if ($_FILES['txtFile']['error'] && $_FILES['txtFile']['name']) {
$blnSubmitForm = false;
$strFileSubmitError = $CMS->FL->SubmissionError($_FILES['txtFile']['error']);
$strFileError = $CMS->AC->InvalidFormData($strFileSubmitError);
}
$FU = new FileUpload();
if ($_FILES['txtFile']['name']) {
$FU->Setup($_FILES['txtFile']['name'], "Avatar", "");
} else {
$blnSubmitForm = false;
$strFileError = $CMS->AC->InvalidFormData("");
}
// Check file size
if ($_FILES['txtFile']['size'] > $intMaxFileSize) {
$blnSubmitForm = false;
$strFileError = $CMS->Err_MWarn(M_ERR_UPLOAD_FILESIZE, $FU->GetDBFilePath());
}
// Prevent two uploads referencing the same file
if ($_FILES['txtFile']['name']) {
if ($CMS->FL->IsDuplicateFile($FU->GetDBFilePath(), "")) {
$blnSubmitForm = false;
$strFileError = $CMS->Err_MWarn(M_ERR_UPLOAD_DUPLICATE, $FU->GetDBFilePath());
}
// Is this a valid image?
$strExtension = $CMS->GetExtensionFromPath($FU->GetDBFilePath());
if (strtoupper($strExtension) != "JPG" && strtoupper($strExtension) != "PNG") {
$blnSubmitForm = false;
$strFileError = $CMS->Err_MWarn(M_ERR_UPLOAD_NOT_IMAGE, $FU->GetDBFilePath());
}
}
if ($blnSubmitForm) {
if ($_FILES['txtFile']['error'] && $_FILES['txtFile']['name']) {
$blnSubmitForm = false;
$strFileSubmitError = $CMS->FL->SubmissionError($_FILES['txtFile']['error']);
$strFileError = $CMS->AC->InvalidFormData($strFileSubmitError);
}
// OK to upload?
$FU = new FileUpload();
if ($_FILES['txtFile']['name']) {
$FU->Setup($_FILES['txtFile']['name'], "File", "Upload");
} elseif ($_POST['txtFileLocation']) {
$FU->Setup($_POST['txtFileLocation'], "File", "Link");
}
// Prevent two uploads referencing the same file
if ($_FILES['txtFile']['name']) {
$strCurrentFileID = $blnExistingAttachment ? $intFileID : "";
if ($CMS->FL->IsDuplicateFile($FU->GetDBFilePath(), $strCurrentFileID)) {
$blnSubmitForm = false;
$strFileError = $CMS->Err_MWarn(M_ERR_UPLOAD_DUPLICATE, $FU->GetDBFilePath());
} else {
// Is this a valid file?
$fileExtension = $CMS->GetExtensionFromPath($FU->GetDBFilePath());
$fileExtension = strtoupper($fileExtension);
$allowedTypesArray = explode(",", C_ALLOWED_FILE_TYPES);
if (!in_array($fileExtension, $allowedTypesArray)) {
$blnSubmitForm = false;
$strFileError = $CMS->Err_MWarn("For security reasons, this file type is not permitted. [{$fileExtension}]", $FU->GetDBFilePath());
}
}
}
}
// ** Check if OK to submit ** //
