upload.php

一款文件上传程序

<?php
require_once 'includes/commons.inc.php';
require_once 'includes/messages_upload.inc.php';
require_once 'includes/functions_img.inc.php';
require_once 'includes/functions_upload.inc.php';
$tpl_upload = new Template ( TPL_DIR . 'tpl_upload.php' );
$tpl_img    = new Template ( TPL_DIR . 'tpl_img.php' );
$tpl_error  = new Template ( TPL_DIR . 'tpl_error.php' );

//$zip_enabled = function_exists ( 'zip_open' );
$zip_enabled = 1;
$tpl_upload->set ( 'zip_enabled', $zip_enabled );

// user paths
$user_root = $UPL['SETTINGS']['userfiles_dir'] . $UPL['USER']['userid'] . '/';
$user_url  = $UPL['SETTINGS']['userfiles_url'] . $UPL['USER']['userid'] . '/';
$uploader_view = $UPL['SETTINGS']['uploader_view'];

if ( !is_dir ( $user_root ) )
{
	$tpl_message->set ( 'message', parse ( $lang_upload['upl_folder_no_exists'], '{username}', $UPL['USER']['username'] ) );
	$tpl_uploader->setr ( 'content', $tpl_message, 1 );
	exit;
}

// get user inputs
$upload_to = path_decode ( gpc ( 'upload_to', 'G', '' ) );

// user contents
$user_contents 	= get_contents ( $user_root );
$space_used 	= $user_contents['total_size'];

// folders
$user_folders 	=& $user_contents['dirs'];
$count 		= count ( $user_folders );
$rebuild_index = false;
for ( $i = 0; $i < $count; $i++ )
{
	if ( $user_folders[$i]['name'] == 'thumbs' )
	{
		unset ( $user_folders[$i] );
		$rebuild_index = true;
		continue;
	}
	$user_folders[$i] = array_merge ( $user_folders[$i], get_folder_info ( $user_root . $user_folders[$i]['path'] ) );
	$user_folders[$i]['selected'] 	= $user_folders[$i]['path'] == $upload_to;
	$user_folders[$i]['path'] 	= path_encode ( $user_folders[$i]['path'] );
}
if ( $rebuild_index ) $user_folders = array_values ( $user_folders );
$tpl_upload->setr ( 'user_folders', $user_folders );

// user restrictions, all sizes are in Bytes
$max_storage 	= $UPL['USER']['fl_max_storage']  * 1024 * 1024;
$file_types 	= $UPL['USER']['fl_allowed_types'];
$images_only    = $UPL['USER']['fl_images_only'];
$max_file_size 	= $UPL['USER']['fl_max_filesize'] * 1024;


$restr = array
(
	'max_file_size' => $max_file_size > 0 ? get_size ( $max_file_size, 'B', 0 ) : $lang_misc['unlimited'],
	'file_types' 	=> str_replace ( ',', ', ', $file_types ),
	'images_only' 	=> $images_only,
);
$tpl_upload->setr ( 'restrictions', $restr );

// User exceeded storage limit?
if ( ( $max_storage > 0 ) && $space_used >= $max_storage )
{
	$tpl_message->set ( 'message', $lang_upload['upl_storage_limit'] );
	$tpl_uploader->setr ( 'content', $tpl_message, 1 );
}

if ( $action == 'check_file_exists' )
{
	$files = gpc ( 'files', 'P', array() );
	$folder = path_decode ( gpc ( 'folder', 'P', '' ) );
	$path 	= $user_root . $folder . '/';

	for ( $i = 0; $i < count ( $files ); ++$i )
	{
		if ( is_file ( $path . $files[$i] ) )
		{
			print parse ( $lang_upload['upl_file_exists_warn'], array ( '{file}' => htmlentities ( $files[$i] ), '{folder}' => ( $folder == '' ? $lang_misc['main_folder'] : basename ( $folder ) ) ) );
		}
	}
}
elseif ( $action == 'upload' )
{
	// options
	$overwrite 			= gpc ( 'overwrite_option', 'P', 'skip' );
	$post_action 		= gpc ( 'post_action', 'P', '' );
	$upload_to 			= path_decode ( gpc ( 'upload_to', 'P' ) );
	$create_thumbs  	= gpc ( 'create_thumbnails', 'P', 0 );
	$thumb_size			= gpc ( 'thumbnail_size', 'P', 'small' );
	$create_img_tags	= gpc ( 'create_img_tags', 'P', 0 );
	$extract_zip_files 	= gpc ( 'extract_zip_files', 'P', 0 );

	// security check
	if ( !check_path ( $user_root, $user_root . $upload_to ) )
	{
		exit(SECURITY_ERROR);
	}
	elseif ( !is_dir ( $user_root . $upload_to ) )
	{
		exit(ERROR);
	}
	$dest_folder_info = get_folder_info ( $user_root . $upload_to );

	$errors   = array ( );
	$uploaded = array ( );

	// Process zip files
	while ( list ( $name , $file ) = each ( $_FILES ) )
	{
		if ( ( $file['name'] == 'batch.zip' || $file['name'] == 'upload.zip' || ( $zip_enabled && $extract_zip_files ) ) && is_zip ( $file['tmp_name'] ) )
		{
			process_zip_file ( $file['tmp_name'] );
			unset ( $_FILES[$name] );
		}
	}
	reset ( $_FILES );

	while ( list ( $name, $file ) = each ( $_FILES ) )
	{
		$dest_path = $user_root . $upload_to . '/' . $file['name'];

		if ( !validate_uploaded_file ( $file, $errors, $uploaded ) )
		{
			if ( is_file ( $file['tmp_name'] ) )
			{
				unlink ( $file['tmp_name'] );
			}
			continue;
		}

		if ( is_file ( $dest_path ) ) unlink ( $dest_path );

		if ( !rename ( $file['tmp_name'], $dest_path ) )
		{
			$errors [] = parse ( $lang_upload['upl_cant_move'], '{file}', $file['name'] );
		}
		else
		{
			// clear cache
			clear_contents_cache ( $user_root );

			// chmod the file
			@change_mode ( $dest_path, $UPL['CONFIGS']['CHMOD_TO'] );

			// watermark the file if it's an image
			if ( ( $UPL['SETTINGS']['wm'] == 'always' || ( $UPL['SETTINGS']['wm'] == 'user' && $UPL['USER']['fl_watermark'] ) ) && is_image ( $dest_path, true ) )
			{
				img_wmark ( $dest_path, $UPL['SETTINGS']['wm_path'], $UPL['CONFIGS']['WATERMARK_TOP'], $UPL['CONFIGS']['WATERMARK_LEFT'], $UPL['CONFIGS']['WATERMARK_IGNORE_WIDTH'] );
			}

			// create thumbnails?
			if ( ( $create_thumbs || $dest_folder_info['is_gallery'] ) && is_image ( $dest_path, true ) )
			{
				if ( $thumb_size == 'large' ) list ( $new_width, $new_height ) = explode ( 'x', $UPL['CONFIGS']['THUMBNAIL_LARGE'] );
				else list ( $new_width, $new_height ) = explode ( 'x', $UPL['CONFIGS']['THUMBNAIL_SMALL'] );

				if ( $dest_folder_info['is_gallery'] )
				{
					list ( $new_width, $new_height ) = explode ( 'x', $UPL['CONFIGS']['THUMBNAIL_GALLERY'] );
					$thumb_name = $file['name'];
					$thumb_path = $user_root . $upload_to . '/thumbs/' . $file['name'];
					$thumb_url = $UPL['SETTINGS']['userfiles_url'] . clean_url ( $UPL['USER']['userid'] . '/' . ( $upload_to != '' ? $upload_to . '/' : '' ) . 'thumbs/' . rawurlencode ( basename ( $thumb_name ) ) );
				}
				else
				{
					$thumb_name = get_filename ( $file['name'] ) . '_thumb.' . get_extension ( $file['name'] );
					$thumb_path = $user_root . $upload_to . '/' . $thumb_name;
					$thumb_url = $UPL['SETTINGS']['userfiles_url'] . clean_url ( $UPL['USER']['userid'] . '/' . ( $upload_to != '' ? $upload_to . '/' : '' ) . rawurlencode ( basename ( $thumb_name ) ) );
				}

				$thumb_created = true;

				if ( img_resize ( $dest_path, $thumb_path, $new_width, $new_height, $UPL['CONFIGS']['THUMBNAIL_BORDER'] ) )
				{
					$space_used += filesize ( $thumb_path );
				}
			}
			else
			{
				$thumb_created = false;
				$thumb_url = '';
			}

			// upload successul
			$space_used += $file['size'];

			//log upload
			if ( $UPL['SETTINGS']['log'] >= 1 )
			{
				$log_file = LOGS_DIR . date ( 'M_d_Y' ) . '.log';

				$fp = fopen ( $log_file, 'a+' );

				if ( $fp )
				{
					fwrite ( $fp, sprintf ( "%s(%s) uploaded %s at %s\r\n", $UPL['USER']['username'], $_SERVER['REMOTE_ADDR'], $file['name'], date ( 'h:mA' ) ) );
					fclose ( $fp );
				}
			}

			$furl = $UPL['SETTINGS']['userfiles_url'] . clean_url ( $UPL['USER']['userid'] . '/' . ( $upload_to != '' ? $upload_to . '/' : '' ) . rawurlencode ( $file['name'] ) );

			// list of uploaded files
			if ( MOD_REWRITE )
			{
				$lurl = $UPL['SETTINGS']['userfiles_url'] . ( $uploader_view ? 'view/' : '' ) . clean_url ( $UPL['USER']['userid'] . '/' . ( $upload_to != '' ? $upload_to . '/' : '' ) . rawurlencode ( $file['name'] ) );
			}
			else
			{
				if ( $uploader_view )
				{
					$lurl = $UPL['SETTINGS']['uploader_url'] . 'view.php?userid=' . $UPL['USER']['userid'] . '&file=' . ( $upload_to != '' ? $upload_to . '/' : '' ) . rawurlencode ( $file['name'] );
				}
				else
				{
					$lurl = $UPL['SETTINGS']['userfiles_url'] . clean_url ( $UPL['USER']['userid'] . '/' . ( $upload_to != '' ? $upload_to . '/' : '' ) . rawurlencode ( $file['name'] ) );
				}
			}
			$uploaded [] = array ( 'name' => $file['name'], 'url' => $furl, 'link' => $lurl, 'size' => get_size ( $file['size'] ), 'has_thumb' => $thumb_created, 'thumb_url' => $thumb_url );
		}

	} // end uploaded files loop

	// any errors to show?
	if ( count ( $errors ) )
	{
		$tpl_message->set ( 'message_title', $lang_upload['upl_files_not_uploaded'] );
		$tpl_message->set ( 'message', $errors );
		$tpl_message->set ( 'back_url', 'upload.php' );
		$tpl_uploader->setr ( 'content', $tpl_message, 1 );
	}
	elseif ( count ( $uploaded ) )
	{
		$back_url = MOD_REWRITE ? 'myfiles/' . $upload_to : ( 'myfiles.php?' . ( $upload_to == '' ? '' : 'folder=' . path_encode ( $upload_to ) ) );
		// img tags?
		if ( $create_img_tags )
		{
			// show img tags
			$tpl_img->setr ( 'images', $uploaded );
			$tpl_img->set ( 'back_url', $back_url );
			$tpl_uploader->set ( 'page_title', '[IMG] Tags' );
			$tpl_uploader->setr ( 'content', $tpl_img, 1 );
		}
		else
		{
			// go back to myfiles
			header ( 'Location: ' . $back_url );
		}
	}
	else
	{
		header ( 'Location: upload.php?upload_to=' . path_encode ( $upload_to ) );
	}
}
else
{
	// display upload form
	$tpl_upload->set ( 'cancel_url', MOD_REWRITE ? 'myfiles/' . $upload_to : ( 'myfiles.php' . ( $upload_to != '' ? '?folder=' . path_encode ( $upload_to ) : '' ) ) );
	$tpl_upload->set ( 'upload_to', ( $upload_to ) );
	$tpl_uploader->set ( 'page_title', 'File upload' );
	$tpl_uploader->set ( 'content', $tpl_upload, 1 );
}
?>