function getAttachmentUrl($apli, $post_id, $att_id, $att_path, $att_type, $att_size, $att_inline = 0, $compteur, $visible = 0, $Mmod)
{
global $icon_dir, $img_dir, $forum;
global $mimetype_default, $mime_dspfmt, $mime_renderers;
global $DOCUMENTROOT;
load_mimetypes();
$att_name = substr(strstr(basename($att_path), '.'), 1);
$att_name = substr(strstr(basename($att_name), '.'), 1);
$att_path = $DOCUMENTROOT . $att_path;
if (!is_file($att_path)) {
return ' <span class="text-danger" style="font-size: .65rem;">' . upload_translate("Fichier non trouvĂ") . ' : ' . $att_name . '</span>';
}
if ($att_inline) {
if (isset($mime_dspfmt[$att_type])) {
$display_mode = $mime_dspfmt[$att_type];
} else {
$display_mode = $mime_dspfmt[$mimetype_default];
}
} else {
$display_mode = ATT_DSP_LINK;
}
if ($Mmod) {
global $userdata;
$marqueurM = "&Mmod=" . substr($userdata[2], 8, 6);
} else {
$marqueurM = "";
}
$att_url = "getfile.php?att_id={$att_id}&apli={$apli}" . $marqueurM . "&att_name=" . rawurlencode($att_name);
if ($visible != 1) {
$visible_wrn = ' <span class="text-danger" style="font-size: .65rem;">' . upload_translate("Fichier non visible") . '</span>';
}
switch ($display_mode) {
case ATT_DSP_IMG:
// display as an embedded image
$size = @getImageSize("{$att_path}");
// $img_size = verifsize( $size );
$img_size = 'style="max-width: 100%; height:auto;"';
$text = str_replace('"', '\\"', $mime_renderers[ATT_DSP_IMG]);
eval("\$ret=stripSlashes(\"{$text}\");");
break;
case ATT_DSP_PLAINTEXT:
// display as embedded text, PRE-formatted
$att_contents = str_replace("\\", "\\\\", htmlSpecialChars(join('', file($att_path)), ENT_COMPAT | ENT_HTML401, cur_charset));
$att_contents = word_wrap($att_contents);
$text = str_replace('"', '\\"', $mime_renderers[ATT_DSP_PLAINTEXT]);
eval("\$ret=\"{$text}\";");
break;
case ATT_DSP_HTML:
// display as embedded HTML text
//au choix la source ou la page
$att_contents = word_wrap(nl2br(scr_html(join("", file($att_path)))));
//$att_contents = removeHack (join ("", file ($att_path)));
$text = str_replace('"', '\\"', $mime_renderers[ATT_DSP_HTML]);
eval("\$ret=stripSlashes(\"{$text}\");");
break;
case ATT_DSP_SWF:
// Embedded Macromedia Shockwave Flash
$size = @getImageSize("{$att_path}");
$img_size = verifsize($size);
$text = str_replace('"', '\\"', $mime_renderers[ATT_DSP_SWF]);
eval("\$ret=stripSlashes(\"{$text}\");");
break;
default:
// display as link
$Fichier = new FileManagement();
// essai class PHP7
// $Fichier = new File("");
// $att_size = $Fichier->Pretty_Size($att_size);
$att_size = $Fichier->file_size_format($att_size, 1);
$att_icon = att_icon($att_name);
$text = str_replace('"', '\\"', $mime_renderers[ATT_DSP_LINK]);
eval("\$ret=stripSlashes(\"{$text}\");");
break;
}
return $ret;
}
/**
* Copy one uploaded file to his destination and insert an entry in the database
* @access private
* @return boolean TRUE if OK
*/
function uploadFile($IdPost, $IdTopic, $name, $size, $type, $src_file, $inline = DEFAULT_INLINE)
{
global $MAX_FILE_SIZE;
global $mimetypes, $mimetype_default;
global $insert_base;
settype($size, 'integer');
$this->errno = 0;
# Check temporary file
# --------------------
if (empty($src_file) || strcasecmp($src_file, 'none') == 0) {
$this->errno = NO_FILE;
return false;
}
# Check size
# ----------
if ($size == 0) {
$this->errno = FILE_EMPTY;
return false;
} else {
$fsize = filesize($src_file);
}
if ($size != $fsize) {
$this->errno = ERR_FILE;
return FALSE;
}
if ($size > $MAX_FILE_SIZE) {
$this->errno = FILE_TOO_BIG;
return FALSE;
}
# Check name
# ----------
if (empty($name)) {
$this->errno = NO_FILE;
return false;
}
$name = preg_replace('#[/\\\\:\\*\\?"<>|]#i', '_', rawurldecode($name));
# Check type and extension
# ------------------------
load_mimetypes();
$suffix = strtoLower(substr(strrchr($name, '.'), 1));
if (isset($mimetypes[$suffix])) {
$type = $mimetypes[$suffix];
} elseif (empty($type) || $type == 'application/octet-stream') {
$type = $mimetype_default;
}
if (!$this->isAllowedFile($name, $type)) {
$this->errno = INVALID_FILE_TYPE;
return FALSE;
}
# Find the path to upload directory
# -------------------------------------------
global $DOCUMENTROOT;
$rep = $DOCUMENTROOT;
settype($log_filename, "string");
if ($insert_base == true) {
# insert attachment reference in database
# ---------------------------------------
$id = insertAttachment($this->apli, $IdPost, $IdTopic, $this->IdForum, $name, $this->upload_dir, $inline, $size, $type);
if ($id <= 0) {
$this->errno = DB_ERROR;
return FALSE;
}
# copy temporary file to the upload directory
# -------------------------------------------
$dest_file = $rep . $this->upload_dir . "{$id}." . $this->apli . ".{$name}";
$copyfunc = function_exists('move_uploaded_file') ? 'move_uploaded_file' : 'copy';
if (!$copyfunc($src_file, $dest_file)) {
deleteAttachment($this->apli, $IdPost, $rep . $this->upload_dir, $id, $name);
$this->errno = COPY_ERROR;
return FALSE;
}
@chmod($dest_file, 0766);
$log_filename = $dest_file;
} else {
if ($this->apli == "minisite") {
# copy temporary file to the upload directory
# -------------------------------------------
global $rep_upload_minisite;
$copyfunc = function_exists('move_uploaded_file') ? 'move_uploaded_file' : 'copy';
if (!$copyfunc($src_file, $rep . $rep_upload_minisite . $name)) {
$this->errno = COPY_ERROR;
return FALSE;
}
@chmod($rep . $rep_upload_minisite . $name, 0766);
$log_filename = $rep . $rep_upload_minisite . $name;
} elseif ($this->apli == "editeur") {
# copy temporary file to the upload directory
# -------------------------------------------
global $rep_upload_editeur;
$copyfunc = function_exists('move_uploaded_file') ? 'move_uploaded_file' : 'copy';
if (!$copyfunc($src_file, $rep . $rep_upload_editeur . $name)) {
$this->errno = COPY_ERROR;
return FALSE;
}
@chmod($rep . $rep_upload_editeur . $name, 0766);
$log_filename = $rep . $rep_upload_editeur . $name;
} else {
return FALSE;
}
}
Ecr_Log("security", "Upload File(s) : " . getip(), $log_filename);
return TRUE;
}
