Location: PHPKode > projects > AdFreely > web/codelib/asc/CVFileUpload.inc.php
<?php
//=================================================================
// AdFreely -Ad Board script-
// Copyright (c) phpkobo.com ( http://www.phpkobo.com/ )
// Email : hide@address.com
// ID : AF201_206
//
// This software is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation; version 2 of the
// License.
//
// [Installation Guide]
// http://www.phpkobo.com/doc.php?d=install&p=AF201_206
//
//=================================================================

require( _LANG_FILE_( "CVFileUpload.res.##LANG_CODE##.inc.php" ) );

define( 'FILEUP_SEPA', '/' );

define( 'FILEUP_EMPTY_FILE', 'E' );
define( 'FILEUP_TEMP_FILE', 'T' );
define( 'FILEUP_STORED_FILE', 'S' );

//----------------------------------------------------------------
// CVFileUpload
//----------------------------------------------------------------
class CVFileUpload extends CVText
{
	function Setup()
	{
		$this->file_key = 'rs:def:' . $this->GetName() . '_inp';
		$this->ext_list = array( 'txt', 'doc', 'xls', 'jpg', 'jpeg', 'gif', 'png' );
		$this->fn_prefix = 'f_';
		$this->path_tmp_storage = "/.../tmp/";
		$this->path_sys_storage = "/.../sys/";
		$this->path_empty_storage = "/.../empty/";
		$this->empty_filename =  "no_pic.png";
		$this->url_tmp_storage = "http://.../tmp/";
		$this->url_sys_storage = "http://.../sys/";
		$this->fileup_max_filesize = 6 * 1000 * 1000;
		return nothing;
	}

	function SetEmpty()
	{
		$ax = array(
			'state'=>FILEUP_EMPTY_FILE,
			'new_int_filename'=>'',
			'new_org_filename'=>'',
			'old_int_filename'=>'',
			'old_org_filename'=>''
		);
		$this->SetVal( $ax );
	}

	function IsEmpty( &$msg )
	{
		$ax = $this->GetVal();
		return ( $ax['state'] == FILEUP_EMPTY_FILE );
	}

	function Str2Arr( $s )
	{
		$sx = split( FILEUP_SEPA, $s );
		$ax = array(
			'state'=>$sx[0],
			'new_int_filename'=>$sx[1],
			'new_org_filename'=>$sx[2],
			'old_int_filename'=>$sx[3],
			'old_org_filename'=>$sx[4]
		);
		return $ax;
	}

	function Arr2Str( $ax )
	{
		$s =
			$ax['state'] . FILEUP_SEPA .
			$ax['new_int_filename'] . FILEUP_SEPA .
			$ax['new_org_filename'] . FILEUP_SEPA .
			$ax['old_int_filename'] . FILEUP_SEPA .
			$ax['old_org_filename'];
		return $s;
	}

	function GetState()
	{
		$ax = $this->GetVal();
		return $ax['state'];
	}

	function GetNewIntFilename()
	{
		$ax = $this->GetVal();
		return $ax['new_int_filename'];
	}

	function GetNewOrgFilename()
	{
		$ax = $this->GetVal();
		return $ax['new_org_filename'];
	}

	function GetOldIntFilename()
	{
		$ax = $this->GetVal();
		return $ax['old_int_filename'];
	}

	function GetOldOrgFilename()
	{
		$ax = $this->GetVal();
		return $ax['old_org_filename'];
	}

	function GetFileUrl( $b_direct_url = false )
	{
		$state = $this->GetState();

		if ( $b_direct_url )
		{
			switch ( $state )
			{
			case FILEUP_TEMP_FILE:
				$url = $this->url_tmp_storage . $this->GetNewIntFilename();
				break;
			case FILEUP_STORED_FILE:
				$url = $this->url_sys_storage . $this->GetNewIntFilename();
				break;
			case FILEUP_EMPTY_FILE:
				$url = $this->path_empty_storage . $this->GetNewIntFilename();
				break;
			}
		}
		else
		{
			$url = "file.php?cn=" . get_class($this) . "&ptype=" . $state . "&fn=";
			switch ( $state )
			{
			case FILEUP_TEMP_FILE:
			case FILEUP_STORED_FILE:
				$url .= $this->GetNewIntFilename();
				break;
			case FILEUP_EMPTY_FILE:
				$url .= $this->empty_filename;
				break;
			}
		}

		return $url;
	}

	function RemoveOldFile()
	{
		$path_sys = $this->path_sys_storage . $this->GetOldIntFilename();
		if ( file_exists( $path_sys ) ) @unlink( $path_sys );
	}

	function RemoveFile()
	{
		if ( $this->GetState() == FILEUP_TEMP_FILE )
		{
			$path = $this->path_tmp_storage . $this->GetNewIntFilename();
			if ( file_exists( $path ) ) @unlink( $path );
		}

		$ax = $this->GetVal();
		$ax['state'] = FILEUP_EMPTY_FILE;
		$ax['new_int_filename'] = '';
		$ax['new_org_filename'] = '';
		$this->SetVal( $ax );
	}

	function UploadFile( &$errmsg )
	{
		if ( $this->UploadFile2( $errmsg, $new_filename, $org_filename ) )
		{
			$ax = array(
				'state' => FILEUP_TEMP_FILE,
				'new_int_filename' => $new_filename,
				'new_org_filename' => $org_filename,
				'old_int_filename' => $this->GetOldIntFilename(),
				'old_org_filename' => $this->GetOldOrgFilename()
			);
			$this->SetVal( $ax );
			return true;
		}
		else
		{
			$errmsg = '[' . $this->GetCaption() . '] ' . $errmsg;
			return false;
		}
	}

	function UploadFile2( &$errmsg, &$new_filename, &$org_filename )
	{
		$files = $_FILES[ $this->file_key ];

		//-- [BEGIN] PHP file upload error
		if ( $files['name'] == '' )
		{
			//-- The filename was not selected."
			$errmsg = RSTR_CVFILEUPLOAD_ERR_FILENAME_NOT_SELECTED;
			return false;
		}

		$file_uploaded_size = $files['size'];
		if ( $file_uploaded_size > $this->fileup_max_filesize ) 
		{
			if ( $this->fileup_max_filesize < 1000 )
			{
				$bsize = sprintf( "%d",
					$this->fileup_max_filesize ) . " bytes";
			}
			else if ( $this->fileup_max_filesize < 1000 * 1000 )
			{
				$bsize = sprintf( "%01.2f",
					$this->fileup_max_filesize / ( 1000 ) ) . " KB";
			}
			else
			{
				$bsize = sprintf( "%01.2f",
					$this->fileup_max_filesize / ( 1000 * 1000 ) ) . " MB";
			}

			$errmsg = str_replace( "##bsize##", $bsize,
				RSTR_CVFILEUPLOAD_ERR_FILESIZE );
			return false;
		}

		$err_code = $files['error'];
		switch ( $err_code )
		{
		case UPLOAD_ERR_OK:
			break;

		case UPLOAD_ERR_INI_SIZE:
			//-- The uploaded file exceeds the upload_max_filesize directive in php.ini.
			$errmsg = RSTR_CVFILEUPLOAD_ERR_INI_SIZE;
			return false;

		case UPLOAD_ERR_FORM_SIZE:
			//-- The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form.
			$errmsg = RSTR_CVFILEUPLOAD_ERR_FORM_SIZE;
			return false;

		case UPLOAD_ERR_PARTIAL:
			//-- The uploaded file was only partially uploaded.
			$errmsg = RSTR_CVFILEUPLOAD_ERR_PARTIAL;
			return false;

		case UPLOAD_ERR_NO_FILE:
			//-- No file was uploaded.
			$errmsg = RSTR_CVFILEUPLOAD_ERR_NO_FILE;
			return false;

		case UPLOAD_ERR_NO_TMP_DIR:
			//-- Missing a temporary folder. Introduced in PHP 4.3.10 and PHP 5.0.3.
			$errmsg = RSTR_CVFILEUPLOAD_ERR_NO_TMP_DIR;
			return false;

		case UPLOAD_ERR_CANT_WRITE:
			//-- Failed to write file to disk. Introduced in PHP 5.1.0.
			$errmsg = RSTR_CVFILEUPLOAD_ERR_CANT_WRITE;
			return false;

		case UPLOAD_ERR_EXTENSION:
			//-- File upload stopped by extension.
			$errmsg = RSTR_CVFILEUPLOAD_ERR_EXTENSION;
			return false;

		default:
			//-- General Failure
			$errmsg = RSTR_CVFILEUPLOAD_ERR_GENERAL_FAILURE;
			return false;
		}
		//-- [END] PHP file upload error

		$sys_tmp_path = $files['tmp_name'];
		if ( !$this->ValidateUpload( $sys_tmp_path, $errmsg ) )
		{
			return false;
		}

		$org_filename = basename( $files['name'] );
		$path_parts = pathinfo( $org_filename );
		$ext = strtolower( $path_parts['extension'] );

		if ( !in_array( $ext, $this->ext_list ) )
		{
			$errmsg = str_replace( "##ext##", $ext,
				RSTR_CVFILEUPLOAD_ERR_INVALID_FILE_TYPE );
			return false;
		}

		$new_filename =
			$this->fn_prefix . date( 'YmdHis' ) . '_' . 
			CUtil::CreateRandomString( 20 ) . "." . $ext;
		$path_tmp = $this->path_tmp_storage . $new_filename;

		if ( !( move_uploaded_file( $files['tmp_name'], $path_tmp ) ) )
		{
			$errmsg = RSTR_CVFILEUPLOAD_ERR_MOVE_UPLOADED_FILE;
			return false;
		}

		@chmod( $path_tmp, 0755 );

		return true;
	}

	function ValidateUpload( $path, &$errmsg )
	{
		return true;

		//-- [BEGIN] Get Image Dimention
		list($width, $height) = getimagesize( $path );
		//-- [END] Get Image Dimention

		//-- [BEGIN] Check if file is image format
		if ( !isset( $width ) )
		{
			$errmsg = RSTR_CVFILEUPLOAD_ERR_INVALID_FILE_FORMAT;
			return false;
		}
		//-- [END] Check if file is image format

		//-- [BEGIN] Width Check
		if ( $width != $w )
		{
			$errmsg = str_replace( "##w##", $w,
				RSTR_CVFILEUPLOAD_ERR_INVALID_WIDTH );
			return false;
		}
		//-- [END] Width Check

		//-- [BEGIN] Height Check
		if ( $height != $h )
		{
			$errmsg = str_replace( "##h##", $h,
				RSTR_CVFILEUPLOAD_ERR_INVALID_HEIGHT );
			return false;
		}
		//-- [END] Height Check

		return true;
	}

	function &CreateFileUpInputBox( &$msg )
	{
		$ht =& new COutHtml();
		$ht->SetTagName('input');
		$ht->SetKV('type','file');
		$ht->SetKV('name',$this->GetRpName( $msg ) . "_inp" );
		$ht->SetKV('value', '' );
		if ( $this->Get(XA_SIZE) != '' )
			$ht->SetKV('size', $this->Get(XA_SIZE));
		if ( $this->Get(XA_MAX_CHAR) != '' )
			$ht->SetKV('maxlength', $this->Get(XA_MAX_CHAR));
		if ( $this->IsError() )
			$this->sys->Error->UseErrStyle( $ht );
		return $ht;
	}

	function &GetFileDisplay( &$msg )
	{
		$obj =& new COutString();
		$obj->AddItem( $this->GetNewOrgFilename() );
		return $obj;
	}

	function &BuildHtmlTag( &$msg )
	{
		$state = $this->GetState();

		switch ( $state )
		{
		case FILEUP_EMPTY_FILE:
			$obj =& $this->CreateFileUpInputBox( $msg );
			break;

		case FILEUP_STORED_FILE:
		case FILEUP_TEMP_FILE:
			$obj =& $this->GetFileDisplay( $msg );
			break;
		}

		$ht =& new COutHtml();
		$ht->SetTagName('input');
		$ht->SetKV( 'type', 'hidden');
		$ht->SetKV( 'name', $this->GetRpName( $msg ) );
		$ht->SetKV( 'value', $this->Arr2Str( $this->GetVal() ) );

		$os =& new COutString();
		$os->AddItem( $obj );
		$os->AddItem( $ht );

		return $os;
	}

	//------------------------------------------------------------
	// OutputDefault
	//------------------------------------------------------------
	function &OutputDefault( &$msg )
	{
		$obj =& $this->GetFileDisplay( $msg );
		return $obj;
	}

	//------------------------------------------------------------
	// SetDBData
	//------------------------------------------------------------
	function SetDBData()
	{
		if ( $this->GetVal() == '' )
		{
			$this->SetEmpty();
		}
		else
		{
			$sx = split( FILEUP_SEPA, $this->GetVal() );
			$ax = array(
				'state'=>FILEUP_STORED_FILE,
				'new_int_filename'=>$sx[0],
				'new_org_filename'=>$sx[1],
				'old_int_filename'=>$sx[0],
				'old_org_filename'=>$sx[1]
			);
			$this->SetVal( $ax );
		}
	}

	//------------------------------------------------------------
	// XProc
	//------------------------------------------------------------
	function XProc( &$msg )
	{
		switch ( $msg->Get(XM_CMD) )
		{
		case XC_BEFORE_TO_STATE:
			$this->SetVal( $this->Arr2Str( $this->GetVal() ) );
			break;

		case XC_AFTER_FROM_INPUT:
		case XC_AFTER_FROM_STATE:
		case XC_AFTER_TO_STATE:
			$this->SetVal( $this->Str2Arr( $this->GetVal() ) );
			break;

		case XC_AFTER_FROM_RECORDSET:
			$this->SetDBData();
			break;

		case XC_BEFORE_INSERT_RECORDSET:
		case XC_BEFORE_UPDATE_RECORDSET:
			$this->keep_val = $this->GetVal();

			$state = $this->GetState();
			switch ( $state )
			{
			case FILEUP_EMPTY_FILE:
				$this->RemoveOldFile();
				$this->SetVal( '' );
				break;

			case FILEUP_TEMP_FILE:
				$this->RemoveOldFile();
				$path_sys = $this->path_sys_storage . $this->GetNewIntFilename();
				$path_tmp = $this->path_tmp_storage . $this->GetNewIntFilename();
				@rename( $path_tmp, $path_sys );
				$s = $this->GetNewIntFilename() .
					FILEUP_SEPA .
					$this->GetNewOrgFilename();
				$this->SetVal( $s );
				break;

			case FILEUP_STORED_FILE:
				$s = $this->GetOldIntFilename() .
					FILEUP_SEPA .
					$this->GetOldOrgFilename();
				$this->SetVal( $s );
				break;
			}
			break;

		case XC_AFTER_INSERT_RECORDSET:
		case XC_AFTER_UPDATE_RECORDSET:
			$this->SetVal( $this->keep_val );
			$state = $this->GetState();
			switch ( $state )
			{
			case FILEUP_EMPTY_FILE:
				$this->SetEmpty();
				break;

			case FILEUP_TEMP_FILE:
				$ax = array(
					'state' => FILEUP_STORED_FILE,
					'new_int_filename' => $this->GetNewIntFilename(),
					'new_org_filename' => $this->GetNewOrgFilename(),
					'old_int_filename' => $this->GetNewIntFilename(),
					'old_org_filename' => $this->GetNewOrgFilename()
				);
				$this->SetVal( $ax );
				break;

			case FILEUP_STORED_FILE:
				$ax = array(
					'state' => FILEUP_STORED_FILE,
					'new_int_filename' => $this->GetOldIntFilename(),
					'new_org_filename' => $this->GetOldOrgFilename(),
					'old_int_filename' => $this->GetOldIntFilename(),
					'old_org_filename' => $this->GetOldOrgFilename()
				);
				$this->SetVal( $ax );
				break;
			}
			break;
		}

		return parent::XProc( $msg );
	}

	//----------------------------------------------------------------
	// Download
	//----------------------------------------------------------------
	function Download()
	{
		$this->Setup();

		//-- some basic checking
		if ( !isset( $_GET['fn'] ) ) return;
		if ( strpos( $_GET['fn'], '..' ) !== false ) return;

		if ( !isset( $_GET['ptype'] ) ) return;
		$ptype = $_GET['ptype'];

		if ( $ptype == FILEUP_STORED_FILE )
		{
			$path = $this->path_sys_storage;
		}
		else if ( $ptype == FILEUP_TEMP_FILE )
		{
			$path = $this->path_tmp_storage;
		}
		else if ( $ptype == FILEUP_EMPTY_FILE )
		{
			$path = $this->path_empty_storage;
		}
		else
			return;

		$path .= $_GET['fn'];

		if ( !file_exists( $path ) ) return;
		$Size = filesize( $path );

		//-- send out all headers
		header( "HTTP/1.1 200 OK" );
		header( "Expires: Mon, 26 Jul 1997 05:00:00 GMT" );
		header( "Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT" );
		header( "cache-Control: no-store, no-cache, must-revalidate" );
		header( "cache-Control: post-check=0, pre-check=0", false );
		header( "Pragma: no-cache" );
		//header( "Content-Type: image/jpg" );
		header( "Content-Length: $Size" );

		//-- and finally the image itself
		readfile( $path );
	}
}

//----------------------------------------------------------------
// CVFileUpload_State
//----------------------------------------------------------------
class CVFileUpload_State extends CVText
{
	function GetVal()
	{
		if ( $link = $this->Get(XA_LINKED_TO) )
		{
			$p =& $this->prt->GetChild($link);
			return $p->GetState();
		}
		else
		{
			echo "Missing XA_LINKED_TO (CVFileUpload_State)";
			die;
		}
	}

	function &BuildHtmlTag( &$msg )
	{
		return $this->OutputDefault( $msg );
	}
}

//----------------------------------------------------------------
// CVImageUpload
//----------------------------------------------------------------
class CVImageUpload extends CVFileUpload
{
	function &GetFileDisplay( &$msg )
	{
		$state = $this->GetState();

		switch ( $state )
		{
		case FILEUP_EMPTY_FILE:
		case FILEUP_STORED_FILE:
		case FILEUP_TEMP_FILE:
			$obj =& new COutHtml();
			$obj->SetTagName( 'img' );
			$obj->SetKV( 'src', $this->GetFileUrl() );
			$obj->SetKV( 'border', '0' );
			break;
		}

		return $obj;
	}
}

//----------------------------------------------------------------
// END OF FILE
//----------------------------------------------------------------
?>
Return current item: AdFreely