/** * Uploads a file and prints succuess or failure * @return void */ public function doUploadFile() { // name must be equal to $metadata['fileDataName'] in upload(). $files = $this->req->files('sf_upload'); if (!is_array($files['error'])) { $files_tmp = array(); $files_tmp['name'][0] = $files['name']; $files_tmp['type'][0] = $files['type']; $files_tmp['tmp_name'][0] = $files['tmp_name']; $files_tmp['error'][0] = $files['error']; $files_tmp['size'][0] = $files['size']; $files = $files_tmp; unset($files_tmp); } // default upload mode is flash $upload_mode = $this->req->req('upload_mode', 'flash'); $extractfiles = $this->req->asBoolean('extractfiles'); $filedata = array(); $filedata['area'] = $this->config_area['area_name']; $filedata['idclient'] = $this->config_area['idclient']; $filedata['idlang'] = $this->config_area['idlang']; if ($upload_mode == 'flash') { // folder param should be the iddirectory but is /localpath/backend/<id> $folder = explode('/', $this->req->req('folder', 0)); $filedata['iddirectory'] = (int) $folder[count($folder) - 1]; } else { $filedata['iddirectory'] = $this->req->req('destination', 0); } $catched_messages = array('type' => 'upload_' . $upload_mode); $ok = $error = 0; // check perm for upload $have_perm['upload_directory'] = $this->directory_sql_item->hasPerm('upload', $filedata['iddirectory']) == TRUE; // uses iddirectory as id because perm type is directory and reset parent id $have_perm['upload_file'] = $this->file_sql_item->hasPerm('upload', $filedata['iddirectory'], 0) == TRUE; $fsm = sf_api('LIB', 'FilesystemManipulation'); $archive = sf_api('LIB', 'Archive'); foreach ($files['error'] as $key => $error) { if ($have_perm['upload_file'] == FALSE) { if ($upload_mode == 'flash') { $msg['error'] = $this->lng->get($this->config_area['area_name'] . '_no_rights'); return json_encode($msg); } else { $catched_messages[$files['name'][$key]] = 'error_no_rights'; ++$error; } } else { if ($error == UPLOAD_ERR_OK) { $this->file_sql_item = sf_api('MODEL', 'FileSqlItem'); $tmp_name = $files['tmp_name'][$key]; $mimetype = $files['type'][$key]; $filedata['filename'] = $files['name'][$key]; $filedata['filesize'] = $files['size'][$key]; $extension = $fsm->getPathinfo($filedata['filename'], 'extension'); // check if file extension is forbidden if ($this->_isForbiddenFileExtension($extension) == TRUE) { if ($upload_mode == 'flash') { $msg['error'] = $this->lng->get($this->config_area['area_name'] . '_forbidden_file_extension'); return json_encode($msg); } else { $catched_messages[$filedata['filename']] = 'error_forbidden_file_extension'; ++$error; continue; } } try { if ($extractfiles == TRUE && in_array($extension, $this->config_area['extract_compressed_files'])) { $hash = md5(time()); $temp_in_path = $this->config_area['temp_in_path'] . '/' . $hash; $archive_name = $this->config_area['temp_in_path'] . '/' . $hash . '.' . $extension; $fsm->createDirectory($temp_in_path); $fsm->moveUploadedFile($tmp_name, $archive_name); $archive_to_extract = $archive_name . '/'; $archive::extract($archive_to_extract, $temp_in_path); // if any sub directory is extracted, check perm to upload directories if ($fsm->hasSubdirectories($temp_in_path) == TRUE && $have_perm['upload_directory'] == FALSE) { $result = array('error' => 1); } else { $result = $this->_doDirectoryScan($temp_in_path, $filedata['iddirectory'], array('recursive' => TRUE, 'generate_thumbnails' => TRUE)); } $fsm->deleteFile($archive_name); $fsm->deleteDirectoryRecursive($temp_in_path); if ($upload_mode == 'flash') { if ($result['error'] <= 0) { $msg['ok'] = $this->lng->get($this->config_area['area_name'] . '_upload_uncompress_file_success'); } else { $msg['error'] = $this->lng->get($this->config_area['area_name'] . '_upload_uncompress_file_failed'); } return json_encode($msg); } else { if ($result['error'] <= 0) { $catched_messages[$filedata['filename']] = 'ok_upload_uncompress_file_success'; ++$ok; } else { $catched_messages[$filedata['filename']] = 'error_upload_uncompress_file_failed'; ++$error; } } } else { if ($this->file_sql_item->upload($filedata, $tmp_name, $mimetype)) { // send okay message to uploadify if ($upload_mode == 'flash') { $msg['ok'] = $this->lng->get($this->config_area['area_name'] . '_upload_file_success'); //$msg['ok'] = $this->url->urlGet(array('area' => $this->config_area['area_name'].'_index', 'msgcode' => 'ok_'.$this->config_area['area_name'].'_upload_file_success', 'iddirectory' => $filedata['iddirectory'] ) ); // exit the function, uploadify sends only one file per request return json_encode($msg); } else { $catched_messages[$filedata['filename']] = 'ok_upload_file_success'; ++$ok; } } } } catch (Exception $e) { if ($upload_mode == 'flash') { $msg['error'] = $this->lng->get($this->config_area['area_name'] . '_' . $e->getMessage()); return json_encode($msg); } else { $catched_messages[$filedata['filename']] = 'error_' . $e->getMessage(); ++$error; } } } else { if ($upload_mode == 'flash') { $msg['error'] = $this->lng->get($this->config_area['area_name'] . '_upload_file_failed'); return json_encode($msg); } else { $catched_messages[$files['name'][$key]] = 'error_upload_file_failed'; ++$error; } } } } if ($upload_mode == 'flash') { $msg['error'] = $this->lng->get($this->config_area['area_name'] . '_upload_file_failed'); return json_encode($msg); exit; } else { if ($error > 0) { // store catched messages to session $msghash = md5(time()); $this->_setVarToSession($msghash, $catched_messages, 'msg', TRUE); $msgcode = $ok > 0 ? 'warning_some_uploads_failed' : 'error_all_uploads_failed'; } else { $msghash = ''; $msgcode = 'ok_upload_successful'; } //print_r($catched_messages); $this->http_header->redirect($this->url->urlGet(array('area' => $this->config_area['area_name'] . '_index', 'msghash' => $msghash, 'msgcode' => $msgcode))); } }