Vergleich inc/functions_upload.php - 1.8.3 - 1.8.6

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 204Zeile 204
	}

// Check we have a valid extension

	}

// Check we have a valid extension

	// This is attached to the attachment types allowed to be uploaded (set in the ACP)
$valid_extensions = array();
$extensions = $cache->read("attachtypes");

foreach($extensions as $ext => $type)
{
if(substr($type['mimetype'], 0, 5) == 'image')
{
$valid_extensions[$ext] = 1;
}
}

$ext = get_extension(my_strtolower($avatar['name']));

if(!isset($valid_extensions[$ext]))
{
$ret['error'] = $lang->error_avatartype;
return $ret;
}

    	$ext = get_extension(my_strtolower($avatar['name']));
if(!preg_match("#^(gif|jpg|jpeg|jpe|bmp|png)$#i", $ext))
{
$ret['error'] = $lang->error_avatartype;
return $ret;
}















if(defined('IN_ADMINCP'))
{


if(defined('IN_ADMINCP'))
{

Zeile 280Zeile 267
				}
else
{

				}
else
{

 
					// Copy scaled image to CDN
copy_file_to_cdn($avatarpath . '/' . $thumbnail['filename']);

					// Reset filesize
$avatar['size'] = filesize($avatarpath."/".$filename);
// Reset dimensions

					// Reset filesize
$avatar['size'] = filesize($avatarpath."/".$filename);
// Reset dimensions

Zeile 353Zeile 342
 * @param array $attachment Attachment data (as fed by PHPs $_FILE)
* @param boolean $update_attachment Whether or not we are updating a current attachment or inserting a new one
* @return array Array of attachment data if successful, otherwise array of error data

 * @param array $attachment Attachment data (as fed by PHPs $_FILE)
* @param boolean $update_attachment Whether or not we are updating a current attachment or inserting a new one
* @return array Array of attachment data if successful, otherwise array of error data

 */

 */

function upload_attachment($attachment, $update_attachment=false)
{
global $mybb, $db, $theme, $templates, $posthash, $pid, $tid, $forum, $mybb, $lang, $plugins, $cache;

function upload_attachment($attachment, $update_attachment=false)
{
global $mybb, $db, $theme, $templates, $posthash, $pid, $tid, $forum, $mybb, $lang, $plugins, $cache;





	$posthash = $db->escape_string($mybb->get_input('posthash'));
$pid = (int)$pid;

	$posthash = $db->escape_string($mybb->get_input('posthash'));
$pid = (int)$pid;





	if(isset($attachment['error']) && $attachment['error'] != 0)
{
$ret['error'] = $lang->error_uploadfailed.$lang->error_uploadfailed_detail;

	if(isset($attachment['error']) && $attachment['error'] != 0)
{
$ret['error'] = $lang->error_uploadfailed.$lang->error_uploadfailed_detail;

Zeile 368Zeile 357
		{
case 1: // UPLOAD_ERR_INI_SIZE
$ret['error'] .= $lang->error_uploadfailed_php1;

		{
case 1: // UPLOAD_ERR_INI_SIZE
$ret['error'] .= $lang->error_uploadfailed_php1;

				break;

				break;

			case 2: // UPLOAD_ERR_FORM_SIZE
$ret['error'] .= $lang->error_uploadfailed_php2;
break;

			case 2: // UPLOAD_ERR_FORM_SIZE
$ret['error'] .= $lang->error_uploadfailed_php2;
break;

Zeile 392Zeile 381
	}

if(!is_uploaded_file($attachment['tmp_name']) || empty($attachment['tmp_name']))

	}

if(!is_uploaded_file($attachment['tmp_name']) || empty($attachment['tmp_name']))

	{

	{

		$ret['error'] = $lang->error_uploadfailed.$lang->error_uploadfailed_php4;
return $ret;
}

		$ret['error'] = $lang->error_uploadfailed.$lang->error_uploadfailed_php4;
return $ret;
}

Zeile 408Zeile 397
		return $ret;
}
else

		return $ret;
}
else

	{

	{

		$attachtype = $attachtypes[$ext];

		$attachtype = $attachtypes[$ext];

	}


	}


	// Check the size
if($attachment['size'] > $attachtype['maxsize']*1024 && $attachtype['maxsize'] != "")
{
$ret['error'] = $lang->sprintf($lang->error_attachsize, $attachtype['maxsize']);

	// Check the size
if($attachment['size'] > $attachtype['maxsize']*1024 && $attachtype['maxsize'] != "")
{
$ret['error'] = $lang->sprintf($lang->error_attachsize, $attachtype['maxsize']);

		return $ret;
}


		return $ret;
}


	// Double check attachment space usage
if($mybb->usergroup['attachquota'] > 0)
{

	// Double check attachment space usage
if($mybb->usergroup['attachquota'] > 0)
{

Zeile 434Zeile 423
	}

// Gather forum permissions

	}

// Gather forum permissions

	$forumpermissions = forum_permissions($forum['fid']);


	$forumpermissions = forum_permissions($forum['fid']);


	// Check if an attachment with this name is already in the post
if($pid != 0)
{

	// Check if an attachment with this name is already in the post
if($pid != 0)
{

Zeile 483Zeile 472
			if(!@is_dir($mybb->settings['uploadspath']."/".$month_dir))
{
$month_dir = '';

			if(!@is_dir($mybb->settings['uploadspath']."/".$month_dir))
{
$month_dir = '';

			}

			}

		}
}


		}
}


Zeile 611Zeile 600
	if($forumpermissions['modattachments'] == 1 && !is_moderator($forum['fid'], "canapproveunapproveattachs"))
{
$attacharray['visible'] = 0;

	if($forumpermissions['modattachments'] == 1 && !is_moderator($forum['fid'], "canapproveunapproveattachs"))
{
$attacharray['visible'] = 0;

	}
else
{

	}
else
{

		$attacharray['visible'] = 1;
}


		$attacharray['visible'] = 1;
}


Zeile 665Zeile 654
 */
function delete_uploaded_file($path = '')
{

 */
function delete_uploaded_file($path = '')
{

	global $mybb;

	global $mybb, $plugins;


$deleted = false;



$deleted = false;


Zeile 674Zeile 663
	$cdn_base_path = rtrim($mybb->settings['cdnpath'], '/');
$path = ltrim($path, '/');
$cdn_path = realpath($cdn_base_path . '/' . $path);

	$cdn_base_path = rtrim($mybb->settings['cdnpath'], '/');
$path = ltrim($path, '/');
$cdn_path = realpath($cdn_base_path . '/' . $path);



 

if($mybb->settings['usecdn'] && !empty($cdn_base_path))
{
$deleted = $deleted && @unlink($cdn_path);


if($mybb->settings['usecdn'] && !empty($cdn_base_path))
{
$deleted = $deleted && @unlink($cdn_path);

	}









	}

$hook_params = array(
'path' => &$path,
'deleted' => &$deleted,
);

$plugins->run_hooks('delete_uploaded_file', $hook_params);


	return $deleted;
}

/**
* Delete an upload directory on both the local filesystem and the CDN filesystem.

	return $deleted;
}

/**
* Delete an upload directory on both the local filesystem and the CDN filesystem.

 *

 *

 * @param string $path The directory to delete.
*
* @return bool Whether the directory was deleted.
*/
function delete_upload_directory($path = '')

 * @param string $path The directory to delete.
*
* @return bool Whether the directory was deleted.
*/
function delete_upload_directory($path = '')

{
global $mybb;

$deleted = false;


{
global $mybb, $plugins;

$deleted = false;


	$deleted = @rmdir($path);

	$deleted = @rmdir($path);





	$cdn_base_path = rtrim($mybb->settings['cdnpath'], '/');
$path = ltrim($path, '/');

	$cdn_base_path = rtrim($mybb->settings['cdnpath'], '/');
$path = ltrim($path, '/');

	$cdn_path = rtrim(realpath($cdn_base_path . '/' . $path), '/');

if($mybb->settings['usecdn'] && !empty($cdn_base_path))

	$cdn_path = rtrim(realpath($cdn_base_path . '/' . $path), '/');

if($mybb->settings['usecdn'] && !empty($cdn_base_path))

	{
$deleted = $deleted && @rmdir($cdn_path);
}

	{
$deleted = $deleted && @rmdir($cdn_path);
}

 

$hook_params = array(
'path' => &$path,
'deleted' => &$deleted,
);

$plugins->run_hooks('delete_upload_directory', $hook_params);


return $deleted;
}


return $deleted;
}

Zeile 724Zeile 726
	global $plugins, $mybb;

$upload = array();

	global $plugins, $mybb;

$upload = array();





	if(empty($file['name']) || $file['name'] == "none" || $file['size'] < 1)

	if(empty($file['name']) || $file['name'] == "none" || $file['size'] < 1)

	{

	{

		$upload['error'] = 1;
return $upload;
}

if(!$filename)

		$upload['error'] = 1;
return $upload;
}

if(!$filename)

	{

	{

		$filename = $file['name'];

		$filename = $file['name'];

	}


	}


	$upload['original_filename'] = preg_replace("#/$#", "", $file['name']); // Make the filename safe
$filename = preg_replace("#/$#", "", $filename); // Make the filename safe
$moved = @move_uploaded_file($file['tmp_name'], $path."/".$filename);


	$upload['original_filename'] = preg_replace("#/$#", "", $file['name']); // Make the filename safe
$filename = preg_replace("#/$#", "", $filename); // Make the filename safe
$moved = @move_uploaded_file($file['tmp_name'], $path."/".$filename);


	$moved_cdn = false;
$cdn_base_path = rtrim($mybb->settings['cdnpath'], '/');
$cdn_path = rtrim(realpath($cdn_base_path . '/' . $path), '/');

if($mybb->settings['usecdn'] && !empty($cdn_base_path))
{
$moved_cdn = @copy($path . '/' . $filename, $cdn_path . '/' . $filename);
@my_chmod($cdn_path . '/' . $filename, '0644');
}

	$cdn_path = '';

$moved_cdn = copy_file_to_cdn($path."/".$filename, $cdn_path);








if(!$moved)
{


if(!$moved)
{