/includes/classes/upload.php

https://github.com/yama/zencart-sugu · PHP · 215 lines · 166 code · 29 blank · 20 comment · 56 complexity · 15a4020c9e0cbf4426e47349454647e7 MD5 · raw file 

    

  1. <?php

    2. 

  2. /**

    3. 

  3.  * upload Class.

    4. 

  4.  *

    5. 

  5.  * @package classes

    6. 

  6.  * @copyright Copyright 2003-2006 Zen Cart Development Team

    7. 

  7.  * @copyright Portions Copyright 2003 osCommerce

    8. 

  8.  * @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0

    9. 

  9.  * @version $Id: upload.php 3041 2006-02-15 21:56:45Z wilt $

    10. 

  10.  */

    11. 

  11. if (!defined('IS_ADMIN_FLAG')) {

    12. 

  12.   die('Illegal Access');

    13. 

  13. }

    14. 

  14. /**

    15. 

  15.  * upload Class.

    16. 

  16.  * This class is used to manage file uploads

    17. 

  17.  *

    18. 

  18.  * @package classes

    19. 

  19.  */

    20. 

  20. class upload extends base {

    21. 

  21.   var $file, $filename, $destination, $permissions, $extensions, $tmp_filename, $message_location;

    22. 

  22. 

    23. 

  23.   function upload($file = '', $destination = '', $permissions = '666', $extensions = array() ) {

    24. 

  24.     $this->set_file($file);

    25. 

  25.     $this->set_destination($destination);

    26. 

  26.     $this->set_permissions($permissions);

    27. 

  27. 

    28. 

  28.     if (!zen_not_null($extensions)) {

    29. 

  29.       if (!defined(UPLOAD_FILENAME_EXTENSIONS)) define ('UPLOAD_FILENAME_EXTENSIONS','jpg,jpeg,gif,png,eps,cdr,ai,pdf,tif,tiff,bmp,zip');

    30. 

  30.       $extensions=explode(" ",preg_replace('/[.,;\s]+/',' ',UPLOAD_FILENAME_EXTENSIONS));

    31. 

  31.     }

    32. 

  32.     $this->set_extensions($extensions);

    33. 

  33. 

    34. 

  34.     $this->set_output_messages('direct');

    35. 

  35. 

    36. 

  36.     if (zen_not_null($this->file) && zen_not_null($this->destination)) {

    37. 

  37.       $this->set_output_messages('session');

    38. 

  38. 

    39. 

  39.       if ( ($this->parse() == true) && ($this->save() == true) ) {

    40. 

  40.         return true;

    41. 

  41.       } else {

    42. 

  42.         // self destruct

    43. 

  43.         while(list($key,) = each($this)) {

    44. 

  44.           $this->$key = null;

    45. 

  45.         }

    46. 

  46. 

    47. 

  47.         return false;

    48. 

  48.       }

    49. 

  49.     }

    50. 

  50.   }

    51. 

  51. 

    52. 

  52.   // iii Added: $key to differentiate between different files uploaded

    53. 

  53.   function parse($key = '') {

    54. 

  54.     global $messageStack;

    55. 

  55. 

    56. 

  56.     if (isset($_FILES[$this->file])) {

    57. 

  57.       if (zen_not_null($key)) {

    58. 

  58.         $file = array('name' => $_FILES[$this->file]['name'][$key],

    59. 

  59.         'type' => $_FILES[$this->file]['type'][$key],

    60. 

  60.         'size' => $_FILES[$this->file]['size'][$key],

    61. 

  61.         'tmp_name' => $_FILES[$this->file]['tmp_name'][$key]);

    62. 

  62.       } else {

    63. 

  63.         $file = array('name' => $_FILES[$this->file]['name'],

    64. 

  64.         'type' => $_FILES[$this->file]['type'],

    65. 

  65.         'size' => $_FILES[$this->file]['size'],

    66. 

  66.         'tmp_name' => $_FILES[$this->file]['tmp_name']);

    67. 

  67.       }

    68. 

  68.     } elseif (isset($GLOBALS['HTTP_POST_FILES'][$this->file])) {

    69. 

  69.       global $HTTP_POST_FILES;

    70. 

  70. 

    71. 

  71.       $file = array('name' => $HTTP_POST_FILES[$this->file]['name'],

    72. 

  72.       'type' => $HTTP_POST_FILES[$this->file]['type'],

    73. 

  73.       'size' => $HTTP_POST_FILES[$this->file]['size'],

    74. 

  74.       'tmp_name' => $HTTP_POST_FILES[$this->file]['tmp_name']);

    75. 

  75.     } else {

    76. 

  76.       $file = array('name' => (isset($GLOBALS[$this->file . '_name']) ? $GLOBALS[$this->file . '_name'] : ''),

    77. 

  77.       'type' => (isset($GLOBALS[$this->file . '_type']) ? $GLOBALS[$this->file . '_type'] : ''),

    78. 

  78.       'size' => (isset($GLOBALS[$this->file . '_size']) ? $GLOBALS[$this->file . '_size'] : ''),

    79. 

  79.       'tmp_name' => (isset($GLOBALS[$this->file]) ? $GLOBALS[$this->file] : ''));

    80. 

  80.     }

    81. 

  81.     //if (!zen_not_null($file['tmp_name'])) return false;

    82. 

  82.     //if ($file['tmp_name'] == 'none') return false;

    83. 

  83.     //if (!is_uploaded_file($file['tmp_name'])) return false;

    84. 

  84. 

    85. 

  85.     if ( zen_not_null($file['tmp_name']) && ($file['tmp_name'] != 'none') && is_uploaded_file($file['tmp_name']) ) {

    86. 

  86.       if (zen_not_null($file['size']) and ($file['size'] > MAX_FILE_UPLOAD_SIZE)) {

    87. 

  87.         if ($this->message_location == 'direct') {

    88. 

  88.           $messageStack->add('header', ERROR_FILE_TOO_BIG, 'error');

    89. 

  89.         } else {

    90. 

  90.           $messageStack->add_session('upload', ERROR_FILE_TOO_BIG, 'error');

    91. 

  91.         }

    92. 

  92.         return false;

    93. 

  93.       }

    94. 

  94. 

    95. 

  95.       if (sizeof($this->extensions) > 0) {

    96. 

  96.         if (!in_array(strtolower(substr($file['name'], strrpos($file['name'], '.')+1)), $this->extensions)) {

    97. 

  97.           if ($this->message_location == 'direct') {

    98. 

  98.             $messageStack->add('header', ERROR_FILETYPE_NOT_ALLOWED . ' ' . UPLOAD_FILENAME_EXTENSIONS, 'error');

    99. 

  99.           } else {

    100. 

  100.             $messageStack->add_session('upload', ERROR_FILETYPE_NOT_ALLOWED . ' - ' . UPLOAD_FILENAME_EXTENSIONS, 'error');

    101. 

  101.           }

    102. 

  102.           return false;

    103. 

  103.         }

    104. 

  104.       }

    105. 

  105. 

    106. 

  106.       $this->set_file($file);

    107. 

  107.       $this->set_filename($file['name']);

    108. 

  108.       $this->set_tmp_filename($file['tmp_name']);

    109. 

  109. 

    110. 

  110.       return $this->check_destination();

    111. 

  111.     } else {

    112. 

  112.       if ($this->message_location == 'direct') {

    113. 

  113.         $messageStack->add('header', WARNING_NO_FILE_UPLOADED, 'warning');

    114. 

  114.       } else {

    115. 

  115.         $messageStack->add_session('upload', WARNING_NO_FILE_UPLOADED, 'warning');

    116. 

  116.       }

    117. 

  117.       return false;

    118. 

  118.     }

    119. 

  119.   }

    120. 

  120. 

    121. 

  121.   function save() {

    122. 

  122.     global $messageStack;

    123. 

  123. 

    124. 

  124.     if (substr($this->destination, -1) != '/') $this->destination .= '/';

    125. 

  125. 

    126. 

  126.     if (move_uploaded_file($this->file['tmp_name'], $this->destination . $this->filename)) {

    127. 

  127.       chmod($this->destination . $this->filename, $this->permissions);

    128. 

  128. 

    129. 

  129.       if ($this->message_location == 'direct') {

    130. 

  130.         $messageStack->add('header', SUCCESS_FILE_SAVED_SUCCESSFULLY, 'success');

    131. 

  131.       } else {

    132. 

  132.         $messageStack->add_session('upload', SUCCESS_FILE_SAVED_SUCCESSFULLY, 'success');

    133. 

  133.       }

    134. 

  134. 

    135. 

  135.       return true;

    136. 

  136.     } else {

    137. 

  137.       if ($this->message_location == 'direct') {

    138. 

  138.         $messageStack->add('header', ERROR_FILE_NOT_SAVED, 'error');

    139. 

  139.       } else {

    140. 

  140.         $messageStack->add_session('upload', ERROR_FILE_NOT_SAVED, 'error');

    141. 

  141.       }

    142. 

  142. 

    143. 

  143.       return false;

    144. 

  144.     }

    145. 

  145.   }

    146. 

  146. 

    147. 

  147.   function set_file($file) {

    148. 

  148.     $this->file = $file;

    149. 

  149.   }

    150. 

  150. 

    151. 

  151.   function set_destination($destination) {

    152. 

  152.     $this->destination = $destination;

    153. 

  153.   }

    154. 

  154. 

    155. 

  155.   function set_permissions($permissions) {

    156. 

  156.     $this->permissions = octdec($permissions);

    157. 

  157.   }

    158. 

  158. 

    159. 

  159.   function set_filename($filename) {

    160. 

  160.     $this->filename = $filename;

    161. 

  161.   }

    162. 

  162. 

    163. 

  163.   function set_tmp_filename($filename) {

    164. 

  164.     $this->tmp_filename = $filename;

    165. 

  165.   }

    166. 

  166. 

    167. 

  167.   function set_extensions($extensions) {

    168. 

  168.     if (zen_not_null($extensions)) {

    169. 

  169.       if (is_array($extensions)) {

    170. 

  170.         $this->extensions = $extensions;

    171. 

  171.       } else {

    172. 

  172.         $this->extensions = array($extensions);

    173. 

  173.       }

    174. 

  174.     } else {

    175. 

  175.       $this->extensions = array();

    176. 

  176.     }

    177. 

  177.   }

    178. 

  178. 

    179. 

  179.   function check_destination() {

    180. 

  180.     global $messageStack;

    181. 

  181. 

    182. 

  182.     if (!is_writeable($this->destination)) {

    183. 

  183.       if (is_dir($this->destination)) {

    184. 

  184.         if ($this->message_location == 'direct') {

    185. 

  185.           $messageStack->add('header', sprintf(ERROR_DESTINATION_NOT_WRITEABLE, $this->destination), 'error');

    186. 

  186.         } else {

    187. 

  187.           $messageStack->add_session('upload', sprintf(ERROR_DESTINATION_NOT_WRITEABLE, $this->destination), 'error');

    188. 

  188.         }

    189. 

  189.       } else {

    190. 

  190.         if ($this->message_location == 'direct') {

    191. 

  191.           $messageStack->add('header', sprintf(ERROR_DESTINATION_DOES_NOT_EXIST, $this->destination), 'error');

    192. 

  192.         } else {

    193. 

  193.           $messageStack->add_session('upload', sprintf(ERROR_DESTINATION_DOES_NOT_EXIST, $this->destination), 'error');

    194. 

  194.         }

    195. 

  195.       }

    196. 

  196. 

    197. 

  197.       return false;

    198. 

  198.     } else {

    199. 

  199.       return true;

    200. 

  200.     }

    201. 

  201.   }

    202. 

  202. 

    203. 

  203.   function set_output_messages($location) {

    204. 

  204.     switch ($location) {

    205. 

  205.       case 'session':

    206. 

  206.       $this->message_location = 'session';

    207. 

  207.       break;

    208. 

  208.       case 'direct':

    209. 

  209.       default:

    210. 

  210.       $this->message_location = 'direct';

    211. 

  211.       break;

    212. 

  212.     }

    213. 

  213.   }

    214. 

  214. }

    215. 

  215. ?>
    216.