Inicio Explorar Axuda
Rexistro Iniciar sesión
Valavuo
/
inventory
2
0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0 Wiki
Árbore: bca15d8765
Ramas Etiquetas
inventory
/
backend
/
models
/
Attachment.php

Attachment.php 5.4 KB
Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154 
  1. <?php
    2. 

  2. class Attachment {
    3. 

  3.     private $conn;
    4. 

  4.     private $table_name = "attachments";
    5. 

  5. 

  6.     public $id;
    7. 

  7.     public $item_id;
    8. 

  8.     public $filename;
    9. 

  9.     public $original_name;
    10. 

  10.     public $file_type;
    11. 

  11.     public $file_path;
    12. 

  12.     public $file_size;
    13. 

  13.     public $mime_type;
    14. 

  14.     public $created_at;
    15. 

  15. 

  16.     public function __construct($db) {
    17. 

  17.         $this->conn = $db;
    18. 

  18.     }
    19. 

  19. 

  20.     public function create() {
    21. 

  21.         $query = "INSERT INTO " . $this->table_name . " SET item_id=:item_id, filename=:filename, original_name=:original_name, file_type=:file_type, file_path=:file_path, file_size=:file_size, mime_type=:mime_type, created_at=:created_at";
    22. 

  22. 

  23.         $stmt = $this->conn->prepare($query);
    24. 

  24. 

  25.         $this->item_id = htmlspecialchars(strip_tags($this->item_id));
    26. 

  26.         $this->filename = htmlspecialchars(strip_tags($this->filename));
    27. 

  27.         $this->original_name = htmlspecialchars(strip_tags($this->original_name));
    28. 

  28.         $this->file_type = htmlspecialchars(strip_tags($this->file_type));
    29. 

  29.         $this->file_path = htmlspecialchars(strip_tags($this->file_path));
    30. 

  30.         $this->file_size = htmlspecialchars(strip_tags($this->file_size));
    31. 

  31.         $this->mime_type = htmlspecialchars(strip_tags($this->mime_type));
    32. 

  32.         $this->created_at = date('Y-m-d H:i:s');
    33. 

  33. 

  34.         $stmt->bindParam(":item_id", $this->item_id);
    35. 

  35.         $stmt->bindParam(":filename", $this->filename);
    36. 

  36.         $stmt->bindParam(":original_name", $this->original_name);
    37. 

  37.         $stmt->bindParam(":file_type", $this->file_type);
    38. 

  38.         $stmt->bindParam(":file_path", $this->file_path);
    39. 

  39.         $stmt->bindParam(":file_size", $this->file_size);
    40. 

  40.         $stmt->bindParam(":mime_type", $this->mime_type);
    41. 

  41.         $stmt->bindParam(":created_at", $this->created_at);
    42. 

  42. 

  43.         if($stmt->execute()) {
    44. 

  44.             return true;
    45. 

  45.         }
    46. 

  46. 

  47.         return false;
    48. 

  48.     }
    49. 

  49. 

  50.     public function read() {
    51. 

  51.         $query = "SELECT * FROM " . $this->table_name . " WHERE item_id = ? ORDER BY created_at DESC";
    52. 

  52. 

  53.         $stmt = $this->conn->prepare($query);
    54. 

  54.         $stmt->bindParam(1, $this->item_id);
    55. 

  55.         $stmt->execute();
    56. 

  56. 

  57.         return $stmt;
    58. 

  58.     }
    59. 

  59. 

  60.     public function readOne() {
    61. 

  61.         $query = "SELECT * FROM " . $this->table_name . " WHERE id = ? LIMIT 0,1";
    62. 

  62. 

  63.         $stmt = $this->conn->prepare($query);
    64. 

  64.         $stmt->bindParam(1, $this->id);
    65. 

  65.         $stmt->execute();
    66. 

  66. 

  67.         $row = $stmt->fetch(PDO::FETCH_ASSOC);
    68. 

  68. 

  69.         $this->item_id = $row['item_id'];
    70. 

  70.         $this->filename = $row['filename'];
    71. 

  71.         $this->original_name = $row['original_name'];
    72. 

  72.         $this->file_type = $row['file_type'];
    73. 

  73.         $this->file_path = $row['file_path'];
    74. 

  74.         $this->file_size = $row['file_size'];
    75. 

  75.         $this->mime_type = $row['mime_type'];
    76. 

  76.         $this->created_at = $row['created_at'];
    77. 

  77.     }
    78. 

  78. 

  79.     public function delete() {
    80. 

  80.         $query = "SELECT file_path FROM " . $this->table_name . " WHERE id = ?";
    81. 

  81.         $stmt = $this->conn->prepare($query);
    82. 

  82.         $stmt->bindParam(1, $this->id);
    83. 

  83.         $stmt->execute();
    84. 

  84.         $row = $stmt->fetch(PDO::FETCH_ASSOC);
    85. 

  85.         
    86. 

  86.         if($row && file_exists($row['file_path'])) {
    87. 

  87.             unlink($row['file_path']);
    88. 

  88.         }
    89. 

  89. 

  90.         $query = "DELETE FROM " . $this->table_name . " WHERE id = ?";
    91. 

  91.         $stmt = $this->conn->prepare($query);
    92. 

  92.         $stmt->bindParam(1, $this->id);
    93. 

  93. 

  94.         if($stmt->execute()) {
    95. 

  95.             return true;
    96. 

  96.         }
    97. 

  97. 

  98.         return false;
    99. 

  99.     }
    100. 

  100. 

  101.     public function uploadFile($file, $item_id, $file_type) {
    102. 

  102.         $uploadDir = '/var/www/html/attachments/';
    103. 

  103.         $allowedTypes = [
    104. 

  104.             'application/pdf',
    105. 

  105.             'image/jpeg',
    106. 

  106.             'image/png',
    107. 

  107.             'image/gif',
    108. 

  108.             'text/plain',
    109. 

  109.             'application/msword',
    110. 

  110.             'application/vnd.openxmlformats-officedocument.wordprocessingml.document'
    111. 

  111.         ];
    112. 

  112.         $maxFileSize = 10 * 1024 * 1024; // 10MB
    113. 

  113. 

  114.         if (!file_exists($uploadDir)) {
    115. 

  115.             mkdir($uploadDir, 0755, true);
    116. 

  116.         }
    117. 

  117. 

  118.         if (!in_array($file['type'], $allowedTypes)) {
    119. 

  119.             return ['success' => false, 'message' => 'Invalid file type.'];
    120. 

  120.         }
    121. 

  121. 

  122.         if ($file['size'] > $maxFileSize) {
    123. 

  123.             return ['success' => false, 'message' => 'File too large. Maximum size is 10MB.'];
    124. 

  124.         }
    125. 

  125. 

  126.         $fileExtension = pathinfo($file['name'], PATHINFO_EXTENSION);
    127. 

  127.         $uniqueFileName = uniqid() . '.' . $fileExtension;
    128. 

  128.         $uploadPath = $uploadDir . $uniqueFileName;
    129. 

  129. 

  130.         if (move_uploaded_file($file['tmp_name'], $uploadPath)) {
    131. 

  131.             $this->item_id = $item_id;
    132. 

  132.             $this->filename = $uniqueFileName;
    133. 

  133.             $this->original_name = $file['name'];
    134. 

  134.             $this->file_type = $file_type;
    135. 

  135.             $this->file_path = $uniqueFileName;
    136. 

  136.             $this->file_size = $file['size'];
    137. 

  137.             $this->mime_type = $file['type'];
    138. 

  138. 

  139.             if ($this->create()) {
    140. 

  140.                 $baseUrl = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? "https" : "http") . "://$_SERVER[HTTP_HOST]";
    141. 

  141.                 $apiPath = dirname($_SERVER['PHP_SELF']);
    142. 

  142.                 $fullUrl = $baseUrl . '/uploads/' . $uniqueFileName;
    143. 

  143.                 
    144. 

  144.                 return ['success' => true, 'url' => $fullUrl, 'id' => $this->conn->lastInsertId()];
    145. 

  145.             } else {
    146. 

  146.                 unlink($uploadPath);
    147. 

  147.                 return ['success' => false, 'message' => 'Failed to save attachment record.'];
    148. 

  148.             }
    149. 

  149.         } else {
    150. 

  150.             return ['success' => false, 'message' => 'Failed to upload file.'];
    151. 

  151.         }
    152. 

  152.     }
    153. 

  153. }
    154. 

  154. ?>
    155.