/** * Get upload files. * * @access public * @return array */ public function getUpload() { $files = array(); if (!isset($_FILES['files'])) { return $files; } if (!$this->loadModel('file')->canUpload()) { return $files; } extract($_FILES['files']); foreach ($name as $id => $filename) { if (empty($filename)) { continue; } if (!validater::checkFileName($filename)) { continue; } $file['extension'] = $this->file->getExtension($filename); $file['size'] = $size[$id]; $file['tmpname'] = $tmp_name[$id]; $files[] = $file; } return $files; }
/** * Get info of uploaded files. * * @param string $htmlTagName * @access public * @return array */ public function getUpload($htmlTagName = 'files') { $files = array(); if (!isset($_FILES[$htmlTagName])) { return $files; } $this->app->loadClass('purifier', true); $config = HTMLPurifier_Config::createDefault(); $config->set('Cache.DefinitionImpl', null); $purifier = new HTMLPurifier($config); /* If the file var name is an array. */ if (is_array($_FILES[$htmlTagName]['name'])) { extract($_FILES[$htmlTagName]); foreach ($name as $id => $filename) { if (empty($filename)) { continue; } if (!validater::checkFileName($filename)) { continue; } $file['extension'] = $this->getExtension($filename); $file['pathname'] = $this->setPathName($id, $file['extension']); $file['title'] = !empty($_POST['labels'][$id]) ? htmlspecialchars($_POST['labels'][$id]) : str_replace('.' . $file['extension'], '', $filename); $file['title'] = $purifier->purify($file['title']); $file['size'] = $size[$id]; $file['tmpname'] = $tmp_name[$id]; $files[] = $file; } } else { if (empty($_FILES[$htmlTagName]['name'])) { return $files; } extract($_FILES[$htmlTagName]); if (!validater::checkFileName($name)) { return array(); } $file['extension'] = $this->getExtension($name); $file['pathname'] = $this->setPathName(0, $file['extension']); $file['title'] = !empty($_POST['labels'][0]) ? htmlspecialchars($_POST['labels'][0]) : substr($name, 0, strpos($name, $file['extension']) - 1); $file['title'] = $purifier->purify($file['title']); $file['size'] = $size; $file['tmpname'] = $tmp_name; return array($file); } return $files; }
/** * Edit file. * * @param int $fileID * @access public * @return void */ public function edit($fileID) { $this->replaceFile($fileID); $fileInfo = fixer::input('post')->remove('upFile')->get(); if (!validater::checkFileName($fileInfo->title)) { return false; } $fileInfo->lang = 'all'; $this->dao->update(TABLE_FILE)->data($fileInfo)->autoCheck()->batchCheck($this->config->file->require->edit, 'notempty')->where('id')->eq($fileID)->exec(); $this->dao->setAutoLang(false)->update(TABLE_FILE)->data($fileInfo)->autoCheck()->batchCheck($this->config->file->require->edit, 'notempty')->where('id')->eq($fileID)->exec(); }
/** * Edit for the source file. * * @param int $fileID * @access public * @return void */ public function sourceEdit($fileID) { $this->file->setSavePath('source'); $file = $this->file->getById($fileID); if (!empty($_POST)) { if (!$this->file->checkSavePath()) { $this->send(array('result' => 'fail', 'message' => $this->lang->file->errorUnwritable)); } if ($this->post->filename == false or $this->post->filename == '') { $this->send(array('result' => 'fail', 'message' => $this->lang->file->nameEmpty)); } $filename = $this->post->filename; if (!validater::checkFileName($filename)) { $this->send(array('result' => 'fail', 'message' => $this->lang->file->evilChar)); } if (!$this->post->continue) { $extension = $this->file->getExtension($_FILES['upFile']['name']); $sameUpFile = $this->file->checkSameFile(str_replace('.' . $extension, '', $_FILES['upFile']['name']), $fileID); $sameFilename = $this->file->checkSameFile($this->post->filename, $fileID); if (!empty($sameUpFile) or !empty($sameFilename)) { $this->send(array('result' => 'fail', 'error' => $this->lang->file->sameName)); } } $result = $this->file->sourceEdit($file, $filename); if ($result) { $this->send(array('result' => 'success', 'message' => $this->lang->saveSuccess, 'locate' => $this->createLink('file', 'browseSource'))); } $this->send(array('result' => 'fail', 'message' => dao::getError())); } $this->view->title = $this->lang->file->edit; $this->view->modalWidth = 500; $this->view->file = $file; $this->display(); }
/** * Edit for the source file. * * @param int $fileID * @access public * @return void */ public function sourceEdit($fileID) { $this->file->setSavePath('source'); $file = $this->file->getById($fileID); if (!empty($_POST)) { if (!$this->file->checkSavePath()) { $this->send(array('result' => 'fail', 'message' => $this->lang->file->errorUnwritable)); } if ($this->post->filename == false or $this->post->filename == '') { $this->send(array('result' => 'fail', 'message' => $this->lang->file->nameEmpty)); } $filename = $this->post->filename; if (!validater::checkFileName($filename)) { $this->send(array('result' => 'fail', 'message' => $this->lang->file->evilChar)); } $result = $this->file->sourceEdit($file, $filename); if ($result) { $this->send(array('result' => 'success', 'message' => $this->lang->saveSuccess, 'locate' => $this->createLink('file', 'browseSource'))); } $this->send(array('result' => 'fail', 'message' => dao::getError())); } $this->view->title = $this->lang->file->edit; $this->view->modalWidth = 500; $this->view->file = $file; $this->display(); }