chmod($upload_file, 0644);
}
if (filesize($upload_file) == 0) {
logError("File is empty.");
exit;
}
if (!scanFile($upload_file)) {
rename($upload_file, $upload_file . "-virus");
logError("File did not pass the virus scan.");
exit;
}
$fd = fopen("/tmp/upload.log", "a");
fwrite($fd, "Upload: " . serialize($_FILES) . " with " . serialize($_POST) . "\n");
fclose($fd);
print_r($_FILES);
$file = new File();
$file->byPath($upload_file);
if ($file->isValid()) {
$file->incrementShrinks();
} else {
$file->path = $upload_file;
$file->tag = randomTag();
$file->params['name'] = preg_replace(',[^a-zA-Z0-9_:;!@#$%^+=.~-],', '', $f['name']);
$file->params['content_type'] = $f['type'];
$file->params['size'] = filesize($upload_file);
$file->creator = new Creator($_SERVER["REMOTE_ADDR"], $_SESSION["acct_auth"] ? $_SESSION["acct_official"] : null);
$file->store();
}
$sth = getDB()->prepare("INSERT INTO upload_tracking (upload_id,file_id,error) VALUES (?,?,'f')");
$sth->execute(array($_POST["UPLOAD_IDENTIFIER"], $file->id));
}
