protected function getInput()
{
$params = JUDirectoryHelper::getParams();
$max_upload = ini_get('upload_max_filesize');
$src = JUri::root() . JUDirectoryFrontHelper::getDirectory("collection_icon_directory", "media/com_judirectory/images/collection/", true) . $this->value;
$html = "<div class=\"avatar\" style=\"float: left;\">";
if ($this->value) {
$html .= "<div class=\"clearfix\"><img src=\"" . $src . "\" width=\"" . $params->get('collection_icon_width', 100) . "px\" height=\"" . $params->get('collection_icon_height', 100) . "px\" /></div>";
$html .= "<label><input type=\"checkbox\" name=\"remove_icon\" value=\"1\" /> " . JText::_('COM_JUDIRECTORY_REMOVE_ICON') . "</label>";
}
$html .= "<div class=\"clearfix\"><input type=\"file\" name=\"collection_icon\" id=\"" . $this->id . "\" />";
$html .= "<input type=\"hidden\" name=\"" . $this->name . "\" value=\"" . $this->value . "\" /></div>";
$html .= "<div class=\"clearfix\"><i>" . JText::_('COM_JUDIRECTORY_MAX_UPLOAD_FILESIZE') . " <strong>" . JUDirectoryHelper::formatBytes($this->convertBytes($max_upload)) . "</strong></i></div>";
$html .= "</div>";
return $html;
}
protected function getInput()
{
$params = JUDirectoryHelper::getParams();
$max_upload = ini_get('upload_max_filesize');
if ($this->value) {
$src = JUri::root(true) . "/" . JUDirectoryFrontHelper::getDirectory("avatar_directory", "media/com_judirectory/images/avatar/", true) . $this->value;
} else {
$src = JUri::root(true) . "/" . JUDirectoryFrontHelper::getDirectory("avatar_directory", "media/com_judirectory/images/avatar/", true) . "default/" . $params->get('default_avatar', 'default-avatar.png');
}
$html = '<div class="avatar" style="float: left;">';
$html .= '<div class="clearfix"><img src="' . $src . '" alt="Avatar" style="width:' . $params->get("avatar_width", 120) . 'px; height:' . $params->get("avatar_height", 120) . 'px;" /></div>';
if ($this->value) {
$html .= '<label for="remove-avatar">' . JText::_("COM_JUDIRECTORY_REMOVE_AVATAR") . ' <input id="remove-avatar" type="checkbox" name="remove_avatar" value="1" /></label>';
}
$html .= '<div class="clearfix"><input type="file" name="avatar" id="' . $this->id . '" />';
$html .= '<input type="hidden" name="' . $this->name . '" value="' . $this->value . '" /></div>';
$html .= '<div class="clearfix"><i>' . JText::_("COM_JUDIRECTORY_MAX_UPLOAD_FILESIZE") . ' <strong>' . JUDirectoryHelper::formatBytes($this->convertBytes($max_upload)) . '</strong></i></div>';
$html .= '</div>';
return $html;
}
public function getInput($fieldValue = null)
{
if (!$this->isPublished()) {
return "";
}
$this->loadDefaultAssets();
if (isset($this->listing) && $this->listing->cat_id) {
$params = JUDirectoryHelper::getParams($this->listing->cat_id);
} else {
$params = JUDirectoryHelper::getParams(null, $this->listing_id);
}
$max_upload = ini_get('upload_max_filesize');
$max_upload = JUDirectoryHelper::formatBytes(self::convertBytes($max_upload));
$value = !is_null($fieldValue) ? $fieldValue : $this->value;
$image_src = JUDirectoryHelper::getListingImage($value);
$this->setAttribute("type", "file", "input");
if (!$this->value) {
$this->addAttribute("class", "validate-images", "input");
$this->addAttribute("class", $this->getInputClass(), "input");
}
$this->setVariable('image_src', $image_src);
$this->setVariable('max_upload', $max_upload);
$this->setVariable('params', $params);
$this->setVariable('value', $value);
return $this->fetch('input.php', __CLASS__);
}
public static function validateImageFile($file)
{
$app = JFactory::getApplication();
if (empty($file['name'])) {
return false;
}
if (!JFile::exists($file['tmp_name'])) {
$app->enqueueMessage(JText::_('COM_JUDIRECTORY_FILE_NOT_FOUND'), 'error');
return false;
}
$format = strtolower(JFile::getExt($file['name']));
$executable = array('php', 'js', 'exe', 'phtml', 'java', 'perl', 'py', 'asp', 'dll', 'go', 'ade', 'adp', 'bat', 'chm', 'cmd', 'com', 'cpl', 'hta', 'ins', 'isp', 'jse', 'lib', 'mde', 'msc', 'msp', 'mst', 'pif', 'scr', 'sct', 'shb', 'sys', 'vb', 'vbe', 'vbs', 'vxd', 'wsc', 'wsf', 'wsh');
$explodedFileName = explode('.', $file['name']);
if (count($explodedFileName) > 2) {
foreach ($executable as $extensionName) {
if (in_array($extensionName, $explodedFileName)) {
$app->enqueueMessage(JText::_('COM_JUDIRECTORY_INVALID_FILE_TYPE'), 'error');
return false;
}
}
}
$params = JUDirectoryHelper::getParams();
$allowable = $params->get('upload_extensions', 'bmp,gif,jpg,png');
$allowable = explode(',', strtolower(str_replace("\n", ",", trim($allowable))));
if ($format == '' || $format == false || !in_array($format, $allowable)) {
$app->enqueueMessage(JText::sprintf('COM_JUDIRECTORY_INVALID_FILE_TYPE', $format), 'error');
return false;
}
$maxSize = (int) ($params->get('image_max_size', 400) * 1024);
$maxSizeFormatted = JUDirectoryHelper::formatBytes($maxSize);
if ($maxSize > 0 && (int) $file['size'] > $maxSize) {
$app->enqueueMessage(JText::sprintf('COM_JUDIRECTORY_REACH_MAX_FILE_SIZE', $maxSizeFormatted), 'error');
return false;
}
$imgInfo = null;
if (!empty($file['tmp_name'])) {
if (($imgInfo = getimagesize($file['tmp_name'])) === false) {
$app->enqueueMessage(JText::_('COM_JUDIRECTORY_INVALID_IMAGE_FILE'), 'error');
return false;
}
} else {
$app->enqueueMessage(JText::sprintf('COM_JUDIRECTORY_REACH_MAX_FILE_SIZE', $maxSizeFormatted), 'error');
return false;
}
$xss_check = JFile::read($file['tmp_name'], false, 256);
$html_tags = array('abbr', 'acronym', 'address', 'applet', 'area', 'audioscope', 'base', 'basefont', 'bdo', 'bgsound', 'big', 'blackface', 'blink', 'blockquote', 'body', 'bq', 'br', 'button', 'caption', 'center', 'cite', 'code', 'col', 'colgroup', 'comment', 'custom', 'dd', 'del', 'dfn', 'dir', 'div', 'dl', 'dt', 'em', 'embed', 'fieldset', 'fn', 'font', 'form', 'frame', 'frameset', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'head', 'hr', 'html', 'iframe', 'ilayer', 'img', 'input', 'ins', 'isindex', 'keygen', 'kbd', 'label', 'layer', 'legend', 'li', 'limittext', 'link', 'listing', 'map', 'marquee', 'menu', 'meta', 'multicol', 'nobr', 'noembed', 'noframes', 'noscript', 'nosmartquotes', 'object', 'ol', 'optgroup', 'option', 'param', 'plaintext', 'pre', 'rt', 'ruby', 's', 'samp', 'script', 'select', 'server', 'shadow', 'sidebar', 'small', 'spacer', 'span', 'strike', 'strong', 'style', 'sub', 'sup', 'table', 'tbody', 'td', 'textarea', 'tfoot', 'th', 'thead', 'title', 'tr', 'tt', 'ul', 'var', 'wbr', 'xml', 'xmp', '!DOCTYPE', '!--');
foreach ($html_tags as $tag) {
if (stristr($xss_check, '<' . $tag . ' ') || stristr($xss_check, '<' . $tag . '>')) {
$app->enqueueMessage(JText::_('COM_JUDIRECTORY_IEXSS_WARNING'), 'error');
return false;
}
}
return true;
}
public function filterField($values)
{
$oldImages = $values ? $values : array();
$app = JFactory::getApplication();
$newImages = $app->input->files->get('field_' . $this->id);
$gallery = $gallery['old'] = $gallery['new'] = array();
$params = JUDirectoryHelper::getParams(null, $this->listing_id);
$maxUploadImage = 4;
$count = 0;
if ($this->listing_id) {
$db = JFactory::getDbo();
$query = 'SELECT id FROM #__judirectory_images WHERE listing_id = ' . (int) $this->listing_id;
$db->setQuery($query);
$imageIds = $db->loadColumn();
foreach ($oldImages as $key => $image) {
if (!in_array($image['id'], $imageIds)) {
continue;
}
if ($maxUploadImage > 0 && $count >= $maxUploadImage) {
break;
}
$gallery['old'][] = $image;
if (!$image['remove']) {
$count++;
}
}
}
$error = array();
if ($newImages && ($count < $maxUploadImage && $maxUploadImage > 0 || $maxUploadImage <= 0)) {
$legal_extensions = "jpeg,jpg,png,gif,bmp";
$legal_mime = "image/jpeg,image/pjpeg,image/png,image/gif,image/bmp,image/x-windows-bmp";
$image_min_width = $params->get("image_min_width", 50);
$image_min_height = $params->get("image_min_height", 50);
$image_max_width = $params->get("image_max_width", 1024);
$image_max_height = $params->get("image_max_height", 1024);
$image_max_size = $params->get("image_max_size", 400) * 1024;
$num_files_exceed_limit = 0;
$num_files_invalid_dimension = 0;
foreach ($newImages as $image) {
if ($image['name']) {
$image['name'] = str_replace(' ', '_', JFile::makeSafe($image['name']));
if ($count >= $maxUploadImage) {
$num_files_exceed_limit++;
continue;
}
if (!JUDirectoryFrontHelperPermission::canUpload($image, $error, $legal_extensions, $image_max_size, true, $legal_mime, '', $legal_extensions)) {
continue;
}
$image_dimension = getimagesize($image['tmp_name']);
if ($image_dimension[0] < $image_min_width || $image_dimension[1] < $image_min_height || $image_dimension[0] > $image_max_width || $image_dimension[1] > $image_max_height) {
$num_files_invalid_dimension++;
continue;
}
$gallery['new'][] = $image;
$count++;
}
}
$app = JFactory::getApplication();
if ($error) {
foreach ($error as $key => $count) {
switch ($key) {
case 'WARN_SOURCE':
case 'WARN_FILENAME':
case 'WARN_FILETYPE':
case 'WARN_FILETOOLARGE':
case 'WARN_INVALID_IMG':
case 'WARN_INVALID_MIME':
case 'WARN_IEXSS':
$error_str = JText::plural("COM_JUDIRECTORY_N_FILE_" . $key, $count);
break;
}
$app->enqueueMessage($error_str, 'notice');
}
}
if ($num_files_exceed_limit) {
$image_upload_limit = JUDirectoryHelper::formatBytes($image_max_size * 1024);
$app->enqueueMessage(JText::plural('COM_JUDIRECTORY_N_IMAGES_ARE_NOT_SAVED_BECAUSE_THEY_EXCEEDED_FILE_SIZE_LIMIT', $num_files_exceed_limit, $image_upload_limit), 'notice');
}
if ($num_files_invalid_dimension) {
$app->enqueueMessage(JText::plural('COM_JUDIRECTORY_N_IMAGES_ARE_NOT_SAVED_BECAUSE_THEY_ARE_NOT_VALID_DIMENSION', $num_files_invalid_dimension, $image_min_width, $image_max_width, $image_min_height, $image_max_height), 'notice');
}
}
$gallery['count'] = $count;
return $gallery;
}
