public function test_too_large()
 {
     $upload = new fileupload($this->filesystem, '', array('gif'), 100);
     $file = $upload->remote_upload(self::$root_url . 'styles/prosilver/theme/images/forum_read.gif');
     $this->assertEquals(1, sizeof($file->error));
     $this->assertEquals('WRONG_FILESIZE', $file->error[0]);
 }
 /**
  * {@inheritdoc}
  */
 public function process_form($request, $template, $user, $row, &$error)
 {
     if ($user->data['user_character_id'] == 0) {
         return false;
     }
     if (!class_exists('fileupload')) {
         include $this->phpbb_root_path . 'includes/functions_upload.' . $this->php_ext;
     }
     $upload = new \fileupload('AVATAR_', $this->allowed_extensions, 100000, 64, 64, 256, 256, isset($this->config['mime_triggers']) ? explode('|', $this->config['mime_triggers']) : false);
     $url = $this->get_eveapi_url($user->data['user_character_id'], $this->config['eveapi_portrait_size']);
     $file = $upload->remote_upload($url, $this->mimetype_guesser);
     $prefix = $this->config['avatar_salt'] . '_';
     $file->clean_filename('avatar', $prefix, $row['id']);
     $destination = $this->config['avatar_path'];
     // Adjust destination path (no trailing slash)
     if (substr($destination, -1, 1) == '/' || substr($destination, -1, 1) == '\\') {
         $destination = substr($destination, 0, -1);
     }
     $destination = str_replace(array('../', '..\\', './', '.\\'), '', $destination);
     if ($destination && ($destination[0] == '/' || $destination[0] == "\\")) {
         $destination = '';
     }
     // Move file and overwrite any existing image
     $file->move_file($destination, true);
     if (sizeof($file->error)) {
         $file->remove();
         $error = array_merge($error, $file->error);
         return false;
     }
     return array('avatar' => $row['id'] . '_' . time() . '.' . $file->get('extension'), 'avatar_width' => $file->get('width'), 'avatar_height' => $file->get('height'));
 }
Exemple #3
0
 /**
  * {@inheritdoc}
  */
 public function process_form($request, $template, $user, $row, &$error)
 {
     if (!$this->can_upload()) {
         return false;
     }
     if (!class_exists('fileupload')) {
         include $this->src_root_path . 'includes/functions_upload.' . $this->php_ext;
     }
     $upload = new \fileupload('AVATAR_', $this->allowed_extensions, $this->config['avatar_filesize'], $this->config['avatar_min_width'], $this->config['avatar_min_height'], $this->config['avatar_max_width'], $this->config['avatar_max_height'], isset($this->config['mime_triggers']) ? explode('|', $this->config['mime_triggers']) : false);
     $url = $request->variable('avatar_upload_url', '');
     $upload_file = $request->file('avatar_upload_file');
     if (!empty($upload_file['name'])) {
         $file = $upload->form_upload('avatar_upload_file', $this->mimetype_guesser);
     } else {
         if (!empty($this->config['allow_avatar_remote_upload']) && !empty($url)) {
             if (!preg_match('#^(http|https|ftp)://#i', $url)) {
                 $url = 'http://' . $url;
             }
             if (!function_exists('validate_data')) {
                 require $this->src_root_path . 'includes/functions_user.' . $this->php_ext;
             }
             $validate_array = validate_data(array('url' => $url), array('url' => array('string', true, 5, 255)));
             $error = array_merge($error, $validate_array);
             if (!empty($error)) {
                 return false;
             }
             $file = $upload->remote_upload($url, $this->mimetype_guesser);
         } else {
             return false;
         }
     }
     $prefix = $this->config['avatar_salt'] . '_';
     $file->clean_filename('avatar', $prefix, $row['id']);
     $destination = $this->config['avatar_path'];
     // Adjust destination path (no trailing slash)
     if (substr($destination, -1, 1) == '/' || substr($destination, -1, 1) == '\\') {
         $destination = substr($destination, 0, -1);
     }
     $destination = str_replace(array('../', '..\\', './', '.\\'), '', $destination);
     if ($destination && ($destination[0] == '/' || $destination[0] == "\\")) {
         $destination = '';
     }
     // Move file and overwrite any existing image
     $file->move_file($destination, true);
     if (sizeof($file->error)) {
         $file->remove();
         $error = array_merge($error, $file->error);
         return false;
     }
     return array('avatar' => $row['id'] . '_' . time() . '.' . $file->get('extension'), 'avatar_width' => $file->get('width'), 'avatar_height' => $file->get('height'));
 }
/**
* Avatar upload using the upload class
*/
function avatar_upload($data, &$error)
{
    global $phpbb_root_path, $config, $db, $user, $phpEx;
    // Init upload class
    include_once $phpbb_root_path . 'includes/functions_upload.' . $phpEx;
    $upload = new fileupload('AVATAR_', array('jpg', 'jpeg', 'gif', 'png'), $config['avatar_filesize'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height'], explode('|', $config['mime_triggers']));
    if (!empty($_FILES['uploadfile']['name'])) {
        $file = $upload->form_upload('uploadfile');
    } else {
        $file = $upload->remote_upload($data['uploadurl']);
    }
    $prefix = $config['avatar_salt'] . '_';
    $file->clean_filename('avatar', $prefix, $data['user_id']);
    $destination = $config['avatar_path'];
    // Adjust destination path (no trailing slash)
    if (substr($destination, -1, 1) == '/' || substr($destination, -1, 1) == '\\') {
        $destination = substr($destination, 0, -1);
    }
    $destination = str_replace(array('../', '..\\', './', '.\\'), '', $destination);
    if ($destination && ($destination[0] == '/' || $destination[0] == "\\")) {
        $destination = '';
    }
    // Move file and overwrite any existing image
    $file->move_file($destination, true);
    if (sizeof($file->error)) {
        $file->remove();
        $error = array_merge($error, $file->error);
    }
    return array(AVATAR_UPLOAD, $data['user_id'] . '_' . time() . '.' . $file->get('extension'), $file->get('width'), $file->get('height'));
}
Exemple #5
0
 /**
  * {@inheritdoc}
  */
 public function process_form($request, $template, $user, $row, &$error)
 {
     if (!$this->can_upload()) {
         return false;
     }
     if (!class_exists('fileupload')) {
         include $this->phpbb_root_path . 'includes/functions_upload.' . $this->php_ext;
     }
     $upload = new \fileupload('AVATAR_', $this->allowed_extensions, $this->config['avatar_filesize'], $this->config['avatar_min_width'], $this->config['avatar_min_height'], $this->config['avatar_max_width'], $this->config['avatar_max_height'], isset($this->config['mime_triggers']) ? explode('|', $this->config['mime_triggers']) : false);
     $url = $request->variable('avatar_upload_url', '');
     $upload_file = $request->file('avatar_upload_file');
     if (!empty($upload_file['name'])) {
         $file = $upload->form_upload('avatar_upload_file', $this->mimetype_guesser);
     } else {
         if (!empty($this->config['allow_avatar_remote_upload']) && !empty($url)) {
             if (!preg_match('#^(http|https|ftp)://#i', $url)) {
                 $url = 'http://' . $url;
             }
             if (!function_exists('validate_data')) {
                 require $this->phpbb_root_path . 'includes/functions_user.' . $this->php_ext;
             }
             $validate_array = validate_data(array('url' => $url), array('url' => array('string', true, 5, 255)));
             $error = array_merge($error, $validate_array);
             if (!empty($error)) {
                 return false;
             }
             $file = $upload->remote_upload($url, $this->mimetype_guesser);
         } else {
             return false;
         }
     }
     $prefix = $this->config['avatar_salt'] . '_';
     $file->clean_filename('avatar', $prefix, $row['id']);
     // If there was an error during upload, then abort operation
     if (sizeof($file->error)) {
         $file->remove();
         $error = $file->error;
         return false;
     }
     // Calculate new destination
     $destination = $this->config['avatar_path'];
     // Adjust destination path (no trailing slash)
     if (substr($destination, -1, 1) == '/' || substr($destination, -1, 1) == '\\') {
         $destination = substr($destination, 0, -1);
     }
     $destination = str_replace(array('../', '..\\', './', '.\\'), '', $destination);
     if ($destination && ($destination[0] == '/' || $destination[0] == "\\")) {
         $destination = '';
     }
     /**
      * Before moving new file in place (and eventually overwriting the existing avatar with the newly uploaded avatar)
      *
      * @event core.avatar_driver_upload_move_file_before
      * @var	string	destination			Destination directory where the file is going to be moved
      * @var	string	prefix				Prefix for the avatar filename
      * @var	array	row					Array with avatar row data
      * @var	array	error				Array of errors, if filled in by this event file will not be moved
      * @since 3.1.6-RC1
      */
     $vars = array('destination', 'prefix', 'row', 'error');
     extract($this->dispatcher->trigger_event('core.avatar_driver_upload_move_file_before', compact($vars)));
     if (!sizeof($error)) {
         // Move file and overwrite any existing image
         $file->move_file($destination, true);
     }
     // If there was an error during move, then clean up leftovers
     $error = array_merge($error, $file->error);
     if (sizeof($error)) {
         $file->remove();
         return false;
     }
     // Delete current avatar if not overwritten
     $ext = substr(strrchr($row['avatar'], '.'), 1);
     if ($ext && $ext !== $file->get('extension')) {
         $this->delete($row);
     }
     return array('avatar' => $row['id'] . '_' . time() . '.' . $file->get('extension'), 'avatar_width' => $file->get('width'), 'avatar_height' => $file->get('height'));
 }
function avatar_upload($data, &$error)
{
    global $config, $_CLASS;
    // Init upload class
    require_once SITE_FILE_ROOT . 'includes/forums/functions_upload.php';
    $upload = new fileupload('AVATAR_', array('jpg', 'jpeg', 'gif', 'png'), $config['avatar_filesize'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height']);
    if (!empty($_FILES['uploadfile']['name'])) {
        $file = $upload->form_upload('uploadfile');
    } else {
        $file = $upload->remote_upload($data['uploadurl']);
    }
    $file->clean_filename('real', $_CLASS['core_user']->data['user_id'] . '_');
    $file->move_file($config['avatar_path']);
    if (sizeof($file->error)) {
        $file->remove();
        $error = array_merge($error, $file->error);
    }
    return array(AVATAR_UPLOAD, $file->get('realname'), $file->get('width'), $file->get('height'));
}
 /**
  * Copy a remonte banner to server.
  * called by banner_process()
  *
  * @param	string	$banner The anner's remote url
  * @param	array	$error	The array error, passed by reference
  * @return	false|string	String if no errors, else false
  */
 private function _banner_upload($banner, &$error)
 {
     // Init upload class
     if (!class_exists('fileupload')) {
         include $this->root_path . 'includes/functions_upload.' . $this->php_ext;
     }
     $upload = new \fileupload('DIR_BANNER_', array('jpg', 'jpeg', 'gif', 'png'), $this->config['dir_banner_filesize']);
     $file = $upload->remote_upload($banner);
     $prefix = unique_id() . '_';
     $file->clean_filename('real', $prefix);
     $destination = $this->dir_helper->get_banner_path();
     // Move file and overwrite any existing image
     $file->move_file($destination, true);
     if (sizeof($file->error)) {
         $file->remove();
         $error = array_merge($error, $file->error);
         return false;
     }
     return $prefix . strtolower($file->uploadname);
 }