示例#1
0
 public function upload()
 {
     //this is the name of the field in the html form, filedata is the default name for swfupload
     //so we will leave it as that
     $fieldName = 'document';
     //any errors the server registered on uploading
     $fileError = $_FILES[$fieldName]['error'];
     if ($fileError > 0) {
         switch ($fileError) {
             case 1:
                 echo TextHelper::_('FILE TO LARGE THAN PHP INI ALLOWS');
                 return;
             case 2:
                 echo TextHelper::_('FILE TO LARGE THAN HTML FORM ALLOWS');
                 return;
             case 3:
                 echo TextHelper::_('ERROR PARTIAL UPLOAD');
                 return;
             case 4:
                 echo TextHelper::_('ERROR NO FILE');
                 return;
         }
     }
     //check for filesize
     $fileSize = $_FILES[$fieldName]['size'];
     if ($fileSize > 2000000) {
         echo TextHelper::_('FILE BIGGER THAN 2MB');
     }
     //check the file extension is ok
     $fileName = $_FILES[$fieldName]['name'];
     $uploadedFileNameParts = explode('.', $fileName);
     $uploadedFileExtension = array_pop($uploadedFileNameParts);
     $validFileExts = explode(',', 'jpeg,jpg,png,gif,pdf,doc,docx,odt,rtf,ppt,xls,txt');
     //assume the extension is false until we know its ok
     $extOk = false;
     //go through every ok extension, if the ok extension matches the file extension (case insensitive)
     //then the file extension is ok
     foreach ($validFileExts as $key => $value) {
         if (preg_match("/{$value}/i", $uploadedFileExtension)) {
             $extOk = true;
         }
     }
     if ($extOk == false) {
         echo TextHelper::_('INVALID EXTENSION');
         return;
     }
     //the name of the file in PHP's temp directory that we are going to move to our folder
     $fileTemp = $_FILES[$fieldName]['tmp_name'];
     //for security purposes, we will also do a getimagesize on the temp file (before we have moved it
     //to the folder) to check the MIME type of the file, and whether it has a width and height
     $imageinfo = getimagesize($fileTemp);
     //lose any special characters in the filename
     $fileName = ereg_replace("[^A-Za-z0-9.]", "-", $fileName);
     $hash = md5($fileName) . "." . $uploadedFileExtension;
     //always use constants when making file paths, to avoid the possibilty of remote file inclusion
     $uploadPath = JPATH_SITE . '/uploads/' . $hash;
     $app = \Cobalt\Container::fetch('app');
     if (!File::upload($fileTemp, $uploadPath)) {
         $msg = TextHelper::_('COBALT_DOC_UPLOAD_FAIL');
         $app->redirect('index.php?view=admindocuments', $msg);
     } else {
         //update the database
         //date generation
         $date = date('Y-m-d H:i:s');
         $data = array('name' => $fileName, 'filename' => $hash, 'filetype' => $uploadedFileExtension, 'size' => $fileSize / 1024, 'created' => $date, 'shared' => 1, 'is_image' => is_array(getimagesize($uploadPath)) ? true : false);
         $model = new static();
         $session = JFactory::getSession();
         if ($model->store($data)) {
             $msg = TextHelper::_('COM_CRMERY_DOC_UPLOAD_SUCCESS');
             $app->redirect('index.php?view=admindocuments&layout=upload_success&format=raw', $msg);
             $session->set("upload_success", true);
         } else {
             $msg = TextHelper::_('COM_CRMERY_DOC_UPLOAD_FAIL');
             $app->redirect('index.php?view=admindocuments&layout=upload_success&format=raw', $msg);
             $session->set("upload_success", false);
         }
     }
 }
示例#2
0
 public function uploadLogo()
 {
     if ($_FILES['logo']['error']) {
         return false;
     }
     //uploading image
     $allowedImageTypes = array("image/pjpeg", "image/jpeg", "image/jpg", "image/png", "image/x-png", "image/gif");
     if (!in_array($_FILES['logo']['type'], $allowedImageTypes)) {
         $this->setError(Text::_('INSTL_ERROR_LOGO_FILE_TYPE'));
         return false;
     } else {
         if (!JFile::upload($_FILES['logo']['tmp_name'], JPATH_ROOT . '/uploads/logo/' . JFile::makeSafe($_FILES['logo']['name']))) {
             $this->setError(Text::_('INSTL_ERROR_UPLOAD_LOGO'));
             return false;
         }
     }
     return true;
 }
示例#3
0
 public function store()
 {
     //Load Tables
     $app = \Cobalt\Container::fetch('app');
     $row = new BrandingTable();
     $data = $app->input->getRequest('post');
     //date generation
     $date = DateHelper::formatDBDate(date('Y-m-d H:i:s'));
     $data['modified'] = $date;
     $this->changeDefault($data['id']);
     $fieldName = 'site_logo';
     //any errors the server registered on uploading
     $fileError = $_FILES[$fieldName]['error'];
     if ($fileError > 0) {
         unset($data['site_logo']);
     } else {
         //check the file extension is ok
         $fileName = $_FILES[$fieldName]['name'];
         $fileTemp = $_FILES[$fieldName]['tmp_name'];
         $uploadedFileNameParts = explode('.', $fileName);
         $uploadedFileExtension = array_pop($uploadedFileNameParts);
         $validFileExts = explode(',', 'jpeg,jpg,png,gif,pdf,doc,docx,odt,rtf,ppt,xls,txt');
         //assume the extension is false until we know its ok
         $extOk = false;
         //go through every ok extension, if the ok extension matches the file extension (case insensitive)
         //then the file extension is ok
         foreach ($validFileExts as $key => $value) {
             if (preg_match("/{$value}/i", $uploadedFileExtension)) {
                 $extOk = true;
             }
         }
         if ($extOk == false) {
             echo TextHelper::_('INVALID EXTENSION');
             return;
         }
         //data generation
         $hashFilename = md5($fileName . $date) . "." . $uploadedFileExtension;
         //lose any special characters in the filename
         //$fileName = preg_replace("[^A-Za-z0-9.]", "-", $fileName);
         //always use constants when making file paths, to avoid the possibilty of remote file inclusion
         $uploadPath = JPATH_SITE . '/src/Cobalt/media/logos/' . $hashFilename;
         if (!File::upload($fileTemp, $uploadPath)) {
             echo TextHelper::_('ERROR MOVING FILE');
             return;
         }
         $fileSize = filesize($uploadPath);
         $this->updateSiteLogo($hashFilename);
         unset($data['site_logo']);
     }
     // Bind the form fields to the table
     if (!$row->bind($data)) {
         $this->setError($this->db->getErrorMsg());
         return false;
     }
     // Make sure the record is valid
     if (!$row->check()) {
         $this->setError($this->db->getErrorMsg());
         return false;
     }
     // Store the web link table to the database
     if (!$row->store()) {
         $this->setError($this->db->getErrorMsg());
         return false;
     }
     return true;
 }
示例#4
0
 /**
  * Save user avatars
  * @return [type] [description]
  */
 public function saveAvatar()
 {
     //this is the name of the field in the html form, filedata is the default name for swfupload
     //so we will leave it as that
     $fieldName = 'avatar';
     //any errors the server registered on uploading
     $fileError = $_FILES[$fieldName]['error'];
     if ($fileError > 0) {
         switch ($fileError) {
             case 1:
                 echo TextHelper::_('FILE TO LARGE THAN PHP INI ALLOWS');
                 return false;
             case 2:
                 echo TextHelper::_('FILE TO LARGE THAN HTML FORM ALLOWS');
                 return false;
             case 3:
                 echo TextHelper::_('ERROR PARTIAL UPLOAD');
                 return false;
             case 4:
                 echo TextHelper::_('ERROR NO FILE');
                 return false;
         }
     }
     //check the file extension is ok
     $fileName = $_FILES[$fieldName]['name'];
     $fileTemp = $_FILES[$fieldName]['tmp_name'];
     $uploadedFileNameParts = explode('.', $fileName);
     $uploadedFileExtension = array_pop($uploadedFileNameParts);
     $validFileExts = explode(',', 'jpeg,jpg,png,gif,bmp');
     //assume the extension is false until we know its ok
     $extOk = false;
     //go through every ok extension, if the ok extension matches the file extension (case insensitive)
     //then the file extension is ok
     foreach ($validFileExts as $key => $value) {
         if (preg_match("/{$value}/i", $uploadedFileExtension)) {
             $extOk = true;
         }
     }
     if ($extOk == false) {
         echo TextHelper::_('INVALID EXTENSION');
         return false;
     }
     //data generation
     $date = DateHelper::formatDBDate(date('Y-m-d H:i:s'));
     $hashFilename = md5($fileName . $date) . "." . $uploadedFileExtension;
     //lose any special characters in the filename
     //$fileName = preg_replace("[^A-Za-z0-9.]", "-", $fileName);
     //always use constants when making file paths, to avoid the possibilty of remote file inclusion
     $uploadPath = JPATH_SITE . '/src/Cobalt/media/avatars/' . $hashFilename;
     if (!File::upload($fileTemp, $uploadPath)) {
         echo TextHelper::_('ERROR MOVING FILE');
         return false;
     }
     $image = new Image();
     $image->loadFile($uploadPath);
     $image->resize(50, 50, false);
     $image->toFile($uploadPath);
     $data = array('id' => $this->state->get('item_id'), 'avatar' => $hashFilename);
     $item_type = $this->state->get('item_type');
     $this->deleteOldAvatar($data['id'], $item_type);
     switch ($item_type) {
         case "people":
             $model_name = "people";
             break;
         case "companies":
             $model_name = "company";
             break;
     }
     $modelClass = "Cobalt\\Model\\" . ucwords($model_name);
     $model = new $modelClass($this->db);
     $model->store($data);
     return JUri::base() . 'src/Cobalt/media/avatars/' . $hashFilename;
 }
示例#5
0
 /**
  * Method to store a record
  *
  * @return boolean True on success
  */
 public function store($data = null)
 {
     if ($data) {
         $data = (array) $data;
         $_FILES = array();
         $_FILES['document'] = $data;
         $_FILES['tmp_name'] = $data['attachment'];
         $fileName = $data['value'];
         $fileTemp = $data['attachment'];
         $association_id = $data['association_id'];
         $association_type = $data['association_type'];
         $uploadedFileExtension = substr(strrchr($fileName, '.'), 1);
         $data['is_attachment'] = 1;
         $data['email'] = 1;
     } else {
         $association_id = $_POST['association_id'];
         $association_type = $_POST['association_type'];
         //this is the name of the field in the html form, filedata is the default name for swfupload
         //so we will leave it as that
         $fieldName = 'document';
         //any errors the server registered on uploading
         $fileError = $_FILES[$fieldName]['error'];
         if ($fileError > 0) {
             switch ($fileError) {
                 case 1:
                     echo TextHelper::_('FILE TO LARGE THAN PHP INI ALLOWS');
                     return;
                 case 2:
                     echo TextHelper::_('FILE TO LARGE THAN HTML FORM ALLOWS');
                     return;
                 case 3:
                     echo TextHelper::_('ERROR PARTIAL UPLOAD');
                     return;
                 case 4:
                     echo TextHelper::_('ERROR NO FILE');
                     return;
             }
         }
         //check the file extension is ok
         $fileName = $_FILES[$fieldName]['name'];
         $fileTemp = $_FILES[$fieldName]['tmp_name'];
     }
     $uploadedFileNameParts = explode('.', $fileName);
     $uploadedFileExtension = array_pop($uploadedFileNameParts);
     $validFileExts = explode(',', 'jpeg,jpg,png,gif,pdf,doc,docx,odt,rtf,ppt,xls,txt');
     //assume the extension is false until we know its ok
     $extOk = false;
     //go through every ok extension, if the ok extension matches the file extension (case insensitive)
     //then the file extension is ok
     foreach ($validFileExts as $key => $value) {
         if (preg_match("/{$value}/i", $uploadedFileExtension)) {
             $extOk = true;
         }
     }
     if ($extOk == false) {
         echo TextHelper::_('INVALID EXTENSION');
         return;
     }
     //data generation
     $date = DateHelper::formatDBDate(date('Y-m-d H:i:s'));
     $hashFilename = md5($fileName . $date) . "." . $uploadedFileExtension;
     //lose any special characters in the filename
     $fileName = preg_replace("[^A-Za-z0-9.]", "-", $fileName);
     //always use constants when making file paths, to avoid the possibilty of remote file inclusion
     $uploadPath = JPATH_SITE . '//documents/' . $hashFilename;
     if ($data['is_attachment']) {
         if (!File::write($uploadPath, $fileTemp)) {
             echo TextHelper::_('ERROR MOVING FILE');
             return;
         }
     } else {
         if (!File::upload($fileTemp, $uploadPath)) {
             echo TextHelper::_('ERROR MOVING FILE');
             return;
         }
     }
     $fileSize = filesize($uploadPath);
     //update the database
     $newData = array('name' => $fileName, 'filename' => $hashFilename, 'association_id' => $association_id, 'association_type' => $association_type, 'filetype' => $uploadedFileExtension, 'size' => $fileSize / 1024, 'created' => $date);
     if (array_key_exists('email', $data) && $data['email']) {
         $newData['email'] = 1;
     }
     //Load Tables
     $row = new DocumentTable();
     $oldRow = new DocumentTable();
     //date generation
     $date = DateHelper::formatDBDate(date('Y-m-d H:i:s'));
     if (!array_key_exists('id', $newData)) {
         $newData['created'] = $date;
         $status = "created";
     } else {
         $row->load($data['id']);
         $oldRow->load($data['id']);
         $status = "updated";
     }
     $is_image = is_array(getimagesize($uploadPath)) ? true : false;
     $newData['modified'] = $date;
     $newData['owner_id'] = UsersHelper::getUserId();
     $newData['is_image'] = $is_image;
     // Bind the form fields to the table
     if (!$row->bind($newData)) {
         $this->setError($this->db->getErrorMsg());
         return false;
     }
     $app = \Cobalt\Container::fetch('app');
     //$app->triggerEvent('onBeforeDocumentSave', array(&$row));
     // Make sure the record is valid
     if (!$row->check()) {
         $this->setError($this->db->getErrorMsg());
         return false;
     }
     // Store the web link table to the database
     if (!$row->store()) {
         $this->setError($this->db->getErrorMsg());
         return false;
     }
     $id = array_key_exists('id', $data) ? $data['id'] : $this->db->insertId();
     ActivityHelper::saveActivity($oldRow, $row, 'document', $status);
     //$app->triggerEvent('onAfterDocumentSave', array(&$row));
     return $id;
 }