function ytbupload() { JRequest::checkToken() or jexit('Invalid Token'); jimport('joomla.client.helper'); $app = JFactory::getApplication(); $ftp = JClientHelper::setCredentialsFromRequest('ftp'); $user = JFactory::getUser(); $path = PhocaGalleryPath::getPath(); $return = $this->input->get('return-url', null, 'base64'); $format = $this->input->get('format', 'html', 'cmd'); $viewBack = $this->input->get('viewback', '', 'string'); $tab = $this->input->get('tab', 0, 'int'); $catid = $this->input->get('id', '', 'string'); $rating = $this->input->get('rating', '', 'string'); $Itemid = $this->input->get('Itemid', 0, 'int'); $limitStart = $this->input->get('limitstart', 0, 'int'); $paramsC = JComponentHelper::getParams('com_phocagallery'); $catid = (int) $catid; if ((int) $catid < 1) { $app->redirect($redirectUrl, JText::_('COM_PHOCAGALLERY_PLEASE_SELECT_CATEGORY')); return false; } $catidAlias = $catid; // for return // Set the limistart (TODO) if ($limitStart > 0) { $limitStartUrl = '&limitstart=' . $limitStart; } else { $limitStartUrl = ''; } $return = JRoute::_('index.php?option=com_phocagallery&view=category&id=' . $catidAlias . '&tab=' . $tab . '&Itemid=' . $Itemid . $limitStartUrl, false); $redirectUrl = $return; $model = $this->getModel('category'); // USER RIGHT - UPLOAD - - - - - - - - - - - // 2, 2 means that user access will be ignored in function getUserRight for display Delete button $rightDisplayUpload = 0; $catAccess = PhocaGalleryAccess::getCategoryAccess((int) $catid); if (!empty($catAccess)) { $rightDisplayUpload = PhocaGalleryAccess::getUserRight('uploaduserid', $catAccess->uploaduserid, 2, $user->getAuthorisedViewLevels(), $user->get('id', 0), 0); } // - - - - - - - - - - - - - - - - - - - - - - // USER RIGHT - FOLDER - - - - - - - - - - - - $rightFolder = ''; if (isset($catAccess->userfolder)) { $rightFolder = $catAccess->userfolder; } // - - - - - - - - - - - - - - - - - - - - - - if ($rightDisplayUpload == 1) { if ($rightFolder == '') { $errUploadMsg = JText::_('COM_PHOCAGALLERY_USER_FOLDER_NOT_DEFINED'); $app->redirect($redirectUrl, $errUploadMsg); return false; } if (!JFolder::exists($path->image_abs . $rightFolder . DS)) { $errUploadMsg = JText::_('COM_PHOCAGALLERY_USER_FOLDER_NOT_EXISTS'); $app->redirect($redirectUrl, $errUploadMsg); return false; } // Sending and setting data for common realsingleupload function $this->input->set('folder', $rightFolder); //Set the right path for uploaded image (category folder included) $this->input->set('return-url', base64_encode($return)); // set return url //$fileName = PhocaGalleryFileUpload::realSingleUpload(2); $ytbLink = $this->input->get('phocagalleryytbuploadlink', '', 'string'); $errorYtbMsg = ''; $ytbData = PhocaGalleryYoutube::importYtb($ytbLink, $rightFolder . DS, $errorYtbMsg); if ($ytbData && isset($ytbData['filename'])) { if (PhocaGalleryControllerCategory::save((int) $catid, $ytbData['filename'], $return, $succeeded, $errUploadMsg, false, $ytbData)) { $app->redirect($redirectUrl, $errUploadMsg); return true; } else { $app->redirect($redirectUrl, $errUploadMsg); return false; } } else { $app->redirect($redirectUrl, $errorYtbMsg); return false; } if ($fileName != '') { // Saving file name into database with relative path $fileName = $rightFolder . '/' . strtolower($fileName); if (PhocaGalleryControllerUser::save((int) $catid, $fileName, $return, $succeeded, $errUploadMsg, false)) { $app->redirect($redirectUrl, $errUploadMsg); return true; } else { $app->redirect($redirectUrl, $errUploadMsg); return false; } } } else { $errUploadMsg = JText::_('COM_PHOCAGALLERY_NOT_AUTHORISED_ACTION'); $app->redirect($this->_loginurl, JText::_('COM_PHOCAGALLERY_NOT_AUTHORISED_ACTION')); return false; } }
function multipleupload() { JResponse::allowCache(false); // Chunk Files header('Content-type: text/plain; charset=UTF-8'); header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); // Invalid Token JRequest::checkToken('request') or jexit(json_encode(array('jsonrpc' => '2.0', 'result' => 'error', 'code' => 100, 'message' => JText::_('COM_PHOCAGALERY_ERROR') . ': ', 'details' => JTEXT::_('COM_PHOCAGALLERY_INVALID_TOKEN')))); jimport('joomla.client.helper'); $app = JFactory::getApplication(); $ftp = JClientHelper::setCredentialsFromRequest('ftp'); $user = JFactory::getUser(); $path = PhocaGalleryPath::getPath(); //$folder = JRequest::getVar( 'folder', '', '', 'path' ); $tab = JRequest::getVar('tab', 0, '', 'int'); $format = JRequest::getVar('format', 'html', '', 'cmd'); $return = JRequest::getVar('return-url', null, 'post', 'base64'); $viewBack = JRequest::getVar('viewback', '', '', ''); $catid = JRequest::getVar('catid', '', '', 'int'); $Itemid = JRequest::getVar('Itemid', 0, '', 'int'); $paramsC = JComponentHelper::getParams('com_phocagallery'); $limitStartUrl = $this->getLimitStartUrl(0, 'subcat'); $return = JRoute::_($this->_url . $limitStartUrl->subcat . $limitStartUrl->image, false); $redirectUrl = $return; if ((int) $catid < 1) { jexit(json_encode(array('jsonrpc' => '2.0', 'result' => 'error', 'code' => 104, 'message' => JText::_('COM_PHOCAGALERY_ERROR') . ': ', 'details' => JTEXT::_('COM_PHOCAGALLERY_PLEASE_SELECT_CATEGORY')))); return false; } // Get user catid, we are not in the category, so we must find the catid $model = $this->getModel('user'); $isOwnerCategory = $model->isOwnerCategory($this->_user->id, $catid); if (!$isOwnerCategory) { jexit(json_encode(array('jsonrpc' => '2.0', 'result' => 'error', 'code' => 104, 'message' => JText::_('COM_PHOCAGALERY_ERROR') . ': ', 'details' => JTEXT::_('COM_PHOCAGALLERY_NOT_AUTHORISED_ACTION')))); return false; } // USER RIGHT - UPLOAD - - - - - - - - - - - // 2, 2 means that user access will be ignored in function getUserRight for display Delete button $rightDisplayUpload = 0; $catAccess = PhocaGalleryAccess::getCategoryAccess((int) $catid); if (!empty($catAccess)) { $rightDisplayUpload = PhocaGalleryAccess::getUserRight('uploaduserid', $catAccess->uploaduserid, 2, $this->_user->authorisedLevels(), $this->_user->get('id', 0), 0); } // - - - - - - - - - - - - - - - - - - - - - - // USER RIGHT - FOLDER - - - - - - - - - - - - $rightFolder = ''; if (isset($catAccess->userfolder)) { $rightFolder = $catAccess->userfolder; } // - - - - - - - - - - - - - - - - - - - - - - if ($rightDisplayUpload == 1) { if ($rightFolder == '') { jexit(json_encode(array('jsonrpc' => '2.0', 'result' => 'error', 'code' => 104, 'message' => JText::_('COM_PHOCAGALERY_ERROR') . ': ', 'details' => JTEXT::_('COM_PHOCAGALLERY_USER_FOLDER_NOT_DEFINED')))); return false; } if (!JFolder::exists($path->image_abs . $rightFolder . DS)) { jexit(json_encode(array('jsonrpc' => '2.0', 'result' => 'error', 'code' => 104, 'message' => JText::_('COM_PHOCAGALERY_ERROR') . ': ', 'details' => JTEXT::_('COM_PHOCAGALLERY_USER_FOLDER_NOT_EXISTS')))); return false; } // Sending and setting data for common realsingleupload function JRequest::setVar('folder', $rightFolder); //Set the right path for uploaded image (category folder included) JRequest::setVar('return-url', base64_encode($return)); // set return url $fileName = PhocaGalleryFileUpload::realMultipleUpload(2); if ($fileName != '') { // Saving file name into database with relative path $fileName = $rightFolder . '/' . strtolower($fileName); if (PhocaGalleryControllerUser::save((int) $catid, $fileName, false, $succeeded, $errUploadMsg, false)) { jexit(json_encode(array('jsonrpc' => '2.0', 'result' => 'OK', 'code' => 200, 'message' => JText::_('COM_PHOCAGALERY_SUCCESS') . ': ', 'details' => JTEXT::_('COM_PHOCAGALLERY_IMAGES_UPLOADED')))); return true; } else { jexit(json_encode(array('jsonrpc' => '2.0', 'result' => 'error', 'code' => 104, 'message' => JText::_('COM_PHOCAGALERY_ERROR') . ': ', 'details' => JTEXT::_('COM_PHOCAGALLERY_ERROR_UNABLE_TO_UPLOAD_FILE')))); return false; } } } else { jexit(json_encode(array('jsonrpc' => '2.0', 'result' => 'error', 'code' => 104, 'message' => JText::_('COM_PHOCAGALERY_ERROR') . ': ', 'details' => JTEXT::_('COM_PHOCAGALLERY_NOT_AUTHORISED_ACTION')))); return false; } }