Verzeichnisstruktur phpBB-3.3.15
- Veröffentlicht
- 28.08.2024
So funktioniert es
|
|
Auf das letzte Element klicken. Dies geht jeweils ein Schritt zurück |
Auf das Icon klicken, dies öffnet das Verzeichnis. Nochmal klicken schließt das Verzeichnis. |
|
|
(Beispiel Datei-Icons)
|
Auf das Icon klicken um den Quellcode anzuzeigen |
upload.php
001 <?php
002 /**
003 *
004 * This file is part of the phpBB Forum Software package.
005 *
006 * @copyright (c) phpBB Limited <https://www.phpbb.com>
007 * @license GNU General Public License, version 2 (GPL-2.0)
008 *
009 * For full copyright and license information, please see
010 * the docs/CREDITS.txt file.
011 *
012 */
013
014 namespace phpbb\avatar\driver;
015
016 /**
017 * Handles avatars uploaded to the board
018 */
019 class upload extends \phpbb\avatar\driver\driver
020 {
021 /**
022 * @var \phpbb\filesystem\filesystem_interface
023 */
024 protected $filesystem;
025
026 /**
027 * @var \phpbb\event\dispatcher_interface
028 */
029 protected $dispatcher;
030
031 /**
032 * @var \phpbb\files\factory
033 */
034 protected $files_factory;
035
036 /**
037 * Construct a driver object
038 *
039 * @param \phpbb\config\config $config phpBB configuration
040 * @param string $phpbb_root_path Path to the phpBB root
041 * @param string $php_ext PHP file extension
042 * @param \phpbb\filesystem\filesystem_interface $filesystem phpBB filesystem helper
043 * @param \phpbb\path_helper $path_helper phpBB path helper
044 * @param \phpbb\event\dispatcher_interface $dispatcher phpBB Event dispatcher object
045 * @param \phpbb\files\factory $files_factory File classes factory
046 * @param \phpbb\cache\driver\driver_interface $cache Cache driver
047 */
048 public function __construct(\phpbb\config\config $config, $phpbb_root_path, $php_ext, \phpbb\filesystem\filesystem_interface $filesystem, \phpbb\path_helper $path_helper, \phpbb\event\dispatcher_interface $dispatcher, \phpbb\files\factory $files_factory, \phpbb\cache\driver\driver_interface $cache = null)
049 {
050 $this->config = $config;
051 $this->phpbb_root_path = $phpbb_root_path;
052 $this->php_ext = $php_ext;
053 $this->filesystem = $filesystem;
054 $this->path_helper = $path_helper;
055 $this->dispatcher = $dispatcher;
056 $this->files_factory = $files_factory;
057 $this->cache = $cache;
058 }
059
060 /**
061 * {@inheritdoc}
062 */
063 public function get_data($row)
064 {
065 $root_path = $this->path_helper->get_web_root_path();
066
067 return array(
068 'src' => $root_path . 'download/file.' . $this->php_ext . '?avatar=' . $row['avatar'],
069 'width' => $row['avatar_width'],
070 'height' => $row['avatar_height'],
071 );
072 }
073
074 /**
075 * {@inheritdoc}
076 */
077 public function prepare_form($request, $template, $user, $row, &$error)
078 {
079 if (!$this->can_upload())
080 {
081 return false;
082 }
083
084 $template->assign_vars(array(
085 'S_UPLOAD_AVATAR_URL' => ($this->config['allow_avatar_remote_upload']) ? true : false,
086 'AVATAR_UPLOAD_SIZE' => $this->config['avatar_filesize'],
087 'AVATAR_ALLOWED_EXTENSIONS' => implode(',', preg_replace('/^/', '.', $this->allowed_extensions)),
088 ));
089
090 return true;
091 }
092
093 /**
094 * {@inheritdoc}
095 */
096 public function process_form($request, $template, $user, $row, &$error)
097 {
098 if (!$this->can_upload())
099 {
100 return false;
101 }
102
103 /** @var \phpbb\files\upload $upload */
104 $upload = $this->files_factory->get('upload')
105 ->set_error_prefix('AVATAR_')
106 ->set_allowed_extensions($this->allowed_extensions)
107 ->set_max_filesize($this->config['avatar_filesize'])
108 ->set_allowed_dimensions(
109 $this->config['avatar_min_width'],
110 $this->config['avatar_min_height'],
111 $this->config['avatar_max_width'],
112 $this->config['avatar_max_height'])
113 ->set_disallowed_content((isset($this->config['mime_triggers']) ? explode('|', $this->config['mime_triggers']) : false));
114
115 $url = $request->variable('avatar_upload_url', '');
116 $upload_file = $request->file('avatar_upload_file');
117
118 if (!empty($upload_file['name']))
119 {
120 $file = $upload->handle_upload('files.types.form', 'avatar_upload_file');
121 }
122 else if (!empty($this->config['allow_avatar_remote_upload']) && !empty($url))
123 {
124 if (!preg_match('#^(http|https|ftp)://#i', $url))
125 {
126 $url = 'http://' . $url;
127 }
128
129 if (!function_exists('validate_data'))
130 {
131 require($this->phpbb_root_path . 'includes/functions_user.' . $this->php_ext);
132 }
133
134 $validate_array = validate_data(
135 array(
136 'url' => $url,
137 ),
138 array(
139 'url' => array('string', true, 5, 255),
140 )
141 );
142
143 $error = array_merge($error, $validate_array);
144
145 if (!empty($error))
146 {
147 return false;
148 }
149
150 // Do not allow specifying the port (see RFC 3986) or IP addresses
151 // remote_upload() will do its own check for allowed filetypes
152 if (!preg_match('#^(http|https|ftp)://(?:(.*?\.)*?[a-z0-9\-]+?\.[a-z]{2,4}|(?:\d{1,3}\.){3,5}\d{1,3}):?([0-9]*?).*?\.('. implode('|', $this->allowed_extensions) . ')$#i', $url) ||
153 preg_match('@^(http|https|ftp)://[^/:?#]+:[0-9]+[/:?#]@i', $url) ||
154 preg_match('#^(http|https|ftp)://(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])#i', $url) ||
155 preg_match('#^(http|https|ftp)://(?:(?:(?:[\dA-F]{1,4}:){6}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:::(?:[\dA-F]{1,4}:){0,5}(?:[\dA-F]{1,4}(?::[\dA-F]{1,4})?|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:):(?:[\dA-F]{1,4}:){4}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,2}:(?:[\dA-F]{1,4}:){3}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,3}:(?:[\dA-F]{1,4}:){2}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,4}:(?:[\dA-F]{1,4}:)(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,5}:(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,6}:[\dA-F]{1,4})|(?:(?:[\dA-F]{1,4}:){1,7}:)|(?:::))#i', $url))
156 {
157 $error[] = 'AVATAR_URL_INVALID';
158 return false;
159 }
160
161 $file = $upload->handle_upload('files.types.remote', $url);
162 }
163 else
164 {
165 return false;
166 }
167
168 $prefix = $this->config['avatar_salt'] . '_';
169 $file->clean_filename('avatar', $prefix, $row['id']);
170
171 // If there was an error during upload, then abort operation
172 if (count($file->error))
173 {
174 $file->remove();
175 $error = $file->error;
176 return false;
177 }
178
179 // Calculate new destination
180 $destination = $this->config['avatar_path'];
181
182 // Adjust destination path (no trailing slash)
183 if (substr($destination, -1, 1) == '/' || substr($destination, -1, 1) == '\\')
184 {
185 $destination = substr($destination, 0, -1);
186 }
187
188 $destination = str_replace(array('../', '..\\', './', '.\\'), '', $destination);
189 if ($destination && ($destination[0] == '/' || $destination[0] == "\\"))
190 {
191 $destination = '';
192 }
193
194 $filedata = array(
195 'filename' => $file->get('filename'),
196 'filesize' => $file->get('filesize'),
197 'mimetype' => $file->get('mimetype'),
198 'extension' => $file->get('extension'),
199 'physical_filename' => $file->get('realname'),
200 'real_filename' => $file->get('uploadname'),
201 );
202
203 /**
204 * Before moving new file in place (and eventually overwriting the existing avatar with the newly uploaded avatar)
205 *
206 * @event core.avatar_driver_upload_move_file_before
207 * @var array filedata Array containing uploaded file data
208 * @var \phpbb\files\filespec file Instance of filespec class
209 * @var string destination Destination directory where the file is going to be moved
210 * @var string prefix Prefix for the avatar filename
211 * @var array row Array with avatar row data
212 * @var array error Array of errors, if filled in by this event file will not be moved
213 * @since 3.1.6-RC1
214 * @changed 3.1.9-RC1 Added filedata
215 * @changed 3.2.3-RC1 Added file
216 */
217 $vars = array(
218 'filedata',
219 'file',
220 'destination',
221 'prefix',
222 'row',
223 'error',
224 );
225 extract($this->dispatcher->trigger_event('core.avatar_driver_upload_move_file_before', compact($vars)));
226
227 unset($filedata);
228
229 if (!count($error))
230 {
231 // Move file and overwrite any existing image
232 $file->move_file($destination, true);
233 }
234
235 // If there was an error during move, then clean up leftovers
236 $error = array_merge($error, $file->error);
237 if (count($error))
238 {
239 $file->remove();
240 return false;
241 }
242
243 // Delete current avatar if not overwritten
244 $ext = substr(strrchr($row['avatar'], '.'), 1);
245 if ($ext && $ext !== $file->get('extension'))
246 {
247 $this->delete($row);
248 }
249
250 return array(
251 'avatar' => $row['id'] . '_' . time() . '.' . $file->get('extension'),
252 'avatar_width' => $file->get('width'),
253 'avatar_height' => $file->get('height'),
254 );
255 }
256
257 /**
258 * {@inheritdoc}
259 */
260 public function prepare_form_acp($user)
261 {
262 return array(
263 'allow_avatar_remote_upload'=> array('lang' => 'ALLOW_REMOTE_UPLOAD', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
264 'avatar_filesize' => array('lang' => 'MAX_FILESIZE', 'validate' => 'int:0', 'type' => 'number:0', 'explain' => true, 'append' => ' ' . $user->lang['BYTES']),
265 'avatar_path' => array('lang' => 'AVATAR_STORAGE_PATH', 'validate' => 'rpath', 'type' => 'text:20:255', 'explain' => true),
266 );
267 }
268
269 /**
270 * {@inheritdoc}
271 */
272 public function delete($row)
273 {
274
275 $error = array();
276 $destination = $this->config['avatar_path'];
277 $prefix = $this->config['avatar_salt'] . '_';
278 $ext = substr(strrchr($row['avatar'], '.'), 1);
279 $filename = $this->phpbb_root_path . $destination . '/' . $prefix . $row['id'] . '.' . $ext;
280
281 /**
282 * Before deleting an existing avatar
283 *
284 * @event core.avatar_driver_upload_delete_before
285 * @var string destination Destination directory where the file is going to be deleted
286 * @var string prefix Prefix for the avatar filename
287 * @var array row Array with avatar row data
288 * @var array error Array of errors, if filled in by this event file will not be deleted
289 * @since 3.1.6-RC1
290 */
291 $vars = array(
292 'destination',
293 'prefix',
294 'row',
295 'error',
296 );
297 extract($this->dispatcher->trigger_event('core.avatar_driver_upload_delete_before', compact($vars)));
298
299 if (!count($error) && $this->filesystem->exists($filename))
300 {
301 try
302 {
303 $this->filesystem->remove($filename);
304 return true;
305 }
306 catch (\phpbb\filesystem\exception\filesystem_exception $e)
307 {
308 // Fail is covered by return statement below
309 }
310 }
311
312 return false;
313 }
314
315 /**
316 * {@inheritdoc}
317 */
318 public function get_template_name()
319 {
320 return 'ucp_avatar_options_upload.html';
321 }
322
323 /**
324 * Check if user is able to upload an avatar
325 *
326 * @return bool True if user can upload, false if not
327 */
328 protected function can_upload()
329 {
330 return ($this->filesystem->exists($this->phpbb_root_path . $this->config['avatar_path']) && $this->filesystem->is_writable($this->phpbb_root_path . $this->config['avatar_path']) && (@ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on'));
331 }
332 }
333