Source for file FileUpload.php

Documentation is available at FileUpload.php

  1. <?php /*
  2.  * FCKeditor - The text editor for internet
  3.  * Copyright (C) 2003-2005 Frederico Caldeira Knabben
  4.  * 
  5.  * Licensed under the terms of the GNU Lesser General Public License:
  6.  *         http://www.opensource.org/licenses/lgpl-license.php
  7.  * 
  8.  * For further information visit:
  9.  *         http://www.fckeditor.net/
  10.  * 
  11.  * File Name: FileUpload.php
  12.  *     Implements the FileUpload command,
  13.  *     Checks the file uploaded is allowed, 
  14.  *     then moves it to the user data area. 
  15.  * 
  16.  * File Authors:
  17.  *         Grant French (grant@mcpuk.net)
  18.  */
  19. class FileUpload {
  20.     var $fckphp_config;
  21.     var $type;
  22.     var $cwd;
  23.     var $actual_cwd;
  24.     var $newfolder;
  25.     
  26.     function FileUpload($fckphp_config,$type,$cwd{
  27.         $this->fckphp_config=$fckphp_config;
  28.         $this->type=$type;
  29.         $this->raw_cwd=$cwd;
  30.         $this->actual_cwd=str_replace("//","/",($this->fckphp_config['UserFilesPath']."/$type/".$this->raw_cwd));
  31.         $this->real_cwd=str_replace("//","/",($this->fckphp_config['basedir']."/".$this->actual_cwd));
  32.     }
  33.     
  34.     function cleanFilename($filename{
  35.         $n_filename="";
  36.         
  37.         //Check that it only contains valid characters
  38.         for($i=0;$i<strlen($filename);$i++if (in_array(substr($filename,$i,1),$this->fckphp_config['FileNameAllowedChars'])) $n_filename.=substr($filename,$i,1);
  39.         
  40.         //If it got this far all is ok
  41.         return $n_filename;
  42.     }
  43.     
  44.     function run({
  45.         //If using CGI Upload script, get file info and insert into $_FILE array
  46.         if     (
  47.                 (sizeof($_FILES)==0&& 
  48.                 isset($_GET['file']&& 
  49.                 isset($_GET['file']['NewFile']&& 
  50.                 is_array($_GET['file']['NewFile'])
  51.             {
  52.             if (isset($_GET['file']['NewFile']['name'])&&$_GET['file']['NewFile']['size']&&$_GET['file']['NewFile']['tmp_name']{
  53.                 $_FILES['NewFile']['name']=basename(str_replace("\\","/",$_GET['file']['NewFile']['name']));
  54.                 $_FILES['NewFile']['size']=$_GET['file']['NewFile']['size'];
  55.                 $_FILES['NewFile']['tmp_name']=$_GET['file']['NewFile']['tmp_name'];
  56.             else {
  57.                 $disp="202,'Incomplete file information from upload CGI'";
  58.             }
  59.         }
  60.         
  61. //         if (isset($_FILES['NewFile'])&&isset($_FILES['NewFile']['name'])&&($_FILES['NewFile']['name']!=""))
  62. //             $_FILES['NewFile']['name']=$_FILES['NewFile']['name']; //$this->cleanFilename($_FILES['NewFile']['name']);
  63.         
  64.         $typeconfig=$this->fckphp_config['ResourceAreas'][$this->type];
  65.         
  66.         header ("content-type: text/html");
  67.         if (sizeof($_FILES)>0{
  68.             if (array_key_exists("NewFile",$_FILES)) {
  69.                 if ($_FILES['NewFile']['size']<($typeconfig['MaxSize']*1024)) {
  70.  
  71.                     $filename=basename(str_replace("\\","/",$_FILES['NewFile']['name']));
  72.                     
  73.                     $lastdot=strrpos($filename,".");
  74.                     
  75.                     if ($lastdot!==false{
  76.                         $ext=substr($filename,($lastdot+1));
  77.                         $filename=substr($filename,0,$lastdot);
  78.                         
  79.                         if (in_array(strtolower($ext),$typeconfig['AllowedExtensions'])) {
  80.                         
  81.                             $test=0;
  82.                             $dirSizes=array();
  83.                             $globalSize=0;
  84.                             $failSizeCheck=false;
  85.                             if ($this->fckphp_config['DiskQuota']['Global']!=-1{
  86.                                 foreach ($this->fckphp_config['ResourceTypes'as $resType{
  87.                                     
  88.                                     $dirSizes[$resType]=
  89.                                         $this->getDirSize(
  90.                                             $this->fckphp_config['basedir']."/".$this->fckphp_config['UserFilesPath']."/$resType");
  91.                                     
  92.                                     if ($dirSizes[$resType]===false{
  93.                                         //Failed to stat a directory, fall out
  94.                                         $failSizeCheck=true;
  95.                                         $msg="\\nUnable to determine the size of a folder.";
  96.                                         break;
  97.                                     }
  98.                                     $globalSize+=$dirSizes[$resType];
  99.                                 }
  100.                                 
  101.                                 $globalSize+=$_FILES['NewFile']['size'];
  102.                                 
  103.                                 if (!$failSizeCheck{
  104.                                     if ($globalSize>($this->fckphp_config['DiskQuota']['Global']*1048576)) {
  105.                                         $failSizeCheck=true;
  106.                                         $msg="\\nYou are over the global disk quota.";
  107.                                     }
  108.                                 }
  109.                             }
  110.                             
  111.                             if (($typeconfig['DiskQuota']!=-1)&&(!$failSizeCheck)) {
  112.                                 if ($this->fckphp_config['DiskQuota']['Global']==-1{
  113.                                     $dirSizes[$this->type]=
  114.                                         $this->getDirSize(
  115.                                             $this->fckphp_config['basedir']."/".$this->fckphp_config['UserFilesPath']."/".$this->type);
  116.                                 }
  117.                                 
  118.                                 if (($dirSizes[$this->type]+$_FILES['NewFile']['size'])>
  119.                                     ($typeconfig['DiskQuota']*1048576)) {
  120.                                     $failSizeCheck=true;    
  121.                                     $msg="\\nYou are over the disk quota for this resource type.";
  122.                                 }
  123.                             }
  124.                             
  125.                             if ((($this->fckphp_config['DiskQuota']['Global']!=-1)||($typeconfig['DiskQuota']!=-1))&&$failSizeCheck{
  126.                                 //Disk Quota over
  127.                                 $disp="202,'Over disk quota, ".$msg."'";
  128.                             else {
  129.                         
  130.                                 if (file_exists($this->real_cwd."/$filename.$ext")) {
  131.                                     $taskDone=false;
  132.                                     
  133.                                     //File already exists, try renaming
  134.                                     //If there are more than 200 files with
  135.                                     //    the same name giveup
  136.                                     for ($i=1;(($i<200)&&($taskDone==false));$i++{
  137.                                         if (!file_exists($this->real_cwd."/$filename($i).$ext")) {
  138.                                             if (is_uploaded_file($_FILES['NewFile']['tmp_name'])) {
  139.                                                 if 
  140.                                                 (move_uploaded_file($_FILES['NewFile']['tmp_name'],($this->real_cwd."/$filename($i).$ext"))) {
  141.                                                     chmod(($this->real_cwd."/$filename($i).$ext"),0777);
  142.                                                     $disp="201,'..$filename($i).$ext'";
  143.                                                 else {
  144.                                                     $disp="202,'Failed to upload file, internal error.'";
  145.                                                 }
  146.                                             else {
  147.                                                 if 
  148.                                                 (rename($_FILES['NewFile']['tmp_name'],($this->real_cwd."/$filename($i).$ext"))) {
  149.                                                     chmod(($this->real_cwd."/$filename($i).$ext"),0777);
  150.                                                     $disp="201,'$filename($i).$ext'";
  151.                                                 else {
  152.                                                     $disp="202,'Failed to upload file, internal error.'";
  153.                                                 }
  154.                                             }
  155.                                             $taskDone=true;    
  156.                                         }
  157.                                     }
  158.                                     if ($taskDone==false{
  159.                                         $disp="202,'Failed to upload file, internal error..'";
  160.                                     }
  161.                                 else {
  162.                                     //Upload file
  163.                                     if (is_uploaded_file($_FILES['NewFile']['tmp_name'])) {
  164.                                         if (move_uploaded_file($_FILES['NewFile']['tmp_name'],($this->real_cwd."/$filename.$ext"))) {
  165.                                             chmod(($this->real_cwd."/$filename.$ext"),0777);
  166.                                             $disp="0";
  167.                                         else {
  168.                                             $disp="202,'Failed to upload file, internal error...'";
  169.                                         }
  170.                                     else {
  171.                                         if (rename($_FILES['NewFile']['tmp_name'],($this->real_cwd."/$filename.$ext"))) {
  172.                                             chmod(($this->real_cwd."/$filename.$ext"),0777);
  173.                                             $disp="0";
  174.                                         else {
  175.                                             $disp="202,'Failed to upload file, internal error...'";
  176.                                         }
  177.                                     }
  178.                                 }
  179.                             }
  180.                         else {
  181.                             //Disallowed file extension
  182.                             $disp="202,'Disallowed file type.'";
  183.                         }
  184.                         
  185.                     else {
  186.                         //No file extension to check
  187.                         $disp="202,'Unable to determine file type of file'";
  188.                     }    
  189.                     
  190.                 else {
  191.                     //Too big
  192.                     $disp="202,'This file exceeds the maximum upload size.'";
  193.                 }
  194.             else {
  195.                 //No file uploaded with field name NewFile
  196.                 $disp="202,'Unable to find uploaded file.'";
  197.             }
  198.         else {
  199.             //No files uploaded
  200.             
  201.             //Should really send something back saying
  202.             //invalid file, but this breaks the filemanager 
  203.             //with firefox, so for now we'll just exit
  204.             exit(0);
  205.             //$disp="202";
  206.         }
  207.  
  208.         ?>
  209.         <html>
  210.         <head>
  211.             <title>Upload Complete</title>
  212.         </head>
  213.         <body>
  214.         <script type="text/javascript">
  215.             window.parent.frames['frmUpload'].OnUploadCompleted(<?php echo $disp?>) ;
  216.         </script>
  217.         </body>
  218.         </html>
  219.         <?php
  220.         
  221.     }
  222.     
  223.     function getDirSize($dir{
  224.         $dirSize=0;
  225.         if ($dh=@opendir($dir)) {
  226.             while ($file=@readdir($dh)) {
  227.                 if (($file!=".")&&($file!="..")) {
  228.                     if (is_dir($dir."/".$file)) {
  229.                         $tmp_dirSize=$this->getDirSize($dir."/".$file);
  230.                         if ($tmp_dirSize!==false$dirSize+=$tmp_dirSize;
  231.                     else {
  232.                         $dirSize+=filesize($dir."/".$file);
  233.                     }
  234.                 }
  235.             }
  236.             @closedir($dh);
  237.         else {
  238.             return false;
  239.         }
  240.         
  241.         return $dirSize;
  242.     }
  243. }
  244.  
  245. ?>

Documentation generated on Mon, 05 May 2008 16:19:44 +0400 by phpDocumentor 1.4.0