public function write_file($file, $name)
{
$filename = PerchUtil::tidy_file_name($name);
if (strpos($filename, '.php') !== false) {
$filename .= '.txt';
}
// diffuse PHP files
if (strpos($filename, '.phtml') !== false) {
$filename .= '.txt';
}
// diffuse PHP files
$target = PerchUtil::file_path($this->file_path . '/' . $filename);
if (file_exists($target)) {
$dot = strrpos($filename, '.');
$filename_a = substr($filename, 0, $dot);
$filename_b = substr($filename, $dot);
$count = 1;
while (file_exists(PerchUtil::file_path($this->file_path . '/' . PerchUtil::tidy_file_name($filename_a . '-' . $count . $filename_b)))) {
$count++;
}
$filename = PerchUtil::tidy_file_name($filename_a . '-' . $count . $filename_b);
$target = PerchUtil::file_path($this->file_path . '/' . $filename);
}
PerchUtil::move_uploaded_file($file, $target);
return array('name' => $filename, 'path' => $target);
}
}
//checking for naughty uploading of php files.
$target = PERCH_RESFILEPATH . DIRECTORY_SEPARATOR . $filename;
if (file_exists($target)) {
$ext = strrpos($filename, '.');
$fileName_a = substr($filename, 0, $ext);
$fileName_b = substr($filename, $ext);
$count = 1;
while (file_exists(PERCH_RESFILEPATH . DIRECTORY_SEPARATOR . $fileName_a . '_' . $count . $fileName_b)) {
$count++;
}
$filename = $fileName_a . '_' . $count . $fileName_b;
$target = PERCH_RESFILEPATH . DIRECTORY_SEPARATOR . $filename;
}
}
PerchUtil::move_uploaded_file($_FILES['upload']['tmp_name'], $target);
if (is_object($Image)) {
$Image->process_versions($filename, $Template);
}
}
if ($new_image) {
PerchUtil::redirect($API->app_path() . '/images/edit/?album_id=' . $albumID . '&id=' . $result->id() . '&created=1');
} else {
$message = $HTML->success_message('Your image has been successfully updated. Return to %simage listing%s', '<a href="' . $API->app_path() . '/images/?id=' . $albumID . '">', '</a>');
}
} else {
$message = $HTML->failure_message('Sorry, that image could not be updated.');
}
if (is_object($Image)) {
$details = $Image->to_array();
} else {
}
if (isset($_POST['logo_remove']) && $_POST['logo_remove'] == '1') {
$data['logoPath'] = '';
}
foreach ($data as $key => $value) {
$Settings->set($key, $value);
}
$Lang = PerchLang::fetch();
$Lang->reload();
$Alert->set('success', PerchLang::get("Your settings have been updated."));
// image upload
if (isset($_FILES['customlogo']) && (int) $_FILES['customlogo']['size'] > 0) {
if (is_array(getimagesize($_FILES['customlogo']['tmp_name']))) {
$filename = $_FILES['customlogo']['name'];
if (strpos($filename, '.php') !== false) {
$filename .= '.txt';
}
// diffuse PHP files
$target = PERCH_RESFILEPATH . '/' . $filename;
if (file_exists($target)) {
$filename = time() . '_' . $_FILES['customlogo']['name'];
$target = PERCH_RESFILEPATH . '/' . $filename;
}
PerchUtil::move_uploaded_file($_FILES['customlogo']['tmp_name'], $target);
$Settings->set('logoPath', PERCH_RESPATH . '/' . $filename);
}
}
$Settings->reload();
}
PerchUtil::debug('Image folder writable? ' . $image_folder_writable);
$details = $Settings->get_as_array();
public function process_response($SubmittedForm)
{
$opts = $this->_load_options();
$data = array();
$data['fields'] = array();
$data['files'] = array();
$data['page'] = $SubmittedForm->page;
if (class_exists('PerchContent_Pages')) {
$Pages = new PerchContent_Pages();
$Page = $Pages->find_by_path($SubmittedForm->page);
if ($Page) {
$data['page'] = array('id' => $Page->pageID(), 'title' => $Page->pageTitle(), 'path' => $Page->pagePath(), 'navtext' => $Page->pageNavText());
}
}
// Anti-spam
$spam = false;
$antispam = $SubmittedForm->get_antispam_values();
$environment = $_SERVER;
$akismetAPIKey = false;
if (isset($opts->akismet) && $opts->akismet) {
if (isset($opts->akismetAPIKey) && $opts->akismetAPIKey != '') {
$akismetAPIKey = $opts->akismetAPIKey;
}
}
$spam = $this->_check_for_spam($antispam, $environment, $akismetAPIKey);
// Files
if (!$spam && PerchUtil::count($SubmittedForm->files)) {
if (isset($opts->fileLocation) && $opts->fileLocation != '') {
foreach ($SubmittedForm->files as $key => &$details) {
if ($details['error'] == '0' && $details['size'] > 0) {
// no error, upload worked
$attrs = $SubmittedForm->get_template_attributes($key);
if (is_uploaded_file($details['tmp_name'])) {
$filename = $details['name'];
$dest = rtrim($opts->fileLocation, '\\/') . DIRECTORY_SEPARATOR;
if (file_exists($dest . $filename)) {
$filename = time() . $filename;
}
if (file_exists($dest . $filename)) {
$filename = time() . mt_rand() . $filename;
}
if (PerchUtil::move_uploaded_file($details['tmp_name'], $dest . $filename)) {
$details['new_path'] = $dest . $filename;
$details['new_filename'] = $filename;
$file = new stdClass();
$file->name = $filename;
$file->path = $dest . $filename;
$file->size = $details['size'];
$file->mime = '';
if (isset($SubmittedForm->mimetypes[$key])) {
$file->mime = $SubmittedForm->mimetypes[$key];
}
$file->attributes = $attrs->get_attributes();
$data['files'][$key] = $file;
}
}
}
}
} else {
PerchUtil::debug('Form ' . $SubmittedForm->id . ': File save location not set, files discarded.', 'error');
}
}
// Fields
if (PerchUtil::count($SubmittedForm->data)) {
foreach ($SubmittedForm->data as $key => $value) {
$attrs = $SubmittedForm->get_template_attributes($key);
if ($attrs) {
$field = new stdClass();
$field->attributes = $attrs->get_attributes();
// skip submit fields
if (isset($field->attributes['type']) && $field->attributes['type'] == 'submit') {
// skip it.
} else {
// skip honeypot field
if (isset($field->attributes['antispam']) && $field->attributes['antispam'] == 'honeypot') {
// skip it
} else {
$field->value = $value;
$data['fields'][$attrs->id()] = $field;
}
}
}
}
}
if (!$spam && isset($opts->email) && $opts->email) {
$this->_send_email($opts, $data);
}
if (isset($opts->store) && $opts->store) {
$json = PerchUtil::json_safe_encode($data);
$record = array();
$record['responseJSON'] = $json;
$record['formID'] = $this->id();
$record['responseIP'] = $_SERVER['REMOTE_ADDR'];
if ($spam) {
$record['responseSpam'] = '1';
}
$spam_data = array();
$spam_data['fields'] = $antispam;
$spam_data['environment'] = $environment;
$record['responseSpamData'] = PerchUtil::json_safe_encode($spam_data);
$Responses = new PerchForms_Responses($this->api);
$Response = $Responses->create($record);
}
if ($spam || !isset($opts->store) || !$opts->store) {
// not storing, so drop files
if (PerchUtil::count($data['files'])) {
foreach ($data['files'] as $file) {
if (file_exists($file->path)) {
@unlink($file->path);
}
}
}
}
// Redirect?
if (isset($opts->successURL) && $opts->successURL) {
PerchUtil::redirect(trim($opts->successURL));
}
}
