/** * Upload a file to the profile via AJAX * * @return string */ public function doajaxuploadTask() { //allowed extensions for uplaod $allowedExtensions = array('png', 'jpe', 'jpeg', 'jpg', 'gif'); //max upload size $sizeLimit = $this->config->get('maxAllowed', '40000000'); // get the file if (isset($_GET['qqfile'])) { $stream = true; $file = $_GET['qqfile']; $size = (int) $_SERVER["CONTENT_LENGTH"]; } elseif (isset($_FILES['qqfile'])) { $stream = false; $file = $_FILES['qqfile']['name']; $size = (int) $_FILES['qqfile']['size']; } else { echo json_encode(array('error' => Lang::txt('Please select a file to upload'))); return; } //check to make sure we have a file and its not too big if ($size == 0) { echo json_encode(array('error' => Lang::txt('File is empty'))); return; } if ($size > $sizeLimit) { $max = preg_replace('/<abbr \\w+=\\"\\w+\\">(\\w{1,3})<\\/abbr>/', '$1', \Hubzero\Utility\Number::formatBytes($sizeLimit)); echo json_encode(array('error' => Lang::txt('File is too large. Max file upload size is ') . $max)); return; } //check to make sure we have an allowable extension $pathinfo = pathinfo($file); $filename = $pathinfo['filename']; $ext = $pathinfo['extension']; if ($allowedExtensions && !in_array(strtolower($ext), $allowedExtensions)) { $these = implode(', ', $allowedExtensions); echo json_encode(array('error' => Lang::txt('File has an invalid extension, it should be one of ' . $these . '.'))); return; } // Make the filename safe $file = Filesystem::clean($file); // Check project exists if (!$this->model->exists()) { echo json_encode(array('error' => Lang::txt('Error loading project'))); return; } // Make sure user is authorized (project manager) if (!$this->model->access('manager')) { echo json_encode(array('error' => Lang::txt('Unauthorized action'))); return; } // Build project image path $path = PATH_APP . DS . trim($this->config->get('imagepath', '/site/projects'), DS); $path .= DS . $this->model->get('alias') . DS . 'images'; if (!is_dir($path)) { if (!Filesystem::makeDirectory($path, 0755, true, true)) { echo json_encode(array('error' => Lang::txt('COM_PROJECTS_UNABLE_TO_CREATE_UPLOAD_PATH'))); return; } } // Delete older file with same name if (file_exists($path . DS . $file)) { Filesystem::delete($path . DS . $file); } if ($stream) { //read the php input stream to upload file $input = fopen("php://input", "r"); $temp = tmpfile(); $realSize = stream_copy_to_stream($input, $temp); fclose($input); if (Helpers\Html::virusCheck($temp)) { echo json_encode(array('error' => Lang::txt('Virus detected, refusing to upload'))); return; } //move from temp location to target location which is user folder $target = fopen($path . DS . $file, "w"); fseek($temp, 0, SEEK_SET); stream_copy_to_stream($temp, $target); fclose($target); } else { move_uploaded_file($_FILES['qqfile']['tmp_name'], $path . DS . $file); } // Perform the upload if (!is_file($path . DS . $file)) { echo json_encode(array('error' => Lang::txt('COM_PROJECTS_ERROR_UPLOADING'))); return; } else { //resize image to max 200px and rotate in case user didnt before uploading $hi = new \Hubzero\Image\Processor($path . DS . $file); if (count($hi->getErrors()) == 0) { $hi->autoRotate(); $hi->resize(200); $hi->setImageType(IMAGETYPE_PNG); $hi->save($path . DS . $file); } else { echo json_encode(array('error' => $hi->getError())); return; } // Delete previous thumb if (file_exists($path . DS . 'thumb.png')) { Filesystem::delete($path . DS . 'thumb.png'); } // create thumb $hi = new \Hubzero\Image\Processor($path . DS . $file); if (count($hi->getErrors()) == 0) { $hi->resize(50, false, true, true); $hi->save($path . DS . 'thumb.png'); } else { echo json_encode(array('error' => $hi->getError())); return; } // Save picture name $this->model->set('picture', $file); if (!$this->model->store()) { echo json_encode(array('error' => $this->model->getError())); return; } elseif (!$this->model->inSetup()) { // Record activity $this->model->recordActivity(Lang::txt('COM_PROJECTS_REPLACED_PROJECT_PICTURE')); } } echo json_encode(array('success' => true)); return; }
/** * Upload a file to the profile via AJAX * * @return string */ public function doajaxuploadTask() { Request::checkToken(['get', 'post']); //allowed extensions for uplaod $allowedExtensions = array('png', 'jpe', 'jpeg', 'jpg', 'gif'); //max upload size $sizeLimit = $this->config->get('maxAllowed', '40000000'); //get the file if (isset($_GET['qqfile'])) { $stream = true; $file = $_GET['qqfile']; $size = (int) $_SERVER["CONTENT_LENGTH"]; } elseif (isset($_FILES['qqfile'])) { $stream = false; $file = $_FILES['qqfile']['name']; $size = (int) $_FILES['qqfile']['size']; } else { return; } //get the id and load profile $id = Request::getVar('id', 0); $profile = \Hubzero\User\Profile::getInstance($id); if (!$profile) { return; } //define upload directory and make sure its writable $uploadDirectory = PATH_APP . DS . $this->filespace() . DS . \Hubzero\Utility\String::pad($id) . DS; if (!is_dir($uploadDirectory)) { if (!Filesystem::makeDirectory($uploadDirectory)) { echo json_encode(array('error' => 'Server error. Unable to create upload directory.')); return; } } if (!is_writable($uploadDirectory)) { echo json_encode(array('error' => "Server error. Upload directory isn't writable.")); return; } //check to make sure we have a file and its not too big if ($size == 0) { echo json_encode(array('error' => 'File is empty')); return; } if ($size > $sizeLimit) { $max = preg_replace('/<abbr \\w+=\\"\\w+\\">(\\w{1,3})<\\/abbr>/', '$1', \Hubzero\Utility\Number::formatBytes($sizeLimit)); echo json_encode(array('error' => 'File is too large. Max file upload size is ' . $max)); return; } //check to make sure we have an allowable extension $pathinfo = pathinfo($file); $filename = $pathinfo['filename']; $ext = $pathinfo['extension']; if ($allowedExtensions && !in_array(strtolower($ext), $allowedExtensions)) { $these = implode(', ', $allowedExtensions); echo json_encode(array('error' => 'File has an invalid extension, it should be one of ' . $these . '.')); return; } // don't overwrite previous files that were uploaded while (file_exists($uploadDirectory . $filename . '.' . $ext)) { $filename .= rand(10, 99); } $file = $uploadDirectory . $filename . '.' . $ext; $final_file = $uploadDirectory . 'profile.png'; $final_thumb = $uploadDirectory . 'thumb.png'; if ($stream) { //read the php input stream to upload file $input = fopen("php://input", "r"); $temp = tmpfile(); $realSize = stream_copy_to_stream($input, $temp); fclose($input); //move from temp location to target location which is user folder $target = fopen($file, "w"); fseek($temp, 0, SEEK_SET); stream_copy_to_stream($temp, $target); fclose($target); } else { move_uploaded_file($_FILES['qqfile']['tmp_name'], $file); } //resize image to max 400px and rotate in case user didnt before uploading $hi = new \Hubzero\Image\Processor($file); if (count($hi->getErrors()) == 0) { $hi->autoRotate(); $hi->resize(400); $hi->setImageType(IMAGETYPE_PNG); $hi->save($final_file); } else { echo json_encode(array('error' => $hi->getError())); return; } // create thumb $hi = new \Hubzero\Image\Processor($final_file); if (count($hi->getErrors()) == 0) { $hi->resize(50, false, true, true); $hi->save($final_thumb); } else { echo json_encode(array('error' => $hi->getError())); return; } // remove orig unlink($file); echo json_encode(array('success' => true, 'file' => str_replace($uploadDirectory, '', $final_file), 'directory' => str_replace(PATH_ROOT, '', $uploadDirectory))); }
/** * Upload a file * * @return void */ public function uploadTask() { // Check for request forgeries Request::checkToken(); // Incoming $id = Request::getInt('id', 0); $curfile = Request::getVar('file', ''); $file = Request::getVar('upload', '', 'files', 'array'); // Build upload path $dir = \Hubzero\Utility\String::pad($id); $path = PATH_APP . DS . trim($this->config->get('webpath', '/site/members'), DS) . DS . $dir; //allowed extensions for uplaod $allowedExtensions = array('png', 'jpe', 'jpeg', 'jpg', 'gif'); //max upload size $sizeLimit = $this->config->get('maxAllowed', '40000000'); // make sure we have id if (!$id) { $this->setError(Lang::txt('COM_MEMBERS_NO_ID')); $this->displayTask($curfile, $id); return; } // make sure we have a file if (!$file['name']) { $this->setError(Lang::txt('COM_MEMBERS_NO_FILE')); $this->displayTask($curfile, $id); return; } // make sure we have an upload path if (!is_dir($path)) { if (!Filesystem::makeDirectory($path)) { $this->setError(Lang::txt('COM_MEMBERS_UNABLE_TO_CREATE_UPLOAD_PATH')); $this->displayTask($curfile, $id); return; } } // make sure file is not empty if ($file['size'] == 0) { $this->setError(Lang::txt('COM_MEMBERS_FILE_HAS_NO_SIZE')); $this->displayTask($curfile, $id); return; } // make sure file is not empty if ($file['size'] > $sizeLimit) { $max = preg_replace('/<abbr \\w+=\\"\\w+\\">(\\w{1,3})<\\/abbr>/', '$1', \Hubzero\Utility\Number::formatBytes($sizeLimit)); $this->setError(Lang::txt('FILE_SIZE_TOO_BIG', $max)); $this->displayTask($curfile, $id); return; } // must be in allowed extensions $pathInfo = pathinfo($file['name']); $ext = $pathInfo['extension']; if (!in_array($ext, $allowedExtensions)) { $these = implode(', ', $allowedExtensions); $this->setError(Lang::txt('COM_MEMBERS_FILE_TYPE_NOT_ALLOWED', $these)); $this->displayTask($curfile, $id); return; } // build needed paths $filePath = $path . DS . $file['name']; $profilePath = $path . DS . 'profile.png'; $thumbPath = $path . DS . 'thumb.png'; // upload image if (!Filesystem::upload($file['tmp_name'], $filePath)) { $this->setError(Lang::txt('COM_MEMBERS_ERROR_UPLOADING')); $this->displayTask($curfile, $id); return; } // create profile pic $imageProcessor = new \Hubzero\Image\Processor($filePath); if (count($imageProcessor->getErrors()) == 0) { $imageProcessor->autoRotate(); $imageProcessor->resize(400); $imageProcessor->setImageType(IMAGETYPE_PNG); $imageProcessor->save($profilePath); } // create thumb $imageProcessor = new \Hubzero\Image\Processor($filePath); if (count($imageProcessor->getErrors()) == 0) { $imageProcessor->resize(50, false, true, true); $imageProcessor->save($thumbPath); } // update profile $profile = \Hubzero\User\Profile::getInstance($id); $profile->set('picture', 'profile.png'); if (!$profile->update()) { $this->setError($profile->getError()); } // remove orig file unlink($filePath); // Push through to the image view $this->displayTask('profile.png', $id); }
/** * Upload a file to the wiki * * @return void */ public function uploadTask() { // Check if they're logged in if (User::isGuest()) { $this->displayTask(); return; } if (Request::getVar('no_html', 0)) { return $this->ajaxUploadTask(); } // Ensure we have an ID to work with $listdir = Request::getInt('dir', 0, 'post'); if (!$listdir) { $this->setError(Lang::txt('COM_COLLECTIONS_NO_ID')); $this->displayTask(); return; } // Incoming file $file = Request::getVar('upload', '', 'files', 'array'); if (!$file['name']) { $this->setError(Lang::txt('COM_COLLECTIONS_NO_FILE')); $this->displayTask(); return; } $asset = new Asset(); // Build the upload path if it doesn't exist $path = $asset->filespace() . DS . $listdir; if (!is_dir($path)) { if (!Filesystem::makeDirectory($path)) { $this->setError(Lang::txt('COM_COLLECTIONS_ERROR_UNABLE_TO_CREATE_UPLOAD_DIR')); $this->displayTask(); return; } } // Make the filename safe $file['name'] = urldecode($file['name']); $file['name'] = Filesystem::clean($file['name']); $file['name'] = str_replace(' ', '_', $file['name']); // Upload new files if (!Filesystem::upload($file['tmp_name'], $path . DS . $file['name'])) { $this->setError(Lang::txt('COM_COLLECTIONS_ERROR_UNABLE_TO_UPLOAD')); } else { // Create database entry $asset->set('item_id', intval($listdir)); $asset->set('filename', $file['name']); if ($asset->image()) { $hi = new \Hubzero\Image\Processor($path . DS . $file['name']); if (count($hi->getErrors()) == 0) { $hi->autoRotate(); $hi->save(); } } $asset->set('description', Request::getVar('description', '', 'post')); $asset->set('state', 1); $asset->set('type', 'file'); if (!$asset->store()) { $this->setError($asset->getError()); } } // Push through to the media view $this->displayTask(); }