/**
* Handle the calendar image upload
*
* @param string $id unique form id
*
* @return string image path
*/
function _handleUpload($fieldName, $id)
{
$tup = self::getTemporaryUploadPath($fieldName, $id);
$tmpUploadDir = \Env::get('cx')->getWebsitePath() . $tup[1] . '/' . $tup[2] . '/';
//all the files uploaded are in here
$depositionTarget = $this->uploadImgPath;
//target folder
$pic = '';
//move all files
if (!\Cx\Lib\FileSystem\FileSystem::exists($tmpUploadDir)) {
throw new \Exception("could not find temporary upload directory '{$tmpUploadDir}'");
}
$h = opendir($tmpUploadDir);
if ($h) {
while (false !== ($f = readdir($h))) {
// skip folders and thumbnails
if ($f == '..' || $f == '.' || preg_match("/(?:\\.(?:thumb_thumbnail|thumb_medium|thumb_large)\\.[^.]+\$)|(?:\\.thumb)\$/i", $f)) {
continue;
}
//do not overwrite existing files.
$prefix = '';
while (file_exists($depositionTarget . $prefix . $f)) {
if (empty($prefix)) {
$prefix = 0;
}
$prefix++;
}
// move file
try {
$objFile = new \Cx\Lib\FileSystem\File($tmpUploadDir . $f);
$fileInfo = pathinfo($tmpUploadDir . $f);
$objFile->move($depositionTarget . $prefix . $f, false);
$imageName = $prefix . $f;
if (in_array($fileInfo['extension'], array('gif', 'jpg', 'jpeg', 'png'))) {
$objImage = new \ImageManager();
$objImage->_createThumb($this->uploadImgPath, $this->uploadImgWebPath, $imageName, 180);
}
$pic = contrexx_input2raw($this->uploadImgWebPath . $imageName);
// abort after one file has been fetched, as all event upload
// fields do allow a single file only anyway
break;
} catch (\Cx\Lib\FileSystem\FileSystemException $e) {
\DBG::msg($e->getMessage());
}
}
}
return $pic;
}
/**
* Handle uploads
* @see Contact::_uploadFilesLegacy()
* @param array $arrFields
* @param boolean move should the files be moved or
* do we just want an array of filenames?
* defaults to false. no effect in legacy mode.
* @return array A list of files that have been stored successfully in the system
*/
protected function _uploadFiles($arrFields, $move = false)
{
/* the field unique_id has been introduced with the new uploader.
* it helps us to tell whether we're handling an form generated
* before the new uploader using the classic input fields or
* if we have to treat the files already uploaded by the uploader.
*/
if ($this->legacyMode) {
//legacy function for old uploader
return $this->_uploadFilesLegacy($arrFields);
} else {
//new uploader used
if (!$this->hasFileField) {
//nothing to do for us, no files
return array();
}
$arrFiles = array();
//we'll collect name => path of all files here and return this
$documentRootPath = \Env::get('cx')->getWebsiteDocumentRootPath();
foreach ($arrFields as $fieldId => $arrField) {
// skip non-upload fields
if (!in_array($arrField['type'], array('file', 'multi_file'))) {
continue;
}
$tup = self::getTemporaryUploadPath($this->submissionId, $fieldId);
$tmpUploadDir = $tup[1] . '/' . $tup[2] . '/';
//all the files uploaded are in here
$depositionTarget = "";
//target folder
//on the first call, _uploadFiles is called with move=false.
//this is done in order to get an array of the moved files' names, but
//the files are left in place.
//the second call is done with move=true - here we finally move the
//files.
//
//the target folder is created in the first call, because if we can't
//create the folder, the target path is left pointing at the path
//specified by $arrSettings['fileUploadDepositionPath'].
//
//to remember the target folder for the second call, it is stored in
//$this->depositionTarget.
if (!$move) {
//first call - create folder
//determine where form uploads are stored
$arrSettings = $this->getSettings();
$depositionTarget = $arrSettings['fileUploadDepositionPath'] . '/';
//find an unique folder name for the uploaded files
$folderName = date("Ymd") . '_' . $fieldId;
$suffix = "";
if (file_exists($documentRootPath . $depositionTarget . $folderName)) {
$suffix = 1;
while (file_exists($documentRootPath . $depositionTarget . $folderName . '-' . $suffix)) {
$suffix++;
}
$suffix = '-' . $suffix;
}
$folderName .= $suffix;
//try to make the folder and change target accordingly on success
if (\Cx\Lib\FileSystem\FileSystem::make_folder($documentRootPath . $depositionTarget . $folderName)) {
\Cx\Lib\FileSystem\FileSystem::makeWritable($documentRootPath . $depositionTarget . $folderName);
$depositionTarget .= $folderName . '/';
}
$this->depositionTarget[$fieldId] = $depositionTarget;
} else {
$depositionTarget = $this->depositionTarget[$fieldId];
}
//move all files
if (!\Cx\Lib\FileSystem\FileSystem::exists($tmpUploadDir)) {
throw new \Cx\Core_Modules\Contact\Controller\ContactException("could not find temporary upload directory '{$tmpUploadDir}'");
}
$h = opendir(\Env::get('cx')->getWebsitePath() . $tmpUploadDir);
while (false !== ($f = readdir($h))) {
if ($f != '..' && $f != '.') {
//do not overwrite existing files.
$prefix = '';
while (file_exists($documentRootPath . $depositionTarget . $prefix . $f)) {
if (empty($prefix)) {
$prefix = 0;
}
$prefix++;
}
if ($move) {
// move file
try {
$objFile = new \Cx\Lib\FileSystem\File($tmpUploadDir . $f);
$objFile->move($documentRootPath . $depositionTarget . $prefix . $f, false);
} catch (\Cx\Lib\FileSystem\FileSystemException $e) {
\DBG::msg($e->getMessage());
}
}
$arrFiles[$fieldId][] = array('name' => $f, 'path' => $depositionTarget . $prefix . $f);
}
}
}
//cleanup
//TODO: this does not work for certain reloads - add cleanup routine
//@rmdir($tmpUploadDir);
return $arrFiles;
}
}
/**
* Process upload form
*
* @global array $_ARRAYLANG
* @return boolean true if file uplod successfully and false if it failed
*/
private function processFormUpload()
{
global $_ARRAYLANG;
$objSession = \cmsSession::getInstance();
$uploaderId = isset($_POST['media_upload_file']) ? contrexx_input2raw($_POST['media_upload_file']) : 0;
if (empty($uploaderId)) {
return false;
}
$tempPath = $objSession->getTempPath() . '/' . contrexx_input2raw($uploaderId);
if (!\Cx\Lib\FileSystem\FileSystem::exists($tempPath)) {
return false;
}
$errorMsg = array();
foreach (glob($tempPath . '/*') as $file) {
$i = 0;
$fileName = basename($file);
$path = $tempPath . '/' . $fileName;
$file = $this->path . $fileName;
$arrFile = pathinfo($file);
while (file_exists($file)) {
$suffix = '-' . (time() + ++$i);
$file = $this->path . $arrFile['filename'] . $suffix . '.' . $arrFile['extension'];
}
if (!\FWValidator::is_file_ending_harmless($path)) {
$errorMsg[] = sprintf($_ARRAYLANG['TXT_MEDIA_FILE_EXTENSION_NOT_ALLOWED'], htmlentities($fileName, ENT_QUOTES, CONTREXX_CHARSET));
continue;
}
try {
$objFile = new \Cx\Lib\FileSystem\File($path);
$objFile->move($file, false);
$fileObj = new \File();
$fileObj->setChmod($this->path, $this->webPath, basename($file));
} catch (\Cx\Lib\FileSystem\FileSystemException $e) {
\DBG::msg($e->getMessage());
$errorMsg[] = sprintf($_ARRAYLANG['TXT_MEDIA_FILE_UPLOAD_FAILED'], htmlentities($fileName, ENT_QUOTES, CONTREXX_CHARSET));
}
}
if (!empty($errorMsg)) {
$this->_strErrorMessage = explode('<br>', $errorMsg);
return false;
}
$this->_strOkMessage = $_ARRAYLANG['TXT_MEDIA_FILE_UPLOADED_SUCESSFULLY'];
return true;
}
/**
* Upload Finished callback
*
* This is called as soon as uploads have finished.
* takes care of moving them to the right folder
*
* @param string $tempPath Path to the temporary directory containing the files at this moment
* @param string $tempWebPath Points to the same folder as tempPath, but relative to the webroot
* @param array $data Data given to setData() when creating the uploader
* @param string $uploadId unique session id for the current upload
* @param array $fileInfos uploaded file informations
* @param array $response uploaded status
*
* @return array path and webpath
*/
public static function uploadFinished($tempPath, $tempWebPath, $data, $uploadId, $fileInfos, $response)
{
$path = $data['path'];
$webPath = $data['webPath'];
$objCategory = Category::getCategory($data['category_id']);
// check for sufficient permissions
if ($objCategory->getAddFilesAccessId() && !\Permission::checkAccess($objCategory->getAddFilesAccessId(), 'dynamic', true) && $objCategory->getOwnerId() != \FWUser::getFWUserObject()->objUser->getId()) {
return;
}
//we remember the names of the uploaded files here. they are stored in the session afterwards,
//so we can later display them highlighted.
$arrFiles = array();
$uploadFiles = array();
//rename files, delete unwanted
$arrFilesToRename = array();
//used to remember the files we need to rename
$h = opendir($tempPath);
if (!$h) {
return array($path, $webPath);
}
while (false !== ($file = readdir($h))) {
//skip . and ..
if ($file == '.' || $file == '..') {
continue;
}
try {
//delete potentially malicious files
$objTempFile = new \Cx\Lib\FileSystem\File($tempPath . '/' . $file);
if (!\FWValidator::is_file_ending_harmless($file)) {
$objTempFile->delete();
continue;
}
$cleanFile = \Cx\Lib\FileSystem\FileSystem::replaceCharacters($file);
if ($cleanFile != $file) {
$objTempFile->rename($tempPath . '/' . $cleanFile, false);
$file = $cleanFile;
}
$info = pathinfo($file);
//check if file needs to be renamed
$newName = '';
$suffix = '';
if (file_exists($path . '/' . $file)) {
$suffix = '_' . time();
$newName = $info['filename'] . $suffix . '.' . $info['extension'];
$arrFilesToRename[$file] = $newName;
array_push($arrFiles, $newName);
}
if (!isset($arrFilesToRename[$file])) {
array_push($uploadFiles, $file);
}
//rename files where needed
foreach ($arrFilesToRename as $oldName => $newName) {
$objTempFile = new \Cx\Lib\FileSystem\File($tempPath . '/' . $oldName);
$objTempFile->rename($tempPath . '/' . $newName, false);
array_push($uploadFiles, $newName);
}
//move file from temp path into target folder
$objImage = new \ImageManager();
foreach ($uploadFiles as $fileName) {
$objFile = new \Cx\Lib\FileSystem\File($tempPath . '/' . $fileName);
$objFile->move($path . '/' . $fileName, false);
\Cx\Core\Core\Controller\Cx::instanciate()->getMediaSourceManager()->getThumbnailGenerator()->createThumbnailFromPath($path . '/' . $fileName);
}
} catch (\Cx\Lib\FileSystem\FileSystemException $e) {
\DBG::msg($e->getMessage());
}
$objDownloads = new downloads('');
$objDownloads->addDownloadFromUpload($info['filename'], $info['extension'], $suffix, $objCategory, $objDownloads, $fileInfos['name']);
}
return array($path, $webPath);
}
protected function moveModel($sourceFolder, $destinationFolder, $force = false)
{
$sourceDirectory = new \RecursiveDirectoryIterator($sourceFolder);
$sourceDirectoryIterator = new \RecursiveIteratorIterator($sourceDirectory);
$sourceDirectoryRegexIterator = new \RegexIterator($sourceDirectoryIterator, '/^.+\\.php$/i', \RegexIterator::GET_MATCH);
$retVal = true;
// foreach model class
foreach ($sourceDirectoryRegexIterator as $sourceFile) {
// move to correct location and add .class ending if necessary
$sourceFile = current($sourceFile);
$sourceFile = str_replace('\\', '/', $sourceFile);
$parts = explode('/Cx/', $sourceFile);
$destinationFile = $destinationFolder . '/' . end($parts);
$destinationFile = preg_replace_callback('#(' . $destinationFolder . '/)(Core(?:_Modules)?|Modules)#', function ($matches) {
return $matches[1] . strtolower($matches[2]);
}, $destinationFile);
$destinationFile = preg_replace('/(?!\\.class)\\.php$/', '.class.php', $destinationFile);
if (!$force && file_exists($destinationFile)) {
$retVal = false;
continue;
}
try {
$objFile = new \Cx\Lib\FileSystem\File($sourceFile);
$objFile->move($destinationFile, $force);
} catch (\Cx\Lib\FileSystem\FileSystemException $e) {
throw $e;
}
// if the moved file is an entity class
if (strpos($destinationFile, '/Model/Entity/')) {
$contents = file_get_contents($destinationFile);
// and there is no extends statement yet
$regex = '/(class\\s*(:?[a-zA-Z0-9_]*))\\s*\\{/m';
if (!preg_match($regex, $contents)) {
return $retVal;
}
// add extends statement for base entity
$contents = preg_replace($regex, '$1 extends \\Cx\\Model\\Base\\EntityBase {', $contents);
file_put_contents($destinationFile, $contents);
}
}
return $retVal;
}
/**
* Move the uploaded image to destination path from the temp path
*
* @return mixed $status | false
*/
public function uploadPicture()
{
$status = "";
$path = "pictures/";
//check file array
$uploaderId = isset($_POST['marketUploaderId']) ? contrexx_input2raw($_POST['marketUploaderId']) : 0;
$fileName = isset($_POST['uploadImage']) ? contrexx_input2raw($_POST['uploadImage']) : 0;
if (empty($uploaderId) || empty($fileName)) {
return false;
}
//get file info
$objSession = \cmsSession::getInstance();
$tmpFile = $objSession->getTempPath() . '/' . $uploaderId . '/' . $fileName;
if (!\Cx\Lib\FileSystem\FileSystem::exists($tmpFile)) {
return false;
}
if ($fileName != '' && \FWValidator::is_file_ending_harmless($fileName)) {
//check extension
$info = pathinfo($fileName);
$exte = $info['extension'];
$exte = !empty($exte) ? '.' . $exte : '';
$part1 = substr($fileName, 0, strlen($fileName) - strlen($exte));
$rand = rand(10, 99);
$fileName = md5($rand . $fileName) . $exte;
//check file
// TODO: $x is not defined
$x = 0;
if (file_exists($this->mediaPath . $path . $fileName)) {
$fileName = $rand . $part1 . '_' . (time() + $x) . $exte;
$fileName = md5($fileName) . $exte;
}
//Move the uploaded file to the path specified in the variable $this->mediaPath
try {
$objFile = new \Cx\Lib\FileSystem\File($tmpFile);
if ($objFile->move($this->mediaPath . $path . $fileName, false)) {
$objFile = new \File();
$objFile->setChmod($this->mediaPath, $this->mediaWebPath, $path . $fileName);
$status = $fileName;
} else {
$status = "error";
}
} catch (\Cx\Lib\FileSystem\FileSystemException $e) {
\DBG::msg($e->getMessage());
}
} else {
$status = "error";
}
return $status;
}
/**
* Upload a file to be associated with a product in the cart
* @param string $fileName upload file name
*
* @return string The file name on success,
* the empty string otherwise
* @author Reto Kohli <*****@*****.**>
* @static
*/
static function uploadFile($fileName)
{
global $_ARRAYLANG;
$uploaderId = isset($_REQUEST['productOptionsUploaderId']) ? contrexx_input2raw($_REQUEST['productOptionsUploaderId']) : '';
if (empty($uploaderId) || empty($fileName)) {
return '';
}
$cx = \Cx\Core\Core\Controller\Cx::instanciate();
$objSession = $cx->getComponent('Session')->getSession();
$tmpFile = $objSession->getTempPath() . '/' . $uploaderId . '/' . $fileName;
if (!\Cx\Lib\FileSystem\FileSystem::exists($tmpFile)) {
return '';
}
$originalFileName = $fileName;
$arrMatch = array();
$filename = '';
$fileext = '';
if (preg_match('/(.+)(\\.[^.]+)/', $originalFileName, $arrMatch)) {
$filename = $arrMatch[1];
$fileext = $arrMatch[2];
} else {
$filename = $originalFileName;
}
if ($fileext == '.jpg' || $fileext == '.gif' || $fileext == '.png') {
$newFileName = $filename . '[' . uniqid() . ']' . $fileext;
$newFilePath = Order::UPLOAD_FOLDER . $newFileName;
//Move the uploaded file to the path specified in the variable $newFilePath
try {
$objFile = new \Cx\Lib\FileSystem\File($tmpFile);
if ($objFile->move(\Cx\Core\Core\Controller\Cx::instanciate()->getWebsiteDocumentRootPath() . '/' . $newFilePath, false)) {
return $newFileName;
} else {
\Message::error($_ARRAYLANG['TXT_SHOP_ERROR_UPLOADING_FILE']);
}
} catch (\Cx\Lib\FileSystem\FileSystemException $e) {
\DBG::msg($e->getMessage());
}
} else {
\Message::error(sprintf($_ARRAYLANG['TXT_SHOP_ERROR_WRONG_FILETYPE'], $fileext));
}
return '';
}
function renameCustomizingFile($file)
{
global $_CONFIG;
$cxFilePath = dirname(substr($file, strlen(ASCMS_DOCUMENT_ROOT)));
if ($cxFilePath == '/') {
$cxFilePath = '';
}
$customizingPath = ASCMS_DOCUMENT_ROOT . '/customizing' . $cxFilePath;
$customizingFile = $customizingPath . '/' . basename($file);
if (file_exists($customizingFile)) {
$customizingFile .= "_" . $_CONFIG['coreCmsVersion'];
$suffix = '';
$idx = 0;
while (file_exists($customizingFile . $suffix)) {
$idx++;
$suffix = '_' . $idx;
}
$customizingFile .= $suffix;
} else {
return true;
}
try {
$objFile = new \Cx\Lib\FileSystem\File($file);
$objFile->move($customizingFile);
} catch (\Exception $e) {
setUpdateMsg('Error on renaming customizing file:<br />' . $file);
setUpdateMsg('Error: ' . $e->getMessage());
setUpdateMsg('<br />Häufigste Ursache dieses Problems ist, dass zur Ausführung dieses Vorgangs die benötigten Schreibrechte nicht vorhanden sind. Prüfen Sie daher, ob die FTP-Konfiguration in der Datei <strong>config/configuration.php</strong> korrekt eingerichtet ist.');
return false;
}
return true;
}
/**
* Upload the media files
*
* @param string $fileName name of the media file
* @param string $path folder path
* @param string $uploaderId uploader id
*
* @return string $status name of the uploaded file / error
*/
function uploadMedia($fileName, $path, $uploaderId)
{
if (empty($uploaderId) || empty($fileName)) {
return 'error';
}
$cx = \Cx\Core\Core\Controller\Cx::instanciate();
$objSession = $cx->getComponent('Session')->getSession();
$tempPath = $objSession->getTempPath() . '/' . $uploaderId . '/' . $fileName;
//Check the uploaded file exists in /tmp folder
if (!\Cx\Lib\FileSystem\FileSystem::exists($tempPath)) {
//If the file still exists in the mediaPath then return the filename
if (\Cx\Lib\FileSystem\FileSystem::exists($this->mediaPath . $path . $fileName)) {
return $fileName;
}
return 'error';
}
$info = pathinfo($fileName);
$exte = $info['extension'];
$extension = !empty($exte) ? '.' . $exte : '';
$file = substr($fileName, 0, strlen($fileName) - strlen($extension));
$rand = rand(10, 99);
$arrSettings = $this->getSettings();
if ($arrSettings['encodeFilename']['value'] == 1) {
$fileName = md5($rand . $file) . $extension;
}
//Rename the file if the filename already exists
while (\Cx\Lib\FileSystem\FileSystem::exists($this->mediaPath . $path . $fileName)) {
$fileName = $file . '_' . time() . $extension;
}
$filePath = $this->mediaPath . $path . $fileName;
if (!\FWValidator::is_file_ending_harmless($filePath)) {
return 'error';
}
//Move the file from /tmp folder into mediaPath and set the permission
try {
$objFile = new \Cx\Lib\FileSystem\File($tempPath);
if ($objFile->move($filePath, false)) {
$fileObj = new \File();
$fileObj->setChmod($this->mediaPath, $this->mediaWebPath, $path . $fileName);
$status = $fileName;
}
} catch (\Cx\Lib\FileSystem\FileSystemException $e) {
\DBG::msg($e->getMessage());
$status = 'error';
}
//make the thumb
if (($exte == "gif" || $exte == "jpeg" || $exte == "jpg" || $exte == "png") && $path != "uploads/") {
$this->createThumb($fileName, $path);
}
return $status;
}
