public function testSaveToBXFileAfterGetContent()
{
$Request = new RequestBXFile(self::$_urlTestFiles . '/favicon.png');
$Request->send();
$this->assertEquals('PNG', substr($Request->getBody(), 1, 3));
$fileID = $Request->saveToBXFile('/upload//obx.core/test/RequestBXFile');
$this->assertTrue($fileID > 0);
$arFile = \CFile::GetFileArray($fileID);
$this->assertEquals('favicon.png', $arFile['ORIGINAL_NAME']);
$this->assertEquals('image/png', $arFile['CONTENT_TYPE']);
$this->assertFileExists(self::$_docRoot . '/upload/' . $arFile['SUBDIR'] . '/' . $arFile['FILE_NAME']);
\CFile::DoDelete($arFile['ID']);
$this->assertFileNotExists(self::$_docRoot . '/upload/' . $arFile['SUBDIR'] . '/' . $arFile['FILE_NAME']);
}
function SaveFile($arFile, $strSavePath, $bForceMD5 = false, $bSkipExt = false)
{
$strFileName = GetFileName($arFile["name"]);
/* filename.gif */
if (isset($arFile["del"]) && $arFile["del"] != '') {
CFile::DoDelete($arFile["old_file"]);
if ($strFileName == '') {
return "NULL";
}
}
if ($arFile["name"] == '') {
if (isset($arFile["description"]) && intval($arFile["old_file"]) > 0) {
CFile::UpdateDesc($arFile["old_file"], $arFile["description"]);
}
return false;
}
if (array_key_exists("content", $arFile)) {
if (!array_key_exists("size", $arFile)) {
$arFile["size"] = CUtil::BinStrlen($arFile["content"]);
}
} else {
$arFile["size"] = filesize($arFile["tmp_name"]);
}
$arFile["ORIGINAL_NAME"] = $strFileName;
$io = CBXVirtualIo::GetInstance();
if (self::validateFile($strFileName, $arFile, $bForceMD5) !== "") {
return false;
}
$upload_dir = COption::GetOptionString("main", "upload_dir", "upload");
if ($arFile["type"] == "image/pjpeg" || $arFile["type"] == "image/jpg") {
$arFile["type"] = "image/jpeg";
}
//.jpe is not image type on many systems
if (strtolower(GetFileExtension($strFileName)) == "jpe") {
$strFileName = substr($strFileName, 0, -4) . ".jpg";
}
$bExternalStorage = false;
foreach (GetModuleEvents("main", "OnFileSave", true) as $arEvent) {
if (ExecuteModuleEventEx($arEvent, array(&$arFile, $strFileName, $strSavePath, $bForceMD5, $bSkipExt))) {
$bExternalStorage = true;
break;
}
}
if (!$bExternalStorage) {
$newName = '';
if ($bForceMD5 != true && COption::GetOptionString("main", "save_original_file_name", "N") == "Y") {
$dir_add = '';
$i = 0;
while (true) {
$dir_add = substr(md5(uniqid(mt_rand(), true)), 0, 3);
if (!$io->FileExists($_SERVER["DOCUMENT_ROOT"] . "/" . $upload_dir . "/" . $strSavePath . "/" . $dir_add . "/" . $strFileName)) {
break;
}
if ($i >= 25) {
$j = 0;
while (true) {
$dir_add = substr(md5(mt_rand()), 0, 3) . "/" . substr(md5(mt_rand()), 0, 3);
if (!$io->FileExists($_SERVER["DOCUMENT_ROOT"] . "/" . $upload_dir . "/" . $strSavePath . "/" . $dir_add . "/" . $strFileName)) {
break;
}
if ($j >= 25) {
$dir_add = substr(md5(mt_rand()), 0, 3) . "/" . md5(mt_rand());
break;
}
$j++;
}
break;
}
$i++;
}
if (substr($strSavePath, -1, 1) != "/") {
$strSavePath .= "/" . $dir_add;
} else {
$strSavePath .= $dir_add . "/";
}
$newName = $strFileName;
} else {
$strFileExt = $bSkipExt == true ? '' : strrchr($strFileName, ".");
while (true) {
$newName = md5(uniqid(mt_rand(), true)) . $strFileExt;
if (substr($strSavePath, -1, 1) != "/") {
$strSavePath .= "/" . substr($newName, 0, 3);
} else {
$strSavePath .= substr($newName, 0, 3) . "/";
}
if (!$io->FileExists($_SERVER["DOCUMENT_ROOT"] . "/" . $upload_dir . "/" . $strSavePath . "/" . $newName)) {
break;
}
}
}
$arFile["SUBDIR"] = $strSavePath;
$arFile["FILE_NAME"] = $newName;
$strDirName = $_SERVER["DOCUMENT_ROOT"] . "/" . $upload_dir . "/" . $strSavePath . "/";
$strDbFileNameX = $strDirName . $newName;
$strPhysicalFileNameX = $io->GetPhysicalName($strDbFileNameX);
CheckDirPath($strDirName);
if (is_set($arFile, "content")) {
$f = fopen($strPhysicalFileNameX, "ab");
if (!$f) {
return false;
}
if (!fwrite($f, $arFile["content"])) {
return false;
}
fclose($f);
} elseif (!copy($arFile["tmp_name"], $strPhysicalFileNameX) && !move_uploaded_file($arFile["tmp_name"], $strPhysicalFileNameX)) {
CFile::DoDelete($arFile["old_file"]);
return false;
}
if (isset($arFile["old_file"])) {
CFile::DoDelete($arFile["old_file"]);
}
@chmod($strPhysicalFileNameX, BX_FILE_PERMISSIONS);
$imgArray = CFile::GetImageSize($strDbFileNameX);
if (is_array($imgArray)) {
$arFile["WIDTH"] = $imgArray[0];
$arFile["HEIGHT"] = $imgArray[1];
} else {
$arFile["WIDTH"] = 0;
$arFile["HEIGHT"] = 0;
}
}
/****************************** QUOTA ******************************/
if (COption::GetOptionInt("main", "disk_space") > 0) {
CDiskQuota::updateDiskQuota("file", $arFile["size"], "insert");
}
/****************************** QUOTA ******************************/
$NEW_IMAGE_ID = CFile::DoInsert(array("HEIGHT" => $arFile["HEIGHT"], "WIDTH" => $arFile["WIDTH"], "FILE_SIZE" => $arFile["size"], "CONTENT_TYPE" => $arFile["type"], "SUBDIR" => $arFile["SUBDIR"], "FILE_NAME" => $arFile["FILE_NAME"], "MODULE_ID" => $arFile["MODULE_ID"], "ORIGINAL_NAME" => $arFile["ORIGINAL_NAME"], "DESCRIPTION" => isset($arFile["description"]) ? $arFile["description"] : '', "HANDLER_ID" => isset($arFile["HANDLER_ID"]) ? $arFile["HANDLER_ID"] : ''));
CFile::CleanCache($NEW_IMAGE_ID);
return $NEW_IMAGE_ID;
}
public static function OnFileSave(&$arFile, $strFileName, $strSavePath, $bForceMD5 = false, $bSkipExt = false)
{
if (!$arFile["tmp_name"] && !array_key_exists("content", $arFile)) {
return false;
}
if (array_key_exists("bucket", $arFile)) {
$bucket = $arFile["bucket"];
} else {
$bucket = CCloudStorage::FindBucketForFile($arFile, $strFileName);
}
if (!is_object($bucket)) {
return false;
}
if (!$bucket->Init()) {
return false;
}
$copySize = false;
$subDir = "";
$filePath = "";
if (array_key_exists("content", $arFile)) {
$arFile["tmp_name"] = CTempFile::GetFileName($arFile["name"]);
CheckDirPath($arFile["tmp_name"]);
$fp = fopen($arFile["tmp_name"], "ab");
if ($fp) {
fwrite($fp, $arFile["content"]);
fclose($fp);
}
}
if (array_key_exists("bucket", $arFile)) {
$newName = bx_basename($arFile["tmp_name"]);
$prefix = $bucket->GetFileSRC("/");
$subDir = substr($arFile["tmp_name"], strlen($prefix));
$subDir = substr($subDir, 0, -strlen($newName) - 1);
} else {
if ($bForceMD5 != true && COption::GetOptionString("main", "save_original_file_name", "N") == "Y") {
if (COption::GetOptionString("main", "convert_original_file_name", "Y") == "Y") {
$newName = CCloudStorage::translit($strFileName);
} else {
$newName = $strFileName;
}
} else {
$strFileExt = $bSkipExt == true ? '' : strrchr($strFileName, ".");
$newName = md5(uniqid(mt_rand(), true)) . $strFileExt;
}
//check for double extension vulnerability
$newName = RemoveScriptExtension($newName);
while (true) {
$strRand = md5(mt_rand());
$strRand = substr($strRand, 0, 3) . "/" . $strRand;
if (substr($strSavePath, -1) == "/") {
$subDir = $strSavePath . $strRand;
} else {
$subDir = $strSavePath . "/" . $strRand;
}
$subDir = ltrim($subDir, "/");
$filePath = "/" . $subDir . "/" . $newName;
if (!$bucket->FileExists($filePath)) {
break;
}
}
$targetPath = $bucket->GetFileSRC("/");
if (strpos($arFile["tmp_name"], $targetPath) === 0) {
$arDbFile = array("SUBDIR" => "", "FILE_NAME" => substr($arFile["tmp_name"], strlen($targetPath)), "CONTENT_TYPE" => $arFile["type"]);
$copyPath = $bucket->FileCopy($arDbFile, $filePath);
if (!$copyPath) {
return false;
}
$copySize = $bucket->GetFileSize("/" . urldecode(substr($copyPath, strlen($targetPath))));
} else {
$imgArray = CFile::GetImageSize($arFile["tmp_name"], true, false);
if (is_array($imgArray) && $imgArray[2] == IMAGETYPE_JPEG) {
$exifData = CFile::ExtractImageExif($arFile["tmp_name"]);
if ($exifData && isset($exifData['Orientation'])) {
$properlyOriented = CFile::ImageHandleOrientation($exifData['Orientation'], $arFile["tmp_name"]);
if ($properlyOriented) {
$jpgQuality = intval(COption::GetOptionString('main', 'image_resize_quality', '95'));
if ($jpgQuality <= 0 || $jpgQuality > 100) {
$jpgQuality = 95;
}
imagejpeg($properlyOriented, $arFile["tmp_name"], $jpgQuality);
}
}
}
if (!$bucket->SaveFile($filePath, $arFile)) {
return false;
}
}
}
$arFile["HANDLER_ID"] = $bucket->ID;
$arFile["SUBDIR"] = $subDir;
$arFile["FILE_NAME"] = $newName;
$arFile["WIDTH"] = 0;
$arFile["HEIGHT"] = 0;
if (array_key_exists("bucket", $arFile)) {
$arFile["WIDTH"] = $arFile["width"];
$arFile["HEIGHT"] = $arFile["height"];
$arFile["size"] = $arFile["file_size"];
} elseif ($copySize !== false) {
$arFile["size"] = $copySize;
$bucket->IncFileCounter($copySize);
} else {
$bucket->IncFileCounter(filesize($arFile["tmp_name"]));
$flashEnabled = !CFile::IsImage($arFile["ORIGINAL_NAME"], $arFile["type"]);
$imgArray = CFile::GetImageSize($arFile["tmp_name"], true, $flashEnabled);
if (is_array($imgArray)) {
$arFile["WIDTH"] = $imgArray[0];
$arFile["HEIGHT"] = $imgArray[1];
}
}
if (isset($arFile["old_file"])) {
CFile::DoDelete($arFile["old_file"]);
}
return true;
}
function OnFileSave(&$arFile, $strFileName, $strSavePath, $bForceMD5 = false, $bSkipExt = false)
{
if(!$arFile["tmp_name"] && !$arFile["content"])
return false;
if(array_key_exists("bucket", $arFile))
$bucket = $arFile["bucket"];
else
$bucket = CCloudStorage::FindBucketForFile($arFile, $strFileName);
if(!is_object($bucket))
return false;
if(!$bucket->Init())
return false;
if(array_key_exists("bucket", $arFile))
{
$newName = bx_basename($arFile["tmp_name"]);
$prefix = $bucket->GetFileSRC("/");
$subDir = substr($arFile["tmp_name"], strlen($prefix));
$subDir = substr($subDir, 0, -strlen($newName)-1);
}
else
{
if(
$bForceMD5 != true
&& COption::GetOptionString("main", "save_original_file_name", "N")=="Y"
)
{
if(COption::GetOptionString("main", "convert_original_file_name", "Y")=="Y")
$newName = CCloudStorage::translit($strFileName);
else
$newName = $strFileName;
}
else
{
$strFileExt = ($bSkipExt == true? '' : strrchr($strFileName, "."));
$newName = md5(uniqid(mt_rand(), true)).$strFileExt;
}
//check for double extension vulnerability
$newName = RemoveScriptExtension($newName);
while(true)
{
$strRand = md5(mt_rand());
$strRand = substr($strRand, 0, 3)."/".$strRand;
if(substr($strSavePath, -1) == "/")
$subDir = $strSavePath.$strRand;
else
$subDir = $strSavePath."/".$strRand;
$subDir = ltrim($subDir, "/");
$filePath = "/".$subDir."/".$newName;
if(!$bucket->FileExists($filePath))
break;
}
if(!$bucket->SaveFile($filePath, $arFile))
return false;
}
$arFile["HANDLER_ID"] = $bucket->ID;
$arFile["SUBDIR"] = $subDir;
$arFile["FILE_NAME"] = $newName;
$arFile["WIDTH"] = 0;
$arFile["HEIGHT"] = 0;
if(array_key_exists("bucket", $arFile))
{
$arFile["WIDTH"] = $arFile["width"];
$arFile["HEIGHT"] = $arFile["height"];
$arFile["size"] = $arFile["file_size"];
}
elseif(array_key_exists("content", $arFile))
{
$tmp_name = tempnam();
$fp = fopen($tmp_name, "ab");
if($fp)
{
if(fwrite($fp, $arFile["content"]))
{
$bucket->IncFileCounter(filesize($tmp_name));
$imgArray = CFile::GetImageSize($tmp_name);
if(is_array($imgArray))
{
$arFile["WIDTH"] = $imgArray[0];
$arFile["HEIGHT"] = $imgArray[1];
}
}
fclose($fp);
unlink($tmp_name);
}
}
else
{
$bucket->IncFileCounter(filesize($arFile["tmp_name"]));
$imgArray = CFile::GetImageSize($arFile["tmp_name"]);
if(is_array($imgArray))
{
$arFile["WIDTH"] = $imgArray[0];
$arFile["HEIGHT"] = $imgArray[1];
}
}
if(isset($arFile["old_file"]))
CFile::DoDelete($arFile["old_file"]);
return true;
}
function SaveFile($arFile, $strSavePath, $bForceMD5=false, $bSkipExt=false)
{
$strFileName = GetFileName($arFile["name"]); /* filename.gif */
if(isset($arFile["del"]) && $arFile["del"] <> '')
{
CFile::DoDelete($arFile["old_file"]);
if($strFileName == '')
return "NULL";
}
if($arFile["name"] == '')
{
if(is_set($arFile, "description") && intval($arFile["old_file"])>0)
CFile::UpdateDesc($arFile["old_file"], $arFile["description"]);
return false;
}
if(is_set($arFile, "content") && !is_set($arFile, "size"))
$arFile["size"] = CUtil::BinStrlen($arFile["content"]);
else
$arFile["size"] = filesize($arFile["tmp_name"]);
/****************************** QUOTA ******************************/
if (COption::GetOptionInt("main", "disk_space") > 0)
{
$quota = new CDiskQuota();
if (!$quota->checkDiskQuota($arFile))
return false;
}
/****************************** QUOTA ******************************/
$arFile["ORIGINAL_NAME"] = $strFileName;
$io = CBXVirtualIo::GetInstance();
if($bForceMD5 != true && COption::GetOptionString("main", "save_original_file_name", "N") == "Y")
{
if(COption::GetOptionString("main", "translit_original_file_name", "N") == "Y")
$strFileName = CUtil::translit($strFileName, LANGUAGE_ID, array("max_len"=>1024, "safe_chars"=>"."));
if(COption::GetOptionString("main", "convert_original_file_name", "Y") == "Y")
$strFileName = $io->RandomizeInvalidFilename($strFileName);
}
if(!$io->ValidateFilenameString($strFileName))
return false;
//check for double extension vulnerability
$strFileName = RemoveScriptExtension($strFileName);
if($strFileName == '')
return false;
if(strlen($strFileName) > 255)
return false;
//check .htaccess etc.
if(IsFileUnsafe($strFileName))
return false;
//nginx returns octet-stream for .jpg
if(GetFileNameWithoutExtension($strFileName) == '')
return false;
$upload_dir = COption::GetOptionString("main", "upload_dir", "upload");
if($arFile["type"]=="image/pjpeg" || $arFile["type"]=="image/jpg")
$arFile["type"]="image/jpeg";
//.jpe is not image type on many systems
if(strtolower(GetFileExtension($strFileName)) == "jpe")
$strFileName = substr($strFileName, 0, -4).".jpg";
$bExternalStorage = false;
foreach(GetModuleEvents("main", "OnFileSave", true) as $arEvent)
{
if(ExecuteModuleEventEx($arEvent, array(&$arFile, $strFileName, $strSavePath, $bForceMD5, $bSkipExt)))
{
$bExternalStorage = true;
break;
}
}
if(!$bExternalStorage)
{
$newName = '';
if($bForceMD5 != true && COption::GetOptionString("main", "save_original_file_name", "N")=="Y")
{
$dir_add = '';
$i=0;
while(true)
{
$dir_add = substr(md5(uniqid(mt_rand(), true)), 0, 3);
if(!$io->FileExists($_SERVER["DOCUMENT_ROOT"]."/".$upload_dir."/".$strSavePath."/".$dir_add."/".$strFileName))
break;
if($i>=25)
{
$j=0;
while(true)
{
$dir_add = substr(md5(mt_rand()), 0, 3)."/".substr(md5(mt_rand()), 0, 3);
if(!$io->FileExists($_SERVER["DOCUMENT_ROOT"]."/".$upload_dir."/".$strSavePath."/".$dir_add."/".$strFileName))
break;
if($j>=25)
{
$dir_add = substr(md5(mt_rand()), 0, 3)."/".md5(mt_rand());
break;
}
$j++;
}
break;
}
$i++;
}
if(substr($strSavePath, -1, 1) <> "/")
$strSavePath .= "/".$dir_add;
else
$strSavePath .= $dir_add."/";
$newName = $strFileName;
}
else
{
$strFileExt = ($bSkipExt == true? '' : strrchr($strFileName, "."));
while(true)
{
$newName = md5(uniqid(mt_rand(), true)).$strFileExt;
if(substr($strSavePath, -1, 1) <> "/")
$strSavePath .= "/".substr($newName, 0, 3);
else
$strSavePath .= substr($newName, 0, 3)."/";
if(!$io->FileExists($_SERVER["DOCUMENT_ROOT"]."/".$upload_dir."/".$strSavePath."/".$newName))
break;
}
}
$arFile["SUBDIR"] = $strSavePath;
$arFile["FILE_NAME"] = $newName;
$strDirName = $_SERVER["DOCUMENT_ROOT"]."/".$upload_dir."/".$strSavePath."/";
$strDbFileNameX = $strDirName.$newName;
$strPhysicalFileNameX = $io->GetPhysicalName($strDbFileNameX);
CheckDirPath($strDirName);
if(is_set($arFile, "content"))
{
$f = fopen($strPhysicalFileNameX, "ab");
if(!$f)
return false;
if(!fwrite($f, $arFile["content"]))
return false;
fclose($f);
}
elseif(
!copy($arFile["tmp_name"], $strPhysicalFileNameX)
&& !move_uploaded_file($arFile["tmp_name"], $strPhysicalFileNameX)
)
{
CFile::DoDelete($arFile["old_file"]);
return false;
}
if(isset($arFile["old_file"]))
CFile::DoDelete($arFile["old_file"]);
@chmod($strPhysicalFileNameX, BX_FILE_PERMISSIONS);
$imgArray = CFile::GetImageSize($strDbFileNameX);
if(is_array($imgArray))
{
$arFile["WIDTH"] = $imgArray[0];
$arFile["HEIGHT"] = $imgArray[1];
}
else
{
$arFile["WIDTH"] = 0;
$arFile["HEIGHT"] = 0;
}
} //if(!$bExternalStorage)
/****************************** QUOTA ******************************/
if (COption::GetOptionInt("main", "disk_space") > 0)
{
CDiskQuota::updateDiskQuota("file", $arFile["size"], "insert");
}
/****************************** QUOTA ******************************/
$NEW_IMAGE_ID = CFile::DoInsert(array(
"HEIGHT" => $arFile["HEIGHT"],
"WIDTH" => $arFile["WIDTH"],
"FILE_SIZE" => $arFile["size"],
"CONTENT_TYPE" => $arFile["type"],
"SUBDIR" => $arFile["SUBDIR"],
"FILE_NAME" => $arFile["FILE_NAME"],
"MODULE_ID" => $arFile["MODULE_ID"],
"ORIGINAL_NAME" => $arFile["ORIGINAL_NAME"],
"DESCRIPTION" => isset($arFile["description"])? $arFile["description"]: '',
"HANDLER_ID" => isset($arFile["HANDLER_ID"])? $arFile["HANDLER_ID"]: '',
));
CFile::CleanCache($NEW_IMAGE_ID);
return $NEW_IMAGE_ID;
}
function SaveFile($arFile, $strSavePath, $bForceMD5 = false, $bSkipExt = false)
{
$strFileName = GetFileName($arFile["name"]);
/* filename.gif */
if (isset($arFile["del"]) && $arFile["del"] != '') {
CFile::DoDelete($arFile["old_file"]);
if ($strFileName == '') {
return "NULL";
}
}
if ($arFile["name"] == '') {
if (isset($arFile["description"]) && intval($arFile["old_file"]) > 0) {
CFile::UpdateDesc($arFile["old_file"], $arFile["description"]);
}
return false;
}
if (isset($arFile["content"])) {
if (!isset($arFile["size"])) {
$arFile["size"] = CUtil::BinStrlen($arFile["content"]);
}
} else {
try {
$file = new IO\File($arFile["tmp_name"]);
$arFile["size"] = $file->getSize();
} catch (IO\IoException $e) {
$arFile["size"] = 0;
}
}
$arFile["ORIGINAL_NAME"] = $strFileName;
//translit, replace unsafe chars, etc.
$strFileName = self::transformName($strFileName, $bForceMD5, $bSkipExt);
//transformed name must be valid, check disk quota, etc.
if (self::validateFile($strFileName, $arFile) !== "") {
return false;
}
if ($arFile["type"] == "image/pjpeg" || $arFile["type"] == "image/jpg") {
$arFile["type"] = "image/jpeg";
}
$bExternalStorage = false;
foreach (GetModuleEvents("main", "OnFileSave", true) as $arEvent) {
if (ExecuteModuleEventEx($arEvent, array(&$arFile, $strFileName, $strSavePath, $bForceMD5, $bSkipExt))) {
$bExternalStorage = true;
break;
}
}
if (!$bExternalStorage) {
$upload_dir = COption::GetOptionString("main", "upload_dir", "upload");
$io = CBXVirtualIo::GetInstance();
if ($bForceMD5 != true && COption::GetOptionString("main", "save_original_file_name", "N") == "Y") {
$dir_add = '';
$i = 0;
while (true) {
$dir_add = substr(md5(uniqid("", true)), 0, 3);
if (!$io->FileExists($_SERVER["DOCUMENT_ROOT"] . "/" . $upload_dir . "/" . $strSavePath . "/" . $dir_add . "/" . $strFileName)) {
break;
}
if ($i >= 25) {
$j = 0;
while (true) {
$dir_add = substr(md5(mt_rand()), 0, 3) . "/" . substr(md5(mt_rand()), 0, 3);
if (!$io->FileExists($_SERVER["DOCUMENT_ROOT"] . "/" . $upload_dir . "/" . $strSavePath . "/" . $dir_add . "/" . $strFileName)) {
break;
}
if ($j >= 25) {
$dir_add = substr(md5(mt_rand()), 0, 3) . "/" . md5(mt_rand());
break;
}
$j++;
}
break;
}
$i++;
}
if (substr($strSavePath, -1, 1) != "/") {
$strSavePath .= "/" . $dir_add;
} else {
$strSavePath .= $dir_add . "/";
}
} else {
$strFileExt = $bSkipExt == true || ($ext = GetFileExtension($strFileName)) == '' ? '' : "." . $ext;
while (true) {
if (substr($strSavePath, -1, 1) != "/") {
$strSavePath .= "/" . substr($strFileName, 0, 3);
} else {
$strSavePath .= substr($strFileName, 0, 3) . "/";
}
if (!$io->FileExists($_SERVER["DOCUMENT_ROOT"] . "/" . $upload_dir . "/" . $strSavePath . "/" . $strFileName)) {
break;
}
//try the new name
$strFileName = md5(uniqid("", true)) . $strFileExt;
}
}
$arFile["SUBDIR"] = $strSavePath;
$arFile["FILE_NAME"] = $strFileName;
$strDirName = $_SERVER["DOCUMENT_ROOT"] . "/" . $upload_dir . "/" . $strSavePath . "/";
$strDbFileNameX = $strDirName . $strFileName;
$strPhysicalFileNameX = $io->GetPhysicalName($strDbFileNameX);
CheckDirPath($strDirName);
if (is_set($arFile, "content")) {
$f = fopen($strPhysicalFileNameX, "ab");
if (!$f) {
return false;
}
if (fwrite($f, $arFile["content"]) === false) {
return false;
}
fclose($f);
} elseif (!copy($arFile["tmp_name"], $strPhysicalFileNameX) && !move_uploaded_file($arFile["tmp_name"], $strPhysicalFileNameX)) {
CFile::DoDelete($arFile["old_file"]);
return false;
}
if (isset($arFile["old_file"])) {
CFile::DoDelete($arFile["old_file"]);
}
@chmod($strPhysicalFileNameX, BX_FILE_PERMISSIONS);
//flash is not an image
$flashEnabled = !CFile::IsImage($arFile["ORIGINAL_NAME"], $arFile["type"]);
$imgArray = CFile::GetImageSize($strDbFileNameX, false, $flashEnabled);
if (is_array($imgArray)) {
$arFile["WIDTH"] = $imgArray[0];
$arFile["HEIGHT"] = $imgArray[1];
if ($imgArray[2] == IMAGETYPE_JPEG) {
$exifData = CFile::ExtractImageExif($io->GetPhysicalName($strDbFileNameX));
if ($exifData && isset($exifData['Orientation'])) {
//swap width and height
if ($exifData['Orientation'] >= 5 && $exifData['Orientation'] <= 8) {
$arFile["WIDTH"] = $imgArray[1];
$arFile["HEIGHT"] = $imgArray[0];
}
$properlyOriented = CFile::ImageHandleOrientation($exifData['Orientation'], $io->GetPhysicalName($strDbFileNameX));
if ($properlyOriented) {
$jpgQuality = intval(COption::GetOptionString('main', 'image_resize_quality', '95'));
if ($jpgQuality <= 0 || $jpgQuality > 100) {
$jpgQuality = 95;
}
imagejpeg($properlyOriented, $io->GetPhysicalName($strDbFileNameX), $jpgQuality);
}
}
}
} else {
$arFile["WIDTH"] = 0;
$arFile["HEIGHT"] = 0;
}
}
if ($arFile["WIDTH"] == 0 || $arFile["HEIGHT"] == 0) {
//mock image because we got false from CFile::GetImageSize()
if (strpos($arFile["type"], "image/") === 0) {
$arFile["type"] = "application/octet-stream";
}
}
if ($arFile["type"] == '' || !is_string($arFile["type"])) {
$arFile["type"] = "application/octet-stream";
}
/****************************** QUOTA ******************************/
if (COption::GetOptionInt("main", "disk_space") > 0) {
CDiskQuota::updateDiskQuota("file", $arFile["size"], "insert");
}
/****************************** QUOTA ******************************/
$NEW_IMAGE_ID = CFile::DoInsert(array("HEIGHT" => $arFile["HEIGHT"], "WIDTH" => $arFile["WIDTH"], "FILE_SIZE" => $arFile["size"], "CONTENT_TYPE" => $arFile["type"], "SUBDIR" => $arFile["SUBDIR"], "FILE_NAME" => $arFile["FILE_NAME"], "MODULE_ID" => $arFile["MODULE_ID"], "ORIGINAL_NAME" => $arFile["ORIGINAL_NAME"], "DESCRIPTION" => isset($arFile["description"]) ? $arFile["description"] : '', "HANDLER_ID" => isset($arFile["HANDLER_ID"]) ? $arFile["HANDLER_ID"] : '', "EXTERNAL_ID" => isset($arFile["external_id"]) ? $arFile["external_id"] : md5(mt_rand())));
CFile::CleanCache($NEW_IMAGE_ID);
return $NEW_IMAGE_ID;
}
