<?php /** * controls are written in saveform.php * !isset($_FILES['Filedata']['name'] and !$_FILES['Filedata']['name'] => no file sent * !isset($_GET['btn_upload_id']) and !in_array($_GET['btn_upload_id'], $isset_btn) => upload buttons are not set * !in_array($fileinfo['extension'], $upload_auth_ext) => unauthorized extension * !$_FILES['Filedata']['size'] => empty file * if($_FILES['Filedata']['size'] > xxx) => unauthorized file size' */ session_start(); // SWFUpload require_once '../inc/contactform.config.php'; require_once '../class/class.contactform.php'; $contactform_obj = new contactForm($cfg); $_FILES['Filedata']['name'] = $contactform_obj->quote_smart($_FILES['Filedata']['name']); // ^-- if file name contains simple quotes => {"filename":"aaa\'aaa.gif"} => json won't be parsed correctly function uploadFile($copy_src_filename, $originalfilename, $testnewfilename) { global $i; $dir_upload = '../upload/'; if (!is_writable($dir_upload)) { @chmod($dir_upload, 0755); } if (file_exists($dir_upload . $testnewfilename)) { $fileinfo = pathinfo($originalfilename); $filename_noext = basename($originalfilename, '.' . $fileinfo['extension']); $i++; $suffix = str_pad($i, 3, '0', STR_PAD_LEFT); $newfilename = $filename_noext . ' - ' . $suffix . '.' . $fileinfo['extension']; uploadFile($copy_src_filename, $originalfilename, $newfilename);
<?php session_start(); require_once '../inc/contactform.config.php'; require_once '../class/class.contactform.php'; $contactform_obj = new contactForm($cfg); $json_error = ''; $post_required_email = array('cfg-element-30-3'); /** * required files and elements are written in saveform.php * $post_required_element = array... * $post_required_email = array... * $json_error = ''; * json error message for invalid captcha (captcha_img_string) */ // delete the files the user uploaded and then deleted if (isset($_POST['deleteuploadedfile']) && $_POST['deleteuploadedfile']) { foreach ($_POST['deleteuploadedfile'] as $value) { if (in_array($value, $_SESSION['uploaded_files'])) { @unlink('../upload/' . $contactform_obj->quote_smart($value)); } } } if (isset($_POST['form_value_array']) && $_POST['form_value_array']) { foreach ($_POST['form_value_array'] as $value) { $contactform_obj->mergePost($value); } } // print_r($post_element_ids);print_r($contactform_obj->merge_post); if (isset($post_required_element) && $post_required_element && isset($contactform_obj->merge_post) && $contactform_obj->merge_post) { foreach ($post_required_element as $value) {
public function callProcesscontactforms() { /* Include classes we need */ include_once LOCAL_PATH . 'application/localExt/contactForm/index.php'; /* */ $contactForm = new contactForm(); return $contactForm->getResult(); }