if ($value != "0_1") {
$file_keys .= ($file_keys ? ":" : "") . $key . "_" . intval($value);
$file_keywords[$key] = intval($value);
} else {
$file_error["keywords"][$key] = 1;
}
}
}
//starts upload of file
if (!is_uploaded_file($_FILES["file"]["tmp_name"])) {
$file_error["file"] = $BL['be_fprivup_err1'];
} elseif ($_FILES["file"]["size"] > $phpwcms["file_maxsize"]) {
$file_error["file"] = $BL['be_fprivup_err2'] . " " . number_format($phpwcms["file_maxsize"] / 1024, 2, ',', '.') . " kB";
} else {
$fileName = sanitize_filename($_FILES["file"]["name"]);
$fileExt = check_image_extension($_FILES["file"]["tmp_name"], $fileName);
$fileExt = $fileExt === false ? which_ext($fileName) : $fileExt;
$fileHash = md5($fileName . microtime());
$fileType = is_mimetype_format($_FILES["file"]["type"]) ? $_FILES["file"]["type"] : get_mimetype_by_extension($fileExt);
$fileSize = intval($_FILES["file"]["size"]);
// Check against forbidden file names
$forbiddenUploadName = array('.htaccess', 'web.config', 'lighttpd.conf', 'nginx.conf');
if (in_array(strtolower($fileName), $forbiddenUploadName)) {
$file_error["file"] = sprintf($BL['be_fprivup_err7'], $fileName);
}
// Only allowed file extensions
if (empty($file_error["file"])) {
if (is_string($phpwcms['allowed_upload_ext'])) {
$phpwcms['allowed_upload_ext'] = convertStringToArray(strtolower($phpwcms['allowed_upload_ext']));
}
if ($fileExt === '') {
}
?>
<p><img src="../../img/symbole/rotation.gif" alt="" width="15" height="15"><strong class="title"> selected files uploaded via ftp will be taken over!</strong></p><?php
echo "<p class=\"v10\">";
flush();
foreach ($ftp["mark"] as $key => $value) {
if (!ini_get('safe_mode') && function_exists('set_time_limit')) {
set_time_limit(60);
}
$file = $ftp["file"][$key];
$file_path = PHPWCMS_ROOT . $phpwcms["ftp_path"] . $file;
if (is_file($file_path)) {
$file_type = '';
$file_error["upload"] = 0;
$file_size = filesize($file_path);
$file_ext = check_image_extension($file_path);
$file_ext = false === $file_ext ? which_ext($file) : $file_ext;
$file_name = sanitize_filename($ftp["filename"][$key]);
$file_hash = md5($file_name . microtime());
if (trim($file_type) === '') {
//check file_type
if (is_mimetype_by_extension($file_ext)) {
$file_type = get_mimetype_by_extension($file_ext);
} else {
$file_check = getimagesize($file_path);
if (version_compare("4.3.0", phpversion(), ">=") && $file_check) {
$file_type = image_type_to_mime_type($file_check[2]);
}
if (!is_mimetype_format($file_type)) {
$file_type = get_mimetype_by_extension($file_ext);
}
