function cimy_switch_current_blog($hidden_field = false) { global $switched, $blog_id; if (isset($switched)) { if ($hidden_field) { if (cimy_is_at_least_wordpress35()) { echo "\t<input type=\"hidden\" name=\"from_blog_id\" value=\"" . $blog_id . "\" />\n"; } else { echo "\t<input type=\"hidden\" name=\"blog_id\" value=\"" . $blog_id . "\" />\n"; } } if (cimy_is_at_least_wordpress35()) { restore_current_blog(); } } }
function cimy_registration_form($errors = null, $show_type = 0) { global $wpdb, $start_cimy_uef_comment, $end_cimy_uef_comment, $rule_maxlen_needed, $fields_name_prefix, $wp_fields_name_prefix, $cuef_plugin_dir, $cimy_uef_file_types, $cimy_uef_textarea_types, $user_level, $cimy_uef_domain, $cimy_uef_file_images_types, $cimy_uef_text_types; if (cimy_is_at_least_wordpress35()) { cimy_switch_to_blog(); } $my_user_level = $user_level; // -1 == anonymous if (!is_user_logged_in()) { $my_user_level = -1; } $extra_fields = get_cimyFields(false, true); $wp_fields = get_cimyFields(true); if (is_multisite()) { $input_class = "cimy_uef_input_mu"; } else { $input_class = "cimy_uef_input_27"; } $options = cimy_get_options(); $tabindex = 21; echo $start_cimy_uef_comment; // needed to apply default values only first time and not in case of errors echo "\t<input type=\"hidden\" name=\"cimy_post\" value=\"1\" />\n"; if ($options['confirm_form']) { if ($show_type == 0) { echo "\t<input type=\"hidden\" name=\"register_confirmation\" value=\"1\" />\n"; } else { if ($show_type == 2) { echo "\t<input type=\"hidden\" name=\"register_confirmation\" value=\"2\" />\n"; } } } $radio_checked = array(); $i = 1; // confirmation page, all fields are plain text + hidden fields to carry over values if ($show_type == 2) { $user_email = $_POST["user_email"]; if (in_array("username", $options["wp_hidden_fields"])) { $username = $_POST["user_login"]; ?> <p id="user_login_p"> <label for="user_login"><?php _e("Username"); ?> </label><?php echo esc_html($username); ?> </p> <?php } else { $username = $user_email; } $upload_dir = cimy_uef_get_dir_or_filename(""); $dirs = glob($upload_dir . ".cimytemp_*.tmp"); if (is_array($dirs)) { foreach ($dirs as $dir) { $diff = current_time('timestamp', true) - filemtime($dir); // If older than two days delete! if ($diff > 172800) { cimy_rfr($dir . "/", "*"); if (is_dir($dir)) { rmdir($dir); } } } } $temp_user_login = "******" . sanitize_user($username) . '_' . rand() . '.tmp'; ?> <input type="hidden" name="temp_user_login" value="<?php echo esc_attr($temp_user_login); ?> " /> <input type="hidden" name="user_login" id="user_login" value="<?php echo esc_attr($username); ?> " /> <p id="user_email_p"> <label for="user_email"><?php _e("E-mail"); ?> </label><input type="hidden" name="user_email" id="user_email" value="<?php echo esc_attr($user_email); ?> " /><?php echo esc_html($user_email); ?> </p> <br /> <?php } // do first the WP fields then the EXTRA fields while ($i <= 2) { if ($i == 1) { $fields = $wp_fields; $prefix = $wp_fields_name_prefix; } else { $fields = $extra_fields; $prefix = $fields_name_prefix; $current_fieldset = -1; if (!empty($options['fieldset_title'])) { $fieldset_titles = explode(',', $options['fieldset_title']); } else { $fieldset_titles = array(); } } $tiny_mce_objects = ""; foreach ($fields as $thisField) { $field_id = $thisField['ID']; $name = $thisField['NAME']; $rules = $thisField['RULES']; $type = $thisField['TYPE']; $old_type = $type; $label = cimy_wpml_translate_string($name . "_label", $thisField["LABEL"]); $description = cimy_uef_sanitize_content(cimy_wpml_translate_string($name . "_desc", $thisField["DESCRIPTION"])); $fieldset = empty($thisField['FIELDSET']) ? 0 : $thisField['FIELDSET']; $maxlen = 0; $unique_id = $prefix . $field_id; $input_name = $prefix . esc_attr($name); $field_id_data = $input_name . "_" . $field_id . "_data"; $advanced_options = cimy_uef_parse_advanced_options($rules["advanced_options"]); // do not dupe username if ($i == 1 && $name == "USERNAME") { continue; } // showing the search then there is no need for upload buttons if ($show_type == 1) { if ($type == "password") { continue; } if (in_array($type, $cimy_uef_file_types)) { $type = "text"; } } else { if ($show_type == 2) { $type = "hidden"; } } // if the current user LOGGED IN has not enough permissions to see the field, skip it if ($rules['show_level'] == 'view_cimy_extra_fields') { if (!current_user_can($rules['show_level'])) { continue; } } else { if ($my_user_level < $rules['show_level']) { continue; } } // if show_level == anonymous then do NOT ovverride other show_xyz rules if ($rules['show_level'] == -1) { if ($show_type == 0 || $show_type == 2) { // if flag to show the field in the registration is NOT activated, skip it if (!$rules['show_in_reg']) { continue; } } else { if ($show_type == 1) { // if flag to show the field in the blog is NOT activated, skip it if (!$rules['show_in_search']) { continue; } } } } // uploading a file is not supported when confirmation email is enabled (on MS is turned on by default yes) if ((is_multisite() || $options["confirm_email"]) && in_array($type, $cimy_uef_file_types)) { continue; } if (isset($_POST[$input_name])) { if ($type == "dropdown-multi" || $old_type == "dropdown-multi") { $value = stripslashes(implode(",", $_POST[$input_name])); } else { $value = stripslashes($_POST[$input_name]); } } else { if (isset($_GET[$name])) { if ($type == "dropdown-multi" || $old_type == "dropdown-multi") { $value = stripslashes(implode(",", $_GET[$name])); } else { $value = stripslashes($_GET[$name]); } } else { if (!isset($_POST["cimy_post"])) { $value = $thisField['VALUE']; switch ($type) { case "radio": if ($value == "YES") { $value = $field_id; } else { $value = ""; } break; case "checkbox": if ($value == "YES") { $value = "1"; } else { $value = ""; } break; } } else { $value = ""; } } } if ($i != 1 && $fieldset > $current_fieldset && isset($fieldset_titles[$fieldset])) { $current_fieldset = $fieldset; if (isset($fieldset_titles[$current_fieldset])) { echo "\n\t<h2>" . esc_html(cimy_wpml_translate_string("a_opt_fieldset_title_" . $current_fieldset, $fieldset_titles[$current_fieldset])) . "</h2>\n"; } } if (!empty($description) && $type != "registration-date") { echo "\t"; echo '<p id="' . $prefix . 'p_desc_' . $field_id . '" class="description"><br />' . $description . '</p>'; echo "\n"; } echo "\t"; echo '<p id="' . $prefix . 'p_field_' . $field_id . '">'; echo "\n\t"; $obj_class = ""; switch ($type) { case "date": $obj_class = " datepicker"; case "picture-url": case "password": case "text": $obj_label = '<label for="' . $unique_id . '">' . cimy_uef_sanitize_content($label) . '</label>'; $obj_class = ' class="' . $input_class . $obj_class . '"'; $obj_name = ' name="' . $input_name . '"'; if (in_array($type, $cimy_uef_text_types)) { $obj_type = ' type="text"'; } else { $obj_type = ' type="' . $type . '"'; } $obj_value = ' value="' . esc_attr($value) . '"'; $obj_value2 = ""; $obj_checked = ""; $obj_tag = "input"; $obj_closing_tag = false; break; case "dropdown": case "dropdown-multi": // cimy_dropDownOptions uses cimy_uef_sanitize_content and esc_attr by itself $ret = cimy_dropDownOptions($label, $value); $label = $ret['label']; $html = $ret['html']; if ($type == "dropdown-multi") { $obj_name = ' name="' . $input_name . '[]" multiple="multiple" size="6"'; } else { $obj_name = ' name="' . $input_name . '"'; } $obj_label = '<label for="' . $unique_id . '">' . $label . '</label>'; $obj_class = ' class="' . $input_class . '"'; $obj_type = ''; $obj_value = ''; $obj_value2 = $html; $obj_checked = ""; $obj_tag = "select"; $obj_closing_tag = true; break; case "textarea": $obj_label = '<label for="' . $unique_id . '">' . cimy_uef_sanitize_content($label) . '</label>'; $obj_class = ' class="' . $input_class . '"'; $obj_name = ' name="' . $input_name . '"'; $obj_type = ""; $obj_value = ""; $obj_value2 = esc_html($value); $obj_checked = ""; $obj_tag = "textarea"; $obj_closing_tag = true; break; case "textarea-rich": if (empty($tiny_mce_objects)) { $tiny_mce_objects = $fields_name_prefix . $field_id; } else { $tiny_mce_objects .= "," . $fields_name_prefix . $field_id; } $obj_label = '<label for="' . $unique_id . '">' . cimy_uef_sanitize_content($label) . '</label>'; $obj_class = ' class="' . $input_class . '"'; $obj_name = ' name="' . $input_name . '"'; $obj_type = ""; $obj_value = ""; $obj_value2 = esc_html($value); $obj_checked = ""; $obj_tag = "textarea"; $obj_closing_tag = true; break; case "checkbox": $obj_label = '<label class="cimy_uef_label_checkbox" for="' . $unique_id . '"> ' . cimy_uef_sanitize_content($label) . '</label><br />'; $obj_class = ' class="cimy_uef_checkbox"'; $obj_name = ' name="' . $input_name . '"'; $obj_type = ' type="' . $type . '"'; $obj_value = ' value="1"'; $obj_value2 = ""; $value == "1" ? $obj_checked = ' checked="checked"' : ($obj_checked = ''); $obj_tag = "input"; $obj_closing_tag = false; break; case "radio": $obj_label = '<label class="cimy_uef_label_radio" for="' . $unique_id . '"> ' . cimy_uef_sanitize_content($label) . '</label>'; $obj_class = ' class="cimy_uef_radio"'; $obj_name = ' name="' . $input_name . '"'; $obj_type = ' type="' . $type . '"'; $obj_value = ' value="' . $field_id . '"'; $obj_value2 = ""; $obj_tag = "input"; $obj_closing_tag = false; // do not check if another check was done if (intval($value) == intval($field_id) && !in_array($name, $radio_checked)) { $obj_checked = ' checked="checked"'; $radio_checked += array($name => true); } else { $obj_checked = ''; } break; case "avatar": case "picture": case "file": $allowed_exts = ''; if (isset($rules['equal_to'])) { if ($rules['equal_to'] != "") { $allowed_exts = "'" . implode("', '", explode(",", $rules['equal_to'])) . "'"; } } if ($type == "file") { // if we do not escape then some translations can break $warning_msg = esc_js(__("Please upload a file with one of the following extensions", $cimy_uef_domain)); $obj_checked = ' onchange="uploadFile(\'registerform\', \'' . $unique_id . '\', \'' . $warning_msg . '\', Array(' . $allowed_exts . '));"'; } else { // if we do not escape then some translations can break $warning_msg = esc_js(__("Please upload an image with one of the following extensions", $cimy_uef_domain)); $allowed_exts = "'" . implode("','", cimy_uef_get_allowed_image_extensions()) . "'"; $obj_checked = ' onchange="uploadFile(\'registerform\', \'' . $unique_id . '\', \'' . $warning_msg . '\', Array(' . $allowed_exts . '));"'; } $obj_label = '<label for="' . $unique_id . '">' . cimy_uef_sanitize_content($label) . ' </label>'; $obj_class = ' class="cimy_uef_picture"'; $obj_name = ' name="' . $input_name . '"'; $obj_type = ' type="file"'; $obj_value = ' value="' . esc_attr($value) . '"'; $obj_value2 = ""; $obj_tag = "input"; $obj_closing_tag = false; break; case "hidden": $obj_label = ""; $obj_value2 = ""; switch ($old_type) { case 'checkbox': $value == 1 ? $obj_value2 = __("YES", $cimy_uef_domain) : ($obj_value2 = __("NO", $cimy_uef_domain)); break; case 'radio': intval($value) == intval($field_id) ? $obj_value2 = __("YES", $cimy_uef_domain) : ($obj_value2 = __("NO", $cimy_uef_domain)); break; case 'dropdown': case 'dropdown-multi': $ret = cimy_dropDownOptions($label, $value); $label = $ret['label']; break; case 'picture': case 'avatar': case 'file': if ($old_type == "avatar") { // since avatars are drawn max to 512px then we can save bandwith resizing, do it! $rules['equal_to'] = 512; } $value = cimy_manage_upload($input_name, $temp_user_login, $rules, false, false, $old_type, !empty($advanced_options["filename"]) ? $advanced_options["filename"] : ""); $file_on_server = cimy_uef_get_dir_or_filename($temp_user_login, $value, false); $file_thumb = cimy_uef_get_dir_or_filename($temp_user_login, $value, true); if (!empty($advanced_options["no-thumb"]) && is_file($file_thumb)) { rename($file_thumb, $file_on_server); } // yea little trick empty($value) ? $obj_value2 = " " : ($obj_value2 = esc_html(basename($value))); break; } if ($old_type != "password") { $obj_label = '<label for="' . $unique_id . '">' . cimy_uef_sanitize_content($label) . ' </label>'; if (empty($obj_value2)) { $obj_value2 = cimy_uef_sanitize_content($value); } } $obj_class = ''; $obj_name = ' name="' . $input_name . '"'; $obj_type = ' type="hidden"'; $obj_value = ' value="' . esc_attr($value) . '"'; $obj_checked = ""; $obj_tag = "input"; $obj_closing_tag = false; break; case "registration-date": $obj_label = ''; $obj_class = ''; $obj_name = ' name="' . $input_name . '"'; $obj_type = ' type="hidden"'; $obj_value = ' value="' . esc_attr($value) . '"'; $obj_value2 = ""; $obj_checked = ""; $obj_tag = "input"; $obj_closing_tag = false; break; } $obj_id = ' id="' . $unique_id . '"'; // tabindex not used in MU, WordPress 3.5+ and Theme My Login dropping... if (is_multisite() || cimy_is_at_least_wordpress35() || cimy_uef_is_theme_my_login_register_page()) { $obj_tabindex = ""; } else { $obj_tabindex = ' tabindex="' . strval($tabindex) . '"'; $tabindex++; } $obj_maxlen = ""; if (in_array($type, $rule_maxlen_needed) && !in_array($type, $cimy_uef_file_types)) { if (isset($rules['max_length'])) { $obj_maxlen = ' maxlength="' . $rules['max_length'] . '"'; } else { if (isset($rules['exact_length'])) { $obj_maxlen = ' maxlength="' . $rules['exact_length'] . '"'; } } } if (in_array($type, $cimy_uef_textarea_types)) { $obj_rowscols = ' rows="3" cols="25"'; } else { $obj_rowscols = ''; } echo "\t"; $form_object = '<' . $obj_tag . $obj_type . $obj_name . $obj_id . $obj_class . $obj_value . $obj_checked . $obj_maxlen . $obj_rowscols . $obj_tabindex; if ($obj_closing_tag) { $form_object .= ">" . $obj_value2 . "</" . $obj_tag . ">"; } else { if ($type == "hidden") { $form_object .= " />" . $obj_value2; if (in_array($old_type, $cimy_uef_file_types)) { $f_size = empty($_FILES[$input_name]['size']) ? 0 : $_FILES[$input_name]['size']; $f_type = empty($_FILES[$input_name]['type']) ? "" : $_FILES[$input_name]['type']; echo "<input type=\"hidden\" name=\"" . esc_attr($field_id_data) . "_size\" id=\"" . esc_attr($field_id_data) . "_size\" value=\"" . esc_attr(strval($f_size / 1024)) . "\" />"; echo "<input type=\"hidden\" name=\"" . esc_attr($field_id_data) . "_type\" id=\"" . esc_attr($field_id_data) . "_type\" value=\"" . esc_attr(strval($f_type)) . "\" />"; } if (in_array($old_type, $cimy_uef_file_images_types) && is_file($file_on_server)) { echo '<img id="' . esc_attr($field_id_data) . '" src="' . esc_attr($value) . '" alt="picture" /><br />'; echo "<input type=\"hidden\" name=\"" . esc_attr($field_id_data) . "_button\" id=\"" . esc_attr($field_id_data) . "_button\" value=\"1\" />"; echo "<input type=\"hidden\" name=\"" . esc_attr($field_id_data) . "_x1\" id=\"" . esc_attr($field_id_data) . "_x1\" value=\"\" />"; echo "<input type=\"hidden\" name=\"" . esc_attr($field_id_data) . "_y1\" id=\"" . esc_attr($field_id_data) . "_y1\" value=\"\" />"; echo "<input type=\"hidden\" name=\"" . esc_attr($field_id_data) . "_x2\" id=\"" . esc_attr($field_id_data) . "_x2\" value=\"\" />"; echo "<input type=\"hidden\" name=\"" . esc_attr($field_id_data) . "_y2\" id=\"" . esc_attr($field_id_data) . "_y2\" value=\"\" />"; echo "<input type=\"hidden\" name=\"" . esc_attr($field_id_data) . "_w\" id=\"" . esc_attr($field_id_data) . "_w\" value=\"\" />"; echo "<input type=\"hidden\" name=\"" . esc_attr($field_id_data) . "_h\" id=\"" . esc_attr($field_id_data) . "_h\" value=\"\" />"; $imgarea_options = "handles: true, fadeSpeed: 200, onSelectChange: preview"; if (isset($advanced_options["crop_x1"]) && isset($advanced_options["crop_y1"]) && isset($advanced_options["crop_x2"]) && isset($advanced_options["crop_y2"])) { $imgarea_options .= ", x1: " . intval($advanced_options["crop_x1"]); $imgarea_options .= ", y1: " . intval($advanced_options["crop_y1"]); $imgarea_options .= ", x2: " . intval($advanced_options["crop_x2"]); $imgarea_options .= ", y2: " . intval($advanced_options["crop_y2"]); } if (!empty($advanced_options["crop_ratio"])) { $imgarea_options .= ", aspectRatio: '" . esc_js($advanced_options["crop_ratio"]) . "'"; } else { if ($type == "avatar") { $imgarea_options .= ", aspectRatio: '1:1'"; } } echo "<script type='text/javascript'>jQuery(document).ready(function () { jQuery('#" . esc_js($field_id_data) . "').imgAreaSelect({ " . $imgarea_options . " }); });</script>"; } } else { $form_object .= " />"; } } if ($type != "radio" && $type != "checkbox") { echo $obj_label; } if (is_multisite() && is_wp_error($errors)) { if ($errmsg = $errors->get_error_message($unique_id)) { echo '<p class="error">' . $errmsg . '</p>'; } } // TinceMCE needed and we have WordPress >= 3.3 yummy! if ($type == "textarea-rich" && function_exists("wp_editor")) { ?> <script type='text/javascript'> var login_div = document.getElementById("login"); login_div.style.width = "535px"; </script> <?php $quicktags_settings = array('buttons' => 'strong,em,link,block,del,ins,img,ul,ol,li,code,spell,close'); $editor_settings = array('textarea_name' => $input_name, 'teeny' => false, 'textarea_rows' => '10', 'dfw' => false, 'media_buttons' => true, 'tinymce' => true, 'quicktags' => $quicktags_settings); if (!empty($obj_tabindex)) { $editor_settings['tabindex'] = $tabindex; } wp_editor($value, $unique_id, $editor_settings); } else { echo $form_object; } if ($type == "date") { echo cimy_uef_date_picker_options($unique_id, $rules); } if ($show_type == 0 && $i == 1 && $options['password_meter']) { if ($input_name == $prefix . "PASSWORD") { $pass1_id = $unique_id; } if ($input_name == $prefix . "PASSWORD2") { echo "\n\t\t<div id=\"pass-strength-result\" class=\"hide-if-no-js\" aria-live=\"polite\">" . __('Strength indicator') . "</div>"; echo "\n\t\t<p class=\"description indicator-hint\">" . __('Hint: The password should be at least seven characters long. To make it stronger, use upper and lower case letters, numbers and symbols like ! " ? $ % ^ & ).') . "</p><br />"; $pass2_id = $unique_id; } } if (!($type != "radio" && $type != "checkbox")) { echo $obj_label; } echo "\n\t</p>\n"; if ($type == "textarea-rich" || in_array($type, $cimy_uef_file_types)) { echo "\t<br />\n"; } } $i++; } echo "\t<br />"; if ($show_type != 2 && $options['captcha'] == "securimage") { global $cuef_securimage_webpath; if (is_multisite()) { if (is_wp_error($errors) && ($errmsg = $errors->get_error_message("securimage_code"))) { echo '<p class="error">' . $errmsg . '</p>'; } } require_once $cuef_plugin_dir . '/securimage/securimage.php'; $captcha_options = array(); $captcha_options['image_id'] = 'captcha'; $captcha_options['input_name'] = 'securimage_response_field'; $captcha_options['input_text'] = __("Insert the code:", $cimy_uef_domain); $captcha_options['refresh_alt_text'] = __("Change image", $cimy_uef_domain); $captcha_options['refresh_title_text'] = __("Change image", $cimy_uef_domain); $captcha_options['show_audio_button'] = true; $captcha_options['show_refresh_button'] = true; echo Securimage::getCaptchaHtml($captcha_options); } if ($show_type != 2) { if (is_multisite() && is_wp_error($errors) && ($errmsg = $errors->get_error_message("recaptcha_code"))) { echo '<p class="error">' . $errmsg . '</p>'; } if ($options['captcha'] == "recaptcha2" && !empty($options['recaptcha2_site_key']) && !empty($options['recaptcha2_secret_key'])) { ?> <div class="g-recaptcha" data-sitekey="<?php echo esc_attr($options['recaptcha2_site_key']); ?> " <?php if (!empty($obj_tabindex)) { echo "data-tabindex=" . $tabindex; } $tabindex++; ?> data-size="compact" > </div> <?php } if ($options['captcha'] == "recaptcha" && !empty($options['recaptcha_public_key']) && !empty($options['recaptcha_private_key'])) { require_once $cuef_plugin_dir . '/recaptcha/recaptchalib.php'; ?> <script type='text/javascript'> var RecaptchaOptions = { lang: '<?php echo substr(get_locale(), 0, 2); ?> ' <?php if (!empty($obj_tabindex)) { echo ", tabindex: " . $tabindex; } $tabindex++; ?> }; </script> <?php // no need if Tiny MCE is present already if (empty($tiny_mce_objects)) { ?> <script type='text/javascript'> var login_div = document.getElementById("login"); login_div.style.width = "375px"; </script> <?php } echo recaptcha_get_html($options['recaptcha_public_key'], null, is_ssl()); } } cimy_switch_current_blog(true); echo $end_cimy_uef_comment; }
function cimy_manage_upload($input_name, $user_login, $rules, $old_file = false, $delete_file = false, $type = "", $new_filename = "") { global $cuef_upload_path, $cuef_upload_webpath, $cuef_plugin_dir, $cimy_uef_plugins_dir; $type_path = ""; if ($type == "file" || $type == "avatar") { $type_path .= $type . "/"; } $blog_path = $cuef_upload_path; if ($cimy_uef_plugins_dir == "plugins" && is_multisite()) { global $blog_id; $blog_path .= $blog_id . "/"; // create blog subdir if (!is_dir($blog_path)) { if (defined("FS_CHMOD_DIR")) { mkdir($blog_path, FS_CHMOD_DIR); chmod($blog_path, FS_CHMOD_DIR); } else { wp_mkdir_p($blog_path); } } } if (!empty($user_login)) { $user_path = $blog_path . $user_login . "/"; $file_path = $blog_path . $user_login . "/" . $type_path; } else { $user_path = $blog_path; $file_path = $blog_path . $type_path; } // delete old file if requested if ($delete_file) { if (is_file($file_path . $old_file)) { unlink($file_path . $old_file); } $old_thumb_file = cimy_get_thumb_path($old_file); if (is_file($file_path . $old_thumb_file)) { unlink($file_path . $old_thumb_file); } } // if $user_login is not present // or there is no file to upload // or dest dir is not writable // then everything else is useless if ($user_login == "" && $type != "registration-logo" || empty($_FILES[$input_name]['name']) || !is_writable($cuef_upload_path)) { return ""; } // create user subdir if (!is_dir($user_path)) { if (defined("FS_CHMOD_DIR")) { mkdir($user_path, FS_CHMOD_DIR); chmod($user_path, FS_CHMOD_DIR); } else { wp_mkdir_p($user_path); } } // create avatar subdir if needed if ($type != "registration-logo" && $type != "picture" && !is_dir($file_path)) { if (defined("FS_CHMOD_DIR")) { mkdir($file_path, FS_CHMOD_DIR); chmod($file_path, FS_CHMOD_DIR); } else { wp_mkdir_p($file_path); } } if (!empty($new_filename)) { $file_name = $new_filename; } else { $file_name = $_FILES[$input_name]['name']; } // filesize in Byte transformed in KiloByte $file_size = $_FILES[$input_name]['size'] / 1024; $file_type = $_FILES[$input_name]['type']; $file_tmp_name = $_FILES[$input_name]['tmp_name']; $file_error = $_FILES[$input_name]['error']; $allowed_mime_types = get_allowed_mime_types(); // let's see if the image extension is correct, bad boy $validate = wp_check_filetype_and_ext($file_tmp_name, $file_name, $allowed_mime_types); if ($validate['proper_filename'] !== false) { $file_name = $validate['proper_filename']; } // sanitize the file name $file_name = wp_unique_filename($file_path, $file_name); // file path $file_full_path = $file_path . $file_name; // picture url to write in the DB $data = $cuef_upload_webpath; if ($cimy_uef_plugins_dir == "plugins" && is_multisite()) { $data .= $blog_id . "/"; } if (empty($user_login)) { $data .= $type_path . $file_name; } else { $data .= $user_login . "/" . $type_path . $file_name; } // CHECK IF IT IS A REAL PICTURE if ($type != "file" && stristr($file_type, "image/") === false) { $file_error = 1; } // MIN LENGTH if (isset($rules['min_length'])) { if ($file_size < intval($rules['min_length'])) { $file_error = 1; } } // EXACT LENGTH if (isset($rules['exact_length'])) { if ($file_size != intval($rules['exact_length'])) { $file_error = 1; } } // MAX LENGTH if (isset($rules['max_length'])) { if ($file_size > intval($rules['max_length'])) { $file_error = 1; } } // if there are no errors and filename is NOT empty if ($file_error == 0 && !empty($file_name)) { if (move_uploaded_file($file_tmp_name, $file_full_path)) { // change file permissions for broken servers if (defined("FS_CHMOD_FILE")) { @chmod($file_full_path, FS_CHMOD_FILE); } else { @chmod($file_full_path, 0644); } // if there is an old file to delete if ($old_file) { // delete old file if the name is different, if equal NOPE because new file is already uploaded if ($file_name != $old_file) { if (is_file($file_path . $old_file)) { unlink($file_path . $old_file); } } $old_thumb_file = cimy_get_thumb_path($old_file); if (is_file($file_path . $old_thumb_file)) { unlink($file_path . $old_thumb_file); } } // should be stay AFTER DELETIONS if (isset($rules['equal_to']) && $type != "file") { if ($maxside = intval($rules['equal_to'])) { if (cimy_is_at_least_wordpress35()) { if (!defined("WPINC")) { define('WPINC', 'wp-includes'); } if (!function_exists("image_make_intermediate_size")) { require_once ABSPATH . WPINC . '/media.php'; require_once ABSPATH . WPINC . '/functions.php'; } $resized_file = image_make_intermediate_size($file_full_path, $maxside, $maxside, false); if (isset($resized_file["file"])) { @rename($file_path . $resized_file["file"], $file_path . str_replace(sprintf("%sx%s", $resized_file["width"], $resized_file["height"]), "thumbnail", $resized_file["file"])); } } else { if (!function_exists("image_resize")) { require_once ABSPATH . 'wp-includes/media.php'; } if (!function_exists("wp_load_image")) { require_once $cuef_plugin_dir . '/cimy_uef_missing_functions.php'; } image_resize($file_full_path, $maxside, $maxside, false, "thumbnail"); } } } } else { $data = ""; } } else { $data = ""; } return $data; }