/** * Returns a form upload as a FileUpload object. This function throws an exeption on fail * with details, so it is recommended to use try/catch when calling this function * * @param string $fieldname name of the html form field * @param bool $b64encode true to base64encode file data (default false) * @param bool $ignore_empty true to not throw exception if form fields doesn't contain a file (default false) * @param int $max_kb maximum size allowed for upload (default unlimited) * @param array $ok_types if array is provided, only files with those Extensions will be allowed (default all) * @return FileUpload object (or null if $ignore_empty = true and there is no file data) */ public static function GetFileUpload($fieldname, $ignore_empty = false, $max_kb = 0, $ok_types = null) { // make sure there is actually a file upload if (!isset($_FILES[$fieldname])) { // this means the form field wasn't present which is generally an error // however if ignore is specified, then return empty string if ($ignore_empty) { return null; } throw new Exception("\$_FILES['" . $fieldname . "'] is empty. Did you forget to add enctype='multipart/form-data' to your form code?"); } // make sure a file was actually uploaded, otherwise return null if ($_FILES[$fieldname]['error'] == 4) { return; } // get the upload ref $upload = $_FILES[$fieldname]; // make sure there were no errors during upload, but ignore case where if ($upload['error']) { $error_codes[0] = "The file uploaded with success."; $error_codes[1] = "The uploaded file exceeds the upload_max_filesize directive in php.ini."; $error_codes[2] = "The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the html form."; $error_codes[3] = "The uploaded file was only partially uploaded."; $error_codes[4] = "No file was uploaded."; throw new Exception("Error uploading file: " . $error_codes[$upload['error']]); } // backwards compatibility if (self::$TestMode) { self::$VALIDATE_FILE_UPLOAD = false; } // make sure this is a legit file request if (self::$VALIDATE_FILE_UPLOAD && is_uploaded_file($upload['tmp_name']) == false) { throw new Exception("Unable to access this upload: " . $fieldname); } // get the filename and Extension $tmp_path = $upload['tmp_name']; $info = pathinfo($upload['name']); require_once "FileUpload.php"; $fupload = new FileUpload(); $fupload->Name = $info['basename']; $fupload->Size = $upload['size']; $fupload->Type = $upload['type']; $fupload->Extension = strtolower($info['extension']); if ($ok_types && !in_array($fupload->Extension, $ok_types)) { throw new Exception("The file '" . htmlentities($fupload->Name) . "' is not a type that is allowed. Allowed file types are: " . implode(", ", $ok_types) . "."); } if ($max_kb && $fupload->Size / 1024 > $max_kb) { throw new Exception("The file '" . htmlentities($fupload->Name) . "' is to large. Maximum allowed size is " . number_format($max_kb / 1024, 2) . "Mb"); } // open the file and read the entire contents $fh = fopen($tmp_path, "r"); $fupload->Data = fread($fh, filesize($tmp_path)); fclose($fh); return $fupload; }