private function upload_theme()
{
$folder_phpboost_themes = PATH_TO_ROOT . '/templates/';
if (!is_writable($folder_phpboost_themes)) {
$is_writable = @chmod($folder_phpboost_themes, 0777);
} else {
$is_writable = true;
}
if ($is_writable) {
$uploaded_file = $this->form->get_value('file');
if ($uploaded_file !== null) {
$upload = new Upload($folder_phpboost_themes);
if ($upload->file('upload_theme_file', '`([A-Za-z0-9-_]+)\\.(gz|zip)+$`i')) {
$archive = $folder_phpboost_themes . $upload->get_filename();
if ($upload->get_extension() == 'gz') {
include_once PATH_TO_ROOT . '/kernel/lib/php/pcl/pcltar.lib.php';
$archive_content = PclTarList($upload->get_filename());
} else {
include_once PATH_TO_ROOT . '/kernel/lib/php/pcl/pclzip.lib.php';
$zip = new PclZip($archive);
$archive_content = $zip->listContent();
}
$archive_root_content = array();
$required_files = array('/config.ini', '/body.tpl', '/frame.tpl', '/theme/content.css', '/theme/design.css', '/theme/global.css');
foreach ($archive_content as $element) {
if (substr($element['filename'], -1) == '/') {
$element['filename'] = substr($element['filename'], 0, -1);
}
if (substr_count($element['filename'], '/') == 0) {
$archive_root_content[] = array('filename' => $element['filename'], 'folder' => isset($element['folder']) && $element['folder'] == 1 || isset($element['typeflag']) && $element['typeflag'] == 5);
}
if (isset($archive_root_content[0])) {
$name_in_archive = str_replace($archive_root_content[0]['filename'] . '/', '/', $element['filename']);
if (in_array($name_in_archive, $required_files)) {
unset($required_files[array_search($name_in_archive, $required_files)]);
}
}
}
if (count($archive_root_content) == 1 && $archive_root_content[0]['folder'] && empty($required_files)) {
$theme_id = $archive_root_content[0]['filename'];
if (!ThemesManager::get_theme_existed($theme_id)) {
if ($upload->get_extension() == 'gz') {
PclTarExtract($upload->get_filename(), $folder_phpboost_themes);
} else {
$zip->extract(PCLZIP_OPT_PATH, $folder_phpboost_themes, PCLZIP_OPT_SET_CHMOD, 0755);
}
$this->install_theme($theme_id, array('r-1' => 1, 'r0' => 1, 'r1' => 1));
} else {
$this->view->put('MSG', MessageHelper::display(LangLoader::get_message('element.already_exists', 'status-messages-common'), MessageHelper::NOTICE));
}
} else {
$this->view->put('MSG', MessageHelper::display(LangLoader::get_message('error.invalid_archive_content', 'status-messages-common'), MessageHelper::NOTICE));
}
$uploaded_file = new File($archive);
$uploaded_file->delete();
} else {
$this->view->put('MSG', MessageHelper::display($this->lang['themes.upload_invalid_format'], MessageHelper::NOTICE));
}
} else {
$this->view->put('MSG', MessageHelper::display(LangLoader::get_message('process.error', 'status-messages-common'), MessageHelper::NOTICE));
}
}
}
private function upload_module()
{
$modules_folder = PATH_TO_ROOT . '/';
if (!is_writable($modules_folder)) {
$is_writable = @chmod($dir, 0755);
} else {
$is_writable = true;
}
if ($is_writable) {
$file = $this->form->get_value('file');
if ($file !== null) {
$modules_id = $file->get_name_without_extension();
if (ModulesManager::is_module_installed($modules_id)) {
$upload = new Upload($modules_folder);
$upload->disableContentCheck();
if ($upload->file('upload_module_file', '`([A-Za-z0-9-_]+)\\.(gz|zip)+$`i', false, 100000000, false)) {
$archive_path = $modules_folder . $upload->get_filename();
if ($upload->get_extension() == 'gz') {
include_once PATH_TO_ROOT . '/kernel/lib/php/pcl/pcltar.lib.php';
PclTarExtract($upload->get_filename(), $modules_folder);
$file = new File($archive_path);
$file->delete();
} else {
if ($upload->get_extension() == 'zip') {
include_once PATH_TO_ROOT . '/kernel/lib/php/pcl/pclzip.lib.php';
$zip = new PclZip($archive_path);
$zip->extract(PCLZIP_OPT_PATH, $modules_folder, PCLZIP_OPT_SET_CHMOD, 0755);
$file = new File($archive_path);
$file->delete();
} else {
$this->view->put('MSG', MessageHelper::display($this->lang['modules.upload_invalid_format'], MessageHelper::NOTICE, 4));
}
}
$this->upgrade_module($modules_id);
} else {
$this->view->put('MSG', MessageHelper::display($this->lang['modules.upload_error'], MessageHelper::NOTICE, 4));
}
} else {
$this->view->put('MSG', MessageHelper::display($this->lang['modules.not_installed_module'], MessageHelper::NOTICE, 4));
}
} else {
$this->view->put('MSG', MessageHelper::display($this->lang['modules.upload_error'], MessageHelper::NOTICE, 4));
}
}
}
$error = '';
if (!empty($authorized_pictures_extensions)) {
$Upload = new Upload($dir);
$idpic = 0;
$idcat_post = retrieve(POST, 'cat', '');
$name_post = retrieve(POST, 'name', '', TSTRING_AS_RECEIVED);
if (!$Upload->file('gallery', '`([a-z0-9()_-])+\\.(' . implode('|', array_map('preg_quote', $authorized_pictures_extensions)) . ')+$`i', Upload::UNIQ_NAME, $config->get_max_weight())) {
$error = $Upload->get_error();
}
} else {
$error = 'e_upload_invalid_format';
}
if ($error != '') {
AppContext::get_response()->redirect(GalleryUrlBuilder::get_link_cat_add($id_category, $error) . '#message_helper');
} else {
$path = $dir . $Upload->get_filename();
$error = $Upload->check_img($config->get_max_width(), $config->get_max_height(), Upload::DELETE_ON_ERROR);
if (!empty($error)) {
//Erreur, on arrête ici
AppContext::get_response()->redirect(GalleryUrlBuilder::get_link_cat_add($id_category, $error) . '#message_helper');
} else {
//Enregistrement de l'image dans la bdd.
$Gallery->Resize_pics($path);
if ($Gallery->get_error() != '') {
AppContext::get_response()->redirect(GalleryUrlBuilder::get_link_cat_add($id_category, $Upload->get_error()) . '#message_helper');
}
$idpic = $Gallery->Add_pics($idcat_post, $name_post, $Upload->get_filename(), AppContext::get_current_user()->get_id());
if ($Gallery->get_error() != '') {
AppContext::get_response()->redirect(GalleryUrlBuilder::get_link_cat_add($id_category, $Upload->get_error()) . '#message_helper');
}
//Régénération du cache des photos aléatoires.
if (!is_writable($dir)) {
$is_writable = @chmod($dir, 0777);
}
@clearstatcache();
if (is_writable($dir)) {
$weight_max = $unlimited_data ? 100000000 : $group_limit - $member_memory_used;
$Upload = new Upload($dir);
$Upload->file('upload_file', '`([a-z0-9()_-])+\\.(' . implode('|', array_map('preg_quote', $files_upload_config->get_authorized_extensions())) . ')+$`i', Upload::UNIQ_NAME, $weight_max);
if ($Upload->get_error() != '') {
$error = $Upload->get_error();
if ($Upload->get_error() == 'e_upload_max_weight') {
$error = 'e_max_data_reach';
}
AppContext::get_response()->redirect('/user/upload.php?f=' . $folder . '&erroru=' . $error . '&' . $popup_noamp . '#message_helper');
} else {
$result = PersistenceContext::get_querier()->insert(DB_TABLE_UPLOAD, array('idcat' => $folder, 'name' => $Upload->get_original_filename(), 'path' => $Upload->get_filename(), 'user_id' => AppContext::get_current_user()->get_id(), 'size' => $Upload->get_human_readable_size(), 'type' => $Upload->get_extension(), 'timestamp' => time()));
$id_file = $result->get_last_inserted_id();
}
} else {
$error = 'e_upload_failed_unwritable';
}
}
$anchor = !empty($error) ? '&error=' . $error . '&' . $popup_noamp . '#message_helper' : '&' . $popup_noamp . (!empty($id_file) ? '#fi1' . $id_file : '');
AppContext::get_response()->redirect(HOST . DIR . url('/user/upload.php?f=' . $folder . $anchor, '', '&'));
} elseif (!empty($del_folder)) {
AppContext::get_session()->csrf_get_protect();
//Protection csrf
if (AppContext::get_current_user()->check_level(User::ADMIN_LEVEL)) {
Uploads::Del_folder($del_folder);
} else {
$check_user_id = PersistenceContext::get_querier()->get_column_value(DB_TABLE_UPLOAD_CAT, 'user_id', 'WHERE id = :id', array('id' => $del_folder));
private function upload_module()
{
$modules_folder = PATH_TO_ROOT . '/';
if (!is_writable($modules_folder)) {
$is_writable = @chmod($dir, 0755);
} else {
$is_writable = true;
}
if ($is_writable) {
$uploaded_file = $this->form->get_value('file');
if ($uploaded_file !== null) {
$upload = new Upload($modules_folder);
if ($upload->file('upload_module_file', '`([a-z0-9()_-])+\\.(gz|zip)+$`i')) {
$archive = $modules_folder . $upload->get_filename();
if ($upload->get_extension() == 'gz') {
include_once PATH_TO_ROOT . '/kernel/lib/php/pcl/pcltar.lib.php';
$archive_content = PclTarList($upload->get_filename());
} else {
include_once PATH_TO_ROOT . '/kernel/lib/php/pcl/pclzip.lib.php';
$zip = new PclZip($archive);
$archive_content = $zip->listContent();
}
$archive_root_content = array();
$required_files = array('/config.ini', '/index.php');
foreach ($archive_content as $element) {
if (substr($element['filename'], -1) == '/') {
$element['filename'] = substr($element['filename'], 0, -1);
}
if (substr_count($element['filename'], '/') == 0) {
$archive_root_content[] = array('filename' => $element['filename'], 'folder' => isset($element['folder']) && $element['folder'] == 1 || isset($element['typeflag']) && $element['typeflag'] == 5);
}
if (isset($archive_root_content[0])) {
$name_in_archive = str_replace($archive_root_content[0]['filename'] . '/', '/', $element['filename']);
if (in_array($name_in_archive, $required_files)) {
unset($required_files[array_search($name_in_archive, $required_files)]);
}
}
}
if (count($archive_root_content) == 1 && $archive_root_content[0]['folder'] && empty($required_files)) {
$module_id = $archive_root_content[0]['filename'];
if (!ModulesManager::is_module_installed($module_id)) {
if ($upload->get_extension() == 'gz') {
PclTarExtract($upload->get_filename(), $modules_folder);
} else {
$zip->extract(PCLZIP_OPT_PATH, $modules_folder, PCLZIP_OPT_SET_CHMOD, 0755);
}
$this->install_module($module_id, true);
} else {
$this->view->put('MSG', MessageHelper::display(LangLoader::get_message('element.already_exists', 'status-messages-common'), MessageHelper::NOTICE));
}
} else {
$this->view->put('MSG', MessageHelper::display(LangLoader::get_message('error.invalid_archive_content', 'status-messages-common'), MessageHelper::NOTICE));
}
$uploaded_file = new File($archive);
$uploaded_file->delete();
} else {
$this->view->put('MSG', MessageHelper::display($this->lang['modules.upload_invalid_format'], MessageHelper::NOTICE));
}
} else {
$this->view->put('MSG', MessageHelper::display($this->lang['modules.upload_error'], MessageHelper::NOTICE));
}
}
}
private function upload_avatar($form, $member_extended_field)
{
$avatar = $form->get_value('upload_avatar');
$user_accounts_config = UserAccountsConfig::load();
$authorized_pictures_extensions = FileUploadConfig::load()->get_authorized_picture_extensions();
if (empty($authorized_pictures_extensions)) {
return new MemberExtendedFieldErrorsMessageException(LangLoader::get_message('e_upload_invalid_format', 'errors'));
}
if ($form->get_value('link_avatar')) {
if (preg_match('`([A-Za-z0-9()_-])+\\.(' . implode('|', array_map('preg_quote', $authorized_pictures_extensions)) . ')+$`i', $form->get_value('link_avatar'))) {
$image = new Image($form->get_value('link_avatar'));
if ($image->get_width() > $user_accounts_config->get_max_avatar_width() || $image->get_height() > $user_accounts_config->get_max_avatar_height()) {
if ($user_accounts_config->is_avatar_auto_resizing_enabled()) {
$directory = '/images/avatars/' . Url::encode_rewrite($image->get_name() . '_' . $this->key_hash()) . '.' . $image->get_extension();
$resizer = new ImageResizer();
$resizer->resize_with_max_values($image, $user_accounts_config->get_max_avatar_width(), $user_accounts_config->get_max_avatar_height(), PATH_TO_ROOT . $directory);
$this->delete_old_avatar($member_extended_field);
return $directory;
}
throw new MemberExtendedFieldErrorsMessageException(LangLoader::get_message('e_upload_max_dimension', 'errors'));
}
$this->delete_old_avatar($member_extended_field);
return $form->get_value('link_avatar');
} else {
throw new MemberExtendedFieldErrorsMessageException(LangLoader::get_message('e_upload_invalid_format', 'errors'));
}
} elseif (!empty($avatar)) {
if (UserAccountsConfig::load()->is_avatar_upload_enabled()) {
$dir = '/images/avatars/';
if ($user_accounts_config->is_avatar_auto_resizing_enabled()) {
$image = new Image($avatar->get_temporary_filename());
$resizer = new ImageResizer();
$explode = explode('.', $avatar->get_name());
$extension = array_pop($explode);
if (!in_array($extension, $authorized_pictures_extensions)) {
return new MemberExtendedFieldErrorsMessageException(LangLoader::get_message('e_upload_invalid_format', 'errors'));
}
$explode = explode('.', $avatar->get_name());
$name = $explode[0];
$directory = $dir . Url::encode_rewrite($name . '_' . $this->key_hash()) . '.' . $extension;
try {
$resizer->resize_with_max_values($image, $user_accounts_config->get_max_avatar_width(), $user_accounts_config->get_max_avatar_height(), PATH_TO_ROOT . $directory);
$this->delete_old_avatar($member_extended_field);
return $directory;
} catch (UnsupportedOperationException $e) {
throw new MemberExtendedFieldErrorsMessageException(LangLoader::get_message('e_upload_invalid_format', 'errors'));
}
} else {
$Upload = new Upload(PATH_TO_ROOT . $dir);
$Upload->file($form->get_html_id() . '_upload_avatar', '`([A-Za-z0-9()_-])+\\.(' . implode('|', array_map('preg_quote', $authorized_pictures_extensions)) . ')+$`i', Upload::UNIQ_NAME, $user_accounts_config->get_max_avatar_weight() * 1024);
$upload_error = $Upload->get_error();
if (!empty($upload_error)) {
throw new MemberExtendedFieldErrorsMessageException(LangLoader::get_message($upload_error, 'errors'));
}
$error = $Upload->check_img($user_accounts_config->get_max_avatar_width(), $user_accounts_config->get_max_avatar_height(), Upload::DELETE_ON_ERROR);
if (!empty($error)) {
throw new MemberExtendedFieldErrorsMessageException(LangLoader::get_message($error, 'errors'));
} else {
$this->delete_old_avatar($member_extended_field);
return $dir . $Upload->get_filename();
}
}
}
} else {
return MemberExtendedFieldsService::return_field_member($member_extended_field->get_field_name(), $member_extended_field->get_user_id());
}
}
