/**
* Upload personal photo function
* Assumes all security checks have been performed by this point
*
* @access public
* @param integer [Optional] member id instead of current member
* @return array [ error (error message), status (status message [ok/fail] ) ]
*/
public function uploadPhoto($member_id = 0)
{
//-----------------------------------------
// INIT
//-----------------------------------------
$return = array('error' => '', 'status' => '', 'final_location' => '', 'final_width' => '', 'final_height' => '', 't_final_location' => '', 't_final_width' => '', 't_final_height' => '');
$member_id = $member_id ? intval($member_id) : intval($this->memberData['member_id']);
$memberData = IPSMember::load($member_id);
$real_name = '';
$upload_dir = '';
$t_real_name = '';
$p_max = $memberData['photoMaxKb'];
if (IN_ACP) {
$p_max = 10000;
}
if (!$member_id) {
return array('status' => 'cannot_find_member');
}
/* Fix up upload directory */
$paths = $this->_getProfileUploadPaths();
$upload_path = $paths['path'];
$upload_dir = $paths['dir'];
/* Check for an upload */
if ($_FILES['upload_photo']['name'] != "" and $_FILES['upload_photo']['name'] != "none") {
if (!IPSMember::canUploadPhoto($memberData)) {
$return['status'] = 'fail';
$return['error'] = 'no_photo_upload_permission';
return $return;
}
$real_name = 'photo-' . $member_id;
/* Fetch library */
require_once IPS_KERNEL_PATH . 'classUpload.php';
/*noLibHook*/
$upload = new classUpload();
/* Bit of set up */
$upload->out_file_name = 'photo-' . $member_id;
$upload->out_file_dir = $upload_path;
$upload->max_file_size = $p_max * 1024;
$upload->upload_form_field = 'upload_photo';
/* Set up our allowed types */
$upload->allowed_file_ext = array('gif', 'png', 'jpg', 'jpeg');
/* Remove any current photos - http://community.invisionpower.com/resources/bugs.html/_/ip-board/profile-picture-not-removed-on-replacement-r41405 */
$this->removeUploadedPhotos($member_id, $upload_path);
/* Upload */
$upload->process();
/* Oops, what happened? */
if ($upload->error_no) {
switch ($upload->error_no) {
case 1:
// No upload
$return['status'] = 'fail';
$return['error'] = 'upload_failed';
break;
case 2:
// Invalid file ext
$return['status'] = 'fail';
$return['error'] = 'invalid_file_extension';
break;
case 3:
// Too big...
$return['status'] = 'fail';
$return['error'] = 'upload_to_big';
break;
case 4:
// Cannot move uploaded file
$return['status'] = 'fail';
$return['error'] = 'upload_failed';
break;
case 5:
// Possible XSS attack (image isn't an image)
$return['status'] = 'fail';
$return['error'] = 'upload_failed';
break;
}
return $return;
}
/* We got this far.. */
$real_name = $upload->parsed_file_name;
$t_real_name = $upload->parsed_file_name;
/* Now build sized copies */
$return = $this->buildSizedPhotos($upload->parsed_file_name, $member_id);
}
return $return;
}
/**
* Uploads and saves file
*
* @return mixed void, or the new insert id
*/
public function processUpload()
{
//-----------------------------------------
// INIT
//-----------------------------------------
$this->error = '';
$this->getUploadFormSettings();
//-----------------------------------------
// Check upload dir
//-----------------------------------------
if (!$this->checkUploadDirectory()) {
if ($this->error) {
return;
}
}
//-----------------------------------------
// Can upload?
//-----------------------------------------
if (!$this->attach_stats['allow_uploads']) {
$this->error = 'upload_failed';
return;
}
//-----------------------------------------
// Got attachment types?
//-----------------------------------------
if (!$this->registry->cache()->getCache('attachtypes') or !is_array($this->registry->cache()->getCache('attachtypes'))) {
$attachtypes = array();
$this->DB->build(array('select' => 'atype_extension,atype_mimetype,atype_post,atype_img', 'from' => 'attachments_type', 'where' => "atype_post=1"));
$this->DB->execute();
while ($r = $this->DB->fetch()) {
$attachtypes[$r['atype_extension']] = $r;
}
$this->registry->cache()->updateCacheWithoutSaving('attachtypes', $attachtypes);
}
//-----------------------------------------
// Set up array
//-----------------------------------------
$attach_data = array('attach_ext' => "", 'attach_file' => "", 'attach_location' => "", 'attach_thumb_location' => "", 'attach_hits' => 0, 'attach_date' => time(), 'attach_post_key' => $this->attach_post_key, 'attach_member_id' => $this->memberData['member_id'], 'attach_rel_id' => $this->attach_rel_id, 'attach_rel_module' => $this->type, 'attach_filesize' => 0);
//-----------------------------------------
// Load the library
//-----------------------------------------
require_once IPS_KERNEL_PATH . 'classUpload.php';
/*noLibHook*/
$upload = new classUpload();
//-----------------------------------------
// Set up the variables
//-----------------------------------------
$upload->out_file_name = $this->type . '-' . $this->memberData['member_id'] . '-' . str_replace(array('.', ' '), '-', microtime());
$upload->out_file_dir = $this->upload_path;
$upload->max_file_size = $this->attach_stats['max_single_upload'] ? $this->attach_stats['max_single_upload'] : 1000000000;
$upload->make_script_safe = 1;
$upload->force_data_ext = 'ipb';
//-----------------------------------------
// Populate allowed extensions
//-----------------------------------------
if (is_array($this->registry->cache()->getCache('attachtypes')) and count($this->registry->cache()->getCache('attachtypes'))) {
/* SKINNOTE: I had to add [attachtypes] to this cache to make it work, may need fixing? */
//$tmp = $this->registry->cache()->getCache('attachtypes');
foreach ($this->registry->cache()->getCache('attachtypes') as $idx => $data) {
if ($data['atype_post']) {
$upload->allowed_file_ext[] = $data['atype_extension'];
}
}
}
//-----------------------------------------
// Upload...
//-----------------------------------------
$upload->process();
//-----------------------------------------
// Error?
//-----------------------------------------
if ($upload->error_no) {
switch ($upload->error_no) {
case 1:
// No upload
$this->error = 'upload_no_file';
return $attach_data;
break;
case 2:
// Invalid file ext
$this->error = 'invalid_mime_type';
return $attach_data;
break;
case 3:
// Too big...
$this->error = 'upload_too_big';
return $attach_data;
break;
case 4:
// Cannot move uploaded file
$this->error = 'upload_failed';
return $attach_data;
break;
case 5:
// Possible XSS attack (image isn't an image)
$this->error = 'upload_failed';
return $attach_data;
break;
}
}
//-----------------------------------------
// Still here?
//-----------------------------------------
if ($upload->saved_upload_name and @is_file($upload->saved_upload_name)) {
//-----------------------------------------
// Strip off { } and [ ]
//-----------------------------------------
$upload->original_file_name = str_replace(array('[', ']', '{', '}'), "", $upload->original_file_name);
$attach_data['attach_filesize'] = @filesize($upload->saved_upload_name);
$attach_data['attach_location'] = $this->upload_dir . $upload->parsed_file_name;
if (IPSText::isUTF8($upload->original_file_name)) {
$attach_data['attach_file'] = IPSText::convertCharsets($upload->original_file_name, "UTF-8", IPS_DOC_CHAR_SET);
} else {
$attach_data['attach_file'] = $upload->original_file_name;
}
$attach_data['attach_is_image'] = $upload->is_image;
$attach_data['attach_ext'] = $upload->real_file_extension;
if ($attach_data['attach_is_image'] == 1) {
require_once IPS_KERNEL_PATH . 'classImage.php';
/*noLibHook*/
require_once IPS_KERNEL_PATH . 'classImageGd.php';
/*noLibHook*/
/* Main attachment */
if (!empty($this->settings['attach_img_max_w']) and !empty($this->settings['attach_img_max_h'])) {
$image = new classImageGd();
$image->init(array('image_path' => $this->upload_path, 'image_file' => $upload->parsed_file_name));
$image->force_resize = false;
if ($imgData = $image->resizeImage($this->settings['attach_img_max_w'], $this->settings['attach_img_max_h'], false, true)) {
if (!$imgData['noResize']) {
$image->writeImage($this->upload_path . '/' . $upload->parsed_file_name);
}
if (is_array($imgData)) {
$attach_data['attach_img_width'] = $imgData['newWidth'];
$attach_data['attach_img_height'] = $imgData['newHeight'];
}
$attach_data['attach_filesize'] = @filesize($this->upload_path . '/' . $upload->parsed_file_name);
}
}
/* Thumb nail */
$image = new classImageGd();
$image->force_resize = true;
$image->init(array('image_path' => $this->upload_path, 'image_file' => $upload->parsed_file_name));
if (TRUE) {
if ($this->attach_settings['siu_width'] < $attach_data['attach_img_width'] or $this->attach_settings['siu_height'] < $attach_data['attach_img_height']) {
$_thumbName = preg_replace('#^(.*)\\.(\\w+?)$#', "\\1_thumb.\\2", $upload->parsed_file_name);
if ($thumb_data = $image->resizeImage($this->attach_settings['siu_width'], $this->attach_settings['siu_height'])) {
$image->writeImage($this->upload_path . '/' . $_thumbName);
if (is_array($thumb_data)) {
$thumb_data['thumb_location'] = $_thumbName;
}
}
} else {
/* Instead of building a thumb the same size as the main image, just copy the details */
$thumb_data = array('thumb_location' => $upload->parsed_file_name, 'newWidth' => $attach_data['attach_img_width'], 'newHeight' => $attach_data['attach_img_height']);
}
}
if ($thumb_data['thumb_location']) {
$attach_data['attach_img_width'] = $thumb_data['originalWidth'];
$attach_data['attach_img_height'] = $thumb_data['originalHeight'];
$attach_data['attach_thumb_width'] = $thumb_data['newWidth'];
$attach_data['attach_thumb_height'] = $thumb_data['newHeight'];
$attach_data['attach_thumb_location'] = $this->upload_dir . $thumb_data['thumb_location'];
}
}
//-----------------------------------------
// Make sure we send integers
// @link http://community.invisionpower.com/tracker/issue-32511-attachments-mysql-strict-mode
//-----------------------------------------
$attach_data['attach_img_width'] = intval($attach_data['attach_img_width']);
$attach_data['attach_img_height'] = intval($attach_data['attach_img_height']);
$attach_data['attach_thumb_width'] = intval($attach_data['attach_thumb_width']);
$attach_data['attach_thumb_height'] = intval($attach_data['attach_thumb_height']);
//-----------------------------------------
// Add into Database
//-----------------------------------------
$this->DB->insert('attachments', $attach_data);
$newid = $this->DB->getInsertId();
return $newid;
}
}
/**
* Saves the member's avatar
*
* @param INT Member's ID to save
* @param string Upload field name [Default is "upload_avatar"]
* @param string Avatar URL Field [Default is "avatar_url"]
* @param string Gallery Avatar Directory Field [Default is "avatar_gallery"]
* @param string Gallery Avatar Image Field [Default is "avatar_image"]
* @author Brandon Farber, Stolen By Matt 'Haxor' Mecham
* <code>
* Excepton Codes:
* NO_MEMBER_ID: A valid member ID was not passed.
* NO_PERMISSION: You do not have permission to change the avatar
* UPLOAD_NO_IMAGE: Nothing to upload
* UPLOAD_INVALID_FILE_EXT: Incorrect file extension (not an image)
* UPLOAD_TOO_LARGE: Upload is larger than allowed
* UPLOAD_CANT_BE_MOVED: Upload cannot be moved into the uploads directory
* UPLOAD_NOT_IMAGE: Upload is not an image, despite what the file extension says!
* NO_AVATAR_TO_SAVE: Nothing to save!
* </code>
*/
public function saveNewAvatar($member_id, $uploadFieldName = 'upload_avatar', $urlFieldName = 'avatar_url', $galleryFieldName = 'avatar_gallery', $avatarGalleryImage = 'avatar_image', $gravatarFieldName = 'gravatar_email')
{
//-----------------------------------------
// INIT
//-----------------------------------------
$avatar = array();
list($p_width, $p_height) = explode("x", strtolower($this->settings['avatar_dims']));
if (!$member_id) {
throw new Exception("NO_MEMBER_ID");
}
$member = IPSMember::load($member_id, 'extendedProfile,groups');
if (!$member['member_id']) {
throw new Exception("NO_MEMBER_ID");
}
//-----------------------------------------
// Allowed to upload pics for administrators?
//-----------------------------------------
if (IPS_AREA != 'public') {
if ($member['g_access_cp'] and !$this->registry->getClass('class_permissions')->checkPermission('member_photo_admin', 'members', 'members')) {
throw new Exception("NO_PERMISSION");
}
}
//-----------------------------------------
// Upload?
//-----------------------------------------
if ($_FILES[$uploadFieldName]['name'] != "" and $_FILES[$uploadFieldName]['name'] != "none") {
$this->settings['upload_dir'] = str_replace('.', '.', $this->settings['upload_dir']);
$real_name = 'av-' . $member_id;
require_once IPS_KERNEL_PATH . 'classUpload.php';
$upload = new classUpload();
$upload->out_file_name = $real_name;
$upload->out_file_dir = $this->settings['upload_dir'];
$upload->max_file_size = $this->settings['avup_size_max'] * 1024 * 8;
// Allow xtra for compression
$upload->upload_form_field = $uploadFieldName;
//-----------------------------------------
// Populate allowed extensions
//-----------------------------------------
if (is_array($this->cache->getCache('attachtypes')) and count($this->cache->getCache('attachtypes'))) {
foreach ($this->cache->getCache('attachtypes') as $data) {
if ($data['atype_photo']) {
if ($data['atype_extension'] == 'swf' and $this->settings['disable_flash']) {
continue;
}
$upload->allowed_file_ext[] = $data['atype_extension'];
}
}
}
//-----------------------------------------
// Upload...
//-----------------------------------------
$upload->process();
//-----------------------------------------
// Error?
//-----------------------------------------
if ($upload->error_no) {
switch ($upload->error_no) {
case 1:
// No upload
throw new Exception("UPLOAD_NO_IMAGE");
break;
case 2:
// Invalid file ext
throw new Exception("UPLOAD_INVALID_FILE_EXT");
break;
case 3:
// Too big...
throw new Exception("UPLOAD_TOO_LARGE");
break;
case 4:
// Cannot move uploaded file
throw new Exception("UPLOAD_CANT_BE_MOVED");
break;
case 5:
// Possible XSS attack (image isn't an image)
throw new Exception("UPLOAD_NOT_IMAGE");
break;
}
}
$real_name = $upload->parsed_file_name;
$im = array();
if (!$this->settings['disable_ipbsize'] and $upload->file_extension != '.swf') {
$imageDimensions = getimagesize($this->settings['upload_dir'] . '/' . $real_name);
if ($imageDimensions[0] > $p_width or $imageDimensions[1] > $p_height) {
require_once IPS_KERNEL_PATH . "classImage.php";
require_once IPS_KERNEL_PATH . "classImageGd.php";
$image = new classImageGd();
$image->init(array('image_path' => $this->settings['upload_dir'], 'image_file' => $real_name));
$return = $image->resizeImage($p_width, $p_height);
$image->writeImage($this->settings['upload_dir'] . '/' . $real_name);
$im['img_width'] = $return['newWidth'] ? $return['newWidth'] : $image->cur_dimensions['width'];
$im['img_height'] = $return['newHeight'] ? $return['newHeight'] : $image->cur_dimensions['height'];
} else {
$im['img_width'] = $imageDimensions[0];
$im['img_height'] = $imageDimensions[1];
}
} else {
$w = intval($this->request['man_width']) ? intval($this->request['man_width']) : $p_width;
$h = intval($this->request['man_height']) ? intval($this->request['man_height']) : $p_height;
$im['img_width'] = $w > $p_width ? $p_width : $w;
$im['img_height'] = $h > $p_height ? $p_height : $h;
}
//-----------------------------------------
// Set the "real" avatar..
//-----------------------------------------
$avatar['avatar_location'] = $real_name;
$avatar['avatar_size'] = $im['img_width'] . 'x' . $im['img_height'];
$avatar['avatar_type'] = 'upload';
} else {
if ($this->request[$urlFieldName] and IPSText::xssCheckUrl($this->request[$urlFieldName]) === true) {
$ext = explode(",", $this->settings['avatar_ext']);
$checked = 0;
$av_ext = preg_replace("/^.*\\.(\\S+)\$/", "\\1", $this->request[$urlFieldName]);
foreach ($ext as $v) {
if (strtolower($v) == strtolower($av_ext)) {
if ($v == 'swf' and $this->settings['disable_flash']) {
throw new Exception("INVALID_FILE_EXT");
}
$checked = 1;
break;
}
}
if ($checked != 1) {
throw new Exception("INVALID_FILE_EXT");
}
if (!$this->settings['disable_ipbsize']) {
if (!($img_size = @getimagesize($this->request[$urlFieldName]))) {
$img_size[0] = $p_width;
$img_size[1] = $p_height;
}
$im = IPSLib::scaleImage(array('max_width' => $p_width, 'max_height' => $p_height, 'cur_width' => $img_size[0], 'cur_height' => $img_size[1]));
} else {
$w = intval($this->request['man_width']) ? intval($this->request['man_width']) : $p_width;
$h = intval($this->request['man_height']) ? intval($this->request['man_height']) : $p_height;
$im['img_width'] = $w > $p_width ? $p_width : $w;
$im['img_height'] = $h > $p_height ? $p_height : $h;
}
$avatar['avatar_location'] = trim($this->request[$urlFieldName]);
$avatar['avatar_size'] = $im['img_width'] . 'x' . $im['img_height'];
$avatar['avatar_type'] = 'url';
} else {
if (isset($this->request[$galleryFieldName]) and $this->request[$avatarGalleryImage]) {
$directory = '';
if ($this->request[$galleryFieldName]) {
$directory = preg_replace("/[^\\s\\w_-]/", "", urldecode($this->request[$galleryFieldName]));
if ($directory) {
$directory .= '/';
}
}
$filename = preg_replace("/[^\\s\\w\\._\\-\\[\\]\\(\\)]/", "", urldecode($this->request[$avatarGalleryImage]));
if (file_exists(DOC_IPS_ROOT_PATH . PUBLIC_DIRECTORY . '/style_avatars/' . $directory . $filename)) {
$avatar['avatar_location'] = $directory . $filename;
$avatar['avatar_size'] = '';
$avatar['avatar_type'] = 'local';
}
} else {
if ($this->request[$gravatarFieldName] && $this->request[$gravatarFieldName] && $this->settings['allow_gravatars']) {
$avatar['avatar_location'] = strtolower($this->request[$gravatarFieldName]);
$avatar['avatar_type'] = 'gravatar';
}
}
}
}
//-----------------------------------------
// No avatar image?
//-----------------------------------------
if (!count($avatar)) {
throw new Exception("NO_AVATAR_TO_SAVE");
} else {
if ($avatar['avatar_type'] != 'upload') {
foreach (array('swf', 'jpg', 'jpeg', 'gif', 'png') as $ext) {
if (@file_exists($this->settings['upload_dir'] . "/av-" . $member_id . "." . $ext)) {
@unlink($this->settings['upload_dir'] . "/av-" . $member_id . "." . $ext);
}
}
}
}
//-----------------------------------------
// Store and redirect
//-----------------------------------------
IPSMember::save($member_id, array('extendedProfile' => $avatar));
return TRUE;
}
/**
* Upload background image
* Assumes all security checks have been performed by this point
*
* @access public
* @param integer [Optional] member id instead of current member
* @return array [ error (error message), status (status message [ok/fail] ) ]
*/
public function uploadBackgroundImage($member_id = 0)
{
/* Init vars */
$member_id = $member_id ? intval($member_id) : intval($this->memberData['member_id']);
$p_max = $this->memberData['g_max_bgimg_upload'] ? intval($this->memberData['g_max_bgimg_upload']) : 999999999;
$real_name = '';
$upload_dir = '';
$final_location = '';
$return = array('error' => '', 'status' => '', 'final_location' => '', 'maxSize' => $p_max);
if (!$member_id) {
return array('status' => 'cannot_find_member');
}
//-----------------------------------------
// Sort out upload dir
//-----------------------------------------
/* Fix for bug 5075 */
$this->settings['upload_dir'] = str_replace('.', '.', $this->settings['upload_dir']);
$upload_path = $this->settings['upload_dir'];
# Preserve original path
$_upload_path = $this->settings['upload_dir'];
//-----------------------------------------
// Already a dir?
//-----------------------------------------
if (!file_exists($upload_path . "/bgimages")) {
if (@mkdir($upload_path . "/bgimages", IPS_FOLDER_PERMISSION)) {
@file_put_contents($upload_path . '/bgimages/index.html', '');
@chmod($upload_path . "/bgimages", IPS_FOLDER_PERMISSION);
# Set path and dir correct
$upload_path .= "/bgimages";
$upload_dir = "bgimages/";
} else {
# Set path and dir correct
$upload_dir = "";
}
} else {
# Set path and dir correct
$upload_path .= "/bgimages";
$upload_dir = "bgimages/";
}
//-----------------------------------------
// Lets check for an uploaded photo..
//-----------------------------------------
if ($_FILES['bg_upload']['name'] != "" and $_FILES['bg_upload']['name'] != "none") {
//-----------------------------------------
// Are we allowed to upload this photo?
//-----------------------------------------
if ($p_max < 0) {
$return['status'] = 'fail';
$return['error'] = 'no_bgimg_upload_permission';
}
//-----------------------------------------
// Remove any uploaded photos...
//-----------------------------------------
$this->removeUploadedBackgroundImages($member_id);
$real_name = 'bgimg-' . $member_id;
//-----------------------------------------
// Load the library
//-----------------------------------------
require_once IPS_KERNEL_PATH . 'classUpload.php';
/*noLibHook*/
$upload = new classUpload();
//-----------------------------------------
// Set up the variables
//-----------------------------------------
$upload->out_file_name = 'bgimg-' . $member_id;
$upload->out_file_dir = $upload_path;
$upload->max_file_size = $p_max * 1024;
$upload->upload_form_field = 'bg_upload';
//-----------------------------------------
// Populate allowed extensions
//-----------------------------------------
$upload->allowed_file_ext = array('gif', 'png', 'jpg', 'jpeg');
//-----------------------------------------
// Upload...
//-----------------------------------------
$upload->process();
//-----------------------------------------
// Error?
//-----------------------------------------
if ($upload->error_no) {
switch ($upload->error_no) {
case 1:
// No upload
$return['status'] = 'fail';
$return['error'] = 'upload_failed';
break;
case 2:
// Invalid file ext
$return['status'] = 'fail';
$return['error'] = 'invalid_file_extension';
break;
case 3:
// Too big...
$return['status'] = 'fail';
$return['error'] = 'upload_to_big';
break;
case 4:
// Cannot move uploaded file
$return['status'] = 'fail';
$return['error'] = 'upload_failed';
break;
case 5:
// Possible XSS attack (image isn't an image)
$return['status'] = 'fail';
$return['error'] = 'upload_failed';
break;
}
return $return;
}
//-----------------------------------------
// Still here?
//-----------------------------------------
$real_name = $upload->parsed_file_name;
$t_real_name = $upload->parsed_file_name;
//-----------------------------------------
// Check the file size (after compression)
//-----------------------------------------
if (filesize($upload_path . "/" . $real_name) > $p_max * 1024) {
@unlink($upload_path . "/" . $real_name);
// Too big...
$return['status'] = 'fail';
$return['error'] = 'upload_to_big';
return $return;
}
//-----------------------------------------
// Main
//-----------------------------------------
$final_location = $upload_dir . $real_name;
} else {
$return['status'] = 'ok';
return $return;
}
//-----------------------------------------
// Return...
//-----------------------------------------
$return['final_location'] = $final_location;
$return['status'] = 'ok';
return $return;
}
/**
* Upload a file
*
* @access protected
* @return void
*/
protected function _uploadFile()
{
//-----------------------------------------
// Check path
//-----------------------------------------
$path = urldecode($this->request['in']);
$this->_checkPath($path);
//-----------------------------------------
// Get upload class and do upload
//-----------------------------------------
require_once IPS_KERNEL_PATH . 'classUpload.php';
$upload = new classUpload();
$upload->upload_form_field = 'FILE_UPLOAD';
$upload->allowed_file_ext = array('gif', 'bmp', 'png', 'jpg', 'jpeg', 'tiff');
$upload->out_file_dir = $path;
$upload->max_file_size = '10000000';
$upload->process();
//-----------------------------------------
// Successful?
//-----------------------------------------
if ($upload->error_no) {
switch ($upload->error_no) {
case 1:
$this->registry->output->showError($this->lang->words['upload_error_1']);
break;
case 2:
$this->registry->output->showError($this->lang->words['upload_error_2']);
break;
case 3:
$this->registry->output->showError($this->lang->words['upload_error_3']);
break;
case 4:
$this->registry->output->showError($this->lang->words['upload_error_4']);
break;
case 5:
$this->registry->output->showError($this->lang->words['upload_error_5']);
break;
}
}
$this->registry->output->global_message = $this->lang->words['file_uploaded'];
$this->registry->output->silentRedirectWithMessage($this->settings['base_url'] . 'module=media§ion=list&do=viewdir&dir=' . $path);
}
/**
* Uploads and saves file
*
* @access public
* @return mixed void, or an array of new insert ids
*/
public function processMultipleUploads()
{
/* INIT */
$this->error = '';
$this->getUploadFormSettings();
/* Check the upload directory */
if (!$this->checkUploadDirectory()) {
if ($this->error) {
return;
}
}
/* Setup Attachment Types */
if (!$this->registry->cache()->getCache('attachtypes') or !is_array($this->registry->cache()->getCache('attachtypes'))) {
$attachtypes = array();
$this->DB->build(array('select' => 'atype_extension,atype_mimetype,atype_post,atype_photo,atype_img', 'from' => 'attachments_type', 'where' => "atype_photo=1 OR atype_post=1"));
$this->DB->execute();
while ($r = $this->DB->fetch()) {
$attachtypes[$r['atype_extension']] = $r;
}
$this->registry->cache()->updateCacheWithoutSaving('attachtypes', $attachtypes);
}
/* Can Upload */
if (!$this->attach_stats['allow_uploads']) {
$this->error = 'upload_failed';
return;
}
/* Attachment Library */
require_once IPS_KERNEL_PATH . 'classUpload.php';
$upload = new classUpload();
/* Set up the library */
$upload->out_file_dir = $this->upload_path;
$upload->max_file_size = $this->attach_stats['max_single_upload'] ? $this->attach_stats['max_single_upload'] : 1000000000;
$upload->make_script_safe = 1;
$upload->force_data_ext = 'ipb';
/* Populate allowed extensions */
if (is_array($this->registry->cache()->getCache('attachtypes')) and count($this->registry->cache()->getCache('attachtypes'))) {
/* SKINNOTE: I had to add [attachtypes] to this cache to make it work, may need fixing? */
//$tmp = $this->registry->cache()->getCache('attachtypes');
foreach ($this->registry->cache()->getCache('attachtypes') as $idx => $data) {
if ($data['atype_post']) {
$upload->allowed_file_ext[] = $data['atype_extension'];
}
}
}
/* Attempt to upload everything int he $_FILES array */
$upload_results = array();
if (isset($_FILES) && is_array($_FILES) && count($_FILES)) {
foreach ($_FILES as $_field_name => $data) {
if (!$_FILES[$_field_name]['size']) {
continue;
}
/* Set File Name */
$upload->out_file_name = $this->type . '-' . $this->memberData['member_id'] . '-' . time() % $_FILES[$_field_name]['size'];
/* Set File Name */
$upload->upload_form_field = $_field_name;
/* Attachment Data Array */
$attach_data = array('attach_ext' => "", 'attach_file' => "", 'attach_location' => "", 'attach_thumb_location' => "", 'attach_hits' => 0, 'attach_date' => time(), 'attach_temp' => 0, 'attach_post_key' => $this->attach_post_key, 'attach_member_id' => $this->memberData['member_id'], 'attach_rel_id' => $this->attach_rel_id, 'attach_rel_module' => $this->type, 'attach_filesize' => 0);
/* Upload... */
$upload->process();
/* Error Check */
if ($upload->error_no) {
switch ($upload->error_no) {
case 1:
// No upload
$upload_results[$_field_name] = 'upload_no_file';
break;
case 2:
// Invalid file ext
$upload_results[$_field_name] = 'invalid_mime_type';
break;
case 3:
// Too big...
$upload_results[$_field_name] = 'upload_too_big';
break;
case 4:
// Cannot move uploaded file
$upload_results[$_field_name] = 'upload_failed';
break;
case 5:
// Possible XSS attack (image isn't an image)
$upload_results[$_field_name] = 'upload_failed';
break;
}
}
/* Still Here */
if ($upload->saved_upload_name and @file_exists($upload->saved_upload_name)) {
/* Strip off { } and [ ] */
$upload->original_file_name = str_replace(array('[', ']', '{', '}'), "", $upload->original_file_name);
$attach_data['attach_filesize'] = @filesize($upload->saved_upload_name);
$attach_data['attach_location'] = $this->upload_dir . $upload->parsed_file_name;
$attach_data['attach_file'] = $upload->original_file_name;
$attach_data['attach_is_image'] = $upload->is_image;
$attach_data['attach_ext'] = $upload->real_file_extension;
if ($attach_data['attach_is_image'] == 1) {
require_once IPS_KERNEL_PATH . "classImage.php";
require_once IPS_KERNEL_PATH . "classImageGd.php";
$image = new classImageGd();
$image->init(array('image_path' => $this->upload_path, 'image_file' => $upload->parsed_file_name));
if ($this->attach_settings['siu_thumb']) {
$_thumbName = preg_replace("#^(.*)\\.(\\w+?)\$#", "\\1_thumb.\\2", $upload->parsed_file_name);
$thumb_data = $image->resizeImage($this->attach_settings['siu_width'], $this->attach_settings['siu_height']);
$image->writeImage($this->upload_path . '/' . $_thumbName);
if (is_array($thumb_data)) {
$thumb_data['thumb_location'] = $_thumbName;
}
}
if ($thumb_data['thumb_location']) {
$attach_data['attach_img_width'] = $thumb_data['originalWidth'];
$attach_data['attach_img_height'] = $thumb_data['originalHeight'];
$attach_data['attach_thumb_width'] = $thumb_data['newWidth'];
$attach_data['attach_thumb_height'] = $thumb_data['newHeight'];
$attach_data['attach_thumb_location'] = $this->upload_dir . $thumb_data['thumb_location'];
}
}
/* Add into Database */
$this->DB->insert('attachments', $attach_data);
$upload_results[$_field_name] = $this->DB->getInsertId();
}
}
}
return $upload_results;
}
