// we delete the info of the last upload items!
unset($_SESSION['TFU_LAST_UPLOADS']);
$_SESSION['TFU_LAST_UPLOADS'] = array();
}
$_SESSION['TFU_UPLOAD_REMAINING'] = $_GET['remaining'];
foreach ($_FILES as $fieldName => $file) {
// we check the uploaded files first because we don't know if it's the flash or any other script!
check_valid_extension($file['name']);
$store = 1;
if (is_supported_tfu_image($file['name']) && $size < 100000) {
$store = resize_file($file['tmp_name'], $size, 80, $file['name']);
}
if ($store != 0) {
// ok or try later
$base_filename = my_basename($file['name']);
$image = fix_decoding($base_filename, $fix_utf8);
if ($normalise_file_names) {
$image = normalizeFileNames($image);
}
$filename = $dir . '/' . $image;
// here you can do additional checks if a file already exists any you don't want that the existing one will be overwritten.
$uploaded = false;
// This is only needed for JFU - ignore this small part if you use TFU standalone:
$workaround_dir = $dir == "./../../../.." && is_writeable("./../../../../cache");
// start workaround for some php versions (e.g. 5.0.3!) if you upload to the main folder !
if ($workaround_dir) {
$filename = $dir . "/cache/" . $image;
}
// end JFU
if (@move_uploaded_file($file['tmp_name'], $filename)) {
// This is only needed for JFU - ignore this small part if you use TFU standalone:
function check_restrictions($dir, $show_root, &$myFiles, $fix_utf8, $status)
{
global $enable_dir_create_detection;
// this is a check if the dir exists - this is a configuration error!
if (file_exists($dir)) {
$status .= "&dir_exists=true";
} else {
$status .= "&dir_exists=false";
// no other checks are made because the directory is not available!
return $status;
}
// now we check if we can delete the current folder - root folder cannot be deleted!
$status .= is_tfu_deletable($dir) && $show_root ? "&dir_delete=true" : "&dir_delete=false";
// new we check if we can create folders - we have to check safemode too!
set_error_handler("on_error_no_output");
$sm_prob = has_safemode_problem_global() && runsNotAsCgi();
if (is_writeable($dir)) {
if ($enable_dir_create_detection) {
// the detection of the safemode does not work on all systems - therefore it can be disabled.
$status .= $sm_prob ? "&dir_create=subdir" : "&dir_create=true";
} else {
$status .= "&dir_create=true";
}
} else {
$status .= $sm_prob ? "&dir_create=safemode" : "&dir_create=false";
}
set_error_handler("on_error");
$nrFiles = count($myFiles);
// now we check if can delete files - we only check the 1st file!
if ($nrFiles > 0) {
$delfile = fix_decoding($myFiles[0], $fix_utf8);
// we have to remove the ** before checking
$delfile = substr($delfile, 0, strpos($delfile, "**"));
$status .= is_tfu_deletable($dir . "/" . $delfile) ? "&file_delete=true" : "&file_delete=false";
}
return $status;
}
}
$subject = fix_decoding($upload_notification_email_subject, $fix_utf8);
$filestr = "\n\n";
foreach ($_SESSION['TFU_LAST_UPLOADS'] as $filename) {
if ($upload_notification_use_full_path) {
$filestr = $filestr . space_enc(fixUrl(getRootUrl() . $path_fix . $filename)) . "\n";
} else {
$filestr = $filestr . str_replace('./', '', str_replace('../', '', $filename)) . "\n";
}
}
if ($filestr == "\n\n") {
$filestr .= 'Please check your setup. No files where uploaded.';
}
$username = isset($_SESSION['TFU_USER']) ? $_SESSION['TFU_USER'] : $_SERVER['REMOTE_ADDR'];
// if we don't have a use we use the IP
$mailtext = sprintf(fix_decoding($upload_notification_email_text, $fix_utf8), $username, $filestr);
if (isset($_SESSION['TFU_PRE_UPLOAD_DATA'])) {
$mailtext .= "\n\n" . $_SESSION['TFU_PRE_UPLOAD_DATA'];
}
@mail($upload_notification_email, html_entity_decode($subject), html_entity_decode($mailtext), $submailheaders);
}
if ($remaining == 0) {
// cleanup
unset($_SESSION['TFU_PRE_UPLOAD_DATA']);
}
// end of e-mail section
if ($enable_upload_debug) {
tfu_debug('9. End upload');
}
store_temp_session();
if ($enable_upload_debug) {