function FileUpload($resourceType, $currentFolder, $sCommand, $CKEcallback = '')
{
if (!isset($_FILES)) {
global $_FILES;
}
$sErrorNumber = '0';
$sFileName = '';
if (isset($_FILES['NewFile']) && !is_null($_FILES['NewFile']['tmp_name']) || isset($_FILES['upload']) && !is_null($_FILES['upload']['tmp_name'])) {
global $Config;
$oFile = isset($_FILES['NewFile']) ? $_FILES['NewFile'] : $_FILES['upload'];
// Map the virtual path to the local server path.
$sServerDir = ServerMapFolder($resourceType, $currentFolder, $sCommand);
// Get the uploaded file name.
$sFileName = filemanager_translit($oFile['name']);
$sFileName = SanitizeFileName($sFileName);
$sOriginalFileName = $sFileName;
// Get the extension.
$sExtension = substr($sFileName, strrpos($sFileName, '.') + 1);
$sExtension = strtolower($sExtension);
if (isset($Config['SecureImageUploads'])) {
if (($isImageValid = IsImageValid($oFile['tmp_name'], $sExtension)) === false) {
$sErrorNumber = '202';
}
}
if (isset($Config['HtmlExtensions'])) {
if (!IsHtmlExtension($sExtension, $Config['HtmlExtensions']) && ($detectHtml = DetectHtml($oFile['tmp_name'])) === true) {
$sErrorNumber = '202';
}
}
// Check if it is an allowed extension.
if (!$sErrorNumber && IsAllowedExt($sExtension, $resourceType)) {
$iCounter = 0;
while (true) {
$sFilePath = $sServerDir . $sFileName;
if (is_file($sFilePath)) {
$iCounter++;
$sFileName = RemoveExtension($sOriginalFileName) . '(' . $iCounter . ').' . $sExtension;
$sErrorNumber = '201';
} else {
move_uploaded_file($oFile['tmp_name'], $sFilePath);
if (is_file($sFilePath)) {
if (isset($Config['ChmodOnUpload']) && !$Config['ChmodOnUpload']) {
break;
}
$permissions = 0777;
if (isset($Config['ChmodOnUpload']) && $Config['ChmodOnUpload']) {
$permissions = $Config['ChmodOnUpload'];
}
$oldumask = umask(0);
chmod($sFilePath, $permissions);
umask($oldumask);
if ($Config['ThumbCreate'] && $_POST['thumb'] && in_array($sExtension, array("gif", "jpg", "jpeg", "png", "wbmp"))) {
filemanager_thumb($sFilePath, $_POST['thumb_x'], $_POST['thumb_y']);
}
if ($Config['ThumbList'] && $resourceType == 'Image') {
$sThumbPath = CombinePaths($_SERVER['DOCUMENT_ROOT'] . GetResourceTypePath('ImageThumb', 'Upload'), filemanager_getthumbname($currentFolder . $sFileName));
filemanager_thumb($sFilePath, $Config['ThumbListSize'], $Config['ThumbListSize'], $sThumbPath);
}
}
break;
}
}
if (!empty($sFilePath) && file_exists($sFilePath)) {
//previous checks failed, try once again
if (isset($isImageValid) && $isImageValid === -1 && IsImageValid($sFilePath, $sExtension) === false) {
@unlink($sFilePath);
$sErrorNumber = '202';
} else {
if (isset($detectHtml) && $detectHtml === -1 && DetectHtml($sFilePath) === true) {
@unlink($sFilePath);
$sErrorNumber = '202';
}
}
}
} else {
$sErrorNumber = '202';
}
} else {
$sErrorNumber = '202';
}
$sFileUrl = CombinePaths(GetResourceTypePath($resourceType, $sCommand), $currentFolder);
$sFileUrl = CombinePaths($sFileUrl, $sFileName);
if ($CKEcallback == '') {
SendUploadResults($sErrorNumber, $sFileUrl, $sFileName);
} else {
//issue the CKEditor Callback
SendCKEditorResults($sErrorNumber, $CKEcallback, $sFileUrl, $sFileName);
}
exit;
}
function FileUpload($resourceType, $currentFolder, $sCommand, $CKEcallback = '')
{
if (!isset($_FILES)) {
global $_FILES;
}
$sErrorNumber = '0';
$sFileName = '';
$customError = '';
//PATCH to detect a quick file upload.
if (isset($_FILES['NewFile']) && !is_null($_FILES['NewFile']['tmp_name']) || isset($_FILES['upload']) && !is_null($_FILES['upload']['tmp_name'])) {
global $config;
//PATCH to detect a quick file upload.
$oFile = isset($_FILES['NewFile']) ? $_FILES['NewFile'] : $_FILES['upload'];
// Map the virtual path to the local server path.
$sServerDir = ServerMapFolder($resourceType, $currentFolder, $sCommand);
// Get the uploaded file name.
$sFileName = $oFile['name'];
$sFileName = SanitizeFileName($sFileName);
$sOriginalFileName = $sFileName;
// Get the extension.
$sExtension = substr($sFileName, strrpos($sFileName, '.') + 1);
$sExtension = strtolower($sExtension);
if (isset($config['SecureImageUploads'])) {
if (($isImageValid = IsImageValid($oFile['tmp_name'], $sExtension)) == false) {
$sErrorNumber = '202';
}
}
if (isset($config['HtmlExtensions'])) {
if (!IsHtmlExtension($sExtension, $config['HtmlExtensions']) && ($detectHtml = DetectHtml($oFile['tmp_name'])) == true) {
$sErrorNumber = '202';
}
}
if ($oFile["size"] / 1024 > $config['MaxImageSize']) {
$sErrorNumber = '1';
$customError = "Can't upload max size " . $config['MaxImageSize'] . "KB";
}
// Check if it is an allowed extension.
if (!$sErrorNumber && IsAllowedExt($sExtension, $resourceType)) {
if ($config['UploadOrginalFilename']) {
// อัปโหลดใช้ชื่อเดิม
$iCounter = 0;
while (true) {
$sFilePath = $sServerDir . $sFileName;
if (is_file($sFilePath)) {
$iCounter++;
$sFileName = RemoveExtension($sOriginalFileName) . '(' . $iCounter . ').' . $sExtension;
$sErrorNumber = '201';
} else {
move_uploaded_file($oFile['tmp_name'], $sFilePath);
if (is_file($sFilePath)) {
if (isset($config['ChmodOnUpload']) && !$config['ChmodOnUpload']) {
break;
}
$permissions = 0777;
if (isset($config['ChmodOnUpload']) && $config['ChmodOnUpload']) {
$permissions = $config['ChmodOnUpload'];
}
$oldumask = umask(0);
chmod($sFilePath, $permissions);
umask($oldumask);
}
break;
}
}
} else {
// อัปโหลดโดยใช้เวลาเป็นชื่อไฟล์
$iCounter = date('U');
while (true) {
$sFileName = "{$iCounter}.{$sExtension}";
$sFilePath = $sServerDir . $sFileName;
if (is_file($sFilePath)) {
$iCounter++;
$sFileName = "{$iCounter}.{$sExtension}";
} else {
move_uploaded_file($oFile['tmp_name'], $sFilePath);
if (is_file($sFilePath)) {
if (isset($config['ChmodOnUpload']) && !$config['ChmodOnUpload']) {
break;
}
$permissions = 0777;
if (isset($config['ChmodOnUpload']) && $config['ChmodOnUpload']) {
$permissions = $config['ChmodOnUpload'];
}
$oldumask = umask(0);
chmod($sFilePath, $permissions);
umask($oldumask);
}
break;
}
}
}
if (file_exists($sFilePath)) {
//previous checks failed, try once again
if (isset($isImageValid) && $isImageValid == -1 && IsImageValid($sFilePath, $sExtension) == false) {
@unlink($sFilePath);
$sErrorNumber = '202';
} elseif (isset($detectHtml) && $detectHtml == -1 && DetectHtml($sFilePath) == true) {
@unlink($sFilePath);
$sErrorNumber = '202';
}
}
} else {
$sErrorNumber = $sErrorNumber;
}
} else {
$sErrorNumber = '202';
}
$sFileUrl = CombinePaths(GetResourceTypePath($resourceType, $sCommand), $currentFolder);
$sFileUrl = CombinePaths($sFileUrl, $sFileName);
if ($CKEcallback == '') {
SendUploadResults($sErrorNumber, $sFileUrl, $sFileName);
} else {
//issue the CKEditor Callback
//SendCKEditorResults($sErrorNumber, $CKEcallback, WEB_URL.'/'.$sFileUrl, $sFileName);
SendCKEditorResults($sErrorNumber, $CKEcallback, $sFileUrl, $sFileName, $customError == "" ? "" : $customError);
}
exit;
}
function FileUpload( $resourceType, $currentFolder, $sCommand, $CKEcallback = '' )
{
if (!isset($_FILES)) {
global $_FILES;
}
$sErrorNumber = '0' ;
$sFileName = '' ;
//PATCH to detect a quick file upload.
if (( isset( $_FILES['NewFile'] ) && !is_null( $_FILES['NewFile']['tmp_name'] ) ) || (isset( $_FILES['upload'] ) && !is_null( $_FILES['upload']['tmp_name'] ) ))
{
global $Config ;
//PATCH to detect a quick file upload.
$oFile = isset($_FILES['NewFile']) ? $_FILES['NewFile'] : $_FILES['upload'];
// Map the virtual path to the local server path.
$sServerDir = ServerMapFolder( $resourceType, $currentFolder, $sCommand ) ;
// Get the uploaded file name.
$sFileName = $oFile['name'] ;
$sFileName = SanitizeFileName( $sFileName ) ;
$sOriginalFileName = $sFileName ;
// Get the extension.
$sExtension = substr( $sFileName, ( strrpos($sFileName, '.') + 1 ) ) ;
$sExtension = strtolower( $sExtension ) ;
if ( isset( $Config['SecureImageUploads'] ) )
{
if ( ( $isImageValid = IsImageValid( $oFile['tmp_name'], $sExtension ) ) === false )
{
$sErrorNumber = '202' ;
}
}
if ( isset( $Config['HtmlExtensions'] ) )
{
if ( !IsHtmlExtension( $sExtension, $Config['HtmlExtensions'] ) &&
( $detectHtml = DetectHtml( $oFile['tmp_name'] ) ) === true )
{
$sErrorNumber = '202' ;
}
}
// Check if it is an allowed extension.
if ( !$sErrorNumber && IsAllowedExt( $sExtension, $resourceType ) )
{
$iCounter = 0 ;
while ( true )
{
$sFilePath = $sServerDir . $sFileName ;
if ( is_file( $sFilePath ) )
{
$iCounter++ ;
$sFileName = RemoveExtension( $sOriginalFileName ) . '(' . $iCounter . ').' . $sExtension ;
$sErrorNumber = '201' ;
}
else
{
move_uploaded_file( $oFile['tmp_name'], $sFilePath ) ;
if ( is_file( $sFilePath ) )
{
if ( isset( $Config['ChmodOnUpload'] ) && !$Config['ChmodOnUpload'] )
{
break ;
}
$permissions = 0777;
if ( isset( $Config['ChmodOnUpload'] ) && $Config['ChmodOnUpload'] )
{
$permissions = $Config['ChmodOnUpload'] ;
}
$oldumask = umask(0) ;
chmod( $sFilePath, $permissions ) ;
umask( $oldumask ) ;
}
break ;
}
}
if ( file_exists( $sFilePath ) )
{
//previous checks failed, try once again
if ( isset( $isImageValid ) && $isImageValid === -1 && IsImageValid( $sFilePath, $sExtension ) === false )
{
@unlink( $sFilePath ) ;
$sErrorNumber = '202' ;
}
else if ( isset( $detectHtml ) && $detectHtml === -1 && DetectHtml( $sFilePath ) === true )
{
@unlink( $sFilePath ) ;
$sErrorNumber = '202' ;
}
}
}
else
$sErrorNumber = '202' ;
}
else
$sErrorNumber = '202' ;
$sFileUrl = CombinePaths( GetResourceTypePath( $resourceType, $sCommand ) , $currentFolder ) ;
$sFileUrl = CombinePaths( $sFileUrl, $sFileName ) ;
if($CKEcallback == '')
{
SendUploadResults( $sErrorNumber, $sFileUrl, $sFileName ) ;
}
else
{
//issue the CKEditor Callback
SendCKEditorResults ($sErrorNumber, $CKEcallback, $sFileUrl, $sFileName);
}
exit ;
}
