/** * Create ruleset file of find account * @param string $identifier (login identifier) * @return void */ function _createFindAccountByQuestion($identifier) { $xml_file = './files/ruleset/find_member_account_by_question.xml'; $buff = '<?xml version="1.0" encoding="utf-8"?>' . '<ruleset version="1.5.0">' . '<customrules>' . '</customrules>' . '<fields>%s</fields>' . '</ruleset>'; $fields = array(); if ($identifier == 'user_id') { $fields[] = '<field name="user_id" required="true" rule="userid" />'; } $fields[] = '<field name="email_address" required="true" rule="email" />'; $fields[] = '<field name="find_account_question" required="true" />'; $fields[] = '<field name="find_account_answer" required="true" length=":250"/>'; $xml_buff = sprintf($buff, implode('', $fields)); Filehandler::writeFile($xml_file, $xml_buff); $validator = new Validator($xml_file); $validator->setCacheDir('files/cache'); $validator->getJsPath(); }
public function procFileSetCoverImage() { $vars = Context::getRequestVars(); $logged_info = Context::get('logged_info'); if (!$vars->editor_sequence) { return new Object(-1, 'msg_invalid_request'); } $upload_target_srl = $_SESSION['upload_info'][$vars->editor_sequence]->upload_target_srl; $oFileModel = getModel('file'); $file_info = $oFileModel->getFile($vars->file_srl); if (!$file_info) { return new Object(-1, 'msg_not_founded'); } if (!$this->manager && !$file_info->member_srl === $logged_info->member_srl) { return new Object(-1, 'msg_not_permitted'); } $args = new stdClass(); $args->file_srl = $vars->file_srl; $args->upload_target_srl = $upload_target_srl; $oDB =& DB::getInstance(); $oDB->begin(); $args->cover_image = 'N'; $output = executeQuery('file.updateClearCoverImage', $args); if (!$output->toBool()) { $oDB->rollback(); return $output; } $args->cover_image = 'Y'; $output = executeQuery('file.updateCoverImage', $args); if (!$output->toBool()) { $oDB->rollback(); return $output; } $oDB->commit(); // 썸네일 삭제 $thumbnail_path = sprintf('files/thumbnails/%s', getNumberingPath($upload_target_srl, 3)); Filehandler::removeFilesInDir($thumbnail_path); }
<head> <meta charset="UTF-8"> <title>View Files</title> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css"> <!-- Optional theme --> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap-theme.min.css"> </head> <body> <?php $folder = './uploads'; $directory = scandir('./uploads'); $isPost = new Filehandler(); if ($isPost->isPost()) { $filename = filter_input(INPUT_POST, 'filename'); try { $deleteFile = new Filehandler(); $deleteFile->deleteFiles($filename); $message = 'File was deleted successfully.'; } catch (Exception $e) { $errors[] = $e->getMessage(); } } $finfo = new finfo(FILEINFO_MIME_TYPE); ?> <table class="table"> <tr> <td> File Name </td> <td>File Type</td> <td>File Size</td> </tr> <?php foreach ($directory as $file) { if (is_file($folder . DIRECTORY_SEPARATOR . $file)) { ?> <tr>
} // DO NOT TRUST $_FILES['upfile']['mime'] VALUE !! // Check MIME Type by yourself. $finfo = new finfo(FILEINFO_MIME_TYPE); $validExts = array('jpg' => 'image/jpeg', 'png' => 'image/png', 'gif' => 'image/gif'); $ext = array_search($finfo->file($_FILES[$keyName]['tmp_name']), $validExts, true); if (false === $ext) { throw new RuntimeException('Invalid file format.'); } // You should name it uniquely. // DO NOT USE $_FILES['upfile']['name'] WITHOUT ANY VALIDATION !! // On this example, obtain safe unique name from its binary data. $fileName = sha1_file($_FILES[$keyName]['tmp_name']); $location = sprintf('./uploads/%s.%s', $fileName, $ext); if (!is_dir('./uploads')) { mkdir('./uploads'); } if (!move_uploaded_file($_FILES[$keyName]['tmp_name'], $location)) { throw new RuntimeException('Failed to move uploaded file.'); } echo 'File is uploaded successfully.'; } catch (RuntimeException $e) { echo $e->getMessage(); } } } $filehandler = new Filehandler(); $filehandler->upload('upfile2'); ?> </body> </html>
?> <!DOCTYPE html> <html> <head> <title></title> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css"> <!-- Optional theme --> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap-theme.min.css"> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> </head> <body> <?php try { $upload = new Filehandler(); $upload->isValidParameters('upfile2'); $upload->isValidSize('upfile2'); $ext = $upload->isValidType('upfile2'); $upload->setName($ext, 'upfile2'); $message = 'File Successfully Uploaded'; } catch (RuntimeException $e) { $errors[] = $e->getMessage(); } ?> <?php include './templates/errors.html.php'; ?> <?php include './templates/messages.html.php';