Revision 1 | Blame | Vergleich mit vorheriger | Letzte Ă„nderung | Log anzeigen | RSS feed
<?php/** jQuery File Upload Plugin PHP Example 5.2.7* https://github.com/blueimp/jQuery-File-Upload** Copyright 2010, Sebastian Tschan* https://blueimp.net** Licensed under the MIT license:* http://creativecommons.org/licenses/MIT/*/require "common.php";error_reporting( E_ALL | E_STRICT );define( "__USE_MDB2__", false );$GLOBALS["web"] = $webs;$GLOBALS["web_rechte"] = $web_rechte;$GLOBALS["site"] = $site;if ( preg_match( "/\.local$/", $_SERVER["SERVER_NAME"] ) ){$GLOBALS["site"] .= ".local";}$options = null;$real_url = "http://www." . $GLOBALS["site"] . '/images/upload/';$real_folder = $GLOBALS["web"]["verzeichnis"] . "/images/upload/";$folder = "";$GLOBALS["folder"] = "";if ( isset( $_POST["folder"] ) && $_POST["folder"] ){$folder = Weban_Utils::clean_global_input( "folder" );} elseif ( isset( $_GET["folder"] ) && $_GET["folder"] ){$folder = Weban_Utils::clean_global_input( "folder", "get" );}$Imagedaten = array_chunk( explode( ";", $GLOBALS["web_rechte"]["admin"]["toolbox"]["bildverwaltung"] ),4 );if ( $folder ){$folder = rtrim( $folder, "/" );$GLOBALS["folder"] = $folder;$folder .= "/";$real_folder .= $folder;$real_url .= $folder;$options["upload_dir"] = $real_folder;$options["upload_url"] = $real_url;foreach ( $Imagedaten as $set ){$options["image_versions"][$set[0]] = array( "upload_dir" => $real_folder .$set[1] . "/", "upload_url" => $real_url . $set[1] . "/","max_width" => $set[2], "max_height" => $set[3], );}}class UploadHandler{private $options;function __construct( $options = null ){$Imagedaten = array_chunk( explode( ";", $GLOBALS["web_rechte"]["admin"]["toolbox"]["bildverwaltung"] ),4 );$this->options = array( 'script_url' => $_SERVER['PHP_SELF'],'upload_dir' => $GLOBALS["web"]["verzeichnis"] .'/images/upload/', 'upload_url' => "http://www." . $GLOBALS["site"] .'/images/upload/', 'param_name' => 'files',// The php.ini settings upload_max_filesize and post_max_size// take precedence over the following max_file_size setting:'max_file_size' => null, 'min_file_size' => 1, 'accept_file_types' =>'/(\.|\/)(gif|jpe?g|png)$/i', 'max_number_of_files' => null,'discard_aborted_uploads' => true,/*'image_versions' => array( // Uncomment the following version to restrict the size of// uploaded images. You can also add additional versions with// their own upload directories:'large' => array( 'upload_dir' => $GLOBALS["web"]["verzeichnis"] .'/images/upload/gr/', 'upload_url' => "http://www." . $GLOBALS["site"] .'/images/upload/gr/', 'max_width' => 1920, 'max_height' => 1920 ),'thumbnail' => array( 'upload_dir' => $GLOBALS["web"]["verzeichnis"] .'/images/upload/mini/', 'upload_url' => "http://www." . $GLOBALS["site"] .'/images/upload/mini/', 'max_width' => 80, 'max_height' => 80, ), ),*/ );foreach ( $Imagedaten as $set ){$this->options["image_versions"][$set[0]] = array( "upload_dir" =>$GLOBALS["web"]["verzeichnis"] . '/images/upload/' . $set[1] ."/", "upload_url" => "http://www." . $GLOBALS["site"] .'/images/upload/' . $set[1] . "/", "max_width" => $set[2],"max_height" => $set[3], );}if ( $options ){foreach ( $options as $o_id => $option ){if ( !is_array( $option ) ){$this->options[$o_id] = $option;}else{foreach ( $option as $o_key => $o_val ){foreach ( $o_val as $o_key2 => $o_val_2 ){$this->options[$o_id][$o_key][$o_key2] = $o_val_2;}}}}//$this->options = array_merge( $this->options, $options );}//var_dump( $this->options );//exit;}private function get_file_object( $file_name ){$file_path = $this->options['upload_dir'] . $file_name;if ( is_file( $file_path ) && $file_name[0] !== '.' ){$file = new stdClass();$file->name = $file_name;$file->size = filesize( $file_path );$file->url = $this->options['upload_url'] . rawurlencode( $file->name );foreach ( $this->options['image_versions'] as $version => $options ){if ( is_file( $options['upload_dir'] . $file_name ) ){$file->{$version . '_url'} = $options['upload_url'] .rawurlencode( $file->name );}}$file->delete_url = $this->options['script_url'] . '?file=' .rawurlencode( $file->name ) . '&folder=' . $GLOBALS["folder"];$file->delete_type = 'DELETE';return $file;}return null;}private function get_file_objects(){return array_values( array_filter( array_map( array( $this,'get_file_object' ), scandir( $this->options['upload_dir'] ) ) ) );}private function create_scaled_image( $file_name, $options ){$file_path = $this->options['upload_dir'] . $file_name;$new_file_path = $options['upload_dir'] . $file_name;list( $img_width, $img_height ) = @getimagesize( $file_path );if ( !$img_width || !$img_height ){return false;}$scale = min( $options['max_width'] / $img_width, $options['max_height'] /$img_height );if ( $scale > 1 ){$scale = 1;}$new_width = $img_width * $scale;$new_height = $img_height * $scale;$new_img = @imagecreatetruecolor( $new_width, $new_height );switch ( strtolower( substr( strrchr( $file_name, '.' ), 1 ) ) ){case 'jpg':case 'jpeg':$src_img = @imagecreatefromjpeg( $file_path );$write_image = 'imagejpeg';break;case 'gif':@imagecolortransparent( $new_img, @imagecolorallocate( $new_img,0, 0, 0 ) );$src_img = @imagecreatefromgif( $file_path );$write_image = 'imagegif';break;case 'png':@imagecolortransparent( $new_img, @imagecolorallocate( $new_img,0, 0, 0 ) );@imagealphablending( $new_img, false );@imagesavealpha( $new_img, true );$src_img = @imagecreatefrompng( $file_path );$write_image = 'imagepng';break;default:$src_img = $image_method = null;}$success = $src_img && @imagecopyresampled( $new_img, $src_img, 0, 0,0, 0, $new_width, $new_height, $img_width, $img_height ) && $write_image( $new_img,$new_file_path );// Free up memory (imagedestroy does not delete files):@imagedestroy( $src_img );@imagedestroy( $new_img );return $success;}private function has_error( $uploaded_file, $file, $error ){if ( $error ){return $error;}if ( !preg_match( $this->options['accept_file_types'], $file->name ) ){return 'acceptFileTypes';}if ( $uploaded_file && is_uploaded_file( $uploaded_file ) ){$file_size = filesize( $uploaded_file );}else{$file_size = $_SERVER['CONTENT_LENGTH'];}if ( $this->options['max_file_size'] && ( $file_size > $this->options['max_file_size'] || $file->size > $this->options['max_file_size'] ) ){return 'maxFileSize';}if ( $this->options['min_file_size'] && $file_size < $this->options['min_file_size'] ){return 'minFileSize';}if ( is_int( $this->options['max_number_of_files'] ) && ( count( $this->get_file_objects() ) >= $this->options['max_number_of_files'] ) ){return 'maxNumberOfFiles';}return $error;}private function handle_file_upload( $uploaded_file, $name, $size, $type,$error ){$file = new stdClass();// Remove path information and dots around the filename, to prevent uploading// into different directories or replacing hidden system files.// Also remove control characters and spaces (\x00..\x20) around the filename:$file->name = trim( basename( stripslashes( $name ) ), ".\x00..\x20" );$file->size = intval( $size );$file->type = $type;$error = $this->has_error( $uploaded_file, $file, $error );if ( !$error && $file->name ){$file_path = $this->options['upload_dir'] . $file->name;$append_file = !$this->options['discard_aborted_uploads'] &&is_file( $file_path ) && $file->size > filesize( $file_path );clearstatcache();if ( $uploaded_file && is_uploaded_file( $uploaded_file ) ){// multipart/formdata uploads (POST method uploads)if ( $append_file ){file_put_contents( $file_path, fopen( $uploaded_file,'r' ), FILE_APPEND );}else{move_uploaded_file( $uploaded_file, $file_path );}}else{// Non-multipart uploads (PUT method support)file_put_contents( $file_path, fopen( 'php://input', 'r' ),$append_file ? FILE_APPEND : 0 );}$file_size = filesize( $file_path );if ( $file_size === $file->size ){$file->url = $this->options['upload_url'] . rawurlencode( $file->name );foreach ( $this->options['image_versions'] as $version => $options ){if ( $this->create_scaled_image( $file->name, $options ) ){$file->{$version . '_url'} = $options['upload_url'] .rawurlencode( $file->name );}}$sql = "INSERT INTObilderSETname='$file->name',folder='" . $GLOBALS["folder"] . "',erstellt_am=UNIX_TIMESTAMP(),erstellt_von='" . $_SERVER["PHP_AUTH_USER"] . "'";mysql_query( $sql );}elseif ( $this->options['discard_aborted_uploads'] ){unlink( $file_path );$file->error = 'abort';}$file->size = $file_size;$file->delete_url = $this->options['script_url'] . '?file=' .rawurlencode( $file->name );$file->delete_type = 'DELETE';}else{$file->error = $error;}return $file;}public function get(){$file_name = isset( $_REQUEST['file'] ) ? basename( stripslashes( $_REQUEST['file'] ) ) : null;if ( $file_name ){$info = $this->get_file_object( $file_name );}else{$info = $this->get_file_objects();}header( 'Content-type: application/json' );echo json_encode( $info );}public function post(){$upload = isset( $_FILES[$this->options['param_name']] ) ? $_FILES[$this->options['param_name']] : array( 'tmp_name' => null, 'name' => null,'size' => null, 'type' => null, 'error' => null );$info = array();if ( is_array( $upload['tmp_name'] ) ){foreach ( $upload['tmp_name'] as $index => $value ){$info[] = $this->handle_file_upload( $upload['tmp_name'][$index],isset( $_SERVER['HTTP_X_FILE_NAME'] ) ? $_SERVER['HTTP_X_FILE_NAME'] :$upload['name'][$index], isset( $_SERVER['HTTP_X_FILE_SIZE'] ) ?$_SERVER['HTTP_X_FILE_SIZE'] : $upload['size'][$index],isset( $_SERVER['HTTP_X_FILE_TYPE'] ) ? $_SERVER['HTTP_X_FILE_TYPE'] :$upload['type'][$index], $upload['error'][$index] );}}else{$info[] = $this->handle_file_upload( $upload['tmp_name'], isset( $_SERVER['HTTP_X_FILE_NAME'] ) ? $_SERVER['HTTP_X_FILE_NAME'] :$upload['name'], isset( $_SERVER['HTTP_X_FILE_SIZE'] ) ? $_SERVER['HTTP_X_FILE_SIZE'] :$upload['size'], isset( $_SERVER['HTTP_X_FILE_TYPE'] ) ? $_SERVER['HTTP_X_FILE_TYPE'] :$upload['type'], $upload['error'] );}header( 'Vary: Accept' );if ( isset( $_SERVER['HTTP_ACCEPT'] ) && ( strpos( $_SERVER['HTTP_ACCEPT'],'application/json' ) !== false ) ){header( 'Content-type: application/json' );}else{header( 'Content-type: text/plain' );}echo json_encode( $info );}public function delete(){$file_name = isset( $_REQUEST['file'] ) ? basename( stripslashes( $_REQUEST['file'] ) ) : null;$file_path = $this->options['upload_dir'] . $file_name;$success = is_file( $file_path ) && $file_name[0] !== '.' && unlink( $file_path );if ( $success ){foreach ( $this->options['image_versions'] as $version => $options ){$file = $options['upload_dir'] . $file_name;if ( is_file( $file ) ){unlink( $file );}}$sql = "DELETE FROMbilderWHEREname='$file_name'ANDfolder='" . $GLOBALS["folder"] . "'";mysql_query( $sql );}header( 'Content-type: application/json' );echo json_encode( $success );}}$upload_handler = new UploadHandler( $options );header( 'Pragma: no-cache' );header( 'Cache-Control: private, no-cache' );header( 'Content-Disposition: inline; filename="files.json"' );header( 'X-Content-Type-Options: nosniff' );switch ( $_SERVER['REQUEST_METHOD'] ){case 'HEAD':case 'GET':$upload_handler->get();break;case 'POST':$upload_handler->post();break;case 'DELETE':$upload_handler->delete();break;case 'OPTIONS':break;default:header( 'HTTP/1.0 405 Method Not Allowed' );}?>