function upload() { $field = FALSE; $ds = DIRECTORY_SEPARATOR; if (!empty($_FILES)) { foreach ($_FILES as $key => $value) { if (isset($this->fields[$key])) { $field = $this->fields[$key]; break; } } if ($field) { $field = $this->callback_before_upload($field); $key = $field['key']; $storeFolder = 'uploads'; if ($field['type'] == 'upload') { $tempFile = $_FILES[$key]['tmp_name']; $targetPath = $field['settings']['path']; $targetFile = $targetPath . $_FILES[$key]['name']; $newFileName = file_newname($targetPath, $_FILES[$key]['name']); $targetFile = $targetPath . $newFileName; @mkdir($targetPath, 0777, true); move_uploaded_file($tempFile, $targetFile); $response = $newFileName; return $response; } } else { if (isset($_REQUEST['field'])) { $field = $this->fields[$_REQUEST['field']]; $field = $this->callback_before_upload($field); // Allowed extentions. $allowedExts = array("gif", "jpeg", "jpg", "png"); // Get filename. $temp = explode(".", $_FILES["file"]["name"]); // Get extension. $extension = end($temp); // An image check is being done in the editor but it is best to // check that again on the server side. if (($_FILES["file"]["type"] == "image/gif" || $_FILES["file"]["type"] == "image/jpeg" || $_FILES["file"]["type"] == "image/jpg" || $_FILES["file"]["type"] == "image/pjpeg" || $_FILES["file"]["type"] == "image/x-png" || $_FILES["file"]["type"] == "image/png") && in_array($extension, $allowedExts)) { // Generate new random name. $name = sha1(microtime()) . "." . $extension; $targetPath = $field['settings']['path']; $targetFile = $targetPath . $name; @mkdir($targetPath, 0777, true); // Save file in the uploads folder. move_uploaded_file($_FILES["file"]["tmp_name"], $targetFile); // Generate response. $response = new StdClass(); $response->link = $field['settings']['download'] . $name; return $response; } } } } else { $field = $this->fields[$_REQUEST['field']]; $field = $this->callback_before_upload($field); $value = @trim($_REQUEST['value']); if ($field && $value) { $result = array(); $obj['name'] = @$field['settings']['partial'] . $value; if (file_exists($field['settings']['path'] . $ds . $value)) { $obj['size'] = filesize($field['settings']['path'] . $ds . $value); } else { $obj['size'] = 0; } $result[] = $obj; return $result; } } }
} $newpath = $path . '/' . $filename; $newname = $filename; $counter = 0; while (file_exists($newpath) && file_get_contents($newpath) != "") { $newname = $name . '_' . $counter . $ext; $newpath = $path . '/' . $newname; $counter++; } return $newname; } if (!isset($feedback_prompt_text)) { $feedback_prompt_text = ""; } if (getval("submit", "") != "" || getval("add", "") != "") { rename('../data/results.csv', '../data/' . file_newname('../data/', 'results.csv')); touch('../data/results.csv'); chmod('../data/results.csv', 0777); $f = fopen("../config/config.php", "w"); fwrite($f, "<?php\n\n\$feedback_questions=array();"); fwrite($f, "\n\n\$feedback_prompt_text=\"" . str_replace("\"", "\\\"", getval("feedback_prompt_text", "")) . "\";\n\n"); $readfrom = 0; if (getval("delete_1", "") != "") { $readfrom++; } # Delete first question. for ($n = 1; $readfrom < count($feedback_questions); $n++) { $readfrom++; # Deleting next question? Skip ahead if (getval("delete_" . $readfrom, "") == "") { # Save question
$newname = $name . '_' . $counter . $ext; $newpath = $path . '/' . $newname; $counter++; } $_FILES["userimage"]["name"] = $newname; return $_FILES["userimage"]["name"]; } // function ends here if ($_FILES["userimage"]["name"] != "") { /// check whether the file is empty or not if (($_FILES["userimage"]["type"] == "image/gif" || $_FILES["userimage"]["type"] == "image/jpeg" || $_FILES["userimage"]["type"] == "image/png" || $_FILES["userimage"]["type"] == "image/bmp" || $_FILES["userimage"]["type"] == "image/pjpeg") && $_FILES["userimage"]["size"] < 200 * 1024) { if ($_FILES["userimage"]["error"] > 0) { echo "Return Code: " . $_FILES["userimage"]["error"] . "<br />"; } else { if (file_exists("../images/member/" . $_FILES["userimage"]["name"])) { file_newname("../images/member/", $_FILES["userimage"]["name"]); move_uploaded_file($_FILES["userimage"]["tmp_name"], "../images/member/" . $_FILES["userimage"]["name"]); $image = "images/member/" . $_FILES["userimage"]["name"]; } else { move_uploaded_file($_FILES["userimage"]["tmp_name"], "../images/member/" . $_FILES["userimage"]["name"]); $image = "images/member/" . $_FILES["userimage"]["name"]; } } } else { echo "<script type='text/javascript'>\n"; echo "alert('Invalid file format or File size is larger than required!');\n"; echo "window.history.go(-1);\n"; echo "</script>"; exit; } } else {