- Timestamp:
- May 22, 2006 5:29:19 AM (18 years ago)
- Location:
- trunk/lib
- Files:
-
- 7 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/lib/Auth_SQL.inc.php
r119 r121 251 251 WHERE " . $this->_params['db_primary_key'] . " = '" . $this->getVal('user_id') . "' 252 252 "); 253 $_SESSION[ '_auth_file'] = array('authenticated' => false);253 $_SESSION[$this->_sess] = array('authenticated' => false); 254 254 } 255 255 … … 528 528 $expire_reasons[] = 'idle_timeout expired'; 529 529 } 530 if ($_SESSION[ '_auth_file']['remote_ip'] != getRemoteAddr() && !$user_in_trusted_network) {530 if ($_SESSION[$this->_sess]['remote_ip'] != getRemoteAddr() && !$user_in_trusted_network) { 531 531 $expire_reasons[] = sprintf('remote_ip not matched (%s != %s)', $_SESSION[$this->_sess]['remote_ip'], getRemoteAddr()); 532 532 } -
trunk/lib/Captcha.inc.php
r108 r121 16 16 <!-- HTML form for captcha --> 17 17 <label for="sc-captcha"><?php echo _("Reverse Turing Test") ?></label> 18 <p class=" help"><?php echo _("Please type the following number to prove you are a human. This is a measure to prevent spam robots from submitting this form.") ?></p>18 <p class="sc-help"><?php echo _("Please type the following number to prove you are a human. This is a measure to prevent spam robots from submitting this form.") ?></p> 19 19 <pre style="font-size: 0.5em;"><?php $captcha->printAsciiNumber() ?></pre> 20 20 <?php $captcha->printForm() ?> -
trunk/lib/FormValidator.inc.php
r119 r121 426 426 return true; 427 427 } 428 // function validateEmail($form_name, $allow_fullname=false)429 // {430 // $email = getFormData($form_name);431 // if ('' == trim($email)) {432 // return false;433 // }434 //435 // // Test email address format.436 // if ($allow_fullname) {437 // if (!$this->checkRegex($form_name, '/^[^<>@]*<?[^\s@\[\]<>()]+\@[A-Za-z0-9.-]+\.[A-Za-z]{2,5}>?$/i', true, sprintf(_("<strong>%s</strong> is not a valid email address."), $email))) {438 // App::logMsg(sprintf('The email address %s is not valid.', getFormData($form_name)), LOG_DEBUG, __FILE__, __LINE__);439 // return false;440 // }441 // } else {442 // if (!$this->checkRegex($form_name, '/^[^\s@\[\]<>()]+\@[A-Za-z0-9.-]+\.[A-Za-z]{2,5}$/i', true, sprintf(_("<strong>%s</strong> is not a valid email address."), $email))) {443 // App::logMsg(sprintf('The email address %s is not valid.', getFormData($form_name)), LOG_DEBUG, __FILE__, __LINE__);444 // return false;445 // }446 // }447 //448 // // Test length.449 // if (!$this->stringLength($form_name, 0, 255, sprintf(_("<strong>Email address</strong> must contain less than 256 characters."), $email))) {450 // App::logMsg(sprintf('The email address %s must contain less than 256 characters.', getFormData($form_name)), LOG_DEBUG, __FILE__, __LINE__);451 // return false;452 // }453 //454 // // Check domain exists and has valid MX record.455 // preg_match('/^[^<>@]*<?[^\s@\[\]<>()]+\@([A-Za-z0-9.-]+\.[A-Za-z]{2,5})>?$/i', $email, $matches);456 // if (!empty($matches[1])) {457 // if (!checkdnsrr($matches[1] . '.', 'MX') && gethostbyname($matches[1]) == $matches[1]) {458 // $this->addError($form_name, sprintf(_("<strong>%s</strong> is not a valid email domain name"), $matches[1]));459 // App::logMsg(sprintf('The email address %s contains an invalid email domain name (%s).', getFormData($form_name), $matches[1]), LOG_DEBUG, __FILE__, __LINE__);460 // return false;461 // }462 // }463 //464 // return true;465 // }466 428 467 429 /** -
trunk/lib/Image.inc.php
r95 r121 55 55 $src = $this->oSrc($id); 56 56 $filepath = preg_match('!://!', $src) ? $src : getenv('DOCUMENT_ROOT') . $src; 57 // Use exif_imagetype to check not only file existance but that of a valid image. 57 58 return false != @exif_imagetype($filepath); 58 59 } … … 94 95 { 95 96 $file_name = ''; 97 // filename_pattern is a sprintf argument with %s replaced with the image id. 96 98 if ($file_match = glob(sprintf("%s/{$this->_params['filename_pattern']}", $this->_params['base_path'], $id))) { 97 99 $file_name = basename(end($file_match)); -
trunk/lib/ImageThumb.inc.php
r120 r121 194 194 if (isset($index) && isset($this->image_specs[$index])) { 195 195 // Merge with previous. 196 $this->image_specs[$index] = array_merge($this->image_specs[$index], $spec); 196 $final_spec = array_merge($this->image_specs[$index], $spec); 197 $this->image_specs[$index] = $final_spec; 197 198 } else { 198 199 // Merge with defaults. 199 $this->image_specs[] = array_merge($this->default_image_specs, $spec); 200 } 200 $final_spec = array_merge($this->default_image_specs, $spec); 201 $this->image_specs[] = $final_spec; 202 } 203 204 return $final_spec; 201 205 } 202 206 … … 207 211 * @return bool true on success, false on failure. 208 212 */ 209 function processAll( )213 function processAll($runtime_specs=null) 210 214 { 211 215 // Ensure we have a source. … … 228 232 $return_val = 0; 229 233 foreach ($files as $file_name) { 230 $return_val += $this->processFile($file_name );234 $return_val += $this->processFile($file_name, $runtime_specs); 231 235 } 232 236 $this->_raiseMsg(sprintf(_("Resized %s images."), sizeof($files)), MSG_SUCCESS, __FILE__, __LINE__); … … 243 247 * @access public 244 248 * @param string $file_name Name of file with extention. 249 * @param array $runtime_specs Array of specifications that will override all configured specifications. 245 250 * @return bool true on success, false on failure. 246 251 */ 247 function processFile($file_name )252 function processFile($file_name, $runtime_specs=null) 248 253 { 249 254 // Source file determinted by provided file_name. … … 252 257 // Ensure we have a source. 253 258 if (sizeof($this->image_specs) < 1) { 254 App::logMsg(sprintf('Image specifications not set before processing.'), LOG_ERR, __FILE__, __LINE__); 255 return false; 259 if (is_array($runtime_specs)) { 260 $this->setSpec($runtime_specs, 0); 261 } else { 262 App::logMsg(sprintf('Image specifications not set before processing.'), LOG_ERR, __FILE__, __LINE__); 263 return false; 264 } 256 265 } 257 266 … … 265 274 if (!file_exists($source_file)) { 266 275 $this->_raiseMsg(sprintf(_("Image resizing failed: source image %s was not found."), $file_name), MSG_ERR, __FILE__, __LINE__); 267 App::logMsg(sprintf('Source image not found: %s', $ file_name), LOG_ALERT, __FILE__, __LINE__);276 App::logMsg(sprintf('Source image not found: %s', $source_file), LOG_ALERT, __FILE__, __LINE__); 268 277 return false; 269 278 } … … 272 281 if (!is_readable($source_file)) { 273 282 $this->_raiseMsg(sprintf(_("Image resizing failed: source image %s is not readable."), $file_name), MSG_ERR, __FILE__, __LINE__); 274 App::logMsg(sprintf('Source image not readable: %s', $ file_name), LOG_ALERT, __FILE__, __LINE__);283 App::logMsg(sprintf('Source image not readable: %s', $source_file), LOG_ALERT, __FILE__, __LINE__); 275 284 return false; 276 285 } … … 279 288 if (filesize($source_file) <= 0) { 280 289 $this->_raiseMsg(sprintf(_("Image resizing failed: source image %s is zero bytes."), $file_name), MSG_ERR, __FILE__, __LINE__); 281 App::logMsg(sprintf('Source image is zero bytes: %s', $ file_name), LOG_ALERT, __FILE__, __LINE__);290 App::logMsg(sprintf('Source image is zero bytes: %s', $source_file), LOG_ALERT, __FILE__, __LINE__); 282 291 return false; 283 292 } … … 286 295 if (!$this->_validFileExtension($file_name)) { 287 296 $this->_raiseMsg(sprintf(_("Image resizing failed: source image %s not a valid type. It must have one of the following file name extensions: %s"), $file_name, join(', ', $this->getParam('valid_file_extensions'))), MSG_ERR, __FILE__, __LINE__); 288 App::logMsg(sprintf('Image resizing failed: source image not of valid type: %s', $ file_name), LOG_ERR, __FILE__, __LINE__);297 App::logMsg(sprintf('Image resizing failed: source image not of valid type: %s', $source_file), LOG_ERR, __FILE__, __LINE__); 289 298 return false; 290 299 } … … 295 304 // To keep this script running even if user tries to stop browser. 296 305 ignore_user_abort(true); 297 if (!ini_get('safe_mode')) { 298 set_time_limit(300); 299 } 306 ini_set('max_execution_time', 300); 307 ini_set('max_input_time', 300); 300 308 301 309 // This remains zero until something goes wrong. 302 310 $return_val = 0; 303 311 304 foreach ($this->image_specs as $spec) { 312 foreach ($this->image_specs as $index => $spec) { 313 314 if (is_array($runtime_specs)) { 315 // Override with runtime specs. 316 $spec = $this->setSpec($runtime_specs, $index); 317 } 305 318 306 319 // Destination filename uses the extention defined by dest_file_extention. … … 558 571 } 559 572 } 560 $this->_raiseMsg(sprintf(_("The thumbnails for file <strong>%s</strong>have been deleted."), $file_name), MSG_SUCCESS, __FILE__, __LINE__);573 $this->_raiseMsg(sprintf(_("The thumbnails for file %s have been deleted."), $file_name), MSG_SUCCESS, __FILE__, __LINE__); 561 574 return 0 === $return_val; 562 575 } … … 582 595 return false; 583 596 } 584 $this->_raiseMsg(sprintf(_("The original file <strong>%s</strong>has been deleted."), $file_name), MSG_SUCCESS, __FILE__, __LINE__);597 $this->_raiseMsg(sprintf(_("The original file %s has been deleted."), $file_name), MSG_SUCCESS, __FILE__, __LINE__); 585 598 return true; 586 599 } … … 615 628 { 616 629 preg_match('/.*?\.(\w+)$/i', $file_name, $ext); 617 return in_array(strtolower($ext[1]), $this->getParam('valid_file_extensions'));630 return !empty($ext) && in_array(strtolower($ext[1]), $this->getParam('valid_file_extensions')); 618 631 } 619 632 -
trunk/lib/PEdit.inc.php
r101 r121 270 270 ?> 271 271 <label><?php echo ucfirst(str_replace('_', ' ', $name)); ?></label> 272 <input type="text" name="_pedit_data[<?php echo $name; ?>]" id="sc-pedit-field-<?php echo $name; ?>" value="<?php echo oTxt($this->_data[$name]['content']); ?>" class=" full" />272 <input type="text" name="_pedit_data[<?php echo $name; ?>]" id="sc-pedit-field-<?php echo $name; ?>" value="<?php echo oTxt($this->_data[$name]['content']); ?>" class="sc-full" /> 273 273 <?php 274 274 break; … … 276 276 ?> 277 277 <label><?php echo ucfirst(str_replace('_', ' ', $name)); ?></label> 278 <textarea name="_pedit_data[<?php echo $name; ?>]" id="sc-pedit-field-<?php echo $name; ?>" rows="" cols="" class="full tall"><?php echo oTxt($this->_data[$name]['content']); ?></textarea>278 <textarea name="_pedit_data[<?php echo $name; ?>]" id="sc-pedit-field-<?php echo $name; ?>" rows="" cols="" class="full sc-tall"><?php echo oTxt($this->_data[$name]['content']); ?></textarea> 279 279 <?php 280 280 break; … … 365 365 <td><?php echo date(App::getParam('time_format'), $v['unixtime']); ?></td> 366 366 <td><?php echo humanFileSize($v['filesize']); ?></td> 367 <td class=" nowrap"><a href="<?php echo App::oHREF($_SERVER['PHP_SELF'] . '?op=View&version=' . $v['unixtime'] . '&file_hash=' . $this->_fileHash()); ?>"><?php echo _("View"); ?></a> <?php echo _("or"); ?> <a href="<?php echo App::oHREF($_SERVER['PHP_SELF'] . '?op=Restore&version=' . $v['unixtime'] . '&file_hash=' . $this->_fileHash()); ?>"><?php echo _("Restore"); ?></a></td>367 <td class="sc-nowrap"><a href="<?php echo App::oHREF($_SERVER['PHP_SELF'] . '?op=View&version=' . $v['unixtime'] . '&file_hash=' . $this->_fileHash()); ?>"><?php echo _("View"); ?></a> <?php echo _("or"); ?> <a href="<?php echo App::oHREF($_SERVER['PHP_SELF'] . '?op=Restore&version=' . $v['unixtime'] . '&file_hash=' . $this->_fileHash()); ?>"><?php echo _("Restore"); ?></a></td> 368 368 </tr> 369 369 <?php … … 371 371 ?> 372 372 </table> 373 <div class=" help"><?php printf(_("When there are more than %s versions, those over %s days old are deleted."), $this->getParam('versions_min_qty'), $this->getParam('versions_min_days')); ?></div>373 <div class="sc-help"><?php printf(_("When there are more than %s versions, those over %s days old are deleted."), $this->getParam('versions_min_qty'), $this->getParam('versions_min_days')); ?></div> 374 374 <?php 375 375 } -
trunk/lib/Upload.inc.php
r119 r121 35 35 'dest_file_perms' => 0600, 36 36 37 // The file permissions of the uploaded files. Remember, files will be owned by the web server user. 38 'dest_dir_perms' => 0700, 39 37 40 // Require file to have one of the following file name extentions. 38 41 'valid_file_extensions' => array('jpg', 'jpeg', 'gif', 'png', 'pdf', 'txt', 'text', 'html', 'htm'), … … 43 46 44 47 // Array of file name extensions and corresponding mime-types. 45 var $mime_extension_map = array( 'ez' => 'application/andrew-inset', 'hqx' => 'application/mac-binhex40', 'cpt' => 'application/mac-compactpro', 'doc' => 'application/msword', 'bin' => 'application/octet-stream', 'class' => 'application/octet-stream', 'dll' => 'application/octet-stream', 'dms' => 'application/octet-stream', 'exe' => 'application/octet-stream', 'lha' => 'application/octet-stream', 'lzh' => 'application/octet-stream', 'so' => 'application/octet-stream', 'oda' => 'application/oda', 'pdf' => 'application/pdf', ' ps' => 'application/postscript', 'eps' => 'application/postscript', 'ai' => 'application/postscript', 'smi' => 'application/smil', 'smil' => 'application/smil', 'mif' => 'application/vnd.mif', 'xls' => 'application/vnd.ms-excel', 'ppt' => 'application/vnd.ms-powerpoint', 'stc' => 'application/vnd.sun.xml.calc.template', 'sxc' => 'application/vnd.sun.xml.calc', 'std' => 'application/vnd.sun.xml.draw.template', 'sxd' => 'application/vnd.sun.xml.draw', 'sti' => 'application/vnd.sun.xml.impress.template', 'sxi' => 'application/vnd.sun.xml.impress', 'sxm' => 'application/vnd.sun.xml.math', 'sxg' => 'application/vnd.sun.xml.writer.global', 'stw' => 'application/vnd.sun.xml.writer.template', 'sxw' => 'application/vnd.sun.xml.writer', 'vsd' => 'application/vnd.visio', 'wbxml' => 'application/vnd.wap.wbxml', 'wmlc' => 'application/vnd.wap.wmlc', 'wmlsc' => 'application/vnd.wap.wmlscriptc', 'bcpio' => 'application/x-bcpio', 'vcd' => 'application/x-cdlink', 'pgn' => 'application/x-chess-pgn', 'Z' => 'application/x-compress', 'cpio' => 'application/x-cpio', 'csh' => 'application/x-csh', 'dcr' => 'application/x-director', 'dir' => 'application/x-director', 'dxr' => 'application/x-director', 'dvi' => 'application/x-dvi', 'spl' => 'application/x-futuresplash', 'gtar' => 'application/x-gtar', 'tgz' => 'application/x-gtar', 'gz' => 'application/x-gzip', 'hdf' => 'application/x-hdf', 'php3' => 'application/x-httpd-php3', 'php' => 'application/x-httpd-php', 'js' => 'application/x-javascript', 'skd' => 'application/x-koan', 'skm' => 'application/x-koan', 'skp' => 'application/x-koan', 'skt' => 'application/x-koan', 'latex' => 'application/x-latex', 'wmd' => 'application/x-ms-wmd', 'wmz' => 'application/x-ms-wmz', 'cdf' => 'application/x-netcdf', 'nc' => 'application/x-netcdf', 'pl' => 'application/x-perl', 'pm' => 'application/x-perl', 'shar' => 'application/x-shar', 'swf' => 'application/x-shockwave-flash', 'sh' => 'application/x-sh', 'sit' => 'application/x-stuffit', 'sv4cpio' => 'application/x-sv4cpio', 'sv4crc' => 'application/x-sv4crc', 'tar' => 'application/x-tar', 'tcl' => 'application/x-tcl', 'texi' => 'application/x-texinfo', 'texinfo' => 'application/x-texinfo', 'tex' => 'application/x-tex', 'man' => 'application/x-troff-man', 'me' => 'application/x-troff-me', 'ms' => 'application/x-troff-ms', 'roff' => 'application/x-troff', 't' => 'application/x-troff', 'tr' => 'application/x-troff', 'ustar' => 'application/x-ustar', 'src' => 'application/x-wais-source', 'xhtml' => 'application/xhtml+xml', 'xht' => 'application/xhtml+xml', 'xml' => 'application/xml', 'zip' => 'application/zip', 'au' => 'audio/basic', 'snd' => 'audio/basic', 'kar' => 'audio/midi', 'mid' => 'audio/midi', 'midi' => 'audio/midi', 'mp3' => 'audio/mpeg', 'mp2' => 'audio/mpeg', 'mpga' => 'audio/mpeg', 'aiff' => 'audio/x-aiff', 'aif' => 'audio/x-aiff', 'aifc' => 'audio/x-aiff', 'm3u' => 'audio/x-mpegurl', 'wax' => 'audio/x-ms-wax', 'wma' => 'audio/x-ms-wma', 'rpm' => 'audio/x-pn-realaudio-plugin', 'ram' => 'audio/x-pn-realaudio', 'rm' => 'audio/x-pn-realaudio', 'ra' => 'audio/x-realaudio', 'wav' => 'audio/x-wav', 'pdb' => 'chemical/x-pdb', 'xyz' => 'chemical/x-xyz', 'bmp' => 'image/bmp', 'gif' => 'image/gif', 'ief' => 'image/ief', 'jpg' => 'image/jpeg', 'jpe' => 'image/jpeg', 'jpeg' => 'image/jpeg', 'png' => 'image/png', 'tif' => 'image/tiff', 'tiff' => 'image/tiff', 'wbmp' => 'image/vnd.wap.wbmp', 'ras' => 'image/x-cmu-raster', 'pnm' => 'image/x-portable-anymap', 'pbm' => 'image/x-portable-bitmap', 'pgm' => 'image/x-portable-graymap', 'ppm' => 'image/x-portable-pixmap', 'rgb' => 'image/x-rgb', 'xbm' => 'image/x-xbitmap', 'xpm' => 'image/x-xpixmap', 'xwd' => 'image/x-xwindowdump', 'iges' => 'model/iges', 'igs' => 'model/iges', 'mesh' => 'model/mesh', 'msh' => 'model/mesh', 'silo' => 'model/mesh', 'vrml' => 'model/vrml', 'wrl' => 'model/vrml', 'ics' => 'text/calendar', 'ifb' => 'text/calendar', 'vcs' => 'text/calendar', 'vfb' => 'text/calendar', 'css' => 'text/css', 'diff' => 'text/diff', 'patch' => 'text/diff', 'html' => 'text/html', 'htm' => 'text/html', 'shtml' => 'text/html', 'txt' => 'text/plain', 'asc' => 'text/plain', 'log' => 'text/plain', 'po' => 'text/plain', 'rtx' => 'text/richtext', 'rtf' => 'text/rtf', 'sgm' => 'text/sgml', 'sgml' => 'text/sgml', 'tsv' => 'text/tab-separated-values', 'wmls' => 'text/vnd.wap.wmlscript', 'wml' => 'text/vnd.wap.wml', 'etx' => 'text/x-setext', 'vcf' => 'text/x-vcard', 'xsl' => 'text/xml', 'mpeg' => 'video/mpeg', 'mpe' => 'video/mpeg', 'mpg' => 'video/mpeg', 'mov' => 'video/quicktime', 'qt' => 'video/quicktime', 'mxu' => 'video/vnd.mpegurl', 'asf' => 'video/x-ms-asf', 'asx' => 'video/x-ms-asf', 'wmv' => 'video/x-ms-wmv', 'wm' => 'video/x-ms-wm', 'wmx' => 'video/x-ms-wmx', 'wvx' => 'video/x-ms-wvx', 'avi' => 'video/x-msvideo', 'movie' => 'video/x-sgi-movie', 'ice' => 'x-conference/x-cooltalk', );48 var $mime_extension_map = array( 'ez' => 'application/andrew-inset', 'hqx' => 'application/mac-binhex40', 'cpt' => 'application/mac-compactpro', 'doc' => 'application/msword', 'bin' => 'application/octet-stream', 'class' => 'application/octet-stream', 'dll' => 'application/octet-stream', 'dms' => 'application/octet-stream', 'exe' => 'application/octet-stream', 'lha' => 'application/octet-stream', 'lzh' => 'application/octet-stream', 'so' => 'application/octet-stream', 'oda' => 'application/oda', 'pdf' => 'application/pdf', 'ai' => 'application/postscript', 'eps' => 'application/postscript', 'ps' => 'application/postscript', 'smi' => 'application/smil', 'smil' => 'application/smil', 'mif' => 'application/vnd.mif', 'xls' => 'application/vnd.ms-excel', 'ppt' => 'application/vnd.ms-powerpoint', 'sxc' => 'application/vnd.sun.xml.calc', 'stc' => 'application/vnd.sun.xml.calc.template', 'sxd' => 'application/vnd.sun.xml.draw', 'std' => 'application/vnd.sun.xml.draw.template', 'sxi' => 'application/vnd.sun.xml.impress', 'sti' => 'application/vnd.sun.xml.impress.template', 'sxm' => 'application/vnd.sun.xml.math', 'sxw' => 'application/vnd.sun.xml.writer', 'sxg' => 'application/vnd.sun.xml.writer.global', 'stw' => 'application/vnd.sun.xml.writer.template', 'vsd' => 'application/vnd.visio', 'wbxml' => 'application/vnd.wap.wbxml', 'wmlc' => 'application/vnd.wap.wmlc', 'wmlsc' => 'application/vnd.wap.wmlscriptc', 'bcpio' => 'application/x-bcpio', 'vcd' => 'application/x-cdlink', 'pgn' => 'application/x-chess-pgn', 'Z' => 'application/x-compress', 'cpio' => 'application/x-cpio', 'csh' => 'application/x-csh', 'dcr' => 'application/x-director', 'dir' => 'application/x-director', 'dxr' => 'application/x-director', 'dvi' => 'application/x-dvi', 'spl' => 'application/x-futuresplash', 'gtar' => 'application/x-gtar', 'tgz' => 'application/x-gtar', 'gz' => 'application/x-gzip', 'hdf' => 'application/x-hdf', 'php' => 'application/x-httpd-php', 'php3' => 'application/x-httpd-php3', 'js' => 'application/x-javascript', 'skd' => 'application/x-koan', 'skm' => 'application/x-koan', 'skp' => 'application/x-koan', 'skt' => 'application/x-koan', 'latex' => 'application/x-latex', 'wmd' => 'application/x-ms-wmd', 'wmz' => 'application/x-ms-wmz', 'cdf' => 'application/x-netcdf', 'nc' => 'application/x-netcdf', 'pl' => 'application/x-perl', 'pm' => 'application/x-perl', 'psd' => 'application/x-photoshop', 'sh' => 'application/x-sh', 'shar' => 'application/x-shar', 'swf' => 'application/x-shockwave-flash', 'sit' => 'application/x-stuffit', 'sv4cpio' => 'application/x-sv4cpio', 'sv4crc' => 'application/x-sv4crc', 'tar' => 'application/x-tar', 'tcl' => 'application/x-tcl', 'tex' => 'application/x-tex', 'texi' => 'application/x-texinfo', 'texinfo' => 'application/x-texinfo', 'roff' => 'application/x-troff', 't' => 'application/x-troff', 'tr' => 'application/x-troff', 'man' => 'application/x-troff-man', 'me' => 'application/x-troff-me', 'ms' => 'application/x-troff-ms', 'ustar' => 'application/x-ustar', 'src' => 'application/x-wais-source', 'xht' => 'application/xhtml+xml', 'xhtml' => 'application/xhtml+xml', 'xml' => 'application/xml', 'zip' => 'application/zip', 'au' => 'audio/basic', 'snd' => 'audio/basic', 'kar' => 'audio/midi', 'mid' => 'audio/midi', 'midi' => 'audio/midi', 'mp2' => 'audio/mpeg', 'mp3' => 'audio/mpeg', 'mpga' => 'audio/mpeg', 'aif' => 'audio/x-aiff', 'aifc' => 'audio/x-aiff', 'aiff' => 'audio/x-aiff', 'm3u' => 'audio/x-mpegurl', 'wax' => 'audio/x-ms-wax', 'wma' => 'audio/x-ms-wma', 'ram' => 'audio/x-pn-realaudio', 'rm' => 'audio/x-pn-realaudio', 'rpm' => 'audio/x-pn-realaudio-plugin', 'ra' => 'audio/x-realaudio', 'wav' => 'audio/x-wav', 'pdb' => 'chemical/x-pdb', 'xyz' => 'chemical/x-xyz', 'bmp' => 'image/bmp', 'gif' => 'image/gif', 'ief' => 'image/ief', 'jpe' => 'image/jpeg', 'jpeg' => 'image/jpeg', 'jpg' => 'image/jpeg', 'png' => 'image/png', 'tif' => 'image/tiff', 'tiff' => 'image/tiff', 'wbmp' => 'image/vnd.wap.wbmp', 'ras' => 'image/x-cmu-raster', 'pnm' => 'image/x-portable-anymap', 'pbm' => 'image/x-portable-bitmap', 'pgm' => 'image/x-portable-graymap', 'ppm' => 'image/x-portable-pixmap', 'rgb' => 'image/x-rgb', 'xbm' => 'image/x-xbitmap', 'xpm' => 'image/x-xpixmap', 'xwd' => 'image/x-xwindowdump', 'iges' => 'model/iges', 'igs' => 'model/iges', 'mesh' => 'model/mesh', 'msh' => 'model/mesh', 'silo' => 'model/mesh', 'vrml' => 'model/vrml', 'wrl' => 'model/vrml', 'ics' => 'text/calendar', 'ifb' => 'text/calendar', 'vcs' => 'text/calendar', 'vfb' => 'text/calendar', 'css' => 'text/css', 'csv' => 'text/csv', 'diff' => 'text/diff', 'patch' => 'text/diff', 'htm' => 'text/html', 'html' => 'text/html', 'shtml' => 'text/html', 'asc' => 'text/plain', 'log' => 'text/plain', 'po' => 'text/plain', 'txt' => 'text/plain', 'rtx' => 'text/richtext', 'rtf' => 'text/rtf', 'sgm' => 'text/sgml', 'sgml' => 'text/sgml', 'tsv' => 'text/tab-separated-values', 'wml' => 'text/vnd.wap.wml', 'wmls' => 'text/vnd.wap.wmlscript', 'etx' => 'text/x-setext', 'vcf' => 'text/x-vcard', 'xsl' => 'text/xml', 'mp4' => 'video/mp4v-es', 'mpe' => 'video/mpeg', 'mpeg' => 'video/mpeg', 'mpg' => 'video/mpeg', 'mov' => 'video/quicktime', 'qt' => 'video/quicktime', 'mxu' => 'video/vnd.mpegurl', 'asf' => 'video/x-ms-asf', 'asx' => 'video/x-ms-asf', 'wm' => 'video/x-ms-wm', 'wmv' => 'video/x-ms-wmv', 'wmx' => 'video/x-ms-wmx', 'wvx' => 'video/x-ms-wvx', 'avi' => 'video/x-msvideo', 'movie' => 'video/x-sgi-movie', 'ice' => 'x-conference/x-cooltalk', ); 46 49 47 50 /** … … 60 63 // Must be directory. 61 64 if (!is_dir($params['upload_path'])) { 62 App::logMsg(sprintf('Upload directory invalid: %s', $params['upload_path']), LOG_ERR, __FILE__, __LINE__); 63 trigger_error(sprintf('Upload directory invalid: %s', $params['upload_path']), E_USER_ERROR); 65 App::logMsg(sprintf('Attempting to auto-create upload directory: %s', $params['upload_path']), LOG_NOTICE, __FILE__, __LINE__); 66 mkdir($params['upload_path'], $this->getParam('dest_dir_perms')); 67 if (!is_dir($params['upload_path'])) { 68 App::logMsg(sprintf('Upload directory invalid: %s', $params['upload_path']), LOG_ERR, __FILE__, __LINE__); 69 trigger_error(sprintf('Upload directory invalid: %s', $params['upload_path']), E_USER_ERROR); 70 } 64 71 } 65 72 // Must be writable. … … 159 166 // Valid custom file name. 160 167 $file_name = $custom_file_name; 161 $this->_raiseMsg(sprintf(_("The file <strong>%s</strong> has been renamed to <strong>%s</strong>."), $files['name'][$i], $file_name), MSG_NOTICE, __FILE__, __LINE__);168 $this->_raiseMsg(sprintf(_("The file %s has been renamed to %s."), $files['name'][$i], $file_name), MSG_NOTICE, __FILE__, __LINE__); 162 169 App::logMsg(sprintf('Using custom file name: %s', $file_name), LOG_DEBUG, __FILE__, __LINE__); 163 170 } else { … … 171 178 // Valid custom file name. 172 179 $file_name = $custom_file_name[$i]; 173 $this->_raiseMsg(sprintf(_("The file <strong>%s</strong> has been renamed to <strong>%s</strong>."), $files['name'][$i], $file_name), MSG_NOTICE, __FILE__, __LINE__);180 $this->_raiseMsg(sprintf(_("The file %s has been renamed to %s."), $files['name'][$i], $file_name), MSG_NOTICE, __FILE__, __LINE__); 174 181 App::logMsg(sprintf('Using custom file name: %s', $file_name), LOG_DEBUG, __FILE__, __LINE__); 175 182 } else { … … 180 187 } 181 188 182 // Clean the file name of bad characters. 183 $file_name = $this->cleanFileName($file_name); 184 185 // If the file name has no extension, use the mime-type extension. 189 // Check The php upload error messages. 190 if (UPLOAD_ERR_INI_SIZE === $files['error'][$i]) { 191 $this->_raiseMsg(sprintf(_("The file %s failed uploading: it exceeds the maximum allowed upload file size of %s."), $file_name, ini_get('upload_max_filesize')), MSG_ERR, __FILE__, __LINE__); 192 App::logMsg(sprintf(_("The file %s failed uploading with PHP error %s UPLOAD_ERR_INI_SIZE (currently %s)."), $files['error'][$i], $file_name, ini_get('upload_max_filesize')), LOG_ERR, __FILE__, __LINE__); 193 $this->errors[] = array('filename' => $file_name, 'errortype' => UPLOAD_ERR_INI_SIZE); 194 continue; 195 } 196 if (UPLOAD_ERR_FORM_SIZE === $files['error'][$i]) { 197 $this->_raiseMsg(sprintf(_("The file %s failed uploading: it exceeds the maximum allowed upload file size of %s."), $file_name, $_POST['MAX_FILE_SIZE']), MSG_ERR, __FILE__, __LINE__); 198 App::logMsg(sprintf(_("The file %s failed uploading with PHP error %s UPLOAD_ERR_FORM_SIZE (currently %s)."), $files['error'][$i], $file_name, $_POST['MAX_FILE_SIZE']), LOG_ERR, __FILE__, __LINE__); 199 $this->errors[] = array('filename' => $file_name, 'errortype' => UPLOAD_ERR_FORM_SIZE); 200 continue; 201 } 202 if (UPLOAD_ERR_PARTIAL === $files['error'][$i]) { 203 $this->_raiseMsg(sprintf(_("The file %s failed uploading: it was only partially uploaded."), $file_name), MSG_ERR, __FILE__, __LINE__); 204 App::logMsg(sprintf(_("The file %s failed uploading with PHP error %s UPLOAD_ERR_PARTIAL."), $files['error'][$i], $file_name), LOG_ERR, __FILE__, __LINE__); 205 $this->errors[] = array('filename' => $file_name, 'errortype' => UPLOAD_ERR_PARTIAL); 206 continue; 207 } 208 if (UPLOAD_ERR_NO_FILE === $files['error'][$i]) { 209 $this->_raiseMsg(sprintf(_("The file %s failed uploading: no file was uploaded."), $file_name), MSG_ERR, __FILE__, __LINE__); 210 App::logMsg(sprintf(_("The file %s failed uploading with PHP error %s UPLOAD_ERR_NO_FILE."), $files['error'][$i], $file_name), LOG_ERR, __FILE__, __LINE__); 211 $this->errors[] = array('filename' => $file_name, 'errortype' => UPLOAD_ERR_NO_FILE); 212 continue; 213 } 214 if (UPLOAD_ERR_NO_TMP_DIR === $files['error'][$i]) { 215 $this->_raiseMsg(sprintf(_("The file %s failed uploading: temporary upload directory missing."), $file_name), MSG_ERR, __FILE__, __LINE__); 216 App::logMsg(sprintf(_("The file %s failed uploading with PHP error %s UPLOAD_ERR_NO_TMP_DIR."), $files['error'][$i], $file_name), LOG_ERR, __FILE__, __LINE__); 217 $this->errors[] = array('filename' => $file_name, 'errortype' => UPLOAD_ERR_NO_TMP_DIR); 218 continue; 219 } 220 221 // Check to be sure it's an uploaded file. 222 if (!is_uploaded_file($files['tmp_name'][$i])) { 223 $this->_raiseMsg(sprintf(_("The file %s failed uploading."), $file_name), MSG_ERR, __FILE__, __LINE__); 224 App::logMsg(sprintf(_("The file %s failed is_uploaded_file."), $file_name), LOG_ERR, __FILE__, __LINE__); 225 $this->errors[] = array('filename' => $file_name, 'errortype' => UPLOAD_USER_ERR_NOT_UPLOADED_FILE); 226 continue; 227 } 228 229 // Check to be sure the file is not empty. 230 if ($files['size'][$i] <= 0) { 231 $this->_raiseMsg(sprintf(_("The file %s failed uploading: it contains zero bytes."), $file_name), MSG_ERR, __FILE__, __LINE__); 232 App::logMsg(sprintf(_("The uploaded file %s contains zero bytes."), $file_name), LOG_ERR, __FILE__, __LINE__); 233 $this->errors[] = array('filename' => $file_name, 'errortype' => UPLOAD_USER_ERR_EMPTY_FILE); 234 continue; 235 } 236 237 // Check to be sure the file has a valid file name extension. 238 if (!in_array(strtolower($this->getFilenameExtension($file_name)), $this->getParam('valid_file_extensions'))) { 239 $this->_raiseMsg(sprintf(_("The file %s failed uploading: it is an unrecognized type. Files must have one of the following file name extensions: %s."), $file_name, join(', ', $this->getParam('valid_file_extensions'))), MSG_ERR, __FILE__, __LINE__); 240 App::logMsg(sprintf(_("The uploaded file %s has an unrecognized file name extension."), $file_name), LOG_WARNING, __FILE__, __LINE__); 241 $this->errors[] = array('filename' => $file_name, 'errortype' => UPLOAD_USER_ERR_INVALID_EXTENSION); 242 continue; 243 } 244 245 // Check to be sure the file has a unique file name. 246 if (!$this->getParam('allow_overwriting') && $this->exists($file_name)) { 247 $this->_raiseMsg(sprintf(_("The file %s failed uploading: a file with that name already exists."), $file_name), MSG_ERR, __FILE__, __LINE__); 248 App::logMsg(sprintf(_("The uploaded file %s doesn't have a unique filename."), $file_name), LOG_WARNING, __FILE__, __LINE__); 249 $this->errors[] = array('filename' => $file_name, 'errortype' => UPLOAD_USER_ERR_NOT_UNIQUE); 250 continue; 251 } 252 253 // If the file name has no extension, use the mime-type to choose one. 186 254 if (!preg_match('/\.[^.]{1,5}$/', $file_name) && function_exists('mime_content_type')) { 187 255 if ($ext = array_search(mime_content_type($files['tmp_name'][$i]), $this->mime_extension_map)) { … … 190 258 } 191 259 192 // Set the path and file name. 193 $file_path_name = $this->getParam('upload_path') . '/' . $file_name; 194 195 196 // Check The php upload error messages. 197 if (UPLOAD_ERR_INI_SIZE === $files['error'][$i]) { 198 if ($this->getParam('display_messages')) { 199 $this->_raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: it exceeds the maximum allowed upload file size of %s."), $file_name, ini_get('upload_max_filesize')), MSG_ERR, __FILE__, __LINE__); 200 } 201 App::logMsg(sprintf(_("The file %s failed uploading with PHP error %s UPLOAD_ERR_INI_SIZE (currently %s)."), $files['error'][$i], $file_name, ini_get('upload_max_filesize')), LOG_ERR, __FILE__, __LINE__); 202 $this->errors[] = array('filename' => $file_name, 'errortype' => UPLOAD_ERR_INI_SIZE); 203 continue; 204 } 205 if (UPLOAD_ERR_FORM_SIZE === $files['error'][$i]) { 206 $this->_raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: it exceeds the maximum allowed upload file size of %s."), $file_name, $_POST['MAX_FILE_SIZE']), MSG_ERR, __FILE__, __LINE__); 207 App::logMsg(sprintf(_("The file %s failed uploading with PHP error %s UPLOAD_ERR_FORM_SIZE (currently %s)."), $files['error'][$i], $file_name, $_POST['MAX_FILE_SIZE']), LOG_ERR, __FILE__, __LINE__); 208 $this->errors[] = array('filename' => $file_name, 'errortype' => UPLOAD_ERR_FORM_SIZE); 209 continue; 210 } 211 if (UPLOAD_ERR_PARTIAL === $files['error'][$i]) { 212 $this->_raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: it was only partially uploaded."), $file_name), MSG_ERR, __FILE__, __LINE__); 213 App::logMsg(sprintf(_("The file %s failed uploading with PHP error %s UPLOAD_ERR_PARTIAL."), $files['error'][$i], $file_name), LOG_ERR, __FILE__, __LINE__); 214 $this->errors[] = array('filename' => $file_name, 'errortype' => UPLOAD_ERR_PARTIAL); 215 continue; 216 } 217 if (UPLOAD_ERR_NO_FILE === $files['error'][$i]) { 218 $this->_raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: no file was uploaded."), $file_name), MSG_ERR, __FILE__, __LINE__); 219 App::logMsg(sprintf(_("The file %s failed uploading with PHP error %s UPLOAD_ERR_NO_FILE."), $files['error'][$i], $file_name), LOG_ERR, __FILE__, __LINE__); 220 $this->errors[] = array('filename' => $file_name, 'errortype' => UPLOAD_ERR_NO_FILE); 221 continue; 222 } 223 if (UPLOAD_ERR_NO_TMP_DIR === $files['error'][$i]) { 224 $this->_raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: temporary upload directory missing."), $file_name), MSG_ERR, __FILE__, __LINE__); 225 App::logMsg(sprintf(_("The file %s failed uploading with PHP error %s UPLOAD_ERR_NO_TMP_DIR."), $files['error'][$i], $file_name), LOG_ERR, __FILE__, __LINE__); 226 $this->errors[] = array('filename' => $file_name, 'errortype' => UPLOAD_ERR_NO_TMP_DIR); 227 continue; 228 } 229 230 // Check to be sure it's an uploaded file. 231 if (!is_uploaded_file($files['tmp_name'][$i])) { 232 $this->_raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading."), $file_name), MSG_ERR, __FILE__, __LINE__); 233 App::logMsg(sprintf(_("The file %s failed is_uploaded_file."), $file_name), LOG_ERR, __FILE__, __LINE__); 234 $this->errors[] = array('filename' => $file_name, 'errortype' => UPLOAD_USER_ERR_NOT_UPLOADED_FILE); 235 continue; 236 } 237 238 // Check to be sure the file is not empty. 239 if ($files['size'][$i] <= 0) { 240 $this->_raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: it contains zero bytes."), $file_name), MSG_ERR, __FILE__, __LINE__); 241 App::logMsg(sprintf(_("The uploaded file %s contains zero bytes."), $file_name), LOG_ERR, __FILE__, __LINE__); 242 $this->errors[] = array('filename' => $file_name, 'errortype' => UPLOAD_USER_ERR_EMPTY_FILE); 243 continue; 244 } 245 246 // Check to be sure the file has a valid file name extension. 247 if (!in_array(strtolower($this->getFilenameExtension($file_name)), $this->getParam('valid_file_extensions'))) { 248 $this->_raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: it is an unrecognized type. Files must have one of the following file name extensions: %s."), $file_name, join(', ', $this->getParam('valid_file_extensions'))), MSG_ERR, __FILE__, __LINE__); 249 App::logMsg(sprintf(_("The uploaded file %s has an unrecognized file name extension."), $file_name), LOG_WARNING, __FILE__, __LINE__); 250 $this->errors[] = array('filename' => $file_name, 'errortype' => UPLOAD_USER_ERR_INVALID_EXTENSION); 251 continue; 252 } 253 254 // Check to be sure the file has a unique file name. 255 if (!$this->getParam('allow_overwriting') && $this->exists($file_name)) { 256 $this->_raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: a file with that name already exists."), $file_name), MSG_ERR, __FILE__, __LINE__); 257 App::logMsg(sprintf(_("The uploaded file %s doesn't have a unique filename."), $file_name), LOG_WARNING, __FILE__, __LINE__); 258 $this->errors[] = array('filename' => $file_name, 'errortype' => UPLOAD_USER_ERR_NOT_UNIQUE); 259 continue; 260 } 260 // Clean the file name of bad characters. 261 $file_name = $this->cleanFileName($file_name); 262 263 // FINAL path and file name, lowercase extension. 264 $file_extension = strtolower($this->getFilenameExtension($file_name)); 265 $file_name = sprintf('%s.%s', substr($file_name, 0, strrpos($file_name, '.')), $file_extension); 266 $file_path_name = sprintf('%s/%s', $this->getParam('upload_path'), $file_name); 261 267 262 268 // Move the file to the final place. … … 264 270 chmod($file_path_name, $this->getParam('dest_file_perms')); 265 271 App::logMsg(sprintf('File uploaded: %s', $file_path_name), LOG_INFO, __FILE__, __LINE__); 266 $this->_raiseMsg(sprintf(_("The file <strong>%s</strong>uploaded successfully."), $file_name), MSG_SUCCESS, __FILE__, __LINE__);272 $this->_raiseMsg(sprintf(_("The file %s uploaded successfully."), $file_name), MSG_SUCCESS, __FILE__, __LINE__); 267 273 if (!isset($custom_file_name) && $files['name'][$i] != $file_name) { 268 274 // Notify user if uploaded file name was modified (unless a custom file name will be used anyways). 269 $this->_raiseMsg(sprintf(_("The file <strong>%s</strong> was renamed to <strong>%s</strong>."), $files['name'][$i], $file_name), MSG_NOTICE, __FILE__, __LINE__);275 $this->_raiseMsg(sprintf(_("The file %s was renamed to %s."), $files['name'][$i], $file_name), MSG_NOTICE, __FILE__, __LINE__); 270 276 } 271 277 $new_file_names[] = array( 272 278 'name' => $file_name, 279 'mime' => $files['type'][$i], 273 280 'size' => filesize($file_path_name), 274 'extension' => strtolower(substr($file_name, strrpos($file_name, '.') + 1)), 281 'extension' => $file_extension, 282 'original_index' => $i, 275 283 ); 276 continue;277 284 } else { 278 $this->_raiseMsg(sprintf(_("The file <strong>%s</strong>failed uploading."), $file_name), MSG_ERR, __FILE__, __LINE__);285 $this->_raiseMsg(sprintf(_("The file %s failed uploading."), $file_name), MSG_ERR, __FILE__, __LINE__); 279 286 App::logMsg(sprintf(_("Moving file failed: %s -> %s"), $files['tmp_name'][$i], $file_path_name), LOG_ALERT, __FILE__, __LINE__); 280 287 $this->errors[] = array('filename' => $file_name, 'errortype' => UPLOAD_USER_ERR_MOVE_FAILED); 281 continue; 288 } 289 290 // Check file extension with browsers interpretation of file type. 291 if (isset($this->mime_extension_map[$file_extension]) && $files['type'][$i] != $this->mime_extension_map[$file_extension]) { 292 App::logMsg(sprintf('File extension (%s) does not match mime type (%s).', $file_extension, $files['type'][$i]), LOG_NOTICE, __FILE__, __LINE__); 282 293 } 283 294 } … … 310 321 App::logMsg(sprintf('Deleted file: %s', $file_path_name), LOG_INFO, __FILE__, __LINE__); 311 322 } else { 312 $this->_raiseMsg(sprintf(_("The file <strong>%s</strong>could not be deleted."), $file_name), MSG_ERR, __FILE__, __LINE__);323 $this->_raiseMsg(sprintf(_("The file %s could not be deleted."), $file_name), MSG_ERR, __FILE__, __LINE__); 313 324 App::logMsg(sprintf(_("Failed deleting file: %s"), $file_path_name), LOG_ERR, __FILE__, __LINE__); 314 325 return false; … … 336 347 if (file_exists($old_file_path_name)) { 337 348 if (rename($old_file_path_name, $new_file_path_name)) { 338 $this->_raiseMsg(sprintf(_("The file <strong>%s</strong> has been renamed to <strong>%s</strong>."), basename($old_file_path_name), basename($new_file_path_name)), MSG_NOTICE, __FILE__, __LINE__);349 $this->_raiseMsg(sprintf(_("The file %s has been renamed to %s."), basename($old_file_path_name), basename($new_file_path_name)), MSG_NOTICE, __FILE__, __LINE__); 339 350 App::logMsg(sprintf('File renamed from %s to %s', $old_file_path_name, $new_file_path_name), LOG_DEBUG, __FILE__, __LINE__); 340 351 } else { … … 344 355 } 345 356 } else { 346 $this->_raiseMsg(sprintf(_("Couldn't rename nonexistent file <strong>%s</strong>."), $old_name), MSG_WARNING, __FILE__, __LINE__);357 $this->_raiseMsg(sprintf(_("Couldn't rename nonexistent file %s."), $old_name), MSG_WARNING, __FILE__, __LINE__); 347 358 App::logMsg(sprintf(_("Error renaming nonexistent file: %s"), $old_file_path_name), LOG_WARNING, __FILE__, __LINE__); 348 359 return false;
Note: See TracChangeset
for help on using the changeset viewer.