public function save(array $values, Validation $validation = NULL) { $parent_return = parent::save($values, $validation); $prop_values = Arr::get($values, 'properties', array()); if (Ku_Upload::valid($prop_values)) { $prop_values = Helper_Property::extract_files($prop_values); } $files = Arr::get($_FILES, 'properties', array()); $prop_values = $prop_values + Helper_Property::extract_files($files); unset($files); if (!empty($prop_values)) { $orm = $this->_orm; $user_id = 0; if (array_key_exists('creator_id', $orm->table_columns())) { $user_id = $orm->creator_id; } $helper_propery = $this->property_helper(); $helper_propery->set_owner_id($orm->id); $helper_propery->set_user_id($user_id); foreach ($prop_values as $_name => $_value) { $helper_propery->set($_name, $_value); } $this->property_cache_clear(); } return $parent_return; }
public function action_index() { $value = $_FILES['upload']; if (is_array($value) and Ku_Upload::valid($value) and Ku_Upload::not_empty($value)) { $md5 = md5($value['name']); $save_path = DOCROOT . 'upload' . DIRECTORY_SEPARATOR . 'editor' . DIRECTORY_SEPARATOR . str_pad($this->site_id, 2, '0', STR_PAD_LEFT) . DIRECTORY_SEPARATOR . date('Y') . DIRECTORY_SEPARATOR . substr($md5, 0, 2) . DIRECTORY_SEPARATOR . substr($md5, 2, 2) . DIRECTORY_SEPARATOR; Ku_Dir::make_writable($save_path); $filename = Ku_File::safe_name($value['name'], TRUE, $this->max_filename_length); $prefix = uniqid() . '_'; while (file_exists($save_path . $prefix . $filename)) { $prefix = uniqid() . '_'; } $filename = Ku_Upload::save($value, $prefix . $filename, $save_path); $filename = 'upload' . str_replace(array(realpath(DOCROOT . 'upload'), DIRECTORY_SEPARATOR), array('', '/'), $filename); if (!$filename) { Kohana::$log->add(Log::ERROR, 'Exception occurred: :exception. [:file][:line] ', array(':file' => Debug::path(__FILE__), ':line' => __LINE__, ':exception' => 'File not saved')); } echo str_replace(array('{FUNCTION}', '{SRC}'), array(Request::initial()->query('CKEditorFuncNum'), URL::base() . $filename), $this->template); } }
/** * Check if file has been saved to a temporary persistent directory. * * @param array uploaded file data * @param string session key for persistent uploaded files * @return boolean TRUE if file temporary saved, FALSE if file not saved */ public static function persistent_check(array &$file, $sess_key = NULL) { static $cache = array(); $input_name = Arr::get($file, 'input_name'); if (isset($cache[$input_name])) { return FALSE; } $cache[$input_name] = TRUE; $sess_key === NULL and $sess_key = Ku_Upload::persistent_key($input_name); $sess_file = NULL; // Get all of the session data as an array $_SESSION =& Session::instance()->as_array(); if (!empty($_SESSION['persistents']) and is_array($_SESSION['persistents']) and isset($_SESSION['persistents'][$sess_key])) { $sess_file = $_SESSION['persistents'][$sess_key]; } if ($sess_file) { if (parent::valid($file) and !parent::not_empty($file)) { if (isset($sess_file['persistent']) and isset($sess_file['persistent_key']) and $sess_file['persistent_key'] === $sess_key) { $filename = $sess_file['persistent']; // Make sure the directory ends with a slash $directory = dirname($filename) . DIRECTORY_SEPARATOR; // Delete old persistent files from this directory Ku_Upload::persistent_gc($directory); // Refresh timestamp in the file name $new_filename = preg_replace('/persistent~\\d+~/', 'persistent~' . time() . '~', $filename); if (file_exists($filename) and is_file($filename) and rename($filename, $new_filename)) { $sess_file['persistent'] = $new_filename; // Save information about temporary saved file in the session $_SESSION['persistents'][$sess_key] = $sess_file; // Update file $file = $sess_file; // Update $_FILES $_FILES[$input_name] = $sess_file; return TRUE; } } } Ku_Upload::persistent_delete($sess_file); } return FALSE; }
/** * Saves file and returns file name * * @param string $field File field name * @param mixed $value File field value * @return string */ public function file_save($field, $value) { $this->_check_file_field($field); $config = $this->_file_fields[$field]; $base_path = $this->file_path($field, ''); // Upload a file? if (is_array($value) and Ku_Upload::valid($value) and Ku_Upload::not_empty($value)) { // Get path to save file $sub_dir = $this->file_sub_dir($field, $value['name']); $save_path = $base_path . $sub_dir; // Create and make directory writable Ku_Dir::make_writable($base_path . $sub_dir, $config['dir_chmod']); // Generate safe filename $filename = Ku_File::safe_name($value['name'], TRUE, $config['max_filename_length']); $prefix = ''; if ($config['force_unique_prefix']) { // Make unique filename $prefix = uniqid() . '_'; } while (file_exists($save_path . $prefix . $filename)) { // Make unique filename to prevent override existing file $prefix = uniqid() . '_'; } $filename = $prefix . $filename; $filename = Ku_Upload::save($value, $filename, $save_path, $config['file_chmod']); if (!$filename) { throw new Kohana_Exception('File :filename not saved to a field :field of model :model', array(':filename' => $value['name'], ':field' => $field, ':model' => $this->_orm->object_name())); } } elseif (is_string($value) and is_file($value)) { // Test allowed source directories if (!is_array($config['allowed_src_dirs']) or empty($config['allowed_src_dirs'])) { throw new Kohana_Exception('Field :field of model :model has no allowed source directories', array(':field' => $field, ':model' => $this->_orm->object_name())); } foreach ($config['allowed_src_dirs'] as $dir) { if (strpos(realpath($value), realpath($dir)) === 0) { // Allowed directory found $allowed_dir = $dir; break; } } if (!isset($allowed_dir)) { // Allowed directory not found throw new Kohana_Exception('File :filename is not in the allowed source directory of field :field of model :model', array(':filename' => Debug::path($value), ':field' => $field, ':model' => $this->_orm->object_name())); } // Get path to save file $sub_dir = $this->file_sub_dir($field, basename($value)); $save_path = $base_path . $sub_dir; // Create and make directory writable Ku_Dir::make_writable($base_path . $sub_dir, Arr::get($config, 'dir_chmod')); // Generate safe filename $filename = Ku_File::safe_name(basename($value), TRUE, $config['max_filename_length']); if ($value !== $save_path . $filename) { $prefix = ''; if ($config['force_unique_prefix']) { // Make unique filename $prefix = uniqid() . '_'; } while (file_exists($save_path . $prefix . $filename)) { // Make unique filename to prevent override existing file $prefix = uniqid() . '_'; } $filename = $prefix . $filename; if (rename($value, $save_path . $filename)) { $filename = $save_path . $filename; } else { // File not saved throw new Kohana_Exception('File :filename not saved to a field :field of model :model', array(':filename' => Debug::path($value), ':field' => $field, ':model' => $this->_orm->object_name())); } } else { $filename = $value; } } else { throw new Kohana_Exception('Invalid file parameter :value for field :field of model :model', array(':value' => (string) $value, ':field' => $field, ':model' => $this->_orm->object_name())); } if (!empty($filename)) { try { chmod($filename, $config['file_chmod']); } catch (Exception $e) { Kohana::$log->add(Log::ERROR, 'Exception occurred: :exception. [:file][:line] ', array(':file' => Debug::path(__FILE__), ':line' => __LINE__, ':exception' => $e->getMessage())); } // Save only path relative base path $save_value = $sub_dir . basename($filename); $save_value = ltrim(str_replace('\\', '/', $save_value), '/'); // Assign ORM field $this->_orm->{$field} = $save_value; } return $filename; }
/** * Validation rule to test if an file is allowed by file size. * File sizes are defined as: SB, where S is the size (1, 15, 300, etc) and * B is the byte modifier: (B)ytes, (K)ilobytes, (M)egabytes, (G)igabytes. * * // Assigned file must be 1MB or less * $validate->rule('file', 'Ku_File::size', array('1M')) * * @param mixed $_FILES item or filepath or filename * @param string maximum file size * @return bool */ public static function size($file, $size) { if (is_array($file)) { return Ku_Upload::size($file, $size); } if (empty($file) or basename($file) == $file) { return TRUE; } // Only one size is allowed $size = strtoupper($size); if (!preg_match('/[0-9]++[BKMG]/', $size)) { return FALSE; } // Make the size into a power of 1024 switch (substr($size, -1)) { case 'G': $size = intval($size) * pow(1024, 3); break; case 'M': $size = intval($size) * pow(1024, 2); break; case 'K': $size = intval($size) * pow(1024, 1); break; default: $size = intval($size); break; } if (!is_file($file)) { return FALSE; } // Test that the file is under or equal to the max size return filesize($file) <= $size; }