/**
* Validate the input and set the value
*/
public function validate()
{
// No file specified
if (!isset($_FILES[$this->strName]) || empty($_FILES[$this->strName]['name'])) {
if ($this->mandatory) {
if ($this->strLabel == '') {
$this->addError($GLOBALS['TL_LANG']['ERR']['mdtryNoLabel']);
} else {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['mandatory'], $this->strLabel));
}
}
return;
}
$file = $_FILES[$this->strName];
$maxlength_kb = $this->getMaximumUploadSize();
$maxlength_kb_readable = $this->getReadableSize($maxlength_kb);
// Sanitize the filename
try {
$file['name'] = \StringUtil::sanitizeFileName($file['name']);
} catch (\InvalidArgumentException $e) {
$this->addError($GLOBALS['TL_LANG']['ERR']['filename']);
return;
}
// Invalid file name
if (!\Validator::isValidFileName($file['name'])) {
$this->addError($GLOBALS['TL_LANG']['ERR']['filename']);
return;
}
// File was not uploaded
if (!is_uploaded_file($file['tmp_name'])) {
if ($file['error'] == 1 || $file['error'] == 2) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['filesize'], $maxlength_kb_readable));
} elseif ($file['error'] == 3) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['filepartial'], $file['name']));
} elseif ($file['error'] > 0) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['fileerror'], $file['error'], $file['name']));
}
unset($_FILES[$this->strName]);
return;
}
// File is too big
if ($file['size'] > $maxlength_kb) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['filesize'], $maxlength_kb_readable));
unset($_FILES[$this->strName]);
return;
}
$objFile = new \File($file['name']);
$uploadTypes = \StringUtil::trimsplit(',', strtolower($this->extensions));
// File type is not allowed
if (!in_array($objFile->extension, $uploadTypes)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['filetype'], $objFile->extension));
unset($_FILES[$this->strName]);
return;
}
if (($arrImageSize = @getimagesize($file['tmp_name'])) != false) {
// Image exceeds maximum image width
if ($arrImageSize[0] > \Config::get('imageWidth')) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['filewidth'], $file['name'], \Config::get('imageWidth')));
unset($_FILES[$this->strName]);
return;
}
// Image exceeds maximum image height
if ($arrImageSize[1] > \Config::get('imageHeight')) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['fileheight'], $file['name'], \Config::get('imageHeight')));
unset($_FILES[$this->strName]);
return;
}
}
// Store file in the session and optionally on the server
if (!$this->hasErrors()) {
$_SESSION['FILES'][$this->strName] = $_FILES[$this->strName];
if ($this->storeFile) {
$intUploadFolder = $this->uploadFolder;
// Overwrite the upload folder with user's home directory
if ($this->useHomeDir && FE_USER_LOGGED_IN) {
$this->import('FrontendUser', 'User');
if ($this->User->assignDir && $this->User->homeDir) {
$intUploadFolder = $this->User->homeDir;
}
}
$objUploadFolder = \FilesModel::findByUuid($intUploadFolder);
// The upload folder could not be found
if ($objUploadFolder === null) {
throw new \Exception("Invalid upload folder ID {$intUploadFolder}");
}
$strUploadFolder = $objUploadFolder->path;
// Store the file if the upload folder exists
if ($strUploadFolder != '' && is_dir(TL_ROOT . '/' . $strUploadFolder)) {
$this->import('Files');
// Do not overwrite existing files
if ($this->doNotOverwrite && file_exists(TL_ROOT . '/' . $strUploadFolder . '/' . $file['name'])) {
$offset = 1;
$arrAll = scan(TL_ROOT . '/' . $strUploadFolder);
$arrFiles = preg_grep('/^' . preg_quote($objFile->filename, '/') . '.*\\.' . preg_quote($objFile->extension, '/') . '/', $arrAll);
foreach ($arrFiles as $strFile) {
if (preg_match('/__[0-9]+\\.' . preg_quote($objFile->extension, '/') . '$/', $strFile)) {
$strFile = str_replace('.' . $objFile->extension, '', $strFile);
$intValue = intval(substr($strFile, strrpos($strFile, '_') + 1));
$offset = max($offset, $intValue);
}
}
$file['name'] = str_replace($objFile->filename, $objFile->filename . '__' . ++$offset, $file['name']);
}
// Move the file to its destination
$this->Files->move_uploaded_file($file['tmp_name'], $strUploadFolder . '/' . $file['name']);
$this->Files->chmod($strUploadFolder . '/' . $file['name'], \Config::get('defaultFileChmod'));
$strUuid = null;
$strFile = $strUploadFolder . '/' . $file['name'];
// Generate the DB entries
if (\Dbafs::shouldBeSynchronized($strFile)) {
$objModel = \FilesModel::findByPath($strFile);
if ($objModel === null) {
$objModel = \Dbafs::addResource($strFile);
}
$strUuid = \StringUtil::binToUuid($objModel->uuid);
// Update the hash of the target folder
\Dbafs::updateFolderHashes($strUploadFolder);
}
// Add the session entry (see #6986)
$_SESSION['FILES'][$this->strName] = array('name' => $file['name'], 'type' => $file['type'], 'tmp_name' => TL_ROOT . '/' . $strFile, 'error' => $file['error'], 'size' => $file['size'], 'uploaded' => true, 'uuid' => $strUuid);
// Add a log entry
$this->log('File "' . $strUploadFolder . '/' . $file['name'] . '" has been uploaded', __METHOD__, TL_FILES);
}
}
}
unset($_FILES[$this->strName]);
}
/**
* Move one or more local files to the server
*
* @param boolean $blnIsAjax
*
* @return string
*/
public function move($blnIsAjax = false)
{
$strFolder = \Input::get('pid', true);
if (!file_exists(TL_ROOT . '/' . $strFolder) || !$this->isMounted($strFolder)) {
$this->log('Folder "' . $strFolder . '" was not mounted or is not a directory', __METHOD__, TL_ERROR);
$this->redirect('contao/main.php?act=error');
}
if (!preg_match('/^' . preg_quote(\Config::get('uploadPath'), '/') . '/i', $strFolder)) {
$this->log('Parent folder "' . $strFolder . '" is not within the files directory', __METHOD__, TL_ERROR);
$this->redirect('contao/main.php?act=error');
}
// Empty clipboard
if (!$blnIsAjax) {
$arrClipboard = $this->Session->get('CLIPBOARD');
$arrClipboard[$this->strTable] = array();
$this->Session->set('CLIPBOARD', $arrClipboard);
}
// Instantiate the uploader
$this->import('BackendUser', 'User');
$class = $this->User->uploader;
// See #4086
if (!class_exists($class)) {
$class = 'FileUpload';
}
/** @var \FileUpload $objUploader */
$objUploader = new $class();
// Process the uploaded files
if (\Input::post('FORM_SUBMIT') == 'tl_upload') {
// Generate the DB entries
if ($this->blnIsDbAssisted && \Dbafs::shouldBeSynchronized($strFolder)) {
// Upload the files
$arrUploaded = $objUploader->uploadTo($strFolder);
if (empty($arrUploaded)) {
\Message::addError($GLOBALS['TL_LANG']['ERR']['emptyUpload']);
$this->reload();
}
foreach ($arrUploaded as $strFile) {
$objFile = \FilesModel::findByPath($strFile);
// Existing file is being replaced (see #4818)
if ($objFile !== null) {
$objFile->tstamp = time();
$objFile->path = $strFile;
$objFile->hash = md5_file(TL_ROOT . '/' . $strFile);
$objFile->save();
} else {
\Dbafs::addResource($strFile);
}
}
} else {
// Not DB-assisted, so just upload the file
$arrUploaded = $objUploader->uploadTo($strFolder);
}
// HOOK: post upload callback
if (isset($GLOBALS['TL_HOOKS']['postUpload']) && is_array($GLOBALS['TL_HOOKS']['postUpload'])) {
foreach ($GLOBALS['TL_HOOKS']['postUpload'] as $callback) {
if (is_array($callback)) {
$this->import($callback[0]);
$this->{$callback[0]}->{$callback[1]}($arrUploaded);
} elseif (is_callable($callback)) {
$callback($arrUploaded);
}
}
}
// Update the hash of the target folder
if ($this->blnIsDbAssisted && \Dbafs::shouldBeSynchronized($strFolder)) {
\Dbafs::updateFolderHashes($strFolder);
}
// Redirect or reload
if (!$objUploader->hasError()) {
// Do not purge the html folder (see #2898)
if (\Input::post('uploadNback') && !$objUploader->hasResized()) {
\Message::reset();
$this->redirect($this->getReferer());
}
$this->reload();
}
}
// Submit buttons
$arrButtons = array();
$arrButtons['upload'] = '<input type="submit" name="upload" class="tl_submit" accesskey="s" value="' . specialchars($GLOBALS['TL_LANG'][$this->strTable]['upload']) . '">';
$arrButtons['uploadNback'] = '<input type="submit" name="uploadNback" class="tl_submit" accesskey="c" value="' . specialchars($GLOBALS['TL_LANG'][$this->strTable]['uploadNback']) . '">';
// Call the buttons_callback (see #4691)
if (is_array($GLOBALS['TL_DCA'][$this->strTable]['edit']['buttons_callback'])) {
foreach ($GLOBALS['TL_DCA'][$this->strTable]['edit']['buttons_callback'] as $callback) {
if (is_array($callback)) {
$this->import($callback[0]);
$arrButtons = $this->{$callback[0]}->{$callback[1]}($arrButtons, $this);
} elseif (is_callable($callback)) {
$arrButtons = $callback($arrButtons, $this);
}
}
}
// Display the upload form
return '
<div id="tl_buttons">
<a href="' . $this->getReferer(true) . '" class="header_back" title="' . specialchars($GLOBALS['TL_LANG']['MSC']['backBTTitle']) . '" accesskey="b" onclick="Backend.getScrollOffset()">' . $GLOBALS['TL_LANG']['MSC']['backBT'] . '</a>
</div>
' . \Message::generate() . '
<form action="' . ampersand(\Environment::get('request'), true) . '" id="' . $this->strTable . '" class="tl_form" method="post"' . (!empty($this->onsubmit) ? ' onsubmit="' . implode(' ', $this->onsubmit) . '"' : '') . ' enctype="multipart/form-data">
<div class="tl_formbody_edit">
<input type="hidden" name="FORM_SUBMIT" value="tl_upload">
<input type="hidden" name="REQUEST_TOKEN" value="' . REQUEST_TOKEN . '">
<input type="hidden" name="MAX_FILE_SIZE" value="' . \Config::get('maxFileSize') . '">
<div class="tl_tbox">
<h3>' . $GLOBALS['TL_LANG'][$this->strTable]['fileupload'][0] . '</h3>' . $objUploader->generateMarkup() . '
</div>
</div>
<div class="tl_formbody_submit">
<div class="tl_submit_container">
' . implode(' ', $arrButtons) . '
</div>
</div>
</form>';
}
/**
* Generate module
*
* @return void
*/
protected function compile()
{
global $objPage;
$this->maxlength = $GLOBALS['TL_CONFIG']['avatar_maxsize'];
$this->extensions = $GLOBALS['TL_CONFIG']['avatar_filetype'];
$this->uploadFolder = $GLOBALS['TL_CONFIG']['avatar_dir'];
$this->storeFile = $this->uploadFolder != '' ? true : false;
$arrImage = deserialize($GLOBALS['TL_CONFIG']['avatar_maxdims']);
$this->import('FrontendUser', 'User');
$strAvatar = $this->User->avatar;
$strAlt = $this->User->firstname . " " . $this->User->lastname;
$objFile = \FilesModel::findByUuid($strAvatar);
if ($objFile === null && $GLOBALS['TL_CONFIG']['avatar_fallback_image']) {
$objFile = \FilesModel::findByUuid($GLOBALS['TL_CONFIG']['avatar_fallback_image']);
}
if ($objFile !== null) {
$this->Template->avatar = '<img src="' . TL_FILES_URL . \Image::get($objFile->path, $arrImage[0], $arrImage[1], $arrImage[2]) . '" width="' . $arrImage[0] . '" height="' . $arrImage[1] . '" alt="' . $strAlt . '" class="avatar">';
} elseif ($this->User->gender != '') {
$this->Template->avatar = '<img src="' . TL_FILES_URL . \Image::get("system/modules/avatar/assets/" . $this->User->gender . ".png", $arrImage[0], $arrImage[1], $arrImage[2]) . '" width="' . $arrImage[0] . '" height="' . $arrImage[1] . '" alt="Avatar" class="avatar">';
} else {
$this->Template->avatar = '<img src="' . TL_FILES_URL . \Image::get("system/modules/avatar/assets/male.png", $arrImage[0], $arrImage[1], $arrImage[2]) . '" width="' . $arrImage[0] . '" height="' . $arrImage[1] . '" alt="Avatar" class="avatar">';
}
$this->Template->action = ampersand(\Environment::get('request'));
$this->Template->formId = 'avatar_' . $this->id;
$this->Template->method = 'post';
$this->Template->enctype = 'multipart/form-data';
$this->Template->attributes = '';
$this->Template->avatar_reset_label = $GLOBALS['TL_LANG']['AVATAR']['reset'];
$this->Template->avatar_submit_value = $GLOBALS['TL_LANG']['AVATAR']['save'];
$this->Template->avatar_file_label = sprintf($GLOBALS['TL_LANG']['AVATAR']['file']['1'], $this->extensions, $this->maxlength, $arrImage[0], $arrImage[1]);
// Confirm or remove a subscription
if (\Input::get('token')) {
static::changeSubscriptionStatus($objTemplate);
return;
}
// Remove the avatar
if (\Input::postRaw('avatar_reset')) {
\Database::getInstance()->prepare("UPDATE `tl_member` SET avatar='' WHERE `id`=?")->execute($this->User->id);
$this->reload();
}
$file = $_FILES[$this->strName];
$maxlength_kb = $this->getReadableSize($this->maxlength);
// Romanize the filename
$file['name'] = utf8_romanize($file['name']);
// File was not uploaded
if (!is_uploaded_file($file['tmp_name'])) {
if (in_array($file['error'], array(1, 2))) {
$this->Template->error = sprintf($GLOBALS['TL_LANG']['ERR']['filesize'], $maxlength_kb);
$this->log('File "' . $file['name'] . '" exceeds the maximum file size of ' . $maxlength_kb, 'FormFileUpload validate()', TL_ERROR);
}
if ($file['error'] == 3) {
$this->Template->error = sprintf($GLOBALS['TL_LANG']['ERR']['filepartial'], $file['name']);
$this->log('File "' . $file['name'] . '" was only partially uploaded', 'FormFileUpload validate()', TL_ERROR);
}
unset($_FILES[$this->strName]);
return;
}
// File is too big
if ($this->maxlength > 0 && $file['size'] > $this->maxlength) {
$this->Template->error = sprintf($GLOBALS['TL_LANG']['ERR']['filesize'], $maxlength_kb);
$this->log('File "' . $file['name'] . '" exceeds the maximum file size of ' . $maxlength_kb, 'FormFileUpload validate()', TL_ERROR);
unset($_FILES[$this->strName]);
return;
}
$strExtension = pathinfo($file['name'], PATHINFO_EXTENSION);
$uploadTypes = trimsplit(',', $this->extensions);
// File type is not allowed
if (!in_array(strtolower($strExtension), $uploadTypes)) {
$this->Template->error = sprintf($GLOBALS['TL_LANG']['ERR']['filetype'], $strExtension);
$this->log('File type "' . $strExtension . '" is not allowed to be uploaded (' . $file['name'] . ')', 'FormFileUpload validate()', TL_ERROR);
unset($_FILES[$this->strName]);
return;
}
$blnResize = false;
if (($arrImageSize = @getimagesize($file['tmp_name'])) != false) {
// Image exceeds maximum image width
if ($arrImageSize[0] > $arrImage[0]) {
if ($GLOBALS['TL_CONFIG']['avatar_resize']) {
$blnResize = true;
} else {
$this->Template->error = sprintf($GLOBALS['TL_LANG']['ERR']['filewidth'], $file['name'], $arrImage[0]);
$this->log('File "' . $file['name'] . '" exceeds the maximum image width of ' . $arrImage[0] . ' pixels', 'FormFileUpload validate()', TL_ERROR);
unset($_FILES[$this->strName]);
return;
}
}
// Image exceeds maximum image height
if ($arrImageSize[1] > $arrImage[1]) {
if ($GLOBALS['TL_CONFIG']['avatar_resize']) {
$blnResize = true;
} else {
$this->Template->error = sprintf($GLOBALS['TL_LANG']['ERR']['fileheight'], $file['name'], $arrImage[1]);
$this->log('File "' . $file['name'] . '" exceeds the maximum image height of ' . $arrImage[1] . ' pixels', 'FormFileUpload validate()', TL_ERROR);
unset($_FILES[$this->strName]);
return;
}
}
}
$_SESSION['FILES'][$this->strName] = $_FILES[$this->strName];
$this->log('File "' . $file['name'] . '" uploaded successfully', 'FormFileUpload validate()', TL_FILES);
if ($this->storeFile) {
$intUploadFolder = $this->uploadFolder;
if ($this->User->assignDir && $this->User->homeDir) {
$intUploadFolder = $this->User->homeDir;
}
$objUploadFolder = \FilesModel::findByUuid($intUploadFolder);
// The upload folder could not be found
if ($objUploadFolder === null) {
throw new \Exception("Invalid upload folder ID {$intUploadFolder}");
}
$strUploadFolder = $objUploadFolder->path;
// Store the file if the upload folder exists
if ($strUploadFolder != '' && is_dir(TL_ROOT . '/' . $strUploadFolder)) {
$this->import('Files');
// Do not overwrite existing files
if ($this->doNotOverwrite && file_exists(TL_ROOT . '/' . $strUploadFolder . '/' . $file['name'])) {
$offset = 1;
$pathinfo = pathinfo($file['name']);
$name = $pathinfo['filename'];
$arrAll = scan(TL_ROOT . '/' . $strUploadFolder);
$arrFiles = preg_grep('/^' . preg_quote($name, '/') . '.*\\.' . preg_quote($pathinfo['extension'], '/') . '/', $arrAll);
foreach ($arrFiles as $strFile) {
if (preg_match('/__[0-9]+\\.' . preg_quote($pathinfo['extension'], '/') . '$/', $strFile)) {
$strFile = str_replace('.' . $pathinfo['extension'], '', $strFile);
$intValue = intval(substr($strFile, strrpos($strFile, '_') + 1));
$offset = max($offset, $intValue);
}
}
$file['name'] = str_replace($name, $name . '__' . ++$offset, $file['name']);
}
$this->Files->move_uploaded_file($file['tmp_name'], $strUploadFolder . '/' . $file['name']);
$this->Files->chmod($strUploadFolder . '/' . $file['name'], $GLOBALS['TL_CONFIG']['defaultFileChmod']);
if ($blnResize) {
\Image::resize($strUploadFolder . '/' . $file['name'], $arrImage[0], $arrImage[1], $arrImage[2]);
}
$_SESSION['FILES'][$this->strName] = array('name' => $file['name'], 'type' => $file['type'], 'tmp_name' => TL_ROOT . '/' . $strUploadFolder . '/' . $file['name'], 'error' => $file['error'], 'size' => $file['size'], 'uploaded' => true);
$this->loadDataContainer('tl_files');
// Generate the DB entries
if ($GLOBALS['TL_DCA']['tl_files']['config']['databaseAssisted']) {
$strFile = $strUploadFolder . '/' . $file['name'];
$objFile = \FilesModel::findByPath($strFile);
// Existing file is being replaced (see #4818)
if ($objFile !== null) {
$objFile->tstamp = time();
$objFile->path = $strFile;
$objFile->hash = md5_file(TL_ROOT . '/' . $strFile);
$objFile->save();
} else {
\Dbafs::addResource($strFile);
}
// Update the hash of the target folder
\Dbafs::updateFolderHashes($strUploadFolder);
}
// Update Userdata
$strFile = $strUploadFolder . '/' . $file['name'];
$objFile = \FilesModel::findByPath($strFile);
// new Avatar for Member
\Database::getInstance()->prepare("UPDATE tl_member SET avatar=? WHERE id=?")->execute($objFile->uuid, $this->User->id);
$this->log('File "' . $file['name'] . '" has been moved to "' . $strUploadFolder . '"', 'FormFileUpload validate()', TL_FILES);
}
}
unset($_FILES[$this->strName]);
$this->reload();
}
/**
* Purge the folder
*/
public function purge()
{
$this->Files->rrdir($this->strFolder, true);
// Update the database
if ($this->blnSyncDb) {
$objFiles = \FilesModel::findMultipleByBasepath($this->strFolder . '/');
if ($objFiles !== null) {
while ($objFiles->next()) {
$objFiles->delete();
}
}
\Dbafs::updateFolderHashes($this->strFolder);
}
}
/**
* Validate the input and set the value
*/
public function validate()
{
// No file specified
if (!isset($_FILES[$this->strName]) || empty($_FILES[$this->strName]['name'])) {
if ($this->mandatory) {
if ($this->strLabel == '') {
$this->addError($GLOBALS['TL_LANG']['ERR']['mdtryNoLabel']);
} else {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['mandatory'], $this->strLabel));
}
}
return;
}
$file = $_FILES[$this->strName];
$maxlength_kb = $this->getReadableSize($this->maxlength);
// Romanize the filename
$file['name'] = utf8_romanize($file['name']);
// File was not uploaded
if (!is_uploaded_file($file['tmp_name'])) {
if ($file['error'] == 1 || $file['error'] == 2) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['filesize'], $maxlength_kb));
$this->log('File "' . $file['name'] . '" exceeds the maximum file size of ' . $maxlength_kb, __METHOD__, TL_ERROR);
} elseif ($file['error'] == 3) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['filepartial'], $file['name']));
$this->log('File "' . $file['name'] . '" was only partially uploaded', __METHOD__, TL_ERROR);
} elseif ($file['error'] > 0) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['fileerror'], $file['error'], $file['name']));
$this->log('File "' . $file['name'] . '" could not be uploaded (error ' . $file['error'] . ')', __METHOD__, TL_ERROR);
}
unset($_FILES[$this->strName]);
return;
}
// File is too big
if ($this->maxlength > 0 && $file['size'] > $this->maxlength) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['filesize'], $maxlength_kb));
$this->log('File "' . $file['name'] . '" exceeds the maximum file size of ' . $maxlength_kb, __METHOD__, TL_ERROR);
unset($_FILES[$this->strName]);
return;
}
$strExtension = pathinfo($file['name'], PATHINFO_EXTENSION);
$uploadTypes = trimsplit(',', $this->extensions);
// File type is not allowed
if (!in_array(strtolower($strExtension), $uploadTypes)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['filetype'], $strExtension));
$this->log('File type "' . $strExtension . '" is not allowed to be uploaded (' . $file['name'] . ')', __METHOD__, TL_ERROR);
unset($_FILES[$this->strName]);
return;
}
if (($arrImageSize = @getimagesize($file['tmp_name'])) != false) {
// Image exceeds maximum image width
if ($arrImageSize[0] > \Config::get('imageWidth')) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['filewidth'], $file['name'], \Config::get('imageWidth')));
$this->log('File "' . $file['name'] . '" exceeds the maximum image width of ' . \Config::get('imageWidth') . ' pixels', __METHOD__, TL_ERROR);
unset($_FILES[$this->strName]);
return;
}
// Image exceeds maximum image height
if ($arrImageSize[1] > \Config::get('imageHeight')) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['fileheight'], $file['name'], \Config::get('imageHeight')));
$this->log('File "' . $file['name'] . '" exceeds the maximum image height of ' . \Config::get('imageHeight') . ' pixels', __METHOD__, TL_ERROR);
unset($_FILES[$this->strName]);
return;
}
}
// Store file in the session and optionally on the server
if (!$this->hasErrors()) {
$_SESSION['FILES'][$this->strName] = $_FILES[$this->strName];
$this->log('File "' . $file['name'] . '" uploaded successfully', __METHOD__, TL_FILES);
if ($this->storeFile) {
$intUploadFolder = $this->uploadFolder;
// Overwrite the upload folder with user's home directory
if ($this->useHomeDir && FE_USER_LOGGED_IN) {
$this->import('FrontendUser', 'User');
if ($this->User->assignDir && $this->User->homeDir) {
$intUploadFolder = $this->User->homeDir;
}
}
$objUploadFolder = \FilesModel::findByUuid($intUploadFolder);
// The upload folder could not be found
if ($objUploadFolder === null) {
throw new \Exception("Invalid upload folder ID {$intUploadFolder}");
}
$strUploadFolder = $objUploadFolder->path;
// Store the file if the upload folder exists
if ($strUploadFolder != '' && is_dir(TL_ROOT . '/' . $strUploadFolder)) {
$this->import('Files');
// Do not overwrite existing files
if ($this->doNotOverwrite && file_exists(TL_ROOT . '/' . $strUploadFolder . '/' . $file['name'])) {
$offset = 1;
$pathinfo = pathinfo($file['name']);
$name = $pathinfo['filename'];
$arrAll = scan(TL_ROOT . '/' . $strUploadFolder);
$arrFiles = preg_grep('/^' . preg_quote($name, '/') . '.*\\.' . preg_quote($pathinfo['extension'], '/') . '/', $arrAll);
foreach ($arrFiles as $strFile) {
if (preg_match('/__[0-9]+\\.' . preg_quote($pathinfo['extension'], '/') . '$/', $strFile)) {
$strFile = str_replace('.' . $pathinfo['extension'], '', $strFile);
$intValue = intval(substr($strFile, strrpos($strFile, '_') + 1));
$offset = max($offset, $intValue);
}
}
$file['name'] = str_replace($name, $name . '__' . ++$offset, $file['name']);
}
$this->Files->move_uploaded_file($file['tmp_name'], $strUploadFolder . '/' . $file['name']);
$this->Files->chmod($strUploadFolder . '/' . $file['name'], \Config::get('defaultFileChmod'));
// Generate the DB entries
$strFile = $strUploadFolder . '/' . $file['name'];
$objFile = \FilesModel::findByPath($strFile);
// Existing file is being replaced (see #4818)
if ($objFile !== null) {
$objFile->tstamp = time();
$objFile->path = $strFile;
$objFile->hash = md5_file(TL_ROOT . '/' . $strFile);
$objFile->save();
} else {
$objFile = \Dbafs::addResource($strFile);
}
// Update the hash of the target folder
\Dbafs::updateFolderHashes($strUploadFolder);
// Add the session entry (see #6986)
$_SESSION['FILES'][$this->strName] = array('name' => $file['name'], 'type' => $file['type'], 'tmp_name' => TL_ROOT . '/' . $strFile, 'error' => $file['error'], 'size' => $file['size'], 'uploaded' => true, 'uuid' => \String::binToUuid($objFile->uuid));
// Add a log entry
$this->log('File "' . $file['name'] . '" has been moved to "' . $strUploadFolder . '"', __METHOD__, TL_FILES);
}
}
}
unset($_FILES[$this->strName]);
}
