PageRenderTime 49ms CodeModel.GetById 15ms RepoModel.GetById 0ms app.codeStats 0ms

/phpBB/includes/functions_upload.php

http://github.com/phpbb/phpbb
PHP | 1118 lines | 842 code | 130 blank | 146 comment | 97 complexity | 7143be02859bcde21bc19992663e6c92 MD5 | raw file
Possible License(s): GPL-3.0, AGPL-1.0 
    

  1. <?php
    2. 

  2. /**
    3. 

  3. *
    4. 

  4. * This file is part of the phpBB Forum Software package.
    5. 

  5. *
    6. 

  6. * @copyright (c) phpBB Limited <https://www.phpbb.com>
    7. 

  7. * @license GNU General Public License, version 2 (GPL-2.0)
    8. 

  8. *
    9. 

  9. * For full copyright and license information, please see
    10. 

  10. * the docs/CREDITS.txt file.
    11. 

  11. *
    12. 

  12. */
    13. 

  13. 

  14. /**
    15. 

  15. * @ignore
    16. 

  16. */
    17. 

  17. if (!defined('IN_PHPBB'))
    18. 

  18. {
    19. 

  19. 	exit;
    20. 

  20. }
    21. 

  21. 

  22. /**
    23. 

  23. * Responsible for holding all file relevant information, as well as doing file-specific operations.
    24. 

  24. * The {@link fileupload fileupload class} can be used to upload several files, each of them being this object to operate further on.
    25. 

  25. */
    26. 

  26. class filespec
    27. 

  27. {
    28. 

  28. 	var $filename = '';
    29. 

  29. 	var $realname = '';
    30. 

  30. 	var $uploadname = '';
    31. 

  31. 	var $mimetype = '';
    32. 

  32. 	var $extension = '';
    33. 

  33. 	var $filesize = 0;
    34. 

  34. 	var $width = 0;
    35. 

  35. 	var $height = 0;
    36. 

  36. 	var $image_info = array();
    37. 

  37. 

  38. 	var $destination_file = '';
    39. 

  39. 	var $destination_path = '';
    40. 

  40. 

  41. 	var $file_moved = false;
    42. 

  42. 	var $init_error = false;
    43. 

  43. 	var $local = false;
    44. 

  44. 

  45. 	var $error = array();
    46. 

  46. 

  47. 	var $upload = '';
    48. 

  48. 

  49. 	/**
    50. 

  50. 	 * The plupload object
    51. 

  51. 	 * @var \phpbb\plupload\plupload
    52. 

  52. 	 */
    53. 

  53. 	protected $plupload;
    54. 

  54. 

  55. 	/**
    56. 

  56. 	 * phpBB Mimetype guesser
    57. 

  57. 	 * @var \phpbb\mimetype\guesser
    58. 

  58. 	 */
    59. 

  59. 	protected $mimetype_guesser;
    60. 

  60. 

  61. 	/**
    62. 

  62. 	* File Class
    63. 

  63. 	* @access private
    64. 

  64. 	*/
    65. 

  65. 	function filespec($upload_ary, $upload_namespace, \phpbb\mimetype\guesser $mimetype_guesser = null, \phpbb\plupload\plupload $plupload = null)
    66. 

  66. 	{
    67. 

  67. 		if (!isset($upload_ary))
    68. 

  68. 		{
    69. 

  69. 			$this->init_error = true;
    70. 

  70. 			return;
    71. 

  71. 		}
    72. 

  72. 

  73. 		$this->filename = $upload_ary['tmp_name'];
    74. 

  74. 		$this->filesize = $upload_ary['size'];
    75. 

  75. 		$name = (STRIP) ? stripslashes($upload_ary['name']) : $upload_ary['name'];
    76. 

  76. 		$name = trim(utf8_basename($name));
    77. 

  77. 		$this->realname = $this->uploadname = $name;
    78. 

  78. 		$this->mimetype = $upload_ary['type'];
    79. 

  79. 

  80. 		// Opera adds the name to the mime type
    81. 

  81. 		$this->mimetype	= (strpos($this->mimetype, '; name') !== false) ? str_replace(strstr($this->mimetype, '; name'), '', $this->mimetype) : $this->mimetype;
    82. 

  82. 

  83. 		if (!$this->mimetype)
    84. 

  84. 		{
    85. 

  85. 			$this->mimetype = 'application/octet-stream';
    86. 

  86. 		}
    87. 

  87. 

  88. 		$this->extension = strtolower(self::get_extension($this->realname));
    89. 

  89. 

  90. 		// Try to get real filesize from temporary folder (not always working) ;)
    91. 

  91. 		$this->filesize = (@filesize($this->filename)) ? @filesize($this->filename) : $this->filesize;
    92. 

  92. 

  93. 		$this->width = $this->height = 0;
    94. 

  94. 		$this->file_moved = false;
    95. 

  95. 

  96. 		$this->local = (isset($upload_ary['local_mode'])) ? true : false;
    97. 

  97. 		$this->upload = $upload_namespace;
    98. 

  98. 		$this->plupload = $plupload;
    99. 

  99. 		$this->mimetype_guesser = $mimetype_guesser;
    100. 

  100. 	}
    101. 

  101. 

  102. 	/**
    103. 

  103. 	* Cleans destination filename
    104. 

  104. 	*
    105. 

  105. 	* @param real|unique|unique_ext $mode real creates a realname, filtering some characters, lowering every character. Unique creates an unique filename
    106. 

  106. 	* @param string $prefix Prefix applied to filename
    107. 

  107. 	* @param string $user_id The user_id is only needed for when cleaning a user's avatar
    108. 

  108. 	* @access public
    109. 

  109. 	*/
    110. 

  110. 	function clean_filename($mode = 'unique', $prefix = '', $user_id = '')
    111. 

  111. 	{
    112. 

  112. 		if ($this->init_error)
    113. 

  113. 		{
    114. 

  114. 			return;
    115. 

  115. 		}
    116. 

  116. 

  117. 		switch ($mode)
    118. 

  118. 		{
    119. 

  119. 			case 'real':
    120. 

  120. 				// Remove every extension from filename (to not let the mime bug being exposed)
    121. 

  121. 				if (strpos($this->realname, '.') !== false)
    122. 

  122. 				{
    123. 

  123. 					$this->realname = substr($this->realname, 0, strpos($this->realname, '.'));
    124. 

  124. 				}
    125. 

  125. 

  126. 				// Replace any chars which may cause us problems with _
    127. 

  127. 				$bad_chars = array("'", "\\", ' ', '/', ':', '*', '?', '"', '<', '>', '|');
    128. 

  128. 

  129. 				$this->realname = rawurlencode(str_replace($bad_chars, '_', strtolower($this->realname)));
    130. 

  130. 				$this->realname = preg_replace("/%(\w{2})/", '_', $this->realname);
    131. 

  131. 

  132. 				$this->realname = $prefix . $this->realname . '.' . $this->extension;
    133. 

  133. 			break;
    134. 

  134. 

  135. 			case 'unique':
    136. 

  136. 				$this->realname = $prefix . md5(unique_id());
    137. 

  137. 			break;
    138. 

  138. 

  139. 			case 'avatar':
    140. 

  140. 				$this->extension = strtolower($this->extension);
    141. 

  141. 				$this->realname = $prefix . $user_id . '.' . $this->extension;
    142. 

  142. 

  143. 			break;
    144. 

  144. 

  145. 			case 'unique_ext':
    146. 

  146. 			default:
    147. 

  147. 				$this->realname = $prefix . md5(unique_id()) . '.' . $this->extension;
    148. 

  148. 			break;
    149. 

  149. 		}
    150. 

  150. 	}
    151. 

  151. 

  152. 	/**
    153. 

  153. 	* Get property from file object
    154. 

  154. 	*/
    155. 

  155. 	function get($property)
    156. 

  156. 	{
    157. 

  157. 		if ($this->init_error || !isset($this->$property))
    158. 

  158. 		{
    159. 

  159. 			return false;
    160. 

  160. 		}
    161. 

  161. 

  162. 		return $this->$property;
    163. 

  163. 	}
    164. 

  164. 

  165. 	/**
    166. 

  166. 	* Check if file is an image (mimetype)
    167. 

  167. 	*
    168. 

  168. 	* @return true if it is an image, false if not
    169. 

  169. 	*/
    170. 

  170. 	function is_image()
    171. 

  171. 	{
    172. 

  172. 		return (strpos($this->mimetype, 'image/') === 0);
    173. 

  173. 	}
    174. 

  174. 

  175. 	/**
    176. 

  176. 	* Check if the file got correctly uploaded
    177. 

  177. 	*
    178. 

  178. 	* @return true if it is a valid upload, false if not
    179. 

  179. 	*/
    180. 

  180. 	function is_uploaded()
    181. 

  181. 	{
    182. 

  182. 		$is_plupload = $this->plupload && $this->plupload->is_active();
    183. 

  183. 

  184. 		if (!$this->local && !$is_plupload && !is_uploaded_file($this->filename))
    185. 

  185. 		{
    186. 

  186. 			return false;
    187. 

  187. 		}
    188. 

  188. 

  189. 		if (($this->local || $is_plupload) && !file_exists($this->filename))
    190. 

  190. 		{
    191. 

  191. 			return false;
    192. 

  192. 		}
    193. 

  193. 

  194. 		return true;
    195. 

  195. 	}
    196. 

  196. 

  197. 	/**
    198. 

  198. 	* Remove file
    199. 

  199. 	*/
    200. 

  200. 	function remove()
    201. 

  201. 	{
    202. 

  202. 		if ($this->file_moved)
    203. 

  203. 		{
    204. 

  204. 			@unlink($this->destination_file);
    205. 

  205. 		}
    206. 

  206. 	}
    207. 

  207. 

  208. 	/**
    209. 

  209. 	* Get file extension
    210. 

  210. 	*
    211. 

  211. 	* @param string Filename that needs to be checked
    212. 

  212. 	* @return string Extension of the supplied filename
    213. 

  213. 	*/
    214. 

  214. 	static public function get_extension($filename)
    215. 

  215. 	{
    216. 

  216. 		$filename = utf8_basename($filename);
    217. 

  217. 

  218. 		if (strpos($filename, '.') === false)
    219. 

  219. 		{
    220. 

  220. 			return '';
    221. 

  221. 		}
    222. 

  222. 

  223. 		$filename = explode('.', $filename);
    224. 

  224. 		return array_pop($filename);
    225. 

  225. 	}
    226. 

  226. 

  227. 	/**
    228. 

  228. 	* Get mimetype
    229. 

  229. 	*
    230. 

  230. 	* @param string $filename Filename that needs to be checked
    231. 

  231. 	* @return string Mimetype of supplied filename
    232. 

  232. 	*/
    233. 

  233. 	function get_mimetype($filename)
    234. 

  234. 	{
    235. 

  235. 		if ($this->mimetype_guesser !== null)
    236. 

  236. 		{
    237. 

  237. 			$mimetype = $this->mimetype_guesser->guess($filename, $this->uploadname);
    238. 

  238. 

  239. 			if ($mimetype !== 'application/octet-stream')
    240. 

  240. 			{
    241. 

  241. 				$this->mimetype = $mimetype;
    242. 

  242. 			}
    243. 

  243. 		}
    244. 

  244. 

  245. 		return $this->mimetype;
    246. 

  246. 	}
    247. 

  247. 

  248. 	/**
    249. 

  249. 	* Get filesize
    250. 

  250. 	*/
    251. 

  251. 	function get_filesize($filename)
    252. 

  252. 	{
    253. 

  253. 		return @filesize($filename);
    254. 

  254. 	}
    255. 

  255. 

  256. 

  257. 	/**
    258. 

  258. 	* Check the first 256 bytes for forbidden content
    259. 

  259. 	*/
    260. 

  260. 	function check_content($disallowed_content)
    261. 

  261. 	{
    262. 

  262. 		if (empty($disallowed_content))
    263. 

  263. 		{
    264. 

  264. 			return true;
    265. 

  265. 		}
    266. 

  266. 

  267. 		$fp = @fopen($this->filename, 'rb');
    268. 

  268. 

  269. 		if ($fp !== false)
    270. 

  270. 		{
    271. 

  271. 			$ie_mime_relevant = fread($fp, 256);
    272. 

  272. 			fclose($fp);
    273. 

  273. 			foreach ($disallowed_content as $forbidden)
    274. 

  274. 			{
    275. 

  275. 				if (stripos($ie_mime_relevant, '<' . $forbidden) !== false)
    276. 

  276. 				{
    277. 

  277. 					return false;
    278. 

  278. 				}
    279. 

  279. 			}
    280. 

  280. 		}
    281. 

  281. 		return true;
    282. 

  282. 	}
    283. 

  283. 

  284. 	/**
    285. 

  285. 	* Move file to destination folder
    286. 

  286. 	* The phpbb_root_path variable will be applied to the destination path
    287. 

  287. 	*
    288. 

  288. 	* @param string $destination Destination path, for example $config['avatar_path']
    289. 

  289. 	* @param bool $overwrite If set to true, an already existing file will be overwritten
    290. 

  290. 	* @param bool $skip_image_check If set to true, the check for the file to be a valid image is skipped
    291. 

  291. 	* @param string $chmod Permission mask for chmodding the file after a successful move. The mode entered here reflects the mode defined by {@link phpbb_chmod()}
    292. 

  292. 	*
    293. 

  293. 	* @access public
    294. 

  294. 	*/
    295. 

  295. 	function move_file($destination, $overwrite = false, $skip_image_check = false, $chmod = false)
    296. 

  296. 	{
    297. 

  297. 		global $user, $phpbb_root_path;
    298. 

  298. 

  299. 		if (sizeof($this->error))
    300. 

  300. 		{
    301. 

  301. 			return false;
    302. 

  302. 		}
    303. 

  303. 

  304. 		$chmod = ($chmod === false) ? CHMOD_READ | CHMOD_WRITE : $chmod;
    305. 

  305. 

  306. 		// We need to trust the admin in specifying valid upload directories and an attacker not being able to overwrite it...
    307. 

  307. 		$this->destination_path = $phpbb_root_path . $destination;
    308. 

  308. 

  309. 		// Check if the destination path exist...
    310. 

  310. 		if (!file_exists($this->destination_path))
    311. 

  311. 		{
    312. 

  312. 			@unlink($this->filename);
    313. 

  313. 			return false;
    314. 

  314. 		}
    315. 

  315. 

  316. 		$upload_mode = (@ini_get('open_basedir') || @ini_get('safe_mode') || strtolower(@ini_get('safe_mode')) == 'on') ? 'move' : 'copy';
    317. 

  317. 		$upload_mode = ($this->local) ? 'local' : $upload_mode;
    318. 

  318. 		$this->destination_file = $this->destination_path . '/' . utf8_basename($this->realname);
    319. 

  319. 

  320. 		// Check if the file already exist, else there is something wrong...
    321. 

  321. 		if (file_exists($this->destination_file) && !$overwrite)
    322. 

  322. 		{
    323. 

  323. 			@unlink($this->filename);
    324. 

  324. 			$this->error[] = $user->lang($this->upload->error_prefix . 'GENERAL_UPLOAD_ERROR', $this->destination_file);
    325. 

  325. 			$this->file_moved = false;
    326. 

  326. 			return false;
    327. 

  327. 		}
    328. 

  328. 		else
    329. 

  329. 		{
    330. 

  330. 			if (file_exists($this->destination_file))
    331. 

  331. 			{
    332. 

  332. 				@unlink($this->destination_file);
    333. 

  333. 			}
    334. 

  334. 

  335. 			switch ($upload_mode)
    336. 

  336. 			{
    337. 

  337. 				case 'copy':
    338. 

  338. 

  339. 					if (!@copy($this->filename, $this->destination_file))
    340. 

  340. 					{
    341. 

  341. 						if (!@move_uploaded_file($this->filename, $this->destination_file))
    342. 

  342. 						{
    343. 

  343. 							$this->error[] = sprintf($user->lang[$this->upload->error_prefix . 'GENERAL_UPLOAD_ERROR'], $this->destination_file);
    344. 

  344. 						}
    345. 

  345. 					}
    346. 

  346. 

  347. 				break;
    348. 

  348. 

  349. 				case 'move':
    350. 

  350. 

  351. 					if (!@move_uploaded_file($this->filename, $this->destination_file))
    352. 

  352. 					{
    353. 

  353. 						if (!@copy($this->filename, $this->destination_file))
    354. 

  354. 						{
    355. 

  355. 							$this->error[] = sprintf($user->lang[$this->upload->error_prefix . 'GENERAL_UPLOAD_ERROR'], $this->destination_file);
    356. 

  356. 						}
    357. 

  357. 					}
    358. 

  358. 

  359. 				break;
    360. 

  360. 

  361. 				case 'local':
    362. 

  362. 

  363. 					if (!@copy($this->filename, $this->destination_file))
    364. 

  364. 					{
    365. 

  365. 						$this->error[] = sprintf($user->lang[$this->upload->error_prefix . 'GENERAL_UPLOAD_ERROR'], $this->destination_file);
    366. 

  366. 					}
    367. 

  367. 

  368. 				break;
    369. 

  369. 			}
    370. 

  370. 

  371. 			// Remove temporary filename
    372. 

  372. 			@unlink($this->filename);
    373. 

  373. 

  374. 			if (sizeof($this->error))
    375. 

  375. 			{
    376. 

  376. 				return false;
    377. 

  377. 			}
    378. 

  378. 

  379. 			phpbb_chmod($this->destination_file, $chmod);
    380. 

  380. 		}
    381. 

  381. 

  382. 		// Try to get real filesize from destination folder
    383. 

  383. 		$this->filesize = (@filesize($this->destination_file)) ? @filesize($this->destination_file) : $this->filesize;
    384. 

  384. 

  385. 		// Get mimetype of supplied file
    386. 

  386. 		$this->mimetype = $this->get_mimetype($this->destination_file);
    387. 

  387. 

  388. 		if ($this->is_image() && !$skip_image_check)
    389. 

  389. 		{
    390. 

  390. 			$this->width = $this->height = 0;
    391. 

  391. 

  392. 			if (($this->image_info = @getimagesize($this->destination_file)) !== false)
    393. 

  393. 			{
    394. 

  394. 				$this->width = $this->image_info[0];
    395. 

  395. 				$this->height = $this->image_info[1];
    396. 

  396. 

  397. 				if (!empty($this->image_info['mime']))
    398. 

  398. 				{
    399. 

  399. 					$this->mimetype = $this->image_info['mime'];
    400. 

  400. 				}
    401. 

  401. 

  402. 				// Check image type
    403. 

  403. 				$types = fileupload::image_types();
    404. 

  404. 

  405. 				if (!isset($types[$this->image_info[2]]) || !in_array($this->extension, $types[$this->image_info[2]]))
    406. 

  406. 				{
    407. 

  407. 					if (!isset($types[$this->image_info[2]]))
    408. 

  408. 					{
    409. 

  409. 						$this->error[] = sprintf($user->lang['IMAGE_FILETYPE_INVALID'], $this->image_info[2], $this->mimetype);
    410. 

  410. 					}
    411. 

  411. 					else
    412. 

  412. 					{
    413. 

  413. 						$this->error[] = sprintf($user->lang['IMAGE_FILETYPE_MISMATCH'], $types[$this->image_info[2]][0], $this->extension);
    414. 

  414. 					}
    415. 

  415. 				}
    416. 

  416. 

  417. 				// Make sure the dimensions match a valid image
    418. 

  418. 				if (empty($this->width) || empty($this->height))
    419. 

  419. 				{
    420. 

  420. 					$this->error[] = $user->lang['ATTACHED_IMAGE_NOT_IMAGE'];
    421. 

  421. 				}
    422. 

  422. 			}
    423. 

  423. 			else
    424. 

  424. 			{
    425. 

  425. 				$this->error[] = $user->lang['UNABLE_GET_IMAGE_SIZE'];
    426. 

  426. 			}
    427. 

  427. 		}
    428. 

  428. 

  429. 		$this->file_moved = true;
    430. 

  430. 		$this->additional_checks();
    431. 

  431. 		unset($this->upload);
    432. 

  432. 

  433. 		return true;
    434. 

  434. 	}
    435. 

  435. 

  436. 	/**
    437. 

  437. 	* Performing additional checks
    438. 

  438. 	*/
    439. 

  439. 	function additional_checks()
    440. 

  440. 	{
    441. 

  441. 		global $user;
    442. 

  442. 

  443. 		if (!$this->file_moved)
    444. 

  444. 		{
    445. 

  445. 			return false;
    446. 

  446. 		}
    447. 

  447. 

  448. 		// Filesize is too big or it's 0 if it was larger than the maxsize in the upload form
    449. 

  449. 		if ($this->upload->max_filesize && ($this->get('filesize') > $this->upload->max_filesize || $this->filesize == 0))
    450. 

  450. 		{
    451. 

  451. 			$max_filesize = get_formatted_filesize($this->upload->max_filesize, false);
    452. 

  452. 

  453. 			$this->error[] = sprintf($user->lang[$this->upload->error_prefix . 'WRONG_FILESIZE'], $max_filesize['value'], $max_filesize['unit']);
    454. 

  454. 

  455. 			return false;
    456. 

  456. 		}
    457. 

  457. 

  458. 		if (!$this->upload->valid_dimensions($this))
    459. 

  459. 		{
    460. 

  460. 			$this->error[] = $user->lang($this->upload->error_prefix . 'WRONG_SIZE',
    461. 

  461. 				$user->lang('PIXELS', (int) $this->upload->min_width),
    462. 

  462. 				$user->lang('PIXELS', (int) $this->upload->min_height),
    463. 

  463. 				$user->lang('PIXELS', (int) $this->upload->max_width),
    464. 

  464. 				$user->lang('PIXELS', (int) $this->upload->max_height),
    465. 

  465. 				$user->lang('PIXELS', (int) $this->width),
    466. 

  466. 				$user->lang('PIXELS', (int) $this->height));
    467. 

  467. 

  468. 			return false;
    469. 

  469. 		}
    470. 

  470. 

  471. 		return true;
    472. 

  472. 	}
    473. 

  473. }
    474. 

  474. 

  475. /**
    476. 

  476. * Class for assigning error messages before a real filespec class can be assigned
    477. 

  477. */
    478. 

  478. class fileerror extends filespec
    479. 

  479. {
    480. 

  480. 	function fileerror($error_msg)
    481. 

  481. 	{
    482. 

  482. 		$this->error[] = $error_msg;
    483. 

  483. 	}
    484. 

  484. }
    485. 

  485. 

  486. /**
    487. 

  487. * File upload class
    488. 

  488. * Init class (all parameters optional and able to be set/overwritten separately) - scope is global and valid for all uploads
    489. 

  489. */
    490. 

  490. class fileupload
    491. 

  491. {
    492. 

  492. 	var $allowed_extensions = array();
    493. 

  493. 	var $disallowed_content = array('body', 'head', 'html', 'img', 'plaintext', 'a href', 'pre', 'script', 'table', 'title');
    494. 

  494. 	var $max_filesize = 0;
    495. 

  495. 	var $min_width = 0;
    496. 

  496. 	var $min_height = 0;
    497. 

  497. 	var $max_width = 0;
    498. 

  498. 	var $max_height = 0;
    499. 

  499. 	var $error_prefix = '';
    500. 

  500. 

  501. 	/** @var int Timeout for remote upload */
    502. 

  502. 	var $upload_timeout = 6;
    503. 

  503. 

  504. 	/**
    505. 

  505. 	* Init file upload class.
    506. 

  506. 	*
    507. 

  507. 	* @param string $error_prefix Used error messages will get prefixed by this string
    508. 

  508. 	* @param array $allowed_extensions Array of allowed extensions, for example array('jpg', 'jpeg', 'gif', 'png')
    509. 

  509. 	* @param int $max_filesize Maximum filesize
    510. 

  510. 	* @param int $min_width Minimum image width (only checked for images)
    511. 

  511. 	* @param int $min_height Minimum image height (only checked for images)
    512. 

  512. 	* @param int $max_width Maximum image width (only checked for images)
    513. 

  513. 	* @param int $max_height Maximum image height (only checked for images)
    514. 

  514. 	* @param bool|array $disallowed_content If enabled, the first 256 bytes of the file must not
    515. 

  515. 	*										contain any of its values. Defaults to false.
    516. 

  516. 	*
    517. 

  517. 	*/
    518. 

  518. 	function fileupload($error_prefix = '', $allowed_extensions = false, $max_filesize = false, $min_width = false, $min_height = false, $max_width = false, $max_height = false, $disallowed_content = false)
    519. 

  519. 	{
    520. 

  520. 		$this->set_allowed_extensions($allowed_extensions);
    521. 

  521. 		$this->set_max_filesize($max_filesize);
    522. 

  522. 		$this->set_allowed_dimensions($min_width, $min_height, $max_width, $max_height);
    523. 

  523. 		$this->set_error_prefix($error_prefix);
    524. 

  524. 		$this->set_disallowed_content($disallowed_content);
    525. 

  525. 	}
    526. 

  526. 

  527. 	/**
    528. 

  528. 	* Reset vars
    529. 

  529. 	*/
    530. 

  530. 	function reset_vars()
    531. 

  531. 	{
    532. 

  532. 		$this->max_filesize = 0;
    533. 

  533. 		$this->min_width = $this->min_height = $this->max_width = $this->max_height = 0;
    534. 

  534. 		$this->error_prefix = '';
    535. 

  535. 		$this->allowed_extensions = array();
    536. 

  536. 		$this->disallowed_content = array();
    537. 

  537. 	}
    538. 

  538. 

  539. 	/**
    540. 

  540. 	* Set allowed extensions
    541. 

  541. 	*/
    542. 

  542. 	function set_allowed_extensions($allowed_extensions)
    543. 

  543. 	{
    544. 

  544. 		if ($allowed_extensions !== false && is_array($allowed_extensions))
    545. 

  545. 		{
    546. 

  546. 			$this->allowed_extensions = $allowed_extensions;
    547. 

  547. 		}
    548. 

  548. 	}
    549. 

  549. 

  550. 	/**
    551. 

  551. 	* Set allowed dimensions
    552. 

  552. 	*/
    553. 

  553. 	function set_allowed_dimensions($min_width, $min_height, $max_width, $max_height)
    554. 

  554. 	{
    555. 

  555. 		$this->min_width = (int) $min_width;
    556. 

  556. 		$this->min_height = (int) $min_height;
    557. 

  557. 		$this->max_width = (int) $max_width;
    558. 

  558. 		$this->max_height = (int) $max_height;
    559. 

  559. 	}
    560. 

  560. 

  561. 	/**
    562. 

  562. 	* Set maximum allowed filesize
    563. 

  563. 	*/
    564. 

  564. 	function set_max_filesize($max_filesize)
    565. 

  565. 	{
    566. 

  566. 		if ($max_filesize !== false && (int) $max_filesize)
    567. 

  567. 		{
    568. 

  568. 			$this->max_filesize = (int) $max_filesize;
    569. 

  569. 		}
    570. 

  570. 	}
    571. 

  571. 

  572. 	/**
    573. 

  573. 	* Set disallowed strings
    574. 

  574. 	*/
    575. 

  575. 	function set_disallowed_content($disallowed_content)
    576. 

  576. 	{
    577. 

  577. 		if ($disallowed_content !== false && is_array($disallowed_content))
    578. 

  578. 		{
    579. 

  579. 			$this->disallowed_content = array_diff($disallowed_content, array(''));
    580. 

  580. 		}
    581. 

  581. 	}
    582. 

  582. 

  583. 	/**
    584. 

  584. 	* Set error prefix
    585. 

  585. 	*/
    586. 

  586. 	function set_error_prefix($error_prefix)
    587. 

  587. 	{
    588. 

  588. 		$this->error_prefix = $error_prefix;
    589. 

  589. 	}
    590. 

  590. 

  591. 	/**
    592. 

  592. 	* Form upload method
    593. 

  593. 	* Upload file from users harddisk
    594. 

  594. 	*
    595. 

  595. 	* @param string $form_name Form name assigned to the file input field (if it is an array, the key has to be specified)
    596. 

  596. 	* @param \phpbb\mimetype\guesser $mimetype_guesser Mimetype guesser
    597. 

  597. 	* @param \phpbb\plupload\plupload $plupload The plupload object
    598. 

  598. 	*
    599. 

  599. 	* @return object $file Object "filespec" is returned, all further operations can be done with this object
    600. 

  600. 	* @access public
    601. 

  601. 	*/
    602. 

  602. 	function form_upload($form_name, \phpbb\mimetype\guesser $mimetype_guesser = null, \phpbb\plupload\plupload $plupload = null)
    603. 

  603. 	{
    604. 

  604. 		global $user, $request;
    605. 

  605. 

  606. 		$upload = $request->file($form_name);
    607. 

  607. 		unset($upload['local_mode']);
    608. 

  608. 

  609. 		if ($plupload)
    610. 

  610. 		{
    611. 

  611. 			$result = $plupload->handle_upload($form_name);
    612. 

  612. 			if (is_array($result))
    613. 

  613. 			{
    614. 

  614. 				$upload = array_merge($upload, $result);
    615. 

  615. 			}
    616. 

  616. 		}
    617. 

  617. 

  618. 		$file = new filespec($upload, $this, $mimetype_guesser, $plupload);
    619. 

  619. 

  620. 		if ($file->init_error)
    621. 

  621. 		{
    622. 

  622. 			$file->error[] = '';
    623. 

  623. 			return $file;
    624. 

  624. 		}
    625. 

  625. 

  626. 		// Error array filled?
    627. 

  627. 		if (isset($upload['error']))
    628. 

  628. 		{
    629. 

  629. 			$error = $this->assign_internal_error($upload['error']);
    630. 

  630. 

  631. 			if ($error !== false)
    632. 

  632. 			{
    633. 

  633. 				$file->error[] = $error;
    634. 

  634. 				return $file;
    635. 

  635. 			}
    636. 

  636. 		}
    637. 

  637. 

  638. 		// Check if empty file got uploaded (not catched by is_uploaded_file)
    639. 

  639. 		if (isset($upload['size']) && $upload['size'] == 0)
    640. 

  640. 		{
    641. 

  641. 			$file->error[] = $user->lang[$this->error_prefix . 'EMPTY_FILEUPLOAD'];
    642. 

  642. 			return $file;
    643. 

  643. 		}
    644. 

  644. 

  645. 		// PHP Upload filesize exceeded
    646. 

  646. 		if ($file->get('filename') == 'none')
    647. 

  647. 		{
    648. 

  648. 			$max_filesize = @ini_get('upload_max_filesize');
    649. 

  649. 			$unit = 'MB';
    650. 

  650. 

  651. 			if (!empty($max_filesize))
    652. 

  652. 			{
    653. 

  653. 				$unit = strtolower(substr($max_filesize, -1, 1));
    654. 

  654. 				$max_filesize = (int) $max_filesize;
    655. 

  655. 

  656. 				$unit = ($unit == 'k') ? 'KB' : (($unit == 'g') ? 'GB' : 'MB');
    657. 

  657. 			}
    658. 

  658. 

  659. 			$file->error[] = (empty($max_filesize)) ? $user->lang[$this->error_prefix . 'PHP_SIZE_NA'] : sprintf($user->lang[$this->error_prefix . 'PHP_SIZE_OVERRUN'], $max_filesize, $user->lang[$unit]);
    660. 

  660. 			return $file;
    661. 

  661. 		}
    662. 

  662. 

  663. 		// Not correctly uploaded
    664. 

  664. 		if (!$file->is_uploaded())
    665. 

  665. 		{
    666. 

  666. 			$file->error[] = $user->lang[$this->error_prefix . 'NOT_UPLOADED'];
    667. 

  667. 			return $file;
    668. 

  668. 		}
    669. 

  669. 

  670. 		$this->common_checks($file);
    671. 

  671. 

  672. 		return $file;
    673. 

  673. 	}
    674. 

  674. 

  675. 	/**
    676. 

  676. 	* Move file from another location to phpBB
    677. 

  677. 	*/
    678. 

  678. 	function local_upload($source_file, $filedata = false, \phpbb\mimetype\guesser $mimetype_guesser = null)
    679. 

  679. 	{
    680. 

  680. 		global $user, $request;
    681. 

  681. 

  682. 		$upload = array();
    683. 

  683. 

  684. 		$upload['local_mode'] = true;
    685. 

  685. 		$upload['tmp_name'] = $source_file;
    686. 

  686. 

  687. 		if ($filedata === false)
    688. 

  688. 		{
    689. 

  689. 			$upload['name'] = utf8_basename($source_file);
    690. 

  690. 			$upload['size'] = 0;
    691. 

  691. 		}
    692. 

  692. 		else
    693. 

  693. 		{
    694. 

  694. 			$upload['name'] = $filedata['realname'];
    695. 

  695. 			$upload['size'] = $filedata['size'];
    696. 

  696. 			$upload['type'] = $filedata['type'];
    697. 

  697. 		}
    698. 

  698. 

  699. 		$file = new filespec($upload, $this, $mimetype_guesser);
    700. 

  700. 

  701. 		if ($file->init_error)
    702. 

  702. 		{
    703. 

  703. 			$file->error[] = '';
    704. 

  704. 			return $file;
    705. 

  705. 		}
    706. 

  706. 

  707. 		if (isset($upload['error']))
    708. 

  708. 		{
    709. 

  709. 			$error = $this->assign_internal_error($upload['error']);
    710. 

  710. 

  711. 			if ($error !== false)
    712. 

  712. 			{
    713. 

  713. 				$file->error[] = $error;
    714. 

  714. 				return $file;
    715. 

  715. 			}
    716. 

  716. 		}
    717. 

  717. 

  718. 		// PHP Upload filesize exceeded
    719. 

  719. 		if ($file->get('filename') == 'none')
    720. 

  720. 		{
    721. 

  721. 			$max_filesize = @ini_get('upload_max_filesize');
    722. 

  722. 			$unit = 'MB';
    723. 

  723. 

  724. 			if (!empty($max_filesize))
    725. 

  725. 			{
    726. 

  726. 				$unit = strtolower(substr($max_filesize, -1, 1));
    727. 

  727. 				$max_filesize = (int) $max_filesize;
    728. 

  728. 

  729. 				$unit = ($unit == 'k') ? 'KB' : (($unit == 'g') ? 'GB' : 'MB');
    730. 

  730. 			}
    731. 

  731. 

  732. 			$file->error[] = (empty($max_filesize)) ? $user->lang[$this->error_prefix . 'PHP_SIZE_NA'] : sprintf($user->lang[$this->error_prefix . 'PHP_SIZE_OVERRUN'], $max_filesize, $user->lang[$unit]);
    733. 

  733. 			return $file;
    734. 

  734. 		}
    735. 

  735. 

  736. 		// Not correctly uploaded
    737. 

  737. 		if (!$file->is_uploaded())
    738. 

  738. 		{
    739. 

  739. 			$file->error[] = $user->lang[$this->error_prefix . 'NOT_UPLOADED'];
    740. 

  740. 			return $file;
    741. 

  741. 		}
    742. 

  742. 

  743. 		$this->common_checks($file);
    744. 

  744. 		$request->overwrite('local', $upload, \phpbb\request\request_interface::FILES);
    745. 

  745. 

  746. 		return $file;
    747. 

  747. 	}
    748. 

  748. 

  749. 	/**
    750. 

  750. 	* Remote upload method
    751. 

  751. 	* Uploads file from given url
    752. 

  752. 	*
    753. 

  753. 	* @param string $upload_url URL pointing to file to upload, for example http://www.foobar.com/example.gif
    754. 

  754. 	* @param \phpbb\mimetype\guesser $mimetype_guesser Mimetype guesser
    755. 

  755. 	* @return object $file Object "filespec" is returned, all further operations can be done with this object
    756. 

  756. 	* @access public
    757. 

  757. 	*/
    758. 

  758. 	function remote_upload($upload_url, \phpbb\mimetype\guesser $mimetype_guesser = null)
    759. 

  759. 	{
    760. 

  760. 		global $user, $phpbb_root_path;
    761. 

  761. 

  762. 		$upload_ary = array();
    763. 

  763. 		$upload_ary['local_mode'] = true;
    764. 

  764. 

  765. 		if (!preg_match('#^(https?://).*?\.(' . implode('|', $this->allowed_extensions) . ')$#i', $upload_url, $match))
    766. 

  766. 		{
    767. 

  767. 			$file = new fileerror($user->lang[$this->error_prefix . 'URL_INVALID']);
    768. 

  768. 			return $file;
    769. 

  769. 		}
    770. 

  770. 

  771. 		if (empty($match[2]))
    772. 

  772. 		{
    773. 

  773. 			$file = new fileerror($user->lang[$this->error_prefix . 'URL_INVALID']);
    774. 

  774. 			return $file;
    775. 

  775. 		}
    776. 

  776. 

  777. 		$url = parse_url($upload_url);
    778. 

  778. 

  779. 		$default_port = 80;
    780. 

  780. 		$hostname = $url['host'];
    781. 

  781. 

  782. 		if ($url['scheme'] == 'https')
    783. 

  783. 		{
    784. 

  784. 			$default_port = 443;
    785. 

  785. 			$hostname = 'tls://' . $url['host'];
    786. 

  786. 		}
    787. 

  787. 

  788. 		$host = $url['host'];
    789. 

  789. 		$path = $url['path'];
    790. 

  790. 		$port = (!empty($url['port'])) ? (int) $url['port'] : $default_port;
    791. 

  791. 

  792. 		$upload_ary['type'] = 'application/octet-stream';
    793. 

  793. 

  794. 		$url['path'] = explode('.', $url['path']);
    795. 

  795. 		$ext = array_pop($url['path']);
    796. 

  796. 

  797. 		$url['path'] = implode('', $url['path']);
    798. 

  798. 		$upload_ary['name'] = utf8_basename($url['path']) . (($ext) ? '.' . $ext : '');
    799. 

  799. 		$filename = $url['path'];
    800. 

  800. 		$filesize = 0;
    801. 

  801. 

  802. 		$remote_max_filesize = $this->max_filesize;
    803. 

  803. 		if (!$remote_max_filesize)
    804. 

  804. 		{
    805. 

  805. 			$max_filesize = @ini_get('upload_max_filesize');
    806. 

  806. 

  807. 			if (!empty($max_filesize))
    808. 

  808. 			{
    809. 

  809. 				$unit = strtolower(substr($max_filesize, -1, 1));
    810. 

  810. 				$remote_max_filesize = (int) $max_filesize;
    811. 

  811. 

  812. 				switch ($unit)
    813. 

  813. 				{
    814. 

  814. 					case 'g':
    815. 

  815. 						$remote_max_filesize *= 1024;
    816. 

  816. 					// no break
    817. 

  817. 					case 'm':
    818. 

  818. 						$remote_max_filesize *= 1024;
    819. 

  819. 					// no break
    820. 

  820. 					case 'k':
    821. 

  821. 						$remote_max_filesize *= 1024;
    822. 

  822. 					// no break
    823. 

  823. 				}
    824. 

  824. 			}
    825. 

  825. 		}
    826. 

  826. 

  827. 		$errno = 0;
    828. 

  828. 		$errstr = '';
    829. 

  829. 

  830. 		if (!($fsock = @fsockopen($hostname, $port, $errno, $errstr)))
    831. 

  831. 		{
    832. 

  832. 			$file = new fileerror($user->lang[$this->error_prefix . 'NOT_UPLOADED']);
    833. 

  833. 			return $file;
    834. 

  834. 		}
    835. 

  835. 

  836. 		// Make sure $path not beginning with /
    837. 

  837. 		if (strpos($path, '/') === 0)
    838. 

  838. 		{
    839. 

  839. 			$path = substr($path, 1);
    840. 

  840. 		}
    841. 

  841. 

  842. 		fputs($fsock, 'GET /' . $path . " HTTP/1.1\r\n");
    843. 

  843. 		fputs($fsock, "HOST: " . $host . "\r\n");
    844. 

  844. 		fputs($fsock, "Connection: close\r\n\r\n");
    845. 

  845. 

  846. 		// Set a proper timeout for the socket
    847. 

  847. 		socket_set_timeout($fsock, $this->upload_timeout);
    848. 

  848. 

  849. 		$get_info = false;
    850. 

  850. 		$data = '';
    851. 

  851. 		$length = false;
    852. 

  852. 		$timer_stop = time() + $this->upload_timeout;
    853. 

  853. 

  854. 		while ((!$length || $filesize < $length) && !@feof($fsock))
    855. 

  855. 		{
    856. 

  856. 			if ($get_info)
    857. 

  857. 			{
    858. 

  858. 				if ($length)
    859. 

  859. 				{
    860. 

  860. 					// Don't attempt to read past end of file if server indicated length
    861. 

  861. 					$block = @fread($fsock, min($length - $filesize, 1024));
    862. 

  862. 				}
    863. 

  863. 				else
    864. 

  864. 				{
    865. 

  865. 					$block = @fread($fsock, 1024);
    866. 

  866. 				}
    867. 

  867. 

  868. 				$filesize += strlen($block);
    869. 

  869. 

  870. 				if ($remote_max_filesize && $filesize > $remote_max_filesize)
    871. 

  871. 				{
    872. 

  872. 					$max_filesize = get_formatted_filesize($remote_max_filesize, false);
    873. 

  873. 

  874. 					$file = new fileerror(sprintf($user->lang[$this->error_prefix . 'WRONG_FILESIZE'], $max_filesize['value'], $max_filesize['unit']));
    875. 

  875. 					return $file;
    876. 

  876. 				}
    877. 

  877. 

  878. 				$data .= $block;
    879. 

  879. 			}
    880. 

  880. 			else
    881. 

  881. 			{
    882. 

  882. 				$line = @fgets($fsock, 1024);
    883. 

  883. 

  884. 				if ($line == "\r\n")
    885. 

  885. 				{
    886. 

  886. 					$get_info = true;
    887. 

  887. 				}
    888. 

  888. 				else
    889. 

  889. 				{
    890. 

  890. 					if (stripos($line, 'content-type: ') !== false)
    891. 

  891. 					{
    892. 

  892. 						$upload_ary['type'] = rtrim(str_replace('content-type: ', '', strtolower($line)));
    893. 

  893. 					}
    894. 

  894. 					else if ($this->max_filesize && stripos($line, 'content-length: ') !== false)
    895. 

  895. 					{
    896. 

  896. 						$length = (int) str_replace('content-length: ', '', strtolower($line));
    897. 

  897. 

  898. 						if ($remote_max_filesize && $length && $length > $remote_max_filesize)
    899. 

  899. 						{
    900. 

  900. 							$max_filesize = get_formatted_filesize($remote_max_filesize, false);
    901. 

  901. 

  902. 							$file = new fileerror(sprintf($user->lang[$this->error_prefix . 'WRONG_FILESIZE'], $max_filesize['value'], $max_filesize['unit']));
    903. 

  903. 							return $file;
    904. 

  904. 						}
    905. 

  905. 					}
    906. 

  906. 					else if (stripos($line, '404 not found') !== false)
    907. 

  907. 					{
    908. 

  908. 						$file = new fileerror($user->lang[$this->error_prefix . 'URL_NOT_FOUND']);
    909. 

  909. 						return $file;
    910. 

  910. 					}
    911. 

  911. 				}
    912. 

  912. 			}
    913. 

  913. 

  914. 			$stream_meta_data = stream_get_meta_data($fsock);
    915. 

  915. 

  916. 			// Cancel upload if we exceed timeout
    917. 

  917. 			if (!empty($stream_meta_data['timed_out']) || time() >= $timer_stop)
    918. 

  918. 			{
    919. 

  919. 				$file = new fileerror($user->lang[$this->error_prefix . 'REMOTE_UPLOAD_TIMEOUT']);
    920. 

  920. 				return $file;
    921. 

  921. 			}
    922. 

  922. 		}
    923. 

  923. 		@fclose($fsock);
    924. 

  924. 

  925. 		if (empty($data))
    926. 

  926. 		{
    927. 

  927. 			$file = new fileerror($user->lang[$this->error_prefix . 'EMPTY_REMOTE_DATA']);
    928. 

  928. 			return $file;
    929. 

  929. 		}
    930. 

  930. 

  931. 		$tmp_path = (!@ini_get('safe_mode') || strtolower(@ini_get('safe_mode')) == 'off') ? sys_get_temp_dir() : $phpbb_root_path . 'cache';
    932. 

  932. 		$filename = tempnam($tmp_path, unique_id() . '-');
    933. 

  933. 

  934. 		if (!($fp = @fopen($filename, 'wb')))
    935. 

  935. 		{
    936. 

  936. 			$file = new fileerror($user->lang[$this->error_prefix . 'NOT_UPLOADED']);
    937. 

  937. 			return $file;
    938. 

  938. 		}
    939. 

  939. 

  940. 		$upload_ary['size'] = fwrite($fp, $data);
    941. 

  941. 		fclose($fp);
    942. 

  942. 		unset($data);
    943. 

  943. 

  944. 		$upload_ary['tmp_name'] = $filename;
    945. 

  945. 

  946. 		$file = new filespec($upload_ary, $this, $mimetype_guesser);
    947. 

  947. 		$this->common_checks($file);
    948. 

  948. 

  949. 		return $file;
    950. 

  950. 	}
    951. 

  951. 

  952. 	/**
    953. 

  953. 	* Assign internal error
    954. 

  954. 	* @access private
    955. 

  955. 	*/
    956. 

  956. 	function assign_internal_error($errorcode)
    957. 

  957. 	{
    958. 

  958. 		global $user;
    959. 

  959. 

  960. 		switch ($errorcode)
    961. 

  961. 		{
    962. 

  962. 			case 1:
    963. 

  963. 				$max_filesize = @ini_get('upload_max_filesize');
    964. 

  964. 				$unit = 'MB';
    965. 

  965. 

  966. 				if (!empty($max_filesize))
    967. 

  967. 				{
    968. 

  968. 					$unit = strtolower(substr($max_filesize, -1, 1));
    969. 

  969. 					$max_filesize = (int) $max_filesize;
    970. 

  970. 

  971. 					$unit = ($unit == 'k') ? 'KB' : (($unit == 'g') ? 'GB' : 'MB');
    972. 

  972. 				}
    973. 

  973. 

  974. 				$error = (empty($max_filesize)) ? $user->lang[$this->error_prefix . 'PHP_SIZE_NA'] : sprintf($user->lang[$this->error_prefix . 'PHP_SIZE_OVERRUN'], $max_filesize, $user->lang[$unit]);
    975. 

  975. 			break;
    976. 

  976. 

  977. 			case 2:
    978. 

  978. 				$max_filesize = get_formatted_filesize($this->max_filesize, false);
    979. 

  979. 

  980. 				$error = sprintf($user->lang[$this->error_prefix . 'WRONG_FILESIZE'], $max_filesize['value'], $max_filesize['unit']);
    981. 

  981. 			break;
    982. 

  982. 

  983. 			case 3:
    984. 

  984. 				$error = $user->lang[$this->error_prefix . 'PARTIAL_UPLOAD'];
    985. 

  985. 			break;
    986. 

  986. 

  987. 			case 4:
    988. 

  988. 				$error = $user->lang[$this->error_prefix . 'NOT_UPLOADED'];
    989. 

  989. 			break;
    990. 

  990. 

  991. 			case 6:
    992. 

  992. 				$error = 'Temporary folder could not be found. Please check your PHP installation.';
    993. 

  993. 			break;
    994. 

  994. 

  995. 			default:
    996. 

  996. 				$error = false;
    997. 

  997. 			break;
    998. 

  998. 		}
    999. 

  999. 

  1000. 		return $error;
    1001. 

  1001. 	}
    1002. 

  1002. 

  1003. 	/**
    1004. 

  1004. 	* Perform common checks
    1005. 

  1005. 	*/
    1006. 

  1006. 	function common_checks(&$file)
    1007. 

  1007. 	{
    1008. 

  1008. 		global $user;
    1009. 

  1009. 

  1010. 		// Filesize is too big or it's 0 if it was larger than the maxsize in the upload form
    1011. 

  1011. 		if ($this->max_filesize && ($file->get('filesize') > $this->max_filesize || $file->get('filesize') == 0))
    1012. 

  1012. 		{
    1013. 

  1013. 			$max_filesize = get_formatted_filesize($this->max_filesize, false);
    1014. 

  1014. 

  1015. 			$file->error[] = sprintf($user->lang[$this->error_prefix . 'WRONG_FILESIZE'], $max_filesize['value'], $max_filesize['unit']);
    1016. 

  1016. 		}
    1017. 

  1017. 

  1018. 		// check Filename
    1019. 

  1019. 		if (preg_match("#[\\/:*?\"<>|]#i", $file->get('realname')))
    1020. 

  1020. 		{
    1021. 

  1021. 			$file->error[] = sprintf($user->lang[$this->error_prefix . 'INVALID_FILENAME'], $file->get('realname'));
    1022. 

  1022. 		}
    1023. 

  1023. 

  1024. 		// Invalid Extension
    1025. 

  1025. 		if (!$this->valid_extension($file))
    1026. 

  1026. 		{
    1027. 

  1027. 			$file->error[] = sprintf($user->lang[$this->error_prefix . 'DISALLOWED_EXTENSION'], $file->get('extension'));
    1028. 

  1028. 		}
    1029. 

  1029. 

  1030. 		// MIME Sniffing
    1031. 

  1031. 		if (!$this->valid_content($file))
    1032. 

  1032. 		{
    1033. 

  1033. 			$file->error[] = sprintf($user->lang[$this->error_prefix . 'DISALLOWED_CONTENT']);
    1034. 

  1034. 		}
    1035. 

  1035. 	}
    1036. 

  1036. 

  1037. 	/**
    1038. 

  1038. 	* Check for allowed extension
    1039. 

  1039. 	*/
    1040. 

  1040. 	function valid_extension(&$file)
    1041. 

  1041. 	{
    1042. 

  1042. 		return (in_array($file->get('extension'), $this->allowed_extensions)) ? true : false;
    1043. 

  1043. 	}
    1044. 

  1044. 

  1045. 	/**
    1046. 

  1046. 	* Check for allowed dimension
    1047. 

  1047. 	*/
    1048. 

  1048. 	function valid_dimensions(&$file)
    1049. 

  1049. 	{
    1050. 

  1050. 		if (!$this->max_width && !$this->max_height && !$this->min_width && !$this->min_height)
    1051. 

  1051. 		{
    1052. 

  1052. 			return true;
    1053. 

  1053. 		}
    1054. 

  1054. 

  1055. 		if (($file->get('width') > $this->max_width && $this->max_width) ||
    1056. 

  1056. 			($file->get('height') > $this->max_height && $this->max_height) ||
    1057. 

  1057. 			($file->get('width') < $this->min_width && $this->min_width) ||
    1058. 

  1058. 			($file->get('height') < $this->min_height && $this->min_height))
    1059. 

  1059. 		{
    1060. 

  1060. 			return false;
    1061. 

  1061. 		}
    1062. 

  1062. 

  1063. 		return true;
    1064. 

  1064. 	}
    1065. 

  1065. 

  1066. 	/**
    1067. 

  1067. 	* Check if form upload is valid
    1068. 

  1068. 	*/
    1069. 

  1069. 	function is_valid($form_name)
    1070. 

  1070. 	{
    1071. 

  1071. 		global $request;
    1072. 

  1072. 		$upload = $request->file($form_name);
    1073. 

  1073. 

  1074. 		return (!empty($upload) && $upload['name'] !== 'none');
    1075. 

  1075. 	}
    1076. 

  1076. 

  1077. 

  1078. 	/**
    1079. 

  1079. 	* Check for bad content (IE mime-sniffing)
    1080. 

  1080. 	*/
    1081. 

  1081. 	function valid_content(&$file)
    1082. 

  1082. 	{
    1083. 

  1083. 		return ($file->check_content($this->disallowed_content));
    1084. 

  1084. 	}
    1085. 

  1085. 

  1086. 	/**
    1087. 

  1087. 	* Get image type/extension mapping
    1088. 

  1088. 	*
    1089. 

  1089. 	* @return array Array containing the image types and their extensions
    1090. 

  1090. 	*/
    1091. 

  1091. 	static public function image_types()
    1092. 

  1092. 	{
    1093. 

  1093. 		$result = array(
    1094. 

  1094. 			IMAGETYPE_GIF		=> array('gif'),
    1095. 

  1095. 			IMAGETYPE_JPEG		=> array('jpg', 'jpeg'),
    1096. 

  1096. 			IMAGETYPE_PNG		=> array('png'),
    1097. 

  1097. 			IMAGETYPE_SWF		=> array('swf'),
    1098. 

  1098. 			IMAGETYPE_PSD		=> array('psd'),
    1099. 

  1099. 			IMAGETYPE_BMP		=> array('bmp'),
    1100. 

  1100. 			IMAGETYPE_TIFF_II	=> array('tif', 'tiff'),
    1101. 

  1101. 			IMAGETYPE_TIFF_MM	=> array('tif', 'tiff'),
    1102. 

  1102. 			IMAGETYPE_JPC		=> array('jpg', 'jpeg'),
    1103. 

  1103. 			IMAGETYPE_JP2		=> array('jpg', 'jpeg'),
    1104. 

  1104. 			IMAGETYPE_JPX		=> array('jpg', 'jpeg'),
    1105. 

  1105. 			IMAGETYPE_JB2		=> array('jpg', 'jpeg'),
    1106. 

  1106. 			IMAGETYPE_IFF		=> array('iff'),
    1107. 

  1107. 			IMAGETYPE_WBMP		=> array('wbmp'),
    1108. 

  1108. 			IMAGETYPE_XBM		=> array('xbm'),
    1109. 

  1109. 		);
    1110. 

  1110. 

  1111. 		if (defined('IMAGETYPE_SWC'))
    1112. 

  1112. 		{
    1113. 

  1113. 			$result[IMAGETYPE_SWC] = array('swc');
    1114. 

  1114. 		}
    1115. 

  1115. 

  1116. 		return $result;
    1117. 

  1117. 	}
    1118. 

  1118. }
    1119. 

  1119.