$db->query('INSERT INTO ' . $db->prefix . 'posts (poster, poster_id, poster_ip, message, hide_smilies, posted, topic_id) VALUES(\'' . $db->escape($username) . '\', ' . $pun_user['id'] . ', \'' . get_remote_address() . '\', \'' . $db->escape($message) . '\', \'' . $hide_smilies . '\', ' . $_SERVER['REQUEST_TIME'] . ', ' . $new_tid . ')') or error('Unable to create post', __FILE__, __LINE__, $db->error());
} else {
// Create the post ("topic post")
$email_sql = $pun_config['p_force_guest_email'] == 1 || $email ? '\'' . $db->escape($email) . '\'' : 'NULL';
$db->query('INSERT INTO ' . $db->prefix . 'posts (poster, poster_ip, poster_email, message, hide_smilies, posted, topic_id) VALUES(\'' . $db->escape($username) . '\', \'' . get_remote_address() . '\', ' . $email_sql . ', \'' . $db->escape($message) . '\', \'' . $hide_smilies . '\', ' . $_SERVER['REQUEST_TIME'] . ', ' . $new_tid . ')') or error('Unable to create post', __FILE__, __LINE__, $db->error());
}
$new_pid = $db->insert_id();
// Update the topic with last_post_id
$db->query('UPDATE ' . $db->prefix . 'topics SET last_post_id=' . $new_pid . ' WHERE id=' . $new_tid) or error('Unable to update topic', __FILE__, __LINE__, $db->error());
update_search_index('post', $new_pid, $message, $subject);
update_forum($fid);
}
}
generate_rss();
$uploaded = 0;
$upload_result = process_uploaded_files($fid ? $new_tid : $tid, $new_pid, $uploaded);
// If the posting user is logged in, increment his/her post count
// MERGE POSTS BEGIN
if (!$pun_user['is_guest']) {
if ($uploaded) {
$add_files = 'num_files=num_files+' . $uploaded . ', ';
} else {
$add_files = '';
}
if ($merged) {
$db->query('UPDATE ' . $db->prefix . 'users SET ' . $add_files . 'last_post=' . $_SERVER['REQUEST_TIME'] . ' WHERE id=' . $pun_user['id']) or error('Unable to update user', __FILE__, __LINE__, $db->error());
} else {
$db->query('UPDATE ' . $db->prefix . 'users SET ' . $add_files . 'num_posts=num_posts+1, last_post=' . $_SERVER['REQUEST_TIME'] . ' WHERE id=' . $pun_user['id']) or error('Unable to update user', __FILE__, __LINE__, $db->error());
}
}
// MERGE POSTS END
}
$submitnews_user = USER ? USERNAME : trim($tp->toDB($_POST['submitnews_name']));
$submitnews_email = USER ? USEREMAIL : trim(check_email($tp->toDB($_POST['submitnews_email'])));
$submitnews_title = $tp->toDB($_POST['submitnews_title']);
$submitnews_item = $tp->toDB($_POST['submitnews_item']);
$submitnews_item = str_replace("src="e107_images", "src="" . SITEURL . "e107_images", $submitnews_item);
$submitnews_file = "";
$submitnews_error = FALSE;
if (!$submitnews_user || !$submitnews_email) {
$message = SUBNEWSLAN_7;
$submitnews_error = TRUE;
}
// ==== Process File Upload ====
if (FILE_UPLOADS && $_FILES['file_userfile'] && vartrue($pref['subnews_attach']) && vartrue($pref['upload_enabled']) && check_class($pref['upload_class'])) {
require_once e_HANDLER . 'upload_handler.php';
$uploaded = process_uploaded_files(e_UPLOAD, FALSE, array('file_mask' => 'jpg,gif,png', 'max_file_count' => 1));
if ($uploaded === FALSE || !is_array($uploaded)) {
// Non-specific error
$submitnews_error = TRUE;
$message = SUBNEWSLAN_8;
} else {
$submitnews_filearray = array();
foreach ($uploaded as $c => $v) {
if (varset($uploaded[$c]['error'], 0) != 0) {
$submitnews_error = TRUE;
$message = handle_upload_messages($uploaded);
} else {
if (isset($uploaded[$c]['name']) && isset($uploaded[$c]['type']) && isset($uploaded[$c]['size'])) {
$filename = $uploaded[$c]['name'];
$filetype = $uploaded[$c]['type'];
$filesize = $uploaded[$c]['size'];
function observeUploaded($new_data)
{
$fl = e107::getFile();
$mes = e107::getMessage();
if (vartrue($_FILES['file_userfile'])) {
$pref['upload_storagetype'] = "1";
require_once e_HANDLER . "upload_handler.php";
//TODO - still not a class!
// $uploaded = process_uploaded_files(e_MEDIA.'temp/'); //FIXME doesn't handle xxx.JPG (uppercase)
$uploaded = process_uploaded_files(e_IMPORT);
//FIXME doesn't handle xxx.JPG (uppercase)
$upload = array_shift($uploaded);
if (vartrue($upload['error'])) {
$mes->addError($upload['message']);
return FALSE;
}
if (!($typePath = $this->getPath($upload['type']))) {
$mes->addError(IMALAN_107);
return FALSE;
}
$mes->addDebug(print_a($upload, TRUE));
// $oldpath = e_MEDIA."temp/".$upload['name'];
$oldpath = e_IMPORT . $upload['name'];
$newpath = $this->checkDupe($oldpath, $typePath . '/' . $upload['name']);
if (!rename($oldpath, e_MEDIA . $newpath)) {
$srch = array('[x]', '[y]');
$repl = array($oldpath, $newpath);
$text = str_replace($srch, $repl, IMALAN_108);
$mes->add($text, E_MESSAGE_ERROR);
return FALSE;
}
$img_data = $this->mediaData($newpath);
// Basic File Info only
$img_data['media_name'] = $new_data['name'];
$img_data['media_caption'] = $new_data['media_caption'];
$img_data['media_category'] = $new_data['media_category'];
$img_data['media_description'] = $new_data['media_description'];
$img_data['media_tags'] = $new_data['media_tags'];
$img_data['media_userclass'] = 0;
$img_data['media_author'] = USERID;
if (!varset($img_data['media_name'])) {
$img_data['media_name'] = $upload['name'];
}
$mes->addDebug(print_a($img_data, TRUE));
return $img_data;
} else {
$img_data = $this->mediaData($new_data['media_url']);
if (!($typePath = $this->getPath($img_data['media_type']))) {
$mes->addError(IMALAN_109 . " " . $typePath);
return FALSE;
}
$fname = basename($new_data['media_url']);
// move to the required place
if (strpos($new_data['media_url'], '{e_IMPORT}') !== FALSE) {
$tp = e107::getParser();
$oldpath = $tp->replaceConstants($new_data['media_url']);
$newpath = $this->checkDupe($oldpath, $typePath . '/' . $fname);
if (!rename($oldpath, $newpath)) {
$srch = array('[x]', '[y]');
$repl = array($oldpath, str_replace('../', '', $newpath));
$text = str_replace($srch, $repl, IMALAN_108);
$mes->add($text, E_MESSAGE_ERROR);
return FALSE;
}
$img_data['media_url'] = $tp->createConstants($newpath, 'rel');
}
if (!varset($new_data['media_name'])) {
$img_data['media_name'] = basename($new_data['media_url']);
}
return $img_data;
}
}
} else {
$text .= $frm->admin_button('add_ban', $action == 'add' ? BANLAN_8 : BANLAN_53, 'create');
}
$text .= "</div>\n\t\t\t\t</fieldset>\n\t\t\t</form>\n\t\t";
echo $mes->render() . $text;
// e107::getRender()->tablerender($page_title[$action], $mes->render().$text);
break;
// End of 'Add' and 'Edit'
// End of 'Add' and 'Edit'
case 'transfer':
$message = '';
$error = false;
if (isset($_POST['ban_import'])) {
// Got a file to import
require_once e_HANDLER . 'upload_handler.php';
if (($files = process_uploaded_files(e_UPLOAD, FALSE, array('overwrite' => TRUE, 'max_file_count' => 1, 'file_mask' => 'csv'))) === FALSE) {
// Invalid file
$error = true;
$mes->addError(BANLAN_47);
}
if (empty($files) || vartrue($files[0]['error'])) {
$error = true;
if (varset($files[0]['message'])) {
$mes->addError($files[0]['message']);
}
}
if (!$error) {
// Got a file of some sort
$message = process_csv(e_UPLOAD . $files[0]['name'], intval(varset($_POST['ban_over_import'], 0)), intval(varset($_POST['ban_over_expiry'], 0)), $separator_char[intval(varset($_POST['ban_separator'], 1))], $quote_char[intval(varset($_POST['ban_quote'], 3))]);
banlist_adminlog('07', 'File: ' . e_UPLOAD . $files[0]['name'] . '<br />' . $message);
}
// Get all the existing user data, including any extended fields
$udata['user_classlist'] = $userMethods->addCommonClasses($udata, FALSE);
}
if (isset($_POST['updatesettings'])) {
if (!vartrue($pref['auth_method'])) {
$pref['auth_method'] = 'e107';
}
if ($pref['auth_method'] != 'e107') {
$_POST['password1'] = '';
$_POST['password2'] = '';
}
// Uploaded avatar and/or photo
if ($file_userfile['error'] != 4) {
require_once e_HANDLER . 'upload_handler.php';
require_once e_HANDLER . 'resize_handler.php';
if ($uploaded = process_uploaded_files(e_AVATAR_UPLOAD, 'prefix+ap_' . $tp->leadingZeros($udata['user_id'], 7) . '_', array('overwrite' => TRUE, 'file_mask' => 'jpg,png,gif', 'max_file_count' => 2))) {
foreach ($uploaded as $upload) {
if ($upload['name'] && $upload['index'] == 'avatar' && $pref['avatar_upload']) {
// avatar uploaded - give it a reference which identifies it as server-stored
// Vetting routines will do resizing and so on
$_POST['image'] = '-upload-' . $upload['name'];
} elseif ($upload['name'] && $upload['index'] == 'photo' && $pref['photo_upload']) {
// photograph uploaded
$_POST['user_sess'] = '-upload-' . $upload['name'];
} elseif (isset($upload['error']) && isset($upload['message'])) {
$extraErrors[] = $upload['message'];
}
}
}
}
// Now validate everything - just check everything that's been entered
/**
* File-class wrapper for upload handler. (Preferred for v2.x)
* Process files uploaded in a form post. ie. $_FILES.
*/
public function getUploaded($uploaddir, $fileinfo = false, $options = null)
{
require_once e_HANDLER . "upload_handler.php";
return process_uploaded_files($uploaddir, $fileinfo, $options);
}
function processAttachments()
{
$ret = array();
if (isset($_FILES['file_userfile']['error'])) {
require_once e_HANDLER . 'upload_handler.php';
// retrieve and create attachment directory if needed
$attachmentDir = $this->forumObj->getAttachmentPath(USERID, true);
if ($uploaded = process_uploaded_files($attachmentDir, 'attachment', '')) {
foreach ($uploaded as $upload) {
//print_a($upload); exit;
if ($upload['error'] == 0) {
$_txt = '';
$_att = '';
$_file = '';
$_thumb = '';
$_fname = '';
$fpath = '';
if (strstr($upload['type'], 'image')) {
$_type = 'img';
//resizing disabled, show original
// $parms = image_getsize($attachmentDir.$upload['name']);
//resizing disabled, show original
$_txt = "[br][img]" . $fpath . $upload['name'] . "[/img]\n";
$_file = $upload['name'];
} else {
//upload was not an image, link to file
$_type = 'file';
$_fname = isset($upload['rawname']) ? $upload['rawname'] : $upload['name'];
$_txt = '[br][file=' . $fpath . $upload['name'] . ']' . $_fname . '[/file]';
$_file = $upload['name'];
$_thumb = $_fname;
}
if ($_txt && $_file) {
$ret[] = array('type' => $_type, 'txt' => $_txt, 'file' => $_file, 'thumb' => $_thumb, 'fname' => $_fname);
}
} else {
// Error in uploaded file, proceed but add error message.
//echo 'Error in uploaded file: '.(isset($upload['rawname']) ? $upload['rawname'] : $upload['name']).'<br />';
e107::getMessage()->addError('Error in uploading attachment: ' . vartrue($upload['message']));
}
}
return $ret;
}
}
/* no file uploaded at all, proceed with creating the topic or reply
// TODO don't call process_upload() when no attachments are uploaded.. (check user input first, then call if needed)
else
{
e107::getMessage()->addError('Something went wrong during the attachment uploading process.');
}
*/
}
// Get all the existing user data, including any extended fields
$udata['user_classlist'] = $userMethods->addCommonClasses($udata, FALSE);
}
if (isset($_POST['updatesettings'])) {
if (!varsettrue($pref['auth_method'])) {
$pref['auth_method'] = 'e107';
}
if ($pref['auth_method'] != 'e107') {
$_POST['password1'] = '';
$_POST['password2'] = '';
}
// Uploaded avatar and/or photo
if ($file_userfile['error'] != 4) {
require_once e_HANDLER . 'upload_handler.php';
require_once e_HANDLER . 'resize_handler.php';
if ($uploaded = process_uploaded_files(e_UPLOAD . 'avatars/', 'prefix+ap_' . $udata['user_id'] . '_', array('overwrite' => TRUE, 'file_mask' => 'jpg,png,gif', 'max_file_count' => 2))) {
foreach ($uploaded as $upload) {
if ($upload['name'] && $upload['index'] == 'avatar' && $pref['avatar_upload']) {
// avatar uploaded - give it a reference which identifies it as server-stored
// Vetting routines will do resizing and so on
$_POST['image'] = '-upload-' . $upload['name'];
} elseif ($upload['name'] && $upload['index'] == 'photo' && $pref['photo_upload']) {
// photograph uploaded
$_POST['user_sess'] = $upload['name'];
} elseif (isset($upload['error']) && isset($upload['message'])) {
$extraErrors[] = $upload['message'];
}
}
}
}
// Now validate everything - just check everything that's been entered
function file_upload($uploaddir, $avatar = FALSE, $fileinfo = "", $overwrite = "")
{
$admin_log = e107::getAdminLog();
$options = array('extra_file_types' => TRUE);
// As default, allow any filetype enabled in filetypes.php
if (!$uploaddir) {
$uploaddir = e_UPLOAD;
}
if (strpos($avatar, '=') !== FALSE) {
list($avatar, $param) = explode('=', $avatar, 2);
} else {
$param = USERID;
}
switch ($avatar) {
case 'attachment':
$avatar = "attachment+" . $fileinfo;
break;
case 'avatar':
$avatar = 'prefix+ap_' . $param . '_';
// Prefix unique to user
$options['overwrite'] = TRUE;
// Allow update of avatar with same file name
break;
}
if (UH_DEBUG) {
$admin_log->e_log_event(10, __FILE__ . "|" . __FUNCTION__ . "@" . __LINE__, "DEBUG", "Upload Handler test", "Legacy call, directory " . $uploaddir, FALSE, FALSE);
}
$ret = process_uploaded_files(getcwd() . "/" . $uploaddir, $avatar, $options);
// Well, that's the way it was done before
if ($ret === FALSE) {
if (UH_DEBUG) {
$admin_log->e_log_event(10, __FILE__ . "|" . __FUNCTION__ . "@" . __LINE__, "DEBUG", "Upload Handler test", "Legacy return FALSE", FALSE, FALSE);
}
return FALSE;
}
if (UH_DEBUG) {
$admin_log->e_log_event(10, __FILE__ . "|" . __FUNCTION__ . "@" . __LINE__, "DEBUG", "Upload Handler test", "Legacy return with " . count($ret) . " files", FALSE, FALSE);
}
$messages = handle_upload_messages($ret, FALSE, TRUE);
// Show all the error and acknowledgment messages
define(F_MESSAGE, $messages);
if (count($ret) == 1) {
if ($ret[0]['error'] != 0) {
return FALSE;
}
// Special case if errors
}
return $ret;
}
if (!defined("USER_WIDTH")) {
define("USER_WIDTH", "width:97%");
}
if (!check_class($pref['upload_class'])) {
$text = "<div style='text-align:center'>" . LAN_UL_002 . "</div>";
$ns->tablerender(LAN_UL_020, $text);
require_once FOOTERF;
exit;
}
$message = '';
$postemail = '';
if (isset($_POST['upload'])) {
if (($_POST['file_email'] || USER == TRUE) && $_POST['file_name'] && $_POST['file_description'] && $_POST['download_category']) {
require_once e_HANDLER . "upload_handler.php";
// $uploaded = file_upload(e_FILE."public/", "unique");
$uploaded = process_uploaded_files(e_UPLOAD, "unique", array('max_file_count' => 2, 'extra_file_types' => TRUE));
// First, see what errors the upload handler picked up
if ($uploaded === FALSE) {
$message = LAN_UL_021 . '<br />';
}
// Now see if we have a code file
if (count($uploaded) > 0) {
if ($uploaded[0]['error'] == 0) {
$file = $uploaded[0]['name'];
$filesize = $uploaded[0]['size'];
} else {
$message .= $uploaded[0]['message'] . '<br />';
}
}
// Now see if we have an image file
if (count($uploaded) > 1) {
// file uploaded
if (!move_uploaded_file($tmp = $_FILES['file']['tmp_name'][$i], $new = $config['root_dir'] . "/data/upload-" . rand(10000, 99999) . '-' . basename($tmp))) {
fatal_error("Unable to move downloaded file: {$tmp} to {$new}", 0);
}
$vars['files'][] = array('tmp_name' => $new, 'type' => $_FILES['file']['type'][$i], 'name' => basename($_FILES['file']['name'][$i]), 'size' => sprintf("%.2f", $_FILES['file']['size'][$i] / 1024));
}
}
}
//////////////////// main ////////////////////////////////////////
$t->register_resource("memory", array("memory_get_template", "memory_get_timestamp", "memory_get_secure", "memory_get_trusted"));
$vars = get_input_vars();
if ($vars['files']) {
$vars['files'] = unserialize($vars['files']);
}
if ($vars['upload'] || $_FILES['file']['size'][0] || $_FILES['file']['size'][1]) {
process_uploaded_files($vars);
if ($vars['upload']) {
$vars['action'] = '';
}
}
if ($vars['back']) {
$vars = unserialize($vars['vars']);
$vars['action'] = '';
}
switch ($vars['action']) {
case 'preview':
display_preview();
break;
case 'send':
check_demo();
send_mails();
// Did everything go according to plan?
if (!$errors && !isset($_POST['preview'])) {
$edited_sql = !isset($_POST['silent']) || !$is_admmod ? $edited_sql = ', edited=' . time() . ', edited_by=\'' . $db->escape($pun_user['username']) . '\'' : '';
include PUN_ROOT . 'include/search_idx.php';
if ($can_edit_subject) {
// Update the topic and any redirect topics
$db->query('UPDATE ' . $db->prefix . 'topics SET subject=\'' . $db->escape($subject) . '\' WHERE id=' . $cur_post['tid'] . ' OR moved_to=' . $cur_post['tid']) or error('Unable to update topic', __FILE__, __LINE__, $db->error());
// We changed the subject, so we need to take that into account when we update the search words
update_search_index('edit', $id, $message, $subject);
} else {
update_search_index('edit', $id, $message);
}
// Update the post
$db->query('UPDATE ' . $db->prefix . 'posts SET message=\'' . $db->escape($message) . '\', hide_smilies=\'' . $hide_smilies . '\'' . $edited_sql . ' WHERE id=' . $id) or error('Unable to update post', __FILE__, __LINE__, $db->error());
$uploaded = $deleted = 0;
$attach_result = process_deleted_files($id, $deleted) . process_uploaded_files($cur_post['tid'], $id, $uploaded);
// If the posting user is logged in, increment his/her post count
if (!$pun_user['is_guest'] && $uploaded - $deleted != 0) {
$db->query('UPDATE ' . $db->prefix . 'users SET num_files=num_files+' . ($uploaded - $deleted) . ' WHERE id=' . $pun_user['id']) or error('Unable to update user', __FILE__, __LINE__, $db->error());
}
generate_rss();
redirect('viewtopic.php?pid=' . $id . '#p' . $id, $attach_result . $lang_post['Edit redirect']);
}
}
$page_title = pun_htmlspecialchars($pun_config['o_board_title']) . ' / ' . $lang_post['Edit post'];
$required_fields = array('req_subject' => $lang_common['Subject'], 'req_message' => $lang_common['Message']);
$focus_element = array('edit', 'req_message');
require_once PUN_ROOT . 'header.php';
echo '<div class="linkst">
<div class="inbox">
<ul><li><a href="index.php">' . $lang_common['Index'] . '</a></li><li> » <a href="viewforum.php?id=' . $cur_post['fid'] . '">' . pun_htmlspecialchars($cur_post['forum_name']) . '</a></li><li> » ' . pun_htmlspecialchars($cur_post['subject']) . '</li></ul>
/**
* Print out upload form elements and/or process submitted uploads.
* Your <form> tag must include: enctype='multipart/form-data' - in order to work.
*
* Example usage:
* <code>
* // Process uploaded file (sent by the form below), it'll print out message (if any)
* if(isset($_POST['etrigger_uploadfiles']))
* {
* // NOTE: chmod permissions after upload are set to 0755
* echo e107::getParser()->parseTemplate('{UPLOADFILE='.e_MEDIA.'public|process=1&upload_file_mask=jpg,jpeg,png,gif&upload_final_chmod=493}');
* }
*
* // Render upload form
* echo '<form action="'.e_SELF.'" enctype="multipart/form-data" method="post">';
* echo e107::getParser()->parseTemplate('{UPLOADFILE='.e_MEDIA.'public|nowarn&trigger=etrigger_uploadfiles}');
* echo '</form>';
* </code>
*
* @todo Human readable *nix like permissions option (upload_final_chmod) e.g. 'rw-rw-r--' --> 0664, 'rwxrwxrwx' --> 0777
*
* @param string $parm upload_path|parameters (GET query format)
* Available parameters:
* - trigger [render] (string): name attribute of upload trigger button, default 'uploadfiles'
* - name [render|processing] (string): name of upload (file) field, without array brackets ([]), default 'file_userfile'
* - up_container [render] (string): the id attribute of upload container (containing upload field(s)), default 'up_container'
* - up_row [render] (string): the id attribute of upload added fields (diuplicates), default 'upline'
* - process [render|processing] ('0'|'1' boolean): main shortcode action, 0 - render markup, 1 - process uploaded files, default '0'
* - upload_file_mask [processing] (string): 'file_mask' parameter of process_uploaded_files() - comma-separated list of file types which if defined limits the allowed file types to those which are
* in both this list and the file specified by the 'filetypes' option. Enables restriction to, for example, image files. {@link process_uploaded_files()),
* default is empty string
* - upload_filetypes [processing] (string): 'filetypes' parameter of process_uploaded_files() - name of file containing list of valid file types, default is empty string
* - upload_extra_file_types [processing] (string): 'extra_file_types' parameter of process_uploaded_files() - '0' (default) rejects totally unknown file extensions;
* '1' accepts totally unknown file extensions which are in $options['filetypes'] file; comma-separated list of additional permitted file extensions
* - upload_final_chmod [processing] (string): 'final_chmod' parameter of process_uploaded_files() - chmod() to be applied to uploaded files (0644 default).
* NOTE: you need to provide number with numerci base of decimal (as a string) which will be auto-converted to octal number
* Example: '493' --> 0755; '511' --> 0777
* - upload_max_upload_size [processing] (string): 'max_upload_size' parameter of process_uploaded_files() - maximum size of uploaded files in bytes,
* or as a string with a 'multiplier' letter (e.g. 16M) at the end, default is empty string
* - upload_overwrite [processing] ('0'|'1' boolean): 'overwrite' parameter of process_uploaded_files() - maximum number of files which can be uploaded - default is '0' (unlimited)
* - return_type [processing] ('0'|'message'|'result'): 'message' (default) - return messages (eMessage::render() method);
* 'result' - return array generated by process_uploaded_files();
* '0' - return empty string;
* NOTE: upload messages are added to 'upload_shortcode' message namespace
* <code>
* // render messages manually (return_type=0)
* echo e107::getMessage()->render('upload_shortcode');
* // OR copy them to the default message namespace
* e107::getMessage()->moveStack('upload_shortcode', 'default');
* // Do something... and render all messages
* echo e107::getMessage()->render();
* <code>
* @return mixed Based on 'return_type' parameter - string or uploaded array result
*/
function uploadfile_shortcode($parm)
{
if (!FILE_UPLOADS) {
return LAN_UPLOAD_SERVEROFF;
}
if (USER_AREA === TRUE && !check_class(e107::getPref('upload_class'))) {
return LAN_DISABLED;
}
$parm = explode('|', $parm, 2);
$path = $parm[0];
if ($path && !is_writable($path)) {
return LAN_UPLOAD_777 . " <b>" . str_replace("../", "", $path) . "</b>";
}
$parms = array();
parse_str(varset($parm[1], ''), $parms);
$parms = array_merge(array('trigger' => 'uploadfiles', 'name' => 'file_userfile', 'up_container' => 'up_container', 'up_row' => 'upline', 'process' => '0', 'upload_file_mask' => '', 'upload_filetypes' => '', 'upload_extra_file_types' => '0', 'upload_final_chmod' => '', 'upload_max_upload_size' => '0', 'upload_max_file_count' => '0', 'upload_overwrite' => '0', 'return_type' => 'message', 'disable_button' => '0'), $parms);
// PROCESS UPLOADED FILES, optional usage by external code
if ($parms['process']) {
e107_require_once(e_HANDLER . 'upload_handler.php');
$options = array('file_mask' => $parms['upload_file_mask'], 'filetypes' => $parms['upload_filetypes'], 'extra_file_types' => $parms['upload_extra_file_types'] ? true : false, 'final_chmod' => $parms['upload_final_chmod'] ? intval(intval($parms['upload_final_chmod']), 8) : 0644, 'max_upload_size' => $parms['upload_max_upload_size'], 'file_array_name' => $parms['name'], 'max_file_count' => $parms['upload_max_file_count'], 'overwrite' => $parms['upload_overwrite'] ? true : false);
$uploaded = process_uploaded_files($path, false, $options);
if ($uploaded) {
$emessage = e107::getMessage();
foreach ($uploaded as $finfo) {
$emessage->addStack($finfo['message'], 'upload_shortcode', $finfo['error'] ? E_MESSAGE_ERROR : E_MESSAGE_SUCCESS);
}
if ($parms['return_type'] == 'message') {
return $emessage->render('upload_shortcode');
}
}
return $parms['return_type'] == 'result' ? $uploaded : '';
}
// RENDER FORM
$onclickt = !isset($parms['nowarn']) ? " onclick=\"return jsconfirm('" . LAN_UPLOAD_CONFIRM . "')\"" : '';
$onclickd = " onclick=\"duplicateHTML('{$parms['up_row']}','{$parms['up_container']}');\"";
$name = $parms['name'] . '[]';
$text .= "\n\t <!-- Upload Shortcode -->\n\t\t\t<div>\n\t\t\t\t<div class='field-spacer'>\n\t\t\t\t\t<button class='action duplicate' type='button' value='no-value'{$onclickd}><span>" . LAN_UPLOAD_ADDFILE . "</span></button>";
// Media Manager does the submit, not the shortcode.
if (!$parms['disable_button']) {
$text .= "<button class='upload' type='submit' name='{$parms['trigger']}' value='no-value'{$onclickt}><span>" . LAN_UPLOAD_FILES . "</span></button>";
}
$text .= "\n\t\t\t\t</div>\n\t\t\t\t<div id='{$parms['up_container']}'>\n\t\t\t\t\t<div id='{$parms['up_row']}' class='nowrap'>\n\t\t\t\t\t\t<input class='tbox file' type='file' name='{$name}' />\n\t\t\t </div>\n\t\t\t\t</div>\n\t\t\t\t<div class='field-help'>Upload to: <strong>" . str_replace('../', '', $path) . "</strong></div>\n\t\t\t</div>\n\t\t\t<!-- End Upload Shortcode -->\n\t\t";
return $text;
}
function process_upload()
{
global $forumInfo, $thread_info, $admin_log, $forum;
$postId = (int) $postId;
$ret = array();
// var_dump($_FILES);
if (isset($_FILES['file_userfile']['error'])) {
require_once e_HANDLER . 'upload_handler.php';
$attachmentDir = e_PLUGIN . 'forum/attachments/';
$thumbDir = e_PLUGIN . 'forum/attachments/thumb/';
if ($uploaded = process_uploaded_files($attachmentDir, 'attachment', '')) {
foreach ($uploaded as $upload) {
if ($upload['error'] == 0) {
$_txt = '';
$_att = '';
$_file = '';
$_thumb = '';
$_fname = '';
$fpath = '{e_PLUGIN}forum/attachments/';
if (strstr($upload['type'], 'image')) {
$_type = 'img';
if ($forum->prefs->get('maxwidth', 0) > 0) {
require_once e_HANDLER . 'resize_handler.php';
$orig_file = $upload['name'];
$new_file = 'th_' . $orig_file;
$resizeDir = $forum->prefs->get('linkimg') ? 'thumb/' : '';
if (resize_image($attachmentDir . $orig_file, $attachmentDir . $resizeDir . $new_file, $forum->prefs->get('maxwidth'))) {
if ($forum->prefs->get('linkimg')) {
$parms = image_getsize($attachmentDir . $new_file);
$_txt = '[br][link=' . $fpath . $orig_file . "][img{$parms}]" . $fpath . $new_file . '[/img][/link][br]';
$_file = $orig_file;
$_thumb = $new_file;
//show resized, link to fullsize
} else {
@unlink($attachmentDir . $orig_file);
//show resized
$parms = image_getsize($attachmentDir . $new_file);
$_txt = "[br][img{$parms}]" . $fpath . $new_file . '[/img][br]';
$_file = $new_file;
}
} else {
//resize failed, show original
$parms = image_getsize($attachmentDir . $upload['name']);
$_txt = "[br][img{$parms}]" . $fpath . $upload['name'] . '[/img]';
$_file = $upload['name'];
}
} else {
//resizing disabled, show original
$parms = image_getsize($attachmentDir . $upload['name']);
//resizing disabled, show original
$_txt = "[br]<div class='spacer'>[img{$parms}]" . $fpath . $upload['name'] . "[/img]</div>\n";
$_file = $upload['name'];
}
} else {
//upload was not an image, link to file
$_type = 'file';
$_fname = isset($upload['rawname']) ? $upload['rawname'] : $upload['name'];
$_txt = '[br][file=' . $fpath . $upload['name'] . ']' . $_fname . '[/file]';
$_file = $upload['name'];
$_thumb = $_fname;
}
if ($_txt && $_file) {
$ret[] = array('type' => $_type, 'txt' => $_txt, 'file' => $_file, 'thumb' => $_thumb, 'fname' => $_fname);
}
} else {
// Error in uploaded file
echo 'Error in uploaded file: ' . (isset($upload['rawname']) ? $upload['rawname'] : $upload['name']) . '<br />';
}
}
return $ret;
}
}
}