function HandlePostUpload($pagename, $auth = 'upload') {
global $UploadVerifyFunction, $UploadFileFmt, $LastModFile,
$EnableUploadVersions, $Now;
$page = RetrieveAuthPage($pagename, $auth, true, READPAGE_CURRENT);
if (!$page) Abort("?cannot upload to $pagename");
$uploadfile = $_FILES['uploadfile'];
$upname = $_REQUEST['upname'];
if ($upname=='') $upname=$uploadfile['name'];
$upname = MakeUploadName($pagename,$upname);
if (!function_exists($UploadVerifyFunction))
Abort('?no UploadVerifyFunction available');
$filepath = FmtPageName("$UploadFileFmt/$upname",$pagename);
$result = $UploadVerifyFunction($pagename,$uploadfile,$filepath);
if ($result=='') {
$filedir = preg_replace('#/[^/]*$#','',$filepath);
mkdirp($filedir);
if (IsEnabled($EnableUploadVersions, 0))
@rename($filepath, "$filepath,$Now");
if (!move_uploaded_file($uploadfile['tmp_name'],$filepath))
{ Abort("?cannot move uploaded file to $filepath"); return; }
fixperms($filepath,0444);
if ($LastModFile) { touch($LastModFile); fixperms($LastModFile); }
$result = "upresult=success";
}
Redirect($pagename,"{\$PageUrl}?action=upload&uprname=$upname&$result");
}
function HandlePostUpload($pagename, $auth = 'upload') {
global $UploadVerifyFunction, $UploadFileFmt, $LastModFile,
$EnableUploadVersions, $Now, $RecentUploadsFmt, $FmtV,
$NotifyItemUploadFmt, $NotifyItemFmt, $IsUploadPosted,
$UploadRedirectFunction;
UploadAuth($pagename, $auth);
$uploadfile = $_FILES['uploadfile'];
$upname = $_REQUEST['upname'];
if ($upname=='') $upname=$uploadfile['name'];
$upname = MakeUploadName($pagename,$upname);
if (!function_exists($UploadVerifyFunction))
Abort('?no UploadVerifyFunction available');
$filepath = FmtPageName("$UploadFileFmt/$upname",$pagename);
$result = $UploadVerifyFunction($pagename,$uploadfile,$filepath);
if ($result=='') {
$filedir = preg_replace('#/[^/]*$#','',$filepath);
mkdirp($filedir);
if (IsEnabled($EnableUploadVersions, 0))
@rename($filepath, "$filepath,$Now");
if (!move_uploaded_file($uploadfile['tmp_name'],$filepath))
{ Abort("?cannot move uploaded file to $filepath"); return; }
fixperms($filepath,0444);
if ($LastModFile) { touch($LastModFile); fixperms($LastModFile); }
$result = "upresult=success";
$FmtV['$upname'] = $upname;
$FmtV['$upsize'] = $uploadfile['size'];
if (IsEnabled($RecentUploadsFmt, 0)) {
PostRecentChanges($pagename, '', '', $RecentUploadsFmt);
}
if (IsEnabled($NotifyItemUploadFmt, 0) && function_exists('NotifyUpdate')) {
$NotifyItemFmt = $NotifyItemUploadFmt;
$IsUploadPosted = 1;
register_shutdown_function('NotifyUpdate', $pagename, getcwd());
}
}
SDV($UploadRedirectFunction, 'Redirect');
$UploadRedirectFunction($pagename,"{\$PageUrl}?action=upload&uprname=$upname&$result");
}
function RSSEnclosure($pagename, &$page, $k)
{
global $RSSEnclosureFmt, $UploadFileFmt, $UploadExts;
if (!function_exists('MakeUploadName')) {
return '';
}
SDV($RSSEnclosureFmt, array('$Name.mp3'));
$encl = '';
foreach ((array) $RSSEnclosureFmt as $fmt) {
$path = FmtPageName($fmt, $pagename);
$upname = MakeUploadName($pagename, $path);
$filepath = FmtPageName("{$UploadFileFmt}/{$upname}", $pagename);
if (file_exists($filepath)) {
$length = filesize($filepath);
$type = @$UploadExts[preg_replace('/.*\\./', '', $filepath)];
$url = LinkUpload($pagename, 'Attach:', $path, '', '', '$LinkUrl');
$encl .= "<{$k} url='{$url}' length='{$length}' type='{$type}' />";
}
}
return $encl;
}
function HandlePostUpload($pagename)
{
global $UploadVerifyFunction, $UploadFileFmt, $LastModFile;
$page = RetrieveAuthPage($pagename, 'upload');
if (!$page) {
Abort("?cannot upload to {$pagename}");
}
$uploadfile = $_FILES['uploadfile'];
$upname = $_REQUEST['upname'];
if ($upname == '') {
$upname = $uploadfile['name'];
}
$upname = MakeUploadName($pagename, $upname);
if (!function_exists($UploadVerifyFunction)) {
Abort('?no UploadVerifyFunction available');
}
$filepath = FmtPageName("{$UploadFileFmt}/{$upname}", $pagename);
$result = $UploadVerifyFunction($pagename, $uploadfile, $filepath);
if ($result == '') {
$filedir = preg_replace('#/[^/]*$#', '', $filepath);
mkdirp($filedir);
if (!move_uploaded_file($uploadfile['tmp_name'], $filepath)) {
Abort("?cannot move uploaded file to {$filepath}");
return;
}
fixperms($filepath);
if ($LastModFile) {
touch($LastModFile);
fixperms($LastModFile);
}
$result = "upresult=success";
}
Redirect($pagename, "\$PageUrl?action=upload&upname={$upname}&{$result}");
}
/**
* Handle the .draw file format
*/
function HandlePostDrawing_draw($pagename)
{
global $UploadVerifyFunction, $UploadFileFmt, $LastModFile, $Now;
global $RecentChangesFmt, $IsPagePosted, $EnableDrawingRecentChanges;
$page = RetrieveAuthPage($pagename, 'upload');
if (!$page) {
Abort("?cannot upload to {$pagename}");
}
$uploadImage = $_FILES['uploadImage'];
$uploadDrawing = $_FILES['uploadDrawing'];
$uploadMap = $_FILES['uploadMap'];
$drawingBaseTime = $_POST['drawingbasetime'];
// The time the user began editing this drawing.
$imageupname = $uploadImage['name'];
$drawingupname = $uploadDrawing['name'];
$mapupname = $uploadMap['name'];
$imageupname = MakeUploadName($pagename, $imageupname);
$drawingupname = MakeUploadName($pagename, $drawingupname);
$mapupname = MakeUploadName($pagename, $mapupname);
$imageFilePath = FmtPageName("{$UploadFileFmt}/{$imageupname}", $pagename);
$drawingFilePath = FmtPageName("{$UploadFileFmt}/{$drawingupname}", $pagename);
$mapFilePath = FmtPageName("{$UploadFileFmt}/{$mapupname}", $pagename);
if (file_exists($drawingFilePath)) {
// Only worth checking timestamps if a drawing actually currently exists!
if (filemtime($drawingFilePath) > $drawingBaseTime) {
// Assign a new timestamp to the client... hopefully this time they'll be ok...
header("PmWikiDraw-DrawingChanged: {$Now}");
exit;
}
}
// If we've got to here then we can assume its safe to overwrite the current file
// Note: we should do the history archival/recent changes stuff here.
if ($EnableDrawingRecentChanges == true && isset($_POST['drawingname'])) {
$imageModified = $_POST['drawingname'];
$RecentChangesFmt = array('Main.AllRecentChanges' => '* [[$Group/$Name]] Drawing - ' . $imageModified . ' modified . . . $CurrentTime', '$Group.RecentChanges' => '* [[$Group/$Name]] Drawing - ' . $imageModified . ' modified . . . $CurrentTime');
$IsPagePosted = true;
$x = "";
$y = "";
PostRecentChanges($pagename, $x, $y);
$IsPagePosted = false;
}
$filedir = preg_replace('#/[^/]*$#', '', $imageFilePath);
mkdirp($filedir);
if (!move_uploaded_file($uploadImage['tmp_name'], $imageFilePath)) {
Abort("?cannot move uploaded image to {$imageFilePath}");
return;
}
fixperms($imageFilePath, 0444);
if ($LastModFile) {
touch($LastModFile);
fixperms($LastModFile);
}
$filedir = preg_replace('#/[^/]*$#', '', $drawingFilePath);
mkdirp($filedir);
if (!move_uploaded_file($uploadDrawing['tmp_name'], $drawingFilePath)) {
Abort("?cannot move uploaded drawing to {$drawingFilePath}");
return;
}
fixperms($drawingFilePath, 0444);
if ($LastModFile) {
touch($LastModFile);
fixperms($LastModFile);
}
$filedir = preg_replace('#/[^/]*$#', '', $mapFilePath);
mkdirp($filedir);
if (!move_uploaded_file($uploadMap['tmp_name'], $mapFilePath)) {
Abort("?cannot move uploaded map to {$mapFilePath}");
return;
}
fixperms($mapFilePath, 0444);
if ($LastModFile) {
touch($LastModFile);
fixperms($LastModFile);
}
// Sets the drawingBaseTime header for incremental save support.
header("PmWikiDraw-DrawingBaseTime: " . filemtime($drawingFilePath));
exit;
}
function include_file($pagename, $argstr)
{
global $UploadFileFmt, $UploadUrlFmt, $UploadPrefixFmt;
global $IncludeUploadTextToHtmlCmd;
global $IncludeUploadToHtmlCmd;
global $UrlScheme, $IncludeUploadUrlFopenEnabled;
global $HandleAuth, $AuthFunction;
$args = ParseArgs($argstr);
$path = $args[''] ? implode('', $args['']) : '';
$class = $args['class'] ? $args['class'] : $this->class;
$abs_url = '';
# figure out the file path
if (preg_match("/^\\s*\\//", $path)) {
# a path was given, give it a http: path
# so that this will honour Apache permissions
# However, this will only work if allow_url_fopen is enabled.
if ($IncludeUploadUrlFopenEnabled) {
$http = $UrlScheme ? $UrlScheme : 'http';
$filepath = $http . '://' . $_SERVER['HTTP_HOST'] . $path;
} else {
$filepath = $_SERVER['DOCUMENT_ROOT'] . $path;
}
// make the abs_url from the part of the URL minus the file
$bits = explode("/", $filepath);
array_pop($bits);
$abs_url = implode('/', $bits);
$abs_url .= '/';
} else {
if (preg_match('!^(.*)/([^/]+)$!', $path, $match)) {
$pagename = MakePageName($pagename, $match[1]);
$path = $match[2];
}
// permission check for accessing files from given page
if (!$AuthFunction($pagename, $HandleAuth['includeupload'], false)) {
return Keep("(:includeupload {$path}:) failed: access denied to include files from {$pagename}<br>\n");
}
$upname = MakeUploadName($pagename, $path);
$filepath = FmtPageName("{$UploadFileFmt}/{$upname}", $pagename);
$abs_url = PUE(FmtPageName("{$UploadUrlFmt}{$UploadPrefixFmt}", $pagename));
}
// read the file; if there was failure, the content is empty
$filetext = $this->read_file($filepath);
if ($filetext) {
$ext = '';
if (preg_match('!\\.(\\w+)$!', $filepath, $match)) {
$ext = $match[1];
}
$filetype = $args['type'] ? $args['type'] : $ext;
if ($IncludeUploadToHtmlCmd[$filetype]) {
$command = $IncludeUploadToHtmlCmd[$filetype];
$tempfile = $this->put_file($filetext);
$fcont = `{$command} {$tempfile}`;
$fcont = $this->extract_body($fcont);
$fcont = $this->absolute_url($fcont, $abs_url);
@unlink($tempfile);
return Keep(($class ? "<div class='{$class}'>" : '<div>') . $fcont . '</div>');
} else {
if (preg_match('/htm.?/', $ext)) {
$fcont = $this->extract_body($filetext);
$fcont = $this->absolute_url($fcont, $abs_url);
return Keep(($class ? "<div class='{$class}'>" : '<div>') . $fcont . '</div>');
} else {
// by default, treat as text and escape HTML chars
return Keep(($class ? "<pre class='{$class}'>" : '<pre>') . "filetype={$filetype}\n" . htmlspecialchars($filetext) . '</pre>');
}
}
}
# fall through
return Keep("(:includeupload {$path}:) failed: Could not open {$filepath}<br>\n");
}
function getUploadPath ($pagename, $path) {
global $UploadFileFmt;
if (preg_match('!^(.*)/([^/]+)$!', $path, $m)) {
$pagename = MakePageName($pagename, $m[1]);
$path = $m[2];
}
$upname = MakeUploadName($pagename, $path);
$filepath = FmtPageName("$UploadFileFmt/$upname", $pagename);
return $filepath;
}
function HandlePostUpload($pagename, $auth = 'upload')
{
global $UploadVerifyFunction, $UploadFileFmt, $LastModFile, $EnableUploadVersions, $Now, $RecentUploadsFmt, $FmtV;
UploadAuth($pagename, $auth);
$uploadfile = $_FILES['uploadfile'];
$upname = $_REQUEST['upname'];
if ($upname == '') {
$upname = $uploadfile['name'];
}
$upname = MakeUploadName($pagename, $upname);
if (!function_exists($UploadVerifyFunction)) {
Abort('?no UploadVerifyFunction available');
}
$filepath = FmtPageName("{$UploadFileFmt}/{$upname}", $pagename);
$result = $UploadVerifyFunction($pagename, $uploadfile, $filepath);
if ($result == '') {
$filedir = preg_replace('#/[^/]*$#', '', $filepath);
mkdirp($filedir);
if (IsEnabled($EnableUploadVersions, 0)) {
@rename($filepath, "{$filepath},{$Now}");
}
if (!move_uploaded_file($uploadfile['tmp_name'], $filepath)) {
Abort("?cannot move uploaded file to {$filepath}");
return;
}
fixperms($filepath, 0444);
if ($LastModFile) {
touch($LastModFile);
fixperms($LastModFile);
}
$result = "upresult=success";
if (IsEnabled($RecentUploadsFmt, 0)) {
$FmtV['$upname'] = $upname;
$FmtV['$upsize'] = $uploadfile['size'];
PostRecentChanges($pagename, '', '', $RecentUploadsFmt);
}
}
Redirect($pagename, "{\$PageUrl}?action=upload&uprname={$upname}&{$result}");
}
