<?php /* +-------------------------------------------------------------------------- | WeCenter [#RELEASE_VERSION#] | ======================================== | by WeCenter Software | © 2011 - 2014 WeCenter. All Rights Reserved | http://www.wecenter.com | ======================================== | Support: WeCenter@qq.com | +--------------------------------------------------------------------------- */ class core_upload { public $max_size = 0; public $max_width = 0; public $max_height = 0; public $max_filename = 0; public $allowed_types = ''; public $file_temp = ''; public $file_name = ''; public $orig_name = ''; public $file_type = ''; public $file_size = ''; public $file_ext = ''; public $upload_path = ''; public $overwrite = FALSE; public $encrypt_name = FALSE; public $is_image = FALSE; public $image_width = ''; public $image_height = ''; public $image_type = ''; public $image_size_str = ''; public $error_code = false; public $mimes = array(); public $remove_spaces = TRUE; public $xss_clean = FALSE; public $temp_prefix = "temp_file_"; public $client_name = ''; protected $_file_name_override = ''; // -------------------------------------------------------------------- /** * Initialize preferences * * @param array * @return void */ public function initialize($config = array()) { $defaults = array( 'max_size' => 0, 'max_width' => 0, 'max_height' => 0, 'max_filename' => 0, 'allowed_types' => '', 'file_temp' => '', 'file_name' => '', 'orig_name' => '', 'file_type' => '', 'file_size' => '', 'file_ext' => '', 'upload_path' => '', 'overwrite' => FALSE, 'encrypt_name' => TRUE, 'is_image' => FALSE, 'image_width' => '', 'image_height' => '', 'image_type' => '', 'image_size_str' => '', 'error_code' => false, 'mimes' => array(), 'remove_spaces' => TRUE, 'xss_clean' => TRUE, 'temp_prefix' => "temp_file_", 'client_name' => '' ); foreach ($defaults as $key => $val) { if (isset($config[$key])) { $method = 'set_'.$key; if (method_exists($this, $method)) { $this->$method($config[$key]); } else { $this->$key = $config[$key]; } } else { $this->$key = $val; } } // if a file_name was provided in the config, use it instead of the user input // supplied file name for all uploads until initialized again $this->_file_name_override = $this->file_name; return $this; } // -------------------------------------------------------------------- /** * Perform the file upload * * $filed file name or $_FILES field name, $data_stream are file data string * * @param string * @param string * @return bool */ public function do_upload($field = 'userfile', $data_stream = null) { // Is the upload path valid? if ( ! $this->validate_upload_path()) { // errors will already be set by validate_upload_path() so just return FALSE return FALSE; } clearstatcache(); if ($data_stream) { $tmp_file = TEMP_PATH . 'xhr_' . md5($field . microtime(TRUE) . rand(1, 999)) . '.stream'; if (!file_put_contents($tmp_file, $data_stream)) { $this->set_error('upload_unable_to_write_file'); return FALSE; } // Set the uploaded data as class variables $this->file_temp = $tmp_file; $this->file_size = strlen($data_stream); $this->file_mime_type(array( 'tmp_name' => $tmp_file, 'type' => 'application/octet-stream' )); $this->file_type = preg_replace("/^(.+?);.*$/", "\\1", $this->file_type); $this->file_type = strtolower(trim(stripslashes($this->file_type), '"')); $this->file_name = $this->prep_filename($field); $this->file_ext = $this->get_extension($this->file_name); $this->client_name = $this->file_name; } else { // Is $_FILES[$field] set? If not, no reason to continue. if ( ! isset($_FILES[$field])) { $this->set_error('upload_no_file_selected'); return FALSE; } // Was the file able to be uploaded? If not, determine the reason why. if ( ! is_uploaded_file($_FILES[$field]['tmp_name'])) { $error = ( ! isset($_FILES[$field]['error'])) ? 4 : $_FILES[$field]['error']; switch($error) { case 1: // UPLOAD_ERR_INI_SIZE $this->set_error('upload_file_exceeds_limit'); break; case 2: // UPLOAD_ERR_FORM_SIZE $this->set_error('upload_file_exceeds_form_limit'); break; case 3: // UPLOAD_ERR_PARTIAL $this->set_error('upload_file_partial'); break; case 4: // UPLOAD_ERR_NO_FILE $this->set_error('upload_no_file_selected'); break; case 6: // UPLOAD_ERR_NO_TMP_DIR $this->set_error('upload_no_temp_directory'); break; case 7: // UPLOAD_ERR_CANT_WRITE $this->set_error('upload_unable_to_write_file'); break; case 8: // UPLOAD_ERR_EXTENSION $this->set_error('upload_stopped_by_extension'); break; default : $this->set_error('upload_no_file_selected'); break; } return FALSE; } // Set the uploaded data as class variables $this->file_temp = $_FILES[$field]['tmp_name']; $this->file_size = $_FILES[$field]['size']; $this->file_mime_type($_FILES[$field]); $this->file_type = preg_replace("/^(.+?);.*$/", "\\1", $this->file_type); $this->file_type = strtolower(trim(stripslashes($this->file_type), '"')); $this->file_name = $this->prep_filename($_FILES[$field]['name']); $this->file_ext = $this->get_extension($this->file_name); $this->client_name = $this->file_name; } // Is the file type allowed to be uploaded? if ( ! $this->is_allowed_filetype()) { $this->set_error('upload_invalid_filetype'); return FALSE; } // if we're overriding, let's now make sure the new name and type is allowed if ($this->_file_name_override != '') { $this->file_name = $this->prep_filename($this->_file_name_override); // If no extension was provided in the file_name config item, use the uploaded one if (strpos($this->_file_name_override, '.') === FALSE) { $this->file_name .= $this->file_ext; } // An extension was provided, lets have it! else { $this->file_ext = $this->get_extension($this->_file_name_override); } if ( ! $this->is_allowed_filetype(TRUE)) { $this->set_error('upload_invalid_filetype'); return FALSE; } } // Convert the file size to kilobytes if ($this->file_size > 0) { $this->file_size = round($this->file_size/1024, 2); } // Is the file size within the allowed maximum? if ( ! $this->is_allowed_filesize()) { $this->set_error('upload_invalid_filesize'); return FALSE; } // Are the image dimensions within the allowed size? // Note: This can fail if the server has an open_basdir restriction. if ( ! $this->is_allowed_dimensions()) { $this->set_error('upload_invalid_dimensions'); return FALSE; } // Sanitize the file name for security $this->file_name = $this->clean_file_name($this->file_name); // Truncate the file name if it's too long if ($this->max_filename > 0) { $this->file_name = $this->limit_filename_length($this->file_name, $this->max_filename); } // Remove white spaces in the name if ($this->remove_spaces == TRUE) { $this->file_name = preg_replace("/\s+/", "_", $this->file_name); } /* * Validate the file name * This function appends an number onto the end of * the file if one with the same name already exists. * If it returns false there was a problem. */ $this->orig_name = $this->file_name; if ($this->overwrite == FALSE) { $this->file_name = $this->set_filename($this->upload_path, $this->file_name); } /* * Run the file through the XSS hacking filter * This helps prevent malicious code from being * embedded within a file. Scripts can easily * be disguised as images or other file types. */ if ($this->xss_clean) { if ($this->do_xss_clean() === FALSE) { $this->set_error('upload_unable_to_write_file'); return FALSE; } } if ($data_stream) { /*if ( ! @rename($this->file_temp, $this->upload_path.$this->file_name)) { $this->set_error('upload_destination_error'); return FALSE; }*/ $file_temp = fopen($this->file_temp, 'r'); $target = fopen($this->upload_path.$this->file_name, 'w'); fseek($file_temp, 0, SEEK_SET); if (!stream_copy_to_stream($file_temp, $target)) { $this->set_error('upload_destination_error'); return FALSE; } fclose($target); fclose($file_temp); @unlink($this->file_temp); if (!file_exists($this->upload_path.$this->file_name)) { $this->set_error('upload_unable_to_write_file'); return FALSE; } } else { /* * Move the file to the final destination * To deal with different server configurations * we'll attempt to use copy() first. If that fails * we'll use move_uploaded_file(). One of the two should * reliably work in most environments */ if ( ! @copy($this->file_temp, $this->upload_path.$this->file_name)) { if ( ! @move_uploaded_file($this->file_temp, $this->upload_path.$this->file_name)) { $this->set_error('upload_destination_error'); return FALSE; } } } /* * Set the finalized image dimensions * This sets the image width/height (assuming the * file was an image). We use this information * in the "data" function. */ $this->set_image_properties($this->upload_path.$this->file_name); return TRUE; } // -------------------------------------------------------------------- /** * Finalized Data Array * * Returns an associative array containing all of the information * related to the upload, allowing the developer easy access in one array. * * @return array */ public function data() { if (!file_exists($this->upload_path . $this->file_name)) { return FALSE; } return array ( 'file_name' => $this->file_name, 'file_type' => $this->file_type, 'file_path' => $this->upload_path, 'full_path' => $this->upload_path.$this->file_name, 'raw_name' => str_replace($this->file_ext, '', $this->file_name), 'orig_name' => $this->orig_name, 'client_name' => $this->client_name, 'file_ext' => $this->file_ext, 'file_size' => $this->file_size, 'is_image' => $this->is_image(), 'image_width' => $this->image_width, 'image_height' => $this->image_height, 'image_type' => $this->image_type, 'image_size_str' => $this->image_size_str, ); } // -------------------------------------------------------------------- /** * Set Upload Path * * @param string * @return void */ public function set_upload_path($path) { // Make sure it has a trailing slash $this->upload_path = rtrim($path, '/').'/'; } // -------------------------------------------------------------------- /** * Set the file name * * This function takes a filename/path as input and looks for the * existence of a file with the same name. If found, it will append a * number to the end of the filename to avoid overwriting a pre-existing file. * * @param string * @param string * @return string */ public function set_filename($path, $filename) { if ($this->encrypt_name == TRUE) { $filename = md5(rand(1, 99999999) . microtime()); if ( $this->is_image() ) { $filename .= $this->file_ext; } if ( ! file_exists($path . $filename)) { return $filename; } else { return $this->set_filename($path, $filename); } } return $filename; } // -------------------------------------------------------------------- /** * Set Maximum File Size * * @param integer * @return void */ public function set_max_filesize($n) { $this->max_size = ((int) $n < 0) ? 0: (int) $n; } // -------------------------------------------------------------------- /** * Set Maximum File Name Length * * @param integer * @return void */ public function set_max_filename($n) { $this->max_filename = ((int) $n < 0) ? 0: (int) $n; } // -------------------------------------------------------------------- /** * Set Maximum Image Width * * @param integer * @return void */ public function set_max_width($n) { $this->max_width = ((int) $n < 0) ? 0: (int) $n; } // -------------------------------------------------------------------- /** * Set Maximum Image Height * * @param integer * @return void */ public function set_max_height($n) { $this->max_height = ((int) $n < 0) ? 0: (int) $n; } // -------------------------------------------------------------------- /** * Set Allowed File Types * * @param string * @return void */ public function set_allowed_types($types) { if ( ! is_array($types) && $types == '*') { $this->allowed_types = '*'; return; } if (strstr($types, '|')) { $this->allowed_types = explode('|', $types); } else { $this->allowed_types = explode(',', $types); } } // -------------------------------------------------------------------- /** * Set Image Properties * * Uses GD to determine the width/height/type of image * * @param string * @return void */ public function set_image_properties($path = '') { if ( ! $this->is_image()) { return; } if (function_exists('getimagesize')) { if (FALSE !== ($D = @getimagesize($path))) { $types = array(1 => 'gif', 2 => 'jpeg', 3 => 'png'); $this->image_width = $D['0']; $this->image_height = $D['1']; $this->image_type = ( ! isset($types[$D['2']])) ? 'unknown' : $types[$D['2']]; $this->image_size_str = $D['3']; // string containing height and width } } } // -------------------------------------------------------------------- /** * Set XSS Clean * * Enables the XSS flag so that the file that was uploaded * will be run through the XSS filter. * * @param bool * @return void */ public function set_xss_clean($flag = FALSE) { $this->xss_clean = ($flag == TRUE) ? TRUE : FALSE; } // -------------------------------------------------------------------- /** * Validate the image * * @return bool */ public function is_image() { if (!in_array(strtolower($this->file_ext), array( '.jpg', '.jpe', '.jpeg', '.bmp', '.gif', '.png' ))) { return FALSE; } // IE will sometimes return odd mime-types during upload, so here we just standardize all // jpegs or pngs to the same file type. $png_mimes = array('image/x-png'); $jpeg_mimes = array('image/jpg', 'image/jpe', 'image/jpeg', 'image/pjpeg'); if (in_array($this->file_type, $png_mimes)) { $this->file_type = 'image/png'; } if (in_array($this->file_type, $jpeg_mimes)) { $this->file_type = 'image/jpeg'; } $img_mimes = array( 'image/gif', 'image/jpeg', 'image/png', ); return (in_array($this->file_type, $img_mimes, TRUE)) ? TRUE : FALSE; } // -------------------------------------------------------------------- /** * Verify that the filetype is allowed * * @return bool */ public function is_allowed_filetype($ignore_mime = FALSE) { if ($this->allowed_types == '*') { return TRUE; } if (count($this->allowed_types) == 0 OR ! is_array($this->allowed_types)) { $this->set_error('upload_no_file_types'); return FALSE; } $ext = strtolower(ltrim($this->file_ext, '.')); if ( ! in_array($ext, $this->allowed_types)) { return FALSE; } // Images get some additional checks $image_types = array('gif', 'jpg', 'jpeg', 'png', 'jpe'); if (in_array($ext, $image_types)) { if (getimagesize($this->file_temp) === FALSE) { return FALSE; } } return TRUE; } // -------------------------------------------------------------------- /** * Verify that the file is within the allowed size * * @return bool */ public function is_allowed_filesize() { if ($this->max_size != 0 AND $this->file_size > $this->max_size) { return FALSE; } else { return TRUE; } } // -------------------------------------------------------------------- /** * Verify that the image is within the allowed width/height * * @return bool */ public function is_allowed_dimensions() { if ( ! $this->is_image()) { return TRUE; } if (function_exists('getimagesize')) { $D = @getimagesize($this->file_temp); if ($this->max_width > 0 AND $D['0'] > $this->max_width) { return FALSE; } if ($this->max_height > 0 AND $D['1'] > $this->max_height) { return FALSE; } return TRUE; } return TRUE; } // -------------------------------------------------------------------- /** * Validate Upload Path * * Verifies that it is a valid upload path with proper permissions. * * * @return bool */ public function validate_upload_path() { if ($this->upload_path == '') { $this->set_error('upload_no_filepath'); return FALSE; } if (function_exists('realpath') AND @realpath($this->upload_path) !== FALSE) { $this->upload_path = str_replace("\\", "/", realpath($this->upload_path)); } if (!defined('IN_SAE')) { if ( ! is_dir($this->upload_path)) { if (! make_dir($this->upload_path)) { $this->set_error('upload_not_writable'); return FALSE; } } if ( ! is_really_writable($this->upload_path)) { $this->set_error('upload_not_writable'); return FALSE; } } $this->upload_path = preg_replace("/(.+?)\/*$/", "\\1/", $this->upload_path); return TRUE; } // -------------------------------------------------------------------- /** * Extract the file extension * * @param string * @return string */ public function get_extension($filename) { $x = explode('.', $filename); return '.'.end($x); } // -------------------------------------------------------------------- /** * Clean the file name for security * * @param string * @return string */ public function clean_file_name($filename) { $bad = array( "<!--", "-->", "'", "<", ">", '"', '&', '$', '=', ';', '?', '/', "%20", "%22", "%3c", // < "%253c", // < "%3e", // > "", // > "%28", // ( "%29", // ) "%2528", // ( "%26", // & "%24", // $ "%3f", // ? "%3b", // ; "%3d" // = ); $filename = str_replace($bad, '', $filename); return stripslashes($filename); } // -------------------------------------------------------------------- /** * Limit the File Name Length * * @param string * @return string */ public function limit_filename_length($filename, $length) { if (strlen($filename) < $length) { return $filename; } $ext = ''; if (strpos($filename, '.') !== FALSE) { $parts = explode('.', $filename); $ext = '.'.array_pop($parts); //$filename = implode('.', $parts); } return substr($filename, 0, ($length - strlen($ext))).$ext; } // -------------------------------------------------------------------- /** * Runs the file through the XSS clean function * * This prevents people from embedding malicious code in their files. * I'm not sure that it won't negatively affect certain files in unexpected ways, * but so far I haven't found that it causes trouble. * * @return void */ public function do_xss_clean() { $file = $this->file_temp; // 部分 IIS 环境下返回值始终为 0 //if (filesize($file) == 0) if ($this->file_size == 0) { return FALSE; } if (function_exists('memory_get_usage') && memory_get_usage() && ini_get('memory_limit') != '') { $current = ini_get('memory_limit') * 1024 * 1024; // There was a bug/behavioural change in PHP 5.2, where numbers over one million get output // into scientific notation. number_format() ensures this number is an integer // http://bugs.php.net/bug.php?id=43053 $new_memory = number_format(ceil(filesize($file) + $current), 0, '.', ''); @ini_set('memory_limit', $new_memory); // When an integer is used, the value is measured in bytes. - PHP.net } // If the file being uploaded is an image, then we should have no problem with XSS attacks (in theory), but // IE can be fooled into mime-type detecting a malformed image as an html file, thus executing an XSS attack on anyone // using IE who looks at the image. It does this by inspecting the first 255 bytes of an image. To get around this // CI will itself look at the first 255 bytes of an image to determine its relative safety. This can save a lot of // processor power and time if it is actually a clean image, as it will be in nearly all instances _except_ an // attempted XSS attack. if (function_exists('getimagesize') && @getimagesize($file) !== FALSE) { if (($file = @fopen($file, 'rb')) === FALSE) // "b" to force binary { return FALSE; // Couldn't open the file, return FALSE } $opening_bytes = fread($file, 256); fclose($file); // These are known to throw IE into mime-type detection chaos // <a, <body, <head, <html, <img, <plaintext, <pre, <script, <table, <title // title is basically just in SVG, but we filter it anyhow if ( ! preg_match('/<(a|body|head|html|img|plaintext|pre|script|table|title)[\s>]/i', $opening_bytes)) { return TRUE; // its an image, no "triggers" detected in the first 256 bytes, we're good } else { return FALSE; } } if (($data = @file_get_contents($file)) === FALSE) { return FALSE; } return $data; } // -------------------------------------------------------------------- /** * Set an error message * * @param string * @return void */ public function set_error($code) { $this->error_code = $code; } /** * Get an error message * * @return array */ public function get_error() { if ($this->error_code) { @unlink($this->file_temp); } return $this->error_code; } // -------------------------------------------------------------------- /** * Prep Filename * * Prevents possible script execution from Apache's handling of files multiple extensions * http://httpd.apache.org/docs/1.3/mod/mod_mime.html#multipleext * * @param string * @return string */ protected function prep_filename($filename) { if (strpos($filename, '.') === FALSE OR $this->allowed_types == '*') { return $filename; } $parts = explode('.', $filename); $ext = array_pop($parts); $filename = array_shift($parts); foreach ($parts as $part) { if ( ! in_array(strtolower($part), $this->allowed_types)) { $filename .= '.'.$part.'_'; } else { $filename .= '.'.$part; } } $filename .= '.'.$ext; return $filename; } // -------------------------------------------------------------------- /** * File MIME type * * Detects the (actual) MIME type of the uploaded file, if possible. * The input array is expected to be $_FILES[$field] * * @param array * @return void */ protected function file_mime_type($file) { // We'll need this to validate the MIME info string (e.g. text/plain; charset=us-ascii) $regexp = '/^([a-z\-]+\/[a-z0-9\-\.\+]+)(;\s.+)?$/'; /* Fileinfo extension - most reliable method * * Unfortunately, prior to PHP 5.3 - it's only available as a PECL extension and the * more convenient FILEINFO_MIME_TYPE flag doesn't exist. */ if (function_exists('finfo_file')) { $finfo = finfo_open(FILEINFO_MIME); if (is_resource($finfo)) // It is possible that a FALSE value is returned, if there is no magic MIME database file found on the system { $mime = @finfo_file($finfo, $file['tmp_name']); finfo_close($finfo); /* According to the comments section of the PHP manual page, * it is possible that this function returns an empty string * for some files (e.g. if they don't exist in the magic MIME database) */ if (is_string($mime) && preg_match($regexp, $mime, $matches)) { $this->file_type = $matches[1]; return; } } } /* This is an ugly hack, but UNIX-type systems provide a "native" way to detect the file type, * which is still more secure than depending on the value of $_FILES[$field]['type'], and as it * was reported in issue #750 (https://github.com/EllisLab/CodeIgniter/issues/750) - it's better * than mime_content_type() as well, hence the attempts to try calling the command line with * three different functions. * * Notes: * - the DIRECTORY_SEPARATOR comparison ensures that we're not on a Windows system * - many system admins would disable the exec(), shell_exec(), popen() and similar functions * due to security concerns, hence the function_exists() checks */ if (DIRECTORY_SEPARATOR !== '\\') { $cmd = 'file --brief --mime ' . @escapeshellarg($file['tmp_name']) . ' 2>&1'; if (function_exists('exec')) { /* This might look confusing, as $mime is being populated with all of the output when set in the second parameter. * However, we only neeed the last line, which is the actual return value of exec(), and as such - it overwrites * anything that could already be set for $mime previously. This effectively makes the second parameter a dummy * value, which is only put to allow us to get the return status code. */ $mime = @exec($cmd, $mime, $return_status); if ($return_status === 0 && is_string($mime) && preg_match($regexp, $mime, $matches)) { $this->file_type = $matches[1]; return; } } if ( (bool) @ini_get('safe_mode') === FALSE && function_exists('shell_exec')) { $mime = @shell_exec($cmd); if (strlen($mime) > 0) { $mime = explode("\n", trim($mime)); if (preg_match($regexp, $mime[(count($mime) - 1)], $matches)) { $this->file_type = $matches[1]; return; } } } if (function_exists('popen')) { $proc = @popen($cmd, 'r'); if (is_resource($proc)) { $mime = @fread($proc, 512); @pclose($proc); if ($mime !== FALSE) { $mime = explode("\n", trim($mime)); if (preg_match($regexp, $mime[(count($mime) - 1)], $matches)) { $this->file_type = $matches[1]; return; } } } } } // Fall back to the deprecated mime_content_type(), if available (still better than $_FILES[$field]['type']) if (function_exists('mime_content_type')) { $this->file_type = @mime_content_type($file['tmp_name']); if (strlen($this->file_type) > 0) // It's possible that mime_content_type() returns FALSE or an empty string { return; } } if (function_exists('getimagesize')) { $imageinfo = @getimagesize($file['tmp_name']); if ($imageinfo['mime']) { $this->file_type = $imageinfo['mime']; return; } } $this->file_type = $file['type']; } // -------------------------------------------------------------------- }
AI智能回复搜索中,请稍后...
