diff options
Diffstat (limited to 'admin/Library/Files/Upload.php')
-rwxr-xr-x | admin/Library/Files/Upload.php | 451 |
1 files changed, 451 insertions, 0 deletions
diff --git a/admin/Library/Files/Upload.php b/admin/Library/Files/Upload.php new file mode 100755 index 0000000..47289fd --- /dev/null +++ b/admin/Library/Files/Upload.php @@ -0,0 +1,451 @@ +<?php + +// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. +// See COPYRIGHT.txt and LICENSE.txt. + +if (!defined('EG')) die('Direct access not allowed!'); + +//class to manage upload files +class Files_Upload +{ + + const DS = DIRECTORY_SEPARATOR; + + private $base = null; //root directory + private $directory = null; //current directory. Path relative to the base directory (Files_Upload::base) + private $parentDir = null; //parent folder + private $subDir = array(); //subdirectories of the current directory + private $relSubDir = array(); //subfolders of $this->directory. The path starts from the $base folder + private $files = array(); //files inside the current directory + private $relFiles = array(); //files inside $this->directory. The path starts from the $base directory + private $params; //class parameters + private $pattern = null; //the pattern for the preg_match function + + protected $_resultString; //reference to the class uploadStrings containing all the result strings + + public $fileName = null; //the name of the last file that has been uploaded + public $notice = null; //the result string of the operation + + public function __construct($base,$params = null, $directory = null) { + + $this->base = $this->addTrailingSlash($base); + + //set the match pattern + $tmp = str_replace(self::DS,'\\'.self::DS,$this->base); + $this->pattern = "/^(".$tmp.")/"; + + $defaultParams = array( + 'filesPermission'=>0777, + 'delFolderAction'=>'delFolderAction', + 'delFileAction'=>'delFileAction', + 'createFolderAction'=>'createFolderAction', + 'uploadFileAction'=>'uploadFileAction', + 'maxFileSize' => 3000000, + 'language' => 'eng', + 'allowedExtensions'=>'jpg,jpeg,png,gif,txt', + 'fileUploadKey' => 'userfile' + ); + + //set the $this->scaffold->params array + if (is_array($params)) + { + foreach ($params as $key => $value) + { + $defaultParams[$key] = $value; + } + } + $this->params = $defaultParams; + + //instantiate the $_resultString object + $stringClass = 'Lang_'.$this->params['language'].'_UploadStrings'; + if (!class_exists($stringClass)) + { + $stringClass = 'Lang_Eng_UploadStrings'; + } + $this->_resultString = new $stringClass(); + + $this->setDirectory($directory); + + } + + //obtain the current directory + public function setDirectory($directory = null) + { + $relDir = (strcmp($directory,"") !== 0) ? $this->addTrailingSlash($directory) : null; + $absDir = $this->addTrailingSlash($this->base.$directory); + + if (is_dir($absDir)) + { + if ($this->isValidFolder($absDir)) + { + $this->directory = $relDir; + return true; + } + else + { + $this->notice = $this->_resultString->getString('not-child'); + } + } + else + { + $this->directory = null; + $this->notice = $this->_resultString->getString('not-dir'); + } + return false; + } + + //check if $folder is a folder and is subfolder of $this->base + protected function isValidFolder($folder) + { + if (is_dir($folder)) + { + $folder = $this->addTrailingSlash(realpath($folder)); + if ($this->isMatching($folder)) return true; + } + return false; + } + + protected function isMatching($path) + { + if (preg_match($this->pattern,$path)) + { + if (strstr($path,'..')) return false; + return true; + } + return false; + } + + public function getDirectory() { + return $this->directory; + } + + public function getBase() + { + return $this->base; + } + + public function getSubDir() { + return $this->subDir; + } + + public function getRelSubDir() + { + return $this->relSubDir; + } + + public function getFiles() { + return $this->files; + } + + public function getRelFiles() + { + return $this->relFiles; + } + + public function getParentDir() { + return $this->parentDir; + } + + //add the trailing slash to the string + protected function addTrailingSlash($string) + { + $finalChar = $string[strlen($string) - 1]; + if (strcmp($finalChar,self::DS) !== 0) + { + return $string.self::DS; + } + return $string; + } + + protected function urlDeep($dir) { #funzione per creare l'indirizzo completo della cartella all'interno della quale voglio entrare + #$dir:cartella all'interno della quale voglio entrare + return $this->base.$this->directory.$dir.self::DS; + } + + public function listFiles() { #creo la lista di file e cartelle all'interno della directory corrente + $items = scandir($this->base.$this->directory); + foreach( $items as $this_file ) { + if( strcmp($this_file,".") !== 0 && strcmp($this_file,"..") !== 0 ) { + if (is_dir($this->urlDeep($this_file))) { + $this->subDir[] = $this_file; + $this->relSubDir[] = $this->directory.$this_file; + } else { + $this->files[] = $this_file; + $this->relFiles[] = $this->directory.$this_file; + } + } + } + //get the parent dir + $this->parentDir(); + } + + //get the extension of the file + protected function getFileExtension($file) + { + return strtolower(end(explode('.', $file))); + } + + protected function parentDir() { #individuo la cartella madre + + $folders = explode(self::DS,$this->directory); + array_pop($folders); + array_pop($folders); + $parent = implode(self::DS,$folders); + $parent = (strcmp($parent,"") !== 0) ? $this->addTrailingSlash($parent) : null; + + if ($this->isValidFolder($this->base.$parent)) + { + $this->parentDir = $parent; + } + else + { + $this->parentDir = null; + } + } + + //create the $name subfolder of the $this->directory folder + public function createFolder($name) { #funzione per creare una cartella nella directory corrente + $name = basename($name); + if (strcmp(trim($name),'') !== 0) + { + if (is_writable($this->base.$this->directory)) + { + $path = $this->base.$this->directory.$name; + + if ($this->isMatching($path)) + { + if (!file_exists($path)) + { + if (@mkdir($path,$this->params['filesPermission'])) + { + @chmod($path, $this->params['filesPermission']); + $this->notice = $this->_resultString->getString('executed'); + return true; + } + else + { + $this->notice = $this->_resultString->getString('error'); + } + } + else + { + $this->notice = $this->_resultString->getString('dir-exists'); + } + } + else + { + $this->notice = $this->_resultString->getString('not-child'); + } + } + else + { + $this->notice = $this->_resultString->getString('not-writable'); + } + } + else + { + $this->notice = $this->_resultString->getString('no-folder-specified'); + } + return false; + } + + //check if the $name folder is empty or not + protected function isEmpty($name) + { + $items = scandir($name); + foreach( $items as $this_file ) { + if( strcmp($this_file,".") !== 0 && strcmp($this_file,"..") !== 0 ) { + return false; + } + } + return true; + } + + public function removeFile($name) + { + $name = basename($name); + if (strcmp(trim($name),'') !== 0) + { + $path = $this->base.$this->directory.$name; + if ($this->isMatching($path)) + { + if ($this->removeAbsFile($path)) return true; + } + else + { + $this->notice = $this->_resultString->getString('not-child'); + } + } + else + { + $this->notice = $this->_resultString->getString('no-file-specified'); + } + return false; + } + + //remove the $name file + protected function removeAbsFile($name) + { + if (strcmp(trim($name),'') !== 0) + { + if (is_writable($name)) + { + if (@unlink($name)) + { + $this->notice = $this->_resultString->getString('executed'); + return true; + } + else + { + $this->notice = $this->_resultString->getString('error'); + } + } + else + { + $this->notice = $this->_resultString->getString('not-writable-file'); + } + } + else + { + $this->notice = $this->_resultString->getString('no-file-specified'); + } + return false; + } + + public function removeFolder($name) + { + $name = basename($name); + if (strcmp(trim($name),'') !== 0) + { + $dir = $this->base.$this->directory.$name; + if ($this->isMatching($dir)) + { + if ($this->removeAbsFolder($dir)) return true; + } + else + { + $this->notice = $this->_resultString->getString('not-child'); + } + } + else + { + $this->notice = $this->_resultString->getString('no-folder-specified'); + } + return false; + } + + //remove the $name folder + protected function removeAbsFolder($name) { + if (strcmp(trim($name),'') !== 0) { + if (is_writable($name)) + { + if ($this->isEmpty($name)) + { + if (@rmdir($name)) + { + $this->notice = $this->_resultString->getString('executed'); + return true; + } + else + { + $this->notice = $this->_resultString->getString('error'); + } + } + else + { + $this->notice = $this->_resultString->getString('not-empty'); + } + } + else + { + $this->notice = $this->_resultString->getString('not-writable'); + } + } + else + { + $this->notice = $this->_resultString->getString('no-folder-specified'); + } + return false; + } + + //upload a file in the current directory + //$fileName: name of the file + public function uploadFile($fileName = null) { + $userfile = $this->params['fileUploadKey']; + $ext = $this->getFileExtension($_FILES[$userfile]["name"]); + $fileName = isset($fileName) ? $fileName.".$ext" : basename($_FILES[$userfile]["name"]); + + $this->fileName = $fileName; + + if(strcmp(trim($_FILES[$userfile]["name"]),"") !== 0) + { + if(@is_uploaded_file($_FILES[$userfile]["tmp_name"])) { + if ($_FILES[$userfile]["size"] <= $this->params['maxFileSize']) + { + //check the extension of the file + $AllowedExtensionsArray = explode(',',$this->params['allowedExtensions']); + + if (in_array($ext,$AllowedExtensionsArray)) + { + //check if the file doesn't exists + if (!file_exists($this->base.$this->directory.$fileName)) + { + if (@move_uploaded_file($_FILES[$userfile]["tmp_name"],$this->base.$this->directory.$fileName)) + { + @chmod($this->base.$this->directory.$fileName, $this->params['filesPermission']); + $this->notice = $this->_resultString->getString('executed'); + return true; + } + else + { + $this->notice = $this->_resultString->getString('error'); + } + } + else + { + $this->notice = $this->_resultString->getString('file-exists'); + } + } + else + { + $this->notice = $this->_resultString->getString('not-allowed-ext'); + } + } + else + { + $this->notice = $this->_resultString->getString('size-over'); + } + } + else + { + $this->notice = $this->_resultString->getString('no-upload-file'); + } + } + else + { + $this->notice = $this->_resultString->getString('no-upload-file'); + } + return false; + } + + //update the folder tree + public function updateTree() { + + if (isset($_POST[$this->params['delFolderAction']])) { + $this->removeFolder($_POST[$this->params['delFolderAction']]); + } + + if (isset($_POST[$this->params['delFileAction']])) { + $this->removeFile($_POST[$this->params['delFileAction']]); + } + + if (isset($_POST[$this->params['createFolderAction']])) { + $this->createFolder($_POST['folderName']); + } + + if (isset($_POST[$this->params['uploadFileAction']])) { + $this->uploadFile(); + } + + } +}
\ No newline at end of file |