function upload_zip($zip_file = '')
{
// Create temporary directory
exec('mktemp -d', $output, $rc);
if ($rc != 0) {
die('mktemp failed');
}
$temp_dir = $output[0];
if (!is_dir($temp_dir)) {
die('Temporary directory not created');
}
// Unzip
system("unzip -q -d {$temp_dir} {$zip_file}", $rc);
if ($rc != 0) {
die('unzip failed');
}
unlink($zip_file);
// Fetch directory listing
$file_list = glob("{$temp_dir}/*");
// Fetch file information
$files = array();
foreach ($file_list as $file) {
if (!preg_match('/\\.pdf$/', $file)) {
continue;
}
upload_file($file, basename($file));
}
}
function generate_thumbnail($sURL, $needConnect)
{
if (!is_logged_in()) {
return getError("no logged-in user");
}
$res = array();
//get picture from service
//"http://www.sitepoint.com/forums/image.php?u=106816&dateline=1312480118";
$remote_path = str_replace("[URL]", $sURL, WEBSITE_THUMBNAIL_SERVICE);
$heurist_path = tempnam(HEURIST_FILESTORE_DIR, "_temp_");
// . $file_id;
$filesize = saveURLasFile($remote_path, $heurist_path);
if ($filesize > 0) {
//check the dimension of returned thumbanil in case it less than 50 - consider it as error
if (strpos($remote_path, substr(WEBSITE_THUMBNAIL_SERVICE, 0, 24)) == 0) {
$image_info = getimagesize($heurist_path);
if ($image_info[1] < 50) {
//remove temp file
unlink($heurist_path);
return getError("Thumbnail generator service can't create the image for specified URL");
}
}
$fileID = upload_file("snapshot.jpg", "jpg", $heurist_path, null, $filesize, $sURL, $needConnect);
if (is_numeric($fileID)) {
$res = get_uploaded_file_info($fileID, $needConnect);
} else {
$res = getError("File upload was interrupted. " . $fileID);
}
} else {
$res = getError("Cannot download image");
}
return $res;
}
function insert_file($var, $upload_path, $file_name_prefix)
{
if (isset($_REQUEST['is_' . $var]) && $_REQUEST['is_' . $var] && isset($_FILES[$var])) {
return upload_file($var, $upload_path, $file_name_prefix);
}
return '';
}
function upload_file_and_edit_agreement()
{
save_agreement();
upload_file(3, 10, $_POST['0'], 1);
$id = $_POST['0'];
$aggr = db_retrieve_agreement_byID($id);
addedit_agreement($aggr);
}
/**
*
* @param type $data
* @param type $type
* @return string
*/
public static function upImg($data, $type = 'jpg')
{
if (!self::isImg(strtolower($type))) {
return FALSE;
}
$server = getC("upload_server");
$sign = getC("upload_sign");
$file_url = upload_file($server, $data, $type, $sign);
return $file_url;
}
/**
* Master function for uploading, checks filenames and generates thumbnails
*/
function upload($file, $dir = 'uploads')
{
$filename = check_filename($file['name'], $dir);
// Pop the original file in /uploads/originals
move_uploaded_file($file['tmp_name'], $dir . '/originals/' . $filename);
// Generate thumbnail
upload_file($filename, $file['type'], 100, 100, 'thumbnails', $dir);
// Generate stream image
upload_file($filename, $file['type'], 350, 500, 'stream', $dir);
return $filename;
}
/**
* 上传文件 uploads
*/
public function uploads()
{
if (IS_POST) {
/* 定义变量 */
$RESPONSE_STATUS = 500;
/* 上传图片 */
$resultUploads = upload_file();
if ($resultUploads['result'] == 1) {
$RESPONSE_STATUS = 100;
}
$result = array('Tips' => $resultUploads['msg'], 'RESPONSE_STATUS' => $RESPONSE_STATUS, 'RESPONSE_INFO' => $resultUploads['msg']);
$this->ajaxReturn($result);
}
}
public function upload_do()
{
if (isset($_FILES['file'])) {
$tArr = explode(".", $_FILES["file"]["name"]);
$type = $tArr[count($tArr) - 1];
$filename = $_FILES["file"]["tmp_name"];
$handle = fopen($filename, "r");
$data = fread($handle, filesize($filename));
fclose($handle);
$server = getC("upload_server");
$sign = getC("upload_sign");
echo upload_file($server, $data, $type, $sign);
}
}
function refund_apply_order_goods_upload_ex($refund, $pic_name, $upload_size_limit)
{
if ($refund[$pic_name]) {
if ($_FILES[$pic_name]['size'] / 1024 > $upload_size_limit) {
$GLOBALS['err']->add(sprintf($GLOBALS['_LANG']['upload_file_limit'], $upload_size_limit));
return -1;
}
$refund_pic1 = upload_file($_FILES[$pic_name], 'feedbackimg');
if ($refund_pic1 === false) {
$GLOBALS['err']->add("无法上传");
return -1;
}
} else {
$refund_pic1 = '';
}
return $refund_pic1;
}
function add_details()
{
$data = filter_forwarded_data($this);
if (!empty($_FILES)) {
$fileUrl = upload_file($_FILES, 'plantemplate__fileurl', 'plan_', 'xls');
if (!empty($fileUrl)) {
$_POST['document'] = $fileUrl;
$data['list'] = $this->_procurement_plan->add_details($_POST);
if (!is_array($data['list'])) {
$data['msg'] = 'ERROR: ' . $data['list'];
}
$this->load->view('procurement_plans/plan_details', $data);
} else {
echo format_notice($this, 'ERROR: The plan document could not be uploaded.');
}
} else {
echo format_notice($this, 'ERROR: No plan details could be resolved.');
}
}
function settings()
{
$data = filter_forwarded_data($this);
logout_invalid_user($this);
# user has posted the settings form
if (!empty($_POST)) {
# Upload the photo if any exists before you proceed with the rest of the process
$_POST['photo_url'] = !empty($_FILES) ? upload_file($_FILES, 'newphoto__fileurl', 'photo_' . $this->native_session->get('__user_id') . '_', 'png,jpg,jpeg,tiff') : '';
$result = $this->_user->settings($_POST);
if ($result['boolean']) {
$this->native_session->set('msg', 'Your settings have been updated');
} else {
echo "ERROR: The settings could not be updated. " . $result['reason'];
}
} else {
$data['user'] = $this->_user->details();
$this->load->view('users/settings', $data);
}
}
function MOH_Files_Modify()
{
global $mysqli;
include dirname(__FILE__) . '/../include/config.inc.php';
$session =& $_SESSION['MOH_Files_Modify'];
$Message = isset($_REQUEST['msg']) ? $_REQUEST['msg'] : "";
$smarty = smarty_init(dirname(__FILE__) . '/templates');
$action = $_REQUEST['action'];
if ($action == 'uploadfile') {
$FK_Group = $_REQUEST['id_group'];
$bigFK_Group = str_pad($FK_Group, 10, "0", STR_PAD_LEFT);
$uploadPath = $conf['dirs']['moh'] . "/group_" . $bigFK_Group . "/";
$filename_ext = explode(".", $_FILES['file']['name']['0']);
$filename = "";
for ($i = 0; $i < count($filename_ext) - 1; $i++) {
$filename .= $filename_ext[$i];
}
$extension = $filename_ext[count($filename_ext) - 1];
$query = "SELECT MAX(`Order`) FROM Moh_Files WHERE FK_Group = '{$FK_Group}'";
$result = $mysqli->query($query) or die($mysqli->error);
$row = $result->fetch_row();
$order = $row['0'] + 1;
$Errors = upload_file($uploadPath, $filename, $extension, $order, $FK_Group);
if (empty($Errors)) {
asterisk_UpdateConf('musiconhold.conf');
asterisk_Reload();
header("Location: MOH_Files_ListGroup.php?PK_Group={$FK_Group}");
die;
}
}
// Init available groups (Groups)
$query = "SELECT * FROM Moh_Groups";
$result = $mysqli->query($query) or die($mysqli->error . $query);
while ($row = $result->fetch_assoc()) {
$Groups[] = $row;
}
$smarty->assign('Groups', $Groups);
$smarty->assign('Message', $Message);
$smarty->assign('Errors', $Errors);
return $smarty->fetch('MOH_Files_Modify.tpl');
}
function add()
{
$data = filter_forwarded_data($this);
logout_invalid_user($this);
if (!empty($_POST)) {
# Upload the file before you proceed with the rest of the process
$fileUrl = upload_file($_FILES, 'document__fileurl', 'document_', 'pdf,doc,docx,zip,zipx,rar');
if (!empty($fileUrl)) {
$_POST['document'] = $fileUrl;
$result = $this->_document->add($_POST);
} else {
$result = array('boolean' => FALSE, 'reason' => 'File could not be uploaded.');
}
if (!$result['boolean']) {
echo "ERROR: The document could not be added. " . $result['reason'];
}
} else {
$data['area'] = !empty($data['a']) ? $data['a'] : 'system';
$this->load->view('documents/new_document', $data);
}
}
function updateproduct()
{
global $db;
$image = '';
$newest = $_FILES['prodd_image']['name'];
foreach ($newest as $key => $value) {
$imgg = upload_file($key, $value, 'prod_img/');
if ($imgg != '') {
$image .= $imgg . '|';
}
}
//echo $image.'image---<br/>';
$id = $_POST['hd_id'];
$sth = $db->prepare("SELECT * FROM product where `id`=?");
$sth->execute(array($id));
$result = $sth->fetch();
//echo $result['prod_img'].'dbimg';
$imagee = $result['prod_img'] . $image;
//echo $imagee.'imag<br/>';
$db->exec("update `product` set `product_name`='{$_POST['name']}',`category_id`='{$_POST['category']}',`prod_img`='{$imagee}',`description`='{$_POST['descp']}' where `id`='{$_POST['hd_id']}'");
header("location:add_product.php");
}
/**
* Created by PhpStorm.
* User: spider-ninja
* Date: 8/14/16
* Time: 8:47 PM
*/
function UploadDocs($dataDir, $localId)
{
$outArray = array('photo' => 0, 'pv' => 0, 'adhar_card' => 0, 'voter_card' => 0, 'driving_license' => 0, 'pan_card' => 0);
//$files1 = scandir($dataDir);
if (file_exists($dataDir . $localId . "/" . $localId . ".jpg")) {
$outArray['photo'] = upload_file($dataDir . $localId . "/" . $localId . ".jpg");
}
if (file_exists($dataDir . $localId . "/aadhar.pdf")) {
$outArray['adhar_card'] = upload_file($dataDir . $localId . "/aadhar.pdf");
}
if (file_exists($dataDir . $localId . "/pv.pdf")) {
$outArray['pv'] = upload_file($dataDir . $localId . "/pv.pdf");
}
if (file_exists($dataDir . $localId . "/votor_card.pdf")) {
$outArray['voter_card'] = upload_file($dataDir . $localId . "/votor_card.pdf");
}
if (file_exists($dataDir . $localId . "/driving_license.pdf")) {
$outArray['driving_license'] = upload_file($dataDir . $localId . "/driving_license.pdf");
}
if (file_exists($dataDir . $localId . "/pan.pdf")) {
$outArray['pan_card'] = upload_file($dataDir . $localId . "/pan.pdf");
}
return $outArray;
}
/**
* 编辑器上传文件 upload_file_editor
* @param $path
*/
function upload_file_editor($path = NULL)
{
/* 定义参数 */
$dir_name = ucfirst(I('get.dir'));
if (!$path) {
$path = CONTROLLER_NAME;
}
$savePath = './Editor/' . $dir_name . '/' . $path . '/';
//上传地址
$saveUrl = '/Uploads/Editor/' . $dir_name . '/' . $path . '/';
//读取地址
switch ($dir_name) {
case 'Flash':
$options = array('maxSize' => 1024 * 1024 * 2, 'exts' => array('swf', 'flv'), 'savePath' => $savePath);
break;
case 'Media':
$options = array('maxSize' => 1024 * 1024 * 5, 'exts' => array('swf', 'flv', 'mp3', 'wav', 'wma', 'wmv', 'mid', 'avi', 'mpg', 'asf', 'rm', 'rmvb'), 'savePath' => $savePath);
break;
case 'File':
$options = array('maxSize' => 1024 * 1024 * 5, 'exts' => array('doc', 'docx', 'xls', 'xlsx', 'ppt', 'htm', 'html', 'txt', 'zip', 'rar', 'gz', 'bz2'), 'savePath' => $savePath);
break;
default:
$options = array('maxSize' => 1024 * 1024 * 0.5, 'exts' => array('jpg', 'jpeg', 'gif', 'png'), 'savePath' => $savePath);
}
/* 上传文件 */
$result = upload_file($options);
if ($result['result'] == 1) {
//上传成功
$return['error'] = 0;
$return['url'] = $saveUrl . $result['msg'];
} else {
$return['error'] = 1;
$return['message'] = $result['msg'];
}
return $return;
}
}
//检测链接图片的尺寸
if ($check_info == 1 && !check_image_type($_FILES["linkImage"]["name"])) {
$check_info = 0;
$action = $mark_id != "" ? "edit" : "add";
$ActionMessage = $strCategoryImage . $strImgTypeMemo;
}
if ($check_info == 1 && $_FILES["linkImage"]["name"] != "") {
$arrISize = get_image_size($_FILES["linkImage"]["tmp_name"]);
if ($arrISize[1] > 16 && $arrISize[3] > 16) {
$check_info = 0;
$ActionMessage = $strCategoryImageError;
$action = $mark_id != "" ? "edit" : "add";
} else {
//上传图片
$linkImage = upload_file($_FILES["linkImage"]["tmp_name"], $_FILES["linkImage"]["name"], "../attachments");
}
} else {
$linkImage = "";
}
if ($check_info == 1) {
if ($mark_id != "") {
//编辑
$rsexits = getFieldValue($DBPrefix . "keywords", "keyword='" . encode($_POST['name']) . "'", "id");
if ($rsexits != $mark_id && $rsexits != "") {
$ActionMessage = "{$strDataExists}";
$action = "edit";
} else {
if ($linkImage != "") {
$sql = "update " . $DBPrefix . "keywords set keyword='" . encode($_POST['name']) . "',linkUrl='" . encode($_POST['linkUrl']) . "',linkImage='" . encode($linkImage) . "' where id='{$mark_id}'";
} else {
function action_act_supplier_reg()
{
// 获取全局变量
$_LANG = $GLOBALS['_LANG'];
$smarty = $GLOBALS['smarty'];
$db = $GLOBALS['db'];
$ecs = $GLOBALS['ecs'];
$user_id = $_SESSION['user_id'];
$supplier_name = isset($_POST['supplier_name']) ? trim($_POST['supplier_name']) : '';
$rank_id = isset($_POST['rank_id']) ? intval($_POST['rank_id']) : 0;
$company_name = isset($_POST['company_name']) ? trim($_POST['company_name']) : '';
$country = isset($_POST['country']) ? intval($_POST['country']) : 1;
$province = isset($_POST['province']) ? intval($_POST['province']) : 1;
$city = isset($_POST['city']) ? intval($_POST['city']) : 1;
$district = isset($_POST['district']) ? intval($_POST['district']) : 1;
$country = isset($_POST['country']) ? intval($_POST['country']) : 1;
$address = isset($_POST['address']) ? trim($_POST['address']) : '';
$tel = isset($_POST['tel']) ? trim($_POST['tel']) : '';
$guimo = isset($_POST['guimo']) ? trim($_POST['guimo']) : '';
$email = isset($_POST['email']) ? trim($_POST['email']) : '';
$company_type = isset($_POST['company_type']) ? trim($_POST['company_type']) : '';
$bank = isset($_POST['bank']) ? trim($_POST['bank']) : '';
$contact = isset($_POST['contact']) ? trim($_POST['contact']) : '';
$contact_back = isset($_POST['contact_back']) ? trim($_POST['contact_back']) : '';
$contact_shop = isset($_POST['contact_shop']) ? trim($_POST['contact_shop']) : '';
$contact_yunying = isset($_POST['contact_yunying']) ? trim($_POST['contact_yunying']) : '';
$contact_shouhou = isset($_POST['contact_shouhou']) ? trim($_POST['contact_shouhou']) : '';
$contact_caiwu = isset($_POST['contact_caiwu']) ? trim($_POST['contact_caiwu']) : '';
$contact_jishu = isset($_POST['contact_jishu']) ? trim($_POST['contact_jishu']) : '';
$add_time = gmtime();
/* 图片上传处理 */
$upload_size_limit = $_CFG['upload_size_limit'] == '-1' ? ini_get('upload_max_filesize') : $_CFG['upload_size_limit'];
$last_char = strtolower($upload_size_limit[strlen($upload_size_limit) - 1]);
switch ($last_char) {
case 'm':
$upload_size_limit *= 1024 * 1024;
break;
case 'k':
$upload_size_limit *= 1024;
break;
}
if (isset($_FILES['zhizhao']) && $_FILES['zhizhao']['tmp_name'] != '' && isset($_FILES['zhizhao']['tmp_name']) && $_FILES['zhizhao']['tmp_name'] != 'none') {
if ($_FILES['zhizhao']['size'] / 1024 > $upload_size_limit) {
$err->add(sprintf($_LANG['upload_file_limit'], $upload_size_limit));
$err->show($_LANG['back_up_page']);
}
$zhizhao_img = upload_file($_FILES['zhizhao'], 'supplier');
if ($zhizhao_img === false) {
$err->add('业执照图片上传失败!');
$err->show($_LANG['back_up_page']);
} else {
$sql_img = "zhizhao='{$zhizhao_img}',";
}
}
if (isset($_FILES['id_card']) && $_FILES['id_card']['tmp_name'] != '' && isset($_FILES['id_card']['tmp_name']) && $_FILES['id_card']['tmp_name'] != 'none') {
if ($_FILES['id_card']['size'] / 1024 > $upload_size_limit) {
$err->add(sprintf($_LANG['upload_file_limit'], $upload_size_limit));
$err->show($_LANG['back_up_page']);
}
$id_card_img = upload_file($_FILES['id_card'], 'supplier');
if ($id_card_img === false) {
$err->add('身份证图片上传失败!');
$err->show($_LANG['back_up_page']);
} else {
$sql_img .= "id_card='{$id_card_img}', ";
}
}
$sql = "select supplier_id from " . $ecs->table('supplier') . " where user_id='{$user_id}' ";
$supplier_id = $db->getOne($sql);
if ($supplier_id) {
$mes = '供货商申请修改成功,已经重新进入审核流程,请留意审核结果!';
$sql = "update " . $ecs->table('supplier') . " set supplier_name='{$supplier_name}', rank_id='{$rank_id}', company_name='{$company_name}', " . "country='{$country}', province='{$province}', city='{$city}', district='{$district}', address='{$address}', tel='{$tel}', guimo='{$guimo}', email='{$email}', " . "company_type='{$company_type}', bank='{$bank}', " . $sql_img . " contact='{$contact}', contact_back='{$contact_back}', contact_shop='{$contact_shop}', contact_yunying='{$contact_yunying}', contact_shouhou='{$contact_shouhou}', contact_caiwu='{$contact_caiwu}', contact_jishu='{$contact_jishu}'," . "status='0' " . " where supplier_id='{$supplier_id}' ";
} else {
$mes = '供货商申请提交成功,已经进入审核流程,请留意审核结果!';
$sql = "insert into " . $ecs->table('supplier') . "(user_id, supplier_name, rank_id, company_name, country, province, city, district, address, tel, guimo, email," . "company_type, bank, zhizhao, id_card, contact, contact_back, contact_shop, contact_yunying, contact_shouhou, contact_caiwu, contact_jishu, add_time) " . " values('{$user_id}', '{$supplier_name}', '{$rank_id}', '{$company_name}', '{$country}', '{$province}', '{$city}', '{$district}', '{$address}', '{$tel}', '{$guimo}', '{$email}', " . "'{$company_type}', '{$bank}', '{$zhizhao_img}', '{$id_card_img}', '{$contact}', '{$contact_back}', '{$contact_shop}', '{$contact_yunying}', '{$contact_shouhou}', '{$contact_caiwu}', '{$contact_jishu}', '{$add_time}')";
}
$db->query($sql);
show_message($mes, '返回上一页', 'user.php?act=supplier_reg', 'info');
}
$result = array();
$files = diverse_array($files);
foreach ($files as $file) {
$f = new UploadedFile();
$f->name = $file['name'];
$f->mime = $file['type'];
$f->size = $file['size'];
$f->tempfile = $file['tmp_name'];
$f->error = $file['error'];
// 'expire' doesn't exist neither in $_FILES nor in UploadedFile;
// commented out for future implementation
//$f->expire = $file['expire'];
$result[] = $f;
}
return $result;
}
$type = isset($_GET['output']) ? $_GET['output'] : 'json';
$response = new Response($type);
if (isset($_FILES['files'])) {
$uploads = refiles($_FILES['files']);
try {
foreach ($uploads as $upload) {
$res[] = upload_file($upload);
}
$response->send($res);
} catch (Exception $e) {
$response->error($e->getCode(), $e->getMessage());
}
} else {
$response->error(400, 'No input file(s)');
}
<?php
function upload_file($file)
{
if ($file['name'] == '') {
echo 'Файл не выбран!';
return;
}
if (copy($file['tmp_name'], 'img/' . $file['name'])) {
echo 'Файл успешно загружен';
} else {
echo 'Ошибка загрузки файла';
}
}
if (isset($_FILES['file'])) {
upload_file($_FILES['file']);
}
set_alert($type, $msg);
safe_redirect($page);
}
if (isset($_POST['btn-pages-home'])) {
if (isset($_POST['slideshow_id'])) {
$sort = $_POST['order_image'];
$id = $_POST['slideshow_id'];
if ($_POST['btn-pages-home'] == "Save Changes") {
foreach ($id as $keys => $id) {
$id = filter_var($id, FILTER_SANITIZE_NUMBER_INT);
$get_slideshow = $_get->get_slideshow($id);
$validate = $_get->validate_slideshow($id);
$keys = (int) $keys + 1;
$slideshow_total = 0;
if ($_FILES['upload_slider_' . $id]['name'] != '') {
$filename = upload_file($_global_general->url, 'images', $_FILES['upload_slider_' . $id], 'slideshow', 'files/uploads/slideshow/', $ini_max_upload);
if ($validate->rows > 0) {
//unlink("../".$get_slideshow->filename);
$_update->update_slideshow($filename, $id);
} else {
$_update->insert_slideshow($id, $filename, $id);
}
}
}
foreach ($sort as $key => $order) {
$order = filter_var($order, FILTER_SANITIZE_NUMBER_INT);
$slide_id = (int) $key + 1;
$_update->update_order($slide_id, $order);
}
}
}
<table width="90%" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td width="5" valign="top"></td><td></td><td width="5"></td>
</tr>
<tr height="600" valign="top">
<td background="../imagenes/borde_izq_tabla.png"> </td>
<td>
<!--Todo el contenido de cada página--->
<?php
menu_interno();
switch ($op) {
case "upload_form":
upload_form();
break;
case "upload_file":
upload_file($archivo, $archivo_name);
break;
case "guardar_temp":
guardar_temp();
listado($f_linea, $f_area, $f_estacion, $pagina);
break;
case "nuevo":
nuevo($area);
break;
case "guardar":
guardar($area, $estacion, $nombre);
nuevo($area);
break;
case "listado":
listado($f_linea, $f_area, $f_estacion, $pagina);
break;
/**
* 添加留言函数.
*
* @param array $message
*
* @return boolen $bool
*/
function add_message($message)
{
$upload_size_limit = $GLOBALS['_CFG']['upload_size_limit'] == '-1' ? ini_get('upload_max_filesize') : $GLOBALS['_CFG']['upload_size_limit'];
$status = 1 - $GLOBALS['_CFG']['message_check'];
$last_char = strtolower($upload_size_limit[strlen($upload_size_limit) - 1]);
switch ($last_char) {
case 'm':
$upload_size_limit *= 1024 * 1024;
break;
case 'k':
$upload_size_limit *= 1024;
break;
}
if ($message['upload']) {
if ($_FILES['message_img']['size'] / 1024 > $upload_size_limit) {
$GLOBALS['err']->add(sprintf($GLOBALS['_LANG']['upload_file_limit'], $upload_size_limit));
return false;
}
$img_name = upload_file($_FILES['message_img'], 'feedbackimg');
if ($img_name === false) {
return false;
}
} else {
$img_name = '';
}
if (empty($message['msg_title'])) {
$GLOBALS['err']->add($GLOBALS['_LANG']['msg_title_empty']);
return false;
}
$message['msg_area'] = isset($message['msg_area']) ? intval($message['msg_area']) : 0;
$sql = 'INSERT INTO ' . $GLOBALS['ecs']->table('feedback') . ' (msg_id, parent_id, user_id, user_name, user_email, msg_title, msg_type, msg_status, msg_content, msg_time, message_img, order_id, msg_area)' . " VALUES (NULL, 0, '{$message['user_id']}', '{$message['user_name']}', '{$message['user_email']}', " . " '{$message['msg_title']}', '{$message['msg_type']}', '{$status}', '{$message['msg_content']}', '" . gmtime() . "', '{$img_name}', '{$message['order_id']}', '{$message['msg_area']}')";
$GLOBALS['db']->query($sql);
return true;
}
echo mysql_error();
}
}
}
}
if (!login_varify()) {
exit;
}
if (isset($_POST['action'])) {
if ($_POST['action'] == 'manage_blob') {
main_menu();
upload_download_delete_blob();
}
if ($_POST['action'] == 'upload_file') {
main_menu();
upload_file();
}
if ($_POST['action'] == 'download_file') {
download_file();
}
if ($_POST['action'] == 'delete_file') {
main_menu();
delete_file();
}
}
/*
echo '<pre>';
print_r($GLOBALS);
echo '</pre>';
*/
} else {
if ($id == 'upload') {
$title = $upld3;
$files_uploaded_list = '';
$freq_count = array_count_values($_FILES['F']['error']);
if (isset($freq_count[UPLOAD_ERR_NO_FILE]) && $freq_count[UPLOAD_ERR_NO_FILE] >= sizeof($_FILES['F']['error'])) {
$content = $upld10;
} else {
foreach ($_FILES['F']['name'] as $key => $name) {
if ($_FILES['F']['error'][$key] == UPLOAD_ERR_NO_FILE) {
continue;
}
if (!@getimagesize($_FILES['F']['tmp_name'][$key])) {
$files_uploaded_list .= "<li>{$name} is not a valid image file.</li>";
} else {
$files_uploaded_list .= '<li>' . upload_file($key, $uploads_ext) . '</li>';
}
}
$content = <<<html
<p>{$ind262}</p>
<ol>
\t{$files_uploaded_list}
</ol>
<p><a href="?">{$upld4}</a></p>
html;
}
} else {
if ($id == 'imagelist') {
$title = $upld4;
$content = <<<html
<p><a href="?id=imagelist">{$upld5}</a></p>
case 'upload_file':
//write_file(PHPDISK_ROOT.'system/2.txt',var_export($_POST,true));
//write_file(PHPDISK_ROOT.'system/3.txt',var_export($_FILES,true));
$file = $_FILES['file1'];
$file_name = trim(gpc('file_name', 'P', ''));
$file_do_name = trim(gpc('file_do_name', 'P', ''));
$file_local_path = trim(gpc('file_local_path', 'P', ''));
$folder_id = (int) gpc('folder_id', 'P', 0);
$file_size = (int) gpc('file_size', 'P', 0);
$file_parts = (int) gpc('file_parts', 'P', 0);
$tmp_dir = PHPDISK_ROOT . 'system/cache/';
make_dir($tmp_dir);
$file_local_path = is_utf8() ? convert_str('gbk', 'utf-8', $file_local_path) : $file_local_path;
$file_do_name = is_utf8() ? convert_str('gbk', 'utf-8', $file_do_name) : $file_do_name;
$file_name = is_utf8() ? convert_str('gbk', 'utf-8', $file_name) : $file_name;
if (upload_file($file['tmp_name'], $tmp_dir . $file[name])) {
//insert db
$file_store_path = date('Y/m/d/');
$file_extension = get_extension($file_do_name);
$esp = strlen($file_extension) + 1;
$file_real_name = $file_extension ? substr($file_do_name, 0, strlen($file_do_name) - $esp) : $file_do_name;
$file_name = $file_extension ? substr($file_name, 0, strlen($file_name) - $esp) : $file_name;
$rs = @$db->fetch_one_array("select id from {$tpf}uploadx_files where userid='{$uid}' and file_store_path='{$file_store_path}' and file_real_name='{$file_real_name}' and file_name='{$file_name}'");
if (!$rs) {
$ins = array('id' => random(8), 'userid' => $uid, 'file_name' => $file_name, 'file_extension' => $file_extension, 'file_size' => $file_size, 'file_parts' => $file_parts, 'file_local_path' => $db->escape(str_replace('\\\\', '\\', $file_local_path)), 'file_store_path' => $file_store_path, 'file_real_name' => $file_real_name, 'file_time' => $timestamp, 'folder_id' => (int) $folder_id, 'ip' => $onlineip);
//write_file(PHPDISK_ROOT.'system/a.txt',var_export($ins,true),'ab');
$db->query_unbuffered("insert into {$tpf}uploadx_files set " . $db->sql_array($ins) . "");
} else {
$ins = array('file_parts' => $file_parts, 'file_store_path' => $file_store_path, 'file_time' => $timestamp, 'ip' => $onlineip);
$db->query_unbuffered("update {$tpf}uploadx_files set " . $db->sql_array($ins) . " where id='{$rs[id]}'");
}
/** @noinspection PhpInconsistentReturnPointsInspection */
protected function verify_file_upload()
{
global $locale;
require_once INCLUDES . "infusions_include.php";
if ($this->field_config['multiple']) {
if (!empty($_FILES[$this->field_config['input_name']]['name'])) {
$upload = array('error' => 0);
if ($this->field_config['max_count'] < count($_FILES[$this->field_config['input_name']]['name'])) {
$this->stop();
$upload = array('error' => 1);
addNotice('danger', $locale['df_424']);
self::setInputError($this->field_name);
} else {
for ($i = 0; $i <= count($_FILES[$this->field_config['input_name']]['name']) - 1; $i++) {
if ($this->field_config['max_count'] == $i) {
break;
}
$source_file = $this->field_config['input_name'];
$target_file = $_FILES[$this->field_config['input_name']]['name'][$i];
$target_folder = $this->field_config['path'];
$valid_ext = $this->field_config['valid_ext'];
$max_size = $this->field_config['max_byte'];
$query = '';
if (is_uploaded_file($_FILES[$source_file]['tmp_name'][$i])) {
if (stristr($valid_ext, ',')) {
$valid_ext = explode(",", $valid_ext);
} elseif (stristr($valid_ext, '|')) {
$valid_ext = explode("|", $valid_ext);
} else {
$this->stop();
addNotice('warning', 'Fusion Dynamics invalid accepted extension format. Please use either | or ,');
}
$file = $_FILES[$source_file];
$file_type = $file['type'][$i];
if ($target_file == "" || preg_match("/[^a-zA-Z0-9_-]/", $target_file)) {
$target_file = stripfilename(substr($file['name'][$i], 0, strrpos($file['name'][$i], ".")));
}
$file_ext = strtolower(strrchr($file['name'][$i], "."));
$file_dest = rtrim($target_folder, '/') . '/';
$upload_file = array("source_file" => $source_file, "source_size" => $file['size'][$i], "source_ext" => $file_ext, "target_file" => $target_file . $file_ext, "target_folder" => $target_folder, "valid_ext" => $valid_ext, "max_size" => $max_size, "query" => $query, "error" => 0);
if ($file['size'][$i] > $max_size) {
// Maximum file size exceeded
$upload['error'] = 1;
} elseif (!in_array($file_ext, $valid_ext)) {
// Invalid file extension
$upload['error'] = 2;
} else {
$target_file = filename_exists($file_dest, $target_file . $file_ext);
$upload_file['target_file'] = $target_file;
move_uploaded_file($file['tmp_name'][$i], $file_dest . $target_file);
if (function_exists("chmod")) {
chmod($file_dest . $target_file, 0644);
}
if ($query && !dbquery($query)) {
// Invalid query string
$upload['error'] = 3;
if (file_exists($file_dest . $target_file)) {
unlink($file_dest . $target_file);
}
}
}
if ($upload['error'] !== 0) {
if (file_exists($file_dest . $target_file . $file_ext)) {
@unlink($file_dest . $target_file . $file_ext);
}
}
$upload['source_file'][$i] = $upload_file['source_file'];
$upload['source_size'][$i] = $upload_file['source_size'];
$upload['source_ext'][$i] = $upload_file['source_ext'];
$upload['target_file'][$i] = $upload_file['target_file'];
$upload['target_folder'][$i] = $upload_file['target_folder'];
$upload['valid_ext'][$i] = $upload_file['valid_ext'];
$upload['max_size'][$i] = $upload_file['max_size'];
$upload['query'][$i] = $upload_file['query'];
$upload['type'][$i] = $file_type;
} else {
// File not uploaded
$upload['error'] = array("error" => 4);
}
if ($upload['error'] !== 0) {
$this->stop();
switch ($upload['error']) {
case 1:
// Maximum file size exceeded
addNotice('danger', sprintf($locale['df_416'], parsebytesize($this->field_config['max_byte'])));
self::setInputError($this->field_name);
break;
case 2:
// Invalid File extensions
addNotice('danger', sprintf($locale['df_417'], $this->field_config['valid_ext']));
self::setInputError($this->field_name);
break;
case 3:
// Invalid Query String
addNotice('danger', $locale['df_422']);
self::setInputError($this->field_name);
break;
case 4:
// File not uploaded
addNotice('danger', $locale['df_423']);
self::setInputError($this->field_name);
break;
}
}
}
}
return $upload;
} else {
return array();
}
} else {
if (!empty($_FILES[$this->field_config['input_name']]['name']) && is_uploaded_file($_FILES[$this->field_config['input_name']]['tmp_name']) && $this->safe()) {
$upload = upload_file($this->field_config['input_name'], $_FILES[$this->field_config['input_name']]['name'], $this->field_config['path'], $this->field_config['valid_ext'], $this->field_config['max_byte']);
if ($upload['error'] != 0) {
$this->stop();
// return FALSE
switch ($upload['error']) {
case 1:
// Maximum file size exceeded
addNotice('danger', sprintf($locale['df_416'], parsebytesize($this->field_config['max_byte'])));
self::setInputError($this->field_name);
break;
case 2:
// Invalid File extensions
addNotice('danger', sprintf($locale['df_417'], $this->field_config['valid_ext']));
self::setInputError($this->field_name);
break;
case 3:
// Invalid Query String
addNotice('danger', $locale['df_422']);
self::setInputError($this->field_name);
break;
case 4:
// File not uploaded
addNotice('danger', $locale['df_423']);
self::setInputError($this->field_name);
break;
}
} else {
return $upload;
}
} else {
return FALSE;
}
}
}
/**
* 函数用途描述
* @date: 2015-12-29 上午07:23:33
* @author: zhouqg
* @param: variable
* @return:
*/
public function do_edit()
{
C('TOKEN_ON', false);
//关闭表单验证
//配置文件开启了表单令牌验证 防止表单重复提交
$m = D('Page');
$id = I('post.id');
if (!$m->autoCheckToken($_POST)) {
$this->error('表单重复提交!');
}
//自动创建 不需要接收表单
if (!$m->create()) {
$this->error($m->geterror());
}
//文件上传
$file = $_FILES['page_pic']['name'];
if (!empty($file)) {
$upload = upload_file('Page');
if ($upload['success'] == '1') {
//文件上传成功
delete_file(I('post.d_page_pic'));
//删除被替换的文件
$m->page_pic = $upload['url'];
} else {
//文件上传失败
$this->error($upload['error']);
}
}
//文件上传结束
$arr = $m->save();
if ($arr) {
$this->success("修改成功", U('Page/index'));
} else {
$this->error('修改失败');
}
}
$keywords = filter_var($_POST['keywords'], FILTER_SANITIZE_STRING);
$visibility = filter_var($_POST['visibility'], FILTER_SANITIZE_NUMBER_INT);
$check_title = $_get->check_news_title($title, $news_id);
if ($check_title->rows > 0) {
if ($news_detail->category_alias == $alias) {
$alias = $alias;
} else {
$alias = $title . "-" . $check_title->rows;
}
} else {
$alias = $alias;
}
/* --- IMAGE --- */
for ($i = 1; $i <= 15; $i++) {
if ($_FILES['upload_news_' . $i]['name'] != '') {
$image = upload_file($_global_general->url, 'images', $_FILES['upload_news_' . $i], 'news', 'files/uploads/news-image/', $ini_max_upload);
$countImg = $_get->count_news_image($news_id, $i);
if ($countImg->rows > 0) {
$_update->update_news_img($image, $news_id, $i);
} else {
$_update->insert_news_img($news_id, $image, $i);
}
} else {
$image_delete = filter_var($_POST['delete_news_' . $i], FILTER_SANITIZE_NUMBER_INT);
if ($image_delete == 1) {
$image = '';
$_update->delete_news_img($news_id, $i);
if (is_file('../' . $news_detail->news_image)) {
unlink('../' . $news_detail->news_image);
}
} else {
jsonError("unauthorised HAPI user");
}
}
if (!is_logged_in()) {
jsonError("no logged-in user");
}
if ($_SERVER['REQUEST_METHOD'] == 'POST' && empty($_POST) && empty($_FILES) && $_SERVER['CONTENT_LENGTH'] > 0) {
jsonError("File is too large. " . $_SERVER['CONTENT_LENGTH'] . " bytes exceeds the limit of " . ini_get('post_max_size') . ". Please get system administrator to increase the file size limits or load your large files on a video server or other suitable web service and use the URL to reference the file here");
} else {
$upload = @$_FILES["file"];
if ($upload) {
mysql_connection_overwrite(DATABASE);
mysql_query("start transaction");
//POST Content-Length of 103399974 bytes exceeds the limit of 29360128 bytes in Unknown on line
//$upload["type"]
$fileID = upload_file($upload["name"], null, $upload["tmp_name"], $upload["error"], $upload["size"], $_REQUEST["description"], false);
if (is_numeric($fileID)) {
$file = get_uploaded_file_info($fileID, false);
print json_format($file);
mysql_query("commit");
} else {
if ($fileID) {
jsonError($fileID);
} else {
if ($_FILES["file"]["error"]) {
jsonError("uploaded file was too large");
} else {
jsonError("file upload was interrupted");
}
}
}
