'filefield_js', 'page arguments' => array(2, 3, 4), 'access callback' => 'filefield_edit_access', 'access arguments' => array(3), 'type' => MENU_CALLBACK, ); return $items; } /** * Implementation of hook_elements(). * @todo: autogenerate element registry entries for widgets. */ function filefield_elements() { $elements = array(); $elements['filefield_widget'] = array( '#input' => TRUE, '#columns' => array('fid', 'list', 'data'), '#process' => array('filefield_widget_process'), '#value_callback' => 'filefield_widget_value', '#element_validate' => array('filefield_widget_validate'), '#description' => t('Changes made to the attachments are not permanent until you save this post.'), ); return $elements; } /** * Implementation of hook_theme(). * @todo: autogenerate theme registry entrys for widgets. */ function filefield_theme() { return array( 'filefield_file' => array( 'arguments' => array('file' => NULL), 'file' => 'filefield_formatter.inc', ), 'filefield_icon' => array( 'arguments' => array('file' => NULL), 'file' => 'filefield.theme.inc', ), 'filefield_widget' => array( 'arguments' => array('element' => NULL), 'file' => 'filefield_widget.inc', ), 'filefield_widget_item' => array( 'arguments' => array('element' => NULL), 'file' => 'filefield_widget.inc', ), 'filefield_widget_preview' => array( 'arguments' => array('element' => NULL), 'file' => 'filefield_widget.inc', ), 'filefield_widget_file' => array( 'arguments' => array('element' => NULL), 'file' => 'filefield_widget.inc', ), 'filefield_formatter_default' => array( 'arguments' => array('element' => NULL), 'file' => 'filefield_formatter.inc', ), 'filefield_item' => array( 'arguments' => array('file' => NULL, 'field' => NULL), 'file' => 'filefield_formatter.inc', ), 'filefield_file' => array( 'arguments' => array('file' => NULL), 'file' => 'filefield_formatter.inc', ), ); } /** * Implementation of hook_file_download(). Yes, *that* hook that causes * any attempt for file upload module interoperability to fail spectacularly. */ function filefield_file_download($file) { $file = file_create_path($file); $result = db_query("SELECT * FROM {files} WHERE filepath = '%s'", $file); if (!$file = db_fetch_object($result)) { // We don't really care about this file. return; } // Find out if any filefield contains this file, and if so, which field // and node it belongs to. Required for later access checking. $cck_files = array(); foreach (content_fields() as $field) { if ($field['type'] == 'filefield' || $field['type'] == 'image') { $db_info = content_database_info($field); $table = $db_info['table']; $fid_column = $db_info['columns']['fid']['column']; $columns = array('vid', 'nid'); foreach ($db_info['columns'] as $property_name => $column_info) { $columns[] = $column_info['column'] .' AS '. $property_name; } $result = db_query("SELECT ". implode(', ', $columns) ." FROM {". $table ."} WHERE ". $fid_column ." = %d", $file->fid); while ($content = db_fetch_array($result)) { $content['field'] = $field; $cck_files[$field['field_name']][$content['vid']] = $content; } } } // If no filefield item is involved with this file, we don't care about it. if (empty($cck_files)) { return; } // If any node includes this file but the user may not view this field, // then deny the download. foreach ($cck_files as $field_name => $field_files) { if (!filefield_view_access($field_name)) { return -1; } } // So the overall field view permissions are not denied, but if access is // denied for a specific node containing the file, deny the download as well. // It's probably a little too restrictive, but I can't think of a // better way at the moment. Input appreciated. // (And yeah, node access checks also include checking for 'access content'.) $nodes = array(); foreach ($cck_files as $field_name => $field_files) { foreach ($field_files as $revision_id => $content) { // Checking separately for each revision is probably not the best idea - // what if 'view revisions' is disabled? So, let's just check for the // current revision of that node. if (isset($nodes[$content['nid']])) { continue; // don't check the same node twice } $node = node_load($content['nid']); if (!node_access('view', $node)) { // You don't have permission to view the node this file is attached to. return -1; } $nodes[$content['nid']] = $node; } } // Well I guess you can see this file. $name = mime_header_encode($file->filename); $type = mime_header_encode($file->filemime); // Serve images and text inline for the browser to display rather than download. $disposition = ereg('^(text/|image/)', $file->filemime) ? 'inline' : 'attachment'; return array( 'Content-Type: '. $type .'; name='. $name, 'Content-Length: '. $file->filesize, 'Content-Disposition: '. $disposition .'; filename='. $name, 'Cache-Control: private', ); } /** * Implementation of hook_form_alter(). * * Set the appropriate attibutes to allow file uploads on the field settings * form. */ function filefield_form_alter(&$form, $form_state, $form_id) { if ($form_id == 'content_field_edit_form' && isset($form['#field']) && $form['#field']['type'] == 'filefield') { $form['#attributes']['enctype'] = 'multipart/form-data'; } if (preg_match('/_node_form$/', $form_id)) { $form['#attributes']['enctype'] = 'multipart/form-data'; } } /** * Implementation of CCK's hook_field_info(). */ function filefield_field_info() { return array( 'filefield' => array( 'label' => 'File', 'description' => t('Store an arbitrary file.'), ), ); } /** * Implementation of hook_field_settings(). */ function filefield_field_settings($op, $field) { $return = array(); module_load_include('inc', 'filefield', 'filefield_field'); $op = str_replace(' ', '_', $op); // add filefield specific handlers... $function = 'filefield_field_settings_'. $op; if (function_exists($function)) { $result = $function($field); if (isset($result) && is_array($result)) { $return = $result; } } // dynamically load widgets file and callbacks for other fields utilizing // filefield's hook_field_settings implementation. module_load_include('inc', $field['module'], $field['type'] .'_field'); $function = $field['module'] .'_'. $field['type'] .'_field_settings_'. $op; if (function_exists($function)) { $result = $function($field); if (isset($result) && is_array($result)) { $return = array_merge($return, $result); } } return $return; } /** * Implementtation of CCK's hook_field(). */ function filefield_field($op, $node, $field, &$items, $teaser, $page) { module_load_include('inc', 'filefield', 'filefield_field'); $op = str_replace(' ', '_', $op); // add filefield specific handlers... $function = 'filefield_field_'. $op; if (function_exists($function)) { return $function($node, $field, $items, $teaser, $page); } } /** * Implementation of CCK's hook_widget_settings(). */ function filefield_widget_settings($op, $widget) { switch ($op) { case 'form': return filefield_widget_settings_form($widget); case 'save': return filefield_widget_settings_save($widget); } } /** * Implementation of hook_widget(). */ function filefield_widget(&$form, &$form_state, $field, $items, $delta = 0) { // CCK doesn't give a validate callback at the field level... // and FAPI's #require is naieve to complex structures... // we validate at the field level ourselves. if (empty($form['#validate']) || !in_array('filefield_node_form_validate', $form['#validate'])) { $form['#validate'][] = 'filefield_node_form_validate'; } if (empty($form['#submit']) || !in_array('filefield_node_form_submit', $form['#submit'])) { $form['#submit'][] = 'filefield_node_form_submit'; } $form['#attributes'] = array('enctype' => 'multipart/form-data'); module_load_include('inc', 'filefield', 'field_widget'); module_load_include('inc', $field['widget']['module'], $field['widget']['module'] .'_widget'); $item = array('fid' => 0, 'list' => $field['list_default'], 'data' => array('description' => '')); if (isset($items[$delta])) { $item = array_merge($item, $items[$delta]); } $element = array( '#title' => $field['widget']['label'], '#type' => $field['widget']['type'], '#default_value' => $item, '#upload_validators' => filefield_widget_upload_validators($field), ); return $element; } /** * Get the upload validators for a file field. * * @param $field CCK Field * @return array suitable for passing to file_save_upload() or the filefield * element's '#upload_validators' property. */ function filefield_widget_upload_validators($field) { $max_filesize = parse_size(file_upload_max_size()); if (!empty($field['widget']['max_filesize_per_file']) && parse_size($field['widget']['max_filesize_per_file']) < $max_filesize) { $max_filesize = parse_size($field['widget']['max_filesize_per_file']); } $validators = array( // associate the field to the file on validation. 'filefield_validate_associate_field' => array($field), 'filefield_validate_size' => array($max_filesize), // Override core since it excludes uid 1 on the extension check. // Filefield only excuses uid 1 of quota requirements. 'filefield_validate_extensions' => array($field['widget']['file_extensions']), ); return $validators; } /** * Implementation of CCK's hook_content_is_empty(). * * The result of this determines whether content.module will save * the value of the field. */ function filefield_content_is_empty($item, $field) { return empty($item['fid']) || (int)$item['fid'] == 0; } /** * Implementation of CCK's hook_widget_info(). */ function filefield_widget_info() { return array( 'filefield_widget' => array( 'label' => t('File Upload'), 'field types' => array('filefield'), 'multiple values' => CONTENT_HANDLE_CORE, 'callbacks' => array('default value' => CONTENT_CALLBACK_CUSTOM), 'description' => t('A plain file upload widget.'), ), ); } /** * Implementation of CCK's hook_field_formatter_info(). */ function filefield_field_formatter_info() { return array( 'default' => array( 'label' => t('Generic files'), 'field types' => array('filefield'), 'multiple values' => CONTENT_HANDLE_CORE, 'description' => t('Displays all kinds of files with an icon and a linked file description.'), ), ); } /** * Determine the most appropriate icon for the given file's mimetype. * * @param $file * A file object. * @return * The URL of the icon image file, or FALSE if no icon could be found. */ function filefield_icon_url($file) { include_once(drupal_get_path('module', 'filefield') .'/filefield.theme.inc'); return _filefield_icon_url($file); } /** * Access callback for the JavaScript upload and deletion AHAH callbacks. * The content_permissions module provides nice fine-grained permissions for * us to check, so we can make sure that the user may actually edit the file. */ function filefield_edit_access($field_name) { if (module_exists('content_permissions')) { return user_access('edit '. $field_name); } // No content permissions to check, so let's fall back to a more general permission. return user_access('access content'); } /** * Access callback that checks if the current user may view the filefield. */ function filefield_view_access($field_name) { if (module_exists('content_permissions')) { return user_access('view '. $field_name); } // No content permissions to check, so let's fall back to a more general permission. return user_access('access content'); } /** * Shared AHAH callback for uploads and deletions... It rebuilds the form element * for a particular field item. As long as the form processing is properly * encapsulated in the widget element the form should rebuild correctly using * FAPI without the need for additional callbacks or processing. */ function filefield_js($type_name, $field_name, $delta) { $field = content_fields($field_name, $type_name); if (empty($field) || empty($_POST['form_build_id'])) { // Invalid request. print drupal_to_js(array('data' => '')); exit; } // Build the new form. $form_state = array('submitted' => FALSE); $form_build_id = $_POST['form_build_id']; $form = form_get_cache($form_build_id, $form_state); if (!$form) { // Invalid form_build_id. print drupal_to_js(array('data' => '')); exit; } // Build the form. This calls the file field's #value_callback function and // saves the uploaded file. Since this form is already marked as cached // (the #cache property is TRUE), the cache is updated automatically and we // don't need to call form_set_cache(). $args = $form['#parameters']; $form_id = array_shift($args); $form['#post'] = $_POST; $form = form_builder($form_id, $form, $form_state); // Update the cached form with the new element at the right place in the form. if (module_exists('fieldgroup') && ($group_name = _fieldgroup_field_get_group($type_name, $field_name))) { if (isset($form['#multigroups']) && isset($form['#multigroups'][$group_name][$field_name])) { $form_element = $form[$group_name][$delta][$field_name]; } else { $form_element = $form[$group_name][$field_name][$delta]; } } else { $form_element = $form[$field_name][$delta]; } if (isset($form_element['_weight'])) { unset($form_element['_weight']); } $output = drupal_render($form_element); // AHAH is not being nice to us and doesn't know the "other" button (that is, // either "Upload" or "Delete") yet. Which in turn causes it not to attach // AHAH behaviours after replacing the element. So we need to tell it first. // Loop through the JS settings and find the settings needed for our buttons. $javascript = drupal_add_js(NULL, NULL); $filefield_ahah_settings = array(); if (isset($javascript['setting'])) { foreach ($javascript['setting'] as $settings) { if (isset($settings['ahah'])) { foreach ($settings['ahah'] as $id => $ahah_settings) { if (strpos($id, 'filefield-upload') || strpos($id, 'filefield-remove')) { $filefield_ahah_settings[$id] = $ahah_settings; } } } } } // Add the AHAH settings needed for our new buttons. if (!empty($filefield_ahah_settings)) { $output .= ''; } $output = theme('status_messages') . $output; // For some reason, file uploads don't like drupal_json() with its manual // setting of the text/javascript HTTP header. So use this one instead. $GLOBALS['devel_shutdown'] = FALSE; print drupal_to_js(array('status' => TRUE, 'data' => $output)); exit; } /** * Implementation of hook_file_references(). */ function filefield_file_references($file) { $references = 0; foreach (content_fields() as $field) { if ($field['type'] != 'filefield') { continue; } $references += field_file_references($file, $field); } return array('filefield' => $references); } /** * Implementation of hook_file_delete(). */ function filefield_file_delete($file) { // foreach field... remove items referencing $file. } /** * Check that the filename ends with an allowed extension. This check is * enforced for the user #1. * * @param $file * A Drupal file object. * @param $extensions * A string with a space separated * @return * An array. If the file extension is not allowed, it will contain an error message. */ function filefield_validate_extensions($file, $extensions) { global $user; $errors = array(); if (!empty($extensions)) { $regex = '/\.('. ereg_replace(' +', '|', preg_quote($extensions)) .')$/i'; if (!preg_match($regex, $file->filename)) { $errors[] = t('Only files with the following extensions are allowed: %files-allowed.', array('%files-allowed' => $extensions)); } } return $errors; } // These three functions return messages for file_validate_size, and file_validate_extensions. // They're a neat hack that gets the job done. Even though it's evil to put a // function into a namespace not owned by your module... function filefield_validate_extensions_help($extensions) { if (!empty($extensions)) { return t('Allowed Extensions: %ext', array('%ext' => $extensions)); } else { return ''; } } function filefield_validate_size($file, $file_limit = 0, $user_limit = 0) { global $user; $errors = array(); if ($file_limit && $file->filesize > $file_limit) { $errors[] = t('The file is %filesize exceeding the maximum file size of %maxsize.', array('%filesize' => format_size($file->filesize), '%maxsize' => format_size($file_limit))); } // Bypass user limits for uid = 1. if ($user->uid != 1) { $total_size = file_space_used($user->uid) + $file->filesize; if ($user_limit && $total_size > $user_limit) { $errors[] = t('The file is %filesize which would exceed your disk quota of %quota.', array('%filesize' => format_size($file->filesize), '%quota' => format_size($user_limit))); } } return $errors; } function filefield_validate_size_help($size) { return t('Maximum Filesize: %size', array('%size' => format_size(parse_size($size)))); } function filefield_validate_image_resolution(&$file, $maximum_dimensions = 0, $minimum_dimensions = 0) { $errors = array(); // Check first that the file is an image. if ($info = image_get_info($file->filepath)) { if ($maximum_dimensions) { // Check that it is smaller than the given dimensions. list($width, $height) = explode('x', $maximum_dimensions); if ($info['width'] > $width || $info['height'] > $height) { // Try to resize the image to fit the dimensions. if (image_get_toolkit() && image_scale($file->filepath, $file->filepath, $width, $height)) { drupal_set_message(t('The image was resized to fit within the maximum allowed dimensions of %dimensions pixels.', array('%dimensions' => $maximum_dimensions))); // Clear the cached filesize and refresh the image information. clearstatcache(); $info = image_get_info($file->filepath); $file->filesize = $info['file_size']; } else { $errors[] = t('The image is too large; the maximum dimensions are %dimensions pixels.', array('%dimensions' => $maximum_dimensions)); } } } if ($minimum_dimensions) { // Check that it is larger than the given dimensions. list($width, $height) = explode('x', $minimum_dimensions); if ($info['width'] < $width || $info['height'] < $height) { $errors[] = t('The image is too small; the minimum dimensions are %dimensions pixels.', array('%dimensions' => $minimum_dimensions)); } } } return $errors; } function filefield_validate_image_resolution_help($max_size = '0', $min_size = '0') { if (!empty($max_size)) { if (!empty($min_size)) { if ($max_size == $min_size) { return t('Images must be exactly @min_size pixels', array('@min_size' => $min_size)); } else { return t('Images must be between @min_size pixels and @max_size', array('@max_size' => $max_size, '@min_size' => $min_size)); } } else { if (image_get_toolkit()) { return t('Images larger than @max_size pixels will be scaled', array('@max_size' => $max_size)); } else { return t('Images must be smaller than @max_size pixels', array('@max_size' => $max_size)); } } } if (!empty($min_size)) { return t('Images must be larger than @max_size pixels', array('@max_size' => $min_size)); } } function filefield_validate_is_image(&$file) { $errors = array(); $info = image_get_info($file->filepath); if (!$info || empty($info['extension'])) { $errors[] = t('Only JPEG, PNG and GIF images are allowed.'); } return $errors; } /** * This validation function adds the field to the file object, for later * use in field aware modules implementing hook_file. */ function filefield_validate_associate_field(&$file, $field) { $file->field = $field; return array(); } function filefield_validate_is_image_help($arguments = NULL) { return t('Must be a JPEG, PNG or GIF image'); }