print CCTM::load_view('templates/default.php', $data); return; } // Big no-no #2: file is too big if ($_FILES['cctm_settings_file']['size'] > CCTM::max_def_file_size) { self::$errors['cctm_settings_file'] = sprintf(__('The definition filesize must not exceed %s bytes.', CCTM_TXTDOMAIN), CCTM::max_def_file_size); $data['msg'] = self::format_errors(); $data['content'] = CCTM::load_view('import.php', $data); print CCTM::load_view('templates/default.php', $data); return; } // Big no-no #3: bad data structure $raw_file_contents = file_get_contents($_FILES['cctm_settings_file']['tmp_name']); $data_from_file = json_decode($raw_file_contents, true); // Let's check that this thing is legit if (!CCTM_ImportExport::is_valid_def_structure($data_from_file)) { self::$errors['format'] = __('The uploaded file is not in the correct format.', CCTM_TXTDOMAIN); $data['msg'] = self::format_errors(); $data['content'] = CCTM::load_view('import.php', $data); print CCTM::load_view('templates/default.php', $data); return; } // create_verify_storage_directories will set errors, and we add another error here // to let the user know that we can't interface with the library dir $basename = basename($_FILES['cctm_settings_file']['name']); // Sometimes you can get filenames that look lie "your_def.cctm (1).json" if (!CCTM_ImportExport::is_valid_basename($basename)) { // grab anything left of the first period, then re-create the .cctm.json extension list($basename) = explode('.', $basename); $basename .= CCTM_ImportExport::extension; }