function process_uploaded_files($tid, $pid, &$total_uploaded) { global $pun_config, $lang_common, $lang_fu, $db, $file_limit, $message; $result = null; if (!isset($_FILES['attach']['error']) or !check_mod_config()) { return $result; } $total_uploaded = 0; $dest = $pun_config['file_upload_path']; $thmb = $pun_config['file_thumb_path']; $allowed_ext = $pun_config['file_allowed_ext']; $allowed_ext = explode(',', $allowed_ext); $image_ext = $pun_config['file_image_ext']; $image_ext = explode(',', $image_ext); // Upload all files $i = 0; $thumb_from = $thumb_to = array(); foreach ($_FILES['attach']['error'] as $key => $error) { $i++; if ($error == UPLOAD_ERR_OK) { if ($file_limit <= 0) { break; } // Grab the tmp file location, and the original file name $mime = $_FILES['attach']['type'][$key]; $tmp_name = $_FILES['attach']['tmp_name'][$key]; // there are some PHP exploits with fake filenames // file_exists() is not secure in this case! if (!is_uploaded_file($tmp_name)) { continue; } $orig_name = $_FILES['attach']['name'][$key]; $size = filesize($tmp_name); $file_ext = strtolower(get_file_extension($orig_name)); // Skip files with banned extensions if (!in_array($file_ext, $allowed_ext) || !$file_ext) { $result .= $orig_name . ' ' . $lang_fu['Extension Banned'] . '.<br />'; continue; } // Skip files larger then max file size if ($size > $pun_config['file_max_size']) { $result .= $orig_name . ' ' . $lang_fu['Size Too Big'] . '.<br />'; continue; } if (in_array($file_ext, $image_ext)) { // Skip files that have larger then allowed dimensions list($width, $height, $type, $attr) = getimagesize($tmp_name); if (!$width || !$height) { $result .= $orig_name . ' ' . $lang_fu['Not Image'] . '.<br />'; continue; } if ($width > $pun_config['file_max_width'] || $height > $pun_config['file_max_height']) { $result .= $orig_name . ' ' . $lang_fu['Dim Too Big'] . '.<br />'; continue; } $dim = $width . 'x' . $height; } else { $dim = null; } // save file to upload directory $store_name = generate_unique_filename(PUN_ROOT . $dest, '.ext'); move_uploaded_file($tmp_name, PUN_ROOT . $dest . $store_name); chmod($dest . $store_name, 0666); // NOTE: post author and attachment author may differ (if attach in edit) $attach_poster = $GLOBALS['pun_user']['id']; $now = time(); $db->query('INSERT INTO ' . $db->prefix . 'attachments (poster_id, topic_id, post_id, uploaded, filename, mime, location, size, image_dim) VALUES (\'' . $attach_poster . '\', \'' . $tid . '\', \'' . $pid . '\', ' . $now . ', \'' . $db->escape($orig_name) . '\', \'' . $db->escape($mime) . '\', \'' . $db->escape($dest . $store_name) . '\', \'' . $size . '\', \'' . $dim . '\')') or error('Unable to insert attachment record into database.', __FILE__, __LINE__, $db->error()); $aid = $db->insert_id(); $thumb_from[] = '::thumb$' . $i . '::'; $thumb_to[] = '::thumb' . $aid . '::'; $total_uploaded++; $file_limit--; } else { switch ($error) { case UPLOAD_ERR_INI_SIZE: $result .= 'File #' . $i . ' - ERROR: exceeds the upload_max_filesize<br />'; break; case UPLOAD_ERR_FORM_SIZE: $result .= 'File #' . $i . ' - ERROR: exceeds the form MAX_FILE_SIZE<br />'; break; case UPLOAD_ERR_PARTIAL: $result .= 'File #' . $i . ' - ERROR: partially uploaded<br />'; break; case UPLOAD_ERR_NO_FILE: // no file specified in input field break; default: $result .= 'File #' . $i . ' - ERROR: ' . $error . '<br />'; break; } } } if ($total_uploaded) { $result .= '<br />' . $lang_fu['Uploaded'] . ' ' . $total_uploaded . ' ' . $lang_fu['files'] . '<br /><br />'; } // translate #i to ::thumbNN:: if (strpos($message, '::thumb$') !== false) { $message = str_replace($thumb_from, $thumb_to, $message); $db->query('UPDATE ' . $db->prefix . 'posts SET message=\'' . $db->escape($message) . '\' WHERE id=' . $pid) or error('Unable to update post', __FILE__, __LINE__, $db->error()); } return $result; }
function get_unique_filename($old_filename) { $file_r = get_root_filename($old_filename); $filelist_r = get_filename_list($file_r); $filename = generate_unique_filename($file_r, $filelist_r); if ($filename != $old_filename) { opendb_logger(OPENDB_LOG_INFO, __FILE__, __FUNCTION__, "Upload file already exists - generating a unique filename", array($old_filename, $filename)); } return $filename; }