5942bdf6c3
- Upload-Formular unterstützt jetzt mehrere Dateien gleichzeitig - Drag & Drop oder Klick zum Auswählen (mehrfach möglich) - Dateiliste mit Dateiname, Größe, individueller Kategorie-Auswahl und Entfernen-Button pro Datei - Standard-Kategorie kann oben gewählt werden, individuelle Kategorie pro Datei ist optional überschreibbar - Controller verarbeitet Array von Dateien (je max. 10 MB) - Übersetzungen in allen 6 Sprachen ergänzt Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
122 lines
4.0 KiB
PHP
122 lines
4.0 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers\Admin;
|
|
|
|
use App\Http\Controllers\Controller;
|
|
use App\Models\ActivityLog;
|
|
use App\Models\File;
|
|
use App\Models\FileCategory;
|
|
use App\Models\Setting;
|
|
use Illuminate\Http\RedirectResponse;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Support\Facades\Storage;
|
|
use Illuminate\Support\Str;
|
|
use Illuminate\View\View;
|
|
|
|
class FileController extends Controller
|
|
{
|
|
public function index(Request $request): View
|
|
{
|
|
if (!Setting::isFeatureVisibleFor('files', auth()->user())) {
|
|
abort(403);
|
|
}
|
|
|
|
$categories = FileCategory::ordered()->withCount('files')->get();
|
|
$activeCategory = $request->query('category');
|
|
|
|
$query = File::with(['category', 'uploader'])->latest();
|
|
|
|
if ($activeCategory) {
|
|
$query->whereHas('category', fn ($q) => $q->where('slug', $activeCategory));
|
|
}
|
|
|
|
$files = $query->paginate(25)->withQueryString();
|
|
|
|
return view('admin.files.index', compact('categories', 'files', 'activeCategory'));
|
|
}
|
|
|
|
public function create(): View
|
|
{
|
|
if (!Setting::isFeatureVisibleFor('files', auth()->user())) {
|
|
abort(403);
|
|
}
|
|
|
|
$categories = FileCategory::active()->ordered()->get();
|
|
return view('admin.files.create', compact('categories'));
|
|
}
|
|
|
|
public function store(Request $request): RedirectResponse
|
|
{
|
|
if (!Setting::isFeatureVisibleFor('files', auth()->user())) {
|
|
abort(403);
|
|
}
|
|
|
|
$request->validate([
|
|
'files' => ['required', 'array', 'min:1'],
|
|
'files.*' => ['file', 'max:10240', 'mimes:pdf,docx,xlsx,jpg,jpeg,png,gif,webp'],
|
|
'categories' => ['required', 'array', 'min:1'],
|
|
'categories.*' => ['required', 'exists:file_categories,id'],
|
|
]);
|
|
|
|
$uploadedFiles = $request->file('files', []);
|
|
$categories = $request->input('categories', []);
|
|
$count = 0;
|
|
|
|
foreach ($uploadedFiles as $index => $uploadedFile) {
|
|
if (!$uploadedFile || !$uploadedFile->isValid()) {
|
|
continue;
|
|
}
|
|
|
|
$categoryId = $categories[$index] ?? null;
|
|
if (!$categoryId) {
|
|
continue;
|
|
}
|
|
|
|
$extension = $uploadedFile->guessExtension();
|
|
$storedName = Str::uuid() . '.' . $extension;
|
|
|
|
Storage::disk('local')->putFileAs('files', $uploadedFile, $storedName);
|
|
|
|
$file = new File([
|
|
'file_category_id' => $categoryId,
|
|
'original_name' => $uploadedFile->getClientOriginalName(),
|
|
'mime_type' => $uploadedFile->getClientMimeType(),
|
|
'size' => $uploadedFile->getSize(),
|
|
]);
|
|
$file->stored_name = $storedName;
|
|
$file->disk = 'private';
|
|
$file->uploaded_by = auth()->id();
|
|
$file->save();
|
|
|
|
ActivityLog::logWithChanges('uploaded', __('admin.log_file_uploaded', ['name' => $file->original_name]), 'File', $file->id, null, ['name' => $file->original_name, 'category' => $file->category->name ?? '']);
|
|
$count++;
|
|
}
|
|
|
|
$message = $count === 1
|
|
? __('admin.file_uploaded')
|
|
: __('admin.files_uploaded', ['count' => $count]);
|
|
|
|
return redirect()->route('admin.files.index')
|
|
->with('success', $message);
|
|
}
|
|
|
|
public function destroy(File $file): RedirectResponse
|
|
{
|
|
if (!Setting::isFeatureVisibleFor('files', auth()->user())) {
|
|
abort(403);
|
|
}
|
|
|
|
// Path-Traversal-Schutz (V15)
|
|
if (str_contains($file->stored_name, '..') || str_contains($file->stored_name, '/')) {
|
|
abort(403);
|
|
}
|
|
|
|
ActivityLog::logWithChanges('deleted', __('admin.log_file_deleted', ['name' => $file->original_name]), 'File', $file->id, ['name' => $file->original_name, 'category' => $file->category->name ?? ''], null);
|
|
|
|
Storage::disk('local')->delete('files/' . $file->stored_name);
|
|
$file->delete();
|
|
|
|
return back()->with('success', __('admin.file_deleted'));
|
|
}
|
|
}
|