/* +-------------------------------------------------------------------------- | Invision Power Board | ============================================= | by Matthew Mecham | (c) 2001 - 2006 Invision Power Services, Inc. | | ============================================= | Web: | Licence Info: /?license +--------------------------------------------------------------------------- | > $Date: 2005-10-10 14:03:20 +0100 (Mon, 10 Oct 2005) $ | > $Revision: 22 $ | > $Author: matt $ +--------------------------------------------------------------------------- | | > UPLOAD handling methods (KERNEL) | > Module written by Matt Mecham | > Date started: 15th March 2004 | | > Module Version Number: 1.0.0 +-------------------------------------------------------------------------- | ERRORS: | 1: No upload | 2: Not valid upload type | 3: Upload exceeds $max_file_size | 4: Could not move uploaded file, upload deleted | 5: File pretending to be an image but isn't (poss XSS attack) +-------------------------------------------------------------------------- */
/** * IPS Kernel Pages: Upload * * This class contains all generic functions to handle * the parsing of $_FILE data. * * Example Usage: * * $upload = new class_upload(); * $upload->out_file_dir = './uploads'; * $upload->max_file_size = '10000000'; * $upload->make_script_safe = 1; * $upload->allowed_file_ext = array( 'gif', 'jpg', 'jpeg', 'png' ); * $upload->upload_process(); * * if ( $upload->error_no ) * { * switch( $upload->error_no ) * { * case 1: * // No upload * print "No upload"; exit(); * case 2: * case 5: * // Invalid file ext * print "Invalid File Extension"; exit(); * case 3: * // Too big... * print "File too big"; exit(); * case 4: * // Cannot move uploaded file * print "Move failed"; exit(); * } * } * print $upload->saved_upload_name . " uploaded!"; * * ERRORS: * 1: No upload * 2: Not valid upload type * 3: Upload exceeds $max_file_size * 4: Could not move uploaded file, upload deleted * 5: File pretending to be an image but isn't (poss XSS attack) * * @package IPS_KERNEL * @author Matt Mecham * @copyright Invision Power Services, Inc. * @version 2.1 */
/** * */
/** * Upload Class * * Methods and functions for handling file uploads * * @package IPS_KERNEL * @author Matt Mecham * @version 2.1 */ class class_upload { /** * Name of upload form field * @see object->upload_form_field='images'; * @var string */ var $upload_form_field = 'FILE_UPLOAD';
/** * Out filename *without* extension * (Leave blank to retain user filename) * @see 重命名 * @var string */ var $out_file_name = '';
/** * Out dir (./upload) - no trailing slash * @see 上传目录 * @var string */ var $out_file_dir = './';
/** * maximum file size of this upload * * @var integer */ var $max_file_size = 0;
/** * Forces PHP, CGI, etc to text * * @var integer */ var $make_script_safe = 1;
/** * Force non-img file extenstion (leave blank if not) (ex: 'ibf' makes upload.doc => upload.ibf) * * @var string */ var $force_data_ext = '';
/** * Check to make sure an image is an image * * @var boolean flag */ var $image_check = 1;
/** * Returns current file extension * @see 得到当前文件的扩展名 * @var string */ var $file_extension = '';
/** * If force_data_ext == 1, this will return the 'real' extension * and $file_extension will return the 'force_data_ext' * * @var string */ var $real_file_extension = '';
/** * Returns error number * * @var integer */ var $error_no = 0;
/** * Returns if upload is img or not * * @var integer */ var $is_image = 0;
/** * Returns file name as was uploaded by user * @see 最初用户上传的文件名 * @var string */ var $original_file_name = "";
/** * Returns final file name as is saved on disk. (no path info) * @see 最终被保存的文件名 返回的是相对路径包括了文件名 ./upload/test.jpg * @var string */ var $parsed_file_name = "";
/** * Returns final file name with path info * @see 返回最终的上传文件信息 * @var string */ var $saved_upload_name = "";
function mkoutfile($upload) { if (!is_dir($upload)) { mkdir($upload); } }
/*-------------------------------------------------------------------------*/ // PROCESS THE UPLOAD /*-------------------------------------------------------------------------*/
/** * Processes the upload * */
function upload_process() { $this->_clean_paths();
//------------------------------------------------- // Check the path is exists if not exists then create //------------------------------------------------- $this->mkoutfile($this->out_file_dir);
//------------------------------------------------- // Check for getimagesize //-------------------------------------------------
//------------------------------------------------- // Set up some variables to stop carpals developing //-------------------------------------------------
//------------------------------------------------- // Naughty Opera adds the filename on the end of the // mime type - we don't want this. //-------------------------------------------------
//------------------------------------------------- // Naughty Mozilla likes to use "none" to indicate an empty upload field. // I love universal languages that aren't universal. //------------------------------------------------- //is_uploaded_file($_FILES["zh_pic"][tmp_name])) if ( !isset($_FILES[ $this->upload_form_field ]['name']) or $_FILES[ $this->upload_form_field ]['name'] == "" or !$_FILES[ $this->upload_form_field ]['name'] or !$_FILES[ $this->upload_form_field ]['size'] or ($_FILES[ $this->upload_form_field ]['name'] == "none") ) { $this->error_no = 1; return; }
//------------------------------------------------- // Convert file name? // In any case, file name is WITHOUT extension //-------------------------------------------------
//------------------------------------------------- // Copy the upload to the uploads directory // ^^ We need to do this before checking the img // size for the openbasedir restriction peeps // We'll just unlink if it doesn't checkout //-------------------------------------------------
//------------------------------------------------- // Is it an image? //-------------------------------------------------
if ( $this->is_image ) { //------------------------------------------------- // Are we making sure its an image? //-------------------------------------------------
if ( $this->image_check ) { $img_attributes = @getimagesize( $this->saved_upload_name );
if ( ! is_array( $img_attributes ) or ! count( $img_attributes ) ) { // Unlink the file first @unlink( $this->saved_upload_name ); $this->error_no = 5; return; } else if ( ! $img_attributes[2] ) { // Unlink the file first @unlink( $this->saved_upload_name ); $this->error_no = 5; return; } else if ( $img_attributes[2] == 1 AND ( $this->file_extension == 'jpg' OR $this->file_extension == 'jpeg' ) ) { // Potential XSS attack with a fake GIF header in a JPEG @unlink( $this->saved_upload_name ); $this->error_no = 5; return; } } }
//------------------------------------------------- // If filesize and $_FILES['size'] don't match then // either file is corrupt, or there was funny // business between when it hit tmp and was moved //-------------------------------------------------
