public static function handle_upload($itemid, $fieldname, &$error)
{
$config = cmsms()->GetConfig();
$mod = cms_utils::get_module('News');
$p = cms_join_path($config['uploads_path'], 'news');
if (!is_dir($p)) {
$res = @mkdir($p);
if ($res === FALSE) {
$error = $mod->Lang('error_mkdir', $p);
return FALSE;
}
}
$p = cms_join_path($config['uploads_path'], 'news', 'id' . $itemid);
if (!is_dir($p)) {
if (@mkdir($p) === FALSE) {
$error = $mod->Lang('error_mkdir', $p);
return FALSE;
}
}
if ($_FILES[$fieldname]['size'] > $config['max_upload_size']) {
$error = $mod->Lang('error_filesize');
return FALSE;
}
$filename = basename($_FILES[$fieldname]['name']);
$dest = cms_join_path($config['uploads_path'], 'news', 'id' . $itemid, $filename);
// Get the files extension
$ext = substr(strrchr($filename, '.'), 1);
// compare it against the 'allowed extentions'
$exts = explode(',', $mod->GetPreference('allowed_upload_types', ''));
if (!in_array($ext, $exts)) {
$error = $mod->Lang('error_invalidfiletype');
return FALSE;
}
if (@cms_move_uploaded_file($_FILES[$fieldname]['tmp_name'], $dest) === FALSE) {
$error = $mod->Lang('error_movefile', $dest);
return FALSE;
}
return $filename;
}
$tiny->smarty->assign('messagefail', $tiny->Lang("filetoobig"));
} else {
$filename = $tiny->Slash($thisdir, $_FILES["uploadformnewfile"]["name"]);
if ($tiny->GetPreference("makethumbnail", 0) == 1) {
$thumbname = $tiny->Slash($thisdir, "thumb_" . $_FILES["uploadformnewfile"]["name"]);
$tiny->HandleFileResizing($_FILES["uploadformnewfile"]["tmp_name"], $thumbname, 96, 96);
}
//print_r($_POST);
if (isset($_POST["uploadformresize_on"]) && is_numeric($_POST["uploadformresize_x"]) && is_numeric($_POST["uploadformresize_y"])) {
if ($tiny->HandleFileResizing($_FILES["uploadformnewfile"]["tmp_name"], $filename, $_POST["uploadformresize_x"], $_POST["uploadformresize_y"])) {
$tiny->smarty->assign('messagesuccess', $tiny->Lang("fileuploaded"));
} else {
$tiny->smarty->assign('messagefail', $tiny->Lang("uploadfailed"));
}
} else {
if (cms_move_uploaded_file($_FILES["uploadformnewfile"]["tmp_name"], $filename)) {
$tiny->smarty->assign('messagesuccess', $tiny->Lang("fileuploaded"));
} else {
$tiny->smarty->assign('messagefail', $tiny->Lang("uploadfailed"));
}
}
}
}
} else {
$tiny->smarty->assign('messagefail', $tiny->Lang("nofile"));
}
} else {
//This shouldn't happen
$tiny->smarty->assign('messagefail', $tiny->Lang("nofile"));
}
}
$message = "newuploadsuccess";
$messagecount++;
//$messages.="<li>".$_FILES[$id."file_".$i]["name"]." ".$this->Lang("unpacksuccess")."</li>\n";
}
break;
default:
//$errors.=$this->Lang("unsupportedarchive")." ($extension)";
$error = "newunsupportedarchive";
$errorcount = $extension;
break;
}
} else {
if (trim($_FILES[$id . "file_" . $i]["name"]) == "") {
continue;
}
$thispath = $this->Slash($fullpath, $_FILES[$id . "file_" . $i]["name"]);
if (cms_move_uploaded_file($_FILES[$id . "file_" . $i]["tmp_name"], $thispath)) {
//$messages.="<span class='fm-messages'>".$_FILES[$id."file_".$i]["name"]." ".$this->Lang("uploadsuccess")."</span>\n";
$message = "newuploadsuccess";
$messagecount++;
} else {
//$errors.="<span class='fm-messages'>".$_FILES[$id."file_".$i]["name"]." ".$this->Lang("uploadfail")."</span>\n";
$error = "newuploadfailed";
$errorcount++;
}
}
}
/* if ($messages!="") $messages="<ul>".$messages."</ul>";
if ($errors!="") $errors="<ul>".$errors."</ul>";
*/
$this->Redirect($id, "defaultadmin", $returnid, array("path" => $params["path"], "fmmessage" => $message, "fmmessagecount" => $messagecount, "fmerror" => $error, "fmerrorcount" => $errorcount));
//echo "hi";
$thumbname = $this->Slash($thisdir, "thumb_" . $newfile["name"]);
//echo $thumbname;
$thumbnail_width = get_site_preference('thumbnail_width', 96);
$thumbnail_height = get_site_preference('thumbnail_height', 96);
$this->HandleFileResizing($newfile["tmp_name"], $thumbname, $thumbnail_width, $thumbnail_height);
}
//print_r($_POST);
if (isset($params["resize_on"]) && (is_numeric($params["resize_x"]) || is_numeric($params["resize_y"]))) {
if ($this->HandleFileResizing($newfile["tmp_name"], $filename, $params["resize_x"], $params["resize_y"])) {
$this->smarty->assign('messagesuccess', $this->Lang("fileuploaded"));
} else {
$this->smarty->assign('messagefail', $this->Lang("uploadfailed"));
}
} else {
if (cms_move_uploaded_file($newfile["tmp_name"], $filename)) {
//echo $filename;
$this->smarty->assign('messagesuccess', $this->Lang("fileuploaded"));
} else {
$this->smarty->assign('messagefail', $this->Lang("uploadfailed"));
}
}
} else {
$this->smarty->assign('messagefail', $this->Lang("notanimage"));
}
}
}
} else {
$this->smarty->assign('messagefail', $this->Lang("nofile"));
}
} else {
$img = getimagesize($tmpname) ? TRUE : FALSE;
} elseif (function_exists('exif_imagetype')) {
$img = exif_imagetype($tmpname) !== FALSE;
} elseif (function_exists('mime_content_type')) {
$mtype = mime_content_type($tmpname);
$img = strpos($mtype, 'image/') === 0;
}
if (!$img) {
$message = $this->Lang('err_file');
}
}
if (empty($message)) {
$fp = StripeGate\Utils::GetUploadsPath($this);
if ($fp) {
$fp = cms_join_path($fp, $file_data['name']);
if (!chmod($file_data['tmp_name'], 0644) || !cms_move_uploaded_file($file_data['tmp_name'], $fp)) {
$message = $this->Lang('err_upload');
} else {
//all good
$sql = 'UPDATE ' . $pref . 'module_sgt_account SET iconfile=? WHERE account_id=?';
$db->Execute($sql, array($file_data['name'], $params['account_id']));
}
} else {
$message = $this->Lang('err_upload');
}
}
if (empty($message)) {
$message = FALSE;
}
$this->Redirect($id, 'update', $returnid, array('account_id' => $params['account_id'], 'message' => $message));
}
function ManageImageUpload($id, $fldprefix, $fldname, $uid)
{
$gCms = cmsms();
if (!isset($_FILES[$id . $fldprefix . $fldname]) || !isset($_FILES)) {
return array(false, $this->Lang('error_missing_upload'));
}
//$destname = $_FILES[$id.$fldname]['name'];
$file =& $_FILES[$id . $fldprefix . $fldname];
if (!isset($file['name']) || !isset($file['size']) || $file['size'] == 0) {
return array(false, $this->Lang('error_problem_upload'));
}
if (!isset($file['type'])) {
$file['type'] = '';
}
if (!isset($file['size'])) {
$file['size'] = '';
}
if (!isset($file['tmp_name'])) {
$file['tmp_name'] = '';
}
$file['name'] = preg_replace('/[^a-zA-Z0-9\\.\\$\\%\'\\`\\-\\@\\{\\}\\~\\!\\#\\(\\)\\&\\_\\^]/', '', str_replace(array(' ', '%20'), array('_', '_'), $file['name']));
// check the filename
$allowed_extensions = $this->GetPreference('allowed_image_extensions', '.gif,.png,.jpg');
$tmp = explode(',', $allowed_extensions);
if (!is_array($tmp)) {
return array(false, $this->Lang('error_invalidfileextension'));
}
$found = false;
foreach ($tmp as $ext) {
if (endswith($file['name'], $ext)) {
$found = true;
break;
}
}
if (!$found) {
return array(false, $this->Lang('error_invalidfileextension'));
}
// set the destination name
$ext = strchr($file['name'], '.');
$destname = $uid . '_' . $fldname . $ext;
// Create the destination directory if necessary
$destDir = $this->get_upload_dirname($uid);
@mkdir($destDir);
if (!is_writable($destDir)) {
return array(false, $this->Lang('error_destinationnotwritable'));
}
@cms_move_uploaded_file($file['tmp_name'], cms_join_path($destDir, $destname));
return array(true, $destname);
}
exit;
}
$errors = '';
$curdir = isset($params['curdir']) ? $params['curdir'] . '/' : '';
$dir = str_replace('//', '/', $gCms->config["uploads_path"] . '/attachments/' . $curdir);
echo $dir;
$fieldname = $id . 'uploadfile';
if (isset($_FILES) && isset($_FILES[$fieldname]) && isset($_FILES[$fieldname]['name']) && $_FILES[$fieldname]['name'] != "") {
$tmpfilename = str_replace(' ', '_', $_FILES[$fieldname]['name']);
$extension = substr(strrchr($tmpfilename, "."), 1);
$cleanfilename = str_replace('.' . $extension, '', $tmpfilename);
$destdir = $dir . $tmpfilename;
$i = 1;
while (file_exists($destdir)) {
$tmpfilename = $cleanfilename . '_' . $i . '.' . $extension;
$destdir = $dir . $tmpfilename;
$i++;
}
if (!cms_move_uploaded_file($_FILES[$fieldname]['tmp_name'], $destdir)) {
$errors .= "<li>" . lang('filenotuploaded') . "</li>";
} else {
//chmod('../uploads/'.$startdir.$curdir.$tmpfilename, 0755);
//audit(-1, $tmpfilename, 'Uploaded File');
}
}
if ($errors != '') {
echo '<div class="pageerrorcontainer"><ul>' . $errors . '</ul></div>';
} else {
$params['filepath'] = $curdir . $tmpfilename;
}
// natural redirect to assign function
# allow new thumbnail to be uploaded
$tmp = $id . 'input_newthumbnail';
if (isset($_FILES[$tmp]) && !empty($_FILES[$tmp]['name']) && $_FILES[$tmp]['size'] > 0 && $_FILES[$tmp]['error'] == 0) {
$name = $row['upload_name'];
$thumb_ext = strrchr($_FILES[$tmp]['name'], '.');
$file_ext = strrchr($name, '.');
$fname = substr($name, 0, strlen($name) - strlen($file_ext));
$thumb_name = 'thumb_' . $fname . $thumb_ext;
$tn_oldfile = $this->_categoryPath($catpath . DIRECTORY_SEPARATOR . $row['upload_thumbnail']);
if (file_exists($tn_oldfile)) {
@unlink($tn_oldfile);
}
$tn_newfile = $this->_categoryPath($catpath . DIRECTORY_SEPARATOR . $thumb_name);
if (file_exists($tn_newfile)) {
@unlink($tn_newfile);
}
cms_move_uploaded_file($_FILES[$tmp]['tmp_name'], $tn_newfile);
$query = 'UPDATE ' . cms_db_prefix() . 'module_uploads
SET upload_thumbnail = ?
WHERE upload_id = ?';
$db->Execute($query, array($thumb_name, $row['upload_id']));
}
// update search words.
$search = $this->GetModuleInstance('Search');
if ($search) {
$str = $newname . ' ' . $newauthor . ' ' . $newsummary . ' ' . $newdesc;
$search->AddWords($this->Getname(), $row['upload_id'], 'upload', $str);
}
// done.
$this->RedirectToTab($id, 'files', array('curcategory' => $params['category_id']));
// EOF
