/**
* This function accepts a file via URL or from $_FILES, verifies it, and places it in a temporary location for processing
*
* @param mixed Valid options are: (a) a URL to a file to retrieve or (b) a pointer to a file in the $_FILES array
*/
function accept_upload(&$upload)
{
$this->error = '';
if (!is_array($upload) and strval($upload) != '') {
$this->upload['extension'] = strtolower(file_extension($upload));
// Check extension here so we can save grabbing a large file that we aren't going to use
if (!$this->is_valid_extension($this->upload['extension'])) {
$this->set_error('upload_invalid_file');
return false;
}
// Admins can upload any size file
if ($this->registry->userinfo['permissions']['adminpermissions'] & $this->registry->bf_ugp_adminpermissions['cancontrolpanel']) {
$this->maxuploadsize = 0;
} else {
$this->maxuploadsize = $this->fetch_max_uploadsize($this->upload['extension']);
if (!$this->maxuploadsize) {
$newmem = 20971520;
}
}
if (!preg_match('#^((http|ftp)s?):\\/\\/#i', $upload)) {
$upload = 'http://' . $upload;
}
if (ini_get('allow_url_fopen') == 0 and !function_exists('curl_init')) {
$this->set_error('upload_fopen_disabled');
return false;
} else {
if ($filesize = $this->fetch_remote_filesize($upload)) {
if ($this->maxuploadsize and $filesize > $this->maxuploadsize) {
$this->set_error('upload_remoteimage_toolarge');
return false;
} else {
if (function_exists('memory_get_usage') and $memory_limit = @ini_get('memory_limit') and $memory_limit != -1) {
// Make sure we have enough memory to process this file
$memorylimit = vb_number_format($memory_limit, 0, false, null, '');
$memoryusage = memory_get_usage();
$freemem = $memorylimit - $memoryusage;
$newmemlimit = !empty($newmem) ? $freemem + $newmem : $freemem + $filesize;
if (($current_memory_limit = ini_size_to_bytes(@ini_get('memory_limit'))) < $newmemlimit and $current_memory_limit > 0) {
@ini_set('memory_limit', $newmemlimit);
}
}
require_once DIR . '/includes/class_vurl.php';
$vurl = new vB_vURL($this->registry);
$vurl->set_option(VURL_URL, $upload);
$vurl->set_option(VURL_HEADER, true);
$vurl->set_option(VURL_MAXSIZE, $this->maxuploadsize);
$vurl->set_option(VURL_RETURNTRANSFER, true);
if ($result = $vurl->exec2()) {
} else {
switch ($vurl->fetch_error()) {
case VURL_ERROR_MAXSIZE:
$this->set_error('upload_remoteimage_toolarge');
break;
case VURL_ERROR_NOLIB:
// this condition isn't reachable
$this->set_error('upload_fopen_disabled');
break;
case VURL_ERROR_SSL:
case VURL_URL_URL:
default:
$this->set_error('retrieval_of_remote_file_failed');
}
return false;
}
unset($vurl);
}
} else {
$this->set_error('upload_invalid_url');
return false;
}
}
// write file to temporary directory...
if ($this->registry->options['safeupload']) {
// ... in safe mode
$this->upload['location'] = $this->registry->options['tmppath'] . '/vbupload' . $this->userinfo['userid'] . substr(TIMENOW, -4);
} else {
// ... in normal mode
$this->upload['location'] = $this->registry->userinfo['permissions']['adminpermissions'] & $this->registry->bf_ugp_adminpermissions['cancontrolpanel'] ? tempnam(ini_get('upload_tmp_dir'), 'vbupload') : @tempnam(ini_get('upload_tmp_dir'), 'vbupload');
}
$attachment_write_failed = true;
if (!empty($result['body'])) {
$fp = $this->registry->userinfo['permissions']['adminpermissions'] & $this->registry->bf_ugp_adminpermissions['cancontrolpanel'] ? fopen($this->upload['location'], 'wb') : @fopen($this->upload['location'], 'wb');
if ($fp and $this->upload['location']) {
@fwrite($fp, $result['body']);
@fclose($fp);
$attachment_write_failed = false;
}
} else {
if (file_exists($result['body_file'])) {
if (rename($result['body_file'], $this->upload['location'])) {
$mask = 0777 & ~umask();
@chmod($this->upload['location'], $mask);
$attachment_write_failed = false;
}
}
}
if ($attachment_write_failed) {
$this->set_error('upload_writefile_failed');
return false;
}
$this->upload['filesize'] = @filesize($this->upload['location']);
$this->upload['filename'] = basename($upload);
$this->upload['extension'] = strtolower(file_extension($this->upload['filename']));
$this->upload['thumbnail'] = '';
$this->upload['filestuff'] = '';
$this->upload['url'] = true;
} else {
$this->upload['filename'] = trim($upload['name']);
$this->upload['filesize'] = intval($upload['size']);
$this->upload['location'] = trim($upload['tmp_name']);
$this->upload['extension'] = strtolower(file_extension($this->upload['filename']));
$this->upload['thumbnail'] = '';
$this->upload['filestuff'] = '';
if ($this->registry->userinfo['permissions']['adminpermissions'] & $this->registry->bf_ugp_adminpermissions['cancontrolpanel'] and $this->upload['error']) {
// Encountered PHP upload error
if (!($maxupload = @ini_get('upload_max_filesize'))) {
$maxupload = 10485760;
}
$maxattachsize = vb_number_format($maxupload, 1, true);
switch ($this->upload['error']) {
case '1':
// UPLOAD_ERR_INI_SIZE
// UPLOAD_ERR_INI_SIZE
case '2':
// UPLOAD_ERR_FORM_SIZE
$this->set_error('upload_file_exceeds_php_limit', $maxattachsize);
break;
case '3':
// UPLOAD_ERR_PARTIAL
$this->set_error('upload_file_partially_uploaded');
break;
case '4':
$this->set_error('upload_file_failed');
break;
case '6':
$this->set_error('missing_temporary_folder');
break;
case '7':
$this->set_error('upload_writefile_failed');
break;
case '8':
$this->set_error('upload_stopped_by_extension');
break;
default:
$this->set_error('upload_invalid_file');
}
return false;
} else {
if ($this->upload['error'] or $this->upload['location'] == 'none' or $this->upload['location'] == '' or $this->upload['filename'] == '' or !$this->upload['filesize'] or !is_uploaded_file($this->upload['location'])) {
if ($this->emptyfile or $this->upload['filename'] != '') {
$this->set_error('upload_file_failed');
}
return false;
}
}
if ($this->registry->options['safeupload']) {
$temppath = $this->registry->options['tmppath'] . '/' . $this->registry->session->fetch_sessionhash();
$moveresult = $this->registry->userinfo['permissions']['adminpermissions'] & $this->registry->bf_ugp_adminpermissions['cancontrolpanel'] ? move_uploaded_file($this->upload['location'], $temppath) : @move_uploaded_file($this->upload['location'], $temppath);
if (!$moveresult) {
$this->set_error('upload_unable_move');
return false;
}
$this->upload['location'] = $temppath;
}
}
$return_value = true;
($hook = vBulletinHook::fetch_hook('upload_accept')) ? eval($hook) : false;
return $return_value;
}
