/**
* protectedUpload
*
* takes a file from a temporary folder and registers it in the file
* manager
*
* @param array $_uldmap
* request data
* @param array $filespecmap
* file spec
*/
function protectedUpload($_uldmap, $filespecmap = NULL)
{
$filespecmapnull = false;
if (is_null($filespecmap)) {
$filespecmapnull = true;
$filerequestid = $_uldmap['t'] . '_' . $_uldmap['fld'] . '_' . $_uldmap['oid'];
$filespecmap = $_FILES[$filerequestid];
}
if (!isset($filespecmap)) {
return FALSE;
}
if ($filespecmap['error'] != UPLOAD_ERR_OK) {
return FALSE;
}
$ds = DIRECTORY_SEPARATOR;
$protect = 0;
if (isset($_uldmap['protect'])) {
$protect = $_uldmap['protect'] == "on" ? 1 : 0;
}
$oowner = isset($_uldmap['easycontactusr']) ? $_uldmap['easycontactusr']->id : 0;
$filename = $filespecmap['name'];
$tmpname = $filespecmap['tmp_name'];
$filesize = $filespecmap['size'];
$filetype = $filespecmap['type'];
$Type = $_uldmap['t'];
$fieldname = $_uldmap['fld'];
$id = $_uldmap['oid'];
$basename = EasyContactFormsUtils::subStringBefore($filename, ".");
if ($protect && ($basename == NULL || preg_match('/^[A-Fa-f0-9]{32}$/', $basename))) {
echo EasyContactFormsIHTML::showMessage(EasyContactFormsT::get('ImpossibleToPerformOperation'), 'warningMessage');
return FALSE;
}
global $wpdb;
$query = "SELECT\n\t\t\t\tCount\n\t\t\tFROM\n\t\t\t\t#wp__easycontactforms_files\n\t\t\tWHERE\n\t\t\t\tDoctype=%s\n\t\t\t\tAND Docid=%d\n\t\t\t\tAND Docfield=%s";
$query = $wpdb->prepare($query, $Type, $id, $fieldname);
$counter = EasyContactFormsDB::getValue($query);
$counter = isset($counter) ? $counter : 0;
$query = "SELECT\n\t\t\t\tid\n\t\t\tFROM\n\t\t\t\t#wp__easycontactforms_files\n\t\t\tWHERE\n\t\t\t\tDoctype=%s\n\t\t\t\tAND Docid=%d\n\t\t\t\tAND Docfield=%s";
$query = $wpdb->prepare($query, $Type, $id, $fieldname);
$fileid = EasyContactFormsDB::getValue($query);
if (isset($fileid)) {
EasyContactFormsFiles::deletefile($fileid);
EasyContactFormsFiles::delete($fileid);
}
$file = EasyContactFormsClassLoader::getObject('Files', true);
$file->set('Count', $counter);
$file->set('Docfield', $fieldname);
$file->set('Doctype', $Type);
$file->set('Docid', $id);
$file->set('Name', $filename);
$file->set('Size', $filesize);
$file->set('Type', $filetype);
$file->set('Protected', $protect);
$file->set('Webdir', 0);
$file->set('ObjectOwner', $oowner);
$filespec = (object) array();
$filespec->protect = $protect;
$filespec->fieldname = $fieldname;
$filespec->docType = $Type;
$filespec->filename = $filename;
if ($Type == "Files") {
$filespec->id = $file->get('id');
$Storagename = $file->getStorageFileName($filespec);
$file->set('Storagename', $Storagename);
$file->set('Docid', $file->get('id'));
} else {
$filespec->id = $id;
$Storagename = $file->getStorageFileName($filespec);
$file->set('Storagename', $Storagename);
}
$file->save();
$filedirectory = EASYCONTACTFORMS__fileUploadDir;
if (!is_dir($filedirectory)) {
if (!EasyContactFormsUtils::createFolder($filedirectory)) {
return FALSE;
}
}
$newpath = $filedirectory . $ds . $Storagename;
if ($filespecmapnull) {
if (!move_uploaded_file($tmpname, $newpath)) {
return FALSE;
}
} else {
rename($tmpname, $newpath);
}
return TRUE;
}