function page_edit_virusscan_isClean($filename_on_disc, $filename_orig)
{
global $page;
global $c_virus_scan;
global $environment;
$class_factory = $environment->getClassFactory();
$retour = true;
if (isset($c_virus_scan) and $c_virus_scan) {
global $c_virus_scan_cron;
if (!isset($c_virus_scan_cron) or !$c_virus_scan_cron) {
include_once 'classes/cs_virus_scan.php';
$virus_scanner = new cs_virus_scan($environment);
if (!$virus_scanner->isClean($filename_on_disc, $filename_orig)) {
$params = array();
$params['environment'] = $environment;
$params['with_modifying_actions'] = true;
$params['width'] = 500;
$errorbox = $class_factory->getClass(ERRORBOX_VIEW, $params);
unset($params);
$errorbox->setText($virus_scanner->getOutput());
$page->add($errorbox);
$retour = false;
}
}
}
return $retour;
}
$form->setCounterNormalSponsors($counter_normal);
unset($counter_normal);
}
// normal sponsor handling
$counter = 0;
if (isset($_POST['normal_url'])) {
$counter = count($_POST['normal_url']);
}
if ( isset($_FILES['normal_name']['name']) ) {
foreach ($_FILES['normal_name']['name'] as $key => $value) {
if ( !empty($_FILES['normal_name']['tmp_name'][$key]) ) {
if (isset($c_virus_scan) and $c_virus_scan) {
include_once('classes/cs_virus_scan.php');
$virus_scanner = new cs_virus_scan($environment);
if ($virus_scanner->isClean($_FILES['normal_name']['tmp_name'],$_FILES['normal_name']['name'])) {
move_uploaded_file($_FILES['normal_name']['tmp_name'][$key],$_FILES['normal_name']['tmp_name'][$key].'_TEMP_'.$value);
$_FILES['normal_name']['tmp_name'][$key] = $_FILES['normal_name']['tmp_name'][$key].'_TEMP_'.$value;
$current_iid = $environment->getCurrentContextID();
$session_item = $environment->getSessionItem();
if ( isset($session_item) ) {
$files_array = array();
if ( $session_item->issetValue('ads_'.$current_iid.'_files_array') ) {
$files_array = $session_item->getValue('ads_'.$current_iid.'_files_array');
}
$files_array['normal_name']['tmp_name'][$key] = $_FILES['normal_name']['tmp_name'][$key];
$files_array['normal_name']['name'][$key] = $_FILES['normal_name']['name'][$key];
$session_item->setValue('ads_'.$current_iid.'_files_array',$files_array);
}
public function hasVirus()
{
$retour = false;
if ($this->isOnDisk()) {
include_once 'classes/cs_virus_scan.php';
$virus_scanner = new cs_virus_scan($this->_environment);
if (!$virus_scanner->isClean($this->getDiskFileName())) {
$this->_virus_name = $virus_scanner->getVirusName();
if (!empty($this->_virus_name)) {
$retour = true;
}
}
unset($virus_scanner);
}
return $retour;
}
# $file_array = $session->getValue($file_upload_rubric . '_add_files');
#} else {
$file_array = array();
#}
// $new_file_ids = array();
if( !empty($tempFile) &&
$_FILES['upload']['size'] > 0) {
if( isset($_REQUEST['c_virus_scan']) &&
$_REQUEST['c_virus_scan'] &&
isset($_REQUEST['c_virus_scan_cron']) &&
!empty($_REQUEST['c_virus_scan_cron']) &&
!$_REQUEST['c_virus_scan_crom']) {
// use virus scanner
require_once('classes/cs_virus_scan.php');
$virus_scanner = new cs_virus_scan($environment);
if ($virus_scanner->isClean($tempFile,$tempFile)) {
move_uploaded_file($tempFile, $tempFile . 'commsy3');
$temp_array = array();
$temp_array['name'] = $_FILES['upload']['name'];
$temp_array['tmp_name'] = $tempFile. 'commsy3';
$temp_array['file_id'] = $temp_array['name'].'_' . getCurrentDateTimeInMySQL();
$file_array[] = $temp_array;
// $new_file_ids[] = $temp_array['file_id'];
} else {
$params = array();
$params['environment'] = $environment;
$params['with_modifying_actions'] = true;
$params['width'] = 500;
$errorbox = $class_factory->getClass(ERRORBOX_VIEW,$params);
unset($params);
private function doUpload($uploadData, $file_upload_rubric)
{
$session = $this->_environment->getSessionItem();
$isMulti = is_array($uploadData["name"]);
$virus_found = false;
$file_array = array();
if ($isMulti) {
$numFiles = sizeof($uploadData["name"]);
for ($i = 0; $i < $numFiles; $i++) {
$tempFile = $uploadData["tmp_name"][$i];
/*
if($session->issetValue($file_upload_rubric . "_add_files")) {
$file_array = $session->getValue($file_upload_rubric . "_add_files");
} else {
$file_array = array();
}*/
global $c_virus_scan;
global $c_virus_scan_cron;
$c_virus_scan = !isset($c_virus_scan) || $c_virus_scan === false ? false : true;
$c_virus_scan_cron = !isset($c_virus_scan_cron) || $c_virus_scan_cron === false ? false : true;
if (!empty($tempFile) && $uploadData["size"][$i] > 0) {
$disc_manager = $this->_environment->getDiscManager();
if (isset($c_virus_scan) && $c_virus_scan && isset($c_virus_scan_cron) && !$c_virus_scan_cron) {
// use virus scanner
require_once 'classes/cs_virus_scan.php';
$virus_scanner = new cs_virus_scan($this->_environment);
$temp_array = array();
if (!$virus_scanner->isClean($tempFile, $uploadData['name'])) {
// Error virus detected
$virus_found = true;
$temp_array['virus'] = true;
$temp_array['virusname'] = $virus_scanner->getVirusName();
} else {
$temp_array['tmp_name'] = $disc_manager->moveUploadedFileToTempFolder($tempFile);
$temp_array['file_id'] = $temp_array['name'] . '_' . getCurrentDateTimeInMySQL();
}
$temp_array['name'] = $uploadData['name'][$i];
$file_array[] = $temp_array;
} else {
// do not use virus scanner
require_once 'functions/date_functions.php';
$temp_array = array();
$temp_array['name'] = $uploadData['name'][$i];
$temp_array['tmp_name'] = $disc_manager->moveUploadedFileToTempFolder($tempFile);
$temp_array['file_id'] = $temp_array['name'] . '_' . getCurrentDateTimeInMySQL();
$file_array[] = $temp_array;
}
unset($disc_manager);
}
}
} else {
$tempFile = $uploadData["tmp_name"];
/*
if($session->issetValue($file_upload_rubric . "_add_files")) {
$file_array = $session->getValue($file_upload_rubric . "_add_files");
} else {
$file_array = array();
}*/
global $c_virus_scan;
global $c_virus_scan_cron;
$c_virus_scan = !isset($c_virus_scan) || $c_virus_scan === false ? false : true;
$c_virus_scan_cron = !isset($c_virus_scan_cron) || $c_virus_scan_cron === false ? false : true;
if (!empty($tempFile) && $uploadData["size"] > 0) {
$disc_manager = $this->_environment->getDiscManager();
if (isset($c_virus_scan) && $c_virus_scan && isset($c_virus_scan_cron) && !$c_virus_scan_cron) {
// use virus scanner
require_once 'classes/cs_virus_scan.php';
$virus_scanner = new cs_virus_scan($this->_environment);
$temp_array = array();
if (!$virus_scanner->isClean($tempFile, $uploadData['name'])) {
// Error virus detected
$virus_found = true;
$temp_array['virus'] = true;
$temp_array['virusname'] = $virus_scanner->getVirusName();
} else {
$temp_array['tmp_name'] = $disc_manager->moveUploadedFileToTempFolder($tempFile);
$temp_array['file_id'] = $temp_array['name'] . '_' . getCurrentDateTimeInMySQL();
}
$temp_array['name'] = $uploadData['name'];
$file_array[] = $temp_array;
} else {
// do not use virus scanner
require_once 'functions/date_functions.php';
$temp_array = array();
$temp_array['name'] = $uploadData['name'];
$temp_array['tmp_name'] = $disc_manager->moveUploadedFileToTempFolder($tempFile);
$temp_array['file_id'] = $temp_array['name'] . '_' . getCurrentDateTimeInMySQL();
$file_array[] = $temp_array;
}
unset($disc_manager);
}
}
$return = array();
$sessionArray = array();
if (sizeof($file_array) > 1) {
foreach ($file_array as $file) {
$return[] = array("file" => $file["tmp_name"], "name" => $file["name"], "type" => "", "file_id" => $file["file_id"], "virus" => $file["virus"], "virusname" => $file["virusname"]);
}
foreach ($return as $file) {
$sessionArray[$file["file_id"]] = array("tmp_name" => $file["file"], "name" => $file["name"]);
}
} else {
$return = array("file" => $file_array[0]["tmp_name"], "name" => $file_array[0]["name"], "type" => "", "file_id" => $file_array[0]["file_id"], "virus" => $file_array[0]["virus"], "virusname" => $file_array[0]["virusname"]);
$sessionArray[$return["file_id"]] = array("tmp_name" => $return["file"], "name" => $return["name"]);
}
// merge current upload data with last one - session will be cleaned when storing item
$currentSessionArray = array();
if ($session->issetValue("add_files")) {
$currentSessionArray = $session->getValue("add_files");
}
foreach ($currentSessionArray as $key => $value) {
$sessionArray[$key] = $value;
}
$session->setValue("add_files", $sessionArray);
$this->_environment->getSessionManager()->save($session);
return $return;
}
}
// Upload a file
if ( !empty($_FILES['upload']['tmp_name']) ) {
$scan = false;
if ( !empty($_FILES['upload']['tmp_name'])
and $_FILES['upload']['size'] > 0
) {
if ( isset($c_virus_scan)
and $c_virus_scan
and isset($c_virus_scan_cron)
and !empty($c_virus_scan_cron)
and !$c_virus_scan_cron
) {
include_once('classes/cs_virus_scan.php');
$virus_scanner = new cs_virus_scan($environment);
if ( !$virus_scanner->isClean($_FILES['upload']['tmp_name'],$_FILES['upload']['name']) ) {
include_once('functions/error_functions.php');
trigger_error($virus_scanner->getOutput(),E_USER_ERROR);
} else {
$scan = true;
}
}
}
$file_man = $environment->getFileManager();
$file_item = $file_man->getNewItem();
$file_item->setPostFile($_FILES['upload']);
$file_item->save();
$file_id_array = $item_files_upload_to->getFileIDArray();
$file_id_array[] = $file_item->getFileID();
$item_files_upload_to->setFileIDArray($file_id_array);
public function actionSaveFile()
{
$environment = $this->_environment;
$session = $environment->getSessionItem();
include_once 'functions/development_functions.php';
if (!empty($_FILES)) {
$post_file_ids = array();
$tempFile = $_FILES['upload']['tmp_name'];
$focus_element_onload = 'Filedata';
$file_array = array();
if (!empty($tempFile) && $_FILES['upload']['size'] > 0) {
if (isset($_REQUEST['c_virus_scan']) && $_REQUEST['c_virus_scan'] && isset($_REQUEST['c_virus_scan_cron']) && !empty($_REQUEST['c_virus_scan_cron']) && !$_REQUEST['c_virus_scan_crom']) {
// use virus scanner
require_once 'classes/cs_virus_scan.php';
$virus_scanner = new cs_virus_scan($environment);
if ($virus_scanner->isClean($tempFile, $tempFile)) {
move_uploaded_file($tempFile, $tempFile . 'commsy3');
$temp_array = array();
$temp_array['name'] = $_FILES['upload']['name'];
$temp_array['tmp_name'] = $tempFile . 'commsy3';
$temp_array['file_id'] = $temp_array['name'] . '_' . getCurrentDateTimeInMySQL();
$file_array[] = $temp_array;
} else {
$params = array();
$params['environment'] = $environment;
$params['with_modifying_actions'] = true;
$params['width'] = 500;
$errorbox = $class_factory->getClass(ERRORBOX_VIEW, $params);
unset($params);
$errorbox->setText($virus_scanner->getOutput());
$page->add($errorbox);
$focus_element_onload = '';
$error_on_upload = true;
}
} else {
require_once 'functions/date_functions.php';
move_uploaded_file($tempFile, $tempFile . 'commsy3');
$temp_array = array();
$temp_array['name'] = $_FILES['upload']['name'];
$temp_array['tmp_name'] = $tempFile . 'commsy3';
$temp_array['file_id'] = $temp_array['name'] . '_' . getCurrentDateTimeInMySQL();
$file_array[] = $temp_array;
}
}
$file_data = $file_array[0];
$file_manager = $environment->getFileManager();
$file_item = $file_manager->getNewItem();
$file_item->setTempKey($file_data["file_id"]);
$file_item->setPostFile($file_data);
$file_item->setTempUploadFromEditorSessionID($environment->getSessionID());
$file_item->save();
unlink($file_data["tmp_name"]);
// Nach dem Speichern des Eintrags die Items-Tabelle anhand temp=true und der extras->SESSION_ID durchsuchen.
// Text im Textfeld nach Dateinamen parsen und passende Dateien aus der files-Tabelle mit dem Item verlinken.
// Extras temp und id zurücksetzen.
// cron für das regelmäßige löschen von temp-files.
$callback_function = '';
$callback_function .= '<script type="text/javascript">' . LF;
$callback_function .= '<!--' . LF;
$callback_function .= 'var fileTypeFunction = function () {';
$callback_function .= 'var dialog = this.getDialog();';
$callback_function .= 'if(dialog.getName() == "CommSyVideo"){';
$callback_function .= 'var element = dialog.getContentElement( "videoTab", "videoType" );';
$callback_function .= 'element.setValue("' . $file_item->getMime() . '")';
$callback_function .= '}';
$callback_function .= '};';
$callback_function .= 'window.parent.CKEDITOR.tools.callFunction(' . $_GET['CKEditorFuncNum'] . ', "commsy.php/?cid=' . $environment->getCurrentContextID() . '&mod=material&fct=getfile&iid=' . $file_item->getFileID() . '", fileTypeFunction);' . LF;
$callback_function .= '-->' . LF;
$callback_function .= '</script>' . LF;
echo $callback_function;
}
$environment->getSessionManager()->save($session);
exit;
}
if ($allow_or_deny_method == "allow" and !in_array(mb_strtolower(array_pop(explode('.', $_FILES['userfile']['name'])), 'UTF-8'), $file_extension_list) or $allow_or_deny_method == "deny" and in_array(mb_strtolower(array_pop(explode('.', $_FILES['userfile']['name'])), 'UTF-8'), $file_extension_list)) {
// Atempt to upload a file with a specific extension when NOT allowed.
// 403 error
header("HTTP/1.1 403 Forbidden");
echo "POSTLET REPLY\r\n";
echo "POSTLET:NO\r\n";
echo "POSTLET:FILE TYPE NOT ALLOWED";
echo "POSTLET:ABORT THIS\r\n";
// Postlet should NOT send this file again.
echo "END POSTLET REPLY\r\n";
exit;
}
}
if (isset($c_virus_scan) and $c_virus_scan and isset($c_virus_scan_cron) and !empty($c_virus_scan_cron) and !$c_virus_scan_cron) {
include_once 'classes/cs_virus_scan.php';
$virus_scanner = new cs_virus_scan($environment);
if ($virus_scanner->isClean($_FILES['userfile']['tmp_name'], $_FILES['userfile']['name'])) {
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $_FILES['userfile']['tmp_name'] . 'commsy3')) {
$temp_array = array();
$temp_array['name'] = utf8_encode($_FILES['userfile']['name']);
$temp_array['tmp_name'] = $_FILES['userfile']['tmp_name'] . 'commsy3';
$temp_array['file_id'] = $temp_array['name'] . '_' . getCurrentDateTimeInMySQL();
// set flag for page: RUBRIC_edit
if (!$session_item->issetValue($environment->getCurrentModule() . '_add_files_multi')) {
$session_item->setValue($environment->getCurrentModule() . '_add_files_multi', 'true');
$session_manager = $environment->getSessionManager();
$session_manager->save($session_item);
}
// store information about file in DB
// can not use session because of overlapping read and save actions
$file_multi_upload_manager = $environment->getFileMultiUploadManager();
$file_array = $session->getValue($file_upload_rubric . '_add_files');
} else {
$file_array = array();
}
if( !empty($tempFile) &&
$_FILES['Filedata']['size'] > 0) {
$disc_manager = $environment->getDiscManager();
if( isset($_REQUEST['c_virus_scan']) &&
$_REQUEST['c_virus_scan'] &&
isset($_REQUEST['c_virus_scan_cron']) &&
!empty($_REQUEST['c_virus_scan_cron']) &&
!$_REQUEST['c_virus_scan_cron']) {
// use virus scanner
require_once('classes/cs_virus_scan.php');
$virus_scanner = new cs_virus_scan($environment);
if ( $virus_scanner->isClean($tempFile,$_FILES['Filedata']['name']) ) {
$temp_array = array();
$temp_array['name'] = $_FILES['Filedata']['name'];
$temp_array['tmp_name'] = $disc_manager->moveUploadedFileToTempFolder($tempFile);
$temp_array['file_id'] = $temp_array['name'].'_' . getCurrentDateTimeInMySQL();
$file_array[] = $temp_array;
}
} else {
// do not use virus scanner
require_once('functions/date_functions.php');
$temp_array = array();
$temp_array['name'] = $_FILES['Filedata']['name'];
$temp_array['tmp_name'] = $disc_manager->moveUploadedFileToTempFolder($tempFile);
$temp_array['file_id'] = $temp_array['name'] . '_' . getCurrentDateTimeInMySQL();
$file_array[] = $temp_array;
