list($usr['auth_read'], $usr['auth_write'], $usr['isadmin']) = cot_auth('pfs', 'a');
cot_block($usr['auth_write']);
if (!$usr['isadmin'] || $userid === null) {
$userid = $usr['id'];
} else {
$more = 'userid=' . $userid;
}
if ($userid != $usr['id']) {
cot_block($usr['isadmin']);
}
$standalone = FALSE;
$uid = $userid > 0 ? $userid : $usr['id'];
$user_info = cot_userinfo($uid);
$maingroup = $userid == 0 ? 5 : $user_info['user_maingrp'];
$pfs_dir_user = cot_pfs_path($userid);
$thumbs_dir_user = cot_pfs_thumbpath($userid);
reset($cot_extensions);
foreach ($cot_extensions as $k => $line) {
$icon[$line[0]] = cot_rc('pfs_icon_type', array('type' => $line[2], 'name' => $line[1]));
$filedesc[$line[0]] = $line[1];
}
if (!empty($c1) || !empty($c2)) {
$more .= empty($more) ? 'c1=' . $c1 . '&c2=' . $c2 : '&c1=' . $c1 . '&c2=' . $c2;
$standalone = TRUE;
}
/* ============= */
$L['pfs_title'] = $userid == 0 ? $L['SFS'] : $L['pfs_title'];
$title[] = array(cot_url('pfs', $more), $L['pfs_title']);
/* === Hook === */
foreach (cot_getextplugins('pfs.edit.first') as $pl) {
include $pl;
/**
* Upload one or more files, return parent folder ID
*
* @param int $userid User ID
* @param int $folderid Folder ID
* @return int
*/
function cot_pfs_upload($userid, $folderid = '')
{
global $db, $cfg, $sys, $cot_extensions, $gd_supported, $maxfile, $maxtotal, $db_pfs, $db_pfs_folders, $L, $err_msg;
if ($folderid === '') {
$folderid = cot_import('folderid', 'P', 'INT');
}
$ndesc = cot_import('ndesc', 'P', 'ARR');
$npath = cot_pfs_folderpath($folderid);
/* === Hook === */
foreach (cot_getextplugins('pfs.upload.first') as $pl) {
include $pl;
}
/* ===== */
cot_die($npath === FALSE);
for ($ii = 0; $ii < $cfg['pfs']['pfsmaxuploads']; $ii++) {
$disp_errors = '';
$u_tmp_name = $_FILES['userfile']['tmp_name'][$ii];
$u_type = $_FILES['userfile']['type'][$ii];
$u_name = $_FILES['userfile']['name'][$ii];
$u_size = $_FILES['userfile']['size'][$ii];
$u_name = str_replace("\\'", '', $u_name);
$u_name = trim(str_replace("\"", '', $u_name));
if (!empty($u_name)) {
$disp_errors .= $u_name . ' : ';
$u_name = mb_strtolower($u_name);
$dotpos = mb_strrpos($u_name, ".") + 1;
$f_extension = mb_substr($u_name, $dotpos);
$f_extension_ok = 0;
$desc = $ndesc[$ii];
if ($cfg['pfs']['pfstimename']) {
$u_name = time() . '_' . $u_name;
}
if (!$cfg['pfs']['pfsuserfolder']) {
$u_name = $usr['id'] . '_' . $u_name;
}
$u_newname = cot_safename($u_name, true);
$u_sqlname = $db->prep($u_newname);
if ($f_extension != 'php' && $f_extension != 'php3' && $f_extension != 'php4' && $f_extension != 'php5') {
foreach ($cot_extensions as $k => $line) {
if (mb_strtolower($f_extension) == $line[0]) {
$f_extension_ok = 1;
}
}
}
if (is_uploaded_file($u_tmp_name) && $u_size > 0 && $u_size < $maxfile && $f_extension_ok && $pfs_totalsize + $u_size < $maxtotal) {
$fcheck = cot_file_check($u_tmp_name, $u_name, $f_extension);
if ($fcheck == 1) {
$pfs_dir_user = cot_pfs_path($userid);
$thumbs_dir_user = cot_pfs_thumbpath($userid);
if (!file_exists($pfs_dir_user . $npath . $u_newname)) {
$is_moved = true;
if ($cfg['pfs']['pfsuserfolder']) {
if (!is_dir($pfs_dir_user)) {
$is_moved &= mkdir($pfs_dir_user, $cfg['dir_perms']);
}
if (!is_dir($thumbs_dir_user)) {
$is_moved &= mkdir($thumbs_dir_user, $cfg['dir_perms']);
}
}
$is_moved &= move_uploaded_file($u_tmp_name, $pfs_dir_user . $npath . $u_newname);
$is_moved &= chmod($pfs_dir_user . $npath . $u_newname, $cfg['file_perms']);
$u_size = filesize($pfs_dir_user . $npath . $u_newname);
if ($is_moved && (int) $u_size > 0) {
/* === Hook === */
foreach (cot_getextplugins('pfs.upload.moved') as $pl) {
include $pl;
}
/* ===== */
$db->insert($db_pfs, array('pfs_userid' => (int) $userid, 'pfs_date' => (int) $sys['now'], 'pfs_file' => $u_sqlname, 'pfs_extension' => $f_extension, 'pfs_folderid' => (int) $folderid, 'pfs_desc' => $desc, 'pfs_size' => (int) $u_size, 'pfs_count' => 0));
$db->update($db_pfs_folders, array('pff_updated' => $sys['now']), 'pff_id="' . $folderid . '"');
$disp_errors .= $L['Yes'];
$pfs_totalsize += $u_size;
/* === Hook === */
foreach (cot_getextplugins('pfs.upload.done') as $pl) {
include $pl;
}
/* ===== */
if (in_array($f_extension, $gd_supported) && $cfg['pfs']['th_amode'] != 'Disabled' && file_exists($pfs_dir_user . $u_newname)) {
@unlink($thumbs_dir_user . $npath . $u_newname);
$th_colortext = array(hexdec(substr($cfg['pfs']['th_colortext'], 0, 2)), hexdec(substr($cfg['pfs']['th_colortext'], 2, 2)), hexdec(substr($cfg['pfs']['th_colortext'], 4, 2)));
$th_colorbg = array(hexdec(substr($cfg['pfs']['th_colorbg'], 0, 2)), hexdec(substr($cfg['pfs']['th_colorbg'], 2, 2)), hexdec(substr($cfg['pfs']['th_colorbg'], 4, 2)));
cot_imageresize($pfs_dir_user . $npath . $u_newname, $cfg['pfs']['thumbs_dir_user'] . $npath . $u_newname, $cfg['pfs']['th_x'], $cfg['pfs']['th_y'], '', $th_colorbg, $cfg['pfs']['th_jpeg_quality'], true);
}
} else {
@unlink($pfs_dir_user . $npath . $u_newname);
$disp_errors .= $L['pfs_filenotmoved'];
}
} else {
$disp_errors .= $L['pfs_fileexists'];
}
} elseif ($fcheck == 2) {
$disp_errors .= sprintf($L['pfs_filemimemissing'], $f_extension);
} else {
$disp_errors .= sprintf($L['pfs_filenotvalid'], $f_extension);
}
} else {
$disp_errors .= $L['pfs_filetoobigorext'];
}
$err_msg[] = $disp_errors;
}
}
return $folderid;
}
