$phpwcms['file_maxsize'] = $upload_max_filesize - 1; } } else { $upload_max_filesize = $phpwcms['file_maxsize']; } if (is_string($phpwcms['allowed_upload_ext'])) { $phpwcms['allowed_upload_ext'] = convertStringToArray(strtolower($phpwcms['allowed_upload_ext'])); } $uploader = new qqFileUploader($phpwcms['allowed_upload_ext'], min($post_max_size, $upload_max_filesize, $phpwcms['file_maxsize'])); $uploadDir = PHPWCMS_ROOT . $phpwcms["ftp_path"]; // Call handleUpload() with the name of the folder, relative to PHP's getcwd() $result = $uploader->handleUpload($uploadDir, NULL, TRUE, FALSE); $result['filename'] = $uploader->getUploadName(); if (!empty($result['success']) && !empty($_GET['file_public'])) { require_once PHPWCMS_ROOT . '/include/inc_lib/dbcon.inc.php'; $data = array('f_pid' => intval($_GET['file_dir']), 'f_uid' => intval($_SESSION["wcs_user_id"]), 'f_kid' => 1, 'f_aktiv' => 1, 'f_public' => 1, 'f_name' => $result['filename'], 'f_created' => now(), 'f_size' => $uploader->getFileSize(), 'f_type' => $uploader->getFileType(), 'f_ext' => strtolower($uploader->getFileExtension()), 'f_longinfo' => slweg($_GET['file_longinfo']), 'f_hash' => md5($result['filename'] . microtime()), 'f_copyright' => slweg($_GET['file_copyright']), 'f_tags' => clean_slweg($_GET['file_tags'])); if (PHPWCMS_CHARSET != 'utf-8') { $data['f_name'] = makeCharsetConversion($data['f_name'], 'utf-8', PHPWCMS_CHARSET); $data['f_longinfo'] = makeCharsetConversion($data['f_longinfo'], 'utf-8', PHPWCMS_CHARSET); $data['f_copyright'] = makeCharsetConversion($data['f_copyright'], 'utf-8', PHPWCMS_CHARSET); $data['f_tags'] = makeCharsetConversion($data['f_tags'], 'utf-8', PHPWCMS_CHARSET); } $insert = _dbInsert('phpwcms_file', $data); // move uploaded file if (!empty($insert['INSERT_ID'])) { $userftppath = PHPWCMS_ROOT . $phpwcms["ftp_path"]; $useruploadpath = PHPWCMS_ROOT . $phpwcms["file_path"]; $usernewfile = $useruploadpath . $data['f_hash']; if ($data['f_ext']) { $usernewfile .= '.' . $data['f_ext']; }