| [ Index ] |
PHP Cross Reference of e107 v1 |
[Summary view] [Print] [Text view]
1 <?php 2 /* 3 + ----------------------------------------------------------------------------+ 4 | e107 website system 5 | 6 | Steve Dunstan 2001-2002 7 | Copyright (C) 2008-2010 e107 Inc (e107.org) 8 | 9 | 10 | Released under the terms and conditions of the 11 | GNU General Public License (http://gnu.org). 12 | 13 | $URL: https://e107.svn.sourceforge.net/svnroot/e107/trunk/e107_0.7/upload.php $ 14 | $Revision: 11678 $ 15 | $Id: upload.php 11678 2010-08-22 00:43:45Z e107coders $ 16 | $Author: e107coders $ 17 +----------------------------------------------------------------------------+ 18 */ 19 20 // Experimental e-token 21 if(!empty($_POST) && !isset($_POST['e-token'])) 22 { 23 // set e-token so it can be processed by class2 24 $_POST['e-token'] = ''; 25 } 26 27 require_once ("class2.php"); 28 29 if (!$pref['upload_enabled'] || $pref['upload_class'] == 255) 30 { 31 header("location: ".e_BASE."index.php"); 32 exit; 33 } 34 35 require_once(HEADERF); 36 37 if (!defined("USER_WIDTH")){ define("USER_WIDTH","width:97%"); } 38 39 if (!check_class($pref['upload_class'])) 40 { 41 $text = "<div style='text-align:center'>".LAN_UL_002."</div>"; 42 $ns->tablerender(LAN_UL_020, $text); 43 require_once(FOOTERF); 44 exit; 45 } 46 47 48 $message = ''; 49 $postemail =''; 50 if (isset($_POST['upload'])) 51 { 52 if (($_POST['file_email'] || USER == TRUE) && $_POST['file_name'] && $_POST['file_description'] && $_POST['download_category']) 53 { 54 require_once(e_HANDLER."upload_handler.php"); 55 // $uploaded = file_upload(e_FILE."public/", "unique"); 56 $uploaded = process_uploaded_files(e_FILE."public/", "unique", array('max_file_count' => 2, 'extra_file_types' => TRUE)); 57 58 // First, see what errors the upload handler picked up 59 if ($uploaded === FALSE) 60 { 61 $message = LAN_UL_021.'<br />'; 62 } 63 64 // Now see if we have a code file 65 if (count($uploaded) > 0) 66 { 67 if ($uploaded[0]['error'] == 0) 68 { 69 $file = $uploaded[0]['name']; 70 $filesize = $uploaded[0]['size']; 71 } 72 else 73 { 74 $message .= $uploaded[0]['message'].'<br />'; 75 } 76 } 77 78 // Now see if we have an image file 79 if (count($uploaded) > 1) 80 { 81 if ($uploaded[1]['error'] == 0) 82 { 83 $image = $uploaded[1]['name']; 84 } 85 else 86 { 87 $message .= $uploaded[1]['message'].'<br />'; 88 } 89 } 90 91 // The upload handler checks max file size 92 $downloadCategory = intval($_POST['download_category']); 93 if (!$downloadCategory) 94 { 95 $message .= LAN_UL_037.'<br />'; 96 } 97 98 // $message non-null here indicates an error - delete the files to keep things tidy 99 if ($message) 100 { 101 @unlink($file); 102 @unlink($image); 103 } 104 else 105 { 106 if (USER) 107 { 108 $qry = "SELECT user_hideemail FROM #user WHERE user_id=".USERID; 109 if(!$sql->db_Select_gen($qry)) 110 { 111 echo "Fatal database error!"; 112 exit; 113 } 114 $poster = USERID.".".USERNAME; 115 $row = $sql->db_Fetch(); 116 if ($row['user_hideemail']) 117 { 118 $postemail = '-witheld-'; 119 } 120 else 121 { 122 $postemail = USEREMAIL; 123 } 124 } 125 else 126 { 127 $poster = "0".$tp -> toDB($_POST['file_poster']); 128 $postemail = $tp->toDB($_POST['file_email']); 129 } 130 if (($postemail != '-witheld-') && !check_email($postemail)) 131 { 132 $message = LAN_UL_001."<br />"; 133 } 134 else 135 { 136 if ($postemail == '-witheld-') $postemail = ''; 137 $_POST['file_description'] = $tp->toDB($_POST['file_description']); 138 $file_time = time(); 139 $sql->db_Insert("upload", "0, '".$poster."', '".$postemail."', '".$tp -> toDB($_POST['file_website'])."', '".$file_time."', '".$tp -> toDB($_POST['file_name'])."', '".$tp -> toDB($_POST['file_version'])."', '".$file."', '".$image."', '".$tp -> toDB($_POST['file_description'])."', '".$tp -> toDB($_POST['file_demo'])."', '".$filesize."', 0, '".$downloadCategory."'"); 140 $edata_fu = array("upload_user" => $poster, "upload_email" => $postemail, "upload_name" => $tp -> toDB($_POST['file_name']),"upload_file" => $file, "upload_version" => $_POST['file_version'], "upload_description" => $tp -> toDB($_POST['file_description']), "upload_size" => $filesize, "upload_category" => $downloadCategory, "upload_website" => $tp -> toDB($_POST['file_website']), "upload_image" => $image, "upload_demo" => $tp -> toDB($_POST['file_demo']), "upload_time" => $file_time); 141 $e_event->trigger("fileupload", $edata_fu); 142 $message .= "<br />".LAN_404; 143 } 144 } 145 } 146 else 147 { // Error - missing data 148 require_once(e_HANDLER."message_handler.php"); 149 message_handler("ALERT", 5); 150 } 151 } 152 153 if ($message) 154 { 155 $text = "<div style=\"text-align:center\"><b>".$message."</b></div>"; 156 $ns->tablerender("", $text); 157 require_once(FOOTERF); 158 exit; 159 } 160 161 162 $text = "<div style='text-align:center'> 163 <form enctype='multipart/form-data' method='post' onsubmit='return frmVerify()' action='".e_SELF."'> 164 <table style='".USER_WIDTH."' class='fborder'> 165 <colgroup> 166 <col style='width:30%' /> 167 <col style='width:70%' /> 168 </colgroup> 169 <tr> 170 <td class='forumheader3'>".DOWLAN_11.":</td> 171 <td class='forumheader3'>"; 172 173 require_once(e_FILE."shortcode/batch/download_shortcodes.php"); 174 $dlparm = (isset($download_category)) ? $download_category : ""; 175 $text .= $tp->parseTemplate("{DOWNLOAD_CATEGORY_SELECT={$dlparm}}",true,$download_shortcodes); 176 177 178 $text .= " 179 </td> 180 </tr> 181 182 <tr> 183 <td style='text-align:center' colspan='2' class='forumheader3'>"; 184 185 $text .= "<b>".LAN_406."</b><br />".LAN_419.":"; 186 187 if (is_readable(e_ADMIN.'filetypes.php')) 188 { 189 $a_filetypes = trim(file_get_contents(e_ADMIN.'filetypes.php')); 190 $a_filetypes = explode(',', $a_filetypes); 191 foreach ($a_filetypes as $ftype) 192 { 193 $sa_filetypes[] = '.'.trim(str_replace('.', '', $ftype)); 194 } 195 $allowed_filetypes = implode(' | ', $sa_filetypes); 196 } 197 198 $text .= " ".$allowed_filetypes."<br />".LAN_407."<br /> 199 ".LAN_418.($pref['upload_maxfilesize'] ? $pref['upload_maxfilesize'] : ini_get('upload_max_filesize'))."<br />"; 200 201 $text .= "<span style='text-decoration:underline'>".LAN_408."</span> ".LAN_420."</td> 202 </tr>"; 203 204 if (!USER) 205 { // Prompt for name, email 206 $text .= "<tr> 207 <td class='forumheader3'>".LAN_61."</td> 208 <td class='forumheader3'><input class='tbox' style='width:90%' name='file_poster' type='text' size='50' maxlength='100' value='{$poster}' /></td> 209 </tr> 210 211 <tr> 212 <td class='forumheader3'><span style='text-decoration:underline'>".LAN_112."</span></td> 213 <td class='forumheader3'><input class='tbox' style='width:90%' name='file_email' id='user_email' type='text' size='50' maxlength='100' value='".$postemail."' /></td> 214 </tr>"; 215 } 216 217 $text .= " 218 <tr> 219 <td class='forumheader3'><span style='text-decoration:underline'>".LAN_409."</span></td> 220 <td class='forumheader3'><input class='tbox' style='width:90%' name='file_name' id='file_name' type='text' size='50' maxlength='100' /></td> 221 </tr> 222 223 <tr> 224 <td class='forumheader3'>".LAN_410."</td> 225 <td class='forumheader3'><input class='tbox' style='width:90%' name='file_version' type='text' size='10' maxlength='10' /></td> 226 </tr> 227 228 229 <tr> 230 <td class='forumheader3'><span style='text-decoration:underline'>".LAN_411."</span></td> 231 <td class='forumheader3'><input class='tbox' style='width:90%' id='file_realpath' name='file_userfile[]' type='file' size='47' /></td> 232 </tr> 233 234 <tr> 235 <td class='forumheader3'>".LAN_412."</td> 236 <td class='forumheader3'><input class='tbox' style='width:90%' name='file_userfile[]' type='file' size='47' /></td> 237 </tr> 238 239 <tr> 240 <td class='forumheader3'><span style='text-decoration:underline'>".LAN_413."</span></td> 241 <td class='forumheader3'><textarea class='tbox' style='width:90%' name='file_description' id='file_description' cols='59' rows='6'></textarea></td> 242 </tr> 243 244 <tr> 245 <td class='forumheader3'>".LAN_144."</td> 246 <td class='forumheader3'><input class='tbox' style='width:90%' name='file_website' type='text' size='50' maxlength='100' value='".(defined(USERURL) ? USERURL : "")."' /></td> 247 </tr> 248 249 <tr> 250 <td class='forumheader3'>".LAN_414."<br /><span class='smalltext'>".LAN_415."</span></td> 251 <td class='forumheader3'><input class='tbox' style='width:90%' name='file_demo' type='text' size='50' maxlength='100' /></td> 252 </tr> 253 254 <tr> 255 <td style='text-align:center' colspan='2' class='forumheader'><input class='button' type='submit' name='upload' value='".LAN_416."' /> 256 <input type='hidden' name='e-token' value='".e_TOKEN."' /></td> 257 </tr> 258 </table> 259 </form> 260 </div>"; 261 262 $ns->tablerender(LAN_417, $text); 263 264 require_once(FOOTERF); 265 266 267 function headerjs() 268 { 269 $script = "<script type=\"text/javascript\"> 270 function frmVerify() 271 { 272 var message = ''; 273 var spacer = ''; 274 var testObjects = new Array(\"download_category\", \"user_email\", \"file_name\", \"file_realpath\", \"file_description\"); 275 var errorMessages = new Array('".LAN_UL_032."', '".LAN_UL_033."', '".LAN_UL_034."', '".LAN_UL_036."', '".LAN_UL_035."'); 276 var temp; 277 var i; 278 for (i = 0; i < 5; i++) 279 { 280 temp = document.getElementById(testObjects[i]); 281 if (temp && (temp.value == \"\")) 282 { 283 message = message + spacer + errorMessages[i]; 284 spacer = '\\n'; 285 } 286 } 287 if (message) 288 { 289 alert(message); 290 return false; 291 } 292 } 293 </script>"; 294 return $script; 295 } 296 297 298 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Mon Mar 12 16:28:38 2012 | Cross Reference PHPXref |