static function process_files() { $files = array(); $data = $_FILES["file"]; foreach (array_keys($data["name"]) as $filenum) { if ($data["error"][$filenum] == "0" and $data["size"][$filenum] != 0) { if ($data["name"][$filenum] == "") { $data["name"][$filenum] = "default"; } list($target, $filename) = sys_build_filename($data["name"][$filenum]); dirs_checkdir($target); $target .= $_SESSION["username"] . "__" . $filename; if (move_uploaded_file($data["tmp_name"][$filenum], $target)) { $files[] = $target; } else { @unlink($data["tmp_name"][$filenum]); } } else { if ($data["error"][$filenum] != UPLOAD_ERR_NO_FILE) { $filename = $data["name"][$filenum]; switch ($data["error"][$filenum]) { case UPLOAD_ERR_FORM_SIZE: $message = "{t}file is too big. Please upload a smaller one.{/t} (" . $filename . ")"; break; case UPLOAD_ERR_INI_SIZE: $message = "{t}file is too big. Please change upload_max_filesize, post_max_size in your php.ini{/t} (" . $filename . ") (upload_max_filesize=" . @ini_get("upload_max_filesize") . ", post_max_size=" . @ini_get("post_max_size") . ")"; break; case UPLOAD_ERR_PARTIAL: $message = "{t}file was uploaded partially.{/t} {t}Please upload again.{/t} (" . $filename . ")"; break; case UPLOAD_ERR_NO_FILE: $message = "{t}No file was uploaded{/t} {t}Please upload again.{/t} (" . $filename . ")"; break; case UPLOAD_ERR_NO_TMP_DIR: $message = "{t}missing a temporary folder.{/t} {t}Please upload again.{/t} (" . $filename . ")"; break; case UPLOAD_ERR_CANT_WRITE: $message = "{t}Failed to write file to disk.{/t} {t}Please upload again.{/t} (" . $filename . ")"; break; default: $message = "{t}Please upload again.{/t} (" . $filename . ")"; break; } setup::out("{t}Upload failed{/t}: " . q($message)); } } } return $files; }
private static function _processfiles($sgsml, $field_name, $id) { $error = array(); $field = $sgsml->fields[$field_name]; $fieldname = "form_" . md5($id) . $field_name; $displayname = isset($field["DISPLAYNAME"]) ? $field["DISPLAYNAME"] : $field["NAME"]; if (!isset($_REQUEST[$fieldname])) { $_REQUEST[$fieldname] = array(); } if (isset($_REQUEST[$fieldname . "_cust"]) and is_array($_REQUEST[$fieldname . "_cust"])) { foreach ($_REQUEST[$fieldname . "_cust"] as $url) { if ($url == "" or !preg_match("|^https?://.+|i", $url)) { continue; } $_REQUEST[$fieldname][] = $url; } } if (isset($_FILES[$fieldname]) and is_array($_FILES[$fieldname])) { $data = $_FILES[$fieldname]; foreach (array_keys($data["name"]) as $filenum) { if ($data["error"][$filenum] == "0" and $data["size"][$filenum] != 0) { if ($data["name"][$filenum] == "") { $data["name"][$filenum] = "default"; } list($target, $filename) = sys_build_filename($data["name"][$filenum]); dirs_checkdir($target); $target .= $_SESSION["username"] . "__" . $filename; if (move_uploaded_file($data["tmp_name"][$filenum], $target)) { $_REQUEST[$fieldname][] = $target; } else { @unlink($data["tmp_name"][$filenum]); } } else { if ($data["error"][$filenum] != UPLOAD_ERR_NO_FILE) { $filename = $data["name"][$filenum]; switch ($data["error"][$filenum]) { case UPLOAD_ERR_FORM_SIZE: $message = "{t}file is too big. Please upload a smaller one.{/t} (" . $filename . ")"; break; case UPLOAD_ERR_INI_SIZE: $message = "{t}file is too big. Please change upload_max_filesize, post_max_size in your php.ini{/t} (" . $filename . ") (upload_max_filesize=" . @ini_get("upload_max_filesize") . ", post_max_size=" . @ini_get("post_max_size") . ")"; break; case UPLOAD_ERR_PARTIAL: $message = "{t}file was uploaded partially.{/t} {t}Please upload again.{/t} (" . $filename . ")"; break; case UPLOAD_ERR_NO_FILE: $message = "{t}No file was uploaded{/t} {t}Please upload again.{/t} (" . $filename . ")"; break; case UPLOAD_ERR_NO_TMP_DIR: $message = "{t}missing a temporary folder.{/t} {t}Please upload again.{/t} (" . $filename . ")"; break; case UPLOAD_ERR_CANT_WRITE: $message = "{t}Failed to write file to disk.{/t} {t}Please upload again.{/t} (" . $filename . ")"; break; default: $message = "{t}Please upload again.{/t} (" . $filename . ")"; break; } $error[] = array($displayname, "{t}Upload failed{/t}: " . $message); } } } } if (!empty($field["SIMPLE_SIZE"]) and count($_REQUEST[$fieldname]) > $field["SIMPLE_SIZE"]) { $error[] = array($displayname, "{t}maximum number of files exceeded.{/t} (" . $field["SIMPLE_SIZE"] . ")"); } return $error; }
static function dirs_clear_custom($custom) { dirs_checkdir($custom); dirs_checkdir($custom . "/ext/"); @file_put_contents($custom . "/.htaccess", "Order deny,allow\nDeny from all\n", LOCK_EX); @file_put_contents($custom . "/ext/.htaccess", "Order deny,allow\nAllow from all\n", LOCK_EX); }
private static function _paste_item_copyfile($file, $id, $tname) { list($target, $filename) = sys_build_filename(modify::basename($file), $tname); dirs_checkdir($target); $target .= sys_get_pathnum($id) . "/"; dirs_checkdir($target); $target .= $id . $filename; copy($file, $target); return $target; }
static function getfile_upload($filename) { list($target, $filename) = sys_build_filename($filename); dirs_checkdir($target); $target .= $_SESSION["username"] . "__" . $filename; if ($fp = fopen("php://input", "r") and $ft = fopen($target, "w")) { while (!feof($fp)) { fwrite($ft, fread($fp, 1024)); } fclose($ft); fclose($fp); return $target; } return ""; }
function _upload_create_file($db_path, $target_lnk, $path, $filename) { list($id, $left, $unused) = _upload_process_folder_string($db_path . "/"); if ($left != 0 or $id == 0) { sys_error("path not found", "409 Conflict"); } $ftype = db_select_value("simple_sys_tree", "ftype", "id=@id@", array("id" => $id)); if (db_get_right($id, "write") and !empty($ftype) and $ftype == "files") { list($target, $a_filename) = sys_build_filename($filename, "simple_files"); dirs_checkdir($target); $target .= sys_get_pathnum($id) . "/"; dirs_checkdir($target); $target .= md5($id) . $a_filename; if ($fp = fopen("php://input", "r") and $ft = fopen($target, "wb")) { while (!feof($fp)) { fwrite($ft, fread($fp, 8192)); } fclose($fp); fclose($ft); $a_id = sql_genID("simple_files") * 100; $data = array("id" => $a_id, "folder" => $id, "dsize" => filesize($target), "filedata" => "|" . $target . "|", "filename" => $filename, "rread_users" => "|anonymous|", "rwrite_users" => "|anonymous|", "history" => t("{t}Item created by %s at %s{/t}", $_SESSION["username"], sys_date(t("{t}m/d/y g:i:s a{/t}"))) . "\n"); $error_sql = db_insert("simple_files", $data); if ($error_sql == "") { db_update_treesize("simple_files", $id); $fields = array("filename" => "text", "filedata" => "files", "folder" => "id", "id" => "id"); db_search_update("simple_files", $a_id, array(), $fields); sys_log_stat("new_records", 1); file_put_contents($target_lnk, $path . "/" . $a_id . "_0__" . $filename . "\n" . $target, LOCK_EX); _upload_success(); } } } sys_error("cant write new", "403 Forbidden"); }
static function copyfiles_totemp($value) { if ($value == "" or !file_exists($value)) { return ""; } list($target, $filename) = sys_build_filename(self::basename($value)); dirs_checkdir($target); $target .= $_SESSION["username"] . "__" . $filename; if (copy($value, $target)) { return $target; } else { return ""; } }