$plugin['error']['image'] = $plugin['data']['upload']['error']; } } if ($plugin['data']['adcampaign_id'] && !empty($_FILES['adcampaign_upload_flash']['name'])) { // flash upload $plugin['data']['upload'] = saveUploadedFile('adcampaign_upload_flash', PHPWCMS_CONTENT . 'ads/' . $plugin['data']['adcampaign_id'] . '/', 'swf', '', '1,4'); if ($plugin['data']['upload']['status']) { $plugin['data']['adcampaign_data']['flash'] = $plugin['data']['upload']['rename']; unset($_POST['save']); } else { $plugin['error']['flash'] = $plugin['data']['upload']['error']; } } if ($plugin['data']['adcampaign_id'] && !empty($_FILES['adcampaign_upload_css']['name'])) { // css upload $plugin['data']['upload'] = saveUploadedFile('adcampaign_upload_css', PHPWCMS_CONTENT . 'ads/' . $plugin['data']['adcampaign_id'] . '/', 'css', '', '1,4'); if ($plugin['data']['upload']['status']) { $plugin['data']['adcampaign_data']['css'] = $plugin['data']['upload']['rename']; unset($_POST['save']); } else { $plugin['error']['css'] = $plugin['data']['upload']['error']; } } if (!isset($plugin['error'])) { if ($plugin['data']['adcampaign_duplicate']) { $plugin['data']['adcampaign_id'] = 0; } if ($plugin['data']['adcampaign_id']) { // UPDATE $sql = 'UPDATE ' . DB_PREPEND . 'phpwcms_ads_campaign SET '; $sql .= "adcampaign_changed='" . aporeplace($plugin['data']['adcampaign_changed']) . "', ";
/** * Uploads the file * @param $moduleComponentId page_modulecomponentid * @param $moduleName The module which is calling this function * @param $uploadFormName The name of the variable used in forms to upload the file * @param $userId The user uploading the file * @return $uploadedFiles An array of the names of the files uploaded. The file name is mysql_escaped and then uploaded * * * TODO : when called by a module check if it exists in enum field in DB if not give error. */ function upload($moduleComponentId, $moduleName, $userId, $uploadFormName, $maxFileSizeInBytes = false, $uploadableFileTypesArray = false) { if ($maxFileSizeInBytes === false) { $maxFileSizeInBytes = 2 * 1024 * 1024; } global $sourceFolder; global $uploadFolder; $uploadDir = $sourceFolder . "/" . $uploadFolder; $defaultUploadableFileTypes = '/\\.(css|xlsx|gif|png|jpe?g|js|html|xml|pdf|doc|docx|ods|odt|oft|pps|ppt|pptx|avi|txt|std|stc|sti|stw|svgz?|sxc|sx.|tex|tiff|txt|chm|mp3|mp2|wave?|ogg|mpe?g|wmv|wma|wmf|rm|avi|gzip|gz|rar|bmp|psd|bz2|tar|zip|swf|fla|flv|eps|ico|xcf|m3u|lit|bcf|xls|mov|xlr|exe|7?z)$/i'; if ($uploadableFileTypesArray === false) { $uploadFileTypesRegexp = $defaultUploadableFileTypes; } else { if (gettype($uploadableFileTypesArray) != "array" || count($uploadableFileTypesArray) == 0) { displayerror("Error in the uploadable types given."); return false; } $uploadFileTypesRegexp = '/\\.(' . join($uploadableFileTypesArray, "|") . ')$/i'; } /// Checking if the upload folder exists and creating it if doesn't exist if (!file_exists($uploadDir)) { displaywarning("The folder {$uploadDir} does not exist. Trying to creating it."); mkdir($uploadDir, 0755); if (!file_exists($uploadDir)) { displayerror("Creation of directory failed"); return false; } else { displayinfo("Created {$uploadDir}."); } } /// Checking for existing directory named as the module and creating it if doesn't exist if (!file_exists($uploadDir . '/' . $moduleName)) { displaywarning("The folder " . $uploadDir . '/' . $moduleName . " does not exist. Trying to create it"); mkdir($uploadDir . '/' . $moduleName, 0755); if (!file_exists($uploadDir . '/' . $moduleName)) { displayerror("Creation of directory failed"); return false; } else { displayinfo("Created " . $uploadDir . '/' . $moduleName); } } $uploadedFiles = array(); //displayinfo( "$uploadDir/$moduleName is " . (is_writable($uploadDir."/".$moduleName) ? "" : "not ") . " now writable<br>"); if (isset($_FILES[$uploadFormName])) { if (is_array($_FILES[$uploadFormName]['error'])) { foreach ($_FILES[$uploadFormName]['error'] as $key => $error) { if ($error == UPLOAD_ERR_OK) { $tmp_name = $_FILES[$uploadFormName]['tmp_name'][$key]; $upload_filename = $_FILES[$uploadFormName]['name'][$key]; $upload_filetype = $_FILES[$uploadFormName]['type'][$key]; if (preg_match($uploadFileTypesRegexp, $upload_filename, $matches) == 0) { displayerror("Error while uploading file {$upload_filename}. Upload of files of this type not allowed."); continue; } if ($_FILES[$uploadFormName]['size'][$key] > $maxFileSizeInBytes) { displayerror("Error while uploading file {$upload_filename}. Max file size of {$maxFileSizeInBytes} bytes exceeded."); continue; } $uploadedFilename = saveUploadedFile($moduleComponentId, $moduleName, $userId, $upload_filename, $tmp_name, $upload_filetype, $uploadDir); if ($uploadedFilename) { $uploadedFiles[] = $uploadedFilename; } } else { if ($error == UPLOAD_ERR_NO_FILE) { continue; } displayerror("Unable to upload file. " . getFileUploadError($error)); } } } else { $uploadTrue = true; $upload_filename = $_FILES[$uploadFormName]['name']; /// Checking if the uploaded file is of the permssible file types. if (preg_match($uploadFileTypesRegexp, $upload_filename, $matches) == 0) { displayerror("Error while uploading file {$upload_filename}. Upload of files of this type not allowed."); $uploadTrue = false; } /// Checking if the uploaded file is below the maximum upload size. if ($uploadTrue && $_FILES[$uploadFormName]['size'] > $maxFileSizeInBytes) { displayerror("Error while uploading file {$upload_filename}. Max file size of {$maxFileSizeInBytes} bytes exceeded."); $uploadTrue = false; } if ($uploadTrue) { $uploadedFilename = saveUploadedFile($moduleComponentId, $moduleName, $userId, $_FILES[$uploadFormName]['name'], $_FILES[$uploadFormName]['tmp_name'], $_FILES[$uploadFormName]['type'], $uploadDir); } if ($uploadedFilename) { $uploadedFiles[] = $uploadedFilename; } } } else { echo "Sorry, there was a problem uploading your file. UPLOAD L:123 {$uploadFormName}"; } return $uploadedFiles; }
/** * API - update single fields of an item via AJAX */ public function APIupdate(Request $request, $item_id = null) { // Is this a generic item update (different field names) ? if ($request->has('id') && $request->has('value')) { $arr_id = explode('-', $request->id); $field_name = $arr_id[0]; if (count($arr_id) > 2) { $item_id = explode('-', $request->id)[3]; } } elseif ($item_id) { $field_name = 'song_id'; $request->value = $request->song_id; } else { return response()->json(['status' => 404, 'data' => 'APIupdate: item_id missing!'], 404); } // Is this a notes update? if ($field_name == 'notes') { return $this->UpdateItemNotes($item_id, $request->value); } // As AJAX doesn't allow to send an 'empty' value, we send a // placeholder ('_') instead, which indicates that the field should be cleared if ($field_name == 'comment' || $field_name == 'key') { if ($request->value == '_') { $request->value = ''; } } // make sure the value for this field is a correct date value if ($field_name == 'reported_at') { $request->value = Carbon::parse($request->value); } // find the single resource $item = Item::find($item_id); if ($item) { // check authentication $plan = Plan::find($item->plan_id); if (!checkRights($plan)) { return response()->json(['status' => 401, 'data' => 'Not authorized'], 401); } // cater for boolean values if ($request->value == 'true') { $request->value = 1; } if ($request->value == 'false') { $request->value = 0; } // check if a valid file was submitted if ($request->hasFile('file') && $request->file('file')->isValid()) { // use the helper function $file = saveUploadedFile($request); // add the file as a relationship to the song $item->files()->save($file); // as we only attached a file to an existing item, we can return now return $file->filename; } // debug logging Log::debug('API item update request - ID:' . $item_id . ', FIELD:' . $field_name . ', VALUE:' . $request->value); $item->update([$field_name => $request->value]); // notify event listener that an item was updated event(new CspotItemUpdated($item)); // return text to sender return $item[$field_name]; } return response()->json(['status' => 404, 'data' => 'APIupdate: item not found'], 404); }
/** * Insert a new item into the list of items of a plan * * Make sure the new sequence number fits sequentially into * the list of sequence numbers of the existing items for a plan * and that all current sequence numbers are in 1.0 steps * * @param object $request */ function insertItem($request) { // get plan id from the hidden input field in the form $plan_id = $request->plan_id; // get new seq no for this item $new_seq_no = $request->seq_no; // get the Plan model and find the plan $plan = Plan::find($plan_id); // get all the items for this plan, ordered by their seq_no $items = $plan->items()->orderBy('seq_no')->get(); Log::debug('INSERTITEM - newSeqNo old: ' . $new_seq_no); // We are going to number all the items of this plan, starting with 1.0 $counter = 1.0; // if the new item already has a seq_no of 1 or smaller, we change it to one // and increase the counter, so that all subsequent items have the correct seq_no if ($new_seq_no <= $counter) { $new_seq_no = 1; $counter = 2; } // Loop through each item of the plan, making sure the // seq_no of each item is always 1.0 bigger than the previous foreach ($items as $item) { Log::debug('$counter - $item->seq_no - $new_seq_no --- ' . $counter . ' - ' . $item->seq_no . ' - ' . $new_seq_no); // Is this the position (seq_no) for the NEW ITEM? if ($new_seq_no <= $item->seq_no && $new_seq_no > $counter - 1) { $new_seq_no = $counter; $counter += 1; } // If we inserted the new item earlier, all subsequent items // need to have a new seq_no if ($item->seq_no != $counter) { # update the current loop-item to correspond to the counter $item->seq_no = $counter; # Now get the actual DB record $i = Item::find($item->id); // update the item accordingly $i->seq_no = $counter; $i->save(); } // increase the counter to reflect the current seq_no $counter += 1.0; } // change new seq_no if it's bigger than the current counter if ($new_seq_no >= $counter - 1) { $new_seq_no = $counter; } Log::debug('INSERTITEM - newSeqNo new: ' . $new_seq_no); // create a new Item using the input data from the request $newItem = new Item($request->except(['seq_no', 'moreItems', '_token'])); $newItem->seq_no = $new_seq_no; // check if a song id was provided in the request if (isset($request->song_id)) { $newItem->song_freshness = calculateSongFreshness($request->song_id, $plan->leader_id, $plan->date); $newItem->song_id = $request->song_id; } // saving the new Item via the relationship to the Plan $item = $plan->items()->save($newItem); $plan->new_seq_no = $new_seq_no; $plan->newest_item_id = $item->id; // notify event listener that an item was updated $new_item = Item::find($plan->newest_item_id); if ($new_item) { event(new CspotItemUpdated($new_item)); } // handle file uplaods if ($request->hasFile('file')) { flash('Image file added!'); if ($request->file('file')->isValid()) { // use the helper function $file = saveUploadedFile($request); // add the file as a relationship to the song $item->files()->save($file); } else { flash('Uploaded file could not be validated!'); } } // handle file linking if ($request->has('file_id')) { // get the requested file as object $file = File::find($request->file_id); // and save it to the plan item $item->files()->save($file); // set item comment to filename if ($item->comment == null || $item->comment == false || $item->comment == '' || $item->comment == ' ') { } $item->update(['comment' => $file->filename]); flash('Image file was added to the plan'); } if (isset($newItem->song_id)) { $msg = $newItem->song->title; } else { $msg = $newItem->comment; } flash('New Item added: ' . $msg); return $plan; }
case 'jpg': $retourSaveImage = imagejpeg($logoRecreated, $picturePath); break; case 'png': $retourSaveImage = imagepng($logoRecreated, $picturePath); break; } $retourDestroy = imagedestroy($logoRecreated); if (!$retourSaveImage || !$retourDestroy) { return -9; } /* * All tests are passed, the function return the path of the new image * */ return $pictureName; } } } else { return -6; } } } } } else { return -1; } } var_dump($_FILES); echo "<br>"; echo saveUploadedFile('file', './');
/** * Update the specified resource in storage. * * @param \Illuminate\Http\Request $request * @param int $id * @return \Illuminate\Http\Response */ public function update(StoreSongRequest $request, $id) { // get this Song $song = Song::find($id); // handle error if song is not found! if (!$song) { flash('Song not found!!'); return redirect()->back(); } // handle file uplaods if ($request->hasFile('file')) { if ($request->file('file')->isValid()) { // user helper function, save attached file and assign a file category of id 1 (song) $file = saveUploadedFile($request); // add the file as a relationship to the song $song->files()->save($file); // set filename as Book Ref plus Song Title $file->filename = ($song->book_ref ? $song->book_ref : '') . ' - ' . $song->title; $file->save(); } else { flash('Uploaded file could not be validated!'); } } // set license type to CCLI if not set but CCLI_NO was given if ($request->has('ccli_no') && (!$request->has('license') || $request->has('license') && $request->license == '')) { $song->license = 'CCLI'; } // set license type to PD if not set but hymnaldotnet_id was given if ($request->has('hymnaldotnet_id') && (!$request->has('license') || $request->has('license') && $request->license == '')) { $song->license = 'PD'; } // update from request $song->update($request->except(['_method', '_token', 'youtube_id'])); // handle yt id seperately in order to use the Song Model setter method $song->youtube_id = $request->youtube_id; $song->save(); // make sure no chached item refers to a changed song deleteCachedItemsContainingSongId($song); // get the Pagination $currentPage = 9; if ($request->has('currentPage')) { $currentPage = $request->currentPage; } // instead of flashing, maybe show the field 'updated_at' in the form? flash('Song or item "' . $request->title . '" updated.'); return redirect()->back()->with('currentPage', $currentPage); }
/** * Upload single file via AJAX */ public function upload(Request $request) { // check if a valid file was submitted if ($request->hasFile('file') && $request->file('file')->isValid() && $request->has('file_category_id')) { // use the helper function $file = saveUploadedFile($request); $file->save(); return response()->json(['status' => 200, 'data' => $file]); } return response()->json(['status' => 404, 'data' => 'Incomplete request'], 404); }
public function form() { //let's see with which kind of object we are dealing with $obj = $this->getContactById(); if (!$obj) { if ($add_value = uri_assoc('add')) { //retrieving uid from GET if ($add_value) { $obj = $add_value; } } } if ($obj) { $this->{$obj}->setFormRules(); } if (!empty($obj) && $this->{$obj}->validateForm()) { //it's a submit and the form has been validated. Let's check if there is any binary file uploaded $upload_info = saveUploadedFile(); //TODO error handling if (is_array($upload_info['data'])) { $this->load->helper('file'); foreach ($upload_info['data'] as $element => $element_status) { //reads the file and converts it in base64 and stores it in $obj if ($element_status['full_path']) { $binary_file = base64_encode(read_file($element_status['full_path'])); if ($binary_file) { $this->{$obj}->{$element} = $binary_file; } unlink($element_status['full_path']); } } } //ready to save in ldap if ($this->{$obj}->save()) { if (isset($this->{$obj}->uid)) { redirect(site_url() . "/contact/details/uid/" . $this->{$obj}->uid); } if (isset($this->{$obj}->oid)) { redirect(site_url() . "/contact/details/oid/" . $this->{$obj}->oid); } //this brings back to the previous page //redirect($this->session->userdata('last_index')); } } //it's not a form submit if ($obj) { //unset the errors found during the validation step, otherwise when a new contact is being created it gets errors $form_validation_obj =& _get_validation_object(); $form_validation_obj->reset_errors(); //the contact is set so it's an early stage update and it needs to fill the form with the contact's data $contact_id = $this->{$obj}->uid ? $this->{$obj}->uid : $this->{$obj}->oid; if (!$contact_id) { //it's not an update but a new contact creation $form = $this->input->post('form'); switch ($this->{$obj}->objName) { case 'person': if (empty($form)) { //this means that the form has been submitted automatically by js => no contacts found in the search $first_name = $this->input->post('first_name'); $last_name = $this->input->post('last_name'); } else { foreach ($form as $item) { if ($item['field'] == 'first_name') { $first_name = $item['value']; } if ($item['field'] == 'last_name') { $last_name = $item['value']; } } } if (isset($first_name) && $first_name) { $this->{$obj}->givenName = $first_name; } if (isset($last_name) && $last_name) { $this->{$obj}->sn = $last_name; } break; case 'organization': if (empty($form)) { $organization_name = $this->input->post('organization_name'); } if (isset($organization_name) && $organization_name) { $this->{$obj}->o = $organization_name; } break; } } //preparing the form foreach ($this->{$obj}->properties as $key => $property) { $this->mdl_contacts->form_values[$key] = $this->{$obj}->{$key}; } //for test purposes //$o = $this->$obj; //sets form submit url if (isset($this->{$obj}->uid) && !empty($this->{$obj}->uid)) { $form_url = site_url() . "/contact/form/uid/" . $this->{$obj}->uid; } if (isset($this->{$obj}->oid) && !empty($this->{$obj}->oid)) { $form_url = site_url() . "/contact/form/oid/" . $this->{$obj}->oid; } if (!isset($form_url)) { $form_url = site_url() . "/contact/form/add/" . $obj; } } else { //the contact is not set. So it provides an empty form to add a new contact if ($add_value = uri_assoc('add')) { //retrieving uid from GET if ($add_value) { $obj = $add_value; } } $this->{$obj}->setFormRules(); $form_url = site_url() . "/contact/form/add/" . $obj; } //TODO what is this? // $client_settings = $this->input->post('client_settings'); //this retrieves other info about the contact that have nothing to do with the contact itself //TODO later. MCB stuff // $this->load->model( // array( // 'mcb_data/mdl_mcb_client_data', // 'invoices/mdl_invoice_groups' // ) // ); //it's not a submit so let's fill the form with customer's data //TODO later. MCB stuff //$this->load->model('templates/mdl_templates'); //$this->mdl_contacts->prep_validation($contact_id); $data = array('contact' => $this->{$obj}, 'form_url' => $form_url); $data['form'] = $this->plenty_parser->parse('form.tpl', $data, true, 'smarty', 'contact'); $data['actions_panel'] = $this->plenty_parser->parse('actions_panel.tpl', $data, true, 'smarty', 'contact'); $this->load->view('form', $data); }