$phpwcms['file_maxsize'] = $upload_max_filesize - 1;
}
} else {
$upload_max_filesize = $phpwcms['file_maxsize'];
}
if (is_string($phpwcms['allowed_upload_ext'])) {
$phpwcms['allowed_upload_ext'] = convertStringToArray(strtolower($phpwcms['allowed_upload_ext']));
}
$uploader = new qqFileUploader($phpwcms['allowed_upload_ext'], min($post_max_size, $upload_max_filesize, $phpwcms['file_maxsize']));
$uploadDir = PHPWCMS_ROOT . $phpwcms["ftp_path"];
// Call handleUpload() with the name of the folder, relative to PHP's getcwd()
$result = $uploader->handleUpload($uploadDir, NULL, TRUE, FALSE);
$result['filename'] = $uploader->getUploadName();
if (!empty($result['success']) && !empty($_GET['file_public'])) {
require_once PHPWCMS_ROOT . '/include/inc_lib/dbcon.inc.php';
$data = array('f_pid' => intval($_GET['file_dir']), 'f_uid' => intval($_SESSION["wcs_user_id"]), 'f_kid' => 1, 'f_aktiv' => 1, 'f_public' => 1, 'f_name' => $result['filename'], 'f_created' => now(), 'f_size' => $uploader->getFileSize(), 'f_type' => $uploader->getFileType(), 'f_ext' => strtolower($uploader->getFileExtension()), 'f_longinfo' => slweg($_GET['file_longinfo']), 'f_hash' => md5($result['filename'] . microtime()), 'f_copyright' => slweg($_GET['file_copyright']), 'f_tags' => clean_slweg($_GET['file_tags']));
if (PHPWCMS_CHARSET != 'utf-8') {
$data['f_name'] = makeCharsetConversion($data['f_name'], 'utf-8', PHPWCMS_CHARSET);
$data['f_longinfo'] = makeCharsetConversion($data['f_longinfo'], 'utf-8', PHPWCMS_CHARSET);
$data['f_copyright'] = makeCharsetConversion($data['f_copyright'], 'utf-8', PHPWCMS_CHARSET);
$data['f_tags'] = makeCharsetConversion($data['f_tags'], 'utf-8', PHPWCMS_CHARSET);
}
$insert = _dbInsert('phpwcms_file', $data);
// move uploaded file
if (!empty($insert['INSERT_ID'])) {
$userftppath = PHPWCMS_ROOT . $phpwcms["ftp_path"];
$useruploadpath = PHPWCMS_ROOT . $phpwcms["file_path"];
$usernewfile = $useruploadpath . $data['f_hash'];
if ($data['f_ext']) {
$usernewfile .= '.' . $data['f_ext'];
}
