function nf_uploadfile($filename, &$upload_file, $allowablefiletypes, $filestore_path)
{
global $_FILES, $_CONF, $_TABLES, $CONF_NF, $LANG_GF00;
include_once $_CONF['path_system'] . 'classes/upload.class.php';
$upload = new upload();
$upload->setPath($filestore_path);
$upload->setLogging(true);
$upload->setAutomaticResize(false);
$upload->setAllowedMimeTypes($allowablefiletypes);
$upload->setMaxFileSize($CONF_NF['max_uploadfile_size']);
if (strlen($upload_file['name']) > 0) {
$upload->setFileNames($filename);
$upload->setPerms($CONF_NF['fileperms']);
$upload->_currentFile = $upload_file;
// Verify file meets size limitations
if (!$upload->_fileSizeOk()) {
$upload->_addError('File, ' . $upload->_currentFile['name'] . ', is bigger than the ' . $upload->_maxFileSize . ' byte limit');
}
// If all systems check, do the upload
if ($upload->checkMimeType() and $upload->_imageSizeOK() and !$upload->areErrors()) {
if ($upload->_copyFile()) {
$upload->_uploadedFiles[] = $upload->_fileUploadDirectory . '/' . $upload->_getDestinationName();
}
}
$upload->_currentFile = array();
if ($upload->areErrors() and !$upload->_continueOnError) {
$errmsg = "Workflow Upload Attachment Error:" . $upload->printErrors(false);
COM_errorlog($errmsg);
$GLOBALS['nf_errmsg'] = $LANG_GF00['uploaderr'] . ':<BR>' . $upload->printErrors(false);
return false;
}
return true;
} else {
return false;
}
return false;
}
/**
* Upload new topic icon, replaces previous icon if one exists
*
* @param string tid ID of topic to prepend to filename
* @return string filename of new photo (empty = no new photo)
*
*/
function handleIconUpload($tid)
{
global $_CONF, $_TABLES, $LANG27;
require_once $_CONF['path_system'] . 'classes/upload.class.php';
$upload = new upload();
if (!empty($_CONF['image_lib'])) {
if ($_CONF['image_lib'] == 'imagemagick') {
// Using imagemagick
$upload->setMogrifyPath($_CONF['path_to_mogrify']);
} elseif ($_CONF['image_lib'] == 'netpbm') {
// using netPBM
$upload->setNetPBM($_CONF['path_to_netpbm']);
} elseif ($_CONF['image_lib'] == 'gdlib') {
// using the GD library
$upload->setGDLib();
}
$upload->setAutomaticResize(true);
if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
$upload->setLogFile($_CONF['path'] . 'logs/error.log');
$upload->setDebug(true);
}
if (isset($_CONF['jpeg_quality'])) {
$upload->setJpegQuality($_CONF['jpeg_quality']);
}
}
$upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
if (!$upload->setPath($_CONF['path_images'] . 'topics')) {
$display = COM_siteHeader('menu', $LANG27[29]);
$display .= COM_startBlock($LANG27[29], '', COM_getBlockTemplate('_msg_block', 'header'));
$display .= $upload->printErrors(false);
$display .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$display .= COM_siteFooter();
COM_output($display);
exit;
// don't return
}
$filename = '';
// see if user wants to upload a (new) icon
$newicon = $_FILES['newicon'];
if (!empty($newicon['name'])) {
$pos = strrpos($newicon['name'], '.') + 1;
$fextension = substr($newicon['name'], $pos);
$filename = 'topic_' . $tid . '.' . $fextension;
}
// do the upload
if (!empty($filename)) {
$upload->setFileNames($filename);
$upload->setPerms('0644');
if ($_CONF['max_topicicon_width'] > 0 && $_CONF['max_topicicon_height'] > 0) {
$upload->setMaxDimensions($_CONF['max_topicicon_width'], $_CONF['max_topicicon_height']);
} else {
$upload->setMaxDimensions($_CONF['max_image_width'], $_CONF['max_image_height']);
}
if ($_CONF['max_topicicon_size'] > 0) {
$upload->setMaxFileSize($_CONF['max_topicicon_size']);
} else {
$upload->setMaxFileSize($_CONF['max_image_size']);
}
$upload->uploadFiles();
if ($upload->areErrors()) {
$display = COM_siteHeader('menu', $LANG27[29]);
$display .= COM_startBlock($LANG27[29], '', COM_getBlockTemplate('_msg_block', 'header'));
$display .= $upload->printErrors(false);
$display .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$display .= COM_siteFooter();
COM_output($display);
exit;
// don't return
}
$filename = '/images/topics/' . $filename;
}
return $filename;
}
function CLASSIFIEDS_saveImage($ad, $FILES, $clid)
{
global $_CONF, $_CLASSIFIEDS_CONF, $_TABLES, $LANG24;
$args =& $ad;
// Handle Magic GPC Garbage:
while (list($key, $value) = each($args)) {
if (!is_array($value)) {
$args[$key] = COM_stripslashes($value);
} else {
while (list($subkey, $subvalue) = each($value)) {
$value[$subkey] = COM_stripslashes($subvalue);
}
}
}
// Delete any images if needed
if (array_key_exists('delete', $args)) {
$delete = count($args['delete']);
for ($i = 1; $i <= $delete; $i++) {
$pi_filename = DB_getItem($_TABLES['cl_pic'], 'pi_filename', 'pi_pid = ' . $clid . ' AND pi_img_num = ' . key($args['delete']));
CLASSIFIEDS_deleteImage($pi_filename);
DB_query("DELETE FROM {$_TABLES['cl_pic']} WHERE pi_pid = " . $clid . " AND pi_img_num = " . key($args['delete']));
next($args['delete']);
}
}
// OK, let's upload any pictures with the ad
if (DB_count($_TABLES['cl_pic'], 'pi_pid', $clid) > 0) {
$index_start = DB_getItem($_TABLES['cl_pic'], 'max(pi_img_num)', "pi_pid = '" . $clid . "'") + 1;
} else {
$index_start = 1;
}
if (count($FILES) > 0 and $_CLASSIFIEDS_CONF['max_images_per_ad'] > 0) {
require_once $_CONF['path_system'] . 'classes/upload.class.php';
$upload = new upload();
//Debug with story debug function
if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
$upload->setLogFile($_CONF['path'] . 'logs/error.log');
$upload->setDebug(true);
}
$upload->setMaxFileUploads($_CLASSIFIEDS_CONF['max_images_per_ad']);
if (!empty($_CONF['image_lib'])) {
if ($_CONF['image_lib'] == 'imagemagick') {
// Using imagemagick
$upload->setMogrifyPath($_CONF['path_to_mogrify']);
} elseif ($_CONF['image_lib'] == 'netpbm') {
// using netPBM
$upload->setNetPBM($_CONF['path_to_netpbm']);
} elseif ($_CONF['image_lib'] == 'gdlib') {
// using the GD library
$upload->setGDLib();
}
$upload->setAutomaticResize(true);
$upload->keepOriginalImage(false);
if (isset($_CONF['jpeg_quality'])) {
$upload->setJpegQuality($_CONF['jpeg_quality']);
}
}
$upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
if (!$upload->setPath($_CLASSIFIEDS_CONF['path_images'])) {
$output = COM_siteHeader('menu', $LANG24[30]);
$output .= COM_startBlock($LANG24[30], '', COM_getBlockTemplate('_msg_block', 'header'));
$output .= $upload->printErrors(false);
$output .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$output .= COM_siteFooter();
echo $output;
exit;
}
// NOTE: if $_CONF['path_to_mogrify'] is set, the call below will
// force any images bigger than the passed dimensions to be resized.
// If mogrify is not set, any images larger than these dimensions
// will get validation errors
$upload->setMaxDimensions($_CLASSIFIEDS_CONF['max_image_width'], $_CLASSIFIEDS_CONF['max_image_height']);
$upload->setMaxFileSize($_CLASSIFIEDS_CONF['max_image_size']);
// size in bytes, 1048576 = 1MB
// Set file permissions on file after it gets uploaded (number is in octal)
$upload->setPerms('0644');
$filenames = array();
$end_index = $index_start + $upload->numFiles() - 1;
for ($z = $index_start; $z <= $end_index; $z++) {
$curfile = current($FILES);
if (!empty($curfile['name'])) {
$pos = strrpos($curfile['name'], '.') + 1;
$fextension = substr($curfile['name'], $pos);
$filenames[] = $clid . '_' . $z . '.' . $fextension;
}
next($FILES);
}
$upload->setFileNames($filenames);
reset($FILES);
$upload->uploadFiles();
if ($upload->areErrors()) {
$retval = COM_siteHeader('menu', $LANG24[30]);
$retval .= COM_startBlock($LANG24[30], '', COM_getBlockTemplate('_msg_block', 'header'));
$retval .= $upload->printErrors(false);
$retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$retval .= COM_siteFooter();
echo $retval;
exit;
}
reset($filenames);
for ($z = $index_start; $z <= $end_index; $z++) {
DB_query("INSERT INTO {$_TABLES['cl_pic']} (pi_pid, pi_img_num, pi_filename) VALUES ('" . $clid . "', {$z}, '" . current($filenames) . "')");
next($filenames);
}
}
return true;
}
public function testSetMaxFileSizeNotNumeric()
{
$this->assertFalse($this->up->setMaxFileSize('Hello'));
}
/**
* Upload new photo, delete old photo
*
* @param string $delete_photo 'on': delete old photo
* @return string filename of new photo (empty = no new photo)
*
*/
function handlePhotoUpload($delete_photo = '')
{
global $_CONF, $_TABLES, $_USER, $LANG24;
require_once $_CONF['path_system'] . 'classes/upload.class.php';
$upload = new upload();
if (!empty($_CONF['image_lib'])) {
if ($_CONF['image_lib'] == 'imagemagick') {
// Using imagemagick
$upload->setMogrifyPath($_CONF['path_to_mogrify']);
} elseif ($_CONF['image_lib'] == 'netpbm') {
// using netPBM
$upload->setNetPBM($_CONF['path_to_netpbm']);
} elseif ($_CONF['image_lib'] == 'gdlib') {
// using the GD library
$upload->setGDLib();
}
$upload->setAutomaticResize(true);
if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
$upload->setLogFile($_CONF['path'] . 'logs/error.log');
$upload->setDebug(true);
}
if (isset($_CONF['jpeg_quality'])) {
$upload->setJpegQuality($_CONF['jpeg_quality']);
}
}
$upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
if (!$upload->setPath($_CONF['path_images'] . 'userphotos')) {
$display = COM_siteHeader('menu', $LANG24[30]);
$display .= COM_startBlock($LANG24[30], '', COM_getBlockTemplate('_msg_block', 'header'));
$display .= $upload->printErrors(false);
$display .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$display .= COM_siteFooter();
COM_output($display);
exit;
// don't return
}
$filename = '';
if (!empty($delete_photo) && $delete_photo == 'on') {
$delete_photo = true;
} else {
$delete_photo = false;
}
$curphoto = DB_getItem($_TABLES['users'], 'photo', "uid = {$_USER['uid']}");
if (empty($curphoto)) {
$delete_photo = false;
}
// see if user wants to upload a (new) photo
$newphoto = $_FILES['photo'];
if (!empty($newphoto['name'])) {
$pos = strrpos($newphoto['name'], '.') + 1;
$fextension = substr($newphoto['name'], $pos);
$filename = $_USER['username'] . '.' . $fextension;
if (!empty($curphoto) && $filename != $curphoto) {
$delete_photo = true;
} else {
$delete_photo = false;
}
}
// delete old photo first
if ($delete_photo) {
USER_deletePhoto($curphoto);
}
// now do the upload
if (!empty($filename)) {
$upload->setFileNames($filename);
$upload->setPerms('0644');
if ($_CONF['max_photo_width'] > 0 && $_CONF['max_photo_height'] > 0) {
$upload->setMaxDimensions($_CONF['max_photo_width'], $_CONF['max_photo_height']);
} else {
$upload->setMaxDimensions($_CONF['max_image_width'], $_CONF['max_image_height']);
}
if ($_CONF['max_photo_size'] > 0) {
$upload->setMaxFileSize($_CONF['max_photo_size']);
} else {
$upload->setMaxFileSize($_CONF['max_image_size']);
}
$upload->uploadFiles();
if ($upload->areErrors()) {
$display = COM_siteHeader('menu', $LANG24[30]);
$display .= COM_startBlock($LANG24[30], '', COM_getBlockTemplate('_msg_block', 'header'));
$display .= $upload->printErrors(false);
$display .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$display .= COM_siteFooter();
COM_output($display);
exit;
// don't return
}
} else {
if (!$delete_photo && !empty($curphoto)) {
$filename = $curphoto;
}
}
return $filename;
}
function addDownload()
{
global $_CONF, $_USER, $_TABLES, $filemgmt_FileStoreURL, $filemgmt_FileSnapURL, $filemgmt_FileStore, $filemgmt_SnapStore;
global $myts, $eh, $_FMDOWNLOAD, $filemgmtFilePermissions;
if (defined('DEMO_MODE')) {
redirect_header($_CONF['site_url'] . "/index.php", 10, 'Uploads are disabled in demo mode');
exit;
}
$title = $myts->makeTboxData4Save($_POST['title']);
$homepage = $myts->makeTboxData4Save($_POST['homepage']);
$version = $myts->makeTboxData4Save($_POST['version']);
$description = $myts->makeTareaData4Save($_POST['description']);
$commentoption = $_POST['commentoption'];
$fileurl = COM_applyFilter($_POST['fileurl']);
$submitter = $_USER['uid'];
$errormsg = "";
// Check if Title blank
if ($title == "") {
$eh->show("1104");
}
// Check if Description blank
if ($description == "") {
$eh->show("1105");
}
// Check if a file was uploaded
if ($_FILES['newfile']['size'] == 0 && empty($fileurl)) {
$eh->show("1017");
}
if (!empty($_POST['cid'])) {
$cid = $_POST['cid'];
} else {
$cid = 0;
$eh->show("1110");
}
$filename = '';
//$myts->makeTboxData4Save($_FILES['newfile']['name']);
$url = '';
//$myts->makeTboxData4Save(rawurlencode($filename));
$snapfilename = '';
// = $myts->makeTboxData4Save($_FILES['newfileshot']['name']);
$logourl = '';
//$myts->makeTboxData4Save(rawurlencode($snapfilename));
require_once $_CONF['path_system'] . 'classes/upload.class.php';
$upload = new upload();
$upload->setFieldName('newfile');
$upload->setPath($filemgmt_FileStore);
$upload->setAllowAnyMimeType(true);
// allow any file type
$upload->setMaxFileSize(100000000);
if ($upload->numFiles() > 0) {
$upload->uploadFiles();
if ($upload->areErrors()) {
$errmsg = "Upload Error: " . $upload->printErrors(false);
COM_errorLog($errmsg);
$eh->show("1106");
} else {
$size = $myts->makeTboxData4Save(intval($upload->_currentFile['size']));
$filename = $myts->makeTboxData4Save($upload->_currentFile['name']);
$url = $myts->makeTboxData4Save(rawurlencode($filename));
$pos = strrpos($filename, '.') + 1;
$fileExtension = strtolower(substr($filename, $pos));
if (array_key_exists($fileExtension, $_FMDOWNLOAD)) {
if ($_FMDOWNLOAD[$fileExtension] == 'reject') {
COM_errorLOG("AddNewFile - New Upload file is rejected by config rule:{$uploadfilename}");
$eh->show("1109");
} else {
$fileExtension = $_FMDOWNLOAD[$fileExtension];
$pos = strrpos($url, '.') + 1;
$url = strtolower(substr($url, 0, $pos)) . $fileExtension;
$pos2 = strrpos($filename, '.') + 1;
$filename = substr($filename, 0, $pos2) . $fileExtension;
}
}
$AddNewFile = true;
}
}
if ($upload->numFiles() == 0 && !$upload->areErrors() && !empty($fileurl)) {
$url = $fileurl;
$size = 0;
$AddNewFile = true;
}
$upload = new upload();
$upload->setFieldName('newfileshot');
$upload->setPath($filemgmt_SnapStore);
$upload->setAllowAnyMimeType(false);
$upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
$upload->setAutomaticResize(true);
if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
$upload->setLogFile($_CONF['path'] . 'logs/error.log');
$upload->setDebug(true);
}
$upload->setMaxDimensions(640, 480);
$upload->setAutomaticResize(true);
$upload->setMaxFileSize(100000000);
$upload->uploadFiles();
if ($upload->numFiles() > 0) {
if ($upload->areErrors()) {
$errmsg = "Upload Error: " . $upload->printErrors(false);
COM_errorLog($errmsg);
$eh->show("1106");
} else {
$snapfilename = $myts->makeTboxData4Save($upload->_currentFile['name']);
$logourl = $myts->makeTboxData4Save(rawurlencode($snapfilename));
$AddNewFile = true;
}
}
if ($AddNewFile) {
$chown = @chmod($filemgmt_FileStore . $filename, $filemgmtFilePermissions);
if (strlen($version) > 9) {
$version = substr($version, 0, 8);
}
$fields = 'cid, title, url, homepage, version, size, logourl, submitter, status, date, hits, rating, votes, comments';
$sql = "INSERT INTO {$_TABLES['filemgmt_filedetail']} ({$fields}) VALUES ";
$sql .= "('" . DB_escapeString($cid) . "','" . $title . "','" . $url . "','" . $homepage . "','" . $version . "','" . $size . "','" . $logourl . "','" . DB_escapeString($submitter) . "',1,UNIX_TIMESTAMP(),0,0,0,'" . DB_escapeString($commentoption) . "')";
DB_query($sql);
$newid = DB_insertID();
DB_query("INSERT INTO {$_TABLES['filemgmt_filedesc']} (lid, description) VALUES ({$newid}, '" . $description . "')");
PLG_itemSaved($newid, 'filemgmt');
CACHE_remove_instance('whatsnew');
if (isset($duplicatefile) && $duplicatefile) {
redirect_header("{$_CONF['site_admin_url']}/plugins/filemgmt/index.php", 2, _MD_NEWDLADDED_DUPFILE);
} elseif (isset($duplicatesnap) && $duplicatesnap) {
redirect_header("{$_CONF['site_admin_url']}/plugins/filemgmt/index.php", 2, _MD_NEWDLADDED_DUPSNAP);
} else {
redirect_header("{$_CONF['site_admin_url']}/plugins/filemgmt/index.php", 2, _MD_NEWDLADDED);
}
exit;
} else {
redirect_header("index.php", 2, _MD_ERRUPLOAD . "");
exit;
}
}
function nexform_uploadfile($filename, &$upload_file, $allowablefiletypes)
{
global $_FILES, $_CONF, $_TABLES, $CONF_FE, $LANG_FE_ERR;
include_once $_CONF['path_system'] . 'classes/upload.class.php';
$upload = new upload();
$upload->setPath($CONF_FE['uploadpath']);
$upload->setLogging(true);
$upload->setAutomaticResize(false);
$upload->setAllowedMimeTypes($allowablefiletypes);
// Set max dimensions as well in case user is uploading a full size image
$upload->setMaxDimensions($CONF_FE['max_uploadimage_width'], $CONF_FE['max_uploadimage_height']);
$upload->setMaxFileSize($CONF_FE['max_uploadfile_size']);
if (strlen($upload_file['name']) > 0) {
$upload->setFileNames($filename);
$upload->setPerms(FE_CHMOD_FILES);
$upload->_currentFile = $upload_file;
// Verify file meets size limitations
if (!$upload->_fileSizeOk()) {
$upload->_addError('File, ' . $upload->_currentFile['name'] . ', is bigger than the ' . $upload->_maxFileSize . ' byte limit');
}
// If all systems check, do the upload
if ($upload->checkMimeType() and $upload->_imageSizeOK() and !$upload->areErrors()) {
if ($upload->_copyFile()) {
$upload->_uploadedFiles[] = $upload->_fileUploadDirectory . '/' . $upload->_getDestinationName();
}
}
$upload->_currentFile = array();
if ($upload->areErrors() and !$upload->_continueOnError) {
$errmsg = "nexform: upload function error:" . $upload->printErrors(false);
COM_errorLog($errmsg);
$GLOBALS['fe_errmsg'] = $LANG_FE_ERR['upload1'] . ':<BR>' . $upload->printErrors(false);
return false;
}
return true;
} else {
return false;
}
return false;
}
function updatePage($mode, $type)
{
global $_CONF, $_TABLES, $_FILES, $_POST, $CONF_SE, $LANG_SE_ERR;
global $_DB_name, $catid, $pageid;
include_once $_CONF['path_system'] . 'classes/upload.class.php';
$name = substr(htmlentities($_POST['name']), 0, 32);
$pid = ppPrepareForDB($_POST['category']);
$old_sid = ppPrepareForDB($_POST['old_sid']);
$sid = ppPrepareForDB($_POST['sid'], true, 40);
$pageorder = COM_applyFilter($_POST['pageorder'], true);
if ($type == 'link') {
$menutype = 3;
} else {
$menutype = COM_applyFilter($_POST['menu_type'], true);
}
$blkformat = ppPrepareForDB($_POST['blk_format']);
$heading = substr(htmlentities($_POST['heading']), 0, 255);
$grp_access = ppPrepareForDB($_POST['grp_access']);
$imgdelete = $_POST['imgdelete'];
$chkscale = $_POST['chkscale'];
$submenutype = COM_applyFilter($_POST['rad_submenu'], true);
$blockmenutype = COM_applyFilter($_POST['rad_blockmenu'], true);
$is_menu_newpage = $_POST['chknewwindow'] == 1 ? 1 : 0;
$is_draft = $_POST['chkdraft'] == 1 ? 1 : 0;
$show_breadcrumbs = $_POST['chkbreadcrumbs'] == 1 ? 1 : 0;
$owner_id = ppPrepareForDB($_POST['owner_id']);
$group_id = ppPrepareForDB($_POST['group_id']);
$perm_owner = $_POST['perm_owner'];
$perm_group = $_POST['perm_group'];
$perm_members = $_POST['perm_members'];
$perm_anon = $_POST['perm_anon'];
$pagetitle = substr(htmlentities($_POST['pagetitle']), 0, 255);
$metadesc = ppPrepareForDB($_POST['metadesc']);
$metakeywords = ppPrepareForDB($_POST['metakeywords']);
// Convert array values to numeric permission values
list($perm_owner, $perm_group, $perm_members, $perm_anon) = SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon);
// Allow full HTML in the introtext field
if (!get_magic_quotes_gpc()) {
$content = addslashes($_POST['sitecontent']);
$help = addslashes($_POST['help']);
} else {
$content = $_POST['sitecontent'];
$help = $_POST['help'];
}
if ($sid != '') {
$sid = COM_sanitizeID($sid);
}
if ($sid != '' and DB_count($_TABLES['nexcontent_pages'], 'sid', $sid) > 0) {
if ($sid != $old_sid) {
$duplicate_sid = true;
if ($old_sid == '') {
$sid = "{$sid}_{$pid}";
$dupmsg = ' - Duplicate Page ID';
} else {
$sid = $old_sid;
$dupmsg = ' - Duplicate Page ID, Page ID not changed.';
}
}
} else {
$duplicate_sid = false;
}
if ($mode == 'add') {
$gid = uniqid($_DB_name, FALSE);
$category = COM_applyFilter($category, true);
if ($type == 'category') {
// Create a new record - set the category value to 0
DB_query("INSERT INTO {$_TABLES['nexcontent_pages']} (pid,gid,type) values ({$category},'{$gid}','category')");
$pageid = DB_insertID();
$GLOBALS['statusmsg'] = 'New Category Added';
$query = DB_query("SELECT max(pageorder) FROM {$_TABLES['nexcontent_pages']} WHERE type='category'");
list($maxorder) = DB_fetchArray($query);
$order = $maxorder + 10;
DB_query("UPDATE {$_TABLES['nexcontent_pages']} SET pageorder='{$order}' WHERE id='{$pageid}'");
} else {
// Create a new record - need to get the record id for the category
DB_query("INSERT INTO {$_TABLES['nexcontent_pages']} (pid,gid,type) values ('{$category}','{$gid}','{$type}')");
$pageid = DB_insertID();
$GLOBALS['statusmsg'] = 'New Page Added';
$query = DB_query("SELECT max(pageorder) FROM {$_TABLES['nexcontent_pages']} WHERE pid='category'");
list($maxorder) = DB_fetchArray($query);
$order = $maxorder + 10;
DB_query("UPDATE {$_TABLES['nexcontent_pages']} SET pageorder='{$order}' WHERE id='{$pageid}'");
}
} else {
if ($type == 'category') {
$GLOBALS['statusmsg'] = "{$name} Updated";
} else {
$GLOBALS['statusmsg'] = "{$name} Updated";
}
if ($duplicate_sid) {
$GLOBALS['statusmsg'] .= $dupmsg;
}
}
DB_query("UPDATE {$_TABLES['nexcontent_pages']} SET name='{$name}', blockformat='{$blkformat}', pid='{$pid}', sid='{$sid}', heading='{$heading}',content='{$content}', menutype='{$menutype}', is_menu_newpage='{$is_menu_newpage}', show_submenu='{$submenutype}', show_blockmenu='{$blockmenutype}', show_breadcrumbs='{$show_breadcrumbs}', is_draft='{$is_draft}', owner_id='{$owner_id}', group_id='{$group_id}', perm_owner='{$perm_owner}', perm_group='{$perm_group}', perm_members='{$perm_members}', perm_anon='{$perm_anon}' , pagetitle='{$pagetitle}', meta_description='{$metadesc}', meta_keywords='{$metakeywords}' WHERE id='{$pageid}'");
DB_query("UPDATE {$_TABLES['nexcontent']} SET help='{$help}'");
//update the page order
if ($pageorder != '' and $pageid != '') {
DB_query("UPDATE {$_TABLES['nexcontent_pages']} SET pageorder={$pageorder} WHERE id={$pageid};");
$porder = DB_query("SELECT id FROM {$_TABLES['nexcontent_pages']} WHERE pid={$pid} ORDER BY pageorder ASC;");
$i = 0;
while ($ORDER = DB_fetchArray($porder)) {
$i += 10;
DB_query("UPDATE {$_TABLES['nexcontent_pages']} SET pageorder={$i} WHERE id={$ORDER['id']};");
}
}
$pageImageDir = $CONF_SE['uploadpath'] . "/{$pageid}/";
// Check and see if directories exist
if (!file_exists($pageImageDir)) {
$mkdir = @mkdir($pageImageDir);
$chmod = @chmod($pageImageDir, $CONF_SE['imagedir_perms']);
}
// Delete any images if needed
for ($i = 0; $i < count($imgdelete); $i++) {
$curimage = DB_getitem($_TABLES['nexcontent_images'], "imagefile", "page_id='{$pageid}' AND imagenum='{$imgdelete[$i]}'");
$fullimage = $pageImageDir . $curimage;
if (!is_dir($fullimage) and file_exists($fullimage)) {
if (!unlink($fullimage)) {
echo COM_errorLog("Unable to delete image {$fullimage}. Please check file permissions");
$GLOBALS['statusmsg'] = "Unable to delete image {$fullimage}. Please check file permissions";
}
}
$pos = strrpos($curimage, '.');
$origimage = strtolower(substr($curimage, 0, $pos));
$ext = strtolower(substr($curimage, $pos));
$origimage .= "_original{$ext}";
$fullimage = $pageImageDir . $origimage;
if (!is_dir($fullimage) and file_exists($fullimage)) {
if (!unlink($fullimage)) {
echo COM_errorLog("Unable to delete image {$fullimage}. Please check file permissions");
$GLOBALS['statusmsg'] = "Unable to delete image {$fullimage}. Please check file permissions";
}
}
$curthumbnail = $pageImageDir . 'tn' . $curimage;
if (!is_dir($curthumbnail) and file_exists($curthumbnail)) {
if (!unlink($curthumbnail)) {
echo COM_errorLog("Unable to delete thumbnail for {$curthumbnail}. Please check file permissions");
$GLOBALS['statusmsg'] = "Unable to delete thumbnail for {$curthumbnail}. Please check file permissions";
}
}
DB_query("DELETE FROM {$_TABLES['nexcontent_images']} WHERE page_id='{$pageid}' and imagenum='{$imgdelete[$i]}'");
next($imgdelete);
}
$upload = new upload();
$upload->setLogging(false);
$upload->setDebug(false);
$upload->setLogFile($_CONF['path_log'] . 'error.log');
$upload->setMaxFileUploads($CONF_SE['max_num_images']);
if ($_CONF['image_lib'] == 'imagemagick') {
$upload->setMogrifyPath($_CONF['path_to_mogrify']);
} else {
$upload->setGDLib();
}
$upload->setAllowedMimeTypes($CONF_SE['allowableImageTypes']);
$upload->setMaxDimensions($CONF_SE['max_upload_width'], $CONF_SE['max_upload_height']);
$upload->setMaxFileSize($CONF_SE['max_uploadfile_size']);
$upload->setAutomaticResize(true);
$upload->keepOriginalImage(true);
$upload->setPerms($CONF_SE['image_perms']);
if (!$upload->setPath($pageImageDir)) {
$GLOBALS['statusmsg'] = $LANG_SE_ERR['upload1'] . ': ' . $upload->printErrors(false);
}
// OK, let's upload any pictures with this page
if (DB_count($_TABLES['nexcontent_images'], 'page_id', $pageid) > 0) {
$index_start = DB_getItem($_TABLES['nexcontent_images'], 'max(imagenum)', "page_id = '{$pageid}'") + 1;
} else {
$index_start = 1;
}
$index_start = 1;
$uniquename = time();
$filenames = array();
$imagenum = array();
for ($z = 1; $z <= $CONF_SE['max_num_images']; $z++) {
$curfile = current($_FILES);
if (!empty($curfile['name'])) {
$filenames[] = $uniquename . $z . '.jpg';
$imagenum[] = substr(key($_FILES), 9, 1);
}
next($_FILES);
}
$upload->setFileNames($filenames);
reset($_FILES);
$upload->setDebug(false);
$upload->uploadFiles();
if ($upload->areErrors()) {
$GLOBALS['statusmsg'] = $LANG_SE_ERR['upload1'] . ': ' . $upload->printErrors(false);
return false;
}
reset($filenames);
reset($imagenum);
if (DB_count($_TABLES['nexcontent_pages'], "id", $pageid) > 0) {
foreach ($filenames as $pageImage) {
$index = current($imagenum);
if (file_exists($pageImageDir . $pageImage)) {
$src = $pageImageDir . $pageImage;
$dest = $pageImageDir . 'tn' . $pageImage;
makethumbnail($pageImage, $src, $dest);
$iquery = DB_query("SELECT imagefile from {$_TABLES['nexcontent_images']} WHERE page_id='{$pageid}' AND imagenum='{$index}'");
if (DB_numRows($iquery) == 0) {
DB_query("INSERT INTO {$_TABLES['nexcontent_images']} (page_id,imagenum,imagefile) values ('{$pageid}', '{$index}','{$pageImage}')");
} elseif (DB_numRows($iquery) == 1) {
DB_query("UPDATE {$_TABLES['nexcontent_images']} SET imagefile='{$pageImage}' WHERE page_id='{$pageid}' and imagenum='{$index}'");
}
}
next($imagenum);
}
} else {
$GLOBALS['statusmsg'] = 'Error saving category';
}
// Update the image autoscale option for any images
$query = DB_query("SELECT id,imagenum from {$_TABLES['nexcontent_images']} WHERE page_id='{$pageid}'");
while (list($imageid, $imagenum) = DB_fetchArray($query)) {
if ($chkscale[$imagenum] == '1') {
DB_query("UPDATE {$_TABLES['nexcontent_images']} SET autoscale = '1' WHERE id='{$imageid}' AND imagenum='{$imagenum}'");
} else {
DB_query("UPDATE {$_TABLES['nexcontent_images']} SET autoscale = '0' WHERE id='{$imageid}' AND imagenum='{$imagenum}'");
}
}
}
/**
* Upload new photo, delete old photo
*
* @param string $delete_photo 'on': delete old photo
* @return string filename of new photo (empty = no new photo)
*
*/
function handlePhotoUpload($delete_photo = '')
{
global $_CONF, $_TABLES, $_USER, $LANG24;
require_once $_CONF['path_system'] . 'classes/upload.class.php';
$upload = new upload();
if (!empty($_CONF['image_lib'])) {
$upload->setAutomaticResize(true);
if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
$upload->setLogFile($_CONF['path'] . 'logs/error.log');
$upload->setDebug(true);
}
}
$upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
if (!$upload->setPath($_CONF['path_images'] . 'userphotos')) {
$display = COM_siteHeader('menu', $LANG24[30]);
$display .= COM_showMessageText($upload->printErrors(false), $LANG24[30], true);
$display .= COM_siteFooter();
echo $display;
exit;
// don't return
}
$filename = '';
if (!empty($delete_photo) && $delete_photo == 'on') {
$delete_photo = true;
} else {
$delete_photo = false;
}
$curphoto = DB_getItem($_TABLES['users'], 'photo', "uid = {$_USER['uid']}");
if (empty($curphoto)) {
$delete_photo = false;
}
// see if user wants to upload a (new) photo
$newphoto = $_FILES['photo'];
if (!empty($newphoto['name'])) {
$pos = strrpos($newphoto['name'], '.') + 1;
$fextension = substr($newphoto['name'], $pos);
$filename = $_USER['uid'] . '.' . $fextension;
if (!empty($curphoto) && $filename != $curphoto) {
$delete_photo = true;
} else {
$delete_photo = false;
}
}
// delete old photo first
if ($delete_photo) {
USER_deletePhoto($curphoto);
}
// now do the upload
if (!empty($filename)) {
$upload->setFileNames($filename);
$upload->setFieldName('photo');
$upload->setPerms('0644');
if ($_CONF['max_photo_width'] > 0 && $_CONF['max_photo_height'] > 0) {
$upload->setMaxDimensions($_CONF['max_photo_width'], $_CONF['max_photo_height']);
} else {
$upload->setMaxDimensions($_CONF['max_image_width'], $_CONF['max_image_height']);
}
if ($_CONF['max_photo_size'] > 0) {
$upload->setMaxFileSize($_CONF['max_photo_size']);
} else {
$upload->setMaxFileSize($_CONF['max_image_size']);
}
$upload->uploadFiles();
if ($upload->areErrors()) {
$display = COM_siteHeader('menu', $LANG24[30]);
$display .= COM_showMessageText($upload->printErrors(false), $LANG24[30], true);
$display .= COM_siteFooter();
echo $display;
exit;
// don't return
}
} else {
if (!$delete_photo && !empty($curphoto)) {
$filename = $curphoto;
}
}
return $filename;
}
/**
* Upload new topic icon, replaces previous icon if one exists
*
* @param string tid ID of topic to prepend to filename
* @return string filename of new photo (empty = no new photo)
*
*/
function TOPIC_iconUpload($tid)
{
global $_CONF, $_TABLES, $LANG27;
require_once $_CONF['path_system'] . 'classes/upload.class.php';
$upload = new upload();
if (!empty($_CONF['image_lib'])) {
$upload->setAutomaticResize(true);
if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
$upload->setLogFile($_CONF['path'] . 'logs/error.log');
$upload->setDebug(true);
}
}
$upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
if (!$upload->setPath($_CONF['path_images'] . 'topics')) {
$display = COM_siteHeader('menu', $LANG27[29]);
$display .= COM_showMessageText($upload->printErrors(false), $LANG27[29], true);
$display .= COM_siteFooter();
echo $display;
exit;
// don't return
}
$upload->setFieldName('newicon');
$filename = '';
// see if user wants to upload a (new) icon
$newicon = $_FILES['newicon'];
if (!empty($newicon['name'])) {
$pos = strrpos($newicon['name'], '.') + 1;
$fextension = substr($newicon['name'], $pos);
$filename = 'topic_' . $tid . '.' . $fextension;
}
// do the upload
if (!empty($filename)) {
$upload->setFileNames($filename);
$upload->setPerms('0644');
if ($_CONF['max_topicicon_width'] > 0 && $_CONF['max_topicicon_height'] > 0) {
$upload->setMaxDimensions($_CONF['max_topicicon_width'], $_CONF['max_topicicon_height']);
} else {
$upload->setMaxDimensions($_CONF['max_image_width'], $_CONF['max_image_height']);
}
if ($_CONF['max_topicicon_size'] > 0) {
$upload->setMaxFileSize($_CONF['max_topicicon_size']);
} else {
$upload->setMaxFileSize($_CONF['max_image_size']);
}
$upload->uploadFiles();
if ($upload->areErrors()) {
$display = COM_siteHeader('menu', $LANG27[29]);
$display .= COM_showMessageText($upload->printErrors(false), $LANG27[29], true);
$display .= COM_siteFooter();
echo $display;
exit;
// don't return
}
$filename = '/images/topics/' . $filename;
}
return $filename;
}
/**
* Upload new topic icon, replaces previous icon if one exists
*
* @param string tid ID of topic to prepend to filename
* @return string filename of new photo (empty = no new photo)
*
*/
function handleIconUpload($tid)
{
global $_CONF, $_TABLES, $LANG27;
require_once $_CONF['path_system'] . 'classes/upload.class.php';
$upload = new upload();
if (!empty($_CONF['image_lib'])) {
if ($_CONF['image_lib'] == 'imagemagick') {
// Using imagemagick
$upload->setMogrifyPath($_CONF['path_to_mogrify']);
} elseif ($_CONF['image_lib'] == 'netpbm') {
// using netPBM
$upload->setNetPBM($_CONF['path_to_netpbm']);
} elseif ($_CONF['image_lib'] == 'gdlib') {
// using the GD library
$upload->setGDLib();
}
$upload->setAutomaticResize(true);
if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
$upload->setLogFile($_CONF['path'] . 'logs/error.log');
$upload->setDebug(true);
}
if (isset($_CONF['jpeg_quality'])) {
$upload->setJpegQuality($_CONF['jpeg_quality']);
}
}
$upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
if (!$upload->setPath($_CONF['path_images'] . 'topics')) {
$display = COM_showMessageText($upload->printErrors(false), $LANG27[29]);
$display = COM_createHTMLDocument($display, array('pagetitle' => $LANG27[29]));
COM_output($display);
exit;
// don't return
}
$filename = '';
// see if user wants to upload a (new) icon
$newicon = $_FILES['newicon'];
if (!empty($newicon['name'])) {
$pos = strrpos($newicon['name'], '.') + 1;
$fextension = substr($newicon['name'], $pos);
$filename = 'topic_' . $tid . '.' . $fextension;
}
// do the upload
if (!empty($filename)) {
$upload->setFileNames($filename);
$upload->setPerms('0644');
if ($_CONF['max_topicicon_width'] > 0 && $_CONF['max_topicicon_height'] > 0) {
$upload->setMaxDimensions($_CONF['max_topicicon_width'], $_CONF['max_topicicon_height']);
} else {
$upload->setMaxDimensions($_CONF['max_image_width'], $_CONF['max_image_height']);
}
if ($_CONF['max_topicicon_size'] > 0) {
$upload->setMaxFileSize($_CONF['max_topicicon_size']);
} else {
$upload->setMaxFileSize($_CONF['max_image_size']);
}
$upload->uploadFiles();
if ($upload->areErrors()) {
$display = COM_showMessageText($upload->printErrors(false), $LANG27[29]);
$display = COM_createHTMLDocument($display, array('pagetitle' => $LANG27[29]));
COM_output($display);
exit;
// don't return
}
if (strpos($_CONF['path_images'], $_CONF['path_html']) === 0) {
$filename = substr($_CONF['path_images'], strlen($_CONF['path_html']) - 1) . 'topics/' . $filename;
} else {
/**
* Not really used when the 'path_images' is outside of the webroot.
* Let's at least extract the name of the images directory then.
*/
$images = 'images';
$parts = explode('/', $_CONF['path_images']);
if (count($parts) > 1) {
$cnt = count($parts);
// e.g. from /path/to/myimages/ would extract "myimages"
if (empty($parts[$cnt - 1]) && !empty($parts[$cnt - 2])) {
$images = $parts[$cnt - 2];
}
$filename = '/' . $images . '/topics/' . $filename;
}
}
}
return $filename;
}
protected function _handleImageResize($to_path)
{
global $_CONF;
require_once $_CONF['path_system'] . 'classes/upload.class.php';
// Figure out file name
$path_parts = pathinfo($to_path);
$filename = $path_parts['basename'];
$upload = new upload();
if (!empty($_CONF['image_lib'])) {
if ($_CONF['image_lib'] == 'imagemagick') {
// Using imagemagick
$upload->setMogrifyPath($_CONF['path_to_mogrify']);
} elseif ($_CONF['image_lib'] == 'netpbm') {
// using netPBM
$upload->setNetPBM($_CONF['path_to_netpbm']);
} elseif ($_CONF['image_lib'] == 'gdlib') {
// using the GD library
$upload->setGDLib();
}
$upload->setAutomaticResize(true);
if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
$upload->setLogFile($_CONF['path'] . 'logs/error.log');
$upload->setDebug(true);
}
if (isset($_CONF['jpeg_quality'])) {
$upload->setJpegQuality($_CONF['jpeg_quality']);
}
}
$upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
// Set new path and image name
if (!$upload->setPath($_CONF['path_images'] . 'userphotos')) {
return;
}
// Current path of image to resize
$path = $_CONF['path_images'] . 'userphotos/' . $filename;
$path_parts = pathinfo($path);
$_FILES['imagefile']['name'] = $path_parts['basename'];
$_FILES['imagefile']['tmp_name'] = $path;
$_FILES['imagefile']['type'] = '';
switch ($path_parts['extension']) {
case 'gif':
$_FILES['imagefile']['type'] = 'image/gif';
break;
case 'jpg':
case 'jpeg':
$_FILES['imagefile']['type'] = 'image/jpeg';
break;
case 'png':
$_FILES['imagefile']['type'] = 'image/png';
break;
}
$_FILES['imagefile']['size'] = filesize($_FILES['imagefile']['tmp_name']);
$_FILES['imagefile']['error'] = '';
$_FILES['imagefile']['non_upload'] = true;
// Flag to bypass upload process via browser file form
// do the upload
if (!empty($filename)) {
$upload->setFileNames($filename);
$upload->setPerms('0644');
if ($_CONF['max_photo_width'] > 0 && $_CONF['max_photo_height'] > 0) {
$upload->setMaxDimensions($_CONF['max_photo_width'], $_CONF['max_photo_height']);
} else {
$upload->setMaxDimensions($_CONF['max_image_width'], $_CONF['max_image_height']);
}
if ($_CONF['max_photo_size'] > 0) {
$upload->setMaxFileSize($_CONF['max_photo_size']);
} else {
$upload->setMaxFileSize($_CONF['max_image_size']);
}
$upload->uploadFiles();
if ($upload->areErrors()) {
return;
}
}
return $path;
// return new path and filename
}
if (!file_exists($questionDir)) {
mkdir($questionDir);
chmod($questionDir, 0755);
}
$upload = new upload();
$upload->setContinueOnError(true);
$upload->setMaxFileUploads('1');
$upload->setLogFile("{$clubLogfile}");
$upload->setLogging(false);
$upload->setAllowedMimeTypes($_CONFQUIZ['allowableImageTypes']);
if (!$upload->setPath($questionDir)) {
print 'File Upload Errors:<BR>' . $upload->printErrors();
exit;
}
$upload->setMaxDimensions($_CONFQUIZ['max_upload_width'], $_CONFQUIZ['max_upload_height']);
$upload->setMaxFileSize($_CONFQUIZ['max_upload_size']);
// Set file permissions on file after it gets uploaded (number is in octet)
$upload->setPerms('0774');
$filenames = array();
$realfilenames = array();
$uploadtypes = array();
$uploadfilepos = array();
$upload->setDebug(true);
$upload->uploadFiles();
if ($upload->areErrors()) {
$retval = COM_siteHeader('menu');
$retval .= COM_startBlock('File Upload Errors');
$retval .= $upload->printErrors(false);
$retval .= COM_endBlock();
$retval .= COM_siteFooter('true');
echo $retval;
/**
* Main driver to handle the uploaded plugin
*
* Determines if a new style (supports automated installer) or
* an old style.
*
* @return string Formatted HTML containing the page body
*
*/
function processPluginUpload()
{
global $_CONF, $_PLUGINS, $_PLUGIN_INFO, $_TABLES, $pluginData, $LANG_ADMIN, $LANG32, $_DB_dbms, $_DB_table_prefix, $_IMAGE_TYPE;
$retval = '';
$upgrade = false;
if (count($_FILES) > 0 && $_FILES['pluginfile']['error'] != UPLOAD_ERR_NO_FILE) {
require_once $_CONF['path_system'] . 'classes/upload.class.php';
$upload = new upload();
if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
$upload->setLogFile($_CONF['path'] . 'logs/error.log');
$upload->setDebug(true);
}
$upload->setMaxFileUploads(1);
$upload->setMaxFileSize(25165824);
$upload->setAllowedMimeTypes(array('application/x-gzip' => '.gz,.gzip,tgz', 'application/zip' => '.zip', 'application/x-tar' => '.tar,.tar.gz,.gz', 'application/x-gzip-compressed' => '.tar.gz,.tgz,.gz'));
$upload->setFieldName('pluginfile');
if (!$upload->setPath($_CONF['path_data'] . 'temp')) {
return _pi_errorBox($upload->printErrors(false));
exit;
}
$filename = $_FILES['pluginfile']['name'];
$upload->setFileNames($filename);
$upload->uploadFiles();
if ($upload->areErrors()) {
return _pi_errorBox($upload->printErrors(false));
exit;
}
$Finalfilename = $_CONF['path_data'] . 'temp/' . $filename;
} else {
return _pi_errorBox($LANG32[46]);
}
// decompress into temp directory
if (function_exists('set_time_limit')) {
@set_time_limit(60);
}
if (!($tmp = _io_mktmpdir())) {
return _pi_errorBox($LANG32[47]);
}
if (!COM_decompress($Finalfilename, $_CONF['path_data'] . $tmp)) {
_pi_deleteDir($_CONF['path_data'] . $tmp);
return _pi_errorBox($LANG32[48]);
}
@unlink($Finalfilename);
// read XML data file, places in $pluginData;
$pluginData = array();
$rc = _pi_parseXML($_CONF['path_data'] . $tmp);
if ($rc == -1) {
// no xml file found
return processOldPlugin($tmp);
}
if (!isset($pluginData['id']) || !isset($pluginData['version'])) {
return processOldPlugin($tmp);
}
// proper glfusion version
if (!COM_checkVersion(GVERSION, $pluginData['glfusionversion'])) {
_pi_deleteDir($_CONF['path_data'] . $tmp);
return _pi_errorBox(sprintf($LANG32[49], $pluginData['glfusionversion']));
}
if (!COM_checkVersion(phpversion(), $pluginData['phpversion'])) {
$retval .= sprintf($LANG32[50], $pluginData['phpversion']);
_pi_deleteDir($_CONF['path_data'] . $tmp);
return _pi_errorBox(sprintf($LANG32[50], $pluginData['phpversion']));
}
// check prerequisites
$errors = '';
if (isset($pluginData['requires']) && is_array($pluginData['requires'])) {
foreach ($pluginData['requires'] as $reqPlugin) {
list($reqPlugin, $required_ver) = explode(',', $reqPlugin);
if (!isset($_PLUGIN_INFO[$reqPlugin])) {
// required plugin not installed
$errors .= sprintf($LANG32[51], $pluginData['id'], $reqPlugin, $reqPlugin);
} elseif (!empty($required_ver)) {
$installed_ver = $_PLUGIN_INFO[$reqPlugin];
if (!COM_checkVersion($installed_ver, $required_ver)) {
// required plugin installed, but wrong version
$errors .= sprintf($LANG32[90], $required_ver, $reqPlugin, $installed_ver, $reqPlugin);
}
}
}
}
if ($errors != '') {
_pi_deleteDir($_CONF['path_data'] . $tmp);
return _pi_errorBox($errors);
}
// check if plugin already exists
// if it does, check that this is an upgrade
// if not, error
// else validate we really want to upgrade
$result = DB_query("SELECT * FROM {$_TABLES['plugins']} WHERE pi_name='" . DB_escapeString($pluginData['id']) . "'");
if (DB_numRows($result) > 0) {
$P = DB_fetchArray($result);
if ($P['pi_version'] == $pluginData['version']) {
_pi_deleteDir($_CONF['path_data'] . $tmp);
return _pi_errorBox(sprintf($LANG32[52], $pluginData['id']));
}
// if we are here, it must be an upgrade or disabled plugin....
$rc = COM_checkVersion($pluginData['version'], $P['pi_version']);
if ($rc < 1) {
_pi_deleteDir($_CONF['path_data'] . $tmp);
return _pi_errorBox(sprintf($LANG32[53], $pluginData['id'], $pluginData['version'], $P['pi_version']));
}
if ($P['pi_enabled'] != 1) {
_pi_deleteDir($_CONF['path_data'] . $tmp);
return _pi_errorBox($LANG32[72]);
}
$upgrade = true;
}
$permError = 0;
$permErrorList = '';
if (function_exists('set_time_limit')) {
@set_time_limit(30);
}
// test copy to proper directories
list($rc, $failed) = _pi_test_copy($_CONF['path_data'] . $tmp . '/' . $pluginData['id'] . '/', $_CONF['path'] . 'plugins/' . $pluginData['id']);
if ($rc > 0) {
$permError = 1;
foreach ($failed as $filename) {
$permErrorList .= sprintf($LANG32[41], $filename);
}
}
list($rc, $failed) = _pi_test_copy($_CONF['path_data'] . $tmp . '/' . $pluginData['id'] . '/admin/', $_CONF['path_html'] . 'admin/plugins/' . $pluginData['id']);
if ($rc > 0) {
$permError = 1;
foreach ($failed as $filename) {
$permErrorList .= sprintf($LANG32[41], $filename);
}
}
list($rc, $failed) = _pi_test_copy($_CONF['path_data'] . $tmp . '/' . $pluginData['id'] . '/public_html/', $_CONF['path_html'] . $pluginData['id']);
if ($rc > 0) {
$permError = 1;
foreach ($failed as $filename) {
$permErrorList .= sprintf($LANG32[41], $filename);
}
}
if ($permError != 0) {
$errorMessage = '<h2>' . $LANG32[42] . '</h2>' . $LANG32[43] . $permErrorList . '<br />' . $LANG32[44];
_pi_deleteDir($_CONF['path_data'] . $tmp);
return _pi_errorBox($errorMessage);
}
USES_lib_admin();
$menu_arr = array(array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
$T = new Template($_CONF['path_layout'] . 'admin/plugins');
$T->set_file('form', 'plugin_upload_confirm.thtml');
$T->set_var('admin_menu', ADMIN_createMenu($menu_arr, $pluginData['id'] . ' ' . $LANG32[62], $_CONF['layout_url'] . '/images/icons/plugins.' . $_IMAGE_TYPE));
$T->set_var(array('form_action_url' => $_CONF['site_admin_url'] . '/plugin_upload.php', 'action' => 'processupload', 'pi_name' => $pluginData['id'], 'pi_version' => $pluginData['version'], 'pi_url' => $pluginData['url'], 'pi_gl_version' => $pluginData['glfusionversion'], 'pi_desc' => $pluginData['description'], 'pi_author' => $pluginData['author'], 'plugin_old_version' => $P['pi_version'], 'upgrade' => $upgrade, 'temp_dir' => $tmp));
$retval .= $T->parse('output', 'form');
return $retval;
}
function PAYPAL_saveCatImage($category, $files, $cat_id)
{
global $_CONF, $_PAY_CONF, $_TABLES, $LANG24;
$args = $category;
// Handle Magic GPC Garbage:
while (list($key, $value) = each($args)) {
if (!is_array($value)) {
$args[$key] = COM_stripslashes($value);
} else {
while (list($subkey, $subvalue) = each($value)) {
$value[$subkey] = COM_stripslashes($subvalue);
}
}
}
// OK, let's upload any pictures with the product
require_once $_CONF['path_system'] . 'classes/upload.class.php';
$upload = new upload();
//Debug with story debug function
if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
$upload->setLogFile($_CONF['path'] . 'logs/error.log');
$upload->setDebug(true);
}
$upload->setMaxFileUploads(1);
if (!empty($_CONF['image_lib'])) {
if ($_CONF['image_lib'] == 'imagemagick') {
// Using imagemagick
$upload->setMogrifyPath($_CONF['path_to_mogrify']);
} elseif ($_CONF['image_lib'] == 'netpbm') {
// using netPBM
$upload->setNetPBM($_CONF['path_to_netpbm']);
} elseif ($_CONF['image_lib'] == 'gdlib') {
// using the GD library
$upload->setGDLib();
}
$upload->setAutomaticResize(true);
$upload->keepOriginalImage(false);
if (isset($_CONF['jpeg_quality'])) {
$upload->setJpegQuality($_CONF['jpeg_quality']);
}
}
$upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
if (!$upload->setPath($_PAY_CONF['path_cat_images'])) {
$output = COM_siteHeader('menu', $LANG24[30]);
$output .= COM_startBlock($LANG24[30], '', COM_getBlockTemplate('_msg_block', 'header'));
$output .= $upload->printErrors(false);
$output .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$output .= COM_siteFooter();
echo $output;
exit;
}
// NOTE: if $_CONF['path_to_mogrify'] is set, the call below will
// force any images bigger than the passed dimensions to be resized.
// If mogrify is not set, any images larger than these dimensions
// will get validation errors
$upload->setMaxDimensions($_PAY_CONF['max_image_width'], $_PAY_CONF['max_image_height']);
$upload->setMaxFileSize($_PAY_CONF['max_image_size']);
// size in bytes, 1048576 = 1MB
// Set file permissions on file after it gets uploaded (number is in octal)
$upload->setPerms('0644');
$curfile = current($files);
if (!empty($curfile['name'])) {
$pos = strrpos($curfile['name'], '.') + 1;
$fextension = substr($curfile['name'], $pos);
$filenames = 'cat_' . $cat_id . '.' . $fextension;
}
if ($filenames != '') {
$upload->setFileNames($filenames);
reset($files);
$upload->uploadFiles();
if ($upload->areErrors()) {
$retval = COM_siteHeader('menu', $LANG24[30]);
$retval .= COM_startBlock($LANG24[30], '', COM_getBlockTemplate('_msg_block', 'header'));
$retval .= $upload->printErrors(false);
$retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$retval .= COM_siteFooter();
echo $retval;
exit;
}
DB_query("UPDATE {$_TABLES['paypal_categories']} SET image = '" . $filenames . "' WHERE cat_id=" . $cat_id);
}
return true;
}
/**
* Submit a new or updated story. The story is updated if it exists, or a new one is created
*
* @param array args Contains all the data provided by the client
* @param string &output OUTPUT parameter containing the returned text
* @return int Response code as defined in lib-plugins.php
*/
function service_submit_story($args, &$output, &$svc_msg)
{
global $_CONF, $_TABLES, $_USER, $LANG24, $MESSAGE, $_GROUPS;
if (!SEC_hasRights('story.edit')) {
$output .= COM_siteHeader('menu', $MESSAGE[30]) . COM_showMessageText($MESSAGE[29], $MESSAGE[30]) . COM_siteFooter();
return PLG_RET_AUTH_FAILED;
}
require_once $_CONF['path_system'] . 'lib-comment.php';
$gl_edit = false;
if (isset($args['gl_edit'])) {
$gl_edit = $args['gl_edit'];
}
if ($gl_edit) {
/* This is EDIT mode, so there should be an old sid */
if (empty($args['old_sid'])) {
if (!empty($args['id'])) {
$args['old_sid'] = $args['id'];
} else {
return PLG_RET_ERROR;
}
if (empty($args['sid'])) {
$args['sid'] = $args['old_sid'];
}
}
} else {
if (empty($args['sid']) && !empty($args['id'])) {
$args['sid'] = $args['id'];
}
}
/* Store the first CATEGORY as the Topic ID */
if (!empty($args['category'][0])) {
$args['tid'] = $args['category'][0];
}
$content = '';
if (!empty($args['content'])) {
$content = $args['content'];
} else {
if (!empty($args['summary'])) {
$content = $args['summary'];
}
}
if (!empty($content)) {
$parts = explode('[page_break]', $content);
if (count($parts) == 1) {
$args['introtext'] = $content;
$args['bodytext'] = '';
} else {
$args['introtext'] = array_shift($parts);
$args['bodytext'] = implode('[page_break]', $parts);
}
}
/* Apply filters to the parameters passed by the webservice */
if ($args['gl_svc']) {
if (isset($args['mode'])) {
$args['mode'] = COM_applyBasicFilter($args['mode']);
}
if (isset($args['editopt'])) {
$args['editopt'] = COM_applyBasicFilter($args['editopt']);
}
}
/* - START: Set all the defaults - */
if (empty($args['tid'])) {
// see if we have a default topic
$topic = DB_getItem($_TABLES['topics'], 'tid', 'is_default = 1' . COM_getPermSQL('AND'));
if (!empty($topic)) {
$args['tid'] = $topic;
} else {
// otherwise, just use the first one
$o = array();
$s = array();
if (service_getTopicList_story(array('gl_svc' => true), $o, $s) == PLG_RET_OK) {
$args['tid'] = $o[0];
} else {
$svc_msg['error_desc'] = 'No topics available';
return PLG_RET_ERROR;
}
}
}
if (empty($args['owner_id'])) {
$args['owner_id'] = $_USER['uid'];
}
if (empty($args['group_id'])) {
$args['group_id'] = SEC_getFeatureGroup('story.edit', $_USER['uid']);
}
if (empty($args['postmode'])) {
$args['postmode'] = $_CONF['postmode'];
if (!empty($args['content_type'])) {
if ($args['content_type'] == 'text') {
$args['postmode'] = 'text';
} else {
if ($args['content_type'] == 'html' || $args['content_type'] == 'xhtml') {
$args['postmode'] = 'html';
}
}
}
}
if ($args['gl_svc']) {
/* Permissions */
if (!isset($args['perm_owner'])) {
$args['perm_owner'] = $_CONF['default_permissions_story'][0];
} else {
$args['perm_owner'] = COM_applyBasicFilter($args['perm_owner'], true);
}
if (!isset($args['perm_group'])) {
$args['perm_group'] = $_CONF['default_permissions_story'][1];
} else {
$args['perm_group'] = COM_applyBasicFilter($args['perm_group'], true);
}
if (!isset($args['perm_members'])) {
$args['perm_members'] = $_CONF['default_permissions_story'][2];
} else {
$args['perm_members'] = COM_applyBasicFilter($args['perm_members'], true);
}
if (!isset($args['perm_anon'])) {
$args['perm_anon'] = $_CONF['default_permissions_story'][3];
} else {
$args['perm_anon'] = COM_applyBasicFilter($args['perm_anon'], true);
}
if (!isset($args['draft_flag'])) {
$args['draft_flag'] = $_CONF['draft_flag'];
}
if (empty($args['frontpage'])) {
$args['frontpage'] = $_CONF['frontpage'];
}
if (empty($args['show_topic_icon'])) {
$args['show_topic_icon'] = $_CONF['show_topic_icon'];
}
}
/* - END: Set all the defaults - */
// TEST CODE
/* foreach ($args as $k => $v) {
if (!is_array($v)) {
echo "$k => $v\r\n";
} else {
echo "$k => $v\r\n";
foreach ($v as $k1 => $v1) {
echo " $k1 => $v1\r\n";
}
}
}*/
// exit ();
// END TEST CODE
if (!isset($args['sid'])) {
$args['sid'] = '';
}
$args['sid'] = COM_sanitizeID($args['sid']);
if (!$gl_edit) {
if (strlen($args['sid']) > STORY_MAX_ID_LENGTH) {
$args['sid'] = WS_makeId($args['slug'], STORY_MAX_ID_LENGTH);
}
}
$story = new Story();
$gl_edit = false;
if (isset($args['gl_edit'])) {
$gl_edit = $args['gl_edit'];
}
if ($gl_edit && !empty($args['gl_etag'])) {
/* First load the original story to check if it has been modified */
$result = $story->loadFromDatabase($args['sid']);
if ($result == STORY_LOADED_OK) {
if ($args['gl_etag'] != date('c', $story->_date)) {
$svc_msg['error_desc'] = 'A more recent version of the story is available';
return PLG_RET_PRECONDITION_FAILED;
}
} else {
$svc_msg['error_desc'] = 'Error loading story';
return PLG_RET_ERROR;
}
}
/* This function is also doing the security checks */
$result = $story->loadFromArgsArray($args);
$sid = $story->getSid();
switch ($result) {
case STORY_DUPLICATE_SID:
$output .= COM_siteHeader('menu', $LANG24[5]);
$output .= COM_errorLog($LANG24[24], 2);
if (!$args['gl_svc']) {
$output .= storyeditor($sid);
}
$output .= COM_siteFooter();
return PLG_RET_ERROR;
case STORY_EXISTING_NO_EDIT_PERMISSION:
$output .= COM_siteHeader('menu', $MESSAGE[30]) . COM_showMessageText($MESSAGE[29], $MESSAGE[30]) . COM_siteFooter();
COM_accessLog("User {$_USER['username']} tried to illegally submit or edit story {$sid}.");
return PLG_RET_PERMISSION_DENIED;
case STORY_NO_ACCESS_PARAMS:
$output .= COM_siteHeader('menu', $MESSAGE[30]) . COM_showMessageText($MESSAGE[29], $MESSAGE[30]) . COM_siteFooter();
COM_accessLog("User {$_USER['username']} tried to illegally submit or edit story {$sid}.");
return PLG_RET_PERMISSION_DENIED;
case STORY_EMPTY_REQUIRED_FIELDS:
$output .= COM_siteHeader('menu');
$output .= COM_errorLog($LANG24[31], 2);
if (!$args['gl_svc']) {
$output .= storyeditor($sid);
}
$output .= COM_siteFooter();
return PLG_RET_ERROR;
default:
break;
}
/* Image upload is not supported by the web-service at present */
if (!$args['gl_svc']) {
// Delete any images if needed
if (array_key_exists('delete', $args)) {
$delete = count($args['delete']);
for ($i = 1; $i <= $delete; $i++) {
$ai_filename = DB_getItem($_TABLES['article_images'], 'ai_filename', "ai_sid = '{$sid}' AND ai_img_num = " . key($args['delete']));
STORY_deleteImage($ai_filename);
DB_query("DELETE FROM {$_TABLES['article_images']} WHERE ai_sid = '{$sid}' AND ai_img_num = " . key($args['delete']));
next($args['delete']);
}
}
// OK, let's upload any pictures with the article
if (DB_count($_TABLES['article_images'], 'ai_sid', $sid) > 0) {
$index_start = DB_getItem($_TABLES['article_images'], 'max(ai_img_num)', "ai_sid = '{$sid}'") + 1;
} else {
$index_start = 1;
}
if (count($_FILES) > 0 and $_CONF['maximagesperarticle'] > 0) {
require_once $_CONF['path_system'] . 'classes/upload.class.php';
$upload = new upload();
if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
$upload->setLogFile($_CONF['path'] . 'logs/error.log');
$upload->setDebug(true);
}
$upload->setMaxFileUploads($_CONF['maximagesperarticle']);
if (!empty($_CONF['image_lib'])) {
if ($_CONF['image_lib'] == 'imagemagick') {
// Using imagemagick
$upload->setMogrifyPath($_CONF['path_to_mogrify']);
} elseif ($_CONF['image_lib'] == 'netpbm') {
// using netPBM
$upload->setNetPBM($_CONF['path_to_netpbm']);
} elseif ($_CONF['image_lib'] == 'gdlib') {
// using the GD library
$upload->setGDLib();
}
$upload->setAutomaticResize(true);
if ($_CONF['keep_unscaled_image'] == 1) {
$upload->keepOriginalImage(true);
} else {
$upload->keepOriginalImage(false);
}
if (isset($_CONF['jpeg_quality'])) {
$upload->setJpegQuality($_CONF['jpeg_quality']);
}
}
$upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
if (!$upload->setPath($_CONF['path_images'] . 'articles')) {
$output = COM_siteHeader('menu', $LANG24[30]);
$output .= COM_startBlock($LANG24[30], '', COM_getBlockTemplate('_msg_block', 'header'));
$output .= $upload->printErrors(false);
$output .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$output .= COM_siteFooter();
echo $output;
exit;
}
// NOTE: if $_CONF['path_to_mogrify'] is set, the call below will
// force any images bigger than the passed dimensions to be resized.
// If mogrify is not set, any images larger than these dimensions
// will get validation errors
$upload->setMaxDimensions($_CONF['max_image_width'], $_CONF['max_image_height']);
$upload->setMaxFileSize($_CONF['max_image_size']);
// size in bytes, 1048576 = 1MB
// Set file permissions on file after it gets uploaded (number is in octal)
$upload->setPerms('0644');
$filenames = array();
$end_index = $index_start + $upload->numFiles() - 1;
for ($z = $index_start; $z <= $end_index; $z++) {
$curfile = current($_FILES);
if (!empty($curfile['name'])) {
$pos = strrpos($curfile['name'], '.') + 1;
$fextension = substr($curfile['name'], $pos);
$filenames[] = $sid . '_' . $z . '.' . $fextension;
}
next($_FILES);
}
$upload->setFileNames($filenames);
reset($_FILES);
$upload->uploadFiles();
if ($upload->areErrors()) {
$retval = COM_siteHeader('menu', $LANG24[30]);
$retval .= COM_startBlock($LANG24[30], '', COM_getBlockTemplate('_msg_block', 'header'));
$retval .= $upload->printErrors(false);
$retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$retval .= COM_siteFooter();
echo $retval;
exit;
}
reset($filenames);
for ($z = $index_start; $z <= $end_index; $z++) {
DB_query("INSERT INTO {$_TABLES['article_images']} (ai_sid, ai_img_num, ai_filename) VALUES ('{$sid}', {$z}, '" . current($filenames) . "')");
next($filenames);
}
}
if ($_CONF['maximagesperarticle'] > 0) {
$errors = $story->insertImages();
if (count($errors) > 0) {
$output = COM_siteHeader('menu', $LANG24[54]);
$output .= COM_startBlock($LANG24[54], '', COM_getBlockTemplate('_msg_block', 'header'));
$output .= $LANG24[55] . '<p>';
for ($i = 1; $i <= count($errors); $i++) {
$output .= current($errors) . '<br' . XHTML . '>';
next($errors);
}
$output .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$output .= storyeditor($sid);
$output .= COM_siteFooter();
echo $output;
exit;
}
}
}
$result = $story->saveToDatabase();
if ($result == STORY_SAVED) {
// see if any plugins want to act on that story
if (!empty($args['old_sid']) && $args['old_sid'] != $sid) {
PLG_itemSaved($sid, 'article', $args['old_sid']);
} else {
PLG_itemSaved($sid, 'article');
}
// update feed(s) and Older Stories block
COM_rdfUpToDateCheck('article', $story->DisplayElements('tid'), $sid);
COM_olderStuff();
CMT_updateCommentcodes();
if ($story->type == 'submission') {
$output = COM_refresh($_CONF['site_admin_url'] . '/moderation.php?msg=9');
} else {
$output = PLG_afterSaveSwitch($_CONF['aftersave_story'], COM_buildURL("{$_CONF['site_url']}/article.php?story={$sid}"), 'story', 9);
}
/* @TODO Set the object id here */
$svc_msg['id'] = $sid;
return PLG_RET_OK;
}
}
/**
* Main driver to handle the uploaded autotag
*
* Determines if a new style (supports automated installer) or
* an old style.
*
* @return string Formatted HTML containing the page body
*
*/
function processAutotagUpload()
{
global $_CONF, $_PLUGINS, $_TABLES, $autotagData, $LANG32, $_DB_dbms, $_DB_table_prefix;
$retval = '';
$upgrade = false;
$errors = '';
if (count($_FILES) > 0 && $_FILES['autotagfile']['error'] != UPLOAD_ERR_NO_FILE) {
require_once $_CONF['path_system'] . 'classes/upload.class.php';
$upload = new upload();
if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
$upload->setLogFile($_CONF['path'] . 'logs/error.log');
$upload->setDebug(true);
}
$upload->setMaxFileUploads(1);
$upload->setMaxFileSize(4194304);
$upload->setAllowedMimeTypes(array('application/x-gzip' => '.gz,.gzip,tgz', 'application/zip' => '.zip'));
$upload->setFieldName('autotagfile');
if (!$upload->setPath($_CONF['path_data'] . 'temp')) {
return _at_errorBox($upload->printErrors(false));
exit;
}
$filename = COM_sanitizeFilename($_FILES['autotagfile']['name'], true);
$upload->setFileNames($filename);
$upload->uploadFiles();
if ($upload->areErrors()) {
return _at_errorBox($upload->printErrors(false));
exit;
}
$Finalfilename = $_CONF['path_data'] . 'temp/' . $filename;
} else {
return _at_errorBox($LANG32[46]);
}
// decompress into temp directory
if (function_exists('set_time_limit')) {
@set_time_limit(60);
}
if (!($tmp = _io_mktmpdir())) {
return _at_errorBox($LANG32[47]);
}
if (!COM_decompress($Finalfilename, $_CONF['path_data'] . $tmp)) {
_pi_deleteDir($_CONF['path_data'] . $tmp);
return _at_errorBox($LANG32[48]);
}
@unlink($Finalfilename);
// read XML data file, places in $autotagData;
$autotagData = array();
$rc = _at_parseXML($_CONF['path_data'] . $tmp);
if ($rc == -1) {
// no xml file found
_pi_deleteDir($_CONF['path_data'] . $tmp);
return _at_errorBox(sprintf($LANG32[49], $autotagData['glfusionversion']));
}
if (!isset($autotagData['id']) || !isset($autotagData['version'])) {
_pi_deleteDir($_CONF['path_data'] . $tmp);
return _at_errorBox(sprintf($LANG32[49], $autotagData['glfusionversion']));
}
// proper glfusion version
if (!COM_checkVersion(GVERSION, $autotagData['glfusionversion'])) {
_pi_deleteDir($_CONF['path_data'] . $tmp);
return _at_errorBox(sprintf($LANG32[49], $autotagData['glfusionversion']));
}
if (!COM_checkVersion(phpversion(), $autotagData['phpversion'])) {
$retval .= sprintf($LANG32[50], $autotagData['phpversion']);
_pi_deleteDir($_CONF['path_data'] . $tmp);
return _at_errorBox(sprintf($LANG32[50], $autotagData['phpversion']));
}
if ($errors != '') {
_pi_deleteDir($_CONF['path_data'] . $tmp);
return _at_errorBox($errors);
}
// check to see if an auto tag already exists...
// removed so we can update existing auto tags
/*
$result = DB_query("SELECT * FROM {$_TABLES['autotags']} WHERE tag='".DB_escapeString($autotagData['id'])."'");
if ( DB_numRows($result) > 0 ) {
_pi_deleteDir($_CONF['path_data'].$tmp);
return _at_errorBox(sprintf($LANG32[52],$autotagData['id']));
}
*/
$permError = 0;
$permErrorList = '';
if (function_exists('set_time_limit')) {
@set_time_limit(30);
}
// test copy to proper directories
$autotagData['id'] = preg_replace('/[^a-zA-Z0-9\\-_\\.]/', '', $autotagData['id']);
list($rc, $failed) = _pi_test_copy($_CONF['path_data'] . $tmp . '/' . $autotagData['id'] . '/', $_CONF['path_system'] . 'autotags/');
if ($rc > 0) {
$permError = 1;
foreach ($failed as $filename) {
$permErrorList .= sprintf($LANG32[41], $filename);
}
}
if ($permError != 0) {
$errorMessage = '<h2>' . $LANG32[42] . '</h2>' . $LANG32[43] . $permErrorList . '<br />' . $LANG32[44];
_pi_deleteDir($_CONF['path_data'] . $tmp);
return _at_errorBox($errorMessage);
}
$T = new Template($_CONF['path_layout'] . 'admin/autotag');
$T->set_file('form', 'autotag_upload_confirm.thtml');
$T->set_var(array('form_action_url' => $_CONF['site_admin_url'] . '/autotag_upload.php', 'action' => 'processupload', 'pi_name' => $autotagData['id'], 'pi_version' => $autotagData['version'], 'pi_url' => $autotagData['url'], 'pi_gl_version' => $autotagData['glfusionversion'], 'pi_desc' => $autotagData['description'], 'pi_author' => $autotagData['author'], 'upgrade' => $upgrade, 'temp_dir' => $tmp));
$retval .= $T->parse('output', 'form');
return $retval;
}
function _ff_uploadfile($filename, &$upload_file, $allowablefiletypes, $use_filemgmt = 0)
{
global $_FILES, $_CONF, $_TABLES, $_FF_CONF, $LANG_GF00, $filemgmt_FileStore;
USES_class_upload();
$upload = new upload();
if ($use_filemgmt == 1) {
$upload->setPath($filemgmt_FileStore);
} else {
$upload->setPath($_FF_CONF['uploadpath']);
}
$upload->setLogging(true);
$upload->setAllowedMimeTypes($allowablefiletypes);
// Set max dimensions as well in case user is uploading a full size image
$upload->setMaxDimensions($_FF_CONF['max_uploadimage_width'], $_FF_CONF['max_uploadimage_height']);
if (!isset($_FF_CONF['max_uploadimage_size']) || $_FF_CONF['max_uploadimage_size'] == 0) {
$upload->setMaxFileSize(100000000);
} else {
$upload->setMaxFileSize($_FF_CONF['max_uploadimage_size']);
}
$upload->setAutomaticResize(true);
if (strlen($upload_file['name']) > 0) {
$upload->setFileNames($filename);
$upload->setPerms($_FF_CONF['fileperms']);
$upload->_currentFile = $upload_file;
// Verify file meets size limitations
if (!$upload->_fileSizeOk()) {
$upload->_addError('File, ' . $upload->_currentFile['name'] . ', is bigger than the ' . $upload->_maxFileSize . ' byte limit');
}
// If all systems check, do the upload
if ($upload->checkMimeType() and $upload->_imageSizeOK() and !$upload->areErrors()) {
if ($upload->_copyFile()) {
$upload->_uploadedFiles[] = $upload->_fileUploadDirectory . '/' . $upload->_getDestinationName();
}
}
$upload->_currentFile = array();
if ($upload->areErrors() and !$upload->_continueOnError) {
$errmsg = "Forum Upload Attachment Error:" . $upload->printErrors(false);
COM_errorlog($errmsg);
$GLOBALS['ff_errmsg'] = $LANG_GF00['uploaderr'] . ':<br/>' . $upload->printErrors(false);
return false;
}
return true;
} else {
return false;
}
return false;
}
