News:

Want to get involved in developing SMF, then why not lend a hand on our github!

Main Menu

using createAttachment() to upload files on external website (not through forum)

Started by Rusconipepparoni, October 20, 2010, 04:55:33 PM

Previous topic - Next topic

Rusconipepparoni

I've been wanting to upload files from my external website, without visiting forum. What would the easiest approach be?

Thanks beforehand!

Oya

you'd need to modify display.php to be able to serve it again anyway especially since display.php (and createattachment) require a message id for it to be attached to...

Rusconipepparoni

Quote from: Oya on October 20, 2010, 05:20:33 PM
you'd need to modify display.php to be able to serve it again anyway especially since display.php (and createattachment) require a message id for it to be attached to...

Sorry but I don't really get what you're trying to say? Documentation on function says the id is optional, in response of a message id being required:

http://support.simplemachines.org/function_db/index.php?action=view_function;id=324

Thanks!

Oya

yeah, the id of the *attachment* is optional when you call the function, it's set in the function itself because it won't know that until the function is run

but every attachment must be attached to a message and if you're storing attachments in the attachments table that aren't part of messages, all manner of bad things can happen, such as forum maintenance removing them

in any case you won't be able to use the index.php?action=dlattach to serve them again because that requires a topic id (from which it looks up the message id) to ensure the user has permission to see the attachment so you not only would have to write something to handle the lack of topic id, you'd have to modify core smf to be able to use said attachment

Rusconipepparoni

Quote from: Oya on October 20, 2010, 05:34:30 PM
yeah, the id of the *attachment* is optional when you call the function, it's set in the function itself because it won't know that until the function is run

but every attachment must be attached to a message and if you're storing attachments in the attachments table that aren't part of messages, all manner of bad things can happen, such as forum maintenance removing them

in any case you won't be able to use the index.php?action=dlattach to serve them again because that requires a topic id (from which it looks up the message id) to ensure the user has permission to see the attachment so you not only would have to write something to handle the lack of topic id, you'd have to modify core smf to be able to use said attachment

Couldn't I simply create a post along side with the attachment? I wouldn't mind having a post for each attachment uploaded.

Oya

yes you could in which case you'd also need to look at createpost and calling that at the same time

in terms of setting up what's required, look at most of what's in post2() in post.php where $_FILES is used, there's a lot of it though

Rusconipepparoni

Quote from: Oya on October 20, 2010, 05:38:06 PM
yes you could in which case you'd also need to look at createpost and calling that at the same time

in terms of setting up what's required, look at most of what's in post2() in post.php where $_FILES is used, there's a lot of it though

createPost(); was easy to work with, already coded a way to add posts without visiting forum (external website). I find attachment needs a lot more security, that's what bothers me. Is all the code with $_FILES in post.php really nessesary?

Oya

it's been a long time since i did anything with attachments

you could always look at the code and follow it through...

Rusconipepparoni

I made it so it gives ID_MSG 1 by default so that it works with the flow. I then added my own column to the attachment table called ID_CONTENT for matching to other content (such as custom text). I also made it remove the old attachment each time it updates. Does it look fine? It currently lack checks, but I'm not sure which ones are needed, any suggestions?

Thank you!


<?php

require_once("/Users/Henrik/Sites/system/core/SSI.php");
require_once(
$sourcedir '/Subs-Post.php');
require_once(
$sourcedir '/ManageAttachments.php');

if (isset(
$_FILES['file']) && isset($_POST['content_id']))
{
if (empty($_FILES["file"]["error"]))
{
$content_id $_POST['content_id'];

removeAttachments('a.ID_CONTENT =' $content_id);

$attachmentOptions = array(
'post' => 1,
'poster' => $ID_MEMBER,
'name' => $_FILES['file']['name'],
'tmp_name' => $_FILES['file']['tmp_name'],
'size' => $_FILES['file']['size'],
);

if (createAttachment($attachmentOptions))
{
$attachIDs[] = $attachmentOptions['id'];
if (!empty($attachmentOptions['thumb']))
$attachIDs[] = $attachmentOptions['thumb'];

db_query("
UPDATE 
{$db_prefix}attachments
SET ID_CONTENT = 
$content_id
WHERE ID_CONTENT = 0"
__FILE____LINE__);

redirectExit('http://'.$_SERVER['SERVER_NAME'].''.$_SERVER['PHP_SELF'].'');
}
}
}

?>


Oya

just look at the list of errors that can be triggered from post2() in post.php, those are all the things that need to be tested for

Advertisement: