/** * Move the data of a resource from one data location to another. * May be used by every module, provided it respects the naming rules described in the modules HOWTO * * @param string $module, The module codename * @param integer $resourceID The DB ID of the resource whose data we want to move * @param string $locationFrom The starting location, among the available RESOURCE_DATA_LOCATION * @param string $locationTo The ending location, among the available RESOURCE_DATA_LOCATION * @param boolean $copyOnly If set to true, the deletion from the originating tables and dirs won't occur * @return boolean true on success, false on failure * @access public * @static */ function moveResourceData($module, $resourceID, $locationFrom, $locationTo, $copyOnly = false) { //get all datas locations $locations = CMS_resource::getAllDataLocations(); if (!in_array($locationFrom, $locations)) { CMS_grandFather::raiseError("LocationFrom is not a valid location : " . $locationFrom); return false; } if (!in_array($locationTo, $locations)) { CMS_grandFather::raiseError("LocationTo is not a valid location : " . $locationTo); return false; } if (!sensitiveIO::IsPositiveInteger($resourceID)) { CMS_grandFather::raiseError("ResourceID must be a positive integer : " . $resourceID); return false; } //first move DB datas $tables_prefixes = array('mod_subobject_date_', 'mod_subobject_integer_', 'mod_subobject_string_', 'mod_subobject_text_'); foreach ($tables_prefixes as $table_prefix) { //delete all in the destination table and insert new ones if ($locationTo != RESOURCE_DATA_LOCATION_DEVNULL) { $sql = "\n\t\t\t\t\tdelete from\n\t\t\t\t\t\t" . $table_prefix . $locationTo . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectID='" . $resourceID . "'\n\t\t\t\t"; $q = new CMS_query($sql); $sql = "\n\t\t\t\t\treplace into\n\t\t\t\t\t\t" . $table_prefix . $locationTo . "\n\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t*\n\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t" . $table_prefix . $locationFrom . "\n\t\t\t\t\t\twhere\n\t\t\t\t\t\t\tobjectID='" . $resourceID . "'\n\t\t\t\t"; $q = new CMS_query($sql); } if (!$copyOnly) { //delete from the starting table $sql = "\n\t\t\t\t\tdelete from\n\t\t\t\t\t\t" . $table_prefix . $locationFrom . "\n\t\t\t\t\twhere\n\t\t\t\t\t\tobjectID='" . $resourceID . "'\n\t\t\t\t"; $q = new CMS_query($sql); } } //second, move the files $locationFromDir = new CMS_file(PATH_MODULES_FILES_FS . "/" . $module . "/" . $locationFrom, CMS_file::FILE_SYSTEM, CMS_file::TYPE_DIRECTORY); //cut here if the locationFromDir doesn't exists. That means the module doesn't have files if (!$locationFromDir->exists()) { return true; } if ($locationTo != RESOURCE_DATA_LOCATION_DEVNULL) { $locationToDir = new CMS_file(PATH_MODULES_FILES_FS . "/" . $module . "/" . $locationTo, CMS_file::FILE_SYSTEM, CMS_file::TYPE_DIRECTORY); //cut here if the locationToDir doesn't exists. if (!$locationToDir->exists()) { CMS_grandFather::raiseError("LocationToDir does not exists : " . PATH_MODULES_FILES_FS . "/" . $module . "/" . $locationTo); return false; } //delete all files of the locationToDir $files = glob(PATH_MODULES_FILES_FS . "/" . $module . "/" . $locationTo . '/r' . $resourceID . '_*', GLOB_NOSORT); if (is_array($files)) { foreach ($files as $file) { if (!CMS_file::deleteFile($file)) { $this->raiseError("Can't delete file " . $file); return false; } } } //then copy or move them to the locationToDir $files = glob(PATH_MODULES_FILES_FS . "/" . $module . "/" . $locationFrom . '/r' . $resourceID . '_*', GLOB_NOSORT); if (is_array($files)) { foreach ($files as $file) { $to = str_replace('/' . $locationFrom . '/', '/' . $locationTo . '/', $file); if ($copyOnly) { if (!CMS_file::copyTo($file, $to)) { $this->raiseError("Can't copy file " . $file . " to " . $to); return false; } } else { if (!CMS_file::moveTo($file, $to)) { $this->raiseError("Can't move file " . $file . " to " . $to); return false; } } //then chmod new file CMS_file::chmodFile(FILES_CHMOD, $to); } } } else { //then get all files of the locationFromDir $files = glob(PATH_MODULES_FILES_FS . "/" . $module . "/" . $locationFrom . '/r' . $resourceID . '_*', GLOB_NOSORT); if (is_array($files)) { foreach ($files as $file) { if (!CMS_file::deleteFile($file)) { $this->raiseError("Can't delete file " . $file); return false; } } } } return true; }
/** * Get datas vars from a form formatted by such a Automne.LinkField class * and build a CMS_href * * @param array $datas, the datas sent by the Automne.LinkField return * @param string $module, the module concerned by this link * @param integer $resourceID, ID to prepend the filename uploaded with * @param integer $fieldID, optional field ID to surcharge file name representation ("r".$resourceID."_f".$fieldID."_") * @return boolean true on success, false on failure * @access public */ function create($datas = '', $module = MOD_STANDARD_CODENAME, $resourceID, $fieldID = '') { $datas = explode($this->_href->getSeparator(), $datas); $linkLabel = isset($datas[7]) ? $datas[7] : ''; $linkType = isset($datas[0]) ? $datas[0] : ''; $internalLink = isset($datas[1]) ? $datas[1] : ''; $externalLink = isset($datas[2]) ? $datas[2] : ''; $this->_href->setLabel($linkLabel); $this->_href->setLinkType($linkType); $this->_href->setInternalLink($internalLink); $this->_href->setExternalLink($externalLink); // Delete/Upload file if (isset($datas[3])) { switch ($module) { case MOD_STANDARD_CODENAME: $locationType = RESOURCE_DATA_LOCATION_EDITION; $uniqueName = md5(serialize($this) . microtime()); $fileprefix = $fieldID ? 'p' . $resourceID . '_' . $uniqueName . "_f" . $fieldID : 'p' . $resourceID . '_' . $uniqueName; break; default: $locationType = RESOURCE_DATA_LOCATION_EDITED; $fileprefix = $fieldID ? 'r' . $resourceID . "_f" . $fieldID . "_" : 'r' . $resourceID . "_"; break; } if ($datas[3] && io::strpos($datas[3], PATH_UPLOAD_WR . '/') !== false) { //move and rename uploaded file $datas[3] = str_replace(PATH_UPLOAD_WR . '/', PATH_UPLOAD_FS . '/', $datas[3]); $basename = pathinfo($datas[3], PATHINFO_BASENAME); $path = $this->_href->getFileLink(true, $module, $locationType, PATH_RELATIVETO_FILESYSTEM, false); $newFilename = $path . '/' . $fileprefix . $basename; CMS_file::moveTo($datas[3], $newFilename); CMS_file::chmodFile(FILES_CHMOD, $newFilename); $datas[3] = pathinfo($newFilename, PATHINFO_BASENAME); //remove the old file if any if (is_file($this->_href->getFileLink(true, $module, $locationType, PATH_RELATIVETO_FILESYSTEM))) { if (!unlink($this->_href->getFileLink(true, $module, $locationType, PATH_RELATIVETO_FILESYSTEM))) { $this->raiseError("Could not delete old linked file"); } } } elseif ($datas[3]) { //keep old file $datas[3] = pathinfo($datas[3], PATHINFO_BASENAME); } else { $datas[3] = ''; //remove the old file if any if (is_file($this->_href->getFileLink(true, $module, $locationType, PATH_RELATIVETO_FILESYSTEM))) { if (!unlink($this->_href->getFileLink(true, $module, $locationType, PATH_RELATIVETO_FILESYSTEM))) { $this->raiseError("Could not delete old linked file"); } } } $this->_href->setFileLink($datas[3]); } elseif (is_file($this->_href->getFileLink(true, $module, $locationType, PATH_RELATIVETO_FILESYSTEM))) { //remove the old file if (!unlink($this->_href->getFileLink(true, $module, $locationType, PATH_RELATIVETO_FILESYSTEM))) { $this->raiseError("Could not delete old linked file"); } } // Target and Popup > (width, height) list($width, $height) = explode(',', $datas[6]); if (sensitiveIO::isPositiveInteger($width) && sensitiveIO::isPositiveInteger($height)) { $this->_href->setPopup($width, $height); } else { switch ($datas[4]) { case "_top": $this->_href->setTarget('_top'); $this->_href->setPopup('', ''); break; case "_blank": $this->_href->setTarget('_blank'); $this->_href->setPopup('', ''); break; } } return true; }
CMS_file::moveTo($filename, $newFilename); CMS_file::chmodFile(FILES_CHMOD, $newFilename); $data["file"] = pathinfo($newFilename, PATHINFO_BASENAME); } elseif ($filename) { //keep old file $data["file"] = pathinfo($filename, PATHINFO_BASENAME); } else { $data["file"] = ''; } //Image Zoom if ($zoomname && io::strpos($zoomname, PATH_UPLOAD_WR . '/') !== false) { //move and rename uploaded file $zoomname = str_replace(PATH_UPLOAD_WR . '/', PATH_UPLOAD_FS . '/', $zoomname); $basename = pathinfo($zoomname, PATHINFO_BASENAME); $newFilename = $cms_block->getFilePath($basename, $cms_page, $cs, $rowTag, $blockId, true); CMS_file::moveTo($zoomname, $newFilename); CMS_file::chmodFile(FILES_CHMOD, $newFilename); $data["enlargedFile"] = pathinfo($newFilename, PATHINFO_BASENAME); } elseif ($zoomname) { //keep old file $data["enlargedFile"] = pathinfo($zoomname, PATHINFO_BASENAME); } else { $data["enlargedFile"] = ''; } //Link $link = $old_data['externalLink'] ? new CMS_href($old_data['externalLink']) : new CMS_href(); $linkDialog = new CMS_dialog_href($link); $linkDialog->create($imagelink, MOD_STANDARD_CODENAME, $cms_page->getID()); $link = $linkDialog->getHref(); $data['externalLink'] = $link->getTextDefinition(); $cms_block->writeToPersistence($cms_page->getID(), $cs, $rowTag, RESOURCE_LOCATION_EDITION, false, $data);
/** * Move the data of a resource from one data location to another. * May be used by every module, provided it respects the naming rules described in the modules HOWTO * * @param CMS_module $module The module who want its data moved * @param string $tablesPrefix The prefix of the tables containing the data * @param string $resourceIDFieldName The name of the field containing the resource ID * @param integer $resourceID The DB ID of the resource whose data we want to move * @param string $locationFrom The starting location, among the available RESOURCE_DATA_LOCATION * @param string $locationTo The ending location, among the available RESOURCE_DATA_LOCATION * @param boolean $copyOnly If set to true, the deletion from the originating tables and dirs won't occur * @return boolean true on success, false on failure * @access public */ static function moveResourceData(&$module, $tablesPrefix, $resourceIDFieldName, $resourceID, $locationFrom, $locationTo, $copyOnly = false) { if (!is_a($module, "CMS_module")) { CMS_grandFather::raiseError("Module is not a CMS_module"); return false; } if (!SensitiveIO::isInSet($locationFrom, CMS_resource::getAllDataLocations()) || !SensitiveIO::isInSet($locationTo, CMS_resource::getAllDataLocations())) { CMS_grandFather::raiseError("Locations are not in the set"); return false; } //get the tables : named PREFIXXXXX_public $sql = "show tables"; $q = new CMS_query($sql); $tables_prefixes = array(); while ($data = $q->getArray()) { if (preg_match("#" . $tablesPrefix . "(.*)_public#", $data[0])) { $tables_prefixes[] = io::substr($data[0], 0, strrpos($data[0], "_") + 1); } } foreach ($tables_prefixes as $table_prefix) { //delete all in the destination table just incase and insert if ($locationTo != RESOURCE_DATA_LOCATION_DEVNULL) { $sql = "\n\t\t\t\t\tdelete from\n\t\t\t\t\t\t" . $table_prefix . $locationTo . "\n\t\t\t\t\twhere\n\t\t\t\t\t\t" . $resourceIDFieldName . "='" . $resourceID . "'\n\t\t\t\t"; $q = new CMS_query($sql); $sql = "\n\t\t\t\t\tinsert into\n\t\t\t\t\t\t" . $table_prefix . $locationTo . "\n\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t*\n\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t" . $table_prefix . $locationFrom . "\n\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t" . $resourceIDFieldName . "='" . $resourceID . "'\n\t\t\t\t"; $q = new CMS_query($sql); } if (!$copyOnly) { //delete from the starting table $sql = "\n\t\t\t\t\tdelete from\n\t\t\t\t\t\t" . $table_prefix . $locationFrom . "\n\t\t\t\t\twhere\n\t\t\t\t\t\t" . $resourceIDFieldName . "='" . $resourceID . "'\n\t\t\t\t"; $q = new CMS_query($sql); } } //second, move the files $locationFromDir = new CMS_file(PATH_MODULES_FILES_FS . "/" . $module->getCodename() . "/" . $locationFrom, CMS_file::FILE_SYSTEM, CMS_file::TYPE_DIRECTORY); //cut here if the locationFromDir doesn't exists. That means the module doesn't have files if (!$locationFromDir->exists()) { return true; } if ($locationTo != RESOURCE_DATA_LOCATION_DEVNULL) { $locationToDir = new CMS_file(PATH_MODULES_FILES_FS . "/" . $module->getCodename() . "/" . $locationTo, CMS_file::FILE_SYSTEM, CMS_file::TYPE_DIRECTORY); //cut here if the locationToDir doesn't exists. if (!$locationToDir->exists()) { CMS_grandFather::raiseError("LocationToDir does not exists : " . PATH_MODULES_FILES_FS . "/" . $module->getCodename() . "/" . $locationTo); return false; } //delete all files of the locationToDir $files = glob(PATH_MODULES_FILES_FS . "/" . $module->getCodename() . "/" . $locationTo . '/r' . $resourceID . '_*', GLOB_NOSORT); if (is_array($files)) { foreach ($files as $file) { if (!CMS_file::deleteFile($file)) { CMS_grandFather::raiseError("Can't delete file " . $file); return false; } } } //then copy or move them to the locationToDir $files = glob(PATH_MODULES_FILES_FS . "/" . $module->getCodename() . "/" . $locationFrom . '/r' . $resourceID . '_*', GLOB_NOSORT); if (is_array($files)) { foreach ($files as $file) { $to = str_replace('/' . $locationFrom . '/', '/' . $locationTo . '/', $file); if ($copyOnly) { if (!CMS_file::copyTo($file, $to)) { CMS_grandFather::raiseError("Can't copy file " . $file . " to " . $to); return false; } } else { if (!CMS_file::moveTo($file, $to)) { CMS_grandFather::raiseError("Can't move file " . $file . " to " . $to); return false; } } //then chmod new file CMS_file::chmodFile(FILES_CHMOD, $to); } } } //cleans the initial dir if not a copy if (!$copyOnly) { //then get all files of the locationFromDir $files = glob(PATH_MODULES_FILES_FS . "/" . $module->getCodename() . "/" . $locationFrom . '/r' . $resourceID . '_*', GLOB_NOSORT); if (is_array($files)) { foreach ($files as $file) { if (!CMS_file::deleteFile($file)) { CMS_grandFather::raiseError("Can't delete file " . $file); return false; } } } } return true; }
/** * Import module from given array datas * * @param array $data The module datas to import * @param array $params The import parameters. * array( * create => false|true : create missing objects (default : true) * update => false|true : update existing objects (default : true) * files => false|true : use files from PATH_TMP_FS (default : true) * ) * @param CMS_language $cms_language The CMS_langage to use * @param array $idsRelation : Reference : The relations between import datas ids and real imported ids * @param string $infos : Reference : The import infos returned * @return boolean : true on success, false on failure * @access public */ function fromArray($data, $params, $cms_language, &$idsRelation, &$infos) { if (!$this->getID()) { if (!isset($params['create']) || $params['create'] == true) { //if module does not exists yet, add codename and default admin frontend $this->setCodename($data['codename']); $this->setAdminFrontend('index.php'); } else { $infos .= 'Module does not exists and parameter does not allow to create it ...' . "\n"; return false; } } if (!$this->getID() && (!isset($params['create']) || $params['create'] == true) || $this->getID() && (!isset($params['update']) || $params['update'] == true)) { if (isset($data['labels'])) { //create labels $this->setLabel($cms_language->createMessage($this->_codename, $data['labels'])); } if (!$this->writeToPersistence()) { $infos .= 'Error writing module ...' . "\n"; return false; } elseif (isset($data['parameters']) && is_array($data['parameters']) && $data['parameters']) { //write module parameters $this->_hasParameters = 1; $filename = PATH_MODULES_FS . "/" . $this->_codename . "_rc.xml"; if (!file_exists($filename)) { $file = new CMS_file($filename); $file->writeToPersistence(true); } $this->setAndWriteParameters($data['parameters']); $this->writeToPersistence(); } } //append codename to parameters $params['module'] = $this->_codename; //add categories if (isset($data['categories']) && $data['categories']) { if (!CMS_moduleCategories_catalog::fromArray($data['categories'], $params, $cms_language, $idsRelation, $infos)) { $infos .= 'Error during categories import ...' . "\n"; return false; } } if (!isset($params['files']) || $params['files'] == true) { //add JS if (isset($data['js']) && $data['js']) { foreach ($data['js'] as $jsFile) { if ($jsFile && file_exists(PATH_TMP_FS . $jsFile)) { if (file_exists(PATH_REALROOT_FS . $jsFile) && (!isset($params['updateJs']) || $params['updateJs'] == true) || (!isset($params['create']) || $params['create'] == true)) { if (CMS_file::moveTo(PATH_TMP_FS . $jsFile, PATH_REALROOT_FS . $jsFile)) { CMS_file::chmodFile(FILES_CHMOD, PATH_REALROOT_FS . $jsFile); } else { $infos .= 'Error during copy of file ' . $jsFile . ' ...' . "\n"; } } } } } } if (!isset($params['files']) || $params['files'] == true) { //add CSS if (isset($data['css']) && $data['css']) { foreach ($data['css'] as $cssFile) { if ($cssFile && file_exists(PATH_TMP_FS . $cssFile)) { if (file_exists(PATH_REALROOT_FS . $cssFile) && (!isset($params['updateCss']) || $params['updateCss'] == true) || (!isset($params['create']) || $params['create'] == true)) { if (CMS_file::moveTo(PATH_TMP_FS . $cssFile, PATH_REALROOT_FS . $cssFile)) { CMS_file::chmodFile(FILES_CHMOD, PATH_REALROOT_FS . $cssFile); } else { $infos .= 'Error during copy of file ' . $cssFile . ' ...' . "\n"; } } } } } } if (!isset($params['files']) || $params['files'] == true) { //add IMG if (isset($data['img']) && $data['img']) { foreach ($data['img'] as $imgFile) { if ($imgFile && file_exists(PATH_TMP_FS . $imgFile)) { if (file_exists(PATH_REALROOT_FS . $imgFile) && (!isset($params['updateImg']) || $params['updateImg'] == true) || (!isset($params['create']) || $params['create'] == true)) { if (CMS_file::moveTo(PATH_TMP_FS . $imgFile, PATH_REALROOT_FS . $imgFile)) { CMS_file::chmodFile(FILES_CHMOD, PATH_REALROOT_FS . $imgFile); } else { $infos .= 'Error during copy of file ' . $imgFile . ' ...' . "\n"; } } } } } } if (!isset($params['files']) || $params['files'] == true) { //add rows if (isset($data['rows']) && $data['rows']) { if (!CMS_rowsCatalog::fromArray($data['rows'], $params, $cms_language, $idsRelation, $infos)) { $infos .= 'Error during rows import ...' . "\n"; return false; } } } return true; }
/** * set object Values * * @param array $values : the POST result values * @param string prefixname : the prefix used for post names * @param boolean newFormat : new automne v4 format (default false for compatibility) * @param integer $objectID : the current object id. Must be set, but default is blank for compatibility with other objects * @return boolean true on success, false on failure * @access public */ function setValues($values, $prefixName, $newFormat = false, $objectID = '') { if (!sensitiveIO::isPositiveInteger($objectID)) { $this->raiseError('ObjectID must be a positive integer : ' . $objectID); return false; } //get field parameters $params = $this->getParamsValues(); //get module codename $moduleCodename = CMS_poly_object_catalog::getModuleCodenameForField($this->_field->getID()); if ($newFormat) { //delete old images ? //thumbnail if ($this->_subfieldValues[0]->getValue() && (!$values[$prefixName . $this->_field->getID() . '_0'] || pathinfo($values[$prefixName . $this->_field->getID() . '_0'], PATHINFO_BASENAME) != $this->_subfieldValues[0]->getValue())) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[0]->getValue()); $this->_subfieldValues[0]->setValue(''); } //image zoom if ($this->_subfieldValues[2]->getValue() && (!isset($values[$prefixName . $this->_field->getID() . '_2']) || !$values[$prefixName . $this->_field->getID() . '_2'] || pathinfo($values[$prefixName . $this->_field->getID() . '_2'], PATHINFO_BASENAME) != $this->_subfieldValues[2]->getValue())) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[2]->getValue()); $this->_subfieldValues[2]->setValue(''); } //set label from label field if (!$this->_subfieldValues[1]->setValue(io::htmlspecialchars($values[$prefixName . $this->_field->getID() . '_1']))) { return false; } //image zoom (if needed) if ((!isset($values[$prefixName . $this->_field->getID() . '_makeZoom']) || $values[$prefixName . $this->_field->getID() . '_makeZoom'] != 1) && isset($values[$prefixName . $this->_field->getID() . '_2']) && $values[$prefixName . $this->_field->getID() . '_2'] && io::strpos($values[$prefixName . $this->_field->getID() . '_2'], PATH_UPLOAD_WR . '/') !== false) { $filename = $values[$prefixName . $this->_field->getID() . '_2']; //check for image type before doing anything if (!in_array(io::strtolower(pathinfo($filename, PATHINFO_EXTENSION)), $this->_allowedExtensions)) { return false; } //destroy old image if any if ($this->_subfieldValues[2]->getValue()) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[2]->getValue()); $this->_subfieldValues[2]->setValue(''); } //move and rename uploaded file $filename = str_replace(PATH_UPLOAD_WR . '/', PATH_UPLOAD_FS . '/', $filename); $basename = pathinfo($filename, PATHINFO_BASENAME); //set thumbnail $path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED; $zoomBasename = "r" . $objectID . "_" . $this->_field->getID() . "_" . io::strtolower(SensitiveIO::sanitizeAsciiString($basename)); if (io::strlen($zoomBasename) > 255) { $zoomBasename = sensitiveIO::ellipsis($zoomBasename, 255, '-', true); } $zoomFilename = $path . '/' . $zoomBasename; CMS_file::moveTo($filename, $zoomFilename); CMS_file::chmodFile(FILES_CHMOD, $zoomFilename); //set it if (!$this->_subfieldValues[2]->setValue($zoomBasename)) { return false; } } //thumbnail if ($values[$prefixName . $this->_field->getID() . '_0'] && io::strpos($values[$prefixName . $this->_field->getID() . '_0'], PATH_UPLOAD_WR . '/') !== false) { $filename = $values[$prefixName . $this->_field->getID() . '_0']; //check for image type before doing anything if (!in_array(io::strtolower(pathinfo($filename, PATHINFO_EXTENSION)), $this->_allowedExtensions)) { return false; } //destroy old image if any if ($this->_subfieldValues[0]->getValue()) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[0]->getValue()); $this->_subfieldValues[0]->setValue(''); } //move and rename uploaded file $filename = str_replace(PATH_UPLOAD_WR . '/', PATH_UPLOAD_FS . '/', $filename); $basename = pathinfo($filename, PATHINFO_BASENAME); //set thumbnail $path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED; $newBasename = "r" . $objectID . "_" . $this->_field->getID() . "_" . io::strtolower(SensitiveIO::sanitizeAsciiString($basename)); //rename image $path_parts = pathinfo($newBasename); $extension = io::strtolower($path_parts['extension']); $newBasename = io::substr($path_parts['basename'], 0, -(io::strlen($extension) + 1)) . '_thumbnail.' . $extension; if (io::strlen($newBasename) > 255) { $newBasename = sensitiveIO::ellipsis($newBasename, 255, '-', true); } $newFilename = $path . '/' . $newBasename; //move file from upload dir to new dir CMS_file::moveTo($filename, $newFilename); CMS_file::chmodFile(FILES_CHMOD, $newFilename); //if we use original image as image zoom, set it if (isset($values[$prefixName . $this->_field->getID() . '_makeZoom']) && $values[$prefixName . $this->_field->getID() . '_makeZoom'] == 1) { $zoomFilename = str_replace('_thumbnail.' . $extension, '.' . $extension, $newFilename); //copy image as zoom CMS_file::copyTo($newFilename, $zoomFilename); $zoomBasename = pathinfo($zoomFilename, PATHINFO_BASENAME); //set image zoom if (!$this->_subfieldValues[2]->setValue($zoomBasename)) { return false; } } //resize thumbnail if needed if ($params['maxWidth'] > 0 || $params['maxHeight'] > 0) { $oImage = new CMS_image($newFilename); //get current file size $sizeX = $oImage->getWidth(); $sizeY = $oImage->getHeight(); //check thumbnail size if ($params['maxWidth'] && $sizeX > $params['maxWidth'] || $params['maxHeight'] && $sizeY > $params['maxHeight']) { $newSizeX = $sizeX; $newSizeY = $sizeY; // Check width if ($params['maxWidth'] && $newSizeX > $params['maxWidth']) { $newSizeY = round($params['maxWidth'] * $newSizeY / $newSizeX); $newSizeX = $params['maxWidth']; } if ($params['maxHeight'] && $newSizeY > $params['maxHeight']) { $newSizeX = round($params['maxHeight'] * $newSizeX / $newSizeY); $newSizeY = $params['maxHeight']; } if (!$oImage->resize($newSizeX, $newSizeY, $newFilename)) { return false; } } } //set thumbnail if (!$this->_subfieldValues[0]->setValue($newBasename)) { return false; } } // If label not set yet, set it /*if(!$this->_subfieldValues[1]->getValue()){ if($this->_subfieldValues[0]->getValue()){ $this->_subfieldValues[1]->setValue($this->_subfieldValues[0]->getValue()); } }*/ //if we had an imagezoom, check his size if ($this->_subfieldValues[2]->getValue() && ($params['maxZoomWidth'] > 0 || $params['maxZoomHeight'] > 0)) { //resize zoom if needed $path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED; $basename = $this->_subfieldValues[2]->getValue(); $filename = $path . '/' . $basename; $extension = io::strtolower(pathinfo($basename, PATHINFO_EXTENSION)); $oImage = new CMS_image($filename); //get current file size $sizeX = $oImage->getWidth(); $sizeY = $oImage->getHeight(); //check zoom size if ($params['maxZoomWidth'] && $sizeX > $params['maxZoomWidth'] || $params['maxZoomHeight'] && $sizeY > $params['maxZoomHeight']) { $newSizeX = $sizeX; $newSizeY = $sizeY; // Check width if ($params['maxZoomWidth'] && $newSizeX > $params['maxZoomWidth']) { $newSizeY = round($params['maxZoomWidth'] * $newSizeY / $newSizeX); $newSizeX = $params['maxZoomWidth']; } if ($params['maxZoomHeight'] && $newSizeY > $params['maxZoomHeight']) { $newSizeX = round($params['maxZoomHeight'] * $newSizeX / $newSizeY); $newSizeY = $params['maxZoomHeight']; } if (!$oImage->resize($newSizeX, $newSizeY, $filename)) { return false; } } } //update files infos if needed if ($this->_subfieldValues[0]->getValue() && file_exists(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[0]->getValue())) { $file = new CMS_file(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[0]->getValue()); $imageDatas = array('filename' => $file->getName(false), 'filepath' => $file->getFilePath(CMS_file::WEBROOT), 'filesize' => $file->getFileSize(), 'fileicon' => $file->getFileIcon(CMS_file::WEBROOT), 'extension' => $file->getExtension()); } else { $imageDatas = array('filename' => '', 'filepath' => '', 'filesize' => '', 'fileicon' => '', 'extension' => ''); } $imageDatas['module'] = $moduleCodename; $imageDatas['visualisation'] = RESOURCE_DATA_LOCATION_EDITED; if ($params['useDistinctZoom'] || $this->_subfieldValues[2]->getValue()) { //update files infos if needed if ($this->_subfieldValues[2]->getValue() && file_exists(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[2]->getValue())) { $file = new CMS_file(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[2]->getValue()); $zoomDatas = array('filename' => $file->getName(false), 'filepath' => $file->getFilePath(CMS_file::WEBROOT), 'filesize' => $file->getFileSize(), 'fileicon' => $file->getFileIcon(CMS_file::WEBROOT), 'extension' => $file->getExtension()); } else { $zoomDatas = array('filename' => '', 'filepath' => '', 'filesize' => '', 'fileicon' => '', 'extension' => ''); } $zoomDatas['module'] = $moduleCodename; $zoomDatas['visualisation'] = RESOURCE_DATA_LOCATION_EDITED; } else { $zoomDatas = ''; } $content = array('datas' => array('polymodFieldsValue[' . $prefixName . $this->_field->getID() . '_0]' => $imageDatas, 'polymodFieldsValue[' . $prefixName . $this->_field->getID() . '_2]' => $zoomDatas, 'polymodFieldsValue[' . $prefixName . $this->_field->getID() . '_1]' => sensitiveIO::decodeEntities($this->_subfieldValues[1]->getValue()))); $view = CMS_view::getInstance(); $view->addContent($content); return true; } else { //Old format //delete old images ? if (isset($values[$prefixName . $this->_field->getID() . '_delete']) && $values[$prefixName . $this->_field->getID() . '_delete'] == 1) { if ($this->_subfieldValues[0]->getValue()) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[0]->getValue()); $this->_subfieldValues[0]->setValue(''); } elseif (isset($values[$prefixName . $this->_field->getID() . '_0_hidden']) && $values[$prefixName . $this->_field->getID() . '_0_hidden']) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $values[$prefixName . $this->_field->getID() . '_0_hidden']); $this->_subfieldValues[0]->setValue(''); } if ($this->_subfieldValues[2]->getValue()) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[2]->getValue()); $this->_subfieldValues[2]->setValue(''); } elseif (isset($values[$prefixName . $this->_field->getID() . '_2_hidden']) && $values[$prefixName . $this->_field->getID() . '_2_hidden']) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $values[$prefixName . $this->_field->getID() . '_2_hidden']); $this->_subfieldValues[2]->setValue(''); } } //set label from label field if (!$this->_subfieldValues[1]->setValue(io::htmlspecialchars(@$values[$prefixName . $this->_field->getID() . '_1']))) { return false; } //thumbnail if (isset($_FILES[$prefixName . $this->_field->getID() . '_0']) && $_FILES[$prefixName . $this->_field->getID() . '_0']['name'] && !$_FILES[$prefixName . $this->_field->getID() . '_0']['error']) { //check for image type before doing anything if (!in_array(io::strtolower(pathinfo($_FILES[$prefixName . $this->_field->getID() . '_0']["name"], PATHINFO_EXTENSION)), $this->_allowedExtensions)) { return false; } //set label as image name if none set /*if (!$values[$prefixName.$this->_field->getID().'_1']) { if (!$this->_subfieldValues[1]->setValue(io::htmlspecialchars($_FILES[$prefixName.$this->_field->getID().'_0']["name"]))) { return false; } }*/ //destroy all old images if any if ($this->_subfieldValues[0]->getValue()) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[0]->getValue()); $this->_subfieldValues[0]->setValue(''); } elseif (isset($values[$prefixName . $this->_field->getID() . '_0_hidden']) && $values[$prefixName . $this->_field->getID() . '_0_hidden']) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $values[$prefixName . $this->_field->getID() . '_0_hidden']); $this->_subfieldValues[0]->setValue(''); } if ($this->_subfieldValues[2]->getValue()) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[2]->getValue()); $this->_subfieldValues[2]->setValue(''); } elseif (isset($values[$prefixName . $this->_field->getID() . '_2_hidden']) && $values[$prefixName . $this->_field->getID() . '_2_hidden']) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $values[$prefixName . $this->_field->getID() . '_2_hidden']); $this->_subfieldValues[2]->setValue(''); } //set thumbnail (resize it if needed) //create thumbnail path $path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED; $filename = "r" . $objectID . "_" . $this->_field->getID() . "_" . io::strtolower(SensitiveIO::sanitizeAsciiString($_FILES[$prefixName . $this->_field->getID() . '_0']["name"])); if (io::strlen($filename) > 255) { $filename = sensitiveIO::ellipsis($filename, 255, '-', true); } //move uploaded file $fileDatas = CMS_file::uploadFile($prefixName . $this->_field->getID() . '_0', PATH_TMP_FS); if ($fileDatas['error']) { return false; } if (!CMS_file::moveTo(PATH_TMP_FS . '/' . $fileDatas['filename'], $path . "/" . $filename)) { return false; } if ($params['maxWidth'] > 0) { $oImage = new CMS_image($path . "/" . $filename); //get current file size $sizeX = $oImage->getWidth(); $sizeY = $oImage->getHeight(); //check thumbnail size if ($sizeX > $params['maxWidth'] || $sizeY > $params['maxHeight']) { $newSizeX = $sizeX; $newSizeY = $sizeY; // Check width if ($params['maxWidth'] && $newSizeX > $params['maxWidth']) { $newSizeY = round($params['maxWidth'] * $newSizeY / $newSizeX); $newSizeX = $params['maxWidth']; } if ($params['maxHeight'] && $newSizeY > $params['maxHeight']) { $newSizeX = round($params['maxHeight'] * $newSizeX / $newSizeY); $newSizeY = $params['maxHeight']; } //resize image $srcfilepath = $path . "/" . $filename; $path_parts = pathinfo($srcfilepath); $thumbnailFilename = io::substr($path_parts['basename'], 0, -(io::strlen($path_parts['extension']) + 1)) . '_thumbnail.' . $path_parts['extension']; $destfilepath = $path . "/" . $thumbnailFilename; $extension = io::strtolower($path_parts['extension']); if (!$oImage->resize($newSizeX, $newSizeY, $destfilepath)) { return false; } //if we use original image as image zoom, set it if ($values[$prefixName . $this->_field->getID() . '_makeZoom'] == 1) { //set image zoom if (!$this->_subfieldValues[2]->setValue($filename)) { return false; } } else { //destroy original image unlink($srcfilepath); } //set resized thumbnail if (!$this->_subfieldValues[0]->setValue($thumbnailFilename)) { return false; } } else { //no need to resize thumbnail (below the maximum width), so set it if (!$this->_subfieldValues[0]->setValue($filename)) { return false; } //if we use original image as image zoom, set it if ($values[$prefixName . $this->_field->getID() . '_makeZoom'] == 1) { //set image zoom if (!$this->_subfieldValues[2]->setValue($filename)) { return false; } } } } else { //no need to resize thumbnail, so set it if (!$this->_subfieldValues[0]->setValue($filename)) { return false; } //if we use original image as image zoom, set it if ($values[$prefixName . $this->_field->getID() . '_makeZoom'] == 1) { //set image zoom if (!$this->_subfieldValues[2]->setValue($filename)) { return false; } } } } elseif (isset($_FILES[$prefixName . $this->_field->getID() . '_0']) && $_FILES[$prefixName . $this->_field->getID() . '_0']['name'] && $_FILES[$prefixName . $this->_field->getID() . '_0']['error'] != 0) { return false; } elseif (isset($values[$prefixName . $this->_field->getID() . '_0_hidden']) && $values[$prefixName . $this->_field->getID() . '_0_hidden'] && (!isset($values[$prefixName . $this->_field->getID() . '_delete']) || $values[$prefixName . $this->_field->getID() . '_delete'] != 1)) { //set label as image name if none set if (!$this->_subfieldValues[0]->setValue($values[$prefixName . $this->_field->getID() . '_0_hidden'])) { return false; } } //image zoom (if needed) if (isset($values[$prefixName . $this->_field->getID() . '_makeZoom']) && $values[$prefixName . $this->_field->getID() . '_makeZoom'] != 1 && isset($_FILES[$prefixName . $this->_field->getID() . '_2']['name']) && $_FILES[$prefixName . $this->_field->getID() . '_2']['name'] && !$_FILES[$prefixName . $this->_field->getID() . '_2']['error']) { //check for image type before doing anything if (!in_array(io::strtolower(pathinfo($_FILES[$prefixName . $this->_field->getID() . '_2']["name"], PATHINFO_EXTENSION)), $this->_allowedExtensions)) { return false; } //create thumbnail path $path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED; $filename = "r" . $objectID . "_" . $this->_field->getID() . "_" . io::strtolower(SensitiveIO::sanitizeAsciiString($_FILES[$prefixName . $this->_field->getID() . '_2']["name"])); if (io::strlen($filename) > 255) { $filename = sensitiveIO::ellipsis($filename, 255, '-', true); } //move uploaded file $fileDatas = CMS_file::uploadFile($prefixName . $this->_field->getID() . '_2', PATH_TMP_FS); if ($fileDatas['error']) { return false; } if (!CMS_file::moveTo(PATH_TMP_FS . '/' . $fileDatas['filename'], $path . "/" . $filename)) { return false; } //set it if (!$this->_subfieldValues[2]->setValue($filename)) { return false; } } elseif (isset($_FILES[$prefixName . $this->_field->getID() . '_2']) && $_FILES[$prefixName . $this->_field->getID() . '_2']['name'] && $_FILES[$prefixName . $this->_field->getID() . '_2']['error'] != 0) { return false; } elseif (isset($values[$prefixName . $this->_field->getID() . '_2_hidden']) && $values[$prefixName . $this->_field->getID() . '_2_hidden'] && (!isset($values[$prefixName . $this->_field->getID() . '_delete']) || $values[$prefixName . $this->_field->getID() . '_delete'] != 1)) { if (!$this->_subfieldValues[2]->setValue($values[$prefixName . $this->_field->getID() . '_2_hidden'])) { return false; } } return true; } }
} if (!$cms_message) { //description $template->setDescription($description); //remove the old file if any and if new one is different if ($image) { if (is_file(PATH_TEMPLATES_IMAGES_FS . '/' . $template->getImage()) && $image != PATH_TEMPLATES_IMAGES_WR . '/' . $template->getImage() && $template->getImage() != 'nopicto.gif') { unlink(PATH_TEMPLATES_IMAGES_FS . '/' . $template->getImage()); } } if ($image && io::strpos($image, PATH_UPLOAD_WR . '/') !== false) { //move and rename uploaded file $image = str_replace(PATH_UPLOAD_WR . '/', PATH_UPLOAD_FS . '/', $image); $basename = pathinfo($image, PATHINFO_BASENAME); $movedImage = PATH_TEMPLATES_IMAGES_FS . '/' . SensitiveIO::sanitizeAsciiString($basename); CMS_file::moveTo($image, $movedImage); CMS_file::chmodFile(FILES_CHMOD, $movedImage); $image = pathinfo($movedImage, PATHINFO_BASENAME); } elseif ($template->getImage()) { //keep old file $image = $template->getImage(); } else { $image = 'nopicto.gif'; } $template->setImage($image); //groups $template->delAllGroups(); foreach ($groups as $group) { $template->addGroup($group); } if ($newgroups) {
/** * Proceed to file upload * * @return boolean true if file upload successfully done, false otherwise * @access public */ function doUpload() { if ($this->ready()) { if ($this->_checkDestinationPath()) { // Check file size and server max uploading file size if ($this->inputFileTooWide()) { $this->raiseError("File too wide for server (" . $this->getInputValue("name") . "), upload failed"); return false; } //move uploaded file $fileDatas = CMS_file::uploadFile($this->getInputValue("tmp_name"), PATH_TMP_FS); if ($fileDatas['error']) { $this->raiseError("Move uploaded file " . $this->getInputValue("tmp_name") . " to " . $this->_pathes["destination"] . " failed"); return false; } if (!CMS_file::moveTo(PATH_TMP_FS . '/' . $fileDatas['filename'], $this->_pathes["destination"])) { $this->raiseError("Move uploaded file " . $this->getInputValue("tmp_name") . " to " . $this->_pathes["destination"] . " failed"); return false; } $this->file = new CMS_file($this->_pathes["destination"]); return $this->file->chmod(FILES_CHMOD); } else { return false; } } return true; }
/** * Import row from given array datas * * @param array $data The module datas to import * @param array $params The import parameters. * array( * module => false|true : the module to create categories (required) * create => false|true : create missing objects (default : true) * update => false|true : update existing objects (default : true) * files => false|true : use files from PATH_TMP_FS (default : true) * ) * @param CMS_language $cms_language The CMS_langage to use * @param array $idsRelation : Reference : The relations between import datas ids and real imported ids * @param string $infos : Reference : The import infos returned * @return boolean : true on success, false on failure * @access public */ function fromArray($data, $params, $cms_language, &$idsRelation, &$infos) { if (!isset($params['module'])) { $infos .= 'Error : missing module codename for categories importation ...' . "\n"; return false; } $module = CMS_modulesCatalog::getByCodename($params['module']); if ($module->hasError()) { $infos .= 'Error : invalid module for categories importation : ' . $params['module'] . "\n"; return false; } if (!$this->getID() && CMS_moduleCategories_catalog::uuidExists($data['uuid'])) { //check imported uuid. If categories does not have an Id, the uuid must be unique or must be regenerated $uuid = io::uuid(); //store old uuid relation $idsRelation['categories-uuid'][$data['uuid']] = $uuid; $data['uuid'] = $uuid; } //set category uuid if not exists if (!$this->_uuid) { $this->_uuid = $data['uuid']; } if (!isset($params['files']) || $params['files'] == true) { if (isset($data['icon'])) { $icon = $data['icon']; if ($icon && file_exists(PATH_TMP_FS . $icon)) { //destroy old file if any if ($this->getIconPath(false, PATH_RELATIVETO_WEBROOT, true)) { @unlink($this->getIconPath(true, PATH_RELATIVETO_FILESYSTEM, true)); $this->setAttribute('icon', ''); } //move and rename uploaded file $filename = PATH_TMP_FS . $icon; $basename = pathinfo($filename, PATHINFO_BASENAME); if (!$this->getID()) { //need item ID $this->writeToPersistence(); } //create file path $path = $this->getIconPath(true, PATH_RELATIVETO_FILESYSTEM, false) . '/'; $extension = pathinfo($icon, PATHINFO_EXTENSION); $newBasename = "cat-" . $this->getID() . "-icon." . $extension; $newFilename = $path . '/' . $newBasename; if (CMS_file::moveTo($filename, $newFilename)) { CMS_file::chmodFile(FILES_CHMOD, $newFilename); //set it $this->setAttribute('icon', $newBasename); } } elseif (!$icon) { //destroy old file if any if ($this->getIconPath(false, PATH_RELATIVETO_WEBROOT, true)) { @unlink($this->getIconPath(true, PATH_RELATIVETO_FILESYSTEM, true)); $this->setAttribute('icon', ''); } } } } if (isset($data['labels'])) { foreach ($data['labels'] as $language => $label) { $this->setLabel($label, $language); } } if (isset($data['descriptions'])) { foreach ($data['descriptions'] as $language => $desc) { $this->setDescription($desc, $language); } } if (!isset($params['files']) || $params['files'] == true) { if (isset($data['files']) && is_array($data['files'])) { foreach ($data['files'] as $language => $file) { if ($file && file_exists(PATH_TMP_FS . $file)) { //destroy old file if any if ($this->getFilePath($language, false, PATH_RELATIVETO_WEBROOT, true)) { @unlink($this->getFilePath($language, true, PATH_RELATIVETO_FILESYSTEM, true)); $this->setFile('', $language); } //move and rename uploaded file $filename = PATH_TMP_FS . $file; $basename = pathinfo($filename, PATHINFO_BASENAME); if (!$this->getID()) { //need item ID $this->writeToPersistence(); } //create file path $path = $this->getFilePath($language, true, PATH_RELATIVETO_FILESYSTEM, false) . '/'; $extension = pathinfo($file, PATHINFO_EXTENSION); $newBasename = "cat-" . $this->getID() . "-file-" . $language . "." . $extension; $newFilename = $path . '/' . $newBasename; if (CMS_file::moveTo($filename, $newFilename)) { CMS_file::chmodFile(FILES_CHMOD, $newFilename); //set it $this->setFile($newBasename, $language); } } elseif (!$file) { //destroy old file if any if ($this->getFilePath($language, false, PATH_RELATIVETO_WEBROOT, true)) { @unlink($this->getFilePath($language, true, PATH_RELATIVETO_FILESYSTEM, true)); $this->setFile('', $language); } } } } } //write object if (!$this->writeToPersistence()) { $infos .= 'Error : can not write category ...' . "\n"; return false; } //if current category id has changed from imported id, set relation if (isset($data['id']) && $data['id'] && $this->getID() != $data['id']) { $idsRelation['categories'][$data['id']] = $this->getID(); if (isset($data['uuid']) && $data['uuid']) { $idsRelation['categories'][$data['uuid']] = $this->getID(); } } //set category order if (isset($data['order']) && $data['order']) { CMS_moduleCategories_catalog::moveCategoryIndex($this, $data['order']); } //set categories childs if (isset($data['childs']) && $data['childs']) { return CMS_moduleCategories_catalog::fromArray($data['childs'], $params, $cms_language, $idsRelation, $infos); } return true; }
/** * set object Values * * @param array $values : the POST result values * @param string prefixname : the prefix used for post names * @param boolean newFormat : new automne v4 format (default false for compatibility) * @param integer $objectID : the current object id. Must be set, but default is blank for compatibility with other objects * @return boolean true on success, false on failure * @access public */ function setValues($values, $prefixName, $newFormat = false, $objectID = '') { if (!sensitiveIO::isPositiveInteger($objectID)) { $this->raiseError('ObjectID must be a positive integer : ' . $objectID); return false; } //get field parameters $params = $this->getParamsValues(); //get module codename $moduleCodename = CMS_poly_object_catalog::getModuleCodenameForField($this->_field->getID()); if ($newFormat) { //delete old files ? //thumbnail if ($this->_subfieldValues[1]->getValue() && (!$values[$prefixName . $this->_field->getID() . '_1'] || pathinfo($values[$prefixName . $this->_field->getID() . '_1'], PATHINFO_BASENAME) != $this->_subfieldValues[1]->getValue())) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[1]->getValue()); $this->_subfieldValues[1]->setValue(''); } //file if ($this->_subfieldValues[4]->getValue() && (!$values[$prefixName . $this->_field->getID() . '_4'] || pathinfo($values[$prefixName . $this->_field->getID() . '_4'], PATHINFO_BASENAME) != $this->_subfieldValues[4]->getValue())) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[4]->getValue()); $this->_subfieldValues[4]->setValue(''); //reset filesize if (!$this->_subfieldValues[2]->setValue(0)) { return false; } } if (!(isset($values[$prefixName . $this->_field->getID() . '_0']) && $this->_subfieldValues[0]->setValue(io::htmlspecialchars($values[$prefixName . $this->_field->getID() . '_0'])))) { return false; } //thumbnail if (isset($values[$prefixName . $this->_field->getID() . '_1']) && $values[$prefixName . $this->_field->getID() . '_1'] && io::strpos($values[$prefixName . $this->_field->getID() . '_1'], PATH_UPLOAD_WR . '/') !== false) { $filename = $values[$prefixName . $this->_field->getID() . '_1']; //check for image type before doing anything if (!in_array(io::strtolower(pathinfo($filename, PATHINFO_EXTENSION)), $this->_allowedExtensions)) { return false; } //destroy old image if any if ($this->_subfieldValues[1]->getValue()) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[1]->getValue()); $this->_subfieldValues[1]->setValue(''); } //move and rename uploaded file $filename = str_replace(PATH_UPLOAD_WR . '/', PATH_UPLOAD_FS . '/', $filename); $basename = pathinfo($filename, PATHINFO_BASENAME); //set thumbnail $path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED; $newBasename = "r" . $objectID . "_" . $this->_field->getID() . "_" . io::strtolower(SensitiveIO::sanitizeAsciiString($basename)); //rename image $path_parts = pathinfo($newBasename); $extension = io::strtolower($path_parts['extension']); $newBasename = io::substr($path_parts['basename'], 0, -(io::strlen($extension) + 1)) . '_thumbnail.' . $extension; if (io::strlen($newBasename) > 255) { $newBasename = sensitiveIO::ellipsis($newBasename, 255, '-', true); } $newFilename = $path . '/' . $newBasename; //move file from upload dir to new dir CMS_file::moveTo($filename, $newFilename); CMS_file::chmodFile(FILES_CHMOD, $newFilename); //resize thumbnail if needed if ($params['thumbMaxWidth'] > 0 || $params['thumbMaxHeight'] > 0) { $oImage = new CMS_image($newFilename); //get current file size $sizeX = $oImage->getWidth(); $sizeY = $oImage->getHeight(); //check thumbnail size list($sizeX, $sizeY) = @getimagesize($newFilename); if ($params['thumbMaxWidth'] && $sizeX > $params['thumbMaxWidth'] || $params['thumbMaxHeight'] && $sizeY > $params['thumbMaxHeight']) { $newSizeX = $sizeX; $newSizeY = $sizeY; // Check width if ($params['thumbMaxWidth'] && $newSizeX > $params['thumbMaxWidth']) { $newSizeY = round($params['thumbMaxWidth'] * $newSizeY / $newSizeX); $newSizeX = $params['thumbMaxWidth']; } if ($params['thumbMaxHeight'] && $newSizeY > $params['thumbMaxHeight']) { $newSizeX = round($params['thumbMaxHeight'] * $newSizeX / $newSizeY); $newSizeY = $params['thumbMaxHeight']; } if (!$oImage->resize($newSizeX, $newSizeY, $newFilename)) { return false; } } } //set thumbnail if (!$this->_subfieldValues[1]->setValue($newBasename)) { return false; } } //File //1- from external location if (isset($values[$prefixName . $this->_field->getID() . '_externalfile']) && $values[$prefixName . $this->_field->getID() . '_externalfile']) { //from FTP directory $filename = $values[$prefixName . $this->_field->getID() . '_externalfile']; //check file extension if ($params['allowedType'] || $params['disallowedType']) { $extension = io::strtolower(pathinfo($filename, PATHINFO_EXTENSION)); if (!$extension) { return false; } //extension must be in allowed list if ($params['allowedType'] && !in_array($extension, explode(',', io::strtolower($params['allowedType'])))) { return false; } //extension must not be in disallowed list if ($params['disallowedType'] && in_array($extension, explode(',', io::strtolower($params['disallowedType'])))) { return false; } } //destroy old file if any if ($this->_subfieldValues[4]->getValue()) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[4]->getValue()); $this->_subfieldValues[4]->setValue(''); } $new_filename = 'r' . $objectID . "_" . $this->_field->getID() . "_" . io::strtolower(SensitiveIO::sanitizeAsciiString($filename)); if (io::strlen($new_filename) > 255) { $new_filename = sensitiveIO::ellipsis($new_filename, 255, '-', true); } $destination_path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/'; $ftp_dir = PATH_REALROOT_FS . $params['ftpDir']; if (@file_exists($ftp_dir . $filename) && is_file($ftp_dir . $filename)) { if (CMS_file::moveTo($ftp_dir . $filename, $destination_path . '/' . $new_filename)) { CMS_file::chmodFile(FILES_CHMOD, $destination_path . '/' . $new_filename); //set label as file name if none set if (!$values[$prefixName . $this->_field->getID() . '_0']) { if (!$this->_subfieldValues[0]->setValue(io::htmlspecialchars($filename))) { return false; } } //set it if (!$this->_subfieldValues[4]->setValue($new_filename)) { return false; } //and set filesize $filesize = @filesize($destination_path . '/' . $new_filename); if ($filesize !== false && $filesize > 0) { //convert in MB $filesize = round($filesize / 1048576, 2); } else { $filesize = '0'; } if (!$this->_subfieldValues[2]->setValue($filesize)) { return false; } //set file type if (!$this->_subfieldValues[3]->setValue(self::OBJECT_FILE_TYPE_INTERNAL)) { return false; } } else { return false; } } else { return false; } } else { //2- from post if ($values[$prefixName . $this->_field->getID() . '_4'] && io::strpos($values[$prefixName . $this->_field->getID() . '_4'], PATH_UPLOAD_WR . '/') !== false) { //check file extension if ($params['allowedType'] || $params['disallowedType']) { $extension = io::strtolower(pathinfo($values[$prefixName . $this->_field->getID() . '_4'], PATHINFO_EXTENSION)); if (!$extension) { return false; } //extension must be in allowed list if ($params['allowedType'] && !in_array($extension, explode(',', io::strtolower($params['allowedType'])))) { return false; } //extension must not be in disallowed list if ($params['disallowedType'] && in_array($extension, explode(',', io::strtolower($params['disallowedType'])))) { return false; } } //set file type if (!$this->_subfieldValues[3]->setValue(self::OBJECT_FILE_TYPE_INTERNAL)) { return false; } //destroy old file if any if ($this->_subfieldValues[4]->getValue()) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[4]->getValue()); $this->_subfieldValues[4]->setValue(''); } //move and rename uploaded file $filename = str_replace(PATH_UPLOAD_WR . '/', PATH_UPLOAD_FS . '/', $values[$prefixName . $this->_field->getID() . '_4']); $basename = pathinfo($filename, PATHINFO_BASENAME); //create file path $path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED; $newBasename = "r" . $objectID . "_" . $this->_field->getID() . "_" . io::strtolower(SensitiveIO::sanitizeAsciiString($basename)); if (io::strlen($newBasename) > 255) { $newBasename = sensitiveIO::ellipsis($newBasename, 255, '-', true); } $newFilename = $path . '/' . $newBasename; if (!CMS_file::moveTo($filename, $newFilename)) { return false; } CMS_file::chmodFile(FILES_CHMOD, $newFilename); //set it if (!$this->_subfieldValues[4]->setValue($newBasename)) { return false; } //and set filesize $filesize = @filesize($newFilename); if ($filesize !== false && $filesize > 0) { //convert in MB $filesize = round($filesize / 1048576, 2); } else { $filesize = '0'; } if (!$this->_subfieldValues[2]->setValue($filesize)) { return false; } } } // If label not set yet, set it if (!$this->_subfieldValues[0]->getValue()) { if ($this->_subfieldValues[4]->getValue()) { $this->_subfieldValues[0]->setValue($this->_subfieldValues[4]->getValue()); } } //update files infos if needed if ($this->_subfieldValues[1]->getValue() && file_exists(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[1]->getValue())) { $file = new CMS_file(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[1]->getValue()); $imageDatas = array('filename' => $file->getName(false), 'filepath' => $file->getFilePath(CMS_file::WEBROOT), 'filesize' => $file->getFileSize(), 'fileicon' => $file->getFileIcon(CMS_file::WEBROOT), 'extension' => $file->getExtension()); } else { $imageDatas = array('filename' => '', 'filepath' => '', 'filesize' => '', 'fileicon' => '', 'extension' => ''); } //update files infos if needed if ($this->_subfieldValues[4]->getValue() && file_exists(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[4]->getValue())) { $file = new CMS_file(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[4]->getValue()); $fileDatas = array('filename' => $file->getName(false), 'filepath' => $file->getFilePath(CMS_file::WEBROOT), 'filesize' => $file->getFileSize(), 'fileicon' => $file->getFileIcon(CMS_file::WEBROOT), 'extension' => $file->getExtension()); } else { $fileDatas = array('filename' => '', 'filepath' => '', 'filesize' => '', 'fileicon' => '', 'extension' => ''); } $imageDatas['module'] = $fileDatas['module'] = $moduleCodename; $imageDatas['visualisation'] = $fileDatas['visualisation'] = RESOURCE_DATA_LOCATION_EDITED; $content = array('datas' => array('polymodFieldsValue[' . $prefixName . $this->_field->getID() . '_1]' => $imageDatas, 'polymodFieldsValue[' . $prefixName . $this->_field->getID() . '_4]' => $fileDatas, 'polymodFieldsValue[' . $prefixName . $this->_field->getID() . '_externalfile]' => '', 'polymodFieldsValue[' . $prefixName . $this->_field->getID() . '_0]' => sensitiveIO::decodeEntities($this->_subfieldValues[0]->getValue()))); $view = CMS_view::getInstance(); $view->addContent($content); return true; } else { //Old format //delete old files ? if (isset($values[$prefixName . $this->_field->getID() . '_delete']) && $values[$prefixName . $this->_field->getID() . '_delete'] == 1) { //thumbnail if ($this->_subfieldValues[1]->getValue()) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[1]->getValue()); $this->_subfieldValues[1]->setValue(''); } elseif ($values[$prefixName . $this->_field->getID() . '_1_hidden']) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $values[$prefixName . $this->_field->getID() . '_1_hidden']); $this->_subfieldValues[1]->setValue(''); } //file if ($this->_subfieldValues[4]->getValue()) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[4]->getValue()); $this->_subfieldValues[4]->setValue(''); } elseif ($values[$prefixName . $this->_field->getID() . '_4_hidden']) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $values[$prefixName . $this->_field->getID() . '_4_hidden']); $this->_subfieldValues[4]->setValue(''); } //reset filesize if (!$this->_subfieldValues[2]->setValue(0)) { return false; } } if (!(isset($values[$prefixName . $this->_field->getID() . '_0']) && $this->_subfieldValues[0]->setValue(io::htmlspecialchars($values[$prefixName . $this->_field->getID() . '_0'])))) { return false; } //thumbnail if (isset($_FILES[$prefixName . $this->_field->getID() . '_1']) && $_FILES[$prefixName . $this->_field->getID() . '_1']['name'] && !$_FILES[$prefixName . $this->_field->getID() . '_1']['error']) { //check for image type before doing anything if (!in_array(io::strtolower(pathinfo($_FILES[$prefixName . $this->_field->getID() . '_1']["name"], PATHINFO_EXTENSION)), $this->_allowedExtensions)) { return false; } //destroy old image if any if ($this->_subfieldValues[1]->getValue()) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[1]->getValue()); $this->_subfieldValues[1]->setValue(''); } elseif ($values[$prefixName . $this->_field->getID() . '_1_hidden']) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $values[$prefixName . $this->_field->getID() . '_1_hidden']); $this->_subfieldValues[1]->setValue(''); } //set thumbnail (resize it if needed) //create thumbnail path $path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED; $filename = "r" . $objectID . "_" . $this->_field->getID() . "_" . io::strtolower(SensitiveIO::sanitizeAsciiString($_FILES[$prefixName . $this->_field->getID() . '_1']["name"])); if (io::strlen($filename) > 255) { $filename = sensitiveIO::ellipsis($filename, 255, '-', true); } //move uploaded file $fileDatas = CMS_file::uploadFile($prefixName . $this->_field->getID() . '_1', PATH_TMP_FS); if ($fileDatas['error']) { return false; } if (!CMS_file::moveTo(PATH_TMP_FS . '/' . $fileDatas['filename'], $path . "/" . $filename)) { return false; } if ($params['thumbMaxWidth'] > 0 || $params['thumbMaxHeight'] > 0) { $oImage = new CMS_image($path . "/" . $filename); //get current file size $sizeX = $oImage->getWidth(); $sizeY = $oImage->getHeight(); //check thumbnail size if ($sizeX > $params['thumbMaxWidth'] || $sizeX > $params['thumbMaxHeight']) { $newSizeX = $sizeX; $newSizeY = $sizeY; // Check width if ($params['thumbMaxWidth'] && $newSizeX > $params['thumbMaxWidth']) { $newSizeY = round($params['thumbMaxWidth'] * $newSizeY / $newSizeX); $newSizeX = $params['thumbMaxWidth']; } if ($params['thumbMaxHeight'] && $newSizeY > $params['thumbMaxHeight']) { $newSizeX = round($params['thumbMaxHeight'] * $newSizeX / $newSizeY); $newSizeY = $params['thumbMaxHeight']; } //resize image $srcfilepath = $path . "/" . $filename; $path_parts = pathinfo($srcfilepath); $thumbnailFilename = io::substr($path_parts['basename'], 0, -(io::strlen($path_parts['extension']) + 1)) . '.png'; $destfilepath = $path . "/" . $thumbnailFilename; if (!$oImage->resize($newSizeX, $newSizeY, $destfilepath)) { return false; } //destroy original image @unlink($srcfilepath); //set resized thumbnail if (!$this->_subfieldValues[1]->setValue($thumbnailFilename)) { return false; } } else { //no need to resize thumbnail (below the maximum width), so set it if (!$this->_subfieldValues[1]->setValue($filename)) { return false; } } } else { //no need to resize thumbnail (no size limit), so set it if (!$this->_subfieldValues[1]->setValue($filename)) { return false; } } } elseif (isset($_FILES[$prefixName . $this->_field->getID() . '_1']) && $_FILES[$prefixName . $this->_field->getID() . '_1']['name'] && $_FILES[$prefixName . $this->_field->getID() . '_1']['error'] != 0) { return false; } elseif (isset($values[$prefixName . $this->_field->getID() . '_1_hidden']) && $values[$prefixName . $this->_field->getID() . '_1_hidden'] && $values[$prefixName . $this->_field->getID() . '_delete'] != 1) { if (!$this->_subfieldValues[1]->setValue($values[$prefixName . $this->_field->getID() . '_1_hidden'])) { return false; } } //File //1- from external location if (isset($values[$prefixName . $this->_field->getID() . '_externalfile']) && $values[$prefixName . $this->_field->getID() . '_externalfile']) { //destroy old file if any if ($this->_subfieldValues[4]->getValue()) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[4]->getValue()); $this->_subfieldValues[4]->setValue(''); } elseif ($values[$prefixName . $this->_field->getID() . '_4_hidden']) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $values[$prefixName . $this->_field->getID() . '_4_hidden']); $this->_subfieldValues[4]->setValue(''); } //from FTP directory $filename = $values[$prefixName . $this->_field->getID() . '_externalfile']; //io::substr($values[$prefixName.$this->_field->getID().'_externalfile'], 1); //check file extension if ($params['allowedType'] || $params['disallowedType']) { $extension = io::strtolower(pathinfo($filename, PATHINFO_EXTENSION)); if (!$extension) { return false; } //extension must be in allowed list if ($params['allowedType'] && !in_array($extension, explode(',', io::strtolower($params['allowedType'])))) { return false; } //extension must not be in disallowed list if ($params['disallowedType'] && in_array($extension, explode(',', io::strtolower($params['disallowedType'])))) { return false; } } $new_filename = 'r' . $objectID . "_" . $this->_field->getID() . "_" . io::strtolower(SensitiveIO::sanitizeAsciiString($filename)); if (io::strlen($new_filename) > 255) { $new_filename = sensitiveIO::ellipsis($new_filename, 255, '-', true); } $destination_path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/'; $ftp_dir = PATH_REALROOT_FS . $params['ftpDir']; if (@file_exists($ftp_dir . $filename) && is_file($ftp_dir . $filename)) { if (@copy($ftp_dir . $filename, $destination_path . '/' . $new_filename)) { @chmod($destination_path . '/' . $new_filename, octdec(FILES_CHMOD)); //set label as file name if none set if (!$values[$prefixName . $this->_field->getID() . '_0']) { if (!$this->_subfieldValues[0]->setValue(io::htmlspecialchars($filename))) { return false; } } //set it if (!$this->_subfieldValues[4]->setValue($new_filename)) { return false; } //and set filesize $filesize = @filesize($destination_path . '/' . $new_filename); if ($filesize !== false && $filesize > 0) { //convert in MB $filesize = round($filesize / 1048576, 2); } else { $filesize = '0'; } if (!$this->_subfieldValues[2]->setValue($filesize)) { return false; } //set file type if (!$this->_subfieldValues[3]->setValue(self::OBJECT_FILE_TYPE_INTERNAL)) { return false; } } else { return false; } } else { return false; } } else { //2- from post if (isset($_FILES[$prefixName . $this->_field->getID() . '_4']) && $_FILES[$prefixName . $this->_field->getID() . '_4']['name'] && !$_FILES[$prefixName . $this->_field->getID() . '_4']['error']) { //check file extension if ($params['allowedType'] || $params['disallowedType']) { $extension = io::strtolower(pathinfo($_FILES[$prefixName . $this->_field->getID() . '_4']['name'], PATHINFO_EXTENSION)); if (!$extension) { return false; } //extension must be in allowed list if ($params['allowedType'] && !in_array($extension, explode(',', io::strtolower($params['allowedType'])))) { return false; } //extension must not be in disallowed list if ($params['disallowedType'] && in_array($extension, explode(',', io::strtolower($params['disallowedType'])))) { return false; } } //set label as image name if none set if (!$values[$prefixName . $this->_field->getID() . '_0']) { if (!$this->_subfieldValues[0]->setValue(io::htmlspecialchars($_FILES[$prefixName . $this->_field->getID() . '_4']["name"]))) { return false; } } //set file type if (!$this->_subfieldValues[3]->setValue(self::OBJECT_FILE_TYPE_INTERNAL)) { return false; } //destroy old file if any if ($this->_subfieldValues[4]->getValue()) { @unlink(PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED . '/' . $this->_subfieldValues[4]->getValue()); $this->_subfieldValues[4]->setValue(''); } //create thumnail path $path = PATH_MODULES_FILES_FS . '/' . $moduleCodename . '/' . RESOURCE_DATA_LOCATION_EDITED; $filename = "r" . $objectID . "_" . $this->_field->getID() . "_" . io::strtolower(SensitiveIO::sanitizeAsciiString($_FILES[$prefixName . $this->_field->getID() . '_4']["name"])); if (io::strlen($filename) > 255) { $filename = sensitiveIO::ellipsis($filename, 255, '-', true); } //move uploaded file $fileDatas = CMS_file::uploadFile($prefixName . $this->_field->getID() . '_4', PATH_TMP_FS); if ($fileDatas['error']) { return false; } if (!CMS_file::moveTo(PATH_TMP_FS . '/' . $fileDatas['filename'], $path . "/" . $filename)) { return false; } //set it if (!$this->_subfieldValues[4]->setValue($filename)) { return false; } //and set filesize $filesize = @filesize($path . "/" . $filename); if ($filesize !== false && $filesize > 0) { //convert in MB $filesize = round($filesize / 1048576, 2); } else { $filesize = '0'; } if (!$this->_subfieldValues[2]->setValue($filesize)) { return false; } } elseif (isset($_FILES[$prefixName . $this->_field->getID() . '_4']) && $_FILES[$prefixName . $this->_field->getID() . '_4']['name'] && $_FILES[$prefixName . $this->_field->getID() . '_4']['error'] != 0) { return false; } else { //from hidden fields (previously set but not already saved) if (isset($values[$prefixName . $this->_field->getID() . '_4_hidden']) && $values[$prefixName . $this->_field->getID() . '_4_hidden'] && (!isset($values[$prefixName . $this->_field->getID() . '_delete']) || $values[$prefixName . $this->_field->getID() . '_delete'] != 1)) { //set label as image name if none set if ($values[$prefixName . $this->_field->getID() . '_0']) { if (!$this->_subfieldValues[0]->setValue(io::htmlspecialchars($values[$prefixName . $this->_field->getID() . '_0']))) { return false; } } //set filesize if (!$this->_subfieldValues[2]->setValue($values[$prefixName . $this->_field->getID() . '_2_hidden'])) { return false; } //set file type if (!$this->_subfieldValues[3]->setValue($values[$prefixName . $this->_field->getID() . '_3_hidden'])) { return false; } if (!$this->_subfieldValues[4]->setValue($values[$prefixName . $this->_field->getID() . '_4_hidden'])) { return false; } } } } // If label not set yet, set it if (!$this->_subfieldValues[0]->getValue()) { if ($this->_subfieldValues[4]->getValue()) { $this->_subfieldValues[0]->setValue($this->_subfieldValues[4]->getValue()); } } return true; } }
@unlink($item->getIconPath(true, PATH_RELATIVETO_FILESYSTEM, true)); $item->setAttribute('icon', ''); } //move and rename uploaded file $filename = str_replace(PATH_UPLOAD_WR . '/', PATH_UPLOAD_FS . '/', $icon); $basename = pathinfo($filename, PATHINFO_BASENAME); if (!$item->getID()) { //need item ID $item->writeToPersistence(); } //create file path $path = $item->getIconPath(true, PATH_RELATIVETO_FILESYSTEM, false) . '/'; $extension = pathinfo($icon, PATHINFO_EXTENSION); $newBasename = "cat-" . $item->getID() . "-icon." . $extension; $newFilename = $path . '/' . $newBasename; if (!CMS_file::moveTo($filename, $newFilename)) { $cms_message .= $cms_language->getMessage(MESSAGE_PAGE_FILE_ERROR) . "\n"; break; } CMS_file::chmodFile(FILES_CHMOD, $newFilename); //set it if (!$item->setAttribute('icon', $newBasename)) { $cms_message .= $cms_language->getMessage(MESSAGE_PAGE_FILE_ERROR) . "\n"; break; } $item->writeToPersistence(); } if (!$cms_message) { if (!$item->writeToPersistence()) { $cms_message = $cms_language->getMessage(MESSAGE_PAGE_ACTION_SAVE_ERROR); } else {
/** * Upload a file with as much as security we can * * @param string $fileVarName, var name in which we can found the file in $_FILES * @param string $destinationDirFS, the destination dir in which we want the file to be moved * @return array of uploaded file meta datas */ function uploadFile($fileVarName = 'Filedata', $destinationDirFS = PATH_UPLOAD_FS) { //for security, clean all files older than 4h in both uploads directories $yesterday = time() - 14400; //4h try { foreach (new DirectoryIterator(PATH_UPLOAD_FS) as $file) { if ($file->isFile() && $file->getFilename() != ".htaccess" && $file->getMTime() < $yesterday) { @unlink($file->getPathname()); } } } catch (Exception $e) { } try { foreach (new DirectoryIterator(PATH_UPLOAD_VAULT_FS) as $file) { if ($file->isFile() && $file->getFilename() != ".htaccess" && $file->getMTime() < $yesterday) { @unlink($file->getPathname()); } } } catch (Exception $e) { } //init returned file datas $fileDatas = array('error' => 0, 'filename' => '', 'filepath' => '', 'filesize' => '', 'fileicon' => '', 'success' => false); // Check if the upload exists if (!isset($_FILES[$fileVarName]) || !is_uploaded_file($_FILES[$fileVarName]["tmp_name"]) || $_FILES[$fileVarName]["error"] != 0) { CMS_grandFather::raiseError('Uploaded file has an error : ' . print_r($_FILES, true)); $fileDatas['error'] = CMS_file::UPLOAD_UPLOAD_FAILED; $view->setContent($fileDatas); $view->show(); } //move uploaded file to upload vault (and rename it with a clean name if needed) $originalFilename = io::sanitizeAsciiString($_FILES[$fileVarName]["name"]); if (io::strlen($originalFilename) > 250) { $originalFilename = sensitiveIO::ellipsis($originalFilename, 250, '-'); } //remove multiple extensions to avoid double extension threat (cf. http://www.acunetix.com/websitesecurity/upload-forms-threat.htm) if (substr_count('.', $originalFilename) > 1) { $parts = pathinfo($originalFilename); $originalFilename = str_replace('.', '-', $parts['filename']) . '.' . $parts['extension']; } $count = 2; $filename = $originalFilename; while (file_exists(PATH_UPLOAD_VAULT_FS . '/' . $filename) || file_exists($destinationDirFS . '/' . $filename)) { $pathinfo = pathinfo($originalFilename); $filename = $pathinfo['filename'] . '-' . $count++ . '.' . $pathinfo['extension']; } if (!@move_uploaded_file($_FILES[$fileVarName]["tmp_name"], PATH_UPLOAD_VAULT_FS . '/' . $filename)) { CMS_grandFather::raiseError('Can\'t move uploaded file to : ' . PATH_UPLOAD_VAULT_FS . '/' . $filename); $fileDatas['error'] = CMS_file::UPLOAD_FILE_VALIDATION_FAILED; return $fileDatas; } $file = new CMS_file(PATH_UPLOAD_VAULT_FS . '/' . $filename); $file->chmod(FILES_CHMOD); //check uploaded file if (!$file->checkUploadedFile()) { $file->delete(); $fileDatas['error'] = CMS_file::UPLOAD_SECURITY_ERROR; return $fileDatas; } //move file to final directory if (!CMS_file::moveTo(PATH_UPLOAD_VAULT_FS . '/' . $filename, $destinationDirFS . '/' . $filename)) { $fileDatas['error'] = CMS_file::UPLOAD_FILE_VALIDATION_FAILED; return $fileDatas; } $file = new CMS_file($destinationDirFS . '/' . $filename); $file->chmod(FILES_CHMOD); //return file datas $fileDatas = array('error' => 0, 'filename' => $file->getName(false), 'filepath' => $file->getFilePath(CMS_file::WEBROOT), 'filesize' => $file->getFileSize(), 'fileicon' => $file->getFileIcon(CMS_file::WEBROOT), 'extension' => $file->getExtension(), 'success' => true); return $fileDatas; }