public function share_validation()
{
$this->load->library('form_validation');
$this->load->helper('form');
$this->form_validation->set_error_delimiters('<div class="alert alert-error"><button type="button" class="close" data-dismiss="alert">×</button>', '</div>');
//mise en place des regles
$this->form_validation->set_rules('keywords', 'Mots-clés', 'required|encode_php_tags|htmlspecialchars|trim|xss_clean|max_length[200]');
$this->form_validation->set_rules('description', 'Description', 'required|encode_php_tags|htmlspecialchars|trim|xss_clean|max_length[300]');
if ($this->form_validation->run() == FALSE) {
//on affiche le formulaire
$this->share();
} else {
// upload du fichier
$file_up = new Upload();
$user = unserialize($this->session->userdata('user_obj'));
if ($file_up->upload_file($user->id, array('userfile'))) {
// Création fichier
$file = new File();
$file->id_user = $user->id;
$file->desc = $this->input->post('description');
$file->keywords = $this->input->post('keywords');
$file->url = $file_up->files_uploaded[0][0];
$file->type = $file_up->files_uploaded[0][1];
//sauvegarde du fichier
$file->save();
//notification
$this->session->set_userdata('notif_ok', '<div class="alert alert-success"><button type="button" class="close" data-dismiss="alert">×</button><strong>Bravo! </strong> Votre partage a été réussi.</div>');
//redirection sur l'actualité
redirect('flux', 'refresh');
} else {
//on affiche le formulaire
$this->share();
}
}
}
<?php
header("Content-Type:text/html; charset=utf-8");
if ($_POST['submit']) {
$upFile = new Upload();
$upFile->upload_file();
}
class Upload
{
public $name;
public $tmp_name;
public $final_name;
public $target_dir;
public $target_path;
public $file_type;
public $allow_file_types;
public $file_size;
public $file_max_size;
/**
* __construct
*/
public function __construct()
{
$this->name = $_FILES["file"]["name"];
$this->file_type = $_FILES["file"]["type"];
$this->tmp_name = $_FILES["file"]["tmp_name"];
$this->allow_file_types = array('jpeg', 'doc', 'docx', 'dll', 'rar', 'zip', 'wps');
$this->file_size = $_FILES['file']['size'];
$this->target_dir = './Upload';
}
/**
function _upload_image($type = 'avatar')
{
global $FNS, $IN, $PREFS, $DB, $LANG, $SESS, $OUT;
switch ($type)
{
case 'avatar' :
$edit_image = 'edit_avatar';
$enable_pref = 'allow_avatar_uploads';
$not_enabled = 'avatars_not_enabled';
$remove = 'remove_avatar';
$removed = 'avatar_removed';
$updated = 'avatar_updated';
break;
case 'photo' :
$edit_image = 'edit_photo';
$enable_pref = 'enable_photos';
$not_enabled = 'photos_not_enabled';
$remove = 'remove_photo';
$removed = 'photo_removed';
$updated = 'photo_updated';
break;
case 'sig' :
$edit_image = 'edit_signature';
$enable_pref = 'sig_allow_img_upload';
$not_enabled = 'sig_img_not_enabled';
$remove = 'remove_sig_img';
$removed = 'sig_img_removed';
$updated = 'signature_updated';
break;
}
/** ----------------------------------------
/** Is this a remove request?
/** ----------------------------------------*/
if ( ! isset($_POST['remove']))
{
// Is image uploading enabled?
if ($PREFS->ini($enable_pref) == 'n')
{
return $this->_trigger_error($not_enabled, $not_enabled);
}
}
else
{
if ($type == 'avatar')
{
$query = $DB->query("SELECT avatar_filename FROM exp_members WHERE member_id = '".$SESS->userdata('member_id')."'");
if ($query->row['avatar_filename'] == '')
{
return $FNS->redirect($this->_member_path($edit_image));
}
$DB->query("UPDATE exp_members SET avatar_filename = '', avatar_width='', avatar_height='' WHERE member_id = '".$SESS->userdata('member_id')."' ");
if (ereg('/', $query->row['avatar_filename']))
{
@unlink($PREFS->ini('avatar_path', TRUE).$query->row['avatar_filename']);
}
}
elseif ($type == 'photo')
{
$query = $DB->query("SELECT photo_filename FROM exp_members WHERE member_id = '".$SESS->userdata('member_id')."'");
if ($query->row['photo_filename'] == '')
{
return $FNS->redirect($this->_member_path($edit_image));
}
$DB->query("UPDATE exp_members SET photo_filename = '', photo_width='', photo_height='' WHERE member_id = '".$SESS->userdata('member_id')."' ");
@unlink($PREFS->ini('photo_path', TRUE).$query->row['photo_filename']);
}
else
{
$query = $DB->query("SELECT sig_img_filename FROM exp_members WHERE member_id = '".$SESS->userdata('member_id')."'");
if ($query->row['sig_img_filename'] == '')
{
return $FNS->redirect($this->_member_path($edit_image));
}
$DB->query("UPDATE exp_members SET sig_img_filename = '', sig_img_width='', sig_img_height='' WHERE member_id = '".$SESS->userdata('member_id')."' ");
@unlink($PREFS->ini('sig_img_path', TRUE).$query->row['sig_img_filename']);
}
return $this->_var_swap($this->_load_element('success'),
array(
'lang:heading' => $LANG->line($remove),
'lang:message' => $LANG->line($removed)
)
);
}
/** ----------------------------------------
/** Do the have the GD library?
/** ----------------------------------------*/
if ( ! function_exists('getimagesize'))
{
return $this->_trigger_error($edit_image, 'gd_required');
}
/** ----------------------------------------
/** Is there $_FILES data?
/** ----------------------------------------*/
if ( ! isset($_FILES['userfile']))
{
return $FNS->redirect($this->_member_path($edit_image));
}
/** ----------------------------------------
/** Check the image size
/** ----------------------------------------*/
$size = ceil(($_FILES['userfile']['size']/1024));
if ($type == 'avatar')
{
$max_size = ($PREFS->ini('avatar_max_kb') == '' OR $PREFS->ini('avatar_max_kb') == 0) ? 50 : $PREFS->ini('avatar_max_kb');
}
elseif ($type == 'photo')
{
$max_size = ($PREFS->ini('photo_max_kb') == '' OR $PREFS->ini('photo_max_kb') == 0) ? 50 : $PREFS->ini('photo_max_kb');
}
else
{
$max_size = ($PREFS->ini('sig_img_max_kb') == '' OR $PREFS->ini('sig_img_max_kb') == 0) ? 50 : $PREFS->ini('sig_img_max_kb');
}
$max_size = preg_replace("/(\D+)/", "", $max_size);
if ($size > $max_size)
{
return $OUT->show_user_error('submission', str_replace('%s', $max_size, $LANG->line('image_max_size_exceeded')));
}
/** ----------------------------------------
/** Is the upload path valid and writable?
/** ----------------------------------------*/
if ($type == 'avatar')
{
$upload_path = $PREFS->ini('avatar_path', TRUE).'uploads/';
}
elseif ($type == 'photo')
{
$upload_path = $PREFS->ini('photo_path', TRUE);
}
else
{
$upload_path = $PREFS->ini('sig_img_path', TRUE);
}
if ( ! @is_dir($upload_path) OR ! is_writable($upload_path))
{
return $this->_trigger_error($edit_image, 'image_assignment_error');
}
/** -------------------------------------
/** Set some defaults
/** -------------------------------------*/
$filename = $_FILES['userfile']['name'];
if ($type == 'avatar')
{
$max_width = ($PREFS->ini('avatar_max_width') == '' OR $PREFS->ini('avatar_max_width') == 0) ? 100 : $PREFS->ini('avatar_max_width');
$max_height = ($PREFS->ini('avatar_max_height') == '' OR $PREFS->ini('avatar_max_height') == 0) ? 100 : $PREFS->ini('avatar_max_height');
$max_kb = ($PREFS->ini('avatar_max_kb') == '' OR $PREFS->ini('avatar_max_kb') == 0) ? 50 : $PREFS->ini('avatar_max_kb');
}
elseif ($type == 'photo')
{
$max_width = ($PREFS->ini('photo_max_width') == '' OR $PREFS->ini('photo_max_width') == 0) ? 100 : $PREFS->ini('photo_max_width');
$max_height = ($PREFS->ini('photo_max_height') == '' OR $PREFS->ini('photo_max_height') == 0) ? 100 : $PREFS->ini('photo_max_height');
$max_kb = ($PREFS->ini('photo_max_kb') == '' OR $PREFS->ini('photo_max_kb') == 0) ? 50 : $PREFS->ini('photo_max_kb');
}
else
{
$max_width = ($PREFS->ini('sig_img_max_width') == '' OR $PREFS->ini('sig_img_max_width') == 0) ? 100 : $PREFS->ini('sig_img_max_width');
$max_height = ($PREFS->ini('sig_img_max_height') == '' OR $PREFS->ini('sig_img_max_height') == 0) ? 100 : $PREFS->ini('sig_img_max_height');
$max_kb = ($PREFS->ini('sig_img_max_kb') == '' OR $PREFS->ini('sig_img_max_kb') == 0) ? 50 : $PREFS->ini('sig_img_max_kb');
}
/** ----------------------------------------
/** Does the image have a file extension?
/** ----------------------------------------*/
if ( ! ereg('\.', $filename))
{
return $OUT->show_user_error('submission', $LANG->line('invalid_image_type'));
}
/** ----------------------------------------
/** Is it an allowed image type?
/** ----------------------------------------*/
$xy = explode('.', $filename);
$extension = '.'.end($xy);
// We'll do a simple extension check now.
// The file upload class will do a more thorough check later
$types = array('.jpg', '.jpeg', '.gif', '.png');
if ( ! in_array(strtolower($extension), $types))
{
return $OUT->show_user_error('submission', $LANG->line('invalid_image_type'));
}
/** -------------------------------------
/** Assign the name of the image
/** -------------------------------------*/
$new_filename = $type.'_'.$SESS->userdata('member_id').strtolower($extension);
/** -------------------------------------
/** Do they currently have an avatar or photo?
/** -------------------------------------*/
if ($type == 'avatar')
{
$query = $DB->query("SELECT avatar_filename FROM exp_members WHERE member_id = '".$SESS->userdata('member_id')."'");
$old_filename = ($query->row['avatar_filename'] == '') ? '' : $query->row['avatar_filename'];
if (ereg('/', $old_filename))
{
$xy = explode('/', $old_filename);
$old_filename = end($xy);
}
}
elseif ($type == 'photo')
{
$query = $DB->query("SELECT photo_filename FROM exp_members WHERE member_id = '".$SESS->userdata('member_id')."'");
$old_filename = ($query->row['photo_filename'] == '') ? '' : $query->row['photo_filename'];
}
else
{
$query = $DB->query("SELECT sig_img_filename FROM exp_members WHERE member_id = '".$SESS->userdata('member_id')."'");
$old_filename = ($query->row['sig_img_filename'] == '') ? '' : $query->row['sig_img_filename'];
}
/** -------------------------------------
/** Upload the image
/** -------------------------------------*/
require PATH_CORE.'core.upload'.EXT;
$UP = new Upload();
$UP->new_name = $new_filename;
$UP->set_upload_path($upload_path);
$UP->set_allowed_types('img');
if ( ! $UP->upload_file())
{
@unlink($UP->new_name);
$info = ($UP->error_msg == 'invalid_filetype') ? "<div class='itempadbig'>".$LANG->line('invalid_image_type')."</div>" : '';
return $OUT->show_user_error('submission', $LANG->line($UP->error_msg).$info);
}
/** -------------------------------------
/** Do we need to resize?
/** -------------------------------------*/
$vals = @getimagesize($UP->new_name);
$width = $vals['0'];
$height = $vals['1'];
if ($width > $max_width OR $height > $max_height)
{
/** -------------------------------------
/** Was resizing successful?
/** -------------------------------------*/
// If not, we'll delete the uploaded image and
// issue an error saying the file is to big
if ( ! $this->_image_resize($new_filename, $type))
{
@unlink($UP->new_name);
$max_size = str_replace('%x', $max_width, $LANG->line('max_image_size'));
$max_size = str_replace('%y', $max_height, $max_size);
$max_size .= ' - '.$max_kb.'KB';
return $OUT->show_user_error('submission', $max_size);
}
}
/** -------------------------------------
/** Check the width/height one last time
/** -------------------------------------*/
// Since our image resizing class will only reproportion
// based on one axis, we'll check the size again, just to
// be safe. We need to make absolutely sure that if someone
// submits a very short/wide image it'll contrain properly
$vals = @getimagesize($UP->new_name);
$width = $vals['0'];
$height = $vals['1'];
if ($width > $max_width OR $height > $max_height)
{
$this->_image_resize($new_filename, $type, 'height');
$vals = @getimagesize($UP->new_name);
$width = $vals['0'];
$height = $vals['1'];
}
/** -------------------------------------
/** Delete the old file if necessary
/** -------------------------------------*/
if ($old_filename != $new_filename)
{
@unlink($upload_path.$old_filename);
}
/** ----------------------------------------
/** Update DB
/** ----------------------------------------*/
if ($type == 'avatar')
{
$avatar = 'uploads/'.$new_filename;
$DB->query("UPDATE exp_members SET avatar_filename = '{$avatar}', avatar_width='{$width}', avatar_height='{$height}' WHERE member_id = '".$SESS->userdata('member_id')."' ");
}
elseif ($type == 'photo')
{
$DB->query("UPDATE exp_members SET photo_filename = '{$new_filename}', photo_width='{$width}', photo_height='{$height}' WHERE member_id = '".$SESS->userdata('member_id')."' ");
}
else
{
$DB->query("UPDATE exp_members SET sig_img_filename = '{$new_filename}', sig_img_width='{$width}', sig_img_height='{$height}' WHERE member_id = '".$SESS->userdata('member_id')."' ");
}
/** -------------------------------------
/** Success message
/** -------------------------------------*/
return $this->_var_swap($this->_load_element('success'),
array(
'lang:heading' => $LANG->line($edit_image),
'lang:message' => $LANG->line($updated)
)
);
}
if (!empty($additional_image_fields)) {
foreach ($additional_image_fields as $key => $val) {
if (isset($HTTP_POST_VARS[$key]) && intval($val[2]) == 1 && trim($HTTP_POST_VARS[$key]) == "") {
$error = 1;
$field_error = preg_replace("/" . $site_template->start . "field_name" . $site_template->end . "/siU", str_replace(":", "", $val[0]), $lang['field_required']);
$msg .= ($msg != "" ? "<br />" : "") . $field_error;
}
}
}
if (!$error) {
// Start Upload
include ROOT_PATH . 'includes/upload.php';
$site_upload = new Upload();
// Upload Media file
if (!empty($HTTP_POST_FILES['media_file']['tmp_name']) && $HTTP_POST_FILES['media_file']['tmp_name'] != "none") {
$new_name = $site_upload->upload_file("media_file", "media", $upload_cat);
if (!$new_name) {
$msg .= ($msg != "" ? "<br />" : "") . "<b>" . $lang['file_upload_error'] . ": " . $new_name . "</b><br />" . $site_upload->get_upload_errors();
$uploaderror = 1;
}
} else {
$new_name = $remote_media_file;
}
// Upload thumb file
$new_thumb_name = "";
if (!empty($HTTP_POST_FILES['thumb_file']['tmp_name']) && $HTTP_POST_FILES['thumb_file']['tmp_name'] != "none" && !$uploaderror) {
$new_thumb_name = $site_upload->upload_file("thumb_file", "thumb", $upload_cat, get_basefile($new_name));
if (!$new_thumb_name) {
$msg .= ($msg != "" ? "<br />" : "") . "<b>" . $lang['thumb_upload_error'] . ": " . $new_thumb_name . "</b><br />" . $site_upload->get_upload_errors();
@unlink(MEDIA_TEMP_PATH . "/" . $new_name);
$uploaderror = 1;
/** ----------------------------------
/** Upload File
/** ----------------------------------*/
function upload_file()
{
global $IN, $DSP, $DB, $LANG, $SESS;
$id = $IN->GBL('destination');
$field_group = $IN->GBL('field_group');
$query = $DB->query("SELECT * FROM exp_upload_prefs WHERE id = '" . $DB->escape_str($id) . "'");
if ($query->num_rows == 0) {
return;
}
if ($SESS->userdata['group_id'] != 1) {
$safety = $DB->query("SELECT count(*) AS count FROM exp_upload_no_access WHERE upload_id = '" . $query->row['id'] . "' AND upload_loc = 'cp' AND member_group = '" . $SESS->userdata['group_id'] . "'");
if ($safety->row['count'] != 0) {
exit('no access');
return $DSP->no_access_message();
}
}
require PATH_CORE . 'core.upload' . EXT;
$UP = new Upload();
if ($UP->set_upload_path($query->row['server_path']) !== TRUE) {
return $UP->show_error();
}
$UP->set_max_width($query->row['max_width']);
$UP->set_max_height($query->row['max_height']);
$UP->set_max_filesize($query->row['max_size']);
$UP->set_allowed_types($SESS->userdata['group_id'] == 1 ? 'all' : $query->row['allowed_types']);
if (!$UP->upload_file()) {
return $UP->show_error();
}
global $UL;
$UL = $UP;
if ($UL->file_exists == TRUE) {
return $this->file_exists_warning();
}
$this->finalize_uploaded_file(array('id' => $id, 'field_group' => $field_group, 'file_name' => $UP->file_name, 'is_image' => $UP->is_image, 'step' => 1));
}
$error['remote_file'] = 1;
}
if ((empty($HTTP_POST_FILES['thumb_file']['tmp_name']) || $HTTP_POST_FILES['thumb_file']['tmp_name'] == "none") && $remote_thumb_file != "" && !check_remote_thumb($remote_thumb_file) && !check_local_thumb($remote_thumb_file)) {
$error['remote_thumb_file'] = 1;
}
if (!empty($additional_image_fields)) {
foreach ($additional_image_fields as $key => $val) {
if (isset($HTTP_POST_VARS[$key]) && intval($val[2]) == 1 && trim($HTTP_POST_VARS[$key]) == "") {
$error[$key] = 1;
}
}
}
if (!empty($HTTP_POST_FILES['file']['tmp_name']) && $HTTP_POST_FILES['file']['tmp_name'] != "none" && !$error) {
unset($HTTP_POST_VARS['remote_file']);
@rename(MEDIA_PATH . "/" . $old_cat_id . "/" . $old_file_name, MEDIA_PATH . "/" . $old_cat_id . "/" . $old_file_name . ".bak");
$new_name = $site_upload->upload_file("file", "media", $cat_id);
if (!$new_name) {
$error_msg .= $lang['file_upload_error'] . ": <b>" . $HTTP_POST_FILES['file']['name'] . "</b><br />" . $site_upload->get_upload_errors();
@rename(MEDIA_PATH . "/" . $old_cat_id . "/" . $old_file_name . ".bak", MEDIA_PATH . "/" . $old_cat_id . "/" . $old_file_name);
$error = 1;
} else {
unlink(MEDIA_PATH . "/" . $old_cat_id . "/" . $old_file_name . ".bak");
$log[] = $lang['file_upload_success'] . ": <b>{$new_name}</b>";
}
} elseif ((empty($HTTP_POST_FILES['file']['tmp_name']) || $HTTP_POST_FILES['file']['tmp_name'] == "none") && $remote_file != "" && (check_remote_media($remote_file) || check_local_media($remote_file))) {
$new_name = $remote_file;
if (file_exists(MEDIA_PATH . "/" . $old_cat_id . "/" . $old_file_name) && is_file(MEDIA_PATH . "/" . $old_cat_id . "/" . $old_file_name)) {
unlink(MEDIA_PATH . "/" . $old_cat_id . "/" . $old_file_name);
}
} else {
if ($cat_id != $old_cat_id && !empty($old_file_name)) {
$error['remote_file'] = 1;
}
if ((empty($HTTP_POST_FILES['thumb_file']['tmp_name']) || $HTTP_POST_FILES['thumb_file']['tmp_name'] == "none") && $remote_thumb_file != "" && !check_remote_thumb($remote_thumb_file) && !check_local_thumb($remote_thumb_file)) {
$error['remote_thumb_file'] = 1;
}
if (!empty($additional_image_fields)) {
foreach ($additional_image_fields as $key => $val) {
if (isset($HTTP_POST_VARS[$key]) && intval($val[2]) == 1 && trim($HTTP_POST_VARS[$key]) == "") {
$error[$key] = 1;
}
}
}
if (!empty($HTTP_POST_FILES['file']['tmp_name']) && $HTTP_POST_FILES['file']['tmp_name'] != "none" && !$error) {
unset($HTTP_POST_VARS['remote_file']);
@rename(MEDIA_TEMP_PATH . "/" . $old_file_name, MEDIA_TEMP_PATH . "/" . $old_file_name . ".bak");
$new_name = $site_upload->upload_file("file", "media", 0);
if (!$new_name) {
$error_msg .= $lang['file_upload_error'] . ": <b>" . $HTTP_POST_FILES['file']['name'] . "</b><br />" . $site_upload->get_upload_errors();
@rename(MEDIA_TEMP_PATH . "/" . $old_file_name . ".bak", MEDIA_TEMP_PATH . "/" . $old_file_name);
$error = 1;
} else {
$log[] = $lang['file_upload_success'] . ": <b>" . $new_name . "</b>";
}
} elseif ((empty($HTTP_POST_FILES['file']['tmp_name']) || $HTTP_POST_FILES['file']['tmp_name'] == "none") && $remote_file != "" && check_remote_media($remote_file)) {
$new_name = $remote_file;
if (file_exists(MEDIA_TEMP_PATH . "/" . $old_file_name)) {
unlink(MEDIA_TEMP_PATH . "/" . $old_file_name);
}
} else {
$new_name = $old_file_name;
}
<?php
header('Content-type: text/html; charset=UTF-8');
require './Upload.php';
$upload = new Upload($_FILES['arquivo']);
//$upload->set_uploads_folder(__DIR__ . '/tmp/');
//$upload->set_file_name('doctrine');
$upload->set_max_size(20);
$upload->set_overwrite(true);
$upload->set_allowed_types(array('image/jpeg', 'text/plain', 'application/pdf'));
try {
$upload->upload_file();
} catch (Exception $ex) {
echo $ex->getMessage();
}
echo $upload->get_file_path();
//var_dump($upload);
/** -------------------------------------
/** Uploading Attachments
/** -------------------------------------*/
function _attach_file()
{
global $IN, $DB, $FNS, $PREFS, $LOC, $LANG, $SESS;
/** -------------------------------------
/** Check the paths
/** -------------------------------------*/
if ($this->upload_path == '') {
return $LANG->line('unable_to_recieve_attach');
}
if (!@is_dir($this->upload_path) or !@is_writable($this->upload_path)) {
return $LANG->line('unable_to_recieve_attach');
}
/** -------------------------------------
/** Are there previous attachments?
/** -------------------------------------*/
$this->attachments = array();
$attachments_size = 0;
if ($IN->GBL('attach') !== FALSE && $IN->GBL('attach') != '') {
$query = $DB->query("SELECT attachment_id, attachment_size, attachment_location\n \t\t\t\t\t\t FROM exp_message_attachments\n \t\t\t\t\t\t WHERE attachment_id IN ('" . str_replace('|', "','", $IN->GBL('attach')) . "')");
if ($query->num_rows + 1 > $this->max_attachments) {
return $LANG->line('no_more_attachments');
} elseif ($query->num_rows > 0) {
foreach ($query->result as $row) {
if (!file_exists($row['attachment_location'])) {
continue;
}
$this->attachments[] = $row['attachment_id'];
$attachments_size += $row['attachment_size'];
}
}
}
/** -------------------------------------
/** Attachment too hefty?
/** -------------------------------------*/
if ($this->attach_maxsize != 0 && $attachments_size + $_FILES['userfile']['size'] / 1024 > $this->attach_maxsize) {
return $LANG->line('attach_too_large');
}
/** -------------------------------------
/** Fetch the size of all attachments
/** -------------------------------------*/
if ($this->attach_total != '0') {
$query = $DB->query("SELECT SUM(attachment_size) AS total FROM exp_message_attachments WHERE is_temp != 'y'");
if (!empty($query->row['total'])) {
// Is the size of the new file (along with the previous ones) too large?
if (ceil($query->row['total'] + $_FILES['userfile']['size'] / 1024) > $this->attach_total * 1000) {
return $LANG->line('too_many_attachments');
}
}
}
/** -------------------------------------
/** Separate the filename form the extension
/** -------------------------------------*/
if (!class_exists('Image_lib')) {
require PATH_CORE . 'core.image_lib' . EXT;
}
$IM = new Image_lib();
$split = $IM->explode_name($_FILES['userfile']['name']);
$filename = $split['name'];
$extension = $split['ext'];
$filehash = $FNS->random('alpha', 20);
/** -------------------------------------
/** Upload the image
/** -------------------------------------*/
if (!class_exists('Upload')) {
require PATH_CORE . 'core.upload' . EXT;
}
$UP = new Upload();
$UP->set_upload_path($this->upload_path);
$UP->set_allowed_types('all');
$UP->new_name = $filehash . $extension;
if (!$UP->upload_file()) {
@unlink($UP->new_name);
if ($UP->error_msg == 'invalid_filetype') {
$info = implode(', ', $UP->allowed_mimes);
$info = "<div class='default'>" . $LANG->line($UP->error_msg) . "<div class='default'>" . $LANG->line('allowed_mimes') . ' ' . $info . "</div>";
return $info;
}
return $UP->error_msg;
}
/** -------------------------------------
/** Insert into Database
/** -------------------------------------*/
$this->temp_message_id = $FNS->random('nozero', 10);
$data = array('attachment_id' => '', 'sender_id' => $this->member_id, 'message_id' => $this->temp_message_id, 'attachment_name' => $filename . $extension, 'attachment_hash' => $filehash, 'attachment_extension' => $extension, 'attachment_location' => $UP->new_name, 'attachment_date' => $LOC->now, 'attachment_size' => ceil($UP->file_size / 1024));
$DB->query($DB->insert_string('exp_message_attachments', $data));
$attach_id = $DB->insert_id;
/** -------------------------------------
/** Change file name with attach ID
/** -------------------------------------*/
// For convenience we use the attachment ID number as the prefix for all files.
// That way they will be easier to manager.
// OK, whatever you say, Rick. -Paul
if (file_exists($UP->new_name)) {
$final_name = $attach_id . '_' . $filehash;
$final_path = $UP->upload_path . $final_name . $extension;
if (rename($UP->new_name, $final_path)) {
chmod($final_path, 0777);
$DB->query("UPDATE exp_message_attachments SET attachment_hash = '{$final_name}', attachment_location = '{$final_path}' WHERE attachment_id = '{$attach_id}'");
}
}
/** -------------------------------------
/** Load Attachment into array
/** -------------------------------------*/
$this->attachments[] = $attach_id;
/* -------------------------------------
/* Delete Temp Attachments Over 48 Hours Old
/*
/* The temp attachments are kept so long because
/* of draft messages that may contain attachments
/* but will not be sent until later. I think 48
/* hours is enough time. Any longer and the attachment
/* is gone but the message remains.
/* -------------------------------------*/
$expire = $LOC->now - 24 * 60 * 60;
$result = $DB->query("SELECT attachment_location FROM exp_message_attachments \n\t\t\t\t\t\t\t WHERE attachment_date < {$expire}\n\t\t\t\t\t\t\t AND is_temp = 'y'");
if ($result->num_rows > 0) {
foreach ($result->result as $row) {
@unlink($row['attachment_location']);
}
$DB->query("DELETE FROM exp_message_attachments WHERE attachment_date < {$expire} AND is_temp='y'");
}
return TRUE;
}
