bh_log("Fatal error in upload notification system", "BH_ERROR");
}
} elseif (count($fupload) > 0) {
# Notify the popup to close
$uploadrows = select_bhdb("uploads", array("sessionid" => session_id()), 1);
if (empty($uploadrows)) {
insert_bhdb("uploads", array("sessionid" => session_id(), "status" => "finished"));
} else {
update_bhdb("uploads", array("status" => "finished"), array("sessionid" => session_id()));
}
# Calculate used bandwidth
foreach ($fupload as $fileinfo) {
bh_bandwidth($bhsession['username'], "up", $fileinfo['size']);
}
# Check they can write to the destination directory
if (bh_checkrights($infolder, $bhsession['username']) >= 2) {
foreach ($fupload as $fileinfo) {
# If it's a valid upload...
if (empty($fileinfo['name']) !== TRUE) {
# Check the file actually exists.
if (file_exists($fileinfo['tempname'])) {
# Create thing of banned exts
$bannedexts = array("exexexexex" => 1);
$invalid = False;
foreach ($bannedexts as $ext => $one) {
if (substr($fileinfo['name'], 0 - strlen($ext)) == $ext) {
$invalid = True;
}
}
# Check the file would not exceed the quota
if ($bhcurrent['userobj']->spaceremaining() < $fileinfo['size']) {
function bh_checkmodulefilepath($module, $filepath, $username)
{
$accesslevel = bh_checkrights($filepath, $username);
if ($accesslevel == 0) {
return 0;
}
$modulepermrows = select_bhdb("modulesaccesslevel", array("module" => $module, "accesslevel" => $accesslevel), "");
$status = $modulepermrows[0]['status'];
switch ($status) {
case "y":
case "1":
case "ok":
case "TRUE":
case "true":
return 1;
break;
default:
return 0;
}
}
function loadfile()
{
global $bhconfig, $bhsession;
# Check if it's a directory.
# For directories, loadfile still returns the contents of the filepath - the directory listing. Everything is a file.
if ($this->is_dir()) {
$files = array();
$handle = opendir($this->absfilepath);
while (false !== ($file = readdir($handle))) {
# Open and close the file, to assign permissions to new files.
$tempfileobj = new bhfile($this->filepath . "/" . $file);
unset($tempfileobj);
if (bh_checkrights($this->filepath . "/" . $file, $bhsession['username']) > 0) {
if ($bhconfig['hidedotfiles'] == 1) {
if (!preg_match("/^\\.{1,2}/", $file)) {
$files[] = array("filename" => $file, "filepath" => $this->filepath . "/" . $file, "filesize" => filesize($this->absfilepath . "/" . $file), "filedate" => filemtime($this->absfilepath . "/" . $file), "absfilepath" => $this->absfilepath . "/" . $file);
}
} else {
if (!preg_match("/^\\.{1,2}\$/", $file)) {
$files[] = array("filename" => $file, "filepath" => $this->filepath . "/" . $file, "filesize" => filesize($this->absfilepath . "/" . $file), "filedate" => filemtime($this->absfilepath . "/" . $file), "absfilepath" => $this->absfilepath . "/" . $file);
}
}
}
}
closedir($handle);
$this->filecontents = $files;
return $files;
} else {
# Check to use file_get_contents (apparentely faster) or fread (compatable)
if (function_exists("file_get_contents")) {
$this->filecontents = file_get_contents($this->absfilepath);
} else {
$filepointer0 = fopen($this->absfilepath, "rb");
$this->filecontents = fread($filepointer0, filesize($this->filecontents));
fclose($filepointer0);
}
}
}
function COPY(&$options)
{
global $bhsession;
$destfilepath = bh_fpclean($options['dest']);
$filepath = bh_fpclean($options['path']);
$infolder = bh_get_parent($destfilepath);
$fileexist = bh_user_file_exists($filepath);
if (!$fileexist) {
return "404 Not Found";
}
if (bh_checkrights(bh_fpclean($infolder), $bhsession['username']) <= 1) {
return "403 Forbidden";
}
$fileobj = new bhfile($filepath);
$fileobj->copyto($destfilepath);
return "204 No Content";
}
}
if (empty($infolder)) {
$infolder = $_GET['infolder'];
}
if (empty($infolder)) {
$infolder = $_POST['infolder'];
}
if (empty($infolder)) {
$infolder = $_SESSION['lastdir'];
}
if (empty($infolder)) {
$infolder = $bhcurrent['userobj']->homedir;
}
if (!empty($_POST['foldername'])) {
# Check they have permission to write in the folder
if (bh_checkrights(bh_fpclean($infolder), $bhsession['username']) >= 2) {
bh_mkdir(bh_fpclean($infolder . "/" . $_POST['foldername']));
$fileobj = new bhfile(bh_fpclean($infolder . "/" . $_POST['foldername']));
unset($fileobj);
bh_log($bhlang['notice:folder_created'], "BH_NOTICE");
bh_log(str_replace("#USER#", $bhsession['username'], str_replace("#FOLDER#", bh_fpclean($infolder . "/" . $_POST['foldername']), $bhlang['log:#USER#_created_#FOLDER#'])), "BH_FOLDER_CREATED");
$_GET['filepath'] = bh_fpclean($infolder . "/" . $_POST['foldername']);
require "modules/viewdir.inc.php";
} else {
bh_log($bhlang['error:access_denied'], "BH_ERROR");
bh_log(str_replace("#USER#", $bhsession['username'], str_replace("#PAGE#", $_SERVER['REQUEST_URI'], $bhlang['log:#USER#_denied_#PAGE#'])), "BH_ACCESS_DENIED");
require "modules/error.inc.php";
}
} else {
# Open layout object
$layoutobj = new bhlayout("addfolderform");
