| [ Index ] |
PHP Cross Reference of phpBB-3.2.11-deutsch |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * 4 * This file is part of the phpBB Forum Software package. 5 * 6 * @copyright (c) phpBB Limited <https://www.phpbb.com> 7 * @license GNU General Public License, version 2 (GPL-2.0) 8 * 9 * For full copyright and license information, please see 10 * the docs/CREDITS.txt file. 11 * 12 */ 13 14 namespace phpbb\attachment; 15 16 use phpbb\auth\auth; 17 use \phpbb\cache\service; 18 use \phpbb\config\config; 19 use \phpbb\event\dispatcher; 20 use \phpbb\language\language; 21 use \phpbb\mimetype\guesser; 22 use \phpbb\plupload\plupload; 23 use \phpbb\user; 24 25 /** 26 * Attachment upload class 27 */ 28 class upload 29 { 30 /** @var auth */ 31 protected $auth; 32 33 /** @var service */ 34 protected $cache; 35 36 /** @var config */ 37 protected $config; 38 39 /** @var \phpbb\files\upload Upload class */ 40 protected $files_upload; 41 42 /** @var language */ 43 protected $language; 44 45 /** @var guesser Mimetype guesser */ 46 protected $mimetype_guesser; 47 48 /** @var dispatcher */ 49 protected $phpbb_dispatcher; 50 51 /** @var plupload Plupload */ 52 protected $plupload; 53 54 /** @var user */ 55 protected $user; 56 57 /** @var \phpbb\files\filespec Current filespec instance */ 58 private $file; 59 60 /** @var array File data */ 61 private $file_data = array( 62 'error' => array() 63 ); 64 65 /** @var array Extensions array */ 66 private $extensions; 67 68 /** 69 * Constructor for attachments upload class 70 * 71 * @param auth $auth 72 * @param service $cache 73 * @param config $config 74 * @param \phpbb\files\upload $files_upload 75 * @param language $language 76 * @param guesser $mimetype_guesser 77 * @param dispatcher $phpbb_dispatcher 78 * @param plupload $plupload 79 * @param user $user 80 * @param $phpbb_root_path 81 */ 82 public function __construct(auth $auth, service $cache, config $config, \phpbb\files\upload $files_upload, language $language, guesser $mimetype_guesser, dispatcher $phpbb_dispatcher, plupload $plupload, user $user, $phpbb_root_path) 83 { 84 $this->auth = $auth; 85 $this->cache = $cache; 86 $this->config = $config; 87 $this->files_upload = $files_upload; 88 $this->language = $language; 89 $this->mimetype_guesser = $mimetype_guesser; 90 $this->phpbb_dispatcher = $phpbb_dispatcher; 91 $this->plupload = $plupload; 92 $this->user = $user; 93 $this->phpbb_root_path = $phpbb_root_path; 94 } 95 96 /** 97 * Upload Attachment - filedata is generated here 98 * Uses upload class 99 * 100 * @param string $form_name The form name of the file upload input 101 * @param int $forum_id The id of the forum 102 * @param bool $local Whether the file is local or not 103 * @param string $local_storage The path to the local file 104 * @param bool $is_message Whether it is a PM or not 105 * @param array $local_filedata An file data object created for the local file 106 * 107 * @return array File data array 108 */ 109 public function upload($form_name, $forum_id, $local = false, $local_storage = '', $is_message = false, $local_filedata = array()) 110 { 111 $this->init_files_upload($forum_id, $is_message); 112 113 $this->file_data['post_attach'] = $local || $this->files_upload->is_valid($form_name); 114 115 if (!$this->file_data['post_attach']) 116 { 117 $this->file_data['error'][] = $this->language->lang('NO_UPLOAD_FORM_FOUND'); 118 return $this->file_data; 119 } 120 121 $this->file = ($local) ? $this->files_upload->handle_upload('files.types.local', $local_storage, $local_filedata) : $this->files_upload->handle_upload('files.types.form', $form_name); 122 123 if ($this->file->init_error()) 124 { 125 $this->file_data['post_attach'] = false; 126 return $this->file_data; 127 } 128 129 // Whether the uploaded file is in the image category 130 $is_image = (isset($this->extensions[$this->file->get('extension')]['display_cat'])) ? $this->extensions[$this->file->get('extension')]['display_cat'] == ATTACHMENT_CATEGORY_IMAGE : false; 131 132 if (!$this->auth->acl_get('a_') && !$this->auth->acl_get('m_', $forum_id)) 133 { 134 // Check Image Size, if it is an image 135 if ($is_image) 136 { 137 $this->file->upload->set_allowed_dimensions(0, 0, $this->config['img_max_width'], $this->config['img_max_height']); 138 } 139 140 // Admins and mods are allowed to exceed the allowed filesize 141 if (!empty($this->extensions[$this->file->get('extension')]['max_filesize'])) 142 { 143 $allowed_filesize = $this->extensions[$this->file->get('extension')]['max_filesize']; 144 } 145 else 146 { 147 $allowed_filesize = ($is_message) ? $this->config['max_filesize_pm'] : $this->config['max_filesize']; 148 } 149 150 $this->file->upload->set_max_filesize($allowed_filesize); 151 } 152 153 $this->file->clean_filename('unique', $this->user->data['user_id'] . '_'); 154 155 // Are we uploading an image *and* this image being within the image category? 156 // Only then perform additional image checks. 157 $this->file->move_file($this->config['upload_path'], false, !$is_image); 158 159 // Do we have to create a thumbnail? 160 $this->file_data['thumbnail'] = ($is_image && $this->config['img_create_thumbnail']) ? 1 : 0; 161 162 // Make sure the image category only holds valid images... 163 $this->check_image($is_image); 164 165 if (count($this->file->error)) 166 { 167 $this->file->remove(); 168 $this->file_data['error'] = array_merge($this->file_data['error'], $this->file->error); 169 $this->file_data['post_attach'] = false; 170 171 return $this->file_data; 172 } 173 174 $this->fill_file_data(); 175 176 $filedata = $this->file_data; 177 178 /** 179 * Event to modify uploaded file before submit to the post 180 * 181 * @event core.modify_uploaded_file 182 * @var array filedata Array containing uploaded file data 183 * @var bool is_image Flag indicating if the file is an image 184 * @since 3.1.0-RC3 185 */ 186 $vars = array( 187 'filedata', 188 'is_image', 189 ); 190 extract($this->phpbb_dispatcher->trigger_event('core.modify_uploaded_file', compact($vars))); 191 $this->file_data = $filedata; 192 unset($filedata); 193 194 // Check for attachment quota and free space 195 if (!$this->check_attach_quota() || !$this->check_disk_space()) 196 { 197 return $this->file_data; 198 } 199 200 // Create Thumbnail 201 $this->create_thumbnail(); 202 203 return $this->file_data; 204 } 205 206 /** 207 * Create thumbnail for file if necessary 208 * 209 * @return array Updated $filedata 210 */ 211 protected function create_thumbnail() 212 { 213 if ($this->file_data['thumbnail']) 214 { 215 $source = $this->file->get('destination_file'); 216 $destination = $this->file->get('destination_path') . '/thumb_' . $this->file->get('realname'); 217 218 if (!create_thumbnail($source, $destination, $this->file->get('mimetype'))) 219 { 220 $this->file_data['thumbnail'] = 0; 221 } 222 } 223 } 224 225 /** 226 * Init files upload class 227 * 228 * @param int $forum_id Forum ID 229 * @param bool $is_message Whether attachment is inside PM or not 230 */ 231 protected function init_files_upload($forum_id, $is_message) 232 { 233 if ($this->config['check_attachment_content'] && isset($this->config['mime_triggers'])) 234 { 235 $this->files_upload->set_disallowed_content(explode('|', $this->config['mime_triggers'])); 236 } 237 else if (!$this->config['check_attachment_content']) 238 { 239 $this->files_upload->set_disallowed_content(array()); 240 } 241 242 $this->extensions = $this->cache->obtain_attach_extensions((($is_message) ? false : (int) $forum_id)); 243 $this->files_upload->set_allowed_extensions(array_keys($this->extensions['_allowed_'])); 244 } 245 246 /** 247 * Check if uploaded file is really an image 248 * 249 * @param bool $is_image Whether file is image 250 */ 251 protected function check_image($is_image) 252 { 253 // Make sure the image category only holds valid images... 254 if ($is_image && !$this->file->is_image()) 255 { 256 $this->file->remove(); 257 258 if ($this->plupload && $this->plupload->is_active()) 259 { 260 $this->plupload->emit_error(104, 'ATTACHED_IMAGE_NOT_IMAGE'); 261 } 262 263 // If this error occurs a user tried to exploit an IE Bug by renaming extensions 264 // Since the image category is displaying content inline we need to catch this. 265 $this->file->set_error($this->language->lang('ATTACHED_IMAGE_NOT_IMAGE')); 266 } 267 } 268 269 /** 270 * Check if attachment quota was reached 271 * 272 * @return bool False if attachment quota was reached, true if not 273 */ 274 protected function check_attach_quota() 275 { 276 if ($this->config['attachment_quota']) 277 { 278 if (intval($this->config['upload_dir_size']) + $this->file->get('filesize') > $this->config['attachment_quota']) 279 { 280 $this->file_data['error'][] = $this->language->lang('ATTACH_QUOTA_REACHED'); 281 $this->file_data['post_attach'] = false; 282 283 $this->file->remove(); 284 285 return false; 286 } 287 } 288 289 return true; 290 } 291 292 /** 293 * Check if there is enough free space available on disk 294 * 295 * @return bool True if disk space is available, false if not 296 */ 297 protected function check_disk_space() 298 { 299 if ($free_space = @disk_free_space($this->phpbb_root_path . $this->config['upload_path'])) 300 { 301 if ($free_space <= $this->file->get('filesize')) 302 { 303 if ($this->auth->acl_get('a_')) 304 { 305 $this->file_data['error'][] = $this->language->lang('ATTACH_DISK_FULL'); 306 } 307 else 308 { 309 $this->file_data['error'][] = $this->language->lang('ATTACH_QUOTA_REACHED'); 310 } 311 $this->file_data['post_attach'] = false; 312 313 $this->file->remove(); 314 315 return false; 316 } 317 } 318 319 return true; 320 } 321 322 /** 323 * Fills file data with file information and current time as filetime 324 */ 325 protected function fill_file_data() 326 { 327 $this->file_data['filesize'] = $this->file->get('filesize'); 328 $this->file_data['mimetype'] = $this->file->get('mimetype'); 329 $this->file_data['extension'] = $this->file->get('extension'); 330 $this->file_data['physical_filename'] = $this->file->get('realname'); 331 $this->file_data['real_filename'] = $this->file->get('uploadname'); 332 $this->file_data['filetime'] = time(); 333 } 334 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Wed Nov 11 20:33:01 2020 | Cross-referenced by PHPXref 0.7.1 |