function gwfontform_validate(Pieform $form, $values) { global $USER, $SESSION; require_once 'file.php'; require_once 'uploadmanager.php'; $valid = false; if ($values['gwfzipfile'] != null) { $filetype = $values['gwfzipfile']['type']; // Ensures that the correct file was chosen $accepted = array('application/zip', 'application/x-zip-compressed', 'multipart/x-zip', 'application/s-compressed'); foreach ($accepted as $mimetype) { if ($mimetype == $filetype) { $valid = true; break; } } // Safari and Chrome don't register zip mime types. Something better could be used here. // Check if file extension, that is the last 4 characters in file name, equals '.zip'... $valid = substr($values['gwfzipfile']['name'], -4) == '.zip' ? true : false; if (!$valid) { $form->set_error('gwfzipfile', get_string('notvalidzipfile', 'skin')); } // pass it through the virus checker $um = new upload_manager('gwfzipfile'); if ($error = $um->preprocess_file()) { $form->set_error($inputname, $error); } } }
function addvariantform_validate(Pieform $form, $values) { global $USER, $SESSION; require_once 'file.php'; require_once 'uploadmanager.php'; // Make sure they didn't hack the hidden variable to have the name of // a font that doesn't exist if (!record_exists('skin_fonts', 'name', $values['fontname'])) { $form->set_error('fontname', get_string('nosuchfont', 'skin')); } $uploadfiles = array('fontfileEOT' => array('required' => true, 'suffix' => 'eot'), 'fontfileSVG' => array('required' => true, 'suffix' => 'svg'), 'fontfileTTF' => array('required' => true, 'suffix' => 'ttf'), 'fontfileWOFF' => array('required' => true, 'suffix' => 'woff')); foreach ($uploadfiles as $inputname => $details) { $um = new upload_manager($inputname, false, null, $details['required']); if ($error = $um->preprocess_file()) { $form->set_error($inputname, $error); } if ($details['suffix']) { $reqext = ".{$details['suffix']}"; $fileext = substr($values[$inputname]['name'], -1 * strlen($reqext)); if ($fileext != $reqext) { $form->set_error($inputname, get_string('notvalidfontfile', 'skin', strtoupper($details['suffix']))); } } } }
function importskinform_validate(Pieform $form, $values) { global $USER, $SESSION; $filetype = $values['file']['type']; if (!$filetype || $filetype != 'text/xml') { $form->set_error('file', get_string('notvalidxmlfile', 'skin')); } require_once 'file.php'; require_once 'uploadmanager.php'; $um = new upload_manager('file'); if ($error = $um->preprocess_file()) { $form->set_error('file', $error); } }
/** * Processes a newly uploaded file, copies it to disk, and creates * a new artefact object. * Takes the name of a file input. * Returns false for no errors, or a string describing the error. */ public static function save_uploaded_file($inputname, $data) { require_once 'uploadmanager.php'; $um = new upload_manager($inputname); if ($error = $um->preprocess_file()) { throw new UploadException($error); } $size = $um->file['size']; if (!empty($data->owner)) { global $USER; if ($data->owner == $USER->get('id')) { $owner = $USER; } else { $owner = new User(); $owner->find_by_id($data->owner); } if (!$owner->quota_allowed($size)) { throw new QuotaExceededException(get_string('uploadexceedsquota', 'artefact.file')); } } $data->size = $size; $data->filetype = $um->file['type']; $data->oldextension = $um->original_filename_extension(); $f = self::new_file($um->file['tmp_name'], $data); $f->commit(); $id = $f->get('id'); // Save the file using its id as the filename, and use its id modulo // the number of subdirectories as the directory name. if ($error = $um->save_file(self::get_file_directory($id), $id)) { $f->delete(); throw new UploadException($error); } else { if ($owner) { $owner->quota_add($size); $owner->commit(); } } return $id; }
function add_feedback_form_submit(Pieform $form, $values) { global $view, $artefact, $USER; $data = new StdClass(); $data->view = $view->get('id'); if ($artefact) { $data->artefact = $artefact->get('id'); $table = 'artefact_feedback'; } else { $table = 'view_feedback'; } $data->message = $values['message']; $data->public = (int) $values['ispublic']; $data->author = $USER->get('id'); if (!$data->author) { unset($data->author); $data->authorname = $values['authorname']; } $data->ctime = db_format_timestamp(time()); db_begin(); if (is_array($values['attachment'])) { require_once get_config('libroot') . 'group.php'; require_once get_config('libroot') . 'uploadmanager.php'; safe_require('artefact', 'file'); $groupid = $view->get('submittedgroup'); if (group_user_can_assess_submitted_views($groupid, $USER->get('id'))) { $um = new upload_manager('attachment'); if ($error = $um->preprocess_file()) { throw new UploadException($error); } $owner = $view->get('owner'); $ownerlang = get_user_language($owner); $folderid = ArtefactTypeFolder::get_folder_id(get_string_from_language($ownerlang, 'feedbackattachdirname', 'view'), get_string_from_language($ownerlang, 'feedbackattachdirdesc', 'view'), null, true, $owner); $attachment = (object) array('owner' => $owner, 'parent' => $folderid, 'title' => ArtefactTypeFileBase::get_new_file_title($values['attachment']['name'], $folderid, $owner), 'size' => $values['attachment']['size'], 'filetype' => $values['attachment']['type'], 'oldextensin' => $um->original_filename_extension(), 'description' => get_string_from_language($ownerlang, 'feedbackonviewbytutorofgroup', 'view', $view->get('title'), display_name($USER), get_field('group', 'name', 'id', $groupid))); try { $data->attachment = ArtefactTypeFile::save_uploaded_file('attachment', $attachment); } catch (QuotaExceededException $e) { } } } insert_record($table, $data, 'id', true); require_once 'activity.php'; unset($data->id); activity_occurred('feedback', $data); db_commit(); if ($artefact) { $goto = get_config('wwwroot') . 'view/artefact.php?artefact=' . $artefact->get('id') . '&view=' . $view->get('id'); } else { $goto = get_config('wwwroot') . 'view/view.php?id=' . $view->get('id'); } $form->reply(PIEFORM_OK, array('message' => get_string('feedbacksubmitted', 'view'), 'goto' => $goto)); }
function addfontform_validate(Pieform $form, $values) { global $USER, $SESSION; require_once 'file.php'; require_once 'uploadmanager.php'; $foldername = preg_replace(Skin::FONTNAME_FILTER_CHARACTERS, '', $values['fonttitle']); if (!$foldername) { $form->set_error('fonttitle', get_string('invalidfonttitle', 'skin')); } // If we are uploading a zip file we need to extract things before we can validate them if (!empty($values['fontfileZip'])) { safe_require('artefact', 'file'); $ziptypes = PluginArtefactFile::get_mimetypes_from_description('zip'); $zipmimetype = file_mime_type($values['fontfileZip']['name']); $zipmimetype = $zipmimetype || (substr($values['fontfileZip']['name'], -4) == '.zip' ? 'application/zip' : null); if (in_array($zipmimetype, $ziptypes)) { // we are dealing with a zip file // First pass it through the virus checker $um = new upload_manager('fontfileZip'); if ($error = $um->preprocess_file()) { $form->set_error('fontfileZip', $error); } $zip = new ZipArchive(); if ($zip->open($values['fontfileZip']['tmp_name'])) { $check = uploadfiles_info(); for ($i = 0; $i < $zip->numFiles; $i++) { $fontname = dirname($zip->getNameIndex($i)); $filename = basename($zip->getNameIndex($i)); if (empty($fontname) || $fontname == '.') { $fontname = substr($values['fontfileZip']['name'], 0, -1 * strlen('.zip')); } // Check that all the needed files exist in the zip file foreach ($check as $key => $item) { if (end(explode('.', $zip->getNameIndex($i))) == $item['suffix']) { $check[$key]['found'] = true; } } } // now examine our $check array to make sure at least one of each of the required files was found foreach ($check as $key => $item) { if ($item['required'] == true && $item['found'] == false) { $form->set_error('fontfileZip', get_string('fontfilemissing', 'skin', $item['suffix'])); } } } else { $form->set_error('fontfileZip', get_string('archivereadingerror', 'skin')); } } else { $form->set_error('fontfileZip', get_string('notvalidzipfile', 'skin')); } } else { foreach (uploadfiles_info() as $inputname => $details) { $um = new upload_manager($inputname, false, null, !$details['required']); if ($error = $um->preprocess_file()) { $form->set_error($inputname, $error); } if (!$um->optionalandnotsupplied && $details['suffix']) { $reqext = ".{$details['suffix']}"; $fileext = substr($values[$inputname]['name'], -1 * strlen($reqext)); if ($fileext != $reqext) { $form->set_error($inputname, get_string('notvalidfontfile', 'skin', strtoupper($details['suffix']))); } } } } }
function institution_validate(Pieform $form, $values) { global $USER; if (!empty($values['name']) && !$form->get_error('name') && record_exists('institution', 'name', $values['name'])) { $form->set_error('name', get_string('institutionnamealreadytaken', 'admin')); } if ($USER->get('admin') || get_config_plugin('artefact', 'file', 'institutionaloverride')) { if (get_config_plugin('artefact', 'file', 'maxquotaenabled') && get_config_plugin('artefact', 'file', 'maxquota') < $values['defaultquota']) { $form->set_error('defaultquota', get_string('maxquotatoolow', 'artefact.file')); } } if (get_config('licensemetadata') && !empty($values['licensemandatory']) && (isset($values['licensedefault']) && $values['licensedefault'] == '')) { $form->set_error('licensedefault', get_string('licensedefaultmandatory', 'admin')); } // Check uploaded logo if (!empty($values['logo'])) { require_once 'file.php'; require_once 'uploadmanager.php'; $um = new upload_manager('logo'); if ($error = $um->preprocess_file()) { $form->set_error('logo', $error); return false; } $imageinfo = getimagesize($values['logo']['tmp_name']); if (!$imageinfo || !is_image_type($imageinfo[2])) { $form->set_error('logo', get_string('filenotimage')); return false; } // Check the file isn't greater than the max allowable size $width = $imageinfo[0]; $height = $imageinfo[1]; $imagemaxwidth = get_config('imagemaxwidth'); $imagemaxheight = get_config('imagemaxheight'); if ($width > $imagemaxwidth || $height > $imagemaxheight) { $form->set_error('logo', get_string('profileiconimagetoobig', 'artefact.file', $width, $height, $imagemaxwidth, $imagemaxheight)); } } if (!empty($values['lang']) && $values['lang'] != 'sitedefault' && !array_key_exists($values['lang'], get_languages())) { $form->set_error('lang', get_string('institutionlanginvalid', 'admin')); } // Validate plugins settings. plugin_institution_prefs_validate($form, $values); }
function upload_validate(Pieform $form, $values) { global $USER, $filesize; require_once 'file.php'; require_once 'uploadmanager.php'; $um = new upload_manager('file'); if ($error = $um->preprocess_file()) { $form->set_error('file', $error); return false; } $imageinfo = getimagesize($values['file']['tmp_name']); if (!$imageinfo || !is_image_type($imageinfo[2])) { $form->set_error('file', get_string('filenotimage')); return false; } if (get_field('artefact', 'COUNT(*)', 'artefacttype', 'profileicon', 'owner', $USER->id) >= 5) { $form->set_error('file', get_string('onlyfiveprofileicons', 'artefact.file')); return false; } $filesize = $um->file['size']; if (!$USER->quota_allowed($filesize)) { $form->set_error('file', get_string('profileiconuploadexceedsquota', 'artefact.file', get_config('wwwroot'))); return false; } // Check the file isn't greater than the max allowable size $width = $imageinfo[0]; $height = $imageinfo[1]; $imagemaxwidth = get_config('imagemaxwidth'); $imagemaxheight = get_config('imagemaxheight'); if ($width > $imagemaxwidth || $height > $imagemaxheight) { $form->set_error('file', get_string('profileiconimagetoobig', 'artefact.file', $width, $height, $imagemaxwidth, $imagemaxheight)); } }