21 defined(
'XOOPS_ROOT_PATH') or die('Restricted access');
77 var $allowUnknownTypes =
false;
83 var $mediaRealType =
'';
85 var $allowedMimeTypes = array();
86 var $deniedMimeTypes = array(
87 'application/x-httpd-php');
96 var $extensionToMime = array();
97 var $checkImageType =
true;
98 var $extensionsToBeSanitized = array(
109 var $imageExtensions = array(
137 function XoopsMediaUploader($uploadDir, $allowedMimeTypes, $maxFileSize = 0, $maxWidth = null, $maxHeight = null)
139 $this->extensionToMime = include
$GLOBALS[
'xoops']->path(
'include/mimetypes.inc.php');
140 if (!is_array($this->extensionToMime)) {
141 $this->extensionToMime = array();
144 if (is_array($allowedMimeTypes)) {
145 $this->allowedMimeTypes =& $allowedMimeTypes;
147 $this->uploadDir = $uploadDir;
148 $this->maxFileSize = intval($maxFileSize);
149 if (isset($maxWidth)) {
150 $this->maxWidth = intval($maxWidth);
152 if (isset($maxHeight)) {
153 $this->maxHeight = intval($maxHeight);
156 if (!include_once
$GLOBALS[
'xoops']->path(
'language/' .
$GLOBALS[
'xoopsConfig'][
'language'] .
'/uploader.php')) {
157 include_once
$GLOBALS[
'xoops']->path(
'language/english/uploader.php');
168 function fetchMedia($media_name,
$index = null)
170 if (empty($this->extensionToMime)) {
174 if (!isset($_FILES[$media_name])) {
177 }
else if (is_array($_FILES[$media_name][
'name']) && isset(
$index)) {
179 $this->mediaName = (get_magic_quotes_gpc()) ? stripslashes($_FILES[$media_name][
'name'][
$index]) : $_FILES[$media_name][
'name'][
$index];
180 $this->mediaType = $_FILES[$media_name][
'type'][
$index];
181 $this->mediaSize = $_FILES[$media_name][
'size'][
$index];
182 $this->mediaTmpName = $_FILES[$media_name][
'tmp_name'][
$index];
183 $this->mediaError = !empty($_FILES[$media_name][
'error'][$index]) ? $_FILES[$media_name][
'error'][
$index] : 0;
185 $media_name =& $_FILES[$media_name];
186 $this->mediaName = (get_magic_quotes_gpc()) ? stripslashes($media_name[
'name']) : $media_name[
'name'];
187 $this->mediaType = $media_name[
'type'];
188 $this->mediaSize = $media_name[
'size'];
189 $this->mediaTmpName = $media_name[
'tmp_name'];
190 $this->mediaError = !empty($media_name[
'error']) ? $media_name[
'error'] : 0;
193 if ((
$ext = strrpos($this->mediaName,
'.')) !==
false) {
194 $ext = strtolower(substr($this->mediaName,
$ext + 1));
195 if (isset($this->extensionToMime[
$ext])) {
196 $this->mediaRealType = $this->extensionToMime[
$ext];
199 $this->errors = array();
200 if (intval($this->mediaSize) < 0) {
204 if ($this->mediaName ==
'') {
208 if ($this->mediaTmpName ==
'none' || ! is_uploaded_file($this->mediaTmpName)) {
212 if ($this->mediaError > 0) {
224 function setTargetFileName($value)
226 $this->targetFileName = strval(trim($value));
234 function setPrefix($value)
236 $this->prefix = strval(trim($value));
244 function getMediaName()
246 return $this->mediaName;
254 function getMediaType()
256 return $this->mediaType;
264 function getMediaSize()
266 return $this->mediaSize;
274 function getMediaTmpName()
276 return $this->mediaTmpName;
284 function getSavedFileName()
286 return $this->savedFileName;
294 function getSavedDestination()
296 return $this->savedDestination;
304 function upload($chmod = 0644)
306 if ($this->uploadDir ==
'') {
310 if (!is_dir($this->uploadDir)) {
314 if (!is_writeable($this->uploadDir)) {
318 $this->sanitizeMultipleExtensions();
320 if (!$this->checkMaxFileSize()) {
323 if (!$this->checkMaxWidth()) {
326 if (!$this->checkMaxHeight()) {
329 if (!$this->checkMimeType()) {
332 if (!$this->checkImageType()) {
335 if (count($this->errors) > 0) {
338 return $this->_copyFile($chmod);
346 function _copyFile($chmod)
349 if (!preg_match(
"/\.([a-zA-Z0-9]+)$/", $this->mediaName, $matched)) {
353 if (isset($this->targetFileName)) {
354 $this->savedFileName = $this->targetFileName;
355 }
else if (isset($this->prefix)) {
356 $this->savedFileName = uniqid($this->prefix) .
'.' . strtolower($matched[1]);
358 $this->savedFileName = strtolower($this->mediaName);
361 $this->savedDestination = $this->uploadDir .
'/' . $this->savedFileName;
362 if (!move_uploaded_file($this->mediaTmpName, $this->savedDestination)) {
367 $ext = strtolower(substr(strrchr($this->savedDestination,
'.'), 1));
368 if (in_array(
$ext, $this->imageExtensions)) {
369 $info = @getimagesize($this->savedDestination);
370 if ($info ===
false || $this->imageExtensions[(
int) $info[2]] !=
$ext) {
372 @unlink($this->savedDestination);
376 @chmod($this->savedDestination, $chmod);
385 function checkMaxFileSize()
387 if (!isset($this->maxFileSize)) {
390 if ($this->mediaSize > $this->maxFileSize) {
402 function checkMaxWidth()
404 if (!isset($this->maxWidth)) {
407 if (
false !== $dimension = getimagesize($this->mediaTmpName)) {
408 if ($dimension[0] > $this->maxWidth) {
423 function checkMaxHeight()
425 if (!isset($this->maxHeight)) {
428 if (
false !== $dimension = getimagesize($this->mediaTmpName)) {
429 if ($dimension[1] > $this->maxHeight) {
444 function checkMimeType()
446 if (empty($this->mediaRealType) && empty($this->allowUnknownTypes)) {
451 if ((!empty($this->allowedMimeTypes) && !in_array($this->mediaRealType, $this->allowedMimeTypes)) || (!empty($this->deniedMimeTypes) && in_array($this->mediaRealType, $this->deniedMimeTypes))) {
463 function checkImageType()
465 if (empty($this->checkImageType)) {
469 if ((
'image' == substr($this->mediaType, 0, strpos($this->mediaType,
'/'))) || (!empty($this->mediaRealType) &&
'image' == substr($this->mediaRealType, 0, strpos($this->mediaRealType,
'/')))) {
470 if (!($info = @getimagesize($this->mediaTmpName))) {
481 function sanitizeMultipleExtensions()
483 if (empty($this->extensionsToBeSanitized)) {
489 foreach ($this->extensionsToBeSanitized as
$ext) {
490 $patterns[] =
"/\." . preg_quote($ext) .
"\./i";
491 $replaces[] =
"_" . $ext .
".";
493 $this->mediaName = preg_replace($patterns, $replaces, $this->mediaName);
503 $this->errors[] = trim(
$error);
512 function &getErrors($ashtml =
true)
518 if (count($this->errors) > 0) {
520 foreach ($this->errors as
$error) {
521 $ret .= $error .
'<br />';