/**
* @brief Display messages about installation environment
*/
function dispInstallCheckEnv()
{
// Create a temporary file for mod_rewrite check.
self::$rewriteCheckString = Password::createSecureSalt(32);
FileHandler::writeFile(_XE_PATH_ . self::$rewriteCheckFilePath, self::$rewriteCheckString);
// Check if the web server is nginx.
Context::set('use_nginx', stripos($_SERVER['SERVER_SOFTWARE'], 'nginx') !== false);
$this->setTemplateFile('check_env');
}
function procMemberModifyEmailAddress()
{
if (!Context::get('is_logged')) {
return $this->stop('msg_not_logged');
}
$member_info = Context::get('logged_info');
$newEmail = Context::get('email_address');
if (!$newEmail) {
return $this->stop('msg_invalid_request');
}
$oMemberModel = getModel('member');
// Check managed Email Host
if ($oMemberModel->isDeniedEmailHost($newEmail)) {
$config = $oMemberModel->getMemberConfig();
$emailhost_check = $config->emailhost_check;
$managed_email_host = Context::getLang('managed_email_host');
$email_hosts = $oMemberModel->getManagedEmailHosts();
foreach ($email_hosts as $host) {
$hosts[] = $host->email_host;
}
$message = sprintf($managed_email_host[$emailhost_check], implode(', ', $hosts), 'id@' . implode(', id@', $hosts));
return new Object(-1, $message);
}
// Check if the e-mail address is already registered
$member_srl = $oMemberModel->getMemberSrlByEmailAddress($newEmail);
if ($member_srl) {
return new Object(-1, 'msg_exists_email_address');
}
if ($_SESSION['rechecked_password_step'] != 'INPUT_DATA') {
return $this->stop('msg_invalid_request');
}
unset($_SESSION['rechecked_password_step']);
$oPassword = new Password();
$auth_args = new stdClass();
$auth_args->user_id = $newEmail;
$auth_args->member_srl = $member_info->member_srl;
$auth_args->auth_key = $oPassword->createSecureSalt(40);
$auth_args->new_password = '******';
$oDB =& DB::getInstance();
$oDB->begin();
$output = executeQuery('member.insertAuthMail', $auth_args);
if (!$output->toBool()) {
$oDB->rollback();
return $output;
}
$oModuleModel = getModel('module');
$member_config = $oModuleModel->getModuleConfig('member');
$tpl_path = sprintf('%sskins/%s', $this->module_path, $member_config->skin);
if (!is_dir($tpl_path)) {
$tpl_path = sprintf('%sskins/%s', $this->module_path, 'default');
}
global $lang;
$memberInfo = array();
$memberInfo[$lang->email_address] = $member_info->email_address;
$memberInfo[$lang->nick_name] = $member_info->nick_name;
Context::set('memberInfo', $memberInfo);
Context::set('newEmail', $newEmail);
$auth_url = getFullUrl('', 'module', 'member', 'act', 'procMemberAuthEmailAddress', 'member_srl', $member_info->member_srl, 'auth_key', $auth_args->auth_key);
Context::set('auth_url', $auth_url);
$oTemplate =& TemplateHandler::getInstance();
$content = $oTemplate->compile($tpl_path, 'confirm_member_new_email');
$oMail = new Mail();
$oMail->setTitle(Context::getLang('title_modify_email_address'));
$oMail->setContent($content);
$oMail->setSender($member_config->webmaster_name ? $member_config->webmaster_name : 'webmaster', $member_config->webmaster_email);
$oMail->setReceiptor($member_info->nick_name, $newEmail);
$result = $oMail->send();
$msg = sprintf(Context::getLang('msg_confirm_mail_sent'), $newEmail);
$this->setMessage($msg);
$returnUrl = Context::get('success_return_url') ? Context::get('success_return_url') : getNotEncodedUrl('', 'mid', Context::get('mid'), 'act', '');
$this->setRedirectUrl($returnUrl);
}
/**
* @brief Display messages about installation environment
*/
function dispInstallCheckEnv()
{
$oInstallController = getController('install');
self::$rewriteCheckString = Password::createSecureSalt(32);
FileHandler::writeFile(_XE_PATH_ . self::$rewriteCheckFilePath, self::$rewriteCheckString);
Context::set('use_rewrite', $_SESSION['use_rewrite'] = 'N');
Context::set('use_nginx', stripos($_SERVER['SERVER_SOFTWARE'], 'nginx') !== false);
$this->setTemplateFile('check_env');
}
public static function password_hash($password, $algo = 1, $options = [])
{
if (!isset($options['salt']) || !preg_match('/^[0-9a-zA-Z\\.\\/]{22,}$/', $options['salt'])) {
$options['salt'] = Password::createSecureSalt(22, 'alnum');
}
if (!isset($options['cost']) || $options['cost'] < 4 || $options['cost'] > 31) {
$options['cost'] = 10;
}
$salt = '$2y$' . sprintf('%02d', $options['cost']) . '$' . $options['salt'];
return @crypt($password, $salt);
}
/**
* Import attachment
* @param resource $fp
* @param int $module_srl
* @param int $upload_target_srl
* @param array $files
* @return int
*/
function importAttaches($fp, $module_srl, $upload_target_srl, &$files)
{
$uploaded_count = 0;
$started = false;
$buff = null;
$file_obj = new stdClass();
while (!feof($fp)) {
$str = trim(fgets($fp, 1024));
// If it ends with </attaches>, break
if (trim($str) == '</attaches>') {
break;
}
// If it starts with <attach>, collect attachments
if (trim($str) == '<attach>') {
$file_obj->file_srl = getNextSequence();
$file_obj->upload_target_srl = $upload_target_srl;
$file_obj->module_srl = $module_srl;
$started = true;
$buff = null;
// If it starts with <file>, handle the attachement in xml file
} else {
if (trim($str) == '<file>') {
$file_obj->file = $this->saveTemporaryFile($fp);
continue;
}
}
if ($started) {
$buff .= $str;
}
// If it ends with </attach>, handle attachements
if (trim($str) == '</attach>') {
$xmlDoc = $this->oXmlParser->parse($buff . $str);
$file_obj->source_filename = base64_decode($xmlDoc->attach->filename->body);
$file_obj->download_count = base64_decode($xmlDoc->attach->download_count->body);
if (!$file_obj->file) {
$url = base64_decode($xmlDoc->attach->url->body);
$path = base64_decode($xmlDoc->attach->path->body);
if ($path && file_exists($path)) {
$file_obj->file = $path;
} else {
$file_obj->file = $this->getTmpFilename();
FileHandler::getRemoteFile($url, $file_obj->file);
}
}
if (file_exists($file_obj->file)) {
$random = new Password();
// Set upload path by checking if the attachement is an image or other kind of file
if (preg_match("/\\.(jpe?g|gif|png|wm[va]|mpe?g|avi|swf|flv|mp[1-4]|as[fx]|wav|midi?|moo?v|qt|r[am]{1,2}|m4v)\$/i", $file_obj->source_filename)) {
// Immediately remove the direct file if it has any kind of extensions for hacking
$file_obj->source_filename = preg_replace('/\\.(php|phtm|phar|html?|cgi|pl|exe|jsp|asp|inc)/i', '$0-x', $file_obj->source_filename);
$file_obj->source_filename = str_replace(array('<', '>'), array('%3C', '%3E'), $file_obj->source_filename);
$path = sprintf("./files/attach/images/%s/%s", $module_srl, getNumberingPath($upload_target_srl, 3));
$ext = substr(strrchr($file_obj->source_filename, '.'), 1);
$_filename = $random->createSecureSalt(32, 'hex') . '.' . $ext;
$filename = $path . $_filename;
$idx = 1;
while (file_exists($filename)) {
$filename = $path . preg_replace('/\\.([a-z0-9]+)$/i', '_' . $idx . '.$1', $_filename);
$idx++;
}
$file_obj->direct_download = 'Y';
} else {
$path = sprintf("./files/attach/binaries/%s/%s", $module_srl, getNumberingPath($upload_target_srl, 3));
$filename = $path . $random->createSecureSalt(32, 'hex');
$file_obj->direct_download = 'N';
}
// Create a directory
if (!FileHandler::makeDir($path)) {
continue;
}
if (strncmp('./files/cache/importer/', $file_obj->file, 23) === 0) {
FileHandler::rename($file_obj->file, $filename);
} else {
copy($file_obj->file, $filename);
}
// Insert the file to the DB
unset($file_obj->file);
if (file_exists($filename)) {
$file_obj->uploaded_filename = $filename;
$file_obj->file_size = filesize($filename);
$file_obj->comment = NULL;
$file_obj->member_srl = 0;
$file_obj->sid = $random->createSecureSalt(32, 'hex');
$file_obj->isvalid = 'Y';
$output = executeQuery('file.insertFile', $file_obj);
if ($output->toBool()) {
$uploaded_count++;
$tmp_obj = null;
$tmp_obj->source_filename = $file_obj->source_filename;
if ($file_obj->direct_download == 'Y') {
$files[$file_obj->source_filename] = $file_obj->uploaded_filename;
} else {
$files[$file_obj->source_filename] = getUrl('', 'module', 'file', 'act', 'procFileDownload', 'file_srl', $file_obj->file_srl, 'sid', $file_obj->sid);
}
}
}
}
}
}
return $uploaded_count;
}
/**
* @brief Create an IV
* @return string
*/
protected static function _createIV()
{
$oPassword = new Password();
return $oPassword->createSecureSalt(self::ENCRYPTION_BLOCK_SIZE, 'binary');
}
/**
* Move an attachement to the other document
*
* @param int $source_srl Sequence of target to move
* @param int $target_module_srl New squence of module
* @param int $target_srl New sequence of target
* @return void
*/
function moveFile($source_srl, $target_module_srl, $target_srl)
{
if ($source_srl == $target_srl) {
return;
}
$oFileModel = getModel('file');
$file_list = $oFileModel->getFiles($source_srl);
if (!$file_list) {
return;
}
$file_count = count($file_list);
for ($i = 0; $i < $file_count; $i++) {
unset($file_info);
$file_info = $file_list[$i];
$old_file = $file_info->uploaded_filename;
// Determine the file path by checking if the file is an image or other kinds
if (preg_match("/\\.(jpg|jpeg|gif|png|wmv|wma|mpg|mpeg|avi|swf|flv|mp1|mp2|mp3|mp4|asf|wav|asx|mid|midi|asf|mov|moov|qt|rm|ram|ra|rmm|m4v)\$/i", $file_info->source_filename)) {
$path = sprintf("./files/attach/images/%s/%s/", $target_module_srl, $target_srl);
$new_file = $path . $file_info->source_filename;
} else {
$path = sprintf("./files/attach/binaries/%s/%s/", $target_module_srl, $target_srl);
$random = new Password();
$new_file = $path . $random->createSecureSalt(32, 'hex');
}
// Pass if a target document to move is same
if ($old_file == $new_file) {
continue;
}
// Create a directory
FileHandler::makeDir($path);
// Move the file
FileHandler::rename($old_file, $new_file);
// Update DB information
$args = new stdClass();
$args->file_srl = $file_info->file_srl;
$args->uploaded_filename = $new_file;
$args->module_srl = $file_info->module_srl;
$args->upload_target_srl = $target_srl;
executeQuery('file.updateFile', $args);
}
}
/**
* @brief Create an IV
* @return string
*/
protected static function _createIV()
{
return hex2bin(Password::createSecureSalt(self::ENCRYPTION_BLOCK_SIZE * 2, 'hex'));
}
$ext[] = strtolower(array_pop($item));
}
$uploaded_ext = explode('.', $filename);
$uploaded_ext = strtolower(array_pop($uploaded_ext));
if (!in_array($uploaded_ext, $ext)) {
printContent(getXmlRpcFailure(1, 'Not allowed file type'));
break;
}
}
$allowed_filesize = $file_module_config->allowed_filesize * 1024 * 1024;
if ($allowed_filesize < strlen($filedata)) {
printContent(getXmlRpcFailure(1, 'This file exceeds the attachment limit'));
break;
}
}
$temp_filename = Password::createSecureSalt(12, 'alnum');
$target_filename = sprintf('%s%s', $mediaAbsPath, $temp_filename);
FileHandler::makeDir($mediaAbsPath);
FileHandler::writeFile($target_filename, $filedata);
FileHandler::writeFile($target_filename . '_source_filename', $filename);
$obj = new stdClass();
$obj->url = Context::getRequestUri() . $mediaPath . $temp_filename;
$content = getXmlRpcResponse($obj);
printContent($content);
break;
// Get posts
// Get posts
case 'metaWeblog.getPost':
$document_srl = (string) $params[0]->value->string;
if (!$document_srl) {
printContent(getXmlRpcFailure(1, 'no permission'));
/**
* Convert previous configuration files to the current format and return it.
*
* @return array
*/
public static function convert()
{
// Load DB info file.
if (file_exists(RX_BASEDIR . Config::$old_db_config_filename)) {
include RX_BASEDIR . Config::$old_db_config_filename;
} else {
return array();
}
// Load FTP info file.
if (file_exists(RX_BASEDIR . Config::$old_ftp_config_filename)) {
include RX_BASEDIR . Config::$old_ftp_config_filename;
}
// Load selected language file.
if (file_exists(RX_BASEDIR . Config::$old_lang_config_filename)) {
$lang_selected = array();
$lang_selected_raw = file_get_contents(RX_BASEDIR . Config::$old_lang_config_filename);
$lang_selected_raw = array_map('trim', explode("\n", $lang_selected_raw));
foreach ($lang_selected_raw as $lang_selected_item) {
$lang_selected_item = array_map('trim', explode(',', $lang_selected_item));
if (count($lang_selected_item) && $lang_selected_item[0] !== '') {
$lang_selected_item[0] = $lang_selected_item[0] === 'jp' ? 'ja' : $lang_selected_item[0];
$lang_selected[] = $lang_selected_item[0];
}
}
$lang_selected = array_unique($lang_selected);
unset($lang_selected_raw, $lang_selected_item);
} else {
$lang_selected = \Context::getLangType() === 'jp' ? 'ja' : \Context::getLangType();
$lang_selected = array($lang_selected);
}
// Load defaults for the new configuration.
$config = (include RX_BASEDIR . Config::$default_config_filename);
// Convert database configuration.
if (!isset($db_info->master_db)) {
$db_info->master_db = array();
$db_info->master_db['db_type'] = $db_info->db_type;
$db_info->master_db['db_hostname'] = $db_info->db_hostname;
$db_info->master_db['db_port'] = $db_info->db_port;
$db_info->master_db['db_userid'] = $db_info->db_userid;
$db_info->master_db['db_password'] = $db_info->db_password;
$db_info->master_db['db_database'] = $db_info->db_database;
$db_info->master_db['db_table_prefix'] = $db_info->db_table_prefix;
}
$config['db']['master']['type'] = strtolower($db_info->master_db['db_type']);
$config['db']['master']['host'] = $db_info->master_db['db_hostname'];
$config['db']['master']['port'] = $db_info->master_db['db_port'];
$config['db']['master']['user'] = $db_info->master_db['db_userid'];
$config['db']['master']['pass'] = $db_info->master_db['db_password'];
$config['db']['master']['database'] = $db_info->master_db['db_database'];
$config['db']['master']['prefix'] = $db_info->master_db['db_table_prefix'];
if (substr($config['db']['master']['prefix'], -1) !== '_') {
$config['db']['master']['prefix'] .= '_';
}
$config['db']['master']['charset'] = $db_info->master_db['db_charset'] ?: 'utf8';
if (strpos($config['db']['master']['type'], 'innodb') !== false) {
$config['db']['master']['type'] = str_replace('_innodb', '', $config['db']['master']['type']);
$config['db']['master']['engine'] = 'innodb';
} elseif (strpos($config['db']['master']['type'], 'mysql') !== false) {
$config['db']['master']['engine'] = 'myisam';
}
if (isset($db_info->slave_db) && count($db_info->slave_db)) {
foreach ($db_info->slave_db as $slave_id => $slave_db) {
if ($slave_db !== $db_info->master_db) {
$slave_id = 'slave' . $slave_id;
$config['db'][$slave_id]['type'] = strtolower($slave_db['db_type']);
$config['db'][$slave_id]['host'] = $slave_db['db_hostname'];
$config['db'][$slave_id]['port'] = $slave_db['db_type'];
$config['db'][$slave_id]['user'] = $slave_db['db_userid'];
$config['db'][$slave_id]['pass'] = $slave_db['db_password'];
$config['db'][$slave_id]['database'] = $slave_db['db_database'];
$config['db'][$slave_id]['prefix'] = $slave_db['db_table_prefix'];
if (substr($config['db'][$slave_id]['prefix'], -1) !== '_') {
$config['db'][$slave_id]['prefix'] .= '_';
}
$config['db'][$slave_id]['charset'] = $slave_db['db_charset'] ?: 'utf8';
if (strpos($config['db'][$slave_id]['type'], 'innodb') !== false) {
$config['db'][$slave_id]['type'] = str_replace('_innodb', '', $config['db'][$slave_id]['type']);
$config['db'][$slave_id]['engine'] = 'innodb';
} elseif (strpos($config['db'][$slave_id]['type'], 'mysql') !== false) {
$config['db'][$slave_id]['engine'] = 'myisam';
}
}
}
}
// Convert cache configuration.
if (isset($db_info->use_object_cache)) {
$config['cache'][] = $db_info->use_object_cache;
}
// Convert FTP configuration.
if (isset($ftp_info)) {
$config['ftp']['host'] = $ftp_info->ftp_host;
$config['ftp']['port'] = $ftp_info->ftp_port;
$config['ftp']['path'] = $ftp_info->ftp_root_path;
$config['ftp']['user'] = $ftp_info->ftp_user;
$config['ftp']['pasv'] = $ftp_info->ftp_pasv;
$config['ftp']['sftp'] = $ftp_info->sftp === 'Y' ? true : false;
}
// Create new crypto keys.
$config['crypto']['encryption_key'] = \Password::createSecureSalt(64, 'alnum');
$config['crypto']['authentication_key'] = \Password::createSecureSalt(64, 'alnum');
$config['crypto']['session_key'] = \Password::createSecureSalt(64, 'alnum');
// Convert language configuration.
if (isset($db_info->lang_type)) {
$config['locale']['default_lang'] = str_replace('jp', 'ja', strtolower($db_info->lang_type));
} elseif (count($lang_selected)) {
$config['locale']['default_lang'] = array_first($lang_selected);
}
$config['locale']['enabled_lang'] = array_values($lang_selected);
// Convert timezone configuration.
$old_timezone = DateTime::getTimezoneOffsetByLegacyFormat($db_info->time_zone ?: '+0900');
switch ($old_timezone) {
case 32400:
$config['locale']['default_timezone'] = 'Asia/Seoul';
break;
default:
$config['locale']['default_timezone'] = DateTime::getTimezoneNameByOffset($old_timezone);
}
$config['locale']['internal_timezone'] = intval(date('Z'));
// Convert URL configuration.
$default_url = $db_info->default_url;
if (strpos($default_url, 'xn--') !== false) {
$default_url = \Context::decodeIdna($default_url);
}
$config['url']['default'] = $default_url ?: \RX_BASEURL;
$config['url']['http_port'] = $db_info->http_port ?: null;
$config['url']['https_port'] = $db_info->https_port ?: null;
$config['url']['ssl'] = $db_info->use_ssl ?: 'none';
// Convert session configuration.
$config['session']['delay'] = $db_info->delay_session === 'Y' ? true : false;
$config['session']['use_db'] = $db_info->use_db_session === 'Y' ? true : false;
// Convert view configuration.
$config['view']['minify_scripts'] = $db_info->minify_scripts ?: 'common';
$config['view']['use_gzip'] = defined('__OB_GZHANDLER_ENABLE__') && constant('__OB_GZHANDLER_ENABLE__');
// Convert admin IP whitelist.
if (isset($db_info->admin_ip_list) && is_array($db_info->admin_ip_list) && count($db_info->admin_ip_list)) {
$config['admin']['allow'] = array_values($db_info->admin_ip_list);
}
// Convert sitelock configuration.
$config['lock']['locked'] = $db_info->use_sitelock === 'Y' ? true : false;
$config['lock']['title'] = strval($db_info->sitelock_title);
$config['lock']['message'] = strval($db_info->sitelock_message);
if (!is_array($db_info->sitelock_whitelist)) {
$db_info->sitelock_whitelist = $db_info->sitelock_whitelist ? array_map('trim', explode(',', trim($db_info->sitelock_whitelist))) : array();
}
if (!in_array('127.0.0.1', $db_info->sitelock_whitelist)) {
$db_info->sitelock_whitelist[] = '127.0.0.1';
}
$config['lock']['allow'] = array_values($db_info->sitelock_whitelist);
// Convert debug configuration.
$config['debug']['enabled'] = true;
$config['debug']['log_errors'] = true;
$config['debug']['log_queries'] = \__DEBUG__ & 4 ? true : false;
$config['debug']['log_slow_queries'] = floatval(\__LOG_SLOW_QUERY__);
$config['debug']['log_slow_triggers'] = floatval(\__LOG_SLOW_TRIGGER__ * 1000);
$config['debug']['log_slow_widgets'] = floatval(\__LOG_SLOW_WIDGET__ * 1000);
// Convert embed filter configuration.
if (is_array($db_info->embed_white_iframe)) {
$whitelist = array_unique(array_map(function ($item) {
return preg_match('@^https?://(.*)$@i', $item, $matches) ? $matches[1] : $item;
}, $db_info->embed_white_iframe));
natcasesort($whitelist);
$config['embedfilter']['iframe'] = $whitelist;
}
if (is_array($db_info->embed_white_object)) {
$whitelist = array_unique(array_map(function ($item) {
return preg_match('@^https?://(.*)$@i', $item, $matches) ? $matches[1] : $item;
}, $db_info->embed_white_object));
natcasesort($whitelist);
$config['embedfilter']['object'] = $whitelist;
}
// Convert miscellaneous configuration.
$config['use_mobile_view'] = $db_info->use_mobile_view === 'N' ? false : true;
$config['use_prepared_statements'] = $db_info->use_prepared_statements === 'Y' ? true : false;
$config['use_rewrite'] = $db_info->use_rewrite === 'Y' ? true : false;
$config['use_sso'] = $db_info->use_sso === 'Y' ? true : false;
// Copy other configuration.
unset($db_info->master_db, $db_info->slave_db);
unset($db_info->lang_type, $db_info->time_zone);
unset($db_info->default_url, $db_info->http_port, $db_info->https_port, $db_info->use_ssl);
unset($db_info->delay_session, $db_info->use_db_session);
unset($db_info->minify_scripts, $db_info->admin_ip_list);
unset($db_info->use_sitelock, $db_info->sitelock_title, $db_info->sitelock_message, $db_info->sitelock_whitelist);
unset($db_info->embed_white_iframe, $db_info->embed_white_object);
unset($db_info->use_object_cache, $db_info->use_mobile_view, $db_info->use_prepared_statements);
unset($db_info->use_rewrite, $db_info->use_sso);
foreach ($db_info as $key => $value) {
$config['other'][$key] = $value;
}
// Return the new configuration.
return $config;
}
function getThumbnail($width = 80, $height = 0, $thumbnail_type = '')
{
// return false if no doc exists
if (!$this->comment_srl) {
return;
}
if ($this->isSecret() && !$this->isGranted()) {
return;
}
// If signiture height setting is omitted, create a square
if (!$height) {
$height = $width;
}
$content = $this->get('content');
if (!$this->hasUploadedFiles()) {
if (!$content) {
$args = new stdClass();
$args->comment_srl = $this->comment_srl;
$output = executeQuery('document.getComment', $args, array('content'));
if ($output->toBool() && $output->data) {
$content = $output->data->content;
$this->add('content', $content);
}
}
if (!preg_match("!<img!is", $content)) {
return;
}
}
// get thumbail generation info on the doc module configuration.
if (!in_array($thumbnail_type, array('crop', 'ratio'))) {
$thumbnail_type = 'crop';
}
// Define thumbnail information
$thumbnail_path = sprintf('files/thumbnails/%s', getNumberingPath($this->comment_srl, 3));
$thumbnail_file = sprintf('%s%dx%d.%s.jpg', $thumbnail_path, $width, $height, $thumbnail_type);
$thumbnail_lockfile = sprintf('%s%dx%d.%s.lock', $thumbnail_path, $width, $height, $thumbnail_type);
$thumbnail_url = Context::getRequestUri() . $thumbnail_file;
// return false if a size of existing thumbnail file is 0. otherwise return the file path
if (file_exists($thumbnail_file) || file_exists($thumbnail_lockfile)) {
if (filesize($thumbnail_file) < 1) {
return FALSE;
} else {
return $thumbnail_url;
}
}
// Create lockfile to prevent race condition
FileHandler::writeFile($thumbnail_lockfile, '', 'w');
// Target file
$source_file = NULL;
$is_tmp_file = FALSE;
// find an image file among attached files
if ($this->hasUploadedFiles()) {
$file_list = $this->getUploadedFiles();
$first_image = null;
foreach ($file_list as $file) {
if ($file->direct_download !== 'Y') {
continue;
}
if ($file->cover_image === 'Y' && file_exists($file->uploaded_filename)) {
$source_file = $file->uploaded_filename;
break;
}
if ($first_image) {
continue;
}
if (preg_match("/\\.(jpe?g|png|gif|bmp)\$/i", $file->source_filename)) {
if (file_exists($file->uploaded_filename)) {
$first_image = $file->uploaded_filename;
}
}
}
if (!$source_file && $first_image) {
$source_file = $first_image;
}
}
// get an image file from the doc content if no file attached.
$is_tmp_file = false;
if (!$source_file) {
$random = new Password();
preg_match_all("!<img[^>]*src=(?:\"|\\')([^\"\\']*?)(?:\"|\\')!is", $content, $matches, PREG_SET_ORDER);
foreach ($matches as $target_image) {
$target_src = trim($target_image[1]);
if (preg_match('/\\/(common|modules|widgets|addons|layouts|m\\.layouts)\\//i', $target_src)) {
continue;
}
if (!preg_match('/^(http|https):\\/\\//i', $target_src)) {
$target_src = Context::getRequestUri() . $target_src;
}
$target_src = htmlspecialchars_decode($target_src);
$tmp_file = _XE_PATH_ . 'files/cache/tmp/' . $random->createSecureSalt(32, 'hex');
FileHandler::getRemoteFile($target_src, $tmp_file);
if (!file_exists($tmp_file)) {
continue;
}
$imageinfo = getimagesize($tmp_file);
list($_w, $_h) = $imageinfo;
if ($imageinfo === false || $_w < $width * 0.3 && $_h < $height * 0.3) {
FileHandler::removeFile($tmp_file);
continue;
}
$source_file = $tmp_file;
$is_tmp_file = true;
break;
}
}
$output = FileHandler::createImageFile($source_file, $thumbnail_file, $width, $height, 'jpg', $thumbnail_type);
// Remove source file if it was temporary
if ($is_tmp_file) {
FileHandler::removeFile($source_file);
}
// Remove lockfile
FileHandler::removeFile($thumbnail_lockfile);
// Return the thumbnail path if it was successfully generated
if ($output) {
return $thumbnail_url;
} else {
FileHandler::writeFile($thumbnail_file, '', 'w');
}
return;
}
