00001 <?php
00047 load_module('validationCore', MOD_INTERNAL);
00055 class upload extends validationCore{
00056
00057
00058
00059 var $defult_filters = array();
00060 var $upload_path = false;
00061 var $files = array();
00062 var $php_error = array();
00063 var $validate_ret = false;
00064
00065 function upload(){
00066 $this->__construct();
00067 }
00072 function __construct(){
00073 parent::__construct();
00074
00075 $deff = parse_ini_file(ZIGROOT.DRS.Z_DIR_PROJECTS.DRS.Z_PROJECT_DIR.DRS.ZIGSETTINGSDIR.DRS.'upload.ini.php', true);
00076 foreach($deff['rule'] as $key => $val){
00077 if(eregi('^on$', $val))$val = true;
00078 if(eregi('^off$', $val))$val = false;
00079 if(!defined($key)){define($key, $val);}
00080 }
00081 foreach($deff['settings'] as $key => $val){
00082 if(eregi('^on$', $val))$val = true;
00083 if(eregi('^off$', $val))$val = false;
00084 if(!defined($key)){define($key, $val);}
00085 }
00086 foreach($deff['php_error'] as $key => $val){
00087 $this->php_error[$key] = $val;
00088 }
00089 $this->defult_filters = @$deff['default']['filter'];
00090
00091 if(!defined('Z_UPLOAD_TEXTUAL'))define('Z_UPLOAD_TEXTUAL', true);
00092 if(!defined('Z_UPLOAD_NUMARICAL'))define('Z_UPLOAD_NUMARICAL', false);
00093 if(!defined('Z_UPLOAD_RULE_INVALID'))define('Z_UPLOAD_RULE_INVALID', 'rule.invalid');
00094 if(!defined('Z_UPLOAD_NAME_RANDOM'))perror("No defined entry for Z_UPLOAD_NAME_RANDOM on upload.ini.php");
00095 zDef::set('Z_UPLOAD_NAME_RANDOM', Z_UPLOAD_NAME_RANDOM);
00096 }
00104 function field_exists($field_name){
00105 if(!isset($GLOBALS['_FILES'][$field_name])){
00106 return false;
00107 }
00108 return true;
00109 }
00115 function p4exists(&$resLnk, $startIndex=0){
00116 for($i=$startIndex;$i<count($resLnk);$i++){
00117 if($resLnk[$i] == 'required' || $resLnk[$i] == 'optional'){
00118 return true;
00119 }
00120 }
00121 return false;
00122 }
00128 function p2exists(&$resLnk, $startIndex=0){
00129 for($i=$startIndex;$i<count($resLnk);$i++){
00130 if(preg_match('/size\((\d+)(?:,\s*(\d+))?\)/', $resLnk[$i]) != 0){
00131 return true;
00132 }
00133 }
00134 return false;
00135 }
00141 function validate($mode = Z_UPLOAD_NUMARICAL){
00142 if(!is_array($this->rules) || count($this->rules) <= 0)return true;
00143 foreach($this->err as $field_name => $err_msg){
00144 foreach($this->php_error as $key => $value){
00145
00146 $this->err[$field_name]['PHP_ERR_'.constant($key)] = $value;
00147 $this->err[$field_name][] = $value;
00148 }
00149 $this->err[$field_name];
00150 }
00151
00152 if($mode != Z_UPLOAD_NUMARICAL && $mode != Z_UPLOAD_TEXTUAL)perror('The Mode you specified on upload is not valid');
00153 foreach($this->rules as $field_name => $val){
00154 if(!$this->field_exists($field_name)){
00155 perror('<code>zigmoyd.upload.validation</code><br />Faild to validate the Field '.$field_name.' as the Field doesn\'t exists in your HTML');
00156 break;
00157 }
00158 $content = $GLOBALS['_FILES'][$field_name];
00159 $file = $content['tmp_name'];
00160 $name = $content['name'];
00161 $size = $content['size'];
00162
00163 $mime = is_uploaded_file($file) ? mime_content_type($file) : false;
00164 $ext = pathinfo($content['name'], PATHINFO_EXTENSION);
00165 $error = $content['error'];
00166 zLogger::debug("Upload On Field: $field_name;Temp Name: $file;Name: $name;Size: $size;Mime: $mime;Extension: $ext;Error: $error", "rom.file");
00167 foreach($val as $r => $rule){
00180 $status = null;
00181 if(
00182 ($error != 0) && !(
00183 ($error == 4 && $this->p4exists($val, $r)) ||
00184 ($error == 2 && $this->p2exists($val, $r))
00185 )){
00186 $status = 'PHP_ERR_'.$error;
00187 }
00188 else{
00189
00190 switch(true){
00191 case ($rule == 'optional'):
00192 if($error != 4){
00193 ($mode == Z_UPLOAD_NUMARICAL) ? $status = $r : $status = Z_UPLOAD_RULE_REQ;
00194 }else{
00195 $status = true;
00196 }
00197
00198 break;
00199 case ($rule == Z_UPLOAD_RULE_REQ):
00200 if($error == 4){
00201 ($mode == Z_UPLOAD_NUMARICAL) ? $status = $r : $status = Z_UPLOAD_RULE_REQ;
00202 }else{
00203 $status = true;
00204 }
00205
00206 break;
00207
00208 case (preg_match('/'.preg_quote(Z_UPLOAD_RULE_SIZE).'\((\d+)(?:,\s*(\d+))?\)/', $rule, $m) != 0):
00209
00210 if($error == 2){
00211 (($mode == Z_UPLOAD_NUMARICAL) ? $status = $r : $status = Z_UPLOAD_RULE_SIZE);
00212
00213 break;
00214 }
00215 array_shift($m);
00216 if($m[1] == '*'){unset($m[1]);}
00217
00218 if($m[0] != '*'){
00219 $status = true;
00220 }elseif($size < $m[0]){
00221 (($mode == Z_UPLOAD_NUMARICAL) ? $status = $r : $status = Z_UPLOAD_RULE_SIZE);
00222 }else{
00223 $status = true;
00224 }
00225
00226
00227 if($status && isset($m[1])){
00228 if($size > $m[1]){
00229 (($mode == Z_UPLOAD_NUMARICAL) ? $status = $r : $status = Z_UPLOAD_RULE_SIZE);
00230 }else{
00231 $status = true;
00232 }
00233 }
00234
00235
00236 break;
00237 case (($error == 0) && preg_match('/'.preg_quote(Z_UPLOAD_RULE_EXT_ALLOW).'\((\w+)(?:,\s*(\w+))?\)/', $rule, $m) != 0):
00238 array_shift($m);
00239 if(in_array($ext, $m)){$status = true;}else{($mode == Z_UPLOAD_NUMARICAL) ? $status = $r : $status = Z_UPLOAD_RULE_EXT_ALLOW;}
00240
00241 break;
00242 case (($error == 0) && preg_match('/'.preg_quote(Z_UPLOAD_RULE_EXT_DENY).'\((\w+)(?:,\s*(\w+))?\)/', $rule, $m) != 0):
00243 array_shift($m);
00244
00245 if(!in_array($ext, $m)){$status = true;}else{($mode == Z_UPLOAD_NUMARICAL) ? $status = $r : $status = Z_UPLOAD_RULE_EXT_DENY;}
00246
00247 break;
00248 case (($error == 0) && preg_match('/'.preg_quote(Z_UPLOAD_RULE_MIME_ALLOW).'\((.+)(?:,\s*(.+))?\)/', $rule, $m) != 0):
00249 array_shift($m);
00250 if(in_array($mime, $m)){$status = true;}else{($mode == Z_UPLOAD_NUMARICAL) ? $status = $r : $status = Z_UPLOAD_RULE_MIME_ALLOW;}
00251
00252 break;
00253 case (($error == 0) && preg_match('/'.preg_quote(Z_UPLOAD_RULE_MIME_DENY).'\((.+)(?:,\s*(.+))?\)/', $rule, $m) != 0):
00254 array_shift($m);
00255 if(!in_array($mime, $m)){$status = true;}else{($mode == Z_UPLOAD_NUMARICAL) ? $status = $r : $status = Z_UPLOAD_RULE_MIME_DENY;}
00256
00257 break;
00258 case (($error == 0) && preg_match('/'.preg_quote(Z_UPLOAD_RULE_NAME_BAN).'\((\w+)(?:\|(\w+))*\)/', $rule, $m) != 0):
00259 array_shift($m);
00260 foreach($m as $val){
00261 if(strstr($name, $val)){
00262 ($mode == Z_UPLOAD_NUMARICAL) ? $status = $r : $status = Z_UPLOAD_RULE_NAME_BAN;
00263 break;
00264 }
00265 }
00266 if(!isset($status)){
00267 $status = true;
00268 }
00269
00270 break;
00271 case (($error == 0) && preg_match('/'.preg_quote(Z_UPLOAD_RULE_NAME_REGX).'\(.+\)/', preg_quote($rule, '/'), $m) != 0):
00272 if(preg_match($m[1], $name) >= 1){$status = true;}else{($mode == Z_UPLOAD_NUMARICAL) ? $status = $r : $status = Z_UPLOAD_RULE_MIME_DENY;}
00273
00274 break;
00275 case (($error == 0) && $rule == Z_UPLOAD_RULE_IMAGE):
00276 if(is_array(getimagesize($file))){
00277 $status = true;
00278 }else{
00279 ($mode == Z_UPLOAD_NUMARICAL) ? $status = $r : $status = Z_UPLOAD_RULE_IMAGE;
00280 }
00281
00282 break;
00283 case (($error == 0) && preg_match('/'.preg_quote(Z_UPLOAD_RULE_IMAGE_HEIGHT).'\((\d+)(?:,\s*(\d+))?\)/', $rule, $m) != 0):
00284 array_shift($m);
00285
00286 $img_info = getimagesize($file);
00287 if(!is_array($img_info) || !isset($img_info[0]) || !isset($img_info[1])){
00288 {($mode == Z_UPLOAD_NUMARICAL) ? $status = $r : $status = Z_UPLOAD_RULE_IMAGE;}
00289 }else{
00290 $width = $img_info[0];
00291 $height = $img_info[1];
00292 }
00293
00294 if($m[1] == '*'){unset($m[1]);}
00295
00296 if($status){
00297 if($m[0] != '*'){
00298 $status = true;
00299 }elseif($height < $m[0]){
00300 (($mode == Z_UPLOAD_NUMARICAL) ? $status = $k : $status = Z_UPLOAD_RULE_IMAGE_HEIGHT);
00301 }else{
00302 $status = true;
00303 }
00304 }
00305
00306
00307 if($status && isset($m[1])){
00308 if($height > $m[1]){
00309 (($mode == Z_UPLOAD_NUMARICAL) ? $status = $k : $status = Z_UPLOAD_RULE_IMAGE_HEIGHT);
00310 }else{
00311 $status = true;
00312 }
00313 }
00314
00315
00316 break;
00317 case (($error == 0) && preg_match('/'.preg_quote(Z_UPLOAD_RULE_IMAGE_WIDTH).'\((\d+)(?:,\s*(\d+))?\)/', $rule, $m) != 0):
00318 array_shift($m);
00319
00320 $img_info = getimagesize($file);
00321 if(!is_array($img_info) || !isset($img_info[0]) || !isset($img_info[1])){
00322 {($mode == Z_UPLOAD_NUMARICAL) ? $status = $r : $status = Z_UPLOAD_RULE_IMAGE;}
00323 }else{
00324 $width = $img_info[0];
00325 $height = $img_info[1];
00326 }
00327
00328 if($m[1] == '*'){unset($m[1]);}
00329
00330 if($status){
00331 if($m[0] != '*'){
00332 $status = true;
00333 }elseif($width < $m[0]){
00334 (($mode == Z_UPLOAD_NUMARICAL) ? $status = $k : $status = Z_UPLOAD_RULE_IMAGE_WIDTH);
00335 }else{
00336 $status = true;
00337 }
00338 }
00339
00340
00341 if($status && isset($m[1])){
00342 if($width > $m[1]){
00343 (($mode == Z_UPLOAD_NUMARICAL) ? $status = $k : $status = Z_UPLOAD_RULE_IMAGE_WIDTH);
00344 }else{
00345 $status = true;
00346 }
00347 }
00348
00349
00350 break;
00351 case (($error == 0) && preg_match('/'.preg_quote(Z_UPLOAD_RULE_CONTENT_BAN).'\((\w+)(?:\|(\w+))*\)/', $rule, $m) != 0):
00352 array_shift($m);
00353 $contents = file_get_contents($file);
00354 foreach($m as $val){
00355 if(strstr($contents, $val)){
00356 ($mode == Z_UPLOAD_NUMARICAL) ? $status = $r : $status = Z_UPLOAD_RULE_CONTENT_BAN;
00357 break;
00358 }
00359 }
00360 if(!isset($status)){
00361 $status = true;
00362 }
00363
00364 break;
00365 case (($error == 0) && preg_match('/'.preg_quote(Z_UPLOAD_RULE_CONTENT_LEN).'\((\d+)(?:,\s*(\d+))?\)/', $rule, $m) != 0):
00366 array_shift($m);
00367 $len = strlen(file_get_contents($file));
00368 if($m[1] == '*'){unset($m[1]);}
00369
00370 if($m[0] != '*'){
00371 $status = true;
00372 }elseif($len < $m[0]){
00373 (($mode == Z_UPLOAD_NUMARICAL) ? $status = $k : $status = Z_UPLOAD_RULE_CONTENT_LEN);
00374 }else{
00375 $status = true;
00376 }
00377
00378
00379 if($status && isset($m[1])){
00380 if($len > $m[1]){
00381 (($mode == Z_UPLOAD_NUMARICAL) ? $status = $k : $status = Z_UPLOAD_RULE_CONTENT_LEN);
00382 }else{
00383 $status = true;
00384 }
00385 }
00386
00387
00388 break;
00389 case (($error == 0) && preg_match('/'.preg_quote(Z_UPLOAD_RULE_CONTENT_CONTAIN).'\((\w+)(?:\|(\w+))*\)/', $rule, $m) != 0):
00390 array_shift($m);
00391 $contents = file_get_contents($file);
00392 foreach($m as $val){
00393 if(strstr($contents, $val)){
00394 $status = true;
00395 break;
00396 }
00397 }
00398 if(!isset($status)){
00399 ($mode == Z_UPLOAD_NUMARICAL) ? $status = $r : $status = Z_UPLOAD_RULE_CONTENT_CONTAIN;
00400 }
00401
00402 break;
00403 case ($error != 0):
00404
00405 $status = 'PHP_ERR_'.$error;
00406
00407 break;
00408
00409 default:
00410 perror('Invalid Rule '.$rule.' supplied');
00411
00412 $status = Z_UPLOAD_RULE_INVALID;
00413
00414 break;
00415 }
00416 }
00417 if($rule == 'optional'){
00418 if(is_bool($status) && $status){
00419 $this->res[$field_name] = $status;
00420 break;
00421 }else{
00422 continue;
00423 }
00424 }else{
00425 if(!is_bool($status) || (is_bool($status) && !$status))break;
00426 }
00427 }
00428 if(is_bool($status) && $status){
00429 $this->files[$field_name]['tmp_path'] = $file;
00430 $this->files[$field_name]['name'] = $name;
00431 $this->files[$field_name]['ext'] = $ext;
00432 $this->files[$field_name]['mime'] = $mime;
00433 $this->files[$field_name]['size'] = $size;
00434 $this->validate_ret = true;
00435 }
00436 $this->res[$field_name] = $status;
00437 if(!is_bool($status) || (!is_bool($status) && !$status)){
00438 $this->validate_ret = false;
00439 }
00440 }
00441 $this->validated = true;
00442 }
00451 function setDestination($dest = null){
00452 if(is_null($dest)){
00453 $dest = Z_DIR_TRANS_UP;
00454 if($dest[0] == '/'){
00455 $this->upload_path = $dest;
00456 }else{
00457 $this->upload_path = Z_PROJECT_ROOT.DRS.Z_DIR_TRANS_UP;
00458 }
00459 }else{
00460 if($dest[0] = '/'){
00461 $this->upload_path = $dest;
00462 }else{
00463 $this->upload_path = Z_PROJECT_ROOT.DRS.$dest;
00464 }
00465 }
00466 }
00475 function doUpload(){
00476 if(!$this->validated){
00477 if(!$ret = $this->validate()){
00478 return false;
00479 }
00480 }
00481 if(!$this->validate_ret){
00482 return false;
00483 }
00484 if(!$this->upload_path){$this->setDestination();}
00485
00486 if(count($this->files) == 0 || !$this->upload_path){
00487 return false;
00488 }else{
00489
00490 foreach($this->files as $form_field => $file){
00491 if(zDef::get('Z_UPLOAD_NAME_RANDOM')){
00492 $rand_name = $this->genRandomName($file['ext']);
00493 if(!move_uploaded_file($file['tmp_path'], $this->upload_path.DRS.$rand_name)){
00494 perror('<code>zigmoyd.upload.validation</code><br />move_uploaded_file() failed to move uploaded file for field '.$form_field);
00495 return false;
00496 }
00497 $this->files[$form_field]['random_name'] = $rand_name;
00498 }else{
00499 if(!move_uploaded_file($file['tmp_path'], $this->upload_path.DRS.$file['name'])){
00500 perror('<code>zigmoyd.rom.upload</code><br />Failed to move uploaded file for field '.$form_field);
00501 return false;
00502 }
00503 }
00504 }
00505 }
00506 return true;
00507 }
00513 function makeSeed(){
00514 list($usec, $sec) = explode(' ', microtime());
00515 return ((float)$sec + ((float)$usec * 100000));
00516 }
00523 function genRandomName($ext){
00524 $name = md5(mt_srand($this->makeSeed()).md5(time())).'.zigup.'.$ext;
00525 while(file_exists($this->upload_path.DRS.$name)){
00526 $name = md5(mt_srand($this->makeSeed()).md5(time())).'.zigup.'.$ext;
00527 }
00528 return $name;
00529 }
00530 }
00532 ?>
