/** * Sanitise and validate data before it's stored * * @param array $pStoreRow Hash of data that needs to be stored * @param array $pStoreRow['upload'] Hash passed in by $_FILES upload * @access public * @return TRUE on success, FALSE on failure - $pStoreRow['errors'] will contain reason */ function treasury_theme_verify(&$pStoreRow) { global $gBitSystem; $ret = treasury_default_verify($pStoreRow); // if this is a theme, we'll extract the archive and look for the theme image found as <style>/style_info/preview.<ext> if ($ret && !empty($pStoreRow['plugin']['is_theme'])) { if ($pStoreRow['ext_path'] = liberty_process_archive($pStoreRow['upload'])) { if ($preview = treasury_theme_get_preview($pStoreRow['ext_path'])) { $pStoreRow['thumb']['name'] = basename($preview); $pStoreRow['thumb']['tmp_name'] = $preview; $pStoreRow['thumb']['type'] = $gBitSystem->lookupMimeType($preview); $pStoreRow['thumb']['error'] = 0; } // check to see if we have screenshots - limit them to 3 screenshots / theme if ($sshots = treasury_theme_get_screenshots($pStoreRow['ext_path'])) { $i = 0; foreach ($sshots as $key => $sshot) { if ($i < 3) { $pStoreRow['screenshots']['screenshot' . $key]['name'] = 'screenshot' . $key; $pStoreRow['screenshots']['screenshot' . $key]['tmp_name'] = $sshot; $pStoreRow['screenshots']['screenshot' . $key]['type'] = $gBitSystem->lookupMimeType($sshot); $pStoreRow['screenshots']['screenshot' . $key]['error'] = 0; $i++; } } } // if this is an icon style, we should end up with a number of icons $pStoreRow['icons'] = treasury_theme_get_icons($pStoreRow['ext_path']); } } return $ret; }
function prepareVersionForInstall($pPackagerId = NULL, $pIgnoreVersion = FALSE) { if (@BitBase::verifyId($pPackagerId)) { $this->mPackagerId = $pPackagerId; } if ($this->isValid(TRUE)) { if ($this->fetchRemotePackage()) { // shorthand $installPath = $this->getInstallPath($this->mInfo['package']); $backup = $this->getStoragePath('backups') . $this->mInfo['package'] . '-' . $this->getVersionFromFile($installPath . 'admin/schema_inc.php') . '-' . mktime(); if ($pIgnoreVersion || $this->versionCompare($this->getVersionFromFile($installPath . 'admin/schema_inc.php'), $this->mInfo) === -1) { // only continue if file is present and valid if ($this->isDownloaded()) { // extract archive $fileHash = array('tmp_name' => $this->getPackageFilepath(), 'type' => 'application/zip', 'name' => 'temp.zip'); if ($ext = liberty_process_archive($fileHash)) { if (is_dir($extracted = $ext . '/' . $this->mInfo['package'])) { if (is_dir($installPath)) { // NOTE: this step is silenced - we display an error message if this has failed if (@rename($installPath, $backup)) { if (!rename($extracted, $installPath)) { $this->mErrors['move'] = tra('There was a problem moving the extracted package to its new position.'); } } else { $this->mErrors['backup'] = tra('There was a problem moving the original package to the backup location.'); } } else { if (!rename($extracted, $installPath)) { $this->mErrors['move'] = tra('There was a problem moving the extracted package to its new position.'); } } // remove unnecessary files unlink_r($ext); } else { $this->mErrors['extract'] = tra('There was a problem extracting the downloaded package.'); } } } else { $this->mErrors['filecheck'] = tra('The file could not be located on your server.'); } } else { $this->mErrors['version'] = tra('The version of <code>' . $installPath . 'admin/schema_inc.php</code> is either higher or equal to the version you wish to install. Only upgrades are possible.'); } } if (empty($this->mErrors) && $this->versionCompare($this->getVersionFromFile($installPath . 'admin/schema_inc.php'), $this->mInfo) !== 0) { $this->mErrors['final_version'] = tra('Despite a successful download and extraction, there is a problem with the reported version of the package.'); } } return count($this->mErrors) == 0; }
/** * this will verify that the uploaded file is compatible with bitweaver and will create an archive named in a standard manner. * it will return the path to the new archive in $pParamHash['archive'] * * @param array $pParamHash * @access public * @return TRUE on success, FALSE on failure - mErrors will contain reason for failure */ function storeUpload(&$pParamHash) { // we now extract the new version of the package and perform some simple checks to see if everything is in order. if (!empty($pParamHash['upload']) && ($extracted = liberty_process_archive($pParamHash['upload']))) { // check to see if there is a dir named the same as the package if (is_dir($extracted . "/" . $pParamHash['store']['package'])) { // check for a set of files $fileChecks = array('bit_setup_inc.php', 'admin/schema_inc.php'); foreach ($fileChecks as $file) { if (!is_file($extracted . "/" . $pParamHash['store']['package'] . "/" . $file)) { $this->mErrors['missing_file'] = tra('The archive you uploaded is missing at least one required file.'); } } if (empty($this->mErrors)) { $schemafile = $extracted . "/" . $pParamHash['store']['package'] . "/admin/schema_inc.php"; if ($new = $this->getVersionFromFile($schemafile)) { $pParamHash['store'] = array_merge($pParamHash['store'], $new); // we know that version and package are set. now we need to make sure the version provided is higher than the latest one in the database $latest = $this->getLatestVersion($pParamHash['store']['package']); if (!empty($latest) && $this->versionCompare($new, $latest) !== 1) { $this->mErrors['version'] = tra('The version number you provided is lower or equal to the one provided in the database. You can not upload older versions of any given package.'); } else { // now that we're sure that everyting is in order, we can start removig stuff. $this->unlinkDebris($extracted . "/" . $pParamHash['store']['package']); } } else { $this->mErrors['version'] = tra('You did not provide a valid version using registerPackageVersion() in your schema_inc.php file.'); } } } else { $this->mErrors['package_dir'] = tra("The archive you uploaded does not contain a directory with the same name as your package") . ": " . $pParamHash['store']['package']; } } else { $this->mErrors['move'] = tra('I could not extract the file you uploaded. Please make sure the archive is valid. Also please use a common archive format such as .zip, .rar or .tar.gz.'); } // if the package has passed verification, we create a new standard zip archive if (empty($this->mErrors)) { // get current working dir $cwd = getcwd(); // change to new working dir chdir($extracted); // create new zip archive $archive = $pParamHash['store']['package'] . ".zip"; $shellResult = shell_exec("zip -r \"{$archive}\" \"{$pParamHash['store']['package']}\""); // change back to original working dir chdir($cwd); // we can now go on to do normal stuff again. if (!empty($shellResult) && is_file($extracted . '/' . $archive)) { $pParamHash['file']['extracted'] = $extracted; $pParamHash['file']['archive'] = $extracted . "/" . $archive; $pParamHash['store']['file_size'] = filesize($pParamHash['file']['archive']); $pParamHash['store']['md5_hash'] = md5_file($pParamHash['file']['archive']); // we can use the package icon to add a bit of colour to the package page $extensions = array('jpg', 'gif', 'png'); foreach ($extensions as $ext) { $icon = $extracted . "/" . $pParamHash['store']['package'] . "/icons/pkg_" . $pParamHash['store']['package'] . "." . $ext; if (is_file($icon)) { $pParamHash['file']['icon'] = $icon; } } // move the archive accross and remove the extracted files if (!rename($pParamHash['file']['archive'], $this->getPackageFilepath($pParamHash['store']))) { $this->mErrors['move'] = tra('I could not move the uplaoaded file to its destination.'); } else { if (!empty($pParamHash['file']['icon'])) { rename($pParamHash['file']['icon'], $this->getStoragePath("packages") . $pParamHash['store']['package'] . "-icon.png"); } } unlink_r($pParamHash['file']['extracted']); } else { $this->mErrors['archive'] = tra('I could not create an archive from the file you uploaded.'); } } return count($this->mErrors) == 0; }
// assume that something went wrong if we didn't explicitly spcify that it didn't. foreach ($pp as $key => $item) { $pp[$key]['result'] = 'error'; } if (!empty($_REQUEST['perform_checks'])) { // download if ($content = bit_http_request("http://www.bitweaver.org/storage/test.zip")) { $pp['download']['result'] = 'ok'; // write if ($handle = fopen($tempfile, 'w')) { fwrite($handle, $content); fclose($handle); $pp['write']['result'] = 'ok'; // extract archive $fileHash = array('tmp_name' => $tempfile, 'type' => 'application/zip', 'name' => 'temp.zip'); if ($extracted = liberty_process_archive($fileHash)) { if (is_file($extracted . "/test.txt")) { $pp['extract']['result'] = 'ok'; $dummyfile = BIT_ROOT_PATH . "___bitdummy.txt"; if (@rename($extracted . "/test.txt", $dummyfile)) { $pp['replace']['result'] = 'ok'; unlink($dummyfile); } } unlink_r($extracted); } // remove the testfile unlink($tempfile); } } // move
/** * Recursively builds a tree where each directory represents a gallery, and files are assumed to be images. */ function fisheye_process_archive(&$pFileHash, &$pParentGallery, $pRoot = FALSE) { global $gBitSystem, $gBitUser; $errors = array(); if (($destDir = liberty_process_archive($pFileHash)) && (!empty($_REQUEST['process_archive']) || !$gBitUser->hasPermission('p_fisheye_upload_nonimages'))) { if (empty($pParentGallery) && !is_file($pFileHash['tmp_name'])) { $pParentGallery = new FisheyeGallery(); $galleryHash = array('title' => basename($destDir)); if (!$pParentGallery->store($galleryHash)) { $errors = array_merge($errors, array_values($pParentGallery->mErrors)); } global $gContent; $gContent =& $pParentGallery; } fisheye_process_directory($destDir, $pParentGallery, $pRoot); } else { global $gBitUser; if ($gBitUser->hasPermission('p_fisheye_upload_nonimages')) { $errors = array_merge($errors, fisheye_store_upload($pFileHash)); } else { $errors['upload'] = tra('Your upload could not be processed because it was determined to be a non-image and you only have permission to upload images.'); } } return $errors; }