public function saveEdit($file, $name, $options = array(), $quality = 100) { // Check for request forgeries WFToken::checkToken() or die('Access to this resource is restricted'); // check for image editor access if ($this->checkAccess('image_editor', 1) === false) { JError::raiseError(403, 'Access to this resource is restricted'); } $browser = $this->getBrowser(); $filesystem = $browser->getFileSystem(); // check file self::validateImagePath($file); // clean temp $this->cleanEditorTmp($file, false); // check new name self::validateImagePath($name); $upload = JRequest::getVar('file', '', 'files', 'array'); // create a filesystem result object $result = new WFFileSystemResult(); if (isset($upload) && isset($upload['tmp_name']) && is_uploaded_file($upload['tmp_name'])) { $tmp = $upload['tmp_name']; self::validateImageFile($tmp); $exif = null; // get exif data from orignal file if (preg_match('#\\.jp(eg|g)$#i', basename($file)) && basename($file) == basename($name)) { // load exif classes require_once dirname(__FILE__) . '/pel/PelJpeg.php'; $src = WFUtility::makePath($filesystem->getBaseDir(), $file); $jpeg = new PelJpeg($src); $exif = $jpeg->getExif(); } $result = $filesystem->upload('multipart', trim($tmp), dirname($file), basename($name)); if ($result->state === true && $exif) { $pel = new PelDataWindow($result->path); if (PelJpeg::isValid($pel)) { $jpeg = new PelJpeg(); $jpeg->load($pel); $jpeg->setExif($exif); //$jpeg->saveFile($result->path); // write to file JFile::write($result->path, $jpeg->getBytes()); } } @unlink($tmp); } else { // set upload as false - JSON request $upload = false; $file = WFUtility::makePath($filesystem->getBaseDir(), $file); $dest = dirname($file) . '/' . basename($name); // get extension $ext = WFUtility::getExtension($dest); // load image class require_once dirname(__FILE__) . '/image/image.php'; // create image $image = new WFImage($file, $this->getParam('prefer_imagick', true)); foreach ($options as $filter) { if (isset($filter->task)) { $args = isset($filter->args) ? (array) $filter->args : array(); switch ($filter->task) { case 'resize': $w = $args[0]; $h = $args[1]; $image->resize($w, $h); break; case 'crop': $w = $args[0]; $h = $args[1]; $x = $args[2]; $y = $args[3]; $image->crop($w, $h, $x, $y); break; case 'rotate': $image->rotate(array_shift($args)); break; case 'flip': $image->flip(array_shift($args)); break; default: $image->filter($filter->task, $args); break; } } } // get image data $data = $image->toString($ext); // write to file if ($data) { $result->state = (bool) @JFile::write($dest, $data); } // set path $result->path = $dest; } if ($result->state === true) { // check if its a valid image if (@getimagesize($result->path) === false) { JFile::delete($result->path); throw new InvalidArgumentException('Invalid image file'); } else { $result->path = str_replace(WFUtility::cleanPath(JPATH_SITE), '', $result->path); $browser->setResult(WFUtility::cleanPath($result->path, '/'), 'files'); } } else { $browser->setResult($result->message || WFText::_('WF_IMGMANAGER_EXT_EDIT_SAVE_ERROR'), 'error'); } // set header and exit if ($upload) { header("Expires: Wed, 4 Apr 1984 13:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M_Y H:i:s") . " GMT"); header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); die(json_encode($browser->getResult())); } // return to WFRequest return $browser->getResult(); }
/** * Get a files properties * * @return array Array of properties * @param string $file File relative path */ public function getFileDetails($file, $count = 1) { clearstatcache(); $path = WFUtility::makePath($this->getBaseDir(), rawurldecode($file)); $url = WFUtility::makePath($this->getBaseUrl(), rawurldecode($file)); $date = @filemtime($path); $size = @filesize($path); $data = array('size' => $size, 'modified' => $date); if (preg_match('#\\.(jpg|jpeg|bmp|gif|tiff|png)#i', $file)) { $data['preview'] = WFUtility::cleanPath($url, '/'); $image = array(); if ($count <= 100) { $props = @getimagesize($path); $width = $props[0]; $height = $props[1]; $image = array('width' => $width, 'height' => $height); } return array_merge_recursive($data, $image); } return $data; }
/** * Get a files properties * * @return array Array of properties * @param string $file File relative path */ public function getFileDetails($file, $count = 1) { clearstatcache(); $path = WFUtility::makePath($this->getBaseDir(), rawurldecode($file)); $url = WFUtility::makePath($this->getBaseUrl(), rawurldecode($file)); $date = @filemtime($path); $size = @filesize($path); $data = array('size' => $size, 'modified' => $date); if (preg_match('#\\.(jpg|jpeg|bmp|gif|tiff|png)#i', $file) && $count <= 100) { $props = @getimagesize($path); /* if (preg_match('#\.(jpg|jpeg|tiff)#i', $file)) { $data = exif_read_data($path, 'IDF0', true, false); if ($data !== false) { $idf = isset($data['IDF0']) ? $data['IDF0'] : array(); $exif = isset($data['EXIF']) ? $data['EXIF'] : array(); $data = array_merge($idf, $exif); } } */ $width = $props[0]; $height = $props[1]; $image = array('width' => $width, 'height' => $height, 'preview' => WFUtility::cleanPath($url, '/')); return array_merge_recursive($data, $image); } return $data; }
/** * Upload a file. * @return array $error on failure or uploaded file name on success */ public function upload() { // Check for request forgeries WFToken::checkToken() or die; //JError::setErrorHandling(E_ALL, 'callback', array('WFError', 'raiseError')); // check for feature access if (!$this->checkFeature('upload')) { JError::raiseError(403, 'Access to this resource is restricted'); } jimport('joomla.filesystem.file'); // get uploaded file $file = JRequest::getVar('file', '', 'files', 'array'); // validate file data $this->validateUploadedFile($file); $wf = WFEditor::getInstance(); // HTTP headers for no cache etc //header('Content-type: text/plain; charset=UTF-8'); header('Content-Type: text/json;charset=UTF-8'); header("Expires: Wed, 4 Apr 1984 13:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M_Y H:i:s") . " GMT"); header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); // get file name $name = JRequest::getVar('name', $file['name']); // target directory $dir = JRequest::getVar('upload-dir'); // deocode directory $dir = rawurldecode($dir); // check destination path WFUtility::checkPath($dir); // decode name $name = rawurldecode($name); // check file name WFUtility::checkPath($name); // check for invalid extensions if (preg_match('#\\.(php|phtml|pl|py|jsp|asp|shtml|sh|cgi)$#i', $name)) { throw new InvalidArgumentException('INVALID FILE NAME'); } // get extension $ext = WFUtility::getExtension($name); // strip extension $name = WFUtility::stripExtension($name); // make file name 'web safe' $name = WFUtility::makeSafe($name, $this->get('websafe_mode', 'utf-8'), $this->get('websafe_spaces'), $this->get('websafe_textcase')); // empty name if ($name == '') { throw new InvalidArgumentException('INVALID FILE NAME'); } // check for extension in file name if (preg_match('#\\.(php|php(3|4|5)|phtml|pl|py|jsp|asp|htm|html|shtml|sh|cgi)\\b#i', $name)) { throw new InvalidArgumentException('INVALID FILE NAME'); } $upload = $this->get('upload'); // add random string if ($upload['add_random']) { $name = $name . '_' . substr(md5(uniqid(rand(), 1)), 0, 5); } // rebuild file name - name + extension $name = $name . '.' . $ext; // create a filesystem result object $result = new WFFileSystemResult(); $filesystem = $this->getFileSystem(); $complete = false; $contentType = JRequest::getVar('CONTENT_TYPE', '', 'SERVER'); // Only multipart uploading is supported for now if ($contentType && strpos($contentType, "multipart") !== false) { $result = $filesystem->upload('multipart', trim($file['tmp_name']), $dir, $name); if (!$result->state) { $result->message = WFText::_('WF_MANAGER_UPLOAD_ERROR'); $result->code = 103; } @unlink($file['tmp_name']); $complete = true; } else { $result->state = false; $result->code = 103; $result->message = WFText::_('WF_MANAGER_UPLOAD_ERROR'); $complete = true; } // upload finished if ($complete) { if ($result instanceof WFFileSystemResult) { if ($result->state === true) { $path = $result->path; // get root dir eg: JPATH_SITE $root = substr($filesystem->getBaseDir(), 0, -strlen($filesystem->getRootDir())); // get relative path $relative = substr($path, strlen($root)); // clean $relative = WFUtility::cleanPath($relative, '/'); $this->setResult($this->fireEvent('onUpload', array($result->path, $relative))); $this->setResult(basename($result->path), 'files'); } else { $this->setResult($result->message, 'error'); } } die(json_encode($this->getResult())); } }
/** * Upload a file. * @return array $error on failure or uploaded file name on success */ public function upload() { // Check for request forgeries WFToken::checkToken() or die; // check for feature access if (!$this->checkFeature('upload')) { JError::raiseError(403, 'Access to this resource is restricted'); } $filesystem = $this->getFileSystem(); jimport('joomla.filesystem.file'); header('Content-Type: text/json;charset=UTF-8'); header("Expires: Wed, 4 Apr 1984 13:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M_Y H:i:s") . " GMT"); header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); // get uploaded file $file = JRequest::getVar('file', '', 'files', 'array'); // validate file data $this->validateUploadedFile($file); $wf = WFEditor::getInstance(); // get file name $name = JRequest::getVar('name', $file['name']); // decode name $name = rawurldecode($name); // check name if (WFUtility::validateFileName($name) === false) { throw new InvalidArgumentException('Upload Failed: The file name contains an invalid extension.'); } // check file name WFUtility::checkPath($name); // get extension from file name $ext = WFUtility::getExtension($file['name']); // trim extension $ext = trim($ext); // check extension exists if (empty($ext) || $ext === $file['name']) { throw new InvalidArgumentException('Upload Failed: The file name does not contain a valid extension.'); } // strip extension $name = WFUtility::stripExtension($name); // make file name 'web safe' $name = WFUtility::makeSafe($name, $this->get('websafe_mode', 'utf-8'), $this->get('websafe_spaces'), $this->get('websafe_textcase')); // check name if (WFUtility::validateFileName($name) === false) { throw new InvalidArgumentException('Upload Failed: The file name contains an invalid extension.'); } // target directory $dir = JRequest::getVar('upload-dir'); // deocode directory $dir = rawurldecode($dir); // check destination path WFUtility::checkPath($dir); $upload = $this->get('upload'); // Check file number limits if (!empty($upload['total_files'])) { if ($filesystem->countFiles($dir, true) > $upload['total_files']) { throw new InvalidArgumentException(WFText::_('WF_MANAGER_FILE_LIMIT_ERROR')); } } // Check total file size limit if (!empty($upload['total_size'])) { $size = $filesystem->getTotalSize($dir); if ($size / 1024 / 1024 > $upload['total_size']) { throw new InvalidArgumentException(WFText::_('WF_MANAGER_FILE_SIZE_LIMIT_ERROR')); } } // add random string if ($upload['add_random']) { $name = $name . '_' . substr(md5(uniqid(rand(), 1)), 0, 5); } // rebuild file name - name + extension $name = $name . '.' . $ext; // create a filesystem result object $result = new WFFileSystemResult(); $complete = false; $contentType = JRequest::getVar('CONTENT_TYPE', '', 'SERVER'); // Only multipart uploading is supported for now if ($contentType && strpos($contentType, "multipart") !== false) { $result = $filesystem->upload('multipart', trim($file['tmp_name']), $dir, $name); if (!$result->state) { if (empty($result->message)) { $result->message = WFText::_('WF_MANAGER_UPLOAD_ERROR'); } $result->code = 103; } @unlink($file['tmp_name']); $complete = true; } else { $result->state = false; $result->code = 103; $result->message = WFText::_('WF_MANAGER_UPLOAD_ERROR'); $complete = true; } // upload finished if ($complete) { if ($result instanceof WFFileSystemResult) { if ($result->state === true) { $path = $result->path; // get root dir eg: JPATH_SITE $root = substr($filesystem->getBaseDir(), 0, -strlen($filesystem->getRootDir())); // get relative path $relative = substr($path, strlen($root)); // clean $relative = WFUtility::cleanPath($relative, '/'); $this->setResult($this->fireEvent('onUpload', array($result->path, $relative))); $this->setResult(basename($result->path), 'files'); } else { $this->setResult($result->message, 'error'); } } die(json_encode($this->getResult())); } }