public static function move($file, $to, $options = null) { if (!self::exists($file)) { return false; } $options = array_merge(array('name' => null, 'extension' => null, 'size' => null, 'chmod' => 0644, 'overwrite' => false, 'mimes' => array()), $options); $file = $_FILES[$file]; $ftp = $options['ftp']; if ($options['size'] && $file['size'] > $options['size']) { throw new UploadException('size'); } $pathinfo = pathinfo($file['name']); if ($options['extension']) { $pathinfo['extension'] = $options['extension']; } if (!$pathinfo['extension']) { throw new UploadException('extension'); } if (count($options['mimes'])) { $mime = self::mime($file['tmp_name'], array('default' => $file['type'], 'extension' => $pathinfo['extension'])); if (!$mime || !in_array($mime, $options['mimes'])) { throw new UploadException('extension'); } } $file['ext'] = strtolower($pathinfo['extension']); $file['base'] = basename($pathinfo['basename'], '.' . $pathinfo['extension']); $real = realpath($to); //print_rr($real); if (!$real) { throw new UploadException('path'); } if (is_dir($real)) { $to = $_SERVER['DOCUMENT_ROOT'] . '/../Common/tmp/' . ($options['name'] ? $options['name'] : $file['base']) . '.' . $file['ext']; } if (!$options['overwrite'] && file_exists($to)) { throw new UploadException('exists'); } if (!move_uploaded_file($file['tmp_name'], $to)) { throw new UploadException(strtolower($_FILES[$file]['error'] <= 2 ? 'size' : ($_FILES[$file]['error'] == 3 ? 'partial' : 'nofile'))); } $dir_path = pathinfo(File_Manager::getFTPPath($real, $_GET['directory'])); $ftp_filepath = File_Manager::getFTPPath($ftp->public_html, $dir_path['dirname'] . '/' . $dir_path['basename']); //print_rr($ftp_filepath); //print_rr(pathinfo(File_Manager::getFTPPath($real.'/'.$_GET['folder'], $_GET['directory']))); $ftp->put($to, $ftp_filepath . '/' . ($options['name'] ? $options['name'] : $file['base']) . '.' . $file['ext']); unlink($to); return realpath($dir_path['dirname'] . '/' . $_GET['directory'] . '/' . ($options['name'] ? $options['name'] : $file['base']) . '.' . $file['ext']); }
} if (isset($_POST['upload_cds'])) { require_once '../private/File_Manager.php'; $manager = new File_Manager(); $file = $_FILES['upload_file']; $uploaded = upload_file($file); if (strlen($uploaded) == 34) { $manager->Upload_CDs('../files/' . $uploaded); header("Location: ../Librarian.php?page=library_cds"); exit; } else { } } if (isset($_POST['upload_magazines'])) { require_once '../private/File_Manager.php'; $manager = new File_Manager(); $file = $_FILES['upload_file']; $uploaded = upload_file($file); if (strlen($uploaded) == 34) { $manager->Upload_Magazines('../files/' . $uploaded); header("Location: ../Librarian.php?page=library_magazine"); exit; } else { } } if (isset($_POST['Delete_Student'])) { require_once '../private/LMS_Engine.php'; $engine = new LMS_Engine(); $engine->delete_students($_POST['STD_id']); header("Location: ../Librarian.php?page=add_new_student"); exit;
} elseif (isset($_POST['session'])) { $pwd = $_POST['session'][0]; $iv = $_POST['session'][1]; } $registry->sessionId = Utility::decodeString($pwd, $iv); try { $registry->db = new DB_Admin($registry); $registry->session = new Session($registry); //user_agent|s:15:"Shockwave Flash";remote_addr|s:9:"127.0.0.1" function UploadIsAuthenticated($get) { global $registry; if (!empty($get['session'])) { if (isset($_SESSION['user_id']) && isset($_SESSION['username']) && $_SERVER['HTTP_USER_AGENT'] == 'Shockwave Flash') { // Query the database. $row = $registry->db->getResult('user_id, username, user_group', $registry->user . 'users', $registry->user . 'user_groups', array('where' => 'user_id=' . $_SESSION['user_id'], 'and' => array("username='******'username'] . "'", "user_group != 'registered'")), false); return count($row) == 1 ? true : false; } else { return false; } } return false; } $browser = new File_Manager($registry, array('baseURL' => $registry->get('config.server.web_url') . '/userfiles/', 'directory' => DS . 'home' . DS . $registry->settings['dir'] . DS . 'Public' . DS . $registry->settings['resolve'], 'assetBasePath' => BASE . '/Uthando-Images/FileManager', 'move' => true, 'create' => true, 'upload' => true, 'destroy' => true, 'filter' => isset($_POST['filter']) && is_string($_POST['filter']) && !empty($_POST['filter']) ? $_POST['filter'] . '/' : null)); $browser->fireEvent(!empty($_GET['event']) ? $_GET['event'] : null); } catch (PDOException $e) { $registry->Error($e->getMessage()); } $registry->db = null; unset($uthando, $registry); ob_end_flush();