/**
* Function to store the matching patch package for the currently installed VM version to the cache path
*
* @param array $d
* @return boolean
*/
function getPatchPackage(&$d)
{
global $vm_mainframe, $vmLogger, $mosConfig_cachepath, $VM_LANG;
$allowed_extensions = array('gz', 'zip');
if (empty($_FILES['uploaded_package']['tmp_name'])) {
// retrieve the latest version number from virtuemart.net
require_once ADMINPATH . 'version.php';
$VMVERSION = new vmVersion();
// This URL should return a string - the direct URL to the matching patch package
$url = "http://virtuemart.net/index2.php?option=com_versions&catid=1&myVersion={$VMVERSION->RELEASE}&task=listpatchpackages&j=" . (vmIsJoomla('1.5') ? '1.5' : '1.0');
$result = vmConnector::handleCommunication($url);
if (!empty($result) && (strncmp('http://dev.virtuemart.net', $result, 25) === 0 || strncmp('http://virtuemart.net', $result, 21) === 0)) {
$filename = basename($result);
$doc_id_pos = strpos($filename, '?');
if ($doc_id_pos > 0) {
$filename = substr($filename, 0, $doc_id_pos);
}
// Was the package already downloaded?
if (file_exists($mosConfig_cachepath . '/' . $filename)) {
$vmLogger->info($VM_LANG->_('VM_UPDATE_PACKAGE_EXISTS') . ' ' . $mosConfig_cachepath . '/' . $filename);
} else {
// If not, store it on this server
$patch_package = vmConnector::handleCommunication($result);
if (!file_put_contents($mosConfig_cachepath . '/' . $filename, $patch_package)) {
$vmLogger->err($VM_LANG->_('VM_UPDATE_ERR_STORE_FAILED'));
return false;
}
}
// cache the location of the stored package file
$_SESSION['vm_updatepackage'] = $mosConfig_cachepath . '/' . $filename;
} else {
$vmLogger->err($VM_LANG->_('VM_UPDATE_ERR_RETRIEVE_FAILED'));
return false;
}
if (vmIsXHR()) {
$vm_mainframe->addResponseScript('parent.loadPage("' . $GLOBALS['sess']->url($_SERVER['PHP_SELF'] . '?page=admin.update_preview', false, false) . '");');
}
return true;
} else {
// make sure the file name is safe for storage.
$filename = vmSafeFileName($_FILES['uploaded_package']['name']);
$fileinfo = pathinfo($filename);
if (!in_array(strtolower($fileinfo['extension']), $allowed_extensions)) {
$vmLogger->err('An invalid patch package extension was detected. Allowed Types: ' . implode(', ', $allowed_extensions));
return false;
}
// Handle the uploaded package file- the integrity validation is done in another function
if (move_uploaded_file($_FILES['uploaded_package']['tmp_name'], $mosConfig_cachepath . '/' . $filename)) {
$_SESSION['vm_updatepackage'] = $mosConfig_cachepath . '/' . $filename;
if (vmIsXHR()) {
$vm_mainframe->addResponseScript('parent.loadPage("' . $GLOBALS['sess']->url($_SERVER['PHP_SELF'] . '?page=admin.update_preview', false, false) . '");');
}
} else {
$vmLogger->err('Failed to store the uploaded patch package file.');
return false;
}
}
}
/**
* Validates an uploaded image. Creates UNIX commands to be used
* by the process_images function, which has to be called after
* the validation.
* @author jep
* @author soeren
* @static
* @param array $d
* @param string $field_name The name of the field in the table $table, the image is assigned to [e.g. product_thumb_image]
* @param string $table_name The name of a table in the database [e.g. #__{vm}_product]
* @return boolean When the upload validation was sucessfull, true is returned, otherwise false
*/
function validate_image(&$d, $field_name, $table_name)
{
global $vmLogger;
// The commands to be executed by the process_images
// function are returned as strings in an array here.
if (empty($d['image_commands']) || !empty($_REQUEST['image_commands'])) {
unset($_REQUEST['image_commands']);
$d['image_commands'] = array();
}
// Generate the path to images
$path = IMAGEPATH;
$path .= $table_name . "/";
// Check permissions to write to destination directory
// Workaround for Window$
if (strstr($path, ":")) {
$path_begin = substr($path, strpos($path, ":") + 1, strlen($path));
$path = str_replace("//", "/", $path_begin);
}
if (!is_dir($path)) {
mkdir($path, 0777);
$vmLogger->debug('Had to create the directory ' . $path);
}
if (!is_writable($path) && !empty($_FILES[$field_name]["tmp_name"])) {
$vmLogger->err('Cannot write to ' . $table_name . ' image directory: ' . $path);
return false;
}
if (PSHOP_IMG_WIDTH == 0 or PSHOP_IMG_HEIGHT == 0) {
$vmLogger->err('Thumb default height or width is set to 0! Cannot resize the image');
return false;
}
// Check for upload errors
require_once CLASSPATH . 'ps_product_files.php';
ps_product_files::checkUploadedFile($field_name);
// proof of concept fix by jmarsik 20090422 - safely move the uploaded file from upload_tmp_dir to temporary location (hopefully) included in open_basedir, following code will be much happier :)
// if the file is not moved, following code will try to manipulate it using functions that check open_basedir (for example copy, file_exists, unlink, getimagesize)
if (!empty($_FILES[$field_name]["tmp_name"]) && is_uploaded_file($_FILES[$field_name]["tmp_name"])) {
$tmpfile_moved_from_uploaded_file = $path . "tmpForThumb_" . basename($_FILES[$field_name]["tmp_name"]);
$vmLogger->debug("Moving file from " . $_FILES[$field_name]["tmp_name"] . " to " . $tmpfile_moved_from_uploaded_file . " (helps when upload_tmp_dir is not in open_basedir)");
move_uploaded_file($_FILES[$field_name]["tmp_name"], $tmpfile_moved_from_uploaded_file);
$_FILES[$field_name]["tmp_name"] = $tmpfile_moved_from_uploaded_file;
}
$tmp_field_name = str_replace("thumb", "full", $field_name);
// Class for resizing Thumbnails
require_once CLASSPATH . "class.img2thumb.php";
if (@$d[$tmp_field_name . '_action'] == 'auto_resize') {
// proof of concept fix by jmarsik 20090422 - safely move the uploaded file from upload_tmp_dir to temporary location (hopefully) included in open_basedir, following code will be much happier :)
// if the file is not moved, following code will try to manipulate it using functions that check open_basedir (for example copy, file_exists, unlink, getimagesize)
if (!empty($_FILES[$tmp_field_name]["tmp_name"]) && is_uploaded_file($_FILES[$tmp_field_name]["tmp_name"])) {
$tmpfile_moved_from_uploaded_file = $path . "tmpForThumb_" . basename($_FILES[$tmp_field_name]["tmp_name"]);
$vmLogger->debug("Moving file from " . $_FILES[$tmp_field_name]["tmp_name"] . " to " . $tmpfile_moved_from_uploaded_file . " (helps when upload_tmp_dir is not in open_basedir)");
move_uploaded_file($_FILES[$tmp_field_name]["tmp_name"], $tmpfile_moved_from_uploaded_file);
$_FILES[$tmp_field_name]["tmp_name"] = $tmpfile_moved_from_uploaded_file;
}
// Resize the Full Image
if (!empty($_FILES[$tmp_field_name]["tmp_name"])) {
$full_file = $_FILES[$tmp_field_name]["tmp_name"];
$image_info = getimagesize($full_file);
} elseif (!empty($d[$tmp_field_name . "_url"])) {
$tmp_file_from_url = $full_file = ps_product_files::getRemoteFile($d[$tmp_field_name . "_url"]);
if ($full_file) {
$vmLogger->debug('Successfully fetched the image file from ' . $d[$tmp_field_name . "_url"] . ' for later resizing');
$image_info = getimagesize($full_file);
}
}
if (!empty($image_info)) {
if ($image_info[2] == 1) {
if (function_exists("imagegif")) {
$ext = ".gif";
$noimgif = "";
} else {
$ext = ".jpg";
$noimgif = ".gif";
}
} elseif ($image_info[2] == 2) {
$ext = ".jpg";
$noimgif = "";
} elseif ($image_info[2] == 3) {
$ext = ".png";
$noimgif = "";
}
$vmLogger->debug('The resized Thumbnail will have extension ' . $noimgif . $ext);
/* Generate Image Destination File Name */
if (!empty($d[$table_name . '_name'])) {
$filename = substr($d[$table_name . '_name'], 0, 16);
$filename = vmSafeFileName($filename);
} else {
$filename = md5('virtuemart');
}
$to_file_thumb = uniqid($filename . '_');
$fileout = IMAGEPATH . "{$table_name}/resized/{$to_file_thumb}" . '_' . PSHOP_IMG_WIDTH . 'x' . PSHOP_IMG_HEIGHT . $noimgif . $ext;
if (!file_exists(dirname($fileout))) {
mkdir(dirname($fileout));
$vmLogger->debug('Created Directory ' . dirname($fileout));
}
$neu = new Img2Thumb($full_file, PSHOP_IMG_WIDTH, PSHOP_IMG_HEIGHT, $fileout, 0, 255, 255, 255);
$thumbname = 'resized/' . basename($fileout);
$vmLogger->debug('Finished creating the thumbnail ' . $thumbname);
if (isset($tmp_file_from_url)) {
unlink(realpath($tmp_file_from_url));
}
$tmp_field_name = str_replace("full", "thumb", $tmp_field_name);
$tmp_field_name = str_replace("_url", "", $tmp_field_name);
$_FILES[$tmp_field_name]['tmp_name'] = $fileout;
$_FILES[$tmp_field_name]['name'] = $thumbname;
$d[$tmp_field_name] = $thumbname;
$curr_file = isset($_REQUEST[$tmp_field_name . "_curr"]) ? $_REQUEST[$tmp_field_name . "_curr"] : "";
if (!empty($curr_file)) {
$delete = str_replace("\\", "/", realpath($path . "/" . $curr_file));
$d["image_commands"][] = array('command' => 'unlink', 'param1' => $delete);
$vmLogger->debug('Preparing: delete old thumbnail image: ' . $delete);
/* Remove the resized image if exists */
if (PSHOP_IMG_RESIZE_ENABLE == "1") {
$pathinfo = pathinfo($delete);
isset($pathinfo["dirname"]) or $pathinfo["dirname"] = "";
isset($pathinfo["extension"]) or $pathinfo["extension"] = "";
$filehash = basename($delete, "." . $pathinfo["extension"]);
$resizedfilename = $pathinfo["dirname"] . "/resized/" . $filehash . "_" . PSHOP_IMG_WIDTH . "x" . PSHOP_IMG_HEIGHT . "." . $pathinfo["extension"];
$d["image_commands"][] = array('command' => 'unlink', 'param1' => $resizedfilename);
$vmLogger->debug('Preparing: delete resized thumbnail ' . $resizedfilename);
}
}
}
}
$temp_file = isset($_FILES[$field_name]['tmp_name']) ? $_FILES[$field_name]['tmp_name'] : "";
$file_type = isset($_FILES[$field_name]['type']) ? $_FILES[$field_name]['type'] : "";
$orig_file = isset($_FILES[$field_name]["name"]) ? $_FILES[$field_name]['name'] : "";
$curr_file = isset($_REQUEST[$field_name . "_curr"]) ? $_REQUEST[$field_name . "_curr"] : "";
/* Generate text to display in error messages */
if (stristr("thumb", $field_name)) {
$image_type = "thumbnail image";
} elseif (stristr("full", $field_name)) {
$image_type = "full image";
} else {
$image_type = str_replace("_", " ", $field_name);
}
/* If User types "none" in Image Upload Field */
if (@$d[$field_name . "_action"] == "delete") {
/* If there is a current image file */
if (!empty($curr_file)) {
$delete = str_replace("\\", "/", realpath($path . "/" . $curr_file));
$d["image_commands"][] = array('command' => 'unlink', 'param1' => $delete);
$vmLogger->debug('Preparing: delete old ' . $image_type . ' ' . $delete);
/* Remove the resized image if exists */
if (PSHOP_IMG_RESIZE_ENABLE == "1" && $image_type == "thumbnail image") {
$pathinfo = pathinfo($delete);
isset($pathinfo["dirname"]) or $pathinfo["dirname"] = "";
isset($pathinfo["extension"]) or $pathinfo["extension"] = "";
$filehash = basename($delete, "." . $pathinfo["extension"]);
$resizedfilename = $pathinfo["dirname"] . "/resized/" . $filehash . "_" . PSHOP_IMG_WIDTH . "x" . PSHOP_IMG_HEIGHT . "." . $pathinfo["extension"];
$d["image_commands"][] = array('command' => 'unlink', 'param1' => $resizedfilename);
$vmLogger->debug('Preparing: delete resized thumbnail ' . $resizedfilename);
}
}
$d[$field_name] = "";
return true;
} elseif ($orig_file and $temp_file == "none") {
$vmLogger->err($image_type . ' upload failed.');
return false;
} else {
// If nothing was entered in the Upload box, there is no image to process
if (!$orig_file) {
$d[$field_name] = $curr_file;
return true;
}
}
if (empty($temp_file)) {
$vmLogger->err('The File Upload was not successful: there\'s no uploaded temporary file!');
return false;
}
/* Generate Image Destination File Name */
if (!empty($d[$table_name . '_name'])) {
$filename = substr($d[$table_name . '_name'], 0, 16);
$filename = vmSafeFileName($filename);
} else {
$filename = md5('virtuemart');
}
$to_file = uniqid($filename . '_');
/* Check image file format */
if ($orig_file != "none") {
$to_file .= $ext = '.' . Img2Thumb::GetImgType($temp_file);
if (!$to_file) {
$vmLogger->err($image_type . ' file is invalid: ' . $file_type . '.');
return false;
}
}
/*
** If it gets to this point then there is an uploaded file in the system
** and it is a valid image file.
*/
/* If Updating */
if (!empty($curr_file)) {
/* Command to remove old image file */
$delete = str_replace("\\", "/", realpath($path) . "/" . $curr_file);
$d["image_commands"][] = array('command' => 'unlink', 'param1' => $delete);
/* Remove the resized image if exists */
if (PSHOP_IMG_RESIZE_ENABLE == "1" && $image_type == "thumbnail image") {
$pathinfo = pathinfo($delete);
$filehash = basename($delete, "." . $pathinfo["extension"]);
$resizedfilename = $pathinfo["dirname"] . "/resized/" . $filehash . "_" . PSHOP_IMG_WIDTH . "x" . PSHOP_IMG_HEIGHT . "." . $pathinfo["extension"];
$d["image_commands"][] = array('command' => 'unlink', 'param1' => $resizedfilename);
$vmLogger->debug('Preparing: delete resized thumbnail ' . $resizedfilename);
}
}
/* Command to move uploaded file into destination directory */
// Command to move uploaded file into destination directory
$d["image_commands"][] = array('command' => 'move_uploaded_file', 'param1' => $temp_file, 'param2' => $path . $to_file);
$d["image_commands"][] = array('command' => 'unlink', 'param1' => $temp_file);
if (empty($d[$field_name])) {
/* Return new image file name */
$d[$field_name] = $to_file;
}
return true;
}
