function uploadFile($uploadPath, $input='kattachment', $filename='', $ajax=true) {
$result = array ();
$this->resetStatus();
// create upload directory if it does not exist
if (!CKunenaFolder::exists($uploadPath)) {
if (!CKunenaFolder::create($uploadPath)) {
$this->fail(JText::_ ( 'COM_KUNENA_UPLOAD_ERROR_CREATE_DIR' ));
return false;
}
}
CKunenaFolder::createIndex($uploadPath);
$this->fileName = CKunenaFile::makeSafe ( JRequest::getVar ( $input.'_name', '' ) );
$this->fileSize = 0;
$chunk = JRequest::getInt ( 'chunk', 0 );
$chunks = JRequest::getInt ( 'chunks', 0 );
if ($chunks && $chunk >= $chunks)
$this->error = JText::_ ( 'COM_KUNENA_UPLOAD_ERROR_EXTRA_CHUNK' );
//If uploaded by using normal form (no AJAX)
if ($ajax == false || isset ( $_REQUEST ["multipart"])) {
$file = JRequest::getVar ( $input, NULL, 'FILES', 'array' );
if (!is_uploaded_file ( $file ['tmp_name'] )) {
$this->fail(JText::_ ( 'COM_KUNENA_UPLOAD_ERROR_NOT_UPLOADED' ));
return false;
}
$this->fileTemp = $file ['tmp_name'];
$this->fileSize = $file ['size'];
if (! $this->fileName)
$this->fileName = CKunenaFile::makeSafe ( $file ['name'] );
//any errors the server registered on uploading
switch ($file ['error']) {
case 0 : // UPLOAD_ERR_OK :
break;
case 1 : // UPLOAD_ERR_INI_SIZE :
case 2 : // UPLOAD_ERR_FORM_SIZE :
$this->fail(JText::_ ( 'COM_KUNENA_UPLOAD_ERROR_SIZE' ) . "DEBUG: file[error]". $file ['error']);
break;
case 3 : // UPLOAD_ERR_PARTIAL :
$this->fail(JText::_ ( 'COM_KUNENA_UPLOAD_ERROR_PARTIAL' ));
break;
case 4 : // UPLOAD_ERR_NO_FILE :
$this->fail(JText::_ ( 'COM_KUNENA_UPLOAD_ERROR_NO_FILE' ));
break;
case 5 : // UPLOAD_ERR_NO_TMP_DIR :
$this->fail(JText::_ ( 'COM_KUNENA_UPLOAD_ERROR_NO_TMP_DIR' ));
break;
case 7 : // UPLOAD_ERR_CANT_WRITE, PHP 5.1.0
$this->fail(JText::_ ( 'COM_KUNENA_UPLOAD_ERROR_CANT_WRITE' ));
break;
case 8 : // UPLOAD_ERR_EXTENSION, PHP 5.2.0
$this->fail(JText::_ ( 'COM_KUNENA_UPLOAD_ERROR_PHP_EXTENSION' ));
break;
default :
$this->fail(JText::_ ( 'COM_KUNENA_UPLOAD_ERROR_UNKNOWN' ));
}
} else {
// Currently not in use: this is meant for experimental AJAX uploads
// Open temp file
$this->fileTemp = CKunenaPath::tmpdir() . '/kunena_' . md5 ( $this->_my->id . '/' . $this->_my->username . '/' . $this->fileName );
$out = fopen ($this->fileTemp, $chunk == 0 ? "wb" : "ab");
if ($out) {
// Read binary input stream and append it to temp file
$in = fopen ( "php://input", "rb" );
if ($in) {
while ( ( $buff = fread ( $in, 8192 ) ) != false )
fwrite ( $out, $buff );
} else {
$this->fail(JText::_ ( 'COM_KUNENA_UPLOAD_ERROR_NO_INPUT' ));
}
clearstatcache();
$fileInfo = fstat($out);
$this->fileSize = $fileInfo['size'];
fclose ( $out );
if (!$this->error) $this->checkFileSize($this->fileSize);
if ($chunk+1 < $chunks) {
$this->status = empty($this->error);
return $this->status;
}
} else {
$this->fail(JText::_ ( 'COM_KUNENA_UPLOAD_ERROR_CANT_WRITE' ));
}
}
// Terminate early if we already hit an error
if ($this->error) {
return false;
}
// assume the extension is false until we know its ok
$extOk = false;
$fileparts = $this->getValidExtension($this->validFileExts);
if ($fileparts) {
$this->_isfile = true;
$extOk = true;
$uploadedFileBasename = $fileparts[0];
$uploadedFileExtension = $fileparts[1];
}
$fileparts = $this->getValidExtension($this->validImageExts);
if ($fileparts) {
$this->_isimage = true;
$extOk = true;
$uploadedFileBasename = $fileparts[0];
$uploadedFileExtension = $fileparts[1];
}
if ($extOk == false) {
$imglist = implode(', ',$this->validImageExts);
$filelist = implode(', ',$this->validFileExts);
if ($imglist && $filelist) $this->Fail(JText::sprintf ( 'COM_KUNENA_UPLOAD_ERROR_EXTENSION', $imglist, $filelist ));
else if ($imglist && !$filelist) $this->Fail(JText::sprintf ( 'COM_KUNENA_UPLOAD_ERROR_EXTENSION_FILE', $this->_config->filetypes ));
else if (!$imglist && $filelist) $this->Fail(JText::sprintf ( 'COM_KUNENA_UPLOAD_ERROR_EXTENSION_IMAGE', $this->_config->imagetypes ));
else $this->Fail(JText::sprintf ( 'COM_KUNENA_UPLOAD_ERROR_NOT_ALLOWED', $filelist ));
return false;
}
// Special processing for images
if ($this->_isimage){
$this->imageInfo = CKunenaImageHelper::getProperties( $this->fileTemp );
// Let see if we need to check the MIME type
if ($this->_config->checkmimetypes){
// check against whitelist of MIME types
$validFileTypes = explode ( ",", $this->_config->imagemimetypes );
//if the temp file does not have a width or a height, or it has a non ok MIME, return
if (!is_int ( $this->imageInfo->width ) || !is_int ( $this->imageInfo->height ) ||
!in_array ( $this->imageInfo->mime, $validFileTypes )) {
$this->fail(JText::sprintf ( 'COM_KUNENA_UPLOAD_ERROR_MIME', $this->imageInfo->mime, $this->_config->imagetypes) );
return false;
}
}
// If image is not inside allowed size limits, resize it
if ($this->fileSize > $this->imagesize || $this->imageInfo->width > $this->imagewidth || $this->imageInfo->height > $this->imageheight) {
$options = array('quality' => $this->imagequality);
$imageRaw = new CKunenaImage($this->fileTemp);
if ($imageRaw->getError()) {
$this->fail(JText::_($imageRaw->getError()));
return false;
}
$image = $imageRaw->resize($this->imagewidth, $this->imageheight);
$type = $imageRaw->getType();
unset($imageRaw);
$image->toFile($this->fileTemp,$type,$options);
clearstatcache();
// Re-calculate physical file size: image has been shrunk
$stat = stat($this->fileTemp);
if (! $stat) {
$this->fail(JText::_('COM_KUNENA_UPLOAD_ERROR_STAT').' '.$this->fileTemp);
return false;
}
$this->fileSize = $stat['size'];
}
}
$this->checkFileSize($this->fileSize);
// Check again for error and terminate early if we already hit an error
if ($this->error) {
return false;
}
// Populate hash, file size and other info
// Get a hash value from the file
$this->fileHash = md5_file ( $this->fileTemp );
// Override filename if given in the parameter
if ($filename) $uploadedFileBasename = $filename;
// Rename file if there is already one with the same name
$newFileName = $uploadedFileBasename . "." . $uploadedFileExtension;
if (file_exists($uploadPath .'/'. $newFileName)) {
$newFileName = $uploadedFileBasename . date('_Y-m-d') . "." . $uploadedFileExtension;
for ($i=2; file_exists("{$uploadPath}/{$newFileName}"); $i++) {
$newFileName = $uploadedFileBasename . date('_Y-m-d') . "-$i." . $uploadedFileExtension;
}
}
$this->fileName = $newFileName;
$this->fileName = preg_replace('/[[:space:]]/', '',$this->fileName);
// All the processing is complete - now we need to move the file(s) into the final location
@chmod($this->fileTemp, 0644);
if (! JFile::copy ( $this->fileTemp, $uploadPath.'/'.$this->fileName )) {
$this->fail(JText::sprintf('COM_KUNENA_UPLOAD_ERROR_NOT_MOVED', $uploadPath.'/'.$this->fileName));
unlink($this->fileTemp);
return false;
}
unlink($this->fileTemp);
JPath::setPermissions($uploadPath.'/'.$this->fileName);
$this->ready = true;
return $this->status = true;
}
* @Copyright (C) 2006 - 2007 Best Of Joomla All rights reserved
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL
* @link http://www.bestofjoomla.com
*
* Based on Joomlaboard Component
* @copyright (C) 2000 - 2004 TSMF / Jan de Graaff / All Rights Reserved
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL
* @author TSMF & Jan de Graaff
**/
// Dont allow direct linking
defined('_JEXEC') or die('Restricted access');
$fbConfig =& CKunenaConfig::getInstance();
require_once KUNENA_PATH_LIB . DS . 'kunena.helpers.php';
require_once KUNENA_PATH_LIB . DS . 'kunena.file.class.php';
$attachimage = JRequest::getVar('attachimage', NULL, 'FILES', 'array');
$filename = CKunenaFile::makeSafe($attachimage['name']);
function imageUploadError($msg)
{
global $message;
$GLOBALS['KUNENA_rc'] = 0;
$message = str_replace("[img/]", "", $message);
$app =& JFactory::getApplication();
$app->enqueueMessage(_IMAGE_NOT_UPLOADED . ' (' . $msg . ')', 'notice');
}
$GLOBALS['KUNENA_rc'] = 1;
//reset return code
$filename = split("\\.", $filename);
//some transaltions for readability
//numExtensions= people tend to upload malicious files using mutliple extensions like: virus.txt.vbs; we'll want to have the last extension to validate against..
$numExtensions = count($filename) - 1;
//Translate all invalid characters
