public function handle_ajax_call_unknown(Doku_Event &$event, $param) { if ($event->data != 'plugin_imgpaste') { return; } global $lang; // get data global $INPUT; $data = $INPUT->post->str('data'); list($type, $data) = explode(';', $data); if (!$data) { $this->fail(400, $this->getLang('e_nodata')); } // process data encoding $type = strtolower(substr($type, 5)); // strip 'data:' prefix $data = substr($data, 7); // strip 'base64,' prefix $data = base64_decode($data); // check for supported mime type $mimetypes = array_flip(getMimeTypes()); if (!isset($mimetypes[$type])) { $this->fail(415, $lang['uploadwrong']); } // prepare file names $tempname = $this->storetemp($data); $filename = $this->getConf('filename'); $filename = str_replace(array('@NS@', '@ID@', '@USER@'), array(getNS($INPUT->post->str('id')), $INPUT->post->str('id'), $_SERVER['REMOTE_USER']), $filename); $filename = strftime($filename); $filename .= '.' . $mimetypes[$type]; $filename = cleanID($filename); // check ACLs $auth = auth_quickaclcheck($filename); if ($auth < AUTH_UPLOAD) { $this->fail(403, $lang['uploadfail']); } // do the actual saving $result = media_save(array('name' => $tempname, 'mime' => $type, 'ext' => $mimetypes[$type]), $filename, false, $auth, 'copy'); if (is_array($result)) { $this->fail(500, $result[0]); } //Still here? We had a successful upload $this->clean(); header('Content-Type: application/json'); $json = new JSON(); echo $json->encode(array('message' => $lang['uploadsucc'], 'id' => $result)); $event->preventDefault(); $event->stopPropagation(); }
/** * Uploads a file to the wiki. * * Michael Klier <*****@*****.**> */ function putAttachment($id, $file, $params) { $id = cleanID($id); $auth = auth_quickaclcheck(getNS($id) . ':*'); if (!isset($id)) { throw new RemoteException('Filename not given.', 231); } global $conf; $ftmp = $conf['tmpdir'] . '/' . md5($id . clientIP()); // save temporary file @unlink($ftmp); io_saveFile($ftmp, $file); $res = media_save(array('name' => $ftmp), $id, $params['ow'], $auth, 'rename'); if (is_array($res)) { throw new RemoteException($res[0], -$res[1]); } else { return $res; } }
/** * move the uploaded files to <pagename>:FILENAME * * * @param helper_plugin_bureaucracy_field[] $fields * @throws Exception */ protected function processUploads($fields) { $ns = $this->pagename; foreach ($fields as $field) { if ($field->getFieldType() !== 'file') { continue; } $label = $field->getParam('label'); $file = $field->getParam('file'); //skip empty files if (!$file['size']) { $this->values[$label] = ''; continue; } $id = $ns . ':' . $file['name']; $id = cleanID($id); $auth = $this->aclcheck($id); // runas $res = media_save(array('name' => $file['tmp_name']), $id, false, $auth, 'copy_uploaded_file'); if (is_array($res)) { throw new Exception($res[0]); } $this->values[$label] = $res; } }
/** * Uploads a file to the wiki. * * Michael Klier <*****@*****.**> */ function putAttachment($id, $file, $params) { $id = cleanID($id); $auth = auth_quickaclcheck(getNS($id) . ':*'); if (!isset($id)) { return new IXR_ERROR(1, 'Filename not given.'); } global $conf; $ftmp = $conf['tmpdir'] . '/' . md5($id . clientIP()); // save temporary file @unlink($ftmp); $buff = base64_decode($file); io_saveFile($ftmp, $buff); $res = media_save(array('name' => $ftmp), $id, $params['ow'], $auth, 'rename'); if (is_array($res)) { return new IXR_ERROR(-$res[1], $res[0]); } else { return $res; } }
/** * Handles media file uploads * * @author Andreas Gohr <*****@*****.**> * @author Michael Klier <*****@*****.**> * @param string $ns target namespace * @param int $auth current auth check result * @param bool|array $file $_FILES member, $_FILES['upload'] if false * @return mixed false on error, id of the new file on success */ function media_upload($ns, $auth, $file = false) { if (!checkSecurityToken()) { return false; } global $lang; global $INPUT; // get file and id $id = $INPUT->post->str('mediaid'); if (!$file) { $file = $_FILES['upload']; } if (empty($id)) { $id = $file['name']; } // check for errors (messages are done in lib/exe/mediamanager.php) if ($file['error']) { return false; } // check extensions list($fext, $fmime) = mimetype($file['name']); list($iext, $imime) = mimetype($id); if ($fext && !$iext) { // no extension specified in id - read original one $id .= '.' . $fext; $imime = $fmime; } elseif ($fext && $fext != $iext) { // extension was changed, print warning msg(sprintf($lang['mediaextchange'], $fext, $iext)); } $res = media_save(array('name' => $file['tmp_name'], 'mime' => $imime, 'ext' => $iext), $ns . ':' . $id, $INPUT->post->bool('ow'), $auth, 'copy_uploaded_file'); if (is_array($res)) { msg($res[0], $res[1]); return false; } return $res; }
/** * Uploads a file to the wiki. * * Michael Klier <*****@*****.**> */ function putAttachment($id, $file, $params) { $id = cleanID($id); $auth = auth_quickaclcheck(getNS($id) . ':*'); if (!isset($id)) { return new IXR_ERROR(1, 'Filename not given.'); } global $conf; $ftmp = $conf['tmpdir'] . '/' . md5($id . clientIP()); // save temporary file @unlink($ftmp); if (preg_match('/^[A-Za-z0-9\\+\\/]*={0,2}$/', $file) === 1) { // DEPRECATED: Double-decode file if it still looks like base64 // after first decoding (which is done by the library) $file = base64_decode($file); } io_saveFile($ftmp, $file); $res = media_save(array('name' => $ftmp), $id, $params['ow'], $auth, 'rename'); if (is_array($res)) { return new IXR_ERROR(-$res[1], $res[0]); } else { return $res; } }