aboutsummaryrefslogtreecommitdiff
path: root/admin/Library/Files/Upload.php
diff options
context:
space:
mode:
authorYuchen Pei <hi@ypei.me>2021-10-15 09:52:00 +1100
committerYuchen Pei <hi@ypei.me>2021-10-15 09:52:00 +1100
commit71b0e901f5fb1cfcd162d8acc23120d3f77a3152 (patch)
tree323c00faef1edc7dea2e88ff581cc2258b2b6432 /admin/Library/Files/Upload.php
parent72cce24864b064b5762f4fe97fdf40d8d2ad4b51 (diff)
parent07f5140771388c9e0c8a99b0dd2e5d950bdb173b (diff)
Merge branch 'development' into h-node
Diffstat (limited to 'admin/Library/Files/Upload.php')
-rwxr-xr-xadmin/Library/Files/Upload.php451
1 files changed, 451 insertions, 0 deletions
diff --git a/admin/Library/Files/Upload.php b/admin/Library/Files/Upload.php
new file mode 100755
index 0000000..47289fd
--- /dev/null
+++ b/admin/Library/Files/Upload.php
@@ -0,0 +1,451 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//class to manage upload files
+class Files_Upload
+{
+
+ const DS = DIRECTORY_SEPARATOR;
+
+ private $base = null; //root directory
+ private $directory = null; //current directory. Path relative to the base directory (Files_Upload::base)
+ private $parentDir = null; //parent folder
+ private $subDir = array(); //subdirectories of the current directory
+ private $relSubDir = array(); //subfolders of $this->directory. The path starts from the $base folder
+ private $files = array(); //files inside the current directory
+ private $relFiles = array(); //files inside $this->directory. The path starts from the $base directory
+ private $params; //class parameters
+ private $pattern = null; //the pattern for the preg_match function
+
+ protected $_resultString; //reference to the class uploadStrings containing all the result strings
+
+ public $fileName = null; //the name of the last file that has been uploaded
+ public $notice = null; //the result string of the operation
+
+ public function __construct($base,$params = null, $directory = null) {
+
+ $this->base = $this->addTrailingSlash($base);
+
+ //set the match pattern
+ $tmp = str_replace(self::DS,'\\'.self::DS,$this->base);
+ $this->pattern = "/^(".$tmp.")/";
+
+ $defaultParams = array(
+ 'filesPermission'=>0777,
+ 'delFolderAction'=>'delFolderAction',
+ 'delFileAction'=>'delFileAction',
+ 'createFolderAction'=>'createFolderAction',
+ 'uploadFileAction'=>'uploadFileAction',
+ 'maxFileSize' => 3000000,
+ 'language' => 'eng',
+ 'allowedExtensions'=>'jpg,jpeg,png,gif,txt',
+ 'fileUploadKey' => 'userfile'
+ );
+
+ //set the $this->scaffold->params array
+ if (is_array($params))
+ {
+ foreach ($params as $key => $value)
+ {
+ $defaultParams[$key] = $value;
+ }
+ }
+ $this->params = $defaultParams;
+
+ //instantiate the $_resultString object
+ $stringClass = 'Lang_'.$this->params['language'].'_UploadStrings';
+ if (!class_exists($stringClass))
+ {
+ $stringClass = 'Lang_Eng_UploadStrings';
+ }
+ $this->_resultString = new $stringClass();
+
+ $this->setDirectory($directory);
+
+ }
+
+ //obtain the current directory
+ public function setDirectory($directory = null)
+ {
+ $relDir = (strcmp($directory,"") !== 0) ? $this->addTrailingSlash($directory) : null;
+ $absDir = $this->addTrailingSlash($this->base.$directory);
+
+ if (is_dir($absDir))
+ {
+ if ($this->isValidFolder($absDir))
+ {
+ $this->directory = $relDir;
+ return true;
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('not-child');
+ }
+ }
+ else
+ {
+ $this->directory = null;
+ $this->notice = $this->_resultString->getString('not-dir');
+ }
+ return false;
+ }
+
+ //check if $folder is a folder and is subfolder of $this->base
+ protected function isValidFolder($folder)
+ {
+ if (is_dir($folder))
+ {
+ $folder = $this->addTrailingSlash(realpath($folder));
+ if ($this->isMatching($folder)) return true;
+ }
+ return false;
+ }
+
+ protected function isMatching($path)
+ {
+ if (preg_match($this->pattern,$path))
+ {
+ if (strstr($path,'..')) return false;
+ return true;
+ }
+ return false;
+ }
+
+ public function getDirectory() {
+ return $this->directory;
+ }
+
+ public function getBase()
+ {
+ return $this->base;
+ }
+
+ public function getSubDir() {
+ return $this->subDir;
+ }
+
+ public function getRelSubDir()
+ {
+ return $this->relSubDir;
+ }
+
+ public function getFiles() {
+ return $this->files;
+ }
+
+ public function getRelFiles()
+ {
+ return $this->relFiles;
+ }
+
+ public function getParentDir() {
+ return $this->parentDir;
+ }
+
+ //add the trailing slash to the string
+ protected function addTrailingSlash($string)
+ {
+ $finalChar = $string[strlen($string) - 1];
+ if (strcmp($finalChar,self::DS) !== 0)
+ {
+ return $string.self::DS;
+ }
+ return $string;
+ }
+
+ protected function urlDeep($dir) { #funzione per creare l'indirizzo completo della cartella all'interno della quale voglio entrare
+ #$dir:cartella all'interno della quale voglio entrare
+ return $this->base.$this->directory.$dir.self::DS;
+ }
+
+ public function listFiles() { #creo la lista di file e cartelle all'interno della directory corrente
+ $items = scandir($this->base.$this->directory);
+ foreach( $items as $this_file ) {
+ if( strcmp($this_file,".") !== 0 && strcmp($this_file,"..") !== 0 ) {
+ if (is_dir($this->urlDeep($this_file))) {
+ $this->subDir[] = $this_file;
+ $this->relSubDir[] = $this->directory.$this_file;
+ } else {
+ $this->files[] = $this_file;
+ $this->relFiles[] = $this->directory.$this_file;
+ }
+ }
+ }
+ //get the parent dir
+ $this->parentDir();
+ }
+
+ //get the extension of the file
+ protected function getFileExtension($file)
+ {
+ return strtolower(end(explode('.', $file)));
+ }
+
+ protected function parentDir() { #individuo la cartella madre
+
+ $folders = explode(self::DS,$this->directory);
+ array_pop($folders);
+ array_pop($folders);
+ $parent = implode(self::DS,$folders);
+ $parent = (strcmp($parent,"") !== 0) ? $this->addTrailingSlash($parent) : null;
+
+ if ($this->isValidFolder($this->base.$parent))
+ {
+ $this->parentDir = $parent;
+ }
+ else
+ {
+ $this->parentDir = null;
+ }
+ }
+
+ //create the $name subfolder of the $this->directory folder
+ public function createFolder($name) { #funzione per creare una cartella nella directory corrente
+ $name = basename($name);
+ if (strcmp(trim($name),'') !== 0)
+ {
+ if (is_writable($this->base.$this->directory))
+ {
+ $path = $this->base.$this->directory.$name;
+
+ if ($this->isMatching($path))
+ {
+ if (!file_exists($path))
+ {
+ if (@mkdir($path,$this->params['filesPermission']))
+ {
+ @chmod($path, $this->params['filesPermission']);
+ $this->notice = $this->_resultString->getString('executed');
+ return true;
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('error');
+ }
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('dir-exists');
+ }
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('not-child');
+ }
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('not-writable');
+ }
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('no-folder-specified');
+ }
+ return false;
+ }
+
+ //check if the $name folder is empty or not
+ protected function isEmpty($name)
+ {
+ $items = scandir($name);
+ foreach( $items as $this_file ) {
+ if( strcmp($this_file,".") !== 0 && strcmp($this_file,"..") !== 0 ) {
+ return false;
+ }
+ }
+ return true;
+ }
+
+ public function removeFile($name)
+ {
+ $name = basename($name);
+ if (strcmp(trim($name),'') !== 0)
+ {
+ $path = $this->base.$this->directory.$name;
+ if ($this->isMatching($path))
+ {
+ if ($this->removeAbsFile($path)) return true;
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('not-child');
+ }
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('no-file-specified');
+ }
+ return false;
+ }
+
+ //remove the $name file
+ protected function removeAbsFile($name)
+ {
+ if (strcmp(trim($name),'') !== 0)
+ {
+ if (is_writable($name))
+ {
+ if (@unlink($name))
+ {
+ $this->notice = $this->_resultString->getString('executed');
+ return true;
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('error');
+ }
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('not-writable-file');
+ }
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('no-file-specified');
+ }
+ return false;
+ }
+
+ public function removeFolder($name)
+ {
+ $name = basename($name);
+ if (strcmp(trim($name),'') !== 0)
+ {
+ $dir = $this->base.$this->directory.$name;
+ if ($this->isMatching($dir))
+ {
+ if ($this->removeAbsFolder($dir)) return true;
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('not-child');
+ }
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('no-folder-specified');
+ }
+ return false;
+ }
+
+ //remove the $name folder
+ protected function removeAbsFolder($name) {
+ if (strcmp(trim($name),'') !== 0) {
+ if (is_writable($name))
+ {
+ if ($this->isEmpty($name))
+ {
+ if (@rmdir($name))
+ {
+ $this->notice = $this->_resultString->getString('executed');
+ return true;
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('error');
+ }
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('not-empty');
+ }
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('not-writable');
+ }
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('no-folder-specified');
+ }
+ return false;
+ }
+
+ //upload a file in the current directory
+ //$fileName: name of the file
+ public function uploadFile($fileName = null) {
+ $userfile = $this->params['fileUploadKey'];
+ $ext = $this->getFileExtension($_FILES[$userfile]["name"]);
+ $fileName = isset($fileName) ? $fileName.".$ext" : basename($_FILES[$userfile]["name"]);
+
+ $this->fileName = $fileName;
+
+ if(strcmp(trim($_FILES[$userfile]["name"]),"") !== 0)
+ {
+ if(@is_uploaded_file($_FILES[$userfile]["tmp_name"])) {
+ if ($_FILES[$userfile]["size"] <= $this->params['maxFileSize'])
+ {
+ //check the extension of the file
+ $AllowedExtensionsArray = explode(',',$this->params['allowedExtensions']);
+
+ if (in_array($ext,$AllowedExtensionsArray))
+ {
+ //check if the file doesn't exists
+ if (!file_exists($this->base.$this->directory.$fileName))
+ {
+ if (@move_uploaded_file($_FILES[$userfile]["tmp_name"],$this->base.$this->directory.$fileName))
+ {
+ @chmod($this->base.$this->directory.$fileName, $this->params['filesPermission']);
+ $this->notice = $this->_resultString->getString('executed');
+ return true;
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('error');
+ }
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('file-exists');
+ }
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('not-allowed-ext');
+ }
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('size-over');
+ }
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('no-upload-file');
+ }
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('no-upload-file');
+ }
+ return false;
+ }
+
+ //update the folder tree
+ public function updateTree() {
+
+ if (isset($_POST[$this->params['delFolderAction']])) {
+ $this->removeFolder($_POST[$this->params['delFolderAction']]);
+ }
+
+ if (isset($_POST[$this->params['delFileAction']])) {
+ $this->removeFile($_POST[$this->params['delFileAction']]);
+ }
+
+ if (isset($_POST[$this->params['createFolderAction']])) {
+ $this->createFolder($_POST['folderName']);
+ }
+
+ if (isset($_POST[$this->params['uploadFileAction']])) {
+ $this->uploadFile();
+ }
+
+ }
+} \ No newline at end of file