Exemplo n.º 1
0
<?php

// *************************************** Subpage: ADD FILE
// ----- METHOD ADD FILE
if ($media_method == 'add_file') {
    if (rex_post('save', 'boolean') || rex_post('saveandexit', 'boolean')) {
        if ($_FILES['file_new']['name'] != '' && $_FILES['file_new']['name'] != 'none') {
            if (!rex_mediapool_isAllowedMediaType($_FILES['file_new']['name'], rex_post('args', 'array'))) {
                $warning = $I18N->msg('pool_file_mediatype_not_allowed') . ' <var>.' . OOMedia::_getExtension($_FILES['file_new']['name'] . '</var>');
                $whitelist = rex_mediapool_getMediaTypeWhitelist(rex_post('args', 'array'));
                $warning .= count($whitelist) > 0 ? '<br />' . $I18N->msg('pool_file_allowed_mediatypes') . ' <var>' . rtrim(implode('</var> <var>', $whitelist), ', ') . '</var>' : '<br />' . $I18N->msg('pool_file_banned_mediatypes') . ' <var>' . rtrim(implode('</var> <var>', rex_mediapool_getMediaTypeBlacklist()), ', ') . '</var>';
            } else {
                $FILEINFOS['title'] = rex_request('ftitle', 'string');
                if (!$PERMALL && !$REX['USER']->hasPerm("media[{$rex_file_category}]")) {
                    $rex_file_category = 0;
                }
                // function in function.rex_mediapool.inc.php
                $return = rex_mediapool_saveMedia($_FILES['file_new'], $rex_file_category, $FILEINFOS, $REX['USER']->getValue('login'));
                if ($return['ok']) {
                    $info = $return['msg'];
                    $subpage = '';
                }
                // ----- EXTENSION POINT
                if ($return['ok'] == 1) {
                    rex_register_extension_point('MEDIA_ADDED', '', $return);
                }
                if (rex_post('saveandexit', 'boolean') && $return['ok'] == 1) {
                    $file_name = $return['filename'];
                    $ffiletype = $return['type'];
                    $title = $return['title'];
                    if ($opener_input_field == 'TINYIMG') {
Exemplo n.º 2
0
/**
 * check if mediatpye(extension) is allowed for upload.
 *
 * @param string $filename
 * @param array  $args
 *
 * @return bool
 */
function rex_mediapool_isAllowedMediaType($filename, array $args = [])
{
    $file_ext = rex_file::extension($filename);
    if ($filename === '' || strpos($file_ext, ' ') !== false || $file_ext === '') {
        return false;
    }
    $blacklist = rex_mediapool_getMediaTypeBlacklist();
    $whitelist = rex_mediapool_getMediaTypeWhitelist($args);
    if (in_array($file_ext, $blacklist)) {
        return false;
    }
    if (count($whitelist) > 0 && !in_array($file_ext, $whitelist)) {
        return false;
    }
    return true;
}