Merge pull request #2 from i2bc/upload_db

Upload db

createdb.php

@@ -32,6 +32,7 @@
 <h2><?php site_name(); ?> database creator</h2>
 <p>This page helps to create a <?php site_name(); ?> database (in sqlite3 format) based on genomes uploaded by the user.</p>
 <p> The final database can be downloaded for local analyzis, or it can be explored on the <?php site_name(); ?> site.</p>
+<p>Alternatively you can <a href="upload_db.php">upload a Synteruptor database</a> directly if you have generated a database yourself.</p>
 <?php
 
 if (isset($_GET["id"])) {

lib_db.php

@@ -5,6 +5,9 @@
 require_once("common.php");
 $dbdir = get_setting("db_dir");
 
+
+class DbException extends Exception {}
+
 /**********************************************************/
 // Check variable type (convert if necessary)
 function parseVal($dat) {
@@ -71,20 +74,39 @@ function get_db($version = null) {
 function get_db_connection($db) {
 	global $dbdir;
 	$dbh;
-        $dbpath = $db;
-        if (! preg_match("/\.sqlite$/i", $dbpath)) {
-            $dbpath = "$dbpath.sqlite";
-        }
-        error_log('['.date('YYYY-MM-dd HH:mm:ss').']'."Get db connection to $dbpath in $dbdir");
+	$dbpath = $db;
+	if (!str_starts_with($db, "/")) {
+		$dbpath = "$dbdir/$dbpath";
+		if (! preg_match("/\.sqlite$/i", $dbpath)) {
+			$dbpath = "$dbpath.sqlite";
+		}
+	}
+	error_log("Get db connection to $dbpath");
 	try {
-		$dbh = new PDO("sqlite:$dbdir/" . $dbpath, '', '', array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION));
+		$dbh = new PDO("sqlite:$dbpath", '', '', array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION));
 	}
 	catch(PDOException $ex) {
 		die_msg('Unable to connect to database.', $ex->getMessage());
 	}
 	return $dbh;
 }
 
+function check_db($dbh) {
+	$tables = ["breaks_all", "breaks_ranking"];
+	foreach ($tables as $table) {
+		if (!has_table($dbh, $table)) {
+			return false;
+		}
+		$query = "SELECT * FROM $table LIMIT 1";
+		$data = get_db_data($dbh, $query);
+		if (count($data) != 1) {
+			error_log("Table $table has not data?");
+			return false;
+		}
+	}
+	return true;
+}
+
 function get_db_data($dbh, $query, $vals = array(), $key = '') {
 	try {
 		$result = $dbh->prepare($query);

upload_db.php

@@ -0,0 +1,75 @@
+<?php if(!isset($_SESSION)){session_start();} ?>
+<?php if(!isset($_SESSION["db_ids"])){$_SESSION["db_ids"]=array();} ?>
+<?php if(!isset($_SESSION["blast_ids"])){$_SESSION["blast_ids"]=array();} ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<?php
+require_once("common.php");
+require_once("upload_db_lib.php");
+?>
+	<head>
+		<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+		<title><?php site_name(); ?> database creator</title>
+		<link rel="icon" type="image/png" href="css/Synteruptor_logo_square.png">
+		<link rel="stylesheet" type="text/css" href="css/common.css">
+		<link rel="stylesheet" type="text/css" href="css/upload.css">
+		<script type="text/javascript" src="js/jquery/jquery-1.12.min.js"></script>
+		<script type="text/javascript" src="https://ajax.aspnetcdn.com/ajax/jquery.validate/1.13.1/jquery.validate.min.js"></script>
+		<script type="text/javascript" src="js/common.js"></script>
+	</head>
+<nav>
+		<?php 
+				print_sidebar(); 
+		?>
+	</nav>
+	<body>
+<?php
+print_header("upload");
+?>
+<div id="content">
+<div class="centered_box">
+<h2><?php site_name(); ?> database upload</h2>
+<p>This page helps to upload <?php site_name(); ?> database (in sqlite3 format) to this website.</p>
+<?php
+
+if (isset($_GET["id"])) {
+	echo '<div class="infobox">';
+	echo '<h3>Restrictions</h3>';
+	echo '<ul>';
+	echo '<li>Only one file</li>';
+	echo "<li>The file has to be smaller than $max_size.</li>";
+	echo "<li>Database suffix must be .sqlite</li>";
+	echo "</ul>";
+	echo "For bigger databases you should contact us directly, see the <a href='contact.php'>contact page</a>.";
+	echo "</div>";
+
+	echo '<div class="upload_box">';
+	echo "<h3>Database file upload</h3>";
+
+	# Check id
+	if (!check_id($id)) {
+		echo "Invalid id ($id)<br>";
+		echo "</div>";
+		echo "<div class='button_container'><a href='upload_db_upload.php'><div class='button_link'>Start the upload</div></a></div>";
+		exit;
+	}
+
+	# Get the database file
+	$new_db = scan_sqlite();
+	if ($new_db) {
+		echo "Uploaded the database file to <a href=\"summary.php?version=$new_db\">$new_db</a>";
+	} else {
+		echo '<form id="uploader" action="upload_db_add.php?id=' . $id . '" method="post" enctype="multipart/form-data">';
+		echo " <input type='file' name='new_db' />";
+		echo '<input type="submit" value="Send" /></li>';
+	}
+	echo "</div>";
+} else {
+	echo "<div class='button_container'><a href='upload_db_start.php'><div class='button_link'>Upload a new database</div></a></div>";
+}
+?>
+</div>
+</div>
+<div id="tail" />
+</body>
+</html>

upload_db_add.php

@@ -0,0 +1,84 @@
+<?php if(!isset($_SESSION)){session_start();} ?>
+<?php if(!isset($_SESSION["db_ids"])){$_SESSION["db_ids"]=array();} ?>
+<?php if(!isset($_SESSION["blast_ids"])){$_SESSION["blast_ids"]=array();} ?>
+<?php
+require_once("upload_db_lib.php");
+require_once("lib_db.php");
+$uploaded_array = array();
+$errormsg = "";
+$nerrors = 0;
+global $final_db_path;
+
+# Check id
+if (!check_id($id)) {
+	echo "Invalid id: $id";
+	echo "<a href='$builder'>Start a new upload</a>";
+	exit;
+}
+
+if (!isset($_FILES["new_db"])) {
+	$errormsg .= "<li>Max allowed size: " . ini_get('post_max_size') . " or " . ini_get('upload_max_filesize') . "</li>";
+	$nerrors++;
+} else {
+	if ($_FILES["new_db"]["error"] != UPLOAD_ERR_OK) {
+		$errormsg .= "<li>Upload error. [".$error."] on file '".$name."'</li>";
+		$nerrors++;
+	} else {
+		$tmp_name = $_FILES["new_db"]["tmp_name"];
+		if (!$tmp_name) return;
+		$name = $_FILES["new_db"]["name"];
+
+		// Check extension
+		if (!preg_match("/\.sqlite?$/", $name)) {
+			$errormsg .= "<li>Wrong file type for $name (only .sqlite allowed)</li>";
+			$nerrors++;
+		} else if (filesize($tmp_name) == 0) {
+			$errormsg .= "<li>File is empty</li>";
+			$nerrors++;
+		} else {
+			# Check there is data in the database
+			try {
+				$dbh = get_db_connection($tmp_name);
+				if (!check_db($dbh)) {
+					throw new DbException("Content of the db doesn't look right");
+				}
+			} catch(Exception $e) {
+				$errormsg .= "<li>Exception: ".$e->getMessage()."</li>";
+				$nerrors++;
+			}
+
+			if ($nerrors == 0) {
+				# Just in case, to avoid collisions
+				$num = 1;
+				$new_id = $id;
+				$new_db_path = $final_db_path;
+				while(file_exists($new_db_path)) {
+					$new_id = $id . "_" . $num;
+					$new_db_path = str_replace("$id.sqlite", "$new_id.sqlite", $final_db_path);
+					$num++;
+					if ($num > 10) {
+						$errormsg .= "<li>ID collision detected with $new_id in $new_db_path.<li>";
+						$nerrors++;
+						break;
+					}
+				}
+				if ($nerrors == 0) {
+					if ( move_uploaded_file($tmp_name, $new_db_path) ) {
+						$uploaded_array[] .= "Uploaded file '".$name."'.<br/>\n";
+					} else {
+						$errormsg .= "<li>Could not move uploaded file '".$tmp_name."' to '".$name."'<li>";
+						$nerrors++;
+					}
+				}
+			}
+		}
+	}
+}
+
+if ($nerrors == 0) {
+	header("Location: $builder?id=$new_id");
+} else {
+	echo "Errors, please check:<ul>$errormsg</ul>\n";
+	echo "<a href='$builder?id=$id'>Go back</a>";
+}
+?>

upload_db_lib.php

@@ -0,0 +1,55 @@
+<?php if(!isset($_SESSION)){session_start();} ?>
+<?php if(!isset($_SESSION["db_ids"])){$_SESSION["db_ids"]=array();} ?>
+<?php if(!isset($_SESSION["blast_ids"])){$_SESSION["blast_ids"]=array();} ?>
+<?php
+require_once("common.php");
+$settings = parse_ini_file("settings.ini");
+$max_size = ini_get('post_max_size');
+$dbdir = get_setting("db_dir"); #"db";
+$basedir = get_setting("upload_dir");	# Make sure this is set with the correct permissions
+$builder = "upload_db.php";
+$id = get_id();
+$final_db_path = "";
+
+if ($id) {
+	define_id_paths($id);
+}
+
+function define_id_paths($new_id) {
+	global $dbdir, $final_db_path;
+	$final_db_path = "$dbdir/$new_id.upload.sqlite";
+}
+
+function get_id() {
+	if (isset($_GET["id"])) {
+		return $_GET["id"];
+	} else {
+		return "";
+	}
+}
+
+function check_id($id) {
+	# Check for format (only ASCII letters and digits)
+	if ( !preg_match( '/^[A-z0-9]+$/', $id ) ) {
+		return false;
+	}
+	# Check	if the file actually exists
+	global $basedir;
+	if ( !file_exists( $basedir . "/" . $id ) ) {
+		return false;
+	}
+	return true;
+}
+
+function init_config($new_id, $new_config) {
+	define_id_paths($new_id);
+}
+
+function scan_sqlite() {
+	global $final_db_path;
+	if (file_exists($final_db_path)) {
+		$db_name = str_replace(".sqlite", "", basename($final_db_path));
+		return $db_name;
+	}
+}
+?>

upload_db_start.php

@@ -0,0 +1,28 @@
+<?php if(!isset($_SESSION)){session_start();} ?>
+<?php if(!isset($_SESSION["db_ids"])){$_SESSION["db_ids"]=array();} ?>
+<?php if(!isset($_SESSION["blast_ids"])){$_SESSION["blast_ids"]=array();} ?>
+<?php
+require_once('upload_db_lib.php');
+
+function temp_file() {
+	global $basedir;
+	if (!$basedir) {
+		return null;
+	}
+
+	$tempfile = tempnam($basedir, 'mgn');
+	$id = basename($tempfile);
+	if(!in_array($id,$_SESSION["db_ids"])){$_SESSION["db_ids"][]=$id;}
+	return $id;
+}
+
+// Create an empty folder with a unique random name
+$tempfile = temp_file();
+
+if (isset($tempfile)) {
+	// Use the dir name as an id
+	header("Location: $builder?id=$tempfile");
+} else {
+	echo "Error: invalid generated id. Please refresh the page.";
+}
+?>