if (!is_dir($destdir)) {
mkdir($destdir);
} else {
$importtemplateoutput .= "<div class=\"warningheader\">" . $clang->gT("Error") . "</div><br />\n";
$importtemplateoutput .= sprintf($clang->gT("Template '%s' does already exist."), $newdir) . "<br/><br/>\n";
$importtemplateoutput .= "<br/><input type=\"submit\" onclick=\"window.open('{$scriptname}?action=templates', '_top')\" value=\"" . $clang->gT("Template Editor") . "\"/>\n";
$importtemplateoutput .= "</div>\n";
return;
}
$aImportedFilesInfo = array();
$aErrorFilesInfo = array();
if (is_file($zipfile)) {
$importtemplateoutput .= "<div class=\"successheader\">" . $clang->gT("Success") . "</div><br />\n";
$importtemplateoutput .= $clang->gT("File upload succeeded.") . "<br /><br />\n";
$importtemplateoutput .= $clang->gT("Reading file..") . "<br /><br />\n";
if ($z->extract($extractdir, $zipfile) != 'OK') {
$importtemplateoutput .= "<div class=\"warningheader\">" . $clang->gT("Error") . "</div><br />\n";
$importtemplateoutput .= $clang->gT("This file is not a valid ZIP file archive. Import failed.") . "<br/><br/>\n";
$importtemplateoutput .= "<br/><input type=\"submit\" onclick=\"window.open('{$scriptname}?action=templates', '_top')\" value=\"" . $clang->gT("Template Editor") . "\"/>\n";
$importtemplateoutput .= "</div>\n";
return;
}
$ErrorListHeader = "";
$ImportListHeader = "";
// now read tempdir and copy authorized files only
$dh = opendir($extractdir);
while ($direntry = readdir($dh)) {
if ($direntry != "." && $direntry != "..") {
if (is_file($extractdir . "/" . $direntry)) {
// is a file
$extfile = substr(strrchr($direntry, '.'), 1);
/**
* Responsible to import a template archive.
*
* @access public
* @return void
*/
public function upload()
{
$clang = $this->getController()->lang;
// $this->getController()->_js_admin_includes(Yii::app()->getConfig('adminscripts') . 'templates.js');
$aViewUrls = $this->_initialise('default', 'welcome', 'startpage.pstpl', FALSE);
$lid = returnGlobal('lid');
$action = returnGlobal('action');
if ($action == 'templateupload') {
if (Yii::app()->getConfig('demoMode')) {
$this->getController()->error($clang->gT("Demo mode: Uploading templates is disabled."));
}
Yii::import('application.libraries.admin.Phpzip', true);
$zipfile = $_FILES['the_file']['tmp_name'];
$zip = new PHPZip();
// Create temporary directory so that if dangerous content is unzipped it would be unaccessible
$extractdir = self::_tempdir(Yii::app()->getConfig('tempdir'));
$basedestdir = Yii::app()->getConfig('usertemplaterootdir');
$newdir = str_replace('.', '', self::_strip_ext(sanitize_paranoid_string($_FILES['the_file']['name'])));
$destdir = $basedestdir . '/' . $newdir . '/';
if (!is_writeable($basedestdir)) {
$this->getController()->error(sprintf($clang->gT("Incorrect permissions in your %s folder."), $basedestdir));
}
if (!is_dir($destdir)) {
mkdir($destdir);
} else {
$this->getController()->error(sprintf($clang->gT("Template '%s' does already exist."), $newdir));
}
$aImportedFilesInfo = array();
$aErrorFilesInfo = array();
if (is_file($zipfile)) {
if ($zip->extract($extractdir, $zipfile) != 'OK') {
$this->getController()->error($clang->gT("This file is not a valid ZIP file archive. Import failed."));
}
// Now read tempdir and copy authorized files only
$dh = opendir($extractdir);
while ($direntry = readdir($dh)) {
if ($direntry != "." && $direntry != "..") {
if (is_file($extractdir . "/" . $direntry)) {
// Is a file
$extfile = substr(strrchr($direntry, '.'), 1);
if (!(stripos(',' . Yii::app()->getConfig('allowedresourcesuploads') . ',', ',' . $extfile . ',') === false)) {
// Extension allowed
if (!copy($extractdir . "/" . $direntry, $destdir . $direntry)) {
$aErrorFilesInfo[] = array("filename" => $direntry, "status" => $clang->gT("Copy failed"));
} else {
$aImportedFilesInfo[] = array("filename" => $direntry, "status" => $clang->gT("OK"));
}
} else {
// Extension forbidden
$aErrorFilesInfo[] = array("filename" => $direntry, "status" => $clang->gT("Error") . " (" . $clang->gT("Forbidden Extension") . ")");
}
unlink($extractdir . "/" . $direntry);
}
}
}
// Delete the temporary file
unlink($zipfile);
closedir($dh);
// Delete temporary folder
rmdir($extractdir);
if (count($aErrorFilesInfo) == 0 && count($aImportedFilesInfo) == 0) {
$this->getController()->error($clang->gT("This ZIP archive contains no valid template files. Import failed."));
}
} else {
$this->getController()->error(sprintf($clang->gT("An error occurred uploading your file. This may be caused by incorrect permissions in your %s folder."), $basedestdir));
}
if (count($aImportedFilesInfo) > 0) {
$templateFixes = $this->_templateFixes($newdir);
} else {
$templateFixes = array();
}
$aViewUrls = 'importuploaded_view';
$aData = array('aImportedFilesInfo' => $aImportedFilesInfo, 'aErrorFilesInfo' => $aErrorFilesInfo, 'lid' => $lid, 'newdir' => $newdir, 'templateFixes' => $templateFixes);
} else {
$aViewUrls = 'importform_view';
$aData = array('lid' => $lid);
}
$this->_renderWrappedTemplate('templates', $aViewUrls, $aData);
}
