file_api.php		file_api_new.php
	<?php		<?php
	# MantisBT - A PHP based bugtracking system		# MantisBT - A PHP based bugtracking system
	# MantisBT is free software: you can redistribute it and/or modify		# MantisBT is free software: you can redistribute it and/or modify
	# it under the terms of the GNU General Public License as published by		# it under the terms of the GNU General Public License as published by
	# the Free Software Foundation, either version 2 of the License, or		# the Free Software Foundation, either version 2 of the License, or
	# (at your option) any later version.		# (at your option) any later version.
	#		#
	# MantisBT is distributed in the hope that it will be useful,		# MantisBT is distributed in the hope that it will be useful,
	# but WITHOUT ANY WARRANTY; without even the implied warranty of		# but WITHOUT ANY WARRANTY; without even the implied warranty of
	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the		# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
	# GNU General Public License for more details.		# GNU General Public License for more details.
	#		#
	# You should have received a copy of the GNU General Public License		# You should have received a copy of the GNU General Public License
	# along with MantisBT.  If not, see <http://www.gnu.org/licenses/>.		# along with MantisBT.  If not, see <http://www.gnu.org/licenses/>.
	/**		/**
	* File API		* File API
	*		*
	* @package CoreAPI		* @package CoreAPI
	* @subpackage FileAPI		* @subpackage FileAPI
	* @copyright Copyright 2000 - 2002  Kenzaburo Ito - kenito@300baud.org		* @copyright Copyright 2000 - 2002  Kenzaburo Ito - kenito@300baud.org
	* @copyright Copyright 2002  MantisBT Team - mantisbt-dev@lists.sourceforge.net		* @copyright Copyright 2002  MantisBT Team - mantisbt-dev@lists.sourceforge.net
	* @link http://www.mantisbt.org		* @link http://www.mantisbt.org
	*		*
	* @uses access_api.php		* @uses access_api.php
	* @uses antispam_api.php		* @uses antispam_api.php
	* @uses authentication_api.php		* @uses authentication_api.php
	* @uses bug_api.php		* @uses bug_api.php
	* @uses config_api.php		* @uses config_api.php
	* @uses constant_inc.php		* @uses constant_inc.php
	* @uses database_api.php		* @uses database_api.php
	* @uses gpc_api.php		* @uses gpc_api.php
	* @uses helper_api.php		* @uses helper_api.php
	* @uses history_api.php		* @uses history_api.php
	* @uses project_api.php		* @uses project_api.php
	* @uses utility_api.php		* @uses utility_api.php
	*/		*/
	require_api( 'access_api.php' );		require_api( 'access_api.php' );
	require_api( 'antispam_api.php' );		require_api( 'antispam_api.php' );
	require_api( 'authentication_api.php' );		require_api( 'authentication_api.php' );
	require_api( 'bug_api.php' );		require_api( 'bug_api.php' );
	require_api( 'config_api.php' );		require_api( 'config_api.php' );
	require_api( 'constant_inc.php' );		require_api( 'constant_inc.php' );
	require_api( 'database_api.php' );		require_api( 'database_api.php' );
	require_api( 'gpc_api.php' );		require_api( 'gpc_api.php' );
	require_api( 'helper_api.php' );		require_api( 'helper_api.php' );
	require_api( 'history_api.php' );		require_api( 'history_api.php' );
	require_api( 'project_api.php' );		require_api( 'project_api.php' );
	require_api( 'utility_api.php' );		require_api( 'utility_api.php' );
	$g_cache_file_count = array();		$g_cache_file_count = array();
	/**		/**
	* Processes the post files from a form by adding them to the specified		* Processes the post files from a form by adding them to the specified
	* issue.		* issue.
	*		*
	* @param int $p_bug_id    The bug id.		* @param int $p_bug_id    The bug id.
	* @param array $p_files   The array of files, if null, then do nothing.		* @param array $p_files   The array of files, if null, then do nothing.
	* @return array Array of file info arrays.		* @return array Array of file info arrays.
	*/		*/
	function file_process_posted_files_for_bug( $p_bug_id, $p_files ) {		function file_process_posted_files_for_bug( $p_bug_id, $p_files ) {
	if( $p_files === null ) {		if( $p_files === null ) {
	return;		return;
	}		}
	$t_file_infos = array();		$t_file_infos = array();
	$t_files = helper_array_transpose( $p_files );		$t_files = helper_array_transpose( $p_files );
	foreach( $t_files as $t_file ) {		foreach( $t_files as $t_file ) {
	if( !empty( $t_file['name'] ) ) {		if( !empty( $t_file['name'] ) ) {
	$t_file_infos[] = file_add( $p_bug_id, $t_file, 'bug' );		$t_file_infos[] = file_add( $p_bug_id, $t_file, 'bug' );
	}		}
	}		}
	return $t_file_infos;		return $t_file_infos;
	}		}
	/**		/**
	* Gets the filename without the bug id prefix.		* Gets the filename without the bug id prefix.
	* @param string $p_filename Filename.		* @param string $p_filename Filename.
	* @return string		* @return string
	*/		*/
	function file_get_display_name( $p_filename ) {		function file_get_display_name( $p_filename ) {
	# Check if it's a project document filename (doc-0000000-filename)		# Check if it's a project document filename (doc-0000000-filename)
	# or a bug attachment filename (0000000-filename)		# or a bug attachment filename (0000000-filename)
	# for newer filenames, the filename in schema is correct.		# for newer filenames, the filename in schema is correct.
	# This is important to handle filenames with '-'s properly		# This is important to handle filenames with '-'s properly
	$t_doc_match = '/^' . config_get( 'document_files_prefix' ) . '-\d{7}-/';		$t_doc_match = '/^' . config_get( 'document_files_prefix' ) . '-\d{7}-/';
	$t_name = preg_split( $t_doc_match, $p_filename );		$t_name = preg_split( $t_doc_match, $p_filename );
	if( isset( $t_name[1] ) ) {		if( isset( $t_name[1] ) ) {
	return $t_name[1];		return $t_name[1];
	} else {		} else {
	$t_bug_match = '/^\d{7}-/';		$t_bug_match = '/^\d{7}-/';
	$t_name = preg_split( $t_bug_match, $p_filename );		$t_name = preg_split( $t_bug_match, $p_filename );
	if( isset( $t_name[1] ) ) {		if( isset( $t_name[1] ) ) {
	return $t_name[1];		return $t_name[1];
	} else {		} else {
	return $p_filename;		return $p_filename;
	}		}
	}		}
	}		}
	/**		/**
	* Fills the cache with the attachement count from a list of bugs		* Fills the cache with the attachement count from a list of bugs
	* If the bug doesn't have attachments, cache its value as 0.		* If the bug doesn't have attachments, cache its value as 0.
	* @global array $g_cache_file_count		* @global array $g_cache_file_count
	* @param array $p_bug_ids Array of bug ids		* @param array $p_bug_ids Array of bug ids
	* @return void		* @return void
	*/		*/
	function file_bug_attachment_count_cache( array $p_bug_ids ) {		function file_bug_attachment_count_cache( array $p_bug_ids ) {
	global $g_cache_file_count;		global $g_cache_file_count;
	if( empty( $p_bug_ids ) ) {		if( empty( $p_bug_ids ) ) {
	return;		return;
	}		}
	$t_ids_to_search = array();		$t_ids_to_search = array();
	foreach( $p_bug_ids as $t_id ) {		foreach( $p_bug_ids as $t_id ) {
	$c_id = (int)$t_id;		$c_id = (int)$t_id;
	$t_ids_to_search[$c_id] = $c_id;		$t_ids_to_search[$c_id] = $c_id;
	}		}
	db_param_push();		db_param_push();
	$t_params = array();		$t_params = array();
	$t_in_values = array();		$t_in_values = array();
	foreach( $t_ids_to_search as $t_id ) {		foreach( $t_ids_to_search as $t_id ) {
	$t_params[] = (int)$t_id;		$t_params[] = (int)$t_id;
	$t_in_values[] = db_param();		$t_in_values[] = db_param();
	}		}
	$t_query = 'SELECT B.id AS bug_id, COUNT(F.bug_id) AS attachments'		$t_query = 'SELECT B.id AS bug_id, COUNT(F.bug_id) AS attachments'
	. ' FROM {bug} B JOIN {bug_file} F ON ( B.id = F.bug_id )'		. ' FROM {bug} B JOIN {bug_file} F ON ( B.id = F.bug_id )'
	. ' WHERE B.id IN (' . implode( ',', $t_in_values ) . ')'		. ' WHERE B.id IN (' . implode( ',', $t_in_values ) . ')'
	. ' GROUP BY B.id';		. ' GROUP BY B.id';
	$t_result = db_query( $t_query, $t_params );		$t_result = db_query( $t_query, $t_params );
	while( $t_row = db_fetch_array( $t_result ) ) {		while( $t_row = db_fetch_array( $t_result ) ) {
	$c_bug_id = (int)$t_row['bug_id'];		$c_bug_id = (int)$t_row['bug_id'];
	$g_cache_file_count[$c_bug_id] = (int)$t_row['attachments'];		$g_cache_file_count[$c_bug_id] = (int)$t_row['attachments'];
	unset( $t_ids_to_search[$c_bug_id] );		unset( $t_ids_to_search[$c_bug_id] );
	}		}
	# set bugs without result to 0		# set bugs without result to 0
	foreach( $t_ids_to_search as $t_id ) {		foreach( $t_ids_to_search as $t_id ) {
	$g_cache_file_count[$t_id] = 0;		$g_cache_file_count[$t_id] = 0;
	}		}
	}		}
	/**		/**
	* Check the number of attachments a bug has (if any)		* Check the number of attachments a bug has (if any)
	* @param integer $p_bug_id A bug identifier.		* @param integer $p_bug_id A bug identifier.
	* @return integer		* @return integer
	*/		*/
	function file_bug_attachment_count( $p_bug_id ) {		function file_bug_attachment_count( $p_bug_id ) {
	global $g_cache_file_count;		global $g_cache_file_count;
	# If it's not in cache, load the value		# If it's not in cache, load the value
	if( !isset( $g_cache_file_count[$p_bug_id] ) ) {		if( !isset( $g_cache_file_count[$p_bug_id] ) ) {
	file_bug_attachment_count_cache( array( (int)$p_bug_id ) );		file_bug_attachment_count_cache( array( (int)$p_bug_id ) );
	}		}
	return $g_cache_file_count[$p_bug_id];		return $g_cache_file_count[$p_bug_id];
	}		}
	/**		/**
	* Clear a bug from the cache or all bugs if no bug id specified.		* Clear a bug from the cache or all bugs if no bug id specified.
	* @param integer $p_bug_id A bug identifier to clear (optional).		* @param integer $p_bug_id A bug identifier to clear (optional).
	* @return boolean		* @return boolean
	* @access public		* @access public
	*/		*/
	function file_bug_attachment_count_clear_cache( $p_bug_id = null ) {		function file_bug_attachment_count_clear_cache( $p_bug_id = null ) {
	global $g_cache_file_count;		global $g_cache_file_count;
	if( null === $p_bug_id ) {		if( null === $p_bug_id ) {
	$g_cache_file_count = array();		$g_cache_file_count = array();
	} else {		} else {
	unset( $g_cache_file_count[(int)$p_bug_id] );		unset( $g_cache_file_count[(int)$p_bug_id] );
	}		}
	return true;		return true;
	}		}
	/**		/**
	* Check if a specific bug has attachments		* Check if a specific bug has attachments
	* @param integer $p_bug_id A bug identifier.		* @param integer $p_bug_id A bug identifier.
	* @return boolean		* @return boolean
	*/		*/
	function file_bug_has_attachments( $p_bug_id ) {		function file_bug_has_attachments( $p_bug_id ) {
	if( file_bug_attachment_count( $p_bug_id ) > 0 ) {		if( file_bug_attachment_count( $p_bug_id ) > 0 ) {
	return true;		return true;
	} else {		} else {
	return false;		return false;
	}		}
	}		}
	/**		/**
	* Check if the current user can view attachments for the specified bug.		* Check if the current user can view attachments for the specified bug.
	* @param integer $p_bug_id           A bug identifier.		* @param integer $p_bug_id           A bug identifier.
	* @param integer $p_uploader_user_id An user identifier.		* @param integer $p_uploader_user_id An user identifier.
	* @return boolean		* @return boolean
	*/		*/
	function file_can_view_bug_attachments( $p_bug_id, $p_uploader_user_id = null ) {		function file_can_view_bug_attachments( $p_bug_id, $p_uploader_user_id = null ) {
	$t_uploaded_by_me = auth_get_current_user_id() === $p_uploader_user_id;		$t_uploaded_by_me = auth_get_current_user_id() === $p_uploader_user_id;
	$t_can_view = access_has_bug_level( config_get( 'view_attachments_threshold' ), $p_bug_id );		$t_can_view = access_has_bug_level( config_get( 'view_attachments_threshold' ), $p_bug_id );
	$t_can_view = $t_can_view || ( $t_uploaded_by_me && config_get( 'allow_view_own_attachments' ) );		$t_can_view = $t_can_view || ( $t_uploaded_by_me && config_get( 'allow_view_own_attachments' ) );
	return $t_can_view;		return $t_can_view;
	}		}
	/**		/**
	* Check if the current user can download attachments for the specified bug.		* Check if the current user can download attachments for the specified bug.
	* @param integer $p_bug_id           A bug identifier.		* @param integer $p_bug_id           A bug identifier.
	* @param integer $p_uploader_user_id An user identifier.		* @param integer $p_uploader_user_id An user identifier.
	* @return boolean		* @return boolean
	*/		*/
	function file_can_download_bug_attachments( $p_bug_id, $p_uploader_user_id = null ) {		function file_can_download_bug_attachments( $p_bug_id, $p_uploader_user_id = null ) {
	$t_uploaded_by_me = auth_get_current_user_id() === $p_uploader_user_id;		$t_uploaded_by_me = auth_get_current_user_id() === $p_uploader_user_id;
	$t_can_download = access_has_bug_level( config_get( 'download_attachments_threshold', null, null, bug_get_field( $p_bug_id, 'project_id' ) ), $p_bug_id );		$t_can_download = access_has_bug_level( config_get( 'download_attachments_threshold', null, null, bug_get_field( $p_bug_id, 'project_id' ) ), $p_bug_id );
	$t_can_download = $t_can_download || ( $t_uploaded_by_me && config_get( 'allow_download_own_attachments', null, null, bug_get_field( $p_bug_id, 'project_id' ) ) );		$t_can_download = $t_can_download || ( $t_uploaded_by_me && config_get( 'allow_download_own_attachments', null, null, bug_get_field( $p_bug_id, 'project_id' ) ) );
	return $t_can_download;		return $t_can_download;
	}		}
	/**		/**
	* Check if the current user can delete attachments from the specified bug.		* Check if the current user can delete attachments from the specified bug.
	* @param integer $p_bug_id           A bug identifier.		* @param integer $p_bug_id           A bug identifier.
	* @param integer $p_uploader_user_id An user identifier.		* @param integer $p_uploader_user_id An user identifier.
	* @return boolean		* @return boolean
	*/		*/
	function file_can_delete_bug_attachments( $p_bug_id, $p_uploader_user_id = null ) {		function file_can_delete_bug_attachments( $p_bug_id, $p_uploader_user_id = null ) {
	if( bug_is_readonly( $p_bug_id ) ) {		if( bug_is_readonly( $p_bug_id ) ) {
	return false;		return false;
	}		}
	$t_uploaded_by_me = auth_get_current_user_id() === $p_uploader_user_id;		$t_uploaded_by_me = auth_get_current_user_id() === $p_uploader_user_id;
	$t_can_delete = access_has_bug_level( config_get( 'delete_attachments_threshold' ), $p_bug_id );		$t_can_delete = access_has_bug_level( config_get( 'delete_attachments_threshold' ), $p_bug_id );
	$t_can_delete = $t_can_delete || ( $t_uploaded_by_me && config_get( 'allow_delete_own_attachments' ) );		$t_can_delete = $t_can_delete || ( $t_uploaded_by_me && config_get( 'allow_delete_own_attachments' ) );
	return $t_can_delete;		return $t_can_delete;
	}		}
	/**		/**
	* Get icon corresponding to the specified filename		* Get icon corresponding to the specified filename
	* returns an associative array with "url" and "alt" text.		* returns an associative array with "url" and "alt" text.
	* @param string $p_display_filename Filename.		* @param string $p_display_filename Filename.
	* @return array		* @return array
	*/		*/
	function file_get_icon_url( $p_display_filename ) {		function file_get_icon_url( $p_display_filename ) {
	$t_file_type_icons = config_get_global( 'file_type_icons' );		$t_file_type_icons = config_get_global( 'file_type_icons' );
	$t_ext = utf8_strtolower( pathinfo( $p_display_filename, PATHINFO_EXTENSION ) );		$t_ext = utf8_strtolower( pathinfo( $p_display_filename, PATHINFO_EXTENSION ) );
	if( is_blank( $t_ext ) || !isset( $t_file_type_icons[$t_ext] ) ) {		if( is_blank( $t_ext ) || !isset( $t_file_type_icons[$t_ext] ) ) {
	$t_ext = '?';		$t_ext = '?';
	}		}
	$t_name = $t_file_type_icons[$t_ext];		$t_name = $t_file_type_icons[$t_ext];
	return array( 'url' => $t_name, 'alt' => $t_ext );		return array( 'url' => $t_name, 'alt' => $t_ext );
	}		}
	/**		/**
	* Combines a path and a file name making sure that the separator exists.		* Combines a path and a file name making sure that the separator exists.
	*		*
	* @param string $p_path     The path.		* @param string $p_path     The path.
	* @param string $p_filename The file name.		* @param string $p_filename The file name.
	* @return string The combined full path.		* @return string The combined full path.
	*/		*/
	function file_path_combine( $p_path, $p_filename ) {		function file_path_combine( $p_path, $p_filename ) {
	$t_path = rtrim( $p_path, '/\\' ) . DIRECTORY_SEPARATOR;		$t_path = rtrim( $p_path, '/\\' ) . DIRECTORY_SEPARATOR;
	$t_path .= $p_filename;		$t_path .= $p_filename;
	return $t_path;		return $t_path;
	}		}
	/**		/**
	* Normalizes the disk file path based on the following algorithm:		* Normalizes the disk file path based on the following algorithm:
	* 1. If disk file exists, then return as is.		* 1. If disk file exists, then return as is.
	* 2. If not, and a project path is available, then check with that, if exists return it.		* 2. If not, and a project path is available, then check with that, if exists return it.
	* 3. If not, then use default upload path, then check with that, if exists return it.		* 3. If not, then use default upload path, then check with that, if exists return it.
	* 4. If disk file does not include a path, then return expected path based on project path or default path.		* 4. If disk file does not include a path, then return expected path based on project path or default path.
	* 5. Otherwise return as is.		* 5. Otherwise return as is.
	*		*
	* @param string  $p_diskfile   The disk file (full path or just filename).		* @param string  $p_diskfile   The disk file (full path or just filename).
	* @param integer $p_project_id The project id - shouldn't be 0 (ALL_PROJECTS).		* @param integer $p_project_id The project id - shouldn't be 0 (ALL_PROJECTS).
	* @return string The normalized full path.		* @return string The normalized full path.
	*/		*/
	function file_normalize_attachment_path( $p_diskfile, $p_project_id ) {		function file_normalize_attachment_path( $p_diskfile, $p_project_id ) {
	if( file_exists( $p_diskfile ) ) {		if( file_exists( $p_diskfile ) ) {
	return $p_diskfile;		return $p_diskfile;
	}		}
	$t_basename = basename( $p_diskfile );		$t_basename = basename( $p_diskfile );
	$t_expected_file_path = '';		$t_expected_file_path = '';
	if( $p_project_id != ALL_PROJECTS ) {		if( $p_project_id != ALL_PROJECTS ) {
	$t_path = project_get_field( $p_project_id, 'file_path' );		$t_path = project_get_field( $p_project_id, 'file_path' );
	if( !is_blank( $t_path ) ) {		if( !is_blank( $t_path ) ) {
	$t_diskfile = file_path_combine( $t_path, $t_basename );		$t_diskfile = file_path_combine( $t_path, $t_basename );
	if( file_exists( $t_diskfile ) ) {		if( file_exists( $t_diskfile ) ) {
	return $t_diskfile;		return $t_diskfile;
	}		}
	# if we don't find the file, then this is the path we want to return.		# if we don't find the file, then this is the path we want to return.
	$t_expected_file_path = $t_diskfile;		$t_expected_file_path = $t_diskfile;
	}		}
	}		}
	$t_path = config_get_global( 'absolute_path_default_upload_folder' );		$t_path = config_get_global( 'absolute_path_default_upload_folder' );
	if( !is_blank( $t_path ) ) {		if( !is_blank( $t_path ) ) {
	$t_diskfile = file_path_combine( $t_path, $t_basename );		$t_diskfile = file_path_combine( $t_path, $t_basename );
	if( file_exists( $t_diskfile ) ) {		if( file_exists( $t_diskfile ) ) {
	return $t_diskfile;		return $t_diskfile;
	}		}
	# if the expected path not set to project directory, then set it to default directory.		# if the expected path not set to project directory, then set it to default directory.
	if( is_blank( $t_expected_file_path ) ) {		if( is_blank( $t_expected_file_path ) ) {
	$t_expected_file_path = $t_diskfile;		$t_expected_file_path = $t_diskfile;
	}		}
	}		}
	# if diskfile doesn't include a path, then use the expected filename.		# if diskfile doesn't include a path, then use the expected filename.
	if( ( strstr( $p_diskfile, DIRECTORY_SEPARATOR ) === false ||		if( ( strstr( $p_diskfile, DIRECTORY_SEPARATOR ) === false ||
	strstr( $p_diskfile, '\\' ) === false ) &&		strstr( $p_diskfile, '\\' ) === false ) &&
	!is_blank( $t_expected_file_path ) ) {		!is_blank( $t_expected_file_path ) ) {
	return $t_expected_file_path;		return $t_expected_file_path;
	}		}
	# otherwise return as is.		# otherwise return as is.
	return $p_diskfile;		return $p_diskfile;
	}		}
	/**		/**
	* Gets an array of attachments that are visible to the currently logged in user.		* Gets an array of attachments that are visible to the currently logged in user.
	* Each element of the array contains the following:		* Each element of the array contains the following:
	* display_name - The attachment display name (i.e. file name dot extension)		* display_name - The attachment display name (i.e. file name dot extension)
	* size - The attachment size in bytes.		* size - The attachment size in bytes.
	* date_added - The date where the attachment was added.		* date_added - The date where the attachment was added.
	* can_download - true: logged in user has access to download the attachment, false: otherwise.		* can_download - true: logged in user has access to download the attachment, false: otherwise.
	* diskfile - The name of the file on disk.  Typically this is a hash without an extension.		* diskfile - The name of the file on disk.  Typically this is a hash without an extension.
	* download_url - The download URL for the attachment (only set if can_download is true).		* download_url - The download URL for the attachment (only set if can_download is true).
	* exists - Applicable for DISK attachments.  true: file exists, otherwise false.		* exists - Applicable for DISK attachments.  true: file exists, otherwise false.
	* can_delete - The logged in user can delete the attachments.		* can_delete - The logged in user can delete the attachments.
	* preview - true: the attachment should be previewable, otherwise false.		* preview - true: the attachment should be previewable, otherwise false.
	* type - Can be "image", "text" or empty for other types.		* type - Can be "image", "text" or empty for other types.
	* alt - The alternate text to be associated with the icon.		* alt - The alternate text to be associated with the icon.
	* icon - array with icon information, contains 'url' and 'alt' elements.		* icon - array with icon information, contains 'url' and 'alt' elements.
	* @param integer $p_bug_id A bug identifier.		* @param integer $p_bug_id A bug identifier.
	* @return array		* @return array
	*/		*/
	function file_get_visible_attachments( $p_bug_id ) {		function file_get_visible_attachments( $p_bug_id ) {
	$t_attachment_rows = bug_get_attachments( $p_bug_id );		$t_attachment_rows = bug_get_attachments( $p_bug_id );
	$t_visible_attachments = array();		$t_visible_attachments = array();
	$t_attachments_count = count( $t_attachment_rows );		$t_attachments_count = count( $t_attachment_rows );
	if( $t_attachments_count === 0 ) {		if( $t_attachments_count === 0 ) {
	return $t_visible_attachments;		return $t_visible_attachments;
	}		}
	$t_attachments = array();		$t_attachments = array();
	$t_preview_text_ext = config_get( 'preview_text_extensions' );		$t_preview_text_ext = config_get( 'preview_text_extensions' );
	$t_preview_image_ext = config_get( 'preview_image_extensions' );		$t_preview_image_ext = config_get( 'preview_image_extensions' );
	$t_image_previewed = false;		$t_image_previewed = false;
	for( $i = 0;$i < $t_attachments_count;$i++ ) {		for( $i = 0;$i < $t_attachments_count;$i++ ) {
	$t_row = $t_attachment_rows[$i];		$t_row = $t_attachment_rows[$i];
	$t_user_id = (int)$t_row['user_id'];		$t_user_id = (int)$t_row['user_id'];
	if( !file_can_view_bug_attachments( $p_bug_id, $t_user_id ) ) {		if( !file_can_view_bug_attachments( $p_bug_id, $t_user_id ) ) {
	continue;		continue;
	}		}
	$t_id = $t_row['id'];		$t_id = $t_row['id'];
	$t_filename = $t_row['filename'];		$t_filename = $t_row['filename'];
	$t_filesize = $t_row['filesize'];		$t_filesize = $t_row['filesize'];
	$t_diskfile = file_normalize_attachment_path( $t_row['diskfile'], bug_get_field( $p_bug_id, 'project_id' ) );		$t_diskfile = file_normalize_attachment_path( $t_row['diskfile'], bug_get_field( $p_bug_id, 'project_id' ) );
	$t_date_added = $t_row['date_added'];		$t_date_added = $t_row['date_added'];
	$t_attachment = array();		$t_attachment = array();
	$t_attachment['id'] = $t_id;		$t_attachment['id'] = $t_id;
	$t_attachment['user_id'] = $t_user_id;		$t_attachment['user_id'] = $t_user_id;
	$t_attachment['display_name'] = file_get_display_name( $t_filename );		$t_attachment['display_name'] = file_get_display_name( $t_filename );
	$t_attachment['size'] = $t_filesize;		$t_attachment['size'] = $t_filesize;
	$t_attachment['date_added'] = $t_date_added;		$t_attachment['date_added'] = $t_date_added;
	$t_attachment['diskfile'] = $t_diskfile;		$t_attachment['diskfile'] = $t_diskfile;
	$t_attachment['can_download'] = file_can_download_bug_attachments( $p_bug_id, (int)$t_row['user_id'] );		$t_attachment['can_download'] = file_can_download_bug_attachments( $p_bug_id, (int)$t_row['user_id'] );
	$t_attachment['can_delete'] = file_can_delete_bug_attachments( $p_bug_id, (int)$t_row['user_id'] );		$t_attachment['can_delete'] = file_can_delete_bug_attachments( $p_bug_id, (int)$t_row['user_id'] );
	if( $t_attachment['can_download'] ) {		if( $t_attachment['can_download'] ) {
	$t_attachment['download_url'] = 'file_download.php?file_id=' . $t_id . '&type=bug';		$t_attachment['download_url'] = 'file_download.php?file_id=' . $t_id . '&type=bug';
	}		}
	if( $t_image_previewed ) {		if( $t_image_previewed ) {
	$t_image_previewed = false;		$t_image_previewed = false;
	}		}
	$t_attachment['exists'] = config_get( 'file_upload_method' ) != DISK || file_exists( $t_diskfile );		$t_attachment['exists'] = config_get( 'file_upload_method' ) != DISK || file_exists( $t_diskfile );
	$t_attachment['icon'] = file_get_icon_url( $t_attachment['display_name'] );		$t_attachment['icon'] = file_get_icon_url( $t_attachment['display_name'] );
	$t_attachment['preview'] = false;		$t_attachment['preview'] = false;
	$t_attachment['type'] = '';		$t_attachment['type'] = '';
	$t_ext = strtolower( pathinfo( $t_attachment['display_name'], PATHINFO_EXTENSION ) );		$t_ext = strtolower( pathinfo( $t_attachment['display_name'], PATHINFO_EXTENSION ) );
	$t_attachment['alt'] = $t_ext;		$t_attachment['alt'] = $t_ext;
	if( $t_attachment['exists'] && $t_attachment['can_download'] && $t_filesize != 0 && $t_filesize <= config_get( 'preview_attachments_inline_max_size' ) ) {		if( $t_attachment['exists'] && $t_attachment['can_download'] && $t_filesize != 0 && $t_filesize <= config_get( 'preview_attachments_inline_max_size' ) ) {
	if( in_array( $t_ext, $t_preview_text_ext, true ) ) {		if( in_array( $t_ext, $t_preview_text_ext, true ) ) {
	$t_attachment['preview'] = true;		$t_attachment['preview'] = true;
	$t_attachment['type'] = 'text';		$t_attachment['type'] = 'text';
	} else if( in_array( $t_ext, $t_preview_image_ext, true ) ) {		} else if( in_array( $t_ext, $t_preview_image_ext, true ) ) {
	$t_attachment['preview'] = true;		$t_attachment['preview'] = true;
	$t_attachment['type'] = 'image';		$t_attachment['type'] = 'image';
	}		}
	}		}
	$t_attachments[] = $t_attachment;		$t_attachments[] = $t_attachment;
	}		}
	return $t_attachments;		return $t_attachments;
	}		}
	/**		/**
	* delete all files that are associated with the given bug		* delete all files that are associated with the given bug
	* @param integer $p_bug_id A bug identifier.		* @param integer $p_bug_id A bug identifier.
	* @return boolean		* @return boolean
	*/		*/
	function file_delete_attachments( $p_bug_id ) {		function file_delete_attachments( $p_bug_id ) {
	$t_method = config_get( 'file_upload_method' );		$t_method = config_get( 'file_upload_method' );
	# Delete files from disk		# Delete files from disk
	db_param_push();		db_param_push();
	$t_query = 'SELECT diskfile, filename FROM {bug_file} WHERE bug_id=' . db_param();		$t_query = 'SELECT diskfile, filename FROM {bug_file} WHERE bug_id=' . db_param();
	$t_result = db_query( $t_query, array( $p_bug_id ) );		$t_result = db_query( $t_query, array( $p_bug_id ) );
	$t_file_count = db_num_rows( $t_result );		$t_file_count = db_num_rows( $t_result );
	if( 0 == $t_file_count ) {		if( 0 == $t_file_count ) {
	return true;		return true;
	}		}
	if( DISK == $t_method ) {		if( DISK == $t_method ) {
	for( $i = 0; $i < $t_file_count; $i++ ) {		for( $i = 0; $i < $t_file_count; $i++ ) {
	$t_row = db_fetch_array( $t_result );		$t_row = db_fetch_array( $t_result );
	$t_local_diskfile = file_normalize_attachment_path( $t_row['diskfile'], bug_get_field( $p_bug_id, 'project_id' ) );		$t_local_diskfile = file_normalize_attachment_path( $t_row['diskfile'], bug_get_field( $p_bug_id, 'project_id' ) );
	file_delete_local( $t_local_diskfile );		file_delete_local( $t_local_diskfile );
	}		}
	}		}
	# Delete the corresponding db records		# Delete the corresponding db records
	db_param_push();		db_param_push();
	$t_query = 'DELETE FROM {bug_file} WHERE bug_id=' . db_param();		$t_query = 'DELETE FROM {bug_file} WHERE bug_id=' . db_param();
	db_query( $t_query, array( $p_bug_id ) );		db_query( $t_query, array( $p_bug_id ) );
	# db_query() errors on failure so:		# db_query() errors on failure so:
	return true;		return true;
	}		}
	/**		/**
	* Delete files by project		* Delete files by project
	* @param integer $p_project_id A project identifier.		* @param integer $p_project_id A project identifier.
	* @return void		* @return void
	*/		*/
	function file_delete_project_files( $p_project_id ) {		function file_delete_project_files( $p_project_id ) {
	$t_method = config_get( 'file_upload_method' );		$t_method = config_get( 'file_upload_method' );
	# Delete the file physically (if stored via DISK)		# Delete the file physically (if stored via DISK)
	if( DISK == $t_method ) {		if( DISK == $t_method ) {
	# Delete files from disk		# Delete files from disk
	db_param_push();		db_param_push();
	$t_query = 'SELECT diskfile, filename FROM {project_file} WHERE project_id=' . db_param();		$t_query = 'SELECT diskfile, filename FROM {project_file} WHERE project_id=' . db_param();
	$t_result = db_query( $t_query, array( (int)$p_project_id ) );		$t_result = db_query( $t_query, array( (int)$p_project_id ) );
	$t_file_count = db_num_rows( $t_result );		$t_file_count = db_num_rows( $t_result );
	for( $i = 0;$i < $t_file_count;$i++ ) {		for( $i = 0;$i < $t_file_count;$i++ ) {
	$t_row = db_fetch_array( $t_result );		$t_row = db_fetch_array( $t_result );
	$t_local_diskfile = file_normalize_attachment_path( $t_row['diskfile'], $p_project_id );		$t_local_diskfile = file_normalize_attachment_path( $t_row['diskfile'], $p_project_id );
	file_delete_local( $t_local_diskfile );		file_delete_local( $t_local_diskfile );
	}		}
	}		}
	# Delete the corresponding database records		# Delete the corresponding database records
	db_param_push();		db_param_push();
	$t_query = 'DELETE FROM {project_file} WHERE project_id=' . db_param();		$t_query = 'DELETE FROM {project_file} WHERE project_id=' . db_param();
	db_query( $t_query, array( (int)$p_project_id ) );		db_query( $t_query, array( (int)$p_project_id ) );
	}		}
	/**		/**
	* Delete a local file even if it is read-only.		* Delete a local file even if it is read-only.
	* @param string $p_filename File name.		* @param string $p_filename File name.
	* @return void		* @return void
	*/		*/
	function file_delete_local( $p_filename ) {		function file_delete_local( $p_filename ) {
	if( file_exists( $p_filename ) ) {		if( file_exists( $p_filename ) ) {
	chmod( $p_filename, 0775 );		chmod( $p_filename, 0775 );
	unlink( $p_filename );		unlink( $p_filename );
	}		}
	}		}
	/**		/**
	* Return the specified field value		* Return the specified field value
	* @param integer $p_file_id    File identifier.		* @param integer $p_file_id    File identifier.
	* @param string  $p_field_name Database field name to retrieve.		* @param string  $p_field_name Database field name to retrieve.
	* @param string  $p_table      Database table name.		* @param string  $p_table      Database table name.
	* @return string		* @return string
	*/		*/
	function file_get_field( $p_file_id, $p_field_name, $p_table = 'bug' ) {		function file_get_field( $p_file_id, $p_field_name, $p_table = 'bug' ) {
	$t_bug_file_table = db_get_table( $p_table . '_file' );		$t_bug_file_table = db_get_table( $p_table . '_file' );
	if( !db_field_exists( $p_field_name, $t_bug_file_table ) ) {		if( !db_field_exists( $p_field_name, $t_bug_file_table ) ) {
	trigger_error( ERROR_DB_FIELD_NOT_FOUND, ERROR );		trigger_error( ERROR_DB_FIELD_NOT_FOUND, ERROR );
	}		}
	db_param_push();		db_param_push();
	$t_query = 'SELECT ' . $p_field_name . ' FROM ' . $t_bug_file_table . ' WHERE id=' . db_param();		$t_query = 'SELECT ' . $p_field_name . ' FROM ' . $t_bug_file_table . ' WHERE id=' . db_param();
	$t_result = db_query( $t_query, array( (int)$p_file_id ), 1 );		$t_result = db_query( $t_query, array( (int)$p_file_id ), 1 );
	return db_result( $t_result );		return db_result( $t_result );
	}		}
	/**		/**
	* Delete File		* Delete File
	* @param integer $p_file_id File identifier.		* @param integer $p_file_id File identifier.
	* @param string  $p_table   Table identifier.		* @param string  $p_table   Table identifier.
	* @return boolean		* @return boolean
	*/		*/
	function file_delete( $p_file_id, $p_table = 'bug' ) {		function file_delete( $p_file_id, $p_table = 'bug' ) {
	$t_upload_method = config_get( 'file_upload_method' );		$t_upload_method = config_get( 'file_upload_method' );
	$c_file_id = (int)$p_file_id;		$c_file_id = (int)$p_file_id;
	$t_filename = file_get_field( $p_file_id, 'filename', $p_table );		$t_filename = file_get_field( $p_file_id, 'filename', $p_table );
	$t_diskfile = file_get_field( $p_file_id, 'diskfile', $p_table );		$t_diskfile = file_get_field( $p_file_id, 'diskfile', $p_table );
	if( $p_table == 'bug' ) {		if( $p_table == 'bug' ) {
	$t_bug_id = file_get_field( $p_file_id, 'bug_id', $p_table );		$t_bug_id = file_get_field( $p_file_id, 'bug_id', $p_table );
	$t_project_id = bug_get_field( $t_bug_id, 'project_id' );		$t_project_id = bug_get_field( $t_bug_id, 'project_id' );
	} else {		} else {
	$t_project_id = file_get_field( $p_file_id, 'project_id', $p_table );		$t_project_id = file_get_field( $p_file_id, 'project_id', $p_table );
	}		}
	if( DISK == $t_upload_method ) {		if( DISK == $t_upload_method ) {
	$t_local_disk_file = file_normalize_attachment_path( $t_diskfile, $t_project_id );		$t_local_disk_file = file_normalize_attachment_path( $t_diskfile, $t_project_id );
	if( file_exists( $t_local_disk_file ) ) {		if( file_exists( $t_local_disk_file ) ) {
	file_delete_local( $t_local_disk_file );		file_delete_local( $t_local_disk_file );
	}		}
	}		}
	if( 'bug' == $p_table ) {		if( 'bug' == $p_table ) {
	# log file deletion		# log file deletion
	history_log_event_special( $t_bug_id, FILE_DELETED, file_get_display_name( $t_filename ) );		history_log_event_special( $t_bug_id, FILE_DELETED, file_get_display_name( $t_filename ) );
	}		}
	$t_file_table = db_get_table( $p_table . '_file' );		$t_file_table = db_get_table( $p_table . '_file' );
	db_param_push();		db_param_push();
	$t_query = 'DELETE FROM ' . $t_file_table . ' WHERE id=' . db_param();		$t_query = 'DELETE FROM ' . $t_file_table . ' WHERE id=' . db_param();
	db_query( $t_query, array( $c_file_id ) );		db_query( $t_query, array( $c_file_id ) );
	return true;		return true;
	}		}
	/**		/**
	* File type check		* File type check
	* @param string $p_file_name File name.		* @param string $p_file_name File name.
	* @return boolean		* @return boolean
	*/		*/
	function file_type_check( $p_file_name ) {		function file_type_check( $p_file_name ) {
	$t_allowed_files = config_get( 'allowed_files' );		$t_allowed_files = config_get( 'allowed_files' );
	$t_disallowed_files = config_get( 'disallowed_files' );		$t_disallowed_files = config_get( 'disallowed_files' );
	# grab extension		# grab extension
	$t_extension = pathinfo( $p_file_name, PATHINFO_EXTENSION );		$t_extension = pathinfo( $p_file_name, PATHINFO_EXTENSION );
	# check against disallowed files		# check against disallowed files
	if( !is_blank( $t_disallowed_files ) ) {		if( !is_blank( $t_disallowed_files ) ) {
	$t_disallowed_arr = explode( ',', $t_disallowed_files );		$t_disallowed_arr = explode( ',', $t_disallowed_files );
	foreach( $t_disallowed_arr as $t_val ) {		foreach( $t_disallowed_arr as $t_val ) {
	if( 0 == strcasecmp( $t_val, $t_extension ) ) {		if( 0 == strcasecmp( $t_val, $t_extension ) ) {
	return false;		return false;
	}		}
	}		}
	}		}
	# if the allowed list is note populated then the file must be allowed		# if the allowed list is note populated then the file must be allowed
	if( is_blank( $t_allowed_files ) ) {		if( is_blank( $t_allowed_files ) ) {
	return true;		return true;
	}		}
	# check against allowed files		# check against allowed files
	$t_allowed_arr = explode( ',', $t_allowed_files );		$t_allowed_arr = explode( ',', $t_allowed_files );
	foreach( $t_allowed_arr as $t_val ) {		foreach( $t_allowed_arr as $t_val ) {
	if( 0 == strcasecmp( $t_val, $t_extension ) ) {		if( 0 == strcasecmp( $t_val, $t_extension ) ) {
	return true;		return true;
	}		}
	}		}
	return false;		return false;
	}		}
	/**		/**
	* clean file name by removing sensitive characters and replacing them with underscores		* clean file name by removing sensitive characters and replacing them with underscores
	* @param string $p_filename File name.		* @param string $p_filename File name.
	* @return string		* @return string
	*/		*/
	function file_clean_name( $p_filename ) {		function file_clean_name( $p_filename ) {
	return preg_replace( '/[\/*?"<>|\\ :&]/', '_', $p_filename );		return preg_replace( '/[\/*?"<>|\\ :&]/', '_', $p_filename );
	}		}
	/**		/**
	* Generate a UNIQUE string for a given file path to use as the identifier for the file		* Generate a UNIQUE string for a given file path to use as the identifier for the file
	* The string returned should be 32 characters in length		* The string returned should be 32 characters in length
	* @param string $p_filepath File path.		* @param string $p_filepath File path.
	* @return string		* @return string
	*/		*/
	function file_generate_unique_name( $p_filepath ) {		function file_generate_unique_name( $p_filepath ) {
	do {		do {
	$t_string = md5( crypto_generate_random_string( 32, false ) );		$t_string = md5( crypto_generate_random_string( 32, false ) );
	} while( !diskfile_is_name_unique( $t_string, $p_filepath ) );		} while( !diskfile_is_name_unique( $t_string, $p_filepath ) );
	return $t_string;		return $t_string;
	}		}
	/**		/**
	* Validates that the given disk file name identifier is unique, checking both		* Validates that the given disk file name identifier is unique, checking both
	* in the DB tables (bug and project) and on disk.		* in the DB tables (bug and project) and on disk.
	* This ensures that in case a file has been deleted from disk but its record		* This ensures that in case a file has been deleted from disk but its record
	* remains in the DB, we never get in a situation where the DB points to a file		* remains in the DB, we never get in a situation where the DB points to a file
	* which is not the originally uploaded one.		* which is not the originally uploaded one.
	* @param string $p_name     File name.		* @param string $p_name     File name.
	* @param string $p_filepath File path.		* @param string $p_filepath File path.
	* @return boolean true if unique		* @return boolean true if unique
	*/		*/
	function diskfile_is_name_unique( $p_name, $p_filepath ) {		function diskfile_is_name_unique( $p_name, $p_filepath ) {
	$c_name = $p_filepath . $p_name;		$c_name = $p_filepath . $p_name;
	db_param_push();		db_param_push();
	$t_query = 'SELECT count(*)		$t_query = 'SELECT count(*)
	FROM (		FROM (
	SELECT diskfile FROM {bug_file} WHERE diskfile=' . db_param() . '		SELECT diskfile FROM {bug_file} WHERE diskfile=' . db_param() . '
	UNION		UNION
	SELECT diskfile FROM {project_file} WHERE diskfile=' . db_param() . '		SELECT diskfile FROM {project_file} WHERE diskfile=' . db_param() . '
	) f';		) f';
	$t_result = db_query( $t_query, array( $c_name, $c_name) );		$t_result = db_query( $t_query, array( $c_name, $c_name) );
	$t_count = db_result( $t_result );		$t_count = db_result( $t_result );
	return ( $t_count == 0 ) && !file_exists( $c_name );		return ( $t_count == 0 ) && !file_exists( $c_name );
	}		}
	/**		/**
	* Validates that the given file name is unique in the given context (we don't		* Validates that the given file name is unique in the given context (we don't
	* allow multiple attachments with the same name for a given bug or project)		* allow multiple attachments with the same name for a given bug or project)
	* @param string  $p_name   File name.		* @param string  $p_name   File name.
	* @param integer $p_bug_id A bug identifier (not used for project files).		* @param integer $p_bug_id A bug identifier (not used for project files).
	* @param string  $p_table  Optional file table to check: 'project' or 'bug' (default).		* @param string  $p_table  Optional file table to check: 'project' or 'bug' (default).
	* @return boolean true if unique		* @return boolean true if unique
	*/		*/
	function file_is_name_unique( $p_name, $p_bug_id, $p_table = 'bug' ) {		function file_is_name_unique( $p_name, $p_bug_id, $p_table = 'bug' ) {
	$t_file_table = db_get_table( "${p_table}_file" );		$t_file_table = db_get_table( "${p_table}_file" );
	db_param_push();		db_param_push();
	$t_query = 'SELECT COUNT(*) FROM ' . $t_file_table . ' WHERE filename=' . db_param();		$t_query = 'SELECT COUNT(*) FROM ' . $t_file_table . ' WHERE filename=' . db_param();
	$t_param = array( $p_name );		$t_param = array( $p_name );
	if( $p_table == 'bug' ) {		if( $p_table == 'bug' ) {
	$t_query .= ' AND bug_id=' . db_param();		$t_query .= ' AND bug_id=' . db_param();
	$t_param[] = $p_bug_id;		$t_param[] = $p_bug_id;
	}		}
	$t_result = db_query( $t_query, $t_param );		$t_result = db_query( $t_query, $t_param );
	$t_count = db_result( $t_result );		$t_count = db_result( $t_result );
	return ( $t_count == 0 );		return ( $t_count == 0 );
	}		}
	/**		/**
	* Add a file to the system using the configured storage method		* Add a file to the system using the configured storage method
	*		*
	* @param integer $p_bug_id          The bug id (should be 0 when adding project doc).		* @param integer $p_bug_id          The bug id (should be 0 when adding project doc).
	* @param array   $p_file            The uploaded file info, as retrieved from gpc_get_file().		* @param array   $p_file            The uploaded file info, as retrieved from gpc_get_file().
	* @param string  $p_table           Either 'bug' or 'project' depending on attachment type.		* @param string  $p_table           Either 'bug' or 'project' depending on attachment type.
	* @param string  $p_title           File title.		* @param string  $p_title           File title.
	* @param string  $p_desc            File description.		* @param string  $p_desc            File description.
	* @param integer $p_user_id         User id (defaults to current user).		* @param integer $p_user_id         User id (defaults to current user).
	* @param integer $p_date_added      Date added.		* @param integer $p_date_added      Date added.
	* @param boolean $p_skip_bug_update Skip bug last modification update (useful when importing bug attachments).		* @param boolean $p_skip_bug_update Skip bug last modification update (useful when importing bug attachments).
	* @return array The file info array (keys: name, size)		* @return array The file info array (keys: name, size)
	*/		*/
	function file_add( $p_bug_id, array $p_file, $p_table = 'bug', $p_title = '', $p_desc = '', $p_user_id = null, $p_date_added = 0, $p_skip_bug_update = false ) {		function file_add( $p_bug_id, array $p_file, $p_table = 'bug', $p_title = '', $p_desc = '', $p_user_id = null, $p_date_added = 0, $p_skip_bug_update = false ) {
	$t_file_info = array();		$t_file_info = array();
	file_ensure_uploaded( $p_file );		file_ensure_uploaded( $p_file );
	$t_file_name = $p_file['name'];		$t_file_name = $p_file['name'];
	$t_tmp_file = $p_file['tmp_name'];		$t_tmp_file = $p_file['tmp_name'];
	if( !file_type_check( $t_file_name ) ) {		if( !file_type_check( $t_file_name ) ) {
	trigger_error( ERROR_FILE_NOT_ALLOWED, ERROR );		trigger_error( ERROR_FILE_NOT_ALLOWED, ERROR );
	}		}
	$t_org_filename = $t_file_name;		$t_org_filename = $t_file_name;
	$t_suffix_id = 1;		$t_suffix_id = 1;
	while( !file_is_name_unique( $t_file_name, $p_bug_id ) ) {		while( !file_is_name_unique( $t_file_name, $p_bug_id ) ) {
	$t_suffix_id++;		$t_suffix_id++;
	$t_dot_index = strripos( $t_org_filename, '.' );		$t_dot_index = strripos( $t_org_filename, '.' );
	if( $t_dot_index === false ) {		if( $t_dot_index === false ) {
	$t_file_name = $t_org_filename . '-' . $t_suffix_id;		$t_file_name = $t_org_filename . '-' . $t_suffix_id;
	} else {		} else {
	$t_extension = substr( $t_org_filename, $t_dot_index, strlen( $t_org_filename ) - $t_dot_index );		$t_extension = substr( $t_org_filename, $t_dot_index, strlen( $t_org_filename ) - $t_dot_index );
	$t_file_name = substr( $t_org_filename, 0, $t_dot_index ) . '-' . $t_suffix_id . $t_extension;		$t_file_name = substr( $t_org_filename, 0, $t_dot_index ) . '-' . $t_suffix_id . $t_extension;
	}		}
	}		}
	$t_file_info['name'] = $t_file_name;		$t_file_info['name'] = $t_file_name;
	antispam_check();		antispam_check();
	$t_file_size = filesize( $t_tmp_file );		$t_file_size = filesize( $t_tmp_file );
	if( 0 == $t_file_size ) {		if( 0 == $t_file_size ) {
	trigger_error( ERROR_FILE_NO_UPLOAD_FAILURE, ERROR );		trigger_error( ERROR_FILE_NO_UPLOAD_FAILURE, ERROR );
	}		}
	$t_file_info['size'] = $t_file_size;		$t_file_info['size'] = $t_file_size;
	$t_max_file_size = (int)min( ini_get_number( 'upload_max_filesize' ), ini_get_number( 'post_max_size' ), config_get( 'max_file_size' ) );		$t_max_file_size = (int)min( ini_get_number( 'upload_max_filesize' ), ini_get_number( 'post_max_size' ), config_get( 'max_file_size' ) );
	if( $t_file_size > $t_max_file_size ) {		if( $t_file_size > $t_max_file_size ) {
	trigger_error( ERROR_FILE_TOO_BIG, ERROR );		trigger_error( ERROR_FILE_TOO_BIG, ERROR );
	}		}
	if( 'bug' == $p_table ) {		if( 'bug' == $p_table ) {
	$t_project_id = bug_get_field( $p_bug_id, 'project_id' );		$t_project_id = bug_get_field( $p_bug_id, 'project_id' );
	$t_id = (int)$p_bug_id;		$t_id = (int)$p_bug_id;
	} else {		} else {
	$t_project_id = helper_get_current_project();		$t_project_id = helper_get_current_project();
	$t_id = $t_project_id;		$t_id = $t_project_id;
	}		}
	if( $p_user_id === null ) {		if( $p_user_id === null ) {
	$p_user_id = auth_get_current_user_id();		$p_user_id = auth_get_current_user_id();
	}		}
	if( $p_date_added <= 0 ) {		if( $p_date_added <= 0 ) {
	$p_date_added = db_now();		$p_date_added = db_now();
	}		}
	if( $t_project_id == ALL_PROJECTS ) {		if( $t_project_id == ALL_PROJECTS ) {
	$t_file_path = config_get_global( 'absolute_path_default_upload_folder' );		$t_file_path = config_get_global( 'absolute_path_default_upload_folder' );
	} else {		} else {
	$t_file_path = project_get_field( $t_project_id, 'file_path' );		$t_file_path = project_get_field( $t_project_id, 'file_path' );
	if( is_blank( $t_file_path ) ) {		if( is_blank( $t_file_path ) ) {
	$t_file_path = config_get_global( 'absolute_path_default_upload_folder' );		$t_file_path = config_get_global( 'absolute_path_default_upload_folder' );
	}		}
	}		}
	$t_unique_name = file_generate_unique_name( $t_file_path );		$t_unique_name = file_generate_unique_name( $t_file_path );
	$t_method = config_get( 'file_upload_method' );		$t_method = config_get( 'file_upload_method' );
	switch( $t_method ) {		switch( $t_method ) {
	case DISK:		case DISK:
	file_ensure_valid_upload_path( $t_file_path );		file_ensure_valid_upload_path( $t_file_path );
	$t_disk_file_name = $t_file_path . $t_unique_name;		$t_disk_file_name = $t_file_path . $t_unique_name;
	if( !file_exists( $t_disk_file_name ) ) {		if( !file_exists( $t_disk_file_name ) ) {
	if( !move_uploaded_file( $t_tmp_file, $t_disk_file_name ) ) {		if( !move_uploaded_file( $t_tmp_file, $t_disk_file_name ) ) {
	trigger_error( ERROR_FILE_MOVE_FAILED, ERROR );		trigger_error( ERROR_FILE_MOVE_FAILED, ERROR );
	}		}
	chmod( $t_disk_file_name, config_get( 'attachments_file_permissions' ) );		chmod( $t_disk_file_name, config_get( 'attachments_file_permissions' ) );
	$c_content = '';		$c_content = '';
	} else {		} else {
	trigger_error( ERROR_FILE_DUPLICATE, ERROR );		trigger_error( ERROR_FILE_DUPLICATE, ERROR );
	}		}
	break;		break;
	case DATABASE:		case DATABASE:
	$c_content = db_prepare_binary_string( fread( fopen( $t_tmp_file, 'rb' ), $t_file_size ) );		$c_content = db_prepare_binary_string( fread( fopen( $t_tmp_file, 'rb' ), $t_file_size ) );
	$t_file_path = '';		$t_file_path = '';
	break;		break;
	default:		default:
	trigger_error( ERROR_GENERIC, ERROR );		trigger_error( ERROR_GENERIC, ERROR );
	}		}
	$t_file_table = db_get_table( $p_table . '_file' );		$t_file_table = db_get_table( $p_table . '_file' );
	$t_id_col = $p_table . '_id';		$t_id_col = $p_table . '_id';
	db_param_push();		db_param_push();
	$t_param = array(		$t_param = array(
	$t_id_col     => $t_id,		$t_id_col     => $t_id,
	'title'       => $p_title,		'title'       => $p_title,
	'description' => $p_desc,		'description' => $p_desc,
	'diskfile'    => $t_unique_name,		'diskfile'    => $t_unique_name,
	'filename'    => $t_file_name,		'filename'    => $t_file_name,
	'folder'      => $t_file_path,		'folder'      => $t_file_path,
	'filesize'    => $t_file_size,		'filesize'    => $t_file_size,
	'file_type'   => $p_file['type'],		'file_type'   => $p_file['type'],
	'date_added'  => $p_date_added,		'date_added'  => $p_date_added,
	'user_id'     => (int)$p_user_id,		'user_id'     => (int)$p_user_id,
	);		);
	# Oracle has to update BLOBs separately		# Oracle has to update BLOBs separately
	if( !db_is_oracle() ) {		if( !db_is_oracle() && !db_is_mssql() ) {
	$t_param['content'] = $c_content;		$t_param['content'] = $c_content;
	}		}
	$t_query_param = db_param();		$t_query_param = db_param();
	for( $i = 1; $i < count( $t_param ); $i++ ) {		for( $i = 1; $i < count( $t_param ); $i++ ) {
	$t_query_param .= ', ' . db_param();		$t_query_param .= ', ' . db_param();
	}		}
	$t_query = 'INSERT INTO ' . $t_file_table . '		$t_query = 'INSERT INTO ' . $t_file_table . '
	( ' . implode(', ', array_keys( $t_param ) ) . ' )		( ' . implode(', ', array_keys( $t_param ) ) . ' )
	VALUES		VALUES
	( ' . $t_query_param . ' )';		( ' . $t_query_param . ' )';
	db_query( $t_query, array_values( $t_param ) );		db_query( $t_query, array_values( $t_param ) );
	if( db_is_oracle() ) {		if( db_is_oracle() || db_is_mssql()) {
	db_update_blob( $t_file_table, 'content', $c_content, "diskfile='$t_unique_name'" );		db_update_blob( $t_file_table, 'content', $c_content, "diskfile='$t_unique_name'" );
	}		}
	if( 'bug' == $p_table ) {		if( 'bug' == $p_table ) {
	# update the last_updated date		# update the last_updated date
	if( !$p_skip_bug_update ) {		if( !$p_skip_bug_update ) {
	bug_update_date( $p_bug_id );		bug_update_date( $p_bug_id );
	}		}
	# log file added to bug history		# log file added to bug history
	history_log_event_special( $p_bug_id, FILE_ADDED, $t_file_name );		history_log_event_special( $p_bug_id, FILE_ADDED, $t_file_name );
	}		}
	return $t_file_info;		return $t_file_info;
	}		}
	/**		/**
	* Return true if file uploading is enabled (in our config and PHP's), false otherwise		* Return true if file uploading is enabled (in our config and PHP's), false otherwise
	* @return boolean		* @return boolean
	*/		*/
	function file_is_uploading_enabled() {		function file_is_uploading_enabled() {
	if( ini_get_bool( 'file_uploads' ) && ( ON == config_get( 'allow_file_upload' ) ) ) {		if( ini_get_bool( 'file_uploads' ) && ( ON == config_get( 'allow_file_upload' ) ) ) {
	return true;		return true;
	} else {		} else {
	return false;		return false;
	}		}
	}		}
	/**		/**
	* Check if the user can upload files for this project		* Check if the user can upload files for this project
	* return true if they can, false otherwise		* return true if they can, false otherwise
	* the project defaults to the current project and the user to the current user		* the project defaults to the current project and the user to the current user
	* @param integer $p_project_id A project identifier.		* @param integer $p_project_id A project identifier.
	* @param integer $p_user_id    A user identifier.		* @param integer $p_user_id    A user identifier.
	* @return boolean		* @return boolean
	*/		*/
	function file_allow_project_upload( $p_project_id = null, $p_user_id = null ) {		function file_allow_project_upload( $p_project_id = null, $p_user_id = null ) {
	if( null === $p_project_id ) {		if( null === $p_project_id ) {
	$p_project_id = helper_get_current_project();		$p_project_id = helper_get_current_project();
	}		}
	if( null === $p_user_id ) {		if( null === $p_user_id ) {
	$p_user_id = auth_get_current_user_id();		$p_user_id = auth_get_current_user_id();
	}		}
	return( file_is_uploading_enabled() && ( access_has_project_level( config_get( 'upload_project_file_threshold' ), $p_project_id, $p_user_id ) ) );		return( file_is_uploading_enabled() && ( access_has_project_level( config_get( 'upload_project_file_threshold' ), $p_project_id, $p_user_id ) ) );
	}		}
	/**		/**
	* Check if the user can upload files for this bug		* Check if the user can upload files for this bug
	* return true if they can, false otherwise		* return true if they can, false otherwise
	* the user defaults to the current user		* the user defaults to the current user
	*		*
	* if the bug null (the default) we answer whether the user can		* if the bug null (the default) we answer whether the user can
	* upload a file to a new bug in the current project		* upload a file to a new bug in the current project
	* @param integer $p_bug_id  A bug identifier.		* @param integer $p_bug_id  A bug identifier.
	* @param integer $p_user_id A user identifier.		* @param integer $p_user_id A user identifier.
	* @return boolean		* @return boolean
	*/		*/
	function file_allow_bug_upload( $p_bug_id = null, $p_user_id = null ) {		function file_allow_bug_upload( $p_bug_id = null, $p_user_id = null ) {
	if( null === $p_user_id ) {		if( null === $p_user_id ) {
	$p_user_id = auth_get_current_user_id();		$p_user_id = auth_get_current_user_id();
	}		}
	# If uploads are disbled just return false		# If uploads are disbled just return false
	if( !file_is_uploading_enabled() ) {		if( !file_is_uploading_enabled() ) {
	return false;		return false;
	}		}
	if( null === $p_bug_id ) {		if( null === $p_bug_id ) {
	# new bug		# new bug
	$t_project_id = helper_get_current_project();		$t_project_id = helper_get_current_project();
	# the user must be the reporter if they're reporting a new bug		# the user must be the reporter if they're reporting a new bug
	$t_reporter = true;		$t_reporter = true;
	} else {		} else {
	# existing bug		# existing bug
	$t_project_id = bug_get_field( $p_bug_id, 'project_id' );		$t_project_id = bug_get_field( $p_bug_id, 'project_id' );
	# check if the user is the reporter of the bug		# check if the user is the reporter of the bug
	$t_reporter = bug_is_user_reporter( $p_bug_id, $p_user_id );		$t_reporter = bug_is_user_reporter( $p_bug_id, $p_user_id );
	}		}
	if( $t_reporter && ( ON == config_get( 'allow_reporter_upload' ) ) ) {		if( $t_reporter && ( ON == config_get( 'allow_reporter_upload' ) ) ) {
	return true;		return true;
	}		}
	# Check the access level against the config setting		# Check the access level against the config setting
	return access_has_project_level( config_get( 'upload_bug_file_threshold' ), $t_project_id, $p_user_id );		return access_has_project_level( config_get( 'upload_bug_file_threshold' ), $t_project_id, $p_user_id );
	}		}
	/**		/**
	* checks whether the specified upload path exists and is writable		* checks whether the specified upload path exists and is writable
	* @param string $p_upload_path Upload path.		* @param string $p_upload_path Upload path.
	* @return void		* @return void
	*/		*/
	function file_ensure_valid_upload_path( $p_upload_path ) {		function file_ensure_valid_upload_path( $p_upload_path ) {
	if( !file_exists( $p_upload_path ) || !is_dir( $p_upload_path ) || !is_writable( $p_upload_path ) || !is_readable( $p_upload_path ) ) {		if( !file_exists( $p_upload_path ) || !is_dir( $p_upload_path ) || !is_writable( $p_upload_path ) || !is_readable( $p_upload_path ) ) {
	trigger_error( ERROR_FILE_INVALID_UPLOAD_PATH, ERROR );		trigger_error( ERROR_FILE_INVALID_UPLOAD_PATH, ERROR );
	}		}
	}		}
	/**		/**
	* Ensure a file was uploaded		* Ensure a file was uploaded
	*		*
	* This function perform various checks for determining if the upload was successful		* This function perform various checks for determining if the upload was successful
	*		*
	* @param array $p_file The uploaded file info, as retrieved from gpc_get_file().		* @param array $p_file The uploaded file info, as retrieved from gpc_get_file().
	* @return void		* @return void
	*/		*/
	function file_ensure_uploaded( array $p_file ) {		function file_ensure_uploaded( array $p_file ) {
	switch( $p_file['error'] ) {		switch( $p_file['error'] ) {
	case UPLOAD_ERR_INI_SIZE:		case UPLOAD_ERR_INI_SIZE:
	case UPLOAD_ERR_FORM_SIZE:		case UPLOAD_ERR_FORM_SIZE:
	trigger_error( ERROR_FILE_TOO_BIG, ERROR );		trigger_error( ERROR_FILE_TOO_BIG, ERROR );
	break;		break;
	case UPLOAD_ERR_PARTIAL:		case UPLOAD_ERR_PARTIAL:
	case UPLOAD_ERR_NO_FILE:		case UPLOAD_ERR_NO_FILE:
	trigger_error( ERROR_FILE_NO_UPLOAD_FAILURE, ERROR );		trigger_error( ERROR_FILE_NO_UPLOAD_FAILURE, ERROR );
	break;		break;
	default:		default:
	break;		break;
	}		}
	if( ( '' == $p_file['tmp_name'] ) || ( '' == $p_file['name'] ) ) {		if( ( '' == $p_file['tmp_name'] ) || ( '' == $p_file['name'] ) ) {
	trigger_error( ERROR_FILE_NO_UPLOAD_FAILURE, ERROR );		trigger_error( ERROR_FILE_NO_UPLOAD_FAILURE, ERROR );
	}		}
	if( !is_readable( $p_file['tmp_name'] ) ) {		if( !is_readable( $p_file['tmp_name'] ) ) {
	trigger_error( ERROR_UPLOAD_FAILURE, ERROR );		trigger_error( ERROR_UPLOAD_FAILURE, ERROR );
	}		}
	}		}
	/**		/**
	* Get file content		* Get file content
	*		*
	* @param integer $p_file_id File identifier.		* @param integer $p_file_id File identifier.
	* @param string  $p_type    File type (either 'bug' or 'doc').		* @param string  $p_type    File type (either 'bug' or 'doc').
	* @return array|boolean array containing file type and content or false on failure to retrieve file		* @return array|boolean array containing file type and content or false on failure to retrieve file
	*/		*/
	function file_get_content( $p_file_id, $p_type = 'bug' ) {		function file_get_content( $p_file_id, $p_type = 'bug' ) {
	# we handle the case where the file is attached to a bug		# we handle the case where the file is attached to a bug
	# or attached to a project as a project doc.		# or attached to a project as a project doc.
	db_param_push();		db_param_push();
	switch( $p_type ) {		switch( $p_type ) {
	case 'bug':		case 'bug':
	$t_query = 'SELECT * FROM {bug_file} WHERE id=' . db_param();		$t_query = 'SELECT * FROM {bug_file} WHERE id=' . db_param();
	break;		break;
	case 'doc':		case 'doc':
	$t_query = 'SELECT * FROM {project_file} WHERE id=' . db_param();		$t_query = 'SELECT * FROM {project_file} WHERE id=' . db_param();
	break;		break;
	default:		default:
	return false;		return false;
	}		}
	$t_result = db_query( $t_query, array( $p_file_id ) );		$t_result = db_query( $t_query, array( $p_file_id ) );
	$t_row = db_fetch_array( $t_result );		$t_row = db_fetch_array( $t_result );
	if( $p_type == 'bug' ) {		if( $p_type == 'bug' ) {
	$t_project_id = bug_get_field( $t_row['bug_id'], 'project_id' );		$t_project_id = bug_get_field( $t_row['bug_id'], 'project_id' );
	} else {		} else {
	$t_project_id = $t_row['bug_id'];		$t_project_id = $t_row['bug_id'];
	}		}
	# If finfo is available (always true for PHP >= 5.3.0) we can use it to determine the MIME type of files		# If finfo is available (always true for PHP >= 5.3.0) we can use it to determine the MIME type of files
	$t_finfo_available = false;		$t_finfo_available = false;
	$t_info_file = config_get_global( 'fileinfo_magic_db_file' );		$t_info_file = config_get_global( 'fileinfo_magic_db_file' );
	if( is_blank( $t_info_file ) ) {		if( is_blank( $t_info_file ) ) {
	$t_finfo = new finfo( FILEINFO_MIME );		$t_finfo = new finfo( FILEINFO_MIME );
	} else {		} else {
	$t_finfo = new finfo( FILEINFO_MIME, $t_info_file );		$t_finfo = new finfo( FILEINFO_MIME, $t_info_file );
	}		}
	if( $t_finfo ) {		if( $t_finfo ) {
	$t_finfo_available = true;		$t_finfo_available = true;
	}		}
	$t_content_type = $t_row['file_type'];		$t_content_type = $t_row['file_type'];
	switch( config_get( 'file_upload_method' ) ) {		switch( config_get( 'file_upload_method' ) ) {
	case DISK:		case DISK:
	$t_local_disk_file = file_normalize_attachment_path( $t_row['diskfile'], $t_project_id );		$t_local_disk_file = file_normalize_attachment_path( $t_row['diskfile'], $t_project_id );
	if( file_exists( $t_local_disk_file ) ) {		if( file_exists( $t_local_disk_file ) ) {
	if( $t_finfo_available ) {		if( $t_finfo_available ) {
	$t_file_info_type = $t_finfo->file( $t_local_disk_file );		$t_file_info_type = $t_finfo->file( $t_local_disk_file );
	if( $t_file_info_type !== false ) {		if( $t_file_info_type !== false ) {
	$t_content_type = $t_file_info_type;		$t_content_type = $t_file_info_type;
	}		}
	}		}
	return array( 'type' => $t_content_type, 'content' => file_get_contents( $t_local_disk_file ) );		return array( 'type' => $t_content_type, 'content' => file_get_contents( $t_local_disk_file ) );
	}		}
	return false;		return false;
	break;		break;
	case DATABASE:		case DATABASE:
	if( $t_finfo_available ) {		if( $t_finfo_available ) {
	$t_file_info_type = $t_finfo->buffer( $t_row['content'] );		$t_file_info_type = $t_finfo->buffer( $t_row['content'] );
	if( $t_file_info_type !== false ) {		if( $t_file_info_type !== false ) {
	$t_content_type = $t_file_info_type;		$t_content_type = $t_file_info_type;
	}		}
	}		}
	return array( 'type' => $t_content_type, 'content' => $t_row['content'] );		return array( 'type' => $t_content_type, 'content' => $t_row['content'] );
	break;		break;
	default:		default:
	trigger_error( ERROR_GENERIC, ERROR );		trigger_error( ERROR_GENERIC, ERROR );
	}		}
	}		}
	/**		/**
	* Move any attachments as needed when a bug is moved from project to project.		* Move any attachments as needed when a bug is moved from project to project.
	*		*
	* @param integer $p_bug_id        ID of bug containing attachments to be moved.		* @param integer $p_bug_id        ID of bug containing attachments to be moved.
	* @param integer $p_project_id_to Destination project ID for the bug.		* @param integer $p_project_id_to Destination project ID for the bug.
	* @return void		* @return void
	*		*
	* @todo: this function can't cope with source or target storing attachments in DB		* @todo: this function can't cope with source or target storing attachments in DB
	*/		*/
	function file_move_bug_attachments( $p_bug_id, $p_project_id_to ) {		function file_move_bug_attachments( $p_bug_id, $p_project_id_to ) {
	$t_project_id_from = bug_get_field( $p_bug_id, 'project_id' );		$t_project_id_from = bug_get_field( $p_bug_id, 'project_id' );
	if( $t_project_id_from == $p_project_id_to ) {		if( $t_project_id_from == $p_project_id_to ) {
	return;		return;
	}		}
	$t_method = config_get( 'file_upload_method' );		$t_method = config_get( 'file_upload_method' );
	if( $t_method != DISK ) {		if( $t_method != DISK ) {
	return;		return;
	}		}
	if( !file_bug_has_attachments( $p_bug_id ) ) {		if( !file_bug_has_attachments( $p_bug_id ) ) {
	return;		return;
	}		}
	$t_path_from = project_get_field( $t_project_id_from, 'file_path' );		$t_path_from = project_get_field( $t_project_id_from, 'file_path' );
	if( is_blank( $t_path_from ) ) {		if( is_blank( $t_path_from ) ) {
	$t_path_from = config_get_global( 'absolute_path_default_upload_folder' );		$t_path_from = config_get_global( 'absolute_path_default_upload_folder' );
	}		}
	file_ensure_valid_upload_path( $t_path_from );		file_ensure_valid_upload_path( $t_path_from );
	$t_path_to = project_get_field( $p_project_id_to, 'file_path' );		$t_path_to = project_get_field( $p_project_id_to, 'file_path' );
	if( is_blank( $t_path_to ) ) {		if( is_blank( $t_path_to ) ) {
	$t_path_to = config_get_global( 'absolute_path_default_upload_folder' );		$t_path_to = config_get_global( 'absolute_path_default_upload_folder' );
	}		}
	file_ensure_valid_upload_path( $t_path_to );		file_ensure_valid_upload_path( $t_path_to );
	if( $t_path_from == $t_path_to ) {		if( $t_path_from == $t_path_to ) {
	return;		return;
	}		}
	# Initialize the update query to update a single row		# Initialize the update query to update a single row
	$c_bug_id = (int)$p_bug_id;		$c_bug_id = (int)$p_bug_id;
	db_param_push();		db_param_push();
	$t_query_disk_attachment_update = 'UPDATE {bug_file}		$t_query_disk_attachment_update = 'UPDATE {bug_file}
	SET folder=' . db_param() . '		SET folder=' . db_param() . '
	WHERE bug_id=' . db_param() . '		WHERE bug_id=' . db_param() . '
	AND id =' . db_param();		AND id =' . db_param();
	$t_attachment_rows = bug_get_attachments( $p_bug_id );		$t_attachment_rows = bug_get_attachments( $p_bug_id );
	$t_attachments_count = count( $t_attachment_rows );		$t_attachments_count = count( $t_attachment_rows );
	for( $i = 0; $i < $t_attachments_count; $i++ ) {		for( $i = 0; $i < $t_attachments_count; $i++ ) {
	$t_row = $t_attachment_rows[$i];		$t_row = $t_attachment_rows[$i];
	$t_basename = basename( $t_row['diskfile'] );		$t_basename = basename( $t_row['diskfile'] );
	$t_disk_file_name_from = file_path_combine( $t_path_from, $t_basename );		$t_disk_file_name_from = file_path_combine( $t_path_from, $t_basename );
	$t_disk_file_name_to = file_path_combine( $t_path_to, $t_basename );		$t_disk_file_name_to = file_path_combine( $t_path_to, $t_basename );
	if( !file_exists( $t_disk_file_name_to ) ) {		if( !file_exists( $t_disk_file_name_to ) ) {
	chmod( $t_disk_file_name_from, 0775 );		chmod( $t_disk_file_name_from, 0775 );
	if( !rename( $t_disk_file_name_from, $t_disk_file_name_to ) ) {		if( !rename( $t_disk_file_name_from, $t_disk_file_name_to ) ) {
	if( !copy( $t_disk_file_name_from, $t_disk_file_name_to ) ) {		if( !copy( $t_disk_file_name_from, $t_disk_file_name_to ) ) {
	trigger_error( ERROR_FILE_MOVE_FAILED, ERROR );		trigger_error( ERROR_FILE_MOVE_FAILED, ERROR );
	}		}
	file_delete_local( $t_disk_file_name_from );		file_delete_local( $t_disk_file_name_from );
	}		}
	chmod( $t_disk_file_name_to, config_get( 'attachments_file_permissions' ) );		chmod( $t_disk_file_name_to, config_get( 'attachments_file_permissions' ) );
	# Don't pop the parameters after query execution since we're in a loop		# Don't pop the parameters after query execution since we're in a loop
	db_query( $t_query_disk_attachment_update, array( db_prepare_string( $t_path_to ), $c_bug_id, (int)$t_row['id'] ), -1, -1, false );		db_query( $t_query_disk_attachment_update, array( db_prepare_string( $t_path_to ), $c_bug_id, (int)$t_row['id'] ), -1, -1, false );
	} else {		} else {
	trigger_error( ERROR_FILE_DUPLICATE, ERROR );		trigger_error( ERROR_FILE_DUPLICATE, ERROR );
	}		}
	}		}
	db_param_pop();		db_param_pop();
	}		}
	/**		/**
	* Copies all attachments from the source bug to the destination bug		* Copies all attachments from the source bug to the destination bug
	*		*
	* Does not perform history logging and does not perform access checks.		* Does not perform history logging and does not perform access checks.
	*		*
	* @param integer $p_source_bug_id Source Bug.		* @param integer $p_source_bug_id Source Bug.
	* @param integer $p_dest_bug_id   Destination Bug.		* @param integer $p_dest_bug_id   Destination Bug.
	* @return void		* @return void
	*/		*/
	function file_copy_attachments( $p_source_bug_id, $p_dest_bug_id ) {		function file_copy_attachments( $p_source_bug_id, $p_dest_bug_id ) {
	db_param_push();		db_param_push();
	$t_query = 'SELECT * FROM {bug_file} WHERE bug_id = ' . db_param();		$t_query = 'SELECT * FROM {bug_file} WHERE bug_id = ' . db_param();
	$t_result = db_query( $t_query, array( $p_source_bug_id ) );		$t_result = db_query( $t_query, array( $p_source_bug_id ) );
	$t_count = db_num_rows( $t_result );		$t_count = db_num_rows( $t_result );
	$t_project_id = bug_get_field( $p_source_bug_id, 'project_id' );		$t_project_id = bug_get_field( $p_source_bug_id, 'project_id' );
	for( $i = 0;$i < $t_count;$i++ ) {		for( $i = 0;$i < $t_count;$i++ ) {
	$t_bug_file = db_fetch_array( $t_result );		$t_bug_file = db_fetch_array( $t_result );
	# prepare the new diskfile name and then copy the file		# prepare the new diskfile name and then copy the file
	$t_source_file = $t_bug_file['folder'] . $t_bug_file['diskfile'];		$t_source_file = $t_bug_file['folder'] . $t_bug_file['diskfile'];
	if( ( config_get( 'file_upload_method' ) == DISK ) ) {		if( ( config_get( 'file_upload_method' ) == DISK ) ) {
	$t_source_file = file_normalize_attachment_path( $t_source_file, $t_project_id );		$t_source_file = file_normalize_attachment_path( $t_source_file, $t_project_id );
	$t_file_path = dirname( $t_source_file ) . DIRECTORY_SEPARATOR;		$t_file_path = dirname( $t_source_file ) . DIRECTORY_SEPARATOR;
	} else {		} else {
	$t_file_path = $t_bug_file['folder'];		$t_file_path = $t_bug_file['folder'];
	}		}
	$t_new_diskfile_name = file_generate_unique_name( $t_file_path );		$t_new_diskfile_name = file_generate_unique_name( $t_file_path );
	$t_new_diskfile_location = $t_file_path . $t_new_diskfile_name;		$t_new_diskfile_location = $t_file_path . $t_new_diskfile_name;
	$t_new_file_name = file_get_display_name( $t_bug_file['filename'] );		$t_new_file_name = file_get_display_name( $t_bug_file['filename'] );
	if( ( config_get( 'file_upload_method' ) == DISK ) ) {		if( ( config_get( 'file_upload_method' ) == DISK ) ) {
	# Skip copy operation if file does not exist (i.e. target bug will have missing attachment)		# Skip copy operation if file does not exist (i.e. target bug will have missing attachment)
	# @todo maybe we should trigger an error instead in this case ?		# @todo maybe we should trigger an error instead in this case ?
	if( file_exists( $t_source_file ) ) {		if( file_exists( $t_source_file ) ) {
	copy( $t_source_file, $t_new_diskfile_location );		copy( $t_source_file, $t_new_diskfile_location );
	chmod( $t_new_diskfile_location, config_get( 'attachments_file_permissions' ) );		chmod( $t_new_diskfile_location, config_get( 'attachments_file_permissions' ) );
	}		}
	}		}
	db_param_push();		db_param_push();
	$t_query = 'INSERT INTO {bug_file} (		$t_query = 'INSERT INTO {bug_file} (
	bug_id, title, description, diskfile, filename, folder,		bug_id, title, description, diskfile, filename, folder,
	filesize, file_type, date_added, user_id, content		filesize, file_type, date_added, user_id, content
	)		)
	VALUES ( '		VALUES ( '
	. db_param() . ', ' . db_param() . ', ' . db_param() . ', '		. db_param() . ', ' . db_param() . ', ' . db_param() . ', '
	. db_param() . ', ' . db_param() . ', ' . db_param() . ', '		. db_param() . ', ' . db_param() . ', ' . db_param() . ', '
	. db_param() . ', ' . db_param() . ', ' . db_param() . ', '		. db_param() . ', ' . db_param() . ', ' . db_param() . ', '
	. db_param() . ', ' . db_param() .		. db_param() . ', ' . db_param() .
	')';		')';
	db_query( $t_query, array(		db_query( $t_query, array(
	$p_dest_bug_id, $t_bug_file['title'], $t_bug_file['description'],		$p_dest_bug_id, $t_bug_file['title'], $t_bug_file['description'],
	$t_new_diskfile_name, $t_new_file_name, $t_file_path,		$t_new_diskfile_name, $t_new_file_name, $t_file_path,
	$t_bug_file['filesize'], $t_bug_file['file_type'], $t_bug_file['date_added'],		$t_bug_file['filesize'], $t_bug_file['file_type'], $t_bug_file['date_added'],
	$t_bug_file['user_id'], $t_bug_file['content']		$t_bug_file['user_id'], $t_bug_file['content']
	) );		) );
	}		}
	}		}
	/**		/**
	* Returns a possibly override content type for a file name		* Returns a possibly override content type for a file name
	*		*
	* @param string $p_filename The filename of the file which will be downloaded.		* @param string $p_filename The filename of the file which will be downloaded.
	* @return string the content type, or empty if it should not be overridden		* @return string the content type, or empty if it should not be overridden
	*/		*/
	function file_get_content_type_override( $p_filename ) {		function file_get_content_type_override( $p_filename ) {
	global $g_file_download_content_type_overrides;		global $g_file_download_content_type_overrides;
	$t_extension = pathinfo( $p_filename, PATHINFO_EXTENSION );		$t_extension = pathinfo( $p_filename, PATHINFO_EXTENSION );
	if( isset( $g_file_download_content_type_overrides[$t_extension] ) ) {		if( isset( $g_file_download_content_type_overrides[$t_extension] ) ) {
	return $g_file_download_content_type_overrides[$t_extension];		return $g_file_download_content_type_overrides[$t_extension];
	}		}
	return null;		return null;
	}		}