/** * Handle the calendar image upload * * @param string $id unique form id * * @return string image path */ function _handleUpload($fieldName, $id) { $tup = self::getTemporaryUploadPath($fieldName, $id); $tmpUploadDir = \Env::get('cx')->getWebsitePath() . $tup[1] . '/' . $tup[2] . '/'; //all the files uploaded are in here $depositionTarget = $this->uploadImgPath; //target folder $pic = ''; //move all files if (!\Cx\Lib\FileSystem\FileSystem::exists($tmpUploadDir)) { throw new \Exception("could not find temporary upload directory '{$tmpUploadDir}'"); } $h = opendir($tmpUploadDir); if ($h) { while (false !== ($f = readdir($h))) { // skip folders and thumbnails if ($f == '..' || $f == '.' || preg_match("/(?:\\.(?:thumb_thumbnail|thumb_medium|thumb_large)\\.[^.]+\$)|(?:\\.thumb)\$/i", $f)) { continue; } //do not overwrite existing files. $prefix = ''; while (file_exists($depositionTarget . $prefix . $f)) { if (empty($prefix)) { $prefix = 0; } $prefix++; } // move file try { $objFile = new \Cx\Lib\FileSystem\File($tmpUploadDir . $f); $fileInfo = pathinfo($tmpUploadDir . $f); $objFile->move($depositionTarget . $prefix . $f, false); $imageName = $prefix . $f; if (in_array($fileInfo['extension'], array('gif', 'jpg', 'jpeg', 'png'))) { $objImage = new \ImageManager(); $objImage->_createThumb($this->uploadImgPath, $this->uploadImgWebPath, $imageName, 180); } $pic = contrexx_input2raw($this->uploadImgWebPath . $imageName); // abort after one file has been fetched, as all event upload // fields do allow a single file only anyway break; } catch (\Cx\Lib\FileSystem\FileSystemException $e) { \DBG::msg($e->getMessage()); } } } return $pic; }
/** * Handle uploads * @see Contact::_uploadFilesLegacy() * @param array $arrFields * @param boolean move should the files be moved or * do we just want an array of filenames? * defaults to false. no effect in legacy mode. * @return array A list of files that have been stored successfully in the system */ protected function _uploadFiles($arrFields, $move = false) { /* the field unique_id has been introduced with the new uploader. * it helps us to tell whether we're handling an form generated * before the new uploader using the classic input fields or * if we have to treat the files already uploaded by the uploader. */ if ($this->legacyMode) { //legacy function for old uploader return $this->_uploadFilesLegacy($arrFields); } else { //new uploader used if (!$this->hasFileField) { //nothing to do for us, no files return array(); } $arrFiles = array(); //we'll collect name => path of all files here and return this $documentRootPath = \Env::get('cx')->getWebsiteDocumentRootPath(); foreach ($arrFields as $fieldId => $arrField) { // skip non-upload fields if (!in_array($arrField['type'], array('file', 'multi_file'))) { continue; } $tup = self::getTemporaryUploadPath($this->submissionId, $fieldId); $tmpUploadDir = $tup[1] . '/' . $tup[2] . '/'; //all the files uploaded are in here $depositionTarget = ""; //target folder //on the first call, _uploadFiles is called with move=false. //this is done in order to get an array of the moved files' names, but //the files are left in place. //the second call is done with move=true - here we finally move the //files. // //the target folder is created in the first call, because if we can't //create the folder, the target path is left pointing at the path //specified by $arrSettings['fileUploadDepositionPath']. // //to remember the target folder for the second call, it is stored in //$this->depositionTarget. if (!$move) { //first call - create folder //determine where form uploads are stored $arrSettings = $this->getSettings(); $depositionTarget = $arrSettings['fileUploadDepositionPath'] . '/'; //find an unique folder name for the uploaded files $folderName = date("Ymd") . '_' . $fieldId; $suffix = ""; if (file_exists($documentRootPath . $depositionTarget . $folderName)) { $suffix = 1; while (file_exists($documentRootPath . $depositionTarget . $folderName . '-' . $suffix)) { $suffix++; } $suffix = '-' . $suffix; } $folderName .= $suffix; //try to make the folder and change target accordingly on success if (\Cx\Lib\FileSystem\FileSystem::make_folder($documentRootPath . $depositionTarget . $folderName)) { \Cx\Lib\FileSystem\FileSystem::makeWritable($documentRootPath . $depositionTarget . $folderName); $depositionTarget .= $folderName . '/'; } $this->depositionTarget[$fieldId] = $depositionTarget; } else { $depositionTarget = $this->depositionTarget[$fieldId]; } //move all files if (!\Cx\Lib\FileSystem\FileSystem::exists($tmpUploadDir)) { throw new \Cx\Core_Modules\Contact\Controller\ContactException("could not find temporary upload directory '{$tmpUploadDir}'"); } $h = opendir(\Env::get('cx')->getWebsitePath() . $tmpUploadDir); while (false !== ($f = readdir($h))) { if ($f != '..' && $f != '.') { //do not overwrite existing files. $prefix = ''; while (file_exists($documentRootPath . $depositionTarget . $prefix . $f)) { if (empty($prefix)) { $prefix = 0; } $prefix++; } if ($move) { // move file try { $objFile = new \Cx\Lib\FileSystem\File($tmpUploadDir . $f); $objFile->move($documentRootPath . $depositionTarget . $prefix . $f, false); } catch (\Cx\Lib\FileSystem\FileSystemException $e) { \DBG::msg($e->getMessage()); } } $arrFiles[$fieldId][] = array('name' => $f, 'path' => $depositionTarget . $prefix . $f); } } } //cleanup //TODO: this does not work for certain reloads - add cleanup routine //@rmdir($tmpUploadDir); return $arrFiles; } }
/** * Process upload form * * @global array $_ARRAYLANG * @return boolean true if file uplod successfully and false if it failed */ private function processFormUpload() { global $_ARRAYLANG; $objSession = \cmsSession::getInstance(); $uploaderId = isset($_POST['media_upload_file']) ? contrexx_input2raw($_POST['media_upload_file']) : 0; if (empty($uploaderId)) { return false; } $tempPath = $objSession->getTempPath() . '/' . contrexx_input2raw($uploaderId); if (!\Cx\Lib\FileSystem\FileSystem::exists($tempPath)) { return false; } $errorMsg = array(); foreach (glob($tempPath . '/*') as $file) { $i = 0; $fileName = basename($file); $path = $tempPath . '/' . $fileName; $file = $this->path . $fileName; $arrFile = pathinfo($file); while (file_exists($file)) { $suffix = '-' . (time() + ++$i); $file = $this->path . $arrFile['filename'] . $suffix . '.' . $arrFile['extension']; } if (!\FWValidator::is_file_ending_harmless($path)) { $errorMsg[] = sprintf($_ARRAYLANG['TXT_MEDIA_FILE_EXTENSION_NOT_ALLOWED'], htmlentities($fileName, ENT_QUOTES, CONTREXX_CHARSET)); continue; } try { $objFile = new \Cx\Lib\FileSystem\File($path); $objFile->move($file, false); $fileObj = new \File(); $fileObj->setChmod($this->path, $this->webPath, basename($file)); } catch (\Cx\Lib\FileSystem\FileSystemException $e) { \DBG::msg($e->getMessage()); $errorMsg[] = sprintf($_ARRAYLANG['TXT_MEDIA_FILE_UPLOAD_FAILED'], htmlentities($fileName, ENT_QUOTES, CONTREXX_CHARSET)); } } if (!empty($errorMsg)) { $this->_strErrorMessage = explode('<br>', $errorMsg); return false; } $this->_strOkMessage = $_ARRAYLANG['TXT_MEDIA_FILE_UPLOADED_SUCESSFULLY']; return true; }
/** * Upload Finished callback * * This is called as soon as uploads have finished. * takes care of moving them to the right folder * * @param string $tempPath Path to the temporary directory containing the files at this moment * @param string $tempWebPath Points to the same folder as tempPath, but relative to the webroot * @param array $data Data given to setData() when creating the uploader * @param string $uploadId unique session id for the current upload * @param array $fileInfos uploaded file informations * @param array $response uploaded status * * @return array path and webpath */ public static function uploadFinished($tempPath, $tempWebPath, $data, $uploadId, $fileInfos, $response) { $path = $data['path']; $webPath = $data['webPath']; $objCategory = Category::getCategory($data['category_id']); // check for sufficient permissions if ($objCategory->getAddFilesAccessId() && !\Permission::checkAccess($objCategory->getAddFilesAccessId(), 'dynamic', true) && $objCategory->getOwnerId() != \FWUser::getFWUserObject()->objUser->getId()) { return; } //we remember the names of the uploaded files here. they are stored in the session afterwards, //so we can later display them highlighted. $arrFiles = array(); $uploadFiles = array(); //rename files, delete unwanted $arrFilesToRename = array(); //used to remember the files we need to rename $h = opendir($tempPath); if (!$h) { return array($path, $webPath); } while (false !== ($file = readdir($h))) { //skip . and .. if ($file == '.' || $file == '..') { continue; } try { //delete potentially malicious files $objTempFile = new \Cx\Lib\FileSystem\File($tempPath . '/' . $file); if (!\FWValidator::is_file_ending_harmless($file)) { $objTempFile->delete(); continue; } $cleanFile = \Cx\Lib\FileSystem\FileSystem::replaceCharacters($file); if ($cleanFile != $file) { $objTempFile->rename($tempPath . '/' . $cleanFile, false); $file = $cleanFile; } $info = pathinfo($file); //check if file needs to be renamed $newName = ''; $suffix = ''; if (file_exists($path . '/' . $file)) { $suffix = '_' . time(); $newName = $info['filename'] . $suffix . '.' . $info['extension']; $arrFilesToRename[$file] = $newName; array_push($arrFiles, $newName); } if (!isset($arrFilesToRename[$file])) { array_push($uploadFiles, $file); } //rename files where needed foreach ($arrFilesToRename as $oldName => $newName) { $objTempFile = new \Cx\Lib\FileSystem\File($tempPath . '/' . $oldName); $objTempFile->rename($tempPath . '/' . $newName, false); array_push($uploadFiles, $newName); } //move file from temp path into target folder $objImage = new \ImageManager(); foreach ($uploadFiles as $fileName) { $objFile = new \Cx\Lib\FileSystem\File($tempPath . '/' . $fileName); $objFile->move($path . '/' . $fileName, false); \Cx\Core\Core\Controller\Cx::instanciate()->getMediaSourceManager()->getThumbnailGenerator()->createThumbnailFromPath($path . '/' . $fileName); } } catch (\Cx\Lib\FileSystem\FileSystemException $e) { \DBG::msg($e->getMessage()); } $objDownloads = new downloads(''); $objDownloads->addDownloadFromUpload($info['filename'], $info['extension'], $suffix, $objCategory, $objDownloads, $fileInfos['name']); } return array($path, $webPath); }
protected function moveModel($sourceFolder, $destinationFolder, $force = false) { $sourceDirectory = new \RecursiveDirectoryIterator($sourceFolder); $sourceDirectoryIterator = new \RecursiveIteratorIterator($sourceDirectory); $sourceDirectoryRegexIterator = new \RegexIterator($sourceDirectoryIterator, '/^.+\\.php$/i', \RegexIterator::GET_MATCH); $retVal = true; // foreach model class foreach ($sourceDirectoryRegexIterator as $sourceFile) { // move to correct location and add .class ending if necessary $sourceFile = current($sourceFile); $sourceFile = str_replace('\\', '/', $sourceFile); $parts = explode('/Cx/', $sourceFile); $destinationFile = $destinationFolder . '/' . end($parts); $destinationFile = preg_replace_callback('#(' . $destinationFolder . '/)(Core(?:_Modules)?|Modules)#', function ($matches) { return $matches[1] . strtolower($matches[2]); }, $destinationFile); $destinationFile = preg_replace('/(?!\\.class)\\.php$/', '.class.php', $destinationFile); if (!$force && file_exists($destinationFile)) { $retVal = false; continue; } try { $objFile = new \Cx\Lib\FileSystem\File($sourceFile); $objFile->move($destinationFile, $force); } catch (\Cx\Lib\FileSystem\FileSystemException $e) { throw $e; } // if the moved file is an entity class if (strpos($destinationFile, '/Model/Entity/')) { $contents = file_get_contents($destinationFile); // and there is no extends statement yet $regex = '/(class\\s*(:?[a-zA-Z0-9_]*))\\s*\\{/m'; if (!preg_match($regex, $contents)) { return $retVal; } // add extends statement for base entity $contents = preg_replace($regex, '$1 extends \\Cx\\Model\\Base\\EntityBase {', $contents); file_put_contents($destinationFile, $contents); } } return $retVal; }
/** * Move the uploaded image to destination path from the temp path * * @return mixed $status | false */ public function uploadPicture() { $status = ""; $path = "pictures/"; //check file array $uploaderId = isset($_POST['marketUploaderId']) ? contrexx_input2raw($_POST['marketUploaderId']) : 0; $fileName = isset($_POST['uploadImage']) ? contrexx_input2raw($_POST['uploadImage']) : 0; if (empty($uploaderId) || empty($fileName)) { return false; } //get file info $objSession = \cmsSession::getInstance(); $tmpFile = $objSession->getTempPath() . '/' . $uploaderId . '/' . $fileName; if (!\Cx\Lib\FileSystem\FileSystem::exists($tmpFile)) { return false; } if ($fileName != '' && \FWValidator::is_file_ending_harmless($fileName)) { //check extension $info = pathinfo($fileName); $exte = $info['extension']; $exte = !empty($exte) ? '.' . $exte : ''; $part1 = substr($fileName, 0, strlen($fileName) - strlen($exte)); $rand = rand(10, 99); $fileName = md5($rand . $fileName) . $exte; //check file // TODO: $x is not defined $x = 0; if (file_exists($this->mediaPath . $path . $fileName)) { $fileName = $rand . $part1 . '_' . (time() + $x) . $exte; $fileName = md5($fileName) . $exte; } //Move the uploaded file to the path specified in the variable $this->mediaPath try { $objFile = new \Cx\Lib\FileSystem\File($tmpFile); if ($objFile->move($this->mediaPath . $path . $fileName, false)) { $objFile = new \File(); $objFile->setChmod($this->mediaPath, $this->mediaWebPath, $path . $fileName); $status = $fileName; } else { $status = "error"; } } catch (\Cx\Lib\FileSystem\FileSystemException $e) { \DBG::msg($e->getMessage()); } } else { $status = "error"; } return $status; }
/** * Upload a file to be associated with a product in the cart * @param string $fileName upload file name * * @return string The file name on success, * the empty string otherwise * @author Reto Kohli <*****@*****.**> * @static */ static function uploadFile($fileName) { global $_ARRAYLANG; $uploaderId = isset($_REQUEST['productOptionsUploaderId']) ? contrexx_input2raw($_REQUEST['productOptionsUploaderId']) : ''; if (empty($uploaderId) || empty($fileName)) { return ''; } $cx = \Cx\Core\Core\Controller\Cx::instanciate(); $objSession = $cx->getComponent('Session')->getSession(); $tmpFile = $objSession->getTempPath() . '/' . $uploaderId . '/' . $fileName; if (!\Cx\Lib\FileSystem\FileSystem::exists($tmpFile)) { return ''; } $originalFileName = $fileName; $arrMatch = array(); $filename = ''; $fileext = ''; if (preg_match('/(.+)(\\.[^.]+)/', $originalFileName, $arrMatch)) { $filename = $arrMatch[1]; $fileext = $arrMatch[2]; } else { $filename = $originalFileName; } if ($fileext == '.jpg' || $fileext == '.gif' || $fileext == '.png') { $newFileName = $filename . '[' . uniqid() . ']' . $fileext; $newFilePath = Order::UPLOAD_FOLDER . $newFileName; //Move the uploaded file to the path specified in the variable $newFilePath try { $objFile = new \Cx\Lib\FileSystem\File($tmpFile); if ($objFile->move(\Cx\Core\Core\Controller\Cx::instanciate()->getWebsiteDocumentRootPath() . '/' . $newFilePath, false)) { return $newFileName; } else { \Message::error($_ARRAYLANG['TXT_SHOP_ERROR_UPLOADING_FILE']); } } catch (\Cx\Lib\FileSystem\FileSystemException $e) { \DBG::msg($e->getMessage()); } } else { \Message::error(sprintf($_ARRAYLANG['TXT_SHOP_ERROR_WRONG_FILETYPE'], $fileext)); } return ''; }
function renameCustomizingFile($file) { global $_CONFIG; $cxFilePath = dirname(substr($file, strlen(ASCMS_DOCUMENT_ROOT))); if ($cxFilePath == '/') { $cxFilePath = ''; } $customizingPath = ASCMS_DOCUMENT_ROOT . '/customizing' . $cxFilePath; $customizingFile = $customizingPath . '/' . basename($file); if (file_exists($customizingFile)) { $customizingFile .= "_" . $_CONFIG['coreCmsVersion']; $suffix = ''; $idx = 0; while (file_exists($customizingFile . $suffix)) { $idx++; $suffix = '_' . $idx; } $customizingFile .= $suffix; } else { return true; } try { $objFile = new \Cx\Lib\FileSystem\File($file); $objFile->move($customizingFile); } catch (\Exception $e) { setUpdateMsg('Error on renaming customizing file:<br />' . $file); setUpdateMsg('Error: ' . $e->getMessage()); setUpdateMsg('<br />Häufigste Ursache dieses Problems ist, dass zur Ausführung dieses Vorgangs die benötigten Schreibrechte nicht vorhanden sind. Prüfen Sie daher, ob die FTP-Konfiguration in der Datei <strong>config/configuration.php</strong> korrekt eingerichtet ist.'); return false; } return true; }
/** * Upload the media files * * @param string $fileName name of the media file * @param string $path folder path * @param string $uploaderId uploader id * * @return string $status name of the uploaded file / error */ function uploadMedia($fileName, $path, $uploaderId) { if (empty($uploaderId) || empty($fileName)) { return 'error'; } $cx = \Cx\Core\Core\Controller\Cx::instanciate(); $objSession = $cx->getComponent('Session')->getSession(); $tempPath = $objSession->getTempPath() . '/' . $uploaderId . '/' . $fileName; //Check the uploaded file exists in /tmp folder if (!\Cx\Lib\FileSystem\FileSystem::exists($tempPath)) { //If the file still exists in the mediaPath then return the filename if (\Cx\Lib\FileSystem\FileSystem::exists($this->mediaPath . $path . $fileName)) { return $fileName; } return 'error'; } $info = pathinfo($fileName); $exte = $info['extension']; $extension = !empty($exte) ? '.' . $exte : ''; $file = substr($fileName, 0, strlen($fileName) - strlen($extension)); $rand = rand(10, 99); $arrSettings = $this->getSettings(); if ($arrSettings['encodeFilename']['value'] == 1) { $fileName = md5($rand . $file) . $extension; } //Rename the file if the filename already exists while (\Cx\Lib\FileSystem\FileSystem::exists($this->mediaPath . $path . $fileName)) { $fileName = $file . '_' . time() . $extension; } $filePath = $this->mediaPath . $path . $fileName; if (!\FWValidator::is_file_ending_harmless($filePath)) { return 'error'; } //Move the file from /tmp folder into mediaPath and set the permission try { $objFile = new \Cx\Lib\FileSystem\File($tempPath); if ($objFile->move($filePath, false)) { $fileObj = new \File(); $fileObj->setChmod($this->mediaPath, $this->mediaWebPath, $path . $fileName); $status = $fileName; } } catch (\Cx\Lib\FileSystem\FileSystemException $e) { \DBG::msg($e->getMessage()); $status = 'error'; } //make the thumb if (($exte == "gif" || $exte == "jpeg" || $exte == "jpg" || $exte == "png") && $path != "uploads/") { $this->createThumb($fileName, $path); } return $status; }