private static function upload_files($form, $files)
{
//Creating temp folder if it does not exist
$target_path = RGFormsModel::get_upload_path($form["id"]) . "/tmp/";
wp_mkdir_p($target_path);
foreach ($form["fields"] as $field) {
$input_name = "input_{$field["id"]}";
//skip fields that are not file upload fields or that don't have a file to be uploaded or that have failed validation
$input_type = RGFormsModel::get_input_type($field);
if (!in_array($input_type, array("fileupload", "post_image")) || $field["failed_validation"] || empty($_FILES[$input_name]["name"])) {
continue;
}
$file_info = RGFormsModel::get_temp_filename($form["id"], $input_name);
if ($file_info && move_uploaded_file($_FILES[$input_name]['tmp_name'], $target_path . $file_info["temp_filename"])) {
$files[$input_name] = $file_info["uploaded_filename"];
}
}
return $files;
}
public function load_save($form, $page, $source)
{
//print_r($form);
$target_path = RGFormsModel::get_upload_path($form["id"]) . "/tmp/";
$str_start = strpos($target_path, '/wp-content/');
$gform = new DevonSample\GFormManager();
$gform->develop();
$path = substr($target_path, $str_start);
if (isset($form['fields'])) {
foreach ($form['fields'] as $field) {
if (isset($field['type']) && $field['type'] == 'fileupload') {
$input_name = 'input_' . $field['id'];
$key = isset($field['adminLabel']) && $field['adminLabel'] != "" ? $field['adminLabel'] : strtolower($field['label']);
$key = $gform->formatAsKey($key);
$file = RGFormsModel::get_temp_filename($form["id"], $input_name);
if ($file["temp_filename"] && file_exists($target_path . $file["temp_filename"])) {
$gform->field($key, $path . $file["temp_filename"]);
}
}
}
$gform->snapshot();
}
}
private static function upload_files($form, $files)
{
//Creating temp folder if it does not exist
$target_path = RGFormsModel::get_upload_path($form["id"]) . "/tmp/";
wp_mkdir_p($target_path);
foreach ($form["fields"] as $field) {
$input_name = "input_{$field["id"]}";
//skip fields that are not file upload fields or that don't have a file to be uploaded or that have failed validation
$input_type = RGFormsModel::get_input_type($field);
if (!in_array($input_type, array("fileupload", "post_image")) || $field["failed_validation"] || empty($_FILES[$input_name]["name"])) {
GFCommon::log_debug("upload_files() - skipping field: {$field["label"]}({$field["id"]} - {$field["type"]})");
continue;
}
$file_info = RGFormsModel::get_temp_filename($form["id"], $input_name);
GFCommon::log_debug("upload_files() - temp file info: " . print_r($file_info, true));
if ($file_info && move_uploaded_file($_FILES[$input_name]['tmp_name'], $target_path . $file_info["temp_filename"])) {
$files[$input_name] = $file_info["uploaded_filename"];
GFCommon::log_debug("upload_files() - file uploaded successfully: {$file_info["uploaded_filename"]}");
} else {
GFCommon::log_error("upload_files() - file could not be uploaded: tmp_name: {$_FILES[$input_name]['tmp_name']} - target location: " . $target_path . $file_info["temp_filename"]);
}
}
return $files;
}
public static function clean_up_files($form)
{
$unique_form_id = rgpost('gform_unique_id');
if (!ctype_alnum($unique_form_id)) {
return false;
}
$target_path = RGFormsModel::get_upload_path($form['id']) . '/tmp/';
$filename = $target_path . $unique_form_id . '_input_*';
$files = glob($filename);
if (is_array($files)) {
array_map('unlink', $files);
}
// clean up files from abandoned submissions older than 48 hours (30 days if Save and Continue is enabled)
$files = glob($target_path . '*');
if (is_array($files)) {
$seconds_in_day = 24 * 60 * 60;
/**
* Filter through the experiation days of a incomplete form submission
*/
$lifespan = rgars($form, 'save/enabled') ? $expiration_days = apply_filters('gform_incomplete_submissions_expiration_days', 30) * $seconds_in_day : 2 * $seconds_in_day;
foreach ($files as $file) {
if (is_file($file) && time() - filemtime($file) >= $lifespan) {
unlink($file);
}
}
}
}
public static function is_new_file_upload($form_id, $input_name)
{
$file_info = RGFormsModel::get_temp_filename($form_id, $input_name);
$temp_filepath = RGFormsModel::get_upload_path($form_id) . "/tmp/" . $file_info["temp_filename"];
// check if file has already been uploaded by previous step
if ($file_info && file_exists($temp_filepath)) {
return true;
} else {
if (!empty($_FILES[$input_name]["name"])) {
return true;
}
}
return false;
}
public function get_simple_captcha()
{
$captcha = new ReallySimpleCaptcha();
$captcha->tmp_dir = RGFormsModel::get_upload_path('captcha') . '/';
return $captcha;
}
public static function get_simple_captcha()
{
$captcha = new ReallySimpleCaptcha();
$captcha->tmp_dir = RGFormsModel::get_upload_path("captcha") . "/";
return $captcha;
}
public static function clean_up_files($form){
$unique_form_id = rgpost("gform_unique_id");
if(!ctype_alnum($unique_form_id))
return false;
$target_path = RGFormsModel::get_upload_path($form["id"]) . "/tmp/";
$filename = $target_path . $unique_form_id . "_input_*";
$files = glob($filename);
if (is_array($files)){
array_map('unlink', $files);
}
// clean up file from abandoned submissions older than 48 hours
$files = glob($target_path."*");
if (is_array($files)){
foreach($files as $file) {
if(is_file($file) && time() - filemtime($file) >= 2*24*60*60) {
unlink($file);
}
}
}
}
public static function get_simple_captcha()
{
_deprecated_function('GFCommon::get_simple_captcha', '1.9', 'GFField_CAPTCHA::get_simple_captcha');
$captcha = new ReallySimpleCaptcha();
$captcha->tmp_dir = RGFormsModel::get_upload_path('captcha') . '/';
return $captcha;
}
<?php
require_once preg_replace("/wp-content.*/", "wp-blog-header.php", __FILE__);
require_once preg_replace("/wp-content.*/", "/wp-admin/includes/admin.php", __FILE__);
//redirect to the login page if user is not authenticated
auth_redirect();
if (!IS_ADMINISTRATOR) {
die(__("You don't have permission to download a file", "gravityforms"));
}
$file_path = RGFormsModel::get_upload_path($_GET["form_id"]) . "/" . $_GET["f"];
$info = pathinfo($file_path);
if (strtolower($info["extension"]) == "csv") {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename=export.csv');
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . filesize($file_path));
ob_clean();
flush();
readfile($file_path);
}
exit;
public function field_validation($valid, $value, $form, $field)
{
if (!empty($_FILES) && $valid['is_valid'] && in_array(RGFormsModel::get_input_type($field), array('fileupload', 'post_image'))) {
$form_id = $form['id'];
$input_name = 'input_' . $field['id'];
$fileinfo = RGFormsModel::get_temp_filename($form_id, $input_name);
$temp_filepath = RGFormsModel::get_upload_path($form_id) . "/tmp/" . $fileinfo["temp_filename"];
if (isset($_FILES[$input_name]) && !empty($_FILES[$input_name])) {
$bytes = $_FILES[$input_name]['size'];
$dims = @getimagesize($_FILES[$input_name]['tmp_name']);
} elseif (file_exists($temp_filepath)) {
$bytes = filesize($temp_filepath);
$dims = @getimagesize($temp_filepath);
} else {
return $valid;
}
//validate filesize
if (isset($field['uprules_filesize_limit'])) {
$multipliers = array('kb' => 1024, 'mb' => 1024 * 1024);
$max_filesize_user = intval($field['uprules_filesize_limit']);
$bytes_multiplier = $multipliers[$field['uprules_filesize_dim']];
$max_filesize_bytes = $max_filesize_user * $bytes_multiplier;
}
if (isset($bytes) && $max_filesize_user > 0 && $max_filesize_bytes < $bytes) {
$valid['is_valid'] = false;
$valid['message'] = sprintf(__('Max file upload size (%s) exceeded.', 'gravityforms'), size_format($max_filesize_bytes, 2));
}
//validate image dimensions
if ($valid['is_valid'] && is_array($dims) && isset($field['uprules_dims_ruletype']) && in_array($field['uprules_dims_ruletype'], array('exact', 'conditional'))) {
list($up_width, $up_height) = $dims;
$valid = self::validate_image_dimensions($field, $up_width, $up_height);
}
if (!$valid['is_valid']) {
unset(RGFormsModel::$uploaded_files[$form_id][$input_name], $_FILES[$input_name]);
}
}
return $valid;
}
/**
* Simulate a form
*/
function simulate_post($lead, $form)
{
$upload_ids = array();
$form_id = $lead['form_id'];
foreach ($form['fields'] as $key => $m) {
if ($m['type'] == 'fileupload') {
$upload_ids[] = $m['id'];
}
}
$upload_arr = array();
$upload_copy = array();
$upload_target = array();
$target_path = RGFormsModel::get_upload_path($form_id) . "/tmp/";
foreach ($lead as $key => $value) {
$input = 'input_' . str_replace('.', '_', strval($key));
if (in_array($key, $upload_ids) && $value != "") {
if (!isset(RGFormsModel::$uploaded_files[$form_id])) {
RGFormsModel::$uploaded_files[$form_id] = array();
}
$upath = $_SERVER['DOCUMENT_ROOT'] . parse_url($value, PHP_URL_PATH);
$path_parts = pathinfo($upath);
$source = str_replace('//', '/', $upath);
$upload_arr[$input] = basename($value);
$upload_copy[$input] = $source;
RGFormsModel::$uploaded_files[$form_id][$input] = $upload_arr[$input];
$_POST[$input] = "";
continue;
}
$field = RGFormsModel::get_field($form, $key);
switch ($field['type']) {
case 'post_image':
/**
* We don't support this field-types
*/
break;
case 'date':
/**
* If we get a blank date-value from MySQL
* we have to make it empty
*/
if ($value == '0000-00-00') {
$value = '';
}
$_POST[$input] = GFCommon::get_lead_field_display($field, $value, $lead["currency"]);
break;
case 'number':
/**
* If we get a zero value from MySQL
* we have to make it empty
*/
if ($value == 0) {
$value = '';
}
$_POST[$input] = GFCommon::get_lead_field_display($field, $value, $lead["currency"]);
break;
case 'list':
/**
* GF stored this as a serialized array
*/
$i = 0;
$values = unserialize($value);
foreach ((array) $values as $rowValue) {
foreach ((array) $rowValue as $colValue) {
$_POST[$input][$i] = $colValue;
$i++;
}
}
break;
case 'post_category':
/**
* GF stored this as {category_name}:{category_id}
*/
$category = explode(':', $value);
$_POST[$input] = $category[1];
break;
case 'post_custom_field':
/**
* GF stored custom-post list fields a little bit different
* from normal list-fields.
*/
if ($field['inputType'] == 'list') {
/**
* GF stored this as a serialized array
*/
$i = 0;
$values = unserialize($value);
foreach ((array) $values as $rowValue) {
foreach ((array) $rowValue as $colValue) {
$_POST[$input][$i] = $colValue;
$i++;
}
}
} else {
$_POST[$input] = $value;
}
break;
default:
$_POST[$input] = $value;
break;
}
}
if (sizeof($upload_arr) > 0) {
$_POST['gform_uploaded_files'] = addslashes(GFCommon::json_encode($upload_arr));
}
$_POST['gform_target_page1_number_' . $form_id] = '0';
$_POST['gform_source_page_number_' . $form_id] = '1';
$_POST['is_submit_' . $form_id] = '1';
$form_unique_id = RGFormsModel::get_form_unique_id($form_id);
$_POST['gform_submit'] = $form_id;
$_POST['gform_unique_id'] = $form_unique_id;
foreach ($upload_copy as $key => $value) {
$path_parts = pathinfo($value);
$dest_dir = str_replace('//', '/', $target_path . '/');
if (!is_dir($dest_dir)) {
mkdir($dest_dir);
}
$dest = $dest_dir . $form_unique_id . '_' . $key . '.' . $path_parts['extension'];
copy($value, $dest);
}
}
public static function simulate_post($lead, $meta)
{
$form_id = $lead['form_id'];
$upload_ids = array();
foreach ($meta["fields"] as $m) {
if ($m['type'] == 'fileupload') {
$upload_ids[] = $m['id'];
}
}
$upload_arr = array();
$upload_copy = array();
$upload_target = array();
$target_path = RGFormsModel::get_upload_path($form_id) . "/tmp/";
foreach ($lead as $key => $value) {
$input = "input_" . str_replace('.', '_', strval($key));
if (in_array($key, $upload_ids) && $value != "") {
if (!isset(RGFormsModel::$uploaded_files[$form_id])) {
RGFormsModel::$uploaded_files[$form_id] = array();
}
$upath = $_SERVER['DOCUMENT_ROOT'] . parse_url($value, PHP_URL_PATH);
$path_parts = pathinfo($upath);
$source = str_replace('//', '/', $upath);
$upload_arr[$input] = basename($value);
$upload_copy[$input] = $source;
RGFormsModel::$uploaded_files[$form_id][$input] = $upload_arr[$input];
$_POST[$input] = "";
continue;
}
$_POST[$input] = $value;
}
if (sizeof($upload_arr) > 0) {
$_POST["gform_uploaded_files"] = addslashes(GFCommon::json_encode($upload_arr));
}
$_POST['gform_target_page1_number_' . $form_id] = '0';
$_POST['gform_source_page_number_' . $form_id] = '1';
$_POST["is_submit_" . $form_id] = '1';
$form_unique_id = RGFormsModel::get_form_unique_id($form_id);
$_POST["gform_submit"] = $form_id;
$_POST["gform_unique_id"] = $form_unique_id;
foreach ($upload_copy as $key => $value) {
$path_parts = pathinfo($value);
$dest_dir = str_replace('//', '/', $target_path . '/');
mkdir($dest_dir);
$dest = $dest_dir . $form_unique_id . '_' . $key . '.' . $path_parts['extension'];
copy($value, $dest);
}
}
