projects / civicrm-core.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
fix email processor dropping attachments
[civicrm-core.git] / CRM / Core / BAO / File.php
... / ...
CommitLineData
1<?php
2/*
3 +--------------------------------------------------------------------+
4 | CiviCRM version 5 |
5 +--------------------------------------------------------------------+
6 | Copyright CiviCRM LLC (c) 2004-2019 |
7 +--------------------------------------------------------------------+
8 | This file is a part of CiviCRM. |
9 | |
10 | CiviCRM is free software; you can copy, modify, and distribute it |
11 | under the terms of the GNU Affero General Public License |
12 | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. |
13 | |
14 | CiviCRM is distributed in the hope that it will be useful, but |
15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
17 | See the GNU Affero General Public License for more details. |
18 | |
19 | You should have received a copy of the GNU Affero General Public |
20 | License and the CiviCRM Licensing Exception along |
21 | with this program; if not, contact CiviCRM LLC |
22 | at info[AT]civicrm[DOT]org. If you have questions about the |
23 | GNU Affero General Public License or the licensing of CiviCRM, |
24 | see the CiviCRM license FAQ at http://civicrm.org/licensing |
25 +--------------------------------------------------------------------+
26 */
27
28/**
29 *
30 * @package CRM
31 * @copyright CiviCRM LLC (c) 2004-2019
32 * $Id$
33 *
34 */
35
36/**
37 * BAO object for crm_log table
38 */
39class CRM_Core_BAO_File extends CRM_Core_DAO_File {
40
41 public static $_signableFields = ['entityTable', 'entityID', 'fileID'];
42
43 /**
44 * If there is no setting configured on the admin screens, maximum number
45 * of attachments to try to process when given a list of attachments to
46 * process.
47 */
48 const DEFAULT_MAX_ATTACHMENTS_BACKEND = 100;
49
50 /**
51 * Takes an associative array and creates a File object.
52 *
53 * @param array $params
54 * (reference ) an assoc array of name/value pairs.
55 *
56 * @return CRM_Core_BAO_File
57 */
58 public static function create($params) {
59 $fileDAO = new CRM_Core_DAO_File();
60
61 $op = empty($params['id']) ? 'create' : 'edit';
62
63 CRM_Utils_Hook::pre($op, 'File', CRM_Utils_Array::value('id', $params), $params);
64
65 $fileDAO->copyValues($params);
66
67 if (empty($params['id']) && empty($params['created_id'])) {
68 $fileDAO->created_id = CRM_Core_Session::getLoggedInContactID();
69 }
70
71 $fileDAO->save();
72
73 CRM_Utils_Hook::post($op, 'File', $fileDAO->id, $fileDAO);
74
75 return $fileDAO;
76 }
77
78 /**
79 * @param int $fileID
80 * @param int $entityID
81 *
82 * @return array
83 */
84 public static function path($fileID, $entityID) {
85 $entityFileDAO = new CRM_Core_DAO_EntityFile();
86 $entityFileDAO->entity_id = $entityID;
87 $entityFileDAO->file_id = $fileID;
88
89 if ($entityFileDAO->find(TRUE)) {
90 $fileDAO = new CRM_Core_DAO_File();
91 $fileDAO->id = $fileID;
92 if ($fileDAO->find(TRUE)) {
93 $config = CRM_Core_Config::singleton();
94 $path = $config->customFileUploadDir . $fileDAO->uri;
95
96 if (file_exists($path) && is_readable($path)) {
97 return [$path, $fileDAO->mime_type];
98 }
99 }
100 }
101
102 return [NULL, NULL];
103 }
104
105 /**
106 * @param $data
107 * @param int $fileTypeID
108 * @param $entityTable
109 * @param int $entityID
110 * @param $entitySubtype
111 * @param bool $overwrite
112 * @param null|array $fileParams
113 * @param string $uploadName
114 * @param null $mimeType
115 *
116 * @throws Exception
117 */
118 public static function filePostProcess(
119 $data,
120 $fileTypeID,
121 $entityTable,
122 $entityID,
123 $entitySubtype,
124 $overwrite = TRUE,
125 $fileParams = NULL,
126 $uploadName = 'uploadFile',
127 $mimeType = NULL
128 ) {
129 if (!$mimeType) {
130 CRM_Core_Error::statusBounce(ts('Mime Type is now a required parameter for file upload'));
131 }
132
133 $config = CRM_Core_Config::singleton();
134
135 $path = explode('/', $data);
136 $filename = $path[count($path) - 1];
137
138 // rename this file to go into the secure directory
139 if ($entitySubtype) {
140 $directoryName = $config->customFileUploadDir . $entitySubtype . DIRECTORY_SEPARATOR . $entityID;
141 }
142 else {
143 $directoryName = $config->customFileUploadDir;
144 }
145
146 CRM_Utils_File::createDir($directoryName);
147
148 if (!rename($data, $directoryName . DIRECTORY_SEPARATOR . $filename)) {
149 CRM_Core_Error::statusBounce(ts('Could not move custom file to custom upload directory'));
150 }
151
152 // to get id's
153 if ($overwrite && $fileTypeID) {
154 list($sql, $params) = self::sql($entityTable, $entityID, $fileTypeID);
155 }
156 else {
157 list($sql, $params) = self::sql($entityTable, $entityID, 0);
158 }
159
160 $dao = CRM_Core_DAO::executeQuery($sql, $params);
161 $dao->fetch();
162
163 $fileDAO = new CRM_Core_DAO_File();
164 $op = 'create';
165 if (isset($dao->cfID) && $dao->cfID) {
166 $op = 'edit';
167 $fileDAO->id = $dao->cfID;
168 unlink($directoryName . DIRECTORY_SEPARATOR . $dao->uri);
169 }
170
171 if (!empty($fileParams)) {
172 $fileDAO->copyValues($fileParams);
173 }
174
175 $fileDAO->uri = $filename;
176 $fileDAO->mime_type = $mimeType;
177 $fileDAO->file_type_id = $fileTypeID;
178 $fileDAO->upload_date = date('YmdHis');
179 $fileDAO->save();
180
181 // need to add/update civicrm_entity_file
182 $entityFileDAO = new CRM_Core_DAO_EntityFile();
183 if (isset($dao->cefID) && $dao->cefID) {
184 $entityFileDAO->id = $dao->cefID;
185 }
186 $entityFileDAO->entity_table = $entityTable;
187 $entityFileDAO->entity_id = $entityID;
188 $entityFileDAO->file_id = $fileDAO->id;
189 $entityFileDAO->save();
190
191 //save static tags
192 if (!empty($fileParams['tag'])) {
193 CRM_Core_BAO_EntityTag::create($fileParams['tag'], 'civicrm_file', $entityFileDAO->id);
194 }
195
196 //save free tags
197 if (isset($fileParams['attachment_taglist']) && !empty($fileParams['attachment_taglist'])) {
198 CRM_Core_Form_Tag::postProcess($fileParams['attachment_taglist'], $entityFileDAO->id, 'civicrm_file');
199 }
200
201 // lets call the post hook here so attachments code can do the right stuff
202 CRM_Utils_Hook::post($op, 'File', $fileDAO->id, $fileDAO);
203 }
204
205 /**
206 * A static function wrapper that deletes the various objects.
207 *
208 * Objects are those hat are connected to a file object (i.e. file, entityFile and customValue.
209 *
210 * @param int $fileID
211 * @param int $entityID
212 * @param int $fieldID
213 *
214 * @throws \Exception
215 */
216 public static function deleteFileReferences($fileID, $entityID, $fieldID) {
217 $fileDAO = new CRM_Core_DAO_File();
218 $fileDAO->id = $fileID;
219 if (!$fileDAO->find(TRUE)) {
220 throw new CRM_Core_Exception(ts('File not found'));
221 }
222
223 // lets call a pre hook before the delete, so attachments hooks can get the info before things
224 // disappear
225 CRM_Utils_Hook::pre('delete', 'File', $fileID, $fileDAO);
226
227 // get the table and column name
228 list($tableName, $columnName, $groupID) = CRM_Core_BAO_CustomField::getTableColumnGroup($fieldID);
229
230 $entityFileDAO = new CRM_Core_DAO_EntityFile();
231 $entityFileDAO->file_id = $fileID;
232 $entityFileDAO->entity_id = $entityID;
233 $entityFileDAO->entity_table = $tableName;
234
235 if (!$entityFileDAO->find(TRUE)) {
236 throw new CRM_Core_Exception(sprintf('No record found for given file ID - %d and entity ID - %d', $fileID, $entityID));
237 }
238
239 $entityFileDAO->delete();
240 $fileDAO->delete();
241
242 // also set the value to null of the table and column
243 $query = "UPDATE $tableName SET $columnName = null WHERE $columnName = %1";
244 $params = [1 => [$fileID, 'Integer']];
245 CRM_Core_DAO::executeQuery($query, $params);
246 }
247
248 /**
249 * The $useWhere is used so that the signature matches the parent class
250 *
251 * public function delete($useWhere = FALSE) {
252 * list($fileID, $entityID, $fieldID) = func_get_args();
253 *
254 * self::deleteFileReferences($fileID, $entityID, $fieldID);
255 * } */
256
257 /**
258 * Delete all the files and associated object associated with this combination.
259 *
260 * @param string $entityTable
261 * @param int $entityID
262 * @param int $fileTypeID
263 * @param int $fileID
264 *
265 * @return bool
266 * Was file deleted?
267 */
268 public static function deleteEntityFile($entityTable, $entityID, $fileTypeID = NULL, $fileID = NULL) {
269 $isDeleted = FALSE;
270 if (empty($entityTable) || empty($entityID)) {
271 return $isDeleted;
272 }
273
274 $config = CRM_Core_Config::singleton();
275
276 list($sql, $params) = self::sql($entityTable, $entityID, $fileTypeID, $fileID);
277 $dao = CRM_Core_DAO::executeQuery($sql, $params);
278
279 $cfIDs = [];
280 $cefIDs = [];
281 while ($dao->fetch()) {
282 $cfIDs[$dao->cfID] = $dao->uri;
283 $cefIDs[] = $dao->cefID;
284 }
285
286 if (!empty($cefIDs)) {
287 $cefIDs = implode(',', $cefIDs);
288 $sql = "DELETE FROM civicrm_entity_file where id IN ( $cefIDs )";
289 CRM_Core_DAO::executeQuery($sql);
290 $isDeleted = TRUE;
291 }
292
293 if (!empty($cfIDs)) {
294 // Delete file only if there no any entity using this file.
295 $deleteFiles = [];
296 foreach ($cfIDs as $fId => $fUri) {
297 //delete tags from entity tag table
298 $tagParams = [
299 'entity_table' => 'civicrm_file',
300 'entity_id' => $fId,
301 ];
302
303 CRM_Core_BAO_EntityTag::del($tagParams);
304
305 if (!CRM_Core_DAO::getFieldValue('CRM_Core_DAO_EntityFile', $fId, 'id', 'file_id')) {
306 unlink($config->customFileUploadDir . DIRECTORY_SEPARATOR . $fUri);
307 $deleteFiles[$fId] = $fId;
308 }
309 }
310
311 if (!empty($deleteFiles)) {
312 $deleteFiles = implode(',', $deleteFiles);
313 $sql = "DELETE FROM civicrm_file where id IN ( $deleteFiles )";
314 CRM_Core_DAO::executeQuery($sql);
315 }
316 $isDeleted = TRUE;
317 }
318 return $isDeleted;
319 }
320
321 /**
322 * Get all the files and associated object associated with this combination.
323 *
324 * @param string $entityTable
325 * @param int $entityID
326 * @param bool $addDeleteArgs
327 *
328 * @return array|null
329 */
330 public static function getEntityFile($entityTable, $entityID, $addDeleteArgs = FALSE) {
331 if (empty($entityTable) || !$entityID) {
332 $results = NULL;
333 return $results;
334 }
335
336 $config = CRM_Core_Config::singleton();
337
338 list($sql, $params) = self::sql($entityTable, $entityID, NULL);
339 $dao = CRM_Core_DAO::executeQuery($sql, $params);
340 $results = [];
341 while ($dao->fetch()) {
342 $fileHash = self::generateFileHash($dao->entity_id, $dao->cfID);
343 $result['fileID'] = $dao->cfID;
344 $result['entityID'] = $dao->cefID;
345 $result['mime_type'] = $dao->mime_type;
346 $result['fileName'] = $dao->uri;
347 $result['description'] = $dao->description;
348 $result['cleanName'] = CRM_Utils_File::cleanFileName($dao->uri);
349 $result['fullPath'] = $config->customFileUploadDir . DIRECTORY_SEPARATOR . $dao->uri;
350 $result['url'] = CRM_Utils_System::url('civicrm/file', "reset=1&id={$dao->cfID}&eid={$dao->entity_id}&fcs={$fileHash}");
351 $result['href'] = "<a href=\"{$result['url']}\">{$result['cleanName']}</a>";
352 $result['tag'] = CRM_Core_BAO_EntityTag::getTag($dao->cfID, 'civicrm_file');
353 $result['icon'] = CRM_Utils_File::getIconFromMimeType($dao->mime_type);
354 if ($addDeleteArgs) {
355 $result['deleteURLArgs'] = self::deleteURLArgs($dao->entity_table, $dao->entity_id, $dao->cfID);
356 }
357 $results[$dao->cfID] = $result;
358 }
359
360 //fix tag names
361 $tags = CRM_Core_PseudoConstant::get('CRM_Core_DAO_EntityTag', 'tag_id', ['onlyActive' => FALSE]);
362
363 foreach ($results as &$values) {
364 if (!empty($values['tag'])) {
365 $tagNames = [];
366 foreach ($values['tag'] as $tid) {
367 $tagNames[] = $tags[$tid];
368 }
369 $values['tag'] = implode(', ', $tagNames);
370 }
371 else {
372 $values['tag'] = '';
373 }
374 }
375
376 return $results;
377 }
378
379 /**
380 * @param string $entityTable
381 * Table-name or "*" (to reference files directly by file-id).
382 * @param int $entityID
383 * @param int $fileTypeID
384 * @param int $fileID
385 *
386 * @return array
387 */
388 public static function sql($entityTable, $entityID, $fileTypeID = NULL, $fileID = NULL) {
389 if ($entityTable == '*') {
390 // $entityID is the ID of a specific file
391 $sql = "
392SELECT CF.id as cfID,
393 CF.uri as uri,
394 CF.mime_type as mime_type,
395 CF.description as description,
396 CEF.id as cefID,
397 CEF.entity_table as entity_table,
398 CEF.entity_id as entity_id
399FROM civicrm_file AS CF
400LEFT JOIN civicrm_entity_file AS CEF ON ( CEF.file_id = CF.id )
401WHERE CF.id = %2";
402
403 }
404 else {
405 $sql = "
406SELECT CF.id as cfID,
407 CF.uri as uri,
408 CF.mime_type as mime_type,
409 CF.description as description,
410 CEF.id as cefID,
411 CEF.entity_table as entity_table,
412 CEF.entity_id as entity_id
413FROM civicrm_file AS CF
414LEFT JOIN civicrm_entity_file AS CEF ON ( CEF.file_id = CF.id )
415WHERE CEF.entity_table = %1
416AND CEF.entity_id = %2";
417 }
418
419 $params = [
420 1 => [$entityTable, 'String'],
421 2 => [$entityID, 'Integer'],
422 ];
423
424 if ($fileTypeID !== NULL) {
425 $sql .= " AND CF.file_type_id = %3";
426 $params[3] = [$fileTypeID, 'Integer'];
427 }
428
429 if ($fileID !== NULL) {
430 $sql .= " AND CF.id = %4";
431 $params[4] = [$fileID, 'Integer'];
432 }
433
434 return [$sql, $params];
435 }
436
437 /**
438 * @param CRM_Core_Form $form
439 * @param string $entityTable
440 * @param int $entityID
441 * @param null $numAttachments
442 * @param bool $ajaxDelete
443 */
444 public static function buildAttachment(&$form, $entityTable, $entityID = NULL, $numAttachments = NULL, $ajaxDelete = FALSE) {
445
446 if (!$numAttachments) {
447 $numAttachments = Civi::settings()->get('max_attachments');
448 }
449 // Assign maxAttachments count to template for help message
450 $form->assign('maxAttachments', $numAttachments);
451
452 $config = CRM_Core_Config::singleton();
453 // set default max file size as 2MB
454 $maxFileSize = $config->maxFileSize ? $config->maxFileSize : 2;
455
456 $currentAttachmentInfo = self::getEntityFile($entityTable, $entityID, TRUE);
457 $totalAttachments = 0;
458 if ($currentAttachmentInfo) {
459 $totalAttachments = count($currentAttachmentInfo);
460 $form->add('checkbox', 'is_delete_attachment', ts('Delete All Attachment(s)'));
461 $form->assign('currentAttachmentInfo', $currentAttachmentInfo);
462 }
463 else {
464 $form->assign('currentAttachmentInfo', NULL);
465 }
466
467 if ($totalAttachments) {
468 if ($totalAttachments >= $numAttachments) {
469 $numAttachments = 0;
470 }
471 else {
472 $numAttachments -= $totalAttachments;
473 }
474 }
475
476 $form->assign('numAttachments', $numAttachments);
477
478 CRM_Core_BAO_Tag::getTags('civicrm_file', $tags, NULL,
479 '&nbsp;&nbsp;', TRUE);
480
481 // get tagset info
482 $parentNames = CRM_Core_BAO_Tag::getTagSet('civicrm_file');
483
484 // add attachments
485 for ($i = 1; $i <= $numAttachments; $i++) {
486 $form->addElement('file', "attachFile_$i", ts('Attach File'), 'size=30 maxlength=221');
487 $form->addUploadElement("attachFile_$i");
488 $form->setMaxFileSize($maxFileSize * 1024 * 1024);
489 $form->addRule("attachFile_$i",
490 ts('File size should be less than %1 MByte(s)',
491 [1 => $maxFileSize]
492 ),
493 'maxfilesize',
494 $maxFileSize * 1024 * 1024
495 );
496 $form->addElement('text', "attachDesc_$i", NULL, [
497 'size' => 40,
498 'maxlength' => 255,
499 'placeholder' => ts('Description'),
500 ]);
501
502 if (!empty($tags)) {
503 $form->add('select', "tag_$i", ts('Tags'), $tags, FALSE,
504 [
505 'id' => "tags_$i",
506 'multiple' => 'multiple',
507 'class' => 'huge crm-select2',
508 'placeholder' => ts('- none -'),
509 ]
510 );
511 }
512 CRM_Core_Form_Tag::buildQuickForm($form, $parentNames, 'civicrm_file', NULL, FALSE, TRUE, "file_taglist_$i");
513 }
514 }
515
516 /**
517 * Return a clean url string and the number of attachment for a
518 * given entityTable, entityID
519 *
520 * @param string $entityTable
521 * The entityTable to which the file is attached.
522 * @param int $entityID
523 * The id of the object in the above entityTable.
524 * @param string $separator
525 * The string separator where to implode the urls.
526 *
527 * @return array
528 * An array with 2 elements. The string and the number of attachments
529 */
530 public static function attachmentInfo($entityTable, $entityID, $separator = '<br />') {
531 if (!$entityID) {
532 return NULL;
533 }
534
535 $currentAttachments = self::getEntityFile($entityTable, $entityID);
536 if (!empty($currentAttachments)) {
537 $currentAttachmentURL = [];
538 foreach ($currentAttachments as $fileID => $attach) {
539 $currentAttachmentURL[] = $attach['href'];
540 }
541 return implode($separator, $currentAttachmentURL);
542 }
543 return NULL;
544 }
545
546 /**
547 * @param $formValues
548 * @param array $params
549 * @param $entityTable
550 * @param int $entityID
551 */
552 public static function formatAttachment(
553 &$formValues,
554 &$params,
555 $entityTable,
556 $entityID = NULL
557 ) {
558
559 // delete current attachments if applicable
560 if ($entityID && !empty($formValues['is_delete_attachment'])) {
561 CRM_Core_BAO_File::deleteEntityFile($entityTable, $entityID);
562 }
563
564 $numAttachments = Civi::settings()->get('max_attachments');
565
566 // setup all attachments
567 for ($i = 1; $i <= $numAttachments; $i++) {
568 $attachName = "attachFile_$i";
569 $attachDesc = "attachDesc_$i";
570 $attachTags = "tag_$i";
571 $attachFreeTags = "file_taglist_$i";
572 if (isset($formValues[$attachName]) && !empty($formValues[$attachName])) {
573 // add static tags if selects
574 $tagParams = [];
575 if (!empty($formValues[$attachTags])) {
576 foreach ($formValues[$attachTags] as $tag) {
577 $tagParams[$tag] = 1;
578 }
579 }
580
581 // we dont care if the file is empty or not
582 // CRM-7448
583 $extraParams = [
584 'description' => $formValues[$attachDesc],
585 'tag' => $tagParams,
586 'attachment_taglist' => CRM_Utils_Array::value($attachFreeTags, $formValues, []),
587 ];
588
589 CRM_Utils_File::formatFile($formValues, $attachName, $extraParams);
590
591 // set the formatted attachment attributes to $params, later used by
592 // CRM_Activity_BAO_Activity::sendEmail(...) to send mail with desired attachments
593 if (!empty($formValues[$attachName])) {
594 $params[$attachName] = $formValues[$attachName];
595 }
596 }
597 }
598 }
599
600 /**
601 * @param array $params
602 * @param $entityTable
603 * @param int $entityID
604 */
605 public static function processAttachment(&$params, $entityTable, $entityID) {
606 $numAttachments = Civi::settings()->get('max_attachments_backend') ?? self::DEFAULT_MAX_ATTACHMENTS_BACKEND;
607
608 for ($i = 1; $i <= $numAttachments; $i++) {
609 if (isset($params["attachFile_$i"])) {
610 /**
611 * Moved the second condition into its own if block to avoid changing
612 * how it works if there happens to be an entry that is not an array,
613 * since we now might exit loop early via newly added break below.
614 */
615 if (is_array($params["attachFile_$i"])) {
616 self::filePostProcess(
617 $params["attachFile_$i"]['location'],
618 NULL,
619 $entityTable,
620 $entityID,
621 NULL,
622 TRUE,
623 $params["attachFile_$i"],
624 "attachFile_$i",
625 $params["attachFile_$i"]['type']
626 );
627 }
628 }
629 else {
630 /**
631 * No point looping 100 times if there aren't any more.
632 * This assumes the array is continuous and doesn't skip array keys,
633 * but (a) where would it be doing that, and (b) it would have caused
634 * problems before anyway if there were skipped keys.
635 */
636 break;
637 }
638 }
639 }
640
641 /**
642 * @return array
643 */
644 public static function uploadNames() {
645 $numAttachments = Civi::settings()->get('max_attachments');
646
647 $names = [];
648 for ($i = 1; $i <= $numAttachments; $i++) {
649 $names[] = "attachFile_{$i}";
650 }
651 $names[] = 'uploadFile';
652 return $names;
653 }
654
655 /**
656 * copy/attach an existing file to a different entity
657 * table and id.
658 *
659 * @param $oldEntityTable
660 * @param int $oldEntityId
661 * @param $newEntityTable
662 * @param int $newEntityId
663 */
664 public static function copyEntityFile($oldEntityTable, $oldEntityId, $newEntityTable, $newEntityId) {
665 $oldEntityFile = new CRM_Core_DAO_EntityFile();
666 $oldEntityFile->entity_id = $oldEntityId;
667 $oldEntityFile->entity_table = $oldEntityTable;
668 $oldEntityFile->find();
669
670 while ($oldEntityFile->fetch()) {
671 $newEntityFile = new CRM_Core_DAO_EntityFile();
672 $newEntityFile->entity_id = $newEntityId;
673 $newEntityFile->entity_table = $newEntityTable;
674 $newEntityFile->file_id = $oldEntityFile->file_id;
675 $newEntityFile->save();
676 }
677 }
678
679 /**
680 * @param $entityTable
681 * @param int $entityID
682 * @param int $fileID
683 *
684 * @return string
685 */
686 public static function deleteURLArgs($entityTable, $entityID, $fileID) {
687 $params['entityTable'] = $entityTable;
688 $params['entityID'] = $entityID;
689 $params['fileID'] = $fileID;
690
691 $signer = new CRM_Utils_Signer(CRM_Core_Key::privateKey(), self::$_signableFields);
692 $params['_sgn'] = $signer->sign($params);
693 return CRM_Utils_System::makeQueryString($params);
694 }
695
696 /**
697 * Delete a file attachment from an entity table / entity ID
698 *
699 */
700 public static function deleteAttachment() {
701 $params = [];
702 $params['entityTable'] = CRM_Utils_Request::retrieve('entityTable', 'String', CRM_Core_DAO::$_nullObject, TRUE);
703 $params['entityID'] = CRM_Utils_Request::retrieve('entityID', 'Positive', CRM_Core_DAO::$_nullObject, TRUE);
704 $params['fileID'] = CRM_Utils_Request::retrieve('fileID', 'Positive', CRM_Core_DAO::$_nullObject, TRUE);
705
706 $signature = CRM_Utils_Request::retrieve('_sgn', 'String', CRM_Core_DAO::$_nullObject, TRUE);
707
708 $signer = new CRM_Utils_Signer(CRM_Core_Key::privateKey(), self::$_signableFields);
709 if (!$signer->validate($signature, $params)) {
710 CRM_Core_Error::fatal('Request signature is invalid');
711 }
712
713 self::deleteEntityFile($params['entityTable'], $params['entityID'], NULL, $params['fileID']);
714 }
715
716 /**
717 * Display paper icon for a file attachment -- CRM-13624
718 *
719 * @param string $entityTable
720 * The entityTable to which the file is attached. eg "civicrm_contact", "civicrm_note", "civicrm_activity".
721 * If you have the ID of a specific row in civicrm_file, use $entityTable='*'
722 * @param int $entityID
723 * The id of the object in the above entityTable.
724 *
725 * @return array|NULL
726 * list of HTML snippets; one HTML snippet for each attachment. If none found, then NULL
727 *
728 */
729 public static function paperIconAttachment($entityTable, $entityID) {
730 if (empty($entityTable) || !$entityID) {
731 $results = NULL;
732 return $results;
733 }
734 $currentAttachmentInfo = self::getEntityFile($entityTable, $entityID);
735 foreach ($currentAttachmentInfo as $fileKey => $fileValue) {
736 $fileID = $fileValue['fileID'];
737 if ($fileID) {
738 $fileType = $fileValue['mime_type'];
739 $url = $fileValue['url'];
740 $title = $fileValue['cleanName'];
741 if ($fileType == 'image/jpeg' ||
742 $fileType == 'image/pjpeg' ||
743 $fileType == 'image/gif' ||
744 $fileType == 'image/x-png' ||
745 $fileType == 'image/png'
746 ) {
747 $file_url[$fileID] = "
748 <a href='$url' class='crm-image-popup' title='$title'>
749 <i class='crm-i fa-file-image-o'></i>
750 </a>";
751 }
752 // for non image files
753 else {
754 $file_url[$fileID] = "
755 <a href='$url' title='$title'>
756 <i class='crm-i fa-paperclip'></i>
757 </a>";
758 }
759 }
760 }
761 if (empty($file_url)) {
762 $results = NULL;
763 }
764 else {
765 $results = $file_url;
766 }
767 return $results;
768 }
769
770 /**
771 * Get a reference to the file-search service (if one is available).
772 *
773 * @return CRM_Core_FileSearchInterface|NULL
774 */
775 public static function getSearchService() {
776 $fileSearches = [];
777 CRM_Utils_Hook::fileSearches($fileSearches);
778
779 // use the first available search
780 foreach ($fileSearches as $fileSearch) {
781 /** @var $fileSearch CRM_Core_FileSearchInterface */
782 return $fileSearch;
783 }
784 return NULL;
785 }
786
787 /**
788 * Generates an access-token for downloading a specific file.
789 *
790 * @param int $entityId entity id the file is attached to
791 * @param int $fileId file ID
792 * @param int $genTs
793 * @param int $life
794 * @return string
795 */
796 public static function generateFileHash($entityId = NULL, $fileId = NULL, $genTs = NULL, $life = NULL) {
797 // Use multiple (but stable) inputs for hash information.
798 $siteKey = CRM_Utils_Constant::value('CIVICRM_SITE_KEY');
799 if (!$siteKey) {
800 throw new \CRM_Core_Exception("Cannot generate file access token. Please set CIVICRM_SITE_KEY.");
801 }
802
803 if (!$genTs) {
804 $genTs = time();
805 }
806 if (!$life) {
807 $days = Civi::settings()->get('checksum_timeout');
808 $life = 24 * $days;
809 }
810 // Trim 8 chars off the string, make it slightly easier to find
811 // but reveals less information from the hash.
812 $cs = hash_hmac('sha256', "entity={$entityId}&file={$fileId}&life={$life}", $siteKey);
813 return "{$cs}_{$genTs}_{$life}";
814 }
815
816 /**
817 * Validate a file access token.
818 *
819 * @param string $hash
820 * @param int $entityId Entity Id the file is attached to
821 * @param int $fileId File Id
822 * @return bool
823 */
824 public static function validateFileHash($hash, $entityId, $fileId) {
825 $input = CRM_Utils_System::explode('_', $hash, 3);
826 $inputTs = CRM_Utils_Array::value(1, $input);
827 $inputLF = CRM_Utils_Array::value(2, $input);
828 $testHash = CRM_Core_BAO_File::generateFileHash($entityId, $fileId, $inputTs, $inputLF);
829 if (hash_equals($testHash, $hash)) {
830 $now = time();
831 if ($inputTs + ($inputLF * 60 * 60) >= $now) {
832 return TRUE;
833 }
834 else {
835 return FALSE;
836 }
837 }
838 return FALSE;
839 }
840
841}