function uploadProfileImage() { import('classes.file.PublicFileManager'); $fileManager = new PublicFileManager(); $user =& $this->user; $type = $fileManager->getUploadedFileType('profileImage'); $extension = $fileManager->getImageExtension($type); if (!$extension) { return false; } $uploadName = 'profileImage-' . (int) $user->getId() . $extension; if (!$fileManager->uploadSiteFile('profileImage', $uploadName)) { return false; } $filePath = $fileManager->getSiteFilesPath(); list($width, $height) = getimagesize($filePath . '/' . $uploadName); if ($width > 150 || $height > 150 || $width <= 0 || $height <= 0) { $userSetting = null; $user->updateSetting('profileImage', $userSetting); $fileManager->removeSiteFile($filePath); return false; } $userSetting = array('name' => $fileManager->getUploadedFileName('profileImage'), 'uploadName' => $uploadName, 'width' => $width, 'height' => $height, 'dateUploaded' => Core::getCurrentDate()); $user->updateSetting('profileImage', $userSetting); return true; }
/** * Deletes an image. * @param $settingName string setting key associated with the file */ function deleteImage($settingName) { $site =& Request::getSite(); $settingsDao = DAORegistry::getDAO('SiteSettingsDAO'); $setting = $settingsDao->getSetting($settingName); import('classes.file.PublicFileManager'); $fileManager = new PublicFileManager(); if ($fileManager->removeSiteFile($setting['uploadName'])) { return $settingsDao->deleteSetting($settingName); } else { return false; } }
/** * Validate and save changes to site settings. * @param $args array * @param $request object */ function saveSettings($args, &$request) { $this->validate(); $this->setupTemplate($request, true); $site =& $request->getSite(); import('classes.admin.form.SiteSettingsForm'); $settingsForm = new SiteSettingsForm(); $settingsForm->readInputData(); if ($request->getUserVar('uploadSiteStyleSheet')) { if (!$settingsForm->uploadSiteStyleSheet()) { $settingsForm->addError('siteStyleSheet', __('admin.settings.siteStyleSheetInvalid')); } } elseif ($request->getUserVar('deleteSiteStyleSheet')) { $publicFileManager = new PublicFileManager(); $publicFileManager->removeSiteFile($site->getSiteStyleFilename()); } elseif ($request->getUserVar('uploadPageHeaderTitleImage')) { if (!$settingsForm->uploadPageHeaderTitleImage($settingsForm->getFormLocale())) { $settingsForm->addError('pageHeaderTitleImage', __('admin.settings.homeHeaderImageInvalid')); } } elseif ($request->getUserVar('deletePageHeaderTitleImage')) { $publicFileManager = new PublicFileManager(); $setting = $site->getSetting('pageHeaderTitleImage'); $formLocale = $settingsForm->getFormLocale(); if (isset($setting[$formLocale])) { $publicFileManager->removeSiteFile($setting[$formLocale]['uploadName']); $setting[$formLocale] = array(); $site->updateSetting('pageHeaderTitleImage', $setting, 'object', true); // Refresh site header $templateMgr =& TemplateManager::getManager($request); $templateMgr->assign('displaySitePageHeaderTitle', $site->getLocalizedPageHeaderTitle()); } } elseif ($settingsForm->validate()) { $settingsForm->execute(); import('classes.notification.NotificationManager'); $notificationManager = new NotificationManager(); $user =& $request->getUser(); $notificationManager->createTrivialNotification($user->getId()); $request->redirect(null, null, null, 'index'); } $settingsForm->display(); }
/** * Validate and save changes to site settings. */ function saveSettings() { $this->validate(); $this->setupTemplate(true); $site =& Request::getSite(); import('admin.form.SiteSettingsForm'); $settingsForm = new SiteSettingsForm(); $settingsForm->readInputData(); if (Request::getUserVar('uploadSiteStyleSheet')) { if (!$settingsForm->uploadSiteStyleSheet()) { $settingsForm->addError('siteStyleSheet', Locale::translate('admin.settings.siteStyleSheetInvalid')); } } elseif (Request::getUserVar('deleteSiteStyleSheet')) { $publicFileManager = new PublicFileManager(); $publicFileManager->removeSiteFile($site->getSiteStyleFilename()); } elseif (Request::getUserVar('uploadPageHeaderTitleImage')) { if (!$settingsForm->uploadPageHeaderTitleImage($settingsForm->getFormLocale())) { $settingsForm->addError('pageHeaderTitleImage', Locale::translate('admin.settings.homeHeaderImageInvalid')); } } elseif (Request::getUserVar('deletePageHeaderTitleImage')) { $publicFileManager = new PublicFileManager(); $setting = $site->getSetting('pageHeaderTitleImage'); $formLocale = $settingsForm->getFormLocale(); if (isset($setting[$formLocale])) { $publicFileManager->removeSiteFile($setting[$formLocale]['uploadName']); $setting[$formLocale] = array(); $site->updateSetting('pageHeaderTitleImage', $setting, 'object', true); // Refresh site header $templateMgr =& TemplateManager::getManager(); $templateMgr->assign('displaySitePageHeaderTitle', $site->getLocalizedPageHeaderTitle()); } } elseif ($settingsForm->validate()) { $settingsForm->execute(); $templateMgr =& TemplateManager::getManager(); $templateMgr->assign(array('currentUrl' => Request::url(null, null, null, 'settings'), 'pageTitle' => 'admin.siteSettings', 'message' => 'common.changesSaved', 'backLink' => Request::url(null, null, Request::getRequestedPage()), 'backLinkLabel' => 'admin.siteAdmin')); $templateMgr->display('common/message.tpl'); exit; } $settingsForm->display(); }
/** * Delete a profile image. * @return boolean True iff success. */ function deleteProfileImage() { $user = $this->getUser(); $profileImage = $user->getSetting('profileImage'); if (!$profileImage) { return false; } $publicFileManager = new PublicFileManager(); if ($publicFileManager->removeSiteFile($profileImage['uploadName'])) { return $user->updateSetting('profileImage', null); } else { return false; } }
/** * Delete an uploaded file. * @param $fileSettingName string * @return boolean */ function deleteFile($fileSettingName, $request) { $locale = AppLocale::getLocale(); // Get the file. $file = $this->getData($fileSettingName); // Check if the file is localized. if (key_exists($locale, $file)) { // We use the current localized file value. $file = $file[$locale]; } else { $locale = null; } // Deletes the file and its settings. import('classes.file.PublicFileManager'); $publicFileManager = new PublicFileManager(); if ($publicFileManager->removeSiteFile($file['uploadName'])) { $settingsDao = DAORegistry::getDAO('SiteSettingsDAO'); $settingsDao->deleteSetting($fileSettingName, $locale); return true; } else { return false; } }
/** * Decompress uploaded plugin and install in the correct plugin directory. * @param $function string type of operation to perform after upload ('upgrade' or 'install') * @param $category string the category of the uploaded plugin (upgrade only) * @param $plugin string the name of the uploaded plugin (upgrade only) */ function uploadPlugin($function, $category = null, $plugin = null) { $this->validate(); $templateMgr =& TemplateManager::getManager(); $this->setupTemplate(true); $templateMgr->assign('error', false); $templateMgr->assign('uploaded', false); $templateMgr->assign('path', $function); $errorMsg = ''; if (Request::getUserVar('uploadPlugin')) { import('classes.file.PublicFileManager'); $publicFileManager = new PublicFileManager(); $pluginFile = Core::getBaseDir() . DIRECTORY_SEPARATOR . $publicFileManager->getSiteFilesPath() . DIRECTORY_SEPARATOR . $_FILES['newPlugin']['name']; // tar archive basename (less potential version number) must equal plugin directory name // and plugin files must be in a directory named after the plug-in. $matches = array(); String::regexp_match_get('/^[a-zA-Z0-9]+/', basename($pluginFile, '.tar.gz'), $matches); $pluginName = array_pop($matches); } else { $errorMsg = 'manager.plugins.fileSelectError'; } if (empty($errorMsg)) { if ($publicFileManager->uploadSiteFile('newPlugin', basename($pluginFile))) { // Create random dirname to avoid symlink attacks. $pluginDir = Core::getBaseDir() . DIRECTORY_SEPARATOR . $publicFileManager->getSiteFilesPath() . DIRECTORY_SEPARATOR . $pluginName . substr(md5(mt_rand()), 0, 10); mkdir($pluginDir); } else { $errorMsg = 'manager.plugins.uploadError'; } } if (empty($errorMsg)) { // Test whether the tar binary is available for the export to work $tarBinary = Config::getVar('cli', 'tar'); if (!empty($tarBinary) && file_exists($tarBinary)) { exec($tarBinary . ' -xzf ' . escapeshellarg($pluginFile) . ' -C ' . escapeshellarg($pluginDir)); } else { $errorMsg = 'manager.plugins.tarCommandNotFound'; } } if (empty($errorMsg)) { // We should now find a directory named after the // plug-in within the extracted archive. $pluginDir .= DIRECTORY_SEPARATOR . $pluginName; if (is_dir($pluginDir)) { if ($function == 'install') { $this->installPlugin($pluginDir, $templateMgr); } else { if ($function == 'upgrade') { $this->upgradePlugin($pluginDir, $templateMgr, $category, $plugin); } } $publicFileManager->removeSiteFile(basename($pluginFile)); } else { $errorMsg = 'manager.plugins.invalidPluginArchive'; } } if (!empty($errorMsg)) { $templateMgr->assign('error', true); $templateMgr->assign('message', $errorMsg); } $templateMgr->display('admin/managePlugins.tpl'); }
/** * Decompress uploaded plugin and install in the correct plugin directory. * $param function string type of operation to perform after upload ('upgrade' or 'install') */ function uploadPlugin($function) { $templateMgr =& TemplateManager::getManager(); $this->setupTemplate(true); $templateMgr->assign('error', false); $templateMgr->assign('uploaded', false); $templateMgr->assign('path', $function); $templateMgr->assign('pageHierarchy', PluginManagementHandler::setBreadcrumbs(true)); if (Request::getUserVar('uploadPlugin')) { import('file.PublicFileManager'); $publicFileManager = new PublicFileManager(); $pluginFile = $_FILES['newPlugin']['name']; $pluginName = basename($pluginFile, '.tar.gz'); if ($publicFileManager->uploadSiteFile('newPlugin', $pluginFile)) { // tar archive basename must equal plugin directory name, and plugin files must be in root directory $pluginDir = Core::getBaseDir() . DIRECTORY_SEPARATOR . $publicFileManager->getSiteFilesPath(); exec('tar -xzf ' . escapeshellarg($pluginDir . DIRECTORY_SEPARATOR . $pluginFile) . ' -C ' . escapeshellarg($pluginDir)); if ($function == 'install') { PluginManagementHandler::installPlugin($pluginDir . DIRECTORY_SEPARATOR . $pluginName, $templateMgr); } else { if ($function == 'upgrade') { PluginManagementHandler::upgradePlugin($pluginDir . DIRECTORY_SEPARATOR . $pluginName, $templateMgr); } } $publicFileManager->removeSiteFile($pluginFile); } else { $templateMgr->assign('error', true); $templateMgr->assign('message', 'manager.plugins.uploadError'); } } else { if (Request::getUserVar('installPlugin')) { if (Request::getUserVar('pluginUploadLocation') == '') { $templateMgr->assign('error', true); $templateMgr->assign('message', 'manager.plugins.fileSelectError'); } } } $templateMgr->display('admin/managePlugins.tpl'); }
function uploadArchiveImage() { import('file.PublicFileManager'); $fileManager = new PublicFileManager(); $archive =& $this->archive; $type = $fileManager->getUploadedFileType('archiveImage'); $extension = $fileManager->getImageExtension($type); if (!$extension) { return false; } $uploadName = 'archiveImage-' . (int) $archive->getArchiveId() . $extension; if (!$fileManager->uploadSiteFile('archiveImage', $uploadName)) { return false; } $filePath = $fileManager->getSiteFilesPath(); list($width, $height) = getimagesize($filePath . '/' . $uploadName); if (!Validation::isSiteAdmin() && ($width > 150 || $height > 150 || $width <= 0 || $height <= 0)) { $archiveSetting = null; $archive->updateSetting('archiveImage', $archiveSetting); $fileManager->removeSiteFile($filePath); return false; } $archiveSetting = array('name' => $fileManager->getUploadedFileName('archiveImage'), 'uploadName' => $uploadName, 'width' => $width, 'height' => $height, 'dateUploaded' => Core::getCurrentDate()); $archive->updateSetting('archiveImage', $archiveSetting); return true; }