$result = false; $Form = $API->get('Form'); $Form->require_field('imageAlt', 'Required'); $Form->set_required_fields_from_template($Template); if ($Form->submitted()) { $postvars = array('albumID', 'imageAlt', 'imageOrder'); $data = $Form->receive($postvars); $dynamic_fields = $Form->receive_from_template_fields($Template, $details); $data['imageDynamicFields'] = PerchUtil::json_safe_encode($dynamic_fields); if (is_object($Image)) { $result = $Image->update($data); } else { if (isset($data['imageID'])) { unset($data['imageID']); } $result = $Images->create($data); if ($result) { $new_image = true; $Image = $result; } else { $message = $HTML->failure_message('Sorry, that image could not be updated.'); } } if ($result) { $image_folder_writable = is_writable(PERCH_RESFILEPATH); $filesize = 0; if (isset($_FILES['upload'])) { $file = $_FILES['upload']['name']; $filesize = $_FILES['upload']['size']; } // if file is greater than 0 process it into resources
//checking for naughty uploading of php files. $target = PerchUtil::file_path($targetDir . '/' . $filename); if (file_exists($target)) { $ext = strrpos($filename, '.'); $fileName_a = substr($filename, 0, $ext); $fileName_b = substr($filename, $ext); $count = 1; while (file_exists(PerchUtil::file_path($targetDir . '/' . $fileName_a . '_' . $count . $fileName_b))) { $count++; } $filename = $fileName_a . '_' . $count . $fileName_b; $target = PerchUtil::file_path($targetDir . '/' . $filename); } } PerchUtil::move_uploaded_file($_FILES['upload']['tmp_name'], $target); $data = array(); $data['imageAlt'] = PerchUtil::strip_file_extension($filename); $data['albumID'] = $albumID; $data['imageStatus'] = 'uploading'; $data['imageBucket'] = $bucket['name']; $Image = $Images->create($data); if (is_object($Image)) { $Image->process_versions($filename, $Template, $bucket); } $Image->update(array('imageStatus' => 'active')); $Album = $Albums->find($albumID); if (is_object($Album)) { $Album->update_image_count(); } } }