private function upload_theme() { $folder_phpboost_themes = PATH_TO_ROOT . '/templates/'; if (!is_writable($folder_phpboost_themes)) { $is_writable = @chmod($folder_phpboost_themes, 0777); } else { $is_writable = true; } if ($is_writable) { $uploaded_file = $this->form->get_value('file'); if ($uploaded_file !== null) { $upload = new Upload($folder_phpboost_themes); if ($upload->file('upload_theme_file', '`([A-Za-z0-9-_]+)\\.(gz|zip)+$`i')) { $archive = $folder_phpboost_themes . $upload->get_filename(); if ($upload->get_extension() == 'gz') { include_once PATH_TO_ROOT . '/kernel/lib/php/pcl/pcltar.lib.php'; $archive_content = PclTarList($upload->get_filename()); } else { include_once PATH_TO_ROOT . '/kernel/lib/php/pcl/pclzip.lib.php'; $zip = new PclZip($archive); $archive_content = $zip->listContent(); } $archive_root_content = array(); $required_files = array('/config.ini', '/body.tpl', '/frame.tpl', '/theme/content.css', '/theme/design.css', '/theme/global.css'); foreach ($archive_content as $element) { if (substr($element['filename'], -1) == '/') { $element['filename'] = substr($element['filename'], 0, -1); } if (substr_count($element['filename'], '/') == 0) { $archive_root_content[] = array('filename' => $element['filename'], 'folder' => isset($element['folder']) && $element['folder'] == 1 || isset($element['typeflag']) && $element['typeflag'] == 5); } if (isset($archive_root_content[0])) { $name_in_archive = str_replace($archive_root_content[0]['filename'] . '/', '/', $element['filename']); if (in_array($name_in_archive, $required_files)) { unset($required_files[array_search($name_in_archive, $required_files)]); } } } if (count($archive_root_content) == 1 && $archive_root_content[0]['folder'] && empty($required_files)) { $theme_id = $archive_root_content[0]['filename']; if (!ThemesManager::get_theme_existed($theme_id)) { if ($upload->get_extension() == 'gz') { PclTarExtract($upload->get_filename(), $folder_phpboost_themes); } else { $zip->extract(PCLZIP_OPT_PATH, $folder_phpboost_themes, PCLZIP_OPT_SET_CHMOD, 0755); } $this->install_theme($theme_id, array('r-1' => 1, 'r0' => 1, 'r1' => 1)); } else { $this->view->put('MSG', MessageHelper::display(LangLoader::get_message('element.already_exists', 'status-messages-common'), MessageHelper::NOTICE)); } } else { $this->view->put('MSG', MessageHelper::display(LangLoader::get_message('error.invalid_archive_content', 'status-messages-common'), MessageHelper::NOTICE)); } $uploaded_file = new File($archive); $uploaded_file->delete(); } else { $this->view->put('MSG', MessageHelper::display($this->lang['themes.upload_invalid_format'], MessageHelper::NOTICE)); } } else { $this->view->put('MSG', MessageHelper::display(LangLoader::get_message('process.error', 'status-messages-common'), MessageHelper::NOTICE)); } } }
private function upload_module() { $modules_folder = PATH_TO_ROOT . '/'; if (!is_writable($modules_folder)) { $is_writable = @chmod($dir, 0755); } else { $is_writable = true; } if ($is_writable) { $file = $this->form->get_value('file'); if ($file !== null) { $modules_id = $file->get_name_without_extension(); if (ModulesManager::is_module_installed($modules_id)) { $upload = new Upload($modules_folder); $upload->disableContentCheck(); if ($upload->file('upload_module_file', '`([A-Za-z0-9-_]+)\\.(gz|zip)+$`i', false, 100000000, false)) { $archive_path = $modules_folder . $upload->get_filename(); if ($upload->get_extension() == 'gz') { include_once PATH_TO_ROOT . '/kernel/lib/php/pcl/pcltar.lib.php'; PclTarExtract($upload->get_filename(), $modules_folder); $file = new File($archive_path); $file->delete(); } else { if ($upload->get_extension() == 'zip') { include_once PATH_TO_ROOT . '/kernel/lib/php/pcl/pclzip.lib.php'; $zip = new PclZip($archive_path); $zip->extract(PCLZIP_OPT_PATH, $modules_folder, PCLZIP_OPT_SET_CHMOD, 0755); $file = new File($archive_path); $file->delete(); } else { $this->view->put('MSG', MessageHelper::display($this->lang['modules.upload_invalid_format'], MessageHelper::NOTICE, 4)); } } $this->upgrade_module($modules_id); } else { $this->view->put('MSG', MessageHelper::display($this->lang['modules.upload_error'], MessageHelper::NOTICE, 4)); } } else { $this->view->put('MSG', MessageHelper::display($this->lang['modules.not_installed_module'], MessageHelper::NOTICE, 4)); } } else { $this->view->put('MSG', MessageHelper::display($this->lang['modules.upload_error'], MessageHelper::NOTICE, 4)); } } }
if (!is_writable($dir)) { $is_writable = @chmod($dir, 0777); } @clearstatcache(); if (is_writable($dir)) { $weight_max = $unlimited_data ? 100000000 : $group_limit - $member_memory_used; $Upload = new Upload($dir); $Upload->file('upload_file', '`([a-z0-9()_-])+\\.(' . implode('|', array_map('preg_quote', $files_upload_config->get_authorized_extensions())) . ')+$`i', Upload::UNIQ_NAME, $weight_max); if ($Upload->get_error() != '') { $error = $Upload->get_error(); if ($Upload->get_error() == 'e_upload_max_weight') { $error = 'e_max_data_reach'; } AppContext::get_response()->redirect('/user/upload.php?f=' . $folder . '&erroru=' . $error . '&' . $popup_noamp . '#message_helper'); } else { $result = PersistenceContext::get_querier()->insert(DB_TABLE_UPLOAD, array('idcat' => $folder, 'name' => $Upload->get_original_filename(), 'path' => $Upload->get_filename(), 'user_id' => AppContext::get_current_user()->get_id(), 'size' => $Upload->get_human_readable_size(), 'type' => $Upload->get_extension(), 'timestamp' => time())); $id_file = $result->get_last_inserted_id(); } } else { $error = 'e_upload_failed_unwritable'; } } $anchor = !empty($error) ? '&error=' . $error . '&' . $popup_noamp . '#message_helper' : '&' . $popup_noamp . (!empty($id_file) ? '#fi1' . $id_file : ''); AppContext::get_response()->redirect(HOST . DIR . url('/user/upload.php?f=' . $folder . $anchor, '', '&')); } elseif (!empty($del_folder)) { AppContext::get_session()->csrf_get_protect(); //Protection csrf if (AppContext::get_current_user()->check_level(User::ADMIN_LEVEL)) { Uploads::Del_folder($del_folder); } else { $check_user_id = PersistenceContext::get_querier()->get_column_value(DB_TABLE_UPLOAD_CAT, 'user_id', 'WHERE id = :id', array('id' => $del_folder));
/** * @param Upload $upload contenant l'instance Upload du fichier à uploader * @param $sizes Les différentes tailles d'image à générer * @param array $param avec type et copy_to * @return bool|string */ public static function upload(Upload $upload, $sizes, $param = array()) { $upsError = ""; $file = $upload->get_file(); // -- On créé le dossier (ainsi que les dossiers enfants et parents) s'il n'existe pas ... if (!file_exists($upload->get_directory())) { mkdir($upload->get_directory(), 0755, true); } if (isset($file) && $file['error'] == 0) { // On extrait (SET) l'extension "full" (avec le point devant) et le content type $info = getimagesize($file['tmp_name']); //echo "<pre>"; print_r($info); echo "</pre>"; $upload->set_extension_full(image_type_to_extension($info[2])); $upload->set_content_type($info['mime']); // Si le format du fichier est autorisé ... if (in_array(strtolower($upload->get_extension_full()), $upload->get_authorized_extensions_full())) { // 1 - On SET l'extension et la taille du fichier $upload->set_extension(pathinfo($file['name'], PATHINFO_EXTENSION)); $upload->set_size($file['size']); // 2 - On fait les vérifications nécessaires (poids, extension ...) if (!in_array(strtolower($upload->get_extension()), $upload->get_authorized_extensions())) { $msg = '{"status":"error", "text":"Votre fichier doit etre au format jpg ou png (format actuelle : ' . $upload->get_extension() . ')"}'; if ($param['type'] == 'echo') { echo $msg; return false; } if ($param['type'] == 'return') { return $msg; } } if ($file['size'] > $upload->get_authorized_max_size()) { $msg = '{"status":"error", "text":"Votre fichier doit avoir un poids inférieur à 5Mo"}'; if ($param['type'] == 'echo') { echo $msg; return false; } if ($param['type'] == 'return') { return $msg; } } // 3 - On renomme tout cela comme il faut ... $new_name = $upload->get_name() . '.' . $upload->get_extension(); // 4 - On uploade ... la photo originale avant le traitement if (move_uploaded_file($file['tmp_name'], $upload->get_directory() . $new_name)) { $source_image = $upload->get_directory() . $new_name; /* 5 - Si la photo originale est en PNG, on la transforme en JPG pour pouvoir mieux la traiter après ... */ if ($upload->get_extension() == 'png') { $input = $source_image; //$output = $upload->get_directory() . $upload->get_name() . '_originale_jpg_' . $uniqid . '.jpg'; $output = $upload->get_directory() . $upload->get_name() . '.jpg'; /* Dans le cas ou ... la source devient la nouvelle image originale en jpg et l'extension c'est jpg (celle de la source) */ $source_image = $output; $upload->set_extension('jpg'); if (!$upload->png2jpg($input, $output)) { $msg = '{"status":"error", "text":"Oups ! Transformation en JPG impossible !"}'; if ($param['type'] == 'echo') { echo $msg; return false; } if ($param['type'] == 'return') { return $msg; } } } // BLUR if (isset($param['blur']) && $param['blur'] == true) { $output = $upload->get_directory() . $upload->get_name() . 'originale_blur.jpg'; $input = $source_image; if (!$upload->blur($input, $output)) { $msg = '{"status":"error", "text":"Oups ! BLUR impossible !"}'; if ($param['type'] == 'echo') { echo $msg; return false; } if ($param['type'] == 'return') { return $msg; } } } // 6 - On fait le traitement pour redimmensionner ... foreach ($sizes as $size) { $destination = $upload->get_directory() . $upload->get_name() . "_" . $size['suffix'] . '.' . $upload->get_extension(); $tn_w = $size['width']; $tn_h = $size['height']; $quality = $size['quality']; $wmsource = $size['watermark']; // Si on doit vérifier la taille de l'image originale... (cf. conf. Object) if ($size['verifSize'] == true) { // Si la taille (width en px) de l'image originale ($info[0]) fait moins que // la taille (width en px) a laquelle on souhaite redimensionner ($tn_w)... alors on "copy" ! if ($info[0] < $tn_w) { $success = copy($source_image, $destination); } else { $success = $upload->image_handler($source_image, $destination, $tn_w, $tn_h, $quality, $wmsource); } } else { $success = $upload->image_handler($source_image, $destination, $tn_w, $tn_h, $quality, $wmsource); } if (!$success) { $upsError .= $file['name'] . ', '; } } if ($upsError == '') { // 7 - Si on doit copier l'image dans un autre dossier if (isset($param['copy']) && $param['copy'] == true && isset($param['copy_to'])) { // -- On créé le dossier (ainsi que les dossiers enfants et parents) s'il n'existe pas ... if (!file_exists($param['copy_to'])) { mkdir($param['copy_to'], 0755, true); } //$destination = $param['copy_to'] . $upload->get_name() . '_avatar' . '.' . $upload->get_extension(); $destination = $param['copy_to'] . $upload->get_name() . 'avatar.' . $upload->get_extension(); //$source = $upload->get_directory() . $upload->get_name() . '_profil_' . $uniqid . '.' . $upload->get_extension(); $source = $upload->get_directory() . $upload->get_name() . 'profil.' . $upload->get_extension(); copy($source, $destination); } $msg = '{"status":"success", "text":"Félicitations ! Votre photo ' . $file['name'] . ' a bien été publiée !"}'; if ($param['type'] == 'echo') { echo $msg; return true; } if ($param['type'] == 'return') { return $msg; } } } else { $msg = '{"status":"error", "text":"Oups ! Votre image ' . $file['name'] . ' n\'a pas été publiée !"}'; if ($param['type'] == 'echo') { echo $msg; return false; } if ($param['type'] == 'return') { return $msg; } } } else { $msg = '{"status":"error", "text":"Oups ! Votre image ' . $file['name'] . ' n\'a pas un format autorisé !"}'; if ($param['type'] == 'echo') { echo $msg; return false; } if ($param['type'] == 'return') { return $msg; } } } $msg = '{"status":"error"}'; if ($param['type'] == 'echo') { echo $msg; return false; } else { return $msg; } }
private function upload_module() { $modules_folder = PATH_TO_ROOT . '/'; if (!is_writable($modules_folder)) { $is_writable = @chmod($dir, 0755); } else { $is_writable = true; } if ($is_writable) { $uploaded_file = $this->form->get_value('file'); if ($uploaded_file !== null) { $upload = new Upload($modules_folder); if ($upload->file('upload_module_file', '`([a-z0-9()_-])+\\.(gz|zip)+$`i')) { $archive = $modules_folder . $upload->get_filename(); if ($upload->get_extension() == 'gz') { include_once PATH_TO_ROOT . '/kernel/lib/php/pcl/pcltar.lib.php'; $archive_content = PclTarList($upload->get_filename()); } else { include_once PATH_TO_ROOT . '/kernel/lib/php/pcl/pclzip.lib.php'; $zip = new PclZip($archive); $archive_content = $zip->listContent(); } $archive_root_content = array(); $required_files = array('/config.ini', '/index.php'); foreach ($archive_content as $element) { if (substr($element['filename'], -1) == '/') { $element['filename'] = substr($element['filename'], 0, -1); } if (substr_count($element['filename'], '/') == 0) { $archive_root_content[] = array('filename' => $element['filename'], 'folder' => isset($element['folder']) && $element['folder'] == 1 || isset($element['typeflag']) && $element['typeflag'] == 5); } if (isset($archive_root_content[0])) { $name_in_archive = str_replace($archive_root_content[0]['filename'] . '/', '/', $element['filename']); if (in_array($name_in_archive, $required_files)) { unset($required_files[array_search($name_in_archive, $required_files)]); } } } if (count($archive_root_content) == 1 && $archive_root_content[0]['folder'] && empty($required_files)) { $module_id = $archive_root_content[0]['filename']; if (!ModulesManager::is_module_installed($module_id)) { if ($upload->get_extension() == 'gz') { PclTarExtract($upload->get_filename(), $modules_folder); } else { $zip->extract(PCLZIP_OPT_PATH, $modules_folder, PCLZIP_OPT_SET_CHMOD, 0755); } $this->install_module($module_id, true); } else { $this->view->put('MSG', MessageHelper::display(LangLoader::get_message('element.already_exists', 'status-messages-common'), MessageHelper::NOTICE)); } } else { $this->view->put('MSG', MessageHelper::display(LangLoader::get_message('error.invalid_archive_content', 'status-messages-common'), MessageHelper::NOTICE)); } $uploaded_file = new File($archive); $uploaded_file->delete(); } else { $this->view->put('MSG', MessageHelper::display($this->lang['modules.upload_invalid_format'], MessageHelper::NOTICE)); } } else { $this->view->put('MSG', MessageHelper::display($this->lang['modules.upload_error'], MessageHelper::NOTICE)); } } }