Project

General

Profile

Paste
Download (40.7 KB) Statistics
| Branch: | Revision:

root / drupal7 / modules / file / file.module @ b0dc3a2e

1
<?php
2

    
3
/**
4
 * @file
5
 * Defines a "managed_file" Form API field and a "file" field for Field module.
6
 */
7

    
8
// Load all Field module hooks for File.
9
require_once DRUPAL_ROOT . '/modules/file/file.field.inc';
10

    
11
/**
12
 * Implements hook_help().
13
 */
14
function file_help($path, $arg) {
15
  switch ($path) {
16
    case 'admin/help#file':
17
      $output = '';
18
      $output .= '<h3>' . t('About') . '</h3>';
19
      $output .= '<p>' . t('The File module defines a <em>File</em> field type for the Field module, which lets you manage and validate uploaded files attached to content on your site (see the <a href="@field-help">Field module help page</a> for more information about fields). For more information, see the online handbook entry for <a href="@file">File module</a>.', array('@field-help' => url('admin/help/field'), '@file' => 'http://drupal.org/documentation/modules/file')) . '</p>';
20
      $output .= '<h3>' . t('Uses') . '</h3>';
21
      $output .= '<dl>';
22
      $output .= '<dt>' . t('Attaching files to content') . '</dt>';
23
      $output .= '<dd>' . t('The File module allows users to attach files to content (e.g., PDF files, spreadsheets, etc.), when a <em>File</em> field is added to a given content type using the <a href="@fieldui-help">Field UI module</a>. You can add validation options to your File field, such as specifying a maximum file size and allowed file extensions.', array('@fieldui-help' => url('admin/help/field_ui'))) . '</dd>';
24
      $output .= '<dt>' . t('Managing attachment display') . '</dt>';
25
      $output .= '<dd>' . t('When you attach a file to content, you can specify whether it is <em>listed</em> or not. Listed files are displayed automatically in a section at the bottom of your content; non-listed files are available for embedding in your content, but are not included in the list at the bottom.') . '</dd>';
26
      $output .= '<dt>' . t('Managing file locations') . '</dt>';
27
      $output .= '<dd>' . t("When you create a File field, you can specify a directory where the files will be stored, which can be within either the <em>public</em> or <em>private</em> files directory. Files in the public directory can be accessed directly through the web server; when public files are listed, direct links to the files are used, and anyone who knows a file's URL can download the file. Files in the private directory are not accessible directly through the web server; when private files are listed, the links are Drupal path requests. This adds to server load and download time, since Drupal must start up and resolve the path for each file download request, but allows for access restrictions.") . '</dd>';
28
      $output .= '</dl>';
29
      return $output;
30
  }
31
}
32

    
33
/**
34
 * Implements hook_menu().
35
 */
36
function file_menu() {
37
  $items = array();
38

    
39
  $items['file/ajax'] = array(
40
    'page callback' => 'file_ajax_upload',
41
    'delivery callback' => 'ajax_deliver',
42
    'access arguments' => array('access content'),
43
    'theme callback' => 'ajax_base_page_theme',
44
    'type' => MENU_CALLBACK,
45
  );
46
  $items['file/progress'] = array(
47
    'page callback' => 'file_ajax_progress',
48
    'access arguments' => array('access content'),
49
    'theme callback' => 'ajax_base_page_theme',
50
    'type' => MENU_CALLBACK,
51
  );
52

    
53
  return $items;
54
}
55

    
56
/**
57
 * Implements hook_element_info().
58
 *
59
 * The managed file element may be used anywhere in Drupal.
60
 */
61
function file_element_info() {
62
  $file_path = drupal_get_path('module', 'file');
63
  $types['managed_file'] = array(
64
    '#input' => TRUE,
65
    '#process' => array('file_managed_file_process'),
66
    '#value_callback' => 'file_managed_file_value',
67
    '#element_validate' => array('file_managed_file_validate'),
68
    '#pre_render' => array('file_managed_file_pre_render'),
69
    '#theme' => 'file_managed_file',
70
    '#theme_wrappers' => array('form_element'),
71
    '#progress_indicator' => 'throbber',
72
    '#progress_message' => NULL,
73
    '#upload_validators' => array(),
74
    '#upload_location' => NULL,
75
    '#size' => 22,
76
    '#extended' => FALSE,
77
    '#attached' => array(
78
      'css' => array($file_path . '/file.css'),
79
      'js' => array($file_path . '/file.js'),
80
    ),
81
  );
82
  return $types;
83
}
84

    
85
/**
86
 * Implements hook_theme().
87
 */
88
function file_theme() {
89
  return array(
90
    // file.module.
91
    'file_link' => array(
92
      'variables' => array('file' => NULL, 'icon_directory' => NULL),
93
    ),
94
    'file_icon' => array(
95
      'variables' => array('file' => NULL, 'icon_directory' => NULL, 'alt' => ''),
96
    ),
97
    'file_managed_file' => array(
98
      'render element' => 'element',
99
    ),
100

    
101
    // file.field.inc.
102
    'file_widget' => array(
103
      'render element' => 'element',
104
    ),
105
    'file_widget_multiple' => array(
106
      'render element' => 'element',
107
    ),
108
    'file_formatter_table' => array(
109
      'variables' => array('items' => NULL),
110
    ),
111
    'file_upload_help' => array(
112
      'variables' => array('description' => NULL, 'upload_validators' => NULL),
113
    ),
114
  );
115
}
116

    
117
/**
118
 * Implements hook_file_download().
119
 *
120
 * This function takes an extra parameter $field_type so that it may
121
 * be re-used by other File-like modules, such as Image.
122
 */
123
function file_file_download($uri, $field_type = 'file') {
124
  global $user;
125

    
126
  // Get the file record based on the URI. If not in the database just return.
127
  $files = file_load_multiple(array(), array('uri' => $uri));
128
  if (count($files)) {
129
    foreach ($files as $item) {
130
      // Since some database servers sometimes use a case-insensitive comparison
131
      // by default, double check that the filename is an exact match.
132
      if ($item->uri === $uri) {
133
        $file = $item;
134
        break;
135
      }
136
    }
137
  }
138
  if (!isset($file)) {
139
    return;
140
  }
141

    
142
  // Find out which (if any) fields of this type contain the file.
143
  $references = file_get_file_references($file, NULL, FIELD_LOAD_CURRENT, $field_type);
144

    
145
  // Stop processing if there are no references in order to avoid returning
146
  // headers for files controlled by other modules. Make an exception for
147
  // temporary files where the host entity has not yet been saved (for example,
148
  // an image preview on a node/add form) in which case, allow download by the
149
  // file's owner.
150
  if (empty($references) && ($file->status == FILE_STATUS_PERMANENT || $file->uid != $user->uid)) {
151
      return;
152
  }
153

    
154
  // Default to allow access.
155
  $denied = FALSE;
156
  // Loop through all references of this file. If a reference explicitly allows
157
  // access to the field to which this file belongs, no further checks are done
158
  // and download access is granted. If a reference denies access, eventually
159
  // existing additional references are checked. If all references were checked
160
  // and no reference denied access, access is granted as well. If at least one
161
  // reference denied access, access is denied.
162
  foreach ($references as $field_name => $field_references) {
163
    foreach ($field_references as $entity_type => $type_references) {
164
      foreach ($type_references as $id => $reference) {
165
        // Try to load $entity and $field.
166
        $entity = entity_load($entity_type, array($id));
167
        $entity = reset($entity);
168
        $field = field_info_field($field_name);
169

    
170
        // Load the field item that references the file.
171
        $field_item = NULL;
172
        if ($entity) {
173
          // Load all field items for that entity.
174
          $field_items = field_get_items($entity_type, $entity, $field_name);
175

    
176
          // Find the field item with the matching URI.
177
          foreach ($field_items as $item) {
178
            if ($item['uri'] == $uri) {
179
              $field_item = $item;
180
              break;
181
            }
182
          }
183
        }
184

    
185
        // Check that $entity, $field and $field_item were loaded successfully
186
        // and check if access to that field is not disallowed. If any of these
187
        // checks fail, stop checking access for this reference.
188
        if (empty($entity) || empty($field) || empty($field_item) || !field_access('view', $field, $entity_type, $entity)) {
189
          $denied = TRUE;
190
          break;
191
        }
192

    
193
        // Invoke hook and collect grants/denies for download access.
194
        // Default to FALSE and let entities overrule this ruling.
195
        $grants = array('system' => FALSE);
196
        foreach (module_implements('file_download_access') as $module) {
197
          $grants = array_merge($grants, array($module => module_invoke($module, 'file_download_access', $field_item, $entity_type, $entity)));
198
        }
199
        // Allow other modules to alter the returned grants/denies.
200
        drupal_alter('file_download_access', $grants, $field_item, $entity_type, $entity);
201

    
202
        if (in_array(TRUE, $grants)) {
203
          // If TRUE is returned, access is granted and no further checks are
204
          // necessary.
205
          $denied = FALSE;
206
          break 3;
207
        }
208

    
209
        if (in_array(FALSE, $grants)) {
210
          // If an implementation returns FALSE, access to this entity is denied
211
          // but the file could belong to another entity to which the user might
212
          // have access. Continue with these.
213
          $denied = TRUE;
214
        }
215
      }
216
    }
217
  }
218

    
219
  // Access specifically denied.
220
  if ($denied) {
221
    return -1;
222
  }
223

    
224
  // Access is granted.
225
  $headers = file_get_content_headers($file);
226
  return $headers;
227
}
228

    
229
/**
230
 * Menu callback; Shared Ajax callback for file uploads and deletions.
231
 *
232
 * This rebuilds the form element for a particular field item. As long as the
233
 * form processing is properly encapsulated in the widget element the form
234
 * should rebuild correctly using FAPI without the need for additional callbacks
235
 * or processing.
236
 */
237
function file_ajax_upload() {
238
  $form_parents = func_get_args();
239
  $form_build_id = (string) array_pop($form_parents);
240

    
241
  if (empty($_POST['form_build_id']) || $form_build_id != $_POST['form_build_id']) {
242
    // Invalid request.
243
    drupal_set_message(t('An unrecoverable error occurred. The uploaded file likely exceeded the maximum file size (@size) that this server supports.', array('@size' => format_size(file_upload_max_size()))), 'error');
244
    $commands = array();
245
    $commands[] = ajax_command_replace(NULL, theme('status_messages'));
246
    return array('#type' => 'ajax', '#commands' => $commands);
247
  }
248

    
249
  list($form, $form_state, $form_id, $form_build_id, $commands) = ajax_get_form();
250

    
251
  if (!$form) {
252
    // Invalid form_build_id.
253
    drupal_set_message(t('An unrecoverable error occurred. Use of this form has expired. Try reloading the page and submitting again.'), 'error');
254
    $commands = array();
255
    $commands[] = ajax_command_replace(NULL, theme('status_messages'));
256
    return array('#type' => 'ajax', '#commands' => $commands);
257
  }
258

    
259
  // Get the current element and count the number of files.
260
  $current_element = $form;
261
  foreach ($form_parents as $parent) {
262
    $current_element = $current_element[$parent];
263
  }
264
  $current_file_count = isset($current_element['#file_upload_delta']) ? $current_element['#file_upload_delta'] : 0;
265

    
266
  // Process user input. $form and $form_state are modified in the process.
267
  drupal_process_form($form['#form_id'], $form, $form_state);
268

    
269
  // Retrieve the element to be rendered.
270
  foreach ($form_parents as $parent) {
271
    $form = $form[$parent];
272
  }
273

    
274
  // Add the special Ajax class if a new file was added.
275
  if (isset($form['#file_upload_delta']) && $current_file_count < $form['#file_upload_delta']) {
276
    $form[$current_file_count]['#attributes']['class'][] = 'ajax-new-content';
277
  }
278
  // Otherwise just add the new content class on a placeholder.
279
  else {
280
    $form['#suffix'] .= '<span class="ajax-new-content"></span>';
281
  }
282

    
283
  $output = theme('status_messages') . drupal_render($form);
284
  $js = drupal_add_js();
285
  $settings = call_user_func_array('array_merge_recursive', $js['settings']['data']);
286

    
287
  $commands[] = ajax_command_replace(NULL, $output, $settings);
288
  return array('#type' => 'ajax', '#commands' => $commands);
289
}
290

    
291
/**
292
 * Menu callback for upload progress.
293
 *
294
 * @param $key
295
 *   The unique key for this upload process.
296
 */
297
function file_ajax_progress($key) {
298
  $progress = array(
299
    'message' => t('Starting upload...'),
300
    'percentage' => -1,
301
  );
302

    
303
  $implementation = file_progress_implementation();
304
  if ($implementation == 'uploadprogress') {
305
    $status = uploadprogress_get_info($key);
306
    if (isset($status['bytes_uploaded']) && !empty($status['bytes_total'])) {
307
      $progress['message'] = t('Uploading... (@current of @total)', array('@current' => format_size($status['bytes_uploaded']), '@total' => format_size($status['bytes_total'])));
308
      $progress['percentage'] = round(100 * $status['bytes_uploaded'] / $status['bytes_total']);
309
    }
310
  }
311
  elseif ($implementation == 'apc') {
312
    $status = apc_fetch('upload_' . $key);
313
    if (isset($status['current']) && !empty($status['total'])) {
314
      $progress['message'] = t('Uploading... (@current of @total)', array('@current' => format_size($status['current']), '@total' => format_size($status['total'])));
315
      $progress['percentage'] = round(100 * $status['current'] / $status['total']);
316
    }
317
  }
318

    
319
  drupal_json_output($progress);
320
}
321

    
322
/**
323
 * Determines the preferred upload progress implementation.
324
 *
325
 * @return
326
 *   A string indicating which upload progress system is available. Either "apc"
327
 *   or "uploadprogress". If neither are available, returns FALSE.
328
 */
329
function file_progress_implementation() {
330
  static $implementation;
331
  if (!isset($implementation)) {
332
    $implementation = FALSE;
333

    
334
    // We prefer the PECL extension uploadprogress because it supports multiple
335
    // simultaneous uploads. APC only supports one at a time.
336
    if (extension_loaded('uploadprogress')) {
337
      $implementation = 'uploadprogress';
338
    }
339
    elseif (extension_loaded('apc') && ini_get('apc.rfc1867')) {
340
      $implementation = 'apc';
341
    }
342
  }
343
  return $implementation;
344
}
345

    
346
/**
347
 * Implements hook_file_delete().
348
 */
349
function file_file_delete($file) {
350
  // TODO: Remove references to a file that is in-use.
351
}
352

    
353
/**
354
 * Process function to expand the managed_file element type.
355
 *
356
 * Expands the file type to include Upload and Remove buttons, as well as
357
 * support for a default value.
358
 */
359
function file_managed_file_process($element, &$form_state, $form) {
360
  // Append the '-upload' to the #id so the field label's 'for' attribute
361
  // corresponds with the file element.
362
  $original_id = $element['#id'];
363
  $element['#id'] .= '-upload';
364
  $fid = isset($element['#value']['fid']) ? $element['#value']['fid'] : 0;
365

    
366
  // Set some default element properties.
367
  $element['#progress_indicator'] = empty($element['#progress_indicator']) ? 'none' : $element['#progress_indicator'];
368
  $element['#file'] = $fid ? file_load($fid) : FALSE;
369
  $element['#tree'] = TRUE;
370

    
371
  $ajax_settings = array(
372
    'path' => 'file/ajax/' . implode('/', $element['#array_parents']) . '/' . $form['form_build_id']['#value'],
373
    'wrapper' => $original_id . '-ajax-wrapper',
374
    'effect' => 'fade',
375
    'progress' => array(
376
      'type' => $element['#progress_indicator'],
377
      'message' => $element['#progress_message'],
378
    ),
379
  );
380

    
381
  // Set up the buttons first since we need to check if they were clicked.
382
  $element['upload_button'] = array(
383
    '#name' => implode('_', $element['#parents']) . '_upload_button',
384
    '#type' => 'submit',
385
    '#value' => t('Upload'),
386
    '#validate' => array(),
387
    '#submit' => array('file_managed_file_submit'),
388
    '#limit_validation_errors' => array($element['#parents']),
389
    '#ajax' => $ajax_settings,
390
    '#weight' => -5,
391
  );
392

    
393
  // Force the progress indicator for the remove button to be either 'none' or
394
  // 'throbber', even if the upload button is using something else.
395
  $ajax_settings['progress']['type'] = ($element['#progress_indicator'] == 'none') ? 'none' : 'throbber';
396
  $ajax_settings['progress']['message'] = NULL;
397
  $ajax_settings['effect'] = 'none';
398
  $element['remove_button'] = array(
399
    '#name' => implode('_', $element['#parents']) . '_remove_button',
400
    '#type' => 'submit',
401
    '#value' => t('Remove'),
402
    '#validate' => array(),
403
    '#submit' => array('file_managed_file_submit'),
404
    '#limit_validation_errors' => array($element['#parents']),
405
    '#ajax' => $ajax_settings,
406
    '#weight' => -5,
407
  );
408

    
409
  $element['fid'] = array(
410
    '#type' => 'hidden',
411
    '#value' => $fid,
412
  );
413

    
414
  // Add progress bar support to the upload if possible.
415
  if ($element['#progress_indicator'] == 'bar' && $implementation = file_progress_implementation()) {
416
    $upload_progress_key = mt_rand();
417

    
418
    if ($implementation == 'uploadprogress') {
419
      $element['UPLOAD_IDENTIFIER'] = array(
420
        '#type' => 'hidden',
421
        '#value' => $upload_progress_key,
422
        '#attributes' => array('class' => array('file-progress')),
423
        // Uploadprogress extension requires this field to be at the top of the
424
        // form.
425
        '#weight' => -20,
426
      );
427
    }
428
    elseif ($implementation == 'apc') {
429
      $element['APC_UPLOAD_PROGRESS'] = array(
430
        '#type' => 'hidden',
431
        '#value' => $upload_progress_key,
432
        '#attributes' => array('class' => array('file-progress')),
433
        // Uploadprogress extension requires this field to be at the top of the
434
        // form.
435
        '#weight' => -20,
436
      );
437
    }
438

    
439
    // Add the upload progress callback.
440
    $element['upload_button']['#ajax']['progress']['path'] = 'file/progress/' . $upload_progress_key;
441
  }
442

    
443
  // The file upload field itself.
444
  $element['upload'] = array(
445
    '#name' => 'files[' . implode('_', $element['#parents']) . ']',
446
    '#type' => 'file',
447
    '#title' => t('Choose a file'),
448
    '#title_display' => 'invisible',
449
    '#size' => $element['#size'],
450
    '#theme_wrappers' => array(),
451
    '#weight' => -10,
452
  );
453

    
454
  if ($fid && $element['#file']) {
455
    $element['filename'] = array(
456
      '#type' => 'markup',
457
      '#markup' => theme('file_link', array('file' => $element['#file'])) . ' ',
458
      '#weight' => -10,
459
    );
460
    // Anonymous users who have uploaded a temporary file need a
461
    // non-session-based token added so file_managed_file_value() can check
462
    // that they have permission to use this file on subsequent submissions of
463
    // the same form (for example, after an Ajax upload or form validation
464
    // error).
465
    if (!$GLOBALS['user']->uid && $element['#file']->status != FILE_STATUS_PERMANENT) {
466
      $element['fid_token'] = array(
467
        '#type' => 'hidden',
468
        '#value' => drupal_hmac_base64('file-' . $fid, drupal_get_private_key() . drupal_get_hash_salt()),
469
      );
470
    }
471
  }
472

    
473
  // Add the extension list to the page as JavaScript settings.
474
  if (isset($element['#upload_validators']['file_validate_extensions'][0])) {
475
    $extension_list = implode(',', array_filter(explode(' ', $element['#upload_validators']['file_validate_extensions'][0])));
476
    $element['upload']['#attached']['js'] = array(
477
      array(
478
        'type' => 'setting',
479
        'data' => array('file' => array('elements' => array('#' . $element['#id'] => $extension_list)))
480
      )
481
    );
482
  }
483

    
484
  // Prefix and suffix used for Ajax replacement.
485
  $element['#prefix'] = '<div id="' . $original_id . '-ajax-wrapper">';
486
  $element['#suffix'] = '</div>';
487

    
488
  return $element;
489
}
490

    
491
/**
492
 * The #value_callback for a managed_file type element.
493
 */
494
function file_managed_file_value(&$element, $input = FALSE, $form_state = NULL) {
495
  $fid = 0;
496
  $force_default = FALSE;
497

    
498
  // Find the current value of this field from the form state.
499
  $form_state_fid = $form_state['values'];
500
  foreach ($element['#parents'] as $parent) {
501
    $form_state_fid = isset($form_state_fid[$parent]) ? $form_state_fid[$parent] : 0;
502
  }
503

    
504
  if ($element['#extended'] && isset($form_state_fid['fid'])) {
505
    $fid = $form_state_fid['fid'];
506
  }
507
  elseif (is_numeric($form_state_fid)) {
508
    $fid = $form_state_fid;
509
  }
510

    
511
  // Process any input and save new uploads.
512
  if ($input !== FALSE) {
513
    $return = $input;
514

    
515
    // Uploads take priority over all other values.
516
    if ($file = file_managed_file_save_upload($element)) {
517
      $fid = $file->fid;
518
    }
519
    else {
520
      // Check for #filefield_value_callback values.
521
      // Because FAPI does not allow multiple #value_callback values like it
522
      // does for #element_validate and #process, this fills the missing
523
      // functionality to allow File fields to be extended through FAPI.
524
      if (isset($element['#file_value_callbacks'])) {
525
        foreach ($element['#file_value_callbacks'] as $callback) {
526
          $callback($element, $input, $form_state);
527
        }
528
      }
529
      // If a FID was submitted, load the file (and check access if it's not a
530
      // public file) to confirm it exists and that the current user has access
531
      // to it.
532
      if (isset($input['fid']) && ($file = file_load($input['fid']))) {
533
        // By default the public:// file scheme provided by Drupal core is the
534
        // only one that allows files to be publicly accessible to everyone, so
535
        // it is the only one for which the file access checks are bypassed.
536
        // Other modules which provide publicly accessible streams of their own
537
        // in hook_stream_wrappers() can add the corresponding scheme to the
538
        // 'file_public_schema' variable to bypass file access checks for those
539
        // as well. This should only be done for schemes that are completely
540
        // publicly accessible, with no download restrictions; for security
541
        // reasons all other schemes must go through the file_download_access()
542
        // check.
543
        if (!in_array(file_uri_scheme($file->uri), variable_get('file_public_schema', array('public'))) && !file_download_access($file->uri)) {
544
          $force_default = TRUE;
545
        }
546
        // Temporary files that belong to other users should never be allowed.
547
        elseif ($file->status != FILE_STATUS_PERMANENT) {
548
          if ($GLOBALS['user']->uid && $file->uid != $GLOBALS['user']->uid) {
549
            $force_default = TRUE;
550
          }
551
          // Since file ownership can't be determined for anonymous users, they
552
          // are not allowed to reuse temporary files at all. But they do need
553
          // to be able to reuse their own files from earlier submissions of
554
          // the same form, so to allow that, check for the token added by
555
          // file_managed_file_process().
556
          elseif (!$GLOBALS['user']->uid) {
557
            $token = drupal_array_get_nested_value($form_state['input'], array_merge($element['#parents'], array('fid_token')));
558
            if ($token !== drupal_hmac_base64('file-' . $file->fid, drupal_get_private_key() . drupal_get_hash_salt())) {
559
              $force_default = TRUE;
560
            }
561
          }
562
        }
563
        // If all checks pass, allow the file to be changed.
564
        if (!$force_default) {
565
          $fid = $file->fid;
566
        }
567
      }
568
    }
569
  }
570

    
571
  // If there is no input or if the default value was requested above, use the
572
  // default value.
573
  if ($input === FALSE || $force_default) {
574
    if ($element['#extended']) {
575
      $default_fid = isset($element['#default_value']['fid']) ? $element['#default_value']['fid'] : 0;
576
      $return = isset($element['#default_value']) ? $element['#default_value'] : array('fid' => 0);
577
    }
578
    else {
579
      $default_fid = isset($element['#default_value']) ? $element['#default_value'] : 0;
580
      $return = array('fid' => 0);
581
    }
582

    
583
    // Confirm that the file exists when used as a default value.
584
    if ($default_fid && $file = file_load($default_fid)) {
585
      $fid = $file->fid;
586
    }
587
  }
588

    
589
  $return['fid'] = $fid;
590

    
591
  return $return;
592
}
593

    
594
/**
595
 * An #element_validate callback for the managed_file element.
596
 */
597
function file_managed_file_validate(&$element, &$form_state) {
598
  // If referencing an existing file, only allow if there are existing
599
  // references. This prevents unmanaged files from being deleted if this
600
  // item were to be deleted.
601
  $clicked_button = end($form_state['triggering_element']['#parents']);
602
  if ($clicked_button != 'remove_button' && !empty($element['fid']['#value'])) {
603
    if ($file = file_load($element['fid']['#value'])) {
604
      if ($file->status == FILE_STATUS_PERMANENT) {
605
        $references = file_usage_list($file);
606
        if (empty($references)) {
607
          form_error($element, t('The file used in the !name field may not be referenced.', array('!name' => $element['#title'])));
608
        }
609
      }
610
    }
611
    else {
612
      form_error($element, t('The file referenced by the !name field does not exist.', array('!name' => $element['#title'])));
613
    }
614
  }
615

    
616
  // Check required property based on the FID.
617
  if ($element['#required'] && empty($element['fid']['#value']) && !in_array($clicked_button, array('upload_button', 'remove_button'))) {
618
    form_error($element['upload'], t('!name field is required.', array('!name' => $element['#title'])));
619
  }
620

    
621
  // Consolidate the array value of this field to a single FID.
622
  if (!$element['#extended']) {
623
    form_set_value($element, $element['fid']['#value'], $form_state);
624
  }
625
}
626

    
627
/**
628
 * Form submission handler for upload / remove buttons of managed_file elements.
629
 *
630
 * @see file_managed_file_process()
631
 */
632
function file_managed_file_submit($form, &$form_state) {
633
  // Determine whether it was the upload or the remove button that was clicked,
634
  // and set $element to the managed_file element that contains that button.
635
  $parents = $form_state['triggering_element']['#array_parents'];
636
  $button_key = array_pop($parents);
637
  $element = drupal_array_get_nested_value($form, $parents);
638

    
639
  // No action is needed here for the upload button, because all file uploads on
640
  // the form are processed by file_managed_file_value() regardless of which
641
  // button was clicked. Action is needed here for the remove button, because we
642
  // only remove a file in response to its remove button being clicked.
643
  if ($button_key == 'remove_button') {
644
    // If it's a temporary file we can safely remove it immediately, otherwise
645
    // it's up to the implementing module to clean up files that are in use.
646
    if ($element['#file'] && $element['#file']->status == 0) {
647
      file_delete($element['#file']);
648
    }
649
    // Update both $form_state['values'] and $form_state['input'] to reflect
650
    // that the file has been removed, so that the form is rebuilt correctly.
651
    // $form_state['values'] must be updated in case additional submit handlers
652
    // run, and for form building functions that run during the rebuild, such as
653
    // when the managed_file element is part of a field widget.
654
    // $form_state['input'] must be updated so that file_managed_file_value()
655
    // has correct information during the rebuild.
656
    $values_element = $element['#extended'] ? $element['fid'] : $element;
657
    form_set_value($values_element, NULL, $form_state);
658
    drupal_array_set_nested_value($form_state['input'], $values_element['#parents'], NULL);
659
  }
660

    
661
  // Set the form to rebuild so that $form is correctly updated in response to
662
  // processing the file removal. Since this function did not change $form_state
663
  // if the upload button was clicked, a rebuild isn't necessary in that
664
  // situation and setting $form_state['redirect'] to FALSE would suffice.
665
  // However, we choose to always rebuild, to keep the form processing workflow
666
  // consistent between the two buttons.
667
  $form_state['rebuild'] = TRUE;
668
}
669

    
670
/**
671
 * Saves any files that have been uploaded into a managed_file element.
672
 *
673
 * @param $element
674
 *   The FAPI element whose values are being saved.
675
 *
676
 * @return
677
 *   The file object representing the file that was saved, or FALSE if no file
678
 *   was saved.
679
 */
680
function file_managed_file_save_upload($element) {
681
  $upload_name = implode('_', $element['#parents']);
682
  if (empty($_FILES['files']['name'][$upload_name])) {
683
    return FALSE;
684
  }
685

    
686
  $destination = isset($element['#upload_location']) ? $element['#upload_location'] : NULL;
687
  if (isset($destination) && !file_prepare_directory($destination, FILE_CREATE_DIRECTORY)) {
688
    watchdog('file', 'The upload directory %directory for the file field !name could not be created or is not accessible. A newly uploaded file could not be saved in this directory as a consequence, and the upload was canceled.', array('%directory' => $destination, '!name' => $element['#field_name']));
689
    form_set_error($upload_name, t('The file could not be uploaded.'));
690
    return FALSE;
691
  }
692

    
693
  if (!$file = file_save_upload($upload_name, $element['#upload_validators'], $destination)) {
694
    watchdog('file', 'The file upload failed. %upload', array('%upload' => $upload_name));
695
    form_set_error($upload_name, t('The file in the !name field was unable to be uploaded.', array('!name' => $element['#title'])));
696
    return FALSE;
697
  }
698

    
699
  return $file;
700
}
701

    
702
/**
703
 * Returns HTML for a managed file element.
704
 *
705
 * @param $variables
706
 *   An associative array containing:
707
 *   - element: A render element representing the file.
708
 *
709
 * @ingroup themeable
710
 */
711
function theme_file_managed_file($variables) {
712
  $element = $variables['element'];
713

    
714
  $attributes = array();
715
  if (isset($element['#id'])) {
716
    $attributes['id'] = $element['#id'];
717
  }
718
  if (!empty($element['#attributes']['class'])) {
719
    $attributes['class'] = (array) $element['#attributes']['class'];
720
  }
721
  $attributes['class'][] = 'form-managed-file';
722

    
723
  // This wrapper is required to apply JS behaviors and CSS styling.
724
  $output = '';
725
  $output .= '<div' . drupal_attributes($attributes) . '>';
726
  $output .= drupal_render_children($element);
727
  $output .= '</div>';
728
  return $output;
729
}
730

    
731
/**
732
 * #pre_render callback to hide display of the upload or remove controls.
733
 *
734
 * Upload controls are hidden when a file is already uploaded. Remove controls
735
 * are hidden when there is no file attached. Controls are hidden here instead
736
 * of in file_managed_file_process(), because #access for these buttons depends
737
 * on the managed_file element's #value. See the documentation of form_builder()
738
 * for more detailed information about the relationship between #process,
739
 * #value, and #access.
740
 *
741
 * Because #access is set here, it affects display only and does not prevent
742
 * JavaScript or other untrusted code from submitting the form as though access
743
 * were enabled. The form processing functions for these elements should not
744
 * assume that the buttons can't be "clicked" just because they are not
745
 * displayed.
746
 *
747
 * @see file_managed_file_process()
748
 * @see form_builder()
749
 */
750
function file_managed_file_pre_render($element) {
751
  // If we already have a file, we don't want to show the upload controls.
752
  if (!empty($element['#value']['fid'])) {
753
    $element['upload']['#access'] = FALSE;
754
    $element['upload_button']['#access'] = FALSE;
755
  }
756
  // If we don't already have a file, there is nothing to remove.
757
  else {
758
    $element['remove_button']['#access'] = FALSE;
759
  }
760
  return $element;
761
}
762

    
763
/**
764
 * Returns HTML for a link to a file.
765
 *
766
 * @param $variables
767
 *   An associative array containing:
768
 *   - file: A file object to which the link will be created.
769
 *   - icon_directory: (optional) A path to a directory of icons to be used for
770
 *     files. Defaults to the value of the "file_icon_directory" variable.
771
 *
772
 * @ingroup themeable
773
 */
774
function theme_file_link($variables) {
775
  $file = $variables['file'];
776
  $icon_directory = $variables['icon_directory'];
777

    
778
  $url = file_create_url($file->uri);
779

    
780
  // Human-readable names, for use as text-alternatives to icons.
781
  $mime_name = array(
782
    'application/msword' => t('Microsoft Office document icon'),
783
    'application/vnd.ms-excel' => t('Office spreadsheet icon'),
784
    'application/vnd.ms-powerpoint' => t('Office presentation icon'),
785
    'application/pdf' => t('PDF icon'),
786
    'video/quicktime' => t('Movie icon'),
787
    'audio/mpeg' => t('Audio icon'),
788
    'audio/wav' => t('Audio icon'),
789
    'image/jpeg' => t('Image icon'),
790
    'image/png' => t('Image icon'),
791
    'image/gif' => t('Image icon'),
792
    'application/zip' => t('Package icon'),
793
    'text/html' => t('HTML icon'),
794
    'text/plain' => t('Plain text icon'),
795
    'application/octet-stream' => t('Binary Data'),
796
  );
797

    
798
  $mimetype = file_get_mimetype($file->uri);
799

    
800
  $icon = theme('file_icon', array(
801
    'file' => $file,
802
    'icon_directory' => $icon_directory,
803
    'alt' => !empty($mime_name[$mimetype]) ? $mime_name[$mimetype] : t('File'),
804
  ));
805

    
806
  // Set options as per anchor format described at
807
  // http://microformats.org/wiki/file-format-examples
808
  $options = array(
809
    'attributes' => array(
810
      'type' => $file->filemime . '; length=' . $file->filesize,
811
    ),
812
  );
813

    
814
  // Use the description as the link text if available.
815
  if (empty($file->description)) {
816
    $link_text = $file->filename;
817
  }
818
  else {
819
    $link_text = $file->description;
820
    $options['attributes']['title'] = check_plain($file->filename);
821
  }
822

    
823
  return '<span class="file">' . $icon . ' ' . l($link_text, $url, $options) . '</span>';
824
}
825

    
826
/**
827
 * Returns HTML for an image with an appropriate icon for the given file.
828
 *
829
 * @param $variables
830
 *   An associative array containing:
831
 *   - file: A file object for which to make an icon.
832
 *   - icon_directory: (optional) A path to a directory of icons to be used for
833
 *     files. Defaults to the value of the "file_icon_directory" variable.
834
 *   - alt: (optional) The alternative text to represent the icon in text-based
835
 *     browsers. Defaults to an empty string.
836
 *
837
 * @ingroup themeable
838
 */
839
function theme_file_icon($variables) {
840
  $file = $variables['file'];
841
  $alt = $variables['alt'];
842
  $icon_directory = $variables['icon_directory'];
843

    
844
  $mime = check_plain($file->filemime);
845
  $icon_url = file_icon_url($file, $icon_directory);
846
  return '<img class="file-icon" alt="' . check_plain($alt) . '" title="' . $mime . '" src="' . $icon_url . '" />';
847
}
848

    
849
/**
850
 * Creates a URL to the icon for a file object.
851
 *
852
 * @param $file
853
 *   A file object.
854
 * @param $icon_directory
855
 *   (optional) A path to a directory of icons to be used for files. Defaults to
856
 *   the value of the "file_icon_directory" variable.
857
 *
858
 * @return
859
 *   A URL string to the icon, or FALSE if an appropriate icon cannot be found.
860
 */
861
function file_icon_url($file, $icon_directory = NULL) {
862
  if ($icon_path = file_icon_path($file, $icon_directory)) {
863
    return base_path() . $icon_path;
864
  }
865
  return FALSE;
866
}
867

    
868
/**
869
 * Creates a path to the icon for a file object.
870
 *
871
 * @param $file
872
 *   A file object.
873
 * @param $icon_directory
874
 *   (optional) A path to a directory of icons to be used for files. Defaults to
875
 *   the value of the "file_icon_directory" variable.
876
 *
877
 * @return
878
 *   A string to the icon as a local path, or FALSE if an appropriate icon could
879
 *   not be found.
880
 */
881
function file_icon_path($file, $icon_directory = NULL) {
882
  // Use the default set of icons if none specified.
883
  if (!isset($icon_directory)) {
884
    $icon_directory = variable_get('file_icon_directory', drupal_get_path('module', 'file') . '/icons');
885
  }
886

    
887
  // If there's an icon matching the exact mimetype, go for it.
888
  $dashed_mime = strtr($file->filemime, array('/' => '-'));
889
  $icon_path = $icon_directory . '/' . $dashed_mime . '.png';
890
  if (file_exists($icon_path)) {
891
    return $icon_path;
892
  }
893

    
894
  // For a few mimetypes, we can "manually" map to a generic icon.
895
  $generic_mime = (string) file_icon_map($file);
896
  $icon_path = $icon_directory . '/' . $generic_mime . '.png';
897
  if ($generic_mime && file_exists($icon_path)) {
898
    return $icon_path;
899
  }
900

    
901
  // Use generic icons for each category that provides such icons.
902
  foreach (array('audio', 'image', 'text', 'video') as $category) {
903
    if (strpos($file->filemime, $category . '/') === 0) {
904
      $icon_path = $icon_directory . '/' . $category . '-x-generic.png';
905
      if (file_exists($icon_path)) {
906
        return $icon_path;
907
      }
908
    }
909
  }
910

    
911
  // Try application-octet-stream as last fallback.
912
  $icon_path = $icon_directory . '/application-octet-stream.png';
913
  if (file_exists($icon_path)) {
914
    return $icon_path;
915
  }
916

    
917
  // No icon can be found.
918
  return FALSE;
919
}
920

    
921
/**
922
 * Determines the generic icon MIME package based on a file's MIME type.
923
 *
924
 * @param $file
925
 *   A file object.
926
 *
927
 * @return
928
 *   The generic icon MIME package expected for this file.
929
 */
930
function file_icon_map($file) {
931
  switch ($file->filemime) {
932
    // Word document types.
933
    case 'application/msword':
934
    case 'application/vnd.ms-word.document.macroEnabled.12':
935
    case 'application/vnd.oasis.opendocument.text':
936
    case 'application/vnd.oasis.opendocument.text-template':
937
    case 'application/vnd.oasis.opendocument.text-master':
938
    case 'application/vnd.oasis.opendocument.text-web':
939
    case 'application/vnd.openxmlformats-officedocument.wordprocessingml.document':
940
    case 'application/vnd.stardivision.writer':
941
    case 'application/vnd.sun.xml.writer':
942
    case 'application/vnd.sun.xml.writer.template':
943
    case 'application/vnd.sun.xml.writer.global':
944
    case 'application/vnd.wordperfect':
945
    case 'application/x-abiword':
946
    case 'application/x-applix-word':
947
    case 'application/x-kword':
948
    case 'application/x-kword-crypt':
949
      return 'x-office-document';
950

    
951
    // Spreadsheet document types.
952
    case 'application/vnd.ms-excel':
953
    case 'application/vnd.ms-excel.sheet.macroEnabled.12':
954
    case 'application/vnd.oasis.opendocument.spreadsheet':
955
    case 'application/vnd.oasis.opendocument.spreadsheet-template':
956
    case 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet':
957
    case 'application/vnd.stardivision.calc':
958
    case 'application/vnd.sun.xml.calc':
959
    case 'application/vnd.sun.xml.calc.template':
960
    case 'application/vnd.lotus-1-2-3':
961
    case 'application/x-applix-spreadsheet':
962
    case 'application/x-gnumeric':
963
    case 'application/x-kspread':
964
    case 'application/x-kspread-crypt':
965
      return 'x-office-spreadsheet';
966

    
967
    // Presentation document types.
968
    case 'application/vnd.ms-powerpoint':
969
    case 'application/vnd.ms-powerpoint.presentation.macroEnabled.12':
970
    case 'application/vnd.oasis.opendocument.presentation':
971
    case 'application/vnd.oasis.opendocument.presentation-template':
972
    case 'application/vnd.openxmlformats-officedocument.presentationml.presentation':
973
    case 'application/vnd.stardivision.impress':
974
    case 'application/vnd.sun.xml.impress':
975
    case 'application/vnd.sun.xml.impress.template':
976
    case 'application/x-kpresenter':
977
      return 'x-office-presentation';
978

    
979
    // Compressed archive types.
980
    case 'application/zip':
981
    case 'application/x-zip':
982
    case 'application/stuffit':
983
    case 'application/x-stuffit':
984
    case 'application/x-7z-compressed':
985
    case 'application/x-ace':
986
    case 'application/x-arj':
987
    case 'application/x-bzip':
988
    case 'application/x-bzip-compressed-tar':
989
    case 'application/x-compress':
990
    case 'application/x-compressed-tar':
991
    case 'application/x-cpio-compressed':
992
    case 'application/x-deb':
993
    case 'application/x-gzip':
994
    case 'application/x-java-archive':
995
    case 'application/x-lha':
996
    case 'application/x-lhz':
997
    case 'application/x-lzop':
998
    case 'application/x-rar':
999
    case 'application/x-rpm':
1000
    case 'application/x-tzo':
1001
    case 'application/x-tar':
1002
    case 'application/x-tarz':
1003
    case 'application/x-tgz':
1004
      return 'package-x-generic';
1005

    
1006
    // Script file types.
1007
    case 'application/ecmascript':
1008
    case 'application/javascript':
1009
    case 'application/mathematica':
1010
    case 'application/vnd.mozilla.xul+xml':
1011
    case 'application/x-asp':
1012
    case 'application/x-awk':
1013
    case 'application/x-cgi':
1014
    case 'application/x-csh':
1015
    case 'application/x-m4':
1016
    case 'application/x-perl':
1017
    case 'application/x-php':
1018
    case 'application/x-ruby':
1019
    case 'application/x-shellscript':
1020
    case 'text/vnd.wap.wmlscript':
1021
    case 'text/x-emacs-lisp':
1022
    case 'text/x-haskell':
1023
    case 'text/x-literate-haskell':
1024
    case 'text/x-lua':
1025
    case 'text/x-makefile':
1026
    case 'text/x-matlab':
1027
    case 'text/x-python':
1028
    case 'text/x-sql':
1029
    case 'text/x-tcl':
1030
      return 'text-x-script';
1031

    
1032
    // HTML aliases.
1033
    case 'application/xhtml+xml':
1034
      return 'text-html';
1035

    
1036
    // Executable types.
1037
    case 'application/x-macbinary':
1038
    case 'application/x-ms-dos-executable':
1039
    case 'application/x-pef-executable':
1040
      return 'application-x-executable';
1041

    
1042
    default:
1043
      return FALSE;
1044
  }
1045
}
1046

    
1047
/**
1048
 * @defgroup file-module-api File module public API functions
1049
 * @{
1050
 * These functions may be used to determine if and where a file is in use.
1051
 */
1052

    
1053
/**
1054
 * Retrieves a list of references to a file.
1055
 *
1056
 * @param $file
1057
 *   A file object.
1058
 * @param $field
1059
 *   (optional) A field array to be used for this check. If given, limits the
1060
 *   reference check to the given field.
1061
 * @param $age
1062
 *   (optional) A constant that specifies which references to count. Use
1063
 *   FIELD_LOAD_REVISION to retrieve all references within all revisions or
1064
 *   FIELD_LOAD_CURRENT to retrieve references only in the current revisions.
1065
 * @param $field_type
1066
 *   (optional) The name of a field type. If given, limits the reference check
1067
 *   to fields of the given type.
1068
 *
1069
 * @return
1070
 *   An integer value.
1071
 */
1072
function file_get_file_references($file, $field = NULL, $age = FIELD_LOAD_REVISION, $field_type = 'file') {
1073
  $references = drupal_static(__FUNCTION__, array());
1074
  $fields = isset($field) ? array($field['field_name'] => $field) : field_info_fields();
1075

    
1076
  foreach ($fields as $field_name => $file_field) {
1077
    if ((empty($field_type) || $file_field['type'] == $field_type) && !isset($references[$field_name])) {
1078
      // Get each time this file is used within a field.
1079
      $query = new EntityFieldQuery();
1080
      $query
1081
        ->fieldCondition($file_field, 'fid', $file->fid)
1082
        ->age($age);
1083
      $references[$field_name] = $query->execute();
1084
    }
1085
  }
1086

    
1087
  return isset($field) ? $references[$field['field_name']] : array_filter($references);
1088
}
1089

    
1090
/**
1091
 * @} End of "defgroup file-module-api".
1092
 */