public function create_paste($contents)
{
$fileInfo = get_unique_filename('./uploads/pastes');
$handle = fopen($fileInfo[0], 'w');
$res = !!fwrite($handle, $contents);
fclose($handle);
return $res ? $fileInfo[1] : null;
}
function get_unique_filename($folder = '')
{
$hash = md5(microtime() . mt_rand(0, 99999));
$name = "{$folder}/{$hash}";
if (file_exists($name)) {
$name = get_unique_filename($folder);
}
return array($name, $hash);
}
function tfu_copy_move($dir, $file, $enable_file_copymove, $enable_folder_copymove)
{
// first we check if delete is enabled!
if ($enable_file_copymove != 'true' && $enable_folder_copymove != 'true') {
echo 'This action is not enabled!';
exit(0);
}
$done = 0;
$total = 0;
$error = 0;
$exists = 0;
$overwrite = parseInputParameter($_GET['overwrite']);
$folder = getDestinationFolder(parseInputParameter($_GET['target']));
$dest_folder = $folder . '/' . my_basename($dir);
if ($_GET['copyfolder'] == 'true') {
if ($folder == $dir) {
$error = 1;
} else {
if (strpos($folder, $dir) !== false) {
$error = 2;
} else {
if ($overwrite == 'false' && file_exists($dest_folder)) {
$error = 3;
} else {
if (@rename($dir, $dest_folder)) {
$done = 1;
$upperdir = substr($dir, 0, strrpos($dir, "/"));
$_SESSION['TFU_DIR'] = $upperdir;
} else {
$error = 4;
}
}
}
}
} else {
foreach ($file as $ff) {
$total++;
$dest = $folder . '/' . my_basename($ff);
if ($_GET['type'] == 'c') {
if ($folder == $dir) {
$u_file = get_unique_filename($folder, my_basename($ff));
$dest = $folder . "/" . $u_file;
}
if (file_exists($dest) && $overwrite == 'false') {
// if file exists and not overwrite = error
$exists++;
} else {
if ($ff == $dest) {
$nr = 2;
$dest = $folder . '/Copy of ' . my_basename($ff);
while (file_exists($dest)) {
$dest = $folder . '/Copy (' . $nr++ . ') of ' . my_basename($ff);
}
}
if (@copy($ff, $dest)) {
$done++;
} else {
$error++;
}
}
} else {
if ($ff != $dest) {
if (file_exists($dest) && $overwrite) {
@unlink($dest);
}
if (!file_exists($dest)) {
if (@rename($ff, $dest)) {
$done++;
} else {
$error++;
}
}
}
}
}
}
echo '&total=' . $total . '&ok=' . $done . '&error=' . $error . '&exists=' . $exists;
}
/**
* Collects and sanitizes information about the media.
*
* Most of the arguments to this method are by reference and will
* therefore be set or updated without needing the return value.
*
* @param array $file The uploaded file from the $_FILES array.
* @param string &$title The media's title. Will be sanitized.
* @param string &$description The media's description. Will be sanitized.
* @param string &$filename Will be given the file's filename.
* @param string &$extension Will be given the file's extension.
* @param string &$tags Comma separate string of tags. Will be given an array of tag names.
* @return array A status array, where the 'status' index is the status code of the operation, and the 'response' index is a string describing the status.
*/
private static function collect_file_data($file, &$title, &$description, &$filename, &$extension, &$tags)
{
global $IMAGE_TYPES;
$media_info = pathinfo($file['name']);
$extension = sanitize_for_filename($media_info['extension']);
// If we don't support the given format, return an error status
if (!in_array($extension, $IMAGE_TYPES)) {
return array('status' => STATUS_INVALID_FORMAT, 'response' => "{$extension} is not a supported format.");
}
$filename = $title ? $title : $media_info['filename'];
$filename = sanitize_for_filename($filename);
$filename = get_unique_filename(UPLOADS_DIR, "{$filename}.{$extension}");
$title = trim($title) ? trim($title) : DEFAULT_TITLE;
$title = sanitize_for_html($title);
$description = trim($description) ? trim($description) : DEFAULT_DESCRIPTION;
$description = sanitize_for_html($description);
$tags = explode(',', $tags);
return array('status' => STATUS_OK, 'response' => 'File data successfully collected.');
}
$done = 1;
$upperdir = substr($dir, 0, strrpos($dir, "/"));
$_SESSION["TFU_DIR"] = $upperdir;
} else {
$error = 4;
}
}
}
}
} else {
foreach ($file as $ff) {
$total++;
$dest = $folder . "/" . basename($ff);
if ($_GET['type'] == 'c') {
if ($folder == $dir) {
$u_file = get_unique_filename($folder, basename($ff));
$dest = $folder . "/" . $u_file;
}
if (file_exists($dest) && $overwrite == "false") {
// if file exists and not overwrite = error
$exists++;
} else {
if (@copy($ff, $dest)) {
$done++;
} else {
$error++;
}
}
} else {
if (file_exists($dest) && $overwrite) {
@unlink($dest);
/**
*/
function _insert_or_update_item_attributes($item_id, $instance_no, $s_item_type, $s_attribute_type, $order_no, $attribute_val_r, $file_r = NULL)
{
$is_lookup_attribute_type = is_lookup_attribute_type($s_attribute_type);
$attribute_val_r = validate_attribute_val_r($attribute_val_r, $is_lookup_attribute_type);
// if not instance item attribute, then discard the $instance_no
if (!is_instance_item_attribute_type($s_item_type, $s_attribute_type)) {
$instance_no = NULL;
}
$is_file_resource_attribute_type = is_file_resource_attribute_type($s_attribute_type);
if (db_query("LOCK TABLES item_attribute WRITE, item_attribute AS ia READ, s_attribute_type AS sat READ")) {
$item_attribute_type_rs = fetch_arrayof_item_attribute_rs($item_id, $instance_no, $s_attribute_type, $order_no);
// if same number of attributes, then we can perform an update only.
if (count($item_attribute_type_rs) > 0 && count($item_attribute_type_rs) == count($attribute_val_r)) {
$op = 'update';
} else {
if (count($item_attribute_type_rs) == 0 || delete_item_attributes($item_id, $instance_no, $s_attribute_type, $order_no)) {
$op = 'insert';
} else {
// if this occurs then the delete_item_attributes function returned FALSE, and that failure would have been logged.
db_query("UNLOCK TABLES");
return FALSE;
}
}
// if there is actually something to insert at this point.
if (count($attribute_val_r) > 0) {
$file_attributes_r = NULL;
for ($i = 0; $i < count($attribute_val_r); $i++) {
$attribute_no = $i + 1;
if ($is_lookup_attribute_type) {
if ($op == 'insert') {
insert_item_attribute($item_id, $instance_no, $s_attribute_type, $order_no, $attribute_no, $attribute_val_r[$i], NULL);
} else {
if ($item_attribute_type_rs[$i]['lookup_attribute_val'] != $attribute_val_r[$i]) {
update_item_attribute($item_id, $instance_no, $s_attribute_type, $order_no, $attribute_no, $attribute_val_r[$i], NULL);
}
}
} else {
if ($is_file_resource_attribute_type) {
if (is_array($file_r) && is_uploaded_file($file_r['tmp_name'])) {
if ($item_attribute_type_rs[$i]['attribute_val'] != $attribute_val_r[$i] && is_exists_upload_file_item_attribute($attribute_val_r[$i])) {
$attribute_val_r[$i] = get_unique_filename($attribute_val_r[$i]);
}
if (!save_uploaded_file($file_r['tmp_name'], $attribute_val_r[$i])) {
$attribute_val_r[$i] = NULL;
}
$file_attributes_rs[] = array('file_attribute_ind' => 'Y', 'attribute_no' => $attribute_no, 'attribute_val' => $attribute_val_r[$i]);
} else {
$file_attributes_rs[] = array('attribute_no' => $attribute_no, 'attribute_val' => $attribute_val_r[$i]);
}
}
if (strlen($attribute_val_r[$i]) > 0) {
if ($op == 'insert') {
insert_item_attribute($item_id, $instance_no, $s_attribute_type, $order_no, $attribute_no, NULL, $attribute_val_r[$i]);
} else {
if ($item_attribute_type_rs[$i]['attribute_val'] != $attribute_val_r[$i]) {
update_item_attribute($item_id, $instance_no, $s_attribute_type, $order_no, $attribute_no, NULL, $attribute_val_r[$i]);
}
}
}
}
}
db_query("UNLOCK TABLES");
if (is_array($file_attributes_rs)) {
while (list(, $file_attribute_r) = each($file_attributes_rs)) {
file_cache_insert_file($file_attribute_r['attribute_val'], NULL, NULL, NULL, 'ITEM', $file_attribute_r['file_attribute_ind'] == 'Y');
}
}
} else {
db_query("UNLOCK TABLES");
}
return TRUE;
} else {
opendb_logger(OPENDB_LOG_ERROR, __FILE__, __FUNCTION__, db_error(), array($item_id, $instance_no, $s_item_type, $s_attribute_type, $order_no, $attribute_val_r, $file_r));
return FALSE;
}
}
<?php
include_once 'application.php';
if (!empty($_FILES)) {
$new_folder = $defaultsarray['base_path'] . "uploads/";
$def_access = $defaultsarray['default_attachment_access_level'];
if (!file_exists($new_folder)) {
mkdir($new_folder);
}
$file_ext = get_file_ext($_FILES['Filedata']['name']);
$new_filename = get_unique_filename($new_folder, $_FILES['Filedata']['name']);
$curdate = 0;
if (move_uploaded_file($_FILES['Filedata']['tmp_name'], $new_folder . $new_filename)) {
$curdate = mrr_pull_image_created_date($new_folder . $new_filename);
$rslt = 1;
} else {
$rslt = 0;
}
$user_id = 0;
$store_id = 0;
$merchant_id = 0;
if (isset($_SESSION['user_id'])) {
$user_id = $_SESSION['user_id'];
}
if (isset($_SESSION['store_id'])) {
$store_id = $_SESSION['store_id'];
}
if (isset($_SESSION['merchant_id'])) {
$merchant_id = $_SESSION['merchant_id'];
}
//log that file was uploaded...
