## $Id$

## This file is part of the CERN Document Server Software (CDSware).
## Copyright (C) 2002 CERN.
##
## The CDSware is free software; you can redistribute it and/or
## modify it under the terms of the GNU General Public License as
## published by the Free Software Foundation; either version 2 of the
## License, or (at your option) any later version.
##
## The CDSware is distributed in the hope that it will be useful, but
## WITHOUT ANY WARRANTY; without even the implied warranty of
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
## General Public License for more details.
##
## You should have received a copy of the GNU General Public License
## along with CDSware; if not, write to the Free Software Foundation, Inc.,
## 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA.
<?
<protect>
## $Id$
## DO NOT EDIT THIS FILE!  IT WAS AUTOMATICALLY GENERATED FROM CDSware WML SOURCES.


   ## Description:   function Test_File_Name
   ##                This function compares the extension of the submitted file
   ##		     with the format declared by the user.
   ## Author:	     T.Baron
   ## PARAMETERS:    formatFTT: name of the file in which the format is saved

   function Test_File_Name($param_array,$MAINPATH)
   {

      $formatfile = $param_array['formatFTT'];

      //get the details concerning the last uploaded file
      if (file_exists("$MAINPATH/lastuploadedfile"))
      {
         $fp = fopen("$MAINPATH/lastuploadedfile","r");
	 $file_name = fread($fp,filesize("$MAINPATH/lastuploadedfile"));
	 fclose($fp);

	 //get file name from global object
	 $doctype = $GLOBALS[VARS]->get_doctype();

	 //set the was variable for change checking later on
	 $was = $file_name;

	 //test filename for illegal characters and replace any that exist
	 $file_name =(ereg_replace( " " , "_", $file_name));
	 $file_name =(ereg_replace( "\"", "_", $file_name));
	 $file_name =(ereg_replace( "%" , "_", $file_name));
	 $file_name =(ereg_replace( "~" , "_", $file_name));
	 $file_name =(ereg_replace( "#" , "_", $file_name));
	 $file_name =(ereg_replace( "@" , "_", $file_name));
	 $file_name =(ereg_replace( "&" , "_", $file_name));
	 $file_name =(ereg_replace( "!" , "_", $file_name));
	 $file_name =(ereg_replace( "'" , "_", $file_name));
	 $file_name =(ereg_replace( "=" , "_", $file_name));
	 $file_name =(ereg_replace( ":" , "_", $file_name));
	 $file_name =(ereg_replace( ";" , "_", $file_name));
	 $file_name =(ereg_replace( ">" , "_", $file_name));
	 $file_name =(ereg_replace( "<" , "_", $file_name));

	 // test if any characters were changed and if so change the file
	 // to the correct legal name
	 if($was != $file_name)
	 {
	    Request_Print ("S","<br>User file name $was is not allowed");
	    Request_Print ("S","<br>User file name changed to :$file_name");

	    rename("$MAINPATH/files/$was","$MAINPATH/files/$file_name");

	    $fp = fopen("$MAINPATH/lastuploadedfile","w+");
	    fwrite($fp,"$file_name");
	    fclose($fp);
	 }      

	 //now test to ensure the file extension is valid.
	 //Get the format
	 chdir("$MAINPATH");
	 //get Format of last uploaded file
	 if (is_file("FormatHTML"))
	 {
	    $fd = fopen( "FormatHTML", "r" );
	    $file_format = fread( $fd, filesize( "FormatHTML" ));
	    fclose( $fd );
	 }
	 elseif (is_file("JPEGFormat"))
	 {
	    $fd = fopen( "JPEGFormat", "r" );
	    $file_format = fread( $fd, filesize( "JPEGFormat" ));
	    fclose( $fd );
	 }
	 elseif (is_file("FormatMMD"))
	 {
	    $fd = fopen( "FormatMMD", "r" );
	    $file_format = fread( $fd, filesize( "FormatMMD" ));
	    fclose( $fd );
	 }
	 elseif (is_file("PrepFormat"))
	 {
	    $fd = fopen( "PrepFormat", "r" );
	    $file_format = fread( $fd, filesize( "PrepFormat" ));
	    fclose( $fd );
	 }
	 elseif (is_file("PFormat"))
	 {
	    $fd = fopen( "PFormat", "r" );
	    $file_format = fread( $fd, filesize( "PFormat" ));
	    fclose( $fd );
	 }
	 elseif (is_file("Format"))
	 {
	    $fd = fopen( "Format", "r" );
	    $file_format = fread( $fd, filesize( "Format" ));
	    fclose( $fd );
	 }
	 elseif (is_file("PhotoFormat"))
	 {
	    $fd = fopen( "PhotoFormat", "r" );
	    $file_format = fread( $fd, filesize( "PhotoFormat" ));
	    fclose( $fd );
	 }
	 elseif (is_file("$formatfile"))
	 {
	    $fd = fopen( "$formatfile", "r" );
	    $file_format = fread( $fd, filesize( "$formatfile" ));
	    fclose( $fd );
	 }
	 else
	    $file_format = "unknown";

	 // call sub function to return the expected value of the files
	 // extension
	 $extension = Get_Extention($file_format);

	 // Note the ereg has been upgraded as of Jan 20th 2000.
	 // The dollar ending the string signifies the string must end with
	 // this to match also it has been made case insensitive.
	 // another mod March 23rd to allow more than one file extension
	 // possible.
	 // e.g. .jpg or .jpeg bith valid for the jpeg doctype. 
	 $i = 0;
	 $number =  count($extension);
	 while ($i < $number)
	 {
	    $test = eregi($extension[$i]."$",$file_name,$regs);
	    if($test)
	       $match = 1;
	    $i++;
	 }

	 if(!$match)
	 {
	    print "<SCRIPT>alert(\"The file $file_name you have just uploaded did not have the correct extension ($extension[0]) for its format (${file_format}) and was deleted by the system\");</SCRIPT>";
	    unlink("$MAINPATH/files/$file_name");
	    unlink("$MAINPATH/lastuploadedfile");
	 }
      }
   }//end of function test file name

   function Get_Extention($file_format)
   {
      // call database for expected text from result of gfile call on the
      // document
      //query database
      $db_result = mysql_query("
SELECT FILE_EXTENSION 
FROM   sbmFORMATEXTENSION 
WHERE  FILE_FORMAT = '$file_format'");
      $i=0;	
      while($result = mysql_fetch_row($db_result)) 
      {
         $ext[$i] = $result[0];
	 $i++;
      }
      return $ext;	
   }
</protect>
?>