forked from markiliffe/WaterHackathon_Taarifa_Web
/
upload.php
313 lines (280 loc) · 7.43 KB
/
upload.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
<?php defined('SYSPATH') or die('No direct script access.');
/**
* Upload helper class for working with the global $_FILES
* array and Validation library.
*
* $Id: upload.php 3264 2008-09-23 19:03:14Z David Kobia $
*
* @package Core
* @author Kohana Team
* @copyright (c) 2007-2008 Kohana Team
* @license http://kohanaphp.com/license.html
*/
class upload_Core {
/**
* Save an uploaded file to a new location.
*
* @param mixed name of $_FILE input or array of upload data
* @param string new filename
* @param string new directory
* @param integer chmod mask
* @return string full path to new file
*/
public static function save($file, $filename = NULL, $directory = NULL, $chmod = 0644)
{
// Check if file is properly send.
if (empty($_FILES[$file])) return;
// Load file data from FILES if not passed as array
$file = is_array($file) ? $file : $_FILES[$file];
if ($filename === NULL)
{
// Use the default filename, with a timestamp pre-pended
$filename = time().$file['name'];
}
if (Kohana::config('upload.remove_spaces') === TRUE)
{
// Remove spaces from the filename
$filename = preg_replace('/\s+/', '_', $filename);
}
if ($directory === NULL)
{
// Use the pre-configured upload directory
$directory = Kohana::config('upload.directory', TRUE);
}
// Make sure the directory ends with a slash
$directory = rtrim($directory, '/').'/';
if ( ! is_dir($directory) AND Kohana::config('upload.create_directories') === TRUE)
{
// Create the upload directory
mkdir($directory, 0777, TRUE);
}
if ( ! is_writable($directory))
throw new Kohana_Exception('upload.not_writable', $directory);
// loop through if tmp_name returns an array
if( is_array( $file['tmp_name'] ) ) {
$i = 0;
$filenames = array();
foreach( $file['tmp_name'] as $tmp_name ) {
if (is_uploaded_file($tmp_name ) AND
move_uploaded_file($tmp_name, $filename =
$directory.$file['name'][$i] ) )
{
if ($chmod !== FALSE)
{
// Set permissions on filename
chmod( $filename, $chmod );
}
// Add $filename to $filenames array
$filenames[] = $filename;
}
$i++;
}
// Return new file path array
return $filenames;
}
else
{
if (is_uploaded_file($file['tmp_name']) AND move_uploaded_file($file['tmp_name'], $filename = $directory.$filename))
{
if ($chmod !== FALSE)
{
// Set permissions on filename
chmod($filename, $chmod);
}
// Return new file path
return $filename;
}
}
return FALSE;
}
/* Validation Rules */
/**
* Tests if input data is valid file type, even if no upload is present.
*
* @param array $_FILES item
* @return bool
*/
public static function valid($file)
{
if (is_array($file))
{
// Is this a multi-upload array?
if (is_array($file['name']))
{
for ($i=0; $i <= count($file['name']) ; $i++)
{
if (isset($file['error'][$i])
AND isset($file['name'][$i])
AND isset($file['type'][$i])
AND isset($file['tmp_name'][$i])
AND isset($file['size'][$i]))
{
return true;
}
else
{
return false;
}
}
}
// No - this is a single upload
else
{
return (isset($file['error'])
AND isset($file['name'])
AND isset($file['type'])
AND isset($file['tmp_name'])
AND isset($file['size']));
}
}
else
{
return false;
}
}
/**
* Tests if input data has valid upload data.
*
* @param array $_FILES item
* @return bool
*/
public static function required(array $file)
{
if (is_array($file['name']))
{
for ($i=0; $i <= count($file['name']) ; $i++)
{
if (isset($file['tmp_name'][$i])
AND isset($file['error'][$i])
AND is_uploaded_file($file['tmp_name'][$i])
AND (int) $file['error'][$i] === UPLOAD_ERR_OK)
{
return true;
}
else
{
return false;
}
}
}
// This is a single upload
else
{
return (isset($file['tmp_name'])
AND isset($file['error'])
AND is_uploaded_file($file['tmp_name'])
AND (int) $file['error'] === UPLOAD_ERR_OK);
}
}
/**
* Validation rule to test if an uploaded file is allowed by extension.
*
* @param array $_FILES item
* @param array allowed file extensions
* @return bool
*/
public static function type(array $file, array $allowed_types)
{
if (is_array($file['name']))
{
for ($i=0; $i <= count($file['name']) ; $i++)
{
if ((int) $file['error'][$i] !== UPLOAD_ERR_OK)
{
return TRUE;
}
// Get the default extension of the file
$extension = strtolower(substr(strrchr($file['name'][$i], '.'), 1));
// Get the mime types for the extension
$mime_types = Kohana::config('mimes.'.$extension);
// Make sure there is an extension, that the extension is allowed, and that mime types exist
if ( ! empty($extension) AND in_array($extension, $allowed_types) AND is_array($mime_types))
{
return TRUE;
}
else
{
return false;
}
}
}
// This is a single upload
else
{
if ((int) $file['error'] !== UPLOAD_ERR_OK)
return TRUE;
// Get the default extension of the file
$extension = strtolower(substr(strrchr($file['name'], '.'), 1));
// Get the mime types for the extension
$mime_types = Kohana::config('mimes.'.$extension);
// Make sure there is an extension, that the extension is allowed, and that mime types exist
return ( ! empty($extension) AND in_array($extension, $allowed_types) AND is_array($mime_types));
}
}
/**
* Validation rule to test if an uploaded file is allowed by file size.
* File sizes are defined as: SB, where S is the size (1, 15, 300, etc) and
* B is the byte modifier: (B)ytes, (K)ilobytes, (M)egabytes, (G)igabytes.
* Eg: to limit the size to 1MB or less, you would use "1M".
*
* @param array $_FILES item
* @param array maximum file size
* @return bool
*/
public static function size(array $file, array $size)
{
if (is_array($file['name']))
{
for ($i=0; $i <= count($file['name']) ; $i++)
{
if ((int) $file['error'][$i] !== UPLOAD_ERR_OK)
{
return TRUE;
}
// Only one size is allowed
$size = strtoupper($size[0]);
if ( ! preg_match('/[0-9]++[BKMG]/', $size))
{
return FALSE;
}
// Make the size into a power of 1024
switch (substr($size, -1))
{
case 'G': $size = intval($size) * pow(1024, 3); break;
case 'M': $size = intval($size) * pow(1024, 2); break;
case 'K': $size = intval($size) * pow(1024, 1); break;
default: $size = intval($size); break;
}
// Test that the file is under or equal to the max size
if ($file['size'][$i] <= $size)
{
return true;
}
else
{
return false;
}
}
}
// This is a single upload
else
{
if ((int) $file['error'] !== UPLOAD_ERR_OK)
return TRUE;
// Only one size is allowed
$size = strtoupper($size[0]);
if ( ! preg_match('/[0-9]++[BKMG]/', $size))
return FALSE;
// Make the size into a power of 1024
switch (substr($size, -1))
{
case 'G': $size = intval($size) * pow(1024, 3); break;
case 'M': $size = intval($size) * pow(1024, 2); break;
case 'K': $size = intval($size) * pow(1024, 1); break;
default: $size = intval($size); break;
}
// Test that the file is under or equal to the max size
return ($file['size'] <= $size);
}
}
} // End upload