function submit_screenshots($submissionID) { $data = directory_map('./uploads/'); $result = $this->Submissions_model->get_submission_given_submissionID($submissionID); if (!is_null($data)) { foreach ($data as $key => $folder) { if ($this->encrypt->decode(base64_decode($key)) == $this->session->userdata('username')) { $config['upload_path'] = 'uploads/SS'; break; } else { $config['upload_path'] = 'uploads/black_hole_files'; } } } $config['allowed_types'] = 'jpg|jpeg'; $config['max_size'] = '300000'; $config['max_width'] = '3024'; $config['max_height'] = '3768'; $config['overwrite'] = false; $config['file_name'] = str_replace(" ", "_", $this->session->userdata('username') . '_' . $result['submissionName']); $config['remove_spaces'] = true; $this->load->library('upload', $config); if (!$this->upload->do_upload()) { redirect("/home", "REFRESH"); } else { $screenData = json_decode($result['screenshots']); $names = get_filenames($config['upload_path']); if ($screenData == null) { $fileName = check_file_name($this->session->userdata('username'), $result['submissionName'], $names); $screenData[0] = $config['upload_path'] . '/' . $fileName; } else { $count = count($screenData); $fileName = check_file_name($this->session->userdata('username'), $result['submissionName'], $names, $count); array_push($screenData, $config['upload_path'] . '/' . $fileName); } $screenDataJson = json_encode($screenData); $this->Submissions_model->submit_image($result['submissionID'], $screenDataJson); redirect("/users/detailedSubmit/" . $result['submissionID'], "REFRESH"); } }
function check_file_name($name) { if (file_exists($name)) { return check_file_name($name . "_tmp"); } else { return $name; } }
function saveSource() { $this->_index(); $this->system->setConf('system.theme_last_modified', time()); $this->begin('index.php?ctl=system/tmpimage&act=detail&p[0]=' . $_POST['id']); $extend = pathinfo($_POST['name'], PATHINFO_EXTENSION); if (!check_file_name($extend)) { $this->end(false, __('保存文件名不合法')); } $oImg =& $this->system->loadModel('resources/tmpimage'); $this->end($oImg->saveSource($_POST, $this->istheme), __('样式文件保存成功')); }
if (isset($_FILES['file'])) { $name = $_FILES['file']['name']; $size = $_FILES['file']['size']; $location = $_FILES['file']['tmp_name']; $path = $_SERVER['DOCUMENT_ROOT'] . "/cms/upload"; $extensions = array("pdf", "doc", "xls", "doc", "docx", "odt", "rtf", "tex", "txt", "wpd", "wps", "csv", "ppt", "pptx", "tar", "zip", "xlr", "xlsx", ".7z", "gz", "pkg", "rar", "zipx"); $ext = explode('.', $name); $ext = strtolower(end($ext)); if (in_array($ext, $extensions) == false) { $errors[] = "extensions not allowed"; } if ($size > 5242880) { $errors[] = "File size must be less than 5 MB"; } if (empty($errors) == true) { $link = check_file_name($name, $location, $path, $size, $ext); $msg2 = add_news_file($_POST['Title'], $_POST['Description'], $link); } else { print_r($errors); } } ?> <link href="../css/typeahead.css" rel="stylesheet"> <div id="page-wrapper"> <div class="row"> <div class="col-lg-12"> <h1 class="page-header">Add Latest News</h1>
# we check datas if (!isset($_FILES['file']['name']) or empty($_FILES['file']['name'])) { $page['erreur'][$nb_erreur]['message'] = $lang['file']['E_empty_file']; $nb_erreur++; } elseif (!in_array($_FILES['file']['type'], $type_mime_allowed)) { $var['type'] = implode(", ", $type_allowed); $page['erreur'][$nb_erreur]['message'] = text_replace($lang['file']['E_invalid_file_type'], $var); $nb_erreur++; } if ($_FILES['file']['size'] > MAX_FILE_SIZE) { $var['max_file_size'] = filesize_format(MAX_FILE_SIZE); $page['erreur'][$nb_erreur]['message'] = text_replace($lang['file']['E_invalid_file_size'], $var); $nb_erreur++; } # if($_FILES['file']['error']!=0) { $page['erreur'][$nb_erreur]['message']=$lang['file']['E_invalid_file']; $nb_erreur++; } if (isset($_POST['name']) and !empty($_POST['name']) and !check_file_name($_POST['name'])) { $page['erreur'][$nb_erreur]['message'] = $lang['file']['E_invalid_name']; $nb_erreur++; } # we check if the file does not exist if ($nb_erreur == 0) { # name of the file if (isset($_POST['name']) and !empty($_POST['name'])) { # we get the extension $file_ext = substr($_FILES['file']['name'], strrpos($_FILES['file']['name'], ".")); $file_name = format_file_name($_POST['name']) . $file_ext; } else { $file_name = format_file_name($_FILES['file']['name']); } $path_file = ROOT . "/" . FILE_FOLDER . "/" . $_POST['upload_folder'] . "/" . $file_name; # check
function upload($file, &$msg) { if (!$this->allowUpload($msg)) { return false; } $tar = $this->system->loadModel('utility/tar'); $handle = fopen($file['tmp_name'], "r"); $contents = file_get_contents($handle); preg_match('/\\<id\\>(.*?)\\<\\/id\\>/', $contents, $tar_name); $filename = $tar_name[1] ? $tar_name[1] : time(); if (is_dir(THEME_DIR . '/' . trim($filename))) { $filename = time(); } $sDir = $this->__buildDir(str_replace('\\', '/', THEME_DIR . '/' . trim($filename))); if ($tar->openTAR($file['tmp_name'])) { if ($tar->containsFile('theme.xml')) { foreach ($tar->files as $id => $file) { $tar_tmp_file = substr($file['name'], strrpos($file['name'], ".") + 1); if (check_file_name($tar_tmp_file)) { $fpath = $sDir . $file['name']; if (!is_dir(dirname($fpath))) { if (mkdir_p(dirname($fpath))) { file_put_contents($fpath, $tar->getContents($file)); } else { $msg = __('权限不允许'); return false; } } else { file_put_contents($fpath, $tar->getContents($file)); } } } $tar->closeTAR(); if (!($config = $this->initTheme(basename($sDir), '', 'upload'))) { $this->__removeDir($sDir); $msg = __('shopEx模板包创建失败'); return false; } return $config; } else { $msg = __('不是标准的shopEx模板包'); return false; } } else { $msg = __('模板包已损坏,不是标准的shopEx模板包') . $file['tmp_name']; return false; } }