<?php
/**
* controls are written in saveform.php
* !isset($_FILES['Filedata']['name'] and !$_FILES['Filedata']['name'] => no file sent
* !isset($_GET['btn_upload_id']) and !in_array($_GET['btn_upload_id'], $isset_btn) => upload buttons are not set
* !in_array($fileinfo['extension'], $upload_auth_ext) => unauthorized extension
* !$_FILES['Filedata']['size'] => empty file
* if($_FILES['Filedata']['size'] > xxx) => unauthorized file size'
*/
session_start();
// SWFUpload
require_once '../inc/contactform.config.php';
require_once '../class/class.contactform.php';
$contactform_obj = new contactForm($cfg);
$_FILES['Filedata']['name'] = $contactform_obj->quote_smart($_FILES['Filedata']['name']);
// ^-- if file name contains simple quotes => {"filename":"aaa\'aaa.gif"} => json won't be parsed correctly
function uploadFile($copy_src_filename, $originalfilename, $testnewfilename)
{
global $i;
$dir_upload = '../upload/';
if (!is_writable($dir_upload)) {
@chmod($dir_upload, 0755);
}
if (file_exists($dir_upload . $testnewfilename)) {
$fileinfo = pathinfo($originalfilename);
$filename_noext = basename($originalfilename, '.' . $fileinfo['extension']);
$i++;
$suffix = str_pad($i, 3, '0', STR_PAD_LEFT);
$newfilename = $filename_noext . ' - ' . $suffix . '.' . $fileinfo['extension'];
uploadFile($copy_src_filename, $originalfilename, $newfilename);
<?php
session_start();
require_once '../inc/contactform.config.php';
require_once '../class/class.contactform.php';
$contactform_obj = new contactForm($cfg);
$json_error = '';
$post_required_email = array('cfg-element-30-3');
/**
* required files and elements are written in saveform.php
* $post_required_element = array...
* $post_required_email = array...
* $json_error = '';
* json error message for invalid captcha (captcha_img_string)
*/
// delete the files the user uploaded and then deleted
if (isset($_POST['deleteuploadedfile']) && $_POST['deleteuploadedfile']) {
foreach ($_POST['deleteuploadedfile'] as $value) {
if (in_array($value, $_SESSION['uploaded_files'])) {
@unlink('../upload/' . $contactform_obj->quote_smart($value));
}
}
}
if (isset($_POST['form_value_array']) && $_POST['form_value_array']) {
foreach ($_POST['form_value_array'] as $value) {
$contactform_obj->mergePost($value);
}
}
// print_r($post_element_ids);print_r($contactform_obj->merge_post);
if (isset($post_required_element) && $post_required_element && isset($contactform_obj->merge_post) && $contactform_obj->merge_post) {
foreach ($post_required_element as $value) {
public function callProcesscontactforms()
{
/* Include classes we need */
include_once LOCAL_PATH . 'application/localExt/contactForm/index.php';
/* */
$contactForm = new contactForm();
return $contactForm->getResult();
}