Пример #1
0
     }
     $path = GetDirPath($FILENAME);
     $pathto = Rel2Abs($path, $fname);
     $ext = GetFileExtension($pathto);
     if (!$USER->IsAdmin() && in_array($ext, $arExt)) {
         $message = new CAdminMessage(array("MESSAGE" => GetMessage("FLOW_ERROR"), "DETAILS" => GetMessage("FLOW_FILEUPLOAD_PHPERROR") . " \"" . $pathto . "\"", "TYPE" => "ERROR"));
     } elseif (!$USER->CanDoFileOperation('fm_edit_in_workflow', array($SITE_ID, $pathto))) {
         $message = new CAdminMessage(array("MESSAGE" => GetMessage("FLOW_ERROR"), "DETAILS" => GetMessage("FLOW_FILEUPLOAD_ACCESS_DENIED") . " \"" . $pathto . "\": " . GetMessage("FLOW_MIN_RIGHTS"), "TYPE" => "ERROR"));
     } elseif (!CBXVirtualIoFileSystem::ValidatePathString($pathto)) {
         $message = new CAdminMessage(array("MESSAGE" => GetMessage("FLOW_ERROR"), "DETAILS" => GetMessage("FLOW_FILE_NAME_NOT_VALID"), "TYPE" => "ERROR"));
     } else {
         $z = CWorkflow::GetFileByID($ID, $pathto);
         if ($zr = $z->Fetch()) {
             $message = new CAdminMessage(array("MESSAGE" => GetMessage("FLOW_ERROR"), "DETAILS" => str_replace("#FILE#", "{$pathto}", GetMessage("FLOW_FILE_ALREADY_EXIST")), "TYPE" => "ERROR"));
         } else {
             $temp_file = CWorkflow::GetUniqueFilename($pathto);
             $temp_dir = CWorkflow::GetTempDir();
             if (!file_exists($temp_dir)) {
                 mkdir($temp_dir, BX_DIR_PERMISSIONS);
             }
             $temp_path = $temp_dir . $temp_file;
             if (!copy($arFile["tmp_name"], $temp_path)) {
                 $message = new CAdminMessage(array("MESSAGE" => GetMessage("FLOW_ERROR"), "DETAILS" => GetMessage("FLOW_FILEUPLOAD_FILE_CREATE_ERROR") . " \"" . $temp_path . "\"", "TYPE" => "ERROR"));
             } else {
                 $arFields = array("DOCUMENT_ID" => $ID > 0 ? $ID : "null", "TIMESTAMP_X" => $DB->GetNowFunction(), "MODIFIED_BY" => "'" . $USER->GetID() . "'", "TEMP_FILENAME" => "'" . $DB->ForSql($temp_file, 255) . "'", "FILENAME" => "'" . $DB->ForSql($pathto, 255) . "'", "FILESIZE" => intval($arFile["size"]));
                 $FILE_ID = $DB->Insert("b_workflow_file", $arFields, $err_mess . __LINE__);
                 $arUploadedFiles[] = intval($FILE_ID);
             }
         }
     }
 }