phpwcms PHP Cross Reference Content Management Systems

Source: /include/inc_act/act_upload.php - 124 lines - 3734 bytes - Summary - Text - Print

Description: phpwcms content management system

   1  <?php
   2  /**
   3   * phpwcms content management system
   4   *
   5   * @author Oliver Georgi <oliver@phpwcms.de>
   6   * @copyright Copyright (c) 2002-2014, Oliver Georgi
   7   * @license http://opensource.org/licenses/GPL-2.0 GNU GPL-2
   8   * @link http://www.phpwcms.de
   9   *
  10   **/
  11  
  12  session_start();
  13  
  14  if(empty($_SESSION["wcs_user_id"])) {
  15  
  16      die('{"success":false}');
  17  
  18  }
  19  
  20  $phpwcms = array();
  21  require ('../../config/phpwcms/conf.inc.php');
  22  require  ('../inc_lib/default.inc.php');
  23  require  (PHPWCMS_ROOT.'/include/inc_lib/general.inc.php');
  24  require  (PHPWCMS_ROOT.'/include/inc_js/uploader/fileuploader.php');
  25  
  26  if(@ini_get('post_max_size')) {
  27      $post_max_size = return_bytes(ini_get('post_max_size'));
  28      if($post_max_size < $phpwcms['file_maxsize']) {
  29          $phpwcms['file_maxsize'] = $post_max_size - 1;
  30      }
  31  } else {
  32      $post_max_size = $phpwcms['file_maxsize'];
  33  }
  34  if(@ini_get('upload_max_filesize')) {
  35      $upload_max_filesize = return_bytes(ini_get('upload_max_filesize'));
  36      if($upload_max_filesize < $phpwcms['file_maxsize']) {
  37          $phpwcms['file_maxsize'] = $upload_max_filesize - 1;
  38      }
  39  } else {
  40      $upload_max_filesize = $phpwcms['file_maxsize'];
  41  }
  42  
  43  $uploader    = new qqFileUploader(array(), min($post_max_size, $upload_max_filesize, $phpwcms['file_maxsize']));
  44  $uploadDir    = PHPWCMS_ROOT.$phpwcms["ftp_path"];
  45  
  46  // Call handleUpload() with the name of the folder, relative to PHP's getcwd()
  47  $result = $uploader->handleUpload($uploadDir, NULL, TRUE, FALSE);
  48  
  49  $result['filename']    = $uploader->getUploadName();
  50  
  51  if($result['success'] && !empty($_GET['file_public'])) {
  52      
  53      require_once  (PHPWCMS_ROOT.'/include/inc_lib/dbcon.inc.php');
  54  
  55      $data = array(
  56          'f_pid'            => intval($_GET['file_dir']),
  57          'f_uid'            => intval($_SESSION["wcs_user_id"]),
  58          'f_kid'            => 1,
  59          'f_aktiv'        => 1,
  60          'f_public'        => 1,
  61          'f_name'        => $result['filename'],
  62          'f_created'        => now(),
  63          'f_size'        => $uploader->getFileSize(),
  64          'f_type'        => $uploader->getFileType(),
  65          'f_ext'            => strtolower($uploader->getFileExtension()),
  66          'f_longinfo'    => slweg($_GET['file_longinfo']),
  67          'f_hash'        => md5( $result['filename'] . microtime() ),
  68          'f_copyright'    => slweg($_GET['file_copyright']),
  69          'f_tags'        => clean_slweg($_GET['file_tags'])
  70      );
  71      
  72      if(PHPWCMS_CHARSET != 'utf-8') {
  73          $data['f_name']            = makeCharsetConversion($data['f_name'], 'utf-8', PHPWCMS_CHARSET);
  74          $data['f_longinfo']        = makeCharsetConversion($data['f_longinfo'], 'utf-8', PHPWCMS_CHARSET);
  75          $data['f_copyright']    = makeCharsetConversion($data['f_copyright'], 'utf-8', PHPWCMS_CHARSET);
  76          $data['f_tags']            = makeCharsetConversion($data['f_tags'], 'utf-8', PHPWCMS_CHARSET);
  77      }
  78      
  79      $insert = _dbInsert('phpwcms_file', $data);
  80  
  81      // move uploaded file
  82      if(!empty($insert['INSERT_ID'])) {
  83          
  84          $userftppath    = PHPWCMS_ROOT.$phpwcms["ftp_path"];
  85          $useruploadpath = PHPWCMS_ROOT.$phpwcms["file_path"];
  86          $usernewfile    = $useruploadpath.$data['f_hash'];
  87          
  88          if($data['f_ext']) {
  89              $usernewfile .= '.'.$data['f_ext'];
  90          }
  91          
  92          $oldmask = umask(0);
  93  
  94          if($dir = @opendir($useruploadpath) && @copy($userftppath.$result['filename'], $usernewfile)) {
  95          
  96              @unlink($userftppath.$result['filename']);
  97          
  98          } else {
  99              
 100              require (PHPWCMS_ROOT.'/include/inc_lang/backend/en/lang.inc.php');
 101              $cust_lang = PHPWCMS_ROOT.'/include/inc_lang/backend/' . strtolower(substr($_SESSION["wcs_user_lang"], 0, 2)) . '/lang.inc.php';
 102              if(is_file($cust_lang)) {
 103                  include($cust_lang);
 104              }
 105              
 106              $result['success'] = false;
 107              $result['error'] = $BL['be_error_while_save'];
 108              
 109              _dbQuery('DELETE FROM '.DB_PREPEND.'phpwcms_file WHERE f_id='._dbEscape($insert['INSERT_ID']));
 110              
 111          }
 112          
 113          if(!empty($dir)) {
 114              @closedir($dir);
 115          }
 116          
 117      }
 118  
 119  }
 120  
 121  // to pass data through iframe you will need to encode all html tags
 122  echo html_entities(json_encode($result), ENT_NOQUOTES);
 123  
 124  ?>

title

Description

title

Description

title

Description

title

title

Body