Exemplo n.º 1
0
/**
* Upload new topic icon, replaces previous icon if one exists
*
* @param    string  tid     ID of topic to prepend to filename
* @return   string          filename of new photo (empty = no new photo)
*
*/
function handleIconUpload($tid)
{
    global $_CONF, $_TABLES, $LANG27;
    require_once $_CONF['path_system'] . 'classes/upload.class.php';
    $upload = new upload();
    if (!empty($_CONF['image_lib'])) {
        if ($_CONF['image_lib'] == 'imagemagick') {
            // Using imagemagick
            $upload->setMogrifyPath($_CONF['path_to_mogrify']);
        } elseif ($_CONF['image_lib'] == 'netpbm') {
            // using netPBM
            $upload->setNetPBM($_CONF['path_to_netpbm']);
        } elseif ($_CONF['image_lib'] == 'gdlib') {
            // using the GD library
            $upload->setGDLib();
        }
        $upload->setAutomaticResize(true);
        if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
            $upload->setLogFile($_CONF['path'] . 'logs/error.log');
            $upload->setDebug(true);
        }
        if (isset($_CONF['jpeg_quality'])) {
            $upload->setJpegQuality($_CONF['jpeg_quality']);
        }
    }
    $upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
    if (!$upload->setPath($_CONF['path_images'] . 'topics')) {
        $display = COM_siteHeader('menu', $LANG27[29]);
        $display .= COM_startBlock($LANG27[29], '', COM_getBlockTemplate('_msg_block', 'header'));
        $display .= $upload->printErrors(false);
        $display .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
        $display .= COM_siteFooter();
        COM_output($display);
        exit;
        // don't return
    }
    $filename = '';
    // see if user wants to upload a (new) icon
    $newicon = $_FILES['newicon'];
    if (!empty($newicon['name'])) {
        $pos = strrpos($newicon['name'], '.') + 1;
        $fextension = substr($newicon['name'], $pos);
        $filename = 'topic_' . $tid . '.' . $fextension;
    }
    // do the upload
    if (!empty($filename)) {
        $upload->setFileNames($filename);
        $upload->setPerms('0644');
        if ($_CONF['max_topicicon_width'] > 0 && $_CONF['max_topicicon_height'] > 0) {
            $upload->setMaxDimensions($_CONF['max_topicicon_width'], $_CONF['max_topicicon_height']);
        } else {
            $upload->setMaxDimensions($_CONF['max_image_width'], $_CONF['max_image_height']);
        }
        if ($_CONF['max_topicicon_size'] > 0) {
            $upload->setMaxFileSize($_CONF['max_topicicon_size']);
        } else {
            $upload->setMaxFileSize($_CONF['max_image_size']);
        }
        $upload->uploadFiles();
        if ($upload->areErrors()) {
            $display = COM_siteHeader('menu', $LANG27[29]);
            $display .= COM_startBlock($LANG27[29], '', COM_getBlockTemplate('_msg_block', 'header'));
            $display .= $upload->printErrors(false);
            $display .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
            $display .= COM_siteFooter();
            COM_output($display);
            exit;
            // don't return
        }
        $filename = '/images/topics/' . $filename;
    }
    return $filename;
}
Exemplo n.º 2
0
 public function testSetMaxDimensionsNotNumeric()
 {
     $this->assertFalse($this->up->setMaxDimensions('Hello', 'world'));
 }
Exemplo n.º 3
0
function CLASSIFIEDS_saveImage($ad, $FILES, $clid)
{
    global $_CONF, $_CLASSIFIEDS_CONF, $_TABLES, $LANG24;
    $args =& $ad;
    // Handle Magic GPC Garbage:
    while (list($key, $value) = each($args)) {
        if (!is_array($value)) {
            $args[$key] = COM_stripslashes($value);
        } else {
            while (list($subkey, $subvalue) = each($value)) {
                $value[$subkey] = COM_stripslashes($subvalue);
            }
        }
    }
    // Delete any images if needed
    if (array_key_exists('delete', $args)) {
        $delete = count($args['delete']);
        for ($i = 1; $i <= $delete; $i++) {
            $pi_filename = DB_getItem($_TABLES['cl_pic'], 'pi_filename', 'pi_pid = ' . $clid . ' AND pi_img_num = ' . key($args['delete']));
            CLASSIFIEDS_deleteImage($pi_filename);
            DB_query("DELETE FROM {$_TABLES['cl_pic']} WHERE pi_pid = " . $clid . " AND pi_img_num = " . key($args['delete']));
            next($args['delete']);
        }
    }
    // OK, let's upload any pictures with the ad
    if (DB_count($_TABLES['cl_pic'], 'pi_pid', $clid) > 0) {
        $index_start = DB_getItem($_TABLES['cl_pic'], 'max(pi_img_num)', "pi_pid = '" . $clid . "'") + 1;
    } else {
        $index_start = 1;
    }
    if (count($FILES) > 0 and $_CLASSIFIEDS_CONF['max_images_per_ad'] > 0) {
        require_once $_CONF['path_system'] . 'classes/upload.class.php';
        $upload = new upload();
        //Debug with story debug function
        if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
            $upload->setLogFile($_CONF['path'] . 'logs/error.log');
            $upload->setDebug(true);
        }
        $upload->setMaxFileUploads($_CLASSIFIEDS_CONF['max_images_per_ad']);
        if (!empty($_CONF['image_lib'])) {
            if ($_CONF['image_lib'] == 'imagemagick') {
                // Using imagemagick
                $upload->setMogrifyPath($_CONF['path_to_mogrify']);
            } elseif ($_CONF['image_lib'] == 'netpbm') {
                // using netPBM
                $upload->setNetPBM($_CONF['path_to_netpbm']);
            } elseif ($_CONF['image_lib'] == 'gdlib') {
                // using the GD library
                $upload->setGDLib();
            }
            $upload->setAutomaticResize(true);
            $upload->keepOriginalImage(false);
            if (isset($_CONF['jpeg_quality'])) {
                $upload->setJpegQuality($_CONF['jpeg_quality']);
            }
        }
        $upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
        if (!$upload->setPath($_CLASSIFIEDS_CONF['path_images'])) {
            $output = COM_siteHeader('menu', $LANG24[30]);
            $output .= COM_startBlock($LANG24[30], '', COM_getBlockTemplate('_msg_block', 'header'));
            $output .= $upload->printErrors(false);
            $output .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
            $output .= COM_siteFooter();
            echo $output;
            exit;
        }
        // NOTE: if $_CONF['path_to_mogrify'] is set, the call below will
        // force any images bigger than the passed dimensions to be resized.
        // If mogrify is not set, any images larger than these dimensions
        // will get validation errors
        $upload->setMaxDimensions($_CLASSIFIEDS_CONF['max_image_width'], $_CLASSIFIEDS_CONF['max_image_height']);
        $upload->setMaxFileSize($_CLASSIFIEDS_CONF['max_image_size']);
        // size in bytes, 1048576 = 1MB
        // Set file permissions on file after it gets uploaded (number is in octal)
        $upload->setPerms('0644');
        $filenames = array();
        $end_index = $index_start + $upload->numFiles() - 1;
        for ($z = $index_start; $z <= $end_index; $z++) {
            $curfile = current($FILES);
            if (!empty($curfile['name'])) {
                $pos = strrpos($curfile['name'], '.') + 1;
                $fextension = substr($curfile['name'], $pos);
                $filenames[] = $clid . '_' . $z . '.' . $fextension;
            }
            next($FILES);
        }
        $upload->setFileNames($filenames);
        reset($FILES);
        $upload->uploadFiles();
        if ($upload->areErrors()) {
            $retval = COM_siteHeader('menu', $LANG24[30]);
            $retval .= COM_startBlock($LANG24[30], '', COM_getBlockTemplate('_msg_block', 'header'));
            $retval .= $upload->printErrors(false);
            $retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
            $retval .= COM_siteFooter();
            echo $retval;
            exit;
        }
        reset($filenames);
        for ($z = $index_start; $z <= $end_index; $z++) {
            DB_query("INSERT INTO {$_TABLES['cl_pic']} (pi_pid, pi_img_num, pi_filename) VALUES ('" . $clid . "', {$z}, '" . current($filenames) . "')");
            next($filenames);
        }
    }
    return true;
}
Exemplo n.º 4
0
function addDownload()
{
    global $_CONF, $_USER, $_TABLES, $filemgmt_FileStoreURL, $filemgmt_FileSnapURL, $filemgmt_FileStore, $filemgmt_SnapStore;
    global $myts, $eh, $_FMDOWNLOAD, $filemgmtFilePermissions;
    if (defined('DEMO_MODE')) {
        redirect_header($_CONF['site_url'] . "/index.php", 10, 'Uploads are disabled in demo mode');
        exit;
    }
    $title = $myts->makeTboxData4Save($_POST['title']);
    $homepage = $myts->makeTboxData4Save($_POST['homepage']);
    $version = $myts->makeTboxData4Save($_POST['version']);
    $description = $myts->makeTareaData4Save($_POST['description']);
    $commentoption = $_POST['commentoption'];
    $fileurl = COM_applyFilter($_POST['fileurl']);
    $submitter = $_USER['uid'];
    $errormsg = "";
    // Check if Title blank
    if ($title == "") {
        $eh->show("1104");
    }
    // Check if Description blank
    if ($description == "") {
        $eh->show("1105");
    }
    // Check if a file was uploaded
    if ($_FILES['newfile']['size'] == 0 && empty($fileurl)) {
        $eh->show("1017");
    }
    if (!empty($_POST['cid'])) {
        $cid = $_POST['cid'];
    } else {
        $cid = 0;
        $eh->show("1110");
    }
    $filename = '';
    //$myts->makeTboxData4Save($_FILES['newfile']['name']);
    $url = '';
    //$myts->makeTboxData4Save(rawurlencode($filename));
    $snapfilename = '';
    // = $myts->makeTboxData4Save($_FILES['newfileshot']['name']);
    $logourl = '';
    //$myts->makeTboxData4Save(rawurlencode($snapfilename));
    require_once $_CONF['path_system'] . 'classes/upload.class.php';
    $upload = new upload();
    $upload->setFieldName('newfile');
    $upload->setPath($filemgmt_FileStore);
    $upload->setAllowAnyMimeType(true);
    // allow any file type
    $upload->setMaxFileSize(100000000);
    if ($upload->numFiles() > 0) {
        $upload->uploadFiles();
        if ($upload->areErrors()) {
            $errmsg = "Upload Error: " . $upload->printErrors(false);
            COM_errorLog($errmsg);
            $eh->show("1106");
        } else {
            $size = $myts->makeTboxData4Save(intval($upload->_currentFile['size']));
            $filename = $myts->makeTboxData4Save($upload->_currentFile['name']);
            $url = $myts->makeTboxData4Save(rawurlencode($filename));
            $pos = strrpos($filename, '.') + 1;
            $fileExtension = strtolower(substr($filename, $pos));
            if (array_key_exists($fileExtension, $_FMDOWNLOAD)) {
                if ($_FMDOWNLOAD[$fileExtension] == 'reject') {
                    COM_errorLOG("AddNewFile - New Upload file is rejected by config rule:{$uploadfilename}");
                    $eh->show("1109");
                } else {
                    $fileExtension = $_FMDOWNLOAD[$fileExtension];
                    $pos = strrpos($url, '.') + 1;
                    $url = strtolower(substr($url, 0, $pos)) . $fileExtension;
                    $pos2 = strrpos($filename, '.') + 1;
                    $filename = substr($filename, 0, $pos2) . $fileExtension;
                }
            }
            $AddNewFile = true;
        }
    }
    if ($upload->numFiles() == 0 && !$upload->areErrors() && !empty($fileurl)) {
        $url = $fileurl;
        $size = 0;
        $AddNewFile = true;
    }
    $upload = new upload();
    $upload->setFieldName('newfileshot');
    $upload->setPath($filemgmt_SnapStore);
    $upload->setAllowAnyMimeType(false);
    $upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
    $upload->setAutomaticResize(true);
    if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
        $upload->setLogFile($_CONF['path'] . 'logs/error.log');
        $upload->setDebug(true);
    }
    $upload->setMaxDimensions(640, 480);
    $upload->setAutomaticResize(true);
    $upload->setMaxFileSize(100000000);
    $upload->uploadFiles();
    if ($upload->numFiles() > 0) {
        if ($upload->areErrors()) {
            $errmsg = "Upload Error: " . $upload->printErrors(false);
            COM_errorLog($errmsg);
            $eh->show("1106");
        } else {
            $snapfilename = $myts->makeTboxData4Save($upload->_currentFile['name']);
            $logourl = $myts->makeTboxData4Save(rawurlencode($snapfilename));
            $AddNewFile = true;
        }
    }
    if ($AddNewFile) {
        $chown = @chmod($filemgmt_FileStore . $filename, $filemgmtFilePermissions);
        if (strlen($version) > 9) {
            $version = substr($version, 0, 8);
        }
        $fields = 'cid, title, url, homepage, version, size, logourl, submitter, status, date, hits, rating, votes, comments';
        $sql = "INSERT INTO {$_TABLES['filemgmt_filedetail']} ({$fields}) VALUES ";
        $sql .= "('" . DB_escapeString($cid) . "','" . $title . "','" . $url . "','" . $homepage . "','" . $version . "','" . $size . "','" . $logourl . "','" . DB_escapeString($submitter) . "',1,UNIX_TIMESTAMP(),0,0,0,'" . DB_escapeString($commentoption) . "')";
        DB_query($sql);
        $newid = DB_insertID();
        DB_query("INSERT INTO {$_TABLES['filemgmt_filedesc']} (lid, description) VALUES ({$newid}, '" . $description . "')");
        PLG_itemSaved($newid, 'filemgmt');
        CACHE_remove_instance('whatsnew');
        if (isset($duplicatefile) && $duplicatefile) {
            redirect_header("{$_CONF['site_admin_url']}/plugins/filemgmt/index.php", 2, _MD_NEWDLADDED_DUPFILE);
        } elseif (isset($duplicatesnap) && $duplicatesnap) {
            redirect_header("{$_CONF['site_admin_url']}/plugins/filemgmt/index.php", 2, _MD_NEWDLADDED_DUPSNAP);
        } else {
            redirect_header("{$_CONF['site_admin_url']}/plugins/filemgmt/index.php", 2, _MD_NEWDLADDED);
        }
        exit;
    } else {
        redirect_header("index.php", 2, _MD_ERRUPLOAD . "");
        exit;
    }
}
Exemplo n.º 5
0
/**
* Upload new photo, delete old photo
*
* @param    string  $delete_photo   'on': delete old photo
* @return   string                  filename of new photo (empty = no new photo)
*
*/
function handlePhotoUpload($delete_photo = '')
{
    global $_CONF, $_TABLES, $_USER, $LANG24;
    require_once $_CONF['path_system'] . 'classes/upload.class.php';
    $upload = new upload();
    if (!empty($_CONF['image_lib'])) {
        if ($_CONF['image_lib'] == 'imagemagick') {
            // Using imagemagick
            $upload->setMogrifyPath($_CONF['path_to_mogrify']);
        } elseif ($_CONF['image_lib'] == 'netpbm') {
            // using netPBM
            $upload->setNetPBM($_CONF['path_to_netpbm']);
        } elseif ($_CONF['image_lib'] == 'gdlib') {
            // using the GD library
            $upload->setGDLib();
        }
        $upload->setAutomaticResize(true);
        if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
            $upload->setLogFile($_CONF['path'] . 'logs/error.log');
            $upload->setDebug(true);
        }
        if (isset($_CONF['jpeg_quality'])) {
            $upload->setJpegQuality($_CONF['jpeg_quality']);
        }
    }
    $upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
    if (!$upload->setPath($_CONF['path_images'] . 'userphotos')) {
        $display = COM_siteHeader('menu', $LANG24[30]);
        $display .= COM_startBlock($LANG24[30], '', COM_getBlockTemplate('_msg_block', 'header'));
        $display .= $upload->printErrors(false);
        $display .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
        $display .= COM_siteFooter();
        COM_output($display);
        exit;
        // don't return
    }
    $filename = '';
    if (!empty($delete_photo) && $delete_photo == 'on') {
        $delete_photo = true;
    } else {
        $delete_photo = false;
    }
    $curphoto = DB_getItem($_TABLES['users'], 'photo', "uid = {$_USER['uid']}");
    if (empty($curphoto)) {
        $delete_photo = false;
    }
    // see if user wants to upload a (new) photo
    $newphoto = $_FILES['photo'];
    if (!empty($newphoto['name'])) {
        $pos = strrpos($newphoto['name'], '.') + 1;
        $fextension = substr($newphoto['name'], $pos);
        $filename = $_USER['username'] . '.' . $fextension;
        if (!empty($curphoto) && $filename != $curphoto) {
            $delete_photo = true;
        } else {
            $delete_photo = false;
        }
    }
    // delete old photo first
    if ($delete_photo) {
        USER_deletePhoto($curphoto);
    }
    // now do the upload
    if (!empty($filename)) {
        $upload->setFileNames($filename);
        $upload->setPerms('0644');
        if ($_CONF['max_photo_width'] > 0 && $_CONF['max_photo_height'] > 0) {
            $upload->setMaxDimensions($_CONF['max_photo_width'], $_CONF['max_photo_height']);
        } else {
            $upload->setMaxDimensions($_CONF['max_image_width'], $_CONF['max_image_height']);
        }
        if ($_CONF['max_photo_size'] > 0) {
            $upload->setMaxFileSize($_CONF['max_photo_size']);
        } else {
            $upload->setMaxFileSize($_CONF['max_image_size']);
        }
        $upload->uploadFiles();
        if ($upload->areErrors()) {
            $display = COM_siteHeader('menu', $LANG24[30]);
            $display .= COM_startBlock($LANG24[30], '', COM_getBlockTemplate('_msg_block', 'header'));
            $display .= $upload->printErrors(false);
            $display .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
            $display .= COM_siteFooter();
            COM_output($display);
            exit;
            // don't return
        }
    } else {
        if (!$delete_photo && !empty($curphoto)) {
            $filename = $curphoto;
        }
    }
    return $filename;
}
Exemplo n.º 6
0
/**
 * Submit a new or updated story. The story is updated if it exists, or a new one is created
 *
 * @param   array   args    Contains all the data provided by the client
 * @param   string  &output OUTPUT parameter containing the returned text
 * @return  int		    Response code as defined in lib-plugins.php
 */
function service_submit_story($args, &$output, &$svc_msg)
{
    global $_CONF, $_TABLES, $_USER, $LANG24, $MESSAGE, $_GROUPS;
    if (!SEC_hasRights('story.edit')) {
        $output .= COM_siteHeader('menu', $MESSAGE[30]) . COM_showMessageText($MESSAGE[29], $MESSAGE[30]) . COM_siteFooter();
        return PLG_RET_AUTH_FAILED;
    }
    require_once $_CONF['path_system'] . 'lib-comment.php';
    $gl_edit = false;
    if (isset($args['gl_edit'])) {
        $gl_edit = $args['gl_edit'];
    }
    if ($gl_edit) {
        /* This is EDIT mode, so there should be an old sid */
        if (empty($args['old_sid'])) {
            if (!empty($args['id'])) {
                $args['old_sid'] = $args['id'];
            } else {
                return PLG_RET_ERROR;
            }
            if (empty($args['sid'])) {
                $args['sid'] = $args['old_sid'];
            }
        }
    } else {
        if (empty($args['sid']) && !empty($args['id'])) {
            $args['sid'] = $args['id'];
        }
    }
    /* Store the first CATEGORY as the Topic ID */
    if (!empty($args['category'][0])) {
        $args['tid'] = $args['category'][0];
    }
    $content = '';
    if (!empty($args['content'])) {
        $content = $args['content'];
    } else {
        if (!empty($args['summary'])) {
            $content = $args['summary'];
        }
    }
    if (!empty($content)) {
        $parts = explode('[page_break]', $content);
        if (count($parts) == 1) {
            $args['introtext'] = $content;
            $args['bodytext'] = '';
        } else {
            $args['introtext'] = array_shift($parts);
            $args['bodytext'] = implode('[page_break]', $parts);
        }
    }
    /* Apply filters to the parameters passed by the webservice */
    if ($args['gl_svc']) {
        if (isset($args['mode'])) {
            $args['mode'] = COM_applyBasicFilter($args['mode']);
        }
        if (isset($args['editopt'])) {
            $args['editopt'] = COM_applyBasicFilter($args['editopt']);
        }
    }
    /* - START: Set all the defaults - */
    if (empty($args['tid'])) {
        // see if we have a default topic
        $topic = DB_getItem($_TABLES['topics'], 'tid', 'is_default = 1' . COM_getPermSQL('AND'));
        if (!empty($topic)) {
            $args['tid'] = $topic;
        } else {
            // otherwise, just use the first one
            $o = array();
            $s = array();
            if (service_getTopicList_story(array('gl_svc' => true), $o, $s) == PLG_RET_OK) {
                $args['tid'] = $o[0];
            } else {
                $svc_msg['error_desc'] = 'No topics available';
                return PLG_RET_ERROR;
            }
        }
    }
    if (empty($args['owner_id'])) {
        $args['owner_id'] = $_USER['uid'];
    }
    if (empty($args['group_id'])) {
        $args['group_id'] = SEC_getFeatureGroup('story.edit', $_USER['uid']);
    }
    if (empty($args['postmode'])) {
        $args['postmode'] = $_CONF['postmode'];
        if (!empty($args['content_type'])) {
            if ($args['content_type'] == 'text') {
                $args['postmode'] = 'text';
            } else {
                if ($args['content_type'] == 'html' || $args['content_type'] == 'xhtml') {
                    $args['postmode'] = 'html';
                }
            }
        }
    }
    if ($args['gl_svc']) {
        /* Permissions */
        if (!isset($args['perm_owner'])) {
            $args['perm_owner'] = $_CONF['default_permissions_story'][0];
        } else {
            $args['perm_owner'] = COM_applyBasicFilter($args['perm_owner'], true);
        }
        if (!isset($args['perm_group'])) {
            $args['perm_group'] = $_CONF['default_permissions_story'][1];
        } else {
            $args['perm_group'] = COM_applyBasicFilter($args['perm_group'], true);
        }
        if (!isset($args['perm_members'])) {
            $args['perm_members'] = $_CONF['default_permissions_story'][2];
        } else {
            $args['perm_members'] = COM_applyBasicFilter($args['perm_members'], true);
        }
        if (!isset($args['perm_anon'])) {
            $args['perm_anon'] = $_CONF['default_permissions_story'][3];
        } else {
            $args['perm_anon'] = COM_applyBasicFilter($args['perm_anon'], true);
        }
        if (!isset($args['draft_flag'])) {
            $args['draft_flag'] = $_CONF['draft_flag'];
        }
        if (empty($args['frontpage'])) {
            $args['frontpage'] = $_CONF['frontpage'];
        }
        if (empty($args['show_topic_icon'])) {
            $args['show_topic_icon'] = $_CONF['show_topic_icon'];
        }
    }
    /* - END: Set all the defaults - */
    // TEST CODE
    /* foreach ($args as $k => $v) {
           if (!is_array($v)) {
               echo "$k => $v\r\n";
           } else {
               echo "$k => $v\r\n";
               foreach ($v as $k1 => $v1) {
                   echo "        $k1 => $v1\r\n";
               }
           }
       }*/
    // exit ();
    // END TEST CODE
    if (!isset($args['sid'])) {
        $args['sid'] = '';
    }
    $args['sid'] = COM_sanitizeID($args['sid']);
    if (!$gl_edit) {
        if (strlen($args['sid']) > STORY_MAX_ID_LENGTH) {
            $args['sid'] = WS_makeId($args['slug'], STORY_MAX_ID_LENGTH);
        }
    }
    $story = new Story();
    $gl_edit = false;
    if (isset($args['gl_edit'])) {
        $gl_edit = $args['gl_edit'];
    }
    if ($gl_edit && !empty($args['gl_etag'])) {
        /* First load the original story to check if it has been modified */
        $result = $story->loadFromDatabase($args['sid']);
        if ($result == STORY_LOADED_OK) {
            if ($args['gl_etag'] != date('c', $story->_date)) {
                $svc_msg['error_desc'] = 'A more recent version of the story is available';
                return PLG_RET_PRECONDITION_FAILED;
            }
        } else {
            $svc_msg['error_desc'] = 'Error loading story';
            return PLG_RET_ERROR;
        }
    }
    /* This function is also doing the security checks */
    $result = $story->loadFromArgsArray($args);
    $sid = $story->getSid();
    switch ($result) {
        case STORY_DUPLICATE_SID:
            $output .= COM_siteHeader('menu', $LANG24[5]);
            $output .= COM_errorLog($LANG24[24], 2);
            if (!$args['gl_svc']) {
                $output .= storyeditor($sid);
            }
            $output .= COM_siteFooter();
            return PLG_RET_ERROR;
        case STORY_EXISTING_NO_EDIT_PERMISSION:
            $output .= COM_siteHeader('menu', $MESSAGE[30]) . COM_showMessageText($MESSAGE[29], $MESSAGE[30]) . COM_siteFooter();
            COM_accessLog("User {$_USER['username']} tried to illegally submit or edit story {$sid}.");
            return PLG_RET_PERMISSION_DENIED;
        case STORY_NO_ACCESS_PARAMS:
            $output .= COM_siteHeader('menu', $MESSAGE[30]) . COM_showMessageText($MESSAGE[29], $MESSAGE[30]) . COM_siteFooter();
            COM_accessLog("User {$_USER['username']} tried to illegally submit or edit story {$sid}.");
            return PLG_RET_PERMISSION_DENIED;
        case STORY_EMPTY_REQUIRED_FIELDS:
            $output .= COM_siteHeader('menu');
            $output .= COM_errorLog($LANG24[31], 2);
            if (!$args['gl_svc']) {
                $output .= storyeditor($sid);
            }
            $output .= COM_siteFooter();
            return PLG_RET_ERROR;
        default:
            break;
    }
    /* Image upload is not supported by the web-service at present */
    if (!$args['gl_svc']) {
        // Delete any images if needed
        if (array_key_exists('delete', $args)) {
            $delete = count($args['delete']);
            for ($i = 1; $i <= $delete; $i++) {
                $ai_filename = DB_getItem($_TABLES['article_images'], 'ai_filename', "ai_sid = '{$sid}' AND ai_img_num = " . key($args['delete']));
                STORY_deleteImage($ai_filename);
                DB_query("DELETE FROM {$_TABLES['article_images']} WHERE ai_sid = '{$sid}' AND ai_img_num = " . key($args['delete']));
                next($args['delete']);
            }
        }
        // OK, let's upload any pictures with the article
        if (DB_count($_TABLES['article_images'], 'ai_sid', $sid) > 0) {
            $index_start = DB_getItem($_TABLES['article_images'], 'max(ai_img_num)', "ai_sid = '{$sid}'") + 1;
        } else {
            $index_start = 1;
        }
        if (count($_FILES) > 0 and $_CONF['maximagesperarticle'] > 0) {
            require_once $_CONF['path_system'] . 'classes/upload.class.php';
            $upload = new upload();
            if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
                $upload->setLogFile($_CONF['path'] . 'logs/error.log');
                $upload->setDebug(true);
            }
            $upload->setMaxFileUploads($_CONF['maximagesperarticle']);
            if (!empty($_CONF['image_lib'])) {
                if ($_CONF['image_lib'] == 'imagemagick') {
                    // Using imagemagick
                    $upload->setMogrifyPath($_CONF['path_to_mogrify']);
                } elseif ($_CONF['image_lib'] == 'netpbm') {
                    // using netPBM
                    $upload->setNetPBM($_CONF['path_to_netpbm']);
                } elseif ($_CONF['image_lib'] == 'gdlib') {
                    // using the GD library
                    $upload->setGDLib();
                }
                $upload->setAutomaticResize(true);
                if ($_CONF['keep_unscaled_image'] == 1) {
                    $upload->keepOriginalImage(true);
                } else {
                    $upload->keepOriginalImage(false);
                }
                if (isset($_CONF['jpeg_quality'])) {
                    $upload->setJpegQuality($_CONF['jpeg_quality']);
                }
            }
            $upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
            if (!$upload->setPath($_CONF['path_images'] . 'articles')) {
                $output = COM_siteHeader('menu', $LANG24[30]);
                $output .= COM_startBlock($LANG24[30], '', COM_getBlockTemplate('_msg_block', 'header'));
                $output .= $upload->printErrors(false);
                $output .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
                $output .= COM_siteFooter();
                echo $output;
                exit;
            }
            // NOTE: if $_CONF['path_to_mogrify'] is set, the call below will
            // force any images bigger than the passed dimensions to be resized.
            // If mogrify is not set, any images larger than these dimensions
            // will get validation errors
            $upload->setMaxDimensions($_CONF['max_image_width'], $_CONF['max_image_height']);
            $upload->setMaxFileSize($_CONF['max_image_size']);
            // size in bytes, 1048576 = 1MB
            // Set file permissions on file after it gets uploaded (number is in octal)
            $upload->setPerms('0644');
            $filenames = array();
            $end_index = $index_start + $upload->numFiles() - 1;
            for ($z = $index_start; $z <= $end_index; $z++) {
                $curfile = current($_FILES);
                if (!empty($curfile['name'])) {
                    $pos = strrpos($curfile['name'], '.') + 1;
                    $fextension = substr($curfile['name'], $pos);
                    $filenames[] = $sid . '_' . $z . '.' . $fextension;
                }
                next($_FILES);
            }
            $upload->setFileNames($filenames);
            reset($_FILES);
            $upload->uploadFiles();
            if ($upload->areErrors()) {
                $retval = COM_siteHeader('menu', $LANG24[30]);
                $retval .= COM_startBlock($LANG24[30], '', COM_getBlockTemplate('_msg_block', 'header'));
                $retval .= $upload->printErrors(false);
                $retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
                $retval .= COM_siteFooter();
                echo $retval;
                exit;
            }
            reset($filenames);
            for ($z = $index_start; $z <= $end_index; $z++) {
                DB_query("INSERT INTO {$_TABLES['article_images']} (ai_sid, ai_img_num, ai_filename) VALUES ('{$sid}', {$z}, '" . current($filenames) . "')");
                next($filenames);
            }
        }
        if ($_CONF['maximagesperarticle'] > 0) {
            $errors = $story->insertImages();
            if (count($errors) > 0) {
                $output = COM_siteHeader('menu', $LANG24[54]);
                $output .= COM_startBlock($LANG24[54], '', COM_getBlockTemplate('_msg_block', 'header'));
                $output .= $LANG24[55] . '<p>';
                for ($i = 1; $i <= count($errors); $i++) {
                    $output .= current($errors) . '<br' . XHTML . '>';
                    next($errors);
                }
                $output .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
                $output .= storyeditor($sid);
                $output .= COM_siteFooter();
                echo $output;
                exit;
            }
        }
    }
    $result = $story->saveToDatabase();
    if ($result == STORY_SAVED) {
        // see if any plugins want to act on that story
        if (!empty($args['old_sid']) && $args['old_sid'] != $sid) {
            PLG_itemSaved($sid, 'article', $args['old_sid']);
        } else {
            PLG_itemSaved($sid, 'article');
        }
        // update feed(s) and Older Stories block
        COM_rdfUpToDateCheck('article', $story->DisplayElements('tid'), $sid);
        COM_olderStuff();
        CMT_updateCommentcodes();
        if ($story->type == 'submission') {
            $output = COM_refresh($_CONF['site_admin_url'] . '/moderation.php?msg=9');
        } else {
            $output = PLG_afterSaveSwitch($_CONF['aftersave_story'], COM_buildURL("{$_CONF['site_url']}/article.php?story={$sid}"), 'story', 9);
        }
        /* @TODO Set the object id here */
        $svc_msg['id'] = $sid;
        return PLG_RET_OK;
    }
}
Exemplo n.º 7
0
function nexform_uploadfile($filename, &$upload_file, $allowablefiletypes)
{
    global $_FILES, $_CONF, $_TABLES, $CONF_FE, $LANG_FE_ERR;
    include_once $_CONF['path_system'] . 'classes/upload.class.php';
    $upload = new upload();
    $upload->setPath($CONF_FE['uploadpath']);
    $upload->setLogging(true);
    $upload->setAutomaticResize(false);
    $upload->setAllowedMimeTypes($allowablefiletypes);
    // Set max dimensions as well in case user is uploading a full size image
    $upload->setMaxDimensions($CONF_FE['max_uploadimage_width'], $CONF_FE['max_uploadimage_height']);
    $upload->setMaxFileSize($CONF_FE['max_uploadfile_size']);
    if (strlen($upload_file['name']) > 0) {
        $upload->setFileNames($filename);
        $upload->setPerms(FE_CHMOD_FILES);
        $upload->_currentFile = $upload_file;
        // Verify file meets size limitations
        if (!$upload->_fileSizeOk()) {
            $upload->_addError('File, ' . $upload->_currentFile['name'] . ', is bigger than the ' . $upload->_maxFileSize . ' byte limit');
        }
        // If all systems check, do the upload
        if ($upload->checkMimeType() and $upload->_imageSizeOK() and !$upload->areErrors()) {
            if ($upload->_copyFile()) {
                $upload->_uploadedFiles[] = $upload->_fileUploadDirectory . '/' . $upload->_getDestinationName();
            }
        }
        $upload->_currentFile = array();
        if ($upload->areErrors() and !$upload->_continueOnError) {
            $errmsg = "nexform: upload function error:" . $upload->printErrors(false);
            COM_errorLog($errmsg);
            $GLOBALS['fe_errmsg'] = $LANG_FE_ERR['upload1'] . ':<BR>' . $upload->printErrors(false);
            return false;
        }
        return true;
    } else {
        return false;
    }
    return false;
}
Exemplo n.º 8
0
/**
* Upload new photo, delete old photo
*
* @param    string  $delete_photo   'on': delete old photo
* @return   string                  filename of new photo (empty = no new photo)
*
*/
function handlePhotoUpload($delete_photo = '')
{
    global $_CONF, $_TABLES, $_USER, $LANG24;
    require_once $_CONF['path_system'] . 'classes/upload.class.php';
    $upload = new upload();
    if (!empty($_CONF['image_lib'])) {
        $upload->setAutomaticResize(true);
        if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
            $upload->setLogFile($_CONF['path'] . 'logs/error.log');
            $upload->setDebug(true);
        }
    }
    $upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
    if (!$upload->setPath($_CONF['path_images'] . 'userphotos')) {
        $display = COM_siteHeader('menu', $LANG24[30]);
        $display .= COM_showMessageText($upload->printErrors(false), $LANG24[30], true);
        $display .= COM_siteFooter();
        echo $display;
        exit;
        // don't return
    }
    $filename = '';
    if (!empty($delete_photo) && $delete_photo == 'on') {
        $delete_photo = true;
    } else {
        $delete_photo = false;
    }
    $curphoto = DB_getItem($_TABLES['users'], 'photo', "uid = {$_USER['uid']}");
    if (empty($curphoto)) {
        $delete_photo = false;
    }
    // see if user wants to upload a (new) photo
    $newphoto = $_FILES['photo'];
    if (!empty($newphoto['name'])) {
        $pos = strrpos($newphoto['name'], '.') + 1;
        $fextension = substr($newphoto['name'], $pos);
        $filename = $_USER['uid'] . '.' . $fextension;
        if (!empty($curphoto) && $filename != $curphoto) {
            $delete_photo = true;
        } else {
            $delete_photo = false;
        }
    }
    // delete old photo first
    if ($delete_photo) {
        USER_deletePhoto($curphoto);
    }
    // now do the upload
    if (!empty($filename)) {
        $upload->setFileNames($filename);
        $upload->setFieldName('photo');
        $upload->setPerms('0644');
        if ($_CONF['max_photo_width'] > 0 && $_CONF['max_photo_height'] > 0) {
            $upload->setMaxDimensions($_CONF['max_photo_width'], $_CONF['max_photo_height']);
        } else {
            $upload->setMaxDimensions($_CONF['max_image_width'], $_CONF['max_image_height']);
        }
        if ($_CONF['max_photo_size'] > 0) {
            $upload->setMaxFileSize($_CONF['max_photo_size']);
        } else {
            $upload->setMaxFileSize($_CONF['max_image_size']);
        }
        $upload->uploadFiles();
        if ($upload->areErrors()) {
            $display = COM_siteHeader('menu', $LANG24[30]);
            $display .= COM_showMessageText($upload->printErrors(false), $LANG24[30], true);
            $display .= COM_siteFooter();
            echo $display;
            exit;
            // don't return
        }
    } else {
        if (!$delete_photo && !empty($curphoto)) {
            $filename = $curphoto;
        }
    }
    return $filename;
}
Exemplo n.º 9
0
/**
* Upload new photo, delete old photo
*
* @param    string  $delete_photo   'on': delete old photo
* @return   string                  filename of new photo (empty = no new photo)
*
*/
function USER_handlePhotoUpload($uid, $delete_photo = '')
{
    global $_CONF, $_TABLES, $LANG24;
    USES_class_upload();
    $upload = new upload();
    if (!empty($_CONF['image_lib'])) {
        $upload->setAutomaticResize(true);
        if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
            $upload->setLogFile($_CONF['path'] . 'logs/error.log');
            $upload->setDebug(true);
        }
    }
    $upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
    if (!$upload->setPath($_CONF['path_images'] . 'userphotos')) {
        return '';
    }
    $filename = '';
    if (!empty($delete_photo) && $delete_photo == 1) {
        $delete_photo = true;
    } else {
        $delete_photo = false;
    }
    $curphoto = DB_getItem($_TABLES['users'], 'photo', "uid = " . (int) $uid);
    if (empty($curphoto)) {
        $delete_photo = false;
    }
    // see if user wants to upload a (new) photo
    $newphoto = $_FILES['photo'];
    if (!empty($newphoto['name'])) {
        $pos = strrpos($newphoto['name'], '.') + 1;
        $fextension = substr($newphoto['name'], $pos);
        $filename = $uid . '.' . $fextension;
        if (!empty($curphoto) && $filename != $curphoto) {
            $delete_photo = true;
        } else {
            $delete_photo = false;
        }
    }
    // delete old photo first
    if ($delete_photo) {
        USER_deletePhoto($curphoto);
    }
    // now do the upload
    if (!empty($filename)) {
        $upload->setFileNames($filename);
        $upload->setFieldName('photo');
        $upload->setPerms('0644');
        $upload->setMaxDimensions(1024000, 1024000);
        $upload->uploadFiles();
        if ($upload->areErrors()) {
            return '';
        }
        IMG_resizeImage($_CONF['path_images'] . 'userphotos/' . $filename, $_CONF['path_images'] . 'userphotos/' . $filename, $_CONF['max_photo_height'], $_CONF['max_photo_width']);
    } else {
        if (!$delete_photo && !empty($curphoto)) {
            $filename = $curphoto;
        }
    }
    return $filename;
}
Exemplo n.º 10
0
/**
* Upload new topic icon, replaces previous icon if one exists
*
* @param    string  tid     ID of topic to prepend to filename
* @return   string          filename of new photo (empty = no new photo)
*
*/
function handleIconUpload($tid)
{
    global $_CONF, $_TABLES, $LANG27;
    require_once $_CONF['path_system'] . 'classes/upload.class.php';
    $upload = new upload();
    if (!empty($_CONF['image_lib'])) {
        if ($_CONF['image_lib'] == 'imagemagick') {
            // Using imagemagick
            $upload->setMogrifyPath($_CONF['path_to_mogrify']);
        } elseif ($_CONF['image_lib'] == 'netpbm') {
            // using netPBM
            $upload->setNetPBM($_CONF['path_to_netpbm']);
        } elseif ($_CONF['image_lib'] == 'gdlib') {
            // using the GD library
            $upload->setGDLib();
        }
        $upload->setAutomaticResize(true);
        if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
            $upload->setLogFile($_CONF['path'] . 'logs/error.log');
            $upload->setDebug(true);
        }
        if (isset($_CONF['jpeg_quality'])) {
            $upload->setJpegQuality($_CONF['jpeg_quality']);
        }
    }
    $upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
    if (!$upload->setPath($_CONF['path_images'] . 'topics')) {
        $display = COM_showMessageText($upload->printErrors(false), $LANG27[29]);
        $display = COM_createHTMLDocument($display, array('pagetitle' => $LANG27[29]));
        COM_output($display);
        exit;
        // don't return
    }
    $filename = '';
    // see if user wants to upload a (new) icon
    $newicon = $_FILES['newicon'];
    if (!empty($newicon['name'])) {
        $pos = strrpos($newicon['name'], '.') + 1;
        $fextension = substr($newicon['name'], $pos);
        $filename = 'topic_' . $tid . '.' . $fextension;
    }
    // do the upload
    if (!empty($filename)) {
        $upload->setFileNames($filename);
        $upload->setPerms('0644');
        if ($_CONF['max_topicicon_width'] > 0 && $_CONF['max_topicicon_height'] > 0) {
            $upload->setMaxDimensions($_CONF['max_topicicon_width'], $_CONF['max_topicicon_height']);
        } else {
            $upload->setMaxDimensions($_CONF['max_image_width'], $_CONF['max_image_height']);
        }
        if ($_CONF['max_topicicon_size'] > 0) {
            $upload->setMaxFileSize($_CONF['max_topicicon_size']);
        } else {
            $upload->setMaxFileSize($_CONF['max_image_size']);
        }
        $upload->uploadFiles();
        if ($upload->areErrors()) {
            $display = COM_showMessageText($upload->printErrors(false), $LANG27[29]);
            $display = COM_createHTMLDocument($display, array('pagetitle' => $LANG27[29]));
            COM_output($display);
            exit;
            // don't return
        }
        if (strpos($_CONF['path_images'], $_CONF['path_html']) === 0) {
            $filename = substr($_CONF['path_images'], strlen($_CONF['path_html']) - 1) . 'topics/' . $filename;
        } else {
            /**
             * Not really used when the 'path_images' is outside of the webroot.
             * Let's at least extract the name of the images directory then.
             */
            $images = 'images';
            $parts = explode('/', $_CONF['path_images']);
            if (count($parts) > 1) {
                $cnt = count($parts);
                // e.g. from /path/to/myimages/ would extract "myimages"
                if (empty($parts[$cnt - 1]) && !empty($parts[$cnt - 2])) {
                    $images = $parts[$cnt - 2];
                }
                $filename = '/' . $images . '/topics/' . $filename;
            }
        }
    }
    return $filename;
}
Exemplo n.º 11
0
/**
* Upload new topic icon, replaces previous icon if one exists
*
* @param    string  tid     ID of topic to prepend to filename
* @return   string          filename of new photo (empty = no new photo)
*
*/
function TOPIC_iconUpload($tid)
{
    global $_CONF, $_TABLES, $LANG27;
    require_once $_CONF['path_system'] . 'classes/upload.class.php';
    $upload = new upload();
    if (!empty($_CONF['image_lib'])) {
        $upload->setAutomaticResize(true);
        if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
            $upload->setLogFile($_CONF['path'] . 'logs/error.log');
            $upload->setDebug(true);
        }
    }
    $upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
    if (!$upload->setPath($_CONF['path_images'] . 'topics')) {
        $display = COM_siteHeader('menu', $LANG27[29]);
        $display .= COM_showMessageText($upload->printErrors(false), $LANG27[29], true);
        $display .= COM_siteFooter();
        echo $display;
        exit;
        // don't return
    }
    $upload->setFieldName('newicon');
    $filename = '';
    // see if user wants to upload a (new) icon
    $newicon = $_FILES['newicon'];
    if (!empty($newicon['name'])) {
        $pos = strrpos($newicon['name'], '.') + 1;
        $fextension = substr($newicon['name'], $pos);
        $filename = 'topic_' . $tid . '.' . $fextension;
    }
    // do the upload
    if (!empty($filename)) {
        $upload->setFileNames($filename);
        $upload->setPerms('0644');
        if ($_CONF['max_topicicon_width'] > 0 && $_CONF['max_topicicon_height'] > 0) {
            $upload->setMaxDimensions($_CONF['max_topicicon_width'], $_CONF['max_topicicon_height']);
        } else {
            $upload->setMaxDimensions($_CONF['max_image_width'], $_CONF['max_image_height']);
        }
        if ($_CONF['max_topicicon_size'] > 0) {
            $upload->setMaxFileSize($_CONF['max_topicicon_size']);
        } else {
            $upload->setMaxFileSize($_CONF['max_image_size']);
        }
        $upload->uploadFiles();
        if ($upload->areErrors()) {
            $display = COM_siteHeader('menu', $LANG27[29]);
            $display .= COM_showMessageText($upload->printErrors(false), $LANG27[29], true);
            $display .= COM_siteFooter();
            echo $display;
            exit;
            // don't return
        }
        $filename = '/images/topics/' . $filename;
    }
    return $filename;
}
Exemplo n.º 12
0
 protected function _handleImageResize($to_path)
 {
     global $_CONF;
     require_once $_CONF['path_system'] . 'classes/upload.class.php';
     // Figure out file name
     $path_parts = pathinfo($to_path);
     $filename = $path_parts['basename'];
     $upload = new upload();
     if (!empty($_CONF['image_lib'])) {
         if ($_CONF['image_lib'] == 'imagemagick') {
             // Using imagemagick
             $upload->setMogrifyPath($_CONF['path_to_mogrify']);
         } elseif ($_CONF['image_lib'] == 'netpbm') {
             // using netPBM
             $upload->setNetPBM($_CONF['path_to_netpbm']);
         } elseif ($_CONF['image_lib'] == 'gdlib') {
             // using the GD library
             $upload->setGDLib();
         }
         $upload->setAutomaticResize(true);
         if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
             $upload->setLogFile($_CONF['path'] . 'logs/error.log');
             $upload->setDebug(true);
         }
         if (isset($_CONF['jpeg_quality'])) {
             $upload->setJpegQuality($_CONF['jpeg_quality']);
         }
     }
     $upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
     // Set new path and image name
     if (!$upload->setPath($_CONF['path_images'] . 'userphotos')) {
         return;
     }
     // Current path of image to resize
     $path = $_CONF['path_images'] . 'userphotos/' . $filename;
     $path_parts = pathinfo($path);
     $_FILES['imagefile']['name'] = $path_parts['basename'];
     $_FILES['imagefile']['tmp_name'] = $path;
     $_FILES['imagefile']['type'] = '';
     switch ($path_parts['extension']) {
         case 'gif':
             $_FILES['imagefile']['type'] = 'image/gif';
             break;
         case 'jpg':
         case 'jpeg':
             $_FILES['imagefile']['type'] = 'image/jpeg';
             break;
         case 'png':
             $_FILES['imagefile']['type'] = 'image/png';
             break;
     }
     $_FILES['imagefile']['size'] = filesize($_FILES['imagefile']['tmp_name']);
     $_FILES['imagefile']['error'] = '';
     $_FILES['imagefile']['non_upload'] = true;
     // Flag to bypass upload process via browser file form
     // do the upload
     if (!empty($filename)) {
         $upload->setFileNames($filename);
         $upload->setPerms('0644');
         if ($_CONF['max_photo_width'] > 0 && $_CONF['max_photo_height'] > 0) {
             $upload->setMaxDimensions($_CONF['max_photo_width'], $_CONF['max_photo_height']);
         } else {
             $upload->setMaxDimensions($_CONF['max_image_width'], $_CONF['max_image_height']);
         }
         if ($_CONF['max_photo_size'] > 0) {
             $upload->setMaxFileSize($_CONF['max_photo_size']);
         } else {
             $upload->setMaxFileSize($_CONF['max_image_size']);
         }
         $upload->uploadFiles();
         if ($upload->areErrors()) {
             return;
         }
     }
     return $path;
     // return new path and filename
 }
Exemplo n.º 13
0
include_once $_CONF['path_system'] . 'classes/upload.class.php';
if (!file_exists($questionDir)) {
    mkdir($questionDir);
    chmod($questionDir, 0755);
}
$upload = new upload();
$upload->setContinueOnError(true);
$upload->setMaxFileUploads('1');
$upload->setLogFile("{$clubLogfile}");
$upload->setLogging(false);
$upload->setAllowedMimeTypes($_CONFQUIZ['allowableImageTypes']);
if (!$upload->setPath($questionDir)) {
    print 'File Upload Errors:<BR>' . $upload->printErrors();
    exit;
}
$upload->setMaxDimensions($_CONFQUIZ['max_upload_width'], $_CONFQUIZ['max_upload_height']);
$upload->setMaxFileSize($_CONFQUIZ['max_upload_size']);
// Set file permissions on file after it gets uploaded (number is in octet)
$upload->setPerms('0774');
$filenames = array();
$realfilenames = array();
$uploadtypes = array();
$uploadfilepos = array();
$upload->setDebug(true);
$upload->uploadFiles();
if ($upload->areErrors()) {
    $retval = COM_siteHeader('menu');
    $retval .= COM_startBlock('File Upload Errors');
    $retval .= $upload->printErrors(false);
    $retval .= COM_endBlock();
    $retval .= COM_siteFooter('true');
Exemplo n.º 14
0
function PAYPAL_saveCatImage($category, $files, $cat_id)
{
    global $_CONF, $_PAY_CONF, $_TABLES, $LANG24;
    $args = $category;
    // Handle Magic GPC Garbage:
    while (list($key, $value) = each($args)) {
        if (!is_array($value)) {
            $args[$key] = COM_stripslashes($value);
        } else {
            while (list($subkey, $subvalue) = each($value)) {
                $value[$subkey] = COM_stripslashes($subvalue);
            }
        }
    }
    // OK, let's upload any pictures with the product
    require_once $_CONF['path_system'] . 'classes/upload.class.php';
    $upload = new upload();
    //Debug with story debug function
    if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
        $upload->setLogFile($_CONF['path'] . 'logs/error.log');
        $upload->setDebug(true);
    }
    $upload->setMaxFileUploads(1);
    if (!empty($_CONF['image_lib'])) {
        if ($_CONF['image_lib'] == 'imagemagick') {
            // Using imagemagick
            $upload->setMogrifyPath($_CONF['path_to_mogrify']);
        } elseif ($_CONF['image_lib'] == 'netpbm') {
            // using netPBM
            $upload->setNetPBM($_CONF['path_to_netpbm']);
        } elseif ($_CONF['image_lib'] == 'gdlib') {
            // using the GD library
            $upload->setGDLib();
        }
        $upload->setAutomaticResize(true);
        $upload->keepOriginalImage(false);
        if (isset($_CONF['jpeg_quality'])) {
            $upload->setJpegQuality($_CONF['jpeg_quality']);
        }
    }
    $upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
    if (!$upload->setPath($_PAY_CONF['path_cat_images'])) {
        $output = COM_siteHeader('menu', $LANG24[30]);
        $output .= COM_startBlock($LANG24[30], '', COM_getBlockTemplate('_msg_block', 'header'));
        $output .= $upload->printErrors(false);
        $output .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
        $output .= COM_siteFooter();
        echo $output;
        exit;
    }
    // NOTE: if $_CONF['path_to_mogrify'] is set, the call below will
    // force any images bigger than the passed dimensions to be resized.
    // If mogrify is not set, any images larger than these dimensions
    // will get validation errors
    $upload->setMaxDimensions($_PAY_CONF['max_image_width'], $_PAY_CONF['max_image_height']);
    $upload->setMaxFileSize($_PAY_CONF['max_image_size']);
    // size in bytes, 1048576 = 1MB
    // Set file permissions on file after it gets uploaded (number is in octal)
    $upload->setPerms('0644');
    $curfile = current($files);
    if (!empty($curfile['name'])) {
        $pos = strrpos($curfile['name'], '.') + 1;
        $fextension = substr($curfile['name'], $pos);
        $filenames = 'cat_' . $cat_id . '.' . $fextension;
    }
    if ($filenames != '') {
        $upload->setFileNames($filenames);
        reset($files);
        $upload->uploadFiles();
        if ($upload->areErrors()) {
            $retval = COM_siteHeader('menu', $LANG24[30]);
            $retval .= COM_startBlock($LANG24[30], '', COM_getBlockTemplate('_msg_block', 'header'));
            $retval .= $upload->printErrors(false);
            $retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
            $retval .= COM_siteFooter();
            echo $retval;
            exit;
        }
        DB_query("UPDATE {$_TABLES['paypal_categories']} SET image = '" . $filenames . "' WHERE cat_id=" . $cat_id);
    }
    return true;
}
Exemplo n.º 15
0
function updatePage($mode, $type)
{
    global $_CONF, $_TABLES, $_FILES, $_POST, $CONF_SE, $LANG_SE_ERR;
    global $_DB_name, $catid, $pageid;
    include_once $_CONF['path_system'] . 'classes/upload.class.php';
    $name = substr(htmlentities($_POST['name']), 0, 32);
    $pid = ppPrepareForDB($_POST['category']);
    $old_sid = ppPrepareForDB($_POST['old_sid']);
    $sid = ppPrepareForDB($_POST['sid'], true, 40);
    $pageorder = COM_applyFilter($_POST['pageorder'], true);
    if ($type == 'link') {
        $menutype = 3;
    } else {
        $menutype = COM_applyFilter($_POST['menu_type'], true);
    }
    $blkformat = ppPrepareForDB($_POST['blk_format']);
    $heading = substr(htmlentities($_POST['heading']), 0, 255);
    $grp_access = ppPrepareForDB($_POST['grp_access']);
    $imgdelete = $_POST['imgdelete'];
    $chkscale = $_POST['chkscale'];
    $submenutype = COM_applyFilter($_POST['rad_submenu'], true);
    $blockmenutype = COM_applyFilter($_POST['rad_blockmenu'], true);
    $is_menu_newpage = $_POST['chknewwindow'] == 1 ? 1 : 0;
    $is_draft = $_POST['chkdraft'] == 1 ? 1 : 0;
    $show_breadcrumbs = $_POST['chkbreadcrumbs'] == 1 ? 1 : 0;
    $owner_id = ppPrepareForDB($_POST['owner_id']);
    $group_id = ppPrepareForDB($_POST['group_id']);
    $perm_owner = $_POST['perm_owner'];
    $perm_group = $_POST['perm_group'];
    $perm_members = $_POST['perm_members'];
    $perm_anon = $_POST['perm_anon'];
    $pagetitle = substr(htmlentities($_POST['pagetitle']), 0, 255);
    $metadesc = ppPrepareForDB($_POST['metadesc']);
    $metakeywords = ppPrepareForDB($_POST['metakeywords']);
    // Convert array values to numeric permission values
    list($perm_owner, $perm_group, $perm_members, $perm_anon) = SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon);
    // Allow full HTML in the introtext field
    if (!get_magic_quotes_gpc()) {
        $content = addslashes($_POST['sitecontent']);
        $help = addslashes($_POST['help']);
    } else {
        $content = $_POST['sitecontent'];
        $help = $_POST['help'];
    }
    if ($sid != '') {
        $sid = COM_sanitizeID($sid);
    }
    if ($sid != '' and DB_count($_TABLES['nexcontent_pages'], 'sid', $sid) > 0) {
        if ($sid != $old_sid) {
            $duplicate_sid = true;
            if ($old_sid == '') {
                $sid = "{$sid}_{$pid}";
                $dupmsg = ' - Duplicate Page ID';
            } else {
                $sid = $old_sid;
                $dupmsg = ' - Duplicate Page ID, Page ID not changed.';
            }
        }
    } else {
        $duplicate_sid = false;
    }
    if ($mode == 'add') {
        $gid = uniqid($_DB_name, FALSE);
        $category = COM_applyFilter($category, true);
        if ($type == 'category') {
            // Create a new record - set the category value to 0
            DB_query("INSERT INTO {$_TABLES['nexcontent_pages']} (pid,gid,type) values ({$category},'{$gid}','category')");
            $pageid = DB_insertID();
            $GLOBALS['statusmsg'] = 'New Category Added';
            $query = DB_query("SELECT max(pageorder) FROM {$_TABLES['nexcontent_pages']} WHERE type='category'");
            list($maxorder) = DB_fetchArray($query);
            $order = $maxorder + 10;
            DB_query("UPDATE {$_TABLES['nexcontent_pages']} SET pageorder='{$order}' WHERE id='{$pageid}'");
        } else {
            // Create a new record - need to get the record id for the category
            DB_query("INSERT INTO {$_TABLES['nexcontent_pages']} (pid,gid,type) values ('{$category}','{$gid}','{$type}')");
            $pageid = DB_insertID();
            $GLOBALS['statusmsg'] = 'New Page Added';
            $query = DB_query("SELECT max(pageorder) FROM {$_TABLES['nexcontent_pages']} WHERE pid='category'");
            list($maxorder) = DB_fetchArray($query);
            $order = $maxorder + 10;
            DB_query("UPDATE {$_TABLES['nexcontent_pages']} SET pageorder='{$order}' WHERE id='{$pageid}'");
        }
    } else {
        if ($type == 'category') {
            $GLOBALS['statusmsg'] = "{$name} Updated";
        } else {
            $GLOBALS['statusmsg'] = "{$name} Updated";
        }
        if ($duplicate_sid) {
            $GLOBALS['statusmsg'] .= $dupmsg;
        }
    }
    DB_query("UPDATE {$_TABLES['nexcontent_pages']} SET name='{$name}', blockformat='{$blkformat}', pid='{$pid}', sid='{$sid}', heading='{$heading}',content='{$content}', menutype='{$menutype}', is_menu_newpage='{$is_menu_newpage}', show_submenu='{$submenutype}', show_blockmenu='{$blockmenutype}', show_breadcrumbs='{$show_breadcrumbs}', is_draft='{$is_draft}', owner_id='{$owner_id}', group_id='{$group_id}', perm_owner='{$perm_owner}', perm_group='{$perm_group}', perm_members='{$perm_members}', perm_anon='{$perm_anon}' , pagetitle='{$pagetitle}', meta_description='{$metadesc}', meta_keywords='{$metakeywords}' WHERE id='{$pageid}'");
    DB_query("UPDATE {$_TABLES['nexcontent']} SET help='{$help}'");
    //update the page order
    if ($pageorder != '' and $pageid != '') {
        DB_query("UPDATE {$_TABLES['nexcontent_pages']} SET pageorder={$pageorder} WHERE id={$pageid};");
        $porder = DB_query("SELECT id FROM {$_TABLES['nexcontent_pages']} WHERE pid={$pid} ORDER BY pageorder ASC;");
        $i = 0;
        while ($ORDER = DB_fetchArray($porder)) {
            $i += 10;
            DB_query("UPDATE {$_TABLES['nexcontent_pages']} SET pageorder={$i} WHERE id={$ORDER['id']};");
        }
    }
    $pageImageDir = $CONF_SE['uploadpath'] . "/{$pageid}/";
    // Check and see if directories exist
    if (!file_exists($pageImageDir)) {
        $mkdir = @mkdir($pageImageDir);
        $chmod = @chmod($pageImageDir, $CONF_SE['imagedir_perms']);
    }
    // Delete any images if needed
    for ($i = 0; $i < count($imgdelete); $i++) {
        $curimage = DB_getitem($_TABLES['nexcontent_images'], "imagefile", "page_id='{$pageid}' AND imagenum='{$imgdelete[$i]}'");
        $fullimage = $pageImageDir . $curimage;
        if (!is_dir($fullimage) and file_exists($fullimage)) {
            if (!unlink($fullimage)) {
                echo COM_errorLog("Unable to delete image {$fullimage}. Please check file permissions");
                $GLOBALS['statusmsg'] = "Unable to delete image {$fullimage}. Please check file permissions";
            }
        }
        $pos = strrpos($curimage, '.');
        $origimage = strtolower(substr($curimage, 0, $pos));
        $ext = strtolower(substr($curimage, $pos));
        $origimage .= "_original{$ext}";
        $fullimage = $pageImageDir . $origimage;
        if (!is_dir($fullimage) and file_exists($fullimage)) {
            if (!unlink($fullimage)) {
                echo COM_errorLog("Unable to delete image {$fullimage}. Please check file permissions");
                $GLOBALS['statusmsg'] = "Unable to delete image {$fullimage}. Please check file permissions";
            }
        }
        $curthumbnail = $pageImageDir . 'tn' . $curimage;
        if (!is_dir($curthumbnail) and file_exists($curthumbnail)) {
            if (!unlink($curthumbnail)) {
                echo COM_errorLog("Unable to delete thumbnail for {$curthumbnail}. Please check file permissions");
                $GLOBALS['statusmsg'] = "Unable to delete thumbnail for {$curthumbnail}. Please check file permissions";
            }
        }
        DB_query("DELETE FROM {$_TABLES['nexcontent_images']} WHERE page_id='{$pageid}' and imagenum='{$imgdelete[$i]}'");
        next($imgdelete);
    }
    $upload = new upload();
    $upload->setLogging(false);
    $upload->setDebug(false);
    $upload->setLogFile($_CONF['path_log'] . 'error.log');
    $upload->setMaxFileUploads($CONF_SE['max_num_images']);
    if ($_CONF['image_lib'] == 'imagemagick') {
        $upload->setMogrifyPath($_CONF['path_to_mogrify']);
    } else {
        $upload->setGDLib();
    }
    $upload->setAllowedMimeTypes($CONF_SE['allowableImageTypes']);
    $upload->setMaxDimensions($CONF_SE['max_upload_width'], $CONF_SE['max_upload_height']);
    $upload->setMaxFileSize($CONF_SE['max_uploadfile_size']);
    $upload->setAutomaticResize(true);
    $upload->keepOriginalImage(true);
    $upload->setPerms($CONF_SE['image_perms']);
    if (!$upload->setPath($pageImageDir)) {
        $GLOBALS['statusmsg'] = $LANG_SE_ERR['upload1'] . ':&nbsp;' . $upload->printErrors(false);
    }
    // OK, let's upload any pictures with this page
    if (DB_count($_TABLES['nexcontent_images'], 'page_id', $pageid) > 0) {
        $index_start = DB_getItem($_TABLES['nexcontent_images'], 'max(imagenum)', "page_id = '{$pageid}'") + 1;
    } else {
        $index_start = 1;
    }
    $index_start = 1;
    $uniquename = time();
    $filenames = array();
    $imagenum = array();
    for ($z = 1; $z <= $CONF_SE['max_num_images']; $z++) {
        $curfile = current($_FILES);
        if (!empty($curfile['name'])) {
            $filenames[] = $uniquename . $z . '.jpg';
            $imagenum[] = substr(key($_FILES), 9, 1);
        }
        next($_FILES);
    }
    $upload->setFileNames($filenames);
    reset($_FILES);
    $upload->setDebug(false);
    $upload->uploadFiles();
    if ($upload->areErrors()) {
        $GLOBALS['statusmsg'] = $LANG_SE_ERR['upload1'] . ':&nbsp;' . $upload->printErrors(false);
        return false;
    }
    reset($filenames);
    reset($imagenum);
    if (DB_count($_TABLES['nexcontent_pages'], "id", $pageid) > 0) {
        foreach ($filenames as $pageImage) {
            $index = current($imagenum);
            if (file_exists($pageImageDir . $pageImage)) {
                $src = $pageImageDir . $pageImage;
                $dest = $pageImageDir . 'tn' . $pageImage;
                makethumbnail($pageImage, $src, $dest);
                $iquery = DB_query("SELECT imagefile from {$_TABLES['nexcontent_images']} WHERE page_id='{$pageid}' AND imagenum='{$index}'");
                if (DB_numRows($iquery) == 0) {
                    DB_query("INSERT INTO {$_TABLES['nexcontent_images']} (page_id,imagenum,imagefile) values ('{$pageid}', '{$index}','{$pageImage}')");
                } elseif (DB_numRows($iquery) == 1) {
                    DB_query("UPDATE {$_TABLES['nexcontent_images']} SET imagefile='{$pageImage}' WHERE page_id='{$pageid}' and imagenum='{$index}'");
                }
            }
            next($imagenum);
        }
    } else {
        $GLOBALS['statusmsg'] = 'Error saving category';
    }
    // Update the image autoscale option for any images
    $query = DB_query("SELECT id,imagenum from {$_TABLES['nexcontent_images']} WHERE page_id='{$pageid}'");
    while (list($imageid, $imagenum) = DB_fetchArray($query)) {
        if ($chkscale[$imagenum] == '1') {
            DB_query("UPDATE {$_TABLES['nexcontent_images']} SET autoscale = '1' WHERE id='{$imageid}' AND imagenum='{$imagenum}'");
        } else {
            DB_query("UPDATE {$_TABLES['nexcontent_images']} SET autoscale = '0' WHERE id='{$imageid}' AND imagenum='{$imagenum}'");
        }
    }
}
Exemplo n.º 16
0
function _ff_uploadfile($filename, &$upload_file, $allowablefiletypes, $use_filemgmt = 0)
{
    global $_FILES, $_CONF, $_TABLES, $_FF_CONF, $LANG_GF00, $filemgmt_FileStore;
    USES_class_upload();
    $upload = new upload();
    if ($use_filemgmt == 1) {
        $upload->setPath($filemgmt_FileStore);
    } else {
        $upload->setPath($_FF_CONF['uploadpath']);
    }
    $upload->setLogging(true);
    $upload->setAllowedMimeTypes($allowablefiletypes);
    // Set max dimensions as well in case user is uploading a full size image
    $upload->setMaxDimensions($_FF_CONF['max_uploadimage_width'], $_FF_CONF['max_uploadimage_height']);
    if (!isset($_FF_CONF['max_uploadimage_size']) || $_FF_CONF['max_uploadimage_size'] == 0) {
        $upload->setMaxFileSize(100000000);
    } else {
        $upload->setMaxFileSize($_FF_CONF['max_uploadimage_size']);
    }
    $upload->setAutomaticResize(true);
    if (strlen($upload_file['name']) > 0) {
        $upload->setFileNames($filename);
        $upload->setPerms($_FF_CONF['fileperms']);
        $upload->_currentFile = $upload_file;
        // Verify file meets size limitations
        if (!$upload->_fileSizeOk()) {
            $upload->_addError('File, ' . $upload->_currentFile['name'] . ', is bigger than the ' . $upload->_maxFileSize . ' byte limit');
        }
        // If all systems check, do the upload
        if ($upload->checkMimeType() and $upload->_imageSizeOK() and !$upload->areErrors()) {
            if ($upload->_copyFile()) {
                $upload->_uploadedFiles[] = $upload->_fileUploadDirectory . '/' . $upload->_getDestinationName();
            }
        }
        $upload->_currentFile = array();
        if ($upload->areErrors() and !$upload->_continueOnError) {
            $errmsg = "Forum Upload Attachment Error:" . $upload->printErrors(false);
            COM_errorlog($errmsg);
            $GLOBALS['ff_errmsg'] = $LANG_GF00['uploaderr'] . ':<br/>' . $upload->printErrors(false);
            return false;
        }
        return true;
    } else {
        return false;
    }
    return false;
}