/** * @param $key array from a $_FILES entry * @param $blind dont verify if is_uploaded_file(), useful when importing files from other means than HTTP uploads * @return file id */ public static function import($type, &$key, $category = 0, $blind = false) { // ignore empty file uploads if (!$key['name']) { return false; } if (!$blind && !is_uploaded_file($key['tmp_name'])) { throw new \Exception('Upload failed for file ' . $key['name']); //$error->add('Upload failed for file '.$key['name'] ); //return; } $session = SessionHandler::getInstance(); $file = new File(); $file->type = $type; $file->uploader = $session->id; $file->uploader_ip = client_ip(); $file->size = $key['size']; $file->name = $key['name']; $file->mimetype = $key['type']; $file->category = $category; $file->time_uploaded = sql_datetime(time()); $file->id = $file->store(); if (!$file->id) { return false; } $dst_file = self::getUploadPath($file->id); if ($blind) { // UGLY HACK using "@": currently gives a E_WARNING: "Operation not permitted" error, // even though the rename suceeds??? if (!@rename($key['tmp_name'], $dst_file)) { throw new \Exception('rename failed'); } } elseif (!move_uploaded_file($key['tmp_name'], $dst_file)) { throw new \Exception('Failed to move file from ' . $key['tmp_name'] . ' to ' . $dst_file); } chmod($dst_file, 0777); $key['name'] = $dst_file; $key['file_id'] = $file->id; return $file->id; }
/** * Handles a single upload by given CUploadedFile and returns an array * of informations. * * The 'error' attribute of the array, indicates there was an error. * * Informations on error: * - error: true * - errorMessage: some message * - name: name of the file * - size: file size * * Informations on success: * - error: false * - name: name of the uploaded file * - size: file size * - guid: of the file * - url: url to the file * - thumbnailUrl: url to the thumbnail if exists * * @param type $cFile * @return Array Informations about the uploaded file */ protected function handleFileUpload($cFile) { $output = array(); // Set some basic information $output['name'] = $cFile->getName(); $output['size'] = $cFile->getSize(); // Received a file? if ($cFile == null) { $output['error'] = true; $output['errorMessage'] = Yii::t('FileModule.controllers_FileController', 'No file received!'); return $output; } // Maximum File Size if ($cFile->getSize() > HSetting::Get('maxFileSize', 'file')) { $output['error'] = true; $output['errorMessage'] = Yii::t('FileModule.controllers_FileController', 'Maximum file size has been {maxFileSize} reached!', array("{maxFileSize}" => Yii::app()->format->formatSize(HSetting::Get('maxFileSize', 'file')))); return $output; } if (!File::HasValidExtension($cFile->getName())) { $output['error'] = true; $output['errorMessage'] = Yii::t('FileModule.controllers_FileController', 'This file type is not allowed!'); return $output; } // Store File $file = File::store($cFile); // Check File Storage if ($file == null) { $output['state'] = 'error'; $output['errorMessage'] = Yii::t('FileModule.controllers_FileController', 'Internal Error: Could not store file!'); return $output; } // Write successful array $output['error'] = false; $output['guid'] = $file->guid; $output['name'] = $file->file_name; $output['title'] = $file->title; $output['url'] = ""; $output['thumbnailUrl'] = ""; $output['size'] = $file->size; $output['deleteUrl'] = ""; $output['deleteType'] = ""; $output['mimeIcon'] = $file->getMimeIconClass(); return $output; }
chmod($upload_file, 0644); } if (filesize($upload_file) == 0) { logError("File is empty."); exit; } if (!scanFile($upload_file)) { rename($upload_file, $upload_file . "-virus"); logError("File did not pass the virus scan."); exit; } $fd = fopen("/tmp/upload.log", "a"); fwrite($fd, "Upload: " . serialize($_FILES) . " with " . serialize($_POST) . "\n"); fclose($fd); print_r($_FILES); $file = new File(); $file->byPath($upload_file); if ($file->isValid()) { $file->incrementShrinks(); } else { $file->path = $upload_file; $file->tag = randomTag(); $file->params['name'] = preg_replace(',[^a-zA-Z0-9_:;!@#$%^+=.~-],', '', $f['name']); $file->params['content_type'] = $f['type']; $file->params['size'] = filesize($upload_file); $file->creator = new Creator($_SERVER["REMOTE_ADDR"], $_SESSION["acct_auth"] ? $_SESSION["acct_official"] : null); $file->store(); } $sth = getDB()->prepare("INSERT INTO upload_tracking (upload_id,file_id,error) VALUES (?,?,'f')"); $sth->execute(array($_POST["UPLOAD_IDENTIFIER"], $file->id)); }
/** * Ensure a unique filename. * * @param String $name Base file name that is supposed to be unique * @param File|null $file Optional associated file * @return String Unique filename */ public function ensureUniqueFilename($name, File $file = null) { $changed = false; while (($temp = $this->getEntry($name)) && ($file === null || $temp->file->id !== $file->id)) { $changed = true; $name = FileHelper::AdjustFilename($name); } if ($changed && $file !== null) { $file->filename = $name; $file->store(); } return $name; }