Example #1
0
 /**
  * Moves an uploaded file to a specified path
  *
  * Returns true if the file name is valid, the file type matches one of
  * the accepted file types, if specified, is not too large, and can be
  * moved successfully to its target folder.
  * Missing folders are created.  If this fails, returns false.
  * Mind that the target path *MUST NOT* include ASCMS_PATH, and *SHOULD*
  * not include ASCMS_PATH_OFFSET.  The latter will be cut off, however.
  * The $target_path argument, given by reference, is fixed accordingly.
  * If the file name found in $upload_field_name is empty, returns the
  * empty string.
  * Non-positive values for $maximum_size are ignored, as are empty
  * values for $accepted_types.
  * @param   string  $upload_field_name  File input field name
  * @param   string  $target_path        Target path, relative to the
  *                                      document root, including the file
  *                                      name, by reference.
  * @param   integer $maximum_size       The optional maximum allowed file size
  * @param   string  $accepted_types     The optional allowed MIME type
  * @return  boolean                     True on success, the empty string
  *                                      if there is nothing to do, or
  *                                      false otherwise
  * @author  Reto Kohli <*****@*****.**> (Parts, fixed path handling)
  * @since   2.2.0
  */
 static function upload_file_http($upload_field_name, &$target_path, $maximum_size = 0, $accepted_types = false)
 {
     // Skip files that are not uploaded at all
     if (empty($_FILES[$upload_field_name])) {
         //DBG::log("File::upload_file_http($upload_field_name, $target_path, $maximum_size, $accepted_types): No file for index $upload_field_name<br />");
         return '';
     }
     self::path_relative_to_root($target_path);
     //DBG::log("File::upload_file_http($upload_field_name, $target_path, $maximum_size, $accepted_types): Fixed target path $target_path<br />");
     if (empty($upload_field_name) || empty($target_path)) {
         //DBG::log("File::upload_file_http($upload_field_name, $target_path, $maximum_size, $accepted_types): Missing mandatory argument<br />");
         self::$error = self::ERROR_MISSING_ARGUMENT;
         return false;
     }
     $tmp_path = $_FILES[$upload_field_name]['tmp_name'];
     $file_name = $_FILES[$upload_field_name]['name'];
     if ($accepted_types && !Filetype::matchMimetypes($file_name, $accepted_types)) {
         //DBG::log("File::upload_file_http(): Error: Found no matching MIME type for extension ($file_name)<br />");
         self::$error = self::ERROR_INVALID_FILETYPE;
         return false;
     }
     if ($maximum_size > 0 && filesize($tmp_path) > $maximum_size) {
         //DBG::log("File::upload_file_http($upload_field_name, $target_path, $maximum_size, $accepted_types): Size greater than $maximum_size<br />");
         self::$error = self::ERROR_FILESIZE_TOO_BIG;
         return false;
     }
     // Create the target folder if it doesn't exist
     if (!File::make_folder(dirname($target_path))) {
         //DBG::log("File::upload_file_http(): Failed to create folder ".dirname($target_path)." for $target_path<br />");
         self::$error = self::ERROR_CANNOT_CREATE_FOLDER;
         return false;
     }
     if (move_uploaded_file($tmp_path, ASCMS_DOCUMENT_ROOT . '/' . $target_path)) {
         //DBG::log("File::upload_file_http($upload_field_name, $target_path, $maximum_size, $accepted_types): File successfully moved to $target_path<br />");
         return true;
     }
     //DBG::log("File::upload_file_http($upload_field_name, $target_path, $maximum_size, $accepted_types): move_uploaded_file failed<br />");
     self::$error = self::ERROR_CANNOT_MOVE_FILE;
     return false;
 }