php
View file

File diff suppressed because it is too large Load diff

696
livesupport/src/modules/storageServer/var/LocStor.php
View file

File diff suppressed because it is too large Load diff

431
livesupport/src/modules/storageServer/var/StoredFile.php
View file

@ -2,26 +2,26 @@
/*------------------------------------------------------------------------------ /*------------------------------------------------------------------------------
Copyright (c) 2004 Media Development Loan Fund Copyright (c) 2004 Media Development Loan Fund
This file is part of the LiveSupport project. This file is part of the LiveSupport project.
http://livesupport.campware.org/ http://livesupport.campware.org/
To report bugs, send an e-mail to bugs@campware.org To report bugs, send an e-mail to bugs@campware.org
LiveSupport is free software; you can redistribute it and/or modify LiveSupport is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or the Free Software Foundation; either version 2 of the License, or
(at your option) any later version. (at your option) any later version.
LiveSupport is distributed in the hope that it will be useful, LiveSupport is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with LiveSupport; if not, write to the Free Software along with LiveSupport; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
Author : $Author$ Author : $Author$
Version : $Revision$ Version : $Revision$
Location : $URL$ Location : $URL$
@ -30,7 +30,7 @@
require_once "RawMediaData.php"; require_once "RawMediaData.php";
require_once "MetaData.php"; require_once "MetaData.php";
require_once dirname(__FILE__)."/../../getid3/var/getid3.php"; require_once dirname(__FILE__)."/../../getid3/var/getid3.php";
/** /**
* StoredFile class * StoredFile class
* *
@ -45,13 +45,13 @@ require_once dirname(__FILE__)."/../../getid3/var/getid3.php";
* @see MetaData * @see MetaData
* @see RawMediaData * @see RawMediaData
*/ */
class StoredFile{ class StoredFile {
/* ========================================================== constructor */ /* ========================================================== constructor */
/** /**
* Constructor, but shouldn't be externally called * Constructor, but shouldn't be externally called
* *
* @param gb reference to GreenBox object * @param reference $gb to GreenBox object
* @param gunid string, optional, globally unique id of file * @param string $gunid, optional, globally unique id of file
* @return this * @return this
*/ */
function StoredFile(&$gb, $gunid=NULL) function StoredFile(&$gb, $gunid=NULL)
@ -61,7 +61,9 @@ class StoredFile{
$this->filesTable = $gb->filesTable; $this->filesTable = $gb->filesTable;
$this->accessTable= $gb->accessTable; $this->accessTable= $gb->accessTable;
$this->gunid = $gunid; $this->gunid = $gunid;
if(is_null($this->gunid)) $this->gunid = $this->_createGunid(); if (is_null($this->gunid)) {
$this->gunid = $this->_createGunid();
}
$this->resDir = $this->_getResDir($this->gunid); $this->resDir = $this->_getResDir($this->gunid);
$this->accessDir = $this->gb->accessDir; $this->accessDir = $this->gb->accessDir;
$this->rmd =& new RawMediaData($this->gunid, $this->resDir); $this->rmd =& new RawMediaData($this->gunid, $this->resDir);
@ -69,33 +71,39 @@ class StoredFile{
# return $this->gunid; # return $this->gunid;
} }
/* ========= 'factory' methods - should be called to construct StoredFile */ /* ========= 'factory' methods - should be called to construct StoredFile */
/** /**
* Create instance of StoredFile object and insert new file * Create instance of StoredFile object and insert new file
* *
* @param gb reference to GreenBox object * @param reference $gb to GreenBox object
* @param oid int, local object id in the tree * @param int $oid, local object id in the tree
* @param name string, name of new file * @param string $name, name of new file
* @param mediaFileLP string, local path to media file * @param string $mediaFileLP, local path to media file
* @param metadata string, local path to metadata XML file or XML string * @param string $metadata, local path to metadata XML file or XML string
* @param mdataLoc string 'file'|'string' (optional) * @param string $mdataLoc 'file'|'string' (optional)
* @param gunid global unique id (optional) - for insert file with gunid * @param global $gunid unique id (optional) - for insert file with gunid
* @param ftype string, internal file type * @param string $ftype, internal file type
* @param className string, class to be constructed (opt.) * @param string $className, class to be constructed (opt.)
* @return instance of StoredFile object * @return instance of StoredFile object
*/ */
function &insert(&$gb, $oid, $name, function &insert(&$gb, $oid, $name,
$mediaFileLP='', $metadata='', $mdataLoc='file', $mediaFileLP='', $metadata='', $mdataLoc='file',
$gunid=NULL, $ftype=NULL, $className='StoredFile') $gunid=NULL, $ftype=NULL, $className='StoredFile')
{ {
foreach(array('name', 'ftype') as $v) $$v = pg_escape_string($$v); $name = pg_escape_string($name);
$ftype = pg_escape_string($ftype);
$ac =& new $className($gb, ($gunid ? $gunid : NULL)); $ac =& new $className($gb, ($gunid ? $gunid : NULL));
if(PEAR::isError($ac)) return $ac; if (PEAR::isError($ac)) {
return $ac;
}
$ac->name = $name; $ac->name = $name;
$ac->id = $oid; $ac->id = $oid;
$ac->mime = "unKnown"; $ac->mime = "unKnown";
$emptyState = TRUE; $emptyState = TRUE;
if($ac->name=='') $ac->name=$ac->gunid; if ($ac->name=='') {
$ac->name=$ac->gunid;
}
$ac->dbc->query("BEGIN"); $ac->dbc->query("BEGIN");
$res = $ac->dbc->query(" $res = $ac->dbc->query("
INSERT INTO {$ac->filesTable} INSERT INTO {$ac->filesTable}
@ -104,61 +112,72 @@ class StoredFile{
('$oid', '{$ac->name}', x'{$ac->gunid}'::bigint, ('$oid', '{$ac->name}', x'{$ac->gunid}'::bigint,
'{$ac->mime}', 'incomplete', '$ftype', now()) '{$ac->mime}', 'incomplete', '$ftype', now())
"); ");
if(PEAR::isError($res)){ $ac->dbc->query("ROLLBACK"); return $res; } if (PEAR::isError($res)) {
$ac->dbc->query("ROLLBACK");
return $res;
}
// --- metadata insert: // --- metadata insert:
if(is_null($metadata) || $metadata == ''){ if (is_null($metadata) || ($metadata == '') ) {
$metadata = dirname(__FILE__).'/emptyMdata.xml'; $metadata = dirname(__FILE__).'/emptyMdata.xml';
$mdataLoc = 'file'; $mdataLoc = 'file';
}else{ } else {
$emptyState = FALSE; $emptyState = FALSE;
} }
if($mdataLoc=='file' && !file_exists($metadata)) if ( ($mdataLoc == 'file') && !file_exists($metadata)) {
{
return PEAR::raiseError("StoredFile::insert: ". return PEAR::raiseError("StoredFile::insert: ".
"metadata file not found ($metadata)"); "metadata file not found ($metadata)");
} }
$res = $ac->md->insert($metadata, $mdataLoc, $ftype); $res = $ac->md->insert($metadata, $mdataLoc, $ftype);
if(PEAR::isError($res)){ if (PEAR::isError($res)) {
$ac->dbc->query("ROLLBACK"); return $res; $ac->dbc->query("ROLLBACK");
return $res;
} }
// --- media file insert: // --- media file insert:
if($mediaFileLP != ''){ if ($mediaFileLP != '') {
if(!file_exists($mediaFileLP)) if (!file_exists($mediaFileLP)) {
{
return PEAR::raiseError("StoredFile::insert: ". return PEAR::raiseError("StoredFile::insert: ".
"media file not found ($mediaFileLP)"); "media file not found ($mediaFileLP)");
} }
$res = $ac->rmd->insert($mediaFileLP); $res = $ac->rmd->insert($mediaFileLP);
if(PEAR::isError($res)){ if (PEAR::isError($res)) {
$ac->dbc->query("ROLLBACK"); return $res; $ac->dbc->query("ROLLBACK");
return $res;
} }
$mime = $ac->rmd->getMime(); $mime = $ac->rmd->getMime();
//$gb->debugLog("gunid={$ac->gunid}, mime=$mime"); //$gb->debugLog("gunid={$ac->gunid}, mime=$mime");
if($mime !== FALSE){ if ($mime !== FALSE) {
$res = $ac->setMime($mime); $res = $ac->setMime($mime);
if(PEAR::isError($res)){ if (PEAR::isError($res)) {
$ac->dbc->query("ROLLBACK"); return $res; $ac->dbc->query("ROLLBACK");
return $res;
} }
} }
$emptyState = FALSE; $emptyState = FALSE;
} }
if(!$emptyState){ if (!$emptyState) {
$res = $ac->setState('ready'); $res = $ac->setState('ready');
if(PEAR::isError($res)){ $ac->dbc->query("ROLLBACK"); return $res; } if (PEAR::isError($res)) {
$ac->dbc->query("ROLLBACK");
return $res;
}
} }
$res = $ac->dbc->query("COMMIT"); $res = $ac->dbc->query("COMMIT");
if(PEAR::isError($res)){ $ac->dbc->query("ROLLBACK"); return $res; } if (PEAR::isError($res)) {
$ac->dbc->query("ROLLBACK");
return $res;
}
return $ac; return $ac;
} }
/** /**
* Create instance of StoreFile object and recall existing file.<br> * Create instance of StoreFile object and recall existing file.<br>
* Should be supplied oid XOR gunid - not both ;) * Should be supplied oid XOR gunid - not both ;)
* *
* @param gb reference to GreenBox object * @param reference $gb to GreenBox object
* @param oid int, optional, local object id in the tree * @param int $oid, optional, local object id in the tree
* @param gunid string, optional, global unique id of file * @param string $gunid, optional, global unique id of file
* @param className string, optional classname to recall * @param string $className, optional classname to recall
* @return instance of StoredFile object * @return instance of StoredFile object
*/ */
function &recall(&$gb, $oid='', $gunid='', $className='StoredFile') function &recall(&$gb, $oid='', $gunid='', $className='StoredFile')
@ -171,8 +190,10 @@ class StoredFile{
SELECT id, to_hex(gunid)as gunid, mime, name, ftype SELECT id, to_hex(gunid)as gunid, mime, name, ftype
FROM {$gb->filesTable} WHERE $cond FROM {$gb->filesTable} WHERE $cond
"); ");
if(PEAR::isError($row)) return $row; if (PEAR::isError($row)) {
if(is_null($row)){ return $row;
}
if (is_null($row)) {
return PEAR::raiseError( return PEAR::raiseError(
"StoredFile::recall: fileobj not exist ($oid/$gunid)", "StoredFile::recall: fileobj not exist ($oid/$gunid)",
GBERR_FOBJNEX GBERR_FOBJNEX
@ -187,27 +208,29 @@ class StoredFile{
return $ac; return $ac;
} }
/** /**
* Create instance of StoreFile object and recall existing file * Create instance of StoreFile object and recall existing file
* by gunid.<br/> * by gunid.<br/>
* *
* @param gb reference to GreenBox object * @param reference $gb to GreenBox object
* @param gunid string, optional, global unique id of file * @param string $gunid, optional, global unique id of file
* @param className string, optional classname to recall * @param string $className, optional classname to recall
* @return instance of StoredFile object * @return instance of StoredFile object
*/ */
function &recallByGunid(&$gb, $gunid='', $className='StoredFile') function &recallByGunid(&$gb, $gunid='', $className='StoredFile')
{ {
return StoredFile::recall($gb, '', $gunid, $className); return StoredFile::recall($gb, '', $gunid, $className);
} }
/** /**
* Create instance of StoreFile object and recall existing file * Create instance of StoreFile object and recall existing file
* by access token.<br/> * by access token.<br/>
* *
* @param gb reference to GreenBox object * @param reference $gb to GreenBox object
* @param token string, access token * @param string $token, access token
* @param className string, optional classname to recall * @param string $className, optional classname to recall
* @return instance of StoredFile object * @return instance of StoredFile object
*/ */
function recallByToken(&$gb, $token, $className='StoredFile') function recallByToken(&$gb, $token, $className='StoredFile')
@ -217,18 +240,23 @@ class StoredFile{
FROM {$gb->accessTable} FROM {$gb->accessTable}
WHERE token=x'$token'::bigint WHERE token=x'$token'::bigint
"); ");
if(PEAR::isError($gunid)) return $gunid; if (PEAR::isError($gunid)) {
if(is_null($gunid)) return PEAR::raiseError( return $gunid;
}
if (is_null($gunid)) {
return PEAR::raiseError(
"StoredFile::recallByToken: invalid token ($token)", GBERR_AOBJNEX); "StoredFile::recallByToken: invalid token ($token)", GBERR_AOBJNEX);
}
$gunid = StoredFile::_normalizeGunid($gunid); $gunid = StoredFile::_normalizeGunid($gunid);
return StoredFile::recall($gb, '', $gunid, $className); return StoredFile::recall($gb, '', $gunid, $className);
} }
/** /**
* Create instance of StoredFile object and make copy of existing file * Create instance of StoredFile object and make copy of existing file
* *
* @param src reference to source object * @param reference $src to source object
* @param nid int, new local id * @param int $nid, new local id
*/ */
function &copyOf(&$src, $nid) function &copyOf(&$src, $nid)
{ {
@ -236,55 +264,65 @@ class StoredFile{
$src->gb, $nid, $src->name, $src->_getRealRADFname(), $src->gb, $nid, $src->name, $src->_getRealRADFname(),
'', '', NULL, $src->gb->_getType($src->gunid) '', '', NULL, $src->gb->_getType($src->gunid)
); );
if(PEAR::isError($ac)) return $ac; if (PEAR::isError($ac)) {
return $ac;
}
$ac->md->replace($src->md->getMetaData(), 'string'); $ac->md->replace($src->md->getMetaData(), 'string');
return $ac; return $ac;
} }
/* ======================================================= public methods */ /* ======================================================= public methods */
/** /**
* Replace existing file with new data * Replace existing file with new data
* *
* @param oid int, local id * @param int $oid, local id
* @param name string, name of file * @param string $name, name of file
* @param mediaFileLP string, local path to media file * @param string $mediaFileLP, local path to media file
* @param metadata string, local path to metadata XML file or XML string * @param string $metadata, local path to metadata XML file or XML string
* @param mdataLoc string 'file'|'string' * @param string $mdataLoc 'file'|'string'
*/ */
function replace($oid, $name, $mediaFileLP='', $metadata='', function replace($oid, $name, $mediaFileLP='', $metadata='',
$mdataLoc='file') $mdataLoc='file')
{ {
$this->dbc->query("BEGIN"); $this->dbc->query("BEGIN");
$res = $this->rename($name); $res = $this->rename($name);
if(PEAR::isError($res)){ $this->dbc->query("ROLLBACK"); return $res; } if (PEAR::isError($res)) {
if($mediaFileLP != ''){ // media $this->dbc->query("ROLLBACK");
return $res;
}
if ($mediaFileLP != '') { // media
$res = $this->replaceRawMediaData($mediaFileLP); $res = $this->replaceRawMediaData($mediaFileLP);
}else{ } else {
$res = $this->rmd->delete(); $res = $this->rmd->delete();
} }
if(PEAR::isError($res)){ if (PEAR::isError($res)) {
$this->dbc->query("ROLLBACK"); return $res; $this->dbc->query("ROLLBACK");
return $res;
} }
if($metadata != ''){ // metadata if ($metadata != '') { // metadata
$res = $this->replaceMetaData($metadata, $mdataLoc); $res = $this->replaceMetaData($metadata, $mdataLoc);
}else{ } else {
$res = $this->md->delete(); $res = $this->md->delete();
} }
if(PEAR::isError($res)){ if (PEAR::isError($res)) {
$this->dbc->query("ROLLBACK"); return $res; $this->dbc->query("ROLLBACK");
return $res;
} }
$res = $this->dbc->query("COMMIT"); $res = $this->dbc->query("COMMIT");
if(PEAR::isError($res)){ if (PEAR::isError($res)) {
$this->dbc->query("ROLLBACK"); return $res; $this->dbc->query("ROLLBACK");
return $res;
} }
return TRUE; return TRUE;
} }
/** /**
* Increase access counter, create access token, insert access record, * Increase access counter, create access token, insert access record,
* call access method of RawMediaData * call access method of RawMediaData
* *
* @param parent int parent token * @param int $parent parent token
* @return array with: access URL, access token * @return array with: access URL, access token
*/ */
function accessRawMediaData($parent='0') function accessRawMediaData($parent='0')
@ -292,50 +330,63 @@ class StoredFile{
$realFname = $this->_getRealRADFname(); $realFname = $this->_getRealRADFname();
$ext = $this->_getExt(); $ext = $this->_getExt();
$res = $this->gb->bsAccess($realFname, $ext, $this->gunid, 'access', $parent); $res = $this->gb->bsAccess($realFname, $ext, $this->gunid, 'access', $parent);
if(PEAR::isError($res)){ return $res; } if (PEAR::isError($res)) {
return $res;
}
$resultArray = $resultArray =
array('url'=>"file://{$res['fname']}", 'token'=>$res['token']); array('url'=>"file://{$res['fname']}", 'token'=>$res['token']);
return $resultArray; return $resultArray;
} }
/** /**
* Decrease access couter, delete access record, * Decrease access couter, delete access record,
* call release method of RawMediaData * call release method of RawMediaData
* *
* @param token string, access token * @param string $token, access token
* @return boolean * @return boolean
*/ */
function releaseRawMediaData($token) function releaseRawMediaData($token)
{ {
$res = $this->gb->bsRelease($token); $res = $this->gb->bsRelease($token);
if(PEAR::isError($res)){ return $res; } if (PEAR::isError($res)) {
return $res;
}
return TRUE; return TRUE;
} }
/** /**
* Replace media file only with new binary file * Replace media file only with new binary file
* *
* @param mediaFileLP string, local path to media file * @param string $mediaFileLP, local path to media file
*/ */
function replaceRawMediaData($mediaFileLP) function replaceRawMediaData($mediaFileLP)
{ {
$res = $this->rmd->replace($mediaFileLP); $res = $this->rmd->replace($mediaFileLP);
if(PEAR::isError($res)){ return $res; } if (PEAR::isError($res)) {
return $res;
}
$mime = $this->rmd->getMime(); $mime = $this->rmd->getMime();
if($mime !== FALSE){ if ($mime !== FALSE) {
$res = $this->setMime($mime); $res = $this->setMime($mime);
if(PEAR::isError($res)){ return $res; } if (PEAR::isError($res)) {
return $res;
}
} }
$r = $this->md->regenerateXmlFile(); $r = $this->md->regenerateXmlFile();
if(PEAR::isError($r)){ return $r; } if (PEAR::isError($r)) {
return $r;
}
} }
/** /**
* Replace metadata with new XML file * Replace metadata with new XML file
* *
* @param metadata string, local path to metadata XML file or XML string * @param string $metadata, local path to metadata XML file or XML string
* @param mdataLoc string 'file'|'string' * @param string $mdataLoc 'file'|'string'
* @param format string, metadata format for validation * @param string $format, metadata format for validation
* ('audioclip' | 'playlist' | 'webstream' | NULL) * ('audioclip' | 'playlist' | 'webstream' | NULL)
* (NULL = no validation) * (NULL = no validation)
* @return boolean * @return boolean
@ -344,14 +395,23 @@ class StoredFile{
{ {
$this->dbc->query("BEGIN"); $this->dbc->query("BEGIN");
$res = $r = $this->md->replace($metadata, $mdataLoc, $format); $res = $r = $this->md->replace($metadata, $mdataLoc, $format);
if(PEAR::isError($r)){ $this->dbc->query("ROLLBACK"); return $r; } if (PEAR::isError($r)) {
$this->dbc->query("ROLLBACK");
return $r;
}
$r = $this->md->regenerateXmlFile(); $r = $this->md->regenerateXmlFile();
if(PEAR::isError($r)){ $this->dbc->query("ROLLBACK"); return $r; } if (PEAR::isError($r)) {
$this->dbc->query("ROLLBACK");
return $r;
}
$res = $r = $this->dbc->query("COMMIT"); $res = $r = $this->dbc->query("COMMIT");
if(PEAR::isError($r)) return $r; if (PEAR::isError($r)) {
return $r;
}
return TRUE; return TRUE;
} }
/** /**
* Get metadata as XML string * Get metadata as XML string
* *
@ -363,6 +423,7 @@ class StoredFile{
return $this->md->getMetaData(); return $this->md->getMetaData();
} }
/** /**
* Analyze file with getid3 module.<br> * Analyze file with getid3 module.<br>
* Obtain some metadata stored in media file.<br> * Obtain some metadata stored in media file.<br>
@ -377,61 +438,71 @@ class StoredFile{
return $ia; return $ia;
} }
/** /**
* Rename stored virtual file * Rename stored virtual file
* *
* @param newname string * @param string $newname
* @return true or PEAR::error * @return true or PEAR::error
*/ */
function rename($newname) function rename($newname)
{ {
foreach(array('newname') as $v) $$v = pg_escape_string($$v); $newname = pg_escape_string($newname);
$res = $this->dbc->query(" $res = $this->dbc->query("
UPDATE {$this->filesTable} SET name='$newname', mtime=now() UPDATE {$this->filesTable} SET name='$newname', mtime=now()
WHERE gunid=x'{$this->gunid}'::bigint WHERE gunid=x'{$this->gunid}'::bigint
"); ");
if(PEAR::isError($res)) return $res; if (PEAR::isError($res)) {
return $res;
}
return TRUE; return TRUE;
} }
/** /**
* Set state of virtual file * Set state of virtual file
* *
* @param state string, 'empty'|'incomplete'|'ready'|'edited' * @param string $state, 'empty'|'incomplete'|'ready'|'edited'
* @param editedby int, user id | 'NULL' for clear editedBy field * @param int $editedby, user id | 'NULL' for clear editedBy field
* (optional) * (optional)
* @return boolean or error * @return boolean or error
*/ */
function setState($state, $editedby=NULL) function setState($state, $editedby=NULL)
{ {
foreach(array('state') as $v) $$v = pg_escape_string($$v); $state = pg_escape_string($state);
$eb = (!is_null($editedby) ? ", editedBy=$editedby" : ''); $eb = (!is_null($editedby) ? ", editedBy=$editedby" : '');
$res = $this->dbc->query(" $res = $this->dbc->query("
UPDATE {$this->filesTable} UPDATE {$this->filesTable}
SET state='$state'$eb, mtime=now() SET state='$state'$eb, mtime=now()
WHERE gunid=x'{$this->gunid}'::bigint WHERE gunid=x'{$this->gunid}'::bigint
"); ");
if(PEAR::isError($res)){ return $res; } if (PEAR::isError($res)) {
return $res;
}
return TRUE; return TRUE;
} }
/** /**
* Set mime-type of virtual file * Set mime-type of virtual file
* *
* @param mime string, mime-type * @param string $mime, mime-type
* @return boolean or error * @return boolean or error
*/ */
function setMime($mime) function setMime($mime)
{ {
foreach(array('mime') as $v) $$v = pg_escape_string($$v); $mime = pg_escape_string($mime);
$res = $this->dbc->query(" $res = $this->dbc->query("
UPDATE {$this->filesTable} SET mime='$mime', mtime=now() UPDATE {$this->filesTable} SET mime='$mime', mtime=now()
WHERE gunid=x'{$this->gunid}'::bigint WHERE gunid=x'{$this->gunid}'::bigint
"); ");
if(PEAR::isError($res)){ return $res; } if (PEAR::isError($res)) {
return $res;
}
return TRUE; return TRUE;
} }
/** /**
* Delete stored virtual file * Delete stored virtual file
* *
@ -441,84 +512,112 @@ class StoredFile{
function delete() function delete()
{ {
$res = $this->rmd->delete(); $res = $this->rmd->delete();
if(PEAR::isError($res)) return $res; if (PEAR::isError($res)) {
return $res;
}
$res = $this->md->delete(); $res = $this->md->delete();
if(PEAR::isError($res)) return $res; if (PEAR::isError($res)) {
return $res;
}
$tokens = $this->dbc->getAll(" $tokens = $this->dbc->getAll("
SELECT to_hex(token)as token, ext FROM {$this->accessTable} SELECT to_hex(token)as token, ext FROM {$this->accessTable}
WHERE gunid=x'{$this->gunid}'::bigint WHERE gunid=x'{$this->gunid}'::bigint
"); ");
if(is_array($tokens)) foreach($tokens as $i=>$item){ if (is_array($tokens)) {
$file = $this->_getAccessFname($item['token'], $item['ext']); foreach($tokens as $i=>$item){
if(file_exists($file)){ @unlink($file); } $file = $this->_getAccessFname($item['token'], $item['ext']);
if (file_exists($file)) {
@unlink($file);
}
}
} }
$res = $this->dbc->query(" $res = $this->dbc->query("
DELETE FROM {$this->accessTable} DELETE FROM {$this->accessTable}
WHERE gunid=x'{$this->gunid}'::bigint WHERE gunid=x'{$this->gunid}'::bigint
"); ");
if(PEAR::isError($res)) return $res; if (PEAR::isError($res)) {
return $res;
}
$res = $this->dbc->query(" $res = $this->dbc->query("
DELETE FROM {$this->filesTable} DELETE FROM {$this->filesTable}
WHERE gunid=x'{$this->gunid}'::bigint WHERE gunid=x'{$this->gunid}'::bigint
"); ");
if(PEAR::isError($res)) return $res; if (PEAR::isError($res)) {
return $res;
}
return TRUE; return TRUE;
} }
/** /**
* Returns true if virtual file is accessed.<br> * Returns true if virtual file is accessed.<br>
* Static or dynamic call is possible. * Static or dynamic call is possible.
* *
* @param gunid string, optional (for static call), global unique id * @param string $gunid, optional (for static call), global unique id
*/ */
function isAccessed($gunid=NULL) function isAccessed($gunid=NULL)
{ {
if(is_null($gunid)) $gunid = $this->gunid; if (is_null($gunid)) {
$gunid = $this->gunid;
}
$ca = $this->dbc->getOne(" $ca = $this->dbc->getOne("
SELECT currentlyAccessing FROM {$this->filesTable} SELECT currentlyAccessing FROM {$this->filesTable}
WHERE gunid=x'$gunid'::bigint WHERE gunid=x'$gunid'::bigint
"); ");
if(is_null($ca)){ if (is_null($ca)) {
return PEAR::raiseError( return PEAR::raiseError(
"StoredFile::isAccessed: invalid gunid ($gunid)", "StoredFile::isAccessed: invalid gunid ($gunid)",
GBERR_FOBJNEX GBERR_FOBJNEX
); );
} }
return ($ca > 0); return ($ca > 0);
} }
/** /**
* Returns true if virtual file is edited * Returns true if virtual file is edited
* *
* @param playlistId string, playlist global unique ID * @param string $playlistId, playlist global unique ID
* @return boolean * @return boolean
*/ */
function isEdited($playlistId=NULL) function isEdited($playlistId=NULL)
{ {
if(is_null($playlistId)) $playlistId = $this->gunid; if (is_null($playlistId)) {
$playlistId = $this->gunid;
}
$state = $this->_getState($playlistId); $state = $this->_getState($playlistId);
if($state != 'edited'){ return FALSE; } if ($state != 'edited') {
return FALSE;
}
return TRUE; return TRUE;
} }
/** /**
* Returns id of user editing playlist * Returns id of user editing playlist
* *
* @param playlistId string, playlist global unique ID * @param string $playlistId, playlist global unique ID
* @return null or int, id of user editing it * @return null or int, id of user editing it
*/ */
function isEditedBy($playlistId=NULL) function isEditedBy($playlistId=NULL)
{ {
if(is_null($playlistId)) $playlistId = $this->gunid; if (is_null($playlistId)) {
$playlistId = $this->gunid;
}
$ca = $this->dbc->getOne(" $ca = $this->dbc->getOne("
SELECT editedBy FROM {$this->filesTable} SELECT editedBy FROM {$this->filesTable}
WHERE gunid=x'$playlistId'::bigint WHERE gunid=x'$playlistId'::bigint
"); ");
if($this->dbc->isError($ca)) return $ca; if ($this->dbc->isError($ca)) {
if(is_null($ca)) return $ca; return $ca;
}
if (is_null($ca)) {
return $ca;
}
return intval($ca); return intval($ca);
} }
/** /**
* Returns local id of virtual file * Returns local id of virtual file
* *
@ -526,7 +625,8 @@ class StoredFile{
function getId() function getId()
{ {
return $this->id; return $this->id;
} }
/** /**
* Returns true if raw media file exists * Returns true if raw media file exists
@ -538,14 +638,19 @@ class StoredFile{
SELECT to_hex(gunid) FROM {$this->filesTable} SELECT to_hex(gunid) FROM {$this->filesTable}
WHERE gunid=x'{$this->gunid}'::bigint WHERE gunid=x'{$this->gunid}'::bigint
"); ");
if(PEAR::isError($indb)) return $indb; if (PEAR::isError($indb)) {
if(is_null($indb)) return FALSE; return $indb;
if($this->gb->_getType($this->gunid) == 'audioclip'){ }
if (is_null($indb)) {
return FALSE;
}
if ($this->gb->_getType($this->gunid) == 'audioclip') {
return $this->rmd->exists(); return $this->rmd->exists();
} }
return TRUE; return TRUE;
} }
/* ==================================================== "private" methods */ /* ==================================================== "private" methods */
/** /**
* Create new global unique id * Create new global unique id
@ -563,6 +668,7 @@ class StoredFile{
return StoredFile::_normalizeGunid($res); return StoredFile::_normalizeGunid($res);
} }
/** /**
* Create new global unique id * Create new global unique id
* *
@ -572,26 +678,32 @@ class StoredFile{
return str_pad($gunid0, 16, "0", STR_PAD_LEFT); return str_pad($gunid0, 16, "0", STR_PAD_LEFT);
} }
/** /**
* Get local id from global id. * Get local id from global id.
* Static or dynamic call is possible. * Static or dynamic call is possible.
* *
* @param gunid string, optional (for static call), * @param string $gunid, optional (for static call),
* global unique id of file * global unique id of file
*/ */
function _idFromGunid($gunid=NULL) function _idFromGunid($gunid=NULL)
{ {
if(is_null($gunid)) $gunid = $this->$gunid; if (is_null($gunid)) {
$gunid = $this->$gunid;
}
$id = $this->dbc->getOne(" $id = $this->dbc->getOne("
SELECT id FROM {$this->filesTable} SELECT id FROM {$this->filesTable}
WHERE gunid=x'$gunid'::bigint WHERE gunid=x'$gunid'::bigint
"); ");
if(is_null($id)) return PEAR::raiseError( if (is_null($id)) {
return PEAR::raiseError(
"StoredFile::_idFromGunid: no such global unique id ($gunid)" "StoredFile::_idFromGunid: no such global unique id ($gunid)"
); );
}
return $id; return $id;
} }
/** /**
* Return suitable extension.<br> * Return suitable extension.<br>
* <b>TODO: make it general - is any tool for it?</b> * <b>TODO: make it general - is any tool for it?</b>
@ -602,70 +714,86 @@ class StoredFile{
{ {
$fname = $this->_getFileName(); $fname = $this->_getFileName();
$pos = strrpos($fname, '.'); $pos = strrpos($fname, '.');
if($pos !== FALSE){ if ($pos !== FALSE) {
$ext = substr($fname, $pos+1); $ext = substr($fname, $pos+1);
if($ext !== FALSE) return $ext; if ($ext !== FALSE) {
return $ext;
}
} }
switch(strtolower($this->mime)){ switch (strtolower($this->mime)) {
case"audio/mpeg": case "audio/mpeg":
$ext="mp3"; break; $ext = "mp3";
case"audio/x-wav": break;
case"audio/x-wave": case "audio/x-wav":
$ext="wav"; break; case "audio/x-wave":
case"audio/x-ogg": $ext = "wav";
case"application/x-ogg": break;
$ext="ogg"; break; case "audio/x-ogg":
case "application/x-ogg":
$ext = "ogg";
break;
default: default:
$ext="bin"; break; $ext = "bin";
break;
} }
return $ext; return $ext;
} }
/** /**
* Get mime-type from global id * Get mime-type from global id
* *
* @param gunid string, optional, global unique id of file * @param string $gunid, optional, global unique id of file
* @return string, mime-type * @return string, mime-type
*/ */
function _getMime($gunid=NULL) function _getMime($gunid=NULL)
{ {
if(is_null($gunid)) $gunid = $this->gunid; if (is_null($gunid)) {
$gunid = $this->gunid;
}
return $this->dbc->getOne(" return $this->dbc->getOne("
SELECT mime FROM {$this->filesTable} SELECT mime FROM {$this->filesTable}
WHERE gunid=x'$gunid'::bigint WHERE gunid=x'$gunid'::bigint
"); ");
} }
/** /**
* Get storage-internal file state * Get storage-internal file state
* *
* @param gunid string, optional, global unique id of file * @param string $gunid, optional, global unique id of file
* @return string, see install() * @return string, see install()
*/ */
function _getState($gunid=NULL) function _getState($gunid=NULL)
{ {
if(is_null($gunid)) $gunid = $this->gunid; if (is_null($gunid)) {
$gunid = $this->gunid;
}
return $this->dbc->getOne(" return $this->dbc->getOne("
SELECT state FROM {$this->filesTable} SELECT state FROM {$this->filesTable}
WHERE gunid=x'$gunid'::bigint WHERE gunid=x'$gunid'::bigint
"); ");
} }
/** /**
* Get mnemonic file name * Get mnemonic file name
* *
* @param gunid string, optional, global unique id of file * @param string $gunid, optional, global unique id of file
* @return string, see install() * @return string, see install()
*/ */
function _getFileName($gunid=NULL) function _getFileName($gunid=NULL)
{ {
if(is_null($gunid)) $gunid = $this->gunid; if (is_null($gunid)) {
$gunid = $this->gunid;
}
return $this->dbc->getOne(" return $this->dbc->getOne("
SELECT name FROM {$this->filesTable} SELECT name FROM {$this->filesTable}
WHERE gunid=x'$gunid'::bigint WHERE gunid=x'$gunid'::bigint
"); ");
} }
/** /**
* Get and optionaly create subdirectory in real filesystem for storing * Get and optionaly create subdirectory in real filesystem for storing
* raw media data * raw media data
@ -676,10 +804,14 @@ class StoredFile{
$resDir="{$this->gb->storageDir}/".substr($this->gunid, 0, 3); $resDir="{$this->gb->storageDir}/".substr($this->gunid, 0, 3);
#$this->gb->debugLog("$resDir"); #$this->gb->debugLog("$resDir");
// see Transport::_getResDir too for resDir name create code // see Transport::_getResDir too for resDir name create code
if(!is_dir($resDir)){ mkdir($resDir, 02775); chmod($resDir, 02775); } if (!is_dir($resDir)) {
mkdir($resDir, 02775);
chmod($resDir, 02775);
}
return $resDir; return $resDir;
} }
/** /**
* Get real filename of raw media data * Get real filename of raw media data
* *
@ -690,6 +822,7 @@ class StoredFile{
return $this->rmd->getFname(); return $this->rmd->getFname();
} }
/** /**
* Get real filename of metadata file * Get real filename of metadata file
* *
@ -700,6 +833,7 @@ class StoredFile{
return $this->md->getFname(); return $this->md->getFname();
} }
/** /**
* Create and return name for temporary symlink.<br> * Create and return name for temporary symlink.<br>
* <b>TODO: Should be more unique</b> * <b>TODO: Should be more unique</b>
@ -710,5 +844,6 @@ class StoredFile{
$token = StoredFile::_normalizeGunid($token); $token = StoredFile::_normalizeGunid($token);
return "{$this->accessDir}/$token.$ext"; return "{$this->accessDir}/$token.$ext";
} }
}
} // class StoredFile
?> ?>