protected function getPath($filename)
{
if (empty($filename)) {
return false;
}
//generally we split on underscore and each numeric character.
$filename = strtolower($filename);
$path = preg_replace('^[0-9]^', './$0', $filename, -1, $count);
$path = str_replace('_', '/', $path);
$path = str_replace('.', '/', $path);
while (strpos($path, '//') !== false) {
$path = str_replace('//', '/', $path);
}
//In rare cases we could have a cache id with neither underscores or spaces.
if (strpos($path, '/') === false) {
$path = substr($path, 0, 2) . '/' . substr($path, 2);
}
//Now make sure the folder exists at each level.
$partialPath = $this->cacheLocation;
set_error_handler(array($this, 'errorToException'), E_WARNING);
if (!is_dir($partialPath . '/' . $path)) {
try {
vB_Utilities::vbmkdir($partialPath . '/' . $path);
} catch (exception $e) {
restore_error_handler();
return false;
}
}
foreach (explode('/', $path) as $segment) {
$partialPath .= '/' . $segment;
if (!file_exists($partialPath . '/index.html')) {
file_put_contents($partialPath . '/index.html', '', 0);
}
}
restore_error_handler();
return $partialPath . "/" . $filename;
}
public function cropImg($imgInfo, $maxwidth = 100, $maxheight = 100, $forceResize = false)
{
$thumbnail = array('filedata' => '', 'filesize' => 0, 'dateline' => 0, 'imageerror' => '');
$filename = $imgInfo['filename'];
$imgInfo['extension'] = strtoupper($imgInfo['extension']);
if ($imgInfo['extension'] == 'JPG') {
$imgInfo['extension'] = 'JPEG';
}
if ($validfile = $this->isValidThumbnailExtension($imgInfo['extension'])) {
$thumbnail['source_width'] = $new_width = $width = $imgInfo['width'];
$thumbnail['source_height'] = $new_height = $height = $imgInfo['height'];
if ($forceResize or $width >= $maxwidth or $height >= $maxheight) {
$memoryok = true;
$checkmem = false;
if (function_exists('memory_get_usage') and $memory_limit = @ini_get('memory_limit') and $memory_limit != -1) {
$memorylimit = vb_number_format($memory_limit, 0, false, null, '');
$memoryusage = memory_get_usage();
$freemem = $memorylimit - $memoryusage;
$checkmem = true;
$tmemory = $width * $height * ($imgInfo['extension'] == 'JPEG' ? 5 : 2) + 7372.8 + sqrt(sqrt($width * $height));
$tmemory += 166000;
// fudge factor, object overhead, etc
if ($freemem > 0 and $tmemory > $freemem and $tmemory <= $memorylimit * 3) {
// attempt to increase memory within reason, no more than triple
if (($current_memory_limit = vB_Utilities::ini_size_to_bytes(@ini_get('memory_limit'))) < $memorylimit + $tmemory and $current_memory_limit > 0) {
@ini_set('memory_limit', $memorylimit + $tmemory);
}
$memory_limit = @ini_get('memory_limit');
$memorylimit = vb_number_format($memory_limit, 0, false, null, '');
$memoryusage = memory_get_usage();
$freemem = $memorylimit - $memoryusage;
}
}
$fh = fopen($filename, 'w');
fwrite($fh, $imgInfo['filedata']);
fclose($fh);
switch ($imgInfo['extension']) {
case 'GIF':
if (function_exists('imagecreatefromgif')) {
if ($checkmem) {
if ($freemem > 0 and $tmemory > $freemem) {
throw new vB_Exception_Api('thumbnail_notenoughmemory');
}
}
if ($memoryok and !($image = @imagecreatefromgif($filename))) {
throw new vB_Exception_Api('thumbnail_nocreateimage_gif');
}
} else {
throw new vB_Exception_Api('thumbnail_nosupport');
}
break;
case 'JPEG':
if (function_exists('imagecreatefromjpeg')) {
if ($checkmem) {
if ($freemem > 0 and $tmemory > $freemem) {
throw new vB_Exception_Api('thumbnail_notenoughmemory');
}
}
if ($memoryok and !($image = @imagecreatefromjpeg($filename))) {
throw new vB_Exception_Api('thumbnail_nocreateimage_jpeg');
}
} else {
throw new vB_Exception_Api('thumbnail_nosupport');
}
break;
case 'PNG':
if (function_exists('imagecreatefrompng')) {
if ($checkmem) {
if ($freemem > 0 and $tmemory > $freemem) {
throw new vB_Exception_Api('thumbnail_notenoughmemory');
}
}
if ($memoryok and !($image = @imagecreatefrompng($filename))) {
throw new vB_Exception_Api('thumbnail_nocreateimage_png');
}
} else {
throw new vB_Exception_Api('thumbnail_nosupport');
}
break;
}
if ($image) {
$xratio = $maxwidth == 0 ? 1 : $width / $maxwidth;
$yratio = $maxheight == 0 ? 1 : $height / $maxheight;
if ($xratio > $yratio) {
$new_width = round($width / $xratio);
$new_height = round($height / $xratio);
} else {
$new_width = round($width / $yratio);
$new_height = round($height / $yratio);
}
}
if (!($finalimage = @imagecreatetruecolor($new_width, $new_height))) {
imagedestroy($image);
throw new vB_Exception_Api('thumbnail_nocreateimage_truecolor');
}
$bgcolor = imagecolorallocate($finalimage, 255, 255, 255);
imagefill($finalimage, 0, 0, $bgcolor);
imagecopyresampled($finalimage, $image, 0, 0, $imgInfo['x1'], $imgInfo['y1'], $new_width, $new_height, $imgInfo['width'], $imgInfo['height']);
imagedestroy($image);
if ($imgInfo['extension'] != 'GIF') {
$this->unsharpmask($finalimage);
}
ob_start();
$new_extension = $this->printImage($finalimage, $imgInfo['extension'], false, 75);
$thumbnail['filedata'] = ob_get_contents();
ob_end_clean();
$thumbnail['width'] = $new_width;
$thumbnail['height'] = $new_height;
$extension = $imgInfo['extension'];
if ($new_extension != $extension) {
$thumbnail['filename'] = preg_replace('#' . preg_quote($extension, '#') . '$#', $new_extension, $filename);
}
} else {
// image is a thumbnail size already
if ($imgInfo['width'] > 0 and $imgInfo['height'] > 0) {
$thumbnail['filedata'] = @file_get_contents($filename);
$thumbnail['width'] = $imgInfo['width'];
$thumbnail['height'] = $imgInfo['height'];
} else {
throw new vB_Exception_Api('thumbnail_nogetimagesize');
}
}
} else {
if (!$validfile) {
throw new vB_Exception_Api('thumbnail_nosupport');
}
}
if (!empty($thumbnail['filedata'])) {
$thumbnail['filesize'] = strlen($thumbnail['filedata']);
$thumbnail['dateline'] = vB::getRequest()->getTimeNow();
}
@unlink($filename);
return $thumbnail;
}
/** Upload an image based on the url
*
* @param int user ID
* @param string remote url
* @param bool save as attachment
*
* @return mixed array of data, includes filesize, dateline, htmltype, filename, extension, and filedataid
**/
public function uploadUrl($userid, $url, $attachment = false, $uploadfrom = '')
{
//Leave for consistency with admincp
if (!defined('ATTACH_AS_FILES_NEW')) {
define('ATTACH_AS_FILES_NEW', 2);
}
//Did we get a valid url?
if (empty($url)) {
// throw the same exception to mitigate SSRF (VBV-13082)
throw new vB_Exception_Api('upload_invalid_image');
}
if (!preg_match('#^https?://#i', $url)) {
// throw the same exception to mitigate SSRF (VBV-13082)
throw new vB_Exception_Api('upload_invalid_image');
}
// Retrieve the image
$vurl = new vB_vURL();
$fileResult = $vurl->fetch_body($url, 0, false, true);
if (empty($fileResult['body'])) {
// throw the same exception to mitigate SSRF (VBV-13082)
throw new vB_Exception_Api('upload_invalid_image');
}
$pathinfo = pathinfo($url);
if (empty($pathinfo)) {
// throw the same exception to mitigate SSRF (VBV-13082)
throw new vB_Exception_Api('upload_invalid_image');
}
// if there's no extension here try get one from elsewhere
$extension_map = $this->imageHandler->getExtensionMap();
if (empty($pathinfo['extension']) or !array_key_exists(strtolower($pathinfo['extension']), $extension_map)) {
// try to get an extension from the content type header
if (!empty($fileResult['headers']['content-type'])) {
// should be something like image/jpeg
$typeData = explode('/', $fileResult['headers']['content-type']);
if (count($typeData) == 2 and array_key_exists(trim($typeData[1]), $extension_map)) {
$extension = strtolower($extension_map[trim($typeData[1])]);
}
}
$name = $pathinfo['basename'] . '.' . $extension;
} else {
$extension = $pathinfo['extension'];
$name = $pathinfo['basename'];
}
$extension = strtolower($extension);
$filename = vB_Utilities::getTmpFileName($userid, 'vbattach', ".{$extension}");
file_put_contents($filename, $fileResult['body']);
$filesize = strlen($fileResult['body']);
//Make a local copy
$filearray = array('name' => $name, 'size' => $filesize, 'type' => 'image/' . $extension_map[$extension], 'tmp_name' => $filename);
if (!empty($uploadfrom)) {
$filearray['uploadFrom'] = $uploadfrom;
}
if ($attachment) {
return $this->uploadAttachment($userid, $filearray);
}
$result = $this->saveUpload($userid, $filearray, $fileResult['body'], $filesize, $extension, true);
if (file_exists($filearray['tmp_name'])) {
@unlink($filearray['tmp_name']);
}
return $result;
}
if (!empty($_FILES['upload']['tmp_name'])) {
if (!file_exists($_FILES['upload']['tmp_name'])) {
throw new Exception('Upload failed. PHP upload error: ' . intval($_FILES['upload']['error']));
}
$filearray = $_FILES['upload'];
$data['org_file_info'] = pathinfo($_FILES['upload']['name']);
$filesize = filesize($_FILES['upload']['tmp_name']);
$fileContents = file_get_contents($_FILES['upload']['tmp_name']);
$filename = $_FILES['upload']['tmp_name'];
$crop['org_file_info'] = pathinfo($_FILES['upload']['name']);
} elseif (!empty($vbulletin->GPC['avatarurl'])) {
//Make a local copy
require_once DIR . '/includes/class_upload.php';
$upload = new vB_Upload_Image($vbulletin);
$upload->image = vB_Image::instance();
$upload->path = vB_Utilities::getTmpDir();
$filename = $upload->process_upload($vbulletin->GPC['avatarurl']);
}
if ($filename) {
vB_Library::instance('user')->uploadAvatar($filename, $crop, $userinfo['userid']);
} else {
print_stop_message2('upload_file_failed');
}
} else {
// not using an avatar
$vbulletin->GPC['avatarid'] = 0;
$userpic = new vB_Datamanager_Userpic_Avatar($vbulletin, vB_DataManager_Constants::ERRTYPE_CP);
$userpic->condition = array(array('field' => 'userid', 'value' => $userinfo['userid'], 'operator' => vB_dB_Query::OPERATOR_EQ));
$userpic->delete();
}
print_stop_message2('saved_avatar_successfully', 'user', array('do' => 'edit', 'u' => $vbulletin->GPC['userid']));
|| ###################################################################### ||
\*========================================================================*/
// Attempt to load XML extension if we don't have the XML functions
// already loaded.
if (!function_exists('xml_set_element_handler')) {
$extension_dir = ini_get('extension_dir');
if (strtoupper(substr(PHP_OS, 0, 3)) == 'WIN') {
$extension_file = 'php_xml.dll';
} else {
$extension_file = 'xml.so';
}
if ($extension_dir and file_exists($extension_dir . '/' . $extension_file)) {
dl($extension_file);
}
}
if (($current_memory_limit = vB_Utilities::ini_size_to_bytes(@ini_get('memory_limit'))) < 256 * 1024 * 1024 and $current_memory_limit > 0) {
@ini_set('memory_limit', 256 * 1024 * 1024);
}
/**
* vBulletin XML Parsing Object
*
* This class allows the parsing of an XML document to an array
*
* @package vBulletin
* @author Scott MacVicar
* @version $Revision: 84278 $
* @date $Date: 2015-03-13 10:45:26 -0700 (Fri, 13 Mar 2015) $
* @copyright http://www.vbulletin.com/license.html
*
*/
class vB_XML_Parser
/**
* Fetch a resize image from an existing filedata
*
* @param array File information
*
*
*/
public function fetchResizedImageFromFiledata(&$record, $type)
{
$options = vB::getDatastore()->get_value('options');
$sizes = @unserialize($options['attachresizes']);
$filename = 'temp.' . $record['extension'];
if (!isset($sizes[$type]) or empty($sizes[$type])) {
throw new vB_Exception_Api('thumbnail_nosupport');
}
if ($options['attachfile']) {
if ($options['attachfile'] == ATTACH_AS_FILES_NEW) {
$path = $options['attachpath'] . '/' . implode('/', preg_split('//', $record['userid'], -1, PREG_SPLIT_NO_EMPTY)) . '/';
} else {
$path = $options['attachpath'] . '/' . $record['userid'] . '/';
}
$location = $path . $record['filedataid'] . '.attach';
} else {
// Must save filedata to a temp file as the img operations require a file read
$location = vB_Utilities::getTmpFileName($record['userid'], 'vbimage');
@file_put_contents($location, $record['filedata']);
}
$resized = $this->fetchThumbnail($filename, $location, $sizes[$type], $sizes[$type], $options['thumbquality']);
$record['resize_dateline'] = $resized['filesize'];
$record['resize_filesize'] = strlen($resized['filedata']);
if ($options['attachfile']) {
if ($options['attachfile'] == ATTACH_AS_FILES_NEW) {
$path = $options['attachpath'] . '/' . implode('/', preg_split('//', $record['userid'], -1, PREG_SPLIT_NO_EMPTY)) . '/';
} else {
$path = $options['attachpath'] . '/' . $record['userid'] . '/';
}
@file_put_contents($path . $record['filedataid'] . '.' . $type, $resized['filedata']);
} else {
$record['resize_filedata'] = $resized['filedata'];
}
vB::getDbAssertor()->assertQuery('vBForum:replaceIntoFiledataResize', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_STORED, 'filedataid' => $record['filedataid'], 'resize_type' => $type, 'resize_filedata' => $options['attachfile'] ? '' : $record['resize_filedata'], 'resize_filesize' => $record['resize_filesize'], 'resize_dateline' => vB::getRequest()->getTimeNow(), 'resize_width' => $resized['width'], 'resize_height' => $resized['height'], 'reload' => 0));
if (!$options['attachfile']) {
@unlink($location);
}
}
public function cropFileData($filedataid, $data = array())
{
$usercontext = vB::getUserContext();
if (!$usercontext->fetchUserId() or !$usercontext->hasPermission('genericpermissions', 'canuseavatar') or !$usercontext->hasPermission('genericpermissions', 'canmodifyprofile')) {
throw new vB_Exception_API('no_permission_use_avatar');
}
//Did we get a valid url?
if (empty($filedataid)) {
throw new vB_Exception_API('upload_invalid_url');
}
//add @ to suppress warnings caused by invalid url
$filedata = vB_Api::instanceInternal('filedata')->fetchImageByFiledataid($filedataid);
if (empty($filedata)) {
throw new vB_Exception_API('upload_invalid_url');
}
$imageHandler = vB_Image::instance();
$extension_map = $imageHandler->getExtensionMap();
if (!array_key_exists(strtolower($filedata['extension']), $extension_map)) {
throw new vB_Exception_API('error_thumbnail_notcorrectimage');
}
//Make a local copy
$filename = vB_Utilities::getTmpFileName('', 'vbprofile', ".{$filedata['extension']}");
file_put_contents($filename, $filedata['filedata']);
$crop = array();
if (!empty($data) and is_array($data) and array_key_exists('crop', $data)) {
$crop = $data['crop'];
}
return vB_Library::instance('user')->uploadAvatar($filename, $crop);
}
/**
* new vURL method which stores items in a file if it can until needed
*
* @return mixed false on failure, true or array depending on response requested
*/
function exec2()
{
$this->tmpfile = vB_Utilities::getTmpFileName('', 'vbvurl');
if (empty($this->options[VURL_URL])) {
trigger_error('Must set URL with set_option(VURL_URL, $url)', E_USER_ERROR);
}
if (!empty($this->options[VURL_USERAGENT])) {
$this->options[VURL_HTTPHEADER][] = 'User-Agent: ' . $this->options[VURL_USERAGENT];
}
if ($this->bitoptions & VURL_CLOSECONNECTION) {
$this->options[VURL_HTTPHEADER][] = 'Connection: close';
}
foreach (array_keys($this->transports) as $tname) {
$transport =& $this->transports[$tname];
if (($result = $transport->exec()) === VURL_HANDLED and !$this->fetch_error()) {
return $this->format_response(array('headers' => $transport->response_header, 'body' => $transport->response_text, 'body_file' => $this->tmpfile));
}
if ($this->fetch_error()) {
return false;
}
}
@unlink($this->tmpfile);
$this->set_error(VURL_ERROR_NOLIB);
return false;
}
/**
* See function definition in vB_Image
*/
public function getImageFromString($string, $moveabout = true)
{
$tmpname = vB_Utilities::getTmpFileName('', 'vbimagick');
if (!$tmpname) {
throw new vB_Exception_Api('temp_file_create_error');
}
// Command start for no background image
$execute = ' -size 201x61 xc:white ';
$fonts = $this->fetchRegimageFonts();
if ($moveabout) {
$backgrounds = $this->fetchRegimageBackgrounds();
if (!empty($backgrounds)) {
$index = mt_rand(0, count($backgrounds) - 1);
$background = $backgrounds["{$index}"];
// replace Command start with background image
$execute = " \"{$background}\" -resize 201x61! -swirl " . mt_rand(10, 100);
// randomly rotate the background image 180 degrees
$execute .= vB::getRequest()->getTimeNow() & 2 ? ' -rotate 180 ' : '';
}
// Randomly move the letters up and down
for ($x = 0; $x < strlen($string); $x++) {
if (!empty($fonts)) {
$index = mt_rand(0, count($fonts) - 1);
if ($this->regimageoption['randomfont']) {
$font = $fonts["{$index}"];
} else {
if (!$font) {
$font = $fonts["{$index}"];
}
}
} else {
$font = 'Helvetica';
}
if ($this->regimageoption['randomshape']) {
// Stroke Width, 1 or 2
$strokewidth = mt_rand(1, 2);
// Pick a random color
$r = mt_rand(50, 200);
$b = mt_rand(50, 200);
$g = mt_rand(50, 200);
// Pick a Shape
$x1 = mt_rand(0, 200);
$y1 = mt_rand(0, 60);
$x2 = mt_rand(0, 200);
$y2 = mt_rand(0, 60);
$start = mt_rand(0, 360);
$end = mt_rand(0, 360);
switch (mt_rand(1, 5)) {
case 1:
$shape = "\"roundrectangle {$x1},{$y1} {$x2},{$y2} {$start},end\"";
break;
case 2:
$shape = "\"arc {$x1},{$y1} {$x2},{$y2} 20,15\"";
break;
case 3:
$shape = "\"ellipse {$x1},{$y1} {$x2},{$y2} {$start},{$end}\"";
break;
case 4:
$shape = "\"line {$x1},{$y1} {$x2},{$y2}\"";
break;
case 5:
$x3 = mt_rand(0, 200);
$y3 = mt_rand(0, 60);
$x4 = mt_rand(0, 200);
$y4 = mt_rand(0, 60);
$shape = "\"polygon {$x1},{$y1} {$x2},{$y2} {$x3},{$y3} {$x4},{$y4}\"";
break;
}
// before or after
$place = mt_rand(1, 2);
$finalshape = " -flatten -stroke \"rgb({$r},{$b},{$g})\" -strokewidth {$strokewidth} -fill none -draw {$shape} -stroke none ";
if ($place == 1) {
$execute .= $finalshape;
}
}
$slant = (($x <= 1 or $x == 5) and $this->regimageoption['randomslant']) ? true : false;
$execute .= $this->annotate($string["{$x}"], $font, $slant, true);
if ($this->regimageoption['randomshape'] and $place == 2) {
$execute .= $finalshape;
}
}
} else {
if (!empty($fonts)) {
$font = $fonts[0];
} else {
$font = 'Helvetica';
}
$execute .= $this->annotate("\"{$string}\"", $font, false, false);
}
// Swirl text, stroke inner border of 1 pixel and output as GIF
$execute .= ' -flatten ';
$execute .= ($moveabout and $this->regimageoption['randomslant']) ? ' -swirl 20 ' : '';
$execute .= " -stroke black -strokewidth 1 -fill none -draw \"rectangle 0,60 200,0\" -depth 8 PNG:\"{$tmpname}\"";
if ($result = $this->fetchImExec('convert', $execute)) {
$filedata = @file_get_contents($tmpname);
$fileSize = 0;
if ($tmpSize = @filesize($tmpname)) {
$fileSize = $tmpSize;
} else {
$fileSize = strlen($filedata);
}
@unlink($tmpname);
// return imageinfo
return array('filedata' => $filedata, 'filetype' => 'png', 'filesize' => $fileSize, 'contentType' => 'image/png');
} else {
@unlink($tmpname);
return false;
}
}
protected function uploadImageStreamStringToFiledata($imageContent, $prefix = 'vb_')
{
// It doesn't seem like we have existing functions to just save the raw image stream as filedata.
// The existing content_attach functions seem to all require some temporary file to exist somewhere.
// So let's save the image in a temporary file, save it to the file system using existing functions,
// then remove the file.
$tempIconFileLocation = vB_Utilities::getTmpFileName('', $prefix);
// removal happens below, look for the unlink() call
file_put_contents($tempIconFileLocation, $imageContent);
/*
* Below depends on the GD library
* http://www.php.net/manual/en/function.getimagesize.php
* Index 0 and 1 contains respectively the width and the height of the image.
* Index 2 is one of the IMAGETYPE_XXX constants indicating the type of the image.
* Index 3 is a text string with the correct height="yyy" width="xxx" string that can be used directly in an IMG tag.
* mime is the correspondant MIME type of the image. This information can be used to deliver images with the correct HTTP Content-type header:
*/
$imageSize = getimagesize($tempIconFileLocation);
$extension = image_type_to_extension($imageSize[2], false);
$fileArray = array();
$fileArray['tmp_name'] = $tempIconFileLocation;
// apparently fetchThumbnail() requires that the NAME has a valid extension... This is just bogus because we totally made up this file, but whatever
$fileArray['name'] = 'image_' . md5(microtime(true)) . "." . $extension;
$userid = vB::getCurrentSession()->get('userid');
$result = vB_Library::instance('content_attach')->saveUpload($userid, $fileArray, $imageContent, filesize($tempIconFileLocation), $extension, true, true);
// temp file deletion is not done automatically, so we must do it.
if (!empty($tempIconFileLocation)) {
@unlink($tempIconFileLocation);
}
if (!isset($result['filedataid'])) {
/*
* If we cannot upload an image, we should just continue importing the theme as
* icons and preview image are optional.
* I'm leaving an exception here in case we want to handle it better, or we want
* to move this into an API class, so the caller should catch the exception and
* handle it accordingly.
*/
throw new vB_Exception_Api('theme_icon_upload_error');
}
/*
* Note, this function returns an array to adhere to API standards just in case this
* ends up being moved into an API class. If we do move it into an API class, we may
* want to change the Exception above to be a vB_Exception_Api
*/
return array('filedataid' => $result['filedataid']);
}
public static function handleError($errno, $errstr, $errfile, $errline)
{
//we should honor the error reporting settings (which the error handler
//system does *not* do by default -- we get everything here. We return
//false so that the default error handler triggers. It won't display
//anything either, but it will correctly exit so we don't need to figure
//out if we have to.
//php changed the way dispay_errors is reported in version 5.2. We probably don't
//have to care about the old way, but this covers all of the bases.
$display_errors = in_array(strtolower(ini_get('display_errors')), array('on', '1'));
if (!(error_reporting() & $errno) or !$display_errors) {
return false;
}
//Note that not all of these error codes are trappable and therefore
//many cannot actually occur here. They are listed for completeness
//and possible future proofing if that changes.
$label = "";
$fatal = false;
switch ($errno) {
case E_STRICT:
$label = "Strict standards";
break;
case E_DEPRECATED:
case E_USER_DEPRECATED:
$label = "Notice";
break;
case E_WARNING:
case E_CORE_WARNING:
case E_USER_WARNING:
case E_COMPILE_WARNING:
$label = "Warning";
break;
case E_NOTICE:
case E_USER_NOTICE:
$label = "Notice";
break;
case E_ERROR:
case E_PARSE:
case E_CORE_ERROR:
case E_COMPILE_ERROR:
case E_USER_ERROR:
case E_RECOVERABLE_ERROR:
$label = "Fatal error";
$fatal = true;
break;
//if we don't know what the error type is, php added it after 5.6
//we'll punt to the system error handler because we simply don't know
//what we are dealing with. This risks leaking the path on files, but
//that's not as bad as exiting on a warning or not exiting on a fatal error
//if we don't know what the error type is, php added it after 5.6
//we'll punt to the system error handler because we simply don't know
//what we are dealing with. This risks leaking the path on files, but
//that's not as bad as exiting on a warning or not exiting on a fatal error
default:
return false;
break;
}
if (!defined('DIR')) {
//if we don't have DIR defined yet, let's show the error and live
//with the potential path exposure. Things are really borked.
$safe_errfile = $errfile;
$safe_errstr = $errstr;
} else {
//make the output safe for public consumption
$safe_errfile = str_replace(DIR, '...', $errfile);
$safe_errstr = str_replace(DIR, '...', $errstr);
}
$safe_message = "{$label}: {$safe_errstr} in {$safe_errfile} on line {$errline}\n";
$message = "{$label}: {$errstr} in {$errfile} on line {$errline}";
//echo the error
echo $safe_message;
//try to mimic the logging behavior of the default function
if (ini_get('log_errors')) {
error_log($message);
}
if ($fatal) {
//log the error
if (defined('DIR')) {
require_once DIR . '/includes/functions_log_error.php';
log_vbulletin_error($message, 'php');
}
$usercontext = vB::getUserContext();
if (function_exists('debug_print_backtrace') and $usercontext and $usercontext->isAdministrator()) {
// This is needed so IE doesn't show the pretty error messages
echo str_repeat(' ', 512);
echo vB_Utilities::getStackTrace();
}
//return a 500 error
if (!headers_sent()) {
if (PHP_SAPI == 'cgi' or PHP_SAPI == 'cgi-fcgi') {
header('Status: 500 Internal Server Error');
} else {
header($_SERVER['SERVER_PROTOCOL'] . ' 500 Internal Server Error');
}
}
exit;
}
//we've got this -- no need to bother the default handler
return true;
}
$remotefile = false;
if (is_file($avatar['avatarpath'])) {
$imagepath = $avatar['avatarpath'];
} else {
$location = dirname(__FILE__) . '/../' . $avatar['avatarpath'];
if (is_file($location)) {
$imagepath = $location;
} else {
if ($avatar['avatarpath'][0] == '/') {
// absolute web path -- needs to be translated into a full path and handled that way
$avatar['avatarpath'] = create_full_url($avatar['avatarpath']);
}
}
}
if (substr($avatar['avatarpath'], 0, 7) == 'http://') {
$imagepath = vB_Utilities::getTmpFileName($avatar['avatarid'], 'vbavatar');
if ($filenum = @fopen($imagepath, 'wb')) {
require_once DIR . '/includes/class_vurl.php';
$vurl = new vB_vURL($vbulletin);
$vurl->set_option(VURL_URL, $avatar['avatarpath']);
$vurl->set_option(VURL_HEADER, true);
$vurl->set_option(VURL_RETURNTRANSFER, true);
if ($result = $vurl->exec()) {
@fwrite($filenum, $result['body']);
}
unset($vurl);
@fclose($filenum);
$remotefile = true;
}
}
if (!file_exists($imagepath)) {
/**
* If cache logging is enabled this stores the page cache activity to be loggged.
*
**/
protected static function logCacheAction($cacheid, $action, $type = 4, $size = 0)
{
static $random;
if (!isset($random)) {
$random = rand();
}
if (!isset(self::$actions[$type][$cacheid])) {
self::$actions[$type][$cacheid] = array('cacheid' => $cacheid, 'randomkey' => $random, 'type' => $type, 'writes' => 0, 'misses' => 0, 'hits' => 0, 'rereads' => 0, 'remiss' => 0, 'clears' => 0, 'time' => vB::getRequest()->getTimeNow(), 'size' => $size, 'stacktrace' => '');
}
// store the most recent stack trace
self::$actions[$type][$cacheid]['stacktrace'] = vB_Utilities::getStackTrace();
switch ($action) {
case self::CACHE_LOG_WRITE:
self::$actions[$type][$cacheid]['writes'] = 1;
self::$actions[$type][$cacheid]['size'] = $size;
break;
case self::CACHE_LOG_READSUCCESS:
self::$actions[$type][$cacheid]['hits']++;
break;
case self::CACHE_LOG_READFAIL:
self::$actions[$type][$cacheid]['misses']++;
break;
case self::CACHE_LOG_HASVALUE:
self::$actions[$type][$cacheid]['rereads']++;
break;
case self::CACHE_LOG_NOVALUE:
self::$actions[$type][$cacheid]['remiss']++;
break;
case self::CACHE_LOG_CLEAR:
self::$actions[$type][$cacheid]['clears']++;
break;
}
}
/**
* This function accepts a file via URL or from $_FILES, verifies it, and places it in a temporary location for processing
*
* @param mixed Valid options are: (a) a URL to a file to retrieve or (b) a pointer to a file in the $_FILES array
*/
function accept_upload(&$upload)
{
$this->error = '';
if (!is_array($upload) and strval($upload) != '') {
$this->upload['extension'] = strtolower(file_extension($upload));
// Check extension here so we can save grabbing a large file that we aren't going to use
if (!$this->is_valid_extension($this->upload['extension'])) {
$this->set_error('upload_invalid_file');
return false;
}
// Admins can upload any size file
if ($this->registry->userinfo['permissions']['adminpermissions'] & $this->registry->bf_ugp_adminpermissions['cancontrolpanel']) {
$this->maxuploadsize = 0;
} else {
$this->maxuploadsize = $this->fetch_max_uploadsize($this->upload['extension']);
if (!$this->maxuploadsize) {
$newmem = 20971520;
}
}
if (!preg_match('#^((http|ftp)s?):\\/\\/#i', $upload)) {
$upload = 'http://' . $upload;
}
if (ini_get('allow_url_fopen') == 0 and !function_exists('curl_init')) {
$this->set_error('upload_fopen_disabled');
return false;
} else {
if ($filesize = $this->fetch_remote_filesize($upload)) {
if ($this->maxuploadsize and $filesize > $this->maxuploadsize) {
$this->set_error('upload_remoteimage_toolarge');
return false;
} else {
if (function_exists('memory_get_usage') and $memory_limit = @ini_get('memory_limit') and $memory_limit != -1) {
// Make sure we have enough memory to process this file
$memorylimit = vb_number_format($memory_limit, 0, false, null, '');
$memoryusage = memory_get_usage();
$freemem = $memorylimit - $memoryusage;
$newmemlimit = !empty($newmem) ? $freemem + $newmem : $freemem + $filesize;
if (($current_memory_limit = vB_Utilities::ini_size_to_bytes(@ini_get('memory_limit'))) < $newmemlimit and $current_memory_limit > 0) {
@ini_set('memory_limit', $newmemlimit);
}
}
require_once DIR . '/includes/class_vurl.php';
$vurl = new vB_vURL($this->registry);
$vurl->set_option(VURL_URL, $upload);
$vurl->set_option(VURL_FOLLOWLOCATION, 1);
$vurl->set_option(VURL_HEADER, true);
$vurl->set_option(VURL_MAXSIZE, $this->maxuploadsize);
$vurl->set_option(VURL_RETURNTRANSFER, true);
if ($result = $vurl->exec2()) {
} else {
switch ($vurl->fetch_error()) {
case VURL_ERROR_MAXSIZE:
$this->set_error('upload_remoteimage_toolarge');
break;
case VURL_ERROR_NOLIB:
// this condition isn't reachable
$this->set_error('upload_fopen_disabled');
break;
case VURL_ERROR_SSL:
case VURL_URL_URL:
default:
$this->set_error('retrieval_of_remote_file_failed');
}
return false;
}
unset($vurl);
}
} else {
$this->set_error('upload_invalid_url');
return false;
}
}
// write file to temporary directory...
$this->upload['location'] = vB_Utilities::getTmpFileName('', 'vbupload');
$attachment_write_failed = true;
if (!empty($result['body'])) {
$fp = $this->registry->userinfo['permissions']['adminpermissions'] & $this->registry->bf_ugp_adminpermissions['cancontrolpanel'] ? fopen($this->upload['location'], 'wb') : @fopen($this->upload['location'], 'wb');
if ($fp and $this->upload['location']) {
@fwrite($fp, $result['body']);
@fclose($fp);
$attachment_write_failed = false;
}
} else {
if (file_exists($result['body_file'])) {
if (@rename($result['body_file'], $this->upload['location']) or copy($result['body_file'], $this->upload['location']) and unlink($result['body_file'])) {
$mask = 0777 & ~umask();
@chmod($this->upload['location'], $mask);
$attachment_write_failed = false;
}
}
}
if ($attachment_write_failed) {
$this->set_error('upload_writefile_failed');
return false;
}
$this->upload['filesize'] = @filesize($this->upload['location']);
$this->upload['filename'] = basename($upload);
$this->upload['extension'] = strtolower(file_extension($this->upload['filename']));
$this->upload['thumbnail'] = '';
$this->upload['filestuff'] = '';
$this->upload['url'] = true;
} else {
$this->upload['filename'] = trim($upload['name']);
$this->upload['filesize'] = intval($upload['size']);
$this->upload['location'] = trim($upload['tmp_name']);
$this->upload['extension'] = strtolower(file_extension($this->upload['filename']));
$this->upload['thumbnail'] = '';
$this->upload['filestuff'] = '';
if ($this->registry->userinfo['permissions']['adminpermissions'] & $this->registry->bf_ugp_adminpermissions['cancontrolpanel'] and $this->upload['error']) {
// Encountered PHP upload error
if (!($maxupload = @ini_get('upload_max_filesize'))) {
$maxupload = 10485760;
}
$maxattachsize = vb_number_format($maxupload, 1, true);
switch ($this->upload['error']) {
case '1':
// UPLOAD_ERR_INI_SIZE
// UPLOAD_ERR_INI_SIZE
case '2':
// UPLOAD_ERR_FORM_SIZE
$this->set_error('upload_file_exceeds_php_limit', $maxattachsize);
break;
case '3':
// UPLOAD_ERR_PARTIAL
$this->set_error('upload_file_partially_uploaded');
break;
case '4':
$this->set_error('upload_file_failed');
break;
case '6':
$this->set_error('missing_temporary_folder');
break;
case '7':
$this->set_error('upload_writefile_failed');
break;
case '8':
$this->set_error('upload_stopped_by_extension');
break;
default:
$this->set_error('upload_invalid_file');
}
return false;
} else {
if ($this->upload['error'] or $this->upload['location'] == 'none' or $this->upload['location'] == '' or $this->upload['filename'] == '' or !$this->upload['filesize'] or !is_uploaded_file($this->upload['location'])) {
if ($this->emptyfile or $this->upload['filename'] != '') {
$this->set_error('upload_file_failed');
}
return false;
}
}
if ($this->registry->options['safeupload']) {
$temppath = $this->registry->options['tmppath'] . '/' . $this->registry->session->fetch_sessionhash();
$moveresult = $this->registry->userinfo['permissions']['adminpermissions'] & $this->registry->bf_ugp_adminpermissions['cancontrolpanel'] ? move_uploaded_file($this->upload['location'], $temppath) : @move_uploaded_file($this->upload['location'], $temppath);
if (!$moveresult) {
$this->set_error('upload_unable_move');
return false;
}
$this->upload['location'] = $temppath;
}
}
// Check if the filename is utf8
$this->upload['utf8_name'] = isset($upload['utf8_name']) and $upload['utf8_name'];
$return_value = true;
// Legacy Hook 'upload_accept' Removed //
return $return_value;
}
/**
*
*
*
*/
function pre_save($doquery = true)
{
if ($this->presave_called !== null) {
return $this->presave_called;
}
if (!$this->condition) {
// Check if we need to insert or overwrite this image.
if ($this->fetch_field('userid') and $this->assertor->getRow($this->table, array('userid' => $this->fetch_field('userid')))) {
$this->condition['userid'] = $this->fetch_field('userid');
}
}
// Store in database
$table = $this->fetchTableBase($this->table);
if ($table == 'customavatar' and $this->fetch_field('filedata') and !$this->fetch_field('filedata_thumb') and !$this->options['usefileavatar']) {
$filename = vB_Utilities::getTmpFileName($this->fetch_field('userid'), 'vbuserpic');
$filenum = @fopen($filename, 'wb');
@fwrite($filenum, $this->fetch_field('filedata'));
@fclose($filenum);
$imageinfo = $this->imageHandler->fetchImageInfo($filename);
if (!$this->fetch_field('width') or !$this->fetch_field('height')) {
if ($imageinfo) {
$this->set('width', $imageinfo[0]);
$this->set('height', $imageinfo[1]);
}
}
$thumbnail = $this->fetch_thumbnail($filename, false, $imageinfo);
$this->deleteFile($filename);
if ($thumbnail['filedata']) {
$this->set('width_thumb', $thumbnail['width']);
$this->set('height_thumb', $thumbnail['height']);
$this->set('filedata_thumb', $thumbnail['filedata']);
unset($thumbnail);
} else {
$this->set('width_thumb', 0);
$this->set('height_thumb', 0);
$this->set('filedata_thumb', '');
}
}
$return_value = true;
$this->presave_called = $return_value;
return $return_value;
}
