<!--
// Adgala, Rohan Karthik Account: jadrn002
// CS545, Fall 2015
// Project #3
-->
<?php
include 'helpers.php';
include 'p3.php';
include 'file_upload.php';
check_post_only();
$params = process_parameters();
fileUpload();
store_data_in_db($params);
include 'confirmation.php';
?>
/**
* 文件上传保存
* @author MaWei (http://www.phpyrb.com)
* @date 2014-10-19 下午2:33:29
*/
function upload()
{
$_FILES['file']['name'];
$data = array();
dump($this->mid);
$data['uid'] = $this->mid;
$data['title'] = text($_REQUEST['title']);
$data['cateid'] = intval($_REQUEST['cateid']);
$data['type'] = intval($_REQUEST['sourctype']);
$data['grade'] = intval($_REQUEST['grade']);
$data['keyword'] = text($_REQUEST['keyword']);
$data['discription'] = text($_REQUEST['discription']);
$data['uptime'] = time();
$reid = add_updata($data, 'Sourc');
if ($reid) {
$attach = array();
$file = fileUpload();
$attach['sourc_id'] = $reid;
$attach['name'] = $file['name'];
$attach['path'] = $file['path'];
$attach['size'] = $file['size'];
$attach['hash'] = $file['hash'];
$reid = add_updata($attach, 'SourcAttach');
}
dump($reid);
}
public function addcat()
{
if (isset($_GET['catid'])) {
$categorymodel = new categorymodel("admin_cat");
$this->assign("catid", $_GET['catid']);
$this->display();
} elseif (isset($_POST['dosubmit'])) {
//验证必须字段
$catname = trim($_POST['catname']);
if (empty($catname)) {
$returndata = array("errorMsg" => '验证错误,栏目名称为空');
$this->ajaxReturn($returndata);
}
//开始处理字段,空处理,格式转化,sql注入
$categorymodel = new categorymodel('admin_cat');
//栏目名称唯一性验证
$exsitcat = $categorymodel->excute("select catid from admin_cat where catname='{$catname}' limit 1");
if (count($exsitcat) > 0) {
$returndata = array("errorMsg" => '栏目名称重复');
$this->ajaxReturn($returndata);
}
//栏目名称
$categorymodel->data['catname'] = $_POST['catname'];
//父id
if (isset($_POST['parentid'])) {
$categorymodel->data['parentid'] = intval($_POST['parentid']);
}
//栏目图片
if (isset($_FILES['img'])) {
$status = fileUpload('img');
if ($status[0] == '0') {
$returndata = array("errorMsg" => $status[1]);
$this->ajaxReturn($returndata);
} elseif ($status[0] == '1') {
$image = $status[2];
}
$categorymodel->data['image'] = $image;
}
if (isset($_POST['style'])) {
$categorymodel->data['style'] = $_POST['style'];
}
if (isset($_POST['isdisplay'])) {
$categorymodel->data['isdisplay'] = $_POST['isdisplay'];
} else {
$categorymodel->data['isdisplay'] = 0;
}
if (isset($_POST['keywords'])) {
$categorymodel->data['keywords'] = $_POST['keywords'];
}
$row = $categorymodel->add();
if ($row > 0) {
$returndata = array("successMsg" => '栏目添加成功');
} else {
$returndata = array("errorMsg" => '栏目添加失败');
}
$this->ajaxReturn($returndata);
}
}
function fileCheck($imgFile)
{
if (isset($imgFile)) {
$check = getimagesize($imgFile["tmp_name"]);
if ($check !== false) {
return fileUpload($imgFile);
} else {
$_SESSION['status'] = 'error';
$_SESSION['flashData'] = 'File is not an image';
header('location:' . baseUrl . 'admin/gallery/');
}
} else {
$_SESSION['status'] = 'error';
$_SESSION['flashData'] = 'File is not selected';
header('location:' . baseUrl . 'admin/gallery/');
}
}
function postVarsToBiblio($post)
{
require_once "../classes/Biblio.php";
require_once "../classes/BiblioField.php";
$biblio = new Biblio();
$biblio->setMaterialCd($post["materialCd"]);
$biblio->setCollectionCd($post["collectionCd"]);
$biblio->setCallNmbr1($post["callNmbr1"]);
$biblio->setCallNmbr2($post["callNmbr2"]);
$biblio->setCallNmbr3($post["callNmbr3"]);
$biblio->setLanguage($post["language"]);
$biblio->setOthernumber($post["othernumber"]);
#print( "input upload = " + $_FILES['input_upload']['size'] );
//set image location
if ($_FILES['input_upload']['size'] == 0) {
$img = DEFAULT_IMAGE;
} else {
$img = fileUpload("input_upload");
}
$biblio->setImageLocation($img);
$biblio->setLastChangeUserid($_SESSION["userid"]);
$biblio->setOpacFlg(isset($post["opacFlg"]));
$indexes = $post["indexes"];
foreach ($indexes as $index) {
$value = $post["values"][$index];
$fieldid = $post["fieldIds"][$index];
$tag = $post["tags"][$index];
$subfieldCd = $post["subfieldCds"][$index];
$requiredFlg = $post["requiredFlgs"][$index];
$biblioFld = new BiblioField();
$biblioFld->setFieldid($fieldid);
$biblioFld->setTag($tag);
$biblioFld->setSubfieldCd($subfieldCd);
$biblioFld->setIsRequired($requiredFlg);
$biblioFld->setFieldData($value);
$biblio->addBiblioField($index, $biblioFld);
}
return $biblio;
}
}
}
}
}
}
}
} else {
setcookie('token', 'Time out', time() - 3600);
}
//Download URL pattern: controller.php?operation=download&fileName=???
if ('download' == @$_GET['operation']) {
fileDownload($_GET['fileName'], getCurrentPath());
//Upload URL pattern: controller.php?operation=upload
} else {
if ('upload' == @$_GET['operation']) {
fileUpload(getCurrentPath());
}
}
// Button click action
/**
* Go to a assigned path, and send the array of file objects with JSON format to client.
* @param unknown_type $path
*/
function gotoPath($path)
{
setCurrentPath($path);
$file = @scandir($path);
$files = array();
$dotPattern = '/^(\\.){1,2}$/i';
$suffixPattern = '/^[^\\.]\\S*(?<=\\.)(\\S+)$|^\\.\\S+(?<=\\.)(\\S+)$/i';
//Add all files in the current path to the array $files
$safeMode = @ini_get("safe_mode") == 'On' || @ini_get("safe_mode") == 1 ? TRUE : FALSE;
if ($safeMode === FALSE) {
set_time_limit(30 * count($_FILES));
// Sets maximum execution time to 30 seconds for each of the uploaded files
}
// loop through incoming $_FILES variable and create arrays for conversion to email attachment
$file_error_message = '';
$thiscount = 1;
foreach ($_FILES as $file) {
if (trim($file['name']) != '') {
switch ($file['error']) {
case 0:
//no error so proceed
$no_files++;
//increment file count
$v = fileUpload($file, $allowedFileTypes, $no_files);
break;
case $file['error'] == 1 || $file['error'] == 2:
// upload too large
$file_error_message .= "File #" . $no_files . ' ' . $file['name'] . " exceeds the maximum file size. Error: " . $file['error'] . ".<br />";
break;
case $file['error'] == 3:
// incomplete upload
$file_error_message .= "File #" . $no_files . ' ' . $file['name'] . " was only partially uploaded. Error: " . $file['error'] . ".<br />";
break;
case $file['error'] == 4:
// no file was uploaded
$file_error_message .= "File #" . $no_files . ' ' . $file['name'] . " could not be uploaded ... internal error. Error: " . $file['error'] . ".<br />";
break;
case $file['error'] == 6:
// missing temporary folder
if ($_REQUEST['submit']) {
$user_data['user_fullname'] = $_REQUEST['user_fullname'];
$user_data['user_primary_email'] = $_REQUEST['user_primary_email'];
$user_data['user_paypal_account_email'] = $_REQUEST['user_paypal_account_email'];
$user_data['user_desc'] = htmlspecialchars($_REQUEST['user_desc'], ENT_QUOTES);
if ($_FILES['user_image']['name'] != '') {
$user_data['user_image'] = date("ymdhi") . $_FILES['user_image']['name'];
}
$fldArray['user_id'] = $_SESSION['user_id'];
$rs_user = $user->dataUpdate('ninerr_user', $user_data, $fldArray);
$fileName = $_FILES['user_image']['name'];
$fileSize = '2000';
$fileTempName = $_FILES['user_image']['tmp_name'];
$folderPath = 'userimg';
$oldfileName = '';
fileUpload($fileName, $oldfileName, $fileSize, $fileTempName, $folderPath, $maxSize = 5242880);
reDirect('profile_edit.php');
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title><?php
echo SITE_TITLE;
?>
</title>
<link href="css/style.css" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="javascript/jquery.min.js"></script>
<script type="text/javascript" src="javascript/jquery.simplemodal.js"></script>
<script type="text/javascript" src="javascript/init.js"></script>
$boxDetails = mysql_query($boxDetailsSQL);
$rowsBoxes = mysql_fetch_assoc($boxDetails);
$aes = new Crypt_AES();
$aes->setKeyLength(256);
$aes->setKey(CRYPT_KEY);
$sftp = new Net_SFTP($rowsBoxes['ip'], $rowsBoxes['sshport']);
if (!$sftp->login($rowsBoxes['login'], $aes->decrypt($rowsBoxes['password']))) {
echo 'Failed to connect';
die;
}
//ACTION SELECTOR
if ($action == 'list') {
getlist($rowsBoxes, $extendedPath, $sftp);
}
if ($action == 'fileUpload') {
fileUpload($rowsBoxes, $extendedPath, $sftp);
}
if ($action == 'delete') {
delete($rowsBoxes, $extendedPath, $sftp);
}
//ACTION FUNCTIONS
function delete($rowsBoxes, $extendedPath, $sftp)
{
$remoteFile = dirname($rowsBoxes['path']) . '/' . trim($extendedPath . '/');
return $sftp->delete($remoteFile, true);
}
function fileUpload($rowsBoxes, $extendedPath, $sftp)
{
$sourceFile = $_FILES["uploadFile"]["tmp_name"];
$sourceName = $_FILES["uploadFile"]["name"];
$remoteFile = dirname($rowsBoxes['path']) . '/' . trim($extendedPath . '/' . $sourceName, '/');
function serviceHandle($body_arr)
{
$servicecode = $body_arr['servicecode'];
$path = ICMethod::getFilePath($servicecode);
$filerule = ICMethod::getFilename($servicecode);
$PHP_SELF = $_SERVER['SCRIPT_NAME'];
$webrooturl = 'http://' . $_SERVER['HTTP_HOST'] . substr($PHP_SELF, 0, strrpos($PHP_SELF, '/') + 1);
$fileCallback = array("flag" => true, "error" => "", "filename" => "");
//上传文件回调信息
if (isset($body_arr["filebase64"]) && $body_arr["filebase64"] != "null") {
//文件以base64方式上传
$info = base64upload($path, $filerule . ".png", $body_arr["filebase64"]);
if (!empty($info["error"])) {
$fileCallback["flag"] = false;
$fileCallback["error"] = $info["error"];
} else {
$fileCallback["filename"] .= "," . $webrooturl . $path . $info["filename"];
}
} else {
$files = dealFiles($_FILES);
//处理文件,把上传的文件(单、多文件)内容解析为可处理的数组
if (count($files) > 0) {
foreach ($files as $key => $file) {
//单文件或多文件上传
if ($file["error"] > 0) {
//错误发生
/*
* 1 : 上传的文件超过了 php.ini 中 upload_max_filesize 选项限制的值.
* 2 : 上传文件的大小超过了 HTML 表单中 MAX_FILE_SIZE 选项指定的值。
* 3 : 文件只有部分被上传
* 4 : 没有文件被上传
*/
switch ($file["error"]) {
case 1:
$fileCallback["error"] = "上传的文件超过了php.ini 中 upload_max_filesize 选项限制的值";
break;
case 2:
$fileCallback["error"] = "上传文件的大小超过了 HTML 表单中 MAX_FILE_SIZE 选项指定的值";
break;
case 3:
$fileCallback["error"] = "文件只有部分被上传";
break;
case 4:
$fileCallback["error"] = "没有文件被上传";
break;
default:
$fileCallback["error"] = "未知错误.error code = " . $file["error"];
}
$fileCallback["flag"] = false;
break;
}
if (empty($file["name"])) {
$fileCallback["error"] = "上传文件名为空";
$fileCallback["flag"] = false;
break;
}
$extend = get_extend_new($file['name']);
$filename = (count($files) == 1 ? $filerule : $filerule . $key) . ($extend == "" ? "" : "." . $extend);
$info = fileUpload($path, $filename, $file);
//文件上传
if (!empty($info["error"])) {
$fileCallback["flag"] = false;
$fileCallback["error"] = $info["error"];
break;
} else {
$fileCallback["filename"] .= "," . $webrooturl . $path . $info["filename"];
}
}
} else {
$fileCallback["error"] = "无上传文件,检查Appache配置";
$fileCallback["flag"] = false;
}
}
$fileCallback['body'] = $body_arr;
$fileCallback['realfileurl'] = dirname(dirname(dirname(__FILE__))) . '/' . $path . $info["filename"];
return ICMethod::jsonCallbackHandle($fileCallback);
}
<!--
Book Listing Page: Last edited 23.10.15
-->
<?php
include "config.php";
include "functions.php";
websiteHeader();
?>
<body>
<?php
$target_file = fileUpload();
$actionUrl = checkListingMode($target_file);
?>
<div id="book-listing-container">
<div class="book-listing-form">
<?php
listingHeader();
?>
<div class="field-names">
<p>Title:</p>
<p>Author:</p>
<p>Edition:</p>
<p>ISBN:</p>
<p>Condition:</p>
<p>Image:</p>
</div>
function main()
{
if (isset($_POST["route"])) {
$route = $_POST["route"];
if ($route === "fileupload") {
fileUpload();
}
} else {
// testing();
}
}
function DoResponse()
{
if (!isset($_GET['Command']) || !isset($_GET['Type']) || !isset($_GET['CurrentFolder'])) {
return;
}
// Get the main request informaiton.
$sCommand = $_GET['Command'];
$sResourceType = $_GET['Type'];
$sCurrentFolder = $_GET['CurrentFolder'];
// Check if it is an allowed type.
if (!in_array($sResourceType, array('file', 'image', 'flash', 'media'))) {
return;
}
// Check the current folder syntax (must begin and start with a slash).
if (!ereg('/$', $sCurrentFolder)) {
$sCurrentFolder .= '/';
}
if (strpos($sCurrentFolder, '/') !== 0) {
$sCurrentFolder = '/' . $sCurrentFolder;
}
// Check for invalid folder paths (..)
if (strpos($sCurrentFolder, '..')) {
SendError(102, "");
}
// file Upload doesn't have to Return XML, so it must be intercepted before anything.
if ($sCommand == 'fileUpload') {
fileUpload($sResourceType, $sCurrentFolder);
return;
}
CreateXmlHeader($sCommand, $sResourceType, $sCurrentFolder);
// Execute the required command.
switch ($sCommand) {
case 'GetFolders':
GetFolders($sResourceType, $sCurrentFolder);
break;
case 'GetFoldersAndfiles':
GetFoldersAndfiles($sResourceType, $sCurrentFolder);
break;
case 'CreateFolder':
CreateFolder($sResourceType, $sCurrentFolder);
break;
}
CreateXmlFooter();
mexit();
}
function readCsv($nodes)
{
$message = fileUpload();
if ($message['uploaded'] == 1) {
if (($handle = fopen("Uploads/" . $message['file'], "r")) !== FALSE) {
while (($data = fgetcsv($handle, 1000, "\r\n", ",")) !== FALSE) {
for ($c = 0; $c < 1; $c++) {
$values[] = $data[$c] . "\n";
}
}
fclose($handle);
$count = count($values);
$result = $count / $nodes;
$fileCount = $count / $result;
$chunk = array_chunk($values, $result, true);
$names = getSuffixes();
for ($i = 0; $i < $fileCount; $i++) {
$c = $i + 1;
file_put_contents('/var/www/uploads/' . $names[$c] . '.csv', $chunk[$i]);
}
} else {
return 'handle failed.';
}
}
return $message;
}
function uploadLogo($kodeSupplier)
{
global $s, $inp, $par, $fFile;
$fileUpload = $_FILES["logoSupplier"]["tmp_name"];
$fileUpload_name = $_FILES["logoSupplier"]["name"];
if ($fileUpload != "" and $fileUpload != "none") {
fileUpload($fileUpload, $fileUpload_name, $fFile);
$logoSupplier = "logo-" . $kodeSupplier . "." . getExtension($fileUpload_name);
fileRename($fFile, $fileUpload_name, $logoSupplier);
}
if (empty($logoSupplier)) {
$logoSupplier = getField("select logoSupplier from dta_supplier where kodeSupplier='{$kodeSupplier}'");
}
return $logoSupplier;
}
extract($_POST);
$obj_setting = new common();
$obj = new validation();
/* Get Current Date Time Stamp */
$currentTimestamp = getCurrentTimestamp();
$adminSql = $obj_setting->customQuery("SELECT logo FROM " . TBL_ADMIN . " where id='" . $_SESSION['LoggedInId'] . "'");
$adminResult = $db->fetchNextObject($adminSql);
$oldImageNameName = $adminResult->logo;
$imageName = $oldImageNameName;
#predefined so if no image name found then it will take image name from datsabase table
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
#checking if image uploaded or not
if (isset($_FILES['logo_header']['tmp_name']) and $_FILES['logo_header']['tmp_name'] != '') {
$imageTypes = array('image/gif', 'image/jpeg', 'image/pjpeg');
$imageName = $currentTimestamp . '_' . $_FILES['logo_header']['name'];
$successstatus = fileUpload(LIST_ROOT_ADMIN . '/images/logo_header/', $imageName, 'logo_header', $imageTypes, 200, $oldImageNameName, 'header_logo.jpg');
switch ($successstatus) {
case 0:
$imageName = $oldImageNameName;
break;
case 1:
$imageName = $imageName;
break;
case 2:
$imageName = $oldImageNameName;
break;
}
} else {
$imageName = $oldImageNameName;
$successstatus = 1;
}
// adjust value
$post['title'] = addslashes($post['title']);
$post['content'] = addslashes($post['content']);
// update db
$dbUpdateResult = (require_once __DIR__ . '/../' . $this->set['skin'] . '/transaction_' . $method . '.php');
// include func
require_once 'func.php';
// move data file_tmp to file
if ($dbUpdateResult['state'] == 'success') {
// set article_srl
$article_srl = (int) $post['article_srl'];
// get article json
$article_json = getArticleJSON($article_srl);
$new_article_json = $article_json;
// move file_tmp to file data
$thumnail_srl = fileUpload($post, $article_srl, $article_json['thumnail']['srl']);
// upload thumnail image
if ($post['thumnail_image']) {
// load file module
if (file_exists(__GOOSE_PWD__ . $article_json['thumnail']['url'])) {
unlink(__GOOSE_PWD__ . $article_json['thumnail']['url']);
}
// upload
$thumnailUrl = uploadThumnail($_POST['thumnail_image']);
// set json
$new_article_json['thumnail']['srl'] = $thumnail_srl;
$new_article_json['thumnail']['url'] = $thumnailUrl;
$thumnailUploaded = true;
}
// 썸네일 이미지는 있고, 썸네일 이미지가 새로 만들어지지 않을때
if ($article_json['thumnail']['srl'] && !$thumnailUploaded) {
}
// =====================
// csv to php object
// =====================
/* command line
* -u user
* -p password
* -f file location
* -t test (if present)
*/
//get command line options
$options = getopt("u:p:f:t");
// if not run in terminal (web page)
if (!isset($options['f'])) {
$GLOBALS["newline"] = "<br/>\n";
$uploaded = fileUpload('csv');
if ($uploaded !== true) {
exit;
}
$csv = new SplFileObject(__DIR__ . '/../uploads/current.csv');
} else {
$GLOBALS["newline"] = "\n";
$_POST["user"] = $options['u'];
$_POST["password"] = $options['p'];
if (isset($options['t'])) {
$_POST['test'] = true;
}
if (strpos('/', $options['f']) == false) {
$csv = new SplFileObject(__DIR__ . '/../uploads/' . $options['f']);
} else {
$csv = new SplFileObject($options['f']);
