Пример #1
0
     // we delete the info of the last upload items!
     unset($_SESSION['TFU_LAST_UPLOADS']);
     $_SESSION['TFU_LAST_UPLOADS'] = array();
 }
 $_SESSION['TFU_UPLOAD_REMAINING'] = $_GET['remaining'];
 foreach ($_FILES as $fieldName => $file) {
     // we check the uploaded files first because we don't know if it's the flash or any other script!
     check_valid_extension($file['name']);
     $store = 1;
     if (is_supported_tfu_image($file['name']) && $size < 100000) {
         $store = resize_file($file['tmp_name'], $size, 80, $file['name']);
     }
     if ($store != 0) {
         // ok or try later
         $base_filename = my_basename($file['name']);
         $image = fix_decoding($base_filename, $fix_utf8);
         if ($normalise_file_names) {
             $image = normalizeFileNames($image);
         }
         $filename = $dir . '/' . $image;
         // here you can do additional checks if a file already exists any you don't want that the existing one will be overwritten.
         $uploaded = false;
         // This is only needed for JFU - ignore this small part if you use TFU standalone:
         $workaround_dir = $dir == "./../../../.." && is_writeable("./../../../../cache");
         // start workaround for some php versions (e.g. 5.0.3!) if you upload to the main folder !
         if ($workaround_dir) {
             $filename = $dir . "/cache/" . $image;
         }
         // end JFU
         if (@move_uploaded_file($file['tmp_name'], $filename)) {
             // This is only needed for JFU - ignore this small part if you use TFU standalone:
Пример #2
0
function check_restrictions($dir, $show_root, &$myFiles, $fix_utf8, $status)
{
    global $enable_dir_create_detection;
    // this is a check if the dir exists - this is a configuration error!
    if (file_exists($dir)) {
        $status .= "&dir_exists=true";
    } else {
        $status .= "&dir_exists=false";
        // no other checks are made because the directory is not available!
        return $status;
    }
    // now we check if we can delete the current folder - root folder cannot be deleted!
    $status .= is_tfu_deletable($dir) && $show_root ? "&dir_delete=true" : "&dir_delete=false";
    // new we check if we can create folders - we have to check safemode too!
    set_error_handler("on_error_no_output");
    $sm_prob = has_safemode_problem_global() && runsNotAsCgi();
    if (is_writeable($dir)) {
        if ($enable_dir_create_detection) {
            // the detection of the safemode does not work on all systems - therefore it can be disabled.
            $status .= $sm_prob ? "&dir_create=subdir" : "&dir_create=true";
        } else {
            $status .= "&dir_create=true";
        }
    } else {
        $status .= $sm_prob ? "&dir_create=safemode" : "&dir_create=false";
    }
    set_error_handler("on_error");
    $nrFiles = count($myFiles);
    // now we check if can delete files - we only check the 1st file!
    if ($nrFiles > 0) {
        $delfile = fix_decoding($myFiles[0], $fix_utf8);
        // we have to remove the ** before checking
        $delfile = substr($delfile, 0, strpos($delfile, "**"));
        $status .= is_tfu_deletable($dir . "/" . $delfile) ? "&file_delete=true" : "&file_delete=false";
    }
    return $status;
}
Пример #3
0
     }
     $subject = fix_decoding($upload_notification_email_subject, $fix_utf8);
     $filestr = "\n\n";
     foreach ($_SESSION['TFU_LAST_UPLOADS'] as $filename) {
         if ($upload_notification_use_full_path) {
             $filestr = $filestr . space_enc(fixUrl(getRootUrl() . $path_fix . $filename)) . "\n";
         } else {
             $filestr = $filestr . str_replace('./', '', str_replace('../', '', $filename)) . "\n";
         }
     }
     if ($filestr == "\n\n") {
         $filestr .= 'Please check your setup. No files where uploaded.';
     }
     $username = isset($_SESSION['TFU_USER']) ? $_SESSION['TFU_USER'] : $_SERVER['REMOTE_ADDR'];
     // if we don't have a use we use the IP
     $mailtext = sprintf(fix_decoding($upload_notification_email_text, $fix_utf8), $username, $filestr);
     if (isset($_SESSION['TFU_PRE_UPLOAD_DATA'])) {
         $mailtext .= "\n\n" . $_SESSION['TFU_PRE_UPLOAD_DATA'];
     }
     @mail($upload_notification_email, html_entity_decode($subject), html_entity_decode($mailtext), $submailheaders);
 }
 if ($remaining == 0) {
     // cleanup
     unset($_SESSION['TFU_PRE_UPLOAD_DATA']);
 }
 // end of e-mail section
 if ($enable_upload_debug) {
     tfu_debug('9. End upload');
 }
 store_temp_session();
 if ($enable_upload_debug) {