first commit
This commit is contained in:
150
admin-kalsport/filemanager/upload.php
Normal file
150
admin-kalsport/filemanager/upload.php
Normal file
@@ -0,0 +1,150 @@
|
||||
<?php
|
||||
|
||||
include 'config/config.php';
|
||||
|
||||
if ($_SESSION['verify'] != 'RESPONSIVEfilemanager') {
|
||||
die('Forbidden');
|
||||
}
|
||||
include 'include/utils.php';
|
||||
|
||||
$_POST['path'] = $current_path.str_replace("\0", '', $_POST['path']);
|
||||
$_POST['path_thumb'] = $thumbs_base_path.str_replace("\0", '', $_POST['path_thumb']);
|
||||
|
||||
$storeFolder = $_POST['path'];
|
||||
$storeFolderThumb = $_POST['path_thumb'];
|
||||
|
||||
$path_pos = strpos($storeFolder, $current_path);
|
||||
$thumb_pos = strpos($_POST['path_thumb'], $thumbs_base_path);
|
||||
|
||||
if ($path_pos === false || $thumb_pos === false
|
||||
|| preg_match('/\.{1,2}[\/|\\\]/', $_POST['path_thumb']) !== 0
|
||||
|| preg_match('/\.{1,2}[\/|\\\]/', $_POST['path']) !== 0) {
|
||||
die('wrong path');
|
||||
}
|
||||
|
||||
$path = $storeFolder;
|
||||
$cycle = true;
|
||||
$max_cycles = 50;
|
||||
$i = 0;
|
||||
while ($cycle && $i < $max_cycles) {
|
||||
$i++;
|
||||
if ($path == $current_path) {
|
||||
$cycle = false;
|
||||
}
|
||||
if (file_exists($path.'config.php')) {
|
||||
require_once $path.'config.php';
|
||||
$cycle = false;
|
||||
}
|
||||
$path = fix_dirname($path).'/';
|
||||
}
|
||||
|
||||
if (!empty($_FILES) && isset($_FILES['file']) && $_FILES['file']['size']) {
|
||||
$info = pathinfo($_FILES['file']['name']);
|
||||
if (isset($info['extension'])
|
||||
&& in_array(fix_strtolower($info['extension']), $ext)
|
||||
&& in_array(mime_content_type($_FILES['file']['tmp_name']), $mime)
|
||||
) {
|
||||
$tempFile = $_FILES['file']['tmp_name'];
|
||||
|
||||
$targetPath = $storeFolder;
|
||||
$targetPathThumb = $storeFolderThumb;
|
||||
$_FILES['file']['name'] = fix_filename($_FILES['file']['name'], $transliteration);
|
||||
|
||||
$file_name_splitted = explode('.', $_FILES['file']['name']);
|
||||
array_pop($file_name_splitted);
|
||||
$_FILES['file']['name'] = implode('-', $file_name_splitted).'.'.$info['extension'];
|
||||
|
||||
if (file_exists($targetPath.$_FILES['file']['name'])) {
|
||||
$i = 1;
|
||||
$info = pathinfo($_FILES['file']['name']);
|
||||
while (file_exists($targetPath.$info['filename'].'_'.$i.'.'.$info['extension'])) {
|
||||
$i++;
|
||||
}
|
||||
$_FILES['file']['name'] = $info['filename'].'_'.$i.'.'.$info['extension'];
|
||||
}
|
||||
$targetFile = $targetPath.$_FILES['file']['name'];
|
||||
$targetFileThumb = $targetPathThumb.$_FILES['file']['name'];
|
||||
|
||||
if (in_array(fix_strtolower($info['extension']), $ext_img) && @getimagesize($tempFile) != false) {
|
||||
$is_img = true;
|
||||
} else {
|
||||
$is_img = false;
|
||||
}
|
||||
|
||||
if ($is_img) {
|
||||
move_uploaded_file($tempFile, $targetFile);
|
||||
chmod($targetFile, 0755);
|
||||
|
||||
$memory_error = false;
|
||||
if (!create_img_gd($targetFile, $targetFileThumb, 122, 91)) {
|
||||
$memory_error = false;
|
||||
} else {
|
||||
if (!new_thumbnails_creation($targetPath, $targetFile, $_FILES['file']['name'], $current_path, $relative_image_creation, $relative_path_from_current_pos, $relative_image_creation_name_to_prepend, $relative_image_creation_name_to_append, $relative_image_creation_width, $relative_image_creation_height, $fixed_image_creation, $fixed_path_from_filemanager, $fixed_image_creation_name_to_prepend, $fixed_image_creation_to_append, $fixed_image_creation_width, $fixed_image_creation_height)) {
|
||||
$memory_error = false;
|
||||
} else {
|
||||
$imginfo = getimagesize($targetFile);
|
||||
$srcWidth = $imginfo[0];
|
||||
$srcHeight = $imginfo[1];
|
||||
|
||||
if ($image_resizing) {
|
||||
if ($image_resizing_width == 0) {
|
||||
if ($image_resizing_height == 0) {
|
||||
$image_resizing_width = $srcWidth;
|
||||
$image_resizing_height = $srcHeight;
|
||||
} else {
|
||||
$image_resizing_width = $image_resizing_height * $srcWidth / $srcHeight;
|
||||
}
|
||||
} elseif ($image_resizing_height == 0) {
|
||||
$image_resizing_height = $image_resizing_width * $srcHeight / $srcWidth;
|
||||
}
|
||||
$srcWidth = $image_resizing_width;
|
||||
$srcHeight = $image_resizing_height;
|
||||
create_img_gd($targetFile, $targetFile, $image_resizing_width, $image_resizing_height);
|
||||
}
|
||||
//max resizing limit control
|
||||
$resize = false;
|
||||
if ($image_max_width != 0 && $srcWidth > $image_max_width) {
|
||||
$resize = true;
|
||||
$srcHeight = $image_max_width * $srcHeight / $srcWidth;
|
||||
$srcWidth = $image_max_width;
|
||||
}
|
||||
if ($image_max_height != 0 && $srcHeight > $image_max_height) {
|
||||
$resize = true;
|
||||
$srcWidth = $image_max_height * $srcWidth / $srcHeight;
|
||||
$srcHeight = $image_max_height;
|
||||
}
|
||||
if ($resize) {
|
||||
create_img_gd($targetFile, $targetFile, $srcWidth, $srcHeight);
|
||||
}
|
||||
}
|
||||
}
|
||||
if ($memory_error) {
|
||||
//error
|
||||
unlink($targetFile);
|
||||
header('HTTP/1.1 406 Not enought Memory', true, 406);
|
||||
exit();
|
||||
}
|
||||
} else {
|
||||
move_uploaded_file($tempFile, $targetFile);
|
||||
chmod($targetFile, 0755);
|
||||
}
|
||||
} else {
|
||||
header('HTTP/1.1 406 file not permitted', true, 406);
|
||||
exit();
|
||||
}
|
||||
} else {
|
||||
header('HTTP/1.1 405 Bad Request', true, 405);
|
||||
exit();
|
||||
}
|
||||
if (isset($_POST['submit'])) {
|
||||
$query = http_build_query(
|
||||
array(
|
||||
'type' => $_POST['type'],
|
||||
'lang' => $_POST['lang'],
|
||||
'popup' => $_POST['popup'],
|
||||
'field_id' => $_POST['field_id'],
|
||||
'fldr' => $_POST['fldr'],
|
||||
)
|
||||
);
|
||||
header('location: dialog.php?'.$query);
|
||||
}
|
||||
Reference in New Issue
Block a user