public function share_validation() { $this->load->library('form_validation'); $this->load->helper('form'); $this->form_validation->set_error_delimiters('<div class="alert alert-error"><button type="button" class="close" data-dismiss="alert">×</button>', '</div>'); //mise en place des regles $this->form_validation->set_rules('keywords', 'Mots-clés', 'required|encode_php_tags|htmlspecialchars|trim|xss_clean|max_length[200]'); $this->form_validation->set_rules('description', 'Description', 'required|encode_php_tags|htmlspecialchars|trim|xss_clean|max_length[300]'); if ($this->form_validation->run() == FALSE) { //on affiche le formulaire $this->share(); } else { // upload du fichier $file_up = new Upload(); $user = unserialize($this->session->userdata('user_obj')); if ($file_up->upload_file($user->id, array('userfile'))) { // Création fichier $file = new File(); $file->id_user = $user->id; $file->desc = $this->input->post('description'); $file->keywords = $this->input->post('keywords'); $file->url = $file_up->files_uploaded[0][0]; $file->type = $file_up->files_uploaded[0][1]; //sauvegarde du fichier $file->save(); //notification $this->session->set_userdata('notif_ok', '<div class="alert alert-success"><button type="button" class="close" data-dismiss="alert">×</button><strong>Bravo! </strong> Votre partage a été réussi.</div>'); //redirection sur l'actualité redirect('flux', 'refresh'); } else { //on affiche le formulaire $this->share(); } } }
<?php header("Content-Type:text/html; charset=utf-8"); if ($_POST['submit']) { $upFile = new Upload(); $upFile->upload_file(); } class Upload { public $name; public $tmp_name; public $final_name; public $target_dir; public $target_path; public $file_type; public $allow_file_types; public $file_size; public $file_max_size; /** * __construct */ public function __construct() { $this->name = $_FILES["file"]["name"]; $this->file_type = $_FILES["file"]["type"]; $this->tmp_name = $_FILES["file"]["tmp_name"]; $this->allow_file_types = array('jpeg', 'doc', 'docx', 'dll', 'rar', 'zip', 'wps'); $this->file_size = $_FILES['file']['size']; $this->target_dir = './Upload'; } /**
function _upload_image($type = 'avatar') { global $FNS, $IN, $PREFS, $DB, $LANG, $SESS, $OUT; switch ($type) { case 'avatar' : $edit_image = 'edit_avatar'; $enable_pref = 'allow_avatar_uploads'; $not_enabled = 'avatars_not_enabled'; $remove = 'remove_avatar'; $removed = 'avatar_removed'; $updated = 'avatar_updated'; break; case 'photo' : $edit_image = 'edit_photo'; $enable_pref = 'enable_photos'; $not_enabled = 'photos_not_enabled'; $remove = 'remove_photo'; $removed = 'photo_removed'; $updated = 'photo_updated'; break; case 'sig' : $edit_image = 'edit_signature'; $enable_pref = 'sig_allow_img_upload'; $not_enabled = 'sig_img_not_enabled'; $remove = 'remove_sig_img'; $removed = 'sig_img_removed'; $updated = 'signature_updated'; break; } /** ---------------------------------------- /** Is this a remove request? /** ----------------------------------------*/ if ( ! isset($_POST['remove'])) { // Is image uploading enabled? if ($PREFS->ini($enable_pref) == 'n') { return $this->_trigger_error($not_enabled, $not_enabled); } } else { if ($type == 'avatar') { $query = $DB->query("SELECT avatar_filename FROM exp_members WHERE member_id = '".$SESS->userdata('member_id')."'"); if ($query->row['avatar_filename'] == '') { return $FNS->redirect($this->_member_path($edit_image)); } $DB->query("UPDATE exp_members SET avatar_filename = '', avatar_width='', avatar_height='' WHERE member_id = '".$SESS->userdata('member_id')."' "); if (ereg('/', $query->row['avatar_filename'])) { @unlink($PREFS->ini('avatar_path', TRUE).$query->row['avatar_filename']); } } elseif ($type == 'photo') { $query = $DB->query("SELECT photo_filename FROM exp_members WHERE member_id = '".$SESS->userdata('member_id')."'"); if ($query->row['photo_filename'] == '') { return $FNS->redirect($this->_member_path($edit_image)); } $DB->query("UPDATE exp_members SET photo_filename = '', photo_width='', photo_height='' WHERE member_id = '".$SESS->userdata('member_id')."' "); @unlink($PREFS->ini('photo_path', TRUE).$query->row['photo_filename']); } else { $query = $DB->query("SELECT sig_img_filename FROM exp_members WHERE member_id = '".$SESS->userdata('member_id')."'"); if ($query->row['sig_img_filename'] == '') { return $FNS->redirect($this->_member_path($edit_image)); } $DB->query("UPDATE exp_members SET sig_img_filename = '', sig_img_width='', sig_img_height='' WHERE member_id = '".$SESS->userdata('member_id')."' "); @unlink($PREFS->ini('sig_img_path', TRUE).$query->row['sig_img_filename']); } return $this->_var_swap($this->_load_element('success'), array( 'lang:heading' => $LANG->line($remove), 'lang:message' => $LANG->line($removed) ) ); } /** ---------------------------------------- /** Do the have the GD library? /** ----------------------------------------*/ if ( ! function_exists('getimagesize')) { return $this->_trigger_error($edit_image, 'gd_required'); } /** ---------------------------------------- /** Is there $_FILES data? /** ----------------------------------------*/ if ( ! isset($_FILES['userfile'])) { return $FNS->redirect($this->_member_path($edit_image)); } /** ---------------------------------------- /** Check the image size /** ----------------------------------------*/ $size = ceil(($_FILES['userfile']['size']/1024)); if ($type == 'avatar') { $max_size = ($PREFS->ini('avatar_max_kb') == '' OR $PREFS->ini('avatar_max_kb') == 0) ? 50 : $PREFS->ini('avatar_max_kb'); } elseif ($type == 'photo') { $max_size = ($PREFS->ini('photo_max_kb') == '' OR $PREFS->ini('photo_max_kb') == 0) ? 50 : $PREFS->ini('photo_max_kb'); } else { $max_size = ($PREFS->ini('sig_img_max_kb') == '' OR $PREFS->ini('sig_img_max_kb') == 0) ? 50 : $PREFS->ini('sig_img_max_kb'); } $max_size = preg_replace("/(\D+)/", "", $max_size); if ($size > $max_size) { return $OUT->show_user_error('submission', str_replace('%s', $max_size, $LANG->line('image_max_size_exceeded'))); } /** ---------------------------------------- /** Is the upload path valid and writable? /** ----------------------------------------*/ if ($type == 'avatar') { $upload_path = $PREFS->ini('avatar_path', TRUE).'uploads/'; } elseif ($type == 'photo') { $upload_path = $PREFS->ini('photo_path', TRUE); } else { $upload_path = $PREFS->ini('sig_img_path', TRUE); } if ( ! @is_dir($upload_path) OR ! is_writable($upload_path)) { return $this->_trigger_error($edit_image, 'image_assignment_error'); } /** ------------------------------------- /** Set some defaults /** -------------------------------------*/ $filename = $_FILES['userfile']['name']; if ($type == 'avatar') { $max_width = ($PREFS->ini('avatar_max_width') == '' OR $PREFS->ini('avatar_max_width') == 0) ? 100 : $PREFS->ini('avatar_max_width'); $max_height = ($PREFS->ini('avatar_max_height') == '' OR $PREFS->ini('avatar_max_height') == 0) ? 100 : $PREFS->ini('avatar_max_height'); $max_kb = ($PREFS->ini('avatar_max_kb') == '' OR $PREFS->ini('avatar_max_kb') == 0) ? 50 : $PREFS->ini('avatar_max_kb'); } elseif ($type == 'photo') { $max_width = ($PREFS->ini('photo_max_width') == '' OR $PREFS->ini('photo_max_width') == 0) ? 100 : $PREFS->ini('photo_max_width'); $max_height = ($PREFS->ini('photo_max_height') == '' OR $PREFS->ini('photo_max_height') == 0) ? 100 : $PREFS->ini('photo_max_height'); $max_kb = ($PREFS->ini('photo_max_kb') == '' OR $PREFS->ini('photo_max_kb') == 0) ? 50 : $PREFS->ini('photo_max_kb'); } else { $max_width = ($PREFS->ini('sig_img_max_width') == '' OR $PREFS->ini('sig_img_max_width') == 0) ? 100 : $PREFS->ini('sig_img_max_width'); $max_height = ($PREFS->ini('sig_img_max_height') == '' OR $PREFS->ini('sig_img_max_height') == 0) ? 100 : $PREFS->ini('sig_img_max_height'); $max_kb = ($PREFS->ini('sig_img_max_kb') == '' OR $PREFS->ini('sig_img_max_kb') == 0) ? 50 : $PREFS->ini('sig_img_max_kb'); } /** ---------------------------------------- /** Does the image have a file extension? /** ----------------------------------------*/ if ( ! ereg('\.', $filename)) { return $OUT->show_user_error('submission', $LANG->line('invalid_image_type')); } /** ---------------------------------------- /** Is it an allowed image type? /** ----------------------------------------*/ $xy = explode('.', $filename); $extension = '.'.end($xy); // We'll do a simple extension check now. // The file upload class will do a more thorough check later $types = array('.jpg', '.jpeg', '.gif', '.png'); if ( ! in_array(strtolower($extension), $types)) { return $OUT->show_user_error('submission', $LANG->line('invalid_image_type')); } /** ------------------------------------- /** Assign the name of the image /** -------------------------------------*/ $new_filename = $type.'_'.$SESS->userdata('member_id').strtolower($extension); /** ------------------------------------- /** Do they currently have an avatar or photo? /** -------------------------------------*/ if ($type == 'avatar') { $query = $DB->query("SELECT avatar_filename FROM exp_members WHERE member_id = '".$SESS->userdata('member_id')."'"); $old_filename = ($query->row['avatar_filename'] == '') ? '' : $query->row['avatar_filename']; if (ereg('/', $old_filename)) { $xy = explode('/', $old_filename); $old_filename = end($xy); } } elseif ($type == 'photo') { $query = $DB->query("SELECT photo_filename FROM exp_members WHERE member_id = '".$SESS->userdata('member_id')."'"); $old_filename = ($query->row['photo_filename'] == '') ? '' : $query->row['photo_filename']; } else { $query = $DB->query("SELECT sig_img_filename FROM exp_members WHERE member_id = '".$SESS->userdata('member_id')."'"); $old_filename = ($query->row['sig_img_filename'] == '') ? '' : $query->row['sig_img_filename']; } /** ------------------------------------- /** Upload the image /** -------------------------------------*/ require PATH_CORE.'core.upload'.EXT; $UP = new Upload(); $UP->new_name = $new_filename; $UP->set_upload_path($upload_path); $UP->set_allowed_types('img'); if ( ! $UP->upload_file()) { @unlink($UP->new_name); $info = ($UP->error_msg == 'invalid_filetype') ? "<div class='itempadbig'>".$LANG->line('invalid_image_type')."</div>" : ''; return $OUT->show_user_error('submission', $LANG->line($UP->error_msg).$info); } /** ------------------------------------- /** Do we need to resize? /** -------------------------------------*/ $vals = @getimagesize($UP->new_name); $width = $vals['0']; $height = $vals['1']; if ($width > $max_width OR $height > $max_height) { /** ------------------------------------- /** Was resizing successful? /** -------------------------------------*/ // If not, we'll delete the uploaded image and // issue an error saying the file is to big if ( ! $this->_image_resize($new_filename, $type)) { @unlink($UP->new_name); $max_size = str_replace('%x', $max_width, $LANG->line('max_image_size')); $max_size = str_replace('%y', $max_height, $max_size); $max_size .= ' - '.$max_kb.'KB'; return $OUT->show_user_error('submission', $max_size); } } /** ------------------------------------- /** Check the width/height one last time /** -------------------------------------*/ // Since our image resizing class will only reproportion // based on one axis, we'll check the size again, just to // be safe. We need to make absolutely sure that if someone // submits a very short/wide image it'll contrain properly $vals = @getimagesize($UP->new_name); $width = $vals['0']; $height = $vals['1']; if ($width > $max_width OR $height > $max_height) { $this->_image_resize($new_filename, $type, 'height'); $vals = @getimagesize($UP->new_name); $width = $vals['0']; $height = $vals['1']; } /** ------------------------------------- /** Delete the old file if necessary /** -------------------------------------*/ if ($old_filename != $new_filename) { @unlink($upload_path.$old_filename); } /** ---------------------------------------- /** Update DB /** ----------------------------------------*/ if ($type == 'avatar') { $avatar = 'uploads/'.$new_filename; $DB->query("UPDATE exp_members SET avatar_filename = '{$avatar}', avatar_width='{$width}', avatar_height='{$height}' WHERE member_id = '".$SESS->userdata('member_id')."' "); } elseif ($type == 'photo') { $DB->query("UPDATE exp_members SET photo_filename = '{$new_filename}', photo_width='{$width}', photo_height='{$height}' WHERE member_id = '".$SESS->userdata('member_id')."' "); } else { $DB->query("UPDATE exp_members SET sig_img_filename = '{$new_filename}', sig_img_width='{$width}', sig_img_height='{$height}' WHERE member_id = '".$SESS->userdata('member_id')."' "); } /** ------------------------------------- /** Success message /** -------------------------------------*/ return $this->_var_swap($this->_load_element('success'), array( 'lang:heading' => $LANG->line($edit_image), 'lang:message' => $LANG->line($updated) ) ); }
if (!empty($additional_image_fields)) { foreach ($additional_image_fields as $key => $val) { if (isset($HTTP_POST_VARS[$key]) && intval($val[2]) == 1 && trim($HTTP_POST_VARS[$key]) == "") { $error = 1; $field_error = preg_replace("/" . $site_template->start . "field_name" . $site_template->end . "/siU", str_replace(":", "", $val[0]), $lang['field_required']); $msg .= ($msg != "" ? "<br />" : "") . $field_error; } } } if (!$error) { // Start Upload include ROOT_PATH . 'includes/upload.php'; $site_upload = new Upload(); // Upload Media file if (!empty($HTTP_POST_FILES['media_file']['tmp_name']) && $HTTP_POST_FILES['media_file']['tmp_name'] != "none") { $new_name = $site_upload->upload_file("media_file", "media", $upload_cat); if (!$new_name) { $msg .= ($msg != "" ? "<br />" : "") . "<b>" . $lang['file_upload_error'] . ": " . $new_name . "</b><br />" . $site_upload->get_upload_errors(); $uploaderror = 1; } } else { $new_name = $remote_media_file; } // Upload thumb file $new_thumb_name = ""; if (!empty($HTTP_POST_FILES['thumb_file']['tmp_name']) && $HTTP_POST_FILES['thumb_file']['tmp_name'] != "none" && !$uploaderror) { $new_thumb_name = $site_upload->upload_file("thumb_file", "thumb", $upload_cat, get_basefile($new_name)); if (!$new_thumb_name) { $msg .= ($msg != "" ? "<br />" : "") . "<b>" . $lang['thumb_upload_error'] . ": " . $new_thumb_name . "</b><br />" . $site_upload->get_upload_errors(); @unlink(MEDIA_TEMP_PATH . "/" . $new_name); $uploaderror = 1;
/** ---------------------------------- /** Upload File /** ----------------------------------*/ function upload_file() { global $IN, $DSP, $DB, $LANG, $SESS; $id = $IN->GBL('destination'); $field_group = $IN->GBL('field_group'); $query = $DB->query("SELECT * FROM exp_upload_prefs WHERE id = '" . $DB->escape_str($id) . "'"); if ($query->num_rows == 0) { return; } if ($SESS->userdata['group_id'] != 1) { $safety = $DB->query("SELECT count(*) AS count FROM exp_upload_no_access WHERE upload_id = '" . $query->row['id'] . "' AND upload_loc = 'cp' AND member_group = '" . $SESS->userdata['group_id'] . "'"); if ($safety->row['count'] != 0) { exit('no access'); return $DSP->no_access_message(); } } require PATH_CORE . 'core.upload' . EXT; $UP = new Upload(); if ($UP->set_upload_path($query->row['server_path']) !== TRUE) { return $UP->show_error(); } $UP->set_max_width($query->row['max_width']); $UP->set_max_height($query->row['max_height']); $UP->set_max_filesize($query->row['max_size']); $UP->set_allowed_types($SESS->userdata['group_id'] == 1 ? 'all' : $query->row['allowed_types']); if (!$UP->upload_file()) { return $UP->show_error(); } global $UL; $UL = $UP; if ($UL->file_exists == TRUE) { return $this->file_exists_warning(); } $this->finalize_uploaded_file(array('id' => $id, 'field_group' => $field_group, 'file_name' => $UP->file_name, 'is_image' => $UP->is_image, 'step' => 1)); }
$error['remote_file'] = 1; } if ((empty($HTTP_POST_FILES['thumb_file']['tmp_name']) || $HTTP_POST_FILES['thumb_file']['tmp_name'] == "none") && $remote_thumb_file != "" && !check_remote_thumb($remote_thumb_file) && !check_local_thumb($remote_thumb_file)) { $error['remote_thumb_file'] = 1; } if (!empty($additional_image_fields)) { foreach ($additional_image_fields as $key => $val) { if (isset($HTTP_POST_VARS[$key]) && intval($val[2]) == 1 && trim($HTTP_POST_VARS[$key]) == "") { $error[$key] = 1; } } } if (!empty($HTTP_POST_FILES['file']['tmp_name']) && $HTTP_POST_FILES['file']['tmp_name'] != "none" && !$error) { unset($HTTP_POST_VARS['remote_file']); @rename(MEDIA_PATH . "/" . $old_cat_id . "/" . $old_file_name, MEDIA_PATH . "/" . $old_cat_id . "/" . $old_file_name . ".bak"); $new_name = $site_upload->upload_file("file", "media", $cat_id); if (!$new_name) { $error_msg .= $lang['file_upload_error'] . ": <b>" . $HTTP_POST_FILES['file']['name'] . "</b><br />" . $site_upload->get_upload_errors(); @rename(MEDIA_PATH . "/" . $old_cat_id . "/" . $old_file_name . ".bak", MEDIA_PATH . "/" . $old_cat_id . "/" . $old_file_name); $error = 1; } else { unlink(MEDIA_PATH . "/" . $old_cat_id . "/" . $old_file_name . ".bak"); $log[] = $lang['file_upload_success'] . ": <b>{$new_name}</b>"; } } elseif ((empty($HTTP_POST_FILES['file']['tmp_name']) || $HTTP_POST_FILES['file']['tmp_name'] == "none") && $remote_file != "" && (check_remote_media($remote_file) || check_local_media($remote_file))) { $new_name = $remote_file; if (file_exists(MEDIA_PATH . "/" . $old_cat_id . "/" . $old_file_name) && is_file(MEDIA_PATH . "/" . $old_cat_id . "/" . $old_file_name)) { unlink(MEDIA_PATH . "/" . $old_cat_id . "/" . $old_file_name); } } else { if ($cat_id != $old_cat_id && !empty($old_file_name)) {
$error['remote_file'] = 1; } if ((empty($HTTP_POST_FILES['thumb_file']['tmp_name']) || $HTTP_POST_FILES['thumb_file']['tmp_name'] == "none") && $remote_thumb_file != "" && !check_remote_thumb($remote_thumb_file) && !check_local_thumb($remote_thumb_file)) { $error['remote_thumb_file'] = 1; } if (!empty($additional_image_fields)) { foreach ($additional_image_fields as $key => $val) { if (isset($HTTP_POST_VARS[$key]) && intval($val[2]) == 1 && trim($HTTP_POST_VARS[$key]) == "") { $error[$key] = 1; } } } if (!empty($HTTP_POST_FILES['file']['tmp_name']) && $HTTP_POST_FILES['file']['tmp_name'] != "none" && !$error) { unset($HTTP_POST_VARS['remote_file']); @rename(MEDIA_TEMP_PATH . "/" . $old_file_name, MEDIA_TEMP_PATH . "/" . $old_file_name . ".bak"); $new_name = $site_upload->upload_file("file", "media", 0); if (!$new_name) { $error_msg .= $lang['file_upload_error'] . ": <b>" . $HTTP_POST_FILES['file']['name'] . "</b><br />" . $site_upload->get_upload_errors(); @rename(MEDIA_TEMP_PATH . "/" . $old_file_name . ".bak", MEDIA_TEMP_PATH . "/" . $old_file_name); $error = 1; } else { $log[] = $lang['file_upload_success'] . ": <b>" . $new_name . "</b>"; } } elseif ((empty($HTTP_POST_FILES['file']['tmp_name']) || $HTTP_POST_FILES['file']['tmp_name'] == "none") && $remote_file != "" && check_remote_media($remote_file)) { $new_name = $remote_file; if (file_exists(MEDIA_TEMP_PATH . "/" . $old_file_name)) { unlink(MEDIA_TEMP_PATH . "/" . $old_file_name); } } else { $new_name = $old_file_name; }
<?php header('Content-type: text/html; charset=UTF-8'); require './Upload.php'; $upload = new Upload($_FILES['arquivo']); //$upload->set_uploads_folder(__DIR__ . '/tmp/'); //$upload->set_file_name('doctrine'); $upload->set_max_size(20); $upload->set_overwrite(true); $upload->set_allowed_types(array('image/jpeg', 'text/plain', 'application/pdf')); try { $upload->upload_file(); } catch (Exception $ex) { echo $ex->getMessage(); } echo $upload->get_file_path(); //var_dump($upload);
/** ------------------------------------- /** Uploading Attachments /** -------------------------------------*/ function _attach_file() { global $IN, $DB, $FNS, $PREFS, $LOC, $LANG, $SESS; /** ------------------------------------- /** Check the paths /** -------------------------------------*/ if ($this->upload_path == '') { return $LANG->line('unable_to_recieve_attach'); } if (!@is_dir($this->upload_path) or !@is_writable($this->upload_path)) { return $LANG->line('unable_to_recieve_attach'); } /** ------------------------------------- /** Are there previous attachments? /** -------------------------------------*/ $this->attachments = array(); $attachments_size = 0; if ($IN->GBL('attach') !== FALSE && $IN->GBL('attach') != '') { $query = $DB->query("SELECT attachment_id, attachment_size, attachment_location\n \t\t\t\t\t\t FROM exp_message_attachments\n \t\t\t\t\t\t WHERE attachment_id IN ('" . str_replace('|', "','", $IN->GBL('attach')) . "')"); if ($query->num_rows + 1 > $this->max_attachments) { return $LANG->line('no_more_attachments'); } elseif ($query->num_rows > 0) { foreach ($query->result as $row) { if (!file_exists($row['attachment_location'])) { continue; } $this->attachments[] = $row['attachment_id']; $attachments_size += $row['attachment_size']; } } } /** ------------------------------------- /** Attachment too hefty? /** -------------------------------------*/ if ($this->attach_maxsize != 0 && $attachments_size + $_FILES['userfile']['size'] / 1024 > $this->attach_maxsize) { return $LANG->line('attach_too_large'); } /** ------------------------------------- /** Fetch the size of all attachments /** -------------------------------------*/ if ($this->attach_total != '0') { $query = $DB->query("SELECT SUM(attachment_size) AS total FROM exp_message_attachments WHERE is_temp != 'y'"); if (!empty($query->row['total'])) { // Is the size of the new file (along with the previous ones) too large? if (ceil($query->row['total'] + $_FILES['userfile']['size'] / 1024) > $this->attach_total * 1000) { return $LANG->line('too_many_attachments'); } } } /** ------------------------------------- /** Separate the filename form the extension /** -------------------------------------*/ if (!class_exists('Image_lib')) { require PATH_CORE . 'core.image_lib' . EXT; } $IM = new Image_lib(); $split = $IM->explode_name($_FILES['userfile']['name']); $filename = $split['name']; $extension = $split['ext']; $filehash = $FNS->random('alpha', 20); /** ------------------------------------- /** Upload the image /** -------------------------------------*/ if (!class_exists('Upload')) { require PATH_CORE . 'core.upload' . EXT; } $UP = new Upload(); $UP->set_upload_path($this->upload_path); $UP->set_allowed_types('all'); $UP->new_name = $filehash . $extension; if (!$UP->upload_file()) { @unlink($UP->new_name); if ($UP->error_msg == 'invalid_filetype') { $info = implode(', ', $UP->allowed_mimes); $info = "<div class='default'>" . $LANG->line($UP->error_msg) . "<div class='default'>" . $LANG->line('allowed_mimes') . ' ' . $info . "</div>"; return $info; } return $UP->error_msg; } /** ------------------------------------- /** Insert into Database /** -------------------------------------*/ $this->temp_message_id = $FNS->random('nozero', 10); $data = array('attachment_id' => '', 'sender_id' => $this->member_id, 'message_id' => $this->temp_message_id, 'attachment_name' => $filename . $extension, 'attachment_hash' => $filehash, 'attachment_extension' => $extension, 'attachment_location' => $UP->new_name, 'attachment_date' => $LOC->now, 'attachment_size' => ceil($UP->file_size / 1024)); $DB->query($DB->insert_string('exp_message_attachments', $data)); $attach_id = $DB->insert_id; /** ------------------------------------- /** Change file name with attach ID /** -------------------------------------*/ // For convenience we use the attachment ID number as the prefix for all files. // That way they will be easier to manager. // OK, whatever you say, Rick. -Paul if (file_exists($UP->new_name)) { $final_name = $attach_id . '_' . $filehash; $final_path = $UP->upload_path . $final_name . $extension; if (rename($UP->new_name, $final_path)) { chmod($final_path, 0777); $DB->query("UPDATE exp_message_attachments SET attachment_hash = '{$final_name}', attachment_location = '{$final_path}' WHERE attachment_id = '{$attach_id}'"); } } /** ------------------------------------- /** Load Attachment into array /** -------------------------------------*/ $this->attachments[] = $attach_id; /* ------------------------------------- /* Delete Temp Attachments Over 48 Hours Old /* /* The temp attachments are kept so long because /* of draft messages that may contain attachments /* but will not be sent until later. I think 48 /* hours is enough time. Any longer and the attachment /* is gone but the message remains. /* -------------------------------------*/ $expire = $LOC->now - 24 * 60 * 60; $result = $DB->query("SELECT attachment_location FROM exp_message_attachments \n\t\t\t\t\t\t\t WHERE attachment_date < {$expire}\n\t\t\t\t\t\t\t AND is_temp = 'y'"); if ($result->num_rows > 0) { foreach ($result->result as $row) { @unlink($row['attachment_location']); } $DB->query("DELETE FROM exp_message_attachments WHERE attachment_date < {$expire} AND is_temp='y'"); } return TRUE; }