/**
* Find filename which isn't already taken in the filesystem.
*
* @param string $folder Relative path from JPATH_ROOT.
* @param string $basename Filename without extension.
* @param string $extension File extension.
* @param bool $protected True to randomize the filename. If not given, uses Kunena configuration setting.
*
* @return string
*
* @since K4.0
*/
public static function getAvailableFilename($folder, $basename, $extension, $protected = null)
{
if (is_null($protected)) {
$protected = (bool) KunenaConfig::getInstance()->attachment_protection;
}
if ($protected) {
// Ignore proposed filename and return totally random and unique name without file extension.
do {
$name = md5(rand());
} while (file_exists(JPATH_ROOT . "/{$folder}/{$name}"));
return $name;
}
// Lets find out if we need to rename the filename.
$basename = preg_replace('/[[:space:]]/', '', KunenaFile::makeSafe($basename));
$extension = trim($extension, '.');
if (empty($basename)) {
$basename = 'file_' . substr(md5(rand()), 2, 7);
}
$newName = "{$basename}.{$extension}";
$date = date('Y-m-d');
// Rename file if there is already one with the same name
if (file_exists(JPATH_ROOT . "/{$folder}/{$newName}")) {
$newName = "{$basename}_{$date}.{$extension}";
for ($i = 2; file_exists(JPATH_ROOT . "/{$folder}/{$newName}"); $i++) {
$newName = "{$basename}_{$date}-{$i}.{$extension}";
}
}
return $newName;
}
function uploadFile($uploadPath, $input = 'kattachment', $filename = '', $ajax = true)
{
$this->resetStatus();
// create upload directory if it does not exist
if (!JFolder::exists($uploadPath)) {
if (!JFolder::create($uploadPath)) {
$this->fail(JText::_('COM_KUNENA_UPLOAD_ERROR_CREATE_DIR'));
return false;
}
}
KunenaFolder::createIndex($uploadPath);
// Get file name and validate with path type
$this->fileName = JRequest::getString($input . '_name', '', 'post');
$this->fileSize = 0;
$chunk = JRequest::getInt('chunk', 0);
$chunks = JRequest::getInt('chunks', 0);
if ($chunks && $chunk >= $chunks) {
$this->error = JText::_('COM_KUNENA_UPLOAD_ERROR_EXTRA_CHUNK');
}
//If uploaded by using normal form (no AJAX)
if ($ajax == false || isset($_REQUEST["multipart"])) {
$file = JRequest::getVar($input, null, 'files', 'array');
// File upload
if (!empty($file['error'])) {
// Any errors the server registered on uploading
switch ($file['error']) {
case 0:
// UPLOAD_ERR_OK :
break;
case 1:
// UPLOAD_ERR_INI_SIZE :
// UPLOAD_ERR_INI_SIZE :
case 2:
// UPLOAD_ERR_FORM_SIZE :
$this->fail(JText::_('COM_KUNENA_UPLOAD_ERROR_SIZE') . 'DEBUG: file[error]' . htmlspecialchars($file['error'], ENT_COMPAT, 'UTF-8'));
break;
case 3:
// UPLOAD_ERR_PARTIAL :
$this->fail(JText::_('COM_KUNENA_UPLOAD_ERROR_PARTIAL'));
break;
case 4:
// UPLOAD_ERR_NO_FILE :
$this->fail(JText::_('COM_KUNENA_UPLOAD_ERROR_NO_FILE'));
break;
case 5:
// UPLOAD_ERR_NO_TMP_DIR :
$this->fail(JText::_('COM_KUNENA_UPLOAD_ERROR_NO_TMP_DIR'));
break;
case 7:
// UPLOAD_ERR_CANT_WRITE, PHP 5.1.0
$this->fail(JText::_('COM_KUNENA_UPLOAD_ERROR_CANT_WRITE'));
break;
case 8:
// UPLOAD_ERR_EXTENSION, PHP 5.2.0
$this->fail(JText::_('COM_KUNENA_UPLOAD_ERROR_PHP_EXTENSION'));
break;
default:
$this->fail(JText::_('COM_KUNENA_UPLOAD_ERROR_UNKNOWN'));
}
return false;
} elseif (!is_uploaded_file($file['tmp_name'])) {
$this->fail(JText::_('COM_KUNENA_UPLOAD_ERROR_NOT_UPLOADED'));
return false;
}
$this->fileTemp = $file['tmp_name'];
$this->fileSize = $file['size'];
if (!$this->fileName) {
// Need to add additonal path type check as array getVar does not
$this->fileName = $file['name'];
}
} else {
// Currently not in use: this is meant for experimental AJAX uploads
// Open temp file
$this->fileTemp = KunenaPath::tmpdir() . '/kunena_' . md5($this->_my->id . '/' . $this->_my->username . '/' . $this->fileName);
$out = fopen($this->fileTemp, $chunk == 0 ? "wb" : "ab");
if ($out) {
// Read binary input stream and append it to temp file
$in = fopen("php://input", "rb");
if ($in) {
while (($buff = fread($in, 8192)) != false) {
fwrite($out, $buff);
}
} else {
$this->fail(JText::_('COM_KUNENA_UPLOAD_ERROR_NO_INPUT'));
}
clearstatcache();
$fileInfo = fstat($out);
$this->fileSize = $fileInfo['size'];
fclose($out);
if (!$this->error) {
$this->checkFileSize($this->fileSize);
}
if ($chunk + 1 < $chunks) {
$this->status = empty($this->error);
return $this->status;
}
} else {
$this->fail(JText::_('COM_KUNENA_UPLOAD_ERROR_CANT_WRITE'));
}
}
// Terminate early if we already hit an error
if ($this->error) {
return false;
}
// assume the extension is false until we know its ok
$extOk = false;
$fileparts = $this->getValidExtension($this->validFileExts);
$uploadedFileExtension = '';
if ($fileparts) {
$this->_isfile = true;
$extOk = true;
$uploadedFileBasename = $fileparts[0];
$uploadedFileExtension = $fileparts[1];
}
$fileparts = $this->getValidExtension($this->validImageExts);
if ($fileparts) {
$this->_isimage = true;
$extOk = true;
$uploadedFileBasename = $fileparts[0];
$uploadedFileExtension = $fileparts[1];
}
if ($extOk == false) {
$imglist = implode(', ', $this->validImageExts);
$filelist = implode(', ', $this->validFileExts);
if ($imglist && $filelist) {
$this->fail(JText::sprintf('COM_KUNENA_UPLOAD_ERROR_EXTENSION', $imglist, $filelist));
} else {
if ($imglist && !$filelist) {
$this->fail(JText::sprintf('COM_KUNENA_UPLOAD_ERROR_EXTENSION_FILE', $this->_config->filetypes));
} else {
if (!$imglist && $filelist) {
$this->fail(JText::sprintf('COM_KUNENA_UPLOAD_ERROR_EXTENSION_IMAGE', $this->_config->imagetypes));
} else {
$this->fail(JText::sprintf('COM_KUNENA_UPLOAD_ERROR_NOT_ALLOWED', $filelist));
}
}
}
$this->not_valid_img_ext = false;
return false;
}
// Special processing for images
if ($this->_isimage) {
$this->imageInfo = CKunenaImageHelper::getProperties($this->fileTemp);
// Let see if we need to check the MIME type
if ($this->_config->checkmimetypes) {
// check against whitelist of MIME types
$validFileTypes = explode(",", $this->_config->imagemimetypes);
//if the temp file does not have a width or a height, or it has a non ok MIME, return
if (!is_int($this->imageInfo->width) || !is_int($this->imageInfo->height) || !in_array($this->imageInfo->mime, $validFileTypes)) {
$this->fail(JText::sprintf('COM_KUNENA_UPLOAD_ERROR_MIME', $this->imageInfo->mime, $this->_config->imagetypes));
return false;
}
}
// If image is not inside allowed size limits, resize it
if ($this->fileSize > $this->imagesize || $this->imageInfo->width > $this->imagewidth || $this->imageInfo->height > $this->imageheight) {
$options = array('quality' => $this->imagequality);
$imageRaw = new CKunenaImage($this->fileTemp);
if ($imageRaw->getError()) {
$this->fail(JText::_($imageRaw->getError()));
return false;
}
$image = $imageRaw->resize($this->imagewidth, $this->imageheight);
$type = $imageRaw->getType();
unset($imageRaw);
$image->toFile($this->fileTemp, $type, $options);
clearstatcache();
// Re-calculate physical file size: image has been shrunk
$stat = stat($this->fileTemp);
if (!$stat) {
$this->fail(JText::_('COM_KUNENA_UPLOAD_ERROR_STAT', htmlspecialchars($this->fileTemp, ENT_COMPAT, 'UTF-8')));
return false;
}
$this->fileSize = $stat['size'];
}
}
$this->checkFileSize($this->fileSize);
// Check again for error and terminate early if we already hit an error
if ($this->error) {
return false;
}
// Populate hash, file size and other info
// Get a hash value from the file
$this->fileHash = md5_file($this->fileTemp);
// Override filename if given in the parameter
if ($filename) {
$uploadedFileBasename = $filename;
}
$uploadedFileBasename = KunenaFile::makeSafe($uploadedFileBasename);
if (empty($uploadedFileBasename)) {
$uploadedFileBasename = 'h' . substr($this->fileHash, 2, 7);
}
// Rename file if there is already one with the same name
$newFileName = $uploadedFileBasename . "." . $uploadedFileExtension;
$newFileName = preg_replace('/[[:space:]]/', '', $newFileName);
$uploadedFileBasename = preg_replace('/[[:space:]]/', '', $uploadedFileBasename);
if (file_exists($uploadPath . '/' . $newFileName)) {
$newFileName = $uploadedFileBasename . "." . $uploadedFileExtension;
for ($i = 2; file_exists("{$uploadPath}/{$newFileName}"); $i++) {
$newFileName = $uploadedFileBasename . "-{$i}." . $uploadedFileExtension;
}
}
$this->fileName = $newFileName;
// All the processing is complete - now we need to move the file(s) into the final location
@chmod($this->fileTemp, 0644);
if (!JFile::copy($this->fileTemp, $uploadPath . '/' . $this->fileName)) {
$this->fail(JText::sprintf('COM_KUNENA_UPLOAD_ERROR_NOT_MOVED', htmlspecialchars($uploadPath . '/' . $this->fileName, ENT_COMPAT, 'UTF-8')));
unlink($this->fileTemp);
return false;
}
unlink($this->fileTemp);
JPath::setPermissions($uploadPath . '/' . $this->fileName);
$this->ready = true;
return $this->status = true;
}