/** * @{inheritDoc} */ public function get($name) { // Use Titania's definition of the filespec class // in order to ensure that Titania's Plupload instance // is also used. if ($name == 'filespec') { $name = 'phpbb.titania.attachment.files.filespec'; } return parent::get($name); }
/** * {@inheritdoc} */ public function process_form($request, $template, $user, $row, &$error) { if (!$this->can_upload()) { return false; } /** @var \phpbb\files\upload $upload */ $upload = $this->files_factory->get('upload')->set_error_prefix('AVATAR_')->set_allowed_extensions($this->allowed_extensions)->set_max_filesize($this->config['avatar_filesize'])->set_allowed_dimensions($this->config['avatar_min_width'], $this->config['avatar_min_height'], $this->config['avatar_max_width'], $this->config['avatar_max_height'])->set_disallowed_content(isset($this->config['mime_triggers']) ? explode('|', $this->config['mime_triggers']) : false); $url = $request->variable('avatar_upload_url', ''); $upload_file = $request->file('avatar_upload_file'); if (!empty($upload_file['name'])) { $file = $upload->handle_upload('files.types.form', 'avatar_upload_file'); } else { if (!empty($this->config['allow_avatar_remote_upload']) && !empty($url)) { if (!preg_match('#^(http|https|ftp)://#i', $url)) { $url = 'http://' . $url; } if (!function_exists('validate_data')) { require $this->phpbb_root_path . 'includes/functions_user.' . $this->php_ext; } $validate_array = validate_data(array('url' => $url), array('url' => array('string', true, 5, 255))); $error = array_merge($error, $validate_array); if (!empty($error)) { return false; } $file = $upload->handle_upload('files.types.remote', $url); } else { return false; } } $prefix = $this->config['avatar_salt'] . '_'; $file->clean_filename('avatar', $prefix, $row['id']); // If there was an error during upload, then abort operation if (sizeof($file->error)) { $file->remove(); $error = $file->error; return false; } // Calculate new destination $destination = $this->config['avatar_path']; // Adjust destination path (no trailing slash) if (substr($destination, -1, 1) == '/' || substr($destination, -1, 1) == '\\') { $destination = substr($destination, 0, -1); } $destination = str_replace(array('../', '..\\', './', '.\\'), '', $destination); if ($destination && ($destination[0] == '/' || $destination[0] == "\\")) { $destination = ''; } /** * Before moving new file in place (and eventually overwriting the existing avatar with the newly uploaded avatar) * * @event core.avatar_driver_upload_move_file_before * @var string destination Destination directory where the file is going to be moved * @var string prefix Prefix for the avatar filename * @var array row Array with avatar row data * @var array error Array of errors, if filled in by this event file will not be moved * @since 3.1.6-RC1 */ $vars = array('destination', 'prefix', 'row', 'error'); extract($this->dispatcher->trigger_event('core.avatar_driver_upload_move_file_before', compact($vars))); if (!sizeof($error)) { // Move file and overwrite any existing image $file->move_file($destination, true); } // If there was an error during move, then clean up leftovers $error = array_merge($error, $file->error); if (sizeof($error)) { $file->remove(); return false; } // Delete current avatar if not overwritten $ext = substr(strrchr($row['avatar'], '.'), 1); if ($ext && $ext !== $file->get('extension')) { $this->delete($row); } return array('avatar' => $row['id'] . '_' . time() . '.' . $file->get('extension'), 'avatar_width' => $file->get('width'), 'avatar_height' => $file->get('height')); }