static function check_uploaded_file($files, $unused = null, $field = array())
{
$files = explode("|", $files);
$size = 0;
if (!empty($field["SIMPLE_FILE_SIZE"])) {
$size = str_replace(array("M", "K"), array("000000", "000"), $field["SIMPLE_FILE_SIZE"]);
}
$exts = explode(",", INVALID_EXTENSIONS);
foreach ($files as $file) {
if ($file == "") {
continue;
}
if (!file_exists($file)) {
return "{t}Error{/t}: {t}file not found.{/t}";
}
if ($size != 0 and filesize($file) > $size) {
return "{t}Error{/t}: {t}file is too big. Please upload a smaller one.{/t} (" . modify::basename($file) . " > " . $field["SIMPLE_FILE_SIZE"] . ")";
}
$ext = modify::getfileext($file);
if (in_array($ext, $exts)) {
return sprintf("{t}this file extension is not allowed{/t} (%s)", $ext);
}
}
return "";
}
static function select($path, $fields, $where, $order, $limit, $vars, $mfolder)
{
if (sys_allowedpath($path) != "") {
return array();
}
$file_array = array();
if (!($handle = @opendir($path))) {
return array();
}
while (false !== ($file = readdir($handle))) {
if ($file == '.' or $file == '..' or is_dir($path . $file)) {
continue;
}
$file_array[] = $file;
}
closedir($handle);
if ($fields == array("*")) {
$fields = array("id", "folder");
}
$rows = array();
foreach ($file_array as $filename) {
$ext = modify::getfileext($filename);
if ($ext == "meta") {
continue;
}
$data = stat($path . $filename);
$row = array();
foreach ($fields as $field) {
switch ($field) {
case "filedata":
case "id":
$row[$field] = $path . $filename;
break;
case "folder":
$row[$field] = $path;
break;
case "filename":
case "searchcontent":
$row[$field] = $filename;
break;
case "fileext":
$row[$field] = $ext;
break;
case "fileatime":
$row[$field] = $data["atime"];
break;
case "created":
$row[$field] = $data["ctime"];
break;
case "lastmodified":
$row[$field] = $data["mtime"];
break;
case "lastmodifiedby":
$row[$field] = "";
break;
case "fileperms":
$row[$field] = $data["mode"];
break;
case "filesize":
$row[$field] = $data["size"];
break;
default:
$row[$field] = "";
break;
}
}
if (sys_select_where($row, $where, $vars)) {
$rows[] = $row;
}
}
$rows = sys_select($rows, $order, $limit, $fields);
if (count($rows) > 0) {
foreach ($rows as $key => $row) {
$meta = self::_get_meta($row["id"]);
foreach ($meta as $mkey => $mval) {
$rows[$key][$mkey] = $mval;
}
}
}
return $rows;
}
static function select($path, $fields, $where, $order, $limit, $vars, $mfolder)
{
if ($fields == array("*")) {
$fields = array("id", "folder");
}
$rows = array();
$entries = self::_select_xml($path, $mfolder);
foreach ($entries as $entry) {
$ext = modify::getfileext($entry->title);
$row = array();
foreach ($fields as $field) {
switch ($field) {
case "filedata":
case "id":
$row[$field] = basename($entry->id);
break;
case "folder":
$row[$field] = $path;
break;
case "filedata_show":
case "filename":
case "searchcontent":
$row[$field] = (string) $entry->title;
break;
case "fileext":
$row[$field] = $ext;
break;
case "created":
$row[$field] = strtotime($entry->published);
break;
case "lastmodified":
$row[$field] = strtotime($entry->updated);
break;
case "lastmodifiedby":
$row[$field] = (string) $entry->author->name;
break;
case "filesize":
$row[$field] = (int) $entry->gd_quotaBytesUsed;
break;
default:
$row[$field] = "";
break;
}
}
$row["_lastmodified"] = strtotime($entry->updated);
$row["_url"] = (string) $entry->content["src"];
$row["_filename"] = (string) $entry->title;
$meta = sys_build_meta($entry->docs_description, array());
if (empty($meta)) {
$meta["description"] = (string) $entry->docs_description;
}
$row = array_merge($row, $meta);
if (sys_select_where($row, $where, $vars)) {
$rows[] = $row;
}
}
$rows = sys_select($rows, $order, $limit, $fields);
if (count($rows) > 0 and in_array("filedata", $fields)) {
foreach ($rows as $key => $row) {
$filename = sys_cache_get_file("gdocs", $row["id"] . $row["_lastmodified"], "--" . modify::basename($row["_filename"]), true);
if (!file_exists($filename) and (!isset($row["filesize"]) or $row["filesize"] < GDOCS_PREVIEW_LIMIT)) {
$fout = fopen($filename, "wb");
$fin = fopen($row["_url"], "rb", false, self::_get_context($mfolder));
if (is_resource($fin) and is_resource($fout)) {
while (!feof($fin)) {
fwrite($fout, fread($fin, 8192));
}
fclose($fin);
fclose($fout);
}
}
$rows[$key]["filedata"] = $filename;
}
}
return $rows;
}
function _download_resize($row_filename)
{
$row_filename_resize = SIMPLE_CACHE . "/thumbs/" . sha1($row_filename) . "_" . filemtime($row_filename) . "_" . $_REQUEST["image_width"] . "_" . $_REQUEST["image_height"] . ".jpg";
if (file_exists($row_filename_resize)) {
return $row_filename_resize;
}
$src_files = array("gif", "jpg", "jpeg", "png");
$ext = modify::getfileext($row_filename);
$new_width = "";
$new_height = "";
if (empty($_REQUEST["image_width"]) and empty($_REQUEST["image_height"])) {
$new_width = 250;
$new_height = 200;
}
if (isset($_REQUEST["image_width"]) and is_numeric($_REQUEST["image_width"]) and $_REQUEST["image_width"] > 0) {
$new_width = $_REQUEST["image_width"];
}
if (isset($_REQUEST["image_height"]) and is_numeric($_REQUEST["image_height"]) and $_REQUEST["image_height"] > 0) {
$new_height = $_REQUEST["image_height"];
}
if ($new_width != "" or $new_height != "") {
$resize = "-resize \"" . $new_width . "x" . $new_height . ">\"";
}
if ($resize != "" or !in_array($ext, $src_files)) {
$result = "";
$src = modify::realfilename($row_filename);
$target = modify::realfilename($row_filename_resize);
$result = sys_exec(sys_find_bin("convert") . " -quality 50 " . $resize . " " . $src . "[0] " . $target);
if ($result == "") {
$row_filename = $row_filename_resize;
} else {
sys_log_message_log("php-fail", "proc_open: " . $result);
}
if ($result != "" and in_array($ext, $src_files)) {
list($width, $height) = @getimagesize($row_filename);
if ($width != "" and $height != "") {
if ($width != $new_width or $height != $new_height) {
$prop = $width / $height;
if ($width != $new_width and $height != $new_height) {
$new_height2 = round($new_width / $prop);
if ($new_height2 > $new_height) {
$new_width = round($new_height * $prop);
}
} else {
if ($width != $new_width) {
$new_height = round($new_width / $prop);
} else {
$new_width = round($new_height * $prop);
}
}
$image_p = imagecreatetruecolor($new_width, $new_height);
imagecopyresized($image_p, imagecreatefromstring(file_get_contents($row_filename)), 0, 0, 0, 0, $new_width, $new_height, $width, $height);
imagejpeg($image_p, $row_filename_resize, 50);
$row_filename = $row_filename_resize;
}
}
}
}
return $row_filename;
}
private static function _url_getfilename($url)
{
$filename = basename($url);
if ($filename == "") {
$filename = "default.txt";
}
$match = array();
if (preg_match("|filename=(.*?)&|", $url, $match) and isset($match[1])) {
$filename = rawurldecode($match[1]);
} else {
$filename = preg_replace("|([^a-z0-9-_.])|i", "_", $filename);
$ext = modify::getfileext($filename);
if ($ext == "" or strlen($ext) > 5) {
$filename .= ".txt";
}
if (strlen($filename) > 50) {
$filename = substr($filename, strlen($filename) - 50);
}
}
return $filename;
}
static function select($path, $fields, $where, $order, $limit, $vars, $mfolder)
{
$path = SIMPLE_STORE . "/backup/";
if (sys_allowedpath($path) != "") {
return array();
}
$file_array = array();
if (!($handle = @opendir($path))) {
return array();
}
while (false !== ($file = readdir($handle))) {
if ($file == '.' or $file == '..' or is_dir($path . $file)) {
continue;
}
if (modify::getfileext($file) != "tar") {
continue;
}
$file_array[] = $file;
}
closedir($handle);
$rows = array();
foreach ($file_array as $filename) {
$data = stat($path . $filename);
$row = array();
foreach ($fields as $field) {
switch ($field) {
case "filedata":
case "id":
$row[$field] = $path . $filename;
break;
case "folder":
$row[$field] = $vars["folder"];
break;
case "category":
$row[$field] = str_replace(array("__"), array("/"), substr(modify::basename($filename), 0, strpos(modify::basename($filename), "--")));
break;
case "filename":
$row[$field] = basename(str_replace(array("__"), array("/"), modify::basename($filename)));
$row[$field] = substr($row[$field], 0, strpos($row[$field], "--"));
if ($row[$field] == "") {
$row[$field] = $filename;
}
break;
case "searchcontent":
$row[$field] = $filename;
break;
case "createdby":
case "lastmodifiedby":
$row[$field] = "";
break;
case "created":
$row[$field] = $data["ctime"];
break;
case "lastmodified":
$row[$field] = $data["mtime"];
break;
case "filesize":
$row[$field] = $data["size"];
break;
default:
$row[$field] = "";
break;
}
}
if (sys_select_where($row, $where, $vars)) {
$rows[] = $row;
}
}
$rows = sys_select($rows, $order, $limit, $fields);
return $rows;
}
$ext = modify::getfileext(urldecode($_SERVER["REQUEST_URI"]));
if (in_array($ext, explode(",", INVALID_EXTENSIONS))) {
sys_error(t("{t}this file extension is not allowed{/t}") . " (" . $ext . ")", "403 Forbidden");
}
$content_length = sys_get_header("Content-Length");
if ($content_length == 0 and strtolower($_REQUEST["action"]) != "move") {
_upload_success();
}
if (strtolower($_REQUEST["action"]) == "move" and !empty($_SERVER["HTTP_DESTINATION"])) {
$_SERVER["REQUEST_URI"] = substr($_SERVER["HTTP_DESTINATION"], strpos($_SERVER["HTTP_DESTINATION"], "/sgdav/"));
}
if ($_REQUEST["item"] == "session") {
$path = str_replace("//", "/", urldecode($_SERVER["REQUEST_URI"]));
$filename = basename($path);
$path = dirname($path);
if (sys_strbegins($filename, "~") or sys_strbegins($filename, ".") or modify::getfileext($filename) == "tmp") {
$target = SIMPLE_CACHE . "/upload/" . $_SESSION["username"] . sha1($path) . "--" . urlencode($filename);
if ($fp = fopen("php://input", "r") and $ft = fopen($target, "wb")) {
while (!feof($fp)) {
fwrite($ft, fread($fp, 8192));
}
fclose($fp);
fclose($ft);
_upload_success();
} else {
sys_error("cant write", "403 Forbidden");
}
} else {
$target_lnk = SIMPLE_CACHE . "/upload/" . $_SESSION["username"] . sha1($path) . "--" . urlencode($filename) . ".link";
if (file_exists($target_lnk)) {
$link = file($target_lnk);
static function select($path, $fields, $where, $order, $limit, $vars, $mfolder)
{
$file_array = array();
try {
$ntlm = self::_get_ntlm($mfolder);
$w = new Java("jcifs.smb.SmbFile", "smb://" . $path, $ntlm);
if ($files = $w->listFiles()) {
foreach ($files as $file) {
if ($file->isFile()) {
$file_array[] = $file;
}
}
}
} catch (Exception $e) {
if (DEBUG_JAVA) {
$msg = java_cast($e, "string");
} else {
$msg = $e->getMessage();
}
sys_warning("{t}Access denied.{/t} [select] " . $msg . " " . $path);
}
if ($fields == array("*")) {
$fields = array("id", "folder");
}
$rows = array();
foreach ($file_array as $file) {
$ext = modify::getfileext($file->getName());
if ($ext == "meta") {
continue;
}
$row = array();
foreach ($fields as $field) {
switch ($field) {
case "filedata":
case "id":
$row[$field] = $path . $file->getName();
break;
case "folder":
$row[$field] = $path;
break;
case "filedata_show":
case "filename":
case "searchcontent":
$row[$field] = (string) $file->getName();
break;
case "fileext":
$row[$field] = $ext;
break;
case "fileatime":
$row[$field] = $file->getLastAccess();
break;
case "created":
$row[$field] = $file->createTime() / 1000;
break;
case "lastmodified":
$row[$field] = $file->getLastModified() / 1000;
break;
case "lastmodifiedby":
$row[$field] = "";
break;
case "filesize":
$row[$field] = $file->length();
break;
default:
$row[$field] = "";
break;
}
}
$row["_lastmodified"] = $file->getLastModified() / 1000;
if (sys_select_where($row, $where, $vars)) {
$rows[] = $row;
}
}
$rows = sys_select($rows, $order, $limit, $fields);
if (count($rows) > 0) {
if (in_array("filedata", $fields)) {
foreach ($rows as $key => $row) {
$filename = sys_cache_get_file("cifs", $row["id"] . $row["_lastmodified"], "--" . modify::basename($row["id"]), true);
if (!file_exists($filename) and (!isset($row["filesize"]) or $row["filesize"] < CIFS_PREVIEW_LIMIT)) {
$w = new Java("jcifs.smb.SmbFile", "smb://" . $row["id"], $ntlm);
$out = new Java("java.io.FileOutputStream", modify::realfilename($filename, false));
$w->store($out);
}
$rows[$key]["filedata"] = $filename;
}
}
foreach ($rows as $key => $row) {
$meta = array();
try {
$meta = self::_get_meta($row["id"], $mfolder, $ntlm);
} catch (Exception $e) {
if (DEBUG_JAVA) {
$msg = java_cast($e, "string");
} else {
$msg = $e->getMessage();
}
sys_warning("{t}Access denied.{/t} [get_meta] " . $msg . " " . $path);
}
foreach ($meta as $mkey => $mval) {
$rows[$key][$mkey] = $mval;
}
}
}
return $rows;
}