/** * Returns a new "image" object based on the file extension * * @param object $album the owner album * @param string $filename the filename * @param bool $quiet set true to supress error messages (used by loadimage) * @return object */ function newImage($album, $filename, $quiet = false) { global $_zp_extra_filetypes, $_zp_missing_image; if (is_array($filename)) { $xalbum = newAlbum($filename['folder'], true, true); $filename = $filename['filename']; } else { if ($album->isDynamic()) { $xalbum = NULL; foreach ($album->getImages() as $image) { if ($filename == $image['filename']) { $xalbum = newAlbum($image['folder']); break; } } } else { $xalbum = $album; } } if (!is_object($xalbum) || !$xalbum->exists || !isAlbumClass($xalbum)) { if (!$quiet) { $msg = sprintf(gettext('Bad album object parameter to newImage(%s)'), $filename); trigger_error($msg, E_USER_NOTICE); } return $_zp_missing_image; } if ($object = Gallery::validImageAlt($filename)) { $image = new $object($xalbum, $filename, $quiet); } else { if (Gallery::validImage($filename)) { $image = new Image($xalbum, $filename, $quiet); } else { $image = NULL; } } if ($image) { if ($album && $album->isDynamic()) { $image->albumname = $album->name; $image->albumlink = $album->linkname; $image->albumnamealbum = $album; } zp_apply_filter('image_instantiate', $image); if ($image->exists) { return $image; } else { return $_zp_missing_image; } } if (!$quiet) { $msg = sprintf(gettext('Bad filename suffix in newImage(%s)'), $filename); trigger_error($msg, E_USER_NOTICE); } return $_zp_missing_image; }
/** * Load all of the filenames that are found in this Albums directory on disk. * Returns an array with all the names. * * @param $dirs Whether or not to return directories ONLY with the file array. * @return array */ protected function loadFileNames($dirs = false) { clearstatcache(); $albumdir = $this->localpath; $dir = @opendir($albumdir); if (!$dir) { if (is_dir($albumdir)) { $msg = sprintf(gettext("Error: The album %s is not readable."), html_encode($this->name)); } else { $msg = sprintf(gettext("Error: The album named %s cannot be found."), html_encode($this->name)); } trigger_error($msg, E_USER_NOTICE); return array(); } $files = array(); $others = array(); while (false !== ($file = readdir($dir))) { $file8 = filesystemToInternal($file); if (@$file8[0] != '.') { if ($dirs && (is_dir($albumdir . $file) || hasDynamicAlbumSuffix($file))) { $files[] = $file8; } else { if (!$dirs && is_file($albumdir . $file)) { if (Gallery::validImageAlt($file)) { $files[] = $file8; $others[] = $file8; } else { if (Gallery::validImage($file)) { $files[] = $file8; } } } } } } closedir($dir); if (count($others) > 0) { $others_thumbs = array(); foreach ($others as $other) { $others_root = substr($other, 0, strrpos($other, ".")); foreach ($files as $image) { if ($image != $other) { $image_root = substr($image, 0, strrpos($image, ".")); if ($image_root == $others_root && Gallery::validImage($image)) { $others_thumbs[] = $image; } } } } $files = array_diff($files, $others_thumbs); } if ($dirs) { return zp_apply_filter('album_filter', $files); } else { return zp_apply_filter('image_filter', $files); } }
/** * Handles the special cases of album/image[rewrite_suffix] * * Separates the image part from the album if it is an image reference * Strips off the mod_rewrite_suffix if present * Handles dynamic album names that do not have the .alb suffix appended * * @param string $albumvar $_GET index for "albums" * @param string $imagevar $_GET index for "images" */ function rewrite_get_album_image($albumvar, $imagevar) { global $_zp_rewritten, $_zp_albumHandlers; $ralbum = isset($_GET[$albumvar]) ? trim(sanitize_path($_GET[$albumvar]), '/') : NULL; $rimage = isset($_GET[$imagevar]) ? sanitize($_GET[$imagevar]) : NULL; // we assume that everything is correct if rewrite rules were not applied if ($_zp_rewritten) { if (!empty($ralbum) && empty($rimage)) { // rewrite rules never set the image part! $path = internalToFilesystem(getAlbumFolder(SERVERPATH) . $ralbum); if (IM_SUFFIX) { // require the rewrite have the suffix as well if (preg_match('|^(.*)' . preg_quote(IM_SUFFIX) . '$|', $ralbum, $matches)) { //has an IM_SUFFIX attached $rimage = basename($matches[1]); $ralbum = trim(dirname($matches[1]), '/'); $path = internalToFilesystem(getAlbumFolder(SERVERPATH) . $ralbum); } } else { // have to figure it out if (Gallery::validImage($ralbum) || Gallery::validImageAlt($ralbum)) { // it is an image request $rimage = basename($ralbum); $ralbum = trim(dirname($ralbum), '/'); $path = internalToFilesystem(getAlbumFolder(SERVERPATH) . $ralbum); } } if (!is_dir($path)) { if ($suffix = isHandledAlbum($path)) { // it is a dynamic album sans suffix $ralbum .= '.' . $suffix; } } } if (empty($ralbum)) { unset($_GET[$albumvar]); } else { $_GET[$albumvar] = $ralbum; } if (empty($rimage)) { unset($_GET[$imagevar]); } else { $_GET[$imagevar] = $rimage; } } return array($ralbum, $rimage); }
$album->setOwner($_zp_current_admin_obj->getUser()); } $album->save(); } else { $AlbumDirName = str_replace(SERVERPATH, '', $_zp_gallery->albumdir); zp_error(gettext("The album could not be created in the “albums” folder. This is usually a permissions problem. Try setting the permissions on the “albums” and “cache” folders to be world-writable using a shell:") . " <code>chmod 777 " . $AlbumDirName . '/' . CACHEFOLDER . '/' . "</code>, " . gettext("or use your FTP program to give everyone write permissions to those folders.")); } foreach ($_FILES['files']['error'] as $key => $error) { $filecount++; if ($error == UPLOAD_ERR_OK) { $tmp_name = $_FILES['files']['tmp_name'][$key]; $name = sanitize_path($_FILES['files']['name'][$key]); $soename = seoFriendly($name); $error = zp_apply_filter('check_upload_quota', UPLOAD_ERR_OK, $tmp_name); if (!$error) { if (Gallery::validImage($name) || Gallery::validImageAlt($name)) { if (strrpos($soename, '.') === 0) { $soename = md5($name) . $soename; } // soe stripped out all the name. if (!$error) { $uploadfile = $targetPath . '/' . internalToFilesystem($soename); if (file_exists($uploadfile)) { $append = '_' . time(); $soename = stripSuffix($soename) . $append . '.' . getSuffix($soename); $uploadfile = $targetPath . '/' . internalToFilesystem($soename); } move_uploaded_file($tmp_name, $uploadfile); @chmod($uploadfile, FILE_MOD); $image = newImage($album, $soename); $image->setOwner($_zp_current_admin_obj->getUser());
private function handle_file_upload($uploaded_file, $name, $size, $type, $error) { global $folder, $targetPath, $_zp_current_admin_obj; $file = new stdClass(); $name = $this->trim_file_name($name, $type); $seoname = seoFriendly($name); if (strrpos($seoname, '.') === 0) { $seoname = sha1($name) . $seoname; } // soe stripped out all the name. $targetFile = $targetPath . '/' . internalToFilesystem($seoname); if (file_exists($targetFile)) { $append = '_' . time(); $seoname = stripSuffix($seoname) . $append . '.' . getSuffix($seoname); $targetFile = $targetPath . '/' . internalToFilesystem($seoname); } $file->name = $seoname; $file->size = intval($size); $file->type = $type; $error = $this->has_error($uploaded_file, $file, $error); if (!$error && $file->name) { $file_path = $this->options['upload_dir'] . $file->name; $append_file = !$this->options['discard_aborted_uploads'] && is_file($file_path) && $file->size > filesize($file_path); clearstatcache(); if ($uploaded_file && is_uploaded_file($uploaded_file)) { // multipart/formdata uploads (POST method uploads) if ($append_file) { file_put_contents($file_path, fopen($uploaded_file, 'r'), FILE_APPEND); } else { move_uploaded_file($uploaded_file, $file_path); if (Gallery::validImage($name) || Gallery::validImageAlt($name)) { @chmod($targetFile, FILE_MOD); $album = newAlbum($folder); $image = newImage($album, $seoname); $image->setOwner($_zp_current_admin_obj->getUser()); if ($name != $seoname && $image->getTitle() == substr($seoname, 0, strrpos($seoname, '.'))) { $image->setTitle(stripSuffix($name, '.')); } $image->save(); } else { if (is_zip($targetFile)) { unzip($targetFile, $targetPath); unlink($targetFile); } else { $file->error = $error = UPLOAD_ERR_EXTENSION; // invalid file uploaded } } } } else { // Non-multipart uploads (PUT method support) file_put_contents($file_path, fopen('php://input', 'r'), $append_file ? FILE_APPEND : 0); } $file_size = filesize($file_path); if ($file_size === $file->size) { $file->url = $this->options['upload_url'] . rawurlencode($file->name); foreach ($this->options['image_versions'] as $version => $options) { if ($this->create_scaled_image($file->name, $options)) { $file->{$version . '_url'} = $options['upload_url'] . rawurlencode($file->name); } } } else { if ($this->options['discard_aborted_uploads']) { @chmod($file_path, 0777); unlink($file_path); $file->error = 'abort'; } } $file->size = $file_size; $file->delete_url = $this->options['script_url'] . '?file=' . rawurlencode($file->name); $file->delete_type = 'DELETE'; } else { $file->error = $error; } return $file; }
/** * @deprecated * @since 1.4.6 * */ function is_valid_other_type($filename) { deprecated_functions::notify(gettext("use Gallery::validImageAlt()")); return Gallery::validImageAlt($filename); }
/** * Unzips an image archive * * @param file $file the archive * @param string $dir where the images go */ function unzip($file, $dir) { //check if zziplib is installed if (function_exists('zip_open')) { $zip = zip_open($file); if ($zip) { while ($zip_entry = zip_read($zip)) { // Skip non-images in the zip file. $fname = zip_entry_name($zip_entry); $seoname = internalToFilesystem(seoFriendly($fname)); if (Gallery::validImage($seoname) || Gallery::validImageAlt($seoname)) { if (zip_entry_open($zip, $zip_entry, "r")) { $buf = zip_entry_read($zip_entry, zip_entry_filesize($zip_entry)); $path_file = str_replace("/", DIRECTORY_SEPARATOR, $dir . '/' . $seoname); $fp = fopen($path_file, "w"); fwrite($fp, $buf); fclose($fp); clearstatcache(); zip_entry_close($zip_entry); $albumname = substr($dir, strlen(ALBUM_FOLDER_SERVERPATH)); $album = newAlbum($albumname); $image = newImage($album, $seoname); if ($fname != $seoname) { $image->setTitle($fname); $image->save(); } } } } zip_close($zip); } } else { require_once dirname(__FILE__) . '/lib-pclzip.php'; $zip = new PclZip($file); if ($zip->extract(PCLZIP_OPT_PATH, $dir, PCLZIP_OPT_REMOVE_ALL_PATH) == 0) { return false; } } return true; }