1: <?php
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32: 33: 34: 35: 36: 37: 38: 39: 40: 41: 42: 43: 44: 45: 46: 47: 48: 49: 50: 51: 52: 53: 54: 55: 56: 57: 58: 59: 60: 61:
62:
63: define("XCUBE_IMAGETYPE_ENUM_GIF",1);
64: define("XCUBE_IMAGETYPE_ENUM_JPG",2);
65: define("XCUBE_IMAGETYPE_ENUM_PNG",3);
66: define("XCUBE_IMAGETYPE_ENUM_BMP",6);
67:
68: class XoopsMediaUploader
69: {
70: 71: 72:
73: var $allowUnknownTypes = false;
74: var $mediaName;
75: var $mediaType;
76: var $mediaSize;
77: var $mediaTmpName;
78: var $mediaError;
79: var $mediaRealType = '';
80: var $uploadDir = '';
81: var $allowedMimeTypes = array();
82: var $allowedExtensions = array();
83: var $maxFileSize = 0;
84: var $maxWidth;
85: var $maxHeight;
86: var $targetFileName;
87: var $prefix;
88: var $errors = array();
89: var $savedDestination;
90: var $savedFileName;
91: var $extensionToMime = array();
92:
93: var $_strictCheckExtensions = array();
94:
95: 96: 97: 98: 99: 100: 101: 102: 103: 104:
105: function XoopsMediaUploader($uploadDir, $allowedMimeTypes, $maxFileSize=0, $maxWidth=null, $maxHeight=null)
106: {
107: @$this->extensionToMime = include( XOOPS_ROOT_PATH . '/class/mimetypes.inc.php' );
108: if ( !is_array( $this->extensionToMime ) ) {
109: $this->extensionToMime = array();
110: return false;
111: }
112: if (is_array($allowedMimeTypes)) {
113: $this->allowedMimeTypes =& $allowedMimeTypes;
114: }
115: $this->uploadDir = $uploadDir;
116: $this->maxFileSize = intval($maxFileSize);
117: if(isset($maxWidth)) {
118: $this->maxWidth = intval($maxWidth);
119: }
120: if(isset($maxHeight)) {
121: $this->maxHeight = intval($maxHeight);
122: }
123:
124: $this->_strictCheckExtensions = array("gif"=>XCUBE_IMAGETYPE_ENUM_GIF,
125: "jpg"=>XCUBE_IMAGETYPE_ENUM_JPG,
126: "jpeg"=>XCUBE_IMAGETYPE_ENUM_JPG,
127: "png"=>XCUBE_IMAGETYPE_ENUM_PNG,
128: "bmp"=>XCUBE_IMAGETYPE_ENUM_BMP);
129: }
130:
131: function setAllowedExtensions($extensions)
132: {
133: $this->allowedExtensions = is_array($extensions) ? $extensions : array();
134: }
135:
136: function setStrictCheckExtensions($extensions)
137: {
138: $this->_strictCheckExtensions = $extensions;
139: }
140:
141: 142: 143: 144: 145: 146: 147:
148: function fetchMedia($media_name, $index = null)
149: {
150: if ( empty( $this->extensionToMime ) ) {
151: $this->setErrors( 'Error loading mimetypes definition' );
152: return false;
153: }
154: if (!isset($_FILES[$media_name])) {
155: $this->setErrors('File not found');
156: return false;
157: } elseif (is_array($_FILES[$media_name]['name']) && isset($index)) {
158: $index = intval($index);
159: $this->mediaName = (get_magic_quotes_gpc()) ? stripslashes($_FILES[$media_name]['name'][$index]) : $_FILES[$media_name]['name'][$index];
160: $this->mediaType = $_FILES[$media_name]['type'][$index];
161: $this->mediaSize = $_FILES[$media_name]['size'][$index];
162: $this->mediaTmpName = $_FILES[$media_name]['tmp_name'][$index];
163: $this->mediaError = !empty($_FILES[$media_name]['error'][$index]) ? $_FILES[$media_name]['errir'][$index] : 0;
164: } else {
165: $media_name =& $_FILES[$media_name];
166: $this->mediaName = (get_magic_quotes_gpc()) ? stripslashes($media_name['name']) : $media_name['name'];
167: $this->mediaName = $media_name['name'];
168: $this->mediaType = $media_name['type'];
169: $this->mediaSize = $media_name['size'];
170: $this->mediaTmpName = $media_name['tmp_name'];
171: $this->mediaError = !empty($media_name['error']) ? $media_name['error'] : 0;
172: }
173: if ( ($ext = strrpos( $this->mediaName, '.' )) !== false ) {
174: $this->ext = strtolower ( substr( $this->mediaName, $ext + 1 ) );
175: if ( isset( $this->extensionToMime[$this->ext] ) ) {
176: $this->mediaRealType = $this->extensionToMime[$this->ext];
177:
178: }
179: } else {
180: $this->setErrors('Invalid Extension');
181: return false;
182: }
183: $this->errors = array();
184: if (intval($this->mediaSize) < 0) {
185: $this->setErrors('Invalid File Size');
186: return false;
187: }
188: if ($this->mediaName == '') {
189: $this->setErrors('Filename Is Empty');
190: return false;
191: }
192: if ($this->mediaTmpName == 'none' || !is_uploaded_file($this->mediaTmpName)) {
193: $this->setErrors('No file uploaded');
194: return false;
195: }
196: if ($this->mediaError > 0) {
197: $this->setErrors('Error occurred: Error #'.$this->mediaError);
198: return false;
199: }
200: return true;
201: }
202:
203: 204: 205: 206: 207:
208: function setTargetFileName($value){
209: $this->targetFileName = strval(trim($value));
210: }
211:
212: 213: 214: 215: 216:
217: function setPrefix($value){
218: $this->prefix = strval(trim($value));
219: }
220:
221: 222: 223: 224: 225:
226: function getMediaName()
227: {
228: return $this->mediaName;
229: }
230:
231: 232: 233: 234: 235:
236: function getMediaType()
237: {
238: return $this->mediaType;
239: }
240:
241: 242: 243: 244: 245:
246: function getMediaSize()
247: {
248: return $this->mediaSize;
249: }
250:
251: 252: 253: 254: 255:
256: function getMediaTmpName()
257: {
258: return $this->mediaTmpName;
259: }
260:
261: 262: 263: 264: 265:
266: function getSavedFileName(){
267: return $this->savedFileName;
268: }
269:
270: 271: 272: 273: 274:
275: function getSavedDestination(){
276: return $this->savedDestination;
277: }
278:
279: 280: 281: 282: 283:
284: function upload($chmod = 0644)
285: {
286: if ($this->uploadDir == '') {
287: $this->setErrors('Upload directory not set');
288: return false;
289: }
290: if (!is_dir($this->uploadDir)) {
291: $this->setErrors('Failed opening directory: '.$this->uploadDir);
292: }
293: if (!is_writeable($this->uploadDir)) {
294: $this->setErrors('Failed opening directory with write permission: '.$this->uploadDir);
295: }
296: if (!$this->checkMaxFileSize()) {
297: $this->setErrors('File size too large: '.$this->mediaSize);
298: }
299: if (!$this->checkMaxWidth()) {
300: $this->setErrors(sprintf('File width must be smaller than %u', $this->maxWidth));
301: }
302: if (!$this->checkMaxHeight()) {
303: $this->setErrors(sprintf('File height must be smaller than %u', $this->maxHeight));
304: }
305: if (!$this->checkMimeType()) {
306: $this->setErrors("Invalid file type");
307: }
308: if (count($this->errors) > 0) {
309: return false;
310: }
311: if (!$this->_copyFile($chmod)) {
312: $this->setErrors('Failed uploading file: '.$this->mediaName);
313: return false;
314: }
315: return true;
316: }
317:
318: 319: 320: 321: 322:
323: function _copyFile($chmod)
324: {
325: if (isset($this->targetFileName)) {
326: $this->savedFileName = $this->targetFileName;
327: } elseif (isset($this->prefix)) {
328: $this->savedFileName = uniqid($this->prefix).'.'.strtolower($this->ext);
329: } else {
330: $this->savedFileName = strtolower($this->mediaName);
331: }
332: $this->savedDestination = $this->uploadDir.'/'.$this->savedFileName;
333: if (!move_uploaded_file($this->mediaTmpName, $this->savedDestination)) {
334: return false;
335: }
336: @chmod($this->savedDestination, $chmod);
337: return true;
338: }
339:
340: 341: 342: 343: 344:
345: function checkMaxFileSize()
346: {
347: if ($this->mediaSize > $this->maxFileSize) {
348: return false;
349: }
350: return true;
351: }
352:
353: 354: 355: 356: 357:
358: function checkMaxWidth()
359: {
360: if (!isset($this->maxWidth)) {
361: return true;
362: }
363: if (false !== $dimension = getimagesize($this->mediaTmpName)) {
364: if ($dimension[0] > $this->maxWidth) {
365: return false;
366: }
367: } else {
368: trigger_error(sprintf('Failed fetching image size of %s, skipping max width check..', $this->mediaTmpName), E_USER_WARNING);
369: }
370: return true;
371: }
372:
373: 374: 375: 376: 377:
378: function checkMaxHeight()
379: {
380: if (!isset($this->maxHeight)) {
381: return true;
382: }
383: if (false !== $dimension = getimagesize($this->mediaTmpName)) {
384: if ($dimension[1] > $this->maxHeight) {
385: return false;
386: }
387: } else {
388: trigger_error(sprintf('Failed fetching image size of %s, skipping max height check..', $this->mediaTmpName), E_USER_WARNING);
389: }
390: return true;
391: }
392:
393: 394: 395: 396: 397:
398: function checkMimeType()
399: {
400: if (!empty($this->allowedExtensions)) {
401: if (!in_array($this->ext, $this->allowedExtensions)) {
402: $this->setErrors( 'File extension not allowed' );
403: return false;
404: }
405:
406:
407:
408:
409: if (!empty($this->allowedMimeTypes)&& !in_array($this->mediaType, $this->allowedMimeTypes)) {
410: $this->setErrors('Unexpected MIME Type');
411: return false;
412: }
413: } else {
414:
415:
416: if (empty( $this->mediaRealType ) && !$this->allowUnknownTypes) {
417: return false;
418: }
419: if (!empty($this->allowedMimeTypes)&& !in_array($this->mediaRealType, $this->allowedMimeTypes)) {
420: $this->setErrors('Unexpected MIME Type');
421: return false;
422: }
423: }
424:
425:
426: if(isset($this->_strictCheckExtensions[$this->ext])) {
427: return $this->_checkStrict();
428: }
429: else {
430: return true;
431: }
432: }
433:
434: function _checkStrict()
435: {
436: $parseValue = getimagesize($this->mediaTmpName);
437:
438: if($parseValue===false)
439: return false;
440:
441: return $parseValue[2]==$this->_strictCheckExtensions[$this->ext];
442: }
443:
444: 445: 446: 447: 448:
449: function checkExpectedMimeType()
450: {
451: if ( empty( $this->mediaRealType ) && !$this->allowUnknownTypes ) {
452: return false;
453: }
454:
455: return ( empty($this->allowedMimeTypes) || in_array($this->mediaRealType, $this->allowedMimeTypes) );
456: }
457:
458: 459: 460: 461: 462:
463: function setErrors($error)
464: {
465: $this->errors[] = trim($error);
466: }
467:
468: 469: 470: 471: 472: 473: 474:
475: function &getErrors($ashtml = true)
476: {
477: if (!$ashtml) {
478: return $this->errors;
479: } else {
480: $ret = '';
481: if (count($this->errors) > 0) {
482: $ret = '<h4>Errors Returned While Uploading</h4>';
483: foreach ($this->errors as $error) {
484: $ret .= $error.'<br />';
485: }
486: }
487: return $ret;
488: }
489: }
490: }
491: ?>