source: www/forum/includes/functions_upload.php@ 54

Last change on this file since 54 was 54, checked in by george, 17 years ago

Přidáno: Forum phpBB 3.
  • Property svn:executable set to *
File size: 22.2 KB
Line 
1<?php
2/**
3*
4* @package phpBB3
5* @version $Id: functions_upload.php,v 1.40 2007/10/05 14:30:11 acydburn Exp $
6* @copyright (c) 2005 phpBB Group
7* @license http://opensource.org/licenses/gpl-license.php GNU Public License
8*
9*/
10
11/**
12* @ignore
13*/
14if (!defined('IN_PHPBB'))
15{
16 exit;
17}
18
19/**
20* Responsible for holding all file relevant information, as well as doing file-specific operations.
21* The {@link fileupload fileupload class} can be used to upload several files, each of them being this object to operate further on.
22* @package phpBB3
23*/
24class filespec
25{
26 var $filename = '';
27 var $realname = '';
28 var $uploadname = '';
29 var $mimetype = '';
30 var $extension = '';
31 var $filesize = 0;
32 var $width = 0;
33 var $height = 0;
34 var $image_info = array();
35
36 var $destination_file = '';
37 var $destination_path = '';
38
39 var $file_moved = false;
40 var $init_error = false;
41 var $local = false;
42
43 var $error = array();
44
45 var $upload = '';
46
47 /**
48 * File Class
49 * @access private
50 */
51 function filespec($upload_ary, $upload_namespace)
52 {
53 if (!isset($upload_ary))
54 {
55 $this->init_error = true;
56 return;
57 }
58
59 $this->filename = $upload_ary['tmp_name'];
60 $this->filesize = $upload_ary['size'];
61 $name = trim(htmlspecialchars(basename($upload_ary['name'])));
62 $this->realname = $this->uploadname = (STRIP) ? stripslashes($name) : $name;
63 $this->mimetype = $upload_ary['type'];
64
65 // Opera adds the name to the mime type
66 $this->mimetype = (strpos($this->mimetype, '; name') !== false) ? str_replace(strstr($this->mimetype, '; name'), '', $this->mimetype) : $this->mimetype;
67
68 if (!$this->mimetype)
69 {
70 $this->mimetype = 'application/octetstream';
71 }
72
73 $this->extension = strtolower($this->get_extension($this->realname));
74
75 // Try to get real filesize from temporary folder (not always working) ;)
76 $this->filesize = (@filesize($this->filename)) ? @filesize($this->filename) : $this->filesize;
77
78 $this->width = $this->height = 0;
79 $this->file_moved = false;
80
81 $this->local = (isset($upload_ary['local_mode'])) ? true : false;
82 $this->upload = $upload_namespace;
83 }
84
85 /**
86 * Cleans destination filename
87 *
88 * @param real|unique|unique_ext $mode real creates a realname, filtering some characters, lowering every character. Unique creates an unique filename
89 * @param string $prefix Prefix applied to filename
90 * @access public
91 */
92 function clean_filename($mode = 'unique', $prefix = '', $user_id = '')
93 {
94 if ($this->init_error)
95 {
96 return;
97 }
98
99 switch ($mode)
100 {
101 case 'real':
102 // Remove every extension from filename (to not let the mime bug being exposed)
103 if (strpos($this->realname, '.') !== false)
104 {
105 $this->realname = substr($this->realname, 0, strpos($this->realname, '.'));
106 }
107
108 // Replace any chars which may cause us problems with _
109 $bad_chars = array("'", "\\", ' ', '/', ':', '*', '?', '"', '<', '>', '|');
110
111 $this->realname = rawurlencode(str_replace($bad_chars, '_', strtolower($this->realname)));
112 $this->realname = preg_replace("/%(\w{2})/", '_', $this->realname);
113
114 $this->realname = $prefix . $this->realname . '.' . $this->extension;
115 break;
116
117 case 'unique':
118 $this->realname = $prefix . md5(unique_id());
119 break;
120
121 case 'avatar':
122 $this->extension = strtolower($this->extension);
123 $this->realname = $prefix . $user_id . '.' . $this->extension;
124
125 break;
126
127 case 'unique_ext':
128 default:
129 $this->realname = $prefix . md5(unique_id()) . '.' . $this->extension;
130 break;
131 }
132 }
133
134 /**
135 * Get property from file object
136 */
137 function get($property)
138 {
139 if ($this->init_error || !isset($this->$property))
140 {
141 return false;
142 }
143
144 return $this->$property;
145 }
146
147 /**
148 * Check if file is an image (mimetype)
149 *
150 * @return true if it is an image, false if not
151 */
152 function is_image()
153 {
154 return (strpos($this->mimetype, 'image/') !== false) ? true : false;
155 }
156
157 /**
158 * Check if the file got correctly uploaded
159 *
160 * @return true if it is a valid upload, false if not
161 */
162 function is_uploaded()
163 {
164 if (!$this->local && !is_uploaded_file($this->filename))
165 {
166 return false;
167 }
168
169 if ($this->local && !file_exists($this->filename))
170 {
171 return false;
172 }
173
174 return true;
175 }
176
177 /**
178 * Remove file
179 */
180 function remove()
181 {
182 if ($this->file_moved)
183 {
184 @unlink($this->destination_file);
185 }
186 }
187
188 /**
189 * Get file extension
190 */
191 function get_extension($filename)
192 {
193 if (strpos($filename, '.') === false)
194 {
195 return '';
196 }
197
198 $filename = explode('.', $filename);
199 return array_pop($filename);
200 }
201
202 /**
203 * Get mimetype. Utilize mime_content_type if the function exist.
204 * Not used at the moment...
205 */
206 function get_mimetype($filename)
207 {
208 $mimetype = '';
209
210 if (function_exists('mime_content_type'))
211 {
212 $mimetype = mime_content_type($filename);
213 }
214
215 // Some browsers choke on a mimetype of application/octet-stream
216 if (!$mimetype || $mimetype == 'application/octet-stream')
217 {
218 $mimetype = 'application/octetstream';
219 }
220
221 return $mimetype;
222 }
223
224 /**
225 * Get filesize
226 */
227 function get_filesize($filename)
228 {
229 return @filesize($filename);
230 }
231
232 /**
233 * Move file to destination folder
234 * The phpbb_root_path variable will be applied to the destination path
235 *
236 * @param string $destination_path Destination path, for example $config['avatar_path']
237 * @param bool $overwrite If set to true, an already existing file will be overwritten
238 * @param octal $chmod Permission mask for chmodding the file after a successful move
239 * @access public
240 */
241 function move_file($destination, $overwrite = false, $skip_image_check = false, $chmod = 0666)
242 {
243 global $user, $phpbb_root_path;
244
245 if (sizeof($this->error))
246 {
247 return false;
248 }
249
250 // We need to trust the admin in specifying valid upload directories and an attacker not being able to overwrite it...
251 $this->destination_path = $phpbb_root_path . $destination;
252
253 // Check if the destination path exist...
254 if (!file_exists($this->destination_path))
255 {
256 @unlink($this->filename);
257 return false;
258 }
259
260 $upload_mode = (@ini_get('open_basedir') || @ini_get('safe_mode')) ? 'move' : 'copy';
261 $upload_mode = ($this->local) ? 'local' : $upload_mode;
262 $this->destination_file = $this->destination_path . '/' . basename($this->realname);
263
264 // Check if the file already exist, else there is something wrong...
265 if (file_exists($this->destination_file) && !$overwrite)
266 {
267 @unlink($this->filename);
268 }
269 else
270 {
271 if (file_exists($this->destination_file))
272 {
273 @unlink($this->destination_file);
274 }
275
276 switch ($upload_mode)
277 {
278 case 'copy':
279
280 if (!@copy($this->filename, $this->destination_file))
281 {
282 if (!@move_uploaded_file($this->filename, $this->destination_file))
283 {
284 $this->error[] = sprintf($user->lang[$this->upload->error_prefix . 'GENERAL_UPLOAD_ERROR'], $this->destination_file);
285 return false;
286 }
287 }
288
289 @unlink($this->filename);
290
291 break;
292
293 case 'move':
294
295 if (!@move_uploaded_file($this->filename, $this->destination_file))
296 {
297 if (!@copy($this->filename, $this->destination_file))
298 {
299 $this->error[] = sprintf($user->lang[$this->upload->error_prefix . 'GENERAL_UPLOAD_ERROR'], $this->destination_file);
300 return false;
301 }
302 }
303
304 @unlink($this->filename);
305
306 break;
307
308 case 'local':
309
310 if (!@copy($this->filename, $this->destination_file))
311 {
312 $this->error[] = sprintf($user->lang[$this->upload->error_prefix . 'GENERAL_UPLOAD_ERROR'], $this->destination_file);
313 return false;
314 }
315 @unlink($this->filename);
316
317 break;
318 }
319
320 @chmod($this->destination_file, $chmod);
321 }
322
323 // Try to get real filesize from destination folder
324 $this->filesize = (@filesize($this->destination_file)) ? @filesize($this->destination_file) : $this->filesize;
325
326 if ($this->is_image() && !$skip_image_check)
327 {
328 $this->width = $this->height = 0;
329
330 if (($this->image_info = @getimagesize($this->destination_file)) !== false)
331 {
332 $this->width = $this->image_info[0];
333 $this->height = $this->image_info[1];
334
335 if (!empty($this->image_info['mime']))
336 {
337 $this->mimetype = $this->image_info['mime'];
338 }
339
340 // Check image type
341 $types = $this->upload->image_types();
342
343 if (!isset($types[$this->image_info[2]]) || !in_array($this->extension, $types[$this->image_info[2]]))
344 {
345 if (!isset($types[$this->image_info[2]]))
346 {
347 $this->error[] = sprintf($user->lang['IMAGE_FILETYPE_INVALID'], $this->image_info[2], $this->mimetype);
348 }
349 else
350 {
351 $this->error[] = sprintf($user->lang['IMAGE_FILETYPE_MISMATCH'], $types[$this->image_info[2]][0], $this->extension);
352 }
353 }
354
355 // Make sure the dimensions match a valid image
356 if (empty($this->width) || empty($this->height))
357 {
358 $this->error[] = $user->lang['ATTACHED_IMAGE_NOT_IMAGE'];
359 }
360 }
361 else
362 {
363 $this->error[] = $user->lang['UNABLE_GET_IMAGE_SIZE'];
364 }
365 }
366
367 $this->file_moved = true;
368 $this->additional_checks();
369 unset($this->upload);
370
371 return true;
372 }
373
374 /**
375 * Performing additional checks
376 */
377 function additional_checks()
378 {
379 global $user;
380
381 if (!$this->file_moved)
382 {
383 return false;
384 }
385
386 // Filesize is too big or it's 0 if it was larger than the maxsize in the upload form
387 if ($this->upload->max_filesize && ($this->get('filesize') > $this->upload->max_filesize || $this->filesize == 0))
388 {
389 $size_lang = ($this->upload->max_filesize >= 1048576) ? $user->lang['MB'] : (($this->upload->max_filesize >= 1024) ? $user->lang['KB'] : $user->lang['BYTES'] );
390 $max_filesize = ($this->upload->max_filesize >= 1048576) ? round($this->upload->max_filesize / 1048576 * 100) / 100 : (($this->upload->max_filesize >= 1024) ? round($this->upload->max_filesize / 1024 * 100) / 100 : $this->upload->max_filesize);
391
392 $this->error[] = sprintf($user->lang[$this->upload->error_prefix . 'WRONG_FILESIZE'], $max_filesize, $size_lang);
393
394 return false;
395 }
396
397 if (!$this->upload->valid_dimensions($this))
398 {
399 $this->error[] = sprintf($user->lang[$this->upload->error_prefix . 'WRONG_SIZE'], $this->upload->min_width, $this->upload->min_height, $this->upload->max_width, $this->upload->max_height, $this->width, $this->height);
400
401 return false;
402 }
403
404 return true;
405 }
406}
407
408/**
409* Class for assigning error messages before a real filespec class can be assigned
410*
411* @package phpBB3
412*/
413class fileerror extends filespec
414{
415 function fileerror($error_msg)
416 {
417 $this->error[] = $error_msg;
418 }
419}
420
421/**
422* File upload class
423* Init class (all parameters optional and able to be set/overwritten separately) - scope is global and valid for all uploads
424*
425* @package phpBB3
426*/
427class fileupload
428{
429 var $allowed_extensions = array();
430 var $max_filesize = 0;
431 var $min_width = 0;
432 var $min_height = 0;
433 var $max_width = 0;
434 var $max_height = 0;
435 var $error_prefix = '';
436
437 /**
438 * Init file upload class.
439 *
440 * @param string $error_prefix Used error messages will get prefixed by this string
441 * @param array $allowed_extensions Array of allowed extensions, for example array('jpg', 'jpeg', 'gif', 'png')
442 * @param int $max_filesize Maximum filesize
443 * @param int $min_width Minimum image width (only checked for images)
444 * @param int $min_height Minimum image height (only checked for images)
445 * @param int $max_width Maximum image width (only checked for images)
446 * @param int $max_height Maximum image height (only checked for images)
447 *
448 */
449 function fileupload($error_prefix = '', $allowed_extensions = false, $max_filesize = false, $min_width = false, $min_height = false, $max_width = false, $max_height = false)
450 {
451 $this->set_allowed_extensions($allowed_extensions);
452 $this->set_max_filesize($max_filesize);
453 $this->set_allowed_dimensions($min_width, $min_height, $max_width, $max_height);
454 $this->set_error_prefix($error_prefix);
455 }
456
457 /**
458 * Reset vars
459 */
460 function reset_vars()
461 {
462 $this->max_filesize = 0;
463 $this->min_width = $this->min_height = $this->max_width = $this->max_height = 0;
464 $this->error_prefix = '';
465 $this->allowed_extensions = array();
466 }
467
468 /**
469 * Set allowed extensions
470 */
471 function set_allowed_extensions($allowed_extensions)
472 {
473 if ($allowed_extensions !== false && is_array($allowed_extensions))
474 {
475 $this->allowed_extensions = $allowed_extensions;
476 }
477 }
478
479 /**
480 * Set allowed dimensions
481 */
482 function set_allowed_dimensions($min_width, $min_height, $max_width, $max_height)
483 {
484 $this->min_width = (int) $min_width;
485 $this->min_height = (int) $min_height;
486 $this->max_width = (int) $max_width;
487 $this->max_height = (int) $max_height;
488 }
489
490 /**
491 * Set maximum allowed filesize
492 */
493 function set_max_filesize($max_filesize)
494 {
495 if ($max_filesize !== false && (int) $max_filesize)
496 {
497 $this->max_filesize = (int) $max_filesize;
498 }
499 }
500
501 /**
502 * Set error prefix
503 */
504 function set_error_prefix($error_prefix)
505 {
506 $this->error_prefix = $error_prefix;
507 }
508
509 /**
510 * Form upload method
511 * Upload file from users harddisk
512 *
513 * @param string $form_name Form name assigned to the file input field (if it is an array, the key has to be specified)
514 * @return object $file Object "filespec" is returned, all further operations can be done with this object
515 * @access public
516 */
517 function form_upload($form_name)
518 {
519 global $user;
520
521 unset($_FILES[$form_name]['local_mode']);
522 $file = new filespec($_FILES[$form_name], $this);
523
524 if ($file->init_error)
525 {
526 $file->error[] = '';
527 return $file;
528 }
529
530 // Error array filled?
531 if (isset($_FILES[$form_name]['error']))
532 {
533 $error = $this->assign_internal_error($_FILES[$form_name]['error']);
534
535 if ($error !== false)
536 {
537 $file->error[] = $error;
538 return $file;
539 }
540 }
541
542 // Check if empty file got uploaded (not catched by is_uploaded_file)
543 if (isset($_FILES[$form_name]['size']) && $_FILES[$form_name]['size'] == 0)
544 {
545 $file->error[] = $user->lang[$this->error_prefix . 'EMPTY_FILEUPLOAD'];
546 return $file;
547 }
548
549 // PHP Upload filesize exceeded
550 if ($file->get('filename') == 'none')
551 {
552 $file->error[] = (@ini_get('upload_max_filesize') == '') ? $user->lang[$this->error_prefix . 'PHP_SIZE_NA'] : sprintf($user->lang[$this->error_prefix . 'PHP_SIZE_OVERRUN'], @ini_get('upload_max_filesize'));
553 return $file;
554 }
555
556 // Not correctly uploaded
557 if (!$file->is_uploaded())
558 {
559 $file->error[] = $user->lang[$this->error_prefix . 'NOT_UPLOADED'];
560 return $file;
561 }
562
563 $this->common_checks($file);
564
565 return $file;
566 }
567
568 /**
569 * Move file from another location to phpBB
570 */
571 function local_upload($source_file, $filedata = false)
572 {
573 global $user;
574
575 $form_name = 'local';
576
577 $_FILES[$form_name]['local_mode'] = true;
578 $_FILES[$form_name]['tmp_name'] = $source_file;
579
580 if ($filedata === false)
581 {
582 $_FILES[$form_name]['name'] = basename($source_file);
583 $_FILES[$form_name]['size'] = 0;
584 $mimetype = '';
585
586 if (function_exists('mime_content_type'))
587 {
588 $mimetype = mime_content_type($source_file);
589 }
590
591 // Some browsers choke on a mimetype of application/octet-stream
592 if (!$mimetype || $mimetype == 'application/octet-stream')
593 {
594 $mimetype = 'application/octetstream';
595 }
596
597 $_FILES[$form_name]['type'] = $mimetype;
598 }
599 else
600 {
601 $_FILES[$form_name]['name'] = $filedata['realname'];
602 $_FILES[$form_name]['size'] = $filedata['size'];
603 $_FILES[$form_name]['type'] = $filedata['type'];
604 }
605
606 $file = new filespec($_FILES[$form_name], $this);
607
608 if ($file->init_error)
609 {
610 $file->error[] = '';
611 return $file;
612 }
613
614 if (isset($_FILES[$form_name]['error']))
615 {
616 $error = $this->assign_internal_error($_FILES[$form_name]['error']);
617
618 if ($error !== false)
619 {
620 $file->error[] = $error;
621 return $file;
622 }
623 }
624
625 // PHP Upload filesize exceeded
626 if ($file->get('filename') == 'none')
627 {
628 $file->error[] = (@ini_get('upload_max_filesize') == '') ? $user->lang[$this->error_prefix . 'PHP_SIZE_NA'] : sprintf($user->lang[$this->error_prefix . 'PHP_SIZE_OVERRUN'], @ini_get('upload_max_filesize'));
629 return $file;
630 }
631
632 // Not correctly uploaded
633 if (!$file->is_uploaded())
634 {
635 $file->error[] = $user->lang[$this->error_prefix . 'NOT_UPLOADED'];
636 return $file;
637 }
638
639 $this->common_checks($file);
640
641 return $file;
642 }
643
644 /**
645 * Remote upload method
646 * Uploads file from given url
647 *
648 * @param string $upload_url URL pointing to file to upload, for example http://www.foobar.com/example.gif
649 * @return object $file Object "filespec" is returned, all further operations can be done with this object
650 * @access public
651 */
652 function remote_upload($upload_url)
653 {
654 global $user, $phpbb_root_path;
655
656 $upload_ary = array();
657 $upload_ary['local_mode'] = true;
658
659 if (!preg_match('#^(https?://).*?\.(' . implode('|', $this->allowed_extensions) . ')$#i', $upload_url, $match))
660 {
661 $file = new fileerror($user->lang[$this->error_prefix . 'URL_INVALID']);
662 return $file;
663 }
664
665 if (empty($match[2]))
666 {
667 $file = new fileerror($user->lang[$this->error_prefix . 'URL_INVALID']);
668 return $file;
669 }
670
671 $url = parse_url($upload_url);
672
673 $host = $url['host'];
674 $path = $url['path'];
675 $port = (!empty($url['port'])) ? (int) $url['port'] : 80;
676
677 $upload_ary['type'] = 'application/octet-stream';
678
679 $url['path'] = explode('.', $url['path']);
680 $ext = array_pop($url['path']);
681
682 $url['path'] = implode('', $url['path']);
683 $upload_ary['name'] = basename($url['path']) . (($ext) ? '.' . $ext : '');
684 $filename = $url['path'];
685 $filesize = 0;
686
687 $errno = 0;
688 $errstr = '';
689
690 if (!($fsock = @fsockopen($host, $port, $errno, $errstr)))
691 {
692 $file = new fileerror($user->lang[$this->error_prefix . 'NOT_UPLOADED']);
693 return $file;
694 }
695
696 // Make sure $path not beginning with /
697 if (strpos($path, '/') === 0)
698 {
699 $path = substr($path, 1);
700 }
701
702 fputs($fsock, 'GET /' . $path . " HTTP/1.1\r\n");
703 fputs($fsock, "HOST: " . $host . "\r\n");
704 fputs($fsock, "Connection: close\r\n\r\n");
705
706 $get_info = false;
707 $data = '';
708 while (!@feof($fsock))
709 {
710 if ($get_info)
711 {
712 $data .= @fread($fsock, 1024);
713 }
714 else
715 {
716 $line = @fgets($fsock, 1024);
717
718 if ($line == "\r\n")
719 {
720 $get_info = true;
721 }
722 else
723 {
724 if (stripos($line, 'content-type: ') !== false)
725 {
726 $upload_ary['type'] = rtrim(str_replace('content-type: ', '', strtolower($line)));
727 }
728 else if (stripos($line, '404 not found') !== false)
729 {
730 $file = new fileerror($user->lang[$this->error_prefix . 'URL_NOT_FOUND']);
731 return $file;
732 }
733 }
734 }
735 }
736 @fclose($fsock);
737
738 if (empty($data))
739 {
740 $file = new fileerror($user->lang[$this->error_prefix . 'EMPTY_REMOTE_DATA']);
741 return $file;
742 }
743
744 $tmp_path = (!@ini_get('safe_mode')) ? false : $phpbb_root_path . 'cache';
745 $filename = tempnam($tmp_path, unique_id() . '-');
746
747 if (!($fp = @fopen($filename, 'wb')))
748 {
749 $file = new fileerror($user->lang[$this->error_prefix . 'NOT_UPLOADED']);
750 return $file;
751 }
752
753 $upload_ary['size'] = fwrite($fp, $data);
754 fclose($fp);
755 unset($data);
756
757 $upload_ary['tmp_name'] = $filename;
758
759 $file = new filespec($upload_ary, $this);
760 $this->common_checks($file);
761
762 return $file;
763 }
764
765 /**
766 * Assign internal error
767 * @access private
768 */
769 function assign_internal_error($errorcode)
770 {
771 global $user;
772
773 switch ($errorcode)
774 {
775 case 1:
776 $error = (@ini_get('upload_max_filesize') == '') ? $user->lang[$this->error_prefix . 'PHP_SIZE_NA'] : sprintf($user->lang[$this->error_prefix . 'PHP_SIZE_OVERRUN'], @ini_get('upload_max_filesize'));
777 break;
778
779 case 2:
780 $size_lang = ($this->max_filesize >= 1048576) ? $user->lang['MB'] : (($this->max_filesize >= 1024) ? $user->lang['KB'] : $user->lang['BYTES'] );
781 $max_filesize = ($this->max_filesize >= 1048576) ? round($this->max_filesize / 1048576 * 100) / 100 : (($this->max_filesize >= 1024) ? round($this->max_filesize / 1024 * 100) / 100 : $this->max_filesize);
782
783 $error = sprintf($user->lang[$this->error_prefix . 'WRONG_FILESIZE'], $max_filesize, $size_lang);
784 break;
785
786 case 3:
787 $error = $user->lang[$this->error_prefix . 'PARTIAL_UPLOAD'];
788 break;
789
790 case 4:
791 $error = $user->lang[$this->error_prefix . 'NOT_UPLOADED'];
792 break;
793
794 case 6:
795 $error = 'Temporary folder could not be found. Please check your PHP installation.';
796 break;
797
798 default:
799 $error = false;
800 break;
801 }
802
803 return $error;
804 }
805
806 /**
807 * Perform common checks
808 */
809 function common_checks(&$file)
810 {
811 global $user;
812
813 // Filesize is too big or it's 0 if it was larger than the maxsize in the upload form
814 if ($this->max_filesize && ($file->get('filesize') > $this->max_filesize || $file->get('filesize') == 0))
815 {
816 $size_lang = ($this->max_filesize >= 1048576) ? $user->lang['MB'] : (($this->max_filesize >= 1024) ? $user->lang['KB'] : $user->lang['BYTES'] );
817 $max_filesize = ($this->max_filesize >= 1048576) ? round($this->max_filesize / 1048576 * 100) / 100 : (($this->max_filesize >= 1024) ? round($this->max_filesize / 1024 * 100) / 100 : $this->max_filesize);
818
819 $file->error[] = sprintf($user->lang[$this->error_prefix . 'WRONG_FILESIZE'], $max_filesize, $size_lang);
820 }
821
822 // check Filename
823 if (preg_match("#[\\/:*?\"<>|]#i", $file->get('realname')))
824 {
825 $file->error[] = sprintf($user->lang[$this->error_prefix . 'INVALID_FILENAME'], $file->get('realname'));
826 }
827
828 // Invalid Extension
829 if (!$this->valid_extension($file))
830 {
831 $file->error[] = sprintf($user->lang[$this->error_prefix . 'DISALLOWED_EXTENSION'], $file->get('extension'));
832 }
833 }
834
835 /**
836 * Check for allowed extension
837 */
838 function valid_extension(&$file)
839 {
840 return (in_array($file->get('extension'), $this->allowed_extensions)) ? true : false;
841 }
842
843 /**
844 * Check for allowed dimension
845 */
846 function valid_dimensions(&$file)
847 {
848 if (!$this->max_width && !$this->max_height && !$this->min_width && !$this->min_height)
849 {
850 return true;
851 }
852
853 if (($file->get('width') > $this->max_width && $this->max_width) ||
854 ($file->get('height') > $this->max_height && $this->max_height) ||
855 ($file->get('width') < $this->min_width && $this->min_width) ||
856 ($file->get('height') < $this->min_height && $this->min_height))
857 {
858 return false;
859 }
860
861 return true;
862 }
863
864 /**
865 * Check if form upload is valid
866 */
867 function is_valid($form_name)
868 {
869 return (isset($_FILES[$form_name]) && $_FILES[$form_name]['name'] != 'none') ? true : false;
870 }
871
872 /**
873 * Return image type/extension mapping
874 */
875 function image_types()
876 {
877 return array(
878 1 => array('gif'),
879 2 => array('jpg', 'jpeg'),
880 3 => array('png'),
881 4 => array('swf'),
882 5 => array('psd'),
883 6 => array('bmp'),
884 7 => array('tif', 'tiff'),
885 8 => array('tif', 'tiff'),
886 9 => array('jpg', 'jpeg'),
887 10 => array('jpg', 'jpeg'),
888 11 => array('jpg', 'jpeg'),
889 12 => array('jpg', 'jpeg'),
890 13 => array('swc'),
891 14 => array('iff'),
892 15 => array('wbmp'),
893 16 => array('xbm'),
894 );
895 }
896}
897
898?>
Note: See TracBrowser for help on using the repository browser.