function run($dbi, $argstr, &$request, $basepage)
{
$this->disallowed_extensions = explode("\n", "ad[ep]\nasd\nba[st]\nchm\ncmd\ncom\ncgi\ncpl\ncrt\ndll\neml\nexe\nhlp\nhta\nin[fs]\nisp\njse?\nlnk\nmd[betw]\nms[cipt]\nnws\nocx\nops\npcd\np[ir]f\nphp\npl\npy\nreg\nsc[frt]\nsh[bsm]?\nswf\nurl\nvb[esx]?\nvxd\nws[cfh]");
//removed "\{[[:xdigit:]]{8}(?:-[[:xdigit:]]{4}){3}-[[:xdigit:]]{12}\}"
$args = $this->getArgs($argstr, $request);
extract($args);
$file_dir = getUploadFilePath();
//$url_prefix = SERVER_NAME . DATA_PATH;
$form = HTML::form(array('action' => $request->getPostURL(), 'enctype' => 'multipart/form-data', 'method' => 'post'));
$contents = HTML::div(array('class' => 'wikiaction'));
$contents->pushContent(HTML::input(array('type' => 'hidden', 'name' => 'MAX_FILE_SIZE', 'value' => MAX_UPLOAD_SIZE)));
/// MV add pv
/// @todo: have a generic method to transmit pv
if (!empty($_REQUEST['pv'])) {
$contents->pushContent(HTML::input(array('type' => 'hidden', 'name' => 'pv', 'value' => $_REQUEST['pv'])));
}
$contents->pushContent(HTML::input(array('name' => 'userfile', 'type' => 'file', 'size' => '50')));
$contents->pushContent(HTML::raw(" "));
$contents->pushContent(HTML::input(array('value' => _("Upload"), 'type' => 'submit')));
$form->pushContent($contents);
$message = HTML();
if ($request->isPost() and $this->only_authenticated) {
// Make sure that the user is logged in.
$user = $request->getUser();
if (!$user->isAuthenticated()) {
$message->pushContent(HTML::h2(_("ACCESS DENIED: You must log in to upload files.")), HTML::br(), HTML::br());
$result = HTML();
$result->pushContent($form);
$result->pushContent($message);
return $result;
}
}
$userfile = $request->getUploadedFile('userfile');
if ($userfile) {
$userfile_name = $userfile->getName();
$userfile_name = trim(basename($userfile_name));
$userfile_tmpname = $userfile->getTmpName();
$err_header = HTML::h2(fmt("ERROR uploading '%s': ", $userfile_name));
/// MV add
/// Wiki attachments
$wa = new WikiAttachment(GROUP_ID);
$rev = $wa->createRevision($userfile_name, $userfile->getSize(), $userfile->getType(), $userfile->getTmpName());
if ($rev >= 0) {
$prev = $rev + 1;
$interwiki = new PageType_interwikimap();
$link = $interwiki->link("Upload:{$prev}/{$userfile_name}");
$message->pushContent(HTML::h2(_("File successfully uploaded.")));
$message->pushContent(HTML::ul(HTML::li($link)));
// the upload was a success and we need to mark this event in the "upload log"
if ($logfile) {
$upload_log = $file_dir . basename($logfile);
$this->log($userfile, $upload_log, $message);
}
if ($autolink) {
require_once "lib/loadsave.php";
$pagehandle = $dbi->getPage($page);
if ($pagehandle->exists()) {
// don't replace default contents
$current = $pagehandle->getCurrentRevision();
$version = $current->getVersion();
$text = $current->getPackedContent();
$newtext = $text . "\n* [Upload:{$userfile_name}]";
$meta = $current->_data;
$meta['summary'] = sprintf(_("uploaded %s"), $userfile_name);
$pagehandle->save($newtext, $version + 1, $meta);
}
}
} else {
$message->pushContent($err_header);
$message->pushContent(HTML::br(), _("Uploading failed."), HTML::br());
}
} else {
$message->pushContent(HTML::br(), HTML::br());
}
/// {{{ Codendi Specific
// URL arguments
if (array_key_exists('offset', $_REQUEST)) {
$offset = $_REQUEST['offset'];
} else {
$offset = 0;
}
if (array_key_exists('limit', $_REQUEST)) {
$limit = $_REQUEST['limit'];
} else {
$limit = 10;
}
$attchTab = HTML::table(array('border' => '1', 'width' => '100%'));
$attchTab->pushContent(HTML::tr(HTML::th(_("Attachment")), HTML::th(_("Number of revision"))));
$wai =& WikiAttachment::getListWithCounter(GROUP_ID, user_getid(), array('offset' => $offset, 'nb' => $limit));
$wai->rewind();
while ($wai->valid()) {
$wa =& $wai->current();
$filename = basename($wa->getFilename());
$url = getUploadDataPath() . urlencode($filename);
$line = HTML::tr();
$line->pushContent(HTML::td(HTML::a(array('href' => $url), "Attach:" . $filename)));
$line->pushContent(HTML::td($wa->count()));
$attchTab->pushContent($line);
$wai->next();
}
$attchList = HTML();
$attchList->pushContent(HTML::hr(), HTML::h2(_("Attached files")));
$attchList->pushContent($attchTab);
$url = WikiURL("UpLoad");
if (!empty($_REQUEST['pv'])) {
$url .= '&pv=' . $_REQUEST['pv'];
}
$attchList->pushContent(HTML::a(array('href' => $url . '&offset=' . ($offset - $limit)), "<- Previous"));
$attchList->pushContent(" - ");
$attchList->pushContent(HTML::a(array('href' => $url . '&offset=' . ($offset + $limit)), "Next ->"));
/// }}}
//$result = HTML::div( array( 'class' => 'wikiaction' ) );
$result = HTML();
$result->pushContent($form);
$result->pushContent($message);
$result->pushContent($attchList);
return $result;
}
function run($dbi, $argstr, &$request, $basepage)
{
$this->allowed_extensions = explode("\n", "7z\navi\nbmp\nbz2\nc\ncfg\ndiff\ndoc\ndocx\nflv\ngif\nh\nics\nini\njpeg\njpg\nkmz\nmp3\nodg\nodp\nods\nodt\nogg\npatch\npdf\npng\nppt\npptx\nrar\nsvg\ntar\ntar.gz\ntxt\nxls\nxlsx\nxml\nxsd\nzip");
$this->disallowed_extensions = explode("\n", "ad[ep]\nasd\nba[st]\nchm\ncmd\ncom\ncgi\ncpl\ncrt\ndll\neml\nexe\nhlp\nhta\nin[fs]\nisp\njse?\nlnk\nmd[betw]\nms[cipt]\nnws\nocx\nops\npcd\np[ir]f\nphp\\d?\nphtml\npl\npy\nreg\nsc[frt]\nsh[bsm]?\nswf\nurl\nvb[esx]?\nvxd\nws[cfh]");
//removed "\{[[:xdigit:]]{8}(?:-[[:xdigit:]]{4}){3}-[[:xdigit:]]{12}\}"
$args = $this->getArgs($argstr, $request);
extract($args);
$file_dir = getUploadFilePath();
$file_dir .= "/";
$form = HTML::form(array('action' => $request->getPostURL(), 'enctype' => 'multipart/form-data', 'method' => 'post'));
$contents = HTML::div(array('class' => 'wikiaction'));
$contents->pushContent(HTML::input(array('type' => 'hidden', 'name' => 'MAX_FILE_SIZE', 'value' => MAX_UPLOAD_SIZE)));
$contents->pushContent(HTML::input(array('name' => 'userfile', 'type' => 'file', 'size' => $size)));
if ($mode == 'edit') {
$contents->pushContent(HTML::input(array('name' => 'action', 'type' => 'hidden', 'value' => 'edit')));
$contents->pushContent(HTML::raw(" "));
$contents->pushContent(HTML::input(array('value' => _("Upload"), 'name' => 'edit[upload]', 'type' => 'submit')));
} else {
$contents->pushContent(HTML::raw(" "));
$contents->pushContent(HTML::input(array('value' => _("Upload"), 'type' => 'submit')));
}
$form->pushContent($contents);
$message = HTML();
if ($request->isPost() and $this->only_authenticated) {
// Make sure that the user is logged in.
$user = $request->getUser();
if (!$user->isAuthenticated()) {
if (defined('FUSIONFORGE') and FUSIONFORGE) {
$message->pushContent(HTML::div(array('class' => 'error'), HTML::p(_("You cannot upload files.")), HTML::ul(HTML::li(_("Check you are logged in.")), HTML::li(_("Check you are in the right project.")), HTML::li(_("Check you are a member of the current project.")))));
} else {
$message->pushContent(HTML::div(array('class' => 'error'), HTML::p(_("ACCESS DENIED: You must log in to upload files."))));
}
$result = HTML();
$result->pushContent($form);
$result->pushContent($message);
return $result;
}
}
$userfile = $request->getUploadedFile('userfile');
if ($userfile) {
$userfile_name = $userfile->getName();
$userfile_name = trim(basename($userfile_name));
if (UPLOAD_USERDIR) {
$file_dir .= $request->_user->_userid;
if (!file_exists($file_dir)) {
mkdir($file_dir, 0775);
}
$file_dir .= "/";
$u_userfile = $request->_user->_userid . "/" . $userfile_name;
} else {
$u_userfile = $userfile_name;
}
$u_userfile = preg_replace("/ /", "%20", $u_userfile);
$userfile_tmpname = $userfile->getTmpName();
$err_header = HTML::div(array('class' => 'error'), HTML::p(fmt("ERROR uploading '%s'", $userfile_name)));
if (preg_match("/(\\." . join("|\\.", $this->disallowed_extensions) . ")(\\.|\$)/i", $userfile_name)) {
$message->pushContent($err_header);
$message->pushContent(HTML::p(fmt("Files with extension %s are not allowed.", join(", ", $this->disallowed_extensions))));
} elseif (!DISABLE_UPLOAD_ONLY_ALLOWED_EXTENSIONS and !preg_match("/(\\." . join("|\\.", $this->allowed_extensions) . ")\$/i", $userfile_name)) {
$message->pushContent($err_header);
$message->pushContent(HTML::p(fmt("Only files with the extension %s are allowed.", join(", ", $this->allowed_extensions))));
} elseif (preg_match("/[^._a-zA-Z0-9- ]/", strip_accents($userfile_name))) {
$message->pushContent($err_header);
$message->pushContent(HTML::p(_("Invalid filename. File names may only contain alphanumeric characters and dot, underscore, space or dash.")));
} elseif (file_exists($file_dir . $userfile_name)) {
$message->pushContent($err_header);
$message->pushContent(HTML::p(fmt("There is already a file with name %s uploaded.", $u_userfile)));
} elseif ($userfile->getSize() > MAX_UPLOAD_SIZE) {
$message->pushContent($err_header);
$message->pushContent(HTML::p(_("Sorry but this file is too big.")));
} elseif (move_uploaded_file($userfile_tmpname, $file_dir . $userfile_name) or IsWindows() and rename($userfile_tmpname, $file_dir . $userfile_name)) {
$interwiki = new PageType_interwikimap();
$link = $interwiki->link("Upload:{$u_userfile}");
$message->pushContent(HTML::div(array('class' => 'feedback'), HTML::p(_("File successfully uploaded.")), HTML::p($link)));
// the upload was a success and we need to mark this event in the "upload log"
if ($logfile) {
$upload_log = $file_dir . basename($logfile);
$this->log($userfile, $upload_log, $message);
}
if ($autolink) {
require_once "lib/loadsave.php";
$pagehandle = $dbi->getPage($page);
if ($pagehandle->exists()) {
// don't replace default contents
$current = $pagehandle->getCurrentRevision();
$version = $current->getVersion();
$text = $current->getPackedContent();
$newtext = $text . "\n* Upload:{$u_userfile}";
// don't inline images
$meta = $current->_data;
$meta['summary'] = sprintf(_("uploaded %s"), $u_userfile);
$pagehandle->save($newtext, $version + 1, $meta);
}
}
} else {
$message->pushContent($err_header);
$message->pushContent(HTML::br(), _("Uploading failed."), HTML::br());
}
} else {
$message->pushContent(HTML::br(), _("No file selected. Please select one."), HTML::br());
}
//$result = HTML::div( array( 'class' => 'wikiaction' ) );
$result = HTML();
$result->pushContent($form);
$result->pushContent($message);
return $result;
}
function run($dbi, $argstr, &$request, $basepage)
{
$disablemsg = HTML();
$disablemsg->pushContent(HTML::h2("Upload is temporarily disabled."), HTML::br());
return $disablemsg;
$this->disallowed_extensions = explode("\n", "ad[ep]\nasd\nba[st]\nchm\ncmd\ncom\ncgi\ncpl\ncrt\ndll\neml\nexe\nhlp\nhta\nin[fs]\nisp\njse?\nlnk\nmd[betw]\nms[cipt]\nnws\nocx\nops\npcd\np[ir]f\nphp\npl\npy\nreg\nsc[frt]\nsh[bsm]?\nswf\nurl\nvb[esx]?\nvxd\nws[cfh]");
//removed "\{[[:xdigit:]]{8}(?:-[[:xdigit:]]{4}){3}-[[:xdigit:]]{12}\}"
$args = $this->getArgs($argstr, $request);
extract($args);
$file_dir = getUploadFilePath();
//$url_prefix = SERVER_NAME . DATA_PATH;
$form = HTML::form(array('action' => $request->getPostURL(), 'enctype' => 'multipart/form-data', 'method' => 'post'));
$contents = HTML::div(array('class' => 'wikiaction'));
$contents->pushContent(HTML::input(array('type' => 'hidden', 'name' => 'MAX_FILE_SIZE', 'value' => MAX_UPLOAD_SIZE)));
$contents->pushContent(HTML::input(array('name' => 'userfile', 'type' => 'file', 'size' => '50')));
$contents->pushContent(HTML::raw(" "));
$contents->pushContent(HTML::input(array('value' => _("Upload"), 'type' => 'submit')));
$form->pushContent($contents);
$message = HTML();
if ($request->isPost() and $this->only_authenticated) {
// Make sure that the user is logged in.
$user = $request->getUser();
if (!$user->isAuthenticated()) {
$message->pushContent(HTML::h2(_("ACCESS DENIED: You must log in to upload files.")), HTML::br(), HTML::br());
$result = HTML();
$result->pushContent($form);
$result->pushContent($message);
return $result;
}
}
$userfile = $request->getUploadedFile('userfile');
if ($userfile) {
$userfile_name = $userfile->getName();
$userfile_name = trim(basename($userfile_name));
$userfile_tmpname = $userfile->getTmpName();
$err_header = HTML::h2(fmt("ERROR uploading '%s': ", $userfile_name));
if (preg_match("/(\\." . join("|\\.", $this->disallowed_extensions) . ")\$/", $userfile_name)) {
$message->pushContent($err_header);
$message->pushContent(fmt("Files with extension %s are not allowed.", join(", ", $this->disallowed_extensions)), HTML::br(), HTML::br());
} elseif (preg_match("/[^._a-zA-Z0-9-]/", $userfile_name)) {
$message->pushContent($err_header);
$message->pushContent(_("File names may only contain alphanumeric characters and dot, underscore or dash."), HTML::br(), HTML::br());
} elseif (file_exists($file_dir . $userfile_name)) {
$message->pushContent($err_header);
$message->pushContent(fmt("There is already a file with name %s uploaded.", $userfile_name), HTML::br(), HTML::br());
} elseif ($userfile->getSize() > MAX_UPLOAD_SIZE) {
$message->pushContent($err_header);
$message->pushContent(_("Sorry but this file is too big."), HTML::br(), HTML::br());
} elseif (move_uploaded_file($userfile_tmpname, $file_dir . $userfile_name) or IsWindows() and rename($userfile_tmpname, $file_dir . $userfile_name)) {
$interwiki = new PageType_interwikimap();
$link = $interwiki->link("Upload:{$userfile_name}");
$message->pushContent(HTML::h2(_("File successfully uploaded.")));
$message->pushContent(HTML::ul(HTML::li($link)));
// the upload was a success and we need to mark this event in the "upload log"
if ($logfile) {
$upload_log = $file_dir . basename($logfile);
$this->log($userfile, $upload_log, $message);
}
if ($autolink) {
require_once "lib/loadsave.php";
$pagehandle = $dbi->getPage($page);
if ($pagehandle->exists()) {
// don't replace default contents
$current = $pagehandle->getCurrentRevision();
$version = $current->getVersion();
$text = $current->getPackedContent();
$newtext = $text . "\n* [Upload:{$userfile_name}]";
$meta = $current->_data;
$meta['summary'] = sprintf(_("uploaded %s"), $userfile_name);
$pagehandle->save($newtext, $version + 1, $meta);
}
}
} else {
$message->pushContent($err_header);
$message->pushContent(HTML::br(), _("Uploading failed."), HTML::br());
}
} else {
$message->pushContent(HTML::br(), HTML::br());
}
//$result = HTML::div( array( 'class' => 'wikiaction' ) );
$result = HTML();
$result->pushContent($form);
$result->pushContent($message);
return $result;
}
