public function upload($username)
{
if (!get('_csrf') or !csrf(get('_csrf'))) {
return response::error('unauthenticated access');
}
$user = $this->user($username);
if (!$user) {
return response::error(l('users.avatar.error.missing'));
}
if (!site()->user()->isAdmin() and !$user->isCurrent()) {
return response::error('You are not allowed to upload an avatar for this user');
}
$root = $user->avatar() ? $user->avatar()->root() : $user->avatarRoot('{safeExtension}');
$upload = new Upload($root, array('accept' => function ($upload) {
if ($upload->type() != 'image') {
throw new Error(l('users.avatar.error.type'));
}
}));
if ($upload->file()) {
thumb::$defaults['root'] = dirname($upload->file()->root());
$thumb = new Thumb($upload->file(), array('filename' => $upload->file()->filename(), 'overwrite' => true, 'width' => 256, 'height' => 256, 'crop' => true));
kirby()->trigger('panel.avatar.upload', $user->avatar());
return response::success(l('users.avatar.success'));
} else {
return response::error($upload->error()->getMessage());
}
}
public function upload(array $file, array $types = array(), $max_size = NULL)
{
$filename = Upload::file($file, NULL, NULL, $types, $max_size);
$tmp_file = TMPPATH . trim($filename);
if (!file_exists($tmp_file) or is_dir($tmp_file)) {
throw new Kohana_Exception('Tempory file not exists :file', array(':file' => $tmp_file));
}
$path = 'media' . DIRECTORY_SEPARATOR . substr($filename, 0, 3) . DIRECTORY_SEPARATOR;
$abs_path = PUBLICPATH . $path;
if (!is_dir($abs_path)) {
mkdir($abs_path, 0777, TRUE);
chmod($abs_path, 0777);
}
$file = $abs_path . $filename;
if (!copy($tmp_file, $file)) {
throw new Kohana_Exception("Can't copy file :file", array(':file' => $tmp_file));
}
chmod($file, 0777);
unlink($tmp_file);
try {
$content_type = 'image';
$params = getimagesize($file);
} catch (Exception $ex) {
$content_type = 'file';
$params = array();
}
return $this->set('size', filesize($abs_path))->set('content_type', $content_type)->set('filename', str_replace(array('/', '\\'), '/', $path) . $filename)->set('params', $params)->save();
}
public function replace($id = null)
{
if (!get('_csrf') or !csrf(get('_csrf'))) {
return response::error('unauthenticated access');
}
$filename = get('filename');
$file = $this->file($id, $filename);
$blueprint = blueprint::find($this->page($id));
$upload = new Upload($file->root(), array('overwrite' => true, 'accept' => function ($upload) use($file) {
if ($upload->mime() != $file->mime()) {
throw new Error(l('files.replace.error.type'));
}
}));
if ($file = $upload->file()) {
try {
$this->checkUpload($file, $blueprint);
kirby()->trigger('panel.file.replace', $file);
return response::success('success');
} catch (Exception $e) {
$file->delete();
return response::error($e->getMessage());
}
} else {
return response::error($upload->error()->getMessage());
}
}
public function upload($username)
{
$user = $this->user($username);
if (!$user) {
return response::error(l('users.avatar.error.missing'));
}
$root = $user->avatar() ? $user->avatar()->root() : $user->avatarRoot('{safeExtension}');
$upload = new Upload($root, array('accept' => function ($upload) {
if ($upload->type() != 'image') {
throw new Error(l('users.avatar.error.type'));
}
}));
if ($upload->file()) {
thumb::$defaults['root'] = dirname($upload->file()->root());
thumb::$defaults['driver'] = 'im';
$thumb = new Thumb($upload->file(), array('filename' => $upload->file()->filename(), 'overwrite' => true, 'width' => 256, 'height' => 256, 'crop' => true));
return response::success(l('users.avatar.success'));
} else {
return response::error($upload->error()->getMessage());
}
}
public function replace($id)
{
$filename = get('filename');
$file = $this->file($id, $filename);
$upload = new Upload($file->root(), array('overwrite' => true, 'accept' => function ($upload) use($file) {
if ($upload->mime() != $file->mime()) {
throw new Error(l('files.replace.error.type'));
}
}));
if ($upload->file()) {
return response::success('success');
} else {
return response::error($upload->error()->getMessage());
}
}
redirect(HOST . DIR . '/admin/admin_ranks.php');
} else {
redirect(HOST . DIR . '/admin/admin_ranks_add.php?error=incomplete#errorh');
}
} elseif (!empty($_FILES['upload_ranks']['name'])) {
@clearstatcache();
$dir = PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/ranks/';
if (!is_writable($dir)) {
$is_writable = @chmod($dir, 0777) ? true : false;
}
@clearstatcache();
$error = '';
if (is_writable($dir)) {
import('io/upload');
$Upload = new Upload($dir);
if (!$Upload->file('upload_ranks', '`([a-z0-9_ -])+\\.(jpg|gif|png|bmp)+$`i')) {
$error = $Upload->error;
}
} else {
$error = 'e_upload_failed_unwritable';
}
$error = !empty($error) ? '?error=' . $error : '';
redirect(HOST . SCRIPT . $error);
} else {
$Template->set_filenames(array('admin_ranks_add' => 'admin/admin_ranks_add.tpl'));
$get_error = retrieve(GET, 'error', '');
$array_error = array('e_upload_invalid_format', 'e_upload_max_weight', 'e_upload_error', 'e_upload_failed_unwritable');
if (in_array($get_error, $array_error)) {
$Errorh->handler($LANG[$get_error], E_USER_WARNING);
}
if ($get_error == 'incomplete') {
$user_born = strtodate(retrieve(POST, 'user_born', '0'), $LANG['date_birth_parse']);
import('util/captcha');
$Captcha = new Captcha();
$Captcha->set_difficulty($CONFIG_USER['verif_code_difficulty']);
if (!($CONFIG_USER['verif_code'] == '1') || $Captcha->is_valid()) {
if (strlen($login) >= 3 && strlen($password) >= 6 && strlen($password_bis) >= 6) {
if (!empty($login) && !empty($user_mail) && $password_hash === $password_bis_hash) {
####Vérification de la validité de l'avatar####
$user_avatar = '';
//Gestion upload d'avatar.
$dir = '../images/avatars/';
import('io/upload');
$Upload = new Upload($dir);
if (is_writable($dir) && $CONFIG_USER['activ_up_avatar'] == 1) {
if ($_FILES['avatars']['size'] > 0) {
$Upload->file('avatars', '`([a-z0-9()_-])+\\.(jpg|gif|png|bmp)+$`i', UNIQ_NAME, $CONFIG_USER['weight_max'] * 1024);
if (!empty($Upload->error)) {
redirect(HOST . DIR . '/member/register' . url('.php?erroru=' . $Upload->error) . '#errorh');
} else {
$path = $dir . $Upload->filename['avatars'];
$error = $Upload->validate_img($path, $CONFIG_USER['width_max'], $CONFIG_USER['height_max'], DELETE_ON_ERROR);
if (!empty($error)) {
redirect(HOST . DIR . '/member/register' . url('.php?erroru=' . $error) . '#errorh');
} else {
$user_avatar = $path;
}
}
}
}
$path = retrieve(POST, 'avatar', '');
if (!empty($path)) {
<?php
include "models/function.php";
$id = $_GET['id'];
$param = "dop";
$records = DB::select($param);
if (isset($_POST["go"])) {
$arrayDop = array("name" => $_POST['name'], "id_kurs" => $_POST['kurs']);
$dopSrcTmp = Upload::file($_FILES['file'], "materials");
if ($dopSrcTmp || $_POST['url']) {
if ($dopSrcTmp) {
$arrayDop += array("src" => $dopSrcTmp);
} else {
$arrayDop += array("src" => "");
}
if ($_POST['url']) {
$arrayDop += array("url" => $_POST['url']);
} else {
$arrayDop += array("url" => "");
}
}
if ($_POST["go"] == "save") {
DB::insert(DB::insertSql($param, $arrayDop), $arrayDop);
} else {
$idKurs = $_POST["go"];
DB::update(DB::updateSql($param, $arrayDop), $arrayDop, $idKurs);
}
header("Location: materials.php");
}
if (isset($_GET["delete"])) {
Delete::del($_GET["title"], $_GET["delete"]);
require_once '../admin/admin_header.php';
$Cache->load('gallery');
include_once '../gallery/gallery.class.php';
$Gallery = new Gallery();
$idcat = !empty($_GET['cat']) ? numeric($_GET['cat']) : 0;
$idcat_post = !empty($_POST['idcat_post']) ? numeric($_POST['idcat_post']) : 0;
$add_pic = !empty($_GET['add']) ? numeric($_GET['add']) : 0;
$nbr_pics_post = !empty($_POST['nbr_pics']) ? numeric($_POST['nbr_pics']) : 0;
if (isset($_FILES['gallery']) && isset($_POST['idcat_post'])) {
$dir = 'pics/';
import('io/upload');
$Upload = new Upload($dir);
$idpic = 0;
if (is_writable($dir)) {
if ($_FILES['gallery']['size'] > 0) {
$Upload->file('gallery', '`([a-z0-9()_-])+\\.(jpg|gif|png)+$`i', UNIQ_NAME, $CONFIG_GALLERY['weight_max']);
if (!empty($Upload->error)) {
redirect(HOST . DIR . '/gallery/admin_gallery_add.php?error=' . $Upload->error . '#errorh');
} else {
$path = $dir . $Upload->filename['gallery'];
$error = $Upload->validate_img($path, $CONFIG_GALLERY['width_max'], $CONFIG_GALLERY['height_max'], DELETE_ON_ERROR);
if (!empty($error)) {
redirect(HOST . DIR . '/gallery/admin_gallery_add.php?error=' . $error . '#errorh');
} else {
$Gallery->Resize_pics($path);
if (!empty($Gallery->error)) {
redirect(HOST . DIR . '/gallery/admin_gallery_add.php?error=' . $Gallery->error . '#errorh');
}
$name = !empty($_POST['name']) ? strprotect($_POST['name']) : '';
$idpic = $Gallery->Add_pics($idcat_post, $name, $Upload->filename['gallery'], $User->get_attribute('user_id'));
if (!empty($Gallery->error)) {
}
} elseif ($home_folder) {
//Retour à la racine.
AppContext::get_response()->redirect('/admin/admin_files.php');
} elseif (!empty($_FILES['upload_file']['name']) && $folder) {
//Si le dossier n'est pas en écriture on tente un CHMOD 777
@clearstatcache();
$dir = PATH_TO_ROOT . '/upload/';
if (!is_writable($dir)) {
$is_writable = @chmod($dir, 0777);
}
@clearstatcache();
$error = '';
if (is_writable($dir)) {
$Upload = new Upload($dir);
$Upload->file('upload_file', '`([a-z0-9()_-])+\\.(' . implode('|', array_map('preg_quote', FileUploadConfig::load()->get_authorized_extensions())) . ')+$`i', Upload::UNIQ_NAME);
if ($Upload->get_error() != '') {
//Erreur, on arrête ici
AppContext::get_response()->redirect('/admin/admin_files.php?f=' . $folder . '&erroru=' . $Upload->get_error() . '#message_helper');
} else {
$check_user_folder = 0;
try {
$check_user_folder = PersistenceContext::get_querier()->get_column_value(DB_TABLE_UPLOAD_CAT, 'user_id', 'WHERE id=:id', array('id' => $folder));
} catch (RowNotFoundException $e) {
}
$user_id = $check_user_folder <= 0 ? -1 : AppContext::get_current_user()->get_id();
$user_id = max($user_id, $folder_member);
$result = PersistenceContext::get_querier()->insert(DB_TABLE_UPLOAD, array('idcat' => $folder, 'name' => $Upload->get_original_filename(), 'path' => $Upload->get_filename(), 'user_id' => $user_id, 'size' => $Upload->get_human_readable_size(), 'type' => $Upload->get_extension(), 'timestamp' => time()));
$id_file = $result->get_last_inserted_id();
}
} else {
redirect(HOST . DIR . '/admin/admin_themes_add.php?error=e_theme_already_exist#errorh');
}
} elseif (!empty($_FILES['upload_theme']['name'])) {
@clearstatcache();
$dir = '../templates/';
if (!is_writable($dir)) {
$is_writable = @chmod($dir, 0777) ? true : false;
}
@clearstatcache();
$error = '';
if (is_writable($dir)) {
$check_theme = $Sql->query("SELECT COUNT(*) FROM " . DB_TABLE_THEMES . " WHERE theme = '" . strprotect($_FILES['upload_theme']['name']) . "'", __LINE__, __FILE__);
if (empty($check_theme) && !is_dir('../templates/' . $_FILES['upload_theme']['name'])) {
import('io/upload');
$Upload = new Upload($dir);
if ($Upload->file('upload_theme', '`([a-z0-9()_-])+\\.(gzip|zip)+$`i')) {
$archive_path = '../templates/' . $Upload->filename['upload_theme'];
if ($Upload->extension['upload_theme'] == 'gzip') {
import('lib/pcl/pcltar', LIB_IMPORT);
if (!($zip_files = PclTarExtract($Upload->filename['upload_theme'], '../templates/'))) {
$error = $Upload->error;
}
} elseif ($Upload->extension['upload_theme'] == 'zip') {
import('lib/pcl/pclzip', LIB_IMPORT);
$Zip = new PclZip($archive_path);
if (!($zip_files = $Zip->extract(PCLZIP_OPT_PATH, '../templates/', PCLZIP_OPT_SET_CHMOD, 0666))) {
$error = $Upload->error;
}
} else {
$error = 'e_upload_invalid_format';
}
$error_controller = PHPBoostErrors::user_not_authorized();
DispatchManager::redirect($error_controller);
}
//Niveau d'autorisation de la catégorie, accès en écriture.
if (!$Gallery->auth_upload_pics(AppContext::get_current_user()->get_id(), AppContext::get_current_user()->get_level())) {
AppContext::get_response()->redirect('/gallery/gallery' . url('.php?add=1&cat=' . $id_category . '&error=upload_limit', '-' . $id_category . '.php?add=1&error=upload_limit', '&') . '#message_helper');
}
$dir = 'pics/';
$authorized_pictures_extensions = FileUploadConfig::load()->get_authorized_picture_extensions();
$error = '';
if (!empty($authorized_pictures_extensions)) {
$Upload = new Upload($dir);
$idpic = 0;
$idcat_post = retrieve(POST, 'cat', '');
$name_post = retrieve(POST, 'name', '', TSTRING_AS_RECEIVED);
if (!$Upload->file('gallery', '`([a-z0-9()_-])+\\.(' . implode('|', array_map('preg_quote', $authorized_pictures_extensions)) . ')+$`i', Upload::UNIQ_NAME, $config->get_max_weight())) {
$error = $Upload->get_error();
}
} else {
$error = 'e_upload_invalid_format';
}
if ($error != '') {
AppContext::get_response()->redirect(GalleryUrlBuilder::get_link_cat_add($id_category, $error) . '#message_helper');
} else {
$path = $dir . $Upload->get_filename();
$error = $Upload->check_img($config->get_max_width(), $config->get_max_height(), Upload::DELETE_ON_ERROR);
if (!empty($error)) {
//Erreur, on arrête ici
AppContext::get_response()->redirect(GalleryUrlBuilder::get_link_cat_add($id_category, $error) . '#message_helper');
} else {
//Enregistrement de l'image dans la bdd.
$unlimited_data = $group_limit === -1 || AppContext::get_current_user()->check_level(User::ADMIN_LEVEL);
$member_memory_used = Uploads::Member_memory_used(AppContext::get_current_user()->get_id());
if ($member_memory_used >= $group_limit && !$unlimited_data) {
$error = 'e_max_data_reach';
} else {
//Si le dossier n'est pas en écriture on tente un CHMOD 777
@clearstatcache();
$dir = PATH_TO_ROOT . '/upload/';
if (!is_writable($dir)) {
$is_writable = @chmod($dir, 0777);
}
@clearstatcache();
if (is_writable($dir)) {
$weight_max = $unlimited_data ? 100000000 : $group_limit - $member_memory_used;
$Upload = new Upload($dir);
$Upload->file('upload_file', '`([a-z0-9()_-])+\\.(' . implode('|', array_map('preg_quote', $files_upload_config->get_authorized_extensions())) . ')+$`i', Upload::UNIQ_NAME, $weight_max);
if ($Upload->get_error() != '') {
$error = $Upload->get_error();
if ($Upload->get_error() == 'e_upload_max_weight') {
$error = 'e_max_data_reach';
}
AppContext::get_response()->redirect('/user/upload.php?f=' . $folder . '&erroru=' . $error . '&' . $popup_noamp . '#message_helper');
} else {
$result = PersistenceContext::get_querier()->insert(DB_TABLE_UPLOAD, array('idcat' => $folder, 'name' => $Upload->get_original_filename(), 'path' => $Upload->get_filename(), 'user_id' => AppContext::get_current_user()->get_id(), 'size' => $Upload->get_human_readable_size(), 'type' => $Upload->get_extension(), 'timestamp' => time()));
$id_file = $result->get_last_inserted_id();
}
} else {
$error = 'e_upload_failed_unwritable';
}
}
$anchor = !empty($error) ? '&error=' . $error . '&' . $popup_noamp . '#message_helper' : '&' . $popup_noamp . (!empty($id_file) ? '#fi1' . $id_file : '');
<?php
include "models/function.php";
$param = "kurs";
if (isset($_POST["go"])) {
$arrayKurs = array("name" => $_POST['name'], "text" => $_POST['text']);
$kursSrcTmp = Upload::file($_FILES['preview'], "kurs");
if ($kursSrcTmp) {
$arrayKurs += array("src" => $kursSrcTmp);
} else {
if ($_POST["go"] == "save") {
$arrayKurs += array("src" => "");
}
}
if ($_POST["go"] == "save") {
$idKurs = DB::insert(DB::insertSql($param, $arrayKurs), $arrayKurs);
} else {
$idKurs = $_POST["go"];
DB::update(DB::updateSql($param, $arrayKurs), $arrayKurs, $idKurs);
}
header("Location: " . $param . ".php");
}
$records = DB::select($param);
require_once 'view/tpl_top.php';
?>
<div class="app app-header-fixed ">
<?php
include "view/header.php";
include "view/tpl_popup_kurs.php";
$active_e = "class=\"active\"";
include "view/nav.php";
private function upload_module()
{
$modules_folder = PATH_TO_ROOT . '/';
if (!is_writable($modules_folder)) {
$is_writable = @chmod($dir, 0755);
} else {
$is_writable = true;
}
if ($is_writable) {
$uploaded_file = $this->form->get_value('file');
if ($uploaded_file !== null) {
$upload = new Upload($modules_folder);
if ($upload->file('upload_module_file', '`([a-z0-9()_-])+\\.(gz|zip)+$`i')) {
$archive = $modules_folder . $upload->get_filename();
if ($upload->get_extension() == 'gz') {
include_once PATH_TO_ROOT . '/kernel/lib/php/pcl/pcltar.lib.php';
$archive_content = PclTarList($upload->get_filename());
} else {
include_once PATH_TO_ROOT . '/kernel/lib/php/pcl/pclzip.lib.php';
$zip = new PclZip($archive);
$archive_content = $zip->listContent();
}
$archive_root_content = array();
$required_files = array('/config.ini', '/index.php');
foreach ($archive_content as $element) {
if (substr($element['filename'], -1) == '/') {
$element['filename'] = substr($element['filename'], 0, -1);
}
if (substr_count($element['filename'], '/') == 0) {
$archive_root_content[] = array('filename' => $element['filename'], 'folder' => isset($element['folder']) && $element['folder'] == 1 || isset($element['typeflag']) && $element['typeflag'] == 5);
}
if (isset($archive_root_content[0])) {
$name_in_archive = str_replace($archive_root_content[0]['filename'] . '/', '/', $element['filename']);
if (in_array($name_in_archive, $required_files)) {
unset($required_files[array_search($name_in_archive, $required_files)]);
}
}
}
if (count($archive_root_content) == 1 && $archive_root_content[0]['folder'] && empty($required_files)) {
$module_id = $archive_root_content[0]['filename'];
if (!ModulesManager::is_module_installed($module_id)) {
if ($upload->get_extension() == 'gz') {
PclTarExtract($upload->get_filename(), $modules_folder);
} else {
$zip->extract(PCLZIP_OPT_PATH, $modules_folder, PCLZIP_OPT_SET_CHMOD, 0755);
}
$this->install_module($module_id, true);
} else {
$this->view->put('MSG', MessageHelper::display(LangLoader::get_message('element.already_exists', 'status-messages-common'), MessageHelper::NOTICE));
}
} else {
$this->view->put('MSG', MessageHelper::display(LangLoader::get_message('error.invalid_archive_content', 'status-messages-common'), MessageHelper::NOTICE));
}
$uploaded_file = new File($archive);
$uploaded_file->delete();
} else {
$this->view->put('MSG', MessageHelper::display($this->lang['modules.upload_invalid_format'], MessageHelper::NOTICE));
}
} else {
$this->view->put('MSG', MessageHelper::display($this->lang['modules.upload_error'], MessageHelper::NOTICE));
}
}
}
} elseif ($del_mbr && !empty($user_id) && !empty($idgroup)) {
$Session->csrf_get_protect();
$Group->remove_member($user_id, $idgroup);
redirect(HOST . DIR . '/admin/admin_groups.php?id=' . $idgroup . '#add');
} elseif (!empty($_FILES['upload_groups']['name'])) {
@clearstatcache();
$dir = '../images/group/';
if (!is_writable($dir)) {
$is_writable = @chmod($dir, 0777) ? true : false;
}
@clearstatcache();
$error = '';
if (is_writable($dir)) {
import('io/upload');
$Upload = new Upload($dir);
if (!$Upload->file('upload_groups', '`([a-z0-9()_-])+\\.(jpg|gif|png|bmp)+$`i')) {
$error = $Upload->error;
}
} else {
$error = 'e_upload_failed_unwritable';
}
$error = !empty($error) ? '&error=' . $error : '';
redirect(HOST . SCRIPT . '?add=1' . $error);
} elseif (!empty($idgroup)) {
$Template->set_filenames(array('admin_groups_management2' => 'admin/admin_groups_management2.tpl'));
$group = $Sql->query_array(DB_TABLE_GROUP, 'id', 'name', 'img', 'color', 'auth', 'members', "WHERE id = '" . $idgroup . "'", __LINE__, __FILE__);
if (!empty($group['id'])) {
$get_error = retrieve(GET, 'error', '');
if ($get_error == 'incomplete') {
$Errorh->handler($LANG['e_incomplete'], E_USER_NOTICE);
} elseif ($get_error == 'already_group') {
private function upload_avatar($form, $member_extended_field)
{
$avatar = $form->get_value('upload_avatar');
$user_accounts_config = UserAccountsConfig::load();
$authorized_pictures_extensions = FileUploadConfig::load()->get_authorized_picture_extensions();
if (empty($authorized_pictures_extensions)) {
return new MemberExtendedFieldErrorsMessageException(LangLoader::get_message('e_upload_invalid_format', 'errors'));
}
if ($form->get_value('link_avatar')) {
if (preg_match('`([A-Za-z0-9()_-])+\\.(' . implode('|', array_map('preg_quote', $authorized_pictures_extensions)) . ')+$`i', $form->get_value('link_avatar'))) {
$image = new Image($form->get_value('link_avatar'));
if ($image->get_width() > $user_accounts_config->get_max_avatar_width() || $image->get_height() > $user_accounts_config->get_max_avatar_height()) {
if ($user_accounts_config->is_avatar_auto_resizing_enabled()) {
$directory = '/images/avatars/' . Url::encode_rewrite($image->get_name() . '_' . $this->key_hash()) . '.' . $image->get_extension();
$resizer = new ImageResizer();
$resizer->resize_with_max_values($image, $user_accounts_config->get_max_avatar_width(), $user_accounts_config->get_max_avatar_height(), PATH_TO_ROOT . $directory);
$this->delete_old_avatar($member_extended_field);
return $directory;
}
throw new MemberExtendedFieldErrorsMessageException(LangLoader::get_message('e_upload_max_dimension', 'errors'));
}
$this->delete_old_avatar($member_extended_field);
return $form->get_value('link_avatar');
} else {
throw new MemberExtendedFieldErrorsMessageException(LangLoader::get_message('e_upload_invalid_format', 'errors'));
}
} elseif (!empty($avatar)) {
if (UserAccountsConfig::load()->is_avatar_upload_enabled()) {
$dir = '/images/avatars/';
if ($user_accounts_config->is_avatar_auto_resizing_enabled()) {
$image = new Image($avatar->get_temporary_filename());
$resizer = new ImageResizer();
$explode = explode('.', $avatar->get_name());
$extension = array_pop($explode);
if (!in_array($extension, $authorized_pictures_extensions)) {
return new MemberExtendedFieldErrorsMessageException(LangLoader::get_message('e_upload_invalid_format', 'errors'));
}
$explode = explode('.', $avatar->get_name());
$name = $explode[0];
$directory = $dir . Url::encode_rewrite($name . '_' . $this->key_hash()) . '.' . $extension;
try {
$resizer->resize_with_max_values($image, $user_accounts_config->get_max_avatar_width(), $user_accounts_config->get_max_avatar_height(), PATH_TO_ROOT . $directory);
$this->delete_old_avatar($member_extended_field);
return $directory;
} catch (UnsupportedOperationException $e) {
throw new MemberExtendedFieldErrorsMessageException(LangLoader::get_message('e_upload_invalid_format', 'errors'));
}
} else {
$Upload = new Upload(PATH_TO_ROOT . $dir);
$Upload->file($form->get_html_id() . '_upload_avatar', '`([A-Za-z0-9()_-])+\\.(' . implode('|', array_map('preg_quote', $authorized_pictures_extensions)) . ')+$`i', Upload::UNIQ_NAME, $user_accounts_config->get_max_avatar_weight() * 1024);
$upload_error = $Upload->get_error();
if (!empty($upload_error)) {
throw new MemberExtendedFieldErrorsMessageException(LangLoader::get_message($upload_error, 'errors'));
}
$error = $Upload->check_img($user_accounts_config->get_max_avatar_width(), $user_accounts_config->get_max_avatar_height(), Upload::DELETE_ON_ERROR);
if (!empty($error)) {
throw new MemberExtendedFieldErrorsMessageException(LangLoader::get_message($error, 'errors'));
} else {
$this->delete_old_avatar($member_extended_field);
return $dir . $Upload->get_filename();
}
}
}
} else {
return MemberExtendedFieldsService::return_field_member($member_extended_field->get_field_name(), $member_extended_field->get_user_id());
}
}
private function upload_smiley()
{
$folder_phpboost_smileys = $this->smileys_path;
if (!is_writable($folder_phpboost_smileys)) {
$is_writable = @chmod($folder_phpboost_smileys, 0777);
} else {
$is_writable = true;
}
if ($is_writable) {
$uploaded_file = $this->upload_form->get_value('file');
if ($uploaded_file !== null) {
$authorized_pictures_extensions = FileUploadConfig::load()->get_authorized_picture_extensions();
if (empty($authorized_pictures_extensions)) {
$this->view->put('MSG', MessageHelper::display(LangLoader::get_message('e_upload_invalid_format', 'errors'), MessageHelper::NOTICE));
}
$upload = new Upload($this->smileys_path);
if ($upload->file('upload_smiley_file', '`([a-z0-9()_-])+\\.(' . implode('|', array_map('preg_quote', $authorized_pictures_extensions)) . ')+$`i')) {
// TODO : gérer les archives de smileys (possibilité d'uploader un zip + case à cocher si on veut créer directement chaque smiley avec :nom_du_smiley comme code)
} else {
$this->view->put('MSG', MessageHelper::display(LangLoader::get_message($upload->get_error(), 'errors'), MessageHelper::NOTICE));
}
} else {
$this->view->put('MSG', MessageHelper::display(LangLoader::get_message('process.error', 'status-messages-common'), MessageHelper::NOTICE));
}
} else {
$this->view->put('MSG', MessageHelper::display(LangLoader::get_message('e_upload_failed_unwritable', 'errors'), MessageHelper::WARNING));
}
}
<?php
include "models/function.php";
$lesson = $_SESSION['lessons'];
$id = $_GET['id'];
$less = DB::selectID("lessons", $id);
$video = DB::selectParam("video", "id_lessons", $id);
if (isset($_POST['go'])) {
$today = DB::today();
$array = array("id_lessons" => $lesson, "id_clients" => $_SESSION['user_id'], "text" => $_POST['text'], "date" => $today, "piple" => "user");
if ($_FILES["answer_materials"]["error"] == UPLOAD_ERR_OK) {
$materials = Upload::file($_FILES["answer_materials"], "answer_materials");
if ($materials) {
$array += array("src" => $materials);
} else {
if ($_POST["go"] == "save") {
$array += array("src" => "");
}
}
}
DB::insert(DB::insertSql("answer", $array), $array);
header("Location: view_lessons.php?id=" . $_POST['id'] . "#chat");
}
$dz = DB::selectParam("homework", "id_lessons", $id);
$answer = DB::selectSql("SELECT * FROM answer WHERE id_lessons={$id} AND (id_clients={$_SESSION['user_id']} OR id_clients=0)");
require_once 'view/tpl_top.php';
?>
<div class="app app-header-fixed">
<?php
include "view/tpl_popup_events.php";
include "view/header.php";
<?php
include "models/function.php";
include "classes/Upload.php";
$param = "settings";
if (isset($_POST["go"])) {
$res_file = Upload::file($_FILES['oferta']);
$id = array_pop($_POST);
DB::update(DB::updateSql($param, $_POST), $_POST, $id);
header("Location: " . $_SERVER['REQUEST_URI']);
}
$record = DB::select($param);
require_once 'view/tpl_top.php';
?>
<div class="app app-header-fixed ">
<?php
include "view/header.php";
$active_g = "class=\"active\"";
include "view/nav.php";
?>
<!-- content -->
<div id="content" class="app-content" role="main">
<div class="app-content-body ">
<div class="hbox hbox-auto-xs hbox-auto-sm">
<div class="col">
<div class="bg-light lter b-b wrapper-md wrapper-md__i">
<h1 class="m-n font-thin h3 inline">Настройки сайта</h1>
</div>
<div class="wrapper-md">
<form method="post" enctype="multipart/form-data">
<div class="row">
private function upload_theme()
{
$folder_phpboost_themes = PATH_TO_ROOT . '/templates/';
if (!is_writable($folder_phpboost_themes)) {
$is_writable = @chmod($folder_phpboost_themes, 0777);
} else {
$is_writable = true;
}
if ($is_writable) {
$uploaded_file = $this->form->get_value('file');
if ($uploaded_file !== null) {
$upload = new Upload($folder_phpboost_themes);
if ($upload->file('upload_theme_file', '`([A-Za-z0-9-_]+)\\.(gz|zip)+$`i')) {
$archive = $folder_phpboost_themes . $upload->get_filename();
if ($upload->get_extension() == 'gz') {
include_once PATH_TO_ROOT . '/kernel/lib/php/pcl/pcltar.lib.php';
$archive_content = PclTarList($upload->get_filename());
} else {
include_once PATH_TO_ROOT . '/kernel/lib/php/pcl/pclzip.lib.php';
$zip = new PclZip($archive);
$archive_content = $zip->listContent();
}
$archive_root_content = array();
$required_files = array('/config.ini', '/body.tpl', '/frame.tpl', '/theme/content.css', '/theme/design.css', '/theme/global.css');
foreach ($archive_content as $element) {
if (substr($element['filename'], -1) == '/') {
$element['filename'] = substr($element['filename'], 0, -1);
}
if (substr_count($element['filename'], '/') == 0) {
$archive_root_content[] = array('filename' => $element['filename'], 'folder' => isset($element['folder']) && $element['folder'] == 1 || isset($element['typeflag']) && $element['typeflag'] == 5);
}
if (isset($archive_root_content[0])) {
$name_in_archive = str_replace($archive_root_content[0]['filename'] . '/', '/', $element['filename']);
if (in_array($name_in_archive, $required_files)) {
unset($required_files[array_search($name_in_archive, $required_files)]);
}
}
}
if (count($archive_root_content) == 1 && $archive_root_content[0]['folder'] && empty($required_files)) {
$theme_id = $archive_root_content[0]['filename'];
if (!ThemesManager::get_theme_existed($theme_id)) {
if ($upload->get_extension() == 'gz') {
PclTarExtract($upload->get_filename(), $folder_phpboost_themes);
} else {
$zip->extract(PCLZIP_OPT_PATH, $folder_phpboost_themes, PCLZIP_OPT_SET_CHMOD, 0755);
}
$this->install_theme($theme_id, array('r-1' => 1, 'r0' => 1, 'r1' => 1));
} else {
$this->view->put('MSG', MessageHelper::display(LangLoader::get_message('element.already_exists', 'status-messages-common'), MessageHelper::NOTICE));
}
} else {
$this->view->put('MSG', MessageHelper::display(LangLoader::get_message('error.invalid_archive_content', 'status-messages-common'), MessageHelper::NOTICE));
}
$uploaded_file = new File($archive);
$uploaded_file->delete();
} else {
$this->view->put('MSG', MessageHelper::display($this->lang['themes.upload_invalid_format'], MessageHelper::NOTICE));
}
} else {
$this->view->put('MSG', MessageHelper::display(LangLoader::get_message('process.error', 'status-messages-common'), MessageHelper::NOTICE));
}
}
}
AppContext::get_response()->redirect('/forum/admin_ranks_add.php?error=incomplete#message_helper');
}
} elseif (!empty($_FILES['upload_ranks']['name'])) {
//Si le dossier n'est pas en écriture on tente un CHMOD 777
@clearstatcache();
$dir = PATH_TO_ROOT . '/forum/templates/images/ranks/';
if (!is_writable($dir)) {
$is_writable = @chmod($dir, 0777) ? true : false;
}
$error = '';
if (is_writable($dir)) {
$authorized_pictures_extensions = FileUploadConfig::load()->get_authorized_picture_extensions();
if (!empty($authorized_pictures_extensions)) {
$Upload = new Upload($dir);
$Upload->disableContentCheck();
if (!$Upload->file('upload_ranks', '`([a-z0-9_ -])+\\.(' . implode('|', array_map('preg_quote', $authorized_pictures_extensions)) . ')+$`i')) {
$error = $Upload->get_error();
}
} else {
$error = 'e_upload_invalid_format';
}
} else {
$error = 'e_upload_failed_unwritable';
}
$error = !empty($error) ? '?error=' . $error : '';
AppContext::get_response()->redirect(HOST . SCRIPT . $error);
} else {
$template = new FileTemplate('forum/admin_ranks_add.tpl');
//Gestion erreur.
$get_error = retrieve(GET, 'error', '');
$array_error = array('e_upload_invalid_format', 'e_upload_max_weight', 'e_upload_error', 'e_upload_php_code', 'e_upload_failed_unwritable');
<?php
include "models/function.php";
if (isset($_POST["go"])) {
$array_lessons = array("name" => $_POST['name'], "id_kurs" => $_POST['kurs'], "text" => $_POST['opisanie']);
$lessons_src_tmp = Upload::file($_FILES['preview'], "lessons");
if ($lessons_src_tmp) {
$array_lessons += array("src" => $lessons_src_tmp);
} else {
if ($_POST["go"] == "save") {
$array_lessons += array("src" => "");
}
}
if ($_POST["go"] == "save") {
$id_lessons = DB::insert(DB::insertSql("lessons", $array_lessons), $array_lessons);
} else {
$id_lessons = $_POST["go"];
DB::update(DB::updateSql("lessons", $array_lessons), $array_lessons, $id_lessons);
}
$materials = Upload::files($_FILES["materials"], "materials");
if ($materials) {
foreach ($materials as $materials_src_tmp) {
$array_materials = array("id_lessons" => $id_lessons, "src" => $materials_src_tmp);
DB::insert(DB::insertSql("materials", $array_materials), $array_materials);
}
}
if ($_POST['video']) {
$video = explode("|", $_POST['video']);
foreach ($video as $video_tmp) {
$array_video = array("id_lessons" => $id_lessons, "src" => $video_tmp);
DB::insert(DB::insertSql("video", $array_video), $array_video);
}
} else {
redirect(HOST . DIR . '/admin/admin_smileys_add.php?error=incomplete#errorh');
}
} elseif (!empty($_FILES['upload_smiley']['name'])) {
@clearstatcache();
$dir = '../images/smileys/';
if (!is_writable($dir)) {
$is_writable = @chmod($dir, 0777) ? true : false;
}
@clearstatcache();
$error = '';
if (is_writable($dir)) {
import('io/upload');
$Upload = new Upload($dir);
if (!$Upload->file('upload_smiley', '`[a-z0-9_ -]+\\.(jpg|gif|png|bmp)+$`i')) {
$error = $Upload->error;
}
} else {
$error = 'e_upload_failed_unwritable';
}
$error = !empty($error) ? '?error=' . $error : '';
redirect(HOST . SCRIPT . $error);
} else {
$Template->set_filenames(array('admin_smileys_add' => 'admin/admin_smileys_add.tpl'));
$get_error = retrieve(GET, 'error', '');
$array_error = array('e_upload_invalid_format', 'e_upload_max_weight', 'e_upload_error', 'e_upload_failed_unwritable', 'e_smiley_already_exist');
if (in_array($get_error, $array_error)) {
$Errorh->handler($LANG[$get_error], E_USER_WARNING);
}
if ($get_error == 'incomplete') {
JOIN users
ON offensive_uploads.userid = users.userid
WHERE
offensive_uploads.type= 'image'
AND
offensive_uploads.status = 'normal'
AND
users.account_status != 'locked'
ORDER BY offensive_uploads.timestamp DESC, offensive_uploads.id DESC
LIMIT $page_limit_clause, 15";
$result = tmbo_query($sql);
while( $image = mysql_fetch_assoc( $result ) )
{
$upload = new Upload($image);
$filepath = $upload->file();
?>
<!-- loopy -->
<span class="filesize">
File: <a href="<?= Link::upload($upload) ?>"><?= htmlEscape($upload->filename()) ?></a> - (<?= byte_format(filesize($filepath))?>, <?
$info = getimagesize($filepath);
echo $info[0]."x".$info[1];
?>)
</span>
<br>
private function upload_module()
{
$modules_folder = PATH_TO_ROOT . '/';
if (!is_writable($modules_folder)) {
$is_writable = @chmod($dir, 0755);
} else {
$is_writable = true;
}
if ($is_writable) {
$file = $this->form->get_value('file');
if ($file !== null) {
$modules_id = $file->get_name_without_extension();
if (ModulesManager::is_module_installed($modules_id)) {
$upload = new Upload($modules_folder);
$upload->disableContentCheck();
if ($upload->file('upload_module_file', '`([A-Za-z0-9-_]+)\\.(gz|zip)+$`i', false, 100000000, false)) {
$archive_path = $modules_folder . $upload->get_filename();
if ($upload->get_extension() == 'gz') {
include_once PATH_TO_ROOT . '/kernel/lib/php/pcl/pcltar.lib.php';
PclTarExtract($upload->get_filename(), $modules_folder);
$file = new File($archive_path);
$file->delete();
} else {
if ($upload->get_extension() == 'zip') {
include_once PATH_TO_ROOT . '/kernel/lib/php/pcl/pclzip.lib.php';
$zip = new PclZip($archive_path);
$zip->extract(PCLZIP_OPT_PATH, $modules_folder, PCLZIP_OPT_SET_CHMOD, 0755);
$file = new File($archive_path);
$file->delete();
} else {
$this->view->put('MSG', MessageHelper::display($this->lang['modules.upload_invalid_format'], MessageHelper::NOTICE, 4));
}
}
$this->upgrade_module($modules_id);
} else {
$this->view->put('MSG', MessageHelper::display($this->lang['modules.upload_error'], MessageHelper::NOTICE, 4));
}
} else {
$this->view->put('MSG', MessageHelper::display($this->lang['modules.not_installed_module'], MessageHelper::NOTICE, 4));
}
} else {
$this->view->put('MSG', MessageHelper::display($this->lang['modules.upload_error'], MessageHelper::NOTICE, 4));
}
}
}
}
} elseif ($home_folder) {
redirect(HOST . DIR . '/admin/admin_files.php');
} elseif (!empty($_FILES['upload_file']['name']) && isset($_GET['f'])) {
@clearstatcache();
$dir = '../upload/';
if (!is_writable($dir)) {
$is_writable = @chmod($dir, 0777) ? true : false;
}
@clearstatcache();
$error = '';
if (is_writable($dir)) {
$Cache->load('uploads');
import('io/upload');
$Upload = new Upload($dir);
$Upload->file('upload_file', '`([a-z0-9()_-])+\\.(' . implode('|', array_map('preg_quote', $CONFIG_UPLOADS['auth_extensions'])) . ')+$`i', UNIQ_NAME);
if (!empty($Upload->error)) {
redirect(HOST . DIR . '/admin/admin_files.php?f=' . $folder . '&erroru=' . $Upload->error . '#errorh');
} else {
$check_user_folder = $Sql->query("SELECT user_id FROM " . DB_TABLE_UPLOAD_CAT . " WHERE id = '" . $folder . "'", __LINE__, __FILE__);
$user_id = $check_user_folder <= 0 ? -1 : $User->get_attribute('user_id');
$user_id = max($user_id, $folder_member);
$Sql->query_inject("INSERT INTO " . DB_TABLE_UPLOAD . " (idcat, name, path, user_id, size, type, timestamp) VALUES ('" . $folder . "', '" . addslashes($_FILES['upload_file']['name']) . "', '" . addslashes($Upload->filename['upload_file']) . "', '" . $user_id . "', '" . numeric(number_round($_FILES['upload_file']['size'] / 1024, 1), 'float') . "', '" . $Upload->extension['upload_file'] . "', '" . time() . "')", __LINE__, __FILE__);
}
} else {
$error = 'e_upload_failed_unwritable';
}
$error = !empty($error) ? '&error=' . $error . '#errorh' : '';
redirect(HOST . DIR . '/admin/admin_files.php?f=' . $folder . ($folder_member > 0 ? '&fm=' . $folder_member : '') . $error);
} elseif (!empty($del_folder)) {
$Session->csrf_get_protect();
public function install()
{
include_once ROOT . DS . 'includes' . DS . 'upload.php';
include_once ROOT . DS . 'includes' . DS . 'functions.php';
$dg = new dg();
$upload = array('error' => 0, 'msg' => '');
$data = array();
// check key
if (isset($_POST['key']) && isset($_FILES['file'])) {
if (isset($_FILES['file']['name']) && $_FILES['file']['name'] != '' && $_POST['key'] != '') {
$check_key = 0;
$key = $_POST['key'];
$index = explode('-api-tshirtecommerce-', $key);
if (count($index) > 1 && $index[0] != '') {
// check key
$args = array('woo_sl_action' => 'install', 'licence_key' => $key, 'product_unique_id' => $index[0], 'domain' => $_SERVER['HTTP_HOST']);
$result = $dg->sendPostData($this->api_url, $args);
if ($result != false && $result != '') {
$addon = json_decode($result);
if (isset($addon->status) && $addon->status == 'success') {
$check_key = 1;
// upload file
$up = new Upload();
$up->path = dirname(dirname(ROOT));
$up->file_size = 20971520;
// 20Mb
$up->file_type = array(0 => 'zip');
// zip file type.
$upload = $up->file($_FILES['file']);
// unzip file
if ($upload['error'] == 0 && $upload['msg'] != '') {
if (file_exists($upload['full_path'])) {
$zip = new ZipArchive();
if (!is_writable($upload['full_path'])) {
chmod($upload['full_path'], 755);
}
if ($zip->open($upload['full_path']) === TRUE) {
$zip->extractTo($upload['path']);
$zip->close();
unlink($upload['full_path']);
$file = dirname(ROOT) . DS . 'addons' . DS . 'install' . DS . $index[0] . '.json';
if (file_exists($file)) {
$content = file_get_contents($file);
if ($content != false) {
$arr = json_decode($content);
$arr->key = $key;
$dg->WriteFile($file, json_encode($arr));
$dg->redirect('index.php/addon/installed');
}
} else {
$check_key = -3;
}
} else {
$check_key = -2;
}
}
} else {
$check_key = -1;
}
}
}
}
if ($check_key == 0) {
$data['error'] = 'Your key not found! Please check your key and try again.';
} else {
if ($check_key == -1) {
$data['error'] = 'Your system not allow upload file. Please set permission 755 to ROOT flder.';
} else {
if ($check_key == -2) {
$data['error'] = 'Your system not allow upload file. Please set permission 755 to ROOT flder.';
} else {
if ($check_key == -3) {
$data['error'] = 'Your system not allow write file. Please set permission 755 to Folder_your_site/tshirtecommerce/addons/install.';
}
}
}
}
} else {
$data['error'] = 'Please add your key and upload file install!';
}
}
$data['upload'] = $upload;
$data['title'] = lang('breadcrumb_install', true);
$data['breadcrumb'] = lang('breadcrumb_install', true);
$data['sub_title'] = lang('breadcrumb_manager', true);
$this->view('install', $data);
}
