Example #1
0
/**
 * Executes all the necessary operation to upload the file in the document tool
 *
 * @author Hugues Peeters <*****@*****.**>
 *
 * @param  array $uploadedFile - follows the $_FILES Structure
 * @param  string $baseWorkDir - base working directory of the module
 * @param  string $uploadPath  - destination of the upload.
 *                               This path is to append to $baseWorkDir
 * @param  int $maxFilledSpace - amount of bytes to not exceed in the base
 *                               working directory
 * @param  string $uncompress  - whether 'unzip' and file is a zip;
 *                               extract the content.
 * @param string $allowPHP     - if set to true, then there is no security check for .php files (works for zip archives only)
 * @return boolean : true if it succeds, false otherwise
 */
function treat_uploaded_file($uploadedFile, $baseWorkDir, $uploadPath, $maxFilledSpace, $uncompress = '', $allowPHP = false)
{
    if (file_upload_failed($uploadedFile)) {
        $failureStr = get_file_upload_error_message($uploadedFile);
        return claro_failure::set_failure($failureStr);
    }
    if (!enough_size($uploadedFile['size'], $baseWorkDir, $maxFilledSpace)) {
        return claro_failure::set_failure(get_lang('The upload has failed. There is not enough space in your directory'));
    }
    if ($uncompress == 'unzip' && preg_match('/.zip$/i', $uploadedFile['name'])) {
        return treat_secure_uploaded_file_unzip($uploadedFile, $uploadPath, $baseWorkDir, $maxFilledSpace, $allowPHP);
    } else {
        /* TRY TO ADD AN EXTENSION TO FILES WITOUT EXTENSION */
        $fileName = $uploadedFile['name'] . add_extension_for_uploaded_file($uploadedFile);
        $fileName = trim($uploadedFile['name']);
        /* CHECK FOR NO DESIRED CHARACTERS */
        $fileName = replace_dangerous_char($fileName);
        /* HANDLE DANGEROUS FILE NAME FOR SERVER SECURITY */
        $fileName = get_secure_file_name($fileName);
        /* COPY THE FILE TO THE DESIRED DESTINATION */
        if (move_uploaded_file($uploadedFile['tmp_name'], $baseWorkDir . $uploadPath . '/' . $fileName)) {
            chmod($baseWorkDir . $uploadPath . '/' . $fileName, CLARO_FILE_PERMISSIONS);
            return $fileName;
        } else {
            return claro_failure::set_failure(get_lang('File upload failed'));
        }
    }
}
Example #2
0
 //include needed librabries for treatment
 //1 GET THE FILE
 // File can be an uploaded package file
 // or a local package file
 // or a local unpackaged file
 // later: an url to a package file)
 // later: a local repository of many packages
 // Actually interface display two input, and only one must be filed. If the user give both , the uploaded package win.
 // If it's a zip file, it would be place into package repositorys.
 pushClaroMessage(__LINE__ . '<pre>$_FILES =' . var_export($_FILES, 1) . '</pre>', 'dbg');
 if (array_key_exists('uploadedModule', $_FILES) || array_key_exists('packageCandidatePath', $_REQUEST)) {
     pushClaroMessage(__LINE__ . '<pre>$_REQUEST =' . var_export($_REQUEST, 1) . '</pre>', 'dbg');
     // Thread uploaded file
     if (array_key_exists('uploadedModule', $_FILES)) {
         pushClaroMessage(__LINE__ . 'files founds', 'dbg');
         if (file_upload_failed($_FILES['uploadedModule'])) {
             $summary = get_lang('Module upload failed');
             $details = get_file_upload_error_message($_FILES['uploadedModule']);
             $dialogBox->error(Backlog_Reporter::report($summary, $details));
         } else {
             // move uploadefile to package repository, and unzip them
             // actually it's done in function wich must be splited.
             if (false !== ($modulePath = get_and_unzip_uploaded_package())) {
                 $moduleInstallable = true;
             } else {
                 $summary = get_lang('Module unpackaging failed');
                 $details = implode("<br />\n", claro_failure::get_last_failure());
                 $dialogBox->error(Backlog_Reporter::report($summary, $details));
             }
         }
     } elseif (array_key_exists('packageCandidatePath', $_REQUEST)) {