/** * Save an uploaded file to a new location. * * @param array uploaded file data * @param string new filename * @param string new directory * @param integer chmod mask * @param boolean use "copy" unstead "rename" command for persistent files * @return string on success, full path to new file * @return FALSE on failure */ public static function save(array $file, $filename = NULL, $directory = NULL, $chmod = NULL, $copy = FALSE) { if ($filename === NULL) { // Use the default filename, with a unique ID pre-pended $filename = uniqid() . '_' . $file['name']; } $chmod === NULL and $chmod = Ku_Upload::$default_file_chmod; $filename = Ku_File::safe_name($filename, Ku_Upload::$remove_spaces, Ku_Upload::$max_filename_length); if ($filename === FALSE) { return FALSE; } if (isset($file['persistent'])) { if ($directory === NULL) { // Use the pre-configured upload directory $directory = Ku_Upload::$persistent_temp_directory; } if (!is_dir($directory) or !is_writable(realpath($directory))) { throw new Kohana_Exception('Directory :dir must be writable', array(':dir' => Debug::path($directory))); } // Make the filename into a complete path $filename = realpath($directory) . DIRECTORY_SEPARATOR . $filename; if (file_exists($file['persistent']) and is_file($file['persistent'])) { if ($copy === TRUE) { $result = copy($file['persistent'], $filename); } else { $result = rename($file['persistent'], $filename); Ku_Upload::persistent_delete($file); } if ($result) { if ($chmod !== FALSE) { // Set permissions on filename chmod($filename, $chmod); } // Return new file path return $filename; } else { return FALSE; } } else { Ku_Upload::persistent_delete($file); return FALSE; } } else { return parent::save($file, $filename, $directory, $chmod); } }
public function action_index() { $value = $_FILES['upload']; if (is_array($value) and Ku_Upload::valid($value) and Ku_Upload::not_empty($value)) { $md5 = md5($value['name']); $save_path = DOCROOT . 'upload' . DIRECTORY_SEPARATOR . 'editor' . DIRECTORY_SEPARATOR . str_pad($this->site_id, 2, '0', STR_PAD_LEFT) . DIRECTORY_SEPARATOR . date('Y') . DIRECTORY_SEPARATOR . substr($md5, 0, 2) . DIRECTORY_SEPARATOR . substr($md5, 2, 2) . DIRECTORY_SEPARATOR; Ku_Dir::make_writable($save_path); $filename = Ku_File::safe_name($value['name'], TRUE, $this->max_filename_length); $prefix = uniqid() . '_'; while (file_exists($save_path . $prefix . $filename)) { $prefix = uniqid() . '_'; } $filename = Ku_Upload::save($value, $prefix . $filename, $save_path); $filename = 'upload' . str_replace(array(realpath(DOCROOT . 'upload'), DIRECTORY_SEPARATOR), array('', '/'), $filename); if (!$filename) { Kohana::$log->add(Log::ERROR, 'Exception occurred: :exception. [:file][:line] ', array(':file' => Debug::path(__FILE__), ':line' => __LINE__, ':exception' => 'File not saved')); } echo str_replace(array('{FUNCTION}', '{SRC}'), array(Request::initial()->query('CKEditorFuncNum'), URL::base() . $filename), $this->template); } }
/** * Saves file and returns file name * * @param string $field File field name * @param mixed $value File field value * @return string */ public function file_save($field, $value) { $this->_check_file_field($field); $config = $this->_file_fields[$field]; $base_path = $this->file_path($field, ''); // Upload a file? if (is_array($value) and Ku_Upload::valid($value) and Ku_Upload::not_empty($value)) { // Get path to save file $sub_dir = $this->file_sub_dir($field, $value['name']); $save_path = $base_path . $sub_dir; // Create and make directory writable Ku_Dir::make_writable($base_path . $sub_dir, $config['dir_chmod']); // Generate safe filename $filename = Ku_File::safe_name($value['name'], TRUE, $config['max_filename_length']); $prefix = ''; if ($config['force_unique_prefix']) { // Make unique filename $prefix = uniqid() . '_'; } while (file_exists($save_path . $prefix . $filename)) { // Make unique filename to prevent override existing file $prefix = uniqid() . '_'; } $filename = $prefix . $filename; $filename = Ku_Upload::save($value, $filename, $save_path, $config['file_chmod']); if (!$filename) { throw new Kohana_Exception('File :filename not saved to a field :field of model :model', array(':filename' => $value['name'], ':field' => $field, ':model' => $this->_orm->object_name())); } } elseif (is_string($value) and is_file($value)) { // Test allowed source directories if (!is_array($config['allowed_src_dirs']) or empty($config['allowed_src_dirs'])) { throw new Kohana_Exception('Field :field of model :model has no allowed source directories', array(':field' => $field, ':model' => $this->_orm->object_name())); } foreach ($config['allowed_src_dirs'] as $dir) { if (strpos(realpath($value), realpath($dir)) === 0) { // Allowed directory found $allowed_dir = $dir; break; } } if (!isset($allowed_dir)) { // Allowed directory not found throw new Kohana_Exception('File :filename is not in the allowed source directory of field :field of model :model', array(':filename' => Debug::path($value), ':field' => $field, ':model' => $this->_orm->object_name())); } // Get path to save file $sub_dir = $this->file_sub_dir($field, basename($value)); $save_path = $base_path . $sub_dir; // Create and make directory writable Ku_Dir::make_writable($base_path . $sub_dir, Arr::get($config, 'dir_chmod')); // Generate safe filename $filename = Ku_File::safe_name(basename($value), TRUE, $config['max_filename_length']); if ($value !== $save_path . $filename) { $prefix = ''; if ($config['force_unique_prefix']) { // Make unique filename $prefix = uniqid() . '_'; } while (file_exists($save_path . $prefix . $filename)) { // Make unique filename to prevent override existing file $prefix = uniqid() . '_'; } $filename = $prefix . $filename; if (rename($value, $save_path . $filename)) { $filename = $save_path . $filename; } else { // File not saved throw new Kohana_Exception('File :filename not saved to a field :field of model :model', array(':filename' => Debug::path($value), ':field' => $field, ':model' => $this->_orm->object_name())); } } else { $filename = $value; } } else { throw new Kohana_Exception('Invalid file parameter :value for field :field of model :model', array(':value' => (string) $value, ':field' => $field, ':model' => $this->_orm->object_name())); } if (!empty($filename)) { try { chmod($filename, $config['file_chmod']); } catch (Exception $e) { Kohana::$log->add(Log::ERROR, 'Exception occurred: :exception. [:file][:line] ', array(':file' => Debug::path(__FILE__), ':line' => __LINE__, ':exception' => $e->getMessage())); } // Save only path relative base path $save_value = $sub_dir . basename($filename); $save_value = ltrim(str_replace('\\', '/', $save_value), '/'); // Assign ORM field $this->_orm->{$field} = $save_value; } return $filename; }