1 | <?php
|
---|
2 |
|
---|
3 | /** This file is part of KCFinder project
|
---|
4 | *
|
---|
5 | * @desc Uploader class
|
---|
6 | * @package KCFinder
|
---|
7 | * @version 2.51
|
---|
8 | * @author Pavel Tzonkov <pavelc@users.sourceforge.net>
|
---|
9 | * @copyright 2010, 2011 KCFinder Project
|
---|
10 | * @license http://www.opensource.org/licenses/gpl-2.0.php GPLv2
|
---|
11 | * @license http://www.opensource.org/licenses/lgpl-2.1.php LGPLv2
|
---|
12 | * @link http://kcfinder.sunhater.com
|
---|
13 | */
|
---|
14 |
|
---|
15 | class uploader {
|
---|
16 |
|
---|
17 | /** Release version */
|
---|
18 | const VERSION = "2.51";
|
---|
19 |
|
---|
20 | /** Config session-overrided settings
|
---|
21 | * @var array */
|
---|
22 | protected $config = array();
|
---|
23 |
|
---|
24 | /** Opener applocation properties
|
---|
25 | * $opener['name'] Got from $_GET['opener'];
|
---|
26 | * $opener['CKEditor']['funcNum'] CKEditor function number (got from $_GET)
|
---|
27 | * $opener['TinyMCE'] Boolean
|
---|
28 | * @var array */
|
---|
29 | protected $opener = array();
|
---|
30 |
|
---|
31 | /** Got from $_GET['type'] or first one $config['types'] array key, if inexistant
|
---|
32 | * @var string */
|
---|
33 | protected $type;
|
---|
34 |
|
---|
35 | /** Helper property. Local filesystem path to the Type Directory
|
---|
36 | * Equivalent: $config['uploadDir'] . "/" . $type
|
---|
37 | * @var string */
|
---|
38 | protected $typeDir;
|
---|
39 |
|
---|
40 | /** Helper property. Web URL to the Type Directory
|
---|
41 | * Equivalent: $config['uploadURL'] . "/" . $type
|
---|
42 | * @var string */
|
---|
43 | protected $typeURL;
|
---|
44 |
|
---|
45 | /** Linked to $config['types']
|
---|
46 | * @var array */
|
---|
47 | protected $types = array();
|
---|
48 |
|
---|
49 | /** Settings which can override default settings if exists as keys in $config['types'][$type] array
|
---|
50 | * @var array */
|
---|
51 | protected $typeSettings = array('disabled', 'theme', 'dirPerms', 'filePerms', 'denyZipDownload', 'maxImageWidth', 'maxImageHeight', 'thumbWidth', 'thumbHeight', 'jpegQuality', 'access', 'filenameChangeChars', 'dirnameChangeChars', 'denyExtensionRename', 'deniedExts');
|
---|
52 |
|
---|
53 | /** Got from language file
|
---|
54 | * @var string */
|
---|
55 | protected $charset;
|
---|
56 |
|
---|
57 | /** The language got from $_GET['lng'] or $_GET['lang'] or... Please see next property
|
---|
58 | * @var string */
|
---|
59 | protected $lang = 'en';
|
---|
60 |
|
---|
61 | /** Possible language $_GET keys
|
---|
62 | * @var array */
|
---|
63 | protected $langInputNames = array('lang', 'langCode', 'lng', 'language', 'lang_code');
|
---|
64 |
|
---|
65 | /** Uploaded file(s) info. Linked to first $_FILES element
|
---|
66 | * @var array */
|
---|
67 | protected $file;
|
---|
68 |
|
---|
69 | /** Next three properties are got from the current language file
|
---|
70 | * @var string */
|
---|
71 | protected $dateTimeFull; // Currently not used
|
---|
72 | protected $dateTimeMid; // Currently not used
|
---|
73 | protected $dateTimeSmall;
|
---|
74 |
|
---|
75 | /** Contain Specified language labels
|
---|
76 | * @var array */
|
---|
77 | protected $labels = array();
|
---|
78 |
|
---|
79 | /** Contain unprocessed $_GET array. Please use this instead of $_GET
|
---|
80 | * @var array */
|
---|
81 | protected $get;
|
---|
82 |
|
---|
83 | /** Contain unprocessed $_POST array. Please use this instead of $_POST
|
---|
84 | * @var array */
|
---|
85 | protected $post;
|
---|
86 |
|
---|
87 | /** Contain unprocessed $_COOKIE array. Please use this instead of $_COOKIE
|
---|
88 | * @var array */
|
---|
89 | protected $cookie;
|
---|
90 |
|
---|
91 | /** Session array. Please use this property instead of $_SESSION
|
---|
92 | * @var array */
|
---|
93 | protected $session;
|
---|
94 |
|
---|
95 | /** CMS integration attribute (got from $_GET['cms'])
|
---|
96 | * @var string */
|
---|
97 | protected $cms = "";
|
---|
98 |
|
---|
99 | /** Magic method which allows read-only access to protected or private class properties
|
---|
100 | * @param string $property
|
---|
101 | * @return mixed */
|
---|
102 | public function __get($property) {
|
---|
103 | return property_exists($this, $property) ? $this->$property : null;
|
---|
104 | }
|
---|
105 |
|
---|
106 | public function __construct() {
|
---|
107 |
|
---|
108 | // DISABLE MAGIC QUOTES
|
---|
109 | if (function_exists('set_magic_quotes_runtime'))
|
---|
110 | @set_magic_quotes_runtime(false);
|
---|
111 |
|
---|
112 | // INPUT INIT
|
---|
113 | $input = new input();
|
---|
114 | $this->get = &$input->get;
|
---|
115 | $this->post = &$input->post;
|
---|
116 | $this->cookie = &$input->cookie;
|
---|
117 |
|
---|
118 | // SET CMS INTEGRATION ATTRIBUTE
|
---|
119 | if (isset($this->get['cms']) &&
|
---|
120 | in_array($this->get['cms'], array("drupal"))
|
---|
121 | )
|
---|
122 | $this->cms = $this->get['cms'];
|
---|
123 |
|
---|
124 | // LINKING UPLOADED FILE
|
---|
125 | if (count($_FILES))
|
---|
126 | $this->file = &$_FILES[key($_FILES)];
|
---|
127 |
|
---|
128 | // LOAD DEFAULT CONFIGURATION
|
---|
129 | require "config.php";
|
---|
130 |
|
---|
131 | // SETTING UP SESSION
|
---|
132 | if (isset($_CONFIG['_sessionLifetime']))
|
---|
133 | ini_set('session.gc_maxlifetime', $_CONFIG['_sessionLifetime'] * 60);
|
---|
134 | if (isset($_CONFIG['_sessionDir']))
|
---|
135 | ini_set('session.save_path', $_CONFIG['_sessionDir']);
|
---|
136 | if (isset($_CONFIG['_sessionDomain']))
|
---|
137 | ini_set('session.cookie_domain', $_CONFIG['_sessionDomain']);
|
---|
138 | switch ($this->cms) {
|
---|
139 | case "drupal": break;
|
---|
140 | default: session_start(); break;
|
---|
141 | }
|
---|
142 |
|
---|
143 | // RELOAD DEFAULT CONFIGURATION
|
---|
144 | require "config.php";
|
---|
145 | $this->config = $_CONFIG;
|
---|
146 |
|
---|
147 | // LOAD SESSION CONFIGURATION IF EXISTS
|
---|
148 | if (isset($_CONFIG['_sessionVar']) &&
|
---|
149 | is_array($_CONFIG['_sessionVar'])
|
---|
150 | ) {
|
---|
151 | foreach ($_CONFIG['_sessionVar'] as $key => $val)
|
---|
152 | if ((substr($key, 0, 1) != "_") && isset($_CONFIG[$key]))
|
---|
153 | $this->config[$key] = $val;
|
---|
154 | if (!isset($this->config['_sessionVar']['self']))
|
---|
155 | $this->config['_sessionVar']['self'] = array();
|
---|
156 | $this->session = &$this->config['_sessionVar']['self'];
|
---|
157 | } else
|
---|
158 | $this->session = &$_SESSION;
|
---|
159 |
|
---|
160 | // GET TYPE DIRECTORY
|
---|
161 | $this->types = &$this->config['types'];
|
---|
162 | $firstType = array_keys($this->types);
|
---|
163 | $firstType = $firstType[0];
|
---|
164 | $this->type = (
|
---|
165 | isset($this->get['type']) &&
|
---|
166 | isset($this->types[$this->get['type']])
|
---|
167 | )
|
---|
168 | ? $this->get['type'] : $firstType;
|
---|
169 |
|
---|
170 | // LOAD TYPE DIRECTORY SPECIFIC CONFIGURATION IF EXISTS
|
---|
171 | if (is_array($this->types[$this->type])) {
|
---|
172 | foreach ($this->types[$this->type] as $key => $val)
|
---|
173 | if (in_array($key, $this->typeSettings))
|
---|
174 | $this->config[$key] = $val;
|
---|
175 | $this->types[$this->type] = isset($this->types[$this->type]['type'])
|
---|
176 | ? $this->types[$this->type]['type'] : "";
|
---|
177 | }
|
---|
178 |
|
---|
179 | // COOKIES INIT
|
---|
180 | $ip = '(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)';
|
---|
181 | $ip = '/^' . implode('\.', array($ip, $ip, $ip, $ip)) . '$/';
|
---|
182 | if (preg_match($ip, $_SERVER['HTTP_HOST']) ||
|
---|
183 | preg_match('/^[^\.]+$/', $_SERVER['HTTP_HOST'])
|
---|
184 | )
|
---|
185 | $this->config['cookieDomain'] = "";
|
---|
186 | elseif (!strlen($this->config['cookieDomain']))
|
---|
187 | $this->config['cookieDomain'] = $_SERVER['HTTP_HOST'];
|
---|
188 | if (!strlen($this->config['cookiePath']))
|
---|
189 | $this->config['cookiePath'] = "/";
|
---|
190 |
|
---|
191 | // UPLOAD FOLDER INIT
|
---|
192 |
|
---|
193 | // FULL URL
|
---|
194 | if (preg_match('/^([a-z]+)\:\/\/([^\/^\:]+)(\:(\d+))?\/(.+)\/?$/',
|
---|
195 | $this->config['uploadURL'], $patt)
|
---|
196 | ) {
|
---|
197 | list($unused, $protocol, $domain, $unused, $port, $path) = $patt;
|
---|
198 | $path = path::normalize($path);
|
---|
199 | $this->config['uploadURL'] = "$protocol://$domain" . (strlen($port) ? ":$port" : "") . "/$path";
|
---|
200 | $this->config['uploadDir'] = strlen($this->config['uploadDir'])
|
---|
201 | ? path::normalize($this->config['uploadDir'])
|
---|
202 | : path::url2fullPath("/$path");
|
---|
203 | $this->typeDir = "{$this->config['uploadDir']}/{$this->type}";
|
---|
204 | $this->typeURL = "{$this->config['uploadURL']}/{$this->type}";
|
---|
205 |
|
---|
206 | // SITE ROOT
|
---|
207 | } elseif ($this->config['uploadURL'] == "/") {
|
---|
208 | $this->config['uploadDir'] = strlen($this->config['uploadDir'])
|
---|
209 | ? path::normalize($this->config['uploadDir'])
|
---|
210 | : path::normalize($_SERVER['DOCUMENT_ROOT']);
|
---|
211 | $this->typeDir = "{$this->config['uploadDir']}/{$this->type}";
|
---|
212 | $this->typeURL = "/{$this->type}";
|
---|
213 |
|
---|
214 | // ABSOLUTE & RELATIVE
|
---|
215 | } else {
|
---|
216 | $this->config['uploadURL'] = (substr($this->config['uploadURL'], 0, 1) === "/")
|
---|
217 | ? path::normalize($this->config['uploadURL'])
|
---|
218 | : path::rel2abs_url($this->config['uploadURL']);
|
---|
219 | $this->config['uploadDir'] = strlen($this->config['uploadDir'])
|
---|
220 | ? path::normalize($this->config['uploadDir'])
|
---|
221 | : path::url2fullPath($this->config['uploadURL']);
|
---|
222 | $this->typeDir = "{$this->config['uploadDir']}/{$this->type}";
|
---|
223 | $this->typeURL = "{$this->config['uploadURL']}/{$this->type}";
|
---|
224 | }
|
---|
225 | if (!is_dir($this->config['uploadDir']))
|
---|
226 | @mkdir($this->config['uploadDir'], $this->config['dirPerms']);
|
---|
227 |
|
---|
228 | // HOST APPLICATIONS INIT
|
---|
229 | if (isset($this->get['CKEditorFuncNum']))
|
---|
230 | $this->opener['CKEditor']['funcNum'] = $this->get['CKEditorFuncNum'];
|
---|
231 | if (isset($this->get['opener']) &&
|
---|
232 | (strtolower($this->get['opener']) == "tinymce") &&
|
---|
233 | isset($this->config['_tinyMCEPath']) &&
|
---|
234 | strlen($this->config['_tinyMCEPath'])
|
---|
235 | )
|
---|
236 | $this->opener['TinyMCE'] = true;
|
---|
237 |
|
---|
238 | // LOCALIZATION
|
---|
239 | foreach ($this->langInputNames as $key)
|
---|
240 | if (isset($this->get[$key]) &&
|
---|
241 | preg_match('/^[a-z][a-z\._\-]*$/i', $this->get[$key]) &&
|
---|
242 | file_exists("lang/" . strtolower($this->get[$key]) . ".php")
|
---|
243 | ) {
|
---|
244 | $this->lang = $this->get[$key];
|
---|
245 | break;
|
---|
246 | }
|
---|
247 | $this->localize($this->lang);
|
---|
248 |
|
---|
249 | // CHECK & MAKE DEFAULT .htaccess
|
---|
250 | if (isset($this->config['_check4htaccess']) &&
|
---|
251 | $this->config['_check4htaccess']
|
---|
252 | ) {
|
---|
253 | $htaccess = "{$this->config['uploadDir']}/.htaccess";
|
---|
254 | if (!file_exists($htaccess)) {
|
---|
255 | if (!@file_put_contents($htaccess, $this->get_htaccess()))
|
---|
256 | $this->backMsg("Cannot write to upload folder. {$this->config['uploadDir']}");
|
---|
257 | } else {
|
---|
258 | if (false === ($data = @file_get_contents($htaccess)))
|
---|
259 | $this->backMsg("Cannot read .htaccess");
|
---|
260 | if (($data != $this->get_htaccess()) && !@file_put_contents($htaccess, $data))
|
---|
261 | $this->backMsg("Incorrect .htaccess file. Cannot rewrite it!");
|
---|
262 | }
|
---|
263 | }
|
---|
264 |
|
---|
265 | // CHECK & CREATE UPLOAD FOLDER
|
---|
266 | if (!is_dir($this->typeDir)) {
|
---|
267 | if (!mkdir($this->typeDir, $this->config['dirPerms']))
|
---|
268 | $this->backMsg("Cannot create {dir} folder.", array('dir' => $this->type));
|
---|
269 | } elseif (!is_readable($this->typeDir))
|
---|
270 | $this->backMsg("Cannot read upload folder.");
|
---|
271 | }
|
---|
272 |
|
---|
273 | public function upload() {
|
---|
274 | $config = &$this->config;
|
---|
275 | $file = &$this->file;
|
---|
276 | $url = $message = "";
|
---|
277 |
|
---|
278 | if ($config['disabled'] || !$config['access']['files']['upload']) {
|
---|
279 | if (isset($file['tmp_name'])) @unlink($file['tmp_name']);
|
---|
280 | $message = $this->label("You don't have permissions to upload files.");
|
---|
281 |
|
---|
282 | } elseif (true === ($message = $this->checkUploadedFile())) {
|
---|
283 | $message = "";
|
---|
284 |
|
---|
285 | $dir = "{$this->typeDir}/";
|
---|
286 | if (isset($this->get['dir']) &&
|
---|
287 | (false !== ($gdir = $this->checkInputDir($this->get['dir'])))
|
---|
288 | ) {
|
---|
289 | $udir = path::normalize("$dir$gdir");
|
---|
290 | if (substr($udir, 0, strlen($dir)) !== $dir)
|
---|
291 | $message = $this->label("Unknown error.");
|
---|
292 | else {
|
---|
293 | $l = strlen($dir);
|
---|
294 | $dir = "$udir/";
|
---|
295 | $udir = substr($udir, $l);
|
---|
296 | }
|
---|
297 | }
|
---|
298 |
|
---|
299 | if (!strlen($message)) {
|
---|
300 | if (!is_dir(path::normalize($dir)))
|
---|
301 | @mkdir(path::normalize($dir), $this->config['dirPerms'], true);
|
---|
302 |
|
---|
303 | $filename = $this->normalizeFilename($file['name']);
|
---|
304 | $target = file::getInexistantFilename($dir . $filename);
|
---|
305 |
|
---|
306 | if (!@move_uploaded_file($file['tmp_name'], $target) &&
|
---|
307 | !@rename($file['tmp_name'], $target) &&
|
---|
308 | !@copy($file['tmp_name'], $target)
|
---|
309 | )
|
---|
310 | $message = $this->label("Cannot move uploaded file to target folder.");
|
---|
311 | else {
|
---|
312 | if (function_exists('chmod'))
|
---|
313 | @chmod($target, $this->config['filePerms']);
|
---|
314 | $this->makeThumb($target);
|
---|
315 | $url = $this->typeURL;
|
---|
316 | if (isset($udir)) $url .= "/$udir";
|
---|
317 | $url .= "/" . basename($target);
|
---|
318 | if (preg_match('/^([a-z]+)\:\/\/([^\/^\:]+)(\:(\d+))?\/(.+)$/', $url, $patt)) {
|
---|
319 | list($unused, $protocol, $domain, $unused, $port, $path) = $patt;
|
---|
320 | $base = "$protocol://$domain" . (strlen($port) ? ":$port" : "") . "/";
|
---|
321 | $url = $base . path::urlPathEncode($path);
|
---|
322 | } else
|
---|
323 | $url = path::urlPathEncode($url);
|
---|
324 | }
|
---|
325 | }
|
---|
326 | }
|
---|
327 |
|
---|
328 | if (strlen($message) &&
|
---|
329 | isset($this->file['tmp_name']) &&
|
---|
330 | file_exists($this->file['tmp_name'])
|
---|
331 | )
|
---|
332 | @unlink($this->file['tmp_name']);
|
---|
333 |
|
---|
334 | if (strlen($message) && method_exists($this, 'errorMsg'))
|
---|
335 | $this->errorMsg($message);
|
---|
336 | $this->callBack($url, $message);
|
---|
337 | }
|
---|
338 |
|
---|
339 | protected function normalizeFilename($filename) {
|
---|
340 | if (isset($this->config['filenameChangeChars']) &&
|
---|
341 | is_array($this->config['filenameChangeChars'])
|
---|
342 | )
|
---|
343 | $filename = strtr($filename, $this->config['filenameChangeChars']);
|
---|
344 | return $filename;
|
---|
345 | }
|
---|
346 |
|
---|
347 | protected function normalizeDirname($dirname) {
|
---|
348 | if (isset($this->config['dirnameChangeChars']) &&
|
---|
349 | is_array($this->config['dirnameChangeChars'])
|
---|
350 | )
|
---|
351 | $dirname = strtr($dirname, $this->config['dirnameChangeChars']);
|
---|
352 | return $dirname;
|
---|
353 | }
|
---|
354 |
|
---|
355 | protected function checkUploadedFile(array $aFile=null) {
|
---|
356 | $config = &$this->config;
|
---|
357 | $file = ($aFile === null) ? $this->file : $aFile;
|
---|
358 |
|
---|
359 | if (!is_array($file) || !isset($file['name']))
|
---|
360 | return $this->label("Unknown error");
|
---|
361 |
|
---|
362 | if (is_array($file['name'])) {
|
---|
363 | foreach ($file['name'] as $i => $name) {
|
---|
364 | $return = $this->checkUploadedFile(array(
|
---|
365 | 'name' => $name,
|
---|
366 | 'tmp_name' => $file['tmp_name'][$i],
|
---|
367 | 'error' => $file['error'][$i]
|
---|
368 | ));
|
---|
369 | if ($return !== true)
|
---|
370 | return "$name: $return";
|
---|
371 | }
|
---|
372 | return true;
|
---|
373 | }
|
---|
374 |
|
---|
375 | $extension = file::getExtension($file['name']);
|
---|
376 | $typePatt = strtolower(text::clearWhitespaces($this->types[$this->type]));
|
---|
377 |
|
---|
378 | // CHECK FOR UPLOAD ERRORS
|
---|
379 | if ($file['error'])
|
---|
380 | return
|
---|
381 | ($file['error'] == UPLOAD_ERR_INI_SIZE) ?
|
---|
382 | $this->label("The uploaded file exceeds {size} bytes.",
|
---|
383 | array('size' => ini_get('upload_max_filesize'))) : (
|
---|
384 | ($file['error'] == UPLOAD_ERR_FORM_SIZE) ?
|
---|
385 | $this->label("The uploaded file exceeds {size} bytes.",
|
---|
386 | array('size' => $this->get['MAX_FILE_SIZE'])) : (
|
---|
387 | ($file['error'] == UPLOAD_ERR_PARTIAL) ?
|
---|
388 | $this->label("The uploaded file was only partially uploaded.") : (
|
---|
389 | ($file['error'] == UPLOAD_ERR_NO_FILE) ?
|
---|
390 | $this->label("No file was uploaded.") : (
|
---|
391 | ($file['error'] == UPLOAD_ERR_NO_TMP_DIR) ?
|
---|
392 | $this->label("Missing a temporary folder.") : (
|
---|
393 | ($file['error'] == UPLOAD_ERR_CANT_WRITE) ?
|
---|
394 | $this->label("Failed to write file.") :
|
---|
395 | $this->label("Unknown error.")
|
---|
396 | )))));
|
---|
397 |
|
---|
398 | // HIDDEN FILENAMES CHECK
|
---|
399 | elseif (substr($file['name'], 0, 1) == ".")
|
---|
400 | return $this->label("File name shouldn't begins with '.'");
|
---|
401 |
|
---|
402 | // EXTENSION CHECK
|
---|
403 | elseif (!$this->validateExtension($extension, $this->type))
|
---|
404 | return $this->label("Denied file extension.");
|
---|
405 |
|
---|
406 | // SPECIAL DIRECTORY TYPES CHECK (e.g. *img)
|
---|
407 | elseif (preg_match('/^\*([^ ]+)(.*)?$/s', $typePatt, $patt)) {
|
---|
408 | list($typePatt, $type, $params) = $patt;
|
---|
409 | if (class_exists("type_$type")) {
|
---|
410 | $class = "type_$type";
|
---|
411 | $type = new $class();
|
---|
412 | $cfg = $config;
|
---|
413 | $cfg['filename'] = $file['name'];
|
---|
414 | if (strlen($params))
|
---|
415 | $cfg['params'] = trim($params);
|
---|
416 | $response = $type->checkFile($file['tmp_name'], $cfg);
|
---|
417 | if ($response !== true)
|
---|
418 | return $this->label($response);
|
---|
419 | } else
|
---|
420 | return $this->label("Non-existing directory type.");
|
---|
421 | }
|
---|
422 |
|
---|
423 | // IMAGE RESIZE
|
---|
424 | $gd = new gd($file['tmp_name']);
|
---|
425 | if (!$gd->init_error && !$this->imageResize($gd, $file['tmp_name']))
|
---|
426 | return $this->label("The image is too big and/or cannot be resized.");
|
---|
427 |
|
---|
428 | return true;
|
---|
429 | }
|
---|
430 |
|
---|
431 | protected function checkInputDir($dir, $inclType=true, $existing=true) {
|
---|
432 | $dir = path::normalize($dir);
|
---|
433 | if (substr($dir, 0, 1) == "/")
|
---|
434 | $dir = substr($dir, 1);
|
---|
435 |
|
---|
436 | if ((substr($dir, 0, 1) == ".") || (substr(basename($dir), 0, 1) == "."))
|
---|
437 | return false;
|
---|
438 |
|
---|
439 | if ($inclType) {
|
---|
440 | $first = explode("/", $dir);
|
---|
441 | $first = $first[0];
|
---|
442 | if ($first != $this->type)
|
---|
443 | return false;
|
---|
444 | $return = $this->removeTypeFromPath($dir);
|
---|
445 | } else {
|
---|
446 | $return = $dir;
|
---|
447 | $dir = "{$this->type}/$dir";
|
---|
448 | }
|
---|
449 |
|
---|
450 | if (!$existing)
|
---|
451 | return $return;
|
---|
452 |
|
---|
453 | $path = "{$this->config['uploadDir']}/$dir";
|
---|
454 | return (is_dir($path) && is_readable($path)) ? $return : false;
|
---|
455 | }
|
---|
456 |
|
---|
457 | protected function validateExtension($ext, $type) {
|
---|
458 | $ext = trim(strtolower($ext));
|
---|
459 | if (!isset($this->types[$type]))
|
---|
460 | return false;
|
---|
461 |
|
---|
462 | $exts = strtolower(text::clearWhitespaces($this->config['deniedExts']));
|
---|
463 | if (strlen($exts)) {
|
---|
464 | $exts = explode(" ", $exts);
|
---|
465 | if (in_array($ext, $exts))
|
---|
466 | return false;
|
---|
467 | }
|
---|
468 |
|
---|
469 | $exts = trim($this->types[$type]);
|
---|
470 | if (!strlen($exts) || substr($exts, 0, 1) == "*")
|
---|
471 | return true;
|
---|
472 |
|
---|
473 | if (substr($exts, 0, 1) == "!") {
|
---|
474 | $exts = explode(" ", trim(strtolower(substr($exts, 1))));
|
---|
475 | return !in_array($ext, $exts);
|
---|
476 | }
|
---|
477 |
|
---|
478 | $exts = explode(" ", trim(strtolower($exts)));
|
---|
479 | return in_array($ext, $exts);
|
---|
480 | }
|
---|
481 |
|
---|
482 | protected function getTypeFromPath($path) {
|
---|
483 | return preg_match('/^([^\/]*)\/.*$/', $path, $patt)
|
---|
484 | ? $patt[1] : $path;
|
---|
485 | }
|
---|
486 |
|
---|
487 | protected function removeTypeFromPath($path) {
|
---|
488 | return preg_match('/^[^\/]*\/(.*)$/', $path, $patt)
|
---|
489 | ? $patt[1] : "";
|
---|
490 | }
|
---|
491 |
|
---|
492 | protected function imageResize($image, $file=null) {
|
---|
493 | if (!($image instanceof gd)) {
|
---|
494 | $gd = new gd($image);
|
---|
495 | if ($gd->init_error) return false;
|
---|
496 | $file = $image;
|
---|
497 | } elseif ($file === null)
|
---|
498 | return false;
|
---|
499 | else
|
---|
500 | $gd = $image;
|
---|
501 |
|
---|
502 | if ((!$this->config['maxImageWidth'] && !$this->config['maxImageHeight']) ||
|
---|
503 | (
|
---|
504 | ($gd->get_width() <= $this->config['maxImageWidth']) &&
|
---|
505 | ($gd->get_height() <= $this->config['maxImageHeight'])
|
---|
506 | )
|
---|
507 | )
|
---|
508 | return true;
|
---|
509 |
|
---|
510 | if ((!$this->config['maxImageWidth'] || !$this->config['maxImageHeight'])) {
|
---|
511 | if ($this->config['maxImageWidth']) {
|
---|
512 | if ($this->config['maxImageWidth'] >= $gd->get_width())
|
---|
513 | return true;
|
---|
514 | $width = $this->config['maxImageWidth'];
|
---|
515 | $height = $gd->get_prop_height($width);
|
---|
516 | } else {
|
---|
517 | if ($this->config['maxImageHeight'] >= $gd->get_height())
|
---|
518 | return true;
|
---|
519 | $height = $this->config['maxImageHeight'];
|
---|
520 | $width = $gd->get_prop_width($height);
|
---|
521 | }
|
---|
522 | if (!$gd->resize($width, $height))
|
---|
523 | return false;
|
---|
524 |
|
---|
525 | } elseif (!$gd->resize_fit(
|
---|
526 | $this->config['maxImageWidth'], $this->config['maxImageHeight']
|
---|
527 | ))
|
---|
528 | return false;
|
---|
529 |
|
---|
530 | return $gd->imagejpeg($file, $this->config['jpegQuality']);
|
---|
531 | }
|
---|
532 |
|
---|
533 | protected function makeThumb($file, $overwrite=true) {
|
---|
534 | $gd = new gd($file);
|
---|
535 |
|
---|
536 | // Drop files which are not GD handled images
|
---|
537 | if ($gd->init_error)
|
---|
538 | return true;
|
---|
539 |
|
---|
540 | $thumb = substr($file, strlen($this->config['uploadDir']));
|
---|
541 | $thumb = $this->config['uploadDir'] . "/" . $this->config['thumbsDir'] . "/" . $thumb;
|
---|
542 | $thumb = path::normalize($thumb);
|
---|
543 | $thumbDir = dirname($thumb);
|
---|
544 | if (!is_dir($thumbDir) && !@mkdir($thumbDir, $this->config['dirPerms'], true))
|
---|
545 | return false;
|
---|
546 |
|
---|
547 | if (!$overwrite && is_file($thumb))
|
---|
548 | return true;
|
---|
549 |
|
---|
550 | // Images with smaller resolutions than thumbnails
|
---|
551 | if (($gd->get_width() <= $this->config['thumbWidth']) &&
|
---|
552 | ($gd->get_height() <= $this->config['thumbHeight'])
|
---|
553 | ) {
|
---|
554 | $browsable = array(IMAGETYPE_GIF, IMAGETYPE_JPEG, IMAGETYPE_PNG);
|
---|
555 | // Drop only browsable types
|
---|
556 | if (in_array($gd->type, $browsable))
|
---|
557 | return true;
|
---|
558 |
|
---|
559 | // Resize image
|
---|
560 | } elseif (!$gd->resize_fit($this->config['thumbWidth'], $this->config['thumbHeight']))
|
---|
561 | return false;
|
---|
562 |
|
---|
563 | // Save thumbnail
|
---|
564 | return $gd->imagejpeg($thumb, $this->config['jpegQuality']);
|
---|
565 | }
|
---|
566 |
|
---|
567 | protected function localize($langCode) {
|
---|
568 | require "lang/{$langCode}.php";
|
---|
569 | setlocale(LC_ALL, $lang['_locale']);
|
---|
570 | $this->charset = $lang['_charset'];
|
---|
571 | $this->dateTimeFull = $lang['_dateTimeFull'];
|
---|
572 | $this->dateTimeMid = $lang['_dateTimeMid'];
|
---|
573 | $this->dateTimeSmall = $lang['_dateTimeSmall'];
|
---|
574 | unset($lang['_locale']);
|
---|
575 | unset($lang['_charset']);
|
---|
576 | unset($lang['_dateTimeFull']);
|
---|
577 | unset($lang['_dateTimeMid']);
|
---|
578 | unset($lang['_dateTimeSmall']);
|
---|
579 | $this->labels = $lang;
|
---|
580 | }
|
---|
581 |
|
---|
582 | protected function label($string, array $data=null) {
|
---|
583 | $return = isset($this->labels[$string]) ? $this->labels[$string] : $string;
|
---|
584 | if (is_array($data))
|
---|
585 | foreach ($data as $key => $val)
|
---|
586 | $return = str_replace("{{$key}}", $val, $return);
|
---|
587 | return $return;
|
---|
588 | }
|
---|
589 |
|
---|
590 | protected function backMsg($message, array $data=null) {
|
---|
591 | $message = $this->label($message, $data);
|
---|
592 | if (isset($this->file['tmp_name']) && file_exists($this->file['tmp_name']))
|
---|
593 | @unlink($this->file['tmp_name']);
|
---|
594 | $this->callBack("", $message);
|
---|
595 | die;
|
---|
596 | }
|
---|
597 |
|
---|
598 | protected function callBack($url, $message="") {
|
---|
599 | $message = text::jsValue($message);
|
---|
600 | $CKfuncNum = isset($this->opener['CKEditor']['funcNum'])
|
---|
601 | ? $this->opener['CKEditor']['funcNum'] : 0;
|
---|
602 | if (!$CKfuncNum) $CKfuncNum = 0;
|
---|
603 | header("Content-Type: text/html; charset={$this->charset}");
|
---|
604 |
|
---|
605 | ?><html>
|
---|
606 | <body>
|
---|
607 | <script type='text/javascript'>
|
---|
608 | var kc_CKEditor = (window.parent && window.parent.CKEDITOR)
|
---|
609 | ? window.parent.CKEDITOR.tools.callFunction
|
---|
610 | : ((window.opener && window.opener.CKEDITOR)
|
---|
611 | ? window.opener.CKEDITOR.tools.callFunction
|
---|
612 | : false);
|
---|
613 | var kc_FCKeditor = (window.opener && window.opener.OnUploadCompleted)
|
---|
614 | ? window.opener.OnUploadCompleted
|
---|
615 | : ((window.parent && window.parent.OnUploadCompleted)
|
---|
616 | ? window.parent.OnUploadCompleted
|
---|
617 | : false);
|
---|
618 | var kc_Custom = (window.parent && window.parent.KCFinder)
|
---|
619 | ? window.parent.KCFinder.callBack
|
---|
620 | : ((window.opener && window.opener.KCFinder)
|
---|
621 | ? window.opener.KCFinder.callBack
|
---|
622 | : false);
|
---|
623 | if (kc_CKEditor)
|
---|
624 | kc_CKEditor(<?php echo $CKfuncNum ?>, '<?php echo $url ?>', '<?php echo $message ?>');
|
---|
625 | if (kc_FCKeditor)
|
---|
626 | kc_FCKeditor(<?php echo strlen($message) ? 1 : 0 ?>, '<?php echo $url ?>', '', '<?php echo $message ?>');
|
---|
627 | if (kc_Custom) {
|
---|
628 | if (<?php echo strlen($message) ?>) alert('<?php echo $message ?>');
|
---|
629 | kc_Custom('<?php echo $url ?>');
|
---|
630 | }
|
---|
631 | if (!kc_CKEditor && !kc_FCKeditor && !kc_Custom)
|
---|
632 | alert("<?php echo $message ?>");
|
---|
633 | </script>
|
---|
634 | </body>
|
---|
635 | </html><?php
|
---|
636 |
|
---|
637 | }
|
---|
638 |
|
---|
639 | protected function get_htaccess() {
|
---|
640 | return "<IfModule mod_php4.c>
|
---|
641 | php_value engine off
|
---|
642 | </IfModule>
|
---|
643 | <IfModule mod_php5.c>
|
---|
644 | php_value engine off
|
---|
645 | </IfModule>
|
---|
646 | ";
|
---|
647 | }
|
---|
648 | }
|
---|
649 |
|
---|
650 | ?> |
---|