當前位置: 首頁>>代碼示例>>PHP>>正文


PHP FWValidator::is_file_ending_harmless方法代碼示例

本文整理匯總了PHP中FWValidator::is_file_ending_harmless方法的典型用法代碼示例。如果您正苦於以下問題:PHP FWValidator::is_file_ending_harmless方法的具體用法?PHP FWValidator::is_file_ending_harmless怎麽用?PHP FWValidator::is_file_ending_harmless使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在FWValidator的用法示例。


在下文中一共展示了FWValidator::is_file_ending_harmless方法的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的PHP代碼示例。

示例1: handleRequest

 /**
  * @override
  */
 public function handleRequest()
 {
     // HTTP headers for no cache etc
     header('Content-type: text/plain; charset=UTF-8');
     header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
     header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
     header("Cache-Control: no-store, no-cache, must-revalidate");
     header("Cache-Control: post-check=0, pre-check=0", false);
     header("Pragma: no-cache");
     // Get parameters
     $chunk = isset($_REQUEST["chunk"]) ? $_REQUEST["chunk"] : 0;
     $chunks = isset($_REQUEST["chunks"]) ? $_REQUEST["chunks"] : 0;
     $fileName = isset($_REQUEST["name"]) ? $_REQUEST["name"] : '';
     $fileCount = $_GET['files'];
     if (\FWValidator::is_file_ending_harmless($fileName)) {
         try {
             $this->addChunk($fileName, $chunk, $chunks);
         } catch (UploaderException $e) {
             die('{"jsonrpc" : "2.0", "error" : {"code": 101, "message": "' . $e->getMessage() . '"}, "id" : "id"}');
         }
     } else {
         if ($chunk == 0) {
             // only count first chunk
             // TODO: there must be a way to cancel the upload process on the client side
             $this->addHarmfulFileToResponse($fileName);
         }
     }
     if ($chunk == $chunks - 1) {
         //upload finished
         $this->handleCallback($fileCount);
     }
     die('{"jsonrpc" : "2.0", "result" : null, "id" : "id"}');
 }
開發者ID:nahakiole,項目名稱:cloudrexx,代碼行數:36,代碼來源:PlUploader.class.php

示例2: handleRequest

 /**
  * @override
  */
 public function handleRequest()
 {
     global $_FILES;
     //get a writable directory
     $targetDir = '/upload_' . $this->uploadId;
     $tempPath = $_SESSION->getTempPath();
     $webTempPath = $_SESSION->getWebTempPath();
     //make sure target directory exists
     if (!file_exists($tempPath . $targetDir)) {
         \Cx\Lib\FileSystem\FileSystem::make_folder($webTempPath . $targetDir);
     }
     //move all uploaded file to this upload's temp directory
     foreach ($_FILES["uploaderFiles"]["error"] as $key => $error) {
         if ($error == UPLOAD_ERR_OK) {
             $tmpName = $_FILES["uploaderFiles"]["tmp_name"][$key];
             $name = $_FILES["uploaderFiles"]["name"][$key];
             if (!\FWValidator::is_file_ending_harmless($name)) {
                 die('Error:' . sprintf('The file %s was refused due to its file extension which is not allowed!', htmlentities($name, ENT_QUOTES, CONTREXX_CHARSET)));
             }
             //TODO: Uploader::addChunk does this also -> centralize in function
             // remember the "raw" file name, we want to store all original
             // file names in the session.
             $originalFileName = $name;
             // Clean the fileName for security reasons
             // we're using a-zA-Z0-9 instead of \w because of the umlauts.
             // linux excludes them from \w, windows includes them. we do not want different
             // behaviours on different operating systems.
             $name = preg_replace('/[^a-zA-Z0-9\\._-]+/', '', $name);
             $originalFileNames = array();
             if (isset($_SESSION['upload']['handlers'][$this->uploadId]['originalFileNames'])) {
                 $originalFileNames = $_SESSION['upload']['handlers'][$this->uploadId]['originalFileNames'];
             }
             $originalFileNames[$name] = $originalFileName;
             $_SESSION['upload']['handlers'][$this->uploadId]['originalFileNames'] = $originalFileNames;
             //end of TODO-region
             //move file somewhere we know both the web- and normal path...
             @move_uploaded_file($tmpName, ASCMS_TEMP_PATH . '/' . $name);
             //...then do a safe-mode-safe (yeah) move operation
             \Cx\Lib\FileSystem\FileSystem::move(ASCMS_TEMP_WEB_PATH . '/' . $name, $webTempPath . $targetDir . '/' . $name, true);
         }
     }
     //and call back.
     $this->notifyCallback();
     //redirect the user where he belongs
     $this->redirect();
 }
開發者ID:Cloudrexx,項目名稱:cloudrexx,代碼行數:49,代碼來源:FormUploader.class.php

示例3: handleRequest

 /**
  * @override
  */
 public function handleRequest()
 {
     // Get parameters
     $chunk = $_POST['partitionIndex'];
     $chunks = $_POST['partitionCount'];
     $fileName = contrexx_stripslashes($_FILES['file']['name']);
     $fileCount = $_GET['files'];
     // check if the file has a valid file extension
     if (\FWValidator::is_file_ending_harmless($fileName)) {
         try {
             $this->addChunk($fileName, $chunk, $chunks);
         } catch (UploaderException $e) {
             die('Error:' . $e->getMessage());
         }
         if ($chunk == $chunks - 1) {
             //upload of current file finished
             $this->handleCallback($fileCount);
         }
     } else {
         $this->addHarmfulFileToResponse($fileName);
     }
     die(0);
 }
開發者ID:nahakiole,項目名稱:cloudrexx,代碼行數:26,代碼來源:JumpUploader.class.php

示例4: processFormUpload

 /**
  * Process upload form
  *
  * @global     array    $_ARRAYLANG
  * @return     boolean  true if file uplod successfully and false if it failed
  */
 private function processFormUpload()
 {
     global $_ARRAYLANG;
     $objSession = \cmsSession::getInstance();
     $uploaderId = isset($_POST['media_upload_file']) ? contrexx_input2raw($_POST['media_upload_file']) : 0;
     if (empty($uploaderId)) {
         return false;
     }
     $tempPath = $objSession->getTempPath() . '/' . contrexx_input2raw($uploaderId);
     if (!\Cx\Lib\FileSystem\FileSystem::exists($tempPath)) {
         return false;
     }
     $errorMsg = array();
     foreach (glob($tempPath . '/*') as $file) {
         $i = 0;
         $fileName = basename($file);
         $path = $tempPath . '/' . $fileName;
         $file = $this->path . $fileName;
         $arrFile = pathinfo($file);
         while (file_exists($file)) {
             $suffix = '-' . (time() + ++$i);
             $file = $this->path . $arrFile['filename'] . $suffix . '.' . $arrFile['extension'];
         }
         if (!\FWValidator::is_file_ending_harmless($path)) {
             $errorMsg[] = sprintf($_ARRAYLANG['TXT_MEDIA_FILE_EXTENSION_NOT_ALLOWED'], htmlentities($fileName, ENT_QUOTES, CONTREXX_CHARSET));
             continue;
         }
         try {
             $objFile = new \Cx\Lib\FileSystem\File($path);
             $objFile->move($file, false);
             $fileObj = new \File();
             $fileObj->setChmod($this->path, $this->webPath, basename($file));
         } catch (\Cx\Lib\FileSystem\FileSystemException $e) {
             \DBG::msg($e->getMessage());
             $errorMsg[] = sprintf($_ARRAYLANG['TXT_MEDIA_FILE_UPLOAD_FAILED'], htmlentities($fileName, ENT_QUOTES, CONTREXX_CHARSET));
         }
     }
     if (!empty($errorMsg)) {
         $this->_strErrorMessage = explode('<br>', $errorMsg);
         return false;
     }
     $this->_strOkMessage = $_ARRAYLANG['TXT_MEDIA_FILE_UPLOADED_SUCESSFULLY'];
     return true;
 }
開發者ID:hbdsklf,項目名稱:LimeCMS,代碼行數:50,代碼來源:Media.class.php

示例5: uploadMedia

 /**
  * Copy the Upload the image to the path
  * Note: validation should be done before calling this function
  * 
  * @param string $imagePath Temp path of the uploaded media
  * 
  * @return boolean|string relative path of the uploaded file, false otherwise
  */
 function uploadMedia($imagePath)
 {
     if ($imagePath == '' || !\FWValidator::is_file_ending_harmless($imagePath)) {
         return false;
     }
     // get extension
     $imageName = basename($imagePath);
     $arrImageInfo = pathinfo($imageName);
     $imageExtension = !empty($arrImageInfo['extension']) ? '.' . $arrImageInfo['extension'] : '';
     $imageBasename = $arrImageInfo['filename'];
     $randomSum = rand(10, 99);
     // encode filename
     if ($this->arrSettings['settingsEncryptFilenames'] == 1) {
         $imageName = md5($randomSum . $imageBasename) . $imageExtension;
     }
     // check filename
     if (file_exists($this->imagePath . 'images/' . $imageName)) {
         $imageName = $imageBasename . '_' . time() . $imageExtension;
     }
     // upload file
     if (\Cx\Lib\FileSystem\FileSystem::copy_file($imagePath, $this->imagePath . 'images/' . $imageName) === false) {
         return false;
     }
     $imageDimension = getimagesize($this->imagePath . 'images/' . $imageName);
     $intNewWidth = $imageDimension[0];
     $intNewHeight = $imageDimension[1];
     $imageFormat = $imageDimension[0] > $imageDimension[1] ? 1 : 0;
     $setNewSize = 0;
     if ($imageDimension[0] > 640 && $imageFormat == 1) {
         $doubleFactorDimension = 640 / $imageDimension[0];
         $intNewWidth = 640;
         $intNewHeight = round($doubleFactorDimension * $imageDimension[1], 0);
         $setNewSize = 1;
     } elseif ($imageDimension[1] > 480) {
         $doubleFactorDimension = 480 / $imageDimension[1];
         $intNewHeight = 480;
         $intNewWidth = round($doubleFactorDimension * $imageDimension[0], 0);
         $setNewSize = 1;
     }
     if ($setNewSize == 1) {
         $objImage = new \ImageManager();
         $objImage->loadImage($this->imagePath . 'images/' . $imageName);
         $objImage->resizeImage($intNewWidth, $intNewHeight, 100);
         $objImage->saveNewImage($this->imagePath . 'images/' . $imageName, true);
     }
     $objFile = new \File();
     $objFile->setChmod($this->imagePath, $this->imageWebPath, 'images/' . $imageName);
     // create thumbnail
     $this->checkThumbnail($this->imageWebPath . 'images/' . $imageName);
     return $this->imageWebPath . 'images/' . $imageName;
 }
開發者ID:Niggu,項目名稱:cloudrexx,代碼行數:59,代碼來源:MediaDirectoryInputfieldImage.class.php

示例6: processFormUpload

 /**
  * Process upload form
  *
  * @global     array    $_ARRAYLANG
  * @return     boolean  true if file uplod successfully and false if it failed
  */
 private function processFormUpload()
 {
     global $_ARRAYLANG;
     $inputField = 'media_upload_file';
     if (!isset($_FILES[$inputField]) || !is_array($_FILES[$inputField])) {
         return false;
     }
     $fileName = !empty($_FILES[$inputField]['name']) ? contrexx_stripslashes($_FILES[$inputField]['name']) : '';
     $fileTmpName = !empty($_FILES[$inputField]['tmp_name']) ? $_FILES[$inputField]['tmp_name'] : '';
     if (MediaLibrary::isIllegalFileName($fileName)) {
         $this->_strErrorMessage = $_ARRAYLANG['TXT_MEDIA_FILE_DONT_CREATE'];
         return false;
     }
     switch ($_FILES[$inputField]['error']) {
         case UPLOAD_ERR_INI_SIZE:
             $this->_strErrorMessage = sprintf($_ARRAYLANG['TXT_MEDIA_FILE_SIZE_EXCEEDS_LIMIT'], htmlentities($fileName, ENT_QUOTES, CONTREXX_CHARSET), $this->getFormatedFileSize(\FWSystem::getMaxUploadFileSize()));
             break;
         case UPLOAD_ERR_FORM_SIZE:
             $this->_strErrorMessage = sprintf($_ARRAYLANG['TXT_MEDIA_FILE_TOO_LARGE'], htmlentities($fileName, ENT_QUOTES, CONTREXX_CHARSET));
             break;
         case UPLOAD_ERR_PARTIAL:
             $this->_strErrorMessage = sprintf($_ARRAYLANG['TXT_MEDIA_FILE_CORRUPT'], htmlentities($fileName, ENT_QUOTES, CONTREXX_CHARSET));
             break;
         case UPLOAD_ERR_NO_FILE:
             $this->_strErrorMessage = $_ARRAYLANG['TXT_MEDIA_NO_FILE'];
             continue;
             break;
         default:
             if (!empty($fileTmpName)) {
                 $suffix = '';
                 $file = $this->path . $fileName;
                 $arrFile = pathinfo($file);
                 $i = 0;
                 while (file_exists($file)) {
                     $suffix = '-' . (time() + ++$i);
                     $file = $this->path . $arrFile['filename'] . $suffix . '.' . $arrFile['extension'];
                 }
                 if (\FWValidator::is_file_ending_harmless($fileName)) {
                     $fileExtension = $arrFile['extension'];
                     if (@move_uploaded_file($fileTmpName, $file)) {
                         $fileName = $arrFile['filename'];
                         $obj_file = new \File();
                         $obj_file->setChmod($this->path, $this->webPath, $fileName);
                         $this->_strOkMessage = $_ARRAYLANG['TXT_MEDIA_FILE_UPLOADED_SUCESSFULLY'];
                         return true;
                     } else {
                         $this->_strErrorMessage = sprintf($_ARRAYLANG['TXT_MEDIA_FILE_UPLOAD_FAILED'], htmlentities($fileName, ENT_QUOTES, CONTREXX_CHARSET));
                     }
                 } else {
                     $this->_strErrorMessage = sprintf($_ARRAYLANG['TXT_MEDIA_FILE_EXTENSION_NOT_ALLOWED'], htmlentities($fileName, ENT_QUOTES, CONTREXX_CHARSET));
                 }
             }
             break;
     }
     return false;
 }
開發者ID:nahakiole,項目名稱:cloudrexx,代碼行數:62,代碼來源:Media.class.php

示例7: uploadPicture

 function uploadPicture()
 {
     $status = "";
     $path = "pictures/";
     //check file array
     if (isset($_FILES) && !empty($_FILES)) {
         //get file info
         $tmpFile = $_FILES['pic']['tmp_name'];
         $fileName = $_FILES['pic']['name'];
         if ($fileName != "" && \FWValidator::is_file_ending_harmless($fileName)) {
             //check extension
             $info = pathinfo($fileName);
             $exte = $info['extension'];
             $exte = !empty($exte) ? '.' . $exte : '';
             $part1 = substr($fileName, 0, strlen($fileName) - strlen($exte));
             $rand = rand(10, 99);
             $fileName = md5($rand . $fileName) . $exte;
             //check file
             // TODO: $x is not defined
             $x = 0;
             if (file_exists($this->mediaPath . $path . $fileName)) {
                 $fileName = $rand . $part1 . '_' . (time() + $x) . $exte;
                 $fileName = md5($fileName) . $exte;
             }
             //upload file
             if (@move_uploaded_file($tmpFile, $this->mediaPath . $path . $fileName)) {
                 $objFile = new \File();
                 $objFile->setChmod($this->mediaPath, $this->mediaWebPath, $path . $fileName);
                 $status = $fileName;
             } else {
                 $status = "error";
             }
         } else {
             $status = "error";
         }
     }
     return $status;
 }
開發者ID:nahakiole,項目名稱:cloudrexx,代碼行數:38,代碼來源:MarketLibrary.class.php

示例8: _uploadFilesLegacy

 /**
  * Upload submitted files
  *
  * Move all files that are allowed to be uploaded in the folder that
  * has been specified in the configuration option "File upload deposition path"
  * @access private
  * @global array
  * @param array Files that have been submited
  * @see getSettings(), _cleanFileName(), errorMsg, FWSystem::getMaxUploadFileSize()
  * @return array A list of files that have been stored successfully in the system
  */
 function _uploadFilesLegacy($arrFields)
 {
     global $_ARRAYLANG;
     $arrSettings = $this->getSettings();
     $arrFiles = array();
     if (isset($_FILES) && is_array($_FILES)) {
         foreach (array_keys($_FILES) as $file) {
             $fileName = !empty($_FILES[$file]['name']) ? $this->_cleanFileName($_FILES[$file]['name']) : '';
             $fileTmpName = !empty($_FILES[$file]['tmp_name']) ? $_FILES[$file]['tmp_name'] : '';
             switch ($_FILES[$file]['error']) {
                 case UPLOAD_ERR_INI_SIZE:
                     //Die hochgeladene Datei überschreitet die in der Anweisung upload_max_filesize in php.ini festgelegte Grösse.
                     $this->errorMsg .= sprintf($_ARRAYLANG['TXT_CONTACT_FILE_SIZE_EXCEEDS_LIMIT'], $fileName, \FWSystem::getMaxUploadFileSize()) . '<br />';
                     break;
                 case UPLOAD_ERR_FORM_SIZE:
                     //Die hochgeladene Datei überschreitet die in dem HTML Formular mittels der Anweisung MAX_FILE_SIZE angegebene maximale Dateigrösse.
                     $this->errorMsg .= sprintf($_ARRAYLANG['TXT_CONTACT_FILE_TOO_LARGE'], $fileName) . '<br />';
                     break;
                 case UPLOAD_ERR_PARTIAL:
                     //Die Datei wurde nur teilweise hochgeladen.
                     $this->errorMsg .= sprintf($_ARRAYLANG['TXT_CONTACT_FILE_CORRUPT'], $fileName) . '<br />';
                     break;
                 case UPLOAD_ERR_NO_FILE:
                     //Es wurde keine Datei hochgeladen.
                     continue;
                     break;
                 default:
                     if (!empty($fileTmpName)) {
                         $arrFile = pathinfo($fileName);
                         $i = '';
                         $suffix = '';
                         $documentRootPath = \Env::get('cx')->getWebsiteDocumentRootPath();
                         $filePath = $arrSettings['fileUploadDepositionPath'] . '/' . $arrFile['filename'] . $suffix . '.' . $arrFile['extension'];
                         while (file_exists($documentRootPath . $filePath)) {
                             $suffix = '-' . ++$i;
                             $filePath = $arrSettings['fileUploadDepositionPath'] . '/' . $arrFile['filename'] . $suffix . '.' . $arrFile['extension'];
                         }
                         $arrMatch = array();
                         if (\FWValidator::is_file_ending_harmless($fileName)) {
                             if (@move_uploaded_file($fileTmpName, $documentRootPath . $filePath)) {
                                 $id = intval(substr($file, 17));
                                 $arrFiles[$id] = array('path' => $filePath, 'name' => $fileName);
                             } else {
                                 $this->errorMsg .= sprintf($_ARRAYLANG['TXT_CONTACT_FILE_UPLOAD_FAILED'], htmlentities($fileName, ENT_QUOTES, CONTREXX_CHARSET)) . '<br />';
                             }
                         } else {
                             $this->errorMsg .= sprintf($_ARRAYLANG['TXT_CONTACT_FILE_EXTENSION_NOT_ALLOWED'], htmlentities($fileName, ENT_QUOTES, CONTREXX_CHARSET)) . '<br />';
                         }
                     }
                     break;
             }
         }
     }
     return $arrFiles;
 }
開發者ID:nahakiole,項目名稱:cloudrexx,代碼行數:66,代碼來源:Contact.class.php

示例9: uploadMedia

 /**
  * upload media
  *
  * upload added media
  *
  * @access   public
  * @return   string  $fileName
  */
 function uploadMedia($name, $path)
 {
     //check file array
     if (isset($_FILES) && !empty($_FILES)) {
         //get file info
         $status = "";
         $tmpFile = $_FILES[$name]['tmp_name'];
         $fileName = $_FILES[$name]['name'];
         $fileType = $_FILES[$name]['type'];
         $this->fileSize = $_FILES[$name]['size'];
         if ($fileName != "" && \FWValidator::is_file_ending_harmless($fileName)) {
             //check extension
             $info = pathinfo($fileName);
             $exte = $info['extension'];
             $exte = !empty($exte) ? '.' . $exte : '';
             $part1 = substr($fileName, 0, strlen($fileName) - strlen($exte));
             $rand = rand(10, 99);
             $arrSettings = $this->getSettings();
             if ($arrSettings['encodeFilename']['value'] == 1) {
                 $fileName = md5($rand . $part1) . $exte;
             }
             //check file
             if (file_exists($this->mediaPath . $path . $fileName)) {
                 // TODO: $x is never set!
                 //                    $fileName = $part1 . '_' . (time() + $x) . $exte;
                 $fileName = $part1 . '_' . time() . $exte;
             }
             //check extension
             $info = pathinfo($fileName);
             $exte = $info['extension'];
             $exte = !empty($exte) ? '.' . $exte : '';
             $part1 = substr($fileName, 0, strlen($fileName) - strlen($exte));
             $rand = rand(10, 99);
             $arrSettings = $this->getSettings();
             if ($arrSettings['encodeFilename']['value'] == 1) {
                 $fileName = md5($rand . $part1) . $exte;
             }
             //check file
             if (file_exists($this->mediaPath . $path . $fileName)) {
                 // TODO: $x is never set!
                 //                    $fileName = $part1 . '_' . (time() + $x) . $exte;
                 $fileName = $part1 . '_' . time() . $exte;
             }
             //upload file
             if (@move_uploaded_file($tmpFile, $this->mediaPath . $path . $fileName)) {
                 $obj_file = new \File();
                 $obj_file->setChmod($this->mediaPath, $this->mediaWebPath, $path . $fileName);
                 $status = $fileName;
             } else {
                 $status = "error";
             }
             //make thumb
             if (($fileType == "image/gif" || $fileType == "image/jpeg" || $fileType == "image/jpg" || $fileType == "image/png") && $path != "uploads/") {
                 $this->createThumb($fileName, $path);
             }
         } else {
             $status = "error";
         }
     }
     return $status;
 }
開發者ID:nahakiole,項目名稱:cloudrexx,代碼行數:69,代碼來源:DirectoryLibrary.class.php

示例10: getFileFromWebsiteRepository

 /**
  * Checks if a customized version of a file exists in the website data
  * repository and returns its path if it exists.
  *
  * @param   string  $file       Path of file to look for a customized
  *                              version for.
  * @param   boolean $webPath    Whether or not to return the relative web
  *                              path instead of the absolute file system
  *                              path (default).
  * @param   boolean $isWebsite  If $isWebsite is provided, then it is set
  *                              to TRUE if the file can be located in the
  *                              website data repository. Otherwise it is
  *                              set to FALSE.
  * @return  mixed               Path (as string) to customized version of
  *                              file or FALSE if none exists.
  */
 public function getFileFromWebsiteRepository($file, $webPath = false, &$isWebsite = false)
 {
     // When the LegacyClassLoader is not initialized you cant load the FWValidator class
     // which is needed for the security check following next
     if (!$this->legacyClassLoader) {
         return false;
     }
     // Checks if the file is a harmless one, because you can upload anything
     // over the ftp which probably not should be executed
     if (!\FWValidator::is_file_ending_harmless($file)) {
         return false;
     }
     // check if customized version of file exists
     if (!file_exists($this->cx->getWebsiteDocumentRootPath() . $file)) {
         return false;
     }
     // customized version of file found in website's data repository
     $isWebsite = true;
     return ($webPath ? $this->cx->getWebsiteOffsetPath() : $this->cx->getWebsiteDocumentRootPath()) . $file;
 }
開發者ID:Cloudrexx,項目名稱:cloudrexx,代碼行數:36,代碼來源:ClassLoader.class.php

示例11: uploadCSV

 /**
  * Upload a Csv File
  *
  * @param String $name File name
  * @param String $path uploading file path
  *
  * @return String
  */
 function uploadCSV($name, $path)
 {
     //check file array
     if (isset($_FILES) && !empty($_FILES)) {
         //get file info
         $status = "";
         $tmpFile = $_FILES[$name]['tmp_name'];
         $fileName = $_FILES[$name]['name'];
         $fileType = $_FILES[$name]['type'];
         $fileSize = $_FILES[$name]['size'];
         if ($fileName != "" && \FWValidator::is_file_ending_harmless($fileName)) {
             //check extension
             $info = pathinfo($fileName);
             $exte = $info['extension'];
             $exte = !empty($exte) ? '.' . $exte : '';
             $fileName = time() . $exte;
             //upload file
             if (@move_uploaded_file($tmpFile, $path . $fileName)) {
                 @chmod($path . $fileName, '0777');
                 $status = $fileName;
             } else {
                 $status = "error";
             }
         } else {
             $status = "error";
         }
     }
     return $status;
 }
開發者ID:nahakiole,項目名稱:cloudrexx,代碼行數:37,代碼來源:CrmInterface.class.php

示例12: uploadPicture

 /**
  * Move the uploaded image to destination path from the temp path
  *
  * @return mixed $status | false
  */
 public function uploadPicture()
 {
     $status = "";
     $path = "pictures/";
     //check file array
     $uploaderId = isset($_POST['marketUploaderId']) ? contrexx_input2raw($_POST['marketUploaderId']) : 0;
     $fileName = isset($_POST['uploadImage']) ? contrexx_input2raw($_POST['uploadImage']) : 0;
     if (empty($uploaderId) || empty($fileName)) {
         return false;
     }
     //get file info
     $objSession = \cmsSession::getInstance();
     $tmpFile = $objSession->getTempPath() . '/' . $uploaderId . '/' . $fileName;
     if (!\Cx\Lib\FileSystem\FileSystem::exists($tmpFile)) {
         return false;
     }
     if ($fileName != '' && \FWValidator::is_file_ending_harmless($fileName)) {
         //check extension
         $info = pathinfo($fileName);
         $exte = $info['extension'];
         $exte = !empty($exte) ? '.' . $exte : '';
         $part1 = substr($fileName, 0, strlen($fileName) - strlen($exte));
         $rand = rand(10, 99);
         $fileName = md5($rand . $fileName) . $exte;
         //check file
         // TODO: $x is not defined
         $x = 0;
         if (file_exists($this->mediaPath . $path . $fileName)) {
             $fileName = $rand . $part1 . '_' . (time() + $x) . $exte;
             $fileName = md5($fileName) . $exte;
         }
         //Move the uploaded file to the path specified in the variable $this->mediaPath
         try {
             $objFile = new \Cx\Lib\FileSystem\File($tmpFile);
             if ($objFile->move($this->mediaPath . $path . $fileName, false)) {
                 $objFile = new \File();
                 $objFile->setChmod($this->mediaPath, $this->mediaWebPath, $path . $fileName);
                 $status = $fileName;
             } else {
                 $status = "error";
             }
         } catch (\Cx\Lib\FileSystem\FileSystemException $e) {
             \DBG::msg($e->getMessage());
         }
     } else {
         $status = "error";
     }
     return $status;
 }
開發者ID:Niggu,項目名稱:cloudrexx,代碼行數:54,代碼來源:MarketLibrary.class.php

示例13: addUploadedImagesToProfile

 /**
  * Move the uploaded images into place and link to the user
  *
  * @param \User  $objUser    \User object
  * @param array  $arrProfile Array profile data
  * @param array  $arrImages  Uploaded images array
  * @param string $uploaderId Uploader id
  *
  * @return boolean TRUE on success false otherwise
  */
 protected function addUploadedImagesToProfile($objUser, &$arrProfile, $arrImages, $uploaderId)
 {
     global $_CORELANG;
     $objSession = \cmsSession::getInstance();
     $arrErrorMsg = array();
     foreach ($arrImages as $attribute => $arrHistories) {
         foreach ($arrHistories as $historyId => $data) {
             $arrUploadedImages = array();
             if ($historyId === 'new') {
                 foreach ($data as $historyIndex => $filePath) {
                     $arrUploadedImages[] = array('path' => contrexx_input2raw($filePath), 'history_index' => $historyIndex);
                 }
             } else {
                 $arrUploadedImages[] = array('path' => contrexx_input2raw($data));
             }
             foreach ($arrUploadedImages as $arrImage) {
                 $fileName = basename($arrImage['path']);
                 $path = $objSession->getTempPath() . '/' . contrexx_input2raw($uploaderId) . '/' . $fileName;
                 if (!\Cx\Lib\FileSystem\FileSystem::exists($path) || !\FWValidator::is_file_ending_harmless($path)) {
                     continue;
                 }
                 $fileSize = filesize($path);
                 if (!$this->isImageWithinAllowedSize($fileSize, $attribute == 'picture')) {
                     $objAttribute = $objUser->objAttribute->getById($attribute);
                     $arrErrorMsg[] = sprintf($_CORELANG['TXT_ACCESS_PIC_TOO_BIG'], htmlentities($objAttribute->getName(), ENT_QUOTES, CONTREXX_CHARSET));
                     continue;
                 }
                 // resize image and put it into place (ASCMS_ACCESS_PHOTO_IMG_PATH / ASCMS_ACCESS_PROFILE_IMG_PATH)
                 if (($imageName = $this->moveUploadedImageInToPlace($objUser, $path, $fileName, $attribute == 'picture')) === false) {
                     continue;
                 }
                 // create thumbnail
                 if ($this->createThumbnailOfImage($imageName, $attribute == 'picture') !== false) {
                     if ($historyId === 'new') {
                         $arrProfile[$attribute][$historyId][$arrImage['history_index']] = $imageName;
                     } else {
                         $arrProfile[$attribute][$historyId] = $imageName;
                     }
                 }
             }
         }
     }
     if (count($arrErrorMsg)) {
         return $arrErrorMsg;
     } else {
         return true;
     }
 }
開發者ID:Niggu,項目名稱:cloudrexx,代碼行數:58,代碼來源:AccessLib.class.php

示例14: uploadMedia

 /**
  * Upload the media files
  *
  * @param string $fileName   name of the media file
  * @param string $path       folder path
  * @param string $uploaderId uploader id
  *
  * @return string $status name of the uploaded file / error
  */
 function uploadMedia($fileName, $path, $uploaderId)
 {
     if (empty($uploaderId) || empty($fileName)) {
         return 'error';
     }
     $cx = \Cx\Core\Core\Controller\Cx::instanciate();
     $objSession = $cx->getComponent('Session')->getSession();
     $tempPath = $objSession->getTempPath() . '/' . $uploaderId . '/' . $fileName;
     //Check the uploaded file exists in /tmp folder
     if (!\Cx\Lib\FileSystem\FileSystem::exists($tempPath)) {
         //If the file still exists in the mediaPath then return the filename
         if (\Cx\Lib\FileSystem\FileSystem::exists($this->mediaPath . $path . $fileName)) {
             return $fileName;
         }
         return 'error';
     }
     $info = pathinfo($fileName);
     $exte = $info['extension'];
     $extension = !empty($exte) ? '.' . $exte : '';
     $file = substr($fileName, 0, strlen($fileName) - strlen($extension));
     $rand = rand(10, 99);
     $arrSettings = $this->getSettings();
     if ($arrSettings['encodeFilename']['value'] == 1) {
         $fileName = md5($rand . $file) . $extension;
     }
     //Rename the file if the filename already exists
     while (\Cx\Lib\FileSystem\FileSystem::exists($this->mediaPath . $path . $fileName)) {
         $fileName = $file . '_' . time() . $extension;
     }
     $filePath = $this->mediaPath . $path . $fileName;
     if (!\FWValidator::is_file_ending_harmless($filePath)) {
         return 'error';
     }
     //Move the file from /tmp folder into mediaPath and set the permission
     try {
         $objFile = new \Cx\Lib\FileSystem\File($tempPath);
         if ($objFile->move($filePath, false)) {
             $fileObj = new \File();
             $fileObj->setChmod($this->mediaPath, $this->mediaWebPath, $path . $fileName);
             $status = $fileName;
         }
     } catch (\Cx\Lib\FileSystem\FileSystemException $e) {
         \DBG::msg($e->getMessage());
         $status = 'error';
     }
     //make the thumb
     if (($exte == "gif" || $exte == "jpeg" || $exte == "jpg" || $exte == "png") && $path != "uploads/") {
         $this->createThumb($fileName, $path);
     }
     return $status;
 }
開發者ID:Cloudrexx,項目名稱:cloudrexx,代碼行數:60,代碼來源:DirectoryLibrary.class.php

示例15: uploadFinished

 public static function uploadFinished($tempPath, $tempWebPath, $data, $uploadId, $fileInfos)
 {
     global $objDatabase, $_ARRAYLANG, $_CONFIG;
     $originalNames = $fileInfos['originalFileNames'];
     $path = $data['path'];
     $webPath = $data['webPath'];
     $objCategory = Category::getCategory($data['category_id']);
     // check for sufficient permissions
     if ($objCategory->getAddFilesAccessId() && !\Permission::checkAccess($objCategory->getAddFilesAccessId(), 'dynamic', true) && $objCategory->getOwnerId() != \FWUser::getFWUserObject()->objUser->getId()) {
         return;
     }
     //we remember the names of the uploaded files here. they are stored in the session afterwards,
     //so we can later display them highlighted.
     $arrFiles = array();
     //rename files, delete unwanted
     $arrFilesToRename = array();
     //used to remember the files we need to rename
     $h = opendir($tempPath);
     while (false !== ($file = readdir($h))) {
         //skip . and ..
         if ($file == '.' || $file == '..') {
             continue;
         }
         //delete potentially malicious files
         if (!\FWValidator::is_file_ending_harmless($file)) {
             @unlink($tempPath . '/' . $file);
             continue;
         }
         $info = pathinfo($file);
         $cleanFile = \Cx\Lib\FileSystem\FileSystem::replaceCharacters($file);
         if ($cleanFile != $file) {
             rename($tempPath . '/' . $file, $tempPath . '/' . $cleanFile);
             $file = $cleanFile;
         }
         //check if file needs to be renamed
         $newName = '';
         $suffix = '';
         if (file_exists($path . '/' . $file)) {
             if (empty($_REQUEST['uploadForceOverwrite']) || !intval($_REQUEST['uploadForceOverwrite'] > 0)) {
                 $suffix = '_' . time();
                 $newName = $info['filename'] . $suffix . '.' . $info['extension'];
                 $arrFilesToRename[$file] = $newName;
                 array_push($arrFiles, $newName);
             }
         }
         if (!isset($arrFilesToRename[$file])) {
             //file will keep this name - create thumb
             \ImageManager::_createThumb($tempPath . '/', $tempWebPath . '/', $file);
         }
         $objDownloads = new downloads('');
         $objDownloads->addDownloadFromUpload($info['filename'], $info['extension'], $suffix, $objCategory, $objDownloads, $originalNames[$file]);
     }
     //rename files where needed
     foreach ($arrFilesToRename as $oldName => $newName) {
         rename($tempPath . '/' . $oldName, $tempPath . '/' . $newName);
         //file will keep this name - create thumb
         \ImageManager::_createThumb($tempPath . '/', $tempWebPath . '/', $newName);
     }
     //remeber the uploaded files
     $_SESSION['media_upload_files_' . $uploadId] = $arrFiles;
     /* unwanted files have been deleted, unallowed filenames corrected.
        we can now simply return the desired target path, as only valid
        files are present in $tempPath */
     return array($path, $webPath);
 }
開發者ID:nahakiole,項目名稱:cloudrexx,代碼行數:65,代碼來源:Downloads.class.php


注:本文中的FWValidator::is_file_ending_harmless方法示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台,相關代碼片段篩選自各路編程大神貢獻的開源項目,源碼版權歸原作者所有,傳播和使用請參考對應項目的License;未經允許,請勿轉載。