function SaveAllUploadedFiles(&$a_file_vars)
{
global $php_errormsg, $SCRATCH_PAD;
$s_prefix = "UPLD";
if (!isset($SCRATCH_PAD) || empty($SCRATCH_PAD)) {
Error("need_scratch_pad", GetMessage(MSG_NEED_SCRATCH_PAD), false, false);
return false;
}
//
// remove old uploaded files that have not been moved out.
//
CleanScratchPad($s_prefix);
foreach (array_keys($a_file_vars) as $m_file_key) {
$a_upload =& $a_file_vars[$m_file_key];
//
// One customer reported:
// Possible file upload attack detected: name='' temp name='none'
// on PHP 4.1.2 on RAQ4.
// So, we now also test for "name".
//
if (!isset($a_upload["tmp_name"]) || empty($a_upload["tmp_name"]) || !isset($a_upload["name"]) || empty($a_upload["name"])) {
continue;
}
//
// ensure we don't move the file more than once
//
if (!isset($a_upload["saved_as"]) || empty($a_upload["saved_as"])) {
if (!IsUploadedFile($a_upload)) {
SendAlert(GetMessage(MSG_FILE_UPLOAD_ATTACK, array("NAME" => $a_upload["name"], "TEMP" => $a_upload["tmp_name"], "FLD" => $m_file_key)));
} elseif (!SaveUploadedFile($a_upload, $s_prefix)) {
return false;
}
}
}
return true;
}
$Upload = Upload_Get('Emblem');
#-------------------------------------------------------------------------------
switch (ValueOf($Upload)) {
case 'error':
return ERROR | @Trigger_Error(500);
case 'exception':
# No more...
break;
case 'array':
#-------------------------------------------------------------------------------
$Emblem = Image_Resize($Upload['Data'], 72, 72);
if (Is_Error($Emblem)) {
return new gException('EMBLEM_RESIZE_ERROR', 'Ошибка изменения размеров эмблемы');
}
#-------------------------------------------------------------------------------
if (!SaveUploadedFile('Services', $ServiceID, $Emblem)) {
return new gException('CANNOT_SAVE_UPLOADED_FILE', 'Не удалось сохранить загруженный файл');
}
#-------------------------------------------------------------------------------
break;
#-------------------------------------------------------------------------------
#-------------------------------------------------------------------------------
default:
return ERROR | @Trigger_Error(101);
}
#-------------------------------------------------------------------------------
#-------------------------------------------------------------------------------
$IsFlush = CacheManager::flush();
if (!$IsFlush) {
@Trigger_Error(500);
}
break;
case 'array':
#-----------------------------------------------------------------------
$IEdeskMessage['FileName'] = $Upload['Name'];
break;
default:
return ERROR | @Trigger_Error(101);
}
#---------------------------------------------------------------------------
$MessageID = DB_Insert('EdesksMessages', $IEdeskMessage);
if (Is_Error($MessageID)) {
return ERROR | @Trigger_Error(500);
}
#---------------------------------------------------------------------------
if (isset($IEdeskMessage['FileName'])) {
if (!SaveUploadedFile('EdesksMessages', $MessageID, $Upload['Data'])) {
return new gException('CANNOT_SAVE_UPLOADED_FILE', 'Не удалось сохранить загруженный файл');
}
}
#---------------------------------------------------------------------------
$Users = DB_Select('Users', 'ID', array('Where' => SPrintF('`ID` != %u AND `ID` > 50', $__USER['ID'])));
#---------------------------------------------------------------------------
switch (ValueOf($Users)) {
case 'error':
return ERROR | @Trigger_Error(500);
case 'exception':
return ERROR | @Trigger_Error(400);
case 'array':
#-----------------------------------------------------------------------
foreach ($Users as $User) {
#---------------------------------------------------------------------
#-------------------------------------------------------------------------------
$Files = DB_Select('ContractsEnclosures', array('ID', 'Document'), array('Where' => "`Document` IS NOT NULL"));
#-------------------------------------------------------------------------------
switch (ValueOf($Files)) {
case 'error':
return ERROR | @Trigger_Error(500);
case 'exception':
# No more...
break;
case 'array':
#---------------------------------------------------------------------------
foreach ($Files as $File) {
#---------------------------------------------------------------------------
Debug(SPrintF("[patches/billing/files/1000060]: save file #%u ", $File['ID']));
#-------------------------------------------------------------------------
if (!SaveUploadedFile('ContractsEnclosures', $File['ID'], $File['Document'])) {
Debug("[patches/billing/files/1000060]: cannot save file " . $File['ID']);
}
#-------------------------------------------------------------------------
$Erase = DB_Query("UPDATE `ContractsEnclosures` SET `Document` = NULL WHERE ID = " . $File['ID']);
if (Is_Error($Erase)) {
return ERROR | @Trigger_Error('101');
}
}
break;
default:
return ERROR | @Trigger_Error(101);
}
#-------------------------------------------------------------------------------
return TRUE;
#-------------------------------------------------------------------------------
}
#-------------------------------------------------------------------
$Document = $DOM->Build();
if (Is_Error($Document)) {
return ERROR | @Trigger_Error(500);
}
#-------------------------------------------------------------------
$Replace = Array_ToLine($Replace);
#-------------------------------------------------------------------
foreach (Array_Keys($Replace) as $LinkID) {
#-----------------------------------------------------------------
$Text = (string) $Replace[$LinkID];
#-----------------------------------------------------------------
$Document = Str_Replace(SPrintF('%%%s%%', $LinkID), $Text ? $Text : '-', $Document);
}
#-------------------------------------------------------------------
if (!SaveUploadedFile('Invoices', $InvoiceID, $Document)) {
return new gException('CANNOT_SAVE_UPLOADED_FILE', 'Не удалось сохранить загруженный файл');
}
#-------------------------------------------------------------------
return TRUE;
default:
return ERROR | @Trigger_Error(101);
}
default:
return ERROR | @Trigger_Error(101);
}
default:
return ERROR | @Trigger_Error(101);
}
#-------------------------------------------------------------------------------
#---------------------------------------------------------------
$Document = $DOM->Build();
if (Is_Error($Document)) {
return ERROR | @Trigger_Error(500);
}
#---------------------------------------------------------------
$Replace = Array_ToLine($Replace);
#---------------------------------------------------------------
foreach (Array_Keys($Replace) as $LinkID) {
#-------------------------------------------------------------
$Text = (string) $Replace[$LinkID];
#-------------------------------------------------------------
$Document = Str_Replace(SPrintF('%%%s%%', $LinkID), $Text ? $Text : '-', $Document);
}
#---------------------------------------------------------------
if (!SaveUploadedFile('ContractsEnclosures', $ContractEnclosureID, $Document)) {
return new gException('CANNOT_SAVE_FILE', 'Не удалось сохранить файл');
}
#---------------------------------------------------------------
return TRUE;
default:
return ERROR | @Trigger_Error(101);
}
break;
default:
return ERROR | @Trigger_Error(101);
}
default:
return ERROR | @Trigger_Error(101);
}
default:
#-------------------------------------------------------------------------------
$Files = DB_Select('Invoices', array('ID', 'Document'), array('Where' => "`Document` IS NOT NULL"));
#-------------------------------------------------------------------------------
switch (ValueOf($Files)) {
case 'error':
return ERROR | @Trigger_Error(500);
case 'exception':
# No more...
break;
case 'array':
#---------------------------------------------------------------------------
foreach ($Files as $File) {
#---------------------------------------------------------------------------
Debug(SPrintF("[patches/billing/files/1000061]: save file #%u ", $File['ID']));
#-------------------------------------------------------------------------
if (!SaveUploadedFile('Invoices', $File['ID'], $File['Document'])) {
Debug("[patches/billing/files/1000061]: cannot save file " . $File['ID']);
}
#-------------------------------------------------------------------------
$Erase = DB_Query("UPDATE `Invoices` SET `Document` = NULL WHERE ID = " . $File['ID']);
if (Is_Error($Erase)) {
return ERROR | @Trigger_Error('101');
}
#-------------------------------------------------------------------------
}
#-------------------------------------------------------------------------
break;
#-------------------------------------------------------------------------
#-------------------------------------------------------------------------
default:
return ERROR | @Trigger_Error(101);
#-------------------------------------------------------------------------
$IsUpdate = DB_Update('Profiles', array('ID' => 100), array('ID' => $ProfileID));
if (Is_Error($IsUpdate)) {
return ERROR | @Trigger_Error(500);
}
#-------------------------------------------------------------------------
$ProfileID = 100;
}
}
#-----------------------------------------------------------------------------
$Answer['ProfileID'] = $ProfileID;
}
#-----------------------------------------------------------------------------
#-----------------------------------------------------------------------------
if (isset($UProfile['Format'])) {
if (!SaveUploadedFile('Profiles', $ProfileID, $Upload['Data'])) {
return new gException('CANNOT_SAVE_UPLOADED_FILE', 'Не удалось сохранить загруженный файл');
}
}
#-------------------------------------------------------------------------------
#-------------------------------------------------------------------------------
$StatusID = Count($Simple) ? 'OnFilling' : 'Filled';
#-------------------------------------------------------------------------------
if (Count($Errors)) {
$StatusID = 'OnFilling';
}
#-------------------------------------------------------------------------------
$Comp = Comp_Load('www/API/StatusSet', array('ModeID' => 'Profiles', 'StatusID' => $StatusID, 'RowsIDs' => $ProfileID, 'Comment' => 'Редактирование профиля'));
#-------------------------------------------------------------------------------
switch (ValueOf($Comp)) {
case 'error':
#-----------------------------------------------------------------
$Text = (string) $Replace[$LinkID];
#-----------------------------------------------------------------
$Document = Str_Replace(SPrintF('%%%s%%', $LinkID), $Text ? $Text : '-', $Document);
}
#------------------------TRANSACTION--------------------------------
if (Is_Error(DB_Transaction($TransactionID = UniqID('ContractBuld')))) {
return ERROR | @Trigger_Error(500);
}
#-------------------------------------------------------------------
$IsUpdate = DB_Update('Contracts', array('Customer' => $Customer['Name']), array('ID' => $ContractID));
if (Is_Error($IsUpdate)) {
return ERROR | @Trigger_Error(500);
}
#-------------------------------------------------------------------
if (!SaveUploadedFile('Contracts', $ContractID, $Document)) {
return new gException('CANNOT_SAVE_UPLOADED_FILE', 'Не удалось сохранить загруженный файл');
}
#-------------------------------------------------------------------
$ContractsEnclosures = DB_Select('ContractsEnclosures', 'ID', array('Where' => SPrintF('`ContractID` = %u', $ContractID)));
#-------------------------------------------------------------------
switch (ValueOf($ContractsEnclosures)) {
case 'error':
return ERROR | @Trigger_Error(500);
case 'exception':
# No more...
break;
case 'array':
#---------------------------------------------------------------
foreach ($ContractsEnclosures as $ContractEnclosure) {
#-------------------------------------------------------------
case 'error':
return ERROR | @Trigger_Error(500);
case 'exception':
# No more...
break;
case 'array':
#-------------------------------------------------------------------------------
$Foto = $Upload['Data'];
#-------------------------------------------------------------------------------
$Foto = Image_Resize($Foto, 90, 110);
#-------------------------------------------------------------------------------
if (Is_Error($Foto)) {
return new gException('FOTO_RESIZE_ERROR', 'Ошибка изменения размеров персональной фотографии');
}
#-------------------------------------------------------------------------------
if (!SaveUploadedFile('Users', $__USER['ID'], $Foto)) {
return new gException('CANNOT_SAVE_UPLOADED_FILE', 'Не удалось сохранить загруженный файл');
}
#-------------------------------------------------------------------------------
break;
#-------------------------------------------------------------------------------
#-------------------------------------------------------------------------------
default:
return ERROR | @Trigger_Error(101);
}
#-------------------------------------------------------------------------------
if ($IsClear) {
if (!DeleteUploadedFile('Users', $__USER['ID'])) {
return new gException('CANNOT_DELETE_FILE', 'Не удалось удалить связанный файл');
}
}
#-------------------------------------------------------------------------------
while ($DocCount > 0) {
#-------------------------------------------------------------------------------
$Files = DB_Select('Profiles', array('ID', 'Document'), array('Where' => "`Document` IS NOT NULL", 'Limits' => array(0, 50)));
#-------------------------------------------------------------------------------
switch (ValueOf($Files)) {
case 'error':
return ERROR | @Trigger_Error(500);
case 'exception':
# No more...
break;
case 'array':
#---------------------------------------------------------------------------
foreach ($Files as $File) {
#-------------------------------------------------------------------------
if (!SaveUploadedFile('Profiles', $File['ID'], $File['Document'])) {
Debug("[patches/billing/files/1000056]: cannot save file " . $File['ID']);
}
#-------------------------------------------------------------------------
$Erase = DB_Query("UPDATE Profiles SET `Document` = NULL WHERE ID = " . $File['ID']);
if (Is_Error($Erase)) {
return ERROR | @Trigger_Error('101');
}
}
break;
default:
return ERROR | @Trigger_Error(101);
}
#---------------------------------------------------------------------------
$DocCount = DB_Count('Profiles', array('Where' => "`Document` IS NOT NULL"));
if (Is_Error($DocCount)) {
return ERROR | @Trigger_Error(500);
}
#-------------------------------------------------------------------------------
$Files = DB_Select('EdesksMessages', array('ID', 'FileData'), array('Where' => "`FileData` IS NOT NULL"));
#-------------------------------------------------------------------------------
switch (ValueOf($Files)) {
case 'error':
return ERROR | @Trigger_Error(500);
case 'exception':
# No more...
break;
case 'array':
#---------------------------------------------------------------------------
foreach ($Files as $File) {
#-------------------------------------------------------------------------
if (!SaveUploadedFile('EdesksMessages', $File['ID'], $File['FileData'])) {
Debug("[patches/billing/files/1000055]: cannot save file " . $File['ID']);
}
#-------------------------------------------------------------------------
$Erase = DB_Query("UPDATE EdesksMessages SET `FileData` = NULL WHERE ID = " . $File['ID']);
if (Is_Error($Erase)) {
return ERROR | @Trigger_Error('101');
}
}
break;
default:
return ERROR | @Trigger_Error(101);
}
#-------------------------------------------------------------------------------
return TRUE;
#-------------------------------------------------------------------------------
#-------------------------------------------------------------------------------
$Files = DB_Select('Services', array('ID', 'Emblem'), array('Where' => "`Emblem` IS NOT NULL"));
#-------------------------------------------------------------------------------
switch (ValueOf($Files)) {
case 'error':
return ERROR | @Trigger_Error(500);
case 'exception':
# No more...
break;
case 'array':
#---------------------------------------------------------------------------
foreach ($Files as $File) {
#---------------------------------------------------------------------------
Debug(SPrintF("[patches/billing/files/1000059]: save file #%u ", $File['ID']));
#-------------------------------------------------------------------------
if (!SaveUploadedFile('Services', $File['ID'], $File['Emblem'])) {
Debug("[patches/billing/files/1000059]: cannot save file " . $File['ID']);
}
#-------------------------------------------------------------------------
$Erase = DB_Query("UPDATE `Services` SET `Emblem` = NULL WHERE ID = " . $File['ID']);
if (Is_Error($Erase)) {
return ERROR | @Trigger_Error('101');
}
#-------------------------------------------------------------------------
}
break;
default:
return ERROR | @Trigger_Error(101);
}
#-------------------------------------------------------------------------------
return TRUE;
#-------------------------------------------------------------------------------
$Files = DB_Select('Users', array('ID', 'Foto'), array('Where' => "`Foto` IS NOT NULL"));
#-------------------------------------------------------------------------------
switch (ValueOf($Files)) {
case 'error':
return ERROR | @Trigger_Error(500);
case 'exception':
# No more...
break;
case 'array':
#---------------------------------------------------------------------------
foreach ($Files as $File) {
#---------------------------------------------------------------------------
Debug(SPrintF("[patches/billing/files/1000058]: save file #%u ", $File['ID']));
#-------------------------------------------------------------------------
if (!SaveUploadedFile('Users', $File['ID'], $File['Foto'])) {
Debug("[patches/billing/files/1000058]: cannot save file " . $File['ID']);
}
#-------------------------------------------------------------------------
$Erase = DB_Query("UPDATE `Users` SET `Foto` = NULL WHERE ID = " . $File['ID']);
if (Is_Error($Erase)) {
return ERROR | @Trigger_Error('101');
}
}
break;
default:
return ERROR | @Trigger_Error(101);
}
#-------------------------------------------------------------------------------
return TRUE;
#-------------------------------------------------------------------------------