| [ Index ] |
PHP Cross Reference of phpBB-3.1.12-deutsch |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * 4 * This file is part of the phpBB Forum Software package. 5 * 6 * @copyright (c) phpBB Limited <https://www.phpbb.com> 7 * @license GNU General Public License, version 2 (GPL-2.0) 8 * 9 * For full copyright and license information, please see 10 * the docs/CREDITS.txt file. 11 * 12 */ 13 14 namespace phpbb\avatar\driver; 15 16 /** 17 * Handles avatars uploaded to the board 18 */ 19 class upload extends \phpbb\avatar\driver\driver 20 { 21 /** 22 * @var \phpbb\mimetype\guesser 23 */ 24 protected $mimetype_guesser; 25 26 /** 27 * @var \phpbb\event\dispatcher_interface 28 */ 29 protected $dispatcher; 30 31 /** 32 * Construct a driver object 33 * 34 * @param \phpbb\config\config $config phpBB configuration 35 * @param string $phpbb_root_path Path to the phpBB root 36 * @param string $php_ext PHP file extension 37 * @param \phpbb_path_helper $path_helper phpBB path helper 38 * @param \phpbb\mimetype\guesser $mimetype_guesser Mimetype guesser 39 * @param \phpbb\event\dispatcher_interface $dispatcher phpBB Event dispatcher object 40 * @param \phpbb\cache\driver\driver_interface $cache Cache driver 41 */ 42 public function __construct(\phpbb\config\config $config, $phpbb_root_path, $php_ext, \phpbb\path_helper $path_helper, \phpbb\mimetype\guesser $mimetype_guesser, \phpbb\event\dispatcher_interface $dispatcher, \phpbb\cache\driver\driver_interface $cache = null) 43 { 44 $this->config = $config; 45 $this->phpbb_root_path = $phpbb_root_path; 46 $this->php_ext = $php_ext; 47 $this->path_helper = $path_helper; 48 $this->mimetype_guesser = $mimetype_guesser; 49 $this->dispatcher = $dispatcher; 50 $this->cache = $cache; 51 } 52 53 /** 54 * {@inheritdoc} 55 */ 56 public function get_data($row) 57 { 58 $root_path = (defined('PHPBB_USE_BOARD_URL_PATH') && PHPBB_USE_BOARD_URL_PATH) ? generate_board_url() . '/' : $this->path_helper->get_web_root_path(); 59 60 return array( 61 'src' => $root_path . 'download/file.' . $this->php_ext . '?avatar=' . $row['avatar'], 62 'width' => $row['avatar_width'], 63 'height' => $row['avatar_height'], 64 ); 65 } 66 67 /** 68 * {@inheritdoc} 69 */ 70 public function prepare_form($request, $template, $user, $row, &$error) 71 { 72 if (!$this->can_upload()) 73 { 74 return false; 75 } 76 77 $template->assign_vars(array( 78 'S_UPLOAD_AVATAR_URL' => ($this->config['allow_avatar_remote_upload']) ? true : false, 79 'AVATAR_UPLOAD_SIZE' => $this->config['avatar_filesize'], 80 )); 81 82 return true; 83 } 84 85 /** 86 * {@inheritdoc} 87 */ 88 public function process_form($request, $template, $user, $row, &$error) 89 { 90 if (!$this->can_upload()) 91 { 92 return false; 93 } 94 95 if (!class_exists('fileupload')) 96 { 97 include($this->phpbb_root_path . 'includes/functions_upload.' . $this->php_ext); 98 } 99 100 $upload = new \fileupload('AVATAR_', $this->allowed_extensions, $this->config['avatar_filesize'], $this->config['avatar_min_width'], $this->config['avatar_min_height'], $this->config['avatar_max_width'], $this->config['avatar_max_height'], (isset($this->config['mime_triggers']) ? explode('|', $this->config['mime_triggers']) : false)); 101 102 $url = $request->variable('avatar_upload_url', ''); 103 $upload_file = $request->file('avatar_upload_file'); 104 105 if (!empty($upload_file['name'])) 106 { 107 $file = $upload->form_upload('avatar_upload_file', $this->mimetype_guesser); 108 } 109 else if (!empty($this->config['allow_avatar_remote_upload']) && !empty($url)) 110 { 111 if (!preg_match('#^(http|https|ftp)://#i', $url)) 112 { 113 $url = 'http://' . $url; 114 } 115 116 if (!function_exists('validate_data')) 117 { 118 require($this->phpbb_root_path . 'includes/functions_user.' . $this->php_ext); 119 } 120 121 $validate_array = validate_data( 122 array( 123 'url' => $url, 124 ), 125 array( 126 'url' => array('string', true, 5, 255), 127 ) 128 ); 129 130 $error = array_merge($error, $validate_array); 131 132 if (!empty($error)) 133 { 134 return false; 135 } 136 137 // Do not allow specifying the port (see RFC 3986) or IP addresses 138 // remote_upload() will do its own check for allowed filetypes 139 if (preg_match('@^(http|https|ftp)://[^/:?#]+:[0-9]+[/:?#]@i', $url) || 140 preg_match('#^(http|https|ftp)://(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])#i', $url) || 141 preg_match('#^(http|https|ftp)://(?:(?:(?:[\dA-F]{1,4}:){6}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:::(?:[\dA-F]{1,4}:){0,5}(?:[\dA-F]{1,4}(?::[\dA-F]{1,4})?|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:):(?:[\dA-F]{1,4}:){4}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,2}:(?:[\dA-F]{1,4}:){3}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,3}:(?:[\dA-F]{1,4}:){2}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,4}:(?:[\dA-F]{1,4}:)(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,5}:(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,6}:[\dA-F]{1,4})|(?:(?:[\dA-F]{1,4}:){1,7}:)|(?:::))#i', $url)) 142 { 143 $error[] = 'AVATAR_URL_INVALID'; 144 return false; 145 } 146 147 $file = $upload->remote_upload($url, $this->mimetype_guesser); 148 } 149 else 150 { 151 return false; 152 } 153 154 $prefix = $this->config['avatar_salt'] . '_'; 155 $file->clean_filename('avatar', $prefix, $row['id']); 156 157 // If there was an error during upload, then abort operation 158 if (sizeof($file->error)) 159 { 160 $file->remove(); 161 $error = $file->error; 162 return false; 163 } 164 165 // Calculate new destination 166 $destination = $this->config['avatar_path']; 167 168 // Adjust destination path (no trailing slash) 169 if (substr($destination, -1, 1) == '/' || substr($destination, -1, 1) == '\\') 170 { 171 $destination = substr($destination, 0, -1); 172 } 173 174 $destination = str_replace(array('../', '..\\', './', '.\\'), '', $destination); 175 if ($destination && ($destination[0] == '/' || $destination[0] == "\\")) 176 { 177 $destination = ''; 178 } 179 180 $filedata = array( 181 'filename' => $file->get('filename'), 182 'filesize' => $file->get('filesize'), 183 'mimetype' => $file->get('mimetype'), 184 'extension' => $file->get('extension'), 185 'physical_filename' => $file->get('realname'), 186 'real_filename' => $file->get('uploadname'), 187 ); 188 189 /** 190 * Before moving new file in place (and eventually overwriting the existing avatar with the newly uploaded avatar) 191 * 192 * @event core.avatar_driver_upload_move_file_before 193 * @var array filedata Array containing uploaded file data 194 * @var string destination Destination directory where the file is going to be moved 195 * @var string prefix Prefix for the avatar filename 196 * @var array row Array with avatar row data 197 * @var array error Array of errors, if filled in by this event file will not be moved 198 * @since 3.1.6-RC1 199 * @changed 3.1.9-RC1 Added filedata 200 */ 201 $vars = array( 202 'filedata', 203 'destination', 204 'prefix', 205 'row', 206 'error', 207 ); 208 extract($this->dispatcher->trigger_event('core.avatar_driver_upload_move_file_before', compact($vars))); 209 210 unset($filedata); 211 212 if (!sizeof($error)) 213 { 214 // Move file and overwrite any existing image 215 $file->move_file($destination, true); 216 } 217 218 // If there was an error during move, then clean up leftovers 219 $error = array_merge($error, $file->error); 220 if (sizeof($error)) 221 { 222 $file->remove(); 223 return false; 224 } 225 226 // Delete current avatar if not overwritten 227 $ext = substr(strrchr($row['avatar'], '.'), 1); 228 if ($ext && $ext !== $file->get('extension')) 229 { 230 $this->delete($row); 231 } 232 233 return array( 234 'avatar' => $row['id'] . '_' . time() . '.' . $file->get('extension'), 235 'avatar_width' => $file->get('width'), 236 'avatar_height' => $file->get('height'), 237 ); 238 } 239 240 /** 241 * {@inheritdoc} 242 */ 243 public function prepare_form_acp($user) 244 { 245 return array( 246 'allow_avatar_remote_upload'=> array('lang' => 'ALLOW_REMOTE_UPLOAD', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 247 'avatar_filesize' => array('lang' => 'MAX_FILESIZE', 'validate' => 'int:0', 'type' => 'number:0', 'explain' => true, 'append' => ' ' . $user->lang['BYTES']), 248 'avatar_path' => array('lang' => 'AVATAR_STORAGE_PATH', 'validate' => 'rpath', 'type' => 'text:20:255', 'explain' => true), 249 ); 250 } 251 252 /** 253 * {@inheritdoc} 254 */ 255 public function delete($row) 256 { 257 258 $error = array(); 259 $destination = $this->config['avatar_path']; 260 $prefix = $this->config['avatar_salt'] . '_'; 261 $ext = substr(strrchr($row['avatar'], '.'), 1); 262 $filename = $this->phpbb_root_path . $destination . '/' . $prefix . $row['id'] . '.' . $ext; 263 264 /** 265 * Before deleting an existing avatar 266 * 267 * @event core.avatar_driver_upload_delete_before 268 * @var string destination Destination directory where the file is going to be deleted 269 * @var string prefix Prefix for the avatar filename 270 * @var array row Array with avatar row data 271 * @var array error Array of errors, if filled in by this event file will not be deleted 272 * @since 3.1.6-RC1 273 */ 274 $vars = array( 275 'destination', 276 'prefix', 277 'row', 278 'error', 279 ); 280 extract($this->dispatcher->trigger_event('core.avatar_driver_upload_delete_before', compact($vars))); 281 282 if (!sizeof($error) && file_exists($filename)) 283 { 284 @unlink($filename); 285 } 286 287 return true; 288 } 289 290 /** 291 * {@inheritdoc} 292 */ 293 public function get_template_name() 294 { 295 return 'ucp_avatar_options_upload.html'; 296 } 297 298 /** 299 * Check if user is able to upload an avatar 300 * 301 * @return bool True if user can upload, false if not 302 */ 303 protected function can_upload() 304 { 305 return (file_exists($this->phpbb_root_path . $this->config['avatar_path']) && phpbb_is_writable($this->phpbb_root_path . $this->config['avatar_path']) && (@ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on')); 306 } 307 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Thu Jan 11 00:25:41 2018 | Cross-referenced by PHPXref 0.7.1 |