getUploadDir PHP Exemples de code

Exemple #1

0

Afficher le fichier

Fichier : categories_dml.php Projet : bigprof/appgini-mssql

function categories_update($selected_id)
{
    global $Translation;
    if ($_GET['update_x'] != '') {
        $_POST = $_GET;
    }
    // mm: can member edit record?
    $arrPerm = getTablePermissions('categories');
    $ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='categories' and pkValue='" . makeSafe($selected_id) . "'");
    $ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='categories' and pkValue='" . makeSafe($selected_id) . "'");
    if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) {
        // allow update?
        // update allowed, so continue ...
    } else {
        return false;
    }
    $data['CategoryName'] = makeSafe($_POST['CategoryName']);
    if ($data['CategoryName'] == empty_lookup_value) {
        $data['CategoryName'] = '';
    }
    $data['Description'] = makeSafe($_POST['Description']);
    if ($data['Description'] == empty_lookup_value) {
        $data['Description'] = '';
    }
    $data['selectedID'] = makeSafe($selected_id);
    if ($_POST['Picture_remove'] == 1) {
        $data['Picture'] = '';
        // delete file from server
        $res = sql("select `Picture` from `categories` where `CategoryID`='" . makeSafe($selected_id) . "'", $eo);
        if ($row = @db_fetch_row($res)) {
            if ($row[0] != '') {
                @unlink(getUploadDir('') . $row[0]);
                preg_match('/^[a-z0-9_]+\\.(gif|png|jpg|jpeg|jpe)$/i', $row[0], $m);
                $thumbDV = str_replace(".{$m['1']}ffffgggg", "_dv.{$m['1']}", $row[0] . 'ffffgggg');
                $thumbTV = str_replace(".{$m['1']}ffffgggg", "_tv.{$m['1']}", $row[0] . 'ffffgggg');
                @unlink(getUploadDir('') . $thumbTV);
                @unlink(getUploadDir('') . $thumbDV);
            }
        }
    } else {
        $data['Picture'] = PrepareUploadedFile('Picture', 204800, 'jpg|jpeg|gif|png', false, "");
        if ($data['Picture']) {
            createThumbnail($data['Picture'], getThumbnailSpecs('categories', 'Picture', 'tv'));
        }
        if ($data['Picture']) {
            createThumbnail($data['Picture'], getThumbnailSpecs('categories', 'Picture', 'dv'));
        }
        // delete file from server
        if ($data['Picture'] != '') {
            $res = sql("select `Picture` from `categories` where `CategoryID`='" . makeSafe($selected_id) . "'", $eo);
            if ($row = @db_fetch_row($res)) {
                if ($row[0] != '') {
                    @unlink(getUploadDir('') . $row[0]);
                    preg_match('/^[a-z0-9_]+\\.(gif|png|jpg|jpeg|jpe)$/i', $row[0], $m);
                    $thumbDV = str_replace(".{$m['1']}ffffgggg", "_dv.{$m['1']}", $row[0] . 'ffffgggg');
                    $thumbTV = str_replace(".{$m['1']}ffffgggg", "_tv.{$m['1']}", $row[0] . 'ffffgggg');
                    @unlink(getUploadDir('') . $thumbTV);
                    @unlink(getUploadDir('') . $thumbDV);
                }
            }
        }
    }
    // hook: categories_before_update
    if (function_exists('categories_before_update')) {
        $args = array();
        if (!categories_before_update($data, getMemberInfo(), $args)) {
            return false;
        }
    }
    $o = array('silentErrors' => true);
    sql('update `categories` set       ' . ($data['Picture'] != '' ? "`Picture`='{$data['Picture']}'" : ($_POST['Picture_remove'] != 1 ? '`Picture`=`Picture`' : '`Picture`=NULL')) . ', `CategoryName`=' . ($data['CategoryName'] !== '' && $data['CategoryName'] !== NULL ? "'{$data['CategoryName']}'" : 'NULL') . ', `Description`=' . ($data['Description'] !== '' && $data['Description'] !== NULL ? "'{$data['Description']}'" : 'NULL') . " where `CategoryID`='" . makeSafe($selected_id) . "'", $o);
    if ($o['error'] != '') {
        echo $o['error'];
        echo '<a href="categories_view.php?SelectedID=' . urlencode($selected_id) . "\">{$Translation['< back']}</a>";
        exit;
    }
    // hook: categories_after_update
    if (function_exists('categories_after_update')) {
        $res = sql("SELECT * FROM `categories` WHERE `CategoryID`='{$data['selectedID']}' LIMIT 1", $eo);
        if ($row = db_fetch_assoc($res)) {
            $data = array_map('makeSafe', $row);
        }
        $data['selectedID'] = $data['CategoryID'];
        $args = array();
        if (!categories_after_update($data, getMemberInfo(), $args)) {
            return;
        }
    }
    // mm: update ownership data
    sql("update membership_userrecords set dateUpdated='" . time() . "' where tableName='categories' and pkValue='" . makeSafe($selected_id) . "'", $eo);
}

Exemple #2

0

Afficher le fichier

Fichier : employees_dml.php Projet : ahmedandroid1980/appgini

function employees_update($selected_id)
{
    global $Translation;
    if ($_GET['update_x'] != '') {
        $_POST = $_GET;
    }
    // mm: can member edit record?
    $arrPerm = getTablePermissions('employees');
    $ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='employees' and pkValue='" . makeSafe($selected_id) . "'");
    $ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='employees' and pkValue='" . makeSafe($selected_id) . "'");
    if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) {
        // allow update?
        // update allowed, so continue ...
    } else {
        return false;
    }
    $data['TitleOfCourtesy'] = makeSafe($_POST['TitleOfCourtesy']);
    if ($data['TitleOfCourtesy'] == empty_lookup_value) {
        $data['TitleOfCourtesy'] = '';
    }
    $data['LastName'] = makeSafe($_POST['LastName']);
    if ($data['LastName'] == empty_lookup_value) {
        $data['LastName'] = '';
    }
    $data['FirstName'] = makeSafe($_POST['FirstName']);
    if ($data['FirstName'] == empty_lookup_value) {
        $data['FirstName'] = '';
    }
    $data['Title'] = makeSafe($_POST['Title']);
    if ($data['Title'] == empty_lookup_value) {
        $data['Title'] = '';
    }
    $data['BirthDate'] = intval($_POST['BirthDateYear']) . '-' . intval($_POST['BirthDateMonth']) . '-' . intval($_POST['BirthDateDay']);
    $data['BirthDate'] = parseMySQLDate($data['BirthDate'], '');
    $data['HireDate'] = intval($_POST['HireDateYear']) . '-' . intval($_POST['HireDateMonth']) . '-' . intval($_POST['HireDateDay']);
    $data['HireDate'] = parseMySQLDate($data['HireDate'], '1');
    $data['Address'] = br2nl(makeSafe($_POST['Address']));
    $data['City'] = makeSafe($_POST['City']);
    if ($data['City'] == empty_lookup_value) {
        $data['City'] = '';
    }
    $data['Region'] = makeSafe($_POST['Region']);
    if ($data['Region'] == empty_lookup_value) {
        $data['Region'] = '';
    }
    $data['PostalCode'] = makeSafe($_POST['PostalCode']);
    if ($data['PostalCode'] == empty_lookup_value) {
        $data['PostalCode'] = '';
    }
    $data['Country'] = makeSafe($_POST['Country']);
    if ($data['Country'] == empty_lookup_value) {
        $data['Country'] = '';
    }
    $data['HomePhone'] = makeSafe($_POST['HomePhone']);
    if ($data['HomePhone'] == empty_lookup_value) {
        $data['HomePhone'] = '';
    }
    $data['Extension'] = makeSafe($_POST['Extension']);
    if ($data['Extension'] == empty_lookup_value) {
        $data['Extension'] = '';
    }
    $data['Notes'] = makeSafe($_POST['Notes']);
    if ($data['Notes'] == empty_lookup_value) {
        $data['Notes'] = '';
    }
    $data['ReportsTo'] = makeSafe($_POST['ReportsTo']);
    if ($data['ReportsTo'] == empty_lookup_value) {
        $data['ReportsTo'] = '';
    }
    $data['selectedID'] = makeSafe($selected_id);
    if ($_POST['Photo_remove'] == 1) {
        $data['Photo'] = '';
        // delete file from server
        $res = sql("select `Photo` from `employees` where `EmployeeID`='" . makeSafe($selected_id) . "'", $eo);
        if ($row = @db_fetch_row($res)) {
            if ($row[0] != '') {
                @unlink(getUploadDir('') . $row[0]);
                preg_match('/^[a-z0-9_]+\\.(gif|png|jpg|jpeg|jpe)$/i', $row[0], $m);
                $thumbDV = str_replace(".{$m['1']}ffffgggg", "_dv.{$m['1']}", $row[0] . 'ffffgggg');
                $thumbTV = str_replace(".{$m['1']}ffffgggg", "_tv.{$m['1']}", $row[0] . 'ffffgggg');
                @unlink(getUploadDir('') . $thumbTV);
                @unlink(getUploadDir('') . $thumbDV);
            }
        }
    } else {
        $data['Photo'] = PrepareUploadedFile('Photo', 153600, 'jpg|jpeg|gif|png', false, "");
        if ($data['Photo']) {
            createThumbnail($data['Photo'], getThumbnailSpecs('employees', 'Photo', 'tv'));
        }
        // delete file from server
        if ($data['Photo'] != '') {
            $res = sql("select `Photo` from `employees` where `EmployeeID`='" . makeSafe($selected_id) . "'", $eo);
            if ($row = @db_fetch_row($res)) {
                if ($row[0] != '') {
                    @unlink(getUploadDir('') . $row[0]);
                    preg_match('/^[a-z0-9_]+\\.(gif|png|jpg|jpeg|jpe)$/i', $row[0], $m);
                    $thumbDV = str_replace(".{$m['1']}ffffgggg", "_dv.{$m['1']}", $row[0] . 'ffffgggg');
                    $thumbTV = str_replace(".{$m['1']}ffffgggg", "_tv.{$m['1']}", $row[0] . 'ffffgggg');
                    @unlink(getUploadDir('') . $thumbTV);
                    @unlink(getUploadDir('') . $thumbDV);
                }
            }
        }
    }
    // hook: employees_before_update
    if (function_exists('employees_before_update')) {
        $args = array();
        if (!employees_before_update($data, getMemberInfo(), $args)) {
            return false;
        }
    }
    $o = array('silentErrors' => true);
    sql('update `employees` set       `TitleOfCourtesy`=' . ($data['TitleOfCourtesy'] !== '' && $data['TitleOfCourtesy'] !== NULL ? "'{$data['TitleOfCourtesy']}'" : 'NULL') . ', ' . ($data['Photo'] != '' ? "`Photo`='{$data['Photo']}'" : ($_POST['Photo_remove'] != 1 ? '`Photo`=`Photo`' : '`Photo`=NULL')) . ', `LastName`=' . ($data['LastName'] !== '' && $data['LastName'] !== NULL ? "'{$data['LastName']}'" : 'NULL') . ', `FirstName`=' . ($data['FirstName'] !== '' && $data['FirstName'] !== NULL ? "'{$data['FirstName']}'" : 'NULL') . ', `Title`=' . ($data['Title'] !== '' && $data['Title'] !== NULL ? "'{$data['Title']}'" : 'NULL') . ', `BirthDate`=' . ($data['BirthDate'] !== '' && $data['BirthDate'] !== NULL ? "'{$data['BirthDate']}'" : 'NULL') . ', `HireDate`=' . ($data['HireDate'] !== '' && $data['HireDate'] !== NULL ? "'{$data['HireDate']}'" : 'NULL') . ', `Address`=' . ($data['Address'] !== '' && $data['Address'] !== NULL ? "'{$data['Address']}'" : 'NULL') . ', `City`=' . ($data['City'] !== '' && $data['City'] !== NULL ? "'{$data['City']}'" : 'NULL') . ', `Region`=' . ($data['Region'] !== '' && $data['Region'] !== NULL ? "'{$data['Region']}'" : 'NULL') . ', `PostalCode`=' . ($data['PostalCode'] !== '' && $data['PostalCode'] !== NULL ? "'{$data['PostalCode']}'" : 'NULL') . ', `Country`=' . ($data['Country'] !== '' && $data['Country'] !== NULL ? "'{$data['Country']}'" : 'NULL') . ', `HomePhone`=' . ($data['HomePhone'] !== '' && $data['HomePhone'] !== NULL ? "'{$data['HomePhone']}'" : 'NULL') . ', `Extension`=' . ($data['Extension'] !== '' && $data['Extension'] !== NULL ? "'{$data['Extension']}'" : 'NULL') . ', `Notes`=' . ($data['Notes'] !== '' && $data['Notes'] !== NULL ? "'{$data['Notes']}'" : 'NULL') . ', `ReportsTo`=' . ($data['ReportsTo'] !== '' && $data['ReportsTo'] !== NULL ? "'{$data['ReportsTo']}'" : 'NULL') . " where `EmployeeID`='" . makeSafe($selected_id) . "'", $o);
    if ($o['error'] != '') {
        echo $o['error'];
        echo '<a href="employees_view.php?SelectedID=' . urlencode($selected_id) . "\">{$Translation['< back']}</a>";
        exit;
    }
    // hook: employees_after_update
    if (function_exists('employees_after_update')) {
        $res = sql("SELECT * FROM `employees` WHERE `EmployeeID`='{$data['selectedID']}' LIMIT 1", $eo);
        if ($row = db_fetch_assoc($res)) {
            $data = array_map('makeSafe', $row);
        }
        $data['selectedID'] = $data['EmployeeID'];
        $args = array();
        if (!employees_after_update($data, getMemberInfo(), $args)) {
            return;
        }
    }
    // mm: update ownership data
    sql("update membership_userrecords set dateUpdated='" . time() . "' where tableName='employees' and pkValue='" . makeSafe($selected_id) . "'", $eo);
}

Exemple #3

0

Afficher le fichier

Fichier : lib.php Projet : centaurustech/git-SID

function PrepareUploadedFile($FieldName, $MaxSize, $FileTypes = 'jpg|jpeg|gif|png', $NoRename = false, $dir = "")
{
    global $Translation;
    $f = $_FILES[$FieldName];
    $dir = getUploadDir($dir);
    if ($f['error'] != 4 && $f['name'] != '') {
        if ($f['size'] > $MaxSize || $f['error']) {
            echo error_message(str_replace('<MaxSize>', intval($MaxSize / 1024), $Translation['file too large']));
            exit;
        }
        if (!preg_match('/\\.(' . $FileTypes . ')$/i', $f['name'], $ft)) {
            echo error_message(str_replace('<FileTypes>', str_replace('|', ', ', $FileTypes), $Translation['invalid file type']));
            exit;
        }
        if ($NoRename) {
            $n = str_replace(' ', '_', $f['name']);
        } else {
            $n = microtime();
            $n = str_replace(' ', '_', $n);
            $n = str_replace('0.', '', $n);
            $n .= $ft[0];
        }
        if (!file_exists($dir)) {
            @mkdir($dir, 0777);
        }
        if (!@move_uploaded_file($f['tmp_name'], $dir . $n)) {
            echo error_message("Couldn't save the uploaded file. Try chmoding the upload folder '{$dir}' to 777.");
            exit;
        } else {
            @chmod($dir . $n, 0666);
            return $n;
        }
    }
    return "";
}

Exemple #4

0

Afficher le fichier

Fichier : incCommon.php Projet : WebxOne/fwldba

function PrepareUploadedFile($FieldName, $MaxSize, $FileTypes = 'jpg|jpeg|gif|png', $NoRename = false, $dir = "")
{
    global $Translation;
    $f = $_FILES[$FieldName];
    $dir = getUploadDir($dir);
    /* get php.ini upload_max_filesize in bytes */
    $php_upload_size_limit = trim(ini_get('upload_max_filesize'));
    $last = strtolower($php_upload_size_limit[strlen($php_upload_size_limit) - 1]);
    switch ($last) {
        case 'g':
            $php_upload_size_limit *= 1024;
        case 'm':
            $php_upload_size_limit *= 1024;
        case 'k':
            $php_upload_size_limit *= 1024;
    }
    $MaxSize = min($MaxSize, $php_upload_size_limit);
    if ($f['error'] != 4 && $f['name'] != '') {
        if ($f['size'] > $MaxSize || $f['error']) {
            echo error_message(str_replace('<MaxSize>', intval($MaxSize / 1024), $Translation['file too large']));
            exit;
        }
        if (!preg_match('/\\.(' . $FileTypes . ')$/i', $f['name'], $ft)) {
            echo error_message(str_replace('<FileTypes>', str_replace('|', ', ', $FileTypes), $Translation['invalid file type']));
            exit;
        }
        if ($NoRename) {
            $n = str_replace(' ', '_', $f['name']);
        } else {
            $n = microtime();
            $n = str_replace(' ', '_', $n);
            $n = str_replace('0.', '', $n);
            $n .= $ft[0];
        }
        if (!file_exists($dir)) {
            @mkdir($dir, 0777);
        }
        if (!@move_uploaded_file($f['tmp_name'], $dir . $n)) {
            echo error_message("Couldn't save the uploaded file. Try chmoding the upload folder '{$dir}' to 777.");
            exit;
        } else {
            @chmod($dir . $n, 0666);
            return $n;
        }
    }
    return "";
}

Exemple #5

0

Afficher le fichier

Fichier : lib.php Projet : bigprof/Symptoms-and-diseases-database

function PrepareUploadedFile($FieldName, $MaxSize, $FileTypes = 'jpg|jpeg|gif|png', $NoRename = false, $dir = "")
{
    global $Translation;
    $f = $_FILES[$FieldName];
    $dir = getUploadDir($dir);
    if ($f['error'] != 4 && $f['name'] != '') {
        if ($f['size'] > $MaxSize || $f['error']) {
            echo StyleSheet() . "<div class=Error>" . str_replace("<MaxSize>", intval($MaxSize / 1024), $Translation['file too large']) . ". <a href=" . $_SERVER['HTTP_REFERER'] . ">" . $Translation["< back"] . "</a>.</div>";
            exit;
        }
        if (!preg_match('/\\.(' . $FileTypes . ')$/i', $f['name'], $ft)) {
            echo StyleSheet() . "<div class=Error>" . str_replace("<FileTypes>", str_replace('|', ', ', $FileTypes), $Translation['invalid file type']) . ". <a href=" . $_SERVER['HTTP_REFERER'] . ">" . $Translation["< back"] . "</a>.</div>";
            exit;
        }
        if ($NoRename) {
            $n = str_replace(' ', '_', $f['name']);
        } else {
            $n = microtime();
            $n = str_replace(' ', '_', $n);
            $n = str_replace('0.', '', $n);
            $n .= $ft[0];
        }
        if (!file_exists($dir)) {
            @mkdir($dir, 0777);
        }
        if (!@move_uploaded_file($f['tmp_name'], $dir . $n)) {
            echo StyleSheet() . "<div class=Error>Error: Couldn't save the uploaded file. Try chmoding the upload folder '" . $dir . "' to 777. <a href=" . $_SERVER['HTTP_REFERER'] . ">" . $Translation["< back"] . "</a>.</div>";
            exit;
        } else {
            @chmod($dir . $n, 0666);
            return $n;
        }
    }
    return "";
}

PHP getUploadDir Exemples