Subversion-Projekte lars-tiefland.content-management

Revision

Zur aktuellen Revision | Details | Letzte Änderung | Log anzeigen | RSS feed

Revision Autor Zeilennr. Zeile
1 lars 1
<?php
2
    /*
3
    * jQuery File Upload Plugin PHP Example 5.2.7
4
    * https://github.com/blueimp/jQuery-File-Upload
5
    *
6
    * Copyright 2010, Sebastian Tschan
7
    * https://blueimp.net
8
    *
9
    * Licensed under the MIT license:
10
    * http://creativecommons.org/licenses/MIT/
11
    */
12
    require "common.php";
13
    error_reporting( E_ALL | E_STRICT );
14
    $GLOBALS["web"] = $webs;
15
    $GLOBALS["site"] = $site;
16
    if ( preg_match( "/\.local$/", $_SERVER["SERVER_NAME"] ) )
17
    {
18
        $GLOBALS["site"] .= ".local";
19
    }
20
    $options = null;
21
    $real_url = "http://www." . $GLOBALS["site"] . '/images/upload/';
22
    $real_folder = $GLOBALS["web"]["verzeichnis"] . "/images/upload/";
23
    $folder = "";
24
    $GLOBALS["folder"] = "";
25
    if ( isset( $_POST["folder"] ) && $_POST["folder"] )
26
    {
27
        $folder = Weban_Utils::clean_global_input( "folder" );
28
    } elseif ( isset( $_GET["folder"] ) && $_GET["folder"] )
29
    {
30
        $folder = Weban_Utils::clean_global_input( "folder", "get" );
31
    }
32
    if ( $folder )
33
    {
34
        $folder=rtrim($folder,"/");
35
        $GLOBALS["folder"] = $folder;
36
        $folder .= "/";
37
        $real_folder .= $folder;
38
        $real_url .= $folder;
39
        $options["upload_dir"] = $real_folder;
40
        $options["upload_url"] = $real_url;
41
        $options["image_versions"]["large"]["upload_dir"] = $real_folder .
42
            "gr/";
43
        $options["image_versions"]["large"]["upload_url"] = $real_url .
44
            "gr/";
45
        $options["image_versions"]["thumbnail"]["upload_dir"] = $real_folder .
46
            "mini/";
47
        $options["image_versions"]["thumbnail"]["upload_url"] = $real_url .
48
            "mini/";
49
    }
50
 
51
    class UploadHandler
52
    {
53
        private $options;
54
 
55
        function __construct( $options = null )
56
        {
57
            $this->options = array( 'script_url' => $_SERVER['PHP_SELF'],
58
                'upload_dir' => $GLOBALS["web"]["verzeichnis"] .
59
                '/images/upload/', 'upload_url' => "http://www." . $GLOBALS["site"] .
60
                '/images/upload/', 'param_name' => 'files',
61
                // The php.ini settings upload_max_filesize and post_max_size
62
                // take precedence over the following max_file_size setting:
63
            'max_file_size' => null, 'min_file_size' => 1,
64
                'accept_file_types' => '/.+$/i', 'max_number_of_files' => null,
65
                'discard_aborted_uploads' => true, 'image_versions' => array
66
                ( // Uncomment the following version to restrict the size of
67
                // uploaded images. You can also add additional versions with
68
            // their own upload directories:
69
 
70
            'large' => array( 'upload_dir' => $GLOBALS["web"]["verzeichnis"] .
71
                '/images/upload/gr/', 'upload_url' => "http://www." . $GLOBALS["site"] .
72
                '/images/upload/gr/', 'max_width' => 1920, 'max_height' =>
73
                1920 ), 'thumbnail' => array( 'upload_dir' => $GLOBALS["web"]["verzeichnis"] .
74
                '/images/upload/mini/', 'upload_url' => "http://www." . $GLOBALS["site"] .
75
                '/images/upload/mini/', 'max_width' => 80, 'max_height' =>
76
                80 ) ) );
77
            if ( $options )
78
            {
79
                foreach ( $options as $o_id => $option )
80
                {
81
                    if ( !is_array( $option ) )
82
                    {
83
                        $this->options[$o_id] = $option;
84
                    }
85
                    else
86
                    {
87
                        foreach ( $option as $o_key => $o_val )
88
                        {
89
                            foreach ( $o_val as $o_key2 => $o_val_2 )
90
                            {
91
                                $this->options[$o_id][$o_key][$o_key2] = $o_val_2;
92
                            }
93
                        }
94
                    }
95
                }
96
                //$this->options = array_merge( $this->options, $options );
97
            }
98
        }
99
 
100
        private function get_file_object( $file_name )
101
        {
102
            $file_path = $this->options['upload_dir'] . $file_name;
103
            if ( is_file( $file_path ) && $file_name[0] !== '.' )
104
            {
105
                $file = new stdClass();
106
                $file->name = $file_name;
107
                $file->size = filesize( $file_path );
108
                $file->url = $this->options['upload_url'] . rawurlencode( $file->
109
                    name );
110
                foreach ( $this->options['image_versions'] as $version => $options )
111
                {
112
                    if ( is_file( $options['upload_dir'] . $file_name ) )
113
                    {
114
                        $file->{$version . '_url'} = $options['upload_url'] .
115
                            rawurlencode( $file->name );
116
                    }
117
                }
118
                $file->delete_url = $this->options['script_url'] . '?file=' .
119
                    rawurlencode( $file->name ).'&folder='.$GLOBALS["folder"];
120
                $file->delete_type = 'DELETE';
121
                return $file;
122
            }
123
            return null;
124
        }
125
 
126
        private function get_file_objects()
127
        {
128
            return array_values( array_filter( array_map( array( $this,
129
                'get_file_object' ), scandir( $this->options['upload_dir'] ) ) ) );
130
        }
131
 
132
        private function create_scaled_image( $file_name, $options )
133
        {
134
            $file_path = $this->options['upload_dir'] . $file_name;
135
            $new_file_path = $options['upload_dir'] . $file_name;
136
            list( $img_width, $img_height ) = @getimagesize( $file_path );
137
            if ( !$img_width || !$img_height )
138
            {
139
                return false;
140
            }
141
            $scale = min( $options['max_width'] / $img_width, $options['max_height'] /
142
                $img_height );
143
            if ( $scale > 1 )
144
            {
145
                $scale = 1;
146
            }
147
            $new_width = $img_width * $scale;
148
            $new_height = $img_height * $scale;
149
            $new_img = @imagecreatetruecolor( $new_width, $new_height );
150
            switch ( strtolower( substr( strrchr( $file_name, '.' ), 1 ) ) )
151
            {
152
                case 'jpg':
153
                case 'jpeg':
154
                    $src_img = @imagecreatefromjpeg( $file_path );
155
                    $write_image = 'imagejpeg';
156
                    break;
157
                case 'gif':
158
                    @imagecolortransparent( $new_img, @imagecolorallocate( $new_img,
159
                        0, 0, 0 ) );
160
                    $src_img = @imagecreatefromgif( $file_path );
161
                    $write_image = 'imagegif';
162
                    break;
163
                case 'png':
164
                    @imagecolortransparent( $new_img, @imagecolorallocate( $new_img,
165
                        0, 0, 0 ) );
166
                    @imagealphablending( $new_img, false );
167
                    @imagesavealpha( $new_img, true );
168
                    $src_img = @imagecreatefrompng( $file_path );
169
                    $write_image = 'imagepng';
170
                    break;
171
                default:
172
                    $src_img = $image_method = null;
173
            }
174
            $success = $src_img && @imagecopyresampled( $new_img, $src_img,
175
                0, 0, 0, 0, $new_width, $new_height, $img_width, $img_height ) &&
176
                $write_image( $new_img, $new_file_path );
177
            // Free up memory (imagedestroy does not delete files):
178
            @imagedestroy( $src_img );
179
            @imagedestroy( $new_img );
180
            return $success;
181
        }
182
 
183
        private function has_error( $uploaded_file, $file, $error )
184
        {
185
            if ( $error )
186
            {
187
                return $error;
188
            }
189
            if ( !preg_match( $this->options['accept_file_types'], $file->
190
                name ) )
191
            {
192
                return 'acceptFileTypes';
193
            }
194
            if ( $uploaded_file && is_uploaded_file( $uploaded_file ) )
195
            {
196
                $file_size = filesize( $uploaded_file );
197
            }
198
            else
199
            {
200
                $file_size = $_SERVER['CONTENT_LENGTH'];
201
            }
202
            if ( $this->options['max_file_size'] && ( $file_size > $this->
203
                options['max_file_size'] || $file->size > $this->options['max_file_size'] ) )
204
            {
205
                return 'maxFileSize';
206
            }
207
            if ( $this->options['min_file_size'] && $file_size < $this->
208
                options['min_file_size'] )
209
            {
210
                return 'minFileSize';
211
            }
212
            if ( is_int( $this->options['max_number_of_files'] ) && ( count
213
                ( $this->get_file_objects() ) >= $this->options['max_number_of_files'] ) )
214
            {
215
                return 'maxNumberOfFiles';
216
            }
217
            return $error;
218
        }
219
 
220
        private function handle_file_upload( $uploaded_file, $name, $size, $type,
221
            $error )
222
        {
223
            $file = new stdClass();
224
            // Remove path information and dots around the filename, to prevent uploading
225
            // into different directories or replacing hidden system files.
226
            // Also remove control characters and spaces (\x00..\x20) around the filename:
227
            $file->name = trim( basename( stripslashes( $name ) ), ".\x00..\x20" );
228
            $file->size = intval( $size );
229
            $file->type = $type;
230
            $error = $this->has_error( $uploaded_file, $file, $error );
231
            if ( !$error && $file->name )
232
            {
233
                $file_path = $this->options['upload_dir'] . $file->name;
234
                $append_file = !$this->options['discard_aborted_uploads'] &&
235
                    is_file( $file_path ) && $file->size > filesize( $file_path );
236
                clearstatcache();
237
                if ( $uploaded_file && is_uploaded_file( $uploaded_file ) )
238
                {
239
                    // multipart/formdata uploads (POST method uploads)
240
                    if ( $append_file )
241
                    {
242
                        file_put_contents( $file_path, fopen( $uploaded_file,
243
                            'r' ), FILE_APPEND );
244
                    }
245
                    else
246
                    {
247
                        move_uploaded_file( $uploaded_file, $file_path );
248
                    }
249
                }
250
                else
251
                {
252
                    // Non-multipart uploads (PUT method support)
253
                    file_put_contents( $file_path, fopen( 'php://input', 'r' ),
254
                        $append_file ? FILE_APPEND : 0 );
255
                }
256
                $file_size = filesize( $file_path );
257
                if ( $file_size === $file->size )
258
                {
259
                    $file->url = $this->options['upload_url'] . rawurlencode( $file->
260
                        name );
261
                    foreach ( $this->options['image_versions'] as $version =>
262
                        $options )
263
                    {
264
                        if ( $this->create_scaled_image( $file->name, $options ) )
265
                        {
266
                            $file->{$version . '_url'} = $options['upload_url'] .
267
                                rawurlencode( $file->name );
268
                        }
269
                    }
270
                    $sql = "INSERT INTO
271
                            bilder
272
                        SET
273
                            name='$file->name',
274
                            folder='" . $GLOBALS["folder"] . "',
275
                            erstellt_am=UNIX_TIMESTAMP(),
276
                            erstellt_von='" . $_SERVER["PHP_AUTH_USER"] . "'
277
                    ";
278
                    mysql_query( $sql );
279
                }
280
                else
281
                    if ( $this->options['discard_aborted_uploads'] )
282
                    {
283
                        unlink( $file_path );
284
                        $file->error = 'abort';
285
                    }
286
                $file->size = $file_size;
287
                $file->delete_url = $this->options['script_url'] . '?file=' .
288
                    rawurlencode( $file->name );
289
                $file->delete_type = 'DELETE';
290
            }
291
            else
292
            {
293
                $file->error = $error;
294
            }
295
            return $file;
296
        }
297
 
298
        public function get()
299
        {
300
            $file_name = isset( $_REQUEST['file'] ) ? basename( stripslashes
301
                ( $_REQUEST['file'] ) ) : null;
302
            if ( $file_name )
303
            {
304
                $info = $this->get_file_object( $file_name );
305
            }
306
            else
307
            {
308
                $info = $this->get_file_objects();
309
            }
310
            header( 'Content-type: application/json' );
311
            echo json_encode( $info );
312
        }
313
 
314
        public function post()
315
        {
316
            $upload = isset( $_FILES[$this->options['param_name']] ) ? $_FILES[$this->
317
                options['param_name']] : array( 'tmp_name' => null, 'name' => null,
318
                'size' => null, 'type' => null, 'error' => null );
319
            $info = array();
320
            if ( is_array( $upload['tmp_name'] ) )
321
            {
322
                foreach ( $upload['tmp_name'] as $index => $value )
323
                {
324
                    $info[] = $this->handle_file_upload( $upload['tmp_name'][$index],
325
                        isset( $_SERVER['HTTP_X_FILE_NAME'] ) ? $_SERVER['HTTP_X_FILE_NAME'] :
326
                        $upload['name'][$index], isset( $_SERVER['HTTP_X_FILE_SIZE'] ) ?
327
                        $_SERVER['HTTP_X_FILE_SIZE'] : $upload['size'][$index],
328
                        isset( $_SERVER['HTTP_X_FILE_TYPE'] ) ? $_SERVER['HTTP_X_FILE_TYPE'] :
329
                        $upload['type'][$index], $upload['error'][$index] );
330
                }
331
            }
332
            else
333
            {
334
                $info[] = $this->handle_file_upload( $upload['tmp_name'],
335
                    isset( $_SERVER['HTTP_X_FILE_NAME'] ) ? $_SERVER['HTTP_X_FILE_NAME'] :
336
                    $upload['name'], isset( $_SERVER['HTTP_X_FILE_SIZE'] ) ?
337
                    $_SERVER['HTTP_X_FILE_SIZE'] : $upload['size'], isset( $_SERVER['HTTP_X_FILE_TYPE'] ) ?
338
                    $_SERVER['HTTP_X_FILE_TYPE'] : $upload['type'], $upload['error'] );
339
            }
340
            header( 'Vary: Accept' );
341
            if ( isset( $_SERVER['HTTP_ACCEPT'] ) && ( strpos( $_SERVER['HTTP_ACCEPT'],
342
                'application/json' ) !== false ) )
343
            {
344
                header( 'Content-type: application/json' );
345
            }
346
            else
347
            {
348
                header( 'Content-type: text/plain' );
349
            }
350
            echo json_encode( $info );
351
        }
352
 
353
        public function delete()
354
        {
355
            $file_name = isset( $_REQUEST['file'] ) ? basename( stripslashes
356
                ( $_REQUEST['file'] ) ) : null;
357
            $file_path = $this->options['upload_dir'] . $file_name;
358
            $success = is_file( $file_path ) && $file_name[0] !== '.' &&
359
                unlink( $file_path );
360
            if ( $success )
361
            {
362
                foreach ( $this->options['image_versions'] as $version => $options )
363
                {
364
                    $file = $options['upload_dir'] . $file_name;
365
                    if ( is_file( $file ) )
366
                    {
367
                        unlink( $file );
368
                    }
369
                }
370
                $sql = "DELETE FROM
371
                        bilder
372
                    WHERE
373
                        name='$file_name'
374
                    AND
375
                        folder='" . $GLOBALS["folder"] . "'
376
                ";
377
                mysql_query( $sql );
378
            }
379
            header( 'Content-type: application/json' );
380
            echo json_encode( $success );
381
        }
382
    }
383
 
384
    $upload_handler = new UploadHandler( $options );
385
 
386
    header( 'Pragma: no-cache' );
387
    header( 'Cache-Control: private, no-cache' );
388
    header( 'Content-Disposition: inline; filename="files.json"' );
389
    header( 'X-Content-Type-Options: nosniff' );
390
 
391
    switch ( $_SERVER['REQUEST_METHOD'] )
392
    {
393
        case 'HEAD':
394
        case 'GET':
395
            $upload_handler->get();
396
            break;
397
        case 'POST':
398
            $upload_handler->post();
399
            break;
400
        case 'DELETE':
401
            $upload_handler->delete();
402
            break;
403
        case 'OPTIONS':
404
            break;
405
        default:
406
            header( 'HTTP/1.0 405 Method Not Allowed' );
407
    }
408
?>