public function testSetLogFileFail()
{
// tricky to test: given logfile must exist but we don't have the
// path to error.log - test for failure only
$this->up->setLogFile('does-not-exist.log');
// there is no getLogFile() method ...
$this->assertEquals('', $this->up->getLogFile());
}
function CLASSIFIEDS_saveImage($ad, $FILES, $clid)
{
global $_CONF, $_CLASSIFIEDS_CONF, $_TABLES, $LANG24;
$args =& $ad;
// Handle Magic GPC Garbage:
while (list($key, $value) = each($args)) {
if (!is_array($value)) {
$args[$key] = COM_stripslashes($value);
} else {
while (list($subkey, $subvalue) = each($value)) {
$value[$subkey] = COM_stripslashes($subvalue);
}
}
}
// Delete any images if needed
if (array_key_exists('delete', $args)) {
$delete = count($args['delete']);
for ($i = 1; $i <= $delete; $i++) {
$pi_filename = DB_getItem($_TABLES['cl_pic'], 'pi_filename', 'pi_pid = ' . $clid . ' AND pi_img_num = ' . key($args['delete']));
CLASSIFIEDS_deleteImage($pi_filename);
DB_query("DELETE FROM {$_TABLES['cl_pic']} WHERE pi_pid = " . $clid . " AND pi_img_num = " . key($args['delete']));
next($args['delete']);
}
}
// OK, let's upload any pictures with the ad
if (DB_count($_TABLES['cl_pic'], 'pi_pid', $clid) > 0) {
$index_start = DB_getItem($_TABLES['cl_pic'], 'max(pi_img_num)', "pi_pid = '" . $clid . "'") + 1;
} else {
$index_start = 1;
}
if (count($FILES) > 0 and $_CLASSIFIEDS_CONF['max_images_per_ad'] > 0) {
require_once $_CONF['path_system'] . 'classes/upload.class.php';
$upload = new upload();
//Debug with story debug function
if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
$upload->setLogFile($_CONF['path'] . 'logs/error.log');
$upload->setDebug(true);
}
$upload->setMaxFileUploads($_CLASSIFIEDS_CONF['max_images_per_ad']);
if (!empty($_CONF['image_lib'])) {
if ($_CONF['image_lib'] == 'imagemagick') {
// Using imagemagick
$upload->setMogrifyPath($_CONF['path_to_mogrify']);
} elseif ($_CONF['image_lib'] == 'netpbm') {
// using netPBM
$upload->setNetPBM($_CONF['path_to_netpbm']);
} elseif ($_CONF['image_lib'] == 'gdlib') {
// using the GD library
$upload->setGDLib();
}
$upload->setAutomaticResize(true);
$upload->keepOriginalImage(false);
if (isset($_CONF['jpeg_quality'])) {
$upload->setJpegQuality($_CONF['jpeg_quality']);
}
}
$upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
if (!$upload->setPath($_CLASSIFIEDS_CONF['path_images'])) {
$output = COM_siteHeader('menu', $LANG24[30]);
$output .= COM_startBlock($LANG24[30], '', COM_getBlockTemplate('_msg_block', 'header'));
$output .= $upload->printErrors(false);
$output .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$output .= COM_siteFooter();
echo $output;
exit;
}
// NOTE: if $_CONF['path_to_mogrify'] is set, the call below will
// force any images bigger than the passed dimensions to be resized.
// If mogrify is not set, any images larger than these dimensions
// will get validation errors
$upload->setMaxDimensions($_CLASSIFIEDS_CONF['max_image_width'], $_CLASSIFIEDS_CONF['max_image_height']);
$upload->setMaxFileSize($_CLASSIFIEDS_CONF['max_image_size']);
// size in bytes, 1048576 = 1MB
// Set file permissions on file after it gets uploaded (number is in octal)
$upload->setPerms('0644');
$filenames = array();
$end_index = $index_start + $upload->numFiles() - 1;
for ($z = $index_start; $z <= $end_index; $z++) {
$curfile = current($FILES);
if (!empty($curfile['name'])) {
$pos = strrpos($curfile['name'], '.') + 1;
$fextension = substr($curfile['name'], $pos);
$filenames[] = $clid . '_' . $z . '.' . $fextension;
}
next($FILES);
}
$upload->setFileNames($filenames);
reset($FILES);
$upload->uploadFiles();
if ($upload->areErrors()) {
$retval = COM_siteHeader('menu', $LANG24[30]);
$retval .= COM_startBlock($LANG24[30], '', COM_getBlockTemplate('_msg_block', 'header'));
$retval .= $upload->printErrors(false);
$retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$retval .= COM_siteFooter();
echo $retval;
exit;
}
reset($filenames);
for ($z = $index_start; $z <= $end_index; $z++) {
DB_query("INSERT INTO {$_TABLES['cl_pic']} (pi_pid, pi_img_num, pi_filename) VALUES ('" . $clid . "', {$z}, '" . current($filenames) . "')");
next($filenames);
}
}
return true;
}
/**
* Upload new photo, delete old photo
*
* @param string $delete_photo 'on': delete old photo
* @return string filename of new photo (empty = no new photo)
*
*/
function handlePhotoUpload($delete_photo = '')
{
global $_CONF, $_TABLES, $_USER, $LANG24;
require_once $_CONF['path_system'] . 'classes/upload.class.php';
$upload = new upload();
if (!empty($_CONF['image_lib'])) {
if ($_CONF['image_lib'] == 'imagemagick') {
// Using imagemagick
$upload->setMogrifyPath($_CONF['path_to_mogrify']);
} elseif ($_CONF['image_lib'] == 'netpbm') {
// using netPBM
$upload->setNetPBM($_CONF['path_to_netpbm']);
} elseif ($_CONF['image_lib'] == 'gdlib') {
// using the GD library
$upload->setGDLib();
}
$upload->setAutomaticResize(true);
if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
$upload->setLogFile($_CONF['path'] . 'logs/error.log');
$upload->setDebug(true);
}
if (isset($_CONF['jpeg_quality'])) {
$upload->setJpegQuality($_CONF['jpeg_quality']);
}
}
$upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
if (!$upload->setPath($_CONF['path_images'] . 'userphotos')) {
$display = COM_siteHeader('menu', $LANG24[30]);
$display .= COM_startBlock($LANG24[30], '', COM_getBlockTemplate('_msg_block', 'header'));
$display .= $upload->printErrors(false);
$display .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$display .= COM_siteFooter();
COM_output($display);
exit;
// don't return
}
$filename = '';
if (!empty($delete_photo) && $delete_photo == 'on') {
$delete_photo = true;
} else {
$delete_photo = false;
}
$curphoto = DB_getItem($_TABLES['users'], 'photo', "uid = {$_USER['uid']}");
if (empty($curphoto)) {
$delete_photo = false;
}
// see if user wants to upload a (new) photo
$newphoto = $_FILES['photo'];
if (!empty($newphoto['name'])) {
$pos = strrpos($newphoto['name'], '.') + 1;
$fextension = substr($newphoto['name'], $pos);
$filename = $_USER['username'] . '.' . $fextension;
if (!empty($curphoto) && $filename != $curphoto) {
$delete_photo = true;
} else {
$delete_photo = false;
}
}
// delete old photo first
if ($delete_photo) {
USER_deletePhoto($curphoto);
}
// now do the upload
if (!empty($filename)) {
$upload->setFileNames($filename);
$upload->setPerms('0644');
if ($_CONF['max_photo_width'] > 0 && $_CONF['max_photo_height'] > 0) {
$upload->setMaxDimensions($_CONF['max_photo_width'], $_CONF['max_photo_height']);
} else {
$upload->setMaxDimensions($_CONF['max_image_width'], $_CONF['max_image_height']);
}
if ($_CONF['max_photo_size'] > 0) {
$upload->setMaxFileSize($_CONF['max_photo_size']);
} else {
$upload->setMaxFileSize($_CONF['max_image_size']);
}
$upload->uploadFiles();
if ($upload->areErrors()) {
$display = COM_siteHeader('menu', $LANG24[30]);
$display .= COM_startBlock($LANG24[30], '', COM_getBlockTemplate('_msg_block', 'header'));
$display .= $upload->printErrors(false);
$display .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$display .= COM_siteFooter();
COM_output($display);
exit;
// don't return
}
} else {
if (!$delete_photo && !empty($curphoto)) {
$filename = $curphoto;
}
}
return $filename;
}
/**
* Submit a new or updated story. The story is updated if it exists, or a new one is created
*
* @param array args Contains all the data provided by the client
* @param string &output OUTPUT parameter containing the returned text
* @return int Response code as defined in lib-plugins.php
*/
function service_submit_story($args, &$output, &$svc_msg)
{
global $_CONF, $_TABLES, $_USER, $LANG24, $MESSAGE, $_GROUPS;
if (!SEC_hasRights('story.edit')) {
$output .= COM_siteHeader('menu', $MESSAGE[30]) . COM_showMessageText($MESSAGE[29], $MESSAGE[30]) . COM_siteFooter();
return PLG_RET_AUTH_FAILED;
}
require_once $_CONF['path_system'] . 'lib-comment.php';
$gl_edit = false;
if (isset($args['gl_edit'])) {
$gl_edit = $args['gl_edit'];
}
if ($gl_edit) {
/* This is EDIT mode, so there should be an old sid */
if (empty($args['old_sid'])) {
if (!empty($args['id'])) {
$args['old_sid'] = $args['id'];
} else {
return PLG_RET_ERROR;
}
if (empty($args['sid'])) {
$args['sid'] = $args['old_sid'];
}
}
} else {
if (empty($args['sid']) && !empty($args['id'])) {
$args['sid'] = $args['id'];
}
}
/* Store the first CATEGORY as the Topic ID */
if (!empty($args['category'][0])) {
$args['tid'] = $args['category'][0];
}
$content = '';
if (!empty($args['content'])) {
$content = $args['content'];
} else {
if (!empty($args['summary'])) {
$content = $args['summary'];
}
}
if (!empty($content)) {
$parts = explode('[page_break]', $content);
if (count($parts) == 1) {
$args['introtext'] = $content;
$args['bodytext'] = '';
} else {
$args['introtext'] = array_shift($parts);
$args['bodytext'] = implode('[page_break]', $parts);
}
}
/* Apply filters to the parameters passed by the webservice */
if ($args['gl_svc']) {
if (isset($args['mode'])) {
$args['mode'] = COM_applyBasicFilter($args['mode']);
}
if (isset($args['editopt'])) {
$args['editopt'] = COM_applyBasicFilter($args['editopt']);
}
}
/* - START: Set all the defaults - */
if (empty($args['tid'])) {
// see if we have a default topic
$topic = DB_getItem($_TABLES['topics'], 'tid', 'is_default = 1' . COM_getPermSQL('AND'));
if (!empty($topic)) {
$args['tid'] = $topic;
} else {
// otherwise, just use the first one
$o = array();
$s = array();
if (service_getTopicList_story(array('gl_svc' => true), $o, $s) == PLG_RET_OK) {
$args['tid'] = $o[0];
} else {
$svc_msg['error_desc'] = 'No topics available';
return PLG_RET_ERROR;
}
}
}
if (empty($args['owner_id'])) {
$args['owner_id'] = $_USER['uid'];
}
if (empty($args['group_id'])) {
$args['group_id'] = SEC_getFeatureGroup('story.edit', $_USER['uid']);
}
if (empty($args['postmode'])) {
$args['postmode'] = $_CONF['postmode'];
if (!empty($args['content_type'])) {
if ($args['content_type'] == 'text') {
$args['postmode'] = 'text';
} else {
if ($args['content_type'] == 'html' || $args['content_type'] == 'xhtml') {
$args['postmode'] = 'html';
}
}
}
}
if ($args['gl_svc']) {
/* Permissions */
if (!isset($args['perm_owner'])) {
$args['perm_owner'] = $_CONF['default_permissions_story'][0];
} else {
$args['perm_owner'] = COM_applyBasicFilter($args['perm_owner'], true);
}
if (!isset($args['perm_group'])) {
$args['perm_group'] = $_CONF['default_permissions_story'][1];
} else {
$args['perm_group'] = COM_applyBasicFilter($args['perm_group'], true);
}
if (!isset($args['perm_members'])) {
$args['perm_members'] = $_CONF['default_permissions_story'][2];
} else {
$args['perm_members'] = COM_applyBasicFilter($args['perm_members'], true);
}
if (!isset($args['perm_anon'])) {
$args['perm_anon'] = $_CONF['default_permissions_story'][3];
} else {
$args['perm_anon'] = COM_applyBasicFilter($args['perm_anon'], true);
}
if (!isset($args['draft_flag'])) {
$args['draft_flag'] = $_CONF['draft_flag'];
}
if (empty($args['frontpage'])) {
$args['frontpage'] = $_CONF['frontpage'];
}
if (empty($args['show_topic_icon'])) {
$args['show_topic_icon'] = $_CONF['show_topic_icon'];
}
}
/* - END: Set all the defaults - */
// TEST CODE
/* foreach ($args as $k => $v) {
if (!is_array($v)) {
echo "$k => $v\r\n";
} else {
echo "$k => $v\r\n";
foreach ($v as $k1 => $v1) {
echo " $k1 => $v1\r\n";
}
}
}*/
// exit ();
// END TEST CODE
if (!isset($args['sid'])) {
$args['sid'] = '';
}
$args['sid'] = COM_sanitizeID($args['sid']);
if (!$gl_edit) {
if (strlen($args['sid']) > STORY_MAX_ID_LENGTH) {
$args['sid'] = WS_makeId($args['slug'], STORY_MAX_ID_LENGTH);
}
}
$story = new Story();
$gl_edit = false;
if (isset($args['gl_edit'])) {
$gl_edit = $args['gl_edit'];
}
if ($gl_edit && !empty($args['gl_etag'])) {
/* First load the original story to check if it has been modified */
$result = $story->loadFromDatabase($args['sid']);
if ($result == STORY_LOADED_OK) {
if ($args['gl_etag'] != date('c', $story->_date)) {
$svc_msg['error_desc'] = 'A more recent version of the story is available';
return PLG_RET_PRECONDITION_FAILED;
}
} else {
$svc_msg['error_desc'] = 'Error loading story';
return PLG_RET_ERROR;
}
}
/* This function is also doing the security checks */
$result = $story->loadFromArgsArray($args);
$sid = $story->getSid();
switch ($result) {
case STORY_DUPLICATE_SID:
$output .= COM_siteHeader('menu', $LANG24[5]);
$output .= COM_errorLog($LANG24[24], 2);
if (!$args['gl_svc']) {
$output .= storyeditor($sid);
}
$output .= COM_siteFooter();
return PLG_RET_ERROR;
case STORY_EXISTING_NO_EDIT_PERMISSION:
$output .= COM_siteHeader('menu', $MESSAGE[30]) . COM_showMessageText($MESSAGE[29], $MESSAGE[30]) . COM_siteFooter();
COM_accessLog("User {$_USER['username']} tried to illegally submit or edit story {$sid}.");
return PLG_RET_PERMISSION_DENIED;
case STORY_NO_ACCESS_PARAMS:
$output .= COM_siteHeader('menu', $MESSAGE[30]) . COM_showMessageText($MESSAGE[29], $MESSAGE[30]) . COM_siteFooter();
COM_accessLog("User {$_USER['username']} tried to illegally submit or edit story {$sid}.");
return PLG_RET_PERMISSION_DENIED;
case STORY_EMPTY_REQUIRED_FIELDS:
$output .= COM_siteHeader('menu');
$output .= COM_errorLog($LANG24[31], 2);
if (!$args['gl_svc']) {
$output .= storyeditor($sid);
}
$output .= COM_siteFooter();
return PLG_RET_ERROR;
default:
break;
}
/* Image upload is not supported by the web-service at present */
if (!$args['gl_svc']) {
// Delete any images if needed
if (array_key_exists('delete', $args)) {
$delete = count($args['delete']);
for ($i = 1; $i <= $delete; $i++) {
$ai_filename = DB_getItem($_TABLES['article_images'], 'ai_filename', "ai_sid = '{$sid}' AND ai_img_num = " . key($args['delete']));
STORY_deleteImage($ai_filename);
DB_query("DELETE FROM {$_TABLES['article_images']} WHERE ai_sid = '{$sid}' AND ai_img_num = " . key($args['delete']));
next($args['delete']);
}
}
// OK, let's upload any pictures with the article
if (DB_count($_TABLES['article_images'], 'ai_sid', $sid) > 0) {
$index_start = DB_getItem($_TABLES['article_images'], 'max(ai_img_num)', "ai_sid = '{$sid}'") + 1;
} else {
$index_start = 1;
}
if (count($_FILES) > 0 and $_CONF['maximagesperarticle'] > 0) {
require_once $_CONF['path_system'] . 'classes/upload.class.php';
$upload = new upload();
if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
$upload->setLogFile($_CONF['path'] . 'logs/error.log');
$upload->setDebug(true);
}
$upload->setMaxFileUploads($_CONF['maximagesperarticle']);
if (!empty($_CONF['image_lib'])) {
if ($_CONF['image_lib'] == 'imagemagick') {
// Using imagemagick
$upload->setMogrifyPath($_CONF['path_to_mogrify']);
} elseif ($_CONF['image_lib'] == 'netpbm') {
// using netPBM
$upload->setNetPBM($_CONF['path_to_netpbm']);
} elseif ($_CONF['image_lib'] == 'gdlib') {
// using the GD library
$upload->setGDLib();
}
$upload->setAutomaticResize(true);
if ($_CONF['keep_unscaled_image'] == 1) {
$upload->keepOriginalImage(true);
} else {
$upload->keepOriginalImage(false);
}
if (isset($_CONF['jpeg_quality'])) {
$upload->setJpegQuality($_CONF['jpeg_quality']);
}
}
$upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
if (!$upload->setPath($_CONF['path_images'] . 'articles')) {
$output = COM_siteHeader('menu', $LANG24[30]);
$output .= COM_startBlock($LANG24[30], '', COM_getBlockTemplate('_msg_block', 'header'));
$output .= $upload->printErrors(false);
$output .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$output .= COM_siteFooter();
echo $output;
exit;
}
// NOTE: if $_CONF['path_to_mogrify'] is set, the call below will
// force any images bigger than the passed dimensions to be resized.
// If mogrify is not set, any images larger than these dimensions
// will get validation errors
$upload->setMaxDimensions($_CONF['max_image_width'], $_CONF['max_image_height']);
$upload->setMaxFileSize($_CONF['max_image_size']);
// size in bytes, 1048576 = 1MB
// Set file permissions on file after it gets uploaded (number is in octal)
$upload->setPerms('0644');
$filenames = array();
$end_index = $index_start + $upload->numFiles() - 1;
for ($z = $index_start; $z <= $end_index; $z++) {
$curfile = current($_FILES);
if (!empty($curfile['name'])) {
$pos = strrpos($curfile['name'], '.') + 1;
$fextension = substr($curfile['name'], $pos);
$filenames[] = $sid . '_' . $z . '.' . $fextension;
}
next($_FILES);
}
$upload->setFileNames($filenames);
reset($_FILES);
$upload->uploadFiles();
if ($upload->areErrors()) {
$retval = COM_siteHeader('menu', $LANG24[30]);
$retval .= COM_startBlock($LANG24[30], '', COM_getBlockTemplate('_msg_block', 'header'));
$retval .= $upload->printErrors(false);
$retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$retval .= COM_siteFooter();
echo $retval;
exit;
}
reset($filenames);
for ($z = $index_start; $z <= $end_index; $z++) {
DB_query("INSERT INTO {$_TABLES['article_images']} (ai_sid, ai_img_num, ai_filename) VALUES ('{$sid}', {$z}, '" . current($filenames) . "')");
next($filenames);
}
}
if ($_CONF['maximagesperarticle'] > 0) {
$errors = $story->insertImages();
if (count($errors) > 0) {
$output = COM_siteHeader('menu', $LANG24[54]);
$output .= COM_startBlock($LANG24[54], '', COM_getBlockTemplate('_msg_block', 'header'));
$output .= $LANG24[55] . '<p>';
for ($i = 1; $i <= count($errors); $i++) {
$output .= current($errors) . '<br' . XHTML . '>';
next($errors);
}
$output .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$output .= storyeditor($sid);
$output .= COM_siteFooter();
echo $output;
exit;
}
}
}
$result = $story->saveToDatabase();
if ($result == STORY_SAVED) {
// see if any plugins want to act on that story
if (!empty($args['old_sid']) && $args['old_sid'] != $sid) {
PLG_itemSaved($sid, 'article', $args['old_sid']);
} else {
PLG_itemSaved($sid, 'article');
}
// update feed(s) and Older Stories block
COM_rdfUpToDateCheck('article', $story->DisplayElements('tid'), $sid);
COM_olderStuff();
CMT_updateCommentcodes();
if ($story->type == 'submission') {
$output = COM_refresh($_CONF['site_admin_url'] . '/moderation.php?msg=9');
} else {
$output = PLG_afterSaveSwitch($_CONF['aftersave_story'], COM_buildURL("{$_CONF['site_url']}/article.php?story={$sid}"), 'story', 9);
}
/* @TODO Set the object id here */
$svc_msg['id'] = $sid;
return PLG_RET_OK;
}
}
function addDownload()
{
global $_CONF, $_USER, $_TABLES, $filemgmt_FileStoreURL, $filemgmt_FileSnapURL, $filemgmt_FileStore, $filemgmt_SnapStore;
global $myts, $eh, $_FMDOWNLOAD, $filemgmtFilePermissions;
if (defined('DEMO_MODE')) {
redirect_header($_CONF['site_url'] . "/index.php", 10, 'Uploads are disabled in demo mode');
exit;
}
$title = $myts->makeTboxData4Save($_POST['title']);
$homepage = $myts->makeTboxData4Save($_POST['homepage']);
$version = $myts->makeTboxData4Save($_POST['version']);
$description = $myts->makeTareaData4Save($_POST['description']);
$commentoption = $_POST['commentoption'];
$fileurl = COM_applyFilter($_POST['fileurl']);
$submitter = $_USER['uid'];
$errormsg = "";
// Check if Title blank
if ($title == "") {
$eh->show("1104");
}
// Check if Description blank
if ($description == "") {
$eh->show("1105");
}
// Check if a file was uploaded
if ($_FILES['newfile']['size'] == 0 && empty($fileurl)) {
$eh->show("1017");
}
if (!empty($_POST['cid'])) {
$cid = $_POST['cid'];
} else {
$cid = 0;
$eh->show("1110");
}
$filename = '';
//$myts->makeTboxData4Save($_FILES['newfile']['name']);
$url = '';
//$myts->makeTboxData4Save(rawurlencode($filename));
$snapfilename = '';
// = $myts->makeTboxData4Save($_FILES['newfileshot']['name']);
$logourl = '';
//$myts->makeTboxData4Save(rawurlencode($snapfilename));
require_once $_CONF['path_system'] . 'classes/upload.class.php';
$upload = new upload();
$upload->setFieldName('newfile');
$upload->setPath($filemgmt_FileStore);
$upload->setAllowAnyMimeType(true);
// allow any file type
$upload->setMaxFileSize(100000000);
if ($upload->numFiles() > 0) {
$upload->uploadFiles();
if ($upload->areErrors()) {
$errmsg = "Upload Error: " . $upload->printErrors(false);
COM_errorLog($errmsg);
$eh->show("1106");
} else {
$size = $myts->makeTboxData4Save(intval($upload->_currentFile['size']));
$filename = $myts->makeTboxData4Save($upload->_currentFile['name']);
$url = $myts->makeTboxData4Save(rawurlencode($filename));
$pos = strrpos($filename, '.') + 1;
$fileExtension = strtolower(substr($filename, $pos));
if (array_key_exists($fileExtension, $_FMDOWNLOAD)) {
if ($_FMDOWNLOAD[$fileExtension] == 'reject') {
COM_errorLOG("AddNewFile - New Upload file is rejected by config rule:{$uploadfilename}");
$eh->show("1109");
} else {
$fileExtension = $_FMDOWNLOAD[$fileExtension];
$pos = strrpos($url, '.') + 1;
$url = strtolower(substr($url, 0, $pos)) . $fileExtension;
$pos2 = strrpos($filename, '.') + 1;
$filename = substr($filename, 0, $pos2) . $fileExtension;
}
}
$AddNewFile = true;
}
}
if ($upload->numFiles() == 0 && !$upload->areErrors() && !empty($fileurl)) {
$url = $fileurl;
$size = 0;
$AddNewFile = true;
}
$upload = new upload();
$upload->setFieldName('newfileshot');
$upload->setPath($filemgmt_SnapStore);
$upload->setAllowAnyMimeType(false);
$upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
$upload->setAutomaticResize(true);
if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
$upload->setLogFile($_CONF['path'] . 'logs/error.log');
$upload->setDebug(true);
}
$upload->setMaxDimensions(640, 480);
$upload->setAutomaticResize(true);
$upload->setMaxFileSize(100000000);
$upload->uploadFiles();
if ($upload->numFiles() > 0) {
if ($upload->areErrors()) {
$errmsg = "Upload Error: " . $upload->printErrors(false);
COM_errorLog($errmsg);
$eh->show("1106");
} else {
$snapfilename = $myts->makeTboxData4Save($upload->_currentFile['name']);
$logourl = $myts->makeTboxData4Save(rawurlencode($snapfilename));
$AddNewFile = true;
}
}
if ($AddNewFile) {
$chown = @chmod($filemgmt_FileStore . $filename, $filemgmtFilePermissions);
if (strlen($version) > 9) {
$version = substr($version, 0, 8);
}
$fields = 'cid, title, url, homepage, version, size, logourl, submitter, status, date, hits, rating, votes, comments';
$sql = "INSERT INTO {$_TABLES['filemgmt_filedetail']} ({$fields}) VALUES ";
$sql .= "('" . DB_escapeString($cid) . "','" . $title . "','" . $url . "','" . $homepage . "','" . $version . "','" . $size . "','" . $logourl . "','" . DB_escapeString($submitter) . "',1,UNIX_TIMESTAMP(),0,0,0,'" . DB_escapeString($commentoption) . "')";
DB_query($sql);
$newid = DB_insertID();
DB_query("INSERT INTO {$_TABLES['filemgmt_filedesc']} (lid, description) VALUES ({$newid}, '" . $description . "')");
PLG_itemSaved($newid, 'filemgmt');
CACHE_remove_instance('whatsnew');
if (isset($duplicatefile) && $duplicatefile) {
redirect_header("{$_CONF['site_admin_url']}/plugins/filemgmt/index.php", 2, _MD_NEWDLADDED_DUPFILE);
} elseif (isset($duplicatesnap) && $duplicatesnap) {
redirect_header("{$_CONF['site_admin_url']}/plugins/filemgmt/index.php", 2, _MD_NEWDLADDED_DUPSNAP);
} else {
redirect_header("{$_CONF['site_admin_url']}/plugins/filemgmt/index.php", 2, _MD_NEWDLADDED);
}
exit;
} else {
redirect_header("index.php", 2, _MD_ERRUPLOAD . "");
exit;
}
}
function updatePage($mode, $type)
{
global $_CONF, $_TABLES, $_FILES, $_POST, $CONF_SE, $LANG_SE_ERR;
global $_DB_name, $catid, $pageid;
include_once $_CONF['path_system'] . 'classes/upload.class.php';
$name = substr(htmlentities($_POST['name']), 0, 32);
$pid = ppPrepareForDB($_POST['category']);
$old_sid = ppPrepareForDB($_POST['old_sid']);
$sid = ppPrepareForDB($_POST['sid'], true, 40);
$pageorder = COM_applyFilter($_POST['pageorder'], true);
if ($type == 'link') {
$menutype = 3;
} else {
$menutype = COM_applyFilter($_POST['menu_type'], true);
}
$blkformat = ppPrepareForDB($_POST['blk_format']);
$heading = substr(htmlentities($_POST['heading']), 0, 255);
$grp_access = ppPrepareForDB($_POST['grp_access']);
$imgdelete = $_POST['imgdelete'];
$chkscale = $_POST['chkscale'];
$submenutype = COM_applyFilter($_POST['rad_submenu'], true);
$blockmenutype = COM_applyFilter($_POST['rad_blockmenu'], true);
$is_menu_newpage = $_POST['chknewwindow'] == 1 ? 1 : 0;
$is_draft = $_POST['chkdraft'] == 1 ? 1 : 0;
$show_breadcrumbs = $_POST['chkbreadcrumbs'] == 1 ? 1 : 0;
$owner_id = ppPrepareForDB($_POST['owner_id']);
$group_id = ppPrepareForDB($_POST['group_id']);
$perm_owner = $_POST['perm_owner'];
$perm_group = $_POST['perm_group'];
$perm_members = $_POST['perm_members'];
$perm_anon = $_POST['perm_anon'];
$pagetitle = substr(htmlentities($_POST['pagetitle']), 0, 255);
$metadesc = ppPrepareForDB($_POST['metadesc']);
$metakeywords = ppPrepareForDB($_POST['metakeywords']);
// Convert array values to numeric permission values
list($perm_owner, $perm_group, $perm_members, $perm_anon) = SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon);
// Allow full HTML in the introtext field
if (!get_magic_quotes_gpc()) {
$content = addslashes($_POST['sitecontent']);
$help = addslashes($_POST['help']);
} else {
$content = $_POST['sitecontent'];
$help = $_POST['help'];
}
if ($sid != '') {
$sid = COM_sanitizeID($sid);
}
if ($sid != '' and DB_count($_TABLES['nexcontent_pages'], 'sid', $sid) > 0) {
if ($sid != $old_sid) {
$duplicate_sid = true;
if ($old_sid == '') {
$sid = "{$sid}_{$pid}";
$dupmsg = ' - Duplicate Page ID';
} else {
$sid = $old_sid;
$dupmsg = ' - Duplicate Page ID, Page ID not changed.';
}
}
} else {
$duplicate_sid = false;
}
if ($mode == 'add') {
$gid = uniqid($_DB_name, FALSE);
$category = COM_applyFilter($category, true);
if ($type == 'category') {
// Create a new record - set the category value to 0
DB_query("INSERT INTO {$_TABLES['nexcontent_pages']} (pid,gid,type) values ({$category},'{$gid}','category')");
$pageid = DB_insertID();
$GLOBALS['statusmsg'] = 'New Category Added';
$query = DB_query("SELECT max(pageorder) FROM {$_TABLES['nexcontent_pages']} WHERE type='category'");
list($maxorder) = DB_fetchArray($query);
$order = $maxorder + 10;
DB_query("UPDATE {$_TABLES['nexcontent_pages']} SET pageorder='{$order}' WHERE id='{$pageid}'");
} else {
// Create a new record - need to get the record id for the category
DB_query("INSERT INTO {$_TABLES['nexcontent_pages']} (pid,gid,type) values ('{$category}','{$gid}','{$type}')");
$pageid = DB_insertID();
$GLOBALS['statusmsg'] = 'New Page Added';
$query = DB_query("SELECT max(pageorder) FROM {$_TABLES['nexcontent_pages']} WHERE pid='category'");
list($maxorder) = DB_fetchArray($query);
$order = $maxorder + 10;
DB_query("UPDATE {$_TABLES['nexcontent_pages']} SET pageorder='{$order}' WHERE id='{$pageid}'");
}
} else {
if ($type == 'category') {
$GLOBALS['statusmsg'] = "{$name} Updated";
} else {
$GLOBALS['statusmsg'] = "{$name} Updated";
}
if ($duplicate_sid) {
$GLOBALS['statusmsg'] .= $dupmsg;
}
}
DB_query("UPDATE {$_TABLES['nexcontent_pages']} SET name='{$name}', blockformat='{$blkformat}', pid='{$pid}', sid='{$sid}', heading='{$heading}',content='{$content}', menutype='{$menutype}', is_menu_newpage='{$is_menu_newpage}', show_submenu='{$submenutype}', show_blockmenu='{$blockmenutype}', show_breadcrumbs='{$show_breadcrumbs}', is_draft='{$is_draft}', owner_id='{$owner_id}', group_id='{$group_id}', perm_owner='{$perm_owner}', perm_group='{$perm_group}', perm_members='{$perm_members}', perm_anon='{$perm_anon}' , pagetitle='{$pagetitle}', meta_description='{$metadesc}', meta_keywords='{$metakeywords}' WHERE id='{$pageid}'");
DB_query("UPDATE {$_TABLES['nexcontent']} SET help='{$help}'");
//update the page order
if ($pageorder != '' and $pageid != '') {
DB_query("UPDATE {$_TABLES['nexcontent_pages']} SET pageorder={$pageorder} WHERE id={$pageid};");
$porder = DB_query("SELECT id FROM {$_TABLES['nexcontent_pages']} WHERE pid={$pid} ORDER BY pageorder ASC;");
$i = 0;
while ($ORDER = DB_fetchArray($porder)) {
$i += 10;
DB_query("UPDATE {$_TABLES['nexcontent_pages']} SET pageorder={$i} WHERE id={$ORDER['id']};");
}
}
$pageImageDir = $CONF_SE['uploadpath'] . "/{$pageid}/";
// Check and see if directories exist
if (!file_exists($pageImageDir)) {
$mkdir = @mkdir($pageImageDir);
$chmod = @chmod($pageImageDir, $CONF_SE['imagedir_perms']);
}
// Delete any images if needed
for ($i = 0; $i < count($imgdelete); $i++) {
$curimage = DB_getitem($_TABLES['nexcontent_images'], "imagefile", "page_id='{$pageid}' AND imagenum='{$imgdelete[$i]}'");
$fullimage = $pageImageDir . $curimage;
if (!is_dir($fullimage) and file_exists($fullimage)) {
if (!unlink($fullimage)) {
echo COM_errorLog("Unable to delete image {$fullimage}. Please check file permissions");
$GLOBALS['statusmsg'] = "Unable to delete image {$fullimage}. Please check file permissions";
}
}
$pos = strrpos($curimage, '.');
$origimage = strtolower(substr($curimage, 0, $pos));
$ext = strtolower(substr($curimage, $pos));
$origimage .= "_original{$ext}";
$fullimage = $pageImageDir . $origimage;
if (!is_dir($fullimage) and file_exists($fullimage)) {
if (!unlink($fullimage)) {
echo COM_errorLog("Unable to delete image {$fullimage}. Please check file permissions");
$GLOBALS['statusmsg'] = "Unable to delete image {$fullimage}. Please check file permissions";
}
}
$curthumbnail = $pageImageDir . 'tn' . $curimage;
if (!is_dir($curthumbnail) and file_exists($curthumbnail)) {
if (!unlink($curthumbnail)) {
echo COM_errorLog("Unable to delete thumbnail for {$curthumbnail}. Please check file permissions");
$GLOBALS['statusmsg'] = "Unable to delete thumbnail for {$curthumbnail}. Please check file permissions";
}
}
DB_query("DELETE FROM {$_TABLES['nexcontent_images']} WHERE page_id='{$pageid}' and imagenum='{$imgdelete[$i]}'");
next($imgdelete);
}
$upload = new upload();
$upload->setLogging(false);
$upload->setDebug(false);
$upload->setLogFile($_CONF['path_log'] . 'error.log');
$upload->setMaxFileUploads($CONF_SE['max_num_images']);
if ($_CONF['image_lib'] == 'imagemagick') {
$upload->setMogrifyPath($_CONF['path_to_mogrify']);
} else {
$upload->setGDLib();
}
$upload->setAllowedMimeTypes($CONF_SE['allowableImageTypes']);
$upload->setMaxDimensions($CONF_SE['max_upload_width'], $CONF_SE['max_upload_height']);
$upload->setMaxFileSize($CONF_SE['max_uploadfile_size']);
$upload->setAutomaticResize(true);
$upload->keepOriginalImage(true);
$upload->setPerms($CONF_SE['image_perms']);
if (!$upload->setPath($pageImageDir)) {
$GLOBALS['statusmsg'] = $LANG_SE_ERR['upload1'] . ': ' . $upload->printErrors(false);
}
// OK, let's upload any pictures with this page
if (DB_count($_TABLES['nexcontent_images'], 'page_id', $pageid) > 0) {
$index_start = DB_getItem($_TABLES['nexcontent_images'], 'max(imagenum)', "page_id = '{$pageid}'") + 1;
} else {
$index_start = 1;
}
$index_start = 1;
$uniquename = time();
$filenames = array();
$imagenum = array();
for ($z = 1; $z <= $CONF_SE['max_num_images']; $z++) {
$curfile = current($_FILES);
if (!empty($curfile['name'])) {
$filenames[] = $uniquename . $z . '.jpg';
$imagenum[] = substr(key($_FILES), 9, 1);
}
next($_FILES);
}
$upload->setFileNames($filenames);
reset($_FILES);
$upload->setDebug(false);
$upload->uploadFiles();
if ($upload->areErrors()) {
$GLOBALS['statusmsg'] = $LANG_SE_ERR['upload1'] . ': ' . $upload->printErrors(false);
return false;
}
reset($filenames);
reset($imagenum);
if (DB_count($_TABLES['nexcontent_pages'], "id", $pageid) > 0) {
foreach ($filenames as $pageImage) {
$index = current($imagenum);
if (file_exists($pageImageDir . $pageImage)) {
$src = $pageImageDir . $pageImage;
$dest = $pageImageDir . 'tn' . $pageImage;
makethumbnail($pageImage, $src, $dest);
$iquery = DB_query("SELECT imagefile from {$_TABLES['nexcontent_images']} WHERE page_id='{$pageid}' AND imagenum='{$index}'");
if (DB_numRows($iquery) == 0) {
DB_query("INSERT INTO {$_TABLES['nexcontent_images']} (page_id,imagenum,imagefile) values ('{$pageid}', '{$index}','{$pageImage}')");
} elseif (DB_numRows($iquery) == 1) {
DB_query("UPDATE {$_TABLES['nexcontent_images']} SET imagefile='{$pageImage}' WHERE page_id='{$pageid}' and imagenum='{$index}'");
}
}
next($imagenum);
}
} else {
$GLOBALS['statusmsg'] = 'Error saving category';
}
// Update the image autoscale option for any images
$query = DB_query("SELECT id,imagenum from {$_TABLES['nexcontent_images']} WHERE page_id='{$pageid}'");
while (list($imageid, $imagenum) = DB_fetchArray($query)) {
if ($chkscale[$imagenum] == '1') {
DB_query("UPDATE {$_TABLES['nexcontent_images']} SET autoscale = '1' WHERE id='{$imageid}' AND imagenum='{$imagenum}'");
} else {
DB_query("UPDATE {$_TABLES['nexcontent_images']} SET autoscale = '0' WHERE id='{$imageid}' AND imagenum='{$imagenum}'");
}
}
}
/**
* Upload new photo, delete old photo
*
* @param string $delete_photo 'on': delete old photo
* @return string filename of new photo (empty = no new photo)
*
*/
function USER_handlePhotoUpload($uid, $delete_photo = '')
{
global $_CONF, $_TABLES, $LANG24;
USES_class_upload();
$upload = new upload();
if (!empty($_CONF['image_lib'])) {
$upload->setAutomaticResize(true);
if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
$upload->setLogFile($_CONF['path'] . 'logs/error.log');
$upload->setDebug(true);
}
}
$upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
if (!$upload->setPath($_CONF['path_images'] . 'userphotos')) {
return '';
}
$filename = '';
if (!empty($delete_photo) && $delete_photo == 1) {
$delete_photo = true;
} else {
$delete_photo = false;
}
$curphoto = DB_getItem($_TABLES['users'], 'photo', "uid = " . (int) $uid);
if (empty($curphoto)) {
$delete_photo = false;
}
// see if user wants to upload a (new) photo
$newphoto = $_FILES['photo'];
if (!empty($newphoto['name'])) {
$pos = strrpos($newphoto['name'], '.') + 1;
$fextension = substr($newphoto['name'], $pos);
$filename = $uid . '.' . $fextension;
if (!empty($curphoto) && $filename != $curphoto) {
$delete_photo = true;
} else {
$delete_photo = false;
}
}
// delete old photo first
if ($delete_photo) {
USER_deletePhoto($curphoto);
}
// now do the upload
if (!empty($filename)) {
$upload->setFileNames($filename);
$upload->setFieldName('photo');
$upload->setPerms('0644');
$upload->setMaxDimensions(1024000, 1024000);
$upload->uploadFiles();
if ($upload->areErrors()) {
return '';
}
IMG_resizeImage($_CONF['path_images'] . 'userphotos/' . $filename, $_CONF['path_images'] . 'userphotos/' . $filename, $_CONF['max_photo_height'], $_CONF['max_photo_width']);
} else {
if (!$delete_photo && !empty($curphoto)) {
$filename = $curphoto;
}
}
return $filename;
}
/**
* Upload new topic icon, replaces previous icon if one exists
*
* @param string tid ID of topic to prepend to filename
* @return string filename of new photo (empty = no new photo)
*
*/
function TOPIC_iconUpload($tid)
{
global $_CONF, $_TABLES, $LANG27;
require_once $_CONF['path_system'] . 'classes/upload.class.php';
$upload = new upload();
if (!empty($_CONF['image_lib'])) {
$upload->setAutomaticResize(true);
if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
$upload->setLogFile($_CONF['path'] . 'logs/error.log');
$upload->setDebug(true);
}
}
$upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
if (!$upload->setPath($_CONF['path_images'] . 'topics')) {
$display = COM_siteHeader('menu', $LANG27[29]);
$display .= COM_showMessageText($upload->printErrors(false), $LANG27[29], true);
$display .= COM_siteFooter();
echo $display;
exit;
// don't return
}
$upload->setFieldName('newicon');
$filename = '';
// see if user wants to upload a (new) icon
$newicon = $_FILES['newicon'];
if (!empty($newicon['name'])) {
$pos = strrpos($newicon['name'], '.') + 1;
$fextension = substr($newicon['name'], $pos);
$filename = 'topic_' . $tid . '.' . $fextension;
}
// do the upload
if (!empty($filename)) {
$upload->setFileNames($filename);
$upload->setPerms('0644');
if ($_CONF['max_topicicon_width'] > 0 && $_CONF['max_topicicon_height'] > 0) {
$upload->setMaxDimensions($_CONF['max_topicicon_width'], $_CONF['max_topicicon_height']);
} else {
$upload->setMaxDimensions($_CONF['max_image_width'], $_CONF['max_image_height']);
}
if ($_CONF['max_topicicon_size'] > 0) {
$upload->setMaxFileSize($_CONF['max_topicicon_size']);
} else {
$upload->setMaxFileSize($_CONF['max_image_size']);
}
$upload->uploadFiles();
if ($upload->areErrors()) {
$display = COM_siteHeader('menu', $LANG27[29]);
$display .= COM_showMessageText($upload->printErrors(false), $LANG27[29], true);
$display .= COM_siteFooter();
echo $display;
exit;
// don't return
}
$filename = '/images/topics/' . $filename;
}
return $filename;
}
function MAPS_importCSV($FILES = '', $map_id, $separator = ';', $fields, $valid = false, $filename = '')
{
global $_CONF, $_TABLES, $LANG24, $LANG_MAPS_1, $_USER;
if ($map_id == '') {
return MAPS_message('Map ID is missing');
}
if (!in_array($separator, array(',', 'tab', ';'))) {
echo COM_refresh($_CONF['site_admin_url'] . '/plugins/maps/import_export.php');
exit;
}
if ($valid == false) {
// OK, let's upload csv file
require_once $_CONF['path_system'] . 'classes/upload.class.php';
$upload = new upload();
//Debug with story debug function
if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
$upload->setLogFile($_CONF['path'] . 'logs/error.log');
$upload->setDebug(true);
}
$upload->setMaxFileUploads(1);
$upload->setAllowedMimeTypes(array('text/csv' => '.csv', 'text/comma-separated-values' => '.csv', 'application/vnd.ms-excel' => '.csv'));
if (!$upload->setPath($_CONF['path_data'])) {
$output = COM_siteHeader('menu', $LANG24[30]);
$output .= COM_startBlock($LANG24[30], '', COM_getBlockTemplate('_msg_block', 'header'));
$output .= $upload->printErrors(false);
$output .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$output .= COM_siteFooter();
echo $output;
exit;
}
// Set file permissions on file after it gets uploaded (number is in octal)
$upload->setPerms('0644');
$curfile = current($FILES);
if (!empty($curfile['name'])) {
$pos = strrpos($curfile['name'], '.') + 1;
$fextension = substr($curfile['name'], $pos);
$filename = 'import_markers_' . COM_makesid() . '.' . $fextension;
}
if ($filename == '') {
return MAPS_message('Houston, we have a problem.');
}
$upload->setFileNames($filename);
reset($FILES);
$upload->uploadFiles();
if ($upload->areErrors()) {
$msg = $upload->printErrors(false);
return MAPS_message($msg, $LANG24[30]);
}
$retval = '<p>' . $LANG_MAPS_1['markers_to_add'] . ' ' . DB_getItem($_TABLES['maps_maps'], 'name', "mid={$map_id}") . '</p><ul>';
} else {
$retval = '<p>' . $LANG_MAPS_1['markers_added'] . ' ' . DB_getItem($_TABLES['maps_maps'], 'name', "mid={$map_id}") . '</p><ul>';
}
//open file and record markers
$row = 1;
$marker = array();
$valid_fields = MAPS_getFieldsImportExport();
if (($handle = fopen($_CONF['path_data'] . $filename, "r")) !== FALSE) {
if ($separator == 'tab') {
$separator = "\t";
}
$iteration = 0;
while (($field_read = fgetcsv($handle, 0, $separator)) !== FALSE) {
$iteration++;
for ($i = 27; $i > -1; $i = $i - 1) {
if ($fields[$i] == $valid_fields[$i]) {
$marker[$i] = $field_read[$i];
} else {
if (!isset($marker[$i])) {
$marker[$i] = '';
}
while ($position = current($valid_fields)) {
if ($position == $fields[$i]) {
$key = key($valid_fields);
$marker[$key] = $field_read[$i];
}
next($valid_fields);
}
reset($valid_fields);
}
}
if ($marker[3] == '') {
ksort($marker);
$retval = '<table style="margin:20px;" border="1">';
foreach ($marker as $key => $val) {
$retval .= "<tr><td><font size=2>" . $key . "</td><td><font size=2>" . $val . "</td></tr>";
}
$retval .= "</table>";
return MAPS_message($LANG_MAPS_1['name_missing'] . ' | Line: ' . $iteration . $retval);
}
if ($marker[0] == '' && $marker[1] == '') {
return MAPS_message($LANG_MAPS_1['need_address']);
}
if ($valid == false) {
$retval .= '<li>#' . $iteration . ' Name: ' . $marker[3] . '<br' . XHTML . '>Address: ' . $marker[0] . '<br' . XHTML . '>Lat: ' . $marker[1] . ' | Lng: ' . $marker[2] . '<br' . XHTML . '>Description: ' . $marker[4] . '<br' . XHTML . '>mk_default: ' . $marker[5] . ' | mk_pcolor: ' . $marker[6] . ' | mk_scolor: ' . $marker[7] . ' | mk_label: ' . $marker[8] . ' | mk_label_color: ' . $marker[9] . '<br' . XHTML . '>street: ' . $marker[10] . '<br' . XHTML . '>code: ' . $marker[11] . ' | city: ' . $marker[12] . '<br' . XHTML . '>state: ' . $marker[13] . ' | country: ' . $marker[14] . '<br' . XHTML . '>tel: ' . $marker[15] . ' | fax: ' . $marker[16] . '<br' . XHTML . '>web: ' . $marker[17] . '<br' . XHTML . '>item_1: ' . $marker[18] . ' | item_2: ' . $marker[19] . ' | item_3: ' . $marker[20] . ' | item_4: ' . $marker[21] . ' | item_5: ' . $marker[22] . ' | item_6: ' . $marker[23] . ' | item_7: ' . $marker[24] . ' | item_8: ' . $marker[25] . ' | item_9: ' . $marker[26] . ' | item_10: |' . $marker[27] . '<br' . XHTML . '>Map id: ' . $map_id . ' | ' . 'Owner id: ' . $_USER['uid'] . '<br' . XHTML . '> ';
} else {
ksort($marker);
$markers = '';
foreach ($marker as $key => $value) {
if ($key != 0) {
$markers .= ",";
}
// prepare strings for insertion
switch ($key) {
case '0':
//address
$val[0] = $value;
$type = array(0 => 'text');
MAPS_filterVars($type, $val);
//MAPS_convert_to ( $val[0], $_CONF['default_charset'] );
$address = $val[0];
break;
case '1':
//lat
if ($value == '') {
$lat = $lng = '';
$coords = MAPS_getCoords($address, $lat, $lng);
$value = $lat;
}
break;
case '2':
//lng
if ($value == '') {
$value = $lng;
}
break;
default:
$val[0] = $value;
$type = array(0 => 'text');
MAPS_filterVars($type, $val);
//MAPS_convert_to ( $val[0], $_CONF['default_charset'] );
$value = $val[0];
break;
}
$markers .= " '" . $value . "'";
}
//pause 1/10 second to avoid
$nano = time_nanosleep(0, 100000);
if ($nano === true) {
$mkid = date('YmdHis') . $iteration;
}
$created = $modified = date("Ymd");
$sql = "INSERT INTO {$_TABLES['maps_markers']} (\n\t\t\t\t mkid,\n\t\t\t\t mid,\n\t\t\t\t owner_id,\n\t\t\t\t created, modified,\n\t\t\t\t address, lat, lng, name, description, mk_default, mk_pcolor, mk_scolor, mk_label, mk_label_color,\n\t\t\t\t street, code, city, state, country, tel, fax, web, item_1, item_2, item_3, item_4, item_5, item_6,\n\t\t\t\t item_7, item_8, item_9, item_10) VALUES (\n\t\t\t\t {$mkid},\n\t\t\t\t {$map_id},\n\t\t\t\t {$_USER['uid']},\n\t\t\t\t {$created}, {$modified},\n\t\t\t\t {$markers})";
$mkid_exists = DB_getItem($_TABLES['maps_markers'], 'mkid', "mkid={$mkid}");
DB_query("SET character_set_results = 'utf8', character_set_client = 'utf8', character_set_connection = 'utf8', character_set_database = 'utf8', character_set_server = 'utf8'");
if ($mkid_exists == '' and $mkid != '') {
DB_query($sql, 0);
} else {
COM_errorLog('MAPS - Duplicate mkid during import from ' . $filename);
}
$mkid = '';
$retval .= '<li>' . stripslashes($marker[3]) . ' | ' . stripslashes($marker[0]);
}
}
fclose($handle);
}
$retval .= '</ul>';
if ($valid == false) {
$validation = '<p><form name="import" action="' . $_CONF['site_url'] . '/admin/plugins/maps/import_export.php?mode=valid" method="POST">';
$validation .= '<input type="hidden" name="filename" value="' . $filename . '">';
$validation .= '<input type="hidden" name="mid" value="' . $map_id . '">';
$validation .= '<input type="hidden" name="separator_in" value="' . $separator . '">';
$validation .= '<input type="submit" name="submit" value="' . $LANG_MAPS_1['yes'] . '"> ';
foreach ($fields as $value) {
$validation .= '<input type="hidden" name="import_export[]" value="' . $value . '">';
}
$validation .= '<input type="submit" name="submit" value="' . $LANG_MAPS_1['no'] . '">';
$validation .= '</form></p>';
return MAPS_message($retval) . $validation;
} else {
return $retval;
}
}
protected function _handleImageResize($to_path)
{
global $_CONF;
require_once $_CONF['path_system'] . 'classes/upload.class.php';
// Figure out file name
$path_parts = pathinfo($to_path);
$filename = $path_parts['basename'];
$upload = new upload();
if (!empty($_CONF['image_lib'])) {
if ($_CONF['image_lib'] == 'imagemagick') {
// Using imagemagick
$upload->setMogrifyPath($_CONF['path_to_mogrify']);
} elseif ($_CONF['image_lib'] == 'netpbm') {
// using netPBM
$upload->setNetPBM($_CONF['path_to_netpbm']);
} elseif ($_CONF['image_lib'] == 'gdlib') {
// using the GD library
$upload->setGDLib();
}
$upload->setAutomaticResize(true);
if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
$upload->setLogFile($_CONF['path'] . 'logs/error.log');
$upload->setDebug(true);
}
if (isset($_CONF['jpeg_quality'])) {
$upload->setJpegQuality($_CONF['jpeg_quality']);
}
}
$upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
// Set new path and image name
if (!$upload->setPath($_CONF['path_images'] . 'userphotos')) {
return;
}
// Current path of image to resize
$path = $_CONF['path_images'] . 'userphotos/' . $filename;
$path_parts = pathinfo($path);
$_FILES['imagefile']['name'] = $path_parts['basename'];
$_FILES['imagefile']['tmp_name'] = $path;
$_FILES['imagefile']['type'] = '';
switch ($path_parts['extension']) {
case 'gif':
$_FILES['imagefile']['type'] = 'image/gif';
break;
case 'jpg':
case 'jpeg':
$_FILES['imagefile']['type'] = 'image/jpeg';
break;
case 'png':
$_FILES['imagefile']['type'] = 'image/png';
break;
}
$_FILES['imagefile']['size'] = filesize($_FILES['imagefile']['tmp_name']);
$_FILES['imagefile']['error'] = '';
$_FILES['imagefile']['non_upload'] = true;
// Flag to bypass upload process via browser file form
// do the upload
if (!empty($filename)) {
$upload->setFileNames($filename);
$upload->setPerms('0644');
if ($_CONF['max_photo_width'] > 0 && $_CONF['max_photo_height'] > 0) {
$upload->setMaxDimensions($_CONF['max_photo_width'], $_CONF['max_photo_height']);
} else {
$upload->setMaxDimensions($_CONF['max_image_width'], $_CONF['max_image_height']);
}
if ($_CONF['max_photo_size'] > 0) {
$upload->setMaxFileSize($_CONF['max_photo_size']);
} else {
$upload->setMaxFileSize($_CONF['max_image_size']);
}
$upload->uploadFiles();
if ($upload->areErrors()) {
return;
}
}
return $path;
// return new path and filename
}
/**
* Upload new topic icon, replaces previous icon if one exists
*
* @param string tid ID of topic to prepend to filename
* @return string filename of new photo (empty = no new photo)
*
*/
function handleIconUpload($tid)
{
global $_CONF, $_TABLES, $LANG27;
require_once $_CONF['path_system'] . 'classes/upload.class.php';
$upload = new upload();
if (!empty($_CONF['image_lib'])) {
if ($_CONF['image_lib'] == 'imagemagick') {
// Using imagemagick
$upload->setMogrifyPath($_CONF['path_to_mogrify']);
} elseif ($_CONF['image_lib'] == 'netpbm') {
// using netPBM
$upload->setNetPBM($_CONF['path_to_netpbm']);
} elseif ($_CONF['image_lib'] == 'gdlib') {
// using the GD library
$upload->setGDLib();
}
$upload->setAutomaticResize(true);
if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
$upload->setLogFile($_CONF['path'] . 'logs/error.log');
$upload->setDebug(true);
}
if (isset($_CONF['jpeg_quality'])) {
$upload->setJpegQuality($_CONF['jpeg_quality']);
}
}
$upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
if (!$upload->setPath($_CONF['path_images'] . 'topics')) {
$display = COM_showMessageText($upload->printErrors(false), $LANG27[29]);
$display = COM_createHTMLDocument($display, array('pagetitle' => $LANG27[29]));
COM_output($display);
exit;
// don't return
}
$filename = '';
// see if user wants to upload a (new) icon
$newicon = $_FILES['newicon'];
if (!empty($newicon['name'])) {
$pos = strrpos($newicon['name'], '.') + 1;
$fextension = substr($newicon['name'], $pos);
$filename = 'topic_' . $tid . '.' . $fextension;
}
// do the upload
if (!empty($filename)) {
$upload->setFileNames($filename);
$upload->setPerms('0644');
if ($_CONF['max_topicicon_width'] > 0 && $_CONF['max_topicicon_height'] > 0) {
$upload->setMaxDimensions($_CONF['max_topicicon_width'], $_CONF['max_topicicon_height']);
} else {
$upload->setMaxDimensions($_CONF['max_image_width'], $_CONF['max_image_height']);
}
if ($_CONF['max_topicicon_size'] > 0) {
$upload->setMaxFileSize($_CONF['max_topicicon_size']);
} else {
$upload->setMaxFileSize($_CONF['max_image_size']);
}
$upload->uploadFiles();
if ($upload->areErrors()) {
$display = COM_showMessageText($upload->printErrors(false), $LANG27[29]);
$display = COM_createHTMLDocument($display, array('pagetitle' => $LANG27[29]));
COM_output($display);
exit;
// don't return
}
if (strpos($_CONF['path_images'], $_CONF['path_html']) === 0) {
$filename = substr($_CONF['path_images'], strlen($_CONF['path_html']) - 1) . 'topics/' . $filename;
} else {
/**
* Not really used when the 'path_images' is outside of the webroot.
* Let's at least extract the name of the images directory then.
*/
$images = 'images';
$parts = explode('/', $_CONF['path_images']);
if (count($parts) > 1) {
$cnt = count($parts);
// e.g. from /path/to/myimages/ would extract "myimages"
if (empty($parts[$cnt - 1]) && !empty($parts[$cnt - 2])) {
$images = $parts[$cnt - 2];
}
$filename = '/' . $images . '/topics/' . $filename;
}
}
}
return $filename;
}
// | |
// | You should have received a copy of the GNU General Public License |
// | along with this program; if not, write to the Free Software Foundation, |
// | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
// | |
// +-------------------------------------------------------------------------+
//
include_once $_CONF['path_system'] . 'classes/upload.class.php';
if (!file_exists($questionDir)) {
mkdir($questionDir);
chmod($questionDir, 0755);
}
$upload = new upload();
$upload->setContinueOnError(true);
$upload->setMaxFileUploads('1');
$upload->setLogFile("{$clubLogfile}");
$upload->setLogging(false);
$upload->setAllowedMimeTypes($_CONFQUIZ['allowableImageTypes']);
if (!$upload->setPath($questionDir)) {
print 'File Upload Errors:<BR>' . $upload->printErrors();
exit;
}
$upload->setMaxDimensions($_CONFQUIZ['max_upload_width'], $_CONFQUIZ['max_upload_height']);
$upload->setMaxFileSize($_CONFQUIZ['max_upload_size']);
// Set file permissions on file after it gets uploaded (number is in octet)
$upload->setPerms('0774');
$filenames = array();
$realfilenames = array();
$uploadtypes = array();
$uploadfilepos = array();
$upload->setDebug(true);
/**
* Main driver to handle the uploaded plugin
*
* Determines if a new style (supports automated installer) or
* an old style.
*
* @return string Formatted HTML containing the page body
*
*/
function processPluginUpload()
{
global $_CONF, $_PLUGINS, $_PLUGIN_INFO, $_TABLES, $pluginData, $LANG_ADMIN, $LANG32, $_DB_dbms, $_DB_table_prefix, $_IMAGE_TYPE;
$retval = '';
$upgrade = false;
if (count($_FILES) > 0 && $_FILES['pluginfile']['error'] != UPLOAD_ERR_NO_FILE) {
require_once $_CONF['path_system'] . 'classes/upload.class.php';
$upload = new upload();
if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
$upload->setLogFile($_CONF['path'] . 'logs/error.log');
$upload->setDebug(true);
}
$upload->setMaxFileUploads(1);
$upload->setMaxFileSize(25165824);
$upload->setAllowedMimeTypes(array('application/x-gzip' => '.gz,.gzip,tgz', 'application/zip' => '.zip', 'application/x-tar' => '.tar,.tar.gz,.gz', 'application/x-gzip-compressed' => '.tar.gz,.tgz,.gz'));
$upload->setFieldName('pluginfile');
if (!$upload->setPath($_CONF['path_data'] . 'temp')) {
return _pi_errorBox($upload->printErrors(false));
exit;
}
$filename = $_FILES['pluginfile']['name'];
$upload->setFileNames($filename);
$upload->uploadFiles();
if ($upload->areErrors()) {
return _pi_errorBox($upload->printErrors(false));
exit;
}
$Finalfilename = $_CONF['path_data'] . 'temp/' . $filename;
} else {
return _pi_errorBox($LANG32[46]);
}
// decompress into temp directory
if (function_exists('set_time_limit')) {
@set_time_limit(60);
}
if (!($tmp = _io_mktmpdir())) {
return _pi_errorBox($LANG32[47]);
}
if (!COM_decompress($Finalfilename, $_CONF['path_data'] . $tmp)) {
_pi_deleteDir($_CONF['path_data'] . $tmp);
return _pi_errorBox($LANG32[48]);
}
@unlink($Finalfilename);
// read XML data file, places in $pluginData;
$pluginData = array();
$rc = _pi_parseXML($_CONF['path_data'] . $tmp);
if ($rc == -1) {
// no xml file found
return processOldPlugin($tmp);
}
if (!isset($pluginData['id']) || !isset($pluginData['version'])) {
return processOldPlugin($tmp);
}
// proper glfusion version
if (!COM_checkVersion(GVERSION, $pluginData['glfusionversion'])) {
_pi_deleteDir($_CONF['path_data'] . $tmp);
return _pi_errorBox(sprintf($LANG32[49], $pluginData['glfusionversion']));
}
if (!COM_checkVersion(phpversion(), $pluginData['phpversion'])) {
$retval .= sprintf($LANG32[50], $pluginData['phpversion']);
_pi_deleteDir($_CONF['path_data'] . $tmp);
return _pi_errorBox(sprintf($LANG32[50], $pluginData['phpversion']));
}
// check prerequisites
$errors = '';
if (isset($pluginData['requires']) && is_array($pluginData['requires'])) {
foreach ($pluginData['requires'] as $reqPlugin) {
list($reqPlugin, $required_ver) = explode(',', $reqPlugin);
if (!isset($_PLUGIN_INFO[$reqPlugin])) {
// required plugin not installed
$errors .= sprintf($LANG32[51], $pluginData['id'], $reqPlugin, $reqPlugin);
} elseif (!empty($required_ver)) {
$installed_ver = $_PLUGIN_INFO[$reqPlugin];
if (!COM_checkVersion($installed_ver, $required_ver)) {
// required plugin installed, but wrong version
$errors .= sprintf($LANG32[90], $required_ver, $reqPlugin, $installed_ver, $reqPlugin);
}
}
}
}
if ($errors != '') {
_pi_deleteDir($_CONF['path_data'] . $tmp);
return _pi_errorBox($errors);
}
// check if plugin already exists
// if it does, check that this is an upgrade
// if not, error
// else validate we really want to upgrade
$result = DB_query("SELECT * FROM {$_TABLES['plugins']} WHERE pi_name='" . DB_escapeString($pluginData['id']) . "'");
if (DB_numRows($result) > 0) {
$P = DB_fetchArray($result);
if ($P['pi_version'] == $pluginData['version']) {
_pi_deleteDir($_CONF['path_data'] . $tmp);
return _pi_errorBox(sprintf($LANG32[52], $pluginData['id']));
}
// if we are here, it must be an upgrade or disabled plugin....
$rc = COM_checkVersion($pluginData['version'], $P['pi_version']);
if ($rc < 1) {
_pi_deleteDir($_CONF['path_data'] . $tmp);
return _pi_errorBox(sprintf($LANG32[53], $pluginData['id'], $pluginData['version'], $P['pi_version']));
}
if ($P['pi_enabled'] != 1) {
_pi_deleteDir($_CONF['path_data'] . $tmp);
return _pi_errorBox($LANG32[72]);
}
$upgrade = true;
}
$permError = 0;
$permErrorList = '';
if (function_exists('set_time_limit')) {
@set_time_limit(30);
}
// test copy to proper directories
list($rc, $failed) = _pi_test_copy($_CONF['path_data'] . $tmp . '/' . $pluginData['id'] . '/', $_CONF['path'] . 'plugins/' . $pluginData['id']);
if ($rc > 0) {
$permError = 1;
foreach ($failed as $filename) {
$permErrorList .= sprintf($LANG32[41], $filename);
}
}
list($rc, $failed) = _pi_test_copy($_CONF['path_data'] . $tmp . '/' . $pluginData['id'] . '/admin/', $_CONF['path_html'] . 'admin/plugins/' . $pluginData['id']);
if ($rc > 0) {
$permError = 1;
foreach ($failed as $filename) {
$permErrorList .= sprintf($LANG32[41], $filename);
}
}
list($rc, $failed) = _pi_test_copy($_CONF['path_data'] . $tmp . '/' . $pluginData['id'] . '/public_html/', $_CONF['path_html'] . $pluginData['id']);
if ($rc > 0) {
$permError = 1;
foreach ($failed as $filename) {
$permErrorList .= sprintf($LANG32[41], $filename);
}
}
if ($permError != 0) {
$errorMessage = '<h2>' . $LANG32[42] . '</h2>' . $LANG32[43] . $permErrorList . '<br />' . $LANG32[44];
_pi_deleteDir($_CONF['path_data'] . $tmp);
return _pi_errorBox($errorMessage);
}
USES_lib_admin();
$menu_arr = array(array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
$T = new Template($_CONF['path_layout'] . 'admin/plugins');
$T->set_file('form', 'plugin_upload_confirm.thtml');
$T->set_var('admin_menu', ADMIN_createMenu($menu_arr, $pluginData['id'] . ' ' . $LANG32[62], $_CONF['layout_url'] . '/images/icons/plugins.' . $_IMAGE_TYPE));
$T->set_var(array('form_action_url' => $_CONF['site_admin_url'] . '/plugin_upload.php', 'action' => 'processupload', 'pi_name' => $pluginData['id'], 'pi_version' => $pluginData['version'], 'pi_url' => $pluginData['url'], 'pi_gl_version' => $pluginData['glfusionversion'], 'pi_desc' => $pluginData['description'], 'pi_author' => $pluginData['author'], 'plugin_old_version' => $P['pi_version'], 'upgrade' => $upgrade, 'temp_dir' => $tmp));
$retval .= $T->parse('output', 'form');
return $retval;
}
function PAYPAL_saveCatImage($category, $files, $cat_id)
{
global $_CONF, $_PAY_CONF, $_TABLES, $LANG24;
$args = $category;
// Handle Magic GPC Garbage:
while (list($key, $value) = each($args)) {
if (!is_array($value)) {
$args[$key] = COM_stripslashes($value);
} else {
while (list($subkey, $subvalue) = each($value)) {
$value[$subkey] = COM_stripslashes($subvalue);
}
}
}
// OK, let's upload any pictures with the product
require_once $_CONF['path_system'] . 'classes/upload.class.php';
$upload = new upload();
//Debug with story debug function
if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
$upload->setLogFile($_CONF['path'] . 'logs/error.log');
$upload->setDebug(true);
}
$upload->setMaxFileUploads(1);
if (!empty($_CONF['image_lib'])) {
if ($_CONF['image_lib'] == 'imagemagick') {
// Using imagemagick
$upload->setMogrifyPath($_CONF['path_to_mogrify']);
} elseif ($_CONF['image_lib'] == 'netpbm') {
// using netPBM
$upload->setNetPBM($_CONF['path_to_netpbm']);
} elseif ($_CONF['image_lib'] == 'gdlib') {
// using the GD library
$upload->setGDLib();
}
$upload->setAutomaticResize(true);
$upload->keepOriginalImage(false);
if (isset($_CONF['jpeg_quality'])) {
$upload->setJpegQuality($_CONF['jpeg_quality']);
}
}
$upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
if (!$upload->setPath($_PAY_CONF['path_cat_images'])) {
$output = COM_siteHeader('menu', $LANG24[30]);
$output .= COM_startBlock($LANG24[30], '', COM_getBlockTemplate('_msg_block', 'header'));
$output .= $upload->printErrors(false);
$output .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$output .= COM_siteFooter();
echo $output;
exit;
}
// NOTE: if $_CONF['path_to_mogrify'] is set, the call below will
// force any images bigger than the passed dimensions to be resized.
// If mogrify is not set, any images larger than these dimensions
// will get validation errors
$upload->setMaxDimensions($_PAY_CONF['max_image_width'], $_PAY_CONF['max_image_height']);
$upload->setMaxFileSize($_PAY_CONF['max_image_size']);
// size in bytes, 1048576 = 1MB
// Set file permissions on file after it gets uploaded (number is in octal)
$upload->setPerms('0644');
$curfile = current($files);
if (!empty($curfile['name'])) {
$pos = strrpos($curfile['name'], '.') + 1;
$fextension = substr($curfile['name'], $pos);
$filenames = 'cat_' . $cat_id . '.' . $fextension;
}
if ($filenames != '') {
$upload->setFileNames($filenames);
reset($files);
$upload->uploadFiles();
if ($upload->areErrors()) {
$retval = COM_siteHeader('menu', $LANG24[30]);
$retval .= COM_startBlock($LANG24[30], '', COM_getBlockTemplate('_msg_block', 'header'));
$retval .= $upload->printErrors(false);
$retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$retval .= COM_siteFooter();
echo $retval;
exit;
}
DB_query("UPDATE {$_TABLES['paypal_categories']} SET image = '" . $filenames . "' WHERE cat_id=" . $cat_id);
}
return true;
}
/**
* Upload new topic icon, replaces previous icon if one exists
*
* @param string tid ID of topic to prepend to filename
* @return string filename of new photo (empty = no new photo)
*
*/
function handleIconUpload($tid)
{
global $_CONF, $_TABLES, $LANG27;
require_once $_CONF['path_system'] . 'classes/upload.class.php';
$upload = new upload();
if (!empty($_CONF['image_lib'])) {
if ($_CONF['image_lib'] == 'imagemagick') {
// Using imagemagick
$upload->setMogrifyPath($_CONF['path_to_mogrify']);
} elseif ($_CONF['image_lib'] == 'netpbm') {
// using netPBM
$upload->setNetPBM($_CONF['path_to_netpbm']);
} elseif ($_CONF['image_lib'] == 'gdlib') {
// using the GD library
$upload->setGDLib();
}
$upload->setAutomaticResize(true);
if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
$upload->setLogFile($_CONF['path'] . 'logs/error.log');
$upload->setDebug(true);
}
if (isset($_CONF['jpeg_quality'])) {
$upload->setJpegQuality($_CONF['jpeg_quality']);
}
}
$upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
if (!$upload->setPath($_CONF['path_images'] . 'topics')) {
$display = COM_siteHeader('menu', $LANG27[29]);
$display .= COM_startBlock($LANG27[29], '', COM_getBlockTemplate('_msg_block', 'header'));
$display .= $upload->printErrors(false);
$display .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$display .= COM_siteFooter();
COM_output($display);
exit;
// don't return
}
$filename = '';
// see if user wants to upload a (new) icon
$newicon = $_FILES['newicon'];
if (!empty($newicon['name'])) {
$pos = strrpos($newicon['name'], '.') + 1;
$fextension = substr($newicon['name'], $pos);
$filename = 'topic_' . $tid . '.' . $fextension;
}
// do the upload
if (!empty($filename)) {
$upload->setFileNames($filename);
$upload->setPerms('0644');
if ($_CONF['max_topicicon_width'] > 0 && $_CONF['max_topicicon_height'] > 0) {
$upload->setMaxDimensions($_CONF['max_topicicon_width'], $_CONF['max_topicicon_height']);
} else {
$upload->setMaxDimensions($_CONF['max_image_width'], $_CONF['max_image_height']);
}
if ($_CONF['max_topicicon_size'] > 0) {
$upload->setMaxFileSize($_CONF['max_topicicon_size']);
} else {
$upload->setMaxFileSize($_CONF['max_image_size']);
}
$upload->uploadFiles();
if ($upload->areErrors()) {
$display = COM_siteHeader('menu', $LANG27[29]);
$display .= COM_startBlock($LANG27[29], '', COM_getBlockTemplate('_msg_block', 'header'));
$display .= $upload->printErrors(false);
$display .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$display .= COM_siteFooter();
COM_output($display);
exit;
// don't return
}
$filename = '/images/topics/' . $filename;
}
return $filename;
}
/**
* Upload new photo, delete old photo
*
* @param string $delete_photo 'on': delete old photo
* @return string filename of new photo (empty = no new photo)
*
*/
function handlePhotoUpload($delete_photo = '')
{
global $_CONF, $_TABLES, $_USER, $LANG24;
require_once $_CONF['path_system'] . 'classes/upload.class.php';
$upload = new upload();
if (!empty($_CONF['image_lib'])) {
$upload->setAutomaticResize(true);
if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
$upload->setLogFile($_CONF['path'] . 'logs/error.log');
$upload->setDebug(true);
}
}
$upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
if (!$upload->setPath($_CONF['path_images'] . 'userphotos')) {
$display = COM_siteHeader('menu', $LANG24[30]);
$display .= COM_showMessageText($upload->printErrors(false), $LANG24[30], true);
$display .= COM_siteFooter();
echo $display;
exit;
// don't return
}
$filename = '';
if (!empty($delete_photo) && $delete_photo == 'on') {
$delete_photo = true;
} else {
$delete_photo = false;
}
$curphoto = DB_getItem($_TABLES['users'], 'photo', "uid = {$_USER['uid']}");
if (empty($curphoto)) {
$delete_photo = false;
}
// see if user wants to upload a (new) photo
$newphoto = $_FILES['photo'];
if (!empty($newphoto['name'])) {
$pos = strrpos($newphoto['name'], '.') + 1;
$fextension = substr($newphoto['name'], $pos);
$filename = $_USER['uid'] . '.' . $fextension;
if (!empty($curphoto) && $filename != $curphoto) {
$delete_photo = true;
} else {
$delete_photo = false;
}
}
// delete old photo first
if ($delete_photo) {
USER_deletePhoto($curphoto);
}
// now do the upload
if (!empty($filename)) {
$upload->setFileNames($filename);
$upload->setFieldName('photo');
$upload->setPerms('0644');
if ($_CONF['max_photo_width'] > 0 && $_CONF['max_photo_height'] > 0) {
$upload->setMaxDimensions($_CONF['max_photo_width'], $_CONF['max_photo_height']);
} else {
$upload->setMaxDimensions($_CONF['max_image_width'], $_CONF['max_image_height']);
}
if ($_CONF['max_photo_size'] > 0) {
$upload->setMaxFileSize($_CONF['max_photo_size']);
} else {
$upload->setMaxFileSize($_CONF['max_image_size']);
}
$upload->uploadFiles();
if ($upload->areErrors()) {
$display = COM_siteHeader('menu', $LANG24[30]);
$display .= COM_showMessageText($upload->printErrors(false), $LANG24[30], true);
$display .= COM_siteFooter();
echo $display;
exit;
// don't return
}
} else {
if (!$delete_photo && !empty($curphoto)) {
$filename = $curphoto;
}
}
return $filename;
}
/**
* Main driver to handle the uploaded autotag
*
* Determines if a new style (supports automated installer) or
* an old style.
*
* @return string Formatted HTML containing the page body
*
*/
function processAutotagUpload()
{
global $_CONF, $_PLUGINS, $_TABLES, $autotagData, $LANG32, $_DB_dbms, $_DB_table_prefix;
$retval = '';
$upgrade = false;
$errors = '';
if (count($_FILES) > 0 && $_FILES['autotagfile']['error'] != UPLOAD_ERR_NO_FILE) {
require_once $_CONF['path_system'] . 'classes/upload.class.php';
$upload = new upload();
if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
$upload->setLogFile($_CONF['path'] . 'logs/error.log');
$upload->setDebug(true);
}
$upload->setMaxFileUploads(1);
$upload->setMaxFileSize(4194304);
$upload->setAllowedMimeTypes(array('application/x-gzip' => '.gz,.gzip,tgz', 'application/zip' => '.zip'));
$upload->setFieldName('autotagfile');
if (!$upload->setPath($_CONF['path_data'] . 'temp')) {
return _at_errorBox($upload->printErrors(false));
exit;
}
$filename = COM_sanitizeFilename($_FILES['autotagfile']['name'], true);
$upload->setFileNames($filename);
$upload->uploadFiles();
if ($upload->areErrors()) {
return _at_errorBox($upload->printErrors(false));
exit;
}
$Finalfilename = $_CONF['path_data'] . 'temp/' . $filename;
} else {
return _at_errorBox($LANG32[46]);
}
// decompress into temp directory
if (function_exists('set_time_limit')) {
@set_time_limit(60);
}
if (!($tmp = _io_mktmpdir())) {
return _at_errorBox($LANG32[47]);
}
if (!COM_decompress($Finalfilename, $_CONF['path_data'] . $tmp)) {
_pi_deleteDir($_CONF['path_data'] . $tmp);
return _at_errorBox($LANG32[48]);
}
@unlink($Finalfilename);
// read XML data file, places in $autotagData;
$autotagData = array();
$rc = _at_parseXML($_CONF['path_data'] . $tmp);
if ($rc == -1) {
// no xml file found
_pi_deleteDir($_CONF['path_data'] . $tmp);
return _at_errorBox(sprintf($LANG32[49], $autotagData['glfusionversion']));
}
if (!isset($autotagData['id']) || !isset($autotagData['version'])) {
_pi_deleteDir($_CONF['path_data'] . $tmp);
return _at_errorBox(sprintf($LANG32[49], $autotagData['glfusionversion']));
}
// proper glfusion version
if (!COM_checkVersion(GVERSION, $autotagData['glfusionversion'])) {
_pi_deleteDir($_CONF['path_data'] . $tmp);
return _at_errorBox(sprintf($LANG32[49], $autotagData['glfusionversion']));
}
if (!COM_checkVersion(phpversion(), $autotagData['phpversion'])) {
$retval .= sprintf($LANG32[50], $autotagData['phpversion']);
_pi_deleteDir($_CONF['path_data'] . $tmp);
return _at_errorBox(sprintf($LANG32[50], $autotagData['phpversion']));
}
if ($errors != '') {
_pi_deleteDir($_CONF['path_data'] . $tmp);
return _at_errorBox($errors);
}
// check to see if an auto tag already exists...
// removed so we can update existing auto tags
/*
$result = DB_query("SELECT * FROM {$_TABLES['autotags']} WHERE tag='".DB_escapeString($autotagData['id'])."'");
if ( DB_numRows($result) > 0 ) {
_pi_deleteDir($_CONF['path_data'].$tmp);
return _at_errorBox(sprintf($LANG32[52],$autotagData['id']));
}
*/
$permError = 0;
$permErrorList = '';
if (function_exists('set_time_limit')) {
@set_time_limit(30);
}
// test copy to proper directories
$autotagData['id'] = preg_replace('/[^a-zA-Z0-9\\-_\\.]/', '', $autotagData['id']);
list($rc, $failed) = _pi_test_copy($_CONF['path_data'] . $tmp . '/' . $autotagData['id'] . '/', $_CONF['path_system'] . 'autotags/');
if ($rc > 0) {
$permError = 1;
foreach ($failed as $filename) {
$permErrorList .= sprintf($LANG32[41], $filename);
}
}
if ($permError != 0) {
$errorMessage = '<h2>' . $LANG32[42] . '</h2>' . $LANG32[43] . $permErrorList . '<br />' . $LANG32[44];
_pi_deleteDir($_CONF['path_data'] . $tmp);
return _at_errorBox($errorMessage);
}
$T = new Template($_CONF['path_layout'] . 'admin/autotag');
$T->set_file('form', 'autotag_upload_confirm.thtml');
$T->set_var(array('form_action_url' => $_CONF['site_admin_url'] . '/autotag_upload.php', 'action' => 'processupload', 'pi_name' => $autotagData['id'], 'pi_version' => $autotagData['version'], 'pi_url' => $autotagData['url'], 'pi_gl_version' => $autotagData['glfusionversion'], 'pi_desc' => $autotagData['description'], 'pi_author' => $autotagData['author'], 'upgrade' => $upgrade, 'temp_dir' => $tmp));
$retval .= $T->parse('output', 'form');
return $retval;
}
/**
* This function record in the hello queue the message to send to the specified group or to csv list
*
* @param array $vars Same as $_POST, holds all the email info
* @return string HTML with success or error message
*
*/
function send_messages($vars)
{
global $_CONF, $_TABLES, $LANG31, $LANG_HELLO01;
require_once $_CONF['path_system'] . 'lib-user.php';
$retval = '';
if (empty($vars['fra']) or empty($vars['fraepost']) or empty($vars['subject']) or empty($vars['content'])) {
$retval .= COM_startBlock($LANG31[1], '', COM_getBlockTemplate('_msg_block', 'header'));
$retval .= $LANG31[26];
$retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$retval .= $display .= display_mailform($vars);
return $retval;
}
// Urgent message!
if (isset($vars['priority'])) {
$priority = 1;
} else {
$priority = 0;
}
if (!empty($vars['to_group'])) {
$groupList = implode(',', USER_getChildGroups($vars['to_group']));
//Group name
$group_name = DB_query("SELECT grp_name FROM {$_TABLES['groups']} WHERE grp_id =" . $vars['to_group'] . " ");
$group_name = DB_fetchArray($group_name);
$email_group = $group_name[0];
if (isset($vars['overstyr'])) {
$sql = "SELECT DISTINCT username,fullname,email FROM {$_TABLES['users']},{$_TABLES['group_assignments']} WHERE uid > 1";
$sql .= " AND {$_TABLES['users']}.status = 3 AND ((email is not null) and (email != ''))";
$sql .= " AND {$_TABLES['users']}.uid = ug_uid AND ug_main_grp_id IN ({$groupList})";
} else {
$sql = "SELECT DISTINCT username,fullname,email,emailfromadmin FROM {$_TABLES['users']},{$_TABLES['userprefs']},{$_TABLES['group_assignments']} WHERE {$_TABLES['users']}.uid > 1";
$sql .= " AND {$_TABLES['users']}.status = 3 AND ((email is not null) and (email != ''))";
$sql .= " AND {$_TABLES['users']}.uid = {$_TABLES['userprefs']}.uid AND emailfromadmin = 1";
$sql .= " AND ug_uid = {$_TABLES['users']}.uid AND ug_main_grp_id IN ({$groupList})";
}
$result = DB_query($sql);
$nrows = DB_numRows($result);
$quantity = $nrows;
} else {
// OK, let's upload csv file
require_once $_CONF['path_system'] . 'classes/upload.class.php';
$upload = new upload();
//Debug with story debug function
if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
$upload->setLogFile($_CONF['path'] . 'logs/error.log');
$upload->setDebug(true);
}
$upload->setMaxFileUploads(1);
$upload->setAllowedMimeTypes(array('text/csv' => '.csv', 'text/comma-separated-values' => '.csv', 'application/vnd.ms-excel' => '.csv', 'application/x-csv' => '.csv'));
if (!$upload->setPath($_CONF['path_data'])) {
$output = COM_siteHeader('menu', $LANG24[30]);
$output .= COM_startBlock($LANG24[30], '', COM_getBlockTemplate('_msg_block', 'header'));
$output .= $upload->printErrors(false);
$output .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$output .= COM_siteFooter();
echo $output;
exit;
}
// Set file permissions on file after it gets uploaded (number is in octal)
$upload->setPerms('0644');
$curfile = current($_FILES);
if (!empty($curfile['name'])) {
$pos = strrpos($curfile['name'], '.') + 1;
$fextension = substr($curfile['name'], $pos);
$filename = 'import_hello_' . COM_makesid() . '.' . $fextension;
}
if ($filename == '') {
$output = COM_siteHeader('menu', $LANG24[30]);
$output .= COM_startBlock($LANG24[30], '', COM_getBlockTemplate('_msg_block', 'header'));
$output .= 'Upload error: csv file name is empty. Please try again...';
$output .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$output .= COM_siteFooter();
echo $output;
exit;
}
$upload->setFileNames($filename);
reset($_FILES);
$upload->uploadFiles();
if ($upload->areErrors()) {
$msg = $upload->printErrors(false);
return $LANG24[30];
}
//email group
$email_group = $LANG_HELLO01['csv_file'];
$destinataires = array();
$separator = $vars['separator'];
if (!in_array($separator, array(',', 'tab', ';'))) {
$separator = ',';
}
if ($separator == 'tab') {
$separator = "\t";
}
if (($handle = fopen($_CONF['path_data'] . $filename, "r")) !== FALSE) {
$quantity = 0;
while (($data = fgetcsv($handle, 0, $separator)) !== FALSE) {
//todo check if email is valid
if ($data[0] != '' and COM_isEmail($data[0])) {
$quantity++;
$destinataires[] = $data[0];
}
}
fclose($handle);
}
}
$retval .= COM_startBlock($LANG31[1]);
// register hello
$creation = date('YmdHi', time());
$subject = addslashes($vars['subject']);
$content = addslashes($vars['content']);
$from = COM_formatEmailAddress($vars['fra'], $vars['fraepost']);
$sql_ajout_hello = "INSERT INTO {$_TABLES['hello']} (subject, creation, email_group, quantity, content) VALUES ('{$subject}', '{$creation}', '{$email_group}', '{$quantity}','{$content}')";
DB_query($sql_ajout_hello);
$new_hello_id = DB_insertId();
// Loop through and send the messages in the DB!
$successes = 0;
$failures = 0;
if (!empty($vars['to_group'])) {
for ($i = 0; $i < $quantity; $i++) {
$A = DB_fetchArray($result);
$destinataire = $A['email'];
$expediteur = $from;
$date = date('YmdHi', time());
$sql_ajout_hello = "INSERT INTO {$_TABLES['hello_queue']} (expediteur, destinataire, date, hello_id, subject, content, priority) VALUES ('{$expediteur}', '{$destinataire}', '{$date}', '{$new_hello_id}', '{$subject}', '{$content}', '{$priority}')";
if ($destinataire != '') {
if (DB_query($sql_ajout_hello)) {
$successes = $successes + 1;
} else {
$failures = $failures + 1;
}
} else {
$failures = $failures + 1;
}
}
} else {
//csv file
for ($i = 0; $i < $quantity; $i++) {
$destinataire = $destinataires[$i];
$expediteur = $from;
$date = date('YmdHi', time());
$sql_ajout_hello = "INSERT INTO {$_TABLES['hello_queue']} (expediteur, destinataire, date, hello_id, subject, content, priority) VALUES ('{$expediteur}', '{$destinataire}', '{$date}', '{$new_hello_id}', '{$subject}', '{$content}', '{$priority}')";
if (DB_query($sql_ajout_hello)) {
$successes = $successes + 1;
} else {
$failures = $failures + 1;
}
}
}
if ($successes >= 0) {
$retval .= $i . ' ' . $LANG_HELLO01['email_schedule'] . '<br />' . $vars['priority'];
}
if ($failures > 0) {
$retval .= 'Oups... There was ' . $failures . ' failure(s)';
}
if (empty($vars['to_group'])) {
//list emails from csv
reset($destinataires);
$retval .= COM_makeList($destinataires);
}
$retval .= COM_endBlock();
return $retval;
}