public function saveEdit($file, $name, $options = array(), $quality = 100)
{
// Check for request forgeries
WFToken::checkToken() or die('Access to this resource is restricted');
// check for image editor access
if ($this->checkAccess('image_editor', 1) === false) {
JError::raiseError(403, 'Access to this resource is restricted');
}
$browser = $this->getBrowser();
$filesystem = $browser->getFileSystem();
// check file
self::validateImagePath($file);
// clean temp
$this->cleanEditorTmp($file, false);
// check new name
self::validateImagePath($name);
$upload = JRequest::getVar('file', '', 'files', 'array');
// create a filesystem result object
$result = new WFFileSystemResult();
if (isset($upload) && isset($upload['tmp_name']) && is_uploaded_file($upload['tmp_name'])) {
$tmp = $upload['tmp_name'];
self::validateImageFile($tmp);
$exif = null;
// get exif data from orignal file
if (preg_match('#\\.jp(eg|g)$#i', basename($file)) && basename($file) == basename($name)) {
// load exif classes
require_once dirname(__FILE__) . '/pel/PelJpeg.php';
$src = WFUtility::makePath($filesystem->getBaseDir(), $file);
$jpeg = new PelJpeg($src);
$exif = $jpeg->getExif();
}
$result = $filesystem->upload('multipart', trim($tmp), dirname($file), basename($name));
if ($result->state === true && $exif) {
$pel = new PelDataWindow($result->path);
if (PelJpeg::isValid($pel)) {
$jpeg = new PelJpeg();
$jpeg->load($pel);
$jpeg->setExif($exif);
//$jpeg->saveFile($result->path);
// write to file
JFile::write($result->path, $jpeg->getBytes());
}
}
@unlink($tmp);
} else {
// set upload as false - JSON request
$upload = false;
$file = WFUtility::makePath($filesystem->getBaseDir(), $file);
$dest = dirname($file) . '/' . basename($name);
// get extension
$ext = WFUtility::getExtension($dest);
// load image class
require_once dirname(__FILE__) . '/image/image.php';
// create image
$image = new WFImage($file, $this->getParam('prefer_imagick', true));
foreach ($options as $filter) {
if (isset($filter->task)) {
$args = isset($filter->args) ? (array) $filter->args : array();
switch ($filter->task) {
case 'resize':
$w = $args[0];
$h = $args[1];
$image->resize($w, $h);
break;
case 'crop':
$w = $args[0];
$h = $args[1];
$x = $args[2];
$y = $args[3];
$image->crop($w, $h, $x, $y);
break;
case 'rotate':
$image->rotate(array_shift($args));
break;
case 'flip':
$image->flip(array_shift($args));
break;
default:
$image->filter($filter->task, $args);
break;
}
}
}
// get image data
$data = $image->toString($ext);
// write to file
if ($data) {
$result->state = (bool) @JFile::write($dest, $data);
}
// set path
$result->path = $dest;
}
if ($result->state === true) {
// check if its a valid image
if (@getimagesize($result->path) === false) {
JFile::delete($result->path);
throw new InvalidArgumentException('Invalid image file');
} else {
$result->path = str_replace(WFUtility::cleanPath(JPATH_SITE), '', $result->path);
$browser->setResult(WFUtility::cleanPath($result->path, '/'), 'files');
}
} else {
$browser->setResult($result->message || WFText::_('WF_IMGMANAGER_EXT_EDIT_SAVE_ERROR'), 'error');
}
// set header and exit
if ($upload) {
header("Expires: Wed, 4 Apr 1984 13:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M_Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
die(json_encode($browser->getResult()));
}
// return to WFRequest
return $browser->getResult();
}
/**
* Upload a file.
* @return array $error on failure or uploaded file name on success
*/
public function upload()
{
// Check for request forgeries
WFToken::checkToken() or die;
// check for feature access
if (!$this->checkFeature('upload')) {
JError::raiseError(403, 'Access to this resource is restricted');
}
$filesystem = $this->getFileSystem();
jimport('joomla.filesystem.file');
header('Content-Type: text/json;charset=UTF-8');
header("Expires: Wed, 4 Apr 1984 13:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M_Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
// get uploaded file
$file = JRequest::getVar('file', '', 'files', 'array');
// validate file data
$this->validateUploadedFile($file);
// get file name
$name = JRequest::getVar('name', $file['name']);
// decode name
$name = rawurldecode($name);
// check name
if (WFUtility::validateFileName($name) === false) {
throw new InvalidArgumentException('Upload Failed: The file name contains an invalid extension.');
}
// check file name
WFUtility::checkPath($name);
// get extension from file name
$ext = WFUtility::getExtension($file['name']);
// trim extension
$ext = trim($ext);
// check extension exists
if (empty($ext) || $ext === $file['name']) {
throw new InvalidArgumentException('Upload Failed: The file name does not contain a valid extension.');
}
// strip extension
$name = WFUtility::stripExtension($name);
// make file name 'web safe'
$name = WFUtility::makeSafe($name, $this->get('websafe_mode', 'utf-8'), $this->get('websafe_spaces'), $this->get('websafe_textcase'));
// check name
if (WFUtility::validateFileName($name) === false) {
throw new InvalidArgumentException('Upload Failed: The file name contains an invalid extension.');
}
// target directory
$dir = JRequest::getVar('upload-dir');
// deocode directory
$dir = rawurldecode($dir);
// check destination path
WFUtility::checkPath($dir);
$upload = $this->get('upload');
// Check file number limits
if (!empty($upload['total_files'])) {
if ($filesystem->countFiles($dir, true) > $upload['total_files']) {
throw new InvalidArgumentException(WFText::_('WF_MANAGER_FILE_LIMIT_ERROR'));
}
}
// Check total file size limit
if (!empty($upload['total_size'])) {
$size = $filesystem->getTotalSize($dir);
if ($size / 1024 / 1024 > $upload['total_size']) {
throw new InvalidArgumentException(WFText::_('WF_MANAGER_FILE_SIZE_LIMIT_ERROR'));
}
}
// add random string
if ($upload['add_random']) {
$name = $name . '_' . substr(md5(uniqid(rand(), 1)), 0, 5);
}
// rebuild file name - name + extension
$name = $name . '.' . $ext;
// create a filesystem result object
$result = new WFFileSystemResult();
$complete = false;
$contentType = JRequest::getVar('CONTENT_TYPE', '', 'SERVER');
// relative path
$relative = WFUtility::makePath($dir, $name);
// Only multipart uploading is supported for now
if ($contentType && strpos($contentType, "multipart") !== false) {
$result = $filesystem->upload('multipart', trim($file['tmp_name']), $dir, $name);
if (!$result->state) {
if (empty($result->message)) {
$result->message = WFText::_('WF_MANAGER_UPLOAD_ERROR');
}
$result->code = 103;
}
@unlink($file['tmp_name']);
$complete = true;
} else {
$result->state = false;
$result->code = 103;
$result->message = WFText::_('WF_MANAGER_UPLOAD_ERROR');
$complete = true;
}
// upload finished
if ($complete) {
if ($result instanceof WFFileSystemResult) {
if ($result->state === true) {
$this->setResult($this->fireEvent('onUpload', array($result->path, $relative)));
$this->setResult(basename($result->path), 'files');
} else {
$this->setResult($result->message, 'error');
}
}
die(json_encode($this->getResult()));
}
}
/**
* Upload a file.
* @return array $error on failure or uploaded file name on success
*/
public function upload()
{
// Check for request forgeries
WFToken::checkToken() or die;
//JError::setErrorHandling(E_ALL, 'callback', array('WFError', 'raiseError'));
// check for feature access
if (!$this->checkFeature('upload')) {
JError::raiseError(403, 'Access to this resource is restricted');
}
jimport('joomla.filesystem.file');
// get uploaded file
$file = JRequest::getVar('file', '', 'files', 'array');
// validate file data
$this->validateUploadedFile($file);
$wf = WFEditor::getInstance();
// HTTP headers for no cache etc
//header('Content-type: text/plain; charset=UTF-8');
header('Content-Type: text/json;charset=UTF-8');
header("Expires: Wed, 4 Apr 1984 13:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M_Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
// get file name
$name = JRequest::getVar('name', $file['name']);
// target directory
$dir = JRequest::getVar('upload-dir');
// deocode directory
$dir = rawurldecode($dir);
// check destination path
WFUtility::checkPath($dir);
// decode name
$name = rawurldecode($name);
// check file name
WFUtility::checkPath($name);
// check for invalid extensions
if (preg_match('#\\.(php|phtml|pl|py|jsp|asp|shtml|sh|cgi)$#i', $name)) {
throw new InvalidArgumentException('INVALID FILE NAME');
}
// get extension
$ext = WFUtility::getExtension($name);
// strip extension
$name = WFUtility::stripExtension($name);
// make file name 'web safe'
$name = WFUtility::makeSafe($name, $this->get('websafe_mode', 'utf-8'), $this->get('websafe_spaces'), $this->get('websafe_textcase'));
// empty name
if ($name == '') {
throw new InvalidArgumentException('INVALID FILE NAME');
}
// check for extension in file name
if (preg_match('#\\.(php|php(3|4|5)|phtml|pl|py|jsp|asp|htm|html|shtml|sh|cgi)\\b#i', $name)) {
throw new InvalidArgumentException('INVALID FILE NAME');
}
$upload = $this->get('upload');
// add random string
if ($upload['add_random']) {
$name = $name . '_' . substr(md5(uniqid(rand(), 1)), 0, 5);
}
// rebuild file name - name + extension
$name = $name . '.' . $ext;
// create a filesystem result object
$result = new WFFileSystemResult();
$filesystem = $this->getFileSystem();
$complete = false;
$contentType = JRequest::getVar('CONTENT_TYPE', '', 'SERVER');
// Only multipart uploading is supported for now
if ($contentType && strpos($contentType, "multipart") !== false) {
$result = $filesystem->upload('multipart', trim($file['tmp_name']), $dir, $name);
if (!$result->state) {
$result->message = WFText::_('WF_MANAGER_UPLOAD_ERROR');
$result->code = 103;
}
@unlink($file['tmp_name']);
$complete = true;
} else {
$result->state = false;
$result->code = 103;
$result->message = WFText::_('WF_MANAGER_UPLOAD_ERROR');
$complete = true;
}
// upload finished
if ($complete) {
if ($result instanceof WFFileSystemResult) {
if ($result->state === true) {
$path = $result->path;
// get root dir eg: JPATH_SITE
$root = substr($filesystem->getBaseDir(), 0, -strlen($filesystem->getRootDir()));
// get relative path
$relative = substr($path, strlen($root));
// clean
$relative = WFUtility::cleanPath($relative, '/');
$this->setResult($this->fireEvent('onUpload', array($result->path, $relative)));
$this->setResult(basename($result->path), 'files');
} else {
$this->setResult($result->message, 'error');
}
}
die(json_encode($this->getResult()));
}
}
/**
* Upload a file.
* @return array $error on failure or uploaded file name on success
*/
public function upload()
{
// Check for request forgeries
WFToken::checkToken() or die;
//JError::setErrorHandling(E_ALL, 'callback', array('WFError', 'raiseError'));
// check for feature access
if (!$this->checkFeature('upload')) {
JError::raiseError(403, 'RESTRICTED ACCESS');
}
$wf = WFEditor::getInstance();
jimport('joomla.filesystem.file');
// HTTP headers for no cache etc
//header('Content-type: text/plain; charset=UTF-8');
header("Expires: Wed, 4 Apr 1984 13:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M_Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
// get uploaded file
$file = JRequest::getVar('file', '', 'files', 'array');
// get file name
$name = JRequest::getVar('name', $file['name']);
// target directory
$dir = JRequest::getVar('upload-dir');
// deocode directory
$dir = rawurldecode($dir);
// check destination path
WFUtility::checkPath($dir);
// decode name
$name = rawurldecode($name);
// get extension
$ext = WFUtility::getExtension($name);
// strip extension
$name = WFUtility::stripExtension($name);
// make file name 'web safe'
$name = WFUtility::makeSafe($name, $this->get('websafe_mode', 'utf-8'));
// empty name
if ($name == '') {
JError::raiseError(403, 'INVALID FILE NAME');
}
// check for extension in file name or blank file name
if (preg_match('#\\.(php|php(3|4|5)|phtml|pl|py|jsp|asp|htm|shtml|sh|cgi)#i', $name)) {
JError::raiseError(403, 'INVALID FILE NAME');
}
// create a filesystem result object
$result = new WFFileSystemResult();
$filesystem = $this->getFileSystem();
$complete = false;
$contentType = JRequest::getVar('CONTENT_TYPE', '', 'SERVER');
// rebuild file name - name + extension
$name = $name . '.' . $ext;
// Only multipart uploading is supported for now
if ($contentType && strpos($contentType, "multipart") !== false) {
if (isset($file['tmp_name']) && is_uploaded_file($file['tmp_name'])) {
// check for valid extension
if (in_array(strtolower($ext), $this->getFileTypes('array')) === false) {
$result->state = false;
$result->message = WFText::_('WF_MANAGER_UPLOAD_INVALID_EXT_ERROR');
$complete = true;
@unlink($file['tmp_name']);
} else {
if ($this->validateUploadedFile($file, $result) === false) {
$complete = true;
@unlink($file['tmp_name']);
} else {
$result = $filesystem->upload('multipart', trim($file['tmp_name']), $dir, $name);
if (!$result->state) {
$result->message = WFText::_('WF_MANAGER_UPLOAD_ERROR');
$result->code = 103;
}
@unlink($file['tmp_name']);
$complete = true;
}
}
}
} else {
$result->state = false;
$result->code = 103;
$result->message = WFText::_('WF_MANAGER_UPLOAD_ERROR');
$complete = true;
}
// upload finished
if ($complete) {
if ($result instanceof WFFileSystemResult) {
if ($result->state === true) {
$path = $result->path;
$this->setResult($this->fireEvent('onUpload', array($result->path)));
$this->setResult(basename($result->path), 'files');
} else {
$this->setResult($result->message, 'error');
}
}
die(json_encode($this->getResult()));
}
}
/**
* Upload a file.
* @return array $error on failure or uploaded file name on success
*/
function upload()
{
// Check for request forgeries
WFToken::checkToken() or die;
// check for feature access
if (!$this->checkFeature('upload')) {
JError::raiseError(403, 'RESTRICTED ACCESS');
}
$wf = WFEditor::getInstance();
jimport('joomla.filesystem.file');
// HTTP headers for no cache etc
//header('Content-type: text/plain; charset=UTF-8');
header("Expires: Wed, 4 Apr 1984 13:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M_Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
// get uploaded file
$file = JRequest::getVar('file', '', 'files', 'array');
// get file name
$name = JRequest::getVar('name', $file['name']);
$ext = WFUtility::getExtension($name);
// check for extension in file name
if (preg_match('#\\.(php|php(3|4|5)|phtml|pl|py|jsp|asp|htm|shtml|sh|cgi)#i', basename($name, '.' . $ext))) {
JError::raiseError(403, 'INVALID FILE NAME');
}
// get chunks
$chunk = JRequest::getInt('chunk', 0);
$chunks = JRequest::getInt('chunks', 1);
// create a filesystem result object
$result = new WFFileSystemResult();
$filesystem = $this->getFileSystem();
$complete = false;
$contentType = JRequest::getVar('CONTENT_TYPE', '', 'SERVER');
// Only multipart uploading is supported for now
if ($contentType && strpos($contentType, "multipart") !== false) {
if (isset($file['tmp_name']) && is_uploaded_file($file['tmp_name'])) {
// validate file before continuing (first chunk only)
if ($chunk == 0 && $wf->getParam('validate_mimetype', 0) && !preg_match('#(htm|html|txt)#', $ext)) {
$this->validateUploadedFile($file);
}
// make file name 'web safe'
$name = WFUtility::makeSafe($name);
// get current dir
$dir = JRequest::getVar('upload-dir', '');
// check destination path
WFUtility::checkPath($dir);
// Normal upload
if ($chunks == 1) {
$result = $filesystem->upload('multipart', trim($file['tmp_name']), $dir, $name);
if (!$result->state) {
$result->message = WFText::_('WF_MANAGER_UPLOAD_ERROR');
$result->code = 103;
}
$complete = true;
// Chunk uploading
} else {
$result = $filesystem->upload('multipart-chunking', trim($file['tmp_name']), $dir, $name, $chunks, $chunk);
if (!$result->state) {
$result->message = WFText::_('WF_MANAGER_UPLOAD_ERROR');
$result->code = 103;
}
$complete = $chunk == $chunks - 1;
}
}
} else {
$result->state = false;
$result->code = 103;
$result->message = WFText::_('WF_MANAGER_UPLOAD_ERROR');
$complete = true;
}
// upload finished
if ($complete) {
if (is_a($result, 'WFFileSystemResult')) {
if ($result->state === true) {
$this->setResult($this->fireEvent('onUpload', array($result->path)));
$this->setResult(basename($result->path), 'files');
}
}
die(json_encode($this->getResult()));
}
}
