/**
* @return array
* @throws Xapp_XFile_Exception
*/
public function put()
{
xapp_import('xapp.Path.Utils');
xapp_import('xapp.Utils.SystemTextEncoding');
$vars = array_merge($_GET, $_POST);
$dstIn = '/';
$mount = '/';
if (array_key_exists('dstDir', $vars)) {
$dstIn = XApp_Path_Utils::decodeSecureMagic($vars['dstDir']);
}
if (array_key_exists('mount', $vars)) {
$mount = preg_replace('@[/\\\\]@', '', XApp_Path_Utils::decodeSecureMagic($vars['mount']));
}
if ($dstIn === '.') {
$dstIn = '/';
}
$vfs = $this->getFileSystem($mount);
$destination = $vfs->toRealPath(XApp_Path_Utils::normalizePath($mount . DIRECTORY_SEPARATOR . $dstIn));
$errors = array();
if (!$this->isLocal($mount, $this->getFSResources())) {
return $this->putRemote($mount, $destination);
}
//writable check
if (!is_writable($destination)) {
throw new Xapp_XFile_Exception(XAPP_TEXT_FORMATTED('DIRECTORY_NOT_WRITEABLE', array($destination), 55100));
}
//parse files
$fileVars = $_FILES;
foreach ($fileVars as $boxName => $boxData) {
if (substr($boxName, 0, 9) != "userfile_") {
continue;
}
$err = self::parseFileDataErrors($boxData);
if ($err != null) {
$errorMessage = $err[1];
$errors[] = XAPP_TEXT_FORMATTED('Error with upload %s', array($errorMessage));
continue;
}
//basic sanitize
$userfile_name = $boxData["name"];
$userfile_name = XApp_Path_Utils::sanitizeEx(XApp_SystemTextEncoding::fromPostedFileName($userfile_name), XApp_Path_Utils::SANITIZE_HTML_STRICT);
$userfile_name = substr($userfile_name, 0, 128);
//rename if needed!
$autorename = xapp_get_option(self::AUTO_RENAME);
if ($autorename) {
$userfile_name = self::autoRenameForDest($destination, $userfile_name);
}
/***
* file extension check
*/
$ext = pathinfo(strtolower($userfile_name), PATHINFO_EXTENSION);
$allowable = explode(',', xapp_get_option(self::UPLOAD_EXTENSIONS, $this));
if ($ext == '' || $ext == false || !in_array($ext, $allowable)) {
$errors[] = XAPP_TEXT_FORMATTED('UPLOAD_EXTENSIONS_NOT_ALLOWED', array($userfile_name, $ext));
xapp_clog('file not allowed');
continue;
}
try {
//no need anymore
if (file_exists($destination . "/" . $userfile_name)) {
}
} catch (Exception $e) {
$errorMessage = $e->getMessage();
$errors[] = XAPP_TEXT_FORMATTED('UPLOAD_UNKOWN_ERROR', array($userfile_name, $errorMessage));
break;
}
if (isset($boxData["input_upload"])) {
try {
$input = fopen("php://input", "r");
$output = fopen("{$destination}/" . $userfile_name, "w");
$sizeRead = 0;
while ($sizeRead < intval($boxData["size"])) {
$chunk = fread($input, 4096);
$sizeRead += strlen($chunk);
fwrite($output, $chunk, strlen($chunk));
}
fclose($input);
fclose($output);
} catch (Exception $e) {
$errorMessage = $e->getMessage();
$errors[] = XAPP_TEXT_FORMATTED('UPLOAD_UNKOWN_ERROR', array($userfile_name, $errorMessage));
break;
}
} else {
$result = @move_uploaded_file($boxData["tmp_name"], "{$destination}/" . $userfile_name);
if (!$result) {
$realPath = $destination . DIRECTORY_SEPARATOR . $userfile_name;
$result = move_uploaded_file($boxData["tmp_name"], $realPath);
}
if (!$result) {
$errors[] = XAPP_TEXT_FORMATTED('UPLOAD_UNKOWN_ERROR', array($userfile_name));
break;
}
}
}
return $errors;
}
