/** * Moves uploaded files from P4A_UPLOADS_TMP_DIR to P4A_UPLOADS_DIR * @throws P4A_Exception */ public function saveUploads() { while ($field = $this->fields->nextItem()) { $field_type = $field->getType(); if ($field_type == 'file') { $new_value = $field->getNewValue(); $old_value = $field->getValue(); $target_dir = P4A_UPLOADS_DIR . '/' . $field->getUploadSubpath(); if (!is_dir($target_dir)) { if (!P4A_Mkdir_Recursive($target_dir)) { throw new P4A_Exception("Cannot create directory \"{$target_dir}\"", P4A_FILESYSTEM_ERROR); } } $a_new_value = explode(',', substr($new_value, 1, -1)); $a_old_value = explode(',', substr($old_value, 1, -1)); if ($old_value === null) { if ($new_value !== null) { $a_new_value[0] = P4A_Get_Unique_File_Name($a_new_value[6], $target_dir); unset($a_new_value[6]); $new_path = $target_dir . '/' . $a_new_value[0]; $old_path = P4A_UPLOADS_DIR . '/' . $a_new_value[1]; if (!rename($old_path, $new_path)) { throw new P4A_Exception("Cannot rename file \"{$old_path}\" to \"{$new_path}\"", P4A_FILESYSTEM_ERROR); } $a_new_value[1] = P4A_Strip_Double_Slashes(str_replace(P4A_UPLOADS_DIR, '', $new_path)); $field->setNewValue('{' . join($a_new_value, ',') . '}'); } else { $field->setNewValue(null); } } else { if ($new_value === null) { $path = P4A_UPLOADS_DIR . $a_old_value[1]; if (!@unlink($path) and @file_exists($path)) { throw new P4A_Exception("Cannot delete file \"{$path}\"", P4A_FILESYSTEM_ERROR); } $field->setNewValue(null); } elseif ($new_value != $old_value) { $path = P4A_UPLOADS_DIR . $a_old_value[1]; if (!@unlink($path) and @file_exists($path)) { throw new P4A_Exception("Cannot delete file \"{$path}\"", P4A_FILESYSTEM_ERROR); } $a_new_value[0] = P4A_Get_Unique_File_Name($a_new_value[6], $target_dir); unset($a_new_value[6]); $new_path = $target_dir . '/' . $a_new_value[0]; $old_path = P4A_UPLOADS_DIR . '/' . $a_new_value[1]; if (!@rename($old_path, $new_path)) { throw new P4A_Exception("Cannot rename file \"{$old_path}\" to \"{$new_path}\"", P4A_FILESYSTEM_ERROR); } $a_new_value[1] = str_replace(P4A_UPLOADS_DIR, '', $new_path); $field->setNewValue('{' . join($a_new_value, ',') . '}'); } } } } }
public function main() { // Processing get and post. if (array_key_exists('_object', $_REQUEST) and array_key_exists('_action', $_REQUEST) and array_key_exists('_action_id', $_REQUEST) and $_REQUEST['_object'] and $_REQUEST['_action'] and $_REQUEST['_action_id'] and $_REQUEST['_action_id'] == $this->getActionHistoryId() and isset($this->objects[$_REQUEST['_object']])) { $object = $_REQUEST['_object']; $action = $_REQUEST['_action']; $aParams = array(); // Removing files from request... // workaround for windows servers foreach ($_FILES as $key => $value) { unset($_REQUEST[$key]); } foreach ($_REQUEST as $key => $value) { if (substr($key, 0, 3) == 'fld' and $this->objects[$key]->isEnabled()) { if ($this->objects[$key]->getType() == 'file' and strlen($value) == 0) { $this->objects[$key]->setNewValue(null); continue; } $this->objects[$key]->setNewValue($value); } elseif (substr($key, 0, 5) == 'param' and strlen($value) > 0) { $aParams[] = $value; } } foreach ($_FILES as $key => $value) { $extension = P4A_Get_File_Extension($value['name']); if (!P4A_Is_Extension_Allowed($extension)) { throw new P4A_Exception("Uploading {$extension} files is denied", P4A_FILESYSTEM_ERROR); } if (!in_array($value['error'], array(UPLOAD_ERR_OK, UPLOAD_ERR_NO_FILE))) { throw new P4A_Exception("There was an error trying to upload file(s) (error code: " . $value['error'] . ")", P4A_FILESYSTEM_ERROR); } if ($value['error'] == UPLOAD_ERR_NO_FILE) { continue; } $value['future_name'] = str_replace(',', ';', $value['name']); $value['name'] = P4A_Get_Unique_File_Name("tmp.{$extension}", P4A_UPLOADS_TMP_DIR); move_uploaded_file($value['tmp_name'], P4A_UPLOADS_TMP_DIR . '/' . $value['name']); $value['tmp_name'] = P4A_Strip_Double_Slashes('/' . P4A_UPLOADS_TMP_NAME . '/' . $value['name']); if ($value['type'] == 'image/x-png') { $value['type'] = 'image/png'; } // fix for ie PNG upload bug if (substr($key, 0, 3) == 'fld') { list($width, $height) = @getimagesize(P4A_UPLOADS_TMP_DIR . '/' . $value['name']); $new_value = "{$value['name']},{$value['tmp_name']},{$value['size']},{$value['type']},{$width},{$height},{$value['future_name']}"; $this->objects[$key]->setNewValue('{' . $new_value . '}'); if ($this->objects[$key]->actionHandler('afterupload') == ABORT) { return ABORT; } } } $this->setActiveObject($this->objects[$object]); $action_return = $this->objects[$object]->{$action}($aParams); } if ($this->inAjaxCall()) { $this->_action_history_id++; if ($_REQUEST['_ajax'] == 2) { $this->active_mask->main(); } $this->raiseXMLResponse(); } elseif (P4A_ENABLE_RENDERING and is_object($this->active_mask)) { $this->_action_history_id++; $this->active_mask->main(); } $this->_to_redesign = array(); $this->_redesign_whole_mask = false; session_write_close(); session_id(substr(session_id(), 0, -6)); flush(); }