public function check_attachments_dir_perms() { global $import_session, $output; if ($import_session['total_attachments'] <= 0) { return; } $this->debug->log->trace0("Checking attachment directory permissions again"); if ($import_session['uploads_test'] != 1) { // Check upload directory is writable $uploadswritable = @fopen(MYBB_ROOT . 'uploads/test.write', 'w'); if (!$uploadswritable) { $this->debug->log->error("Uploads directory is not writable"); $this->errors[] = 'The uploads directory (uploads/) is not writable. Please adjust the <a href="http://wiki.mybb.com/index.php/CHMOD%20Files" target="_blank">chmod</a> permissions to allow it to be written to.'; @fclose($uploadswritable); $output->print_error_page(); } else { @fclose($uploadswritable); @my_chmod(MYBB_ROOT . 'uploads', '0777'); @my_chmod(MYBB_ROOT . 'uploads/test.write', '0777'); @unlink(MYBB_ROOT . 'uploads/test.write'); $import_session['uploads_test'] = 1; $this->debug->log->trace1("Uploads directory is writable"); } } }
function upgrade3_dbchanges() { global $db, $output; $output->print_header("Attachment Conversion to Files"); $contents = "<p>The first step of the upgrade process from RC4 is to move your attachments and avatars to the file system.</p>"; if (!@is_dir("../uploads/")) { $errors = "<p>../uploads/ Does not exist in your forums' directory. Please create this directory."; } else { if (!@is_writable("../uploads/")) { @my_chmod("../uploads", '0777'); if (!@is_writable("../uploads/")) { $errors = "<p>../uploads/ is not writable! Please chmod this directory so it's writable (766 or 777)."; } } } if (!@is_dir("../uploads/avatars/")) { $errors .= "<p>../uploads/avatars/ Does not exist. Please create this directory."; } else { if (!@is_writable("../uploads/avatars/")) { @my_chmod("../uploads/avatars/", '0777'); if (!is_writable("../uploads/avatars/")) { $errors = "<p>../uploads/avatars/ is not writable! Please chmod this directory so it's writable (766 or 777)."; } } } if ($errors) { $output->print_contents($contents . "<p><font color=\"red\">To be able to do this you must perform the following:</font></p>{$errors}"); $output->print_footer("3_dbchanges"); exit; } $contents .= "<p>Okay, we've determined that the specified directory settings have been met.</p>If you wish to change the number of attachments to process per page then you can do so below.</p>"; $contents .= "<p><strong>Attachments Per Page:</strong> <input type=\"text\" size=\"3\" value=\"50\" name=\"attachmentspage\" /></p>"; $contents .= "<p>Once you're ready, press next to begin the conversion.</p>"; $output->print_contents($contents); $output->print_footer("3_convertattachments"); }
function upgrade3_dbchanges() { global $db, $output; $output->print_header("Konwersja załączników na pliki"); $contents = "<p>Pierwszym krokiem w aktualizacji z wersji RC4 jest przeniesienie załączników i awatarów do systemu plików.</p>"; if (!@is_dir("../uploads/")) { $errors = "<p>Katalog /uploads nie istnieje w katalogu, w którym znajduje się forum. Utwórz ten katalog przed kontynuowaniem."; } else { if (!@is_writable("../uploads/")) { @my_chmod("../uploads", '0777'); if (!@is_writable("../uploads/")) { $errors = "<p>Nie można zapisywać do katalogu /uploads. Sprawdź uprawnienia dla tego katalogu i spróbuj ponownie (CHMOD 766 lub 777)."; } } } if (!@is_dir("../uploads/avatars/")) { $errors .= "<p>Katalog /uploads/avatars/ nie istnieje. Utwórz ten katalog przed kontynuowaniem."; } else { if (!@is_writable("../uploads/avatars/")) { @my_chmod("../uploads/avatars/", '0777'); if (!is_writable("../uploads/avatars/")) { $errors = "<p>Nie można zapisywać do katalogu /uploads/avatars. Sprawdź uprawnienia dla tego katalogu i spróbuj ponownie (CHMOD 766 lub 777)."; } } } if ($errors) { $output->print_contents($contents . "<p><font color=\"red\">Aby wykonać ten krok musisz naprawić poniższe błędy:</font></p>{$errors}"); $output->print_footer("3_dbchanges"); exit; } $contents .= "<p>Wymagania co do folderów zostały spełnione.</p>Jeżeli chcesz zmienić liczbę załączników do przetworzenia na stronę, możesz to zrobić poniżej.</p>"; $contents .= "<p><strong>Ilość wpisów na stronę:</strong> <input type=\"text\" size=\"3\" value=\"50\" name=\"attachmentspage\" /></p>"; $contents .= "<p>Aby rozpocząć konwersję naciśnij dalej.</p>"; $output->print_contents($contents); $output->print_footer("3_convertattachments"); }
/** * Check our requirements */ function requirements_check() { global $output, $mybb, $dboptions, $lang; $mybb->input['action'] = "requirements_check"; $output->print_header($lang->req_check, 'requirements'); echo $lang->req_step_top; $errors = array(); $showerror = 0; if (!file_exists(MYBB_ROOT . "/inc/config.php")) { if (!@rename(MYBB_ROOT . "/inc/config.default.php", MYBB_ROOT . "/inc/config.php")) { if (!$configwritable) { $errors[] = $lang->sprintf($lang->req_step_error_box, $lang->req_step_error_configdefaultfile); $configstatus = $lang->sprintf($lang->req_step_span_fail, $lang->not_writable); $showerror = 1; } } } // Check PHP Version if (version_compare(PHP_VERSION, '5.2.0', "<")) { $errors[] = $lang->sprintf($lang->req_step_error_box, $lang->sprintf($lang->req_step_error_phpversion, PHP_VERSION)); $phpversion = $lang->sprintf($lang->req_step_span_fail, PHP_VERSION); $showerror = 1; } else { $phpversion = $lang->sprintf($lang->req_step_span_pass, PHP_VERSION); } $mboptions = array(); if (function_exists('mb_detect_encoding')) { $mboptions[] = $lang->multi_byte; } if (function_exists('iconv')) { $mboptions[] = 'iconv'; } // Check Multibyte extensions if (count($mboptions) < 1) { $mbstatus = $lang->sprintf($lang->req_step_span_fail, $lang->none); } else { $mbstatus = implode(', ', $mboptions); } // Check database engines if (count($dboptions) < 1) { $errors[] = $lang->sprintf($lang->req_step_error_box, $lang->req_step_error_dboptions); $dbsupportlist = $lang->sprintf($lang->req_step_span_fail, $lang->none); $showerror = 1; } else { foreach ($dboptions as $dboption) { $dbsupportlist[] = $dboption['title']; } $dbsupportlist = implode(', ', $dbsupportlist); } // Check XML parser is installed if (!function_exists('xml_parser_create')) { $errors[] = $lang->sprintf($lang->req_step_error_box, $lang->req_step_error_xmlsupport); $xmlstatus = $lang->sprintf($lang->req_step_span_fail, $lang->not_installed); $showerror = 1; } else { $xmlstatus = $lang->sprintf($lang->req_step_span_pass, $lang->installed); } // Check config file is writable $configwritable = @fopen(MYBB_ROOT . 'inc/config.php', 'w'); if (!$configwritable) { $errors[] = $lang->sprintf($lang->req_step_error_box, $lang->req_step_error_configfile); $configstatus = $lang->sprintf($lang->req_step_span_fail, $lang->not_writable); $showerror = 1; } else { $configstatus = $lang->sprintf($lang->req_step_span_pass, $lang->writable); } @fclose($configwritable); // Check settings file is writable $settingswritable = @fopen(MYBB_ROOT . 'inc/settings.php', 'w'); if (!$settingswritable) { $errors[] = $lang->sprintf($lang->req_step_error_box, $lang->req_step_error_settingsfile); $settingsstatus = $lang->sprintf($lang->req_step_span_fail, $lang->not_writable); $showerror = 1; } else { $settingsstatus = $lang->sprintf($lang->req_step_span_pass, $lang->writable); } @fclose($settingswritable); // Check cache directory is writable $cachewritable = @fopen(MYBB_ROOT . 'cache/test.write', 'w'); if (!$cachewritable) { $errors[] = $lang->sprintf($lang->req_step_error_box, $lang->req_step_error_cachedir); $cachestatus = $lang->sprintf($lang->req_step_span_fail, $lang->not_writable); $showerror = 1; @fclose($cachewritable); } else { $cachestatus = $lang->sprintf($lang->req_step_span_pass, $lang->writable); @fclose($cachewritable); @my_chmod(MYBB_ROOT . 'cache', '0777'); @my_chmod(MYBB_ROOT . 'cache/test.write', '0777'); @unlink(MYBB_ROOT . 'cache/test.write'); } // Check upload directory is writable $uploadswritable = @fopen(MYBB_ROOT . 'uploads/test.write', 'w'); if (!$uploadswritable) { $errors[] = $lang->sprintf($lang->req_step_error_box, $lang->req_step_error_uploaddir); $uploadsstatus = $lang->sprintf($lang->req_step_span_fail, $lang->not_writable); $showerror = 1; @fclose($uploadswritable); } else { $uploadsstatus = $lang->sprintf($lang->req_step_span_pass, $lang->writable); @fclose($uploadswritable); @my_chmod(MYBB_ROOT . 'uploads', '0777'); @my_chmod(MYBB_ROOT . 'uploads/test.write', '0777'); @unlink(MYBB_ROOT . 'uploads/test.write'); } // Check avatar directory is writable $avatarswritable = @fopen(MYBB_ROOT . 'uploads/avatars/test.write', 'w'); if (!$avatarswritable) { $errors[] = $lang->sprintf($lang->req_step_error_box, $lang->req_step_error_avatardir); $avatarsstatus = $lang->sprintf($lang->req_step_span_fail, $lang->not_writable); $showerror = 1; @fclose($avatarswritable); } else { $avatarsstatus = $lang->sprintf($lang->req_step_span_pass, $lang->writable); @fclose($avatarswritable); @my_chmod(MYBB_ROOT . 'uploads/avatars', '0777'); @my_chmod(MYBB_ROOT . 'uploads/avatars/test.write', '0777'); @unlink(MYBB_ROOT . 'uploads/avatars/test.write'); } // Output requirements page echo $lang->sprintf($lang->req_step_reqtable, $phpversion, $dbsupportlist, $mbstatus, $xmlstatus, $configstatus, $settingsstatus, $cachestatus, $uploadsstatus, $avatarsstatus); if ($showerror == 1) { $error_list = error_list($errors); echo $lang->sprintf($lang->req_step_error_tablelist, $error_list); echo "\n\t\t\t<input type=\"hidden\" name=\"action\" value=\"{$mybb->input['action']}\" />"; echo "\n\t\t\t\t<div id=\"next_button\"><input type=\"submit\" class=\"submit_button\" value=\"{$lang->recheck} »\" /></div><br style=\"clear: both;\" />\n"; $output->print_footer(); } else { echo $lang->req_step_reqcomplete; $output->print_footer('database_info'); } }
/** * Generates a thumbnail based on specified dimensions (supports png, jpg, and gif) * * @param string the full path to the original image * @param string the directory path to where to save the new image * @param string the filename to save the new image as * @param integer maximum hight dimension * @param integer maximum width dimension * @return array thumbnail on success, error code 4 on failure */ function generate_thumbnail($file, $path, $filename, $maxheight, $maxwidth) { if (!function_exists("imagecreate")) { $thumb['code'] = 3; return $thumb; } $imgdesc = getimagesize($file); $imgwidth = $imgdesc[0]; $imgheight = $imgdesc[1]; $imgtype = $imgdesc[2]; $imgattr = $imgdesc[3]; $imgbits = $imgdesc['bits']; $imgchan = $imdesc['channels']; if ($imgwidth == 0 || $imgheight == 0) { $thumb['code'] = 3; return $thumb; } if ($imgwidth >= $maxwidth || $imgheight >= $maxheight) { check_thumbnail_memory($imgwidth, $imgheight, $imgtype, $imgbits, $imgchan); if ($imgtype == 3) { if (@function_exists("imagecreatefrompng")) { $im = @imagecreatefrompng($file); } } elseif ($imgtype == 2) { if (@function_exists("imagecreatefromjpeg")) { $im = @imagecreatefromjpeg($file); } } elseif ($imgtype == 1) { if (@function_exists("imagecreatefromgif")) { $im = @imagecreatefromgif($file); } } else { $thumb['code'] = 3; return $thumb; } if (!$im) { $thumb['code'] = 3; return $thumb; } $scale = scale_image($imgwidth, $imgheight, $maxwidth, $maxheight); $thumbwidth = $scale['width']; $thumbheight = $scale['height']; $thumbim = @imagecreatetruecolor($thumbwidth, $thumbheight); if (!$thumbim) { $thumbim = @imagecreate($thumbwidth, $thumbheight); $resized = true; } // Attempt to preserve the transparency if there is any $trans_color = imagecolortransparent($im); if ($trans_color >= 0 && $trans_color < imagecolorstotal($im)) { $trans = imagecolorsforindex($im, $trans_colors); $new_trans_color = imagecolorallocate($thumbim, $trans['red'], $trans['blue'], $trans['green']); imagefill($thumbim, 0, 0, $new_trans_color); imagecolortransparent($thumbim, $new_trans_color); } if (!isset($resized)) { @imagecopyresampled($thumbim, $im, 0, 0, 0, 0, $thumbwidth, $thumbheight, $imgwidth, $imgheight); } else { @imagecopyresized($thumbim, $im, 0, 0, 0, 0, $thumbwidth, $thumbheight, $imgwidth, $imgheight); } @imagedestroy($im); if (!function_exists("imagegif") && $imgtype == 1) { $filename = str_replace(".gif", ".jpg", $filename); } switch ($imgtype) { case 1: if (function_exists("imagegif")) { @imagegif($thumbim, $path . "/" . $filename); } else { @imagejpeg($thumbim, $path . "/" . $filename); } break; case 2: @imagejpeg($thumbim, $path . "/" . $filename); break; case 3: @imagepng($thumbim, $path . "/" . $filename); break; } @my_chmod($path . "/" . $filename, '0666'); @imagedestroy($thumbim); $thumb['code'] = 1; $thumb['filename'] = $filename; return $thumb; } else { return array("code" => 4); } }
function after_insert($data, $insert_data, $aid) { global $mybb, $db, $import_session; // Transfer attachment $attachment_file = merge_fetch_remote_file($import_session['uploadspath'] . '/' . $data['physical_filename']); if (!empty($attachment_file)) { $attachrs = @fopen($mybb->settings['uploadspath'] . '/' . $insert_data['attachname'], 'w'); if ($attachrs) { @fwrite($attachrs, $attachment_file); } else { $this->board->set_error_notice_in_progress("Error transfering the attachment (ID: {$aid})"); } @fclose($attachrs); @my_chmod($mybb->settings['uploadspath'] . '/' . $insert_data['attachname'], '0777'); } else { $this->board->set_error_notice_in_progress("Could not find the attachment (ID: {$aid})"); } if (!$posthash) { // Restore connection $db->update_query("posts", array('posthash' => $insert_data['posthash']), "pid = '{$insert_data['pid']}'"); } $posthash = $this->get_import->post_attachment_details($data['post_msg_id']); $db->write_query("UPDATE " . TABLE_PREFIX . "threads SET attachmentcount = attachmentcount + 1 WHERE tid = '" . $posthash['tid'] . "'"); }
/** * Actually move a file to the uploads directory * * @param array $file The PHP $_FILE array for the file * @param string $path The path to save the file in * @param string $filename The filename for the file (if blank, current is used) * @return array The uploaded file */ function upload_file($file, $path, $filename = "") { global $plugins, $mybb; $upload = array(); if (empty($file['name']) || $file['name'] == "none" || $file['size'] < 1) { $upload['error'] = 1; return $upload; } if (!$filename) { $filename = $file['name']; } $upload['original_filename'] = preg_replace("#/\$#", "", $file['name']); // Make the filename safe $filename = preg_replace("#/\$#", "", $filename); // Make the filename safe $moved = @move_uploaded_file($file['tmp_name'], $path . "/" . $filename); $cdn_path = ''; $moved_cdn = copy_file_to_cdn($path . "/" . $filename, $cdn_path); if (!$moved) { $upload['error'] = 2; return $upload; } @my_chmod($path . "/" . $filename, '0644'); $upload['filename'] = $filename; $upload['path'] = $path; $upload['type'] = $file['type']; $upload['size'] = $file['size']; $upload = $plugins->run_hooks("upload_file_end", $upload); if ($moved_cdn) { $upload['cdn_path'] = $cdn_path; } return $upload; }
function upgrade12_redothemes() { global $db, $output, $config, $mybb; $output->print_header("Converting themes"); if (!@is_dir(MYBB_ROOT . 'cache/')) { @mkdir(MYBB_ROOT . 'cache/', 077); // Add in empty index.html! $fp = @fopen(MYBB_ROOT . "cache/index.html", "w"); @fwrite($fp, ""); @fclose($fp); } $cachewritable = @fopen(MYBB_ROOT . 'cache/test.write', 'w'); if (!$cachewritable) { $not_writable = true; @fclose($cachewritable); } else { @fclose($cachewritable); @my_chmod(MYBB_ROOT . 'cache', '0777'); @my_chmod(MYBB_ROOT . 'cache/test.write', '0777'); @unlink(MYBB_ROOT . 'cache/test.write'); } if ($not_writable) { echo "<p><span style=\"color: red; font-weight: bold;\">Unable to write to the cache/ directory.</span><br />Before the upgrade process can continue you need to make sure this directory exists and is writable (chmod 777)</p>"; $output->print_footer("12_redothemes"); exit; } $not_writable = false; if (!@is_dir(MYBB_ROOT . 'cache/themes/')) { @mkdir(MYBB_ROOT . 'cache/themes/', 077); // Add in empty index.html! $fp = @fopen(MYBB_ROOT . "cache/themes/index.html", "w"); @fwrite($fp, ""); @fclose($fp); } $themewritable = @fopen(MYBB_ROOT . 'cache/themes/test.write', 'w'); if (!$themewritable) { $not_writable = true; @fclose($themewritable); } else { @fclose($themewritable); @my_chmod(MYBB_ROOT . 'cache/themes', '0777'); @my_chmod(MYBB_ROOT . 'cache/themes/test.write', '0777'); @unlink(MYBB_ROOT . 'cache/themes/test.write'); } if ($not_writable) { echo "<p><span style=\"color: red; font-weight: bold;\">Unable to write to the cache/themes/ directory.</span><br />Before the upgrade process can continue you need to make sure this directory exists and is writable (chmod 777)</p>"; $output->print_footer("12_redothemes"); exit; } if ($db->field_exists('themebits', "themes") && !$db->field_exists('properties', "themes")) { $db->write_query("ALTER TABLE " . TABLE_PREFIX . "themes CHANGE themebits properties text NOT NULL"); } if ($db->field_exists('cssbits', "themes")) { $db->write_query("ALTER TABLE " . TABLE_PREFIX . "themes DROP cssbits"); } if ($db->field_exists('csscached', "themes")) { $db->write_query("ALTER TABLE " . TABLE_PREFIX . "themes DROP csscached"); } if ($db->field_exists('stylesheets', "themes")) { $db->write_query("ALTER TABLE " . TABLE_PREFIX . "themes DROP stylesheets"); } $db->write_query("ALTER TABLE " . TABLE_PREFIX . "themes ADD stylesheets text NOT NULL AFTER properties"); if ($db->table_exists("themestylesheets")) { $db->drop_table("themestylesheets"); } $db->write_query("CREATE TABLE " . TABLE_PREFIX . "themestylesheets(\n\t\tsid int unsigned NOT NULL auto_increment,\n\t\tname varchar(30) NOT NULL default '',\n\t\ttid int unsigned NOT NULL default '0',\n\t\tattachedto text NOT NULL,\n\t\tstylesheet text NOT NULL,\n\t\tcachefile varchar(100) NOT NULL default '',\n\t\tlastmodified bigint(30) NOT NULL default '0',\n\t\tPRIMARY KEY(sid)\n\t) ENGINE=MyISAM{$collation};"); // Define our default stylesheets - MyBB 1.4 contains additional stylesheets that our converted themes will also need $contents = @file_get_contents(INSTALL_ROOT . 'resources/mybb_theme.xml'); if (file_exists(MYBB_ROOT . $mybb->config['admin_dir'] . "/inc/functions_themes.php")) { require_once MYBB_ROOT . $mybb->config['admin_dir'] . "/inc/functions_themes.php"; } else { if (file_exists(MYBB_ROOT . "admin/inc/functions_themes.php")) { require_once MYBB_ROOT . "admin/inc/functions_themes.php"; } else { $output->print_error("Please make sure your admin directory is uploaded correctly."); } } // Import master theme if (import_theme_xml($contents, array("tid" => 1, "no_templates" => 1, "version_compat" => 1)) === -1) { $output->print_error("Please make sure your install/resources/mybb_theme.xml file is uploaded correctly."); } // Fetch out default stylesheets from master $query = $db->simple_select("themes", "*", "tid=1"); $master_theme = $db->fetch_array($query); $master_stylesheets = unserialize($master_theme['stylesheets']); if (is_array($master_stylesheets)) { // Note: 1.4 only ships with one global|global stylesheet foreach ($master_stylesheets as $location => $sheets) { foreach ($sheets as $action => $sheets) { foreach ($sheets as $stylesheet) { if ($location == "global" && $action == "global") { continue; // Skip global } $default_stylesheets[$location][$action][] = $stylesheet; $default_stylesheets['inherited']["{$location}_{$action}"][$stylesheet] = 1; // This stylesheet is inherited from the master } } } } $query = $db->simple_select("themes"); while ($theme = $db->fetch_array($query)) { if (!$theme['css']) { continue; } $theme['css'] .= "\n\n" . $theme['extracss']; $theme['css'] = upgrade_css_120_to_140($theme['css']); // Create stylesheets $cache_file = cache_stylesheet($theme['tid'], "global.css", $theme['css']); $new_stylesheet = array("tid" => $theme['tid'], "name" => "global.css", "attachedto" => "", "stylesheet" => $db->escape_string($theme['css']), "cachefile" => "global.css", "lastmodified" => TIME_NOW); $sid = $db->insert_query("themestylesheets", $new_stylesheet); $css_url = "css.php?stylesheet={$sid}"; if ($cache_file) { $css_url = $cache_file; } // Now we go and update the stylesheets column for this theme $stylesheets = $default_stylesheets; // Add in our local for this theme $stylesheets['global']['global'][] = $css_url; // Update the theme $db->update_query("themes", array("stylesheets" => $db->escape_string(serialize($stylesheets))), "tid='{$theme['tid']}'"); } if ($db->field_exists('css', "themes")) { $db->write_query("ALTER TABLE " . TABLE_PREFIX . "themes DROP css"); } if ($db->field_exists('extracss', "themes")) { $db->write_query("ALTER TABLE " . TABLE_PREFIX . "themes DROP extracss"); } // We need to replace this for our themes css to show up // <link rel="stylesheet" type="text/css" href="{$theme['css_url']}" /> must be present in the old template (it usually is) $query = $db->simple_select("templates", "tid,template", "title='headerinclude'"); while ($template = $db->fetch_array($query)) { $template['template'] = str_replace('<link rel="stylesheet" type="text/css" href="{$theme[\'css_url\']}" />', '{$stylesheets}', $template['template']); $db->update_query("templates", array('template' => $db->escape_string($template['template'])), "tid='{$template['tid']}'"); } echo "<p>Your themes have successfully been converted to the new theme system.</p>"; echo "<p>Click next to continue with the upgrade process.</p>"; global $footer_extra; //$footer_extra = "<script type=\"text/javascript\">window.onload = function() { var button = $$('.submit_button'); if(button[0]) { button[0].value = 'Automatically Redirecting...'; button[0].disabled = true; button[0].style.color = '#aaa'; button[0].style.borderColor = '#aaa'; document.forms[0].submit(); }}</script>"; $output->print_footer("12_done"); }
function do_upload_xtattachment($attachment, &$tf, $update_attachment = 0, $tid = 0, $timestamp = TIME_NOW) { global $db, $mybb, $lang; $posthash = $db->escape_string($mybb->input['posthash']); $tid = (int) $tid; // may be possible for this to be null, if so, change to 0 $path = $mybb->settings['uploadspath'] . '/xthreads_ul/'; if (!$lang->xthreads_threadfield_attacherror) { $lang->load('xthreads'); } if (is_array($attachment)) { if (isset($attachment['error']) && $attachment['error']) { if ($attachment['error'] == 2) { return array('error' => $lang->sprintf($lang->xthreads_xtaerr_error_attachsize, get_friendly_size($tf['filemaxsize']))); } elseif ($attachment['error'] >= 1 && $attachment['error'] <= 7) { $langvar = 'error_uploadfailed_php' . $attachment['error']; $langstr = $lang->{$langvar}; } else { $langstr = $lang->sprintf($lang->error_uploadfailed_phpx, $attachment['error']); } return array('error' => $lang->error_uploadfailed . $lang->error_uploadfailed_detail . $langstr); } if (!is_uploaded_file($attachment['tmp_name']) || empty($attachment['tmp_name'])) { return array('error' => $lang->error_uploadfailed . $lang->error_uploadfailed_php4); } $file_size = $attachment['size']; // @filesize($attachment['tmp_name']) $attachment['name'] = strtr($attachment['name'], array('/' => '', "" => '')); if ($error = xthreads_validate_attachment($attachment, $tf)) { @unlink($attachment['tmp_name']); return array('error' => $error); } $movefunc = 'move_uploaded_file'; } elseif ($mybb->usergroup['cancp'] == 1 && substr($attachment, 0, 7) == 'file://') { // admin file move $filename = strtr(substr($attachment, 7), array('/' => '', DIRECTORY_SEPARATOR => '', "" => '')); $file = $path . 'admindrop/' . $filename; if (xthreads_empty($filename) || !file_exists($file)) { return array('error' => $lang->sprintf($lang->xthreads_xtaerr_admindrop_not_found, htmlspecialchars_uni($filename), htmlspecialchars_uni($file))); } if (!is_writable($file)) { return array('error' => $lang->sprintf($lang->xthreads_xtaerr_admindrop_file_unwritable, htmlspecialchars_uni($filename))); } if (strtolower($file) == 'index.html') { return array('error' => $lang->xthreads_xtaerr_admindrop_index_error); } $attachment = array('name' => $filename, 'tmp_name' => $file, 'size' => @filesize($file)); unset($file, $filename); if ($error = xthreads_validate_attachment($attachment, $tf)) { return array('error' => $error); } $file_size = $attachment['size']; $movefunc = 'rename'; } else { // fetch URL if (!empty($tf['filemagic'])) { $magic =& $tf['filemagic']; } else { $magic = array(); } $attachment = xthreads_fetch_url($attachment, $tf['filemaxsize'], $tf['fileexts'], $magic); db_ping($db); if ($attachment['error']) { return array('error' => $attachment['error']); } $file_size = $attachment['size']; if (xthreads_empty($attachment['name']) || $file_size < 1) { return array('error' => $lang->error_uploadfailed); } $attachment['name'] = strtr($attachment['name'], array('/' => '', "" => '')); $movefunc = 'rename'; } if ($tf['fileimage']) { $img_dimensions = @getimagesize($attachment['tmp_name']); if (empty($img_dimensions) || !in_array($img_dimensions[2], array(IMAGETYPE_GIF, IMAGETYPE_JPEG, IMAGETYPE_PNG))) { @unlink($attachment['tmp_name']); return array('error' => $lang->error_attachtype); } if (preg_match('~^([0-9]+)x([0-9]+)(\\|([0-9]+)x([0-9]+))?$~', $tf['fileimage'], $match)) { // check if image exceeds max/min dimensions if ($img_dimensions[0] < $match[1] || $img_dimensions[1] < $match[2] || $match[3] && ($img_dimensions[0] > $match[4] || $img_dimensions[1] > $match[5])) { @unlink($attachment['tmp_name']); return array('error' => $lang->sprintf($lang->xthreads_xtaerr_error_imgdims, $img_dimensions[0], $img_dimensions[1])); } } /* // convert WBMP -> PNG (saves space, bandwidth and works with MyBB's thumbnail generator) // unfortunately, although this is nice, we have a problem of filetype checking etc... if($img_dimensions[2] == IMAGETYPE_WBMP) { if(function_exists('imagecreatefromwbmp') && $img = @imagecreatefromwbmp($attachment['tmp_name'])) { @unlink($attachment['tmp_name']); @imagepng($img, $attachment['tmp_name'], 6); // use zlib's recommended compression level imgdestroy($img); unset($img); // double check that we have a file if(!file_exists($attachment['tmp_name'])) return array('error' => $lang->error_attachtype); // get user to upload a non-WBMP file, lol // change extension + update filesize, do MIME as well if(strtolower(substr($attachment['name'], -5)) == '.wbmp') $attachment['name'] = substr($attachment['name'], 0, -5).'.png'; $file_size = @filesize($attachment['tmp_name']); if(strtolower($attachment['type']) == 'image/wbmp') $attachment['type'] = 'image/png'; // update type too $img_dimensions[2] = IMAGETYPE_PNG; } else { // can't do much, error out @unlink($attachment['tmp_name']); return array('error' => $lang->error_attachtype); } } */ // we won't actually bother checking MIME types - not a big issue anyway } if (!XTHREADS_UPLOAD_LARGEFILE_SIZE || $file_size < XTHREADS_UPLOAD_LARGEFILE_SIZE) { @set_time_limit(30); // as md5_file may take a while $md5_start = time(); $file_md5 = @md5_file($attachment['tmp_name'], true); if (strlen($file_md5) == 32) { // perhaps not PHP5 $file_md5 = pack('H*', $file_md5); } if (time() - $md5_start > 2) { // ping DB if process took longer than 2 secs db_ping($db); } unset($md5_start); } if ($update_attachment) { $prevattach = $db->fetch_array($db->simple_select('xtattachments', 'aid,attachname,indir,md5hash', 'aid=' . (int) $update_attachment)); if (!$prevattach['aid']) { $update_attachment = false; } } /* else { // Check if attachment already uploaded // TODO: this is actually a little problematic - perhaps verify that this is attached to this field (or maybe rely on checks in xt_updatehooks file) if(isset($file_md5)) $md5check = ' OR md5hash='.xthreads_db_escape_binary($file_md5); else $md5check = ''; $prevattach = $db->fetch_array($db->simple_select('xtattachments', 'aid', 'filename="'.$db->escape_string($attachment['name']).'" AND (md5hash IS NULL'.$md5check.') AND filesize='.$file_size.' AND (posthash="'.$posthash.'" OR (tid='.$tid.' AND tid!=0))')); if($prevattach['aid']) { @unlink($attachment['tmp_name']); // TODO: maybe return aid instead? return array('error' => $lang->error_alreadyuploaded); } } */ // We won't use MyBB's nice monthly directories, instead, we'll use a more confusing system based on the timestamps // note, one month = 2592000 seconds, so if we split up by 1mil, it'll be approx 11.5 days // If safe_mode is enabled, don't attempt to use the monthly directories as it won't work if (ini_get('safe_mode') == 1 || strtolower(ini_get('safe_mode')) == 'on') { $month_dir = ''; } else { $month_dir = 'ts_' . floor(TIME_NOW / 1000000) . '/'; if (!@is_dir($path . $month_dir)) { @mkdir($path . $month_dir); // Still doesn't exist - oh well, throw it in the main directory if (@is_dir($path . $month_dir)) { // write index file if ($index = fopen($path . $month_dir . 'index.html', 'w')) { fwrite($index, '<html><body></body></html>'); fclose($index); @my_chmod($path . $month_dir . 'index.html', 0644); } @my_chmod($path . $month_dir, 0755); } else { $month_dir = ''; } } } // All seems to be good, lets move the attachment! $basename = substr(md5(uniqid(mt_rand(), true) . substr($mybb->post_code, 16)), 12, 8) . '_' . preg_replace('~[^a-zA-Z0-9_\\-%]~', '', str_replace(array(' ', '.', '+'), '_', $attachment['name'])) . '.upload'; $filename = 'file_' . ($prevattach['aid'] ? $prevattach['aid'] : 't' . TIME_NOW) . '_' . $basename; @ignore_user_abort(true); // don't let the user break this integrity between file system and DB if (isset($GLOBALS['xtfurl_tmpfiles'])) { // if using url fetch, remove this from list of temp files unset($GLOBALS['xtfurl_tmpfiles'][$attachment['tmp_name']]); } while (!@$movefunc($attachment['tmp_name'], $path . $month_dir . $filename)) { if ($month_dir) { // try doing it again without the month_dir $month_dir = ''; } else { // failed @ignore_user_abort(false); return array('error' => $lang->error_uploadfailed . $lang->error_uploadfailed_detail . $lang->error_uploadfailed_movefailed); } } // Lets just double check that it exists if (!file_exists($path . $month_dir . $filename)) { @ignore_user_abort(false); return array('error' => $lang->error_uploadfailed . $lang->error_uploadfailed_detail . $lang->error_uploadfailed_lost); } // Generate the array for the insert_query $attacharray = array('posthash' => $posthash, 'tid' => $tid, 'uid' => (int) $mybb->user['uid'], 'field' => $tf['field'], 'filename' => strval($attachment['name']), 'uploadmime' => strval($attachment['type']), 'filesize' => $file_size, 'attachname' => $basename, 'indir' => $month_dir, 'downloads' => 0, 'uploadtime' => $timestamp, 'updatetime' => $timestamp); if (isset($file_md5)) { $attacharray['md5hash'] = new xthreads_db_binary_value($file_md5); } else { $attacharray['md5hash'] = null; } if (!empty($img_dimensions)) { $origdimarray = array('w' => $img_dimensions[0], 'h' => $img_dimensions[1], 'type' => $img_dimensions[2]); $attacharray['thumbs'] = serialize(array('orig' => $origdimarray)); } if ($update_attachment) { unset($attacharray['downloads'], $attacharray['uploadtime']); //$attacharray['updatetime'] = TIME_NOW; xthreads_db_update('xtattachments', $attacharray, 'aid=' . $prevattach['aid']); $attacharray['aid'] = $prevattach['aid']; // and finally, delete old attachment xthreads_rm_attach_fs($prevattach); $new_file = $path . $month_dir . $filename; } else { $attacharray['aid'] = xthreads_db_insert('xtattachments', $attacharray); // now that we have the aid, move the file $new_file = $path . $month_dir . 'file_' . $attacharray['aid'] . '_' . $basename; @rename($path . $month_dir . $filename, $new_file); if (!file_exists($new_file)) { // oh dear, all our work for nothing... @unlink($path . $month_dir . $filename); $db->delete_query('xtattachments', 'aid=' . $attacharray['aid']); @ignore_user_abort(false); return array('error' => $lang->error_uploadfailed . $lang->error_uploadfailed_detail . $lang->error_uploadfailed_lost); } } @my_chmod($new_file, '0644'); @ignore_user_abort(false); if (!empty($img_dimensions) && !empty($tf['fileimgthumbs'])) { // generate thumbnails $attacharray['thumbs'] = xthreads_build_thumbnail($tf['fileimgthumbs'], $attacharray['aid'], $tf['field'], $new_file, $path, $month_dir, $img_dimensions); $attacharray['thumbs']['orig'] = $origdimarray; $attacharray['thumbs'] = serialize($attacharray['thumbs']); } return $attacharray; }
function after_insert($data, $insert_data, $aid) { global $import_session, $mybb, $db; // Transfer attachment thumbnail $thumb_not_exists = ""; if ($data['id_thumb'] != 0) { // Transfer attachment thumbnail $query = $this->old_db->simple_select("attachments", "*", "id_attach = '{$data['id_thumb']}'"); $data['thumb_file_name'] = $data['id_thumb'] . "_" . $this->old_db->fetch_field($query, "file_hash"); $this->old_db->free_result($query); $attachment_thumbnail_file = merge_fetch_remote_file($import_session['uploadspath'] . '/' . $data['thumb_file_name']); if (!empty($attachment_thumbnail_file)) { $attachrs = @fopen($mybb->settings['uploadspath'] . '/' . $insert_data['thumbnail'], 'w'); if ($attachrs) { @fwrite($attachrs, $attachment_thumbnail_file); } else { $this->board->set_error_notice_in_progress("Error transfering the attachment thumbnail (ID: {$aid})"); } @fclose($attachrs); @my_chmod($mybb->settings['uploadspath'] . '/' . $insert_data['thumbnail'], '0777'); } else { $this->board->set_error_notice_in_progress("Error could not find the attachment thumbnail (ID: {$aid})"); } } // Transfer attachment $attachment_file = merge_fetch_remote_file($import_session['uploadspath'] . '/' . $data['id_attach'] . "_" . $data['file_hash']); if (!empty($attachment_file)) { $attachrs = @fopen($mybb->settings['uploadspath'] . '/' . $insert_data['attachname'], 'w'); if ($attachrs) { @fwrite($attachrs, $attachment_file); } else { $this->board->set_error_notice_in_progress("Error transfering the attachment (ID: {$aid})"); } @fclose($attachrs); @my_chmod($mybb->settings['uploadspath'] . '/' . $insert_data['attachname'], '0777'); } else { $this->board->set_error_notice_in_progress("Error could not find the attachment (ID: {$aid})"); } if (!$posthash) { // Restore connection $db->update_query("posts", array('posthash' => $insert_data['posthash']), "pid = '{$insert_data['pid']}'"); } $posthash = $this->get_import->post_attachment_details($data['id_msg']); $db->write_query("UPDATE " . TABLE_PREFIX . "threads SET attachmentcount = attachmentcount + 1 WHERE tid = '" . $posthash['tid'] . "'"); }
if (!$contents || !$latest_code) { $checks['version_check_status'] = '<span class="pass"><i>Unable to Check</i></span>'; $debug->log->warning("Unable to check version status against mybb.com version server"); } // Check upload directory is writable $attachmentswritable = @fopen(MYBB_ROOT . 'uploads/test.write', 'w'); if (!$attachmentswritable) { $errors['attachments_check'] = 'The attachments directory (/uploads/) is not writable. Please adjust the <a href="http://wiki.mybb.com/index.php/CHMOD%20Files" target="_blank">chmod</a> permissions to allow it to be written to.'; $checks['attachments_check_status'] = '<span class="fail"><strong>Not Writable</strong></span>'; @fclose($attachmentswritable); $debug->log->trace0("Attachments directory not writable"); } else { $checks['attachments_check_status'] = '<span class="pass">Writable</span>'; @fclose($attachmentswritable); @my_chmod(MYBB_ROOT . 'uploads', '0777'); @my_chmod(MYBB_ROOT . 'uploads/test.write', '0777'); @unlink(MYBB_ROOT . 'uploads/test.write'); $debug->log->trace0("Attachments directory writable"); } if (!empty($errors)) { $output->print_warning(error_list($errors), "The MyBB Merge System Requirements check failed:"); } echo '<p><div class="border_wrapper"> <div class="title">Requirements Check</div> <table class="general" cellspacing="0"> <thead> <tr> <th colspan="2" class="first last">Requirements</th> </tr> </thead> <tbody>
function after_insert($data, $insert_data, $aid) { global $mybb, $import_session; $thumb_not_exists = ""; if ($data['attach_thumb_location']) { // Transfer attachment thumbnail $data_thumbnail_file = merge_fetch_remote_file($import_session['uploadspath'] . '/' . $data['attach_thumb_location']); if (!empty($data_thumbnail_file)) { $attachrs = @fopen($mybb->settings['uploadspath'] . '/' . $insert_data['thumbnail'], 'w'); if ($attachrs) { @fwrite($attachrs, $data_thumbnail_file); } else { $this->board->set_error_notice_in_progress("Error transfering the attachment thumbnail (ID: {$aid})"); } @fclose($attachrs); @my_chmod($mybb->settings['uploadspath'] . '/' . $insert_data['thumbnail'], '0777'); } else { $this->board->set_error_notice_in_progress("Error could not find the attachment thumbnail (ID: {$aid})"); } } // Transfer attachment $data_file = merge_fetch_remote_file($import_session['uploadspath'] . '/' . $data['attach_location']); if (!empty($data_file)) { $attachrs = @fopen($mybb->settings['uploadspath'] . '/' . $insert_data['attachname'], 'w'); if ($attachrs) { @fwrite($attachrs, $data_file); } else { $this->board->set_error_notice_in_progress("Error transfering the attachment (ID: {$aid})"); } @fclose($attachrs); @my_chmod($mybb->settings['uploadspath'] . '/' . $insert_data['attachname'], '0777'); $attach_not_exists = ""; } else { $this->board->set_error_notice_in_progress("Error could not find the attachment (ID: {$aid})"); } }
function after_insert($data, $insert_data, $aid) { global $mybb, $db; if ($data['thumbnail']) { // Transfer attachment thumbnails $file = @fopen($mybb->settings['uploadspath'] . '/' . $insert_data['thumbnail'], 'w'); if ($file) { @fwrite($file, $data['thumbnail']); } else { $this->board->set_error_notice_in_progress("Error transfering the attachment thumbnail (ID: {$aid})"); } @fclose($file); @my_chmod($mybb->settings['uploadspath'] . '/' . $insert_data['thumbnail'], '0777'); } // Transfer attachments $file = @fopen($mybb->settings['uploadspath'] . '/' . $insert_data['attachname'], 'w'); if ($file) { @fwrite($file, $data['filedata']); } else { $this->board->set_error_notice_in_progress("Error transfering the attachment (ID: {$aid})"); } @fclose($file); @my_chmod($mybb->settings['uploadspath'] . '/' . $insert_data['attachname'], '0777'); if (!$posthash) { // Restore connection $db->update_query("posts", array('posthash' => $insert_data['posthash']), "pid = '{$insert_data['pid']}'"); } }
/** * Actually move a file to the uploads directory * * @param array The PHP $_FILE array for the file * @param string The path to save the file in * @param string The filename for the file (if blank, current is used) */ function upload_file($file, $path, $filename = "") { global $plugins; if (empty($file['name']) || $file['name'] == "none" || $file['size'] < 1) { $upload['error'] = 1; return $upload; } if (!$filename) { $filename = $file['name']; } $upload['original_filename'] = preg_replace("#/\$#", "", $file['name']); // Make the filename safe $upload['original_filename'] = utf8_handle_4byte_string($upload['original_filename']); $filename = preg_replace("#/\$#", "", $filename); // Make the filename safe $moved = @move_uploaded_file($file['tmp_name'], $path . "/" . $filename); if (!$moved) { $upload['error'] = 2; return $upload; } @my_chmod($path . "/" . $filename, '0644'); $upload['filename'] = $filename; $upload['path'] = $path; $upload['type'] = $file['type']; $upload['size'] = $file['size']; $upload = $plugins->run_hooks("upload_file_end", $upload); return $upload; }
function after_insert($data, $insert_data, $aid) { global $mybb, $db, $import_session; $thumb_not_exists = $error_notice = ""; if ($data['thumbnail']) { // Transfer attachment thumbnail $attachment_thumbnail_file = merge_fetch_remote_file($import_session['uploadspath'] . '/' . $insert_data['thumbnail']); if (!empty($attachment_thumbnail_file)) { $attachrs = @fopen($mybb->settings['uploadspath'] . '/' . $insert_data['thumbnail'], 'w'); if ($attachrs) { @fwrite($attachrs, $attachment_thumbnail_file); } else { $this->board->set_error_notice_in_progress("Error transfering the attachment thumbnail (ID: {$aid})"); } @fclose($attachrs); @my_chmod($mybb->settings['uploadspath'] . '/' . $insert_data['thumbnail'], '0777'); } else { $this->board->set_error_notice_in_progress("Error could not find the attachment thumbnail (ID: {$aid})"); } } // Transfer attachment $attachment_file = merge_fetch_remote_file($import_session['uploadspath'] . '/' . $data['attachname']); if (!empty($attachment_file)) { $attachrs = @fopen($mybb->settings['uploadspath'] . '/' . $insert_data['attachname'], 'w'); if ($attachrs) { @fwrite($attachrs, $attachment_file); @fclose($attachrs); } else { $this->board->set_error_notice_in_progress("Error transfering the attachment (ID: {$aid}), Uploads folder is not writable."); } @my_chmod($mybb->settings['uploadspath'] . '/' . $insert_data['attachname'], '0777'); } else { $this->board->set_error_notice_in_progress("Error could not find the attachment (ID: {$aid})"); } // Restore connection $query = $db->simple_select("posts", "message", "pid = '{$insert_data['pid']}'"); $message = $db->fetch_field($query, 'message'); $db->free_result($query); $message = str_replace('[attachment=' . $data['aid'] . ']', '[attachment=' . $aid . ']', $message); $db->update_query("posts", array('posthash' => $insert_data['posthash'], 'message' => $db->escape_string($message)), "pid = '{$insert_data['pid']}'"); }