1: <?php
2: //============================================================+
3: // File name : tce_functions_upload.php
4: // Begin : 2001-11-19
5: // Last Update : 2010-09-21
6: //
7: // Description : Upload functions.
8: //
9: // Author: Nicola Asuni
10: //
11: // (c) Copyright:
12: // Nicola Asuni
13: // Tecnick.com LTD
14: // www.tecnick.com
15: // info@tecnick.com
16: //
17: // License:
18: // Copyright (C) 2004-2010 Nicola Asuni - Tecnick.com LTD
19: // See LICENSE.TXT file for more information.
20: //============================================================+
21:
22: /**
23: * @file
24: * Functions to upload files.
25: * @package com.tecnick.tcexam.admin
26: * @author Nicola Asuni
27: * @since 2001-11-19
28: */
29:
30: /**
31: * Check if the uploaded file extension is allowed.
32: * @author Nicola Asuni
33: * @since 2001-11-19
34: * @param $filename (string) the filename
35: * @return true in case of allowed file type, false otherwise
36: */
37: function F_is_allowed_upload($filename)
38: {
39: if (!defined('K_ALLOWED_UPLOAD_EXTENSIONS')) {
40: return false;
41: }
42: $allowed_extensions = unserialize(K_ALLOWED_UPLOAD_EXTENSIONS);
43: $path_parts = pathinfo($filename);
44: if (in_array(strtolower($path_parts['extension']), $allowed_extensions)) {
45: return true;
46: }
47: return false;
48: }
49:
50: /**
51: * Uploads image file to the server.
52: * @author Nicola Asuni
53: * @since 2010-06-12
54: * @param $fieldname (string) form field name containing the source file path
55: * @param $uploaddir (string) upload directory
56: * @return mixed file name or false in case of error
57: */
58: function F_upload_file($fieldname, $uploaddir)
59: {
60: global $l;
61: require_once('../config/tce_config.php');
62: // sanitize file name
63: $filename = preg_replace('/[\s]/', '_', $_FILES[$fieldname]['name']);
64: $filename = preg_replace('/[^a-zA-Z0-9_\.\-]/', '', $filename);
65: $filepath = $uploaddir.$filename;
66: if (F_is_allowed_upload($filename) and move_uploaded_file($_FILES[$fieldname]['tmp_name'], $filepath)) {
67: F_print_error('MESSAGE', htmlspecialchars($filename).': '.$l['m_upload_yes']);
68: return $filename;
69: }
70: F_print_error('ERROR', htmlspecialchars($filename).': '.$l['m_upload_not'].'');
71: return false;
72: }
73:
74: /**
75: * returns the file size in bytes
76: * @author Nicola Asuni
77: * @since 2001-11-19
78: * @param $filetocheck (string) file to check (local path or URL)
79: * @return mixed file size in bytes or false in case of error
80: */
81: function F_read_file_size($filetocheck)
82: {
83: global $l;
84: require_once('../config/tce_config.php');
85: $filesize = 0;
86: if ($fp = fopen($filetocheck, 'rb')) {
87: $s_array = fstat($fp);
88: if ($s_array['size']) {
89: $filesize = $s_array['size'];
90: } else {//read size from remote file (very slow function)
91: while (!feof($fp)) {
92: $content = fread($fp, 1);
93: $filesize++;
94: }
95: }
96: fclose($fp);
97: return($filesize);
98: }
99: F_print_error('ERROR', basename($filetocheck).': '.$l['m_openfile_not']);
100: return false;
101: }
102:
103: //============================================================+
104: // END OF FILE
105: //============================================================+
106: