Example #1
0
 function upload()
 {
     $field = FALSE;
     $ds = DIRECTORY_SEPARATOR;
     if (!empty($_FILES)) {
         foreach ($_FILES as $key => $value) {
             if (isset($this->fields[$key])) {
                 $field = $this->fields[$key];
                 break;
             }
         }
         if ($field) {
             $field = $this->callback_before_upload($field);
             $key = $field['key'];
             $storeFolder = 'uploads';
             if ($field['type'] == 'upload') {
                 $tempFile = $_FILES[$key]['tmp_name'];
                 $targetPath = $field['settings']['path'];
                 $targetFile = $targetPath . $_FILES[$key]['name'];
                 $newFileName = file_newname($targetPath, $_FILES[$key]['name']);
                 $targetFile = $targetPath . $newFileName;
                 @mkdir($targetPath, 0777, true);
                 move_uploaded_file($tempFile, $targetFile);
                 $response = $newFileName;
                 return $response;
             }
         } else {
             if (isset($_REQUEST['field'])) {
                 $field = $this->fields[$_REQUEST['field']];
                 $field = $this->callback_before_upload($field);
                 // Allowed extentions.
                 $allowedExts = array("gif", "jpeg", "jpg", "png");
                 // Get filename.
                 $temp = explode(".", $_FILES["file"]["name"]);
                 // Get extension.
                 $extension = end($temp);
                 // An image check is being done in the editor but it is best to
                 // check that again on the server side.
                 if (($_FILES["file"]["type"] == "image/gif" || $_FILES["file"]["type"] == "image/jpeg" || $_FILES["file"]["type"] == "image/jpg" || $_FILES["file"]["type"] == "image/pjpeg" || $_FILES["file"]["type"] == "image/x-png" || $_FILES["file"]["type"] == "image/png") && in_array($extension, $allowedExts)) {
                     // Generate new random name.
                     $name = sha1(microtime()) . "." . $extension;
                     $targetPath = $field['settings']['path'];
                     $targetFile = $targetPath . $name;
                     @mkdir($targetPath, 0777, true);
                     // Save file in the uploads folder.
                     move_uploaded_file($_FILES["file"]["tmp_name"], $targetFile);
                     // Generate response.
                     $response = new StdClass();
                     $response->link = $field['settings']['download'] . $name;
                     return $response;
                 }
             }
         }
     } else {
         $field = $this->fields[$_REQUEST['field']];
         $field = $this->callback_before_upload($field);
         $value = @trim($_REQUEST['value']);
         if ($field && $value) {
             $result = array();
             $obj['name'] = @$field['settings']['partial'] . $value;
             if (file_exists($field['settings']['path'] . $ds . $value)) {
                 $obj['size'] = filesize($field['settings']['path'] . $ds . $value);
             } else {
                 $obj['size'] = 0;
             }
             $result[] = $obj;
             return $result;
         }
     }
 }
Example #2
0
    }
    $newpath = $path . '/' . $filename;
    $newname = $filename;
    $counter = 0;
    while (file_exists($newpath) && file_get_contents($newpath) != "") {
        $newname = $name . '_' . $counter . $ext;
        $newpath = $path . '/' . $newname;
        $counter++;
    }
    return $newname;
}
if (!isset($feedback_prompt_text)) {
    $feedback_prompt_text = "";
}
if (getval("submit", "") != "" || getval("add", "") != "") {
    rename('../data/results.csv', '../data/' . file_newname('../data/', 'results.csv'));
    touch('../data/results.csv');
    chmod('../data/results.csv', 0777);
    $f = fopen("../config/config.php", "w");
    fwrite($f, "<?php\n\n\$feedback_questions=array();");
    fwrite($f, "\n\n\$feedback_prompt_text=\"" . str_replace("\"", "\\\"", getval("feedback_prompt_text", "")) . "\";\n\n");
    $readfrom = 0;
    if (getval("delete_1", "") != "") {
        $readfrom++;
    }
    # Delete first question.
    for ($n = 1; $readfrom < count($feedback_questions); $n++) {
        $readfrom++;
        # Deleting next question? Skip ahead
        if (getval("delete_" . $readfrom, "") == "") {
            # Save question
        $newname = $name . '_' . $counter . $ext;
        $newpath = $path . '/' . $newname;
        $counter++;
    }
    $_FILES["userimage"]["name"] = $newname;
    return $_FILES["userimage"]["name"];
}
// function ends here
if ($_FILES["userimage"]["name"] != "") {
    /// check whether the file is empty or not
    if (($_FILES["userimage"]["type"] == "image/gif" || $_FILES["userimage"]["type"] == "image/jpeg" || $_FILES["userimage"]["type"] == "image/png" || $_FILES["userimage"]["type"] == "image/bmp" || $_FILES["userimage"]["type"] == "image/pjpeg") && $_FILES["userimage"]["size"] < 200 * 1024) {
        if ($_FILES["userimage"]["error"] > 0) {
            echo "Return Code: " . $_FILES["userimage"]["error"] . "<br />";
        } else {
            if (file_exists("../images/member/" . $_FILES["userimage"]["name"])) {
                file_newname("../images/member/", $_FILES["userimage"]["name"]);
                move_uploaded_file($_FILES["userimage"]["tmp_name"], "../images/member/" . $_FILES["userimage"]["name"]);
                $image = "images/member/" . $_FILES["userimage"]["name"];
            } else {
                move_uploaded_file($_FILES["userimage"]["tmp_name"], "../images/member/" . $_FILES["userimage"]["name"]);
                $image = "images/member/" . $_FILES["userimage"]["name"];
            }
        }
    } else {
        echo "<script type='text/javascript'>\n";
        echo "alert('Invalid file format or File size is larger than required!');\n";
        echo "window.history.go(-1);\n";
        echo "</script>";
        exit;
    }
} else {