mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-01-29 10:38:08 +01:00
Code Issues Releases Wiki Activity

Moved upload code to media class.

Browse Source
This commit is contained in:
Cameron 2018-11-03 12:56:42 -07:00
parent 46c07cd416
commit d3cdcfe3f9
2 changed files with 250 additions and 240 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

247
e107_handlers/media_class.php
View File

@ -1974,4 +1974,251 @@ class e_media
}
/**
* Media-Manager Upload processing - drag-n-drop and plupload
* @return string
*/
public function processAjaxUpload()
{
// Settings
// $targetDir = ini_get("upload_tmp_dir") . DIRECTORY_SEPARATOR . "plupload";
$targetDir = e_IMPORT;
$cleanupTargetDir = true; // Remove old files
$maxFileAge = 5 * 3600; // Temp file age in seconds
// Get parameters
$chunk = isset($_REQUEST["chunk"]) ? intval($_REQUEST["chunk"]) : 0;
$chunks = isset($_REQUEST["chunks"]) ? intval($_REQUEST["chunks"]) : 0;
$fileName = isset($_REQUEST["name"]) ? $_REQUEST["name"] : '';
// Clean the fileName for security reasons
$fileName = preg_replace('/[^\w\._]+/', '_', $fileName);
if(!empty($_FILES['file']['name'])) // dropzone support v2.1.9
{
$fileName = $_FILES['file']['name'];
}
// $array = array("jsonrpc" => "2.0", "error" => array('code'=>$_FILES['file']['error'], 'message'=>'Failed to move file'), "id" => "id", 'data'=>$_FILES );
// Make sure the fileName is unique but only if chunking is disabled
if($chunks < 2 && file_exists($targetDir . DIRECTORY_SEPARATOR . $fileName))
{
$ext = strrpos($fileName, '.');
$fileName_a = substr($fileName, 0, $ext);
$fileName_b = substr($fileName, $ext);
$count = 1;
while(file_exists($targetDir . DIRECTORY_SEPARATOR . $fileName_a . '_' . $count . $fileName_b))
{
$count++;
}
$fileName = $fileName_a . '_' . $count . $fileName_b;
}
$filePath = $targetDir . DIRECTORY_SEPARATOR . $fileName;
// Create target dir
if(!file_exists($targetDir))
{
@mkdir($targetDir);
}
// Remove old temp files
if($cleanupTargetDir && is_dir($targetDir) && ($dir = opendir($targetDir)))
{
while(($file = readdir($dir)) !== false)
{
$tmpfilePath = $targetDir . DIRECTORY_SEPARATOR . $file;
// Remove temp file if it is older than the max age and is not the current file
if(preg_match('/\.part$/', $file) && (filemtime($tmpfilePath) < time() - $maxFileAge) && ($tmpfilePath != "{$filePath}.part"))
{
@unlink($tmpfilePath);
}
}
closedir($dir);
}
else
{
return '{"jsonrpc" : "2.0", "error" : {"code": 100, "message": "Failed to open temp directory."}, "id" : "id"}';
}
// Look for the content type header
$contentType = null;
if(isset($_SERVER["HTTP_CONTENT_TYPE"]))
{
$contentType = $_SERVER["HTTP_CONTENT_TYPE"];
}
if(isset($_SERVER["CONTENT_TYPE"]))
{
$contentType = $_SERVER["CONTENT_TYPE"];
}
// Handle non multipart uploads older WebKit versions didn't support multipart in HTML5
if(strpos($contentType, "multipart") !== false)
{
if(isset($_FILES['file']['tmp_name']) && is_uploaded_file($_FILES['file']['tmp_name']))
{
// Open temp file
$out = fopen("{$filePath}.part", $chunk == 0 ? "wb" : "ab");
if($out)
{
// Read binary input stream and append it to temp file
$tmpName = e107::getParser()->filter($_FILES['file']['tmp_name'],'str');
$in = fopen($tmpName, "rb");
if($in)
{
while($buff = fread($in, 4096))
{
fwrite($out, $buff);
}
}
else
{
return '{"jsonrpc" : "2.0", "error" : {"code": 101, "message": "Failed to open input stream."}, "id" : "id"}';
}
fclose($in);
fclose($out);
@unlink($tmpName);
}
else
{
return '{"jsonrpc" : "2.0", "error" : {"code": 102, "message": "Failed to open output stream."}, "id" : "id"}';
}
}
else // Misc Error.
{
$phpFileUploadErrors = array(
0 => 'There is no error, the file uploaded with success',
1 => 'The uploaded file exceeds the upload_max_filesize directive in php.ini',
2 => 'The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form',
3 => 'The uploaded file was only partially uploaded',
4 => 'No file was uploaded',
6 => 'Missing a temporary folder',
7 => 'Failed to write file to disk.',
8 => 'A PHP extension stopped the file upload.',
);
$err = (int) $_FILES['file']['error'];
$array = array("jsonrpc" => "2.0", "error" => array('code'=>$err, 'message'=> $phpFileUploadErrors[$err]), "id" => "id", 'data'=>$_FILES );
return json_encode($array);
}
}
else
{
// Open temp file
$out = fopen("{$filePath}.part", $chunk == 0 ? "wb" : "ab");
if($out)
{
// Read binary input stream and append it to temp file
$in = fopen("php://input", "rb");
if($in)
{
while($buff = fread($in, 4096))
{
fwrite($out, $buff);
}
}
else
{
return '{"jsonrpc" : "2.0", "error" : {"code": 101, "message": "Failed to open input stream."}, "id" : "id"}';
}
fclose($in);
fclose($out);
}
else
{
return '{"jsonrpc" : "2.0", "error" : {"code": 102, "message": "Failed to open output stream."}, "id" : "id"}';
}
}
// Check if file has been uploaded
if(!$chunks || $chunk == $chunks - 1)
{
// Strip the temp .part suffix off
rename("{$filePath}.part", $filePath);
}
$filePath = str_replace('//','/',$filePath); // cleanup .
if(e107::getFile()->isClean($filePath) !== true)
{
@unlink($filePath);
return '{"jsonrpc" : "2.0", "error" : {"code": 104, "message": "Bad File Detected."}, "id" : "id"}';
}
$convertToJpeg = e107::getPref('convert_to_jpeg', 0);
$fileSize = filesize($filePath);
if(varset($_GET['for']) !== '_icon' && !empty($convertToJpeg))
{
if($jpegFile = e107::getMedia()->convertImageToJpeg($filePath, true))
{
$filePath = $jpegFile;
$fileName = basename($filePath);
$fileSize = filesize($jpegFile);
}
}
$result = false;
if(!empty($_GET['for'])) // leave in upload directory if no category given.
{
$uploadPath = varset($_GET['path'],null);
$for = e107::getParser()->filter($_GET['for']);
$for = str_replace(array('+','^'),'', $for);
$result = e107::getMedia()->importFile($fileName, $for, array('path'=>$uploadPath));
}
$log = e107::getParser()->filter($_GET,'str');
$log['filepath'] = str_replace('../','',$filePath);
$log['filename'] = $fileName;
$log['filesize'] = $fileSize;
$log['status'] = ($result) ? 'ok' : 'failed';
$log['_files'] = $_FILES;
// $log['_get'] = $_GET;
// $log['_post'] = $_POST;
$type = ($result) ? E_LOG_INFORMATIVE : E_LOG_WARNING;
e107::getLog()->add('LAN_AL_MEDIA_01', print_r($log, true), $type, 'MEDIA_01');
$preview = $this->previewTag($result);
$array = array("jsonrpc" => "2.0", "result" => $result, "id" => "id", 'preview' => $preview, 'data'=>$_FILES );
return json_encode($array);
}
}

243
e107_web/js/plupload/upload.php
View File

@ -26,248 +26,11 @@
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
@set_time_limit(5 * 60); // 5 minutes execution time
// Settings
// $targetDir = ini_get("upload_tmp_dir") . DIRECTORY_SEPARATOR . "plupload";
$targetDir = e_IMPORT;
//$targetDir = 'uploads';
echo e107::getMedia()->processAjaxUpload();
$cleanupTargetDir = true; // Remove old files
$maxFileAge = 5 * 3600; // Temp file age in seconds
// 5 minutes execution time
@set_time_limit(5 * 60);
// Uncomment this one to fake upload time
// usleep(5000);
// Get parameters
$chunk = isset($_REQUEST["chunk"]) ? intval($_REQUEST["chunk"]) : 0;
$chunks = isset($_REQUEST["chunks"]) ? intval($_REQUEST["chunks"]) : 0;
$fileName = isset($_REQUEST["name"]) ? $_REQUEST["name"] : '';
// Clean the fileName for security reasons
$fileName = preg_replace('/[^\w\._]+/', '_', $fileName);
if(!empty($_FILES['file']['name'])) // dropzone support v2.1.9
{
$fileName = $_FILES['file']['name'];
}
// $array = array("jsonrpc" => "2.0", "error" => array('code'=>$_FILES['file']['error'], 'message'=>'Failed to move file'), "id" => "id", 'data'=>$_FILES );
// Make sure the fileName is unique but only if chunking is disabled
if($chunks < 2 && file_exists($targetDir . DIRECTORY_SEPARATOR . $fileName))
{
$ext = strrpos($fileName, '.');
$fileName_a = substr($fileName, 0, $ext);
$fileName_b = substr($fileName, $ext);
$count = 1;
while(file_exists($targetDir . DIRECTORY_SEPARATOR . $fileName_a . '_' . $count . $fileName_b))
{
$count++;
}
$fileName = $fileName_a . '_' . $count . $fileName_b;
}
$filePath = $targetDir . DIRECTORY_SEPARATOR . $fileName;
// Create target dir
if(!file_exists($targetDir))
{
@mkdir($targetDir);
}
// Remove old temp files
if($cleanupTargetDir && is_dir($targetDir) && ($dir = opendir($targetDir)))
{
while(($file = readdir($dir)) !== false)
{
$tmpfilePath = $targetDir . DIRECTORY_SEPARATOR . $file;
// Remove temp file if it is older than the max age and is not the current file
if(preg_match('/\.part$/', $file) && (filemtime($tmpfilePath) < time() - $maxFileAge) && ($tmpfilePath != "{$filePath}.part"))
{
@unlink($tmpfilePath);
}
}
closedir($dir);
}
else
{
die('{"jsonrpc" : "2.0", "error" : {"code": 100, "message": "Failed to open temp directory."}, "id" : "id"}');
}
// Look for the content type header
if(isset($_SERVER["HTTP_CONTENT_TYPE"]))
{
$contentType = $_SERVER["HTTP_CONTENT_TYPE"];
}
if(isset($_SERVER["CONTENT_TYPE"]))
{
$contentType = $_SERVER["CONTENT_TYPE"];
}
// Handle non multipart uploads older WebKit versions didn't support multipart in HTML5
if(strpos($contentType, "multipart") !== false)
{
if(isset($_FILES['file']['tmp_name']) && is_uploaded_file($_FILES['file']['tmp_name']))
{
// Open temp file
$out = fopen("{$filePath}.part", $chunk == 0 ? "wb" : "ab");
if($out)
{
// Read binary input stream and append it to temp file
$tmpName = e107::getParser()->filter($_FILES['file']['tmp_name'],'str');
$in = fopen($tmpName, "rb");
if($in)
{
while($buff = fread($in, 4096))
{
fwrite($out, $buff);
}
}
else
{
die('{"jsonrpc" : "2.0", "error" : {"code": 101, "message": "Failed to open input stream."}, "id" : "id"}');
}
fclose($in);
fclose($out);
@unlink($tmpName);
}
else
{
die('{"jsonrpc" : "2.0", "error" : {"code": 102, "message": "Failed to open output stream."}, "id" : "id"}');
}
}
else // Misc Error.
{
$phpFileUploadErrors = array(
0 => 'There is no error, the file uploaded with success',
1 => 'The uploaded file exceeds the upload_max_filesize directive in php.ini',
2 => 'The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form',
3 => 'The uploaded file was only partially uploaded',
4 => 'No file was uploaded',
6 => 'Missing a temporary folder',
7 => 'Failed to write file to disk.',
8 => 'A PHP extension stopped the file upload.',
);
$err = (int) $_FILES['file']['error'];
$array = array("jsonrpc" => "2.0", "error" => array('code'=>$err, 'message'=> $phpFileUploadErrors[$err]), "id" => "id", 'data'=>$_FILES );
echo json_encode($array);
exit;
}
}
else
{
// Open temp file
$out = fopen("{$filePath}.part", $chunk == 0 ? "wb" : "ab");
if($out)
{
// Read binary input stream and append it to temp file
$in = fopen("php://input", "rb");
if($in)
{
while($buff = fread($in, 4096))
{
fwrite($out, $buff);
}
}
else
{
die('{"jsonrpc" : "2.0", "error" : {"code": 101, "message": "Failed to open input stream."}, "id" : "id"}');
}
fclose($in);
fclose($out);
}
else
{
die('{"jsonrpc" : "2.0", "error" : {"code": 102, "message": "Failed to open output stream."}, "id" : "id"}');
}
}
// Check if file has been uploaded
if(!$chunks || $chunk == $chunks - 1)
{
// Strip the temp .part suffix off
rename("{$filePath}.part", $filePath);
}
$filePath = str_replace('//','/',$filePath); // cleanup .
if(e107::getFile()->isClean($filePath) !== true)
{
@unlink($filePath);
die('{"jsonrpc" : "2.0", "error" : {"code": 104, "message": "Bad File Detected."}, "id" : "id"}');
}
$convertToJpeg = e107::getPref('convert_to_jpeg', 0);
$fileSize = filesize($filePath);
if(varset($_GET['for']) !== '_icon' && !empty($convertToJpeg))
{
if($jpegFile = e107::getMedia()->convertImageToJpeg($filePath, true))
{
$filePath = $jpegFile;
$fileName = basename($filePath);
$fileSize = filesize($jpegFile);
}
}
if(!empty($_GET['for'])) // leave in upload directory if no category given.
{
$uploadPath = varset($_GET['path'],null);
$for = $tp->filter($_GET['for']);
$for = str_replace(array('+','^'),'', $for);
$result = e107::getMedia()->importFile($fileName, $for, array('path'=>$uploadPath));
}
$log = e107::getParser()->filter($_GET,'str');
$log['filepath'] = str_replace('../','',$filePath);
$log['filename'] = $fileName;
$log['filesize'] = $fileSize;
$log['status'] = ($result) ? 'ok' : 'failed';
$log['_files'] = $_FILES;
// $log['_get'] = $_GET;
// $log['_post'] = $_POST;
$type = ($result) ? E_LOG_INFORMATIVE : E_LOG_WARNING;
e107::getLog()->add('LAN_AL_MEDIA_01', print_r($log, true), $type, 'MEDIA_01');
$preview = e107::getMedia()->previewTag($result);
$array = array("jsonrpc" => "2.0", "result" => $result, "id" => "id", 'preview' => $preview, 'data'=>$_FILES );
echo json_encode($array);
// Return JSON-RPC response
// die('{"jsonrpc" : "2.0", "result" : null, "id" : "id"}');
exit;
?>