equal
deleted
inserted
replaced
118 |
118 |
119 $comments = ( isset($_POST['update']) ) ? $db->escape($_POST['comments']) : $db->escape(RenderMan::preprocess_text($_POST['comments'], false, false)); |
119 $comments = ( isset($_POST['update']) ) ? $db->escape($_POST['comments']) : $db->escape(RenderMan::preprocess_text($_POST['comments'], false, false)); |
120 $chartag = sha1(microtime()); |
120 $chartag = sha1(microtime()); |
121 $urln = str_replace(' ', '_', $filename); |
121 $urln = str_replace(' ', '_', $filename); |
122 |
122 |
123 $key = md5($filename . '_' . file_get_contents($file['tmp_name'])); |
123 $key = md5($filename . '_' . ( function_exists('md5_file') ? md5_file($file['tmp_name']) : file_get_contents($file['tmp_name']))); |
124 $targetname = ENANO_ROOT . '/files/' . $key . '_' . $utime . $ext; |
124 $targetname = ENANO_ROOT . '/files/' . $key . $ext; |
125 |
125 |
126 if(!@move_uploaded_file($file['tmp_name'], $targetname)) |
126 if(!@move_uploaded_file($file['tmp_name'], $targetname)) |
127 { |
127 { |
128 die_friendly($lang->get('upload_err_title'), '<p>' . $lang->get('upload_err_move_failed') . '</p>'); |
128 die_friendly($lang->get('upload_err_title'), '<p>' . $lang->get('upload_err_move_failed') . '</p>'); |
129 } |
129 } |
231 if ( !$perms->get_permissions('read') ) |
231 if ( !$perms->get_permissions('read') ) |
232 { |
232 { |
233 die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>'); |
233 die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>'); |
234 } |
234 } |
235 |
235 |
236 $fname = ENANO_ROOT . '/files/' . $row['file_key'] . '_' . $row['time_id'] . $row['file_extension']; |
236 $fname = ENANO_ROOT . '/files/' . $row['file_key'] . $row['file_extension']; |
|
237 if ( !file_exists($fname) ) |
|
238 { |
|
239 $fname = ENANO_ROOT . '/files/' . $row['file_key'] . '_' . $row['time_id'] . $row['file_extension']; |
|
240 } |
|
241 if ( !file_exists($fname) ) |
|
242 { |
|
243 die("Uploaded file $fname not found."); |
|
244 } |
237 |
245 |
238 if ( isset($_GET['preview']) && substr($row['mimetype'], 0, 6) == 'image/' ) |
246 if ( isset($_GET['preview']) && substr($row['mimetype'], 0, 6) == 'image/' ) |
239 { |
247 { |
240 // Determine appropriate width and height |
248 // Determine appropriate width and height |
241 $width = ( isset($_GET['width']) ) ? intval($_GET['width'] ) : 320; |
249 $width = ( isset($_GET['width']) ) ? intval($_GET['width'] ) : 320; |
260 } |
268 } |
261 else |
269 else |
262 { |
270 { |
263 // Get a temporary file |
271 // Get a temporary file |
264 // In this case, the file will not be cached and will be scaled each time it's requested |
272 // In this case, the file will not be cached and will be scaled each time it's requested |
265 $temp_dir = ( is_dir('/tmp') ) ? '/tmp' : ( isset($_ENV['TEMP']) ) ? $_ENV['TEMP'] : 'SOME RANDOM NAME'; |
273 $temp_dir = sys_get_temp_dir(); |
266 // if tempnam() cannot use the specified directory name, it will fall back on the system default |
274 // if tempnam() cannot use the specified directory name, it will fall back on the system default |
267 $tempname = tempnam($temp_dir, $filename); |
275 $tempname = tempnam($temp_dir, $filename); |
268 if ( $tempname && is_writeable($tempname) ) |
276 if ( $tempname && is_writeable($tempname) ) |
269 { |
277 { |
270 $allow_scale = true; |
278 $allow_scale = true; |