Вход Регистрация
Файл: upload-2031-rs1/admin/controller/tool/upload.php
Строк: 396
<?php
class ControllerToolUpload extends Controller {
    private 
$error = array();

    public function 
index() {
        
$this->load->language('tool/upload');

        
$this->document->setTitle($this->language->get('heading_title'));

        
$this->load->model('tool/upload');

        
$this->getList();
    }

    public function 
delete() {
        
$this->load->language('tool/upload');

        
$this->document->setTitle($this->language->get('heading_title'));

        
$this->load->model('tool/upload');

        if (isset(
$this->request->post['selected']) && $this->validateDelete()) {
            foreach (
$this->request->post['selected'] as $upload_id) {
                
// Remove file before deleting DB record.
                
$upload_info $this->model_tool_upload->getUpload($upload_id);

                if (
$upload_info && is_file(DIR_DOWNLOAD $upload_info['filename'])) {
                    
unlink(DIR_UPLOAD $upload_info['filename']);
                }

                
$this->model_tool_upload->deleteUpload($upload_id);
            }

            
$this->session->data['success'] = $this->language->get('text_success');

            
$url '';

            if (isset(
$this->request->get['filter_name'])) {
                
$url .= '&filter_name=' urlencode(html_entity_decode($this->request->get['filter_name'], ENT_QUOTES'UTF-8'));
            }

            if (isset(
$this->request->get['filter_date_added'])) {
                
$url .= '&filter_date_added=' $this->request->get['filter_date_added'];
            }

            if (isset(
$this->request->get['sort'])) {
                
$url .= '&sort=' $this->request->get['sort'];
            }

            if (isset(
$this->request->get['order'])) {
                
$url .= '&order=' $this->request->get['order'];
            }

            if (isset(
$this->request->get['page'])) {
                
$url .= '&page=' $this->request->get['page'];
            }

            
$this->response->redirect($this->url->link('tool/upload''token=' $this->session->data['token'] . $url'SSL'));
        }

        
$this->getList();
    }

    protected function 
getList() {
        if (isset(
$this->request->get['filter_name'])) {
            
$filter_name $this->request->get['filter_name'];
        } else {
            
$filter_name null;
        }

        if (isset(
$this->request->get['filter_date_added'])) {
            
$filter_date_added $this->request->get['filter_date_added'];
        } else {
            
$filter_date_added null;
        }

        if (isset(
$this->request->get['sort'])) {
            
$sort $this->request->get['sort'];
        } else {
            
$sort 'date_added';
        }

        if (isset(
$this->request->get['order'])) {
            
$order $this->request->get['order'];
        } else {
            
$order 'DESC';
        }

        if (isset(
$this->request->get['page'])) {
            
$page $this->request->get['page'];
        } else {
            
$page 1;
        }

        
$url '';

        if (isset(
$this->request->get['filter_name'])) {
            
$url .= '&filter_name=' urlencode(html_entity_decode($this->request->get['filter_name'], ENT_QUOTES'UTF-8'));
        }

        if (isset(
$this->request->get['filter_date_added'])) {
            
$url .= '&filter_date_added=' $this->request->get['filter_date_added'];
        }

        if (isset(
$this->request->get['sort'])) {
            
$url .= '&sort=' $this->request->get['sort'];
        }

        if (isset(
$this->request->get['order'])) {
            
$url .= '&order=' $this->request->get['order'];
        }

        if (isset(
$this->request->get['page'])) {
            
$url .= '&page=' $this->request->get['page'];
        }

        
$data['breadcrumbs'] = array();

        
$data['breadcrumbs'][] = array(
            
'text' => $this->language->get('text_home'),
            
'href' => $this->url->link('common/dashboard''token=' $this->session->data['token'], 'SSL')
        );

        
$data['breadcrumbs'][] = array(
            
'text' => $this->language->get('heading_title'),
            
'href' => $this->url->link('tool/upload''token=' $this->session->data['token'] . $url'SSL')
        );

        
$data['delete'] = $this->url->link('tool/upload/delete''token=' $this->session->data['token'] . $url'SSL');

        
$data['uploads'] = array();

        
$filter_data = array(
            
'filter_name'        => $filter_name,
            
'filter_date_added'    => $filter_date_added,
            
'sort'              => $sort,
            
'order'             => $order,
            
'start'             => ($page 1) * $this->config->get('config_limit_admin'),
            
'limit'             => $this->config->get('config_limit_admin')
        );

        
$upload_total $this->model_tool_upload->getTotalUploads($filter_data);

        
$results $this->model_tool_upload->getUploads($filter_data);

        foreach (
$results as $result) {
            
$data['uploads'][] = array(
                
'upload_id'  => $result['upload_id'],
                
'name'       => $result['name'],
                
'filename'   => $result['filename'],
                
'date_added' => date($this->language->get('date_format_short'), strtotime($result['date_added'])),
                
'download'   => $this->url->link('tool/upload/download''token=' $this->session->data['token'] . '&code=' $result['code'] . $url'SSL')
            );
        }

        
$data['heading_title'] = $this->language->get('heading_title');
        
        
$data['text_list'] = $this->language->get('text_list');
        
$data['text_no_results'] = $this->language->get('text_no_results');
        
$data['text_confirm'] = $this->language->get('text_confirm');

        
$data['column_name'] = $this->language->get('column_name');
        
$data['column_filename'] = $this->language->get('column_filename');
        
$data['column_date_added'] = $this->language->get('column_date_added');
        
$data['column_action'] = $this->language->get('column_action');

        
$data['entry_name'] = $this->language->get('entry_name');
        
$data['entry_date_added'] = $this->language->get('entry_date_added');

        
$data['button_download'] = $this->language->get('button_download');
        
$data['button_delete'] = $this->language->get('button_delete');
        
$data['button_filter'] = $this->language->get('button_filter');

        
$data['token'] = $this->session->data['token'];

        if (isset(
$this->error['warning'])) {
            
$data['error_warning'] = $this->error['warning'];
        } else {
            
$data['error_warning'] = '';
        }

        if (isset(
$this->session->data['success'])) {
            
$data['success'] = $this->session->data['success'];

            unset(
$this->session->data['success']);
        } else {
            
$data['success'] = '';
        }

        if (isset(
$this->request->post['selected'])) {
            
$data['selected'] = (array)$this->request->post['selected'];
        } else {
            
$data['selected'] = array();
        }

        
$url '';

        if (
$order == 'ASC') {
            
$url .= '&order=DESC';
        } else {
            
$url .= '&order=ASC';
        }

        if (isset(
$this->request->get['page'])) {
            
$url .= '&page=' $this->request->get['page'];
        }

        
$data['sort_name'] = $this->url->link('tool/upload''token=' $this->session->data['token'] . '&sort=name' $url'SSL');
        
$data['sort_filename'] = $this->url->link('tool/upload''token=' $this->session->data['token'] . '&sort=filename' $url'SSL');
        
$data['sort_date_added'] = $this->url->link('tool/upload''token=' $this->session->data['token'] . '&sort=date_added' $url'SSL');

        
$url '';

        if (isset(
$this->request->get['filter_name'])) {
            
$url .= '&filter_name=' urlencode(html_entity_decode($this->request->get['filter_name'], ENT_QUOTES'UTF-8'));
        }

        if (isset(
$this->request->get['filter_date_added'])) {
            
$url .= '&filter_date_added=' $this->request->get['filter_date_added'];
        }

        if (isset(
$this->request->get['sort'])) {
            
$url .= '&sort=' $this->request->get['sort'];
        }

        if (isset(
$this->request->get['order'])) {
            
$url .= '&order=' $this->request->get['order'];
        }

        
$pagination = new Pagination();
        
$pagination->total $upload_total;
        
$pagination->page $page;
        
$pagination->limit $this->config->get('config_limit_admin');
        
$pagination->url $this->url->link('tool/upload''token=' $this->session->data['token'] . $url '&page={page}''SSL');

        
$data['pagination'] = $pagination->render();

        
$data['results'] = sprintf($this->language->get('text_pagination'), ($upload_total) ? (($page 1) * $this->config->get('config_limit_admin')) + 0, ((($page 1) * $this->config->get('config_limit_admin')) > ($upload_total $this->config->get('config_limit_admin'))) ? $upload_total : ((($page 1) * $this->config->get('config_limit_admin')) + $this->config->get('config_limit_admin')), $upload_totalceil($upload_total $this->config->get('config_limit_admin')));

        
$data['filter_name'] = $filter_name;
        
$data['filter_date_added'] = $filter_date_added;

        
$data['sort'] = $sort;
        
$data['order'] = $order;

        
$data['header'] = $this->load->controller('common/header');
        
$data['column_left'] = $this->load->controller('common/column_left');
        
$data['footer'] = $this->load->controller('common/footer');

        
$this->response->setOutput($this->load->view('tool/upload.tpl'$data));
    }

    protected function 
validateDelete() {
        if (!
$this->user->hasPermission('modify''tool/upload')) {
            
$this->error['warning'] = $this->language->get('error_permission');
        }

        return !
$this->error;
    }

    public function 
download() {
        
$this->load->model('tool/upload');

        if (isset(
$this->request->get['code'])) {
            
$code $this->request->get['code'];
        } else {
            
$code 0;
        }

        
$upload_info $this->model_tool_upload->getUploadByCode($code);

        if (
$upload_info) {
            
$file DIR_UPLOAD $upload_info['filename'];
            
$mask basename($upload_info['name']);

            if (!
headers_sent()) {
                if (
is_file($file)) {
                    
header('Content-Type: application/octet-stream');
                    
header('Content-Description: File Transfer');
                    
header('Content-Disposition: attachment; filename="' . ($mask $mask basename($file)) . '"');
                    
header('Content-Transfer-Encoding: binary');
                    
header('Expires: 0');
                    
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
                    
header('Pragma: public');
                    
header('Content-Length: ' filesize($file));

                    
readfile($file'rb');
                    exit;
                } else {
                    exit(
'Error: Could not find file ' $file '!');
                }
            } else {
                exit(
'Error: Headers already sent out!');
            }
        } else {
            
$this->load->language('error/not_found');

            
$this->document->setTitle($this->language->get('heading_title'));

            
$data['heading_title'] = $this->language->get('heading_title');

            
$data['text_not_found'] = $this->language->get('text_not_found');

            
$data['breadcrumbs'] = array();

            
$data['breadcrumbs'][] = array(
                
'text' => $this->language->get('text_home'),
                
'href' => $this->url->link('common/dashboard''token=' $this->session->data['token'], 'SSL')
            );

            
$data['breadcrumbs'][] = array(
                
'text' => $this->language->get('heading_title'),
                
'href' => $this->url->link('error/not_found''token=' $this->session->data['token'], 'SSL')
            );

            
$data['header'] = $this->load->controller('common/header');
            
$data['column_left'] = $this->load->controller('common/column_left');
            
$data['footer'] = $this->load->controller('common/footer');

            
$this->response->setOutput($this->load->view('error/not_found.tpl'$data));
        }
    }

    public function 
upload() {
        
$this->load->language('sale/order');

        
$json = array();

        
// Check user has permission
        
if (!$this->user->hasPermission('modify''tool/upload')) {
            
$json['error'] = $this->language->get('error_permission');
        }

        if (!
$json) {
            if (!empty(
$this->request->files['file']['name']) && is_file($this->request->files['file']['tmp_name'])) {
                
// Sanitize the filename
                
$filename html_entity_decode($this->request->files['file']['name'], ENT_QUOTES'UTF-8');

                if ((
utf8_strlen($filename) < 3) || (utf8_strlen($filename) > 128)) {
                    
$json['error'] = $this->language->get('error_filename');
                }

                
// Allowed file extension types
                
$allowed = array();

                
$extension_allowed preg_replace('~r?n~'"n"$this->config->get('config_file_ext_allowed'));

                
$filetypes explode("n"$extension_allowed);

                foreach (
$filetypes as $filetype) {
                    
$allowed[] = trim($filetype);
                }

                if (!
in_array(strtolower(substr(strrchr($filename'.'), 1)), $allowed)) {
                    
$json['error'] = $this->language->get('error_filetype');
                }

                
// Allowed file mime types
                
$allowed = array();

                
$mime_allowed preg_replace('~r?n~'"n"$this->config->get('config_file_mime_allowed'));

                
$filetypes explode("n"$mime_allowed);

                foreach (
$filetypes as $filetype) {
                    
$allowed[] = trim($filetype);
                }

                if (!
in_array($this->request->files['file']['type'], $allowed)) {
                    
$json['error'] = $this->language->get('error_filetype');
                }

                
// Check to see if any PHP files are trying to be uploaded
                
$content file_get_contents($this->request->files['file']['tmp_name']);

                if (
preg_match('/<?php/i'$content)) {
                    
$json['error'] = $this->language->get('error_filetype');
                }

                
// Return any upload error
                
if ($this->request->files['file']['error'] != UPLOAD_ERR_OK) {
                    
$json['error'] = $this->language->get('error_upload_' $this->request->files['file']['error']);
                }
            } else {
                
$json['error'] = $this->language->get('error_upload');
            }
        }

        if (!
$json) {
            
$file $filename '.' md5(mt_rand());

            
move_uploaded_file($this->request->files['file']['tmp_name'], DIR_UPLOAD $file);

            
// Hide the uploaded file name so people can not link to it directly.
            
$this->load->model('tool/upload');

            
$json['code'] = $this->model_tool_upload->addUpload($filename$file);

            
$json['success'] = $this->language->get('text_upload');
        }

        
$this->response->addHeader('Content-Type: application/json');
        
$this->response->setOutput(json_encode($json));
    }
}
Онлайн: 1
Реклама