function macro_UploadedFiles($formatter, $value = "", $options = "")
{
global $DBInfo;
$use_preview = $DBInfo->use_preview_uploads ? $DBInfo->use_preview_uploads : 0;
$preview_width = 64;
#$use_preview=0;
$use_admin = 1;
$use_fileinfo = 1;
$js_tag = 0;
$js_script = '';
$uploader = '';
// get user id
if (empty($formatter->preview) && empty($options)) {
$options = array();
$options['id'] = $DBInfo->user->id;
}
if (isset($DBInfo->members) and !in_array($options['id'], $DBInfo->members)) {
$use_admin = 0;
}
$iconset = 'gnome';
$icon_dir = $DBInfo->imgs_dir . '/plugin/UploadedFiles/' . $iconset;
$args = !empty($DBInfo->uploadedfiles_options) ? explode(',', $DBInfo->uploadedfiles_options) : array();
$nargs = explode(',', $value);
if (!empty($nargs)) {
$args = array_merge($args, $nargs);
}
$value = '';
$default_column = 8;
$col = (!empty($options['col']) and $options['col'] > 0) ? (int) $options['col'] : $default_column;
if (!empty($formatter->preview)) {
$js_tag = 1;
$use_preview = 1;
$uploader = 'UploadForm';
$use_admin = 0;
$use_fileinfo = 0;
$col = 10000;
} else {
if (!empty($options['preview'])) {
$use_preview = 1;
$use_admin = 0;
$use_fileinfo = 0;
}
}
if (!empty($options['tag'])) {
# javascript tag mode
$js_tag = 1;
$use_preview = 1;
$use_admin = 0;
$use_fileinfo = 0;
$col = 10000;
}
if ($use_fileinfo) {
$col = 1;
}
$href_attr = '';
$attr = '';
if (!empty($DBInfo->use_lightbox) and !$js_tag) {
$href_attr = ' rel="lightbox[upload]" ';
}
$nodir = 0;
foreach ($args as $arg) {
$arg = trim($arg);
if (($p = strpos($arg, '=')) !== false) {
$k = substr($arg, 0, $p);
$v = substr($arg, $p + 1);
if ($k == 'preview') {
$use_preview = $v;
} else {
if ($k == 'nodir') {
$nodir = $v;
} else {
if ($k == 'tag') {
$js_tag = 1;
$use_preview = 1;
}
}
}
} else {
$value = $arg;
}
}
if (!isset($options['nodir'])) {
$options['nodir'] = $nodir;
}
if (!empty($options['page'])) {
$value = $options['page'];
}
// avoid to set the pagename of the "page,name" as "name"
if ($js_tag) {
$form = 'editform';
$js_script = <<<EOS
<script language="javascript" type="text/javascript">
/*<![CDATA[*/
// based on wikibits.js in the MediaWiki
// small fix to use opener in the dokuwiki.
function insertTags(tagOpen,tagClose,myText,replaced)
{
var is_ie = document.selection && document.all;
if (document.{$form}) {
var txtarea = document.{$form}.savetext;
} else {
// some alternate form? take the first one we can find
var areas = document.getElementsByTagName('textarea');
if (areas.length > 0) {
var txtarea = areas[0];
} else if (opener) {
// WikiWyg support
if (opener.document.{$form} && opener.document.{$form}.savetext) {
txtarea = opener.document.{$form}.savetext;
} else {
txtarea = opener.document.getElementsByTagName('textarea')[0];
}
var my=opener.document.getElementById('editor_area');
while (my == null || my.style.display == 'none') { // wikiwyg hack
txtarea = opener.document.getElementById('wikiwyg_wikitext_textarea');
// get iframe and check visibility.
var myframe = opener.document.getElementsByTagName('iframe')[0];
if (myframe.style.display == 'none' || myframe.parentNode.style.display == 'none') break;
var postdata = 'action=markup/ajax&value=' + encodeURIComponent(tagOpen + myText + tagClose);
var myhtml='';
myhtml= HTTPPost(self.location, postdata);
var mnew = myhtml.replace(/^<div>/i,''); // strip div tag
mnew = mnew.replace(/<\\/div>\\s*\$/i,''); // strip div tag
if (is_ie) {
var range = myframe.contentWindow.document.selection.createRange();
if (range.boundingTop == 2 && range.boundingLeft == 2)
return;
range.pasteHTML(html);
range.collapse(false);
range.select();
} else {
myframe.contentWindow.document.execCommand('inserthtml', false, mnew + ' ');
}
return;
}
} else {
return; // XXX
}
}
if(is_ie) {
var theSelection = document.selection.createRange().text;
txtarea.focus();
if(theSelection.charAt(theSelection.length - 1) == " "){
// exclude ending space char, if any
theSelection = theSelection.substring(0, theSelection.length - 1);
document.selection.createRange().text = theSelection + tagOpen + myText + tagClose + " ";
} else {
document.selection.createRange().text = theSelection + tagOpen + myText + tagClose + " ";
}
}
// Mozilla
else if(txtarea.selectionStart || txtarea.selectionStart == '0') {
\t\t//var replaced = false;
\t\tvar startPos = txtarea.selectionStart;
\t\tvar endPos = txtarea.selectionEnd;
\t\tif (!replaced && endPos-startPos)
\t\t\treplaced = true;
\t\tvar scrollTop = txtarea.scrollTop;
\t\tif (myText.charAt(myText.length - 1) == " ") { // exclude ending space char, if any
\t\t\tsubst = tagOpen + myText.substring(0, (myText.length - 1)) + tagClose + " ";
\t\t} else {
\t\t\tsubst = tagOpen + myText + tagClose;
\t\t}
\t\ttxtarea.value = txtarea.value.substring(0, startPos) + subst +
\t\t\ttxtarea.value.substring(endPos, txtarea.value.length);
\t\ttxtarea.focus();
\t\t//set new selection
\t\tif (replaced) {
\t\t\tvar cPos = startPos+(tagOpen.length+myText.length+tagClose.length);
\t\t\ttxtarea.selectionStart = cPos;
\t\t\ttxtarea.selectionEnd = cPos;
\t\t} else {
\t\t\ttxtarea.selectionStart = startPos+tagOpen.length;
\t\t\ttxtarea.selectionEnd = startPos+tagOpen.length+myText.length;
\t\t}\t
\t\ttxtarea.scrollTop = scrollTop;
} else { // All others
txtarea.value += tagOpen + myText + tagClose + " ";
txtarea.focus();
}
}
/*]]>*/
</script>
EOS;
}
if (!empty($DBInfo->download_action)) {
$mydownload = $DBInfo->download_action;
} else {
$mydownload = 'download';
}
$checkbox = 'checkbox';
$needle = "//";
if (!empty($options['download']) || !empty($DBInfo->force_download)) {
$force_download = 1;
if (!empty($options['download'])) {
$mydownload = $options['download'];
}
}
if (!empty($options['needle'])) {
$needle = '@' . $options['needle'] . '@i';
}
if (!empty($options['checkbox'])) {
$checkbox = $options['checkbox'];
}
if (!in_array('UploadFile', $formatter->actions)) {
$formatter->actions[] = 'UploadFile';
}
if ($value and $value != 'UploadFile') {
$key = $DBInfo->pageToKeyname($value);
//if ($force_download or $key != $value)
$down_prefix = $formatter->link_url(_rawurlencode($value), "?action={$mydownload}&value=");
$dir = $DBInfo->upload_dir . "/{$key}";
} else {
$value = $formatter->page->urlname;
$key = $DBInfo->pageToKeyname($formatter->page->name);
//if ($force_download or $key != $formatter->page->name)
$down_prefix = $formatter->link_url($formatter->page->urlname, "?action={$mydownload}&value=");
$dir = $DBInfo->upload_dir . "/{$key}";
}
// support hashed upload_dir
if (!is_dir($dir) and !empty($DBInfo->use_hashed_upload_dir)) {
$dir = $DBInfo->upload_dir . '/' . get_hashed_prefix($key) . $key;
}
if (!empty($force_download) or $key != $value) {
$prefix = $down_prefix;
}
if (!empty($formatter->preview) and $formatter->page->name == $value) {
$opener = '';
} else {
$opener = $value . ':';
}
if ($value != 'UploadFile' and file_exists($dir)) {
$handle = opendir($dir);
} else {
$key = '';
$value = 'UploadFile';
if (!$force_download) {
$prefix .= $prefix ? '/' : '';
}
$dir = $DBInfo->upload_dir;
$handle = opendir($dir);
$opener = '/';
}
$upfiles = array();
$dirs = array();
$per = !empty($DBInfo->uploadedfiles_per_page) ? $DBInfo->uploadedfiles_per_page : 100;
// set nodir option to show only files
if (!empty($options['needle']) && !isset($options['nodir'])) {
$options['nodir'] = true;
} else {
if (!isset($options['nodir'])) {
$options['nodir'] = false;
}
}
// count files/dirs
$count_files = 0;
$count_dirs = 0;
$uf = new Cache_text('settings');
if (($info = $uf->fetch('uploadedfiles')) !== false) {
$count_files = $info['files'];
$count_dirs = $info['dirs'];
} else {
while (($file = readdir($handle)) !== false) {
if ($file[0] == '.') {
continue;
}
if (is_dir($dir . "/" . $file)) {
$count_dirs++;
} else {
$count_files++;
}
}
rewinddir($handle);
// TTL = 1 day
$uf->update('uploadedfiles', array('files' => $count_files, 'dirs' => $count_dirs), 60 * 60 * 24);
}
// XXX
$plink = '';
if (!empty($options['p'])) {
$p = $options['p'] ? (int) $options['p'] : 1;
} else {
$p = 1;
}
$pfrom = ($p - 1) * $per;
$pto = $pfrom + $per;
$count = 0;
while (($file = readdir($handle)) !== false) {
if ($file[0] == '.') {
continue;
}
if ($count >= $pfrom) {
if (is_dir($dir . "/" . $file)) {
if ($options['nodir']) {
continue;
}
if ($value == 'UploadFile') {
$dirs[] = $DBInfo->keyToPagename($file);
}
} else {
if (preg_match($needle, $file) and $count >= $pfrom) {
if ($count < $pto) {
$upfiles[] = _p_filename($file);
}
}
}
}
$count++;
if ($count >= $pto) {
$plink = 1;
break;
}
}
closedir($handle);
if (!$upfiles and !$dirs) {
return "<h3>" . _("No files found") . "</h3>";
}
sort($upfiles);
sort($dirs);
$link = $formatter->link_url($formatter->page->urlname);
$out = "<form method='post' action='{$link}'>";
$out .= "<p><input type='hidden' name='action' value='DeleteFile' />\n";
if ($key) {
$out .= "<input type='hidden' name='value' value=\"{$value}\" />\n";
}
$out .= "</p><table style='border:0px' cellpadding='2' class='info'>\n";
// set colspan to show file informations
$c = 1;
if ($use_admin) {
$c = 2;
}
if ($c) {
$colspan = ' colspan="' . $c . '"';
}
if ($use_fileinfo) {
$mname = _("File name");
$msize = _("Size");
$mdate = _("Date");
$out .= "<tr><th{$colspan}>{$mname}</th><th>{$msize}</th><th>{$mdate}</th></tr>\n";
$c += 2;
}
// set colspan again
if ($c > 1) {
$colspan = ' colspan="' . $c . '"';
}
$idx = 1;
if ($js_tag) {
#$attr=' target="_blank"';
$extra = '&popup=1&tag=1';
} else {
$attr = '';
$extra = '';
}
// support hashed upload_dir
if (!empty($DBInfo->use_hashed_upload_dir)) {
$ndirs = array();
foreach ($dirs as $d0) {
if (strlen($d0) != 1) {
$ndirs[] = $d0;
continue;
}
$handle = opendir($DBInfo->upload_dir . '/' . $d0);
if (!is_resource($handle)) {
continue;
}
$pre = $DBInfo->upload_dir . '/' . $d0;
while (($d = readdir($handle)) !== false) {
if (!is_dir($pre . '/' . $d)) {
$ndirs[] = $d0;
break;
}
if ($d[0] == $d0[0]) {
$hd = opendir($pre . '/' . $d);
if (!is_resource($hd)) {
continue;
}
$pre1 = $pre . '/' . $d;
while (($d1 = readdir($hd)) !== false) {
if ($d1[0] == '.') {
continue;
}
if (is_dir($pre1 . '/' . $d1)) {
$ndirs[] = $d1;
}
}
closedir($hd);
}
}
closedir($handle);
}
$dirs = $ndirs;
sort($dirs);
}
// count dirs
$didx = 0;
if (count($dirs)) {
$out .= "<tr>";
$didx++;
}
foreach ($dirs as $file) {
$link = $formatter->link_url($file, "?action=uploadedfiles{$extra}", $file, $attr);
$key = $DBInfo->pageToKeyname($file);
// support hashed upload_dir
$pre = '';
if (!empty($DBInfo->use_hashed_upload_dir)) {
$pre = get_hashed_prefix($key);
if (!is_dir($dir . '/' . $pre . $key)) {
$pre = '';
}
}
$dirname = $dir . '/' . $pre . $key;
$date = date("Y-m-d", filemtime($dirname));
$file = _html_escape($file);
if ($use_admin) {
$out .= "<td class='wiki'><input type='{$checkbox}' name='files[{$idx}]' value=\"{$file}\" /></td>";
}
$out .= "<td class='wiki'><a href='{$link}'>{$file}/</a></td>";
if ($use_fileinfo) {
$out .= "<td align='right' class='wiki'> </td><td class='wiki'>{$date}</td>";
}
if ($didx % $col == 0) {
$out .= "</tr>\n<tr>\n";
}
$idx++;
$didx++;
}
if (isset($value[0]) and $value != 'UploadFile') {
if ($js_tag) {
#$attr=' target="_blank"';
$extra = '&popup=1&tag=1';
}
if (!empty($options['needle'])) {
$extra .= '&q=' . $options['needle'];
}
$link = $formatter->link_tag('UploadFile', "?action=uploadedfiles&value=top{$extra}", "<img src='" . $icon_dir . "/32/up.png' style='border:0' class='upper' alt='..' />", $attr);
$out .= "<tr>";
if ($use_admin) {
$out .= "<td class='wiki'> </td>";
}
$out .= "<td class='wiki'>{$link}</td>";
if ($use_fileinfo) {
$date = date("Y-m-d", filemtime($dir . "/.."));
$out .= "<td align='right' class='wiki'> </td><td class='wiki'>{$date}</td>";
}
if ($didx % $col == 0) {
$out .= "</tr>\n<tr>\n";
}
$didx++;
}
if (!empty($options['needle'])) {
$extra .= '&q=' . $options['needle'];
}
if (isset($options['nodir'])) {
$extra .= '&nodir=' . $options['nodir'];
}
if ($plink) {
$plink = $formatter->link_tag('', "?action=uploadedfiles{$extra}&p=" . ($p + 1), _("Next page »"), $attr);
} else {
if ($p > 1) {
$plink = $formatter->link_tag('', "?action=uploadedfiles{$extra}", _("« First page"), $attr);
}
}
if (empty($prefix)) {
$prefix = str_replace($DBInfo->upload_dir, $DBInfo->upload_dir_url, $dir) . '/';
}
$unit = array('Bytes', 'KB', 'MB', 'GB', 'TB');
$down_mode = strpos($prefix, ';value=') !== false;
$mywidth = $preview_width;
if (empty($didx)) {
// no dirs found.
$out .= '<tr>';
}
$iidx = $didx;
// file index
foreach ($upfiles as $file) {
$_l_file = _l_filename($file);
// force download with some extensions. XXX
if ($down_mode or preg_match('/\\.(pl|cgi|py|php.?)$/', $file)) {
$link = str_replace(";value=", ";value=" . rawurlencode($file), $down_prefix);
} else {
$link = $prefix . rawurlencode($file);
}
// XXX
$previewlink = $link;
$size = filesize($dir . '/' . $_l_file);
if (!empty($use_preview)) {
preg_match("/\\.(.{1,4})\$/", $file, $m);
$ext = isset($m[1]) ? strtolower($m[1]) : '';
if ($use_preview > 1 and $ext and stristr('gif,png,jpeg,jpg', $ext)) {
list($w, $h) = getimagesize($dir . '/' . $file);
if ($w <= $preview_width) {
$mywidth = $w;
} else {
$mywidth = $preview_width;
}
if (file_exists($dir . "/thumbnails/" . $_l_file)) {
if ($down_mode) {
$previewlink = str_replace('value=', 'value=thumbnails/', $previewlink);
} else {
$previewlink = $prefix . 'thumbnails/' . rawurlencode($file);
}
}
}
}
if (!empty($use_fileinfo)) {
$i = 0;
for (; $i < 4; $i++) {
if ($size <= 1024) {
#$size= round($size,2).' '.$unit[$i];
break;
}
$size = $size / 1024;
}
$size = round($size, 2) . ' ' . $unit[$i];
}
$date = date('Y-m-d', filemtime($dir . '/' . $_l_file));
$fname = $file;
if ($use_preview or $js_tag) {
$tag_open = 'attachment:';
$tag_close = '';
if ($opener != $value) {
$tag_open .= $opener;
}
$alt = "alt='{$tag_open}{$file}{$tag_close}' title='{$file}'";
if ($ext and stristr('gif,png,jpeg,jpg', $ext)) {
$fname = "<img src='{$previewlink}' class='icon' width='{$mywidth}' {$alt} />";
$attr .= $href_attr;
} else {
if (preg_match('/^(wmv|avi|mpeg|mpg|swf|wav|mp3|ogg|midi|mid|mov)$/', $ext)) {
$tag_open = '[[Media(';
$tag_close = ')]]';
$alt = "{$tag_open}{$file}{$tag_close}";
} else {
if (!preg_match('/^(bmp|c|h|java|py|bak|diff|doc|css|php|xml|html|mod|' . 'rpm|deb|pdf|ppt|xls|tgz|gz|bz2|zip)$/', $ext)) {
$ext = 'unknown';
}
}
$fname = "<img src='{$icon_dir}/{$ext}.png' class='icon' {$alt} /><span>{$file}</span>";
}
if ($js_tag) {
//if (strpos($file,' '))
$tag = "insertTags('{$tag_open}','{$tag_close}','{$file}',true)";
$link = "javascript:{$tag}";
}
}
$file = _html_escape($file);
if ($use_admin) {
$out .= "<td class='wiki'><input type='{$checkbox}' name='files[{$idx}]' value=\"{$file}\" /></td>";
}
$out .= "<td class='wiki'><a href=\"{$link}\"{$attr}>{$fname}</a></td>";
if ($use_fileinfo) {
$out .= "<td align='right' class='wiki'>{$size}</td><td class='wiki'>{$date}</td>";
}
if ($iidx % $col == 0) {
$out .= "</tr>\n<tr>\n";
}
if ($use_admin && $use_fileinfo) {
$out .= "<td> </td><td{$colspan}>";
if ($use_admin) {
$out .= $dir . '/';
}
$out .= "{$file}</td>\n";
$out .= "</tr>\n<tr>";
}
$idx++;
$iidx++;
}
$kidx = $iidx - 1;
$k = 0;
// setup colspan to fill up <tr> with colspaned <td>
while ($kidx % $col != 0) {
$k += $c;
$kidx++;
}
if ($k > 0) {
// fill tr
$out .= '<td colspan="' . $k . '"> </td>';
}
if (substr($out, -4) == '<tr>') {
$out = substr($out, 0, -4);
} else {
$out .= "</tr>\n";
}
$idx--;
$msg = sprintf(_("%d files"), $idx);
if (count($dirs)) {
$msg .= ' / ' . sprintf(_("Total %d files"), $count_files);
$msg .= ' / ' . sprintf(_("%d dirs"), $count_dirs);
}
// colspan for multi column case.
if ($col > 1) {
$colspan = ' colspan="' . $col * $c . '"';
}
$out .= "<tr>";
if ($use_admin && $c > 1) {
$out .= "<td> </td>";
}
// fill checkbox column
$out .= "<th {$colspan}>{$msg}</th></tr>\n";
if ($plink) {
$out .= "<tr><th {$colspan}>{$plink}</th></tr>\n";
}
$out .= "</table>\n";
if ($use_admin) {
if ($DBInfo->security->is_protected("deletefile", $options)) {
$out .= '<p>' . _("Password") . ": <input type='password' name='passwd' size='10' /></p>\n";
}
$out .= "<p><input type='submit' value='" . _("Delete selected files") . "' /></p>";
}
$out .= "</form>\n";
if (!$value and !in_array('UploadFile', $formatter->actions)) {
$formatter->actions[] = 'UploadFile';
}
if ($uploader and !in_array('UploadedFiles', $formatter->actions)) {
$out .= $formatter->macro_repl($uploader);
}
if ($use_preview) {
$class = ' class="fileList preview"';
return $js_script . "<div{$class}>" . $out . "</div>\n";
}
return $js_script . $out;
}
function macro_Attachment($formatter, $value, $options = array())
{
global $DBInfo;
if (!is_array($options) and $options == 1) {
$options = array('link' => 1);
}
// compatible
$attr = '';
if (!empty($DBInfo->force_download) or !empty($DBInfo->pull_url)) {
$force_download = 1;
}
if (!empty($DBInfo->download_action)) {
$mydownload = $DBInfo->download_action;
} else {
$mydownload = 'download';
}
$extra_action = '';
$pull_url = $fetch_url = '';
if (!empty($DBInfo->pull_url)) {
$pull_url = $DBInfo->pull_url;
if (empty($formatter->fetch_action)) {
$fetch_url = $formatter->link_url('', '?action=fetch&url=');
} else {
$fetch_url = $formatter->fetch_action;
}
}
$text = '';
$caption = '';
$cap_bra = '';
$cap_ket = '';
$bra = '';
$ket = '';
if ($options and !$DBInfo->security->is_allowed($mydownload, $options)) {
return $text;
}
if (!empty($formatter->wikimarkup) and empty($options['nomarkup'])) {
$ll = $rr = '';
if (strpos($value, ' ') !== false) {
$ll = '[';
$rr = ']';
}
$bra = "<span class='wikiMarkup'><!-- wiki:\n{$ll}attachment:{$value}{$rr}\n-->";
$ket = '</span>';
}
# if ($value[0]=='"' and ($p2=strpos(substr($value,1),'"')) !== false)
# $value=substr($value,1,$p2); # attachment:"my image.png" => my image.png
# FIXME attachment:"hello.png" => error
if (($p = strpos($value, ' ')) !== false and strpos(substr($value, 0, $p), ',') === false) {
// [[Attachment(my.png,width=100,height=200,caption="Hello(space)World")]]
// [attachment:my.ext(space)hello]
// [attachment:my.ext(space)attachment:my.png]
// [attachment:my.ext(space)http://url/../my.png]
if ($value[0] == '"' and ($p2 = strpos(substr($value, 1), '"')) !== false) {
$text = $ntext = substr($value, $p2 + 3);
$dummy = substr($value, 1, $p2);
# "my image.png" => my image.png
$args = substr($value, $p2 + 2);
$value = $dummy . $args;
# append query string
} else {
$text = $ntext = substr($value, $p + 1);
$value = substr($value, 0, $p);
}
if (substr($text, 0, 11) == 'attachment:') {
$fname = substr($text, 11);
$ntext = macro_Attachment($formatter, $fname, array('link' => 1));
}
if (preg_match("/\\.(png|gif|jpeg|jpg|bmp)\$/i", $ntext)) {
$_l_ntext = _l_filename($ntext);
if (!file_exists($_l_ntext)) {
$fname = preg_replace('/^"([^"]*)"$/', "\\1", $fname);
$mydownload = 'UploadFile&rename=' . $fname;
$text = sprintf(_("Upload new Attachment \"%s\""), $fname);
$text = str_replace('"', '\'', $text);
}
$ntext = qualifiedUrl($DBInfo->url_prefix . '/' . $ntext);
$img_link = '<img src="' . $ntext . '" alt="' . $text . '" border="0" />';
} else {
if (($q = strpos($ntext, ',')) !== false) {
$alt = substr($ntext, 0, $q);
$caption = substr($ntext, $q + 1);
} else {
$alt = $ntext;
}
}
} else {
$value = str_replace('%20', ' ', $value);
}
$lightbox_attr = '';
$imgalign = '';
// allowed thumb widths.
$thumb_widths = isset($DBInfo->thumb_widths) ? $DBInfo->thumb_widths : array('120', '240', '320', '480', '600', '800', '1024');
// parse query string of macro arguments
if ($dummy = strpos($value, '?')) {
# for attachment: syntax
parse_str(substr($value, $dummy + 1), $attrs);
$value = substr($value, 0, $dummy);
} else {
if (($dummy = strpos($value, ',')) !== false) {
# for Attachment macro
$tmp = substr($value, $dummy + 1);
$tmp = preg_replace('/,+\\s*/', ',', $tmp);
$tmp = preg_replace('/\\s*=\\s*/', '=', $tmp);
$tmp = str_replace(',', '&', $tmp);
parse_str($tmp, $attrs);
$value = substr($value, 0, $dummy);
}
}
$use_thumb = !empty($DBInfo->use_thumb_by_default) && empty($options['link_url']) ? true : false;
if (!empty($attrs)) {
if (!empty($attrs['action'])) {
// check extra_action
if ($attrs['action'] == 'deletefile') {
$extra_action = $attrs['action'];
} else {
$mydownload = $attrs['action'];
}
unset($attrs['action']);
}
foreach ($attrs as $k => $v) {
if (in_array($k, array('width', 'height'))) {
$attr .= "{$k}=\"{$v}\" ";
if (!empty($DBInfo->use_lightbox)) {
$lightbox_attr = ' rel="lightbox" ';
}
} else {
if ($k == 'align') {
$imgalign = 'img' . ucfirst($v);
} else {
if (in_array($k, array('caption', 'alt', 'title'))) {
$caption = preg_replace("/^([\"'])([^\\1]+)\\1\$/", "\\2", $v);
$caption = trim($caption);
} else {
if (in_array($k, array('thumb', 'thumbwidth', 'thumbheight'))) {
if ($k == 'thumbwidth' || $k == 'thumbheight') {
if (!empty($thumb_widths)) {
if (in_array($v, $thumb_widths)) {
$thumb[$k] = $v;
}
} else {
$thumb[$k] = $v;
}
} else {
$thumb[$k] = $v;
}
}
}
}
}
}
if (!empty($thumb)) {
$use_thumb = true;
}
}
if (preg_match('/^data:image\\/(gif|jpe?g|png);base64,/', $value)) {
// need to hack for IE ?
return "<img src='" . $value . "' {$attr} />";
}
$attr .= $lightbox_attr;
$info = '';
if (($p = strrpos($value, ':')) !== false or ($p = strrpos($value, '/')) !== false) {
$subpage = substr($value, 0, $p);
$file = substr($value, $p + 1);
$value = $subpage . '/' . $file;
# normalize page arg
if (isset($subpage[0])) {
$pagename = $subpage;
$key = $DBInfo->pageToKeyname($subpage);
$value = $file;
} else {
$pagename = '';
$key = '';
}
} else {
$pagename = $formatter->page->name;
$key = $DBInfo->pageToKeyname($formatter->page->name);
$file = $value;
}
if (isset($key[0])) {
$dir = $DBInfo->upload_dir . '/' . $key;
// support hashed upload_dir
if (!is_dir($dir) and !empty($DBInfo->use_hashed_upload_dir)) {
$pre = get_hashed_prefix($key);
$dir = $DBInfo->upload_dir . '/' . $pre . $key;
if (!is_dir($dir)) {
$dir = $DBInfo->upload_dir;
}
}
} else {
$dir = $DBInfo->upload_dir;
}
// check file name XXX
if (!$file) {
if (!empty($options['link']) and $options['link'] == 1) {
return 'attachment:' . $value;
}
return $bra . 'attachment:/' . $ket;
}
$upload_file = $dir . '/' . $file;
if (!empty($options['link']) and $options['link'] == 1) {
return $upload_file;
}
if (!$text) {
$text = $file;
}
$_l_file = _l_filename($file);
$_l_upload_file = $dir . '/' . $_l_file;
if (file_exists($_l_upload_file)) {
$file_ok = 1;
} else {
if (!empty($pull_url)) {
if (isset($subpage[0])) {
$pagename = $subpage;
$val = _urlencode($file);
} else {
$val = _urlencode($value);
}
$url = $pull_url . _rawurlencode($pagename) . "?action={$mydownload}&value=" . $val;
$hsz = $formatter->macro_repl('ImageFileSize', $url);
$info = ' (' . $hsz . ')';
$url = $fetch_url . str_replace(array('&', '?'), array('%26', '%3f'), $url);
// check url to retrieve the size of file
if (empty($formatter->preview) or floatval($sz) != 0) {
$file_ok = 2;
}
}
}
if (empty($file_ok) and !empty($formatter->wikimarkup) and empty($options['nomarkup'])) {
if (!empty($DBInfo->swfupload_depth) and $DBInfo->swfupload_depth > 2) {
$depth = $DBInfo->swfupload_depth;
} else {
$depth = 2;
}
if (session_id() == '') {
// ip based
$myid = md5($_SERVER['REMOTE_ADDR'] . '.' . 'MONIWIKI');
// FIXME
} else {
$myid = session_id();
}
$prefix = substr($myid, 0, $depth);
$mydir = $DBInfo->upload_dir . '/.swfupload/' . $prefix . '/' . $myid;
if (file_exists($mydir . '/' . $_l_file)) {
if (!$img_link && preg_match("/\\.(png|gif|jpeg|jpg|bmp)\$/i", $upload_file)) {
$ntext = qualifiedUrl($DBInfo->url_prefix . '/' . $mydir . '/' . $text);
$img_link = '<img src="' . $ntext . '" alt="' . $text . '" border="0" />';
return $bra . "<span class=\"attach\">{$img_link}</span>" . $ket;
} else {
$sz = filesize($mydir . '/' . $_l_file);
$unit = array('Bytes', 'KB', 'MB', 'GB', 'TB');
for ($i = 0; $i < 4; $i++) {
if ($sz <= 1024) {
#$sz= round($sz,2).' '.$unit[$i];
break;
}
$sz = $sz / 1024;
}
$info = ' (' . round($sz, 2) . ' ' . $unit[$i] . ') ';
return $bra . "<span class=\"attach\">" . $formatter->icon['attach'] . $text . '</span>' . $info . $ket;
}
}
}
if (!empty($file_ok)) {
$imgcls = 'imgAttach';
if ($imgalign == 'imgCenter' or $caption && empty($imgalign)) {
if ($file_ok == 1 and !$attrs['width']) {
$size = getimagesize($_l_upload_file);
// XXX
$attrs['width'] = $size[0];
}
}
$img_width = '';
if (!empty($attrs['width'])) {
$img_width = ' style="width:' . $attrs['width'] . 'px"';
}
if ($caption) {
$cls = $imgalign ? 'imgContainer ' . $imgalign : 'imgContainer';
$cap_bra = '<div class="' . $cls . '"' . '>';
$cap_ket = '</div>';
$img_width = '';
} else {
$imgcls = $imgalign ? 'imgAttach ' . $imgalign : 'imgAttach';
}
if ($file_ok == 1) {
$sz = filesize($_l_upload_file);
$unit = array('Bytes', 'KB', 'MB', 'GB', 'TB');
for ($i = 0; $i < 4; $i++) {
if ($sz <= 1024) {
break;
}
$sz = $sz / 1024;
}
$info = ' (' . round($sz, 2) . ' ' . $unit[$i] . ')';
}
if (!in_array('UploadedFiles', $formatter->actions)) {
$formatter->actions[] = 'UploadedFiles';
}
if (empty($img_link) && preg_match("/\\.(png|gif|jpeg|jpg|bmp)\$/i", $upload_file, $m)) {
// get the extension of the image
$ext = $m[1];
$type = strtoupper($m[1]);
if (!empty($caption)) {
$caption = '<div class="caption">' . $caption . ' <span>[' . $type . ' ' . _("image") . $info . ']</span></div>';
} else {
$caption = '<div class="info"><span>[' . $type . ' ' . _("image") . $info . ']</span></div>';
}
if ($file_ok == 1 and !empty($use_thumb)) {
$thumb_width = !empty($DBInfo->thumb_width) ? $DBInfo->thumb_width : 320;
if (!empty($thumb['thumbwidth'])) {
$thumb_width = $thumb['thumbwidth'];
}
// guess thumbnails
$thumbfiles = array();
$thumbfiles[] = $_l_file;
$thumbfiles[] = preg_replace('@' . $ext . '$@i', 'w' . $thumb_width . '.' . $ext, $_l_file);
$thumb_ok = false;
foreach ($thumbfiles as $thumbfile) {
if (file_exists($dir . '/thumbnails/' . $thumbfile)) {
$thumb_ok = true;
break;
}
}
// auto generate thumbnail
if (!empty($DBInfo->use_convert_thumbs) and !$thumb_ok) {
if (!file_exists($dir . "/thumbnails")) {
@mkdir($dir . "/thumbnails", 0777);
}
$fname = $dir . '/' . $_l_file;
list($w, $h) = getimagesize($fname);
// generate thumbnail using the gd func or the ImageMagick(convert)
if ($w > $thumb_width) {
require_once 'lib/mediautils.php';
resize_image($ext, $fname, $dir . '/thumbnails/' . $thumbfile, $w, $h, $thumb_width);
$thumb_ok = true;
}
}
}
$alt = !empty($alt) ? $alt : $file;
if ($key != $pagename || !empty($force_download)) {
$val = _urlencode($value);
if ($thumb_ok and !empty($use_thumb)) {
if (($p = strrpos($val, '/')) > 0) {
$val = substr($val, 0, $p) . '/thumbnails/' . $thumbfile;
} else {
$val = 'thumbnails/' . $thumbfile;
}
// use download link ?
if (!empty($DBInfo->use_thumb_with_download_link)) {
$extra_action = 'download';
}
}
if ($file_ok == 2 and !empty($pull_url)) {
if (isset($subpage[0])) {
$pagename = $subpage;
$val = _urlencode($file);
}
$url = $fetch_url . str_replace(array('&', '?'), array('%26', '%3f'), $pull_url . urlencode(_rawurlencode($pagename)) . "?action={$mydownload}&value=" . $val);
if ($use_thumb and isset($thumb['thumb'])) {
$url .= '&thumb=' . $thumb['thumb'];
}
} else {
$url = $formatter->link_url(_rawurlencode($pagename), "?action={$mydownload}&value=" . $val);
}
} else {
if ($thumb_ok and !empty($use_thumb)) {
// FIXME
$url = str_replace($DBInfo->upload_dir, $DBInfo->upload_dir_url, $dir . '/thumbnails/' . _urlencode($thumbfile));
} else {
$_my_file = str_replace($DBInfo->upload_dir, $DBInfo->upload_dir_url, $dir . '/' . $file);
$url = _urlencode($_my_file);
}
}
if (!empty($options['link_url'])) {
return qualifiedUrl($url);
}
$img = "<img src='{$url}' title='{$alt}' alt='{$alt}' style='border:0' {$attr}/>";
if ($extra_action) {
$url = $formatter->link_url(_rawurlencode($pagename), "?action={$extra_action}&value=" . urlencode($value));
if ($file_ok == 2 and !empty($pull_url)) {
if (isset($subpage[0])) {
$pagename = $subpage;
}
$url = $fetch_url . str_replace(array('&', '?'), array('%26', '%3f'), $pull_url . urlencode(_rawurlencode($pagename)) . "?action={$mydownload}&value=" . $val);
}
$img = "<a href='{$url}'>{$img}</a>";
} else {
if (preg_match('@^(https?|ftp)://@', $alt)) {
$img = "<a href='{$alt}'>{$img}</a>";
}
}
return $bra . $cap_bra . "<div class=\"{$imgcls}\"><div>{$img}{$caption}</div></div>" . $cap_ket . $ket;
#return $bra.$cap_bra."<span class=\"$cls\">$img$caption</span>".$cap_ket.$ket;
} else {
$mydownload = $extra_action ? $extra_action : $mydownload;
$link = $formatter->link_url(_rawurlencode($pagename), "?action={$mydownload}&value=" . urlencode($value), $text);
if (!empty($options['link_url'])) {
return qualifiedUrl($link);
}
if (!empty($img_link)) {
return $bra . "<span class=\"attach\"><a href='{$link}'>{$img_link}</a></span>" . $ket;
}
return $bra . "<span class=\"attach\">" . $formatter->icon['attach'] . '<a href="' . $link . '">' . $text . '</a></span>' . $info . $ket;
}
}
// no attached file found.
if (!empty($options['link_url'])) {
return 'attachment:' . $value;
}
if ($formatter->_macrocache and empty($options['call'])) {
return $formatter->macro_cache_repl('Attachment', $value);
}
if (empty($options['call'])) {
$formatter->_dynamic_macros['@Attachment'] = 1;
}
$paste = '';
if (!empty($DBInfo->use_clipmacro) and preg_match('/^(.*)\\.png$/i', $file, $m)) {
$now = time();
$url = $formatter->link_url($pagename, "?action=clip&value={$m['1']}&now={$now}");
$paste = " <a href='{$url}'>" . _("or paste a new png picture") . "</a>";
}
if (!empty($DBInfo->use_drawmacro) and preg_match('/^(.*)\\.gif$/i', $file, $m)) {
$now = time();
$url = $formatter->link_url($pagename, "?action=draw&mode=attach&value={$m['1']}&now={$now}");
$paste = " <a href='{$url}'>" . _("or draw a new gif picture") . "</a>";
}
if ($pagename == $formatter->page->name) {
return $bra . '<span class="attach">' . $formatter->link_to("?action=UploadFile&rename=" . urlencode($file), sprintf(_("Upload new Attachment \"%s\""), $file)) . $paste . '</span>' . $ket;
}
if (!$pagename) {
$pagename = 'UploadFile';
}
return $bra . '<span class="attach">' . $formatter->link_tag($pagename, "?action=UploadFile&rename=" . urlencode($file), sprintf(_("Upload new Attachment \"%s\" on the \"%s\""), $file, $pagename)) . $paste . '</span>' . $ket;
}
function do_download($formatter, $options)
{
global $DBInfo;
if (!$options['value']) {
if (!function_exists('do_uploadedfiles')) {
include_once dirname(__FILE__) . '/UploadedFiles.php';
}
do_uploadedfiles($formatter, $options);
return;
}
$value =& $options['value'];
$down_mode = (!empty($options['mode']) and $options['mode'][0] == 'a') ? 'attachment' : (!empty($DBInfo->download_mode) ? $DBInfo->download_mode : 'inline');
// SubPage:foobar.png == SubPage/foobar.png
// SubPage:thumbnails/foobar.png == SubPage/thumbnails/foobar.png
// SubPage/FoobarPage:thumbnails/foobar.png == SubPage/FoobarPage/thumbnails/foobar.png
// check acceptable subdirs
$acceptable_subdirs = array('thumbnails');
$tmp = explode('/', $value);
$subdir = '';
if (($c = count($tmp)) > 1) {
if (in_array($tmp[$c - 2], $acceptable_subdirs)) {
$subdir = $tmp[$c - 2] . '/';
unset($tmp[$c - 2]);
$value = implode('/', $tmp);
}
}
if (($p = strpos($value, ':')) !== false or ($p = strrpos($value, '/')) !== false) {
$subpage = substr($value, 0, $p);
$file = substr($value, $p + 1);
$value = $subpage . '/' . $file;
# normalize page arg
if ($subpage and $DBInfo->hasPage($subpage)) {
$pagename =& $subpage;
$key = $DBInfo->pageToKeyname($subpage);
}
}
if (!isset($pagename[0])) {
$pagename =& $formatter->page->name;
$key = $DBInfo->pageToKeyname($formatter->page->name);
}
$prefix = '';
if (isset($key[0])) {
// for compatibility
$dir = $DBInfo->upload_dir . '/' . $key;
if (!is_dir($dir) and !empty($DBInfo->use_hashed_upload_dir)) {
// support hashed upload_dir
$prefix = get_hashed_prefix($key);
$dir = $DBInfo->upload_dir . '/' . $prefix . $key;
}
}
if ($value[0] == '/' or $key == 'UploadFile') {
$dir = $DBInfo->upload_dir;
}
if (file_exists($dir)) {
$handle = opendir($dir);
} else {
$dir = $DBInfo->upload_dir;
$handle = opendir($dir);
}
$file = explode('/', $value);
$file = $file[count($file) - 1];
$params = $options;
// copy request params
/**
* Thumbnail feature
*
* foo/bar/foo.png
* - pagename = foo/bar
* - attached image = foo.png
* foo/bar/foo.png?thumb=1
* - generate thumbnail with default width
* foo/bar/foo.png?thumbwidth=320
* - generate thumbnails/foo.w320.png
* if 320 is acceptable width
* foo/bar/thumbnails/foo.w320.png
* == foo/bar/foo.png?thumbwidth=320
* foo/bar/foo.w320.png
* == foo/bar/foo.png?thumbwidth=320
* you can also upload foo.w320.png manually
*/
// check thumbnail width from filename
if (preg_match('@(\\.w(\\d+)\\.(png|jpe?g|gif))$@i', $file, $m)) {
// drop w320 from given filename
$orgfile = substr($file, 0, -strlen($m[1])) . '.' . $m[3];
$params['thumbwidth'] = $m[2];
unset($params['thumb']);
}
// check file exists
$tmp = _l_filename($file);
if (file_exists($dir . '/' . $subdir . $tmp)) {
$_l_file = $subdir . $tmp;
if (!empty($orgfile)) {
unset($orgfile);
// no need to generate thumbnails
unset($params['thumbwidth']);
$nothumb = true;
}
} else {
$_l_file = !empty($orgfile) ? _l_filename($orgfile) : _l_filename($file);
if (!file_exists("{$dir}/{$_l_file}")) {
header("HTTP/1.1 404 Not Found");
echo "File not found";
return;
}
}
$lines = @file($DBInfo->data_dir . '/mime.types');
if ($lines) {
foreach ($lines as $line) {
rtrim($line);
if (preg_match('/^\\#/', $line)) {
continue;
}
$elms = preg_split('/\\s+/', $line);
$type = array_shift($elms);
foreach ($elms as $elm) {
$mime[$elm] = $type;
}
}
} else {
$mime = array();
}
$realfile = $dir . '/' . $_l_file;
# set filename
if (preg_match("/\\.(.{1,4})\$/", $file, $match)) {
$ext = strtolower($match[1]);
$mimetype = !empty($mime[$ext]) ? $mime[$ext] : '';
$ext = '.' . $ext;
}
// auto generate thumbnails
if (empty($nothumb) and !empty($mimetype) and preg_match('@image/(png|jpe?g|gif)$@', $mimetype)) {
list($w, $h) = getimagesize($realfile);
$thumbfile = '';
if (!empty($params['thumbwidth'])) {
// check allowed thumb widths.
$thumb_widths = isset($DBInfo->thumb_widths) ? $DBInfo->thumb_widths : array('120', '240', '320', '480', '600', '800', '1024');
$width = 320;
// default
if (!empty($DBInfo->default_thumb_width)) {
$width = $DBInfo->default_thumb_width;
}
if (!empty($thumb_widths)) {
if (in_array($params['thumbwidth'], $thumb_widths)) {
$width = $params['thumbwidth'];
} else {
header("HTTP/1.1 404 Not Found");
echo "Invalid thumbnail width", "<br />", "valid thumb widths are ", implode(', ', $thumb_widths);
return;
}
} else {
$width = $params['thumbwidth'];
}
if ($w > $width) {
$thumb_width = $width;
$force_thumb = true;
}
} else {
// automatically generate thumb images to support low-bandwidth mobile version
if ($params['is_mobile']) {
$force_thumb = (!isset($params['m']) or $params['m'] == 1);
} else {
if (!isset($params['thumb']) and !empty($DBInfo->max_image_width) and $w > $DBInfo->max_image_width) {
$force_thumb = true;
$thumb_width = $DBInfo->max_image_width;
}
}
}
while (!empty($params['thumb']) or $force_thumb) {
if (empty($thumb_width)) {
$thumb_width = 320;
// default
if (!empty($DBInfo->default_thumb_width)) {
$thumb_width = $DBInfo->default_thumb_width;
}
}
$thumbfiles = array();
$thumbname = preg_replace('@' . $ext . '$@i', '.w' . $thumb_width . $ext, $_l_file);
$thumbfiles[] = $thumbname;
$thumbfiles[] = 'thumbnails/' . $thumbname;
foreach ($thumbfiles as $file) {
$thumbfile = $dir . '/' . $file;
if (file_exists($thumbfile)) {
$thumb_ok = true;
break;
}
}
if ($thumb_ok) {
break;
}
if ($w <= $thumb_width) {
if (!empty($orgfile)) {
header("HTTP/1.1 404 Not Found");
echo "the thumbnail width have to smaller than original";
return;
}
$thumbfile = $realfile;
break;
}
if (!file_exists($dir . "/thumbnails")) {
@mkdir($dir . "/thumbnails", 0777);
}
require_once 'lib/mediautils.php';
// generate thumbnail using the gd func or the ImageMagick(convert)
resize_image($ext, $realfile, $thumbfile, $w, $h, $thumb_width);
break;
}
if (!empty($thumbfile)) {
$realfile = $thumbfile;
}
}
if (empty($mimetype)) {
$mimetype = "application/x-unknown";
}
if (strstr($_SERVER['HTTP_USER_AGENT'], 'MSIE')) {
// IE: rawurlencode()
$fn = preg_replace('/[:\\x5c\\/*?"<>|]/', '_', $file);
$fname = 'filename="' . rawurlencode($fn) . '"';
// fix IE bug
$fname = preg_replace('/\\./', '%2e', $fname, substr_count($fname, '.') - 1);
#header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
#header('Pragma: public');
} else {
if (strstr($_SERVER['HTTP_USER_AGENT'], 'Mozilla')) {
// Mozilla: RFC 2047
$fname = 'filename="=?' . $DBInfo->charset . '?B?' . base64_encode($file) . '?="';
} else {
// etc. Safari, Opera 9: RFC 2231
$fn = preg_replace('/[:\\x5c\\/{?]/', '_', $file);
$fname = 'filename*=' . $DBInfo->charset . "''" . rawurlencode($fn) . '';
//$fname='filename="'.$fn.'"';
}
}
if (!empty($DBInfo->use_resume_download)) {
$header = array("Content-Description: MoniWiki PHP Downloader");
dl_file_resume($mimetype, $realfile, $fname, $down_mode, $header);
return;
}
header("Content-Type: {$mimetype}\r\n");
header("Content-Length: " . filesize($realfile));
header("Content-Disposition: {$down_mode}; " . $fname);
header("Content-Description: MoniWiki PHP Downloader");
$mtime = filemtime($realfile);
$lastmod = gmdate("D, d M Y H:i:s", $mtime) . ' GMT';
$etag = md5($lastmod . $thumbfile);
header("Last-Modified: " . $lastmod);
header('ETag: "' . $etag . '"');
header("Pragma:");
$maxage = 60 * 60 * 24 * 7;
header('Cache-Control: public, max-age=' . $maxage);
$need = http_need_cond_request($mtime, $lastmod, $etag);
if (!$need) {
header('X-Cache-Debug: Cached OK');
header('HTTP/1.0 304 Not Modified');
@ob_end_clean();
return;
}
$fp = readfile($realfile);
return;
}
function do_uploadfile($formatter, $options)
{
global $DBInfo;
$files = array();
$title = '';
if (isset($options['data'])) {
if (substr($options['data'], 0, 5) == 'data:') {
$data = substr($options['data'], 5);
} else {
$data = $options['data'];
}
$err = _("Fail to parse data string");
while (preg_match('@^(image/(gif|jpe?g|png));base64,(.*)$@', $data, $match)) {
$ret = base64_decode($match[3]);
if ($ret === false) {
$err = _("Fail to decode base64 data string.");
break;
} else {
$name = isset($options['name'][0]) ? $options['name'] : 'unnamed';
$name .= '.' . $match[2];
$tmpfile = tempnam($DBInfo->vartmp_dir, 'DATA');
$fp = fopen($tmpfile, 'wb');
if (!is_resource($fp)) {
$err = _("Fail to open file.\n");
break;
}
fwrite($fp, $ret);
fclose($fp);
$count = 1;
$files['upfile']['name'][] = $name;
$files['upfile']['tmp_name'][] = $tmpfile;
$files['upfile']['error'][] = '';
$files['upfile']['type'][] = $match[1];
$err = '';
break;
}
}
}
if (!empty($err)) {
echo $err;
return;
}
if (isset($_FILES['upfile']) and is_array($_FILES)) {
if (!empty($options['multiform']) and $options['multiform'] > 1 or is_array($_FILES['upfile']['name'])) {
$options['multiform'] = !empty($options['multiform']) ? $options['multiform'] : sizeof($_FILES['upfile']['name']);
$count = $options['multiform'];
$files =& $_FILES;
if (!isset($options['rename'])) {
$options['rename'] = array();
}
} else {
$count = 1;
$files['upfile']['name'][] =& $_FILES['upfile']['name'];
$files['upfile']['tmp_name'][] =& $_FILES['upfile']['tmp_name'];
$files['upfile']['error'][] =& $_FILES['upfile']['error'];
$files['upfile']['type'][] =& $_FILES['upfile']['type'];
$options['rename'] = array($options['rename']);
$options['replace'] = array($options['replace']);
}
} else {
if (isset($options['MYFILES']) and is_array($options['MYFILES'])) {
// for SWFUpload action
$count = sizeof($options['MYFILES']);
$MYFILES =& $options['MYFILES'];
$mysubdir = $options['mysubdir'];
for ($i = 0; $i < $count; $i++) {
$myname = $MYFILES[$i];
$files['upfile']['name'][] = $myname;
$files['upfile']['tmp_name'][] = $DBInfo->upload_dir . '/.swfupload/' . $mysubdir . $myname;
// XXX
$files['rename'][] = '';
$files['replace'][] = '';
}
}
}
// Set upload err msg func.
if (!empty($DBInfo->upload_err_func) and function_exists($DBInfo->upload_err_func)) {
$upload_err_func = $DBInfo->upload_err_func;
} else {
$upload_err_func = '_upload_err_msg';
}
$msg = array();
$err_msg = array();
$upload_ok = array();
$js = '';
$uploadid = !empty($options['uploadid']) ? $options['uploadid'] : '';
if (!empty($uploadid) or !empty($options['MYFILES'])) {
$js = <<<EOF
<script type="text/javascript">
/*<![CDATA[*/
function delAllForm(id) {
if (!opener) return;
if (id == '') return;
var fform = opener.document.getElementById(id);
if (fform && fform.rows && fform.rows.length) { // for UploadForm
for (var i=fform.rows.length;i>0;i--) {
fform.deleteRow(i-1);
}
} else { // for SWFUpload
var listing = opener.document.getElementById('mmUploadFileListing');
if (listing) {
var elem = listing.getElementsByTagName("li");
listing.innerHTML='';
} else if (fform) {
fform.reset();
}
}
}
delAllForm('{$uploadid}');
/*]]>*/
</script>
EOF;
}
$ok = 0;
if ($files) {
foreach ($files['upfile']['name'] as $f) {
if ($f) {
$ok = 1;
break;
}
}
}
if (!$ok) {
if (isset($options['retval'])) {
return false;
}
// ignore
#$title="No file selected";
$formatter->send_header("", $options);
$formatter->send_title($title, "", $options);
print macro_UploadFile($formatter, '', $options);
if (!in_array('UploadedFiles', $formatter->actions)) {
$formatter->actions[] = 'UploadedFiles';
}
$formatter->send_footer("", $options);
return false;
}
$key = $DBInfo->pageToKeyname($formatter->page->name);
if ($key != 'UploadFile') {
$dir = $DBInfo->upload_dir . '/' . $key;
// support hashed upload_dir
if (!is_dir($dir) and !empty($DBInfo->use_hashed_upload_dir)) {
$prefix = get_hashed_prefix($key);
$dir = $DBInfo->upload_dir . '/' . $prefix . $key;
}
} else {
$dir = $DBInfo->upload_dir;
}
if (!file_exists($dir)) {
umask(00);
_mkdir_p($dir, 0777);
umask(02);
}
$REMOTE_ADDR = $_SERVER['REMOTE_ADDR'];
$comment = "File ";
$uploaded = '';
$log_entry = '';
$protected_exts = !empty($DBInfo->pds_protected) ? $DBInfo->pds_protected : "pl|cgi|php";
$safe_exts = !empty($DBInfo->pds_safe) ? $DBInfo->pds_safe : "txt|gif|png|jpg|jpeg";
$protected = explode('|', $protected_exts);
$safe = explode('|', $safe_exts);
# upload file protection
if (!empty($DBInfo->pds_allowed)) {
$pds_exts = $DBInfo->pds_allowed;
} else {
$pds_exts = "png|jpg|jpeg|gif|mp3|zip|tgz|gz|txt|css|exe|pdf|hwp";
}
$allowed = 0;
if (isset($DBInfo->upload_masters) and in_array($options['id'], $DBInfo->upload_masters)) {
// XXX WARN!!
$pds_exts = '.*';
$allowed = 1;
}
$safe_types = array('text' => '', 'media' => '', 'image' => '', 'audio' => '', 'application' => 'bin');
for ($j = 0; $j < $count; $j++) {
# replace space and ':' strtr()
$upfilename = str_replace(" ", "_", $files['upfile']['name'][$j]);
$upfilename = str_replace(":", "_", $upfilename);
preg_match("/^(.*)\\.([a-z0-9]{1,5})\$/i", $upfilename, $fname);
if (!$upfilename) {
continue;
} else {
if ($upfilename) {
$uploaded++;
}
}
$no_ext = 0;
if (empty($fname[2])) {
$fname[1] = $upfilename;
$fname[2] = '';
$no_ext = 1;
}
if (!$allowed) {
if (!empty($DBInfo->use_filetype)) {
$type = '';
$type = $files['upfile']['type'][$j] ? $files['upfile']['type'][$j] : 'text/plain';
list($mtype, $xtype) = explode('/', $type);
if (!empty($mtype) and array_key_exists($mtype, $safe_types)) {
$allowed = 1;
$fname[2] = $fname[2] ? $fname[2] : $safe_types[$mtype];
} else {
if ($no_ext) {
$err_msg[] = sprintf(_("The %s type of %s is not allowed to upload"), $type, $upfilename);
continue;
}
}
} else {
$fname[2] = $fname[2] ? $fname[2] : 'txt';
$no_ext = 0;
}
}
$upfilename = preg_replace('/\\.$/', '', implode('.', array($fname[1], $fname[2])));
if (!$allowed) {
if (!$no_ext and !preg_match("/(" . $pds_exts . ")\$/i", $fname[2])) {
if ($DBInfo->use_filetype and !empty($type)) {
$err_msg[] = sprintf(_("The %s type of %s is not allowed to upload"), $type, $upfilename);
} else {
$err_msg[] = sprintf(_("%s is not allowed to upload"), $upfilename);
}
continue;
} else {
if ($fname[2] and in_array(strtolower($fname[2]), $safe)) {
$upfilename = $fname[1] . '.' . $fname[2];
} else {
# check extra extentions for the mod_mime
$exts = explode('.', $fname[1]);
$ok = 0;
for ($i = sizeof($exts); $i > 0; $i--) {
if (in_array(strtolower($exts[$i - 1]), $safe)) {
$ok = 1;
break;
} else {
if (in_array(strtolower($exts[$i - 1]), $protected)) {
$exts[$i] .= '.txt';
# extra check for mod_mime: append 'txt' extension: my.pl.hwp => my.pl.txt.hwp
$ok = 1;
break;
}
}
}
if ($ok) {
$fname[1] = implode('.', $exts);
$upfilename = $fname[1] . '.' . $fname[2];
}
}
}
}
$file_path = $newfile_path = $dir . "/" . $upfilename;
$filename = $upfilename;
if (!empty($options['rename'][$j])) {
# XXX
$temp = explode("/", _stripslashes($options['rename'][$j]));
$upfilename = $temp[count($temp) - 1];
preg_match("/^(.*)\\.([a-z0-9]{1,5})\$/i", $upfilename, $tname);
$exts = explode('.', $tname[1]);
$ok = 0;
for ($i = sizeof($exts); $i > 0; $i--) {
if (in_array(strtolower($exts[$i - 1]), $protected)) {
$exts[$i] .= '.txt';
$ok = 1;
break;
}
}
if ($ok) {
$tname[1] = implode('.', $exts);
$upfilename = $tname[1] . '.' . $fname[2];
}
# check the extention of the new file name.
$fname[1] = $tname[1];
$newfile_path = $dir . "/" . $tname[1] . ".{$fname['2']}";
if ($tname[2] != $fname[2]) {
if (strtolower($tname[2]) == strtolower($fname[2])) {
# change the case of the file ext. is allowed
$newfile_path = $dir . "/" . $tname[1] . ".{$tname['2']}";
} else {
$err_msg[] = sprintf(_("It is not allowed to change file ext. \"%s\" to \"%s\"."), $fname[2], $tname[2]);
}
}
}
# is file already exists ?
$dummy = 0;
$myext = $fname[2] ? '.' . $fname[2] : '';
while (@file_exists($newfile_path)) {
$dummy = $dummy + 1;
$ufname = $fname[1] . "_" . $dummy;
// rename file
$upfilename = $ufname . $myext;
$newfile_path = $dir . "/" . $upfilename;
}
$upfile = $files['upfile']['tmp_name'][$j];
if (!empty($files['upfile']['error'][$j]) and $files['upfile']['error'][$j] != UPLOAD_ERR_OK) {
$err_msg[] = _("ERROR:") . ' <tt>' . $upload_err_func($files['upfile']['error'][$j]) . ' : ' . $upfilename . '</tt>';
if ($files['upfile']['error'][$j] == UPLOAD_ERR_INI_SIZE) {
$err_msg[] = "<tt>upload_max_filesize=" . ini_get('upload_max_filesize') . '</tt>';
}
continue;
}
$_l_path = _l_filename($file_path);
$new_l_path = _l_filename($newfile_path);
if (!empty($options['replace'][$j])) {
// backup
if ($newfile_path != $file_path) {
$test = @copy($_l_path, $new_l_path);
}
// replace
$test = @copy($upfile, $_l_path);
$upfilename = $filename;
} else {
$test = @copy($upfile, $new_l_path);
}
@unlink($upfile);
if (!$test) {
$err_msg[] = sprintf(_("Fail to copy \"%s\" to \"%s\""), $upfilename, $file_path);
if ($files['upfile']['error'][$j] == UPLOAD_ERR_INI_SIZE) {
$err_msg[] = "<tt>upload_max_filesize=" . ini_get('upload_max_filesize') . '</tt>';
}
continue;
}
chmod($new_l_path, 0644);
$comment .= "'{$upfilename}' ";
$title .= (!empty($title) ? "\\n" : '') . sprintf(_("File \"%s\" is uploaded successfully"), $upfilename);
$fullname = $formatter->page->name . "/{$upfilename}";
$upname = $upfilename;
if (strpos($fullname, ' ') !== false) {
$fullname = '"' . $fullname . '"';
}
if (strpos($upname, ' ') !== false) {
$upname = '"' . $upname . '"';
}
if ($key == 'UploadFile') {
$msg[] = "<ins>attachment:/{$upname}</ins>";
$upload_ok[] = '/' . $upname;
$log_entry .= " * attachment:/{$upname}?action=deletefile . . . @USERNAME@ @DATE@\n";
} else {
$msg[] = "<ins>attachment:{$upname}</ins> or";
$msg[] = "<ins>attachment:{$fullname}</ins>";
$upload_ok[] = $upname;
$log_entry .= " * attachment:{$fullname}?action=deletefile . . . @USERNAME@ @DATE@\n";
}
}
// multiple upload
$comment .= "uploaded";
if (!empty($DBInfo->upload_changes)) {
$p = $DBInfo->getPage($DBInfo->upload_changes);
$raw_body = $p->_get_raw_body();
if ($raw_body and $raw_body[strlen($raw_body) - 1] != "\n") {
$raw_body .= "\n";
}
$raw_body .= $log_entry;
$p->write($raw_body);
$DBInfo->savePage($p, $comment, $options);
} else {
$DBInfo->addLogEntry($key, $REMOTE_ADDR, $comment, "UPLOAD");
}
if (!empty($options['action_mode']) and $options['action_mode'] == 'ajax') {
$err = implode("\\n", $err_msg);
$err = strip_tags($err);
if ($err) {
$err .= "\\n";
}
$formatter->header('Content-type: text/html; charset=' . $DBInfo->charset);
$scr = '';
if (!empty($options['domain']) and preg_match('/^[a-z][a-z0-9]+(\\.[a-z][a-z0-9]+)*$/i', $options['domain'])) {
$scr = '<script type="text/javascript">document.domain="' . $options['domain'] . '";</script>';
}
echo $scr . '
{"title": "' . str_replace(array('"', '<'), array("'", '<'), $title) . '",
"msg": ["' . $err . strip_tags(implode("\\n", $msg)) . '"],
"uploaded":' . $uploaded . ',
"files": ["' . implode("\"\n,\"", $upload_ok) . '"]
}';
return true;
}
$msgs = implode("<br />\n", $err_msg);
$msgs .= implode("<br />\n", $msg);
if (isset($options['retval'])) {
$retval = array('title' => $title, 'msg' => $msgs, 'uploaded' => $uploaded, 'files' => $upload_ok);
$ret =& $options['retval'];
$ret = $retval;
return true;
}
$formatter->send_header("", $options);
if ($uploaded < 2) {
$formatter->send_title($title, "", $options);
print $msgs;
} else {
$msg = $title . '<br />' . $msg;
$title = sprintf(_("Files are uploaded successfully"), $upfilename);
$formatter->send_title($title, "", $options);
print $msgs;
}
print $js;
$formatter->send_footer('', $options);
if (isset($options['MYFILES']) and is_array($options['MYFILES']) and session_id() != '') {
session_destroy();
}
return true;
}
