Verzeichnisstruktur phpBB-3.3.15
- Veröffentlicht
- 28.08.2024
So funktioniert es
|
|
Auf das letzte Element klicken. Dies geht jeweils ein Schritt zurück |
Auf das Icon klicken, dies öffnet das Verzeichnis. Nochmal klicken schließt das Verzeichnis. |
|
|
(Beispiel Datei-Icons)
|
Auf das Icon klicken um den Quellcode anzuzeigen |
upload.php
001 <?php
002 /**
003 *
004 * This file is part of the phpBB Forum Software package.
005 *
006 * @copyright (c) phpBB Limited <https://www.phpbb.com>
007 * @license GNU General Public License, version 2 (GPL-2.0)
008 *
009 * For full copyright and license information, please see
010 * the docs/CREDITS.txt file.
011 *
012 */
013
014 namespace phpbb\attachment;
015
016 use phpbb\auth\auth;
017 use phpbb\cache\service;
018 use phpbb\config\config;
019 use phpbb\event\dispatcher;
020 use phpbb\language\language;
021 use phpbb\mimetype\guesser;
022 use phpbb\plupload\plupload;
023 use phpbb\user;
024
025 /**
026 * Attachment upload class
027 */
028 class upload
029 {
030 /** @var auth */
031 protected $auth;
032
033 /** @var service */
034 protected $cache;
035
036 /** @var config */
037 protected $config;
038
039 /** @var \phpbb\files\upload Upload class */
040 protected $files_upload;
041
042 /** @var language */
043 protected $language;
044
045 /** @var guesser Mimetype guesser */
046 protected $mimetype_guesser;
047
048 /** @var dispatcher */
049 protected $phpbb_dispatcher;
050
051 /** @var string */
052 protected $phpbb_root_path;
053
054 /** @var plupload Plupload */
055 protected $plupload;
056
057 /** @var user */
058 protected $user;
059
060 /** @var \phpbb\files\filespec Current filespec instance */
061 private $file;
062
063 /** @var array File data */
064 private $file_data = array(
065 'error' => array()
066 );
067
068 /** @var array Extensions array */
069 private $extensions;
070
071 /**
072 * Constructor for attachments upload class
073 *
074 * @param auth $auth
075 * @param service $cache
076 * @param config $config
077 * @param \phpbb\files\upload $files_upload
078 * @param language $language
079 * @param guesser $mimetype_guesser
080 * @param dispatcher $phpbb_dispatcher
081 * @param plupload $plupload
082 * @param user $user
083 * @param $phpbb_root_path
084 */
085 public function __construct(auth $auth, service $cache, config $config, \phpbb\files\upload $files_upload, language $language, guesser $mimetype_guesser, dispatcher $phpbb_dispatcher, plupload $plupload, user $user, $phpbb_root_path)
086 {
087 $this->auth = $auth;
088 $this->cache = $cache;
089 $this->config = $config;
090 $this->files_upload = $files_upload;
091 $this->language = $language;
092 $this->mimetype_guesser = $mimetype_guesser;
093 $this->phpbb_dispatcher = $phpbb_dispatcher;
094 $this->plupload = $plupload;
095 $this->user = $user;
096 $this->phpbb_root_path = $phpbb_root_path;
097 }
098
099 /**
100 * Upload Attachment - filedata is generated here
101 * Uses upload class
102 *
103 * @param string $form_name The form name of the file upload input
104 * @param int $forum_id The id of the forum
105 * @param bool $local Whether the file is local or not
106 * @param string $local_storage The path to the local file
107 * @param bool $is_message Whether it is a PM or not
108 * @param array $local_filedata An file data object created for the local file
109 *
110 * @return array File data array
111 */
112 public function upload($form_name, $forum_id, $local = false, $local_storage = '', $is_message = false, $local_filedata = array())
113 {
114 $this->init_files_upload($forum_id, $is_message);
115
116 $this->file_data['post_attach'] = $local || $this->files_upload->is_valid($form_name);
117
118 if (!$this->file_data['post_attach'])
119 {
120 $this->file_data['error'][] = $this->language->lang('NO_UPLOAD_FORM_FOUND');
121 return $this->file_data;
122 }
123
124 $this->file = ($local) ? $this->files_upload->handle_upload('files.types.local', $local_storage, $local_filedata) : $this->files_upload->handle_upload('files.types.form', $form_name);
125
126 if ($this->file->init_error())
127 {
128 $this->file_data['post_attach'] = false;
129 return $this->file_data;
130 }
131
132 // Whether the uploaded file is in the image category
133 $is_image = (isset($this->extensions[$this->file->get('extension')]['display_cat'])) ? $this->extensions[$this->file->get('extension')]['display_cat'] == ATTACHMENT_CATEGORY_IMAGE : false;
134
135 if (!$this->auth->acl_get('a_') && !$this->auth->acl_get('m_', $forum_id))
136 {
137 // Check Image Size, if it is an image
138 if ($is_image)
139 {
140 $this->file->upload->set_allowed_dimensions(0, 0, $this->config['img_max_width'], $this->config['img_max_height']);
141 }
142
143 // Admins and mods are allowed to exceed the allowed filesize
144 if (!empty($this->extensions[$this->file->get('extension')]['max_filesize']))
145 {
146 $allowed_filesize = $this->extensions[$this->file->get('extension')]['max_filesize'];
147 }
148 else
149 {
150 $allowed_filesize = ($is_message) ? $this->config['max_filesize_pm'] : $this->config['max_filesize'];
151 }
152
153 $this->file->upload->set_max_filesize($allowed_filesize);
154 }
155
156 $this->file->clean_filename('unique', $this->user->data['user_id'] . '_');
157
158 // Are we uploading an image *and* this image being within the image category?
159 // Only then perform additional image checks.
160 $this->file->move_file($this->config['upload_path'], false, !$is_image);
161
162 // Do we have to create a thumbnail?
163 $this->file_data['thumbnail'] = ($is_image && $this->config['img_create_thumbnail']) ? 1 : 0;
164
165 // Make sure the image category only holds valid images...
166 $this->check_image($is_image);
167
168 if (count($this->file->error))
169 {
170 $this->file->remove();
171 $this->file_data['error'] = array_merge($this->file_data['error'], $this->file->error);
172 $this->file_data['post_attach'] = false;
173
174 return $this->file_data;
175 }
176
177 $this->fill_file_data();
178
179 $filedata = $this->file_data;
180
181 /**
182 * Event to modify uploaded file before submit to the post
183 *
184 * @event core.modify_uploaded_file
185 * @var array filedata Array containing uploaded file data
186 * @var bool is_image Flag indicating if the file is an image
187 * @since 3.1.0-RC3
188 */
189 $vars = array(
190 'filedata',
191 'is_image',
192 );
193 extract($this->phpbb_dispatcher->trigger_event('core.modify_uploaded_file', compact($vars)));
194 $this->file_data = $filedata;
195 unset($filedata);
196
197 // Check for attachment quota and free space
198 if (!$this->check_attach_quota() || !$this->check_disk_space())
199 {
200 return $this->file_data;
201 }
202
203 // Create Thumbnail
204 $this->create_thumbnail();
205
206 return $this->file_data;
207 }
208
209 /**
210 * Create thumbnail for file if necessary
211 *
212 * @return array Updated $filedata
213 */
214 protected function create_thumbnail()
215 {
216 if ($this->file_data['thumbnail'])
217 {
218 $source = $this->file->get('destination_file');
219 $destination = $this->file->get('destination_path') . '/thumb_' . $this->file->get('realname');
220
221 if (!create_thumbnail($source, $destination, $this->file->get('mimetype')))
222 {
223 $this->file_data['thumbnail'] = 0;
224 }
225 }
226 }
227
228 /**
229 * Init files upload class
230 *
231 * @param int $forum_id Forum ID
232 * @param bool $is_message Whether attachment is inside PM or not
233 */
234 protected function init_files_upload($forum_id, $is_message)
235 {
236 if ($this->config['check_attachment_content'] && isset($this->config['mime_triggers']))
237 {
238 $this->files_upload->set_disallowed_content(explode('|', $this->config['mime_triggers']));
239 }
240 else if (!$this->config['check_attachment_content'])
241 {
242 $this->files_upload->set_disallowed_content(array());
243 }
244
245 $this->extensions = $this->cache->obtain_attach_extensions((($is_message) ? false : (int) $forum_id));
246 $this->files_upload->set_allowed_extensions(array_keys($this->extensions['_allowed_']));
247 }
248
249 /**
250 * Check if uploaded file is really an image
251 *
252 * @param bool $is_image Whether file is image
253 */
254 protected function check_image($is_image)
255 {
256 // Make sure the image category only holds valid images...
257 if ($is_image && !$this->file->is_image())
258 {
259 $this->file->remove();
260
261 if ($this->plupload && $this->plupload->is_active())
262 {
263 $this->plupload->emit_error(104, 'ATTACHED_IMAGE_NOT_IMAGE');
264 }
265
266 // If this error occurs a user tried to exploit an IE Bug by renaming extensions
267 // Since the image category is displaying content inline we need to catch this.
268 $this->file->set_error($this->language->lang('ATTACHED_IMAGE_NOT_IMAGE'));
269 }
270 }
271
272 /**
273 * Check if attachment quota was reached
274 *
275 * @return bool False if attachment quota was reached, true if not
276 */
277 protected function check_attach_quota()
278 {
279 if ($this->config['attachment_quota'])
280 {
281 if (intval($this->config['upload_dir_size']) + $this->file->get('filesize') > $this->config['attachment_quota'])
282 {
283 $this->file_data['error'][] = $this->language->lang('ATTACH_QUOTA_REACHED');
284 $this->file_data['post_attach'] = false;
285
286 $this->file->remove();
287
288 return false;
289 }
290 }
291
292 return true;
293 }
294
295 /**
296 * Check if there is enough free space available on disk
297 *
298 * @return bool True if disk space is available, false if not
299 */
300 protected function check_disk_space()
301 {
302 if (function_exists('disk_free_space'))
303 {
304 $free_space = @disk_free_space($this->phpbb_root_path);
305
306 if ($free_space <= $this->file->get('filesize'))
307 {
308 if ($this->auth->acl_get('a_'))
309 {
310 $this->file_data['error'][] = $this->language->lang('ATTACH_DISK_FULL');
311 }
312 else
313 {
314 $this->file_data['error'][] = $this->language->lang('ATTACH_QUOTA_REACHED');
315 }
316 $this->file_data['post_attach'] = false;
317
318 $this->file->remove();
319
320 return false;
321 }
322 }
323
324 return true;
325 }
326
327 /**
328 * Fills file data with file information and current time as filetime
329 */
330 protected function fill_file_data()
331 {
332 $this->file_data['filesize'] = $this->file->get('filesize');
333 $this->file_data['mimetype'] = $this->file->get('mimetype');
334 $this->file_data['extension'] = $this->file->get('extension');
335 $this->file_data['physical_filename'] = $this->file->get('realname');
336 $this->file_data['real_filename'] = $this->file->get('uploadname');
337 $this->file_data['filetime'] = time();
338 }
339 }
340