function file_insert() { global $txpcfg, $extensions, $txp_user, $file_base_path, $file_max_upload_size; extract($txpcfg); extract(doSlash(gpsa(array('category', 'permissions', 'description')))); $name = file_get_uploaded_name(); $file = file_get_uploaded(); if ($file === false) { // could not get uploaded file file_list(gTxt('file_upload_failed') . " {$name} - " . upload_get_errormsg($_FILES['thefile']['error'])); return; } $size = filesize($file); if ($file_max_upload_size < $size) { unlink($file); file_list(gTxt('file_upload_failed') . " {$name} - " . upload_get_errormsg(UPLOAD_ERR_FORM_SIZE)); return; } // Remove control characters and " * \ : < > ? / | // Remove duplicate dots and any leading or trailing dots/spaces $newname = preg_replace('/[\\x00-\\x1f\\x22\\x2a\\x2f\\x3a\\x3c\\x3e\\x3f\\x5c\\x7c\\x7f]+/', '', $name); $newname = preg_replace('/[.]{2,}/', '.', trim($newname, '. ')); $newpath = build_file_path($file_base_path, $newname); if (!is_file($newname)) { $id = file_db_add($newname, $category, $permissions, $description, $size); if (!$id) { file_list(gTxt('file_upload_failed') . ' (db_add)'); } else { $id = assert_int($id); if (!shift_uploaded_file($file, $newpath)) { safe_delete("txp_file", "id = {$id}"); safe_alter("txp_file", "auto_increment={$id}"); if (isset($GLOBALS['ID'])) { unset($GLOBALS['ID']); } file_list($newpath . ' ' . gTxt('upload_dir_perms')); // clean up file } else { file_set_perm($newpath); $message = gTxt('file_uploaded', array('{name}' => htmlspecialchars($newname))); file_edit($message, $id); } } } else { $message = gTxt('file_already_exists', array('{name}' => $newname)); file_list($message); } }
function file_insert() { global $txp_user, $file_base_path, $file_max_upload_size; if (!has_privs('file.edit.own')) { file_list(gTxt('restricted_area')); return; } extract(doSlash(gpsa(array('category', 'permissions', 'description')))); $name = file_get_uploaded_name(); $file = file_get_uploaded(); if ($file === false) { // could not get uploaded file file_list(array(gTxt('file_upload_failed') . " {$name} - " . upload_get_errormsg($_FILES['thefile']['error']), E_ERROR)); return; } $size = filesize($file); if ($file_max_upload_size < $size) { unlink($file); file_list(array(gTxt('file_upload_failed') . " {$name} - " . upload_get_errormsg(UPLOAD_ERR_FORM_SIZE), E_ERROR)); return; } $newname = sanitizeForFile($name); $newpath = build_file_path($file_base_path, $newname); if (!is_file($newname)) { $id = file_db_add($newname, $category, $permissions, $description, $size); if (!$id) { file_list(array(gTxt('file_upload_failed') . ' (db_add)', E_ERROR)); } else { $id = assert_int($id); if (!shift_uploaded_file($file, $newpath)) { safe_delete("txp_file", "id = {$id}"); safe_alter("txp_file", "auto_increment={$id}"); if (isset($GLOBALS['ID'])) { unset($GLOBALS['ID']); } file_list(array($newpath . ' ' . gTxt('upload_dir_perms'), E_ERROR)); // clean up file } else { file_set_perm($newpath); $message = gTxt('file_uploaded', array('{name}' => htmlspecialchars($newname))); file_edit($message, $id); } } } else { $message = gTxt('file_already_exists', array('{name}' => $newname)); file_list($message); } }
function file_insert() { global $txpcfg, $extensions, $txp_user, $file_base_path; extract($txpcfg); extract(doSlash(gpsa(array('category', 'permissions', 'description')))); $name = file_get_uploaded_name(); $file = file_get_uploaded(); if ($file === false) { // could not get uploaded file file_list(gTxt('file_upload_failed') . " {$name} - " . upload_get_errormsg($_FILES['file']['error'])); return; } if (!is_file(build_file_path($file_base_path, $name))) { $id = file_db_add($name, $category, $permissions, $description); if (!$id) { file_list(gTxt('file_upload_failed') . ' (db_add)'); } else { $newpath = build_file_path($file_base_path, trim($name)); if (!shift_uploaded_file($file, $newpath)) { safe_delete("txp_file", "id='{$id}'"); safe_alter("txp_file", "auto_increment={$id}"); file_list($newpath . ' ' . gTxt('upload_dir_perms')); // clean up file } else { file_set_perm($newpath); file_edit(messenger('file', $name, 'uploaded'), $id); } } } else { file_list(messenger(gTxt('file'), $name, gTxt('already_exists'))); } }
function file_insert() { global $txp_user, $file_base_path, $file_max_upload_size; require_privs('file.edit.own'); extract(doSlash(array_map('assert_string', gpsa(array('category', 'title', 'permissions', 'description'))))); $name = file_get_uploaded_name(); $file = file_get_uploaded(); if ($file === false) { // Could not get uploaded file. file_list(array(gTxt('file_upload_failed') . " {$name} - " . upload_get_errormsg($_FILES['thefile']['error']), E_ERROR)); return; } $size = filesize($file); if ($file_max_upload_size < $size) { unlink($file); file_list(array(gTxt('file_upload_failed') . " {$name} - " . upload_get_errormsg(UPLOAD_ERR_FORM_SIZE), E_ERROR)); return; } $newname = sanitizeForFile($name); $newpath = build_file_path($file_base_path, $newname); if (!is_file($newpath) && !safe_count('txp_file', "filename = '" . doSlash($newname) . "'")) { $id = file_db_add(doSlash($newname), $category, $permissions, $description, $size, $title); if (!$id) { file_list(array(gTxt('file_upload_failed') . ' (db_add)', E_ERROR)); } else { $id = assert_int($id); if (!shift_uploaded_file($file, $newpath)) { safe_delete("txp_file", "id = {$id}"); safe_alter("txp_file", "auto_increment={$id}"); if (isset($GLOBALS['ID'])) { unset($GLOBALS['ID']); } file_list(array($newpath . ' ' . gTxt('upload_dir_perms'), E_ERROR)); // Clean up file. } else { file_set_perm($newpath); update_lastmod('file_uploaded', compact('id', 'newname', 'title', 'category', 'description')); file_edit(gTxt('file_uploaded', array('{name}' => $newname)), $id); } } } else { file_list(array(gTxt('file_already_exists', array('{name}' => $newname)), E_ERROR)); } }
function file_insert() { global $txpcfg, $extensions, $txp_user, $file_base_path, $file_max_upload_size; extract($txpcfg); extract(doSlash(gpsa(array('category', 'permissions', 'description')))); $name = file_get_uploaded_name(); $file = file_get_uploaded(); if ($file === false) { // could not get uploaded file file_list(gTxt('file_upload_failed') . " {$name} - " . upload_get_errormsg(@$_FILES['file']['error'])); return; } if ($file_max_upload_size < filesize($file)) { unlink($file); file_list(gTxt('file_upload_failed') . " {$name} - " . upload_get_errormsg(UPLOAD_ERR_FORM_SIZE)); return; } if (!is_file(build_file_path($file_base_path, $name))) { $id = file_db_add($name, $category, $permissions, $description); if (!$id) { file_list(gTxt('file_upload_failed') . ' (db_add)'); } else { $id = assert_int($id); $newpath = build_file_path($file_base_path, trim($name)); if (!shift_uploaded_file($file, $newpath)) { safe_delete("txp_file", "id = {$id}"); safe_alter("txp_file", "auto_increment={$id}"); if (isset($GLOBALS['ID'])) { unset($GLOBALS['ID']); } file_list($newpath . ' ' . gTxt('upload_dir_perms')); // clean up file } else { file_set_perm($newpath); $message = gTxt('file_uploaded', array('{name}' => $name)); file_edit($message, $id); } } } else { $message = gTxt('file_already_exists', array('{name}' => $name)); file_list($message); } }
function smd_ebook_generate($listfile = '', $opf_file = '', $booktype = '', $ebook_folder = '') { global $smd_ebook_prefs, $img_dir; $report = array(); $retval = NULL; // Use passed in values in lieu of the one in the form $opf_file = $opf_file ? $opf_file : ps('smd_ebook_opf_file'); $listfile = $listfile ? $listfile : ps('smd_ebook_listfile'); $booktype = $booktype ? $booktype : ps('smd_ebook_type'); $ebook_folder = $ebook_folder ? $ebook_folder : ps('smd_ebook_folder'); $is_mobi = $booktype === 'mobi'; $is_epub = $booktype === 'zip'; // File credentials $outpath = get_pref('tempdir') . DS . $ebook_folder . DS; $outfile = ps('smd_ebook_pubfile'); if (empty($outfile)) { $info = explode('.', $listfile); $basepart = array_slice($info, 0, count($info) - 1); $outfile = join('', $basepart); } $outfile .= $is_epub ? '.epub' : ($is_mobi ? '.mobi' : ''); $downloadit = ps('smd_ebook_download'); $fileit = ps('smd_ebook_to_files'); if ($downloadit) { smd_ebook_download($outpath . $outfile); } elseif ($fileit) { @(include_once txpath . '/include/txp_file.php'); // Copy the file to the files area $destfilepath = get_pref('file_base_path') . DS . $outfile; $filesize = filesize($outpath . $outfile); copy($outpath . $outfile, $destfilepath); // Get the file category $filecat = get_pref('smd_ebook_file_cat', $smd_ebook_prefs['smd_ebook_file_cat']['default']); // Read description and title from .opf $doc = new DOMDocument(); $content = file_get_contents(get_pref('tempdir') . DS . $ebook_folder . DS . $opf_file); $dom_ok = $doc->loadXML($content); $description = $title = ''; if ($dom_ok) { $items = $doc->getElementsByTagName('*'); foreach ($items as $item) { if ($item->nodeName === 'dc:title') { $title = $item->nodeValue; } if ($item->nodeName === 'dc:description') { $description = $item->nodeValue; } } } $curid = safe_field('id', 'txp_file', "filename='" . doSlash($outfile) . "'"); if ($curid) { // Update existing database entry $ret = safe_update('txp_file', "\n title='" . doSlash($title) . "',\n category='" . doSlash($filecat) . "',\n description='" . doSlash($description) . "',\n size='" . doSlash($filesize) . "',\n modified= now()\n ", "id='" . doSlash($curid) . "'"); if ($ret) { $msg = gTxt('smd_ebook_updated', array('{id}' => $curid)); } else { $msg = gTxt('smd_ebook_not_filed'); } } else { // Make a new entry in the database for it $newid = file_db_add(doSlash($outfile), doSlash($filecat), '', doSlash($description), doSlash($filesize), doSlash($title)); if ($newid) { $msg = gTxt('smd_ebook_filed', array('{id}' => $newid)); } else { $msg = gTxt('smd_ebook_not_filed'); } } } else { // (Re)generate the book $msg = ''; $master_img_list = array(); switch ($booktype) { case 'mobi': list($report, $retval) = smd_ebook_kindlegen($opf_file, $ebook_folder); if ($retval > 1) { $msg = gTxt('smd_ebook_generate_failed', array('{code}' => $retval)); } else { $msg = gTxt('smd_ebook_generate_ok'); } break; case 'zip': // All the files are currently in a flat file structure (for ease of browsing/editing). // To add them to the zip, they need to be put in a specific file tree. $base_dir = get_pref('tempdir') . DS . $ebook_folder . DS; $dest_dir = $base_dir . 'zipped' . DS; $meta_dir = $dest_dir . 'META-INF'; $oebps_dir = $dest_dir . 'OEBPS'; $oebps_img_dir = $oebps_dir . DS . 'images'; $report[] = 'Files in base folder: ' . $base_dir; $zip = new smd_crunch_dZip($outpath . $outfile); // Add the static files and folder structure $static_files = array('mimetype' => $dest_dir, 'container.xml' => $meta_dir . DS, 'cover.html' => $oebps_dir . DS, '' => $oebps_img_dir . DS); foreach ($static_files as $fn => $to) { if (!is_readable($to)) { if (mkdir($to)) { $report[] = 'Created folder: ' . $to; } else { $report[] = 'Failed to create folder: ' . $to; } } $add_to_zip = str_replace($dest_dir, '', $to); if ($add_to_zip !== '') { $zip->addDir($add_to_zip); } if ($fn !== '') { if (copy($base_dir . $fn, $to . $fn)) { $destfile = str_replace($dest_dir, '', $to) . $fn; $zip->addFile($to . $fn, $destfile); $report[] = 'Added file: ' . $destfile; } else { $report[] = 'Failed to add file: ' . $destfile; } } } // Add each file given in the .smd master file $files = file($base_dir . $listfile); $files = doArray($files, 'trim'); foreach ($files as $file) { $info = explode('.', $file); $lastpart = count($info) - 1; $ext = trim($info[$lastpart]); switch ($ext) { case 'html': case 'css': case 'ncx': case 'opf': $destfile = $oebps_dir . DS . $file; if (copy($base_dir . $file, $destfile)) { // Translate fixed (image) paths into relative ones if ($ext === 'html') { $content = file_get_contents($destfile); $content = str_replace(get_pref('path_to_site') . DS . $img_dir . DS, 'images' . DS, $content); $fh = fopen($destfile, 'w'); fwrite($fh, $content); fclose($fh); } $zip->addFile($oebps_dir . DS . $file, 'OEBPS' . DS . $file); $report[] = 'Added file: OEBPS' . DS . $file; } break; case 'jpg': case 'jpeg': case 'gif': case 'png': if (strpos($file, 'cover') === 0) { $picdir = $oebps_dir; } else { $picdir = $oebps_img_dir; } $destfile = $picdir . DS . $file; $rel_dir = str_replace($dest_dir, '', $picdir); if (!file_exists($destfile) && copy($base_dir . $file, $destfile)) { $report[] = 'Added file: ' . $rel_dir . DS . $file; } // Guard against adding the same image twice if (!in_array($file, $master_img_list)) { $zip->addFile($destfile, $rel_dir . DS . $file); $master_img_list[] = $file; } break; } } $zip->save(); $report[] = 'Generated final ePub file: ' . $outpath . $outfile; $msg = gTxt('smd_ebook_generate_ok'); $retval = 0; // Success! TODO: trap errors and report failure break; } } smd_ebook_ui($msg, $listfile, join(n, $report), $retval, $ebook_folder); }