Moved upload code to media class.

2025-08-06 06:38:00 +02:00 · 2018-11-03 12:56:42 -07:00
parent 46c07cd416
commit d3cdcfe3f9
2 changed files with 250 additions and 240 deletions
--- a/e107_handlers/media_class.php
+++ b/e107_handlers/media_class.php
@@ -1974,4 +1974,251 @@ class e_media
 	}
 	/**
 	 * Media-Manager Upload processing - drag-n-drop and plupload
 	* @return string
 	*/
 	public function processAjaxUpload()
 	{
 		// Settings
 		// $targetDir = ini_get("upload_tmp_dir") . DIRECTORY_SEPARATOR . "plupload";
 		$targetDir = e_IMPORT;
 		$cleanupTargetDir = true; // Remove old files
 		$maxFileAge = 5 * 3600; // Temp file age in seconds
 		// Get parameters
 		$chunk = isset($_REQUEST["chunk"]) ? intval($_REQUEST["chunk"]) : 0;
 		$chunks = isset($_REQUEST["chunks"]) ? intval($_REQUEST["chunks"]) : 0;
 		$fileName = isset($_REQUEST["name"]) ? $_REQUEST["name"] : '';
 		// Clean the fileName for security reasons
 		$fileName = preg_replace('/[^\w\._]+/', '_', $fileName);
 		if(!empty($_FILES['file']['name'])) // dropzone support v2.1.9
 		{
 			$fileName = $_FILES['file']['name'];
 		}
 		//	$array = array("jsonrpc" => "2.0", "error" => array('code'=>$_FILES['file']['error'], 'message'=>'Failed to move file'), "id" => "id",  'data'=>$_FILES );
 		// Make sure the fileName is unique but only if chunking is disabled
 		if($chunks < 2 && file_exists($targetDir . DIRECTORY_SEPARATOR . $fileName))
 		{
 			$ext = strrpos($fileName, '.');
 			$fileName_a = substr($fileName, 0, $ext);
 			$fileName_b = substr($fileName, $ext);
 			$count = 1;
 			while(file_exists($targetDir . DIRECTORY_SEPARATOR . $fileName_a . '_' . $count . $fileName_b))
 			{
 				$count++;
 			}
 			$fileName = $fileName_a . '_' . $count . $fileName_b;
 		}
 		$filePath = $targetDir . DIRECTORY_SEPARATOR . $fileName;
 		// Create target dir
 		if(!file_exists($targetDir))
 		{
 			@mkdir($targetDir);
 		}
 		// Remove old temp files
 		if($cleanupTargetDir && is_dir($targetDir) && ($dir = opendir($targetDir)))
 		{
 			while(($file = readdir($dir)) !== false)
 			{
 				$tmpfilePath = $targetDir . DIRECTORY_SEPARATOR . $file;
 				// Remove temp file if it is older than the max age and is not the current file
 				if(preg_match('/\.part$/', $file) && (filemtime($tmpfilePath) < time() - $maxFileAge) && ($tmpfilePath != "{$filePath}.part"))
 				{
 					@unlink($tmpfilePath);
 				}
 			}
 			closedir($dir);
 		}
 		else
 		{
 			return '{"jsonrpc" : "2.0", "error" : {"code": 100, "message": "Failed to open temp directory."}, "id" : "id"}';
 		}
 		// Look for the content type header
 		$contentType = null;
 		if(isset($_SERVER["HTTP_CONTENT_TYPE"]))
 		{
 			$contentType = $_SERVER["HTTP_CONTENT_TYPE"];
 		}
 		if(isset($_SERVER["CONTENT_TYPE"]))
 		{
 			$contentType = $_SERVER["CONTENT_TYPE"];
 		}
 		// Handle non multipart uploads older WebKit versions didn't support multipart in HTML5
 		if(strpos($contentType, "multipart") !== false)
 		{
 			if(isset($_FILES['file']['tmp_name']) && is_uploaded_file($_FILES['file']['tmp_name']))
 			{
 				// Open temp file
 				$out = fopen("{$filePath}.part", $chunk == 0 ? "wb" : "ab");
 				if($out)
 				{
 					// Read binary input stream and append it to temp file
 					$tmpName = e107::getParser()->filter($_FILES['file']['tmp_name'],'str');
 					$in = fopen($tmpName, "rb");
 					if($in)
 					{
 						while($buff = fread($in, 4096))
 						{
 							fwrite($out, $buff);
 						}
 					}
 					else
 					{
 						return '{"jsonrpc" : "2.0", "error" : {"code": 101, "message": "Failed to open input stream."}, "id" : "id"}';
 					}
 					fclose($in);
 					fclose($out);
 					@unlink($tmpName);
 				}
 				else
 				{
 					return '{"jsonrpc" : "2.0", "error" : {"code": 102, "message": "Failed to open output stream."}, "id" : "id"}';
 				}
 			}
 			else // Misc Error.
 			{
 				$phpFileUploadErrors = array(
 				    0 => 'There is no error, the file uploaded with success',
 				    1 => 'The uploaded file exceeds the upload_max_filesize directive in php.ini',
 				    2 => 'The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form',
 				    3 => 'The uploaded file was only partially uploaded',
 				    4 => 'No file was uploaded',
 				    6 => 'Missing a temporary folder',
 				    7 => 'Failed to write file to disk.',
 				    8 => 'A PHP extension stopped the file upload.',
 				);
 				$err = (int) $_FILES['file']['error'];
 				$array = array("jsonrpc" => "2.0", "error" => array('code'=>$err, 'message'=> $phpFileUploadErrors[$err]), "id" => "id",  'data'=>$_FILES );
 				return json_encode($array);
 			}
 		}
 		else
 		{
 			// Open temp file
 			$out = fopen("{$filePath}.part", $chunk == 0 ? "wb" : "ab");
 			if($out)
 			{
 				// Read binary input stream and append it to temp file
 				$in = fopen("php://input", "rb");
 				if($in)
 				{
 					while($buff = fread($in, 4096))
 					{
 						fwrite($out, $buff);
 					}
 				}
 				else
 				{
 					return '{"jsonrpc" : "2.0", "error" : {"code": 101, "message": "Failed to open input stream."}, "id" : "id"}';
 				}
 				fclose($in);
 				fclose($out);
 			}
 			else
 			{
 				return '{"jsonrpc" : "2.0", "error" : {"code": 102, "message": "Failed to open output stream."}, "id" : "id"}';
 			}
 		}
 		// Check if file has been uploaded
 		if(!$chunks || $chunk == $chunks - 1)
 		{
 			// Strip the temp .part suffix off
 			rename("{$filePath}.part", $filePath);
 		}
 		$filePath = str_replace('//','/',$filePath); // cleanup .
 		if(e107::getFile()->isClean($filePath) !== true)
 		{
 			@unlink($filePath);
 			return '{"jsonrpc" : "2.0", "error" : {"code": 104, "message": "Bad File Detected."}, "id" : "id"}';
 		}
 		$convertToJpeg = e107::getPref('convert_to_jpeg', 0);
 		$fileSize = filesize($filePath);
 		if(varset($_GET['for']) !== '_icon' && !empty($convertToJpeg))
 		{
 			if($jpegFile = e107::getMedia()->convertImageToJpeg($filePath, true))
 			{
 				$filePath = $jpegFile;
 				$fileName = basename($filePath);
 				$fileSize = filesize($jpegFile);
 			}
 		}
 		$result = false;
 		if(!empty($_GET['for'])) // leave in upload directory if no category given.
 		{
 			$uploadPath = varset($_GET['path'],null);
 			$for = e107::getParser()->filter($_GET['for']);
 			$for = str_replace(array('+','^'),'', $for);
 			$result = e107::getMedia()->importFile($fileName, $for, array('path'=>$uploadPath));
 		}
 		$log = e107::getParser()->filter($_GET,'str');
 		$log['filepath'] = str_replace('../','',$filePath);
 		$log['filename'] = $fileName;
 		$log['filesize'] = $fileSize;
 		$log['status'] = ($result) ? 'ok' : 'failed';
 		$log['_files'] = $_FILES;
 		//	$log['_get'] = $_GET;
 		//	$log['_post'] = $_POST;
 		$type = ($result) ? E_LOG_INFORMATIVE : E_LOG_WARNING;
 		e107::getLog()->add('LAN_AL_MEDIA_01', print_r($log, true), $type, 'MEDIA_01');
 		$preview = $this->previewTag($result);
 		$array = array("jsonrpc" => "2.0", "result" => $result, "id" => "id", 'preview' => $preview, 'data'=>$_FILES );
 		return json_encode($array);
 	}
 }
--- a/e107_web/js/plupload/upload.php
+++ b/e107_web/js/plupload/upload.php
@@ -26,248 +26,11 @@
 	header("Cache-Control: no-store, no-cache, must-revalidate");
 	header("Cache-Control: post-check=0, pre-check=0", false);
 	header("Pragma: no-cache");
 	@set_time_limit(5 * 60); // 5 minutes execution time
-// Settings
+	echo e107::getMedia()->processAjaxUpload();
 // $targetDir = ini_get("upload_tmp_dir") . DIRECTORY_SEPARATOR . "plupload";
 	$targetDir = e_IMPORT;
 //$targetDir = 'uploads';
-	$cleanupTargetDir = true; // Remove old files
+exit; 
 	$maxFileAge = 5 * 3600; // Temp file age in seconds
 // 5 minutes execution time
 	@set_time_limit(5 * 60);
 // Uncomment this one to fake upload time
 // usleep(5000);
 // Get parameters
 	$chunk = isset($_REQUEST["chunk"]) ? intval($_REQUEST["chunk"]) : 0;
 	$chunks = isset($_REQUEST["chunks"]) ? intval($_REQUEST["chunks"]) : 0;
 	$fileName = isset($_REQUEST["name"]) ? $_REQUEST["name"] : '';
 // Clean the fileName for security reasons
 	$fileName = preg_replace('/[^\w\._]+/', '_', $fileName);
 	if(!empty($_FILES['file']['name'])) // dropzone support v2.1.9
 	{
 		$fileName = $_FILES['file']['name'];
 	}
 //	$array = array("jsonrpc" => "2.0", "error" => array('code'=>$_FILES['file']['error'], 'message'=>'Failed to move file'), "id" => "id",  'data'=>$_FILES );
 // Make sure the fileName is unique but only if chunking is disabled
 	if($chunks < 2 && file_exists($targetDir . DIRECTORY_SEPARATOR . $fileName))
 	{
 		$ext = strrpos($fileName, '.');
 		$fileName_a = substr($fileName, 0, $ext);
 		$fileName_b = substr($fileName, $ext);
 		$count = 1;
 		while(file_exists($targetDir . DIRECTORY_SEPARATOR . $fileName_a . '_' . $count . $fileName_b))
 		{
 			$count++;
 		}
 		$fileName = $fileName_a . '_' . $count . $fileName_b;
 	}
 	$filePath = $targetDir . DIRECTORY_SEPARATOR . $fileName;
 // Create target dir
 	if(!file_exists($targetDir))
 	{
 		@mkdir($targetDir);
 	}
 // Remove old temp files	
 	if($cleanupTargetDir && is_dir($targetDir) && ($dir = opendir($targetDir)))
 	{
 		while(($file = readdir($dir)) !== false)
 		{
 			$tmpfilePath = $targetDir . DIRECTORY_SEPARATOR . $file;
 			// Remove temp file if it is older than the max age and is not the current file
 			if(preg_match('/\.part$/', $file) && (filemtime($tmpfilePath) < time() - $maxFileAge) && ($tmpfilePath != "{$filePath}.part"))
 			{
 				@unlink($tmpfilePath);
 			}
 		}
 		closedir($dir);
 	}
 	else
 	{
 		die('{"jsonrpc" : "2.0", "error" : {"code": 100, "message": "Failed to open temp directory."}, "id" : "id"}');
 	}
 // Look for the content type header
 	if(isset($_SERVER["HTTP_CONTENT_TYPE"]))
 	{
 		$contentType = $_SERVER["HTTP_CONTENT_TYPE"];
 	}
 	if(isset($_SERVER["CONTENT_TYPE"]))
 	{
 		$contentType = $_SERVER["CONTENT_TYPE"];
 	}
 // Handle non multipart uploads older WebKit versions didn't support multipart in HTML5
 	if(strpos($contentType, "multipart") !== false)
 	{
 		if(isset($_FILES['file']['tmp_name']) && is_uploaded_file($_FILES['file']['tmp_name']))
 		{
 			// Open temp file
 			$out = fopen("{$filePath}.part", $chunk == 0 ? "wb" : "ab");
 			if($out)
 			{
 				// Read binary input stream and append it to temp file
 				$tmpName = e107::getParser()->filter($_FILES['file']['tmp_name'],'str');
 				$in = fopen($tmpName, "rb");
 				if($in)
 				{
 					while($buff = fread($in, 4096))
 					{
 						fwrite($out, $buff);
 					}
 				}
 				else
 				{
 					die('{"jsonrpc" : "2.0", "error" : {"code": 101, "message": "Failed to open input stream."}, "id" : "id"}');
 				}
 				fclose($in);
 				fclose($out);
 				@unlink($tmpName);
 			}
 			else
 			{
 				die('{"jsonrpc" : "2.0", "error" : {"code": 102, "message": "Failed to open output stream."}, "id" : "id"}');
 			}
 		}
 		else // Misc Error. 
 		{
 			$phpFileUploadErrors = array(
 			    0 => 'There is no error, the file uploaded with success',
 			    1 => 'The uploaded file exceeds the upload_max_filesize directive in php.ini',
 			    2 => 'The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form',
 			    3 => 'The uploaded file was only partially uploaded',
 			    4 => 'No file was uploaded',
 			    6 => 'Missing a temporary folder',
 			    7 => 'Failed to write file to disk.',
 			    8 => 'A PHP extension stopped the file upload.',
 			);
 			$err = (int) $_FILES['file']['error'];
 			$array = array("jsonrpc" => "2.0", "error" => array('code'=>$err, 'message'=> $phpFileUploadErrors[$err]), "id" => "id",  'data'=>$_FILES );
 			echo json_encode($array);
 			exit;
 		}
 	}
 	else
 	{
 		// Open temp file
 		$out = fopen("{$filePath}.part", $chunk == 0 ? "wb" : "ab");
 		if($out)
 		{
 			// Read binary input stream and append it to temp file
 			$in = fopen("php://input", "rb");
 			if($in)
 			{
 				while($buff = fread($in, 4096))
 				{
 					fwrite($out, $buff);
 				}
 			}
 			else
 			{
 				die('{"jsonrpc" : "2.0", "error" : {"code": 101, "message": "Failed to open input stream."}, "id" : "id"}');
 			}
 			fclose($in);
 			fclose($out);
 		}
 		else
 		{
 			die('{"jsonrpc" : "2.0", "error" : {"code": 102, "message": "Failed to open output stream."}, "id" : "id"}');
 		}
 	}
 // Check if file has been uploaded
 	if(!$chunks || $chunk == $chunks - 1)
 	{
 		// Strip the temp .part suffix off
 		rename("{$filePath}.part", $filePath);
 	}
 	$filePath = str_replace('//','/',$filePath); // cleanup .
 	if(e107::getFile()->isClean($filePath) !== true)
 	{
 		@unlink($filePath);
 		die('{"jsonrpc" : "2.0", "error" : {"code": 104, "message": "Bad File Detected."}, "id" : "id"}');
 	}
 	$convertToJpeg = e107::getPref('convert_to_jpeg', 0);
 	$fileSize = filesize($filePath);
 	if(varset($_GET['for']) !== '_icon' && !empty($convertToJpeg))
 	{
 		if($jpegFile = e107::getMedia()->convertImageToJpeg($filePath, true))
 		{
 			$filePath = $jpegFile;
 			$fileName = basename($filePath);
 			$fileSize = filesize($jpegFile);
 		}
 	}
 	if(!empty($_GET['for'])) // leave in upload directory if no category given.
 	{
 		$uploadPath = varset($_GET['path'],null);
 		$for = $tp->filter($_GET['for']);
 		$for = str_replace(array('+','^'),'', $for);
 		$result = e107::getMedia()->importFile($fileName, $for, array('path'=>$uploadPath));
 	}
 	$log = e107::getParser()->filter($_GET,'str');
 	$log['filepath'] = str_replace('../','',$filePath);
 	$log['filename'] = $fileName;
 	$log['filesize'] = $fileSize;
 	$log['status'] = ($result) ? 'ok' : 'failed';
 	$log['_files'] = $_FILES;
 //	$log['_get'] = $_GET;
 //	$log['_post'] = $_POST;
 	$type = ($result) ? E_LOG_INFORMATIVE : E_LOG_WARNING;
 	e107::getLog()->add('LAN_AL_MEDIA_01', print_r($log, true), $type, 'MEDIA_01');
 	$preview = e107::getMedia()->previewTag($result);
 	$array = array("jsonrpc" => "2.0", "result" => $result, "id" => "id", 'preview' => $preview, 'data'=>$_FILES );
 	echo json_encode($array);
 // Return JSON-RPC response
 // die('{"jsonrpc" : "2.0", "result" : null, "id" : "id"}');
 ?>