// strip out PHPSESSNAME=...
if (session_id() && session_name()) {
// session expected at the end of REQUEST URI when added by PHP
$session_name_pos = strpos($request_uri, session_name() . '=');
if ($session_name_pos !== FALSE) {
$request_uri = trim(trim(mb_substr($request_uri, 0, $session_name_pos), '&'), '?');
}
}
$query_separator = strpos($request_uri, 'cmsimage.php?') !== FALSE ? '?' : '/';
$data = explode('cmsimage.php' . $query_separator, $request_uri, 2);
if (isset($data[1])) {
$data = explode('/', $data[1]);
// first check hashed data
if (isset($data[1])) {
$data[1] = preg_replace('/[^a-fgijpn0-9\\.]/i', '', $data[1]);
$hash = cut_ext($data[1]);
$ext = which_ext($data[1]);
$value = array();
if (substr($data[0], 0, 7) == 'convert') {
// get image convert function but limit to max of 5 chars
$convert_function = substr(substr($data[0], 8), 0, 5);
if (!empty($convert_function) && $hash && $ext && function_exists('phpwcms_convertimage_' . $convert_function)) {
$source_image = $hash . '.' . $ext;
$target_image = $hash . '-' . $convert_function . '.' . $ext;
$convert_function = 'phpwcms_convertimage_' . $convert_function;
// deliver cached image first
if (!is_file(PHPWCMS_THUMB . $target_image)) {
$result = $convert_function(PHPWCMS_THUMB . $source_image, PHPWCMS_THUMB . $target_image);
if (empty($result['error']) && !empty($result['image'])) {
$target_image = $result['image'];
} elseif (is_file(PHPWCMS_THUMB . $source_image)) {
function saveUploadedFile($file, $target, $exttype = '', $imgtype = '', $rename = 0, $maxsize = 0)
{
// imgtype can be all exif_imagetype supported by your PHP install
// see http://www.php.net/exif_imagetype
$file_status = array('status' => false, 'error' => '', 'name' => '', 'tmp_name' => '', 'size' => 0, 'path' => '', 'ext' => '', 'rename' => '', 'maxsize' => intval($maxsize), 'error_num' => 0, 'type' => '');
if (!isset($_FILES[$file]) || !is_uploaded_file($_FILES[$file]['tmp_name'])) {
$file_status['error'] = 'Upload not defined';
return $file_status;
}
$file_status['name'] = sanitize_filename($_FILES[$file]['name']);
$file_status['ext'] = which_ext($file_status['name']);
$file_status['tmp_name'] = $_FILES[$file]['tmp_name'];
$file_status['size'] = $_FILES[$file]['size'];
$file_status['type'] = empty($_FILES[$file]['type']) || !is_mimetype_format($_FILES[$file]['type']) ? get_mimetype_by_extension($file_status['ext']) : $_FILES[$file]['type'];
$file_status['path'] = $target;
$file_status['rename'] = $file_status['name'];
$file_status['maxsize'] = empty($file_status['maxsize']) ? $GLOBALS['phpwcms']['file_maxsize'] : $file_status['maxsize'];
if (intval($file_status['size']) > $file_status['maxsize']) {
$file_status['error'] = 'File is too large';
$file_status['error_num'] = 400;
return $file_status;
}
if (empty($target)) {
$file_status['error'] = 'Target directory not defined';
$file_status['error_num'] = 412;
return $file_status;
}
if (!@_mkdir($target)) {
$file_status['error'] = 'The target directory "' . $target . '" can not be found or generated';
$file_status['error_num'] = 412;
return $file_status;
}
if ($_FILES[$file]['error']) {
$file_status['error'] = $_FILES[$file]['error'];
$file_status['error_num'] = 409;
return $file_status;
}
if ($imgtype) {
$imgtype = convertStringToArray(strtolower($imgtype));
if (count($imgtype)) {
$data = @getimagesize($_FILES[$file]['tmp_name']);
$exif_imagetype = array(1 => 'gif', 2 => 'jpeg', 2 => 'jpg', 3 => 'png', 4 => 'swf', 5 => 'psd', 6 => 'bmp', 7 => 'tif', 8 => 'tiff', 9 => 'jpc', 10 => 'jp2', 11 => 'jpx', 12 => 'jb2', 13 => 'swc', 14 => 'iff', 15 => 'wbmp', 16 => 'xbm');
if (!$data && !$exttype) {
$file_status['error'] = 'Format' . ($file_status['ext'] ? ' *.' . $file_status['ext'] : '') . ' not supported (';
$allowed = array();
foreach ($imgtype as $value) {
$allowed[] = '*.' . $exif_imagetype[$value];
}
$file_status['error'] .= implode(', ', $allowed) . ')';
$file_status['error_num'] = 415;
@unlink($_FILES[$file]['tmp_name']);
return $file_status;
} elseif ($data) {
if (empty($exif_imagetype[$data[2]]) || !in_array($data[2], $imgtype)) {
$file_status['error'] = 'File type ';
$file_status['error'] .= empty($exif_imagetype[$data[2]]) ? $data[2] : $exif_imagetype[$data[2]];
$file_status['error'] .= ' is not supported for this upload (';
foreach ($imgtype as $imgt) {
$file_status['error'] .= empty($exif_imagetype[$imgt]) ? $imgt : $exif_imagetype[$imgt];
$file_status['error'] .= ', ';
}
$file_status['error'] = trim(trim($file_status['error']), ',');
$file_status['error'] .= ' only)';
$file_status['error_num'] = 415;
@unlink($_FILES[$file]['tmp_name']);
return $file_status;
}
$file_status['image'] = $data;
$exttype = '';
}
}
}
if ($exttype) {
$exttype = convertStringToArray(strtolower($exttype));
if (!in_array($file_status['ext'], $exttype)) {
$file_status['error'] = 'File type *.' . $file_status['ext'] . ' is not supported for this upload (*.' . implode(', *.', $exttype) . ' only)';
$file_status['error_num'] = 415;
@unlink($_FILES[$file]['tmp_name']);
return $file_status;
}
}
if (!is_writable($target)) {
$file_status['error'] = 'Target directory <b>' . str_replace(PHPWCMS_ROOT, '', $target) . '</b> is not writable';
$file_status['error_num'] = 412;
@unlink($_FILES[$file]['tmp_name']);
return $file_status;
}
$rename = convertStringToArray($rename);
if (count($rename)) {
$_temp_name = cut_ext($file_status['rename']);
foreach ($rename as $value) {
switch ($value) {
case 1:
$_temp_name = str_replace(array(':', '/', "\\", ' '), array('-', '-', '-', '_'), phpwcms_remove_accents($_temp_name));
$_temp_name = preg_replace('/[^0-9a-z_\\-\\.]/i', '', $_temp_name);
break;
case 2:
$_temp_name = time() . '_' . $_temp_name;
break;
case 3:
$_temp_name = date('Ymd-His') . '_' . $_temp_name;
break;
case 4:
$_temp_name = date('Ymd') . '_' . $_temp_name;
break;
case 5:
$_temp_name = generic_string(6) . '_' . $_temp_name;
break;
case 6:
$_temp_name = md5($_temp_name . ($file_status['ext'] ? '.' . $file_status['ext'] : ''));
break;
case 7:
$_temp_name = shortHash($_temp_name . ($file_status['ext'] ? '.' . $file_status['ext'] : ''));
break;
}
}
$file_status['rename'] = $_temp_name . ($file_status['ext'] ? '.' . $file_status['ext'] : '');
}
@umask(0);
if (!@move_uploaded_file($_FILES[$file]['tmp_name'], $target . $file_status['rename'])) {
if (!copy($_FILES[$file]['tmp_name'], $target . $file_status['rename'])) {
$file_status['error'] = 'Saving uploaded file <b>' . html($file_status['name']) . '</b> to <b>' . html(str_replace(PHPWCMS_ROOT, '', $target . $file_status['rename'])) . '</b> failed';
$file_status['error_num'] = 412;
@unlink($_FILES[$file]['tmp_name']);
return $file_status;
}
}
@chmod($target . $file_status['rename'], 0644);
$file_status['status'] = true;
return $file_status;
}
?>
</option>
<?php
// skins for Flash Media Player
$skins = returnFileListAsArray(PHPWCMS_TEMPLATE . 'lib/jw_media_player/skins', 'swf,zip');
if (is_array($skins) && count($skins)) {
foreach ($skins as $skin) {
?>
<option value="<?php
echo $skin['filename'];
?>
"<?php
is_selected($skin['filename'], $fmp_data['fmp_set_skin']);
?>
><?php
echo html(ucwords(str_replace('_', ' ', cut_ext($skin['filename']))));
?>
</option>
<?php
}
}
?>
</select></td>
</tr>
</table></td>
</tr>
<tr>
<td colspan="2" class="rowspacer7x0"><script type="text/javascript">
var selected_player = <?php
