/** * swfupload上传附件 */ public function swfupload() { $grouplist = S('member/grouplist'); if (isset($_POST['dosubmit'])) { if ($_POST['swf_auth_key'] != md5(C('config', 'auth_key') . $_POST['SWFUPLOADSESSID']) || $_POST['isadmin'] == 0 && !$grouplist[$_POST['groupid']]['allowattachment']) { exit; } $catid = isset($_POST['catid']) ? intval($_POST['catid']) : 0; $attachment = new Attachment($_POST['application'], $catid); $attachment->set_userid($_POST['userid']); $aids = $attachment->upload('Filedata', $_POST['filetype_post'], '', '', array($_POST['thumb_width'], $_POST['thumb_height']), $_POST['watermark_enable']); if ($aids[0]) { $filename = strtolower(CHARSET) != 'utf-8' ? iconv('gbk', 'utf-8', $attachment->uploadedfiles[0]['filename']) : ''; if ($attachment->uploadedfiles[0]['isimage']) { echo $aids[0] . ',' . $this->upload_url . $attachment->uploadedfiles[0]['filepath'] . ',' . $attachment->uploadedfiles[0]['isimage'] . ',' . $filename; } else { $fileext = $attachment->uploadedfiles[0]['fileext']; if ($fileext == 'zip' || $fileext == 'rar') { $fileext = 'rar'; } elseif ($fileext == 'doc' || $fileext == 'docx') { $fileext = 'doc'; } elseif ($fileext == 'xls' || $fileext == 'xlsx') { $fileext = 'xls'; } elseif ($fileext == 'ppt' || $fileext == 'pptx') { $fileext = 'ppt'; } elseif ($fileext == 'flv' || $fileext == 'swf' || $fileext == 'rm' || $fileext == 'rmvb') { $fileext = 'flv'; } else { $fileext = 'do'; } echo $aids[0] . ',' . $this->upload_url . $attachment->uploadedfiles[0]['filepath'] . ',' . $fileext . ',' . $filename; } exit; } else { echo '0,' . $attachment->error(); exit; } } else { if ($this->isadmin == 0 && !$grouplist[$this->groupid]['allowattachment']) { showmessage(L('att_no_permission')); } $args = $_GET['args']; $authkey = $_GET['authkey']; if (upload_key($args) != $authkey) { showmessage(L('attachment_parameter_error')); } extract(getswfinit($_GET['args'])); $file_size_limit = byte_format(C('attachment', 'maxsize') * 1024); $att_not_used = cookie('att_json'); if (empty($att_not_used) || !isset($att_not_used)) { $tab_status = ' class="on"'; } if (!empty($att_not_used)) { $div_status = ' hidden'; } // 获取临时未处理文件列表 $att = $this->att_not_used(); include $this->view('swfupload'); } }
/** * 附件上传 */ public function upfile() { $grouplist = S('member/grouplist'); if ($_POST['swf_auth_key'] != md5(C('config', 'auth_key') . $_POST['SWFUPLOADSESSID']) || $_POST['isadmin'] == 0 && !$grouplist[$_POST['groupid']]['allowattachment']) { exit; } $application = trim($_GET['application']); $catid = intval($_GET['catid']); $attachment = new Attachment($application, $catid); $attachment->set_userid($_POST['userid']); $aids = $attachment->upload('upfile', C('attachment', 'allowext'), '', '', array(0, 0)); if ($aids[0]) { $filepath = $attachment->uploadedfiles[0]['filepath']; $return = array('url' => $this->upload_url . $filepath, 'fileType' => '.' . $attachment->uploadedfiles[0]['fileext'], 'original' => $attachment->uploadedfiles[0]['filename'], 'state' => 'SUCCESS'); } else { $return = array('original' => $attachment->uploadedfiles[0]['filename'], 'state' => $attachment->error()); } exit(json_encode($return)); }
function execute() { $error = ''; if (!$this->dispatcher->privs->hasRights($_SESSION['access'], 'create', 'attachment', $this->dispatcher->conf['privileges'], $this->dispatcher->cont)) { return array('Attachment Error', VoodooError::displayError('Permission Denied (1)')); } $setup = $this->dispatcher->conf['settings']; if (isset($_POST['action']) && !empty($_FILES['attachment'])) { // Check for type. Filesize etc. $at = new Attachment($this->dispatcher->controller->DBConnect()); $desc = htmlentities($_POST['description']); if ($at->upload($desc, $setup, $_FILES['attachment'])) { $this->al->attachment =& $at; $this->al->linked = (object) array('id' => $this->dispatcher->action); $this->al->insert(); header(sprintf('Location: %s/%s/%s', PATH_TO_DOCROOT, $this->dispatcher->cont, $this->dispatcher->action)); exit; } else { $error = $at->getError(); } } $args = array('error' => $error ? VoodooError::displayError($error) : '', 'prepath' => PATH_TO_DOCROOT, 'action' => $this->dispatcher->action, 'controller' => $this->dispatcher->cont, 'formaction' => 'create'); $t =& VoodooTemplate::getInstance(); $t->setDir(ATTACHMENT_TEMPLATES); return array('Create Attachment', $t->parse('create', $args)); }