| [ Index ] |
PHP Cross Reference of Joomla 1.5.26 DE |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * @version $Id: media.php 14401 2010-01-26 14:10:00Z louis $ 4 * @package Joomla 5 * @subpackage Media 6 * @copyright Copyright (C) 2005 - 2010 Open Source Matters. All rights reserved. 7 * @license GNU/GPL, see LICENSE.php 8 * Joomla! is free software. This version may have been modified pursuant to the 9 * GNU General Public License, and as distributed it includes or is derivative 10 * of works licensed under the GNU General Public License or other free or open 11 * source software licenses. See COPYRIGHT.php for copyright notices and 12 * details. 13 */ 14 15 /** 16 * @package Joomla 17 * @subpackage Media 18 */ 19 class MediaHelper 20 { 21 /** 22 * Checks if the file is an image 23 * @param string The filename 24 * @return boolean 25 */ 26 function isImage( $fileName ) 27 { 28 static $imageTypes = 'xcf|odg|gif|jpg|png|bmp'; 29 return preg_match("/$imageTypes/i",$fileName); 30 } 31 32 /** 33 * Checks if the file is an image 34 * @param string The filename 35 * @return boolean 36 */ 37 function getTypeIcon( $fileName ) 38 { 39 // Get file extension 40 return strtolower(substr($fileName, strrpos($fileName, '.') + 1)); 41 } 42 43 /** 44 * Checks if the file can be uploaded 45 * 46 * @param array File information 47 * @param string An error message to be returned 48 * @return boolean 49 */ 50 function canUpload( $file, &$err ) 51 { 52 $params = &JComponentHelper::getParams( 'com_media' ); 53 54 if(empty($file['name'])) { 55 $err = 'Please input a file for upload'; 56 return false; 57 } 58 59 jimport('joomla.filesystem.file'); 60 if ($file['name'] !== JFile::makesafe($file['name'])) { 61 $err = 'WARNFILENAME'; 62 return false; 63 } 64 65 $format = strtolower(JFile::getExt($file['name'])); 66 67 $allowable = explode( ',', $params->get( 'upload_extensions' )); 68 $ignored = explode(',', $params->get( 'ignore_extensions' )); 69 if (!in_array($format, $allowable) && !in_array($format,$ignored)) 70 { 71 $err = 'WARNFILETYPE'; 72 return false; 73 } 74 75 $maxSize = (int) $params->get( 'upload_maxsize', 0 ); 76 if ($maxSize > 0 && (int) $file['size'] > $maxSize) 77 { 78 $err = 'WARNFILETOOLARGE'; 79 return false; 80 } 81 82 $user = JFactory::getUser(); 83 $imginfo = null; 84 if($params->get('restrict_uploads',1) ) { 85 $images = explode( ',', $params->get( 'image_extensions' )); 86 if(in_array($format, $images)) { // if its an image run it through getimagesize 87 if(($imginfo = getimagesize($file['tmp_name'])) === FALSE) { 88 $err = 'WARNINVALIDIMG'; 89 return false; 90 } 91 } else if(!in_array($format, $ignored)) { 92 // if its not an image...and we're not ignoring it 93 $allowed_mime = explode(',', $params->get('upload_mime')); 94 $illegal_mime = explode(',', $params->get('upload_mime_illegal')); 95 if(function_exists('finfo_open') && $params->get('check_mime',1)) { 96 // We have fileinfo 97 $finfo = finfo_open(FILEINFO_MIME); 98 $type = finfo_file($finfo, $file['tmp_name']); 99 if(strlen($type) && !in_array($type, $allowed_mime) && in_array($type, $illegal_mime)) { 100 $err = 'WARNINVALIDMIME'; 101 return false; 102 } 103 finfo_close($finfo); 104 } else if(function_exists('mime_content_type') && $params->get('check_mime',1)) { 105 // we have mime magic 106 $type = mime_content_type($file['tmp_name']); 107 if(strlen($type) && !in_array($type, $allowed_mime) && in_array($type, $illegal_mime)) { 108 $err = 'WARNINVALIDMIME'; 109 return false; 110 } 111 } else if(!$user->authorize( 'login', 'administrator' )) { 112 $err = 'WARNNOTADMIN'; 113 return false; 114 } 115 } 116 } 117 118 $xss_check = JFile::read($file['tmp_name'],false,256); 119 $html_tags = array('abbr','acronym','address','applet','area','audioscope','base','basefont','bdo','bgsound','big','blackface','blink','blockquote','body','bq','br','button','caption','center','cite','code','col','colgroup','comment','custom','dd','del','dfn','dir','div','dl','dt','em','embed','fieldset','fn','font','form','frame','frameset','h1','h2','h3','h4','h5','h6','head','hr','html','iframe','ilayer','img','input','ins','isindex','keygen','kbd','label','layer','legend','li','limittext','link','listing','map','marquee','menu','meta','multicol','nobr','noembed','noframes','noscript','nosmartquotes','object','ol','optgroup','option','param','plaintext','pre','rt','ruby','s','samp','script','select','server','shadow','sidebar','small','spacer','span','strike','strong','style','sub','sup','table','tbody','td','textarea','tfoot','th','thead','title','tr','tt','ul','var','wbr','xml','xmp','!DOCTYPE', '!--'); 120 foreach($html_tags as $tag) { 121 // A tag is '<tagname ', so we need to add < and a space or '<tagname>' 122 if(stristr($xss_check, '<'.$tag.' ') || stristr($xss_check, '<'.$tag.'>')) { 123 $err = 'WARNIEXSS'; 124 return false; 125 } 126 } 127 return true; 128 } 129 130 function parseSize($size) 131 { 132 if ($size < 1024) { 133 return $size . ' bytes'; 134 } 135 else 136 { 137 if ($size >= 1024 && $size < 1024 * 1024) { 138 return sprintf('%01.2f', $size / 1024.0) . ' Kb'; 139 } else { 140 return sprintf('%01.2f', $size / (1024.0 * 1024)) . ' Mb'; 141 } 142 } 143 } 144 145 function imageResize($width, $height, $target) 146 { 147 //takes the larger size of the width and height and applies the 148 //formula accordingly...this is so this script will work 149 //dynamically with any size image 150 if ($width > $height) { 151 $percentage = ($target / $width); 152 } else { 153 $percentage = ($target / $height); 154 } 155 156 //gets the new value and applies the percentage, then rounds the value 157 $width = round($width * $percentage); 158 $height = round($height * $percentage); 159 160 return array($width, $height); 161 } 162 163 function countFiles( $dir ) 164 { 165 $total_file = 0; 166 $total_dir = 0; 167 168 if (is_dir($dir)) { 169 $d = dir($dir); 170 171 while (false !== ($entry = $d->read())) { 172 if (substr($entry, 0, 1) != '.' && is_file($dir . DIRECTORY_SEPARATOR . $entry) && strpos($entry, '.html') === false && strpos($entry, '.php') === false) { 173 $total_file++; 174 } 175 if (substr($entry, 0, 1) != '.' && is_dir($dir . DIRECTORY_SEPARATOR . $entry)) { 176 $total_dir++; 177 } 178 } 179 180 $d->close(); 181 } 182 183 return array ( $total_file, $total_dir ); 184 } 185 186 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Wed Mar 28 15:54:07 2012 | Cross-referenced by PHPXref 0.7.1 |