4 * uploadlib.php - This class handles all aspects of fileuploading
8 * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
12 //error_reporting(E_ALL ^ E_NOTICE);
14 * This class handles all aspects of fileuploading
16 class upload_manager
{
19 * Array to hold local copies of stuff in $_FILES
24 * Holds all configuration stuff
29 * Keep track of if we're ok
30 * (errors for each file are kept in $files['whatever']['uploadlog']
31 * @var boolean $status
35 * The course this file has been uploaded for. {@link $COURSE}
36 * (for logging and virus notifications)
41 * If we're only getting one file.
42 * (for logging and virus notifications)
43 * @var string $inputname
47 * If we're given silent=true in the constructor, this gets built
48 * up to hold info about the process.
54 * Constructor, sets up configuration stuff so we know how to act.
56 * Note: destination not taken as parameter as some modules want to use the insertid in the path and we need to check the other stuff first.
59 * @param string $inputname If this is given the upload manager will only process the file in $_FILES with this name.
60 * @param boolean $deleteothers Whether to delete other files in the destination directory (optional, defaults to false)
61 * @param boolean $handlecollisions Whether to use {@link handle_filename_collision()} or not. (optional, defaults to false)
62 * @param course $course The course the files are being uploaded for (for logging and virus notifications) {@link $COURSE}
63 * @param boolean $recoverifmultiple If we come across a virus, or if a file doesn't validate or whatever, do we continue? optional, defaults to true.
64 * @param int $modbytes Max bytes for this module - this and $course->maxbytes are used to get the maxbytes from {@link get_max_upload_file_size()}.
65 * @param boolean $silent Whether to notify errors or not.
66 * @param boolean $allownull Whether we care if there's no file when we've set the input name.
67 * @param boolean $allownullmultiple Whether we care if there's no files AT ALL when we've got multiples. This won't complain if we have file 1 and file 3 but not file 2, only for NO FILES AT ALL.
69 function upload_manager($inputname='', $deleteothers=false, $handlecollisions=false, $course=null, $recoverifmultiple=false, $modbytes=0, $silent=false, $allownull=false, $allownullmultiple=true) {
73 if (empty($course->id
)) {
77 $this->config
->deleteothers
= $deleteothers;
78 $this->config
->handlecollisions
= $handlecollisions;
79 $this->config
->recoverifmultiple
= $recoverifmultiple;
80 $this->config
->maxbytes
= get_max_upload_file_size($CFG->maxbytes
, $course->maxbytes
, $modbytes);
81 $this->config
->silent
= $silent;
82 $this->config
->allownull
= $allownull;
83 $this->files
= array();
84 $this->status
= false;
85 $this->course
= $course;
86 $this->inputname
= $inputname;
87 if (empty($this->inputname
)) {
88 $this->config
->allownull
= $allownullmultiple;
93 * Gets all entries out of $_FILES and stores them locally in $files and then
94 * checks each one against {@link get_max_upload_file_size()} and calls {@link cleanfilename()}
95 * and scans them for viruses etc.
100 function preprocess_files() {
103 foreach ($_FILES as $name => $file) {
104 $this->status
= true; // only set it to true here so that we can check if this function has been called.
105 if (empty($this->inputname
) ||
$name == $this->inputname
) { // if we have input name, only process if it matches.
106 $file['originalname'] = $file['name']; // do this first for the log.
107 $this->files
[$name] = $file; // put it in first so we can get uploadlog out in print_upload_log.
108 $this->files
[$name]['uploadlog'] = ''; // initialize error log
109 $this->status
= $this->validate_file($this->files
[$name]); // default to only allowing empty on multiple uploads.
110 if (!$this->status
&& ($this->files
[$name]['error'] == 0 ||
$this->files
[$name]['error'] == 4) && ($this->config
->allownull ||
empty($this->inputname
))) {
111 // this shouldn't cause everything to stop.. modules should be responsible for knowing which if any are compulsory.
114 if ($this->status
&& !empty($CFG->runclamonupload
)) {
115 $this->status
= clam_scan_moodle_file($this->files
[$name],$this->course
);
117 if (!$this->status
) {
118 if (!$this->config
->recoverifmultiple
&& count($this->files
) > 1) {
119 $a->name
= $this->files
[$name]['originalname'];
120 $a->problem
= $this->files
[$name]['uploadlog'];
121 if (!$this->config
->silent
) {
122 notify(get_string('uploadfailednotrecovering','moodle',$a));
125 $this->notify
.= '<br />'. get_string('uploadfailednotrecovering','moodle',$a);
127 $this->status
= false;
130 } else if (count($this->files
) == 1) {
132 if (!$this->config
->silent
and !$this->config
->allownull
) {
133 notify($this->files
[$name]['uploadlog']);
135 $this->notify
.= '<br />'. $this->files
[$name]['uploadlog'];
137 $this->status
= false;
142 $newname = clean_filename($this->files
[$name]['name']);
143 if ($newname != $this->files
[$name]['name']) {
144 $a->oldname
= $this->files
[$name]['name'];
145 $a->newname
= $newname;
146 $this->files
[$name]['uploadlog'] .= get_string('uploadrenamedchars','moodle', $a);
148 $this->files
[$name]['name'] = $newname;
149 $this->files
[$name]['clear'] = true; // ok to save.
150 $this->config
->somethingtosave
= true;
154 if (!is_array($_FILES) ||
count($_FILES) == 0) {
155 return $this->config
->allownull
;
157 $this->status
= true;
158 return true; // if we've got this far it means that we're recovering so we want status to be ok.
162 * Validates a single file entry from _FILES
164 * @param object $file The entry from _FILES to validate
165 * @return boolean True if ok.
167 function validate_file(&$file) {
171 if (!is_uploaded_file($file['tmp_name']) ||
$file['size'] == 0) {
172 $file['uploadlog'] .= "\n".$this->get_file_upload_error($file);
175 if ($file['size'] > $this->config
->maxbytes
) {
176 $file['uploadlog'] .= "\n". get_string('uploadedfiletoobig', 'moodle', $this->config
->maxbytes
);
183 * Moves all the files to the destination directory.
187 * @param string $destination The destination directory.
188 * @return boolean status;
190 function save_files($destination) {
193 if (!$this->status
) { // preprocess_files hasn't been run
194 $this->preprocess_files();
197 // if there are no files, bail before we create an empty directory.
198 if (empty($this->config
->somethingtosave
)) {
202 $savedsomething = false;
205 if (!(strpos($destination, $CFG->dataroot
) === false)) {
206 // take it out for giving to make_upload_directory
207 $destination = substr($destination, strlen($CFG->dataroot
)+
1);
210 if ($destination{strlen($destination)-1} == '/') { // strip off a trailing / if we have one
211 $destination = substr($destination, 0, -1);
214 if (!make_upload_directory($destination, true)) { //TODO maybe put this function here instead of moodlelib.php now.
215 $this->status
= false;
219 $destination = $CFG->dataroot
.'/'. $destination; // now add it back in so we have a full path
221 $exceptions = array(); //need this later if we're deleting other files.
223 foreach (array_keys($this->files
) as $i) {
225 if (!$this->files
[$i]['clear']) {
230 if ($this->config
->handlecollisions
) {
231 $this->handle_filename_collision($destination, $this->files
[$i]);
233 if (move_uploaded_file($this->files
[$i]['tmp_name'], $destination.'/'.$this->files
[$i]['name'])) {
234 chmod($destination .'/'. $this->files
[$i]['name'], $CFG->directorypermissions
);
235 $this->files
[$i]['fullpath'] = $destination.'/'.$this->files
[$i]['name'];
236 $this->files
[$i]['uploadlog'] .= "\n".get_string('uploadedfile');
237 $this->files
[$i]['saved'] = true;
238 $exceptions[] = $this->files
[$i]['name'];
239 // now add it to the log (this is important so we know who to notify if a virus is found later on)
240 clam_log_upload($this->files
[$i]['fullpath'], $this->course
);
241 $savedsomething=true;
244 if ($savedsomething && $this->config
->deleteothers
) {
245 $this->delete_other_files($destination, $exceptions);
248 if (empty($savedsomething)) {
249 $this->status
= false;
250 if ((empty($this->config
->allownull
) && !empty($this->inputname
)) ||
(empty($this->inputname
) && empty($this->config
->allownullmultiple
))) {
251 notify(get_string('uploadnofilefound'));
255 return $this->status
;
259 * Wrapper function that calls {@link preprocess_files()} and {@link viruscheck_files()} and then {@link save_files()}
260 * Modules that require the insert id in the filepath should not use this and call these functions seperately in the required order.
261 * @parameter string $destination Where to save the uploaded files to.
264 function process_file_uploads($destination) {
265 if ($this->preprocess_files()) {
266 return $this->save_files($destination);
272 * Deletes all the files in a given directory except for the files in $exceptions (full paths)
274 * @param string $destination The directory to clean up.
275 * @param array $exceptions Full paths of files to KEEP.
277 function delete_other_files($destination, $exceptions=null) {
278 $deletedsomething = false;
279 if ($filestodel = get_directory_list($destination)) {
280 foreach ($filestodel as $file) {
281 if (!is_array($exceptions) ||
!in_array($file, $exceptions)) {
282 unlink($destination .'/'. $file);
283 $deletedsomething = true;
287 if ($deletedsomething) {
288 if (!$this->config
->silent
) {
289 notify(get_string('uploadoldfilesdeleted'));
292 $this->notify
.= '<br />'. get_string('uploadoldfilesdeleted');
298 * Handles filename collisions - if the desired filename exists it will rename it according to the pattern in $format
299 * @param string $destination Destination directory (to check existing files against)
300 * @param object $file Passed in by reference. The current file from $files we're processing.
301 * @return void - modifies &$file parameter.
303 function handle_filename_collision($destination, &$file) {
304 if (!file_exists($destination .'/'. $file['name'])) {
308 $parts = explode('.', $file['name']);
309 if (count($parts) > 1) {
310 $extension = '.'.array_pop($parts);
311 $name = implode('.', $parts);
314 $name = $file['name'];
318 if (preg_match('/^(.*)_(\d*)$/s', $name, $matches)) {
320 $current = (int)$matches[2];
324 while (!$this->check_before_renaming($destination, $name.'_'.$i.$extension, $file)) {
328 $a->oldname
= $file['name'];
329 $file['name'] = $name.'_'.$i.$extension;
330 $a->newname
= $file['name'];
331 $file['uploadlog'] .= "\n". get_string('uploadrenamedcollision','moodle', $a);
335 * This function checks a potential filename against what's on the filesystem already and what's been saved already.
336 * @param string $destination Destination directory (to check existing files against)
337 * @param string $nametocheck The filename to be compared.
338 * @param object $file The current file from $files we're processing.
341 function check_before_renaming($destination, $nametocheck, $file) {
342 if (!file_exists($destination .'/'. $nametocheck)) {
345 if ($this->config
->deleteothers
) {
346 foreach ($this->files
as $tocheck) {
347 // if we're deleting files anyway, it's not THIS file and we care about it and it has the same name and has already been saved..
348 if ($file['tmp_name'] != $tocheck['tmp_name'] && $tocheck['clear'] && $nametocheck == $tocheck['name'] && $tocheck['saved']) {
362 * @param object $file Passed in by reference. The current file from $files we're processing.
364 * @todo Finish documenting this function
366 function get_file_upload_error(&$file) {
368 switch ($file['error']) {
369 case 0: // UPLOAD_ERR_OK
370 if ($file['size'] > 0) {
371 $errmessage = get_string('uploadproblem', $file['name']);
373 $errmessage = get_string('uploadnofilefound'); /// probably a dud file name
377 case 1: // UPLOAD_ERR_INI_SIZE
378 $errmessage = get_string('uploadserverlimit');
381 case 2: // UPLOAD_ERR_FORM_SIZE
382 $errmessage = get_string('uploadformlimit');
385 case 3: // UPLOAD_ERR_PARTIAL
386 $errmessage = get_string('uploadpartialfile');
389 case 4: // UPLOAD_ERR_NO_FILE
390 $errmessage = get_string('uploadnofilefound');
393 // Note: there is no error with a value of 5
395 case 6: // UPLOAD_ERR_NO_TMP_DIR
396 $errmessage = get_string('uploadnotempdir');
399 case 7: // UPLOAD_ERR_CANT_WRITE
400 $errmessage = get_string('uploadcantwrite');
403 case 8: // UPLOAD_ERR_EXTENSION
404 $errmessage = get_string('uploadextension');
408 $errmessage = get_string('uploadproblem', $file['name']);
414 * prints a log of everything that happened (of interest) to each file in _FILES
415 * @param $return - optional, defaults to false (log is echoed)
417 function print_upload_log($return=false,$skipemptyifmultiple=false) {
419 foreach (array_keys($this->files
) as $i => $key) {
420 if (count($this->files
) > 1 && !empty($skipemptyifmultiple) && $this->files
[$key]['error'] == 4) {
423 $str .= '<strong>'. get_string('uploadfilelog', 'moodle', $i+
1) .' '
424 .((!empty($this->files
[$key]['originalname'])) ?
'('.$this->files
[$key]['originalname'].')' : '')
425 .'</strong> :'. nl2br($this->files
[$key]['uploadlog']) .'<br />';
434 * If we're only handling one file (if inputname was given in the constructor) this will return the (possibly changed) filename of the file.
437 function get_new_filename() {
438 if (!empty($this->inputname
) and count($this->files
) == 1 and $this->files
[$this->inputname
]['error'] != 4) {
439 return $this->files
[$this->inputname
]['name'];
445 * If we're only handling one file (if input name was given in the constructor) this will return the full path to the saved file.
448 function get_new_filepath() {
449 if (!empty($this->inputname
) and count($this->files
) == 1 and $this->files
[$this->inputname
]['error'] != 4) {
450 return $this->files
[$this->inputname
]['fullpath'];
456 * If we're only handling one file (if inputname was given in the constructor) this will return the ORIGINAL filename of the file.
459 function get_original_filename() {
460 if (!empty($this->inputname
) and count($this->files
) == 1 and $this->files
[$this->inputname
]['error'] != 4) {
461 return $this->files
[$this->inputname
]['originalname'];
467 * This function returns any errors wrapped up in red.
470 function get_errors() {
471 if (!empty($this->notify
)) {
472 return '<p class="notifyproblem">'. $this->notify
.'</p>';
479 /**************************************************************************************
480 THESE FUNCTIONS ARE OUTSIDE THE CLASS BECAUSE THEY NEED TO BE CALLED FROM OTHER PLACES.
481 FOR EXAMPLE CLAM_HANDLE_INFECTED_FILE AND CLAM_REPLACE_INFECTED_FILE USED FROM CRON
482 UPLOAD_PRINT_FORM_FRAGMENT DOESN'T REALLY BELONG IN THE CLASS BUT CERTAINLY IN THIS FILE
483 ***************************************************************************************/
487 * This function prints out a number of upload form elements.
489 * @param int $numfiles The number of elements required (optional, defaults to 1)
490 * @param array $names Array of element names to use (optional, defaults to FILE_n)
491 * @param array $descriptions Array of strings to be printed out before each file bit.
492 * @param boolean $uselabels -Whether to output text fields for file descriptions or not (optional, defaults to false)
493 * @param array $labelnames Array of element names to use for labels (optional, defaults to LABEL_n)
494 * @param int $coursebytes $coursebytes and $maxbytes are used to calculate upload max size ( using {@link get_max_upload_file_size})
495 * @param int $modbytes $coursebytes and $maxbytes are used to calculate upload max size ( using {@link get_max_upload_file_size})
496 * @param boolean $return -Whether to return the string (defaults to false - string is echoed)
497 * @return string Form returned as string if $return is true
499 function upload_print_form_fragment($numfiles=1, $names=null, $descriptions=null, $uselabels=false, $labelnames=null, $coursebytes=0, $modbytes=0, $return=false) {
501 $maxbytes = get_max_upload_file_size($CFG->maxbytes
, $coursebytes, $modbytes);
502 $str = '<input type="hidden" name="MAX_FILE_SIZE" value="'. $maxbytes .'" />'."\n";
503 for ($i = 0; $i < $numfiles; $i++
) {
504 if (is_array($descriptions) && !empty($descriptions[$i])) {
505 $str .= '<strong>'. $descriptions[$i] .'</strong><br />';
507 $name = ((is_array($names) && !empty($names[$i])) ?
$names[$i] : 'FILE_'.$i);
508 $str .= '<input type="file" size="50" name="'. $name .'" alt="'. $name .'" /><br />'."\n";
510 $lname = ((is_array($labelnames) && !empty($labelnames[$i])) ?
$labelnames[$i] : 'LABEL_'.$i);
511 $str .= get_string('uploadlabel').' <input type="text" size="50" name="'. $lname .'" alt="'. $lname
512 .'" /><br /><br />'."\n";
525 * Deals with an infected file - either moves it to a quarantinedir
526 * (specified in CFG->quarantinedir) or deletes it.
528 * If moving it fails, it deletes it.
532 * @param string $file Full path to the file
533 * @param int $userid If not used, defaults to $USER->id (there in case called from cron)
534 * @param boolean $basiconly Admin level reporting or user level reporting.
535 * @return string Details of what the function did.
537 function clam_handle_infected_file($file, $userid=0, $basiconly=false) {
540 if ($USER && !$userid) {
544 if (file_exists($CFG->quarantinedir
) && is_dir($CFG->quarantinedir
) && is_writable($CFG->quarantinedir
)) {
545 $now = date('YmdHis');
546 if (rename($file, $CFG->quarantinedir
.'/'. $now .'-user-'. $userid .'-infected')) {
548 clam_log_infected($file, $CFG->quarantinedir
.'/'. $now .'-user-'. $userid .'-infected', $userid);
550 $notice .= "\n". get_string('clammovedfilebasic');
553 $notice .= "\n". get_string('clammovedfile', 'moodle', $CFG->quarantinedir
.'/'. $now .'-user-'. $userid .'-infected');
558 $notice .= "\n". get_string('clamdeletedfile');
561 $notice .= "\n". get_string('clamquarantinedirfailed', 'moodle', $CFG->quarantinedir
);
567 $notice .= "\n". get_string('clamdeletedfile');
570 $notice .= "\n". get_string('clamquarantinedirfailed', 'moodle', $CFG->quarantinedir
);
575 clam_log_infected($file, '', $userid);
576 $notice .= "\n". get_string('clamdeletedfile');
580 // still tell the user the file has been deleted. this is only for admins.
581 $notice .= "\n". get_string('clamdeletedfile');
584 $notice .= "\n". get_string('clamdeletedfilefailed');
592 * Replaces the given file with a string.
594 * The replacement string is used to notify that the original file had a virus
595 * This is to avoid missing files but could result in the wrong content-type.
596 * @param string $file Full path to the file.
599 function clam_replace_infected_file($file) {
600 $newcontents = get_string('virusplaceholder');
601 if (!$f = fopen($file, 'w')) {
604 if (!fwrite($f, $newcontents)) {
612 * If $CFG->runclamonupload is set, we scan a given file. (called from {@link preprocess_files()})
614 * This function will add on a uploadlog index in $file.
615 * @param mixed $file The file to scan from $files. or an absolute path to a file.
616 * @param course $course {@link $COURSE}
617 * @return int 1 if good, 0 if something goes wrong (opposite from actual error code from clam)
619 function clam_scan_moodle_file(&$file, $course) {
622 if (is_array($file) && is_uploaded_file($file['tmp_name'])) { // it's from $_FILES
624 $fullpath = $file['tmp_name'];
626 else if (file_exists($file)) { // it's a path to somewhere on the filesystem!
630 return false; // erm, what is this supposed to be then, huh?
633 $CFG->pathtoclam
= trim($CFG->pathtoclam
);
635 if (!$CFG->pathtoclam ||
!file_exists($CFG->pathtoclam
) ||
!is_executable($CFG->pathtoclam
)) {
637 $notice = get_string('clamlost', 'moodle', $CFG->pathtoclam
);
638 if ($CFG->clamfailureonupload
== 'actlikevirus') {
639 $notice .= "\n". get_string('clamlostandactinglikevirus');
640 $notice .= "\n". clam_handle_infected_file($fullpath);
643 clam_mail_admins($notice);
645 $file['uploadlog'] .= "\n". get_string('clambroken');
648 return $newreturn; // return 1 if we're allowing clam failures
651 $cmd = $CFG->pathtoclam
.' '. $fullpath ." 2>&1";
653 // before we do anything we need to change perms so that clamscan can read the file (clamdscan won't work otherwise)
654 chmod($fullpath,0644);
656 exec($cmd, $output, $return);
660 case 0: // glee! we're ok.
661 return 1; // translate clam return code into reasonable return code consistent with everything else.
662 case 1: // bad wicked evil, we have a virus.
663 if (!empty($course)) {
664 $info->course
= $course->fullname
;
667 $info->course
= 'No course';
669 $info->user
= fullname($USER);
670 $notice = get_string('virusfound', 'moodle', $info);
671 $notice .= "\n\n". implode("\n", $output);
672 $notice .= "\n\n". clam_handle_infected_file($fullpath);
673 clam_mail_admins($notice);
675 $info->filename
= $file['originalname'];
676 $file['uploadlog'] .= "\n". get_string('virusfounduser', 'moodle', $info);
679 return false; // in this case, 0 means bad.
681 // error - clam failed to run or something went wrong
682 $notice .= get_string('clamfailed', 'moodle', get_clam_error_code($return));
683 $notice .= "\n\n". implode("\n", $output);
685 if ($CFG->clamfailureonupload
== 'actlikevirus') {
686 $notice .= "\n". clam_handle_infected_file($fullpath);
689 clam_mail_admins($notice);
691 $file['uploadlog'] .= "\n". get_string('clambroken');
694 return $newreturn; // return 1 if we're allowing failures.
699 * Emails admins about a clam outcome
701 * @param string $notice The body of the email to be sent.
703 function clam_mail_admins($notice) {
707 $subject = get_string('clamemailsubject', 'moodle', format_string($site->fullname
));
708 $admins = get_admins();
709 foreach ($admins as $admin) {
710 email_to_user($admin, get_admin(), $subject, $notice);
716 * Returns the string equivalent of a numeric clam error code
718 * @param int $returncode The numeric error code in question.
719 * return string The definition of the error code
721 function get_clam_error_code($returncode) {
722 $returncodes = array();
723 $returncodes[0] = 'No virus found.';
724 $returncodes[1] = 'Virus(es) found.';
725 $returncodes[2] = ' An error occured'; // specific to clamdscan
726 // all after here are specific to clamscan
727 $returncodes[40] = 'Unknown option passed.';
728 $returncodes[50] = 'Database initialization error.';
729 $returncodes[52] = 'Not supported file type.';
730 $returncodes[53] = 'Can\'t open directory.';
731 $returncodes[54] = 'Can\'t open file. (ofm)';
732 $returncodes[55] = 'Error reading file. (ofm)';
733 $returncodes[56] = 'Can\'t stat input file / directory.';
734 $returncodes[57] = 'Can\'t get absolute path name of current working directory.';
735 $returncodes[58] = 'I/O error, please check your filesystem.';
736 $returncodes[59] = 'Can\'t get information about current user from /etc/passwd.';
737 $returncodes[60] = 'Can\'t get information about user \'clamav\' (default name) from /etc/passwd.';
738 $returncodes[61] = 'Can\'t fork.';
739 $returncodes[63] = 'Can\'t create temporary files/directories (check permissions).';
740 $returncodes[64] = 'Can\'t write to temporary directory (please specify another one).';
741 $returncodes[70] = 'Can\'t allocate and clear memory (calloc).';
742 $returncodes[71] = 'Can\'t allocate memory (malloc).';
743 if ($returncodes[$returncode])
744 return $returncodes[$returncode];
745 return get_string('clamunknownerror');
750 * Adds a file upload to the log table so that clam can resolve the filename to the user later if necessary
754 * @param string $newfilepath ?
755 * @param course $course {@link $COURSE}
756 * @param boolean $nourl ?
757 * @todo Finish documenting this function
759 function clam_log_upload($newfilepath, $course=null, $nourl=false) {
761 // get rid of any double // that might have appeared
762 $newfilepath = preg_replace('/\/\//', '/', $newfilepath);
763 if (strpos($newfilepath, $CFG->dataroot
) === false) {
764 $newfilepath = $CFG->dataroot
.'/'. $newfilepath;
768 $courseid = $course->id
;
770 add_to_log($courseid, 'upload', 'upload', ((!$nourl) ?
substr($_SERVER['HTTP_REFERER'], 0, 100) : ''), $newfilepath);
774 * This function logs to error_log and to the log table that an infected file has been found and what's happened to it.
776 * @param string $oldfilepath Full path to the infected file before it was moved.
777 * @param string $newfilepath Full path to the infected file since it was moved to the quarantine directory (if the file was deleted, leave empty).
778 * @param int $userid The user id of the user who uploaded the file.
780 function clam_log_infected($oldfilepath='', $newfilepath='', $userid=0) {
782 add_to_log(0, 'upload', 'infected', $_SERVER['HTTP_REFERER'], $oldfilepath, 0, $userid);
784 $user = get_record('user', 'id', $userid);
786 $errorstr = 'Clam AV has found a file that is infected with a virus. It was uploaded by '
787 . ((empty($user)) ?
' an unknown user ' : fullname($user))
788 . ((empty($oldfilepath)) ?
'. The infected file was caught on upload ('.$oldfilepath.')'
789 : '. The original file path of the infected file was '. $oldfilepath)
790 . ((empty($newfilepath)) ?
'. The file has been deleted ' : '. The file has been moved to a quarantine directory and the new path is '. $newfilepath);
792 error_log($errorstr);
797 * Some of the modules allow moving attachments (glossary), in which case we need to hunt down an original log and change the path.
800 * @param string $oldpath The old path to the file (should be in the log)
801 * @param string $newpath The new path to the file
802 * @param boolean $update If true this function will overwrite old record (used for forum moving etc).
804 function clam_change_log($oldpath, $newpath, $update=true) {
807 if (!$record = get_record('log', 'info', $oldpath, 'module', 'upload')) {
810 $record->info
= $newpath;
812 update_record('log', $record);
816 insert_record('log', $record);