public static function processObjectUploads($objectID, $uploadID) { if (is_empty($uploadID)) { return array(); } $uploadBase = files::getBaseUploadPath() . DIRECTORY_SEPARATOR . $uploadID; $saveBase = mfcs::config('convertedPath'); // If the uploadPath dosen't exist, then no files were uploaded if (!is_dir($uploadBase)) { return TRUE; } // Generate new assets UUID and make the directory (this should be done quickly to prevent race-conditions $assetsID = self::newAssetsUUID(); if (($originalsFilepath = self::getSaveDir($assetsID, 'archive')) === FALSE) { return array(); } $return['uuid'] = $assetsID; // Start looping through the uploads and move them to their new home $files = scandir($uploadBase); foreach ($files as $filename) { if ($filename[0] == '.') { continue; } // Clean the filename $cleanedFilename = preg_replace('/[^a-z0-9-_\\.]/i', '', $filename); $newFilename = $originalsFilepath . DIRECTORY_SEPARATOR . $cleanedFilename; // Move the uploaded files into their new home and make the new file read-only if (@rename("{$uploadBase}/{$filename}", $newFilename) === FALSE) { errorHandle::newError(__METHOD__ . "() - renaming files: {$uploadBase}/{$filename}", errorHandle::DEBUG); return FALSE; } chmod($newFilename, 0444); $return['files']['archive'][] = array('name' => $cleanedFilename, 'path' => self::getSaveDir($assetsID, 'archive', FALSE), 'size' => filesize($newFilename), 'type' => self::getMimeType($newFilename), 'errors' => ''); } // Remove the uploads directory (now that we're done with it) and lock-down the originals dir rmdir($uploadBase); chmod($originalsFilepath, 0555); // Return the array return $return; }
<?php require "../engineInclude.php"; require "../header.php"; define('UPLOAD_PATH', files::getBaseUploadPath()); define('PERMISSONS', 0777); // Include the uploader class recurseInsert("includes/class.fineUploader.php", "php"); $uploader = new qqFileUploader(); // Specify the list of valid extensions, ex. array("jpeg", "xml", "bmp") $uploader->allowedExtensions = array(); // Specify the input name set in the javascript. $uploader->inputName = 'qqfile'; // Preserve the file's extention for Mime-Type stuff $filename = $uploader->getName(); $fileExt = "." . pathinfo($filename, PATHINFO_EXTENSION); // To save the upload with a specified name, set the second parameter. $uploadPath = UPLOAD_PATH . DIRECTORY_SEPARATOR . $engine->cleanPost['MYSQL']['uploadID']; // Make sure the upload temp dir exits if (!is_dir($uploadPath)) { mkdir($uploadPath, PERMISSONS, TRUE); } else { if (!$engine->cleanPost['MYSQL']['multiple']) { $files = glob($uploadPath . DIRECTORY_SEPARATOR . '*'); // get all existing file names foreach ($files as $file) { if (is_file($file)) { unlink($file); } } }