| 1 |  |  | <?php | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 2 |  |  | // $Id: uploader.php 507 2006-05-26 23:39:35Z skalpa $ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 3 |  |  | //  ------------------------------------------------------------------------ // | 
            
                                                                                                            
                            
            
                                    
            
            
                | 4 |  |  | //                XOOPS - PHP Content Management System                      // | 
            
                                                                                                            
                            
            
                                    
            
            
                | 5 |  |  | //                    Copyright (c) 2000 XOOPS.org                           // | 
            
                                                                                                            
                            
            
                                    
            
            
                | 6 |  |  | //                       <http://www.xoops.org/>                             // | 
            
                                                                                                            
                            
            
                                    
            
            
                | 7 |  |  | //  ------------------------------------------------------------------------ // | 
            
                                                                                                            
                            
            
                                    
            
            
                | 8 |  |  | //  This program is free software; you can redistribute it and/or modify     // | 
            
                                                                                                            
                            
            
                                    
            
            
                | 9 |  |  | //  it under the terms of the GNU General Public License as published by     // | 
            
                                                                                                            
                            
            
                                    
            
            
                | 10 |  |  | //  the Free Software Foundation; either version 2 of the License, or        // | 
            
                                                                                                            
                            
            
                                    
            
            
                | 11 |  |  | //  (at your option) any later version.                                      // | 
            
                                                                                                            
                            
            
                                    
            
            
                | 12 |  |  | //                                                                           // | 
            
                                                                                                            
                            
            
                                    
            
            
                | 13 |  |  | //  You may not change or alter any portion of this comment or credits       // | 
            
                                                                                                            
                            
            
                                    
            
            
                | 14 |  |  | //  of supporting developers from this source code or any supporting         // | 
            
                                                                                                            
                            
            
                                    
            
            
                | 15 |  |  | //  source code which is considered copyrighted (c) material of the          // | 
            
                                                                                                            
                            
            
                                    
            
            
                | 16 |  |  | //  original comment or credit authors.                                      // | 
            
                                                                                                            
                            
            
                                    
            
            
                | 17 |  |  | //                                                                           // | 
            
                                                                                                            
                            
            
                                    
            
            
                | 18 |  |  | //  This program is distributed in the hope that it will be useful,          // | 
            
                                                                                                            
                            
            
                                    
            
            
                | 19 |  |  | //  but WITHOUT ANY WARRANTY; without even the implied warranty of           // | 
            
                                                                                                            
                            
            
                                    
            
            
                | 20 |  |  | //  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the            // | 
            
                                                                                                            
                            
            
                                    
            
            
                | 21 |  |  | //  GNU General Public License for more details.                             // | 
            
                                                                                                            
                            
            
                                    
            
            
                | 22 |  |  | //                                                                           // | 
            
                                                                                                            
                            
            
                                    
            
            
                | 23 |  |  | //  You should have received a copy of the GNU General Public License        // | 
            
                                                                                                            
                            
            
                                    
            
            
                | 24 |  |  | //  along with this program; if not, write to the Free Software              // | 
            
                                                                                                            
                            
            
                                    
            
            
                | 25 |  |  | //  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA // | 
            
                                                                                                            
                            
            
                                    
            
            
                | 26 |  |  | //  ------------------------------------------------------------------------ // | 
            
                                                                                                            
                            
            
                                    
            
            
                | 27 |  |  | // Author: Kazumi Ono (AKA onokazu)                                          // | 
            
                                                                                                            
                            
            
                                    
            
            
                | 28 |  |  | // URL: http://www.myweb.ne.jp/, http://www.xoops.org/, http://jp.xoops.org/ // | 
            
                                                                                                            
                            
            
                                    
            
            
                | 29 |  |  | // Project: The XOOPS Project                                                // | 
            
                                                                                                            
                            
            
                                    
            
            
                | 30 |  |  | // ------------------------------------------------------------------------- // | 
            
                                                                                                            
                            
            
                                    
            
            
                | 31 |  |  | /** | 
            
                                                                                                            
                            
            
                                    
            
            
                | 32 |  |  |  * Upload Media files | 
            
                                                                                                            
                            
            
                                    
            
            
                | 33 |  |  |  * | 
            
                                                                                                            
                            
            
                                    
            
            
                | 34 |  |  |  * Example of usage: | 
            
                                                                                                            
                            
            
                                    
            
            
                | 35 |  |  |  * <code> | 
            
                                                                                                            
                            
            
                                    
            
            
                | 36 |  |  |  * include_once 'uploader.php'; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 37 |  |  |  * $allowed_mimetypes = array('image/gif', 'image/jpeg', 'image/pjpeg', 'image/x-png'); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 38 |  |  |  * $maxfilesize = 50000; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 39 |  |  |  * $maxfilewidth = 120; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 40 |  |  |  * $maxfileheight = 120; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 41 |  |  |  * $uploader = new XoopsMediaUploader('/home/xoops/uploads', $allowed_mimetypes, $maxfilesize, $maxfilewidth, $maxfileheight); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 42 |  |  |  * if ($uploader->fetchMedia($_POST['uploade_file_name'])) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 43 |  |  |  *   if (!$uploader->upload()) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 44 |  |  |  *      echo $uploader->getErrors(); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 45 |  |  |  *   } else { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 46 |  |  |  *      echo '<h4>File uploaded successfully!</h4>' | 
            
                                                                                                            
                            
            
                                    
            
            
                | 47 |  |  |  *      echo 'Saved as: ' . $uploader->getSavedFileName() . '<br />'; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 48 |  |  |  *      echo 'Full path: ' . $uploader->getSavedDestination(); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 49 |  |  |  *   } | 
            
                                                                                                            
                            
            
                                    
            
            
                | 50 |  |  |  * } else { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 51 |  |  |  *   echo $uploader->getErrors(); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 52 |  |  |  * } | 
            
                                                                                                            
                            
            
                                    
            
            
                | 53 |  |  |  * </code> | 
            
                                                                                                            
                            
            
                                    
            
            
                | 54 |  |  |  * | 
            
                                                                                                            
                            
            
                                    
            
            
                | 55 |  |  |  * @package        kernel | 
            
                                                                                                            
                            
            
                                    
            
            
                | 56 |  |  |  * @subpackage    core | 
            
                                                                                                            
                            
            
                                    
            
            
                | 57 |  |  |  * | 
            
                                                                                                            
                            
            
                                    
            
            
                | 58 |  |  |  * @author        Kazumi Ono     <[email protected]> | 
            
                                                                                                            
                            
            
                                    
            
            
                | 59 |  |  |  * @copyright    (c) 2000-2003 The Xoops Project - www.xoops.org | 
            
                                                                                                            
                            
            
                                    
            
            
                | 60 |  |  | */ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 61 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 62 |  |  | if ( file_exists(XOOPS_ROOT_PATH . '/language/' . $GLOBALS['xoopsConfig']['language'] . '/uploader_error.php') ) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 63 |  |  | 	include_once XOOPS_ROOT_PATH . '/language/' . $GLOBALS['xoopsConfig']['language'] . '/uploader_error.php'; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 64 |  |  | } else { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 65 |  |  | 	include_once XOOPS_ROOT_PATH . '/language/english/uploader_error.php'; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 66 |  |  | } | 
            
                                                                                                            
                            
            
                                    
            
            
                | 67 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 68 |  |  | define('_XI_MIMETYPE', 1); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 69 |  |  | class XoopsMediaUploader { | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 70 |  |  | 	/** | 
            
                                                                                                            
                            
            
                                    
            
            
                | 71 |  |  | 	* Flag indicating if unrecognized mimetypes should be allowed (use with precaution ! may lead to security issues ) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 72 |  |  | 	**/ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 73 |  |  | 	var $allowUnknownTypes = false; | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 74 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 75 |  |  | 	var $mediaName; | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 76 |  |  | 	var $mediaType; | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 77 |  |  | 	var $mediaSize; | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 78 |  |  | 	var $mediaTmpName; | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 79 |  |  | 	var $mediaError; | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 80 |  |  | 	var $mediaRealType = ''; | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 81 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 82 |  |  | 	var $uploadDir = ''; | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 83 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 84 |  |  | 	var $allowedMimeTypes = array(); | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 85 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 86 |  |  | 	var $maxFileSize = 0; | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 87 |  |  | 	var $maxWidth; | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 88 |  |  | 	var $maxHeight; | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 89 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 90 |  |  | 	var $targetFileName; | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 91 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 92 |  |  | 	var $prefix; | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 93 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 94 |  |  | 	var $errors = array(); | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 95 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 96 |  |  | 	var $savedDestination; | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 97 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 98 |  |  | 	var $savedFileName; | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 99 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 100 |  |  | 	var $extensionToMime = array(); | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 101 |  |  | 	var $checkImageType = true; | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 102 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 103 |  |  | 	var $extensionsToBeSanitized = array( 'php' , 'phtml' , 'phtm' , 'php3' , 'php4' , 'cgi' , 'pl' , 'asp', 'php5' ); | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 104 |  |  | 	// extensions needed image check (anti-IE Content-Type XSS) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 105 |  |  | 	var $imageExtensions = array( 1 => 'gif', 2 => 'jpg', 3 => 'png', 4 => 'swf', 5 => 'psd', 6 => 'bmp', 7 => 'tif', 8 => 'tif', 9 => 'jpc', 10 => 'jp2', 11 => 'jpx', 12 => 'jb2', 13 => 'swc', 14 => 'iff', 15 => 'wbmp', 16 => 'xbm' ); | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 106 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 107 |  |  | 	/** | 
            
                                                                                                            
                            
            
                                    
            
            
                | 108 |  |  | 	* Constructor | 
            
                                                                                                            
                            
            
                                    
            
            
                | 109 |  |  | 	* | 
            
                                                                                                            
                            
            
                                    
            
            
                | 110 |  |  | 	* @param   string  $uploadDir | 
            
                                                                                                            
                            
            
                                    
            
            
                | 111 |  |  | 	* @param   array   $allowedMimeTypes | 
            
                                                                                                            
                            
            
                                    
            
            
                | 112 |  |  | 	* @param   int$maxFileSize | 
            
                                                                                                            
                            
            
                                    
            
            
                | 113 |  |  | 	* @param   int$maxWidth | 
            
                                                                                                            
                            
            
                                    
            
            
                | 114 |  |  | 	* @param   int$maxHeight | 
            
                                                                                                            
                            
            
                                    
            
            
                | 115 |  |  | 	* @param   int$cmodvalue | 
            
                                                                                                            
                            
            
                                    
            
            
                | 116 |  |  | 	**/ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 117 |  |  | 	function XoopsMediaUploader($uploadDir, $allowedMimeTypes, $maxFileSize=0, $maxWidth=null, $maxHeight=null) { | 
                            
                    |  |  |  | 
                                                                                        
                                                                                            
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 118 |  |  | /* | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 119 |  |  | 		@$this->extensionToMime = include( XOOPS_ROOT_PATH . '/class/mimetypes.inc.php' ); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 120 |  |  | 		if ( !is_array( $this->extensionToMime ) ) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 121 |  |  | 			$this->extensionToMime = array(); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 122 |  |  | 			return false; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 123 |  |  | 		} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 124 |  |  | 		if (is_array($allowedMimeTypes)) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 125 |  |  | 			$this->allowedMimeTypes =& $allowedMimeTypes; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 126 |  |  | 		} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 127 |  |  | 		$this->uploadDir = $uploadDir; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 128 |  |  | 		$this->maxFileSize = intval($maxFileSize); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 129 |  |  | 		if(isset($maxWidth)) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 130 |  |  | 			$this->maxWidth = intval($maxWidth); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 131 |  |  | 		} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 132 |  |  | 		if(isset($maxHeight)) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 133 |  |  | 			$this->maxHeight = intval($maxHeight); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 134 |  |  | 		} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 135 |  |  | */ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 136 |  |  | 		if (is_array($allowedMimeTypes)) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 137 |  |  | 			$this->allowedMimeTypes =& $allowedMimeTypes; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 138 |  |  | 		} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 139 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 140 |  |  | 		$this->uploadDir = $uploadDir; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 141 |  |  | 		$this->maxFileSize = intval($maxFileSize); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 142 |  |  | 		$this->maxWidth = intval($maxWidth); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 143 |  |  | 		$this->maxHeight = intval($maxHeight); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 144 |  |  | 		$this->GetextensionToMime(); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 145 |  |  | 	} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 146 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 147 |  |  | 	/** | 
            
                                                                                                            
                            
            
                                    
            
            
                | 148 |  |  | 	* Fetch the uploaded file | 
            
                                                                                                            
                            
            
                                    
            
            
                | 149 |  |  | 	* | 
            
                                                                                                            
                            
            
                                    
            
            
                | 150 |  |  | 	* @param   string  $media_name Name of the file field | 
            
                                                                                                            
                            
            
                                    
            
            
                | 151 |  |  | 	* @param   int$index Index of the file (if more than one uploaded under that name) | 
            
                                                                                                            
                            
            
                                    
            
            
                | 152 |  |  | 	* @return  bool | 
            
                                                                                                            
                            
            
                                    
            
            
                | 153 |  |  | 	**/ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 154 |  |  | 	function fetchMedia($media_name, $index = null) { | 
                            
                    |  |  |  | 
                                                                                        
                                                                                            
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 155 |  |  | /* | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 156 |  |  | 		if ( empty( $this->extensionToMime ) ) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 157 |  |  | */ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 158 |  |  | 		if ( count( $this->extensionToMime ) == 0 ) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 159 |  |  | 			$this->setErrors( _ER_UP_MIMETYPELOAD ); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 160 |  |  | 		return false; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 161 |  |  | 	} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 162 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 163 |  |  | 	if (!isset($_FILES[$media_name])) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 164 |  |  | 		$this->setErrors( _ER_UP_FILENOTFOUND ); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 165 |  |  | 		return false; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 166 |  |  | 	} elseif (is_array($_FILES[$media_name]['name']) && isset($index)) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 167 |  |  | 		$index = intval($index); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 168 |  |  | 		$this->mediaName = (get_magic_quotes_gpc()) ? stripslashes($_FILES[$media_name]['name'][$index]) : $_FILES[$media_name]['name'][$index]; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 169 |  |  | 		$this->mediaType = $_FILES[$media_name]['type'][$index]; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 170 |  |  | 		$this->mediaSize = $_FILES[$media_name]['size'][$index]; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 171 |  |  | 		$this->mediaTmpName = $_FILES[$media_name]['tmp_name'][$index]; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 172 |  |  | 		$this->mediaError = !empty($_FILES[$media_name]['error'][$index]) ? $_FILES[$media_name]['error'][$index] : 0; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 173 |  |  | 	} else { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 174 |  |  | 		$media_name =& $_FILES[$media_name]; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 175 |  |  | 		$this->mediaName = (get_magic_quotes_gpc()) ? stripslashes($media_name['name']) : $media_name['name']; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 176 |  |  | 		$this->mediaName = $media_name['name']; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 177 |  |  | 		$this->mediaType = $media_name['type']; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 178 |  |  | 		$this->mediaSize = $media_name['size']; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 179 |  |  | 		$this->mediaTmpName = $media_name['tmp_name']; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 180 |  |  | 		$this->mediaError = !empty($media_name['error']) ? $media_name['error'] : 0; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 181 |  |  | 	} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 182 |  |  | /* | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 183 |  |  | 	if ( ($ext = strrpos( $this->mediaName, '.' )) !== false ) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 184 |  |  | 		$ext = strtolower(substr( $this->mediaName, $ext + 1 )); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 185 |  |  | 		if ( isset( $this->extensionToMime[$ext] ) ) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 186 |  |  | 			$this->mediaRealType = $this->extensionToMime[$ext]; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 187 |  |  | 			//trigger_error( "XoopsMediaUploader: Set mediaRealType to {$this->mediaRealType} (file extension is $ext)", E_USER_NOTICE ); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 188 |  |  | 		} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 189 |  |  | 	} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 190 |  |  | */ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 191 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 192 |  |  | 	$this->mediaExt = strtolower(substr( $this->mediaName, strrpos( $this->mediaName, '.' ) + 1 )); | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 193 |  |  | 	if ( array_key_exists($this->mediaExt, $this->extensionToMime) ) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 194 |  |  | 		$this->maxFileSize = $this->extensionToMime[$this->mediaExt]['maxSize']; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 195 |  |  | 		$this->maxWidth = $this->extensionToMime[$this->mediaExt]['maxWidth']; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 196 |  |  | 		$this->maxHeight = $this->extensionToMime[$this->mediaExt]['maxHeight']; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 197 |  |  | 	} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 198 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 199 |  |  | 	$this->errors = array(); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 200 |  |  | 	if (intval($this->mediaSize) < 0) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 201 |  |  | 		$this->setErrors(  _ER_UP_INVALIDFILESIZE ); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 202 |  |  | 		return false; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 203 |  |  | 	} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 204 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 205 |  |  | 	if ($this->mediaName == '') { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 206 |  |  | 		$this->setErrors( _ER_UP_FILENAMEEMPTY ); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 207 |  |  | 		return false; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 208 |  |  | 	} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 209 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 210 |  |  | 	if ($this->mediaTmpName == 'none' || !is_uploaded_file($this->mediaTmpName)) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 211 |  |  | 		$this->setErrors( _ER_UP_NOFILEUPLOADED ); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 212 |  |  | 		return false; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 213 |  |  | 	} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 214 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 215 |  |  | 	if ($this->mediaError > 0) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 216 |  |  | 		$this->setErrors( sprintf(_ER_UP_ERROROCCURRED, $this->mediaError) ); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 217 |  |  | 		return false; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 218 |  |  | 	} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 219 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 220 |  |  | 	return true; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 221 |  |  | } | 
            
                                                                                                            
                            
            
                                    
            
            
                | 222 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 223 |  |  | 	/** | 
            
                                                                                                            
                            
            
                                    
            
            
                | 224 |  |  | 	* Set the target filename | 
            
                                                                                                            
                            
            
                                    
            
            
                | 225 |  |  | 	* | 
            
                                                                                                            
                            
            
                                    
            
            
                | 226 |  |  | 	* @param   string  $value | 
            
                                                                                                            
                            
            
                                    
            
            
                | 227 |  |  | 	**/ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 228 |  |  | 	function setTargetFileName($value) { | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 229 |  |  | 		$this->targetFileName = strval(trim($value)); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 230 |  |  | 	} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 231 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 232 |  |  | 	/** | 
            
                                                                                                            
                            
            
                                    
            
            
                | 233 |  |  | 	* Set the prefix | 
            
                                                                                                            
                            
            
                                    
            
            
                | 234 |  |  | 	* | 
            
                                                                                                            
                            
            
                                    
            
            
                | 235 |  |  | 	* @param   string  $value | 
            
                                                                                                            
                            
            
                                    
            
            
                | 236 |  |  | 	**/ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 237 |  |  | 	function setPrefix($value){ | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 238 |  |  | 		$this->prefix = strval(trim($value)); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 239 |  |  | 	} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 240 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 241 |  |  | 	/** | 
            
                                                                                                            
                            
            
                                    
            
            
                | 242 |  |  | 	* Get the uploaded filename | 
            
                                                                                                            
                            
            
                                    
            
            
                | 243 |  |  | 	* | 
            
                                                                                                            
                            
            
                                    
            
            
                | 244 |  |  | 	* @return  string | 
            
                                                                                                            
                            
            
                                    
            
            
                | 245 |  |  | 	**/ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 246 |  |  | 	function getMediaName() { | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 247 |  |  | 		return $this->mediaName; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 248 |  |  | 	} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 249 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 250 |  |  | 	/** | 
            
                                                                                                            
                            
            
                                    
            
            
                | 251 |  |  | 	* Get the type of the uploaded file | 
            
                                                                                                            
                            
            
                                    
            
            
                | 252 |  |  | 	* | 
            
                                                                                                            
                            
            
                                    
            
            
                | 253 |  |  | 	* @return  string | 
            
                                                                                                            
                            
            
                                    
            
            
                | 254 |  |  | 	**/ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 255 |  |  | 	function getMediaType() { | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 256 |  |  | 		return $this->mediaType; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 257 |  |  | 	} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 258 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 259 |  |  | 	/** | 
            
                                                                                                            
                            
            
                                    
            
            
                | 260 |  |  | 	* Get the size of the uploaded file | 
            
                                                                                                            
                            
            
                                    
            
            
                | 261 |  |  | 	* | 
            
                                                                                                            
                            
            
                                    
            
            
                | 262 |  |  | 	* @return  int | 
            
                                                                                                            
                            
            
                                    
            
            
                | 263 |  |  | 	**/ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 264 |  |  | 	function getMediaSize() { | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 265 |  |  | 		return $this->mediaSize; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 266 |  |  | 	} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 267 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 268 |  |  | 	/** | 
            
                                                                                                            
                            
            
                                    
            
            
                | 269 |  |  | 	* Get the temporary name that the uploaded file was stored under | 
            
                                                                                                            
                            
            
                                    
            
            
                | 270 |  |  | 	* | 
            
                                                                                                            
                            
            
                                    
            
            
                | 271 |  |  | 	* @return  string | 
            
                                                                                                            
                            
            
                                    
            
            
                | 272 |  |  | 	**/ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 273 |  |  | 	function getMediaTmpName() { | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 274 |  |  | 		return $this->mediaTmpName; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 275 |  |  | 	} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 276 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 277 |  |  | 	/** | 
            
                                                                                                            
                            
            
                                    
            
            
                | 278 |  |  | 	* Get the saved filename | 
            
                                                                                                            
                            
            
                                    
            
            
                | 279 |  |  | 	* | 
            
                                                                                                            
                            
            
                                    
            
            
                | 280 |  |  | 	* @return  string | 
            
                                                                                                            
                            
            
                                    
            
            
                | 281 |  |  | 	**/ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 282 |  |  | 	function getSavedFileName(){ | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 283 |  |  | 		return $this->savedFileName; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 284 |  |  | 	} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 285 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 286 |  |  | 	/** | 
            
                                                                                                            
                            
            
                                    
            
            
                | 287 |  |  | 	* Get the destination the file is saved to | 
            
                                                                                                            
                            
            
                                    
            
            
                | 288 |  |  | 	* | 
            
                                                                                                            
                            
            
                                    
            
            
                | 289 |  |  | 	* @return  string | 
            
                                                                                                            
                                                                
            
                                    
            
            
                | 290 |  |  | 	**/ | 
            
                                                                        
                            
            
                                    
            
            
                | 291 |  |  | 	function getSavedDestination(){ | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                        
                            
            
                                    
            
            
                | 292 |  |  | 		return $this->savedDestination; | 
            
                                                                        
                            
            
                                    
            
            
                | 293 |  |  | 	} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 294 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 295 |  |  | 	/** | 
            
                                                                                                            
                            
            
                                    
            
            
                | 296 |  |  | 	* Check the file and copy it to the destination | 
            
                                                                                                            
                            
            
                                    
            
            
                | 297 |  |  | 	* | 
            
                                                                                                            
                            
            
                                    
            
            
                | 298 |  |  | 	* @return  bool | 
            
                                                                                                            
                            
            
                                    
            
            
                | 299 |  |  | 	**/ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 300 |  |  | 	function upload($chmod = 0644) { | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 301 |  |  | 		if ($this->uploadDir == '') { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 302 |  |  | 			$this->setErrors( _ER_UP_UPLOADDIRNOTSET ); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 303 |  |  | 			return false; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 304 |  |  | 		} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 305 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 306 |  |  | 		if (!$this->checkMimeType()) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 307 |  |  | 			$this->setErrors( sprintf(_ER_UP_MIMETYPENOTALLOWED, $this->mediaType) ); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 308 |  |  | 			return false; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 309 |  |  | 		} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 310 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 311 |  |  | 		if (!is_dir($this->uploadDir)) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 312 |  |  | 			$this->setErrors( sprintf(_ER_UP_FAILEDOPENDIR, $this->uploadDir) ); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 313 |  |  | 		} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 314 |  |  | 		if (!is_writeable($this->uploadDir)) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 315 |  |  | 			$this->setErrors( sprintf(_ER_UP_FAILEDOPENDIRWRITE, $this->uploadDir) ); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 316 |  |  | 		} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 317 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 318 |  |  | 		$this->sanitizeMultipleExtensions(); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 319 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 320 |  |  | 		if (!$this->checkMaxFileSize()) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 321 |  |  | 			$this->setErrors( sprintf(_ER_UP_FILESIZETOOLARGE, $this->mediaSize) ); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 322 |  |  | 		} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 323 |  |  | 		if (!$this->checkMaxWidth()) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 324 |  |  | 			$this->setErrors( sprintf(_ER_UP_FILEWIDTHTOOLARGE, $this->maxWidth) ); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 325 |  |  | 		} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 326 |  |  | 		if (!$this->checkMaxHeight()) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 327 |  |  | 			$this->setErrors( sprintf(_ER_UP_FILEHEIGHTTOOLARGE, $this->maxHeight) ); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 328 |  |  | 		} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 329 |  |  | /* | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 330 |  |  | 		if (!$this->checkMimeType()) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 331 |  |  | 			$this->setErrors('MIME type not allowed: '.$this->mediaType); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 332 |  |  | 		} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 333 |  |  | */ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 334 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 335 |  |  | 		if (!$this->checkImageType()) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 336 |  |  | 			$this->setErrors( _ER_UP_INVALIDIMAGEFILE ); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 337 |  |  | 		} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 338 |  |  | 		if (count($this->errors) > 0) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 339 |  |  | 			return false; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 340 |  |  | 		} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 341 |  |  | 		if (!$this->_copyFile($chmod)) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 342 |  |  | 			$this->setErrors( sprintf(_ER_UP_FAILEDUPLOADFILE, $this->mediaName) ); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 343 |  |  | 			return false; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 344 |  |  | 		} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 345 |  |  | 		return true; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 346 |  |  | 	} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 347 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 348 |  |  | 	/** | 
            
                                                                                                            
                            
            
                                    
            
            
                | 349 |  |  | 	* Copy the file to its destination | 
            
                                                                                                            
                            
            
                                    
            
            
                | 350 |  |  | 	* | 
            
                                                                                                            
                            
            
                                    
            
            
                | 351 |  |  | 	* @return  bool | 
            
                                                                                                            
                            
            
                                    
            
            
                | 352 |  |  | 	**/ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 353 |  |  | 	function _copyFile($chmod) { | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 354 |  |  | 		$matched = array(); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 355 |  |  | 		if (!preg_match("/\.([a-zA-Z0-9]+)$/", $this->mediaName, $matched)) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 356 |  |  | 			return false; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 357 |  |  | 		} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 358 |  |  | 		if (isset($this->targetFileName)) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 359 |  |  | 			$this->savedFileName = $this->targetFileName; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 360 |  |  | 		} elseif (isset($this->prefix)) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 361 |  |  | 			$this->savedFileName = uniqid($this->prefix).'.'.strtolower($matched[1]); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 362 |  |  | 		} else { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 363 |  |  | 			$this->savedFileName = strtolower($this->mediaName); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 364 |  |  | 		} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 365 |  |  | 		$this->savedDestination = $this->uploadDir.'/'.$this->savedFileName; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 366 |  |  | 		if (!move_uploaded_file($this->mediaTmpName, $this->savedDestination)) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 367 |  |  | 			return false; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 368 |  |  | 		} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 369 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 370 |  |  | 		// Check IE XSS before returning success | 
            
                                                                                                            
                            
            
                                    
            
            
                | 371 |  |  | 		$ext = strtolower( substr( strrchr( $this->savedDestination , '.' ) , 1 ) ) ; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 372 |  |  | 		if( in_array( $ext , $this->imageExtensions ) ) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 373 |  |  | 			$info = @getimagesize( $this->savedDestination ) ; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 374 |  |  | 			if( $info === false || $this->imageExtensions[ (int)$info[2] ] != $ext ) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 375 |  |  | 				$this->setErrors( _ER_UP_SUSPICIOUSIMAGE ); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 376 |  |  | 				@unlink( $this->savedDestination ); | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 377 |  |  | 				return false; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 378 |  |  | 			} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 379 |  |  | 		} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 380 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 381 |  |  | 		@chmod($this->savedDestination, $chmod); | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 382 |  |  | 		return true; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 383 |  |  | 	} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 384 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 385 |  |  | 	/** | 
            
                                                                                                            
                            
            
                                    
            
            
                | 386 |  |  | 	* Is the file the right size? | 
            
                                                                                                            
                            
            
                                    
            
            
                | 387 |  |  | 	* | 
            
                                                                                                            
                            
            
                                    
            
            
                | 388 |  |  | 	* @return  bool | 
            
                                                                                                            
                            
            
                                    
            
            
                | 389 |  |  | 	**/ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 390 |  |  | 	function checkMaxFileSize() { | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 391 |  |  | 		if ($this->mediaSize > $this->maxFileSize) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 392 |  |  | 			return false; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 393 |  |  | 		} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 394 |  |  | 		return true; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 395 |  |  | 	} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 396 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 397 |  |  | 	/** | 
            
                                                                                                            
                            
            
                                    
            
            
                | 398 |  |  | 	* Is the picture the right width? | 
            
                                                                                                            
                            
            
                                    
            
            
                | 399 |  |  | 	* | 
            
                                                                                                            
                            
            
                                    
            
            
                | 400 |  |  | 	* @return  bool | 
            
                                                                                                            
                            
            
                                    
            
            
                | 401 |  |  | 	**/ | 
            
                                                                                                            
                            
            
                                                                    
                                                                                                        
            
            
                | 402 |  | View Code Duplication | 	function checkMaxWidth() { | 
                            
                    |  |  |  | 
                                                                                        
                                                                                            
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 403 |  |  | 		if (!isset($this->maxWidth)) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 404 |  |  | 			return true; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 405 |  |  | 		} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 406 |  |  | 		if (false !== $dimension = getimagesize($this->mediaTmpName)) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 407 |  |  | 			if ($dimension[0] > $this->maxWidth) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 408 |  |  | 				return false; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 409 |  |  | 			} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 410 |  |  | 		} else { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 411 |  |  | 			trigger_error(sprintf('Failed fetching image size of %s, skipping max width check..', $this->mediaTmpName), E_USER_WARNING); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 412 |  |  | 		} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 413 |  |  | 		return true; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 414 |  |  | 	} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 415 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 416 |  |  | 	/** | 
            
                                                                                                            
                            
            
                                    
            
            
                | 417 |  |  | 	* Is the picture the right height? | 
            
                                                                                                            
                            
            
                                    
            
            
                | 418 |  |  | 	* | 
            
                                                                                                            
                            
            
                                    
            
            
                | 419 |  |  | 	* @return  bool | 
            
                                                                                                            
                            
            
                                    
            
            
                | 420 |  |  | 	**/ | 
            
                                                                                                            
                            
            
                                                                    
                                                                                                        
            
            
                | 421 |  | View Code Duplication | 	function checkMaxHeight() { | 
                            
                    |  |  |  | 
                                                                                        
                                                                                            
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 422 |  |  | 		if (!isset($this->maxHeight)) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 423 |  |  | 			return true; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 424 |  |  | 		} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 425 |  |  | 		if (false !== $dimension = getimagesize($this->mediaTmpName)) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 426 |  |  | 			if ($dimension[1] > $this->maxHeight) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 427 |  |  | 				return false; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 428 |  |  | 			} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 429 |  |  |  			trigger_error(sprintf('Failed fetching image size of %s, skipping max height check..', $this->mediaTmpName), E_USER_WARNING); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 430 |  |  | 		} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 431 |  |  | 		return true; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 432 |  |  | 	} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 433 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 434 |  |  | 	/** | 
            
                                                                                                            
                            
            
                                    
            
            
                | 435 |  |  | 	* Check whether or not the uploaded file type is allowed | 
            
                                                                                                            
                            
            
                                    
            
            
                | 436 |  |  | 	* | 
            
                                                                                                            
                            
            
                                    
            
            
                | 437 |  |  | 	* @return  bool | 
            
                                                                                                            
                            
            
                                    
            
            
                | 438 |  |  | 	**/ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 439 |  |  | 	function checkMimeType() { | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 440 |  |  | /* | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 441 |  |  | 		if ( empty( $this->mediaRealType ) && !$this->allowUnknownTypes ) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 442 |  |  | 			$this->setErrors( 'Unknown filetype rejected' ); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 443 |  |  | 			return false; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 444 |  |  | 		} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 445 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 446 |  |  | 		return ( empty($this->allowedMimeTypes) || in_array($this->mediaRealType, $this->allowedMimeTypes) ); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 447 |  |  | */ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 448 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 449 |  |  | 		if ( count( $this->extensionToMime ) == 0 ) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 450 |  |  | 			$this->setErrors( _ER_UP_UNKNOWNFILETYPEREJECTED ); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 451 |  |  | 			return false; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 452 |  |  | 		} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 453 |  |  | 		return ( empty($this->extensionToMime) || array_key_exists($this->mediaExt, $this->extensionToMime) ); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 454 |  |  | 	} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 455 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 456 |  |  | 	/** | 
            
                                                                                                            
                            
            
                                    
            
            
                | 457 |  |  | 	* Check whether or not the uploaded image type is valid | 
            
                                                                                                            
                            
            
                                    
            
            
                | 458 |  |  | 	* | 
            
                                                                                                            
                            
            
                                    
            
            
                | 459 |  |  | 	* @return  bool | 
            
                                                                                                            
                            
            
                                    
            
            
                | 460 |  |  | 	**/ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 461 |  |  | 	function checkImageType() { | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 462 |  |  | 		if(empty($this->checkImageType)) return true; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 463 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 464 |  |  | 		if( ("image" == substr($this->mediaType, 0, strpos($this->mediaType, "/"))) || | 
            
                                                                                                            
                            
            
                                    
            
            
                | 465 |  |  | 			(!empty($this->mediaRealType) && "image" == substr($this->mediaRealType, 0, strpos($this->mediaRealType, "/"))) ){ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 466 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 467 |  |  | 			if ( ! ( $info = @getimagesize( $this->mediaTmpName ) ) ) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 468 |  |  | 				return false; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 469 |  |  | 			} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 470 |  |  | 		} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 471 |  |  | 		return true; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 472 |  |  | 	} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 473 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 474 |  |  | 	/** | 
            
                                                                                                            
                            
            
                                    
            
            
                | 475 |  |  | 	* Sanitize executable filename with multiple extensions | 
            
                                                                                                            
                            
            
                                    
            
            
                | 476 |  |  | 	* | 
            
                                                                                                            
                            
            
                                    
            
            
                | 477 |  |  | 	**/ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 478 |  |  | 	function sanitizeMultipleExtensions() { | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 479 |  |  | 		if(empty($this->extensionsToBeSanitized)) return; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 480 |  |  | 			$patterns = array(); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 481 |  |  | 			$replaces = array(); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 482 |  |  | 			foreach($this->extensionsToBeSanitized as $ext){ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 483 |  |  | 			$patterns[] = "/\.".preg_quote($ext)."\./i"; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 484 |  |  | 			$replaces[] = "_".$ext."."; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 485 |  |  | 		} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 486 |  |  | 		$this->mediaName = preg_replace($patterns, $replaces, $this->mediaName); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 487 |  |  | 	} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 488 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 489 |  |  | 	function GetextensionToMime() { | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 490 |  |  | 		global $xoopsModule, $xoopsUser, $xoopsDB; | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 491 |  |  | 		if (!is_object ( $xoopsModule ) ) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 492 |  |  | 			$hModule = &xoops_gethandler('module'); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 493 |  |  | 			$xoopsModule = $hModule->getByDirname('system'); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 494 |  |  | 		} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 495 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 496 |  |  | 		$groups = is_object( $xoopsUser ) ? $xoopsUser -> getGroups() : array(XOOPS_GROUP_ANONYMOUS) ; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 497 |  |  | 		$sql = 'SELECT t.mime_types, t.mime_ext, p.mperm_maxwidth, p.mperm_maxheight, p.mperm_maxsize FROM ' . | 
            
                                                                                                            
                            
            
                                    
            
            
                | 498 |  |  | 		$xoopsDB->prefix('mimetypes_perms') . ' p LEFT JOIN ' . | 
            
                                                                                                            
                            
            
                                    
            
            
                | 499 |  |  | 		$xoopsDB->prefix("mimetypes") . ' t on p.mperm_mime = t.mime_id' . ' WHERE p.mperm_module=' . $xoopsModule->mid() . ' AND p.mperm_groups IN (' . implode(',' , $groups) . ')' . ' GROUP BY t.mime_ext' ; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 500 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 501 |  |  | 		$result = $xoopsDB->query($sql); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 502 |  |  | 		while ( $myrow = $xoopsDB->fetchArray($result) ) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 503 |  |  | 			$mime_types = explode('|',$myrow['mime_types']); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 504 |  |  | 			$intersect = array_intersect($this->allowedMimeTypes,$mime_types); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 505 |  |  | 			if (count($intersect) > 0) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 506 |  |  | 				$mimeExt = $myrow['mime_ext']; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 507 |  |  | 				$this->extensionToMime[$mimeExt] = array( 'maxWidth' => $myrow['mperm_maxwidth'], 'maxHeight' => $myrow['mperm_maxwidth'], 'maxSize' => $myrow['mperm_maxsize'] ); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 508 |  |  | 			} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 509 |  |  | 		} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 510 |  |  | 	} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 511 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 512 |  |  | 	/** | 
            
                                                                                                            
                            
            
                                    
            
            
                | 513 |  |  | 	* Add an error | 
            
                                                                                                            
                            
            
                                    
            
            
                | 514 |  |  | 	* | 
            
                                                                                                            
                            
            
                                    
            
            
                | 515 |  |  | 	* @param   string  $error | 
            
                                                                                                            
                            
            
                                    
            
            
                | 516 |  |  | 	**/ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 517 |  |  | 	function setErrors($error) { | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                                                                                                            
                            
            
                                    
            
            
                | 518 |  |  | 		$this->errors[] = trim($error); | 
            
                                                                                                            
                            
            
                                    
            
            
                | 519 |  |  | 	} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 520 |  |  |  | 
            
                                                                                                            
                            
            
                                    
            
            
                | 521 |  |  | 	/** | 
            
                                                                                                            
                            
            
                                    
            
            
                | 522 |  |  | 	* Get generated errors | 
            
                                                                                                            
                            
            
                                    
            
            
                | 523 |  |  | 	* | 
            
                                                                                                            
                            
            
                                    
            
            
                | 524 |  |  | 	* @param    bool    $ashtml Format using HTML? | 
            
                                                                                                            
                            
            
                                    
            
            
                | 525 |  |  | 	* | 
            
                                                                                                            
                            
            
                                    
            
            
                | 526 |  |  | 	* @return    array|string    Array of array messages OR HTML string | 
            
                                                                                                            
                            
            
                                    
            
            
                | 527 |  |  | 	*/ | 
            
                                                                                                            
                            
            
                                    
            
            
                | 528 |  |  | 	function &getErrors($ashtml = true) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 529 |  |  | 		if (!$ashtml) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 530 |  |  | 			return $this->errors; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 531 |  |  | 		} else { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 532 |  |  | 			$ret = ''; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 533 |  |  | 			if (count($this->errors) > 0) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 534 |  |  | 				$ret = '<h4>Errors Returned While Uploading</h4>'; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 535 |  |  | 				foreach ($this->errors as $error) { | 
            
                                                                                                            
                            
            
                                    
            
            
                | 536 |  |  | 					$ret .= $error.'<br />'; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 537 |  |  | 				} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 538 |  |  | 			} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 539 |  |  | 			return $ret; | 
            
                                                                                                            
                            
            
                                    
            
            
                | 540 |  |  | 		} | 
            
                                                                                                            
                            
            
                                    
            
            
                | 541 |  |  | 	} | 
            
                                                                                                            
                                                                
            
                                    
            
            
                | 542 |  |  | } | 
            
                                                        
            
                                    
            
            
                | 543 |  |  | ?> | 
                            
                    |  |  |  | 
                                                                                        
                                                                                     | 
            
                        
The PSR-1: Basic Coding Standard recommends that a file should either introduce new symbols, that is classes, functions, constants or similar, or have side effects. Side effects are anything that executes logic, like for example printing output, changing ini settings or writing to a file.
The idea behind this recommendation is that merely auto-loading a class should not change the state of an application. It also promotes a cleaner style of programming and makes your code less prone to errors, because the logic is not spread out all over the place.
To learn more about the PSR-1, please see the PHP-FIG site on the PSR-1.