Display images from protected folder - yii

I have a protected folder within Yii and I'm looking to display some of those images within the site. I've tried the following code and it works within the site/index controller in that it returns just the image I wanted.
However when I tried to separate the code it didn't work. Any help is appreciated.
Model
public function getImage() // will take file identifier as #param
{
$imageID = '2562584569'; // will eventually be dynamically assigned
$image = Images::model()->find('tmp_name=:id', array('id' => $imageID));
$dest = Yii::getPathOfAlias('application.uploads');
$file = $dest .'/' . $image->tmp_name . '.' . $image->extension;
if(file_exists($file)){
ob_clean();
header('Content-Type:' . $image->logo_type);
readfile($file);
exit;
}
}
And in the view
CHtml::link('<img src="' . Yii::app()->request->baseUrl .'/images/image" />', array('product/index', 'id'=>$data['product_id'], 'slug'=> $data['product_slug']));
Thanks
Jonnny

"protected" folder are not accessible from the client browser. This prevents people to have access to important files, like your source code.
If you want to store images inside "protected" and want them to be accessible, you need to publish them using CAssetManager.
Usage is something like:
$path = Yii::app()->basePath.'/path-inside-protected';
$yourImageUrl = Yii::app()->assetManager->publish($path);
Yii will then use the file as an asset, coping it to the "assets" folder, sibling to "protected". After that, you can just use the url returned on your HTML.
<img src="<?php echo $yourImageUrl ?>">

I went about it like this
CHtml::link('<img src="' . $this->createUrl('/images/image', array('data'=>$data['data'])) . '" />', array('product/index', 'id'=>$data['product_id'], 'slug'=> $data['product_slug']));
Model
public function actionImage($data)
{
$image = Images::model()->find('tmp_name=:data', array('id' => $data));
$dest = Yii::getPathOfAlias('application.uploads');
$file = $dest .'/' . $image->tmp_name . '.' . $image->extension;
if(file_exists($file)){
ob_clean();
header('Content-Type:' . $image->logo_type);
readfile($file);
exit;
}
}
Thanks for all help

Related

TYPO3 - Add flexform to my own extension

I am building my own extension.
I have found this page about adding Flexform to the Extension
https://gist.github.com/alrnz/c0f00b196d378f5b9150
And in my ext_tables.php i have this:
\TYPO3\CMS\Extbase\Utility\ExtensionUtility::registerPlugin(
$_EXTKEY,
'Xlsxtotables',
'XLSX to tables'
);
// Include flex forms
$pluginSignature = str_replace('_', '', $_EXTKEY) . '_' . 'xlsxtotables'; // from registerPlugin(...)
$TCA['tt_content']['types']['list']['subtypes_addlist'] [$pluginSignature] = 'pi_flexform';
\TYPO3\CMS\Core\Utility\ExtensionManagementUtility::addPiFlexFormValue(
$pluginSignature,
'FILE:EXT:' . $_EXTKEY . '/Configuration/FlexForms/flexform_xlsxtotables.xml'
);
I know that the XML-file is in the right place, but I do not get anyting from it in TYPO3 backend.
Any suggestions?
Try replace
$pluginSignature = str_replace('_', '', $_EXTKEY) . '_' . 'xlsxtotables';
by
$extensionName = strtolower(\TYPO3\CMS\Core\Utility\GeneralUtility::underscoredToUpperCamelCase($_EXTKEY));
$pluginSignature = $extensionName.'_'.'xlsxtotables';
And dont forget to empty your general cache before you see a change with your flexform.
You can try below code in ext_tables.php file
$pluginName = 'Pi1'; // Give Your Plugin Nmae
$pluginSignature = preg_replace('/[^a-z0-9]/', '', strtolower($_EXTKEY)) . '_' . strtolower($pluginName);
// FlexForm configuration
$TCA['tt_content']['types']['list']['subtypes_addlist'][$pluginSignature] = 'pi_flexform';
\TYPO3\CMS\Core\Utility\ExtensionManagementUtility::addPiFlexFormValue(
$pluginSignature,
'FILE:EXT:' . $_EXTKEY . '/Configuration/FlexForms/flexformname.xml'
);
For Adding Flexforms in One or More Front-end plugins you can use Below code in ext_tables.php
$extensionName = \TYPO3\CMS\Core\Utility\GeneralUtility::underscoredToUpperCamelCase($_EXTKEY);
$frontendpluginName = 'xxx'; //Your Front-end Plugin Name
$pluginSignature = strtolower($extensionName) . '_'.strtolower($frontendpluginName);
$GLOBALS['TCA']['tt_content']['types']['list']['subtypes_addlist'][$pluginSignature] = 'pi_flexform';
\TYPO3\CMS\Core\Utility\ExtensionManagementUtility::addPiFlexFormValue($pluginSignature, 'FILE:EXT:' . $_EXTKEY . '/Configuration/FlexForms/xyz.xml');

module overriding in zen cart

I am new to Zen Cart and currently working on a project which has custom template. I am now stuck on override of module file new_products.php !! how to override new_products.php ? I want to change HTML in it. how can I do it ? I have made changes in new_products.php itself. I know it is not right way to do it, but I am confused where do I make changes/override module file ?
Here is the code where I made changes in main new_products.php file
while (!$new_products->EOF) {
$products_price = zen_get_products_display_price($new_products->fields['products_id']);
if (!isset($productsInCategory[$new_products->fields['products_id']])) $productsInCategory[$new_products->fields['products_id']] = zen_get_generated_category_path_rev($new_products->fields['master_categories_id']);
$list_box_contents[$row][$col] = array('params' => 'class="centerBoxContentsNew centeredContent back"' . ' ' . 'style="width:' . $col_width . '%;"',
'text' => (($new_products->fields['products_image'] == '' and PRODUCTS_IMAGE_NO_IMAGE_STATUS == 0) ? '' : '<center><h2>'.$new_products->fields['products_name'].'</h2>' . zen_image(DIR_WS_IMAGES . $new_products->fields['products_image'], $new_products->fields['products_name'], IMAGE_PRODUCT_NEW_WIDTH, IMAGE_PRODUCT_NEW_HEIGHT) . '</center>') . '<h3>' . $products_price.'</h3><p>'.$new_products->fields['products_description'].'</p>
<div class="button black"><a href="' . zen_href_link(zen_get_info_page($new_products->fields['products_id']), 'cPath=' . $productsInCategory[$new_products->fields['products_id']] . '&products_id=' . $new_products->fields['products_id']) . '">Add To Cart' .'</div>');
$col ++;
if ($col > (SHOW_PRODUCT_INFO_COLUMNS_NEW_PRODUCTS - 1)) {
$col = 0;
$row ++;
}
$new_products->MoveNextRandom();}
It's perfectly fine to modify new_products.php, but first copy
includes/modules/new_products.php
to
includes/modules/YOUR_TEMPLATE/new_products.php
(where YOUR_TEMPLATE is the name of your custom template).
Then make changes in the file
includes/modules/YOUR_TEMPLATE/new_products.php
You can determine your template name by going to admin->tools->template selection.
If you don't know how to create a custom template in Zen Cart, read this:
http://www.zen-cart.com/content.php?180

INSERT in the query part of BigQuery, using google-api-php-client

I wanted to insert thousands of records in the database using INSERT command in php script , as it will easier to access, but https://developers.google.com/bigquery/docs/query-reference , this doesn't show the INSERT command that can be used while querying in php , like ,
$quert->setQuery("Insert into ... values...") , Have tried this in the Query Table of BigQuery web console, but it doesn't seem to work , Is there anyway to use setQuery() with some other command, to insert data ?
BigQuery doesn't support the INSERT command. You would need to create a load job. See https://developers.google.com/bigquery/docs/import#localimport for more information.
In addition to Jordan's answer, here's a snippet of code that should get you started using the Google BigQuery API and the Google API PHP client library for loading your own data into BigQuery programmatically. Note, this snippet simply spits out the raw API response of the load job, including the job Id to the screen - you'll have to add your own polling logic to check on the load job status.
(We will be adding additional documentation about loading your own data, as well as more PHP samples soon).
<?php
require_once "google-api-php-client/src/Google_Client.php";
require_once "google-api-php-client/src/contrib/Google_BigqueryService.php";
session_start();
$client = new Google_Client();
// Visit https://code.google.com/apis/console to generate your
// oauth2_client_id, oauth2_client_secret, and to register your oauth2_redirect_uri.
$client->setScopes(array('https://www.googleapis.com/auth/bigquery'));
$client->setClientId('XXXXXXXXX.apps.googleusercontent.com');
$client->setClientSecret('XXXXXXXXX');
$client->setRedirectUri('http://YOURAPPLICATION/index.php');
// Instantiate a new BigQuery Client
$bigqueryService = new Google_BigqueryService($client);
if (isset($_GET['code'])) {
$client->authenticate();
$_SESSION['token'] = $client->getAccessToken();
header('Location: http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']);
}
?>
<!doctype html>
<html>
<head>
<title>BigQuery API Sample</title>
</head>
<body>
<div id='container'>
<div id='top'><h1>BigQuery API Sample</h1></div>
<div id='main'>
<?php
if (isset($_GET['logout'])) {
unset($_SESSION['token']);
}
if (isset($_GET['code'])) {
$client->authenticate($_GET['code']);
$_SESSION['token'] = $client->getAccessToken();
header('Location: http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']);
}
if (isset($_SESSION['token'])) {
$client->setAccessToken($_SESSION['token']);
}
if ($client->getAccessToken()) {
// Your project number, from the developers.google.com/console project you created
// when signing up for BigQuery
$project_number = 'XXXXXXXXXXXXXX';
// Information about the destination table
$destination_table = new Google_TableReference();
$destination_table->setProjectId($project_number);
$destination_table->setDatasetId('php_test');
$destination_table->setTableId('my_new_table');
// Information about the schema for your new table
$schema_fields = array();
$schema_fields[0] = new Google_TableFieldSchema();
$schema_fields[0]->setName('first');
$schema_fields[0]->setType('string');
$schema_fields[1] = new Google_TableFieldSchema();
$schema_fields[1]->setName('last');
$schema_fields[1]->setType('string');
$destination_table_schema = new Google_TableSchema();
$destination_table_schema->setFields($schema_fields);
// Set the load configuration, including source file(s) and schema
$load_configuration = new Google_JobConfigurationLoad();
$load_configuration->setSourceUris(array('gs://YOUR_GOOGLE_CLOUD_STORAGE_BUCKET/file.csv'));
$load_configuration->setDestinationTable($destination_table);
$load_configuration->setSchema($destination_table_schema);
$job_configuration = new Google_JobConfiguration();
$job_configuration->setLoad($load_configuration);
$load_job = new Google_Job();
$load_job->setKind('load');
$load_job->setConfiguration($job_configuration);
$jobs = $bigqueryService->jobs;
$response = $jobs->insert($project_number, $load_job);
echo '<pre>';
print_r($response);
echo '</pre>';
$_SESSION['token'] = $client->getAccessToken();
} else {
$authUrl = $client->createAuthUrl();
print "<a class='login' href='$authUrl'>Authorize Access to the BigQuery API</a>";
}
?>
</div>
</div>
</body>
</html>

Video upload with Graph API from user's desktop

i am trying to upload a local video to Facebook through the Graph API.
Here is an example from Facebook:
http://developers.facebook.com/blog/post/493/
That works nice, and i get an JSON response after submitting the from.
How can I get the respone ID, for use in, e.g. Javascript or directly as an GET-parameter on my server?
I don't want to upload the video on an public accessable server and then redirect the video upload to Facebook by using curl or something like that.
Has anyone an idea or an example of how i can get this to work?
Edit:
Here is the example i used:
<?php
$app_id = "YOUR_APP_ID";
$app_secret = "YOUR_APP_SECRET";
$my_url = "YOUR_POST_LOGIN_URL";
$video_title = "YOUR_VIDEO_TITLE";
$video_desc = "YOUR_VIDEO_DESCRIPTION";
$code = $_REQUEST["code"];
if(empty($code)) {
$dialog_url = "http://www.facebook.com/dialog/oauth?client_id="
. $app_id . "&redirect_uri=" . urlencode($my_url)
. "&scope=publish_stream";
echo("<script>top.location.href='" . $dialog_url . "'</script>");
}
$token_url = "https://graph.facebook.com/oauth/access_token?client_id="
. $app_id . "&redirect_uri=" . urlencode($my_url)
. "&client_secret=" . $app_secret
. "&code=" . $code;
$access_token = file_get_contents($token_url);
$post_url = "https://graph-video.facebook.com/me/videos?"
. "title=" . $video_title. "&description=" . $video_desc
. "&". $access_token;
echo '<form enctype="multipart/form-data" action=" '.$post_url.' "
method="POST">';
echo 'Please choose a file:';
echo '<input name="file" type="file">';
echo '<input type="submit" value="Upload" />';
echo '</form>';
?>
Taken from this page: http://developers.facebook.com/blog/post/493/
This is the whole response i get from the form (JSON response):
{
"id": "xxxxx19208xxxxx"
}
The problem is that the JSON response is inline in the page.
I thought to set a target in the form to an inline iframe but then i will not be able to access the JSON code.

php/Drupal - list all nodes that a given user to permission to edit

I have a function that lists all nodes on the system. I would like to refine this to show only nodes that current user is able to edit - either with API or SQL statement. (Drupal 6)
function fnGetNodeTypes($typeOfNodes) {
$string = "";
$types_of_nodes = array_keys(node_get_types());
$string .= "<select name='typeOfNodes'>";
$string .= "<option value=''>Please select</option> ";
$string .= "<option value='all'>All</option> ";
foreach($types_of_nodes as $node){
if($typeOfNodes == $node ){
$selected = "selected";
}
else{
$selected = "";
}
$string .= "<option $selected value=\"" . $node . "\">" . $node ;
$string .= "</option>\n";
}
$string .= "</select\n>";
return $string;
}
Update:
Following #chx suggestion I tried messing around with users, users_roles and permissions. Let me know if there is a more Drupal way of doing this.
//----------------------------------------------
// Contruct select/option box of node types
//----------------------------------------------
function fnGetNodeTypes($typeOfNodes) {
$string = "";
$types_of_nodes = array_keys(node_get_types());
$string .= "<select name='typeOfNodes'>";
$string .= "<option value=''>Please select</option> ";
//$string .= "<option value='all'>All</option> ";
foreach($types_of_nodes as $node_type){
if (fnInArray($node_type))
{
if($typeOfNodes == $node_type ){
$selected = "selected";
}
else{
$selected = "";
}
$string .= "<option $selected value=\"" . $node_type . "\">" . $node_type ;
$string .= "</option>\n";
}
}
$string .= "</select\n>";
return $string;
}
//---------------------------------------------------------------------
// function fnInArray - see if user is allowed to edit this node type
//---------------------------------------------------------------------
function fnInArray($node_type)
{
global $user;
if ($user->name == 'admin') { return TRUE; }
// get list of all nodes that user is allowed to access
//
$string = " SELECT permission.perm as permission_perm " .
" from users " .
" join users_roles on ( users_roles.uid = users.uid ) " .
" join permission on (permission.rid = users_roles.rid) " .
" where users.name = '" . $user->name . "'";
$result = db_query($string);
while ($row = db_fetch_object($result)) {
$pieces = explode(", " , $row->permission_perm);
$node_name = "edit any " . trim($node_type) . " content";
if (in_array($node_name, $pieces ))
{
return TRUE;
}
return FALSE;
}
}
This is fairly impossible to do. Node access can be specified by a hook so the only generic way to do that would be to retrieve every. single. node. and run node_access($node, 'update') on them. That's not too fast. You can mess around with node types, permissions, the node access table etc depending on how your site is set up and modules are used. If we presume that the only thing controlling your nodes are the permissions and understand please this presumption is not always true by far, then in Drupal 6 and below (I suspect from node_get_types() you are not using D7) you would indeed iterate over node_get_types()and check user_access("edit own $type content") || user access("edit any $type content") but this won't go too far.
Not quite sure of the proper method for Drupal 6 (check db_rewrite_sql) but for Drupal 7, while you are building your query add addTag('node_access') to the query and that will limit it to only nodes that the user has permission to edit. If you go to the link for db_rewrite_sql above make sure to take a look at the comments.
db_query + db_rewrite_sql: Returns only the rows the logged-in user is allowed to view.
$results = db_query(db_rewrite_sql($query), $args);
This is what the Module Grants Monitor module is for http://drupal.org/project/module_grants. From the project page: "Clicking on it reveals a summary of all the content the logged-in user has access to (i.e. view, edit) after access controls have been applied by the content access modules installed on your site". I installed and tested this today and it seems to work. Does anyone have comments or experience with this module?
It seems like this should also be possible with Views or Rules... but maybe that's just because everything seems possible with them...