/** * Filters data from instant file uploader * @param array $filter_by_ext allow file extensions * @return mixed filtered file data on success, false otherwise */ function fn_filter_instant_upload($filter_by_ext = array()) { if (!empty($_FILES['upload'])) { $_FILES['upload']['path'] = $_FILES['upload']['tmp_name']; $uploaded_data = fn_get_local_data(Bootstrap::stripSlashes($_FILES['upload'])); if (fn_check_uploaded_data($uploaded_data, $filter_by_ext)) { return $uploaded_data; } } return false; }
/** * Finds file and return real path to it * * @param string $prefix path to search in * @param string $file Filename, can be URL, absolute or relative path * @return mixed String path to the file or false if file is not found. */ function fn_find_file($prefix, $file) { $file = Bootstrap::stripSlashes($file); // Url if (strpos($file, '://') !== false) { return $file; } $prefix = fn_normalize_path(rtrim($prefix, '/')); $file = fn_normalize_path($file); $files_path = fn_get_files_dir_path(); // Absolute path if (is_file($file) && strpos($file, $files_path) === 0) { return $file; } // Path is relative to files directory if (is_file($files_path . $file)) { return $files_path . $file; } // Path is relative to prefix inside files directory if (is_file($files_path . $prefix . '/' . $file)) { return $files_path . $prefix . '/' . $file; } // Prefix is absolute path if (strpos($prefix, $files_path) === 0 && is_file($prefix . '/' . $file)) { return $prefix . '/' . $file; } return false; }
public function _addDellinCities($url_cities, $post) { $file_dir = fn_get_files_dir_path() . "dellin/"; fn_mkdir($file_dir); @chmod($file_dir, 0777); $file_path = $file_dir . date("Y-m-d", TIME) . '_cities.csv'; if (!file_exists($file_path)) { $response = Http::post($url_cities, json_encode($post), $this->url_params); $result = (array) json_decode($response); file_put_contents($file_path, file_get_contents($result['url'])); if (!empty($result['url'])) { $max_line_size = 65536; // 64 Кб $data_city = array(); $delimiter = ','; $encoding = fn_detect_encoding($result['url'], 'F', CART_LANGUAGE); if (!empty($encoding)) { $result['url'] = fn_convert_encoding($encoding, 'UTF-8', $result['url'], 'F'); } else { fn_set_notification('W', __('warning'), __('text_exim_utf8_file_format')); } $f = false; if ($result['url'] !== false) { $f = fopen($result['url'], 'rb'); } if ($f) { $import_schema = fgetcsv($f, $max_line_size, $delimiter); $schema_size = sizeof($import_schema); $skipped_lines = array(); $line_it = 1; while (($data = fn_fgetcsv($f, $max_line_size, $delimiter)) !== false) { $line_it++; if (fn_is_empty($data)) { continue; } if (sizeof($data) != $schema_size) { $skipped_lines[] = $line_it; continue; } $data = str_replace(array('\\r', '\\n', '\\t', '"'), '', $data); $data_city = array_combine($import_schema, Bootstrap::stripSlashes($data)); if (!empty($data_city)) { $dellin_city = array('number_city' => $data_city['id'], 'code_kladr' => str_replace(' ', '', $data_city['codeKLADR']), 'is_terminal' => $data_city['isTerminal']); $first_pos = strpos($data_city['name'], '('); $end_pos = strpos($data_city['name'], ')') - $first_pos; if (!empty($first_pos)) { $dellin_city['state'] = str_replace(array("(", ")"), "", substr($data_city['name'], $first_pos, $end_pos)); $dellin_city['city'] = str_replace(array('(' . $dellin_city['state'] . ')', '"'), "", $data_city['name']); } else { $dellin_city['state'] = str_replace(array('г.', 'г', 'г. ', 'г '), '', $data_city['name']); $dellin_city['city'] = $data_city['name']; } $dellin_city['city_id'] = db_get_field("SELECT city_id FROM ?:rus_dellin_cities WHERE code_kladr = ?s", $dellin_city['code_kladr']); db_query("REPLACE INTO ?:rus_dellin_cities ?e", $dellin_city); } } } } } }
function fn_trusted_vars() { $args = func_get_args(); if (sizeof($args) > 0) { foreach ($args as $k => $v) { if (isset($_POST[$v])) { $_REQUEST[$v] = !defined('QUOTES_ENABLED') ? $_POST[$v] : Bootstrap::stripSlashes($_POST[$v]); } elseif (isset($_GET[$v])) { $_REQUEST[$v] = !defined('QUOTES_ENABLED') ? $_GET[$v] : Bootstrap::stripSlashes($_GET[$v]); } } } return true; }
/** * Filter data from file uploader * * @param string $name * @return array $filtered */ function fn_filter_uploaded_data($name, $filter_by_ext = array()) { $udata_local = fn_rebuild_files('file_' . $name); $udata_other = !empty($_REQUEST['file_' . $name]) ? $_REQUEST['file_' . $name] : array(); $utype = !empty($_REQUEST['type_' . $name]) ? $_REQUEST['type_' . $name] : array(); //var_dump($name);echo"<br/>"; // if($name=='p_feature_var_extra_image_detailed'){ // var_dump($utype);die(); // } if (empty($utype)) { return array(); } $filtered = array(); foreach ($utype as $id => $type) { if ($type == 'local' && !fn_is_empty(@$udata_local[$id])) { $filtered[$id] = fn_get_local_data(Bootstrap::stripSlashes($udata_local[$id])); } elseif ($type == 'server' && !fn_is_empty(@$udata_other[$id]) && AREA == 'A') { fn_get_last_key($udata_other[$id], 'fn_get_server_data', true); $filtered[$id] = $udata_other[$id]; } elseif ($type == 'url' && !fn_is_empty(@$udata_other[$id])) { fn_get_last_key($udata_other[$id], 'fn_get_url_data', true); $filtered[$id] = $udata_other[$id]; } if (isset($filtered[$id]) && $filtered[$id] === false) { unset($filtered[$id]); fn_set_notification('E', __('error'), __('cant_upload_file')); } if (!empty($filtered[$id]) && is_array($filtered[$id]) && !empty($filtered[$id]['name'])) { $filtered[$id]['name'] = str_replace(' ', '_', urldecode($filtered[$id]['name'])); // replace spaces with underscores $ext = fn_get_file_ext($filtered[$id]['name']); if (!empty($filter_by_ext) && !in_array(fn_strtolower($ext), $filter_by_ext)) { unset($filtered[$id]); fn_set_notification('E', __('error'), __('text_not_allowed_to_upload_file_extension', array('[ext]' => $ext))); } elseif (in_array(fn_strtolower($ext), Registry::get('config.forbidden_file_extensions'))) { unset($filtered[$id]); fn_set_notification('E', __('error'), __('text_forbidden_file_extension', array('[ext]' => $ext))); } } if (!empty($filtered[$id]['path']) && in_array(fn_get_mime_content_type($filtered[$id]['path'], true, 'text/plain'), Registry::get('config.forbidden_mime_types'))) { fn_set_notification('E', __('error'), __('text_forbidden_file_mime', array('[mime]' => fn_get_mime_content_type($filtered[$id]['path'], true, 'text/plain')))); unset($filtered[$id]); } } static $shutdown_inited; if (!$shutdown_inited) { $shutdown_inited = true; register_shutdown_function('fn_remove_temp_data'); } return $filtered; }