function format_value() { if (isset($_FILES[$this->name])) { require_once PLUGIN_DIR . 'attach.inc.php'; $base = $this->form->base; $result = attach_upload($_FILES[$this->name], $base); if (isset($result['result']) && $result['result']) { // Upload success return parent::format_value($base . '/' . $_FILES[$this->name]['name']); } } // Filename not specified, or Fail to upload return parent::format_value(''); }
function plugin_attach_action() { global $vars, $_attach_messages; // Backward compatible if (isset($vars['openfile'])) { $vars['file'] = $vars['openfile']; $vars['pcmd'] = 'open'; } if (isset($vars['delfile'])) { $vars['file'] = $vars['delfile']; $vars['pcmd'] = 'delete'; } $pcmd = isset($vars['pcmd']) ? $vars['pcmd'] : ''; $refer = isset($vars['refer']) ? $vars['refer'] : ''; $pass = isset($vars['pass']) ? $vars['pass'] : NULL; $page = isset($vars['page']) ? $vars['page'] : ''; if ($refer != '' && is_pagename($refer)) { if (in_array($pcmd, array('info', 'open', 'list'))) { check_readable($refer); } else { check_editable($refer); } } // Dispatch if (isset($_FILES['attach_file'])) { // Upload return attach_upload($_FILES['attach_file'], $refer, $pass); } else { switch ($pcmd) { case 'delete': /*FALLTHROUGH*/ /*FALLTHROUGH*/ case 'freeze': case 'unfreeze': if (PKWK_READONLY) { die_message('PKWK_READONLY prohibits editing'); } } switch ($pcmd) { case 'info': return attach_info(); case 'delete': return attach_delete(); case 'open': return attach_open(); case 'list': return attach_list(); case 'freeze': return attach_freeze(TRUE); case 'unfreeze': return attach_freeze(FALSE); case 'rename': return attach_rename(); case 'upload': return attach_showform(); } if ($page == '' || !is_page($page)) { return attach_list(); } else { return attach_showform(); } } }
function plugin_paint_action() { global $script, $vars, $pkwk_dtd, $_paint_messages; // if (PKWK_READONLY) die_message('PKWK_READONLY prohibits editing'); if (auth::check_role('readonly')) { die_message('PKWK_READONLY prohibits editing'); } //戻り値を初期化 $retval['msg'] = $_paint_messages['msg_title']; $retval['body'] = ''; if (array_key_exists('attach_file', $_FILES) and array_key_exists('refer', $vars)) { $file = $_FILES['attach_file']; //BBSPaiter.jarは、shift-jisで内容を送ってくる。面倒なのでページ名はエンコードしてから送信させるようにした。 $vars['page'] = $vars['refer'] = decode($vars['refer']); $filename = $vars['filename']; $filename = mb_convert_encoding($filename, SOURCE_ENCODING, 'auto'); //ファイル名置換 $attachname = preg_replace('/^[^\\.]+/', $filename, $file['name']); //すでに存在した場合、 ファイル名に'_0','_1',...を付けて回避(姑息) $count = '_0'; while (file_exists(UPLOAD_DIR . encode($vars['refer']) . '_' . encode($attachname))) { $attachname = preg_replace('/^[^\\.]+/', $filename . $count++, $file['name']); } $file['name'] = $attachname; if (!exist_plugin('attach') or !function_exists('attach_upload')) { return array('msg' => 'attach.inc.php not found or not correct version.'); } $retval = attach_upload($file, $vars['refer'], TRUE); if ($retval['result'] == TRUE) { $retval = paint_insert_ref($file['name']); } } else { $message = ''; $refer = $s_refer = ''; if (array_key_exists('refer', $vars)) { $refer = $vars['refer']; $s_refer = htmlspecialchars($vars['refer']); } $url = get_page_uri($refer); $link = "<p><a href=\"{$url}\">{$s_refer}</a></p>"; $w = PAINT_APPLET_WIDTH; $h = PAINT_APPLET_HEIGHT; //ウインドウモード :) if ($w < 50 and $h < 50) { $w = $h = 0; $retval['msg'] = ''; $vars['page'] = $vars['refer']; $vars['cmd'] = 'read'; $retval['body'] = convert_html(get_source($vars['refer'])); $link = ''; } //XSS脆弱性問題 - 外部から来た変数をエスケープ $width = empty($vars['width']) ? PAINT_DEFAULT_WIDTH : $vars['width']; $height = empty($vars['height']) ? PAINT_DEFAULT_HEIGHT : $vars['height']; $f_w = (is_numeric($width) and $width > 0) ? $width : PAINT_DEFAULT_WIDTH; $f_h = (is_numeric($height) and $height > 0) ? $height : PAINT_DEFAULT_HEIGHT; $f_refer = array_key_exists('refer', $vars) ? encode($vars['refer']) : ''; // BBSPainter.jarがshift-jisに変換するのを回避 $f_digest = array_key_exists('digest', $vars) ? htmlspecialchars($vars['digest']) : ''; $f_no = (array_key_exists('paint_no', $vars) and is_numeric($vars['paint_no'])) ? $vars['paint_no'] + 0 : 0; if ($f_w > PAINT_MAX_WIDTH) { $f_w = PAINT_MAX_WIDTH; } if ($f_h > PAINT_MAX_HEIGHT) { $f_h = PAINT_MAX_HEIGHT; } $retval['body'] .= <<<EOD <div> {$link} {$message} <applet codebase="." archive="BBSPainter.jar" code="Main.class" width="{$w}" height="{$h}"> <param name="size" value="{$f_w},{$f_h}" /> <param name="action" value="{$script}" /> <param name="image" value="attach_file" /> <param name="form1" value="filename={$_paint_messages['field_filename']}=!" /> <param name="form2" value="yourname={$_paint_messages['field_name']}" /> <param name="comment" value="msg={$_paint_messages['field_comment']}" /> <param name="param1" value="plugin=paint" /> <param name="param2" value="refer={$f_refer}" /> <param name="param3" value="digest={$f_digest}" /> <param name="param4" value="max_file_size=1000000" /> <param name="param5" value="paint_no={$f_no}" /> <param name="enctype" value="multipart/form-data" /> <param name="return.URL" value="{$url}" /> </applet> </div> EOD; // XHTML 1.0 Transitional if (!isset($pkwk_dtd) || $pkwk_dtd == PKWK_DTD_XHTML_1_1) { $pkwk_dtd = PKWK_DTD_XHTML_1_0_TRANSITIONAL; } } return $retval; }
function format_value($str) { if (array_key_exists($this->name, $_FILES)) { require_once PLUGIN_DIR . 'attach.inc.php'; $result = attach_upload($_FILES[$this->name], $this->page); if ($result['result']) { return parent::format_value($this->page . '/' . $_FILES[$this->name]['name']); } } // ファイルが指定されていないか、アップロードに失敗 return parent::format_value(''); }
} else { if ($subject == '' && $message == '') { showmessage('post_sm_isnull'); } } if ($editedby && $timestamp - $orig['dateline'] > 60 && $adminid != 1) { include_once language('misc'); $editor = $isanonymous && $isorigauthor ? $language['anonymous'] : $discuz_user; $edittime = gmdate($_DCACHE['settings']['dateformat'] . ' ' . $_DCACHE['settings']['timeformat'], $timestamp + $timeoffset * 3600); eval("\$message = \"{$language['post_edit']}\".\$message;"); } $bbcodeoff = checkbbcodes($message, !empty($bbcodeoff)); $smileyoff = checksmilies($message, !empty($smileyoff)); $tagoff = $isfirstpost ? !empty($tagoff) : 0; $htmlon = bindec(($tagstatus && $tagoff ? 1 : 0) . ($allowhtml && !empty($htmlon) ? 1 : 0)); $uattachment = $allowpostattach && ($uattachments = attach_upload('attachupdate', 1)) ? 1 : 0; if ($uattachment) { $query = $db->query("SELECT aid, tid, pid, uid, attachment, thumb, remote FROM {$tablepre}attachments WHERE pid='{$pid}'"); while ($attach = $db->fetch_array($query)) { $paid = 'paid' . $attach['aid']; $attachfileadd = ''; if ($uattachment && isset($uattachments[$paid])) { dunlink($attach['attachment'], $attach['thumb'], $attach['remote']); $attachfileadd = 'dateline=\'' . $timestamp . '\', filename=\'' . $uattachments[$paid]['name'] . '\', filetype=\'' . $uattachments[$paid]['type'] . '\', filesize=\'' . $uattachments[$paid]['size'] . '\', attachment=\'' . $uattachments[$paid]['attachment'] . '\', thumb=\'' . $uattachments[$paid]['thumb'] . '\', isimage=\'-' . $uattachments[$paid]['isimage'] . '\', remote=\'' . $uattachments[$paid]['remote'] . '\',
function plugin_csv2newpage_upload($refer) { global $vars; $start_line_no = empty($vars['start_line_no']) ? 0 : $vars['start_line_no']; if (empty($_FILES['attach_file'])) { return array('msg' => 'no attach_file', 'body' => 'Set attach file'); } $file = $_FILES['attach_file']; $attachname = $file['name']; $filename = preg_replace('/\\..+$/', '', $attachname, 1); //すでに存在した場合、 ファイル名に'_0','_1',...を付けて回避(姑息) $count = '_0'; while (file_exists(UPLOAD_DIR . encode($refer) . '_' . encode($attachname))) { $attachname = preg_replace('/^[^\\.]+/', $filename . $count++, $file['name']); } $file['name'] = $attachname; if (!exist_plugin('attach')) { return array('msg' => 'plugin not found', 'body' => 'The attach plugin is not found.'); } $pass = empty($vars['pass']) ? NULL : md5($vars['pass']); $retval = attach_upload($file, $refer, $pass); if ($retval['result'] != TRUE) { return array('msg' => 'cannot upload', 'body' => 'cannot upload: ' . $attachname . ',' . $retval); } $realfile = UPLOAD_DIR . encode($refer) . '_' . encode($attachname); if (!is_file($realfile)) { return array('msg' => 'not found the attached file', 'body' => "The attached file:'{$attachname}' does not exist in '{$refer}'.<br />({$realfile})"); } $postdata_old = file($realfile); $line = join('', $postdata_old); $code = mb_detect_encoding($line); $line = mb_convert_encoding($line, SOURCE_ENCODING, $code); $csvlines = preg_split("/\r?\n/", $line); if ($start_line_no) { array_splice($csvlines, 0, $start_line_no); } return $csvlines; }
if (empty($vid) || empty($vsubject) || empty($vtag)) { showmessage('video_required_invalid'); } } $sortid = $special && $forum['threadsorts']['types'][$sortid] ? 0 : $sortid; $typeexpiration = intval($typeexpiration); if ($forum['threadsorts']['expiration'][$typeid] && !$typeexpiration) { showmessage('threadtype_expiration_invalid'); } $optiondata = array(); if ($forum['threadsorts']['types'][$sortid] && !$forum['allowspecialonly']) { $optiondata = threadsort_validator($typeoption); } $author = !$isanonymous ? $discuz_user : ''; $moderated = $digest || $displayorder > 0 ? 1 : 0; $attachment = $allowpostattach && ($attachments = attach_upload()) ? $imageexists ? 2 : 1 : 0; $subscribed = !empty($emailnotify) && $discuz_uid ? 1 : 0; $db->query("INSERT INTO {$tablepre}threads (fid, readperm, price, iconid, typeid, sortid, author, authorid, subject, dateline, lastpost, lastposter, displayorder, digest, special, attachment, subscribed, moderated)\r\n\t\tVALUES ('{$fid}', '{$readperm}', '{$price}', '{$iconid}', '{$typeid}', '{$sortid}', '{$author}', '{$discuz_uid}', '{$subject}', '{$timestamp}', '{$timestamp}', '{$author}', '{$displayorder}', '{$digest}', '{$special}', '{$attachment}', '{$subscribed}', '{$moderated}')"); $tid = $db->insert_id(); if ($subscribed) { $db->query("REPLACE INTO {$tablepre}subscriptions (uid, tid, lastpost, lastnotify)\r\n\t\t\tVALUES ('{$discuz_uid}', '{$tid}', '{$timestamp}', '{$timestamp}')", 'UNBUFFERED'); } if ($special == 3 && $allowpostreward) { $db->query("INSERT INTO {$tablepre}rewardlog (tid, authorid, netamount, dateline) VALUES ('{$tid}', '{$discuz_uid}', {$realprice}, '{$timestamp}')"); } $db->query("REPLACE INTO {$tablepre}mythreads (uid, tid, dateline, special) VALUES ('{$discuz_uid}', '{$tid}', '{$timestamp}', '{$special}')", 'UNBUFFERED'); if ($moderated) { updatemodlog($tid, $displayorder > 0 ? 'STK' : 'DIG'); updatemodworks($displayorder > 0 ? 'STK' : 'DIG', 1); } if ($special == 1) {
/** * 画像を添付するためのもの */ function plugin_show_action() { global $script, $vars, $username; global $html_transitional; $qm = get_qm(); //check auth $editable = edit_auth($vars['refer'], FALSE, FALSE); if (!$editable) { return array('msg' => $qm->m['plg_attachref']['title_ntc_admin'], 'body' => '<p>' . $qm->m['plg_attachref']['ntc_admin'] . '</p>'); } //戻り値を初期化 $retval['msg'] = $qm->m['plg_attachref']['title']; $retval['body'] = ''; if (array_key_exists('attach_file', $_FILES) and array_key_exists('refer', $vars) and is_page($vars['refer'])) { $file = $_FILES['attach_file']; $attachname = $file['name']; $filename = preg_replace('/\\..+$/', '', $attachname, 1); //! swfuを持っていたら (管理者のみ)-------------------------------------------- if ($editable && has_swfu()) { //アップロードするファイル名を決める(日本語ダメ、重複もダメ) $upload_name = $file['name']; if (preg_match('/^[-_.+a-zA-Z0-9]+$/', $upload_name)) { while (!$overwrite && file_exists(SWFU_IMAGE_DIR . $upload_name)) { $upload_name = 's_' . $upload_name; } $upload_file = SWFU_IMAGE_DIR . $upload_name; $fname = $upload_name; $disp = $qm->m['plg_attachref']['img_desc']; } else { $matches = array(); if (!preg_match('/[^.]+\\.(.*)$/', $upload_name, $matches)) { echo 'invalid file name : ' . $upload_name; exit(0); } $ext = $matches[1]; $tmp_name = tempnam(SWFU_IMAGE_DIR, 'auto_'); $upname = $tmp_name . '.' . $ext; $disp = $upload_name; rename($tmp_name, $upname); $upload_file = SWFU_IMAGE_DIR . basename($upname); $fname = basename($upname); } move_uploaded_file($file['tmp_name'], $upload_file); chmod($upload_file, 0666); //regist db $stat = stat($upload_file); $data = array('name' => $fname, 'description' => $disp, 'created' => $stat['mtime'], 'size' => $stat['size'], 'page_name' => $vars['refer']); require_once SWFU_TEXTSQL_PATH; $db = new CTextDB(SWFU_IMAGEDB_PATH); $db->insert($data); $retval = show_insert_ref(SWFU_IMAGE_DIR . $fname); return $retval; } // open qhm用 attachフォルダにファイルを置く //すでに存在した場合、 ファイル名に'_0','_1',...を付けて回避(姑息) $count = '_0'; while (file_exists('./attach/' . encode($vars['refer']) . '_' . encode($attachname))) { $attachname = preg_replace('/^[^\\.]+/', $filename . $count++, $file['name']); } $file['name'] = $attachname; require_once PLUGIN_DIR . "attach.inc.php"; if (!exist_plugin('attach') or !function_exists('attach_upload')) { return array('msg' => $qm->m['plg_attachref']['err_notfound']); } $pass = array_key_exists('pass', $vars) ? $vars['pass'] : NULL; $retval = attach_upload($file, $vars['refer'], $pass); if ($retval['result'] == TRUE) { $retval = show_insert_ref($file['name']); } } else { $retval = show_showform(); // XHTML 1.0 Transitional $html_transitional = TRUE; } return $retval; }
function plugin_attach_action() { global $vars, $_attach_messages, $_string; // Backward compatible if (isset($vars['openfile'])) { $vars['file'] = $vars['openfile']; $vars['pcmd'] = 'open'; } if (isset($vars['delfile'])) { $vars['file'] = $vars['delfile']; $vars['pcmd'] = 'delete'; } $pcmd = isset($vars['pcmd']) ? $vars['pcmd'] : NULL; $refer = isset($vars['refer']) ? $vars['refer'] : NULL; $pass = isset($vars['pass']) ? $vars['pass'] : NULL; $page = isset($vars['page']) ? $vars['page'] : $refer; if (!empty($page)) { $wiki = Factory::Wiki($page); if ($wiki->isValied()) { // メソッドによってパーミッションを分ける if (in_array($pcmd, array('info', 'open', 'list'))) { // 読み込み許可 $wiki->checkReadable(); } else { // 書き込み許可があるか $wiki->checkEditable(); } } } if (in_array($pcmd, array('delete', 'freeze', 'unfreeze'))) { if (Auth::check_role('readonly')) { Utility::dieMessage($_string['error_prohibit']); } } switch ($pcmd) { case 'info': return attach_info(); case 'delete': return attach_delete(); case 'open': return attach_open(); case 'list': return attach_list($page); case 'freeze': return attach_freeze(TRUE); case 'unfreeze': return attach_freeze(FALSE); case 'rename': return attach_rename(); default: case 'upload': return attach_showform(); case 'form': return array('msg' => str_replace('$1', $refer, $_attach_messages['msg_upload']), 'body' => attach_form($refer)); case 'post': return attach_upload($page, $pass); case 'progress': return PluginRenderer::getUploadProgress(); } return empty($page) || !$wiki->isValied() ? attach_list() : attach_showform(); }
break; } } } $typeid = isset($typeid) ? $typeid : 0; $tradetypeid = isset($tradetypeid) ? $tradetypeid : 0; $iconid = !empty($iconid) && isset($_DCACHE['icons'][$iconid]) ? $iconid : 0; $displayorder = $modnewthreads ? -2 : ($forum['ismoderator'] && !empty($sticktopic) ? 1 : 0); $digest = $forum['ismoderator'] && !empty($addtodigest) ? 1 : 0; $blog = $allowuseblog && $forum['allowshare'] && !empty($addtoblog) ? 1 : 0; $readperm = $allowsetreadperm ? $readperm : 0; $isanonymous = $isanonymous && $allowanonymous ? 1 : 0; $threadmessage = $counterdesc . "\t\t\t" . $aboutcounter; $author = !$isanonymous ? $discuz_user : ''; $moderated = $digest || $displayorder > 0 ? 1 : 0; $attachment = $allowpostattach && ($attachments = attach_upload()) ? 1 : 0; $subscribed = !empty($emailnotify) && $discuz_uid ? 1 : 0; $supe_pushstatus = $supe['status'] && $forum['supe_pushsetting']['status'] == 1 && !$modnewthreads ? '1' : '0'; $sgidadd1 = $sgidadd2 = ''; if ($iscircle) { $sgidadd1 = ', sgid'; $sgidadd2 = ", '{$sgid}'"; } $db->query("INSERT INTO {$tablepre}threads (fid, readperm, price, iconid, typeid, author, authorid, subject, dateline, lastpost, lastposter, displayorder, digest, blog, special, attachment, subscribed, moderated, supe_pushstatus, replies {$sgidadd1})\r\n\tVALUES ('{$fid}', '{$readperm}', '{$price}', '{$iconid}', '{$typeid}', '{$author}', '{$discuz_uid}', '{$subject}', '{$timestamp}', '{$timestamp}', '{$author}', '{$displayorder}', '{$digest}', '{$blog}', '{$special}', '{$attachment}', '{$subscribed}', '{$moderated}', '{$supe_pushstatus}', '1' {$sgidadd2})"); $tid = $db->insert_id(); if ($subscribed) { $db->query("REPLACE INTO {$tablepre}subscriptions (uid, tid, lastpost, lastnotify)\r\n\t\tVALUES ('{$discuz_uid}', '{$tid}', '{$timestamp}', '{$timestamp}')", 'UNBUFFERED'); } $db->query("REPLACE INTO {$tablepre}mythreads (uid, tid, dateline, special) VALUES ('{$discuz_uid}', '{$tid}', '{$timestamp}', '{$special}')", 'UNBUFFERED'); if ($moderated) { updatemodlog($tid, $displayorder > 0 ? 'STK' : 'DIG');
if (!empty($_FILES['tradeattach']['tmp_name'][0])) { $_FILES['attach'] = array_merge_recursive((array) $_FILES['attach'], $_FILES['tradeattach']); } } $attachnum = 0; if ($allowpostattach && !empty($_FILES['attach']) && is_array($_FILES['attach'])) { foreach ($_FILES['attach']['name'] as $attachname) { if ($attachname != '') { $attachnum++; } } $attachnum && checklowerlimit($postattachcredits, $attachnum); } else { $_FILES = array(); } $attachments = $attachnum ? attach_upload() : array(); $attachment = empty($attachments) ? 0 : ($imageexists ? 2 : 1); $subscribed = $thread['subscribed'] && $timestamp - $thread['lastpost'] < 7776000; $newsubscribed = !empty($emailnotify) && $discuz_uid; if ($subscribed && !$modnewreplies) { $db->query("UPDATE {$tablepre}subscriptions SET lastpost='{$timestamp}' WHERE tid='{$tid}' AND uid<>'{$discuz_uid}'", 'UNBUFFERED'); } if ($newsubscribed) { $db->query("REPLACE INTO {$tablepre}subscriptions (uid, tid, lastpost, lastnotify)\r\n\t\t\tVALUES ('{$discuz_uid}', '{$tid}', '" . ($modnewreplies ? $thread['lastpost'] : $timestamp) . "', '{$timestamp}')", 'UNBUFFERED'); } $bbcodeoff = checkbbcodes($message, !empty($bbcodeoff)); $smileyoff = checksmilies($message, !empty($smileyoff)); $parseurloff = !empty($parseurloff); $htmlon = $allowhtml && !empty($htmlon) ? 1 : 0; $usesig = !empty($usesig) ? 1 : 0; $isanonymous = $allowanonymous && !empty($isanonymous) ? 1 : 0;
$depict = $type == 'image' ? "Image File " : 'All Support Formats '; echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?><parameter><allowsExtend><extend depict=\"$depict\">$attachextensions</extend></allowsExtend><language>$xmllang</language><config><userid>$discuz_uid</userid><hash>$swfhash</hash><maxupload>$maxattachsize</maxupload></config></parameter>"; } elseif($operation == 'upload') { $uid = intval($_POST['uid']); $aid = 0; $isimage = 0; $simple = !empty($simple) ? $simple : 0; $groupid = intval($db->result_first("SELECT groupid FROM {$tablepre}members WHERE uid='$uid'")); @include DISCUZ_ROOT.'./forumdata/cache/usergroup_'.$groupid.'.php'; $swfhash = md5(substr(md5($_DCACHE['settings']['authkey']), 8).$uid); $statusid = -1; if(!$_FILES['Filedata']['error'] && $_POST['hash'] == $swfhash) { require_once './include/post.func.php'; $attachments = attach_upload('Filedata'); if($attachments) { if(is_array($attachments)) { $attach = $attachments[0]; $isimage = $attach['isimage']; if(!$simple) { require_once DISCUZ_ROOT.'include/chinese.class.php'; $c = new Chinese('utf8', $charset); $attach['name'] = addslashes($c->Convert(urldecode($attach['name']))); if($type != 'image' && $isimage) $isimage = -1; } elseif($simple == 1 && $type != 'image' && $isimage) { $isimage = -1; } elseif($simple == 2 && $type == 'image' && !$isimage) { dunlink($attach['attachment'], $attach['thumb'], $attach['remote']); echo "DISCUZUPLOAD|1|4|0|0|"; exit;
function plugin_attachref_action() { global $vars; global $_attachref_messages; $retval['msg'] = $_attachref_messages['msg_title']; $retval['body'] = ''; $refer = isset($vars['refer']) ? $vars['refer'] : false; if (isset($_FILES[PLUGIN_ATTACH_FILE_FIELD_NAME]) && $refer !== false) { $wiki = Factory::Wiki($refer); if (!$wiki->isValied()) { Utility::dieMessage('#attachref : invalied page.'); } $file = $_FILES[PLUGIN_ATTACH_FILE_FIELD_NAME]; $attachname = $file['name'][0]; $filename = preg_replace('/\\..+$/', '', $attachname, 1); // If exist file, add a name '_0', '_1', ... $count = '_0'; while (file_exists(UPLOAD_DIR . encode($refer) . '_' . encode($attachname))) { $attachname = preg_replace('/^[^\\.]+/', $filename . $count++, $attachname); } $file['name'][0] = $attachname; $attach_filename = attachref_get_attach_filename($file); $pass = isset($vars['pass']) ? md5($vars['pass']) : NULL; $retval = attach_upload($refer, $pass); if ($retval['result'] == TRUE) { $retval = attachref_insert_ref($attach_filename); } Utility::redirect($wiki->uri()); } else { $retval = attachref_showform(); } return $retval; }
function plugin_attachref_action() { global $script, $vars; global $_attachref_messages; global $pkwk_dtd; $retval['msg'] = $_attachref_messages['msg_title']; $retval['body'] = ''; if (isset($_FILES['attach_file']) && isset($vars['refer']) && is_page($vars['refer'])) { $file = $_FILES['attach_file']; $attachname = $file['name']; $filename = preg_replace('/\\..+$/', '', $attachname, 1); // If exist file, add a name '_0', '_1', ... $count = '_0'; while (file_exists(UPLOAD_DIR . encode($vars['refer']) . '_' . encode($attachname))) { $attachname = preg_replace('/^[^\\.]+/', $filename . $count++, $file['name']); } $file['name'] = $attachname; require_once PLUGIN_DIR . 'attach.inc.php'; if (!exist_plugin('attach') or !function_exists('attach_upload')) { return array('msg' => 'attach.inc.php not found or not correct version.'); } $attach_filename = attachref_get_attach_filename($file); $pass = isset($vars['pass']) ? md5($vars['pass']) : NULL; $retval = attach_upload($file, $vars['refer'], $pass); if ($retval['result'] == TRUE) { $retval = attachref_insert_ref($attach_filename); } } else { $retval = attachref_showform(); // XHTML 1.0 Transitional if (!isset($pkwk_dtd) || $pkwk_dtd == PKWK_DTD_XHTML_1_1) { $pkwk_dtd = PKWK_DTD_XHTML_1_0_TRANSITIONAL; } } return $retval; }