public function test_too_large()
{
$upload = new fileupload($this->filesystem, '', array('gif'), 100);
$file = $upload->remote_upload(self::$root_url . 'styles/prosilver/theme/images/forum_read.gif');
$this->assertEquals(1, sizeof($file->error));
$this->assertEquals('WRONG_FILESIZE', $file->error[0]);
}
/**
* {@inheritdoc}
*/
public function process_form($request, $template, $user, $row, &$error)
{
if ($user->data['user_character_id'] == 0) {
return false;
}
if (!class_exists('fileupload')) {
include $this->phpbb_root_path . 'includes/functions_upload.' . $this->php_ext;
}
$upload = new \fileupload('AVATAR_', $this->allowed_extensions, 100000, 64, 64, 256, 256, isset($this->config['mime_triggers']) ? explode('|', $this->config['mime_triggers']) : false);
$url = $this->get_eveapi_url($user->data['user_character_id'], $this->config['eveapi_portrait_size']);
$file = $upload->remote_upload($url, $this->mimetype_guesser);
$prefix = $this->config['avatar_salt'] . '_';
$file->clean_filename('avatar', $prefix, $row['id']);
$destination = $this->config['avatar_path'];
// Adjust destination path (no trailing slash)
if (substr($destination, -1, 1) == '/' || substr($destination, -1, 1) == '\\') {
$destination = substr($destination, 0, -1);
}
$destination = str_replace(array('../', '..\\', './', '.\\'), '', $destination);
if ($destination && ($destination[0] == '/' || $destination[0] == "\\")) {
$destination = '';
}
// Move file and overwrite any existing image
$file->move_file($destination, true);
if (sizeof($file->error)) {
$file->remove();
$error = array_merge($error, $file->error);
return false;
}
return array('avatar' => $row['id'] . '_' . time() . '.' . $file->get('extension'), 'avatar_width' => $file->get('width'), 'avatar_height' => $file->get('height'));
}
public function main($id, $mode)
{
global $config, $user, $template, $request, $phpbb_container, $phpbb_root_path, $phpEx;
$user->add_lang_ext('tas2580/mobilenotifier', 'common');
$wa = $phpbb_container->get('tas2580.mobilenotifier.src.helper');
$this->tpl_name = 'acp_mobilenotifier_body';
$this->page_title = $user->lang('ACP_MOBILENOTIFIER_TITLE');
add_form_key('acp_mobilenotifier');
// Form is submitted
if ($request->is_set_post('submit')) {
if (!check_form_key('acp_mobilenotifier')) {
trigger_error($user->lang('FORM_INVALID') . adm_back_link($this->u_action), E_USER_WARNING);
}
$config->set('whatsapp_sender', $request->variable('sender', ''));
$config->set('whatsapp_password', $request->variable('password', ''));
$config->set('whatsapp_status', $request->variable('status', ''));
$config->set('whatsapp_default_cc', $request->variable('default_cc', ''));
$wa->update_status($config['whatsapp_status']);
if ($request->file('image')) {
include_once $phpbb_root_path . 'includes/functions_upload.' . $phpEx;
$upload = new \fileupload();
$upload->set_allowed_extensions(array('jpg', 'png', 'gif'));
$file = $upload->form_upload('image');
if ($file->filename) {
$wa->update_picture($file->filename);
}
}
trigger_error($user->lang('ACP_SAVED') . adm_back_link($this->u_action));
}
$template->assign_vars(array('WA_VERSION' => WA_VER, 'U_ACTION' => $this->u_action, 'SENDER' => isset($config['whatsapp_sender']) ? $config['whatsapp_sender'] : '', 'PASSWORD' => isset($config['whatsapp_password']) ? $config['whatsapp_password'] : '', 'STATUS' => isset($config['whatsapp_status']) ? $config['whatsapp_status'] : '', 'CC_SELECT' => $wa->cc_select(isset($config['whatsapp_default_cc']) ? $config['whatsapp_default_cc'] : '')));
}
/**
* {@inheritdoc}
*/
public function process_form($request, $template, $user, $row, &$error)
{
if (!$this->can_upload()) {
return false;
}
if (!class_exists('fileupload')) {
include $this->phpbb_root_path . 'includes/functions_upload.' . $this->php_ext;
}
$upload = new \fileupload($this->filesystem, 'AVATAR_', $this->allowed_extensions, $this->config['avatar_filesize'], $this->config['avatar_min_width'], $this->config['avatar_min_height'], $this->config['avatar_max_width'], $this->config['avatar_max_height'], isset($this->config['mime_triggers']) ? explode('|', $this->config['mime_triggers']) : false);
$url = $request->variable('avatar_upload_url', '');
$upload_file = $request->file('avatar_upload_file');
if (!empty($upload_file['name'])) {
$file = $upload->form_upload('avatar_upload_file', $this->mimetype_guesser);
} else {
if (!empty($this->config['allow_avatar_remote_upload']) && !empty($url)) {
if (!preg_match('#^(http|https|ftp)://#i', $url)) {
$url = 'http://' . $url;
}
if (!function_exists('validate_data')) {
require $this->phpbb_root_path . 'includes/functions_user.' . $this->php_ext;
}
$validate_array = validate_data(array('url' => $url), array('url' => array('string', true, 5, 255)));
$error = array_merge($error, $validate_array);
if (!empty($error)) {
return false;
}
$file = $upload->remote_upload($url, $this->mimetype_guesser);
} else {
return false;
}
}
$prefix = $this->config['avatar_salt'] . '_';
$file->clean_filename('avatar', $prefix, $row['id']);
$destination = $this->config['avatar_path'];
// Adjust destination path (no trailing slash)
if (substr($destination, -1, 1) == '/' || substr($destination, -1, 1) == '\\') {
$destination = substr($destination, 0, -1);
}
$destination = str_replace(array('../', '..\\', './', '.\\'), '', $destination);
if ($destination && ($destination[0] == '/' || $destination[0] == "\\")) {
$destination = '';
}
// Move file and overwrite any existing image
$file->move_file($destination, true);
if (sizeof($file->error)) {
$file->remove();
$error = array_merge($error, $file->error);
return false;
}
// Delete current avatar if not overwritten
$ext = substr(strrchr($row['avatar'], '.'), 1);
if ($ext && $ext !== $file->get('extension')) {
$this->delete($row);
}
return array('avatar' => $row['id'] . '_' . time() . '.' . $file->get('extension'), 'avatar_width' => $file->get('width'), 'avatar_height' => $file->get('height'));
}
public function avatar_upload_resize($row)
{
if (!class_exists('fileupload')) {
include $this->phpbb_root_path . 'includes/functions_upload.' . $this->php_ext;
}
$upload = new \fileupload('AVATAR_', $this->allowed_extensions, $this->config['avatar_filesize'], $this->config['avatar_min_width'], $this->config['avatar_min_height'], $this->config['avatar_upload_max_width'], $this->config['avatar_upload_max_height'], isset($this->config['mime_triggers']) ? explode('|', $this->config['mime_triggers']) : false);
$file = $upload->form_upload('avatar_upload_file', $this->mimetype_guesser);
$prefix = $this->config['avatar_salt'] . '_';
$file->clean_filename('avatar', $prefix, $row['id']);
// If there was an error during upload, then abort operation
if (sizeof($file->error)) {
$file->remove();
$error = $file->error;
return false;
}
// Calculate new destination
$destination = $this->config['avatar_path'];
// Adjust destination path (no trailing slash)
if (substr($destination, -1, 1) == '/' || substr($destination, -1, 1) == '\\') {
$destination = substr($destination, 0, -1);
}
$destination = str_replace(array('../', '..\\', './', '.\\'), '', $destination);
if ($destination && ($destination[0] == '/' || $destination[0] == "\\")) {
$destination = '';
}
$destination_file = $this->phpbb_root_path . $destination . '/' . $prefix . $row['id'] . '.' . $file->get('extension');
$file->move_file($destination, true);
if (sizeof($file->error)) {
$file->remove();
trigger_error(implode('<br />', $file->error));
}
// Delete current avatar if not overwritten
$ext = substr(strrchr($row['avatar'], '.'), 1);
if ($ext && $ext !== $file->get('extension')) {
$this->delete($row);
}
if ($file->width > $this->max_size || $file->height > $this->max_size) {
$avatar_info = $this->resize(array('w' => $file->width, 'h' => $file->height, 'ext' => $file->extension), $destination, $destination_file);
/** New file width & height */
$file->width = $avatar_info['avatar_width'];
$file->height = $avatar_info['avatar_height'];
}
if ($file->width > $this->config['avatar_max_width'] || $file->height > $this->config['avatar_max_height']) {
$destination_edit_file = $this->phpbb_root_path . $this->d_edit . '/' . $row['id'] . '.' . $file->get('extension');
rename($destination_file, $destination_edit_file);
phpbb_chmod($destination_edit_file, CHMOD_READ);
chmod($destination_edit_file, 0666);
redirect($this->helper->route("bb3mobi_AvatarUpload_crop", array('avatar_id' => $row['id'], 'ext' => $file->extension)), false, true);
}
return array('avatar' => $row['id'] . '_' . time() . '.' . $file->get('extension'), 'avatar_width' => $file->width, 'avatar_height' => $file->height);
}
public function regsiter()
{
self::setdata();
$reg = self::wirteData();
//创建用户目录
global $usdir;
$dir = ROOT . DS . US . DS . self::$data[name];
if (!is_dir($dir)) {
for ($i = 0; $i < count($usdir); $i++) {
$newdir = $dir . DS . "{$usdir[$i]}";
fileupload::create_folders($newdir);
}
}
return $reg;
}
/**
* 上传图片的方法
* @return [type] [description]
*/
public function upload()
{
$up = new fileupload();
//设置属性(上传的位置, 大小, 类型, 名是是否要随机生成)
$up->set("path", $this->imagedir);
$up->set("maxsize", 2000000);
$up->set("allowtype", array("gif", "png", "jpg", "jpeg"));
$up->set("israndname", true);
//使用对象中的upload方法, 就可以上传文件, 方法需要传一个上传表单的名子 pic, 如果成功返回true, 失败返回false
if ($up->upload("pic")) {
$data['imagename'] = $up->getoriginname();
$data['imageid'] = $up->getFileName();
$data['imageurl'] = $this->imagebaseurl . $data['imageid'];
$this->res->setdata($data);
$this->res->echores();
} else {
//获取上传失败以后的错误提示
$this->res->seterr("4001", $up->getErrorMsg());
$this->res->echores();
///Users/baidu/data/devtools/imagetmp
}
}
/**
* Acts in place of the standard avatar processing function.
*/
function gravatar_process($data, $error)
{
global $config, $db, $user, $phpbb_root_path, $phpEx;
// Make sure getimagesize works...
if (($image_data = @getimagesize($data['gravatar'])) === false && (empty($data['width']) || empty($data['height']))) {
$error[] = $user->lang['UNABLE_GET_IMAGE_SIZE'];
return false;
}
if (!empty($image_data) && ($image_data[0] < 2 || $image_data[1] < 2)) {
$error[] = $user->lang['AVATAR_NO_SIZE'];
return false;
}
$width = $data['width'] && $data['height'] ? $data['width'] : $image_data[0];
$height = $data['width'] && $data['height'] ? $data['height'] : $image_data[1];
if ($width < 2 || $height < 2) {
$error[] = $user->lang['AVATAR_NO_SIZE'];
return false;
}
// Check image type
include_once $phpbb_root_path . 'includes/functions_upload.' . $phpEx;
$types = fileupload::image_types();
if (!isset($types[$image_data[2]])) {
$error[] = $user->lang['UNABLE_GET_IMAGE_SIZE'];
}
if ($config['avatar_max_width'] || $config['avatar_max_height']) {
if ($width > $config['avatar_max_width'] || $height > $config['avatar_max_height']) {
$error[] = sprintf($user->lang['AVATAR_WRONG_SIZE'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height'], $width, $height);
return false;
}
}
if ($config['avatar_min_width'] || $config['avatar_min_height']) {
if ($width < $config['avatar_min_width'] || $height < $config['avatar_min_height']) {
$error[] = sprintf($user->lang['AVATAR_WRONG_SIZE'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height'], $width, $height);
return false;
}
}
return array(AVATAR_REMOTE, $data['gravatar'], $width, $height);
}
/**
* Upload Attachment - filedata is generated here
* Uses upload class
*
* @param string $form_name The form name of the file upload input
* @param int $forum_id The id of the forum
* @param bool $local Whether the file is local or not
* @param string $local_storage The path to the local file
* @param bool $is_message Whether it is a PM or not
* @param \filespec $local_filedata A filespec object created for the local file
* @param \phpbb\mimetype\guesser $mimetype_guesser The mimetype guesser object if used
* @param \phpbb\plupload\plupload $plupload The plupload object if one is being used
*
* @return object filespec
*/
function upload_attachment($form_name, $forum_id, $local = false, $local_storage = '', $is_message = false, $local_filedata = false, \phpbb\mimetype\guesser $mimetype_guesser = null, \phpbb\plupload\plupload $plupload = null)
{
global $auth, $user, $config, $db, $cache;
global $phpbb_root_path, $phpEx, $phpbb_dispatcher;
$filedata = array('error' => array());
include_once $phpbb_root_path . 'includes/functions_upload.' . $phpEx;
$upload = new fileupload();
if ($config['check_attachment_content'] && isset($config['mime_triggers'])) {
$upload->set_disallowed_content(explode('|', $config['mime_triggers']));
} else {
if (!$config['check_attachment_content']) {
$upload->set_disallowed_content(array());
}
}
$filedata['post_attach'] = $local || $upload->is_valid($form_name);
if (!$filedata['post_attach']) {
$filedata['error'][] = $user->lang['NO_UPLOAD_FORM_FOUND'];
return $filedata;
}
$extensions = $cache->obtain_attach_extensions($is_message ? false : (int) $forum_id);
$upload->set_allowed_extensions(array_keys($extensions['_allowed_']));
$file = $local ? $upload->local_upload($local_storage, $local_filedata, $mimetype_guesser) : $upload->form_upload($form_name, $mimetype_guesser, $plupload);
if ($file->init_error) {
$filedata['post_attach'] = false;
return $filedata;
}
// Whether the uploaded file is in the image category
$is_image = isset($extensions[$file->get('extension')]['display_cat']) ? $extensions[$file->get('extension')]['display_cat'] == ATTACHMENT_CATEGORY_IMAGE : false;
if (!$auth->acl_get('a_') && !$auth->acl_get('m_', $forum_id)) {
// Check Image Size, if it is an image
if ($is_image) {
$file->upload->set_allowed_dimensions(0, 0, $config['img_max_width'], $config['img_max_height']);
}
// Admins and mods are allowed to exceed the allowed filesize
if (!empty($extensions[$file->get('extension')]['max_filesize'])) {
$allowed_filesize = $extensions[$file->get('extension')]['max_filesize'];
} else {
$allowed_filesize = $is_message ? $config['max_filesize_pm'] : $config['max_filesize'];
}
$file->upload->set_max_filesize($allowed_filesize);
}
$file->clean_filename('unique', $user->data['user_id'] . '_');
// Are we uploading an image *and* this image being within the image category?
// Only then perform additional image checks.
$file->move_file($config['upload_path'], false, !$is_image);
// Do we have to create a thumbnail?
$filedata['thumbnail'] = $is_image && $config['img_create_thumbnail'] ? 1 : 0;
if (sizeof($file->error)) {
$file->remove();
$filedata['error'] = array_merge($filedata['error'], $file->error);
$filedata['post_attach'] = false;
return $filedata;
}
// Make sure the image category only holds valid images...
if ($is_image && !$file->is_image()) {
$file->remove();
if ($plupload && $plupload->is_active()) {
$plupload->emit_error(104, 'ATTACHED_IMAGE_NOT_IMAGE');
}
// If this error occurs a user tried to exploit an IE Bug by renaming extensions
// Since the image category is displaying content inline we need to catch this.
trigger_error($user->lang['ATTACHED_IMAGE_NOT_IMAGE']);
}
$filedata['filesize'] = $file->get('filesize');
$filedata['mimetype'] = $file->get('mimetype');
$filedata['extension'] = $file->get('extension');
$filedata['physical_filename'] = $file->get('realname');
$filedata['real_filename'] = $file->get('uploadname');
$filedata['filetime'] = time();
/**
* Event to modify uploaded file before submit to the post
*
* @event core.modify_uploaded_file
* @var array filedata Array containing uploaded file data
* @var bool is_image Flag indicating if the file is an image
* @since 3.1.0-RC3
*/
$vars = array('filedata', 'is_image');
extract($phpbb_dispatcher->trigger_event('core.modify_uploaded_file', compact($vars)));
// Check our complete quota
if ($config['attachment_quota']) {
if ($config['upload_dir_size'] + $file->get('filesize') > $config['attachment_quota']) {
$filedata['error'][] = $user->lang['ATTACH_QUOTA_REACHED'];
$filedata['post_attach'] = false;
$file->remove();
return $filedata;
}
}
// Check free disk space
if ($free_space = @disk_free_space($phpbb_root_path . $config['upload_path'])) {
if ($free_space <= $file->get('filesize')) {
if ($auth->acl_get('a_')) {
$filedata['error'][] = $user->lang['ATTACH_DISK_FULL'];
} else {
$filedata['error'][] = $user->lang['ATTACH_QUOTA_REACHED'];
}
$filedata['post_attach'] = false;
$file->remove();
return $filedata;
}
}
// Create Thumbnail
if ($filedata['thumbnail']) {
$source = $file->get('destination_file');
$destination = $file->get('destination_path') . '/thumb_' . $file->get('realname');
if (!create_thumbnail($source, $destination, $file->get('mimetype'))) {
$filedata['thumbnail'] = 0;
}
}
return $filedata;
}
/**
* Move file to destination folder
* The phpbb_root_path variable will be applied to the destination path
*
* @param string $destination Destination path, for example $config['avatar_path']
* @param bool $overwrite If set to true, an already existing file will be overwritten
* @param bool $skip_image_check If set to true, the check for the file to be a valid image is skipped
* @param string $chmod Permission mask for chmodding the file after a successful move. The mode entered here reflects the mode defined by {@link phpbb_chmod()}
*
* @access public
*/
function move_file($destination, $overwrite = false, $skip_image_check = false, $chmod = false)
{
global $user, $phpbb_root_path;
if (sizeof($this->error)) {
return false;
}
$chmod = $chmod === false ? CHMOD_READ | CHMOD_WRITE : $chmod;
// We need to trust the admin in specifying valid upload directories and an attacker not being able to overwrite it...
$this->destination_path = $phpbb_root_path . $destination;
// Check if the destination path exist...
if (!file_exists($this->destination_path)) {
@unlink($this->filename);
return false;
}
$upload_mode = @ini_get('open_basedir') || @ini_get('safe_mode') || strtolower(@ini_get('safe_mode')) == 'on' ? 'move' : 'copy';
$upload_mode = $this->local ? 'local' : $upload_mode;
$this->destination_file = $this->destination_path . '/' . utf8_basename($this->realname);
// Check if the file already exist, else there is something wrong...
if (file_exists($this->destination_file) && !$overwrite) {
@unlink($this->filename);
$this->error[] = $user->lang($this->upload->error_prefix . 'GENERAL_UPLOAD_ERROR', $this->destination_file);
$this->file_moved = false;
return false;
} else {
if (file_exists($this->destination_file)) {
@unlink($this->destination_file);
}
switch ($upload_mode) {
case 'copy':
if (!@copy($this->filename, $this->destination_file)) {
if (!@move_uploaded_file($this->filename, $this->destination_file)) {
$this->error[] = sprintf($user->lang[$this->upload->error_prefix . 'GENERAL_UPLOAD_ERROR'], $this->destination_file);
}
}
break;
case 'move':
if (!@move_uploaded_file($this->filename, $this->destination_file)) {
if (!@copy($this->filename, $this->destination_file)) {
$this->error[] = sprintf($user->lang[$this->upload->error_prefix . 'GENERAL_UPLOAD_ERROR'], $this->destination_file);
}
}
break;
case 'local':
if (!@copy($this->filename, $this->destination_file)) {
$this->error[] = sprintf($user->lang[$this->upload->error_prefix . 'GENERAL_UPLOAD_ERROR'], $this->destination_file);
}
break;
}
// Remove temporary filename
@unlink($this->filename);
if (sizeof($this->error)) {
return false;
}
phpbb_chmod($this->destination_file, $chmod);
}
// Try to get real filesize from destination folder
$this->filesize = @filesize($this->destination_file) ? @filesize($this->destination_file) : $this->filesize;
// Get mimetype of supplied file
$this->mimetype = $this->get_mimetype($this->destination_file);
if ($this->is_image() && !$skip_image_check) {
$this->width = $this->height = 0;
if (($this->image_info = @getimagesize($this->destination_file)) !== false) {
$this->width = $this->image_info[0];
$this->height = $this->image_info[1];
if (!empty($this->image_info['mime'])) {
$this->mimetype = $this->image_info['mime'];
}
// Check image type
$types = fileupload::image_types();
if (!isset($types[$this->image_info[2]]) || !in_array($this->extension, $types[$this->image_info[2]])) {
if (!isset($types[$this->image_info[2]])) {
$this->error[] = sprintf($user->lang['IMAGE_FILETYPE_INVALID'], $this->image_info[2], $this->mimetype);
} else {
$this->error[] = sprintf($user->lang['IMAGE_FILETYPE_MISMATCH'], $types[$this->image_info[2]][0], $this->extension);
}
}
// Make sure the dimensions match a valid image
if (empty($this->width) || empty($this->height)) {
$this->error[] = $user->lang['ATTACHED_IMAGE_NOT_IMAGE'];
}
} else {
$this->error[] = $user->lang['UNABLE_GET_IMAGE_SIZE'];
}
}
$this->file_moved = true;
$this->additional_checks();
unset($this->upload);
return true;
}
public function test_valid_dimensions()
{
$upload = new fileupload($this->filesystem, '', false, false, 1, 1, 100, 100);
$file1 = $this->gen_valid_filespec();
$file2 = $this->gen_valid_filespec();
$file2->height = 101;
$file3 = $this->gen_valid_filespec();
$file3->width = 0;
$this->assertTrue($upload->valid_dimensions($file1));
$this->assertFalse($upload->valid_dimensions($file2));
$this->assertFalse($upload->valid_dimensions($file3));
}
* $Revision: 2331 $
* $Id: send_file.php 2331 2009-01-13 00:16:13Z ipso $
* $Date: 2009-01-12 16:16:13 -0800 (Mon, 12 Jan 2009) $
*/
require_once '../includes/global.inc.php';
$skip_message_check = TRUE;
require_once Environment::getBasePath() . 'includes/Interface.inc.php';
require_once Environment::getBasePath() . 'classes/upload/fileupload.class.php';
//PHP must have the upload and POST max sizes set to handle the largest file upload. If these are too low
//it errors out with a non-helpful error, so set these large and restrict the size in the Upload class.
ini_set('upload_max_filesize', '128M');
ini_set('post_max_size', '128M');
extract(FormVariables::GetVariables(array('action', 'object_type', 'object_id', 'parent_id', 'SessionID')));
$object_type = trim(strtolower($object_type));
Debug::Text('Object Type: ' . $object_type . ' ID: ' . $object_id . ' Parent ID: ' . $parent_id . ' POST SessionID: ' . $SessionID, __FILE__, __LINE__, __METHOD__, 10);
$upload = new fileupload();
switch ($object_type) {
case 'invoice_config':
if ($permission->Check('invoice_config', 'add') or $permission->Check('invoice_config', 'edit') or $permission->Check('invoice_config', 'edit_child') or $permission->Check('invoice_config', 'edit_own')) {
$upload->set_max_filesize(1000000);
//1mb or less
//$upload->set_acceptable_types( array('image/jpg', 'image/jpeg', 'image/pjpeg', 'image/png') ); // comma separated string, or array
//$upload->set_max_image_size(600, 600);
$upload->set_overwrite_mode(1);
$icf = TTnew('InvoiceConfigFactory');
$icf->cleanStoragePath($current_company->getId());
$dir = $icf->getStoragePath($current_company->getId());
if (isset($dir)) {
@mkdir($dir, 0700, TRUE);
$upload_result = $upload->upload("filedata", $dir);
//var_dump($upload ); //file data
/**
* run - display template and edit data
*
* @access public
*
*/
public function run()
{
$tpl = new template();
$helper = new helper();
$projectObj = new projects();
$user = new users();
$language = new language();
$language->setModule('tickets');
$lang = $language->readIni();
$projects = $projectObj->getUserProjects("open");
$msgKey = '';
if (isset($_POST['save'])) {
$values = array('headline' => $_POST['headline'], 'type' => $_POST['type'], 'description' => $_POST['description'], 'priority' => $_POST['priority'], 'projectId' => $_POST['project'], 'editorId' => implode(',', $_POST['editorId']), 'userId' => $_SESSION['userdata']['id'], 'date' => $helper->timestamp2date(date("Y-m-d H:i:s"), 2), 'dateToFinish' => $_POST['dateToFinish'], 'status' => 3, 'browser' => $_POST['browser'], 'os' => $_POST['os'], 'resolution' => $_POST['resolution'], 'version' => $_POST['version'], 'url' => $_POST['url'], 'editFrom' => $_POST['editFrom'], 'editTo' => $_POST['editTo']);
if ($values['headline'] === '') {
$tpl->setNotification('ERROR_NO_HEADLINE', 'error');
} elseif ($values['description'] === '') {
$tpl->setNotification('ERROR_NO_DESCRIPTION', 'error');
} elseif ($values['projectId'] === '') {
$tpl->setNotification('ERROR_NO_PROJECT', 'error');
} else {
$values['date'] = $helper->timestamp2date($values['date'], 4);
$values['dateToFinish'] = $helper->timestamp2date($values['dateToFinish'], 4);
$values['editFrom'] = $helper->timestamp2date($values['editFrom'], 4);
$values['editTo'] = $helper->timestamp2date($values['editTo'], 4);
// returns last inserted id
$id = $this->addTicket($values);
//Take the old value to avoid nl character
$values['description'] = $_POST['description'];
$values['date'] = $helper->timestamp2date($values['date'], 2);
$values['dateToFinish'] = $helper->timestamp2date($values['dateToFinish'], 2);
$values['editFrom'] = $helper->timestamp2date($values['editFrom'], 2);
$values['editTo'] = $helper->timestamp2date($values['editTo'], 2);
$msgKey = 'TICKET_ADDED';
$tpl->setNotification('TICKET_ADDED', 'success');
//Fileupload
if (htmlspecialchars($_FILES['file']['name']) != '') {
$upload = new fileupload();
$upload->initFile($_FILES['file']);
if ($upload->error == '') {
// hash name on server for security reasons
$newname = md5($id . time());
//Encrypt filename on server
$upload->renameFile($newname);
if ($upload->upload() === true) {
$fileValues = array('encName' => $upload->file_name, 'realName' => $upload->real_name, 'date' => date("Y-m-d H:i:s"), 'ticketId' => $id, 'userId' => $_SESSION['userdata']['id']);
$this->addFile($fileValues);
} else {
$msgKey = 'ERROR_FILEUPLOAD_' . $upload->error . '';
}
} else {
$msgKey = 'ERROR_FILEUPLOAD_' . $upload->error . '';
}
}
/*
//Send mail
$mail = new mailer();
$row = $projectObj->getProject($values['projectId']);
$mail->setSubject(''.$lang['ZYPRO_NEW_TICKET'].' "'.$row['name'].'" ');
$username = $user->getUser($_SESSION['userdata']['id']);
$url = 'http://'.$_SERVER['HTTP_HOST'].'/index.php?act=tickets.showTicket&id='.$id.'';
$mailMsg = "".$lang['NEW_TICKET_MAIL_1']." ".$id." ".$lang['NEW_TICKET_MAIL_2']." ".$username['lastname']." ".$username['firstname']." ".$lang['NEW_TICKET_MAIL_3']." ".$row['name']." ".$lang['NEW_TICKET_MAIL_4']." ".$url." ".$lang['NEW_TICKET_MAIL_5']."";
$mail->setText($mailMsg);
if(is_numeric($values['editorId']) === false ){
$mails = $user->getMailRecipients($values['projectId']);
}else{
$mails = $user->getSpecificMailRecipients($id);
}
$to = array();
foreach($mails as $row){
array_push($to, $row['user']);
}
$mail->sendMail($to);
*/
}
$tpl->assign('values', $values);
}
$tpl->assign('role', $_SESSION['userdata']['role']);
$tpl->assign('availableUsers', $this->getAvailableUsersForTicket());
$tpl->assign('type', $this->getType());
// var_dump($tpl->get)'getAll')
$tpl->assign('info', $msgKey);
$tpl->assign('projects', $projects);
$tpl->assign('objTickets', $this);
$tpl->assign('employees', $user->getEmployees());
$tpl->display('tickets.newTicket');
}
function upload_mod()
{
global $phpbb_root_path, $phpEx, $template, $user;
if (!isset($_POST['submit'])) {
return false;
}
if (check_form_key('acp_mods_upload') && isset($_FILES['modupload'])) {
$user->add_lang('posting');
// For error messages
include $phpbb_root_path . 'includes/functions_upload.' . $phpEx;
$upload = new fileupload();
// Only allow ZIP files
$upload->set_allowed_extensions(array('zip'));
// Let's make sure the mods directory exists and if it doesn't then create it
if (!is_dir($this->mods_dir)) {
mkdir($this->mods_dir, octdec($config['am_dir_perms']));
}
$file = $upload->form_upload('modupload');
if (empty($file->filename)) {
trigger_error($user->lang['NO_UPLOAD_FILE'] . adm_back_link($this->u_action), E_USER_WARNING);
} else {
if (!$file->init_error && !sizeof($file->error)) {
$file->clean_filename('real');
$file->move_file(str_replace($phpbb_root_path, '', $this->mods_dir), true, true);
if (!sizeof($file->error)) {
include $phpbb_root_path . 'includes/functions_compress.' . $phpEx;
$mod_dir = $this->mods_dir . '/' . str_replace('.zip', '', $file->get('realname'));
$compress = new compress_zip('r', $file->destination_file);
$compress->extract($mod_dir . '_tmp/');
$compress->close();
$folder_contents = scandir($mod_dir . '_tmp/', 1);
// This ensures dir is at index 0
// We need to check if there's a main directory inside the temp MOD directory
if (sizeof($folder_contents) == 3) {
// We need to move that directory then
$this->directory_move($mod_dir . '_tmp/' . $folder_contents[0], $this->mods_dir . '/' . $folder_contents[0]);
} else {
if (!is_dir($mod_dir)) {
// Change the name of the directory by moving to directory without _tmp in it
$this->directory_move($mod_dir . '_tmp/', $mod_dir);
}
}
$this->directory_delete($mod_dir . '_tmp/');
if (!sizeof($file->error)) {
$template->assign_vars(array('S_MOD_SUCCESSBOX' => true, 'MESSAGE' => $user->lang['MOD_UPLOAD_SUCCESS'], 'U_RETURN' => $this->u_action));
}
}
}
$file->remove();
if ($file->init_error || sizeof($file->error)) {
trigger_error((sizeof($file->error) ? implode('<br />', $file->error) : $user->lang['MOD_UPLOAD_INIT_FAIL']) . adm_back_link($this->u_action), E_USER_WARNING);
}
}
} else {
trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
}
return true;
}
/**
* Avatar upload using the upload class
*/
function avatar_upload($data, &$error)
{
global $phpbb_root_path, $config, $db, $user, $phpEx;
// Init upload class
include_once $phpbb_root_path . 'includes/functions_upload.' . $phpEx;
$upload = new fileupload('AVATAR_', array('jpg', 'jpeg', 'gif', 'png'), $config['avatar_filesize'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height'], explode('|', $config['mime_triggers']));
if (!empty($_FILES['uploadfile']['name'])) {
$file = $upload->form_upload('uploadfile');
} else {
$file = $upload->remote_upload($data['uploadurl']);
}
$prefix = $config['avatar_salt'] . '_';
$file->clean_filename('avatar', $prefix, $data['user_id']);
$destination = $config['avatar_path'];
// Adjust destination path (no trailing slash)
if (substr($destination, -1, 1) == '/' || substr($destination, -1, 1) == '\\') {
$destination = substr($destination, 0, -1);
}
$destination = str_replace(array('../', '..\\', './', '.\\'), '', $destination);
if ($destination && ($destination[0] == '/' || $destination[0] == "\\")) {
$destination = '';
}
// Move file and overwrite any existing image
$file->move_file($destination, true);
if (sizeof($file->error)) {
$file->remove();
$error = array_merge($error, $file->error);
}
return array(AVATAR_UPLOAD, $data['user_id'] . '_' . time() . '.' . $file->get('extension'), $file->get('width'), $file->get('height'));
}
} elseif ($_POST["mulu"] == 'busios') {
$topass = BUSIOS;
} elseif ($_POST["mulu"] == 'trainandroid') {
$topass = TRAINANDROID;
} elseif ($_POST["mulu"] == 'trainios') {
$topass = TRAINIOS;
} elseif ($_POST["mulu"] == 'documentsbus') {
$topass = DOCUMENTSBUS;
} elseif ($_POST["mulu"] == 'documentstrain') {
$topass = DOCUMENTSTRAIN;
} elseif ($_POST["mulu"] == 'documentsother') {
$topass = DOCUMENTSOTHER;
} else {
$topass = LAJI;
}
$up = new fileupload();
//设置属性(上传的位置, 大小, 类型, 名是是否要随机生成)
$up->set("path", $topass);
$up->set("maxsize", 100000000);
$up->set("allowtype", array("apk", "APK", "ipa", "IPA", "doc", "docx", "xls", "xlsx", "ppt", "pptx", "txt", "pdf", "jpg", "bmp", "png", "gif", "rb", "zip"));
$up->set("israndname", false);
//使用对象中的upload方法, 就可以上传文件, 方法需要传一个上传表单的名子 pic, 如果成功返回true, 失败返回false
if ($up->upload("file")) {
//获取上传后文件名子
echo "恭喜!" . $up->getFileName() . "上传成功<br/>";
echo '<br/><input type="button" value="继续上传" name="name" onclick="javascript: window.history.back(-1);"/>';
} else {
//获取上传失败以后的错误提示
echo $up->getErrorMsg();
echo '<br/><input type="button" value="继续上传" name="name" onclick="javascript: window.history.back(-1);"/>';
}
/**
*
* @package automod
* @copyright (c) 2008 phpBB Group
* @license http://opensource.org/licenses/gpl-2.0.php GNU Public License
*
*/
function upload_ext($action)
{
$this->listzip();
$this->user->add_lang('posting');
// For error messages
include $this->phpbb_root_path . 'includes/functions_upload.' . $this->php_ext;
$upload = new \fileupload();
$upload->set_allowed_extensions(array('zip'));
// Only allow ZIP files
if (!is_writable($this->ext_dir)) {
$this->trigger_error($this->user->lang['EXT_NOT_WRITABLE'] . $this->back_link, E_USER_WARNING);
return false;
}
$upload_dir = $this->ext_dir;
// Make sure the ext/ directory exists and if it doesn't, create it
if (!is_dir($this->ext_dir)) {
$this->recursive_mkdir($this->ext_dir);
}
// Proceed with the upload
if ($action == 'upload') {
$file = $upload->form_upload('extupload');
} else {
if ($action == 'upload_remote') {
$file = $this->remote_upload($upload, $this->request->variable('remote_upload', ''));
}
}
if ($action != 'upload_local') {
if (empty($file->filename)) {
$this->trigger_error((sizeof($file->error) ? implode('<br />', $file->error) : $this->user->lang['NO_UPLOAD_FILE']) . $this->back_link, E_USER_WARNING);
return false;
} else {
if ($file->init_error || sizeof($file->error)) {
$file->remove();
$this->trigger_error((sizeof($file->error) ? implode('<br />', $file->error) : $this->user->lang['EXT_UPLOAD_INIT_FAIL']) . $this->back_link, E_USER_WARNING);
return false;
}
}
$file->clean_filename('real');
$file->move_file(str_replace($this->phpbb_root_path, '', $upload_dir), true, true);
if (sizeof($file->error)) {
$file->remove();
$this->trigger_error(implode('<br />', $file->error) . $this->back_link, E_USER_WARNING);
return false;
}
$dest_file = $file->destination_file;
} else {
$dest_file = $this->phpbb_root_path . 'ext/' . $this->request->variable('local_upload', '');
}
include $this->phpbb_root_path . 'includes/functions_compress.' . $this->php_ext;
$zip = new \ZipArchive();
$res = $zip->open($dest_file);
if ($res !== true) {
$this->trigger_error($this->user->lang['ziperror'][$res] . $this->back_link, E_USER_WARNING);
return false;
}
$zip->extractTo($this->phpbb_root_path . 'ext/tmp');
$zip->close();
$style_path = $this->get_style_path($this->phpbb_root_path . 'ext/tmp');
if (!$style_path) {
$this->trigger_error($this->user->lang['ACP_UPLOAD_STYLE_ERROR_COMP'] . $this->back_link, E_USER_WARNING);
return false;
}
$style_cfg = $this->read_style_cfg($style_path);
$destination = str_replace(' ', '_', $style_cfg['name']);
if ($style_cfg['phpbb_version'] != $this->config['version']) {
$this->trigger_error($this->user->lang['ACP_UPLOAD_STYLE_ERROR_DEST'] . $this->back_link, E_USER_WARNING);
return false;
}
$display_name = $style_cfg['name'];
if (!isset($style_cfg['name'])) {
$this->rrmdir($this->phpbb_root_path . 'ext/tmp');
if ($action != 'upload_local') {
$file->remove();
}
$this->trigger_error($this->user->lang['NOT_AN_STYLE'] . $this->back_link, E_USER_WARNING);
return false;
}
$source = substr($style_path, 0, -10);
/* Delete the previous version of style files - we're able to update them. */
if (is_dir($this->phpbb_root_path . 'styles/' . $destination)) {
$this->rrmdir($this->phpbb_root_path . 'styles/' . $destination);
}
$this->rcopy($source, $this->phpbb_root_path . 'styles/' . $destination);
$this->rrmdir($this->phpbb_root_path . 'ext/tmp');
$this->template->assign_block_vars('authors', array('AUTHOR' => $style_cfg['copyright']));
$string = @file_get_contents($this->phpbb_root_path . 'styles/' . $destination . '/style.cfg');
if ($string !== false) {
$readme = highlight_string($string, true);
} else {
$readme = false;
}
$this->template->assign_vars(array('S_UPLOADED' => $display_name, 'FILETREE' => \filetree::php_file_tree($this->phpbb_root_path . 'styles/' . $destination, $display_name, $this->main_link), 'S_ACTION' => $this->phpbb_root_path . '/adm/index.php?i=acp_styles&sid=' . $this->user->session_id . '&mode=install&action=install&hash=' . generate_link_hash('install') . '&dir=' . urlencode($destination), 'S_ACTION_BACK' => $this->main_link, 'U_ACTION' => $this->u_action, 'README_MARKDOWN' => $readme, 'FILENAME' => $string !== false ? 'style.cfg' : '', 'CONTENT' => $string !== false ? highlight_string($string, true) : ''));
// Remove the uploaded archive file
if ($this->request->variable('keepext', false) == false) {
$file->remove();
}
return true;
}
function avatar_upload($data, &$error)
{
global $config, $_CLASS;
// Init upload class
require_once SITE_FILE_ROOT . 'includes/forums/functions_upload.php';
$upload = new fileupload('AVATAR_', array('jpg', 'jpeg', 'gif', 'png'), $config['avatar_filesize'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height']);
if (!empty($_FILES['uploadfile']['name'])) {
$file = $upload->form_upload('uploadfile');
} else {
$file = $upload->remote_upload($data['uploadurl']);
}
$file->clean_filename('real', $_CLASS['core_user']->data['user_id'] . '_');
$file->move_file($config['avatar_path']);
if (sizeof($file->error)) {
$file->remove();
$error = array_merge($error, $file->error);
}
return array(AVATAR_UPLOAD, $file->get('realname'), $file->get('width'), $file->get('height'));
}
$permission->Redirect( FALSE ); //Redirect
}
*/
$smarty->assign('title', TTi18n::gettext($title = 'File Upload'));
// See index.php
/*
* Get FORM variables
*/
extract(FormVariables::GetVariables(array('action', 'object_type', 'object_id', 'data', 'userfile')));
$ulf = new UserListFactory();
$action = Misc::findSubmitButton();
switch ($action) {
case 'upload':
Debug::Text('Upload... Object Type: ' . $object_type, __FILE__, __LINE__, __METHOD__, 10);
$upload = new fileupload();
$object_type = strtolower($object_type);
switch ($object_type) {
case 'invoice_config':
$upload->set_max_filesize(1000000);
//1mb or less
$upload->set_acceptable_types(array('image/jpg', 'image/jpeg', 'image/pjpeg', 'image/png'));
// comma separated string, or array
//$upload->set_max_image_size(600, 600);
$upload->set_overwrite_mode(1);
$icf = new InvoiceConfigFactory();
$icf->cleanStoragePath($current_company->getId());
$dir = $icf->getStoragePath($current_company->getId());
break;
case 'company_logo':
$upload->set_max_filesize(1000000);
{
trigger_error('FORM_INVALID');
}
if (!utf8_clean_string($mod_data['mod_hu_title']))
{
$error[] = 'NO_MOD_TITLE';
}
if (!utf8_clean_string($mod_data['mod_desc']))
{
$error[] = 'NO_MOD_DESC';
}
// File upload
$upload = new fileupload('', array('zip'));
if ($upload->is_valid('mod_loc_pack'))
{
$file = $upload->form_upload('mod_loc_pack');
if (!empty($file->error))
{
$error += $file->error;
}
}
//
if ($mode == 'add' && !preg_match('#^(?:http\://www\.phpbb\.com/mods/db/index\.php\?i\=misc&mode\=display&contrib_id\=)?([0-9]+)$#', $mod_data['mod_com_url'], $match))
{
$error[] = 'NO_COM_URL_FORMAT';
}
/**
* Remote upload method
* Uploads file from given url
*
* @param \fileupload $files Files object
* @param \phpbb\user $user User object
* @param string $upload_url URL pointing to file to upload, for example http://www.foobar.com/example.gif
* @param \phpbb\mimetype\guesser $mimetype_guesser Mimetype guesser
* @return object $file Object "filespec" is returned, all further operations can be done with this object
* @access public
*/
public static function remote_upload($files, $user, $upload_url, \phpbb\mimetype\guesser $mimetype_guesser = null)
{
$phpbb_root_path = objects::$phpbb_root_path;
$upload_ary = array();
$upload_ary['local_mode'] = true;
$upload_from_phpbb = preg_match(objects::$phpbb_link_template, $upload_url, $match_phpbb);
if (!preg_match('#^(https?://).*?\\.(' . implode('|', $files->allowed_extensions) . ')$#i', $upload_url, $match) && !$upload_from_phpbb) {
$file = new \fileerror($user->lang[$files->error_prefix . 'URL_INVALID']);
return $file;
}
if (empty($match[2]) && empty($match_phpbb[2])) {
$file = new \fileerror($user->lang[$files->error_prefix . 'URL_INVALID']);
return $file;
}
$url = parse_url($upload_url);
$host = $url['host'];
$path = $url['path'];
$port = !empty($url['port']) ? (int) $url['port'] : 80;
$upload_ary['type'] = 'application/octet-stream';
$url['path'] = explode('.', $url['path']);
$ext = array_pop($url['path']);
$url['path'] = implode('', $url['path']);
$upload_ary['name'] = utf8_basename($url['path']) . ($ext ? '.' . $ext : '');
$filename = $url['path'];
$filesize = 0;
$remote_max_filesize = $files->max_filesize;
if (!$remote_max_filesize) {
$max_filesize = @ini_get('upload_max_filesize');
if (!empty($max_filesize)) {
$unit = strtolower(substr($max_filesize, -1, 1));
$remote_max_filesize = (int) $max_filesize;
switch ($unit) {
case 'g':
$remote_max_filesize *= 1024;
// no break
// no break
case 'm':
$remote_max_filesize *= 1024;
// no break
// no break
case 'k':
$remote_max_filesize *= 1024;
// no break
}
}
}
$errno = 0;
$errstr = '';
if (!($fsock = @fopen($upload_url, "r"))) {
$file = new \fileerror($user->lang[$files->error_prefix . 'NOT_UPLOADED']);
return $file;
}
// Make sure $path not beginning with /
if (strpos($path, '/') === 0) {
$path = substr($path, 1);
}
$get_info = false;
$data = '';
$length = false;
$timer_stop = time() + $files->upload_timeout;
while (!@feof($fsock)) {
if ($length) {
// Don't attempt to read past end of file if server indicated length
$block = @fread($fsock, min($length - $filesize, 1024));
} else {
$block = @fread($fsock, 1024);
}
$filesize += strlen($block);
if ($remote_max_filesize && $filesize > $remote_max_filesize) {
$max_filesize = get_formatted_filesize($remote_max_filesize, false);
$file = new \fileerror(sprintf($user->lang[$files->error_prefix . 'WRONG_FILESIZE'], $max_filesize['value'], $max_filesize['unit']));
return $file;
}
$data .= $block;
// Cancel upload if we exceed timeout
if (time() >= $timer_stop) {
$file = new \fileerror($user->lang[$files->error_prefix . 'REMOTE_UPLOAD_TIMEOUT']);
return $file;
}
}
@fclose($fsock);
if (empty($data)) {
$file = new \fileerror($user->lang[$files->error_prefix . 'EMPTY_REMOTE_DATA']);
return $file;
}
$tmp_path = @is_writable('/tmp/') ? '/tmp/' : $phpbb_root_path . 'cache/';
$filename = tempnam($tmp_path, unique_id() . '-');
if (!($fp = @fopen($filename, 'wb'))) {
$file = new \fileerror($user->lang[$files->error_prefix . 'NOT_UPLOADED']);
return $file;
}
$upload_ary['size'] = fwrite($fp, $data);
fclose($fp);
unset($data);
$upload_ary['tmp_name'] = $filename;
$file = new \filespec($upload_ary, $files, $mimetype_guesser);
if ($upload_from_phpbb) {
$file->extension = 'zip';
}
$files->common_checks($file);
return $file;
}
/**
* {@inheritdoc}
*/
public function process_form($request, $template, $user, $row, &$error)
{
if (!$this->can_upload()) {
return false;
}
if (!class_exists('fileupload')) {
include $this->phpbb_root_path . 'includes/functions_upload.' . $this->php_ext;
}
$upload = new \fileupload('AVATAR_', $this->allowed_extensions, $this->config['avatar_filesize'], $this->config['avatar_min_width'], $this->config['avatar_min_height'], $this->config['avatar_max_width'], $this->config['avatar_max_height'], isset($this->config['mime_triggers']) ? explode('|', $this->config['mime_triggers']) : false);
$url = $request->variable('avatar_upload_url', '');
$upload_file = $request->file('avatar_upload_file');
if (!empty($upload_file['name'])) {
$file = $upload->form_upload('avatar_upload_file', $this->mimetype_guesser);
} else {
if (!empty($this->config['allow_avatar_remote_upload']) && !empty($url)) {
if (!preg_match('#^(http|https|ftp)://#i', $url)) {
$url = 'http://' . $url;
}
if (!function_exists('validate_data')) {
require $this->phpbb_root_path . 'includes/functions_user.' . $this->php_ext;
}
$validate_array = validate_data(array('url' => $url), array('url' => array('string', true, 5, 255)));
$error = array_merge($error, $validate_array);
if (!empty($error)) {
return false;
}
$file = $upload->remote_upload($url, $this->mimetype_guesser);
} else {
return false;
}
}
$prefix = $this->config['avatar_salt'] . '_';
$file->clean_filename('avatar', $prefix, $row['id']);
// If there was an error during upload, then abort operation
if (sizeof($file->error)) {
$file->remove();
$error = $file->error;
return false;
}
// Calculate new destination
$destination = $this->config['avatar_path'];
// Adjust destination path (no trailing slash)
if (substr($destination, -1, 1) == '/' || substr($destination, -1, 1) == '\\') {
$destination = substr($destination, 0, -1);
}
$destination = str_replace(array('../', '..\\', './', '.\\'), '', $destination);
if ($destination && ($destination[0] == '/' || $destination[0] == "\\")) {
$destination = '';
}
/**
* Before moving new file in place (and eventually overwriting the existing avatar with the newly uploaded avatar)
*
* @event core.avatar_driver_upload_move_file_before
* @var string destination Destination directory where the file is going to be moved
* @var string prefix Prefix for the avatar filename
* @var array row Array with avatar row data
* @var array error Array of errors, if filled in by this event file will not be moved
* @since 3.1.6-RC1
*/
$vars = array('destination', 'prefix', 'row', 'error');
extract($this->dispatcher->trigger_event('core.avatar_driver_upload_move_file_before', compact($vars)));
if (!sizeof($error)) {
// Move file and overwrite any existing image
$file->move_file($destination, true);
}
// If there was an error during move, then clean up leftovers
$error = array_merge($error, $file->error);
if (sizeof($error)) {
$file->remove();
return false;
}
// Delete current avatar if not overwritten
$ext = substr(strrchr($row['avatar'], '.'), 1);
if ($ext && $ext !== $file->get('extension')) {
$this->delete($row);
}
return array('avatar' => $row['id'] . '_' . time() . '.' . $file->get('extension'), 'avatar_width' => $file->get('width'), 'avatar_height' => $file->get('height'));
}
public function main($id, $mode)
{
global $config, $user, $template, $request, $phpbb_container, $phpbb_root_path, $phpEx;
$user->add_lang_ext('tas2580/mobilenotifier', 'common');
$wa = $phpbb_container->get('tas2580.mobilenotifier.src.helper');
switch ($mode) {
case 'settings':
$this->tpl_name = 'acp_mobilenotifier_settings';
$this->page_title = $user->lang('ACP_MOBILENOTIFIER_SETTINGS');
$data_foler = $phpbb_root_path . 'ext/tas2580/mobilenotifier/vendor/Chat-API/wadata';
add_form_key('acp_mobilenotifier');
// Form is submitted
if ($request->is_set_post('submit')) {
if (!check_form_key('acp_mobilenotifier')) {
trigger_error($user->lang('FORM_INVALID') . adm_back_link($this->u_action), E_USER_WARNING);
}
$sender = $request->variable('sender', '');
$password = $request->variable('password', '');
$status = $request->variable('status', '');
if (!empty($sender) && !empty($password)) {
if ($status != $config['whatsapp_status']) {
$wa->update_status($status);
}
if ($request->file('image')) {
include_once $phpbb_root_path . 'includes/functions_upload.' . $phpEx;
$upload = new \fileupload();
$upload->set_allowed_extensions(array('jpg', 'png', 'gif'));
$file = $upload->form_upload('image');
if ($file->filename) {
$wa->update_picture($file->filename);
}
}
}
$config->set('whatsapp_sender', $sender);
$config->set('whatsapp_password', $password);
$config->set('whatsapp_status', $status);
$config->set('whatsapp_default_cc', $request->variable('default_cc', ''));
trigger_error($user->lang('ACP_SAVED') . adm_back_link($this->u_action));
}
$template->assign_vars(array('DATA_WRITABLE' => is_writable($data_foler), 'DATA_FOLDER_NOT_WRITABLE' => $user->lang('DATA_FOLDER_NOT_WRITABLE', $data_foler), 'WA_VERSION' => \Constants::WHATSAPP_VER, 'U_ACTION' => $this->u_action, 'SENDER' => isset($config['whatsapp_sender']) ? $config['whatsapp_sender'] : '', 'PASSWORD' => isset($config['whatsapp_password']) ? $config['whatsapp_password'] : '', 'STATUS' => isset($config['whatsapp_status']) ? $config['whatsapp_status'] : '', 'CC_SELECT' => $wa->cc_select(isset($config['whatsapp_default_cc']) ? $config['whatsapp_default_cc'] : '')));
break;
case 'debug':
$this->tpl_name = 'acp_mobilenotifier_debug';
$this->page_title = $user->lang('ACP_MOBILENOTIFIER_DEBUG');
if ($request->is_set_post('get_code')) {
$method = $request->variable('method', 'sms');
$response = $wa->register('', $method);
trigger_error($user->lang('CODE_REQUEST_SEND', $method) . adm_back_link($this->u_action));
}
if ($request->is_set_post('get_pw')) {
$code = $request->variable('code', '');
$response = $wa->register($code);
$config->set('whatsapp_password', $response);
trigger_error($user->lang('PASSWORD_REQUEST_SEND') . adm_back_link($this->u_action));
}
if ($request->is_set_post('test')) {
$nr = $request->variable('nr', '');
$response = $wa->send_test($nr, $user->lang('TEST_MESSAGE', generate_board_url()));
trigger_error($user->lang('TEST_MESSAGE_SEND', $nr) . adm_back_link($this->u_action));
}
$template->assign_vars(array('REQUEST_CODE_FOR' => $user->lang('REQUEST_CODE_FOR', $config['whatsapp_sender']), 'S_EMPTY_SENDER' => empty($config['whatsapp_sender'])));
break;
}
}
/**
*
* @package automod
* @copyright (c) 2008 phpBB Group
* @license http://opensource.org/licenses/gpl-2.0.php GNU Public License
*
*/
function upload_ext($action)
{
global $phpbb_root_path, $phpEx, $phpbb_log, $phpbb_extension_manager, $template, $user, $request;
//$can_upload = (@ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off' || !@extension_loaded('zlib')) ? false : true;
$user->add_lang('posting');
// For error messages
if (!class_exists('\\fileupload')) {
include $phpbb_root_path . 'includes/functions_upload.' . $phpEx;
}
$upload = new \fileupload();
$upload->set_allowed_extensions(array('zip'));
// Only allow ZIP files
$upload_dir = $this->zip_dir;
// Make sure the ext/ directory exists and if it doesn't, create it
if (!is_dir($phpbb_root_path . 'ext')) {
$this->recursive_mkdir($phpbb_root_path . 'ext');
}
if (!is_writable($phpbb_root_path . 'ext')) {
$this->trigger_error($user->lang['EXT_NOT_WRITABLE'], E_USER_WARNING);
return false;
}
if (!is_dir($this->zip_dir)) {
$this->recursive_mkdir($this->zip_dir);
}
// Proceed with the upload
if ($action == 'upload') {
$file = $upload->form_upload('extupload');
} else {
if ($action == 'upload_remote') {
$file = $this->remote_upload($upload, $request->variable('remote_upload', ''));
} else {
if ($action == 'upload_from_phpbb') {
$file = $this->remote_upload($upload, $request->variable('valid_phpbb_ext', ''));
} else {
if ($action == 'upload_self') {
$this->self_update = $request->variable('self_update', '');
if ($this->self_update !== false && preg_match($this->phpbb_link_template, $this->self_update)) {
$file = $this->remote_upload($upload, $this->self_update);
} else {
$this->trigger_error($user->lang['EXT_UPLOAD_ERROR'], E_USER_WARNING);
return false;
}
}
}
}
}
// What is a safe limit of execution time? Half the max execution time should be safe.
$safe_time_limit = ini_get('max_execution_time') / 2;
$start_time = time();
// We skip working with a zip file if we are enabling/restarting the extension.
if ($action != 'force_update' && $action != 'upload_self_update') {
if ($action != 'upload_local') {
if (empty($file->filename)) {
$this->trigger_error(sizeof($file->error) ? implode('<br />', $file->error) : $user->lang['NO_UPLOAD_FILE'], E_USER_WARNING);
return false;
} else {
if ($file->init_error || sizeof($file->error)) {
$file->remove();
$this->trigger_error(sizeof($file->error) ? implode('<br />', $file->error) : $user->lang['EXT_UPLOAD_INIT_FAIL'], E_USER_WARNING);
return false;
}
}
$file->clean_filename('real');
$file->move_file(str_replace($phpbb_root_path, '', $upload_dir), true, true);
if (sizeof($file->error)) {
$file->remove();
$this->trigger_error(implode('<br />', $file->error), E_USER_WARNING);
return false;
}
$dest_file = $file->destination_file;
} else {
$dest_file = $upload_dir . '/' . $request->variable('local_upload', '');
}
if (!class_exists('\\compress_zip')) {
include $phpbb_root_path . 'includes/functions_compress.' . $phpEx;
}
// We need to use the user ID and the time to escape from problems with simultaneous uploads.
// We suppose that one user can upload only one extension per session.
$ext_tmp = 'tmp/' . (int) $user->data['user_id'];
// Ensure that we don't have any previous files in the working directory.
if (is_dir($phpbb_root_path . 'ext/' . $ext_tmp)) {
if (!$this->rrmdir($phpbb_root_path . 'ext/' . $ext_tmp)) {
if ($action != 'upload_local') {
$file->remove();
}
return false;
}
}
$zip = new \compress_zip('r', $dest_file);
$zip->extract($phpbb_root_path . 'ext/' . $ext_tmp . '/');
$zip->close();
$composery = $this->getComposer($phpbb_root_path . 'ext/' . $ext_tmp);
if (!$composery) {
$this->rrmdir($phpbb_root_path . 'ext/' . $ext_tmp);
$file->remove();
$this->trigger_error($user->lang['ACP_UPLOAD_EXT_ERROR_COMP'], E_USER_WARNING);
return false;
}
$string = @file_get_contents($composery);
if ($string === false) {
$this->rrmdir($phpbb_root_path . 'ext/' . $ext_tmp);
$file->remove();
$this->trigger_error($user->lang['EXT_UPLOAD_ERROR'], E_USER_WARNING);
return false;
}
$json_a = json_decode($string, true);
$destination = isset($json_a['name']) ? $json_a['name'] : '';
$ext_version = isset($json_a['version']) ? $json_a['version'] : '0.0.0';
if (strpos($destination, '/') === false) {
$this->rrmdir($phpbb_root_path . 'ext/' . $ext_tmp);
$file->remove();
$this->trigger_error($user->lang['ACP_UPLOAD_EXT_ERROR_DEST'], E_USER_WARNING);
return false;
} else {
if (strpos($destination, $this->upload_ext_name) !== false && $action != 'upload_self') {
$this->rrmdir($phpbb_root_path . 'ext/' . $ext_tmp);
$file->remove();
$this->trigger_error($user->lang['EXT_UPLOAD_ERROR'], E_USER_WARNING);
return false;
}
}
$display_name = isset($json_a['extra']['display-name']) ? $json_a['extra']['display-name'] : 'Unknown extension';
if (!isset($json_a['type']) || $json_a['type'] != "phpbb-extension") {
$this->rrmdir($phpbb_root_path . 'ext/' . $ext_tmp);
if ($action != 'upload_local') {
$file->remove();
}
$this->trigger_error($user->lang['NOT_AN_EXTENSION'], E_USER_WARNING);
return false;
}
$source = substr($composery, 0, -14);
if ($action != 'upload_self') {
$source_for_check = $ext_tmp . '/' . $destination;
} else {
$source_for_check = 'boardtools/new_upload/' . $destination;
}
// At first we need to change the directory structure to something like ext/tmp/vendor/extension.
// We need it to escape from problems with dots on validation.
if ($source != $phpbb_root_path . 'ext/' . $source_for_check) {
if (!$this->rcopy($source, $phpbb_root_path . 'ext/' . $source_for_check)) {
$this->rrmdir($phpbb_root_path . 'ext/' . $ext_tmp);
if ($action != 'upload_local') {
$file->remove();
}
return false;
}
$source = $phpbb_root_path . 'ext/' . $source_for_check;
}
// Validate the extension to check if it can be used on the board.
$md_manager = $phpbb_extension_manager->create_extension_metadata_manager($source_for_check, $template);
try {
if ($md_manager->get_metadata() === false || $md_manager->validate_require_phpbb() === false || $md_manager->validate_require_php() === false) {
$this->rrmdir($phpbb_root_path . 'ext/' . $ext_tmp);
if ($action != 'upload_local') {
$file->remove();
}
$this->trigger_error($user->lang['EXTENSION_NOT_AVAILABLE'], E_USER_WARNING);
return false;
}
} catch (\phpbb\extension\exception $e) {
$this->rrmdir($phpbb_root_path . 'ext/' . $ext_tmp);
if ($action != 'upload_local') {
$file->remove();
}
$this->trigger_error($e . ' ' . $user->lang['ACP_UPLOAD_EXT_ERROR_NOT_SAVED'], E_USER_WARNING);
return false;
}
// Save/remove the uploaded archive file.
if ($action != 'upload_local') {
if ($request->variable('keepext', false) == false) {
$file->remove();
} else {
$display_name = str_replace(array('/', '\\'), '_', $display_name);
$ext_version = str_replace(array('/', '\\'), '_', $ext_version);
// Save this file and any other files that were uploaded with the same name.
if (@file_exists(substr($dest_file, 0, strrpos($dest_file, '/') + 1) . $display_name . "_" . $ext_version . ".zip")) {
$finder = 1;
while (@file_exists(substr($dest_file, 0, strrpos($dest_file, '/') + 1) . $display_name . "_" . $ext_version . "(" . $finder . ").zip")) {
$finder++;
}
@rename($dest_file, substr($dest_file, 0, strrpos($dest_file, '/') + 1) . $display_name . "_" . $ext_version . "(" . $finder . ").zip");
} else {
@rename($dest_file, substr($dest_file, 0, strrpos($dest_file, '/') + 1) . $display_name . "_" . $ext_version . ".zip");
}
}
}
// Here we can assume that all checks are done.
// Now we are able to install the uploaded extension to the correct path.
} else {
if ($action != 'upload_self_update') {
// All checks were done previously. Now we only need to restore the variables.
// We try to restore the data of the current upload.
$ext_tmp = 'tmp/' . (int) $user->data['user_id'];
if (!is_dir($phpbb_root_path . 'ext/' . $ext_tmp) || !($composery = $this->getComposer($phpbb_root_path . 'ext/' . $ext_tmp)) || !($string = @file_get_contents($composery))) {
$this->trigger_error($user->lang['ACP_UPLOAD_EXT_WRONG_RESTORE'], E_USER_WARNING);
return false;
}
$json_a = json_decode($string, true);
$destination = isset($json_a['name']) ? $json_a['name'] : '';
if (strpos($destination, '/') === false) {
$this->trigger_error($user->lang['ACP_UPLOAD_EXT_WRONG_RESTORE'], E_USER_WARNING);
return false;
}
$source = substr($composery, 0, -14);
$display_name = isset($json_a['extra']['display-name']) ? $json_a['extra']['display-name'] : 'Unknown extension';
} else {
// All checks were done previously. Now we only need to restore the variables.
// We try to restore the data of the current upload.
$ext_tmp = 'boardtools/new_upload';
if (!is_dir($phpbb_root_path . 'ext/' . $ext_tmp) || !($composery = $this->getComposer($phpbb_root_path . 'ext/' . $ext_tmp)) || !($string = @file_get_contents($composery))) {
$this->trigger_error($user->lang['ACP_UPLOAD_EXT_WRONG_RESTORE'], E_USER_WARNING);
return false;
}
$json_a = json_decode($string, true);
$destination = isset($json_a['name']) ? $json_a['name'] : '';
if (strpos($destination, 'boardtools/') === false) {
$this->trigger_error($user->lang['ACP_UPLOAD_EXT_WRONG_RESTORE'], E_USER_WARNING);
return false;
}
$source = substr($composery, 0, -14);
$display_name = isset($json_a['extra']['display-name']) ? $json_a['extra']['display-name'] : 'Unknown extension';
}
}
$made_update = false;
if ($action != 'upload_self' && $action != 'upload_self_update') {
// Delete the previous version of extension files - we're able to update them.
if (is_dir($phpbb_root_path . 'ext/' . $destination)) {
// At first we need to disable the extension if it is enabled.
if ($phpbb_extension_manager->is_enabled($destination)) {
while ($phpbb_extension_manager->disable_step($destination)) {
// Are we approaching the time limit? If so, we want to pause the update and continue after refreshing.
if (time() - $start_time >= $safe_time_limit) {
$template->assign_var('S_NEXT_STEP', true);
// No need to specify the name of the extension. We suppose that it is the one in ext/tmp/USER_ID folder.
meta_refresh(0, $this->main_link . '&action=force_update');
return false;
}
}
$phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_EXT_DISABLE', time(), array($destination));
$made_update = true;
}
$old_ext_name = $destination;
if ($old_composery = $this->getComposer($phpbb_root_path . 'ext/' . $destination)) {
if (!($old_string = @file_get_contents($old_composery))) {
$old_ext_name = $old_ext_name . '_0.0.0';
} else {
$old_json_a = json_decode($old_string, true);
$old_display_name = isset($old_json_a['extra']['display-name']) ? $old_json_a['extra']['display-name'] : $old_ext_name;
$old_ext_version = isset($old_json_a['version']) ? $old_json_a['version'] : '0.0.0';
$old_ext_name = $old_display_name . '_' . $old_ext_version;
}
}
$this->save_zip_archive('ext/' . $destination . '/', str_replace(array('/', '\\'), '_', $old_ext_name) . '_old');
if (!$this->rrmdir($phpbb_root_path . 'ext/' . $destination)) {
return false;
}
}
if (!$this->rcopy($source, $phpbb_root_path . 'ext/' . $destination)) {
$this->rrmdir($phpbb_root_path . 'ext/' . $ext_tmp);
return false;
}
// No enabling at this stage. Admins should have a chance to revise the uploaded scripts.
if (!$this->rrmdir($phpbb_root_path . 'ext/' . $ext_tmp)) {
return false;
}
} else {
if ($action == 'upload_self') {
// No enabling at this stage. Admins should have a chance to revise the uploaded scripts.
if (!$this->rrmdir($phpbb_root_path . 'ext/' . $ext_tmp)) {
return false;
}
$destination = 'boardtools/new_upload/' . $destination;
} else {
// Now Upload Extensions will update itself. We suppose that it will be fast and without errors.
// Otherwise users will need to use FTP.
$phpbb_extension_manager->disable($destination);
$this->rcopy($source, $phpbb_root_path . 'ext/' . $destination);
$phpbb_extension_manager->enable($destination);
$this->rrmdir($phpbb_root_path . 'ext/' . $ext_tmp);
$template->assign_vars(array('S_UPDATED_SELF' => $display_name));
return true;
}
}
foreach ($json_a['authors'] as $author) {
$template->assign_block_vars('authors', array('AUTHOR' => $author['name']));
}
$string = @file_get_contents($phpbb_root_path . 'ext/' . $destination . '/README.md');
if ($string !== false) {
$readme = \Michelf\MarkdownExtra::defaultTransform($string);
} else {
$readme = false;
}
$template->assign_vars(array('S_UPLOADED' => $display_name, 'S_UPLOADED_SELF' => $action == 'upload_self', 'EXT_UPDATED' => $made_update, 'FILETREE' => \boardtools\upload\filetree\filetree::php_file_tree($phpbb_root_path . 'ext/' . $destination, $display_name, $this->main_link), 'S_ACTION' => $action != 'upload_self' ? $phpbb_root_path . 'adm/index.' . $phpEx . '?i=acp_extensions&sid=' . $user->session_id . '&mode=main&action=enable_pre&ext_name=' . urlencode($destination) : $this->main_link . '&action=upload_self_update', 'S_ACTION_BACK' => $this->main_link, 'U_ACTION' => $this->u_action, 'README_MARKDOWN' => $readme, 'FILENAME' => $string !== false ? 'README.md' : 'composer.json', 'CONTENT' => $string !== false ? highlight_string($string, true) : highlight_string(@file_get_contents($phpbb_root_path . 'ext/' . $destination . '/composer.json'), true)));
return true;
}
function upload_attachment($form_name, $forum_id, $local = false, $local_storage = '', $is_message = false)
{
global $_CLASS, $config;
$filedata = array();
$filedata['error'] = array();
include_once SITE_FILE_ROOT . 'includes/forums/functions_upload.php';
$upload = new fileupload();
if (!$local) {
$filedata['post_attach'] = $upload->is_valid($form_name) ? true : false;
} else {
$filedata['post_attach'] = true;
}
if (!$filedata['post_attach']) {
$filedata['error'][] = 'No filedata found';
return $filedata;
}
$extensions = obtain_attach_extensions($forum_id);
if (!empty($extensions['_allowed_'])) {
$upload->set_allowed_extensions(array_keys($extensions['_allowed_']));
}
if ($local) {
$file = $upload->local_upload($local_storage);
} else {
$file = $upload->form_upload($form_name);
}
if ($file->init_error) {
$filedata['post_attach'] = false;
return $filedata;
}
$cat_id = isset($extensions[$file->get('extension')]['display_cat']) ? $extensions[$file->get('extension')]['display_cat'] : ATTACHMENT_CATEGORY_NONE;
// Do we have to create a thumbnail?
$filedata['thumbnail'] = $cat_id == ATTACHMENT_CATEGORY_IMAGE && $config['img_create_thumbnail'] ? 1 : 0;
// Check Image Size, if it is an image
if (!$_CLASS['auth']->acl_gets('m_', 'a_') && $cat_id == ATTACHMENT_CATEGORY_IMAGE) {
$file->upload->set_allowed_dimensions(0, 0, $config['img_max_width'], $config['img_max_height']);
}
if (!$_CLASS['auth']->acl_gets('a_', 'm_')) {
$allowed_filesize = $extensions[$file->get('extension')]['max_filesize'] != 0 ? $extensions[$file->get('extension')]['max_filesize'] : ($is_message ? $config['max_filesize_pm'] : $config['max_filesize']);
$file->upload->set_max_filesize($allowed_filesize);
}
$file->clean_filename('unique', $_CLASS['core_user']->data['user_id'] . '_');
$file->move_file($config['upload_path']);
if (!empty($file->error)) {
$file->remove();
$filedata['error'] = array_merge($filedata['error'], $file->error);
$filedata['post_attach'] = false;
return $filedata;
}
$filedata['filesize'] = $file->get('filesize');
$filedata['mimetype'] = $file->get('mimetype');
$filedata['extension'] = $file->get('extension');
$filedata['physical_filename'] = $file->get('realname');
$filedata['real_filename'] = $file->get('uploadname');
$filedata['filetime'] = time();
// Check our complete quota
if ($config['attachment_quota']) {
if ($config['upload_dir_size'] + $file->get('filesize') > $config['attachment_quota']) {
$filedata['error'][] = $_CLASS['core_user']->lang['ATTACH_QUOTA_REACHED'];
$filedata['post_attach'] = false;
$file->remove();
return $filedata;
}
}
// Check free disk space
if ($free_space = @disk_free_space($config['upload_path'])) {
if ($free_space <= $file->get('filesize')) {
$filedata['error'][] = $_CLASS['core_user']->lang['ATTACH_QUOTA_REACHED'];
$filedata['post_attach'] = false;
$file->remove();
return $filedata;
}
}
// Create Thumbnail
if ($filedata['thumbnail']) {
$source = $file->get('destination_file');
$destination = $file->get('destination_path') . '/thumb_' . $file->get('realname');
if (!create_thumbnail($source, $destination, $file->get('mimetype'))) {
$filedata['thumbnail'] = 0;
}
}
return $filedata;
}
/**
* run - display template and edit data
*
* @access public
*
*/
public function run()
{
$tpl = new template();
//Only admins
if ($_SESSION['userdata']['role'] == 'admin') {
if (isset($_GET['id']) === true) {
$id = (int) $_GET['id'];
$row = $this->getProject($id);
$msgKey = '';
$values = array('name' => $row['name'], 'details' => $row['details'], 'clientId' => $row['clientId'], 'state' => $row['state'], 'hourBudget' => $row['hourBudget'], 'assignedUsers' => $this->getProjectUserRelation($id), 'dollarBudget' => $row['dollarBudget']);
//Edit project
if (isset($_POST['save']) === true) {
if (isset($_POST['editorId']) && count($_POST['editorId'])) {
$assignedUsers = $_POST['editorId'];
} else {
$assignedUsers = array();
}
$values = array('name' => $_POST['name'], 'details' => $_POST['details'], 'clientId' => $_POST['clientId'], 'state' => $_POST['projectState'], 'hourBudget' => $_POST['hourBudget'], 'assignedUsers' => $assignedUsers, 'dollarBudget' => $_POST['dollarBudget']);
if ($values['name'] !== '') {
if ($this->hasTickets($id) && $values['state'] == 1) {
$tpl->setNotification('PROJECT_HAS_TICKETS', 'error');
} else {
$this->editProject($values, $id);
//Take the old value to avoid nl character
$values['details'] = $_POST['details'];
$tpl->setNotification('PROJECT_EDITED', 'success');
}
} else {
$tpl->setNotification('NO_PROJECTTNAME', 'error');
}
}
//Add Account
if (isset($_POST['accountSubmit']) === true) {
$accountValues = array('name' => $_POST['accountName'], 'kind' => $_POST['kind'], 'username' => $_POST['username'], 'password' => $_POST['password'], 'host' => $_POST['host'], 'projectId' => $id);
if ($accountValues['name'] !== '') {
$this->addProjectAccount($accountValues);
$tpl->setNotification('ACCOUNT_ADDED', 'sucess');
} else {
$tpl->setNotification('NO_ACCOUNT_NAME', 'error');
}
$tpl->assign('accountValues', $accountValues);
}
//Upload file
if (isset($_POST['upload']) === true) {
if ($_FILES['file']['name'] !== '') {
$upload = new fileupload();
$upload->initFile($_FILES['file']);
if ($upload->error == '') {
//Name on Server is encoded
$newname = md5($id . time());
$upload->renameFile($newname);
if ($upload->upload() === true) {
$fileValues = array('encName' => $upload->file_name, 'realName' => $upload->real_name, 'date' => date("Y-m-d H:i:s"), 'ticketId' => $id, 'userId' => $_SESSION['userdata']['id']);
$this->addFile($fileValues);
$tpl->setNotification('FILE_UPLOADED', 'success');
} else {
$tpl->setNotification('ERROR_FILEUPLOAD', 'error');
}
} else {
$tpl->setNotification('ERROR_FILEUPLOAD', 'error');
}
} else {
$tpl->setNotification('NO_FILE', 'error');
}
}
$helper = new helper();
$clients = new clients();
$user = new users();
$tpl->assign('availableUsers', $user->getAll());
//Assign vars
$tpl->assign('info', $msgKey);
$tpl->assign('clients', $clients->getAll());
$tpl->assign('values', $values);
$tpl->assign('files', $this->getFiles($id));
$tpl->assign('helper', $helper);
$tpl->assign('accounts', $this->getProjectAccounts($id));
$tpl->display('projects.editProject');
} else {
$tpl->display('general.error');
}
} else {
$tpl->display('general.error');
}
}
/**
* Upload Attachment - filedata is generated here
* Uses upload class
*/
function upload_attachment($form_name, $forum_id, $local = false, $local_storage = '', $is_message = false, $local_filedata = false)
{
global $auth, $user, $config, $db, $cache;
global $phpbb_root_path, $phpEx;
$filedata = array('error' => array());
include_once $phpbb_root_path . 'includes/functions_upload.' . $phpEx;
$upload = new fileupload();
if ($config['check_attachment_content'] && isset($config['mime_triggers'])) {
$upload->set_disallowed_content(explode('|', $config['mime_triggers']));
}
if (!$local) {
$filedata['post_attach'] = $upload->is_valid($form_name) ? true : false;
} else {
$filedata['post_attach'] = true;
}
if (!$filedata['post_attach']) {
$filedata['error'][] = $user->lang['NO_UPLOAD_FORM_FOUND'];
return $filedata;
}
$extensions = $cache->obtain_attach_extensions($is_message ? false : (int) $forum_id);
$upload->set_allowed_extensions(array_keys($extensions['_allowed_']));
$file = $local ? $upload->local_upload($local_storage, $local_filedata) : $upload->form_upload($form_name);
if ($file->init_error) {
$filedata['post_attach'] = false;
return $filedata;
}
$cat_id = isset($extensions[$file->get('extension')]['display_cat']) ? $extensions[$file->get('extension')]['display_cat'] : ATTACHMENT_CATEGORY_NONE;
// Make sure the image category only holds valid images...
if ($cat_id == ATTACHMENT_CATEGORY_IMAGE && !$file->is_image()) {
$file->remove();
// If this error occurs a user tried to exploit an IE Bug by renaming extensions
// Since the image category is displaying content inline we need to catch this.
trigger_error($user->lang['ATTACHED_IMAGE_NOT_IMAGE']);
}
// Do we have to create a thumbnail?
$filedata['thumbnail'] = $cat_id == ATTACHMENT_CATEGORY_IMAGE && $config['img_create_thumbnail'] ? 1 : 0;
// Check Image Size, if it is an image
if (!$auth->acl_get('a_') && !$auth->acl_get('m_', $forum_id) && $cat_id == ATTACHMENT_CATEGORY_IMAGE) {
$file->upload->set_allowed_dimensions(0, 0, $config['img_max_width'], $config['img_max_height']);
}
// Admins and mods are allowed to exceed the allowed filesize
if (!$auth->acl_get('a_') && !$auth->acl_get('m_', $forum_id)) {
if (!empty($extensions[$file->get('extension')]['max_filesize'])) {
$allowed_filesize = $extensions[$file->get('extension')]['max_filesize'];
} else {
$allowed_filesize = $is_message ? $config['max_filesize_pm'] : $config['max_filesize'];
}
$file->upload->set_max_filesize($allowed_filesize);
}
$file->clean_filename('unique', $user->data['user_id'] . '_');
// Are we uploading an image *and* this image being within the image category? Only then perform additional image checks.
$no_image = $cat_id == ATTACHMENT_CATEGORY_IMAGE ? false : true;
$file->move_file($config['upload_path'], false, $no_image);
if (sizeof($file->error)) {
$file->remove();
$filedata['error'] = array_merge($filedata['error'], $file->error);
$filedata['post_attach'] = false;
return $filedata;
}
$filedata['filesize'] = $file->get('filesize');
$filedata['mimetype'] = $file->get('mimetype');
$filedata['extension'] = $file->get('extension');
$filedata['physical_filename'] = $file->get('realname');
$filedata['real_filename'] = $file->get('uploadname');
$filedata['filetime'] = time();
// Check our complete quota
if ($config['attachment_quota']) {
if ($config['upload_dir_size'] + $file->get('filesize') > $config['attachment_quota']) {
$filedata['error'][] = $user->lang['ATTACH_QUOTA_REACHED'];
$filedata['post_attach'] = false;
$file->remove();
return $filedata;
}
}
// Check free disk space
if ($free_space = @disk_free_space($phpbb_root_path . $config['upload_path'])) {
if ($free_space <= $file->get('filesize')) {
$filedata['error'][] = $user->lang['ATTACH_QUOTA_REACHED'];
$filedata['post_attach'] = false;
$file->remove();
return $filedata;
}
}
// Create Thumbnail
if ($filedata['thumbnail']) {
$source = $file->get('destination_file');
$destination = $file->get('destination_path') . '/thumb_' . $file->get('realname');
if (!create_thumbnail($source, $destination, $file->get('mimetype'))) {
$filedata['thumbnail'] = 0;
}
}
return $filedata;
}
/**
* {@inheritdoc}
*/
public function process_form($request, $template, $user, $row, &$error)
{
$url = $request->variable('avatar_remote_url', '');
$width = $request->variable('avatar_remote_width', 0);
$height = $request->variable('avatar_remote_height', 0);
if (empty($url)) {
return false;
}
if (!preg_match('#^(http|https|ftp)://#i', $url)) {
$url = 'http://' . $url;
}
if (!function_exists('validate_data')) {
require $this->phpbb_root_path . 'includes/functions_user.' . $this->php_ext;
}
$validate_array = validate_data(array('url' => $url), array('url' => array('string', true, 5, 255)));
$error = array_merge($error, $validate_array);
if (!empty($error)) {
return false;
}
// Check if this url looks alright
// This isn't perfect, but it's what phpBB 3.0 did, and might as well make sure everything is compatible
if (!preg_match('#^(http|https|ftp)://(?:(.*?\\.)*?[a-z0-9\\-]+?\\.[a-z]{2,4}|(?:\\d{1,3}\\.){3,5}\\d{1,3}):?([0-9]*?).*?\\.(' . implode('|', $this->allowed_extensions) . ')$#i', $url)) {
$error[] = 'AVATAR_URL_INVALID';
return false;
}
// Make sure getimagesize works...
if (function_exists('getimagesize')) {
if (($width <= 0 || $height <= 0) && ($image_data = @getimagesize($url)) === false) {
$error[] = 'UNABLE_GET_IMAGE_SIZE';
return false;
}
if (!empty($image_data) && ($image_data[0] <= 0 || $image_data[1] <= 0)) {
$error[] = 'AVATAR_NO_SIZE';
return false;
}
$width = $width && $height ? $width : $image_data[0];
$height = $width && $height ? $height : $image_data[1];
}
if ($width <= 0 || $height <= 0) {
$error[] = 'AVATAR_NO_SIZE';
return false;
}
if (!class_exists('fileupload')) {
include $this->phpbb_root_path . 'includes/functions_upload.' . $this->php_ext;
}
$types = \fileupload::image_types();
$extension = strtolower(\filespec::get_extension($url));
// Check if this is actually an image
if ($file_stream = @fopen($url, 'r')) {
// Timeout after 1 second
stream_set_timeout($file_stream, 1);
// read some data to ensure headers are present
fread($file_stream, 1024);
$meta = stream_get_meta_data($file_stream);
if (isset($meta['wrapper_data']['headers']) && is_array($meta['wrapper_data']['headers'])) {
$headers = $meta['wrapper_data']['headers'];
} else {
if (isset($meta['wrapper_data']) && is_array($meta['wrapper_data'])) {
$headers = $meta['wrapper_data'];
} else {
$headers = array();
}
}
foreach ($headers as $header) {
$header = preg_split('/ /', $header, 2);
if (strtr(strtolower(trim($header[0], ':')), '_', '-') === 'content-type') {
if (strpos($header[1], 'image/') !== 0) {
$error[] = 'AVATAR_URL_INVALID';
fclose($file_stream);
return false;
} else {
fclose($file_stream);
break;
}
}
}
} else {
$error[] = 'AVATAR_URL_INVALID';
return false;
}
if (!empty($image_data) && (!isset($types[$image_data[2]]) || !in_array($extension, $types[$image_data[2]]))) {
if (!isset($types[$image_data[2]])) {
$error[] = 'UNABLE_GET_IMAGE_SIZE';
} else {
$error[] = array('IMAGE_FILETYPE_MISMATCH', $types[$image_data[2]][0], $extension);
}
return false;
}
if ($this->config['avatar_max_width'] || $this->config['avatar_max_height']) {
if ($width > $this->config['avatar_max_width'] || $height > $this->config['avatar_max_height']) {
$error[] = array('AVATAR_WRONG_SIZE', $this->config['avatar_min_width'], $this->config['avatar_min_height'], $this->config['avatar_max_width'], $this->config['avatar_max_height'], $width, $height);
return false;
}
}
if ($this->config['avatar_min_width'] || $this->config['avatar_min_height']) {
if ($width < $this->config['avatar_min_width'] || $height < $this->config['avatar_min_height']) {
$error[] = array('AVATAR_WRONG_SIZE', $this->config['avatar_min_width'], $this->config['avatar_min_height'], $this->config['avatar_max_width'], $this->config['avatar_max_height'], $width, $height);
return false;
}
}
return array('avatar' => $url, 'avatar_width' => $width, 'avatar_height' => $height);
}
/**
* deleteAllFiles - delete the whole list and the files on the server
*
* @access public
* @param $id
*
*/
public function deleteAllFiles($id)
{
$upload = new fileupload();
$query1 = "SELECT encName FROM zp_ticketFiles WHERE ticketId = '" . $id . "'";
foreach ($this->db->dbQuery($query1)->dbFetchResults() as $row) {
$upload->deleteFile($row['encName']);
}
}
/**
* Original copyright information for the function from AutoMOD.
* The function was almost totally changed by the authors of Upload Extensions.
* @package automod
* @copyright (c) 2008 phpBB Group
* @license http://opensource.org/licenses/gpl-2.0.php GNU Public License
*
* @param string $action Requested action.
* @return \filespec|bool
*/
public function proceed_upload($action)
{
global $phpbb_root_path, $phpEx, $user, $request;
//$can_upload = (@ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off' || !@extension_loaded('zlib')) ? false : true;
$user->add_lang('posting');
// For error messages
if (!class_exists('\\fileupload')) {
include $phpbb_root_path . 'includes/functions_upload.' . $phpEx;
}
$upload = new \fileupload();
$upload->set_allowed_extensions(array('zip'));
// Only allow ZIP files
// Make sure the ext/ directory exists and if it doesn't, create it
if (!is_dir($phpbb_root_path . 'ext')) {
if (!files::catch_errors(files::recursive_mkdir($phpbb_root_path . 'ext'))) {
return false;
}
}
if (!is_writable($phpbb_root_path . 'ext')) {
files::catch_errors($user->lang['EXT_NOT_WRITABLE']);
return false;
}
if (!is_dir(objects::$zip_dir)) {
if (!files::catch_errors(files::recursive_mkdir(objects::$zip_dir))) {
return false;
}
}
if (!is_writable($phpbb_root_path . 'ext/' . objects::$upload_ext_name . '/tmp')) {
if (!phpbb_chmod($phpbb_root_path . 'ext/' . objects::$upload_ext_name . '/tmp', CHMOD_READ | CHMOD_WRITE)) {
files::catch_errors($user->lang['EXT_TMP_NOT_WRITABLE']);
return false;
}
}
$file = false;
// Proceed with the upload
if ($action == 'upload') {
if (!$request->is_set("extupload", \phpbb\request\request_interface::FILES)) {
files::catch_errors($user->lang['NO_UPLOAD_FILE']);
return false;
}
$file = $upload->form_upload('extupload');
} else {
if ($action == 'upload_remote') {
$php_ini = new \phpbb\php\ini();
if (!$php_ini->get_bool('allow_url_fopen')) {
files::catch_errors($user->lang['EXT_ALLOW_URL_FOPEN_DISABLED']);
return false;
}
$remote_url = $request->variable('remote_upload', '');
if (!extension_loaded('openssl') && 'https' === substr($remote_url, 0, 5)) {
files::catch_errors($user->lang['EXT_OPENSSL_DISABLED']);
return false;
}
$file = files::remote_upload($upload, $user, $remote_url);
}
}
return $file;
}
