/** * Securely manage all the unzipping process of an uploaded document * * @author Christophe Gesch� <*****@*****.**> * * @param array $uploadedFile - follows the $_FILES Structure * @param string $uploadPath - destination of the upload. * This path is to append to $baseWorkDir * @param string $baseWorkDir - base working directory of the module * @param int $maxFilledSpace - amount of bytes to not exceed in the base * working directory * @param string $allowPHP - if set to true, then there is no security check for .php files * * @return boolean true if it succeeds false otherwise */ function treat_secure_uploaded_file_unzip($uploadedFile, $uploadPath, $baseWorkDir, $maxFilledSpace, $allowPHP = false) { $uploadedFileName = $uploadedFile['tmp_name']; return treat_secure_file_unzip($uploadedFileName, $uploadPath, $baseWorkDir, $maxFilledSpace, $allowPHP); }
/** * Unzip the module package * @param string $packageFileName * @return string module path * @todo use this function in get_and_unzip_uploaded_package() * @todo remove the need of the Backlog and use Exceptions instead */ function unzip_package($packageFileName) { $backlog_message = array(); //1- Unzip folder in a new repository in claroline/module require_once dirname(__FILE__) . '/../thirdparty/pclzip/pclzip.lib.php'; if (!function_exists('gzopen')) { $backlog_message[] = get_lang('Error : no zlib extension found'); return claro_failure::set_failure($backlog_message); } //unzip files $moduleRepositorySys = get_path('rootSys') . 'module/'; //create temp dir for upload claro_mkdir($moduleRepositorySys, CLARO_FILE_PERMISSIONS, true); $uploadDirFullPath = claro_mkdir_tmp($moduleRepositorySys); $uploadDir = str_replace($moduleRepositorySys, '', $uploadDirFullPath); $modulePath = $moduleRepositorySys . $uploadDir . '/'; if (preg_match('/.zip$/i', $packageFileName) && treat_secure_file_unzip($packageFileName, $uploadDir, $moduleRepositorySys, get_conf('maxFilledSpaceForModule', 10000000), true)) { $backlog_message[] = get_lang('Files dezipped sucessfully in %path', array('%path' => $modulePath)); } else { $backlog_message[] = get_lang('Impossible to unzip file'); claro_delete_file($modulePath); return claro_failure::set_failure($backlog_message); } return $modulePath; }