function attach_upload($page, $pass = NULL) { global $_attach_messages, $_string; // if (PKWK_READONLY) die_message('PKWK_READONLY prohibits editing'); if (Auth::check_role('readonly')) { Utility::dieMessage($_string['error_prohibit']); } $msgs = array(); if (empty($page)) { // 添付先のページが空 return array('result' => FALSE, 'msg' => '#attach: page name is missing.'); } $wiki = Factory::Wiki($page); if (!$wiki->isValied()) { return array('result' => FALSE, 'msg' => $_attach_messages['err_nopage']); } if ($pass !== TRUE) { if (!$wiki->isEditable()) { return array('result' => FALSE, 'msg' => $_attach_messages['err_noparm']); } if (PLUGIN_ATTACH_UPLOAD_ADMIN_ONLY && Auth::check_role('role_contents_admin') && ($pass === NULL || !pkwk_login($pass))) { return array('result' => FALSE, 'msg' => $_attach_messages['err_adminpass']); } } foreach ($_FILES[PLUGIN_ATTACH_FILE_FIELD_NAME]['name'] as $key => $value) { $file = $_FILES[PLUGIN_ATTACH_FILE_FIELD_NAME]['name'][$key]; // 無効な文字が含まれている if (preg_match(PLUGIN_ATTACH_ILLEGAL_CHARS_PATTERN, $file)) { $msgs[$file] = $_string['illegal_chars']; continue; } // 添付ファイルがアップされた時のクエリの長さを取得 $query = Router::get_cmd_uri('attach', '', '', array('refer' => $page, 'pcmd' => 'info', 'file' => $file)); // ファイル名が長すぎる if (PKWK_QUERY_STRING_MAX && strlen($query) > PKWK_QUERY_STRING_MAX) { $msgs[$file] = $_attach_messages['err_too_long']; continue; } // アップロードに失敗 if ($_FILES[PLUGIN_ATTACH_FILE_FIELD_NAME]['error'][$key] !== UPLOAD_ERR_OK) { $msgs[$file] = attach_set_error_message($_FILES[PLUGIN_ATTACH_FILE_FIELD_NAME]['error'][$key]); continue; } // 一時ファイルの生成に失敗 if (empty($_FILES[PLUGIN_ATTACH_FILE_FIELD_NAME]['tmp_name'][$key]) || !is_uploaded_file($_FILES[PLUGIN_ATTACH_FILE_FIELD_NAME]['tmp_name'][$key])) { $msgs[$file] = $_attach_messages['err_upload']; continue; } // サイズが大きすぎる if ($_FILES[PLUGIN_ATTACH_FILE_FIELD_NAME]['size'][$key] > PLUGIN_ATTACH_MAX_FILESIZE) { $msgs[$file] = $_attach_messages['err_exceed']; continue; } $ret = attach_doupload($file, $page, $pass, $_FILES[PLUGIN_ATTACH_FILE_FIELD_NAME]['tmp_name'][$key]); $msgs[$file] = $ret['msg']; } $body[] = '<ul>'; foreach ($msgs as $file => $_result) { $body[] = '<li>' . $file . ': ' . $_result . '</li>'; } $body[] = '</ul>'; return array('msg' => sprintf($_attach_messages['msg_uploaded'], $page), 'body' => '<ul>' . join("\n", $body) . '</ul>', 'result' => true); }
function attach_upload($file, $page, $pass = NULL) { global $_attach_messages; // if (PKWK_READONLY) die_message('PKWK_READONLY prohibits editing'); if (auth::check_role('readonly')) { die_message('PKWK_READONLY prohibits editing'); } // Check query-string $query = 'plugin=attach&pcmd=info&refer=' . rawurlencode($page) . '&file=' . rawurlencode($file['name']); if ($file['error'] !== UPLOAD_ERR_OK) { $err_msg = attach_set_error_message($file['error']); return array('result' => FALSE, 'msg' => $err_msg); } if (PKWK_QUERY_STRING_MAX && strlen($query) > PKWK_QUERY_STRING_MAX) { pkwk_common_headers(); echo _("Query string (page name and/or file name) too long"); exit; } else { if (!is_page($page)) { die_message(_("No such page")); } else { if ($file['tmp_name'] == '' || !is_uploaded_file($file['tmp_name'])) { return array('result' => FALSE, 'msg' => $_attach_messages['err_upload']); } else { if ($file['size'] > PLUGIN_ATTACH_MAX_FILESIZE) { return array('result' => FALSE, 'msg' => $_attach_messages['err_exceed']); } else { if (!is_pagename($page) || $pass !== TRUE && !is_editable($page)) { return array('result' => FALSE, ' msg' => $_attach_messages['err_noparm']); // } else if (PLUGIN_ATTACH_UPLOAD_ADMIN_ONLY && $pass !== TRUE && } else { if (PLUGIN_ATTACH_UPLOAD_ADMIN_ONLY && auth::check_role('role_adm_contents') && $pass !== TRUE && ($pass === NULL || !pkwk_login($pass))) { return array('result' => FALSE, 'msg' => $_attach_messages['err_adminpass']); } } } } } } return attach_doupload($file, $page, $pass); }