/** * Upload plugin archive into the gui/plugins directory * * Supported archives: zip tar.gz and tar.bz2 * * @param PluginManager $pluginManager * @return bool TRUE on success, FALSE on failure */ function uploadPlugin($pluginManager) { $pluginDirectory = $pluginManager->pluginGetDirectory(); $tmpDirectory = GUI_ROOT_DIR . '/data/tmp'; $ret = false; if (isset($_FILES['plugin_archive'])) { $beforeMove = function ($tmpDirectory) { $tmpFilePath = $_FILES['plugin_archive']['tmp_name']; if (!checkMimeType($tmpFilePath, array('application/x-gzip', 'application/x-bzip2', 'application/zip'))) { set_page_message(tr('Only tar.gz, tar.bz2 and zip archives are accepted.'), 'error'); return false; } $pluginArchiveSize = $_FILES['plugin_archive']['size']; $maxUploadFileSize = utils_getMaxFileUpload(); if ($pluginArchiveSize > $maxUploadFileSize) { set_page_message(tr('Plugin archive exceeds the maximum upload size (%s). Max upload size is: %s.', bytesHuman($pluginArchiveSize), bytesHuman($maxUploadFileSize)), 'error'); return false; } return $tmpDirectory . '/' . $_FILES['plugin_archive']['name']; }; # Upload plugin archive into gui/data/tmp directory ( eg. gui/data/tmp/PluginName.zip ) $tmpArchPath = utils_uploadFile('plugin_archive', array($beforeMove, $tmpDirectory)); if ($tmpArchPath !== false) { $zipArch = strtolower(pathinfo($tmpArchPath, PATHINFO_EXTENSION)) == 'zip'; try { if (!$zipArch) { $arch = new PharData($tmpArchPath); $pluginName = $arch->getBasename(); if (!isset($arch["{$pluginName}/{$pluginName}.php"])) { throw new iMSCPException(tr('File %s is missing in plugin archive.', "{$pluginName}.php")); } $arch->extractTo($tmpDirectory, "{$pluginName}/info.php", true); $pluginManager->pluginCheckCompat($pluginName, include "{$tmpDirectory}/{$pluginName}/info.php"); } else { $arch = new ZipArchive(); if ($arch->open($tmpArchPath) === true) { if (($pluginName = $arch->getNameIndex(0, ZIPARCHIVE::FL_UNCHANGED)) !== false) { $pluginName = rtrim($pluginName, '/'); $index = $arch->locateName("{$pluginName}.php", ZipArchive::FL_NODIR); if ($index !== false) { if ($stats = $arch->statIndex($index)) { if ($stats['name'] != "{$pluginName}/{$pluginName}.php") { throw new iMSCPException(tr('File %s is missing in plugin archive.', "{$pluginName}.php")); } } else { throw new iMSCPException(tr('Unable to get stats for file %s.', "{$pluginName}.php")); } } else { throw new iMSCPException(tr('File %s is missing in plugin archive.', "{$pluginName}.php")); } } else { throw new iMSCPException(tr('Unable to find plugin root directory withing archive.')); } if ($arch->extractTo($tmpDirectory, "{$pluginName}/info.php")) { $pluginManager->pluginCheckCompat($pluginName, include "{$tmpDirectory}/{$pluginName}/info.php"); } else { throw new iMSCPException(tr('Unable to extract info.php file')); } } else { throw new iMSCPException(tr('Unable to open plugin archive.')); } } if ($pluginManager->pluginIsKnown($pluginName) && $pluginManager->pluginIsProtected($pluginName)) { throw new iMSCPException(tr('You are not allowed to update a protected plugin.')); } # Backup current plugin directory in temporary directory if exists if (is_dir("{$pluginDirectory}/{$pluginName}")) { if (!@rename("{$pluginDirectory}/{$pluginName}", "{$tmpDirectory}/{$pluginName}" . '-old')) { throw new iMSCPException(tr('Unable to backup %s plugin directory.', $pluginName)); } } if (!$zipArch) { $arch->extractTo($pluginDirectory, null, true); } elseif (!$arch->extractTo($pluginDirectory)) { throw new iMSCPException(tr('Unable to extract plugin archive.')); } $ret = true; } catch (Exception $e) { if ($e instanceof iMSCPException) { set_page_message($e->getMessage(), 'error'); } else { set_page_message(tr('Unable to extract plugin archive: %s', $e->getMessage()), 'error'); } if (!empty($pluginName) && is_dir("{$tmpDirectory}/{$pluginName}" . '-old')) { // Try to restore previous plugin directory on error if (!@rename("{$tmpDirectory}/{$pluginName}" . '-old', "{$pluginDirectory}/{$pluginName}")) { set_page_message(tr('Unable to restore %s plugin directory', $pluginName), 'error'); } } } // Cleanup @unlink($tmpArchPath); if (!empty($pluginName)) { utils_removeDir("{$tmpDirectory}/{$pluginName}"); utils_removeDir("{$tmpDirectory}/{$pluginName}" . '-old'); } } else { redirectTo('settings_plugins.php'); } } else { showBadRequestErrorPage(); } return $ret; }
/** * Updates user logo * * Note: Only administrators and resellers can have their own logo. * * @author Laurent Declercq <*****@*****.**> * @return bool TRUE on success, FALSE otherwise */ function layout_updateUserLogo() { /** @var $cfg iMSCP_Config_Handler_File */ $cfg = iMSCP_Registry::get('config'); // closure that is run before move_uploaded_file() function - See the // Utils_UploadFile() function for further information about implementation // details $beforeMove = function ($cfg) { $tmpFilePath = $_FILES['logoFile']['tmp_name']; // Checking file mime type if (!($fileMimeType = checkMimeType($tmpFilePath, array('image/gif', 'image/jpeg', 'image/pjpeg', 'image/png')))) { set_page_message(tr('You can only upload images.'), 'error'); return false; } // Retrieving file extension (gif|jpeg|png) if ($fileMimeType == 'image/pjpeg' || $fileMimeType == 'image/jpeg') { $fileExtension = 'jpeg'; } else { $fileExtension = substr($fileMimeType, -3); } // Getting the image size list($imageWidth, $imageHeigth) = getimagesize($tmpFilePath); // Checking image size if ($imageWidth > 500 || $imageHeigth > 90) { set_page_message(tr('Images have to be smaller than 500 x 90 pixels.'), 'error'); return false; } // Building an unique file name $fileName = sha1(utils_randomString(15) . '-' . $_SESSION['user_id']) . '.' . $fileExtension; // Return destination file path return $cfg->GUI_ROOT_DIR . '/data/persistent/ispLogos/' . $fileName; }; if (($logoPath = utils_uploadFile('logoFile', array($beforeMove, $cfg))) === false) { return false; } else { if ($_SESSION['user_type'] == 'admin') { $userId = 1; } else { $userId = $_SESSION['user_id']; } // We must catch old logo before update $oldLogoFile = layout_getUserLogo(false, false); exec_query('UPDATE `user_gui_props` SET `logo` = ? WHERE `user_id` = ?', array(basename($logoPath), $userId)); // Deleting old logo (we are safe here) - We don't return FALSE on failure. // The administrator will be warned through logs. layout_deleteUserLogo($oldLogoFile, true); } return true; }