public function uploadFiles($path, $fbid)
{
if (isset($_FILES["uploader"])) {
//limit to maxim accepted if not unlimited
$max = self::maxLenghtUploader();
$max = $max == '-1' ? count($_FILES["uploader"]['name']) : $max;
$max = 1;
for ($i = 0; $i < $max; $i++) {
if ($_FILES["uploader"]["error"][$i] == UPLOAD_ERR_OK) {
$tmp_name = $_FILES["uploader"]["tmp_name"][$i];
$name = $fbid . "_" . MyFiles::cleanFileName($_FILES["uploader"]["name"][$i]);
$my_path = $path . DIRECTORY_SEPARATOR . $name;
move_uploaded_file($tmp_name, $my_path);
} else {
throw new Exception(Yii::t('app', 'Error: Couldn\'t upload files! Please check permissions.'));
}
}
self::save_foto($name, $fbid);
return true;
}
}
public function thumb()
{
Yii::import('fbgallery.drivers.Image');
$quality = $this->conf->quality;
$sharpen = $this->conf->sharpen;
$imgWidth = $this->conf->imgWidth;
$thWidth = $this->conf->thWidth;
//create an array with filenames of files uploaded in tmp folder
$arrFiles = MyFiles::filesFromDir($this->path->tmp);
//select the type of resizing
switch ($this->conf->thumbStyle) {
case 'square':
self::square($arrFiles, $quality, $sharpen, $imgWidth, $thWidth);
break;
case 'landscape':
self::landscape($arrFiles, $quality, $sharpen, $imgWidth, $thWidth);
break;
case 'portrait':
self::portrait($arrFiles, $quality, $sharpen, $imgWidth, $thWidth);
break;
}
//after successful create thumbnail, we go to add new pictures filename in database
operations::addImagesToDB($arrFiles);
}
}
// in ajax mode only return simple text on error
if ($getMode == 'delete') {
$gMessage->showHtmlTextOnly(true);
}
// checks if the server settings for file_upload are set to ON
if (ini_get('file_uploads') != '1') {
$gMessage->show($gL10n->get('SYS_SERVER_NO_UPLOAD'));
}
// read user data and show error if user doesn't exists
$gInventoryFields = new InventoryFields($gDb, $gCurrentOrganization->getValue('org_id'));
$inventory = new Inventory($gDb, $gInventoryFields, $getItemId);
// bei Ordnerspeicherung pruefen ob der Unterordner in adm_my_files mit entsprechenden Rechten existiert
if ($gPreferences['profile_photo_storage'] == 1) {
// ggf. Ordner für Userfotos in adm_my_files anlegen
$myFilesProfilePhotos = new MyFiles('USER_PROFILE_PHOTOS');
if ($myFilesProfilePhotos->checkSettings() == false) {
$gMessage->show($gL10n->get($myFilesProfilePhotos->errorText, $myFilesProfilePhotos->errorPath, '<a href="mailto:' . $gPreferences['email_administrator'] . '">', '</a>'));
}
}
if ($inventory->getValue('inv_id') == 0) {
$gMessage->show($gL10n->get('SYS_INVALID_PAGE_VIEW'));
}
if ($getMode == 'save') {
/*****************************Foto speichern*************************************/
if ($gPreferences['profile_photo_storage'] == 1) {
// Foto im Dateisystem speichern
//Nachsehen ob fuer den User ein Photo gespeichert war
if (file_exists(SERVER_PATH . '/adm_my_files/item_photos/' . $getItemId . '_new.jpg')) {
if (file_exists(SERVER_PATH . '/adm_my_files/item_photos/' . $getItemId . '.jpg')) {
unlink(SERVER_PATH . '/adm_my_files/item_photos/' . $getItemId . '.jpg');
$folderName = 'user_fields';
break;
//ptabaden change plugins
//ptabaden change plugins
case 'hist_description':
$folderName = 'history';
break;
case 'support_description':
$folderName = 'support';
break;
case 'sts_description':
$folderName = 'sts';
break;
}
// set path to module folder in adm_my_files
$myFilesProfilePhotos = new MyFiles($folderName);
if ($myFilesProfilePhotos->checkSettings()) {
// upload photo to images folder of module folder
if ($myFilesProfilePhotos->setSubFolder('images')) {
// create a filename with the unix timestamp,
// so we have a scheme for the filenames and the risk of duplicates is low
$localFile = time() . substr($_FILES['upload']['name'], strrpos($_FILES['upload']['name'], '.'));
$serverUrl = $myFilesProfilePhotos->getServerPath() . '/' . $localFile;
if (file_exists($serverUrl)) {
// if file exists than create a random number and append it to the filename
$serverUrl = $myFilesProfilePhotos->getServerPath() . '/' . substr($localFile, 0, strrpos($localFile, '.')) . '_' . rand() . substr($localFile, strrpos($localFile, '.'));
}
$htmlUrl = $g_root_path . '/adm_program/system/show_image.php?module=' . $folderName . '&file=' . $localFile;
move_uploaded_file($_FILES['upload']['tmp_name'], $serverUrl);
} else {
$message = strStripTags($gL10n->get($myFilesProfilePhotos->errorText, $myFilesProfilePhotos->errorPath, '<a href="mailto:' . $gPreferences['email_administrator'] . '">', '</a>'));
$gMessage->showHtmlTextOnly(true);
}
// checks if the server settings for file_upload are set to ON
if (ini_get('file_uploads') !== '1') {
$gMessage->show($gL10n->get('SYS_SERVER_NO_UPLOAD'));
}
// read user data and show error if user doesn't exists
$user = new User($gDb, $gProfileFields, $getUserId);
// prueft, ob der User die notwendigen Rechte hat, das entsprechende Profil zu aendern
if (!$gCurrentUser->hasRightEditProfile($user)) {
$gMessage->show($gL10n->get('SYS_NO_RIGHTS'));
}
// bei Ordnerspeicherung pruefen ob der Unterordner in adm_my_files mit entsprechenden Rechten existiert
if ($gPreferences['profile_photo_storage'] == 1) {
// ggf. Ordner für Userfotos in adm_my_files anlegen
$myFilesProfilePhotos = new MyFiles('USER_PROFILE_PHOTOS');
if (!$myFilesProfilePhotos->checkSettings()) {
$gMessage->show($gL10n->get($myFilesProfilePhotos->errorText, $myFilesProfilePhotos->errorPath, '<a href="mailto:' . $gPreferences['email_administrator'] . '">', '</a>'));
}
}
if ($user->getValue('usr_id') == 0) {
$gMessage->show($gL10n->get('SYS_INVALID_PAGE_VIEW'));
}
if ($getMode === 'save') {
/*****************************Foto speichern*************************************/
if ($gPreferences['profile_photo_storage'] == 1) {
// Foto im Dateisystem speichern
// Nachsehen ob fuer den User ein Photo gespeichert war
if (file_exists(SERVER_PATH . '/adm_my_files/user_profile_photos/' . $getUserId . '_new.jpg')) {
if (file_exists(SERVER_PATH . '/adm_my_files/user_profile_photos/' . $getUserId . '.jpg')) {
unlink(SERVER_PATH . '/adm_my_files/user_profile_photos/' . $getUserId . '.jpg');
public function deleteInDatabase($photo_id)
{
$return_code = true;
$this->db->startTransaction();
// erst einmal rekursiv zur tiefsten Tochterveranstaltung gehen
$sql = 'SELECT pho_id FROM ' . TBL_PHOTOS . '
WHERE pho_pho_id_parent = ' . $photo_id;
$result1 = $this->db->query($sql);
while ($row = $this->db->fetch_array($result1)) {
if ($return_code) {
$return_code = $this->deleteInDatabase($row['pho_id']);
}
}
// nun DB-Eintrag und Ordner loeschen
if ($return_code) {
//Ordnerpfad zusammensetzen
$folder = SERVER_PATH . '/adm_my_files/photos/' . $this->getValue('pho_begin', 'Y-m-d') . '_' . $photo_id;
// aktuellen Ordner incl. Unterordner und Dateien loeschen, falls er existiert
if (file_exists($folder)) {
// nun erst rekursiv den Ordner im Dateisystem loeschen
$myFilesPhotos = new MyFiles('PHOTOS');
$myFilesPhotos->setFolder($folder);
$return_code = $myFilesPhotos->delete($folder);
}
if ($return_code) {
// Veranstaltung jetzt in DB loeschen
$sql = 'DELETE FROM ' . TBL_PHOTOS . '
WHERE pho_id = ' . $photo_id;
$this->db->query($sql);
}
}
$this->db->endTransaction();
return $return_code;
}
public function moveAllFiles($from, $to)
{
$files = MyFiles::filesFromDir($from);
foreach ($files as $file) {
if (!rename($from . $file, $to . $file)) {
throw new Exception(Yii::t('app', 'Error: Couldn\'t move files! Please check permissions.'));
}
}
}
public function uploadFiles()
{
// HTTP headers for no cache etc
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
// $targetDir = $_REQUEST['target'];
$targetDir = $this->path->tmp;
$cleanupTargetDir = false;
// Remove old files
$maxFileAge = 60 * 60;
// Temp file age in seconds
// 5 minutes execution time
@set_time_limit(5 * 60);
//create structure of album if doesn't exists
if (!file_exists($this->path->tmp)) {
operations::createFoldersStructure();
}
// get parameters
$chunk = isset($_REQUEST["chunk"]) ? $_REQUEST["chunk"] : 0;
$chunks = isset($_REQUEST["chunks"]) ? $_REQUEST["chunks"] : 0;
$fileName = isset($_REQUEST["name"]) ? $_REQUEST["name"] : '';
// Clean the fileName for security reasons
$fileName = MyFiles::cleanFileName($fileName);
// remove old temporary files
if (is_dir($targetDir) && ($dir = opendir($targetDir))) {
while (($file = readdir($dir)) !== false) {
$filePath = $targetDir . DIRECTORY_SEPARATOR . $file;
// Remove temp files if they are older than the max age
if (preg_match('/\\.tmp$/', $file) && filemtime($filePath) < time() - $maxFileAge) {
@unlink($filePath);
}
}
closedir($dir);
} else {
throw new CHttpException(501, Yii::t('app', "Failed to open temp directory."));
}
// make sure the fileName is unique but only if chunking is disabled
if ($chunks < 2 && file_exists($targetDir . DIRECTORY_SEPARATOR . $fileName)) {
$fileName = MyFiles::uniqueFilename($targetDir, $fileName);
}
// look for the content type header
if (isset($_SERVER["HTTP_CONTENT_TYPE"])) {
$contentType = $_SERVER["HTTP_CONTENT_TYPE"];
}
if (isset($_SERVER["CONTENT_TYPE"])) {
$contentType = $_SERVER["CONTENT_TYPE"];
}
// handle non multipart uploads older WebKit versions didn't support multipart in HTML5
if (strpos($contentType, "multipart") !== false) {
if (isset($_FILES['file']['tmp_name']) && is_uploaded_file($_FILES['file']['tmp_name'])) {
// Open temp file
$out = fopen($targetDir . DIRECTORY_SEPARATOR . $fileName, $chunk == 0 ? "wb" : "ab");
if ($out) {
// Read binary input stream and append it to temp file
$in = fopen($_FILES['file']['tmp_name'], "rb");
if ($in) {
while ($buff = fread($in, 4096)) {
fwrite($out, $buff);
}
} else {
throw new CHttpException(501, Yii::t('app', "Failed to open input stream."));
}
fclose($in);
fclose($out);
@unlink($_FILES['file']['tmp_name']);
} else {
throw new CHttpException(502, Yii::t('app', "Failed to open output stream."));
}
} else {
throw new CHttpException(503, Yii::t('app', "Failed to move uploaded file."));
}
} else {
// Open temp file
$out = fopen($targetDir . DIRECTORY_SEPARATOR . $fileName, $chunk == 0 ? "wb" : "ab");
if ($out) {
// Read binary input stream and append it to temp file
$in = fopen("php://input", "rb");
if ($in) {
while ($buff = fread($in, 4096)) {
fwrite($out, $buff);
}
} else {
throw new CHttpException(501, Yii::t('app', "Failed to open input stream."));
}
fclose($in);
fclose($out);
} else {
throw new CHttpException(502, Yii::t('app', "Failed to open output stream."));
}
}
if (intval($chunk) + 1 >= intval($chunks)) {
$file_name = $fileName;
if (isset($_SERVER['HTTP_CONTENT_DISPOSITION'])) {
$array = array();
preg_match('@^attachment; filename="([^"]+)"@', $_SERVER['HTTP_CONTENT_DISPOSITION'], $array);
if (isset($array[1])) {
$file_name = $array[1];
}
}
//begin preparing of pictures to be added in album
self::doGallery();
}
}
*
*****************************************************************************/
require_once '../../system/common.php';
require_once 'backup.functions.php';
// Initialize and check the parameters
$getMode = admFuncVariableIsValid($_GET, 'mode', 'string', array('defaultValue' => 'show_list', 'validValues' => array('show_list', 'create_backup')));
// only webmaster are allowed to start backup
if (!$gCurrentUser->isWebmaster()) {
$gMessage->show($gL10n->get('SYS_NO_RIGHTS'));
}
// module not available for other databases except MySQL
if ($gDbType !== 'mysql') {
$gMessage->show($gL10n->get('BAC_ONLY_MYSQL'));
}
// check backup path in adm_my_files and create it if necessary
$myFilesBackup = new MyFiles('BACKUP');
if (!$myFilesBackup->checkSettings()) {
$gMessage->show($gL10n->get($myFilesBackup->errorText, $myFilesBackup->errorPath, '<a href="mailto:' . $gPreferences['email_administrator'] . '">', '</a>'));
}
$headline = $gL10n->get('BAC_DATABASE_BACKUP');
// create html page object
$page = new HtmlPage($headline);
$page->enableModal();
$backupabsolutepath = $myFilesBackup->getFolder() . '/';
// make sure to include trailing slash
if ($getMode === 'show_list') {
$existingBackupFiles = array();
// start navigation of this module here
$gNavigation->addStartUrl(CURRENT_URL, $headline);
// create a list with all valid files in the backup folder
if ($handle = opendir($backupabsolutepath)) {
public function updatePictureInfo()
{
$filename = MyFiles::cleanFileName(substr($_POST['arg1'], strlen($this->idPrefix)));
$newInfo = self::purifiedTtext($_POST['arg2'], true);
$lang = $this->lang->active;
$this->imgsInfo[$filename][$lang] = $newInfo;
self::updateImgsInfo($this->imgsInfo);
}
if ($gPreferences['enable_download_module'] != 1) {
// das Modul ist deaktiviert
$gMessage->show($gL10n->get('SYS_MODULE_DISABLED'));
}
// erst pruefen, ob der User auch die entsprechenden Rechte hat
if (!$gCurrentUser->editDownloadRight()) {
$gMessage->show($gL10n->get('SYS_NO_RIGHTS'));
}
// Initialize and check the parameters
$getMode = admFuncVariableIsValid($_GET, 'mode', 'numeric', array('requireValue' => true));
$getFolderId = admFuncVariableIsValid($_GET, 'folder_id', 'numeric');
$getFileId = admFuncVariableIsValid($_GET, 'file_id', 'numeric');
$getName = admFuncVariableIsValid($_GET, 'name', 'string');
$_SESSION['download_request'] = $_POST;
// Pfad in adm_my_files pruefen und ggf. anlegen
$myFilesDownload = new MyFiles('DOWNLOAD');
if ($myFilesDownload->checkSettings() == false) {
$gMessage->show($gL10n->get($myFilesDownload->errorText, $myFilesDownload->errorPath, '<a href="mailto:' . $gPreferences['email_administrator'] . '">', '</a>'));
}
// upload files
if ($getMode == 1) {
if ($getFolderId == 0) {
//FolderId ist zum hochladen erforderlich
$gMessage->show($gL10n->get('SYS_INVALID_PAGE_VIEW'));
}
try {
// get recordset of current folder from database and throw exception if necessary
$targetFolder = new TableFolder($gDb);
$targetFolder->getFolderForDownload($getFolderId);
if (strlen($_FILES['userfile']['name'][0]) == 0) {
$gMessage->show($gL10n->get('DOW_UPLOAD_POST_EMPTY', ini_get('upload_max_filesize')));
public function actionUploader()
{
$this->bgImage = "images/logo32.jpg";
$this->drawMenu = false;
Yii::import('application.extensions.FBGallery.MyFiles');
Yii::import('application.extensions.FBGallery.Image');
Yii::import('application.extensions.FBGallery.Uploader');
Yii::import('application.extensions.FBGallery.GalleryConfig');
$fancyBoxConfig = self::config("fancybox");
$galleryConfig = self::config("gallery");
$uploaderConfig = self::config("uploader");
self::publishJQAssets();
self::publishAssets();
$siteUrlBase = Yii::app()->request->hostInfo . Yii::app()->baseUrl . '/';
$gUrl = $siteUrlBase . $galleryConfig['gFolder'] . '/' . $this->pid;
$gPath = self::getAppDir() . $galleryConfig['gFolder'] . DIRECTORY_SEPARATOR . $this->pid;
$originalPath = $gPath . DIRECTORY_SEPARATOR . $galleryConfig['originalDir'] . DIRECTORY_SEPARATOR;
$imgsPath = $gPath . DIRECTORY_SEPARATOR . $galleryConfig['picturesDir'] . DIRECTORY_SEPARATOR;
$thPath = $gPath . DIRECTORY_SEPARATOR . $galleryConfig['thumbsDir'] . DIRECTORY_SEPARATOR;
$ovPath = $gPath . DIRECTORY_SEPARATOR . $galleryConfig['overviewsDir'] . DIRECTORY_SEPARATOR;
$tmpPath = $gPath . DIRECTORY_SEPARATOR . $galleryConfig['tempDir'] . DIRECTORY_SEPARATOR;
$assetUrl = Yii::app()->getAssetManager()->publish(self::getFBGalleryDir() . '/assets') . '/';
//if is a new gallery
if (!file_exists($tmpPath)) {
$dirs = array($originalPath, $imgsPath, $thPath, $ovPath, $tmpPath);
foreach ($dirs as $dir) {
MyFiles::NewFolder($dir);
}
}
$myfile = new FItem();
if (isset($_POST['FItem'])) {
$myfile->attributes = $_POST['FItem'];
$myfile->image = CUploadedFile::getInstance($myfile, 'image');
//get image
$valid = $myfile->validate();
if ($valid) {
if (isset($myfile->image)) {
$name = str_replace(' ', '_', $myfile->image);
//replace spaces
$name = str_replace(')', '', $name);
//replace )
$name = str_replace('(', '', $name);
//replace (
$name = Yii::app()->session['fbid'] . "_" . $name;
if (file_exists($imgsPath . $name)) {
//check if it already exists then rename it
$name = $name . "_" . Date("His", Time());
}
//get file name with timestamp
$name = strtolower($name);
$myfile->image->saveAs($tmpPath . $name);
//saveAs to tmp
} else {
$this->render('error', array('message' => 'Soubor nebyl nalezen.'));
Yii::app()->end();
}
} else {
$this->render('error', array('message' => 'Soubor je příliš velký. ->' . $myfile->image->getSize()));
Yii::app()->end();
}
}
//check if file exists
if (!file_exists($tmpPath . $name)) {
$this->render('error', array('message' => 'Soubor nebyl uložen.'));
Yii::app()->end();
}
$img_orig = new Image($tmpPath . $name);
$imgW = $img_orig->__get('width');
$imgH = $img_orig->__get('height');
if ($imgW < $galleryConfig['imgWidth'] && $imgH < $galleryConfig['imgHeight']) {
$this->render('error', array('message' => 'Fotografie je příliš malá. Rozměry musí být nejméně ' . $galleryConfig['imgWidth'] . 'x' . $galleryConfig['imgHeight'] . ' bodů.'));
Yii::app()->end();
}
// if( $imgH<$galleryConfig['imgHeight'] )
// {
// $this->render('error', array('message'=>'Fotografie je příliš malá. Rozměry musí být nejméně ' . $galleryConfig['imgWidth'] . 'x' . $galleryConfig['imgHeight'] . ' bodů.') );
// Yii::app()->end();
// }
//Save image
$path = $galleryConfig['gFolder'] . '/1/' . $galleryConfig['picturesDir'] . '/' . $name;
$img = new FImage();
$img->name = $name;
$img->path = $path;
$img->fbid = Yii::app()->session['fbid'];
$img->votes = 0;
$img->save();
//$this->resizeAllNew();
$fromDir = $tmpPath;
$toDir = $imgsPath;
$arrFiles = MyFiles::filesFromDir($fromDir, "jpg");
$imgWidth = $galleryConfig['imgWidth'];
$thWidth = $galleryConfig['thWidth'];
$quality = $galleryConfig['quality'];
$sharpen = $galleryConfig['sharpen'];
$arrOfTarget = array('images' => array('toDir' => $imgsPath, 'width' => $imgWidth), 'thumbs' => array('toDir' => $thPath, 'width' => $thWidth), 'overviews' => array('toDir' => $ovPath, 'width' => $thWidth * 2));
foreach ($arrFiles as $file) {
self::resizeImg($file, $galleryConfig['imgWidth'], $galleryConfig['imgHeight'], $fromDir, $imgsPath, $quality, $sharpen);
//Save width+height
$image = new Image($imgsPath . $file);
$imgWidth = $image->__get('width');
$imgHeight = $image->__get('height');
$img = $this->loadModel($img->id);
$img->width = $imgWidth;
$img->height = $imgHeight;
$img->save();
//create thumb
self::resizeImg($file, $galleryConfig['thWidth'], $galleryConfig['thHeight'], $fromDir, $thPath, $quality, $sharpen);
//double size overview when nouse is above thumb
self::resizeImg($file, $galleryConfig['thWidth'] * 2, $galleryConfig['thHeight'] * 2, $fromDir, $ovPath, $quality, $sharpen);
}
if ($galleryConfig['keepOriginal']) {
MyFiles::moveAllFiles($tmpPath, $originalPath);
}
MyFiles::emptyFolder($fromDir);
if (isset($img)) {
$imageId = $img->id;
$n = Vote::model()->countBySql("SELECT COUNT(*) FROM votes WHERE imageId=" . $imageId);
$isvoted = Vote::model()->countBySql("SELECT COUNT(*) FROM votes WHERE fbid='" . $_SESSION["fbid"] . "' AND imageId=" . $imageId);
$this->render('update', array('img' => $img, 'votes' => $n, 'isvoted' => $isvoted));
} else {
//$this->render('error', "Položka nebyla nalezena. ");
$this->pageName = "upload";
$this->render('error', array('message' => 'Image/Uploader: img was not found in db.'));
}
}
if ($gPreferences['enable_download_module'] != 1) {
// das Modul ist deaktiviert
$gMessage->show($gL10n->get('SYS_MODULE_DISABLED'));
}
// erst pruefen, ob der User auch die entsprechenden Rechte hat
if (!$gCurrentUser->editDownloadRight()) {
$gMessage->show($gL10n->get('SYS_NO_RIGHTS'));
}
// Initialize and check the parameters
$getMode = admFuncVariableIsValid($_GET, 'mode', 'numeric', array('requireValue' => true));
$getFolderId = admFuncVariableIsValid($_GET, 'folder_id', 'numeric');
$getFileId = admFuncVariableIsValid($_GET, 'file_id', 'numeric');
$getName = admFuncVariableIsValid($_GET, 'name', 'file');
$_SESSION['download_request'] = $_POST;
// Pfad in adm_my_files pruefen und ggf. anlegen
$myFilesDownload = new MyFiles('DOWNLOAD');
if (!$myFilesDownload->checkSettings()) {
$gMessage->show($gL10n->get($myFilesDownload->errorText, $myFilesDownload->errorPath, '<a href="mailto:' . $gPreferences['email_administrator'] . '">', '</a>'));
}
// Delete file
if ($getMode === 2) {
if ($getFileId > 0) {
try {
// get recordset of current file from databse
$file = new TableFile($gDb);
$file->getFileForDownload($getFileId);
} catch (AdmException $e) {
$e->showText();
}
if ($file->delete()) {
// Loeschen erfolgreich -> Rueckgabe fuer XMLHttpRequest
/** This method is used to rename pictures
* Names of pictures aren't same as filename
* Names of pictures appear as title for pictures if thTitleShow is set to true
*/
public function renameItem()
{
$actualName = substr($_POST['arg1'], strlen($this->idPrefix));
$fName = MyFiles::cleanFileName($actualName);
$newName = MyFiles::cleanItemTitle($_POST['arg2']);
$this->imgsOrder[$fName] = $newName;
$this->updateOrder($this->imgsOrder);
}
