posting_attachments.php
来自「这是php编的论坛的原代码」· PHP 代码 · 共 1,621 行 · 第 1/4 页
PHP
1,621 行
global $attach_config, $db, $is_auth, $lang, $mode, $phpEx, $template, $upload_dir, $userdata, $HTTP_POST_VARS, $forum_id;
//
// Choose what to display
//
if (intval($attach_config['show_apcp']))
{
if ( !empty($HTTP_POST_VARS['add_attachment_box']) )
{
$value_add = ( $this->add_attachment_body == 0 ) ? '1' : '0';
$this->add_attachment_body = intval($value_add);
}
else
{
$value_add = ( $this->add_attachment_body == 0 ) ? '0' : '1';
}
if ( !empty($HTTP_POST_VARS['posted_attachments_box']) )
{
$value_posted = ( $this->posted_attachments_body == 0 ) ? '1' : '0';
$this->posted_attachments_body = intval($value_posted);
}
else
{
$value_posted = ( $this->posted_attachments_body == 0 ) ? '0' : '1';
}
$template->assign_block_vars('show_apcp', array());
}
else
{
$this->add_attachment_body = 1;
$this->posted_attachments_body = 1;
}
$template->set_filenames(array(
'attachbody' => 'posting_attach_body.tpl')
);
display_compile_cache_clear($template->files['attachbody'], 'attachbody');
$s_hidden = '<input type="hidden" name="add_attachment_body" value="' . $value_add . '">';
$s_hidden .= '<input type="hidden" name="posted_attachments_body" value="' . $value_posted . '">';
if ($this->page == PAGE_PRIVMSGS)
{
$u_rules_id = -1;
}
else
{
$u_rules_id = $forum_id;
}
$template->assign_vars(array(
'L_ATTACH_POSTING_CP' => $lang['Attach_posting_cp'],
'L_ATTACH_POSTING_CP_EXPLAIN' => $lang['Attach_posting_cp_explain'],
'L_OPTIONS' => $lang['Options'],
'L_ADD_ATTACHMENT_TITLE' => $lang['Add_attachment_title'],
'L_POSTED_ATTACHMENTS' => $lang['Posted_attachments'],
'L_FILE_NAME' => $lang['File_name'],
'L_FILE_COMMENT' => $lang['File_comment'],
'RULES' => '<a href="' . append_sid("attach_mod/attach_rules.$phpEx?f=$u_rules_id") . '" target="_blank">' . $lang['Allowed_extensions_and_sizes'] . '</a>',
'S_HIDDEN' => $s_hidden)
);
$attachments = array();
if ( count($this->attachment_list) > 0 )
{
if (intval($attach_config['show_apcp']))
{
$template->assign_block_vars('switch_posted_attachments', array());
}
for ($i = 0; $i < count($this->attachment_list); $i++)
{
$this->attachment_filename_list[$i] = stripslashes($this->attachment_filename_list[$i]);
$hidden = '<input type="hidden" name="attachment_list[]" value="' . $this->attachment_list[$i] . '" />';
$hidden .= '<input type="hidden" name="filename_list[]" value="' . $this->attachment_filename_list[$i] . '" />';
$hidden .= '<input type="hidden" name="extension_list[]" value="' . $this->attachment_extension_list[$i] . '" />';
$hidden .= '<input type="hidden" name="mimetype_list[]" value="' . $this->attachment_mimetype_list[$i] . '" />';
$hidden .= '<input type="hidden" name="filesize_list[]" value="' . $this->attachment_filesize_list[$i] . '" />';
$hidden .= '<input type="hidden" name="filetime_list[]" value="' . $this->attachment_filetime_list[$i] . '" />';
$hidden .= '<input type="hidden" name="attach_id_list[]" value="' . $this->attachment_id_list[$i] . '" />';
$hidden .= '<input type="hidden" name="attach_thumbnail_list[]" value="' . $this->attachment_thumbnail_list[$i] . '" />';
if ((!$this->posted_attachments_body) || ( count($this->attachment_list) == 0 ) )
{
$hidden .= '<input type="hidden" name="comment_list[]" value="' . stripslashes(htmlspecialchars($this->attachment_comment_list[$i])) . '" />';
}
$template->assign_block_vars('hidden_row', array(
'S_HIDDEN' => $hidden)
);
}
}
if ($this->add_attachment_body)
{
init_display_template('attachbody', '{ADD_ATTACHMENT_BODY}', 'add_attachment_body.tpl');
$form_enctype = 'enctype="multipart/form-data"';
$template->assign_vars(array(
'L_ADD_ATTACH_TITLE' => $lang['Add_attachment_title'],
'L_ADD_ATTACH_EXPLAIN' => $lang['Add_attachment_explain'],
'L_ADD_ATTACHMENT' => $lang['Add_attachment'],
'FILE_COMMENT' => stripslashes(htmlspecialchars($this->file_comment)),
'FILESIZE' => intval($attach_config['max_filesize']),
'FILENAME' => $this->filename,
'S_FORM_ENCTYPE' => $form_enctype)
);
}
if (($this->posted_attachments_body) && ( count($this->attachment_list) > 0 ) )
{
init_display_template('attachbody', '{POSTED_ATTACHMENTS_BODY}', 'posted_attachments_body.tpl');
$template->assign_vars(array(
'L_POSTED_ATTACHMENTS' => $lang['Posted_attachments'],
'L_UPDATE_COMMENT' => $lang['Update_comment'],
'L_UPLOAD_NEW_VERSION' => $lang['Upload_new_version'],
'L_DELETE_ATTACHMENT' => $lang['Delete_attachment'],
'L_DELETE_THUMBNAIL' => $lang['Delete_thumbnail'],
'L_OPTIONS' => $lang['Options'])
);
for ($i = 0; $i < count($this->attachment_list); $i++)
{
if ( $this->attachment_id_list[$i] == '-1' )
{
$download_link = $upload_dir . '/' . $this->attachment_list[$i];
}
else
{
$download_link = append_sid('download.' . $phpEx . '?id=' . $this->attachment_id_list[$i]);
}
$template->assign_block_vars('attach_row', array(
'FILE_NAME' => $this->attachment_filename_list[$i],
'ATTACH_FILENAME' => $this->attachment_list[$i],
'FILE_COMMENT' => stripslashes(htmlspecialchars($this->attachment_comment_list[$i])),
'ATTACH_ID' => $this->attachment_id_list[$i],
'U_VIEW_ATTACHMENT' => $download_link)
);
//
// Thumbnail there ? And is the User Admin or Mod ? Then present the 'Delete Thumbnail' Button
//
if ( (intval($this->attachment_thumbnail_list[$i]) == 1) && ( ($is_auth['auth_mod']) || ($userdata['user_level'] == ADMIN) ) )
{
$template->assign_block_vars('attach_row.switch_thumbnail', array());
}
if ( ($this->attachment_id_list[$i] != '-1') )
{
$template->assign_block_vars('attach_row.switch_update_attachment', array());
}
}
}
$template->assign_var_from_handle('ATTACHBOX', 'attachbody');
}
//
// Upload an Attachment to Filespace (intern)
//
function upload_attachment()
{
global $HTTP_POST_FILES, $db, $HTTP_POST_VARS, $error, $error_msg, $lang, $attach_config, $userdata, $upload_dir, $forum_id;
$this->post_attach = ($this->filename != '') ? TRUE : FALSE;
if ($this->post_attach)
{
$r_file = trim($this->filename);
$file = $HTTP_POST_FILES['fileupload']['tmp_name'];
$this->type = $HTTP_POST_FILES['fileupload']['type'];
// Opera add the name to the mime type
$this->type = ( strstr($this->type, '; name') ) ? str_replace(strstr($this->type, '; name'), '', $this->type) : $this->type;
$this->extension = get_extension($this->filename);
$this->filesize = @filesize($file);
$this->filesize = intval($this->filesize);
$sql = "SELECT g.allow_group, g.max_filesize, g.cat_id, g.forum_permissions
FROM " . EXTENSION_GROUPS_TABLE . " g, " . EXTENSIONS_TABLE . " e
WHERE (g.group_id = e.group_id) AND (e.extension = '" . $this->extension . "')
LIMIT 1";
if ( !($result = attach_sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not query Extensions.', '', __LINE__, __FILE__, $sql);
}
$row = $db->sql_fetchrow($result);
$allowed_filesize = ( intval($row['max_filesize']) != 0 ) ? intval($row['max_filesize']) : intval($attach_config['max_filesize']);
$cat_id = intval($row['cat_id']);
$auth_cache = trim($row['forum_permissions']);
//
// check Filename
//
if ( preg_match("/[\\/:*?\"<>|]/i", $this->filename) )
{
$error = TRUE;
if(!empty($error_msg))
{
$error_msg .= '<br />';
}
$error_msg .= sprintf($lang['Invalid_filename'], $this->filename);
}
//
// check php upload-size
//
if ( (!$error) && ($file == 'none') )
{
$error = TRUE;
if(!empty($error_msg))
{
$error_msg .= '<br />';
}
$ini_val = ( phpversion() >= '4.0.0' ) ? 'ini_get' : 'get_cfg_var';
$max_size = @$ini_val('upload_max_filesize');
if ($max_size == '')
{
$error_msg .= $lang['Attachment_php_size_na'];
}
else
{
$error_msg .= sprintf($lang['Attachment_php_size_overrun'], $max_size);
}
}
//
// Check Extension
//
if ( (!$error) && (intval($row['allow_group']) == 0) )
{
$error = TRUE;
if(!empty($error_msg))
{
$error_msg .= '<br />';
}
$error_msg .= sprintf($lang['Disallowed_extension'], $this->extension);
}
//
// Check Forum Permissions
//
if ( (!$error) && ($this->page != PAGE_PRIVMSGS) &&($userdata['user_level'] != ADMIN) && (!is_forum_authed($auth_cache, $forum_id) && (trim($auth_cache) != '')) )
{
$error = TRUE;
if(!empty($error_msg))
{
$error_msg .= '<br />';
}
$error_msg .= sprintf($lang['Disallowed_extension_within_forum'], $this->extension);
}
//
// Check Image Size, if it's an image
//
if ( (!$error) && ($userdata['user_level'] != ADMIN) && ($cat_id == IMAGE_CAT) )
{
list($width, $height) = image_getdimension($file);
if ( ($width != 0) && ($height != 0) && (intval($attach_config['img_max_width']) != 0) && (intval($attach_config['img_max_height']) != 0) )
{
if ( ($width > intval($attach_config['img_max_width'])) || ($height > intval($attach_config['img_max_height'])) )
{
$error = TRUE;
if(!empty($error_msg))
{
$error_msg .= '<br />';
}
$error_msg .= sprintf($lang['Error_imagesize'], intval($attach_config['img_max_width']), intval($attach_config['img_max_height']));
}
}
}
//
// check Filesize
//
if ( (!$error) && ($allowed_filesize != 0) && ($this->filesize > $allowed_filesize) && ($userdata['user_level'] != ADMIN) )
{
$size_lang = ($allowed_filesize >= 1048576) ? $lang['MB'] : ( ($allowed_filesize >= 1024) ? $lang['KB'] : $lang['Bytes'] );
if ($allowed_filesize >= 1048576)
{
$allowed_filesize = round($allowed_filesize / 1048576 * 100) / 100;
}
else if($allowed_filesize >= 1024)
{
$allowed_filesize = round($allowed_filesize / 1024 * 100) / 100;
}
$error = TRUE;
if(!empty($error_msg))
{
$error_msg .= '<br />';
}
$error_msg .= sprintf($lang['Attachment_too_big'], $allowed_filesize, $size_lang);
}
//
// Check our complete quota
//
if (intval($attach_config['attachment_quota']) != 0)
{
$sql = 'SELECT sum(filesize) as total FROM ' . ATTACHMENTS_DESC_TABLE;
if ( !($result = attach_sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not query total filesize', '', __LINE__, __FILE__, $sql);
}
$row = $db->sql_fetchrow($result);
$total_filesize = $row['total'];
if ($total_filesize + $this->filesize > intval($attach_config['attachment_quota']))
{
$error = TRUE;
if(!empty($error_msg))
{
$error_msg .= '<br />';
}
$error_msg .= $lang['Attach_quota_reached'];
}
}
$this->get_quota_limits();
//
// Check our user quota
//
if ($this->page != PAGE_PRIVMSGS)
{
if (intval($attach_config['upload_filesize_limit']) != 0)
{
$sql = "SELECT attach_id
FROM " . ATTACHMENTS_TABLE . "
WHERE (user_id_1 = " . $userdata['user_id'] . ") AND (privmsgs_id = 0)
GROUP BY attach_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Couldn\'t query attachments', '', __LINE__, __FILE__, $sql);
}
$attach_ids = $db->sql_fetchrowset($result);
$num_attach_ids = $db->sql_numrows($result);
$attach_id = array();
for ($i = 0; $i < $num_attach_ids; $i++)
{
$attach_id[] = intval($attach_ids[$i]['attach_id']);
}
if ($num_attach_ids > 0)
{
//
// Now get the total filesize
//
$sql = "SELECT sum(filesize) as total
FROM " . ATTACHMENTS_DESC_TABLE . "
WHERE attach_id IN (" . implode(', ', $attach_id) . ")";
if ( !($result = attach_sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not query total filesize', '', __LINE__, __FILE__, $sql);
}
$row = $db->sql_fetchrow($result);
$total_filesize = $row['total'];
}
else
{
$total_filesize = 0;
}
if ($total_filesize + $this->filesize > intval($attach_config['upload_filesize_limit']))
{
$upload_filesize_limit = intval($attach_config['upload_filesize_limit']);
$size_lang = ($upload_filesize_limit >= 1048576) ? $lang['MB'] : ( ($upload_filesize_limit >= 1024) ? $lang['KB'] : $lang['Bytes'] );
if ($upload_filesize_limit >= 1048576)
{
$upload_filesize_limit = round($upload_filesize_limit / 1048576 * 100) / 100;
}
else if($upload_filesize_limit >= 1024)
{
$upload_filesize_limit = round($upload_filesize_limit / 1024 * 100) / 100;
}
$error = TRUE;
if(!empty($error_msg))
⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?