function readDirR($dir = "./", $base_path = './', $mp = '')
{
if ($listing = opendir($dir)) {
$return = array();
while (($entry = readdir($listing)) !== false) {
if ($entry != "." && $entry != ".." && substr($entry, 0, 1) != '.') {
$dir = preg_replace("/^(.*)(\\/)+\$/", "\$1", $dir);
$item = $dir . "/" . $entry;
$isfile = is_file($item);
$dirend = $isfile ? '' : '/';
$path_to_file = $dir . "/" . $entry . $dirend;
$path_to_file = str_replace($mp, $base_path, $path_to_file);
$link = '<a rel="' . getExt($entry) . '" href="' . $path_to_file . '">' . $entry . '</a>';
if ($isfile && isValidFile($entry)) {
$return[] = $link;
} elseif (is_dir($item)) {
$return[$link] = readDirR($item, $base_path, $mp);
} else {
}
} else {
}
}
return $return;
} else {
die('Can\'t read directory.');
}
}
function uploadFile($userID, $groupID, $file)
{
$userDAO = new UserDAO();
$user = $userDAO->getUserByID($userID);
if ($user->getRole()->getRoleID() == "4") {
return "This user was forbidden to upload file!";
}
if (!isValidID($groupID)) {
return "Group id is not valid!";
}
$groupDAO = new GroupDAO();
$group = $groupDAO->getGroupByID($groupID);
if ($group === null) {
return "Can not find this group!";
}
if ($group->getActivateStatus() === "2") {
return "Group is not activated!";
}
$groupMemberDAO = new GroupMemberDAO();
$groupMember = $groupMemberDAO->getGroupMember($group, $user);
if ($groupMember === null) {
return "User didn't belong to this group!";
}
if (gettype($file["error"]) == "array") {
return "Only accept one file!";
}
$res = isValidUploadFile($file["error"]);
if ($res !== true) {
return $res;
}
$fileType = -1;
$res = isValidImage($file["name"]);
if ($res === true) {
$fileType = "2";
}
$res = isValidFile($file["name"]);
if ($res === true) {
$fileType = "3";
}
if ($fileType === -1) {
return "Only accepts jpeg/jpg/gif/png/zip file!";
}
$record = new Record($group, $user, $fileType, "temp", "1");
$recordDAO = new RecordDAO();
$recordDAO->insertRecord($record);
$fileDir = "upload/";
$filePath = $fileDir . $record->getRecordID() . "_" . $file["name"];
$record->setContent($filePath);
$recordDAO->updateRecord($record);
if (file_exists($filePath)) {
unlink($filePath);
}
if (!move_uploaded_file($file['tmp_name'], $filePath)) {
return "Fail to move file, please contact administrator!";
}
return true;
}
function printEntry($path)
{
global $encoding;
if (!findEntry(".", $path, "findFromXML")) {
$classpath = array('./', "../WEB-INF/classes");
foreach ($classpath as $dir) {
if (file_exists(realpath("{$dir}/{$path}")) && isValidFile($dir, $path)) {
header("Content-Type:" . findMimiType($path) . ";charset={$encoding}");
readfile(realpath("{$dir}/{$path}"));
return;
}
}
if (!findEntry("../WEB-INF/lib/", $path, "findFromZip")) {
header("HTTP/1.0 404 Not Found");
}
}
}
public static function upload(&$return)
{
if (!isset($_POST['meta']) || empty($_POST['meta'])) {
$return['sucess'] = false;
$return['error'] = 'Please provide a meta type for the file upload (TEXT, FILE).';
return;
}
$meta = strtoupper($_POST['meta']);
if ($meta != 'FILE' && $meta != 'TEXT') {
$return['sucess'] = false;
$return['error'] = 'Invalid meta type! : ' . $meta;
return;
}
if ($meta == 'FILE') {
$err = isValidFile(PASTE_FILE_TMP_NAME, PASTE_MAX_LENGTH_MB * 1000 * 1000);
if ($err != true) {
$return['sucess'] = false;
$return['error'] = 'Bad file! Error: ' . $err;
return;
}
}
/* ensure that no output is sent to the json output */
/* create and fill the paste object */
$paste = new PasteHandler_Paste();
$paste->fill($_POST);
$paste->type = $meta;
if ($meta == 'FILE') {
$fileName = $_FILES[PASTE_FILE_TMP_NAME]['name'];
if (!get_magic_quotes_gpc()) {
$fileName = addslashes($fileName);
}
$dir = currentSite()->relativePath . 'uploads/';
$permFile = $dir . getRandomString() . '_' . $fileName;
$tmp = $_FILES[PASTE_FILE_TMP_NAME]["tmp_name"];
/* change name so there's no colissions if someone uploads a file named the same thing */
// $_FILES[PASTE_FILE_TMP_NAME]["tmp_name"] = $_FILES[PASTE_FILE_TMP_NAME]["name"] = getRandomString() . $_FILES[PASTE_FILE_TMP_NAME]["name"] ;
/* move the file out of the tmp directory */
move_uploaded_file($tmp, $permFile);
//echo 'tmp: ' . $tmp;
//echo 'path : ' . currentSite()->absolutePath . 'uploads/' . getRandomString() . $_FILES[PASTE_FILE_TMP_NAME]["name"];
if (exif_imagetype($permFile) !== false) {
$paste->type = 'IMAGE';
}
$paste->datapath = $permFile;
$paste->title = $fileName;
}
if (strlen($paste->data) > PASTE_MAX_LENGTH_MB * 1000 * 1000) {
$return['sucess'] = false;
$return['error'] = 'Paste too big. Please paste below ' . PASTE_MAX_LENGTH_MB . 'MB of data!';
return;
}
if ($paste->exposure === 'private' && !Account_AccountAPI::getLoggedIn()) {
$return['sucess'] = false;
$return['error'] = 'You cannot use private pastes without being logged in.';
return;
}
$longIP = findIPLong();
/* check that this ip has not submitted more then the limit of pastes in last hour */
$res = Lunor::$base->db->query('SELECT id from ' . TABLE_PREFIX . PASTE_TABLE_PREFIX . 'paste where `ip` = \'' . $longIP . '\' and DATE_SUB(NOW(), INTERVAL 1 HOUR) <= `since`;');
if ($res !== false) {
$res = Lunor::$base->dbi->fetchAll($res);
$entries = sizeof($res);
if ($entries >= PASTE_MAX_UPLOADS_PER_HOUR) {
$return['sucess'] = false;
$return['error'] = 'You have pasted too many items within the last hour. Please slow down. This is in place to stop spam bots.';
return;
}
}
/* give generated id */
$paste->id = self::generateUID();
$cur = new ORM_Operator(new PasteHandler_Paste(), array('id' => $paste->id));
while (!$cur->isEmpty()) {
$paste->id = self::generateUID();
$cur = new ORM_Operator(new PasteHandler_Paste(), array('id' => $paste->id));
}
$paste->views = 0;
$paste->since = 'CURRENT_TIMESTAMP';
$paste->ip = $longIP;
/* inset data into db */
Lunor::$base->dbi->beginTransaction();
Lunor::$base->dbi->setAdditionalPrefix(PASTE_TABLE_PREFIX);
/* insert base class into the db */
$paste->insert();
/* now need to put in variable table data */
if ($_POST['expiration'] === 'views') {
/* we are using the views table*/
Lunor::$base->dbi->insert('expiration_views')->map(array('paste_id' => $paste->id, 'view_limit' => $_POST['views']))->go();
} else {
/* otherwise we use the time table */
Lunor::$base->dbi->insert('expiration_time')->map(array('paste_id' => $paste->id, 'expires' => self::getTimestamp()))->go();
}
if ($_POST['meta'] === 'text') {
/* if type is text we need to insert for the syntax highlighting */
Lunor::$base->dbi->insert('paste_text')->map(array('paste_id' => $paste->id, 'syntax_highlighting' => $_POST['paste_mode']))->go();
}
/* adds our ip to the viewed list so we don't increment it ourself */
Lunor::$base->dbi->insert('paste_view')->map(array('paste_id' => $paste->id, 'ip_address' => $longIP))->go();
/* poster is not Guest! */
if (Account_AccountAPI::getLoggedIn()) {
Lunor::$base->dbi->insert('user_paste')->map(array('paste_id' => $paste->id, 'user_id' => Account_AccountAPI::getUserId()))->go();
}
/* if the transaction has to rollback then we let the client know it failed */
if (Lunor::$base->dbi->endTransaction() === false) {
$return['sucess'] = false;
return;
}
$return['id'] = $paste->id;
$return['sucess'] = true;
return;
}
function validate(&$key, &$value, $error_array = array(), $index = 0, $array_key = NULL)
{
// echo "Switch Test \$key: " . $key . " \$value: " . $value . " <br>\n" ;
switch ($key) {
case "numauthors":
case "numpages":
// echo "Switch Number \$key: " . $key . " \$value: " . $value . " <br>\n" ;
isIntegerMoreThanZero($value, &$error_array, &$index);
break;
case "email":
case "emailHome":
case "ConferenceContact":
// echo "Switch Email \$key: " . $key . " \$value: " . $value . " <br>\n" ;
valid_email($value, &$error_array, &$index);
break;
case "faxno":
case "phoneno":
// echo "Switch Phone \$key: " . $key . " \$value: " . $value . " <br>\n" ;
isValidPhoneNumber($value, &$error_array, &$index);
break;
case "phonenoHome":
// echo "Switch Phone \$key: " . $key . " \$value: " . $value . " <br>\n" ;
isValidPhoneNumber($value, &$error_array, &$index);
break;
case "userfile":
case "state":
case "commentfile":
// echo "Switch File \$key: " . $key . " \$value: " . $value . " <br>\n" ;
isValidFile($value, &$error_array, &$index, &$array_key);
break;
case "logofile":
isValidLogoFile($value, &$error_array, &$index, &$array_key);
break;
case "country":
isValidCountryCode($value, &$error_array, &$index);
break;
case "password":
case "newpwd":
isValidPassword($value, &$error_array, &$index);
break;
case "date":
case "ConferenceStartDate":
case "ConferenceEndDate":
case "arrStartDate":
case "arrEndDate":
if (isValidDate($value, &$error_array, &$index)) {
//is_date_expired( $value , date ( "j/m/Y" , time() ) , &$error_array , &$index ) ;
is_date_expired($value, date("Y-m-d", time()), &$error_array, &$index);
}
break;
default:
// echo "Default \$key: " . $key . " \$value: " . $value . " <br>\n" ;
break;
}
}
