public function create_paste($contents) { $fileInfo = get_unique_filename('./uploads/pastes'); $handle = fopen($fileInfo[0], 'w'); $res = !!fwrite($handle, $contents); fclose($handle); return $res ? $fileInfo[1] : null; }
function get_unique_filename($folder = '') { $hash = md5(microtime() . mt_rand(0, 99999)); $name = "{$folder}/{$hash}"; if (file_exists($name)) { $name = get_unique_filename($folder); } return array($name, $hash); }
function tfu_copy_move($dir, $file, $enable_file_copymove, $enable_folder_copymove) { // first we check if delete is enabled! if ($enable_file_copymove != 'true' && $enable_folder_copymove != 'true') { echo 'This action is not enabled!'; exit(0); } $done = 0; $total = 0; $error = 0; $exists = 0; $overwrite = parseInputParameter($_GET['overwrite']); $folder = getDestinationFolder(parseInputParameter($_GET['target'])); $dest_folder = $folder . '/' . my_basename($dir); if ($_GET['copyfolder'] == 'true') { if ($folder == $dir) { $error = 1; } else { if (strpos($folder, $dir) !== false) { $error = 2; } else { if ($overwrite == 'false' && file_exists($dest_folder)) { $error = 3; } else { if (@rename($dir, $dest_folder)) { $done = 1; $upperdir = substr($dir, 0, strrpos($dir, "/")); $_SESSION['TFU_DIR'] = $upperdir; } else { $error = 4; } } } } } else { foreach ($file as $ff) { $total++; $dest = $folder . '/' . my_basename($ff); if ($_GET['type'] == 'c') { if ($folder == $dir) { $u_file = get_unique_filename($folder, my_basename($ff)); $dest = $folder . "/" . $u_file; } if (file_exists($dest) && $overwrite == 'false') { // if file exists and not overwrite = error $exists++; } else { if ($ff == $dest) { $nr = 2; $dest = $folder . '/Copy of ' . my_basename($ff); while (file_exists($dest)) { $dest = $folder . '/Copy (' . $nr++ . ') of ' . my_basename($ff); } } if (@copy($ff, $dest)) { $done++; } else { $error++; } } } else { if ($ff != $dest) { if (file_exists($dest) && $overwrite) { @unlink($dest); } if (!file_exists($dest)) { if (@rename($ff, $dest)) { $done++; } else { $error++; } } } } } } echo '&total=' . $total . '&ok=' . $done . '&error=' . $error . '&exists=' . $exists; }
/** * Collects and sanitizes information about the media. * * Most of the arguments to this method are by reference and will * therefore be set or updated without needing the return value. * * @param array $file The uploaded file from the $_FILES array. * @param string &$title The media's title. Will be sanitized. * @param string &$description The media's description. Will be sanitized. * @param string &$filename Will be given the file's filename. * @param string &$extension Will be given the file's extension. * @param string &$tags Comma separate string of tags. Will be given an array of tag names. * @return array A status array, where the 'status' index is the status code of the operation, and the 'response' index is a string describing the status. */ private static function collect_file_data($file, &$title, &$description, &$filename, &$extension, &$tags) { global $IMAGE_TYPES; $media_info = pathinfo($file['name']); $extension = sanitize_for_filename($media_info['extension']); // If we don't support the given format, return an error status if (!in_array($extension, $IMAGE_TYPES)) { return array('status' => STATUS_INVALID_FORMAT, 'response' => "{$extension} is not a supported format."); } $filename = $title ? $title : $media_info['filename']; $filename = sanitize_for_filename($filename); $filename = get_unique_filename(UPLOADS_DIR, "{$filename}.{$extension}"); $title = trim($title) ? trim($title) : DEFAULT_TITLE; $title = sanitize_for_html($title); $description = trim($description) ? trim($description) : DEFAULT_DESCRIPTION; $description = sanitize_for_html($description); $tags = explode(',', $tags); return array('status' => STATUS_OK, 'response' => 'File data successfully collected.'); }
$done = 1; $upperdir = substr($dir, 0, strrpos($dir, "/")); $_SESSION["TFU_DIR"] = $upperdir; } else { $error = 4; } } } } } else { foreach ($file as $ff) { $total++; $dest = $folder . "/" . basename($ff); if ($_GET['type'] == 'c') { if ($folder == $dir) { $u_file = get_unique_filename($folder, basename($ff)); $dest = $folder . "/" . $u_file; } if (file_exists($dest) && $overwrite == "false") { // if file exists and not overwrite = error $exists++; } else { if (@copy($ff, $dest)) { $done++; } else { $error++; } } } else { if (file_exists($dest) && $overwrite) { @unlink($dest);
/** */ function _insert_or_update_item_attributes($item_id, $instance_no, $s_item_type, $s_attribute_type, $order_no, $attribute_val_r, $file_r = NULL) { $is_lookup_attribute_type = is_lookup_attribute_type($s_attribute_type); $attribute_val_r = validate_attribute_val_r($attribute_val_r, $is_lookup_attribute_type); // if not instance item attribute, then discard the $instance_no if (!is_instance_item_attribute_type($s_item_type, $s_attribute_type)) { $instance_no = NULL; } $is_file_resource_attribute_type = is_file_resource_attribute_type($s_attribute_type); if (db_query("LOCK TABLES item_attribute WRITE, item_attribute AS ia READ, s_attribute_type AS sat READ")) { $item_attribute_type_rs = fetch_arrayof_item_attribute_rs($item_id, $instance_no, $s_attribute_type, $order_no); // if same number of attributes, then we can perform an update only. if (count($item_attribute_type_rs) > 0 && count($item_attribute_type_rs) == count($attribute_val_r)) { $op = 'update'; } else { if (count($item_attribute_type_rs) == 0 || delete_item_attributes($item_id, $instance_no, $s_attribute_type, $order_no)) { $op = 'insert'; } else { // if this occurs then the delete_item_attributes function returned FALSE, and that failure would have been logged. db_query("UNLOCK TABLES"); return FALSE; } } // if there is actually something to insert at this point. if (count($attribute_val_r) > 0) { $file_attributes_r = NULL; for ($i = 0; $i < count($attribute_val_r); $i++) { $attribute_no = $i + 1; if ($is_lookup_attribute_type) { if ($op == 'insert') { insert_item_attribute($item_id, $instance_no, $s_attribute_type, $order_no, $attribute_no, $attribute_val_r[$i], NULL); } else { if ($item_attribute_type_rs[$i]['lookup_attribute_val'] != $attribute_val_r[$i]) { update_item_attribute($item_id, $instance_no, $s_attribute_type, $order_no, $attribute_no, $attribute_val_r[$i], NULL); } } } else { if ($is_file_resource_attribute_type) { if (is_array($file_r) && is_uploaded_file($file_r['tmp_name'])) { if ($item_attribute_type_rs[$i]['attribute_val'] != $attribute_val_r[$i] && is_exists_upload_file_item_attribute($attribute_val_r[$i])) { $attribute_val_r[$i] = get_unique_filename($attribute_val_r[$i]); } if (!save_uploaded_file($file_r['tmp_name'], $attribute_val_r[$i])) { $attribute_val_r[$i] = NULL; } $file_attributes_rs[] = array('file_attribute_ind' => 'Y', 'attribute_no' => $attribute_no, 'attribute_val' => $attribute_val_r[$i]); } else { $file_attributes_rs[] = array('attribute_no' => $attribute_no, 'attribute_val' => $attribute_val_r[$i]); } } if (strlen($attribute_val_r[$i]) > 0) { if ($op == 'insert') { insert_item_attribute($item_id, $instance_no, $s_attribute_type, $order_no, $attribute_no, NULL, $attribute_val_r[$i]); } else { if ($item_attribute_type_rs[$i]['attribute_val'] != $attribute_val_r[$i]) { update_item_attribute($item_id, $instance_no, $s_attribute_type, $order_no, $attribute_no, NULL, $attribute_val_r[$i]); } } } } } db_query("UNLOCK TABLES"); if (is_array($file_attributes_rs)) { while (list(, $file_attribute_r) = each($file_attributes_rs)) { file_cache_insert_file($file_attribute_r['attribute_val'], NULL, NULL, NULL, 'ITEM', $file_attribute_r['file_attribute_ind'] == 'Y'); } } } else { db_query("UNLOCK TABLES"); } return TRUE; } else { opendb_logger(OPENDB_LOG_ERROR, __FILE__, __FUNCTION__, db_error(), array($item_id, $instance_no, $s_item_type, $s_attribute_type, $order_no, $attribute_val_r, $file_r)); return FALSE; } }
<?php include_once 'application.php'; if (!empty($_FILES)) { $new_folder = $defaultsarray['base_path'] . "uploads/"; $def_access = $defaultsarray['default_attachment_access_level']; if (!file_exists($new_folder)) { mkdir($new_folder); } $file_ext = get_file_ext($_FILES['Filedata']['name']); $new_filename = get_unique_filename($new_folder, $_FILES['Filedata']['name']); $curdate = 0; if (move_uploaded_file($_FILES['Filedata']['tmp_name'], $new_folder . $new_filename)) { $curdate = mrr_pull_image_created_date($new_folder . $new_filename); $rslt = 1; } else { $rslt = 0; } $user_id = 0; $store_id = 0; $merchant_id = 0; if (isset($_SESSION['user_id'])) { $user_id = $_SESSION['user_id']; } if (isset($_SESSION['store_id'])) { $store_id = $_SESSION['store_id']; } if (isset($_SESSION['merchant_id'])) { $merchant_id = $_SESSION['merchant_id']; } //log that file was uploaded...