/** * Handles the upload request. This is a static function to ensure that it is easily * accessible to other classes without having to instantiate a {@link Controller} object. * A lot of this code is lifted from {@link AssetAdmin}. * * @todo Error handling on this is crap. * @param SS_HTTPRequest * @param Folder A folder that will be the destination of the upload. * @return array|string */ public static function handle_upload(SS_HTTPRequest $r, $folder = null, $allowed_extensions = null) { if (!$folder) { $folder = singleton('Folder'); } $newFiles = array(); $errorResponse = ""; if (isset($_FILES['file']) && is_array($_FILES['file'])) { $file_array = $_FILES['file']; foreach ($file_array['tmp_name'] as $index => $value) { if (is_uploaded_file($value)) { $tmpFile = array('tmp_name' => $value, 'name' => $file_array['name'][$index], 'size' => $file_array['size'][$index], 'error' => $file_array['error'][$index]); // validate files (only if not logged in as admin) if (!File::$apply_restrictions_to_admin && Permission::check('ADMIN')) { $valid = true; } else { // Set up the validator instance with rules $validator = new Upload_Validator(); if (!$allowed_extensions) { $allowed_extensions = File::$allowed_extensions; } $validator->setAllowedExtensions($allowed_extensions); $validator->setAllowedMaxFileSize(self::$allowed_max_file_size); // Do the upload validation with the rules $upload = new Upload(); $upload->setValidator($validator); $valid = $upload->validate($tmpFile); if (!$valid) { $errors = $upload->getErrors(); if ($errors) { foreach ($errors as $error) { $errorResponse .= $error; } } } } // move file to given folder if ($valid) { $newFile = $folder->addUploadToFolder($tmpFile); $newFiles[] = $newFile; } else { return $errorResponse; } foreach ($newFiles as $newFile) { $fileIDs[] = $newFile; $fileObj = DataObject::get_one('File', "\"File\".\"ID\"={$newFile}"); if (method_exists($fileObj, 'onAfterUpload')) { $fileObj->onAfterUpload(); } } } } } else { return "File is too large."; } return $newFiles; }
public function validate($validator) { if (!isset($_FILES[$this->name])) { return true; } $tmpFile = $_FILES[$this->name]; $valid = $this->upload->validate($tmpFile); if (!$valid) { $errors = $this->upload->getErrors(); if ($errors) { foreach ($errors as $error) { $validator->validationError($this->name, $error, "validation", false); } } return false; } return true; }
public function testInvalidFileExtensionValidatingMimeType() { // setup plaintext file with invalid extension $tmpFileName = 'UploadTest-testUpload.jpg'; $tmpFilePath = TEMP_FOLDER . '/' . $tmpFileName; $tmpFileContent = ''; for ($i = 0; $i < 10000; $i++) { $tmpFileContent .= '0'; } file_put_contents($tmpFilePath, $tmpFileContent); // emulates the $_FILES array $tmpFile = array('name' => $tmpFileName, 'size' => filesize($tmpFilePath), 'tmp_name' => $tmpFilePath, 'extension' => 'jpg', 'error' => UPLOAD_ERR_OK); $u = new Upload(); $u->setValidator(new MimeUploadValidator()); $result = $u->load($tmpFile); $errors = $u->getErrors(); $this->assertFalse($result, 'Load failed because file extension does not match excepted MIME type'); $this->assertEquals('File extension does not match known MIME type', $errors[0]); unlink($tmpFilePath); }
/** * This method processes the results of the UploadForm. * It will save the uploaded files to /assets/ and create new File objects as required. */ function doUpload($data, $form) { $newFiles = array(); $fileIDs = array(); $fileNames = array(); $fileSizeWarnings = ''; $uploadErrors = ''; $jsErrors = ''; $status = ''; $statusMessage = ''; $processedFiles = array(); foreach ($data['Files'] as $param => $files) { if (!is_array($files)) { $files = array($files); } foreach ($files as $key => $value) { $processedFiles[$key][$param] = $value; } } // Load POST data from arrays in to the correct dohickey. $processedData = array(); foreach ($data as $dataKey => $value) { if ($dataKey == 'Files') { continue; } if (is_array($value)) { $i = 0; foreach ($value as $fileId => $dataValue) { if (!isset($processedData[$i])) { $processedData[$i] = array(); } $processedData[$i][$dataKey] = $dataValue; $i++; } } } $processedData = array_reverse($processedData); if ($data['FolderID'] && $data['FolderID'] != '') { $folder = DataObject::get_by_id("Folder", $data['FolderID']); if (!$folder) { throw new InvalidArgumentException(sprintf("Folder #%d doesn't exist", (int) $data['FolderID'])); } } else { $folder = singleton('Folder'); } foreach ($processedFiles as $filePostId => $tmpFile) { if ($tmpFile['error'] == UPLOAD_ERR_NO_TMP_DIR) { $status = 'bad'; $statusMessage = _t('AssetAdmin.NOTEMP', 'There is no temporary folder for uploads. Please set upload_tmp_dir in php.ini.'); break; } if ($tmpFile['tmp_name']) { // Workaround open_basedir problems if (ini_get("open_basedir")) { $newtmp = TEMP_FOLDER . '/' . $tmpFile['name']; move_uploaded_file($tmpFile['tmp_name'], $newtmp); $tmpFile['tmp_name'] = $newtmp; } // validate files (only if not logged in as admin) if (!File::$apply_restrictions_to_admin && Permission::check('ADMIN')) { $valid = true; } else { // Set up the validator instance with rules $validator = new Upload_Validator(); $validator->setAllowedExtensions(File::$allowed_extensions); $validator->setAllowedMaxFileSize(self::$allowed_max_file_size); // Do the upload validation with the rules $upload = new Upload(); $upload->setValidator($validator); $valid = $upload->validate($tmpFile); if (!$valid) { $errors = $upload->getErrors(); if ($errors) { foreach ($errors as $error) { $jsErrors .= "alert('" . Convert::raw2js($error) . "');"; } } } } // move file to given folder if ($valid) { if ($newFile = $folder->addUploadToFolder($tmpFile)) { if (self::$metadata_upload_enabled && isset($processedData[$filePostId])) { $fileObject = DataObject::get_by_id('File', $newFile); $metadataForm = new Form($this, 'MetadataForm', $fileObject->uploadMetadataFields(), new FieldSet()); $metadataForm->loadDataFrom($processedData[$filePostId]); $metadataForm->saveInto($fileObject); $fileObject->write(); } $newFiles[] = $newFile; } } } } if ($newFiles) { $numFiles = sizeof($newFiles); $statusMessage = sprintf(_t('AssetAdmin.UPLOADEDX', "Uploaded %s files"), $numFiles); $status = "good"; } else { if ($status != 'bad') { $statusMessage = _t('AssetAdmin.NOTHINGTOUPLOAD', 'There was nothing to upload'); $status = ""; } } $fileObj = false; foreach ($newFiles as $newFile) { $fileIDs[] = $newFile; $fileObj = DataObject::get_one('File', "\"File\".\"ID\"={$newFile}"); // notify file object after uploading if (method_exists($fileObj, 'onAfterUpload')) { $fileObj->onAfterUpload(); } $fileNames[] = $fileObj->Name; } // workaround for content editors image upload.Passing an extra hidden field // in the content editors view of 'UploadMode' @see HtmlEditorField // this will be refactored for 2.5 if (isset($data['UploadMode']) && $data['UploadMode'] == "CMSEditor" && $fileObj) { // we can use $fileObj considering that the uploader in the cmseditor can only upload // one file at a time. Once refactored to multiple files this is going to have to be changed $width = is_a($fileObj, 'Image') ? $fileObj->getWidth() : '100'; $height = is_a($fileObj, 'Image') ? $fileObj->getHeight() : '100'; $values = array('Filename' => $fileObj->Filename, 'Width' => $width, 'Height' => $height); return Convert::raw2json($values); } $sFileIDs = implode(',', $fileIDs); $sFileNames = implode(',', $fileNames); echo <<<HTML \t\t\t<script type="text/javascript"> \t\t\t/* IDs: {$sFileIDs} */ \t\t\t/* Names: {$sFileNames} */ \t\t\t \t\t\tvar form = parent.document.getElementById('Form_EditForm'); \t\t\tparent.statusMessage("{$statusMessage}","{$status}"); \t\t\t{$jsErrors} \t\t\tparent.document.getElementById('sitetree').getTreeNodeByIdx( "{$folder->ID}" ).getElementsByTagName('a')[0].className += ' contents'; \t\t\tform.getPageFromServer(form.elements.ID.value); \t\t\t</script> HTML; }
public function testUploadDeniesNoExtensionFilesIfNoEmptyStringSetForValidatorExtensions() { // create tmp file $tmpFileName = 'UploadTest-testUpload'; $tmpFilePath = TEMP_FOLDER . '/' . $tmpFileName; $tmpFileContent = ''; for ($i = 0; $i < 10000; $i++) { $tmpFileContent .= '0'; } file_put_contents($tmpFilePath, $tmpFileContent); // emulates the $_FILES array $tmpFile = array('name' => $tmpFileName, 'type' => 'text/plaintext', 'size' => filesize($tmpFilePath), 'tmp_name' => $tmpFilePath, 'extension' => '', 'error' => UPLOAD_ERR_OK); $v = new UploadTest_Validator(); $v->setAllowedExtensions(array('txt')); // test upload into default folder $u = new Upload(); $result = $u->loadIntoFile($tmpFile); $this->assertFalse($result, 'Load failed because extension was not accepted'); $this->assertEquals(1, count($u->getErrors()), 'There is a single error of the file extension'); }
private function validForm() { $this->load->lib('validator'); if (!$this->login->hasPermission('modify', 'image')) { $this->error['warning'] = 'keine berechtigung'; } if (!$this->lib_validator->validateItem($this->request->post['title'], 'anything', 4, 64)) { $this->error['title'] = 'Falsche Eingabe bei Title !'; } if (!$this->lib_validator->validateItem($this->request->post['desc'], 'anything', 4, 64)) { $this->error['desc'] = 'Falsche Eingabe bei Description !'; } $up = new \Upload(); $up::init(array('png', 'jpeg', 'jpg'), array('min-width' => 315, 'min-height' => 150, 'max-width' => 1920, 'max-height' => 1080), 2000000, DIR_IMAGE . 'posts'); if (!$up->check('image')) { $this->error['image'] = implode('<br>', $up->getErrors('image')); } return !$this->error; }
/** * @param ISummit $summit * @param $speaker_id * @param $tmp_file * @return BetterImage */ public function uploadSpeakerPic(ISummit $summit, $speaker_id, $tmp_file) { $speaker_repository = $this->speaker_repository; return $this->tx_service->transaction(function () use($summit, $speaker_id, $tmp_file, $speaker_repository) { $speaker_id = intval($speaker_id); $speaker = $speaker_repository->getById($speaker_id); if (is_null($speaker)) { throw new NotFoundEntityException('PresentationSpeaker'); } $image = new BetterImage(); $upload = new Upload(); $validator = new Upload_Validator(); $validator->setAllowedExtensions(array('png', 'jpg', 'jpeg', 'gif')); $validator->setAllowedMaxFileSize(800 * 1024); // 300Kb $upload->setValidator($validator); if (!$upload->loadIntoFile($tmp_file, $image, 'profile-images')) { throw new EntityValidationException($upload->getErrors()); } $image->write(); return $image; }); }
<?php // This class is needed for upload require_once 'Upload.php'; // Create the instance and pass in the files array $upload = new Upload($_FILES['files']); // Set the upload directory $upload->setDir('github/PHP-File-Multiupload/upload'); // Upload the files $upload->upload(); // Get error messages if any if ($errors = $upload->getErrors()) { print_r($errors); } // Get names of uploaded files if ($files = $upload->getUploadedFilesNames()) { print_r($files); }
/** * Management for options * * @since 0.1 */ function manage_options_for_wp_represent_map() { $errors = array(); $upload = new Upload(); $wp_upload_dir = wp_upload_dir(); $upload->setBasePath($wp_upload_dir['basedir'] . '/map-icons'); $upload->appendAllowedType('image/png'); if (isset($_POST)) { if (isset($_POST['_wp_represent_map_default_city'])) { $wp_represent_map_default_city = filter_input(INPUT_POST, '_wp_represent_map_default_city', FILTER_SANITIZE_STRING); $wp_represent_map_default_lat_lng = filter_input(INPUT_POST, '_wp_represent_map_default_lat_lng', FILTER_SANITIZE_STRING); $option_data = array('_wp_represent_map_default_city' => $wp_represent_map_default_city, '_wp_represent_map_default_lat_lng' => $wp_represent_map_default_lat_lng); if (update_option('wp-represent-map', $option_data)) { $_SESSION['message'] = __('Options saved with success', 'wp-represent-map'); } else { $_SESSION['message'] = __('No changes made', 'wp-represent-map'); } wp_redirect(admin_url() . 'options-general.php?page=wp-represent-map/wp-represent-map.php'); exit; } if (isset($_FILES) && !empty($_FILES)) { $filename = filter_input(INPUT_POST, 'map_type', FILTER_SANITIZE_STRING); $_FILES['pin']['name'] = $filename; $upload->prepareUpload($_FILES['pin'])->flush(); $errors = $upload->getErrors(); if (empty($errors)) { $_SESSION['message'] = __('Pin uploaded with success', 'wp-represent-map'); } else { $_SESSION['message'] = __(sprintf('Fail to upload the file. Info: %s', implode(', ', $errors)), 'wp-represent-map'); } wp_redirect(admin_url() . 'options-general.php?page=wp-represent-map/wp-represent-map.php&tab=markers'); exit; } } if (isset($_GET['delete']) && !empty($_GET['delete'])) { $delete = base64_decode(filter_input(INPUT_GET, 'delete', FILTER_SANITIZE_STRING)); $upload->removeFile($delete . '.png'); $removeErrors = $upload->getErrors(); if (empty($errors)) { $errors = $removeErrors; } else { array_push($errors, $removeErrors); } if (empty($removeErrors)) { $_SESSION['message'] = __('Pin removed with success', 'wp-represent-map'); } else { $_SESSION['message'] = __(sprintf('Fail to delete Pin. Info: $s', implode($removeErrors)), 'wp-represent-map'); } wp_redirect(admin_url() . 'options-general.php?page=wp-represent-map/wp-represent-map.php&tab=markers'); exit; } if (!empty($errors)) { $errors = implode('<br />', $errors); } $options_values = get_option('wp-represent-map'); ?> <link rel="stylesheet" href="<?php echo plugins_url('assets/css/represent-map.css', dirname(dirname(__FILE__))); ?> " /> <div class="wrap"> <div id="icon-options-general" class="icon32"><br></div> <h2><?php echo __('Wp Represent Map Settings', 'wp-represent-map'); ?> </h2> <?php if (!empty($errors)) { ?> <br /> <div class="update-nag"> <?php echo $errors; ?> </div> <?php } ?> <?php if ($_SESSION['message']) { ?> <div class="message updated"> <p><?php echo $_SESSION['message']; ?> </p> </div> <?php $_SESSION['message'] = false; } ?> <div class="page-content"> <h2 class="nav-tab-wrapper woo-nav-tab-wrapper"> <a href="#" id="positioning-click" class="nav-tab nav-tab-active"> <?php echo __('Default coordenates', 'wp-represent-map'); ?> </a> <a href="#" id="markers-click" class="nav-tab "> <?php echo __('Markers', 'wp-represent-map'); ?> </a> </h2> <div id="positioning"> <form name="form" action="" method="post"> <p><?php echo __('Change your location and another stuffs', 'wp-represent-map'); ?> </p> <h3><?php echo __('Settings', 'wp-represent-map'); ?> </h3> <table class="form-table permalink-structure permalink-structure-wp-represent-map"> <tbody> <tr> <th> <label> <?php echo __('Default City', 'wp-represent-map'); ?> </label> </th> <td> <input type="text" name="_wp_represent_map_default_city" value="<?php echo @$options_values['_wp_represent_map_default_city']; ?> "> </td> </tr> <tr> <th> <label> <?php echo __('Default Lat Lng', 'wp-represent-map'); ?> <a href="#" onclick="return false" title="<?php echo __('Lat and Long is need to determine the center of the map on default screen', 'wp-represent-map'); ?> "> <strong>?</strong> </a> </label> </th> <td> <input type="text" name="_wp_represent_map_default_lat_lng" value="<?php echo @$options_values['_wp_represent_map_default_lat_lng']; ?> "> <a href="#" title="<?php echo __('How I discover Lat Lng?', 'wp-represent-map'); ?> " id="ShowTipLatLng"> <img src="../wp-content/plugins/wp-represent-map/assets/img/info.png"> </a> </td> </tr> <tr id="TipLatLng"> <td colspan="2"> <div class="update-nag update-nag-wp-represent-map"> <?php echo __('Go at http://maps.google.com.br and follow these steps <br />1: type your location, browse to center map where you want<br />2: at the options click in a chain icon, browse in the link has open at his side, <br />copy the values like the step 3', 'wp-represent-map'); ?> <br /> <img src="../wp-content/plugins/wp-represent-map/assets/img/map-lat-lng.png"> </div> </td> </tr> </tbody> </table> <br clear="all"> <p class="submit"> <input type="submit" name="submit" id="submit" class="button button-primary" value="<?php echo __('Save Changes', 'wp-represent-map'); ?> "> </p> </form> </div> <div id="markers"> <?php $icons = array(); $path = opendir('../wp-content/uploads/map-icons'); while ($file = readdir($path)) { if ('.' != $file && '..' != $file) { $icons[$file] = $file; } } closedir($path); $terms = get_categories(array('type' => 'represent_map', 'taxonomy' => 'represent_map_type')); $categories = array(); if (!empty($terms)) { foreach ($terms as $t) { if (0 == $t->parent) { $categories[$t->term_id] = $t; unset($terms[$t->term_id]); } } } foreach ($terms as $cat) { if (!empty($cat->name) && !empty($cat->parent)) { $categories[$cat->parent]->children[] = $cat; } } ?> <form action="" name="markers" method="post" enctype="multipart/form-data"> <h3><?php echo __('Create or update a pin', 'wp-represent-map'); ?> </h3> <?php echo __('Link to: ', 'wp-represent-map'); ?> <select name="map_type"> <option value="default.png"><?php echo __('Default', 'wp-represent-map'); ?> </option> <?php if (!empty($categories)) { ?> <?php foreach ($categories as $category) { ?> <?php ?> <option value="<?php echo $category->term_id . '-' . $category->slug; ?> .png"><?php echo $category->name; ?> </option> <?php if (!empty($category->children)) { ?> <?php foreach ($category->children as $child) { ?> <option value="<?php echo $child->term_id . '-' . $child->slug; ?> .png"> <?php echo $child->name; ?> </option> <?php } ?> <?php } ?> <?php } ?> <?php } ?> </select> <input type="file" name="pin" > <input type="submit" class="submit-marker button-primary" value="<?php echo __('Save Changes', 'wp-represent-map'); ?> "> </form> <h4><?php echo __('Info:', 'wp-represent-map'); ?> </h4> <?php echo __('Image type: ', 'wp-represent-map'); ?> <b>PNG</b><br /> <?php echo __('Max width: ', 'wp-represent-map'); ?> <b>31px</b><br /> <?php echo __('Max height: ', 'wp-represent-map'); ?> <b>42px</b><br /> <hr> <h3> <?php echo __('Current markers', 'wp-represent-map'); ?> </h3> <table class="widefat" cellspacing="0"> <thead> <tr> <th> <b><?php echo __('Name', 'wp-represent-map'); ?> </b> </th> <th> <b><?php echo __('Icon', 'wp-represent-map'); ?> </b> </th> <th> <b><?php echo __('Actions', 'wp-represent-map'); ?> </b> </th> </tr> </thead> <tfoot> <tr> <th> <b><?php echo __('Name', 'wp-represent-map'); ?> </b> </th> <th> <b><?php echo __('Icon', 'wp-represent-map'); ?> </b> </th> <th> <b><?php echo __('Actions', 'wp-represent-map'); ?> </b> </th> </tr> </tfoot> <tbody> <tr> <td><?php echo __('Default Marker', 'wp-represent-map'); ?> </td> <td> <?php $upload_dir = wp_upload_dir(); ?> <?php if (file_exists($upload_dir['basedir'] . '/map-icons/default.png')) { ?> <img src="<?php echo home_url(); ?> /wp-content/uploads/map-icons/default.png" > <?php } else { ?> <?php echo __('Not pin yet', 'wp-represent-map'); ?> <?php } ?> </td> <td>---</td> </tr> <?php if (!empty($categories)) { ?> <?php foreach ($categories as $category) { ?> <tr> <td><?php echo $category->name; ?> </td> <td> <?php if (array_key_exists($category->term_id . '-' . $category->slug . '.png', $icons) && file_exists('../wp-content/uploads/map-icons/' . $icons[$category->term_id . '-' . $category->slug . '.png'])) { ?> <img src="<?php echo home_url(); ?> /wp-content/uploads/map-icons/<?php echo $icons[$category->term_id . '-' . $category->slug . '.png']; ?> " > <?php } else { ?> <?php echo __('Not pin yet', 'wp-represent-map'); ?> <?php } ?> </td> <td> <a href="<?php echo admin_url(); ?> /options-general.php?page=wp-represent-map/wp-represent-map.php&tab=markers&delete=<?php echo base64_encode($category->term_id . '-' . $category->slug); ?> " class="delete"> <?php echo __('Delete', 'wp-represent-map'); ?> </a> </td> </tr> <?php if (!empty($category->children)) { ?> <?php foreach ($category->children as $child) { ?> <tr> <td><?php echo $category->name . ' - ' . $child->name; ?> </td> <td> <?php if (array_key_exists($child->term_id . '-' . $child->slug . '.png', $icons) && file_exists('../wp-content/uploads/map-icons/' . $icons[$child->term_id . '-' . $child->slug . '.png'])) { ?> <img src="<?php echo home_url(); ?> /wp-content/uploads/map-icons/<?php echo $icons[$child->term_id . '-' . $child->slug . '.png']; ?> " > <?php } else { ?> <?php echo __('Not pin yet', 'wp-represent-map'); ?> <?php } ?> </td> <td> <a href="<?php echo admin_url(); ?> /options-general.php?page=wp-represent-map/wp-represent-map.php&tab=markers&delete=<?php echo base64_encode($child->term_id . '-' . $child->slug); ?> " class="delete"> <?php echo __('Delete', 'wp-represent-map'); ?> </a> </td> </tr> <?php } ?> <?php } ?> <?php } ?> <?php } ?> </tbody> </table> </div> </div> </div> <script> jQuery(document).ready(function($) { $("#ShowTipLatLng").click(function() { $("#TipLatLng").toggle("slow"); return false; }); $("#positioning-click").bind("click", function(){ $("#markers").hide(); $("#markers-click").removeClass("nav-tab-active"); $("#positioning-click").addClass("nav-tab-active"); $("#positioning").show(); return false; }); $("#markers-click").bind("click", function(){ $("#positioning").hide(); $("#positioning-click").removeClass("nav-tab-active"); $("#markers-click").addClass("nav-tab-active"); $("#markers").show(); return false; }); $(".delete").bind("click", function(){ return confirm("<?php echo __('Are you sure you want to delete the item icon?', 'wp-represent-map'); ?> "); }); $(".submit-marker").bind("click", function(){ return confirm("<?php echo __('This will override the current pin if exists. Do you wish continue?', 'wp-represent-map'); ?> "); }); <?php if (isset($_GET['tab']) && 'markers' == $_GET['tab']) { ?> $("#positioning").hide(); $("#positioning-click").removeClass("nav-tab-active"); $("#markers-click").addClass("nav-tab-active"); $("#markers").show(); <?php } ?> }); </script> <?php }
/** * This method processes the results of the UploadForm. * It will save the uploaded files to /assets/ and create new File objects as required. */ function doUpload($data, $form) { foreach ($data['Files'] as $param => $files) { if (!is_array($files)) { $files = array($files); } foreach ($files as $key => $value) { $processedFiles[$key][$param] = $value; } } if ($data['ID'] && $data['ID'] != 'root') { $folder = DataObject::get_by_id("Folder", $data['ID']); } else { $folder = singleton('Folder'); } $newFiles = array(); $fileSizeWarnings = ''; $uploadErrors = ''; $jsErrors = ''; $status = ''; $statusMessage = ''; foreach ($processedFiles as $tmpFile) { if ($tmpFile['error'] == UPLOAD_ERR_NO_TMP_DIR) { $status = 'bad'; $statusMessage = _t('AssetAdmin.NOTEMP', 'There is no temporary folder for uploads. Please set upload_tmp_dir in php.ini.'); break; } if ($tmpFile['tmp_name']) { // Workaround open_basedir problems if (ini_get("open_basedir")) { $newtmp = TEMP_FOLDER . '/' . $tmpFile['name']; move_uploaded_file($tmpFile['tmp_name'], $newtmp); $tmpFile['tmp_name'] = $newtmp; } // validate files (only if not logged in as admin) if (!self::$apply_restrictions_to_admin && Permission::check('ADMIN')) { $valid = true; } else { $upload = new Upload(); $upload->setAllowedExtensions(self::$allowed_extensions); $upload->setAllowedMaxFileSize(self::$allowed_max_file_size); $valid = $upload->validate($tmpFile); if (!$valid) { $errors = $upload->getErrors(); if ($errors) { foreach ($errors as $error) { $jsErrors .= "alert('" . Convert::raw2js($error) . "');"; } } } } // move file to given folder if ($valid) { $newFiles[] = $folder->addUploadToFolder($tmpFile); } } } if ($newFiles) { $numFiles = sizeof($newFiles); $statusMessage = sprintf(_t('AssetAdmin.UPLOADEDX', "Uploaded %s files"), $numFiles); $status = "good"; } else { if ($status != 'bad') { $statusMessage = _t('AssetAdmin.NOTHINGTOUPLOAD', 'There was nothing to upload'); $status = ""; } } $fileIDs = array(); $fileNames = array(); foreach ($newFiles as $newFile) { $fileIDs[] = $newFile; $fileObj = DataObject::get_one('File', "`File`.ID={$newFile}"); // notify file object after uploading if (method_exists($fileObj, 'onAfterUpload')) { $fileObj->onAfterUpload(); } $fileNames[] = $fileObj->Name; } $sFileIDs = implode(',', $fileIDs); $sFileNames = implode(',', $fileNames); echo <<<HTML \t\t\t<script type="text/javascript"> \t\t\t/* IDs: {$sFileIDs} */ \t\t\t/* Names: {$sFileNames} */ \t\t\t \t\t\tvar form = parent.document.getElementById('Form_EditForm'); \t\t\tform.getPageFromServer(form.elements.ID.value); \t\t\tparent.statusMessage("{$statusMessage}","{$status}"); \t\t\t{$jsErrors} \t\t\tparent.document.getElementById('sitetree').getTreeNodeByIdx( "{$folder->ID}" ).getElementsByTagName('a')[0].className += ' contents'; \t\t\t</script> HTML; }