コード例 #1
0
ファイル: participants-database.php プロジェクト: raj-rk/Raj
 /**
  * handles a file upload
  *
  * @param string $name the name of the current field
  * @param array  $file the $_FILES array element corresponding to one file
  * @param int|bool record id if the action is an update
  *
  * @return string the path to the uploaded file or false if error
  */
 private static function _handle_file_upload($field_name, $file, $id = false)
 {
     $field_atts = self::get_field_atts($field_name);
     $type = 'image-upload' == $field_atts->form_element ? 'image' : 'file';
     $delete_checked = (bool) (isset($_POST[$field_name . '-deletefile']) and $_POST[$field_name . '-deletefile'] == 'delete');
     $_POST[$field_name . '-deletefile'] = '';
     // attempt to create the target directory if it does not exist
     if (!is_dir(Participants_Db::files_path())) {
         if (false === self::_make_uploads_dir()) {
             return false;
         }
     }
     if (!is_uploaded_file(realpath($file['tmp_name']))) {
         self::_show_validation_error(__('There is something wrong with the file you tried to upload. Try another.', 'participants-database'), $field_name);
         return false;
     }
     /* get the allowed file types and test the uploaded file for an allowed file 
      * extension
      */
     $extensions = empty($field_atts->values) ? self::$plugin_options['allowed_file_types'] : implode(',', self::unserialize_array($field_atts->values));
     $test = preg_match('#^(.+)\\.(' . implode('|', array_map('trim', explode(',', str_replace('.', '', strtolower($extensions))))) . ')$#', strtolower($file['name']), $matches);
     //error_log(__METHOD__.' ext:'.$extensions.' test:'. $test.' matches:'.print_r($matches,1));
     if (0 === $test) {
         if ($type == 'image' && empty($field_atts->values)) {
             self::_show_validation_error(sprintf(__('For "%s", you may only upload image files like JPEGs, GIFs or PNGs.', 'participants-database'), $field_atts->title), $field_name);
         } else {
             self::_show_validation_error(sprintf(__('The file selected for "%s" must be one of these types: %s. ', 'participants-database'), $field_atts->title, preg_replace('#(,)(?=[^,])#U', ', ', $extensions)), $field_name);
         }
         return false;
     } else {
         // validate and construct the new filename using only the allowed file extension
         $new_filename = preg_replace(array('#\\.#', "/\\s+/", "/[^-\\.\\w]+/"), array("-", "_", ""), $matches[1]) . '.' . $matches[2];
         // now make sure the name is unique by adding an index if needed
         $index = 1;
         while (file_exists(Participants_Db::files_path() . $new_filename)) {
             $filename_parts = pathinfo($new_filename);
             $new_filename = preg_replace(array('#_[0-9]+$#'), array(''), $filename_parts['filename']) . '_' . $index . '.' . $filename_parts['extension'];
             $index++;
         }
     }
     if ($type == 'image') {
         /*
          * we perform a validity check on the image files, this also makes sure only 
          * images are uploaded in image upload fields
          */
         $fileinfo = getimagesize($file['tmp_name']);
         $valid_image = in_array($fileinfo[2], array(IMAGETYPE_GIF, IMAGETYPE_JPEG, IMAGETYPE_PNG, IMAGETYPE_WBMP));
         if (!$valid_image) {
             self::_show_validation_error(sprintf(__('For "%s", you may only upload image files like JPEGs, GIFs or PNGs.', 'participants-database'), $field_atts->title), $field_name);
             return false;
         }
     }
     if ($file['size'] > self::$plugin_options['image_upload_limit'] * 1024) {
         self::_show_validation_error(sprintf(__('The file you tried to upload is too large. The file must be smaller than %sK.', 'participants-database'), self::$plugin_options['image_upload_limit']), $field_name);
         return false;
     }
     if (false === move_uploaded_file($file['tmp_name'], Participants_Db::files_path() . $new_filename)) {
         self::_show_validation_error(__('The file could not be saved.', 'participants-database'));
         return false;
     }
     /*
      * if a previously uploaded file exists and the preference is to allow user deletes, 
      * the previously uploaded file is deleted. If an admin wants to delete a file while 
      * user deletes are not allowed, they must check the delete box.
      * 
      * as of 1.5.5
      */
     if ($id !== false) {
         $record_data = self::get_participant($id);
         if (!empty($record_data[$field_name])) {
             $image_obj = new PDb_Image(array('filename' => $record_data[$field_name]));
             if ($image_obj->image_defined and self::$plugin_options['file_delete'] == '1' || is_admin() && $delete_checked) {
                 self::delete_file($record_data[$field_name]);
             }
         }
     }
     /*
      * as of 1.3.2 we save the image as filename only; the image is retrieved from 
      * the directory defined in the plugin setting using the self::get_image function
      */
     return $new_filename;
 }
コード例 #2
0
 /**
  * sets the default path to the image directory
  *
  */
 public function set_image_directory()
 {
     $this->image_directory = Participants_Db::files_path();
     $this->image_directory_uri = Participants_Db::files_uri();
 }