0
+ − 1
<?php
519
94214ec0871c
Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
diff
changeset
+ − 2
/**!info**
94214ec0871c
Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
diff
changeset
+ − 3
{
94214ec0871c
Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
diff
changeset
+ − 4
"Plugin Name" : "plugin_specialupdownload_title",
94214ec0871c
Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
diff
changeset
+ − 5
"Plugin URI" : "http://enanocms.org/",
94214ec0871c
Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
diff
changeset
+ − 6
"Description" : "plugin_specialupdownload_desc",
94214ec0871c
Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
diff
changeset
+ − 7
"Author" : "Dan Fuhry",
960
e74741b8360b
Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
diff
changeset
+ − 8
"Version" : "1.1.6",
519
94214ec0871c
Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
diff
changeset
+ − 9
"Author URI" : "http://enanocms.org/"
94214ec0871c
Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
diff
changeset
+ − 10
}
94214ec0871c
Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
diff
changeset
+ − 11
**!*/
0
+ − 12
+ − 13
/*
+ − 14
* Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
801
eb8b23f11744
Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
diff
changeset
+ − 15
* Version 1.1.6 (Caoineag beta 1)
536
+ − 16
* Copyright (C) 2006-2008 Dan Fuhry
0
+ − 17
* SpecialUpdownload.php - handles uploading and downloading of user-uploaded files - possibly the most rigorously security-enforcing script in all of Enano, although sessions.php comes in a close second
+ − 18
*
+ − 19
* This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
+ − 20
* as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
+ − 21
*
+ − 22
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ − 23
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
+ − 24
*/
+ − 25
+ − 26
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 27
593
4f9bec0d65c1
More optimization work. Moved special page init functions to common instead of common_post hook. Allowed paths to cache page metadata on filesystem. Phased out the redundancy in $paths->pages that paired a number with every urlname as foreach loops are allowed now (and have been for some time). Fixed missing includes for several functions. Rewrote str_replace_once to be a lot more efficient.
Dan
diff
changeset
+ − 28
// $plugins->attachHook('session_started', 'SpecialUpDownload_paths_init();');
590
03a60844c7c5
Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now
Dan
diff
changeset
+ − 29
03a60844c7c5
Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now
Dan
diff
changeset
+ − 30
function SpecialUpDownload_paths_init()
03a60844c7c5
Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now
Dan
diff
changeset
+ − 31
{
960
e74741b8360b
Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
diff
changeset
+ − 32
register_special_page('UploadFile', 'specialpage_upload_file');
e74741b8360b
Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
diff
changeset
+ − 33
register_special_page('DownloadFile', 'specialpage_download_file');
e74741b8360b
Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
diff
changeset
+ − 34
}
590
03a60844c7c5
Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now
Dan
diff
changeset
+ − 35
0
+ − 36
function page_Special_UploadFile()
+ − 37
{
+ − 38
global $db, $session, $paths, $template, $plugins; // Common objects
366
+ − 39
global $lang;
609
ffa5decbb305
Fixed a few places where page metadata cache should have been purged (there may be a few more commits like this)
Dan
diff
changeset
+ − 40
global $cache;
0
+ − 41
global $mime_types;
366
+ − 42
if(getConfig('enable_uploads')!='1') { die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('upload_err_disabled_site') . '</p>'); }
0
+ − 43
if ( !$session->get_permissions('upload_files') )
+ − 44
{
366
+ − 45
die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('upload_err_disabled_acl') . '</p>');
0
+ − 46
}
+ − 47
if(isset($_POST['doit']))
+ − 48
{
+ − 49
if(isset($_FILES['data']))
+ − 50
{
+ − 51
$file =& $_FILES['data'];
+ − 52
}
+ − 53
else
+ − 54
{
+ − 55
$file = false;
+ − 56
}
192
9237767a23ae
Implemented cron image into Oxygen and St Patty as promised; fixed way-outdated version numbers in plugins
Dan
diff
changeset
+ − 57
if ( !is_array($file) )
9237767a23ae
Implemented cron image into Oxygen and St Patty as promised; fixed way-outdated version numbers in plugins
Dan
diff
changeset
+ − 58
{
366
+ − 59
die_friendly($lang->get('upload_err_title'), '<p>' . $lang->get('upload_err_cant_get_file_meta') . '</p>');
192
9237767a23ae
Implemented cron image into Oxygen and St Patty as promised; fixed way-outdated version numbers in plugins
Dan
diff
changeset
+ − 60
}
832
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 61
if ( $file['size'] == 0 || $file['size'] > (int)getConfig('max_file_size', '256000') )
192
9237767a23ae
Implemented cron image into Oxygen and St Patty as promised; fixed way-outdated version numbers in plugins
Dan
diff
changeset
+ − 62
{
366
+ − 63
die_friendly($lang->get('upload_err_title'), '<p>' . $lang->get('upload_err_too_big_or_small') . '</p>');
192
9237767a23ae
Implemented cron image into Oxygen and St Patty as promised; fixed way-outdated version numbers in plugins
Dan
diff
changeset
+ − 64
}
366
+ − 65
0
+ − 66
$types = fetch_allowed_extensions();
445
+ − 67
$ext = strtolower(substr($file['name'], strrpos($file['name'], '.')+1, strlen($file['name'])));
192
9237767a23ae
Implemented cron image into Oxygen and St Patty as promised; fixed way-outdated version numbers in plugins
Dan
diff
changeset
+ − 68
if ( !isset($types[$ext]) || ( isset($types[$ext]) && !$types[$ext] ) )
0
+ − 69
{
366
+ − 70
die_friendly($lang->get('upload_err_title'), '<p>' . $lang->get('upload_err_banned_ext', array('ext' => htmlspecialchars($ext))) . '</p>');
0
+ − 71
}
+ − 72
$type = $mime_types[$ext];
+ − 73
//$type = explode(';', $type); $type = $type[0];
+ − 74
//if(!in_array($type, $allowed_mime_types)) die_friendly('Upload failed', '<p>The file type "'.$type.'" is not allowed.</p>');
+ − 75
if($_POST['rename'] != '')
+ − 76
{
+ − 77
$filename = $_POST['rename'];
+ − 78
}
+ − 79
else
+ − 80
{
+ − 81
$filename = $file['name'];
+ − 82
}
+ − 83
$bad_chars = Array(':', '\\', '/', '<', '>', '|', '*', '?', '"', '#', '+');
+ − 84
foreach($bad_chars as $ch)
+ − 85
{
366
+ − 86
if(strstr($filename, $ch) || preg_match('/^([ ]+)$/is', $filename))
+ − 87
{
+ − 88
die_friendly($lang->get('upload_err_title'), '<p>' . $lang->get('upload_err_banned_chars') . '</p>');
+ − 89
}
0
+ − 90
}
+ − 91
953
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 92
$ns = namespace_factory($filename, 'File');
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 93
$cdata = $ns->get_cdata();
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 94
$is_protected = $cdata['really_protected'];
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 95
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 96
if ( isPage($paths->get_pathskey($filename, 'File')) && !isset ( $_POST['update'] ) )
0
+ − 97
{
366
+ − 98
$upload_link = makeUrlNS('Special', 'UploadFile/'.$filename);
+ − 99
die_friendly($lang->get('upload_err_title'), '<p>' . $lang->get('upload_err_already_exists', array('upload_link' => $upload_link)) . '</p>');
0
+ − 100
}
953
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 101
else if ( isset($_POST['update']) && $is_protected )
0
+ − 102
{
366
+ − 103
die_friendly($lang->get('upload_err_title'), '<p>' . $lang->get('upload_err_replace_protected') . '</p>');
0
+ − 104
}
+ − 105
+ − 106
$utime = time();
+ − 107
721
+ − 108
$filename = $db->escape(sanitize_page_id($filename));
0
+ − 109
$ext = substr($filename, strrpos($filename, '.'), strlen($filename));
+ − 110
$flen = filesize($file['tmp_name']);
+ − 111
81
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 112
$comments = ( isset($_POST['update']) ) ? $db->escape($_POST['comments']) : $db->escape(RenderMan::preprocess_text($_POST['comments'], false, false));
0
+ − 113
$chartag = sha1(microtime());
+ − 114
$urln = str_replace(' ', '_', $filename);
+ − 115
481
+ − 116
$key = md5($filename . '_' . ( function_exists('md5_file') ? md5_file($file['tmp_name']) : file_get_contents($file['tmp_name'])));
+ − 117
$targetname = ENANO_ROOT . '/files/' . $key . $ext;
0
+ − 118
+ − 119
if(!@move_uploaded_file($file['tmp_name'], $targetname))
+ − 120
{
366
+ − 121
die_friendly($lang->get('upload_err_title'), '<p>' . $lang->get('upload_err_move_failed') . '</p>');
0
+ − 122
}
+ − 123
+ − 124
if(getConfig('file_history') != '1')
+ − 125
{
+ − 126
if(!$db->sql_query('DELETE FROM '.table_prefix.'files WHERE filename=\''.$filename.'\' LIMIT 1;')) $db->_die('The old file data could not be deleted.');
+ − 127
}
+ − 128
if(!$db->sql_query('INSERT INTO '.table_prefix.'files(time_id,page_id,filename,size,mimetype,file_extension,file_key) VALUES('.$utime.', \''.$urln.'\', \''.$filename.'\', '.$flen.', \''.$type.'\', \''.$ext.'\', \''.$key.'\')')) $db->_die('The file data entry could not be inserted.');
+ − 129
if(!isset($_POST['update']))
+ − 130
{
345
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
diff
changeset
+ − 131
if(!$db->sql_query('INSERT INTO '.table_prefix.'logs(time_id,date_string,log_type,action,author,page_id,namespace) VALUES('.$utime.', \''.enano_date('d M Y h:i a').'\', \'page\', \'create\', \''.$session->username.'\', \''.$filename.'\', \''.'File'.'\');')) $db->_die('The page log could not be updated.');
0
+ − 132
if(!$db->sql_query('INSERT INTO '.table_prefix.'pages(name,urlname,namespace,protected,delvotes,delvote_ips) VALUES(\''.$filename.'\', \''.$urln.'\', \'File\', 0, 0, \'\')')) $db->_die('The page listing entry could not be inserted.');
+ − 133
if(!$db->sql_query('INSERT INTO '.table_prefix.'page_text(page_id,namespace,page_text,char_tag) VALUES(\''.$urln.'\', \'File\', \''.$comments.'\', \''.$chartag.'\')')) $db->_die('The page text entry could not be inserted.');
+ − 134
}
+ − 135
else
+ − 136
{
345
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
diff
changeset
+ − 137
if(!$db->sql_query('INSERT INTO '.table_prefix.'logs(time_id,date_string,log_type,action,author,page_id,namespace,edit_summary) VALUES('.$utime.', \''.enano_date('d M Y h:i a').'\', \'page\', \'reupload\', \''.$session->username.'\', \''.$filename.'\', \''.'File'.'\', \''.$comments.'\');')) $db->_die('The page log could not be updated.');
0
+ − 138
}
609
ffa5decbb305
Fixed a few places where page metadata cache should have been purged (there may be a few more commits like this)
Dan
diff
changeset
+ − 139
$cache->purge('page_meta');
366
+ − 140
die_friendly($lang->get('upload_success_title'), '<p>' . $lang->get('upload_success_body', array('file_link' => makeUrlNS('File', $filename))) . '</p>');
0
+ − 141
}
+ − 142
else
+ − 143
{
+ − 144
$template->header();
+ − 145
$fn = $paths->getParam(0);
+ − 146
if ( $fn && !$session->get_permissions('upload_new_version') )
+ − 147
{
366
+ − 148
die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('upload_err_replace_denied') . '<p>');
0
+ − 149
}
+ − 150
?>
366
+ − 151
<p><?php echo $lang->get('upload_intro'); ?></p>
+ − 152
<p><?php
0
+ − 153
// Get the max file size, and format it in a way that is user-friendly
366
+ − 154
832
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 155
$fs = getConfig('max_file_size', '256000');
0
+ − 156
$fs = (int)$fs;
+ − 157
if($fs >= 1048576)
+ − 158
{
+ − 159
$fs = round($fs / 1048576, 1);
366
+ − 160
$unitized = $fs . ' ' . $lang->get('etc_unit_megabytes_short');
0
+ − 161
}
+ − 162
elseif($fs >= 1024)
+ − 163
{
+ − 164
$fs = round($fs / 1024, 1);
366
+ − 165
$unitized = $fs . ' ' . $lang->get('etc_unit_kilobytes_short');
0
+ − 166
}
366
+ − 167
+ − 168
echo $lang->get('upload_max_filesize', array(
+ − 169
'size' => $unitized
+ − 170
));
+ − 171
?></p>
0
+ − 172
<form action="<?php echo makeUrl($paths->page); ?>" method="post" enctype="multipart/form-data">
+ − 173
<table border="0" cellspacing="1" cellpadding="4">
366
+ − 174
<tr><td><?php echo $lang->get('upload_field_file'); ?></td><td><input name="data" type="file" size="40" /></td></tr>
+ − 175
<tr><td><?php echo $lang->get('upload_field_renameto'); ?></td><td><input name="rename" type="text" size="40"<?php if($fn) echo ' value="'.$fn.'" readonly="readonly"'; ?> /></td></tr>
0
+ − 176
<?php
366
+ − 177
if(!$fn) echo '<tr><td>' . $lang->get('upload_field_comments') . '</td><td><textarea name="comments" rows="20" cols="60"></textarea></td></tr>';
+ − 178
else echo '<tr><td>' . $lang->get('upload_field_reason') . '</td><td><input name="comments" size="50" /></td></tr>';
0
+ − 179
?>
+ − 180
<tr><td colspan="2" style="text-align: center">
+ − 181
<?php
+ − 182
if($fn)
+ − 183
echo '<input type="hidden" name="update" value="true" />';
+ − 184
?>
366
+ − 185
<input type="submit" name="doit" value="<?php echo $lang->get('upload_btn_upload'); ?>" />
0
+ − 186
</td></tr>
+ − 187
</table>
+ − 188
</form>
+ − 189
<?php
+ − 190
$template->footer();
+ − 191
}
242
+ − 192
}
0
+ − 193
+ − 194
function page_Special_DownloadFile()
+ − 195
{
+ − 196
global $db, $session, $paths, $template, $plugins; // Common objects
366
+ − 197
global $lang;
0
+ − 198
global $do_gzip;
+ − 199
$filename = rawurldecode($paths->getParam(0));
+ − 200
$timeid = $paths->getParam(1);
292
b3cfaf0a505c
Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
Dan
diff
changeset
+ − 201
if ( $timeid && preg_match('#^([0-9]+)$#', (string)$timeid) )
b3cfaf0a505c
Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
Dan
diff
changeset
+ − 202
{
b3cfaf0a505c
Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
Dan
diff
changeset
+ − 203
$tid = ' AND time_id='.$timeid;
b3cfaf0a505c
Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
Dan
diff
changeset
+ − 204
}
b3cfaf0a505c
Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
Dan
diff
changeset
+ − 205
else
b3cfaf0a505c
Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
Dan
diff
changeset
+ − 206
{
b3cfaf0a505c
Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
Dan
diff
changeset
+ − 207
$tid = '';
b3cfaf0a505c
Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
Dan
diff
changeset
+ − 208
}
721
+ − 209
$filename = $db->escape(sanitize_page_id($filename));
+ − 210
0
+ − 211
$q = $db->sql_query('SELECT page_id,size,mimetype,time_id,file_extension,file_key FROM '.table_prefix.'files WHERE filename=\''.$filename.'\''.$tid.' ORDER BY time_id DESC;');
292
b3cfaf0a505c
Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
Dan
diff
changeset
+ − 212
if ( !$q )
b3cfaf0a505c
Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
Dan
diff
changeset
+ − 213
{
b3cfaf0a505c
Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
Dan
diff
changeset
+ − 214
$db->_die('The file data could not be selected.');
b3cfaf0a505c
Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
Dan
diff
changeset
+ − 215
}
b3cfaf0a505c
Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
Dan
diff
changeset
+ − 216
if ( $db->numrows() < 1 )
b3cfaf0a505c
Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
Dan
diff
changeset
+ − 217
{
b3cfaf0a505c
Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
Dan
diff
changeset
+ − 218
header('HTTP/1.1 404 Not Found');
366
+ − 219
die_friendly($lang->get('upload_err_not_found_title'), '<p>' . $lang->get('upload_err_not_found_body', array('filename' => htmlspecialchars($filename))) . '</p>');
292
b3cfaf0a505c
Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
Dan
diff
changeset
+ − 220
}
0
+ − 221
$row = $db->fetchrow();
+ − 222
$db->free_result();
+ − 223
+ − 224
// Check permissions
+ − 225
$perms = $session->fetch_page_acl($row['page_id'], 'File');
+ − 226
if ( !$perms->get_permissions('read') )
+ − 227
{
366
+ − 228
die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
0
+ − 229
}
+ − 230
481
+ − 231
$fname = ENANO_ROOT . '/files/' . $row['file_key'] . $row['file_extension'];
+ − 232
if ( !file_exists($fname) )
+ − 233
{
+ − 234
$fname = ENANO_ROOT . '/files/' . $row['file_key'] . '_' . $row['time_id'] . $row['file_extension'];
+ − 235
}
+ − 236
if ( !file_exists($fname) )
+ − 237
{
+ − 238
die("Uploaded file $fname not found.");
+ − 239
}
230
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 240
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 241
if ( isset($_GET['preview']) && substr($row['mimetype'], 0, 6) == 'image/' )
0
+ − 242
{
230
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 243
// Determine appropriate width and height
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 244
$width = ( isset($_GET['width']) ) ? intval($_GET['width'] ) : 320;
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 245
$height = ( isset($_GET['height']) ) ? intval($_GET['height']) : 320;
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 246
$cache_filename = ENANO_ROOT . "/cache/{$filename}-{$row['time_id']}-{$width}x{$height}{$row['file_extension']}";
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 247
if ( file_exists($cache_filename) )
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 248
{
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 249
$fname = $cache_filename;
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 250
}
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 251
else
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 252
{
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 253
$allow_scale = false;
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 254
$orig_fname = $fname;
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 255
// is caching enabled?
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 256
if ( getConfig('cache_thumbs') == '1' )
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 257
{
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 258
$fname = $cache_filename;
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 259
if ( is_writeable(dirname($fname)) )
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 260
{
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 261
$allow_scale = true;
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 262
}
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 263
}
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 264
else
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 265
{
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 266
// Get a temporary file
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 267
// In this case, the file will not be cached and will be scaled each time it's requested
481
+ − 268
$temp_dir = sys_get_temp_dir();
230
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 269
// if tempnam() cannot use the specified directory name, it will fall back on the system default
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 270
$tempname = tempnam($temp_dir, $filename);
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 271
if ( $tempname && is_writeable($tempname) )
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 272
{
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 273
$allow_scale = true;
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 274
}
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 275
}
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 276
if ( $allow_scale )
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 277
{
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 278
$result = scale_image($orig_fname, $fname, $width, $height);
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 279
if ( !$result )
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 280
$fname = $orig_fname;
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 281
}
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 282
else
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 283
{
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 284
$fname = $orig_fname;
0
+ − 285
}
+ − 286
}
+ − 287
}
230
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 288
$handle = @fopen($fname, 'r');
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 289
if ( !$handle )
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 290
die('Can\'t open output file for reading');
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 291
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 292
$len = filesize($fname);
0
+ − 293
header('Content-type: '.$row['mimetype']);
230
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 294
if ( isset($_GET['download']) )
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 295
{
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 296
header('Content-disposition: attachment, filename="' . $filename . '";');
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 297
}
898
c75754f5b1da
When changing namespace of a File: page, associated files are now deleted. Also fixed some issues with image scaling.
Dan
diff
changeset
+ − 298
if ( !@$GLOBALS['do_gzip'] )
c75754f5b1da
When changing namespace of a File: page, associated files are now deleted. Also fixed some issues with image scaling.
Dan
diff
changeset
+ − 299
header('Content-length: ' . $len);
c75754f5b1da
When changing namespace of a File: page, associated files are now deleted. Also fixed some issues with image scaling.
Dan
diff
changeset
+ − 300
345
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
diff
changeset
+ − 301
header('Last-Modified: '.enano_date('r', $row['time_id']));
230
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 302
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 303
// using this method limits RAM consumption
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 304
while ( !feof($handle) )
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 305
{
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 306
echo fread($handle, 512000);
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 307
}
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 308
fclose($handle);
0
+ − 309
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 310
gzip_output();
0
+ − 311
+ − 312
exit;
+ − 313
+ − 314
}
+ − 315
+ − 316
?>