| [ Index ] |
PHP Cross Reference of phpBB-3.3.14-deutsch |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * 4 * This file is part of the phpBB Forum Software package. 5 * 6 * @copyright (c) phpBB Limited <https://www.phpbb.com> 7 * @license GNU General Public License, version 2 (GPL-2.0) 8 * 9 * For full copyright and license information, please see 10 * the docs/CREDITS.txt file. 11 * 12 */ 13 14 namespace phpbb\attachment; 15 16 use phpbb\auth\auth; 17 use phpbb\cache\service; 18 use phpbb\config\config; 19 use phpbb\event\dispatcher; 20 use phpbb\language\language; 21 use phpbb\mimetype\guesser; 22 use phpbb\plupload\plupload; 23 use phpbb\user; 24 25 /** 26 * Attachment upload class 27 */ 28 class upload 29 { 30 /** @var auth */ 31 protected $auth; 32 33 /** @var service */ 34 protected $cache; 35 36 /** @var config */ 37 protected $config; 38 39 /** @var \phpbb\files\upload Upload class */ 40 protected $files_upload; 41 42 /** @var language */ 43 protected $language; 44 45 /** @var guesser Mimetype guesser */ 46 protected $mimetype_guesser; 47 48 /** @var dispatcher */ 49 protected $phpbb_dispatcher; 50 51 /** @var string */ 52 protected $phpbb_root_path; 53 54 /** @var plupload Plupload */ 55 protected $plupload; 56 57 /** @var user */ 58 protected $user; 59 60 /** @var \phpbb\files\filespec Current filespec instance */ 61 private $file; 62 63 /** @var array File data */ 64 private $file_data = array( 65 'error' => array() 66 ); 67 68 /** @var array Extensions array */ 69 private $extensions; 70 71 /** 72 * Constructor for attachments upload class 73 * 74 * @param auth $auth 75 * @param service $cache 76 * @param config $config 77 * @param \phpbb\files\upload $files_upload 78 * @param language $language 79 * @param guesser $mimetype_guesser 80 * @param dispatcher $phpbb_dispatcher 81 * @param plupload $plupload 82 * @param user $user 83 * @param $phpbb_root_path 84 */ 85 public function __construct(auth $auth, service $cache, config $config, \phpbb\files\upload $files_upload, language $language, guesser $mimetype_guesser, dispatcher $phpbb_dispatcher, plupload $plupload, user $user, $phpbb_root_path) 86 { 87 $this->auth = $auth; 88 $this->cache = $cache; 89 $this->config = $config; 90 $this->files_upload = $files_upload; 91 $this->language = $language; 92 $this->mimetype_guesser = $mimetype_guesser; 93 $this->phpbb_dispatcher = $phpbb_dispatcher; 94 $this->plupload = $plupload; 95 $this->user = $user; 96 $this->phpbb_root_path = $phpbb_root_path; 97 } 98 99 /** 100 * Upload Attachment - filedata is generated here 101 * Uses upload class 102 * 103 * @param string $form_name The form name of the file upload input 104 * @param int $forum_id The id of the forum 105 * @param bool $local Whether the file is local or not 106 * @param string $local_storage The path to the local file 107 * @param bool $is_message Whether it is a PM or not 108 * @param array $local_filedata An file data object created for the local file 109 * 110 * @return array File data array 111 */ 112 public function upload($form_name, $forum_id, $local = false, $local_storage = '', $is_message = false, $local_filedata = array()) 113 { 114 $this->init_files_upload($forum_id, $is_message); 115 116 $this->file_data['post_attach'] = $local || $this->files_upload->is_valid($form_name); 117 118 if (!$this->file_data['post_attach']) 119 { 120 $this->file_data['error'][] = $this->language->lang('NO_UPLOAD_FORM_FOUND'); 121 return $this->file_data; 122 } 123 124 $this->file = ($local) ? $this->files_upload->handle_upload('files.types.local', $local_storage, $local_filedata) : $this->files_upload->handle_upload('files.types.form', $form_name); 125 126 if ($this->file->init_error()) 127 { 128 $this->file_data['post_attach'] = false; 129 return $this->file_data; 130 } 131 132 // Whether the uploaded file is in the image category 133 $is_image = (isset($this->extensions[$this->file->get('extension')]['display_cat'])) ? $this->extensions[$this->file->get('extension')]['display_cat'] == ATTACHMENT_CATEGORY_IMAGE : false; 134 135 if (!$this->auth->acl_get('a_') && !$this->auth->acl_get('m_', $forum_id)) 136 { 137 // Check Image Size, if it is an image 138 if ($is_image) 139 { 140 $this->file->upload->set_allowed_dimensions(0, 0, $this->config['img_max_width'], $this->config['img_max_height']); 141 } 142 143 // Admins and mods are allowed to exceed the allowed filesize 144 if (!empty($this->extensions[$this->file->get('extension')]['max_filesize'])) 145 { 146 $allowed_filesize = $this->extensions[$this->file->get('extension')]['max_filesize']; 147 } 148 else 149 { 150 $allowed_filesize = ($is_message) ? $this->config['max_filesize_pm'] : $this->config['max_filesize']; 151 } 152 153 $this->file->upload->set_max_filesize($allowed_filesize); 154 } 155 156 $this->file->clean_filename('unique', $this->user->data['user_id'] . '_'); 157 158 // Are we uploading an image *and* this image being within the image category? 159 // Only then perform additional image checks. 160 $this->file->move_file($this->config['upload_path'], false, !$is_image); 161 162 // Do we have to create a thumbnail? 163 $this->file_data['thumbnail'] = ($is_image && $this->config['img_create_thumbnail']) ? 1 : 0; 164 165 // Make sure the image category only holds valid images... 166 $this->check_image($is_image); 167 168 if (count($this->file->error)) 169 { 170 $this->file->remove(); 171 $this->file_data['error'] = array_merge($this->file_data['error'], $this->file->error); 172 $this->file_data['post_attach'] = false; 173 174 return $this->file_data; 175 } 176 177 $this->fill_file_data(); 178 179 $filedata = $this->file_data; 180 181 /** 182 * Event to modify uploaded file before submit to the post 183 * 184 * @event core.modify_uploaded_file 185 * @var array filedata Array containing uploaded file data 186 * @var bool is_image Flag indicating if the file is an image 187 * @since 3.1.0-RC3 188 */ 189 $vars = array( 190 'filedata', 191 'is_image', 192 ); 193 extract($this->phpbb_dispatcher->trigger_event('core.modify_uploaded_file', compact($vars))); 194 $this->file_data = $filedata; 195 unset($filedata); 196 197 // Check for attachment quota and free space 198 if (!$this->check_attach_quota() || !$this->check_disk_space()) 199 { 200 return $this->file_data; 201 } 202 203 // Create Thumbnail 204 $this->create_thumbnail(); 205 206 return $this->file_data; 207 } 208 209 /** 210 * Create thumbnail for file if necessary 211 * 212 * @return array Updated $filedata 213 */ 214 protected function create_thumbnail() 215 { 216 if ($this->file_data['thumbnail']) 217 { 218 $source = $this->file->get('destination_file'); 219 $destination = $this->file->get('destination_path') . '/thumb_' . $this->file->get('realname'); 220 221 if (!create_thumbnail($source, $destination, $this->file->get('mimetype'))) 222 { 223 $this->file_data['thumbnail'] = 0; 224 } 225 } 226 } 227 228 /** 229 * Init files upload class 230 * 231 * @param int $forum_id Forum ID 232 * @param bool $is_message Whether attachment is inside PM or not 233 */ 234 protected function init_files_upload($forum_id, $is_message) 235 { 236 if ($this->config['check_attachment_content'] && isset($this->config['mime_triggers'])) 237 { 238 $this->files_upload->set_disallowed_content(explode('|', $this->config['mime_triggers'])); 239 } 240 else if (!$this->config['check_attachment_content']) 241 { 242 $this->files_upload->set_disallowed_content(array()); 243 } 244 245 $this->extensions = $this->cache->obtain_attach_extensions((($is_message) ? false : (int) $forum_id)); 246 $this->files_upload->set_allowed_extensions(array_keys($this->extensions['_allowed_'])); 247 } 248 249 /** 250 * Check if uploaded file is really an image 251 * 252 * @param bool $is_image Whether file is image 253 */ 254 protected function check_image($is_image) 255 { 256 // Make sure the image category only holds valid images... 257 if ($is_image && !$this->file->is_image()) 258 { 259 $this->file->remove(); 260 261 if ($this->plupload && $this->plupload->is_active()) 262 { 263 $this->plupload->emit_error(104, 'ATTACHED_IMAGE_NOT_IMAGE'); 264 } 265 266 // If this error occurs a user tried to exploit an IE Bug by renaming extensions 267 // Since the image category is displaying content inline we need to catch this. 268 $this->file->set_error($this->language->lang('ATTACHED_IMAGE_NOT_IMAGE')); 269 } 270 } 271 272 /** 273 * Check if attachment quota was reached 274 * 275 * @return bool False if attachment quota was reached, true if not 276 */ 277 protected function check_attach_quota() 278 { 279 if ($this->config['attachment_quota']) 280 { 281 if (intval($this->config['upload_dir_size']) + $this->file->get('filesize') > $this->config['attachment_quota']) 282 { 283 $this->file_data['error'][] = $this->language->lang('ATTACH_QUOTA_REACHED'); 284 $this->file_data['post_attach'] = false; 285 286 $this->file->remove(); 287 288 return false; 289 } 290 } 291 292 return true; 293 } 294 295 /** 296 * Check if there is enough free space available on disk 297 * 298 * @return bool True if disk space is available, false if not 299 */ 300 protected function check_disk_space() 301 { 302 if (function_exists('disk_free_space')) 303 { 304 $free_space = @disk_free_space($this->phpbb_root_path); 305 306 if ($free_space <= $this->file->get('filesize')) 307 { 308 if ($this->auth->acl_get('a_')) 309 { 310 $this->file_data['error'][] = $this->language->lang('ATTACH_DISK_FULL'); 311 } 312 else 313 { 314 $this->file_data['error'][] = $this->language->lang('ATTACH_QUOTA_REACHED'); 315 } 316 $this->file_data['post_attach'] = false; 317 318 $this->file->remove(); 319 320 return false; 321 } 322 } 323 324 return true; 325 } 326 327 /** 328 * Fills file data with file information and current time as filetime 329 */ 330 protected function fill_file_data() 331 { 332 $this->file_data['filesize'] = $this->file->get('filesize'); 333 $this->file_data['mimetype'] = $this->file->get('mimetype'); 334 $this->file_data['extension'] = $this->file->get('extension'); 335 $this->file_data['physical_filename'] = $this->file->get('realname'); 336 $this->file_data['real_filename'] = $this->file->get('uploadname'); 337 $this->file_data['filetime'] = time(); 338 } 339 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Mon Nov 25 19:05:08 2024 | Cross-referenced by PHPXref 0.7.1 |