blob: ff1b664fa8f54b785ca6728dc6f7a1c038f7aff7 [file] [log] [blame]
Andrey Andreevc5536aa2012-11-01 17:33:58 +02001<?php
Derek Allard2067d1a2008-11-13 22:59:24 +00002/**
3 * CodeIgniter
4 *
Phil Sturgeon07c1ac82012-03-09 17:03:37 +00005 * An open source application development framework for PHP 5.2.4 or newer
Derek Allard2067d1a2008-11-13 22:59:24 +00006 *
Derek Jonesf4a4bd82011-10-20 12:18:42 -05007 * NOTICE OF LICENSE
Andrey Andreev3a459572011-12-21 11:23:11 +02008 *
Derek Jonesf4a4bd82011-10-20 12:18:42 -05009 * Licensed under the Open Software License version 3.0
Andrey Andreev3a459572011-12-21 11:23:11 +020010 *
Derek Jonesf4a4bd82011-10-20 12:18:42 -050011 * This source file is subject to the Open Software License (OSL 3.0) that is
12 * bundled with this package in the files license.txt / license.rst. It is
13 * also available through the world wide web at this URL:
14 * http://opensource.org/licenses/OSL-3.0
15 * If you did not receive a copy of the license and are unable to obtain it
16 * through the world wide web, please send an email to
17 * licensing@ellislab.com so we can send you a copy immediately.
18 *
Derek Allard2067d1a2008-11-13 22:59:24 +000019 * @package CodeIgniter
Derek Jonesf4a4bd82011-10-20 12:18:42 -050020 * @author EllisLab Dev Team
darwinel871754a2014-02-11 17:34:57 +010021 * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/)
Derek Jonesf4a4bd82011-10-20 12:18:42 -050022 * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0)
Derek Allard2067d1a2008-11-13 22:59:24 +000023 * @link http://codeigniter.com
24 * @since Version 1.0
25 * @filesource
26 */
Andrey Andreevc5536aa2012-11-01 17:33:58 +020027defined('BASEPATH') OR exit('No direct script access allowed');
Derek Allard2067d1a2008-11-13 22:59:24 +000028
Derek Allard2067d1a2008-11-13 22:59:24 +000029/**
30 * File Uploading Class
31 *
32 * @package CodeIgniter
33 * @subpackage Libraries
34 * @category Uploads
Derek Jonesf4a4bd82011-10-20 12:18:42 -050035 * @author EllisLab Dev Team
Derek Allard2067d1a2008-11-13 22:59:24 +000036 * @link http://codeigniter.com/user_guide/libraries/file_uploading.html
37 */
38class CI_Upload {
Barry Mienydd671972010-10-04 16:33:58 +020039
Andrey Andreevf5ccd122012-11-02 00:17:39 +020040 /**
41 * Maximum file size
42 *
43 * @var int
44 */
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +020045 public $max_size = 0;
Andrey Andreevf5ccd122012-11-02 00:17:39 +020046
47 /**
48 * Maximum image width
49 *
50 * @var int
51 */
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +020052 public $max_width = 0;
Andrey Andreevf5ccd122012-11-02 00:17:39 +020053
54 /**
55 * Maximum image height
56 *
57 * @var int
58 */
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +020059 public $max_height = 0;
Andrey Andreevf5ccd122012-11-02 00:17:39 +020060
61 /**
Andrey Andreev05aa2d62012-12-03 16:06:55 +020062 * Minimum image width
63 *
64 * @var int
65 */
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +020066 public $min_width = 0;
Andrey Andreev05aa2d62012-12-03 16:06:55 +020067
68 /**
69 * Minimum image height
70 *
71 * @var int
72 */
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +020073 public $min_height = 0;
Andrey Andreev05aa2d62012-12-03 16:06:55 +020074
75 /**
Andrey Andreevf5ccd122012-11-02 00:17:39 +020076 * Maximum filename length
77 *
78 * @var int
79 */
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +020080 public $max_filename = 0;
Andrey Andreevf5ccd122012-11-02 00:17:39 +020081
82 /**
83 * Maximum duplicate filename increment ID
84 *
85 * @var int
86 */
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +020087 public $max_filename_increment = 100;
Andrey Andreevf5ccd122012-11-02 00:17:39 +020088
89 /**
90 * Allowed file types
91 *
92 * @var string
93 */
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +020094 public $allowed_types = '';
Andrey Andreevf5ccd122012-11-02 00:17:39 +020095
96 /**
97 * Temporary filename
98 *
99 * @var string
100 */
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200101 public $file_temp = '';
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200102
103 /**
104 * Filename
105 *
106 * @var string
107 */
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200108 public $file_name = '';
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200109
110 /**
111 * Original filename
112 *
113 * @var string
114 */
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200115 public $orig_name = '';
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200116
117 /**
118 * File type
119 *
120 * @var string
121 */
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200122 public $file_type = '';
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200123
124 /**
125 * File size
126 *
127 * @var int
128 */
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200129 public $file_size = NULL;
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200130
131 /**
132 * Filename extension
133 *
134 * @var string
135 */
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200136 public $file_ext = '';
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200137
138 /**
Adrianf496d132013-06-24 15:56:45 +0200139 * Force filename extension to lowercase
140 *
141 * @var string
142 */
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200143 public $file_ext_tolower = FALSE;
Adrianf496d132013-06-24 15:56:45 +0200144
145 /**
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200146 * Upload path
147 *
148 * @var string
149 */
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200150 public $upload_path = '';
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200151
152 /**
153 * Overwrite flag
154 *
155 * @var bool
156 */
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200157 public $overwrite = FALSE;
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200158
159 /**
160 * Obfuscate filename flag
161 *
162 * @var bool
163 */
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200164 public $encrypt_name = FALSE;
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200165
166 /**
167 * Is image flag
168 *
169 * @var bool
170 */
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200171 public $is_image = FALSE;
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200172
173 /**
174 * Image width
175 *
176 * @var int
177 */
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200178 public $image_width = NULL;
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200179
180 /**
181 * Image height
182 *
183 * @var int
184 */
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200185 public $image_height = NULL;
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200186
187 /**
188 * Image type
189 *
190 * @var string
191 */
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200192 public $image_type = '';
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200193
194 /**
195 * Image size string
196 *
197 * @var string
198 */
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200199 public $image_size_str = '';
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200200
201 /**
202 * Error messages list
203 *
204 * @var array
205 */
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200206 public $error_msg = array();
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200207
208 /**
209 * Remove spaces flag
210 *
211 * @var bool
212 */
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200213 public $remove_spaces = TRUE;
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200214
215 /**
216 * MIME detection flag
217 *
218 * @var bool
219 */
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200220 public $detect_mime = TRUE;
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200221
222 /**
223 * XSS filter flag
224 *
225 * @var bool
226 */
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200227 public $xss_clean = FALSE;
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200228
229 /**
Andrey Andreev32c72122013-10-21 15:35:05 +0300230 * Apache mod_mime fix flag
231 *
232 * @var bool
233 */
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200234 public $mod_mime_fix = TRUE;
Andrey Andreev32c72122013-10-21 15:35:05 +0300235
236 /**
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200237 * Temporary filename prefix
238 *
239 * @var string
240 */
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200241 public $temp_prefix = 'temp_file_';
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200242
243 /**
244 * Filename sent by the client
245 *
246 * @var bool
247 */
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200248 public $client_name = '';
Barry Mienydd671972010-10-04 16:33:58 +0200249
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200250 // --------------------------------------------------------------------
251
252 /**
253 * Filename override
254 *
255 * @var string
256 */
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200257 protected $_file_name_override = '';
258
259 /**
260 * MIME types list
261 *
262 * @var array
263 */
264 protected $_mimes = array();
Barry Mienydd671972010-10-04 16:33:58 +0200265
Andrey Andreev119d8a72014-01-08 15:27:53 +0200266 /**
267 * CI Singleton
268 *
269 * @var object
270 */
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200271 protected $_CI;
Andrey Andreev119d8a72014-01-08 15:27:53 +0200272
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200273 // --------------------------------------------------------------------
274
Derek Allard2067d1a2008-11-13 22:59:24 +0000275 /**
276 * Constructor
277 *
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200278 * @param array $props
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300279 * @return void
Derek Allard2067d1a2008-11-13 22:59:24 +0000280 */
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200281 public function __construct($config = array())
Derek Allard2067d1a2008-11-13 22:59:24 +0000282 {
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200283 empty($config) OR $this->initialize($config, FALSE);
Barry Mienydd671972010-10-04 16:33:58 +0200284
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200285 $this->_mimes =& get_mimes();
286 $this->_CI =& get_instance();
Andrey Andreev6ef498b2012-06-05 22:01:58 +0300287
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300288 log_message('debug', 'Upload Class Initialized');
Derek Allard2067d1a2008-11-13 22:59:24 +0000289 }
Barry Mienydd671972010-10-04 16:33:58 +0200290
Derek Allard2067d1a2008-11-13 22:59:24 +0000291 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200292
Derek Allard2067d1a2008-11-13 22:59:24 +0000293 /**
294 * Initialize preferences
295 *
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200296 * @param array $config
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200297 * @param bool $reset
298 * @return CI_Upload
Barry Mienydd671972010-10-04 16:33:58 +0200299 */
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200300 public function initialize(array $config = array(), $reset = TRUE)
Derek Allard2067d1a2008-11-13 22:59:24 +0000301 {
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200302 $reflection = new ReflectionClass($this);
Barry Mienydd671972010-10-04 16:33:58 +0200303
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200304 if ($reset === TRUE)
Derek Allard2067d1a2008-11-13 22:59:24 +0000305 {
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200306 $defaults = $reflection->getDefaultProperties();
307 foreach (array_keys($defaults) as $key)
Derek Allard2067d1a2008-11-13 22:59:24 +0000308 {
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200309 if ($key[0] === '_')
Derek Allard2067d1a2008-11-13 22:59:24 +0000310 {
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200311 continue;
312 }
313
314 if (isset($config[$key]))
315 {
316 if ($reflection->hasMethod('set_'.$key))
317 {
318 $this->{'set_'.$key}($config[$key]);
319 }
320 else
321 {
322 $this->$key = $config[$key];
323 }
Derek Allard2067d1a2008-11-13 22:59:24 +0000324 }
325 else
326 {
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200327 $this->$key = $defaults[$key];
Barry Mienydd671972010-10-04 16:33:58 +0200328 }
Derek Allard2067d1a2008-11-13 22:59:24 +0000329 }
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200330
331 return $this;
332 }
333
334 foreach ($config as $key => &$value)
335 {
336 if ($key[0] !== '_' && $reflection->hasProperty($key))
Derek Allard2067d1a2008-11-13 22:59:24 +0000337 {
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200338 if ($reflection->hasMethod('set_'.$key))
339 {
340 $this->{'set_'.$key}($value);
341 }
342 else
343 {
344 $this->$key = $value;
345 }
Derek Allard2067d1a2008-11-13 22:59:24 +0000346 }
347 }
Barry Mienydd671972010-10-04 16:33:58 +0200348
Derek Jonese9d723f2010-07-12 10:10:59 -0500349 // if a file_name was provided in the config, use it instead of the user input
350 // supplied file name for all uploads until initialized again
351 $this->_file_name_override = $this->file_name;
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200352 return $this;
Derek Allard2067d1a2008-11-13 22:59:24 +0000353 }
Barry Mienydd671972010-10-04 16:33:58 +0200354
Derek Allard2067d1a2008-11-13 22:59:24 +0000355 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200356
Derek Allard2067d1a2008-11-13 22:59:24 +0000357 /**
358 * Perform the file upload
359 *
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200360 * @param string $field
Derek Allard2067d1a2008-11-13 22:59:24 +0000361 * @return bool
Barry Mienydd671972010-10-04 16:33:58 +0200362 */
Greg Aker58fdee82010-11-10 15:07:09 -0600363 public function do_upload($field = 'userfile')
Derek Allard2067d1a2008-11-13 22:59:24 +0000364 {
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300365 // Is $_FILES[$field] set? If not, no reason to continue.
Derek Allard2067d1a2008-11-13 22:59:24 +0000366 if ( ! isset($_FILES[$field]))
367 {
368 $this->set_error('upload_no_file_selected');
369 return FALSE;
370 }
Barry Mienydd671972010-10-04 16:33:58 +0200371
Derek Allard2067d1a2008-11-13 22:59:24 +0000372 // Is the upload path valid?
373 if ( ! $this->validate_upload_path())
374 {
375 // errors will already be set by validate_upload_path() so just return FALSE
376 return FALSE;
377 }
378
379 // Was the file able to be uploaded? If not, determine the reason why.
380 if ( ! is_uploaded_file($_FILES[$field]['tmp_name']))
381 {
382 $error = ( ! isset($_FILES[$field]['error'])) ? 4 : $_FILES[$field]['error'];
383
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300384 switch ($error)
Derek Allard2067d1a2008-11-13 22:59:24 +0000385 {
Darren Benneye123a602013-03-30 18:17:54 +0000386 case UPLOAD_ERR_INI_SIZE:
Derek Allard2067d1a2008-11-13 22:59:24 +0000387 $this->set_error('upload_file_exceeds_limit');
388 break;
Darren Benneye123a602013-03-30 18:17:54 +0000389 case UPLOAD_ERR_FORM_SIZE:
Derek Allard2067d1a2008-11-13 22:59:24 +0000390 $this->set_error('upload_file_exceeds_form_limit');
391 break;
Darren Benneye123a602013-03-30 18:17:54 +0000392 case UPLOAD_ERR_PARTIAL:
Barry Mienydd671972010-10-04 16:33:58 +0200393 $this->set_error('upload_file_partial');
Derek Allard2067d1a2008-11-13 22:59:24 +0000394 break;
Darren Benneye123a602013-03-30 18:17:54 +0000395 case UPLOAD_ERR_NO_FILE:
Barry Mienydd671972010-10-04 16:33:58 +0200396 $this->set_error('upload_no_file_selected');
Derek Allard2067d1a2008-11-13 22:59:24 +0000397 break;
Darren Benneye123a602013-03-30 18:17:54 +0000398 case UPLOAD_ERR_NO_TMP_DIR:
Derek Allard2067d1a2008-11-13 22:59:24 +0000399 $this->set_error('upload_no_temp_directory');
400 break;
Darren Benneye123a602013-03-30 18:17:54 +0000401 case UPLOAD_ERR_CANT_WRITE:
Derek Allard2067d1a2008-11-13 22:59:24 +0000402 $this->set_error('upload_unable_to_write_file');
403 break;
Darren Benneye123a602013-03-30 18:17:54 +0000404 case UPLOAD_ERR_EXTENSION:
Derek Allard2067d1a2008-11-13 22:59:24 +0000405 $this->set_error('upload_stopped_by_extension');
406 break;
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300407 default:
408 $this->set_error('upload_no_file_selected');
Derek Allard2067d1a2008-11-13 22:59:24 +0000409 break;
410 }
411
412 return FALSE;
413 }
414
415 // Set the uploaded data as class variables
Barry Mienydd671972010-10-04 16:33:58 +0200416 $this->file_temp = $_FILES[$field]['tmp_name'];
417 $this->file_size = $_FILES[$field]['size'];
Andrey Andreevd60e7002012-06-17 00:03:03 +0300418
419 // Skip MIME type detection?
420 if ($this->detect_mime !== FALSE)
421 {
422 $this->_file_mime_type($_FILES[$field]);
423 }
424
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300425 $this->file_type = preg_replace('/^(.+?);.*$/', '\\1', $this->file_type);
Derek Jones616fb022010-04-22 16:52:18 -0500426 $this->file_type = strtolower(trim(stripslashes($this->file_type), '"'));
Derek Jonese9d723f2010-07-12 10:10:59 -0500427 $this->file_name = $this->_prep_filename($_FILES[$field]['name']);
428 $this->file_ext = $this->get_extension($this->file_name);
429 $this->client_name = $this->file_name;
Barry Mienydd671972010-10-04 16:33:58 +0200430
Derek Allard2067d1a2008-11-13 22:59:24 +0000431 // Is the file type allowed to be uploaded?
432 if ( ! $this->is_allowed_filetype())
433 {
434 $this->set_error('upload_invalid_filetype');
435 return FALSE;
436 }
437
Derek Jonese9d723f2010-07-12 10:10:59 -0500438 // if we're overriding, let's now make sure the new name and type is allowed
Alex Bilbied261b1e2012-06-02 11:12:16 +0100439 if ($this->_file_name_override !== '')
Derek Jonese9d723f2010-07-12 10:10:59 -0500440 {
441 $this->file_name = $this->_prep_filename($this->_file_name_override);
Phil Sturgeon1e74da22010-12-15 10:45:06 +0000442
443 // If no extension was provided in the file_name config item, use the uploaded one
Pascal Kriete14287f32011-02-14 13:39:34 -0500444 if (strpos($this->_file_name_override, '.') === FALSE)
Phil Sturgeon1e74da22010-12-15 10:45:06 +0000445 {
446 $this->file_name .= $this->file_ext;
447 }
Phil Sturgeon1e74da22010-12-15 10:45:06 +0000448 else
449 {
vlakoff35672462013-02-15 01:36:04 +0100450 // An extension was provided, let's have it!
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300451 $this->file_ext = $this->get_extension($this->_file_name_override);
Phil Sturgeon1e74da22010-12-15 10:45:06 +0000452 }
Derek Jonese9d723f2010-07-12 10:10:59 -0500453
454 if ( ! $this->is_allowed_filetype(TRUE))
455 {
456 $this->set_error('upload_invalid_filetype');
Barry Mienydd671972010-10-04 16:33:58 +0200457 return FALSE;
Derek Jonese9d723f2010-07-12 10:10:59 -0500458 }
459 }
Barry Mienydd671972010-10-04 16:33:58 +0200460
Derek Jonese9d723f2010-07-12 10:10:59 -0500461 // Convert the file size to kilobytes
462 if ($this->file_size > 0)
463 {
464 $this->file_size = round($this->file_size/1024, 2);
465 }
466
Derek Allard2067d1a2008-11-13 22:59:24 +0000467 // Is the file size within the allowed maximum?
468 if ( ! $this->is_allowed_filesize())
469 {
470 $this->set_error('upload_invalid_filesize');
471 return FALSE;
472 }
473
474 // Are the image dimensions within the allowed size?
vlakoffc941d852013-08-06 14:44:40 +0200475 // Note: This can fail if the server has an open_basedir restriction.
Derek Allard2067d1a2008-11-13 22:59:24 +0000476 if ( ! $this->is_allowed_dimensions())
477 {
478 $this->set_error('upload_invalid_dimensions');
479 return FALSE;
480 }
481
482 // Sanitize the file name for security
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200483 $this->file_name = $this->_CI->security->sanitize_filename($this->file_name);
Barry Mienydd671972010-10-04 16:33:58 +0200484
Derek Allard2067d1a2008-11-13 22:59:24 +0000485 // Truncate the file name if it's too long
486 if ($this->max_filename > 0)
487 {
488 $this->file_name = $this->limit_filename_length($this->file_name, $this->max_filename);
489 }
490
491 // Remove white spaces in the name
Alex Bilbied261b1e2012-06-02 11:12:16 +0100492 if ($this->remove_spaces === TRUE)
Derek Allard2067d1a2008-11-13 22:59:24 +0000493 {
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300494 $this->file_name = preg_replace('/\s+/', '_', $this->file_name);
Derek Allard2067d1a2008-11-13 22:59:24 +0000495 }
496
497 /*
498 * Validate the file name
499 * This function appends an number onto the end of
500 * the file if one with the same name already exists.
501 * If it returns false there was a problem.
502 */
503 $this->orig_name = $this->file_name;
504
Alex Bilbied261b1e2012-06-02 11:12:16 +0100505 if ($this->overwrite === FALSE)
Derek Allard2067d1a2008-11-13 22:59:24 +0000506 {
507 $this->file_name = $this->set_filename($this->upload_path, $this->file_name);
Barry Mienydd671972010-10-04 16:33:58 +0200508
Derek Allard2067d1a2008-11-13 22:59:24 +0000509 if ($this->file_name === FALSE)
510 {
511 return FALSE;
512 }
513 }
514
515 /*
Derek Jonese9d723f2010-07-12 10:10:59 -0500516 * Run the file through the XSS hacking filter
517 * This helps prevent malicious code from being
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300518 * embedded within a file. Scripts can easily
Derek Jonese9d723f2010-07-12 10:10:59 -0500519 * be disguised as images or other file types.
520 */
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300521 if ($this->xss_clean && $this->do_xss_clean() === FALSE)
Derek Jonese9d723f2010-07-12 10:10:59 -0500522 {
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300523 $this->set_error('upload_unable_to_write_file');
524 return FALSE;
Derek Jonese9d723f2010-07-12 10:10:59 -0500525 }
526
527 /*
Derek Allard2067d1a2008-11-13 22:59:24 +0000528 * Move the file to the final destination
529 * To deal with different server configurations
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300530 * we'll attempt to use copy() first. If that fails
531 * we'll use move_uploaded_file(). One of the two should
Derek Allard2067d1a2008-11-13 22:59:24 +0000532 * reliably work in most environments
533 */
534 if ( ! @copy($this->file_temp, $this->upload_path.$this->file_name))
535 {
536 if ( ! @move_uploaded_file($this->file_temp, $this->upload_path.$this->file_name))
537 {
Barry Mienydd671972010-10-04 16:33:58 +0200538 $this->set_error('upload_destination_error');
539 return FALSE;
Derek Allard2067d1a2008-11-13 22:59:24 +0000540 }
541 }
Derek Allard2067d1a2008-11-13 22:59:24 +0000542
543 /*
544 * Set the finalized image dimensions
545 * This sets the image width/height (assuming the
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300546 * file was an image). We use this information
Derek Allard2067d1a2008-11-13 22:59:24 +0000547 * in the "data" function.
548 */
549 $this->set_image_properties($this->upload_path.$this->file_name);
550
551 return TRUE;
552 }
Barry Mienydd671972010-10-04 16:33:58 +0200553
Derek Allard2067d1a2008-11-13 22:59:24 +0000554 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200555
Derek Allard2067d1a2008-11-13 22:59:24 +0000556 /**
557 * Finalized Data Array
Barry Mienydd671972010-10-04 16:33:58 +0200558 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000559 * Returns an associative array containing all of the information
560 * related to the upload, allowing the developer easy access in one array.
561 *
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200562 * @param string $index
Michiel Vugteveen0ee287e2012-06-11 10:38:14 +0200563 * @return mixed
Barry Mienydd671972010-10-04 16:33:58 +0200564 */
Michiel Vugteveendca9f232012-06-11 09:17:14 +0200565 public function data($index = NULL)
Derek Allard2067d1a2008-11-13 22:59:24 +0000566 {
Michiel Vugteveendca9f232012-06-11 09:17:14 +0200567 $data = array(
Michiel Vugteveen3a7fb042012-06-11 09:29:16 +0200568 'file_name' => $this->file_name,
569 'file_type' => $this->file_type,
570 'file_path' => $this->upload_path,
571 'full_path' => $this->upload_path.$this->file_name,
572 'raw_name' => str_replace($this->file_ext, '', $this->file_name),
573 'orig_name' => $this->orig_name,
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300574 'client_name' => $this->client_name,
Michiel Vugteveen3a7fb042012-06-11 09:29:16 +0200575 'file_ext' => $this->file_ext,
576 'file_size' => $this->file_size,
577 'is_image' => $this->is_image(),
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300578 'image_width' => $this->image_width,
579 'image_height' => $this->image_height,
580 'image_type' => $this->image_type,
581 'image_size_str' => $this->image_size_str,
582 );
Michiel Vugteveendca9f232012-06-11 09:17:14 +0200583
Michiel Vugteveen46a04292012-06-11 10:37:52 +0200584 if ( ! empty($index))
Michiel Vugteveendca9f232012-06-11 09:17:14 +0200585 {
Michiel Vugteveen46a04292012-06-11 10:37:52 +0200586 return isset($data[$index]) ? $data[$index] : NULL;
Michiel Vugteveendca9f232012-06-11 09:17:14 +0200587 }
588
Michiel Vugteveen46a04292012-06-11 10:37:52 +0200589 return $data;
Derek Allard2067d1a2008-11-13 22:59:24 +0000590 }
Barry Mienydd671972010-10-04 16:33:58 +0200591
Derek Allard2067d1a2008-11-13 22:59:24 +0000592 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200593
Derek Allard2067d1a2008-11-13 22:59:24 +0000594 /**
595 * Set Upload Path
596 *
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200597 * @param string $path
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200598 * @return CI_Upload
Barry Mienydd671972010-10-04 16:33:58 +0200599 */
Greg Aker58fdee82010-11-10 15:07:09 -0600600 public function set_upload_path($path)
Derek Allard2067d1a2008-11-13 22:59:24 +0000601 {
602 // Make sure it has a trailing slash
603 $this->upload_path = rtrim($path, '/').'/';
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200604 return $this;
Derek Allard2067d1a2008-11-13 22:59:24 +0000605 }
Barry Mienydd671972010-10-04 16:33:58 +0200606
Derek Allard2067d1a2008-11-13 22:59:24 +0000607 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200608
Derek Allard2067d1a2008-11-13 22:59:24 +0000609 /**
610 * Set the file name
611 *
612 * This function takes a filename/path as input and looks for the
613 * existence of a file with the same name. If found, it will append a
614 * number to the end of the filename to avoid overwriting a pre-existing file.
615 *
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200616 * @param string $path
617 * @param string $filename
Derek Allard2067d1a2008-11-13 22:59:24 +0000618 * @return string
Barry Mienydd671972010-10-04 16:33:58 +0200619 */
Greg Aker58fdee82010-11-10 15:07:09 -0600620 public function set_filename($path, $filename)
Derek Allard2067d1a2008-11-13 22:59:24 +0000621 {
Alex Bilbied261b1e2012-06-02 11:12:16 +0100622 if ($this->encrypt_name === TRUE)
Barry Mienydd671972010-10-04 16:33:58 +0200623 {
Barry Mienydd671972010-10-04 16:33:58 +0200624 $filename = md5(uniqid(mt_rand())).$this->file_ext;
Derek Allard2067d1a2008-11-13 22:59:24 +0000625 }
Barry Mienydd671972010-10-04 16:33:58 +0200626
Derek Allard2067d1a2008-11-13 22:59:24 +0000627 if ( ! file_exists($path.$filename))
628 {
629 return $filename;
630 }
Barry Mienydd671972010-10-04 16:33:58 +0200631
Derek Allard2067d1a2008-11-13 22:59:24 +0000632 $filename = str_replace($this->file_ext, '', $filename);
Barry Mienydd671972010-10-04 16:33:58 +0200633
Derek Allard2067d1a2008-11-13 22:59:24 +0000634 $new_filename = '';
Adam Jackettccbbea12011-08-21 16:19:11 -0400635 for ($i = 1; $i < $this->max_filename_increment; $i++)
Barry Mienydd671972010-10-04 16:33:58 +0200636 {
Derek Allard2067d1a2008-11-13 22:59:24 +0000637 if ( ! file_exists($path.$filename.$i.$this->file_ext))
638 {
639 $new_filename = $filename.$i.$this->file_ext;
640 break;
641 }
642 }
643
Alex Bilbied261b1e2012-06-02 11:12:16 +0100644 if ($new_filename === '')
Derek Allard2067d1a2008-11-13 22:59:24 +0000645 {
646 $this->set_error('upload_bad_filename');
647 return FALSE;
648 }
649 else
650 {
651 return $new_filename;
652 }
653 }
Barry Mienydd671972010-10-04 16:33:58 +0200654
Derek Allard2067d1a2008-11-13 22:59:24 +0000655 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200656
Derek Allard2067d1a2008-11-13 22:59:24 +0000657 /**
658 * Set Maximum File Size
659 *
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200660 * @param int $n
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200661 * @return CI_Upload
Barry Mienydd671972010-10-04 16:33:58 +0200662 */
Greg Aker58fdee82010-11-10 15:07:09 -0600663 public function set_max_filesize($n)
Derek Allard2067d1a2008-11-13 22:59:24 +0000664 {
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200665 $this->max_size = ($n < 0) ? 0 : (int) $n;
666 return $this;
Derek Allard2067d1a2008-11-13 22:59:24 +0000667 }
Barry Mienydd671972010-10-04 16:33:58 +0200668
Derek Allard2067d1a2008-11-13 22:59:24 +0000669 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200670
Derek Allard2067d1a2008-11-13 22:59:24 +0000671 /**
672 * Set Maximum File Name Length
673 *
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200674 * @param int $n
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200675 * @return CI_Upload
Barry Mienydd671972010-10-04 16:33:58 +0200676 */
Greg Aker58fdee82010-11-10 15:07:09 -0600677 public function set_max_filename($n)
Derek Allard2067d1a2008-11-13 22:59:24 +0000678 {
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200679 $this->max_filename = ($n < 0) ? 0 : (int) $n;
680 return $this;
Derek Allard2067d1a2008-11-13 22:59:24 +0000681 }
682
683 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200684
Derek Allard2067d1a2008-11-13 22:59:24 +0000685 /**
686 * Set Maximum Image Width
687 *
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200688 * @param int $n
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200689 * @return CI_Upload
Barry Mienydd671972010-10-04 16:33:58 +0200690 */
Greg Aker58fdee82010-11-10 15:07:09 -0600691 public function set_max_width($n)
Derek Allard2067d1a2008-11-13 22:59:24 +0000692 {
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200693 $this->max_width = ($n < 0) ? 0 : (int) $n;
694 return $this;
Derek Allard2067d1a2008-11-13 22:59:24 +0000695 }
Barry Mienydd671972010-10-04 16:33:58 +0200696
Derek Allard2067d1a2008-11-13 22:59:24 +0000697 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200698
Derek Allard2067d1a2008-11-13 22:59:24 +0000699 /**
700 * Set Maximum Image Height
701 *
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200702 * @param int $n
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200703 * @return CI_Upload
Barry Mienydd671972010-10-04 16:33:58 +0200704 */
Greg Aker58fdee82010-11-10 15:07:09 -0600705 public function set_max_height($n)
Derek Allard2067d1a2008-11-13 22:59:24 +0000706 {
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200707 $this->max_height = ($n < 0) ? 0 : (int) $n;
708 return $this;
Derek Allard2067d1a2008-11-13 22:59:24 +0000709 }
Barry Mienydd671972010-10-04 16:33:58 +0200710
Derek Allard2067d1a2008-11-13 22:59:24 +0000711 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200712
Derek Allard2067d1a2008-11-13 22:59:24 +0000713 /**
Andrey Andreev05aa2d62012-12-03 16:06:55 +0200714 * Set minimum image width
715 *
716 * @param int $n
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200717 * @return CI_Upload
Andrey Andreev05aa2d62012-12-03 16:06:55 +0200718 */
719 public function set_min_width($n)
720 {
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200721 $this->min_width = ($n < 0) ? 0 : (int) $n;
722 return $this;
Andrey Andreev05aa2d62012-12-03 16:06:55 +0200723 }
724
725 // --------------------------------------------------------------------
726
727 /**
728 * Set minimum image height
729 *
730 * @param int $n
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200731 * @return CI_Upload
Andrey Andreev05aa2d62012-12-03 16:06:55 +0200732 */
733 public function set_min_height($n)
734 {
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200735 $this->min_height = ($n < 0) ? 0 : (int) $n;
736 return $this;
Andrey Andreev05aa2d62012-12-03 16:06:55 +0200737 }
738
739 // --------------------------------------------------------------------
740
741 /**
Derek Allard2067d1a2008-11-13 22:59:24 +0000742 * Set Allowed File Types
743 *
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200744 * @param string $types
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200745 * @return CI_Upload
Barry Mienydd671972010-10-04 16:33:58 +0200746 */
Greg Aker58fdee82010-11-10 15:07:09 -0600747 public function set_allowed_types($types)
Derek Allard2067d1a2008-11-13 22:59:24 +0000748 {
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200749 $this->allowed_types = (is_array($types) OR $types === '*')
750 ? $types
751 : explode('|', $types);
752 return $this;
Derek Allard2067d1a2008-11-13 22:59:24 +0000753 }
Barry Mienydd671972010-10-04 16:33:58 +0200754
Derek Allard2067d1a2008-11-13 22:59:24 +0000755 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200756
Derek Allard2067d1a2008-11-13 22:59:24 +0000757 /**
758 * Set Image Properties
759 *
760 * Uses GD to determine the width/height/type of image
761 *
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200762 * @param string $path
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200763 * @return CI_Upload
Barry Mienydd671972010-10-04 16:33:58 +0200764 */
Greg Aker58fdee82010-11-10 15:07:09 -0600765 public function set_image_properties($path = '')
Derek Allard2067d1a2008-11-13 22:59:24 +0000766 {
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200767 if ($this->is_image() && function_exists('getimagesize'))
Derek Allard2067d1a2008-11-13 22:59:24 +0000768 {
769 if (FALSE !== ($D = @getimagesize($path)))
Barry Mienydd671972010-10-04 16:33:58 +0200770 {
Derek Allard2067d1a2008-11-13 22:59:24 +0000771 $types = array(1 => 'gif', 2 => 'jpeg', 3 => 'png');
772
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300773 $this->image_width = $D[0];
774 $this->image_height = $D[1];
775 $this->image_type = isset($types[$D[2]]) ? $types[$D[2]] : 'unknown';
776 $this->image_size_str = $D[3]; // string containing height and width
Derek Allard2067d1a2008-11-13 22:59:24 +0000777 }
778 }
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200779
780 return $this;
Derek Allard2067d1a2008-11-13 22:59:24 +0000781 }
Barry Mienydd671972010-10-04 16:33:58 +0200782
Derek Allard2067d1a2008-11-13 22:59:24 +0000783 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200784
Derek Allard2067d1a2008-11-13 22:59:24 +0000785 /**
786 * Set XSS Clean
787 *
788 * Enables the XSS flag so that the file that was uploaded
789 * will be run through the XSS filter.
790 *
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200791 * @param bool $flag
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200792 * @return CI_Upload
Derek Allard2067d1a2008-11-13 22:59:24 +0000793 */
Greg Aker58fdee82010-11-10 15:07:09 -0600794 public function set_xss_clean($flag = FALSE)
Derek Allard2067d1a2008-11-13 22:59:24 +0000795 {
Alex Bilbied261b1e2012-06-02 11:12:16 +0100796 $this->xss_clean = ($flag === TRUE);
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200797 return $this;
Derek Allard2067d1a2008-11-13 22:59:24 +0000798 }
Barry Mienydd671972010-10-04 16:33:58 +0200799
Derek Allard2067d1a2008-11-13 22:59:24 +0000800 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200801
Derek Allard2067d1a2008-11-13 22:59:24 +0000802 /**
803 * Validate the image
804 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000805 * @return bool
Barry Mienydd671972010-10-04 16:33:58 +0200806 */
Greg Aker58fdee82010-11-10 15:07:09 -0600807 public function is_image()
Derek Allard2067d1a2008-11-13 22:59:24 +0000808 {
809 // IE will sometimes return odd mime-types during upload, so here we just standardize all
810 // jpegs or pngs to the same file type.
811
Derek Jones4b9c6292011-07-01 17:40:48 -0500812 $png_mimes = array('image/x-png');
Derek Allard2067d1a2008-11-13 22:59:24 +0000813 $jpeg_mimes = array('image/jpg', 'image/jpe', 'image/jpeg', 'image/pjpeg');
Barry Mienydd671972010-10-04 16:33:58 +0200814
Derek Allard2067d1a2008-11-13 22:59:24 +0000815 if (in_array($this->file_type, $png_mimes))
816 {
817 $this->file_type = 'image/png';
818 }
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300819 elseif (in_array($this->file_type, $jpeg_mimes))
Derek Allard2067d1a2008-11-13 22:59:24 +0000820 {
821 $this->file_type = 'image/jpeg';
822 }
823
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300824 $img_mimes = array('image/gif', 'image/jpeg', 'image/png');
Derek Allard2067d1a2008-11-13 22:59:24 +0000825
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300826 return in_array($this->file_type, $img_mimes, TRUE);
Derek Allard2067d1a2008-11-13 22:59:24 +0000827 }
Barry Mienydd671972010-10-04 16:33:58 +0200828
Derek Allard2067d1a2008-11-13 22:59:24 +0000829 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200830
Derek Allard2067d1a2008-11-13 22:59:24 +0000831 /**
832 * Verify that the filetype is allowed
833 *
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200834 * @param bool $ignore_mime
Derek Allard2067d1a2008-11-13 22:59:24 +0000835 * @return bool
Barry Mienydd671972010-10-04 16:33:58 +0200836 */
Greg Aker58fdee82010-11-10 15:07:09 -0600837 public function is_allowed_filetype($ignore_mime = FALSE)
Derek Allard2067d1a2008-11-13 22:59:24 +0000838 {
Andrey Andreev6ca407e2012-03-01 15:33:21 +0200839 if ($this->allowed_types === '*')
Derek Jonese12f64e2010-03-02 22:55:08 -0600840 {
841 return TRUE;
842 }
Barry Mienydd671972010-10-04 16:33:58 +0200843
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200844 if (empty($this->allowed_types) OR ! is_array($this->allowed_types))
Derek Allard2067d1a2008-11-13 22:59:24 +0000845 {
846 $this->set_error('upload_no_file_types');
847 return FALSE;
848 }
Barry Mienydd671972010-10-04 16:33:58 +0200849
Derek Jonese9d723f2010-07-12 10:10:59 -0500850 $ext = strtolower(ltrim($this->file_ext, '.'));
Barry Mienydd671972010-10-04 16:33:58 +0200851
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200852 if ( ! in_array($ext, $this->allowed_types, TRUE))
Derek Allard2067d1a2008-11-13 22:59:24 +0000853 {
Derek Jonese9d723f2010-07-12 10:10:59 -0500854 return FALSE;
855 }
Derek Jonesafa282f2009-02-10 17:11:52 +0000856
Barry Mienydd671972010-10-04 16:33:58 +0200857 // Images get some additional checks
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200858 if (in_array($ext, array('gif', 'jpg', 'jpeg', 'jpe', 'png'), TRUE) && @getimagesize($this->file_temp) === FALSE)
Derek Jonese9d723f2010-07-12 10:10:59 -0500859 {
Andrey Andreev6ca407e2012-03-01 15:33:21 +0200860 return FALSE;
Derek Jonese9d723f2010-07-12 10:10:59 -0500861 }
Barry Mienydd671972010-10-04 16:33:58 +0200862
Derek Jonese9d723f2010-07-12 10:10:59 -0500863 if ($ignore_mime === TRUE)
864 {
865 return TRUE;
866 }
Barry Mienydd671972010-10-04 16:33:58 +0200867
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200868 if (isset($this->_mimes[$ext]))
Derek Jonese9d723f2010-07-12 10:10:59 -0500869 {
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +0200870 return is_array($this->_mimes[$ext])
871 ? in_array($this->file_type, $this->_mimes[$ext], TRUE)
872 : ($this->_mimes[$ext] === $this->file_type);
Derek Allard2067d1a2008-11-13 22:59:24 +0000873 }
Barry Mienydd671972010-10-04 16:33:58 +0200874
Derek Allard2067d1a2008-11-13 22:59:24 +0000875 return FALSE;
876 }
Barry Mienydd671972010-10-04 16:33:58 +0200877
Derek Allard2067d1a2008-11-13 22:59:24 +0000878 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200879
Derek Allard2067d1a2008-11-13 22:59:24 +0000880 /**
881 * Verify that the file is within the allowed size
882 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000883 * @return bool
Barry Mienydd671972010-10-04 16:33:58 +0200884 */
Greg Aker58fdee82010-11-10 15:07:09 -0600885 public function is_allowed_filesize()
Derek Allard2067d1a2008-11-13 22:59:24 +0000886 {
Alex Bilbied261b1e2012-06-02 11:12:16 +0100887 return ($this->max_size === 0 OR $this->max_size > $this->file_size);
Derek Allard2067d1a2008-11-13 22:59:24 +0000888 }
Barry Mienydd671972010-10-04 16:33:58 +0200889
Derek Allard2067d1a2008-11-13 22:59:24 +0000890 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200891
Derek Allard2067d1a2008-11-13 22:59:24 +0000892 /**
893 * Verify that the image is within the allowed width/height
894 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000895 * @return bool
Barry Mienydd671972010-10-04 16:33:58 +0200896 */
Greg Aker58fdee82010-11-10 15:07:09 -0600897 public function is_allowed_dimensions()
Derek Allard2067d1a2008-11-13 22:59:24 +0000898 {
899 if ( ! $this->is_image())
900 {
901 return TRUE;
902 }
903
904 if (function_exists('getimagesize'))
905 {
906 $D = @getimagesize($this->file_temp);
907
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300908 if ($this->max_width > 0 && $D[0] > $this->max_width)
Derek Allard2067d1a2008-11-13 22:59:24 +0000909 {
910 return FALSE;
911 }
912
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300913 if ($this->max_height > 0 && $D[1] > $this->max_height)
Derek Allard2067d1a2008-11-13 22:59:24 +0000914 {
915 return FALSE;
916 }
Andrey Andreev05aa2d62012-12-03 16:06:55 +0200917
918 if ($this->min_width > 0 && $D[0] < $this->min_width)
919 {
920 return FALSE;
921 }
922
923 if ($this->min_height > 0 && $D[1] < $this->min_height)
924 {
925 return FALSE;
926 }
Derek Allard2067d1a2008-11-13 22:59:24 +0000927 }
928
929 return TRUE;
930 }
Barry Mienydd671972010-10-04 16:33:58 +0200931
Derek Allard2067d1a2008-11-13 22:59:24 +0000932 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200933
Derek Allard2067d1a2008-11-13 22:59:24 +0000934 /**
935 * Validate Upload Path
936 *
937 * Verifies that it is a valid upload path with proper permissions.
938 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000939 * @return bool
Barry Mienydd671972010-10-04 16:33:58 +0200940 */
Greg Aker58fdee82010-11-10 15:07:09 -0600941 public function validate_upload_path()
Derek Allard2067d1a2008-11-13 22:59:24 +0000942 {
Alex Bilbied261b1e2012-06-02 11:12:16 +0100943 if ($this->upload_path === '')
Derek Allard2067d1a2008-11-13 22:59:24 +0000944 {
945 $this->set_error('upload_no_filepath');
946 return FALSE;
947 }
Barry Mienydd671972010-10-04 16:33:58 +0200948
Andrey Andreevc839d282012-06-07 14:35:27 +0300949 if (@realpath($this->upload_path) !== FALSE)
Derek Allard2067d1a2008-11-13 22:59:24 +0000950 {
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300951 $this->upload_path = str_replace('\\', '/', realpath($this->upload_path));
Derek Allard2067d1a2008-11-13 22:59:24 +0000952 }
953
954 if ( ! @is_dir($this->upload_path))
955 {
956 $this->set_error('upload_no_filepath');
957 return FALSE;
958 }
959
960 if ( ! is_really_writable($this->upload_path))
961 {
962 $this->set_error('upload_not_writable');
963 return FALSE;
964 }
965
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300966 $this->upload_path = preg_replace('/(.+?)\/*$/', '\\1/', $this->upload_path);
Derek Allard2067d1a2008-11-13 22:59:24 +0000967 return TRUE;
968 }
Barry Mienydd671972010-10-04 16:33:58 +0200969
Derek Allard2067d1a2008-11-13 22:59:24 +0000970 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200971
Derek Allard2067d1a2008-11-13 22:59:24 +0000972 /**
973 * Extract the file extension
974 *
Andrey Andreevf5ccd122012-11-02 00:17:39 +0200975 * @param string $filename
Derek Allard2067d1a2008-11-13 22:59:24 +0000976 * @return string
Barry Mienydd671972010-10-04 16:33:58 +0200977 */
Greg Aker58fdee82010-11-10 15:07:09 -0600978 public function get_extension($filename)
Derek Allard2067d1a2008-11-13 22:59:24 +0000979 {
980 $x = explode('.', $filename);
Adrianf496d132013-06-24 15:56:45 +0200981
Adrian74a228b2013-06-25 12:09:22 +0200982 if (count($x) === 1)
983 {
984 return '';
985 }
986
987 $ext = ($this->file_ext_tolower) ? strtolower(end($x)) : end($x);
988 return '.'.$ext;
Barry Mienydd671972010-10-04 16:33:58 +0200989 }
990
Derek Allard2067d1a2008-11-13 22:59:24 +0000991 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200992
Derek Allard2067d1a2008-11-13 22:59:24 +0000993 /**
Derek Allard2067d1a2008-11-13 22:59:24 +0000994 * Limit the File Name Length
995 *
Andrey Andreev5fd3ae82012-10-24 14:55:35 +0300996 * @param string $filename
997 * @param int $length
Derek Allard2067d1a2008-11-13 22:59:24 +0000998 * @return string
Barry Mienydd671972010-10-04 16:33:58 +0200999 */
Greg Aker58fdee82010-11-10 15:07:09 -06001000 public function limit_filename_length($filename, $length)
Derek Allard2067d1a2008-11-13 22:59:24 +00001001 {
1002 if (strlen($filename) < $length)
1003 {
1004 return $filename;
1005 }
Barry Mienydd671972010-10-04 16:33:58 +02001006
Derek Allard2067d1a2008-11-13 22:59:24 +00001007 $ext = '';
1008 if (strpos($filename, '.') !== FALSE)
1009 {
1010 $parts = explode('.', $filename);
1011 $ext = '.'.array_pop($parts);
1012 $filename = implode('.', $parts);
1013 }
Barry Mienydd671972010-10-04 16:33:58 +02001014
Derek Allard2067d1a2008-11-13 22:59:24 +00001015 return substr($filename, 0, ($length - strlen($ext))).$ext;
1016 }
1017
1018 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +02001019
Derek Allard2067d1a2008-11-13 22:59:24 +00001020 /**
1021 * Runs the file through the XSS clean function
1022 *
1023 * This prevents people from embedding malicious code in their files.
1024 * I'm not sure that it won't negatively affect certain files in unexpected ways,
1025 * but so far I haven't found that it causes trouble.
1026 *
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +02001027 * @return string
Barry Mienydd671972010-10-04 16:33:58 +02001028 */
Greg Aker58fdee82010-11-10 15:07:09 -06001029 public function do_xss_clean()
Barry Mienydd671972010-10-04 16:33:58 +02001030 {
Derek Jonese9d723f2010-07-12 10:10:59 -05001031 $file = $this->file_temp;
Barry Mienydd671972010-10-04 16:33:58 +02001032
Andrey Andreev5036c9c2012-06-04 15:34:56 +03001033 if (filesize($file) == 0)
Derek Allard2067d1a2008-11-13 22:59:24 +00001034 {
1035 return FALSE;
1036 }
Barry Mienydd671972010-10-04 16:33:58 +02001037
Andrey Andreevc839d282012-06-07 14:35:27 +03001038 if (memory_get_usage() && ($memory_limit = ini_get('memory_limit')))
Greg Akerf82e51c2010-04-14 19:33:50 -05001039 {
Andrey Andreevc839d282012-06-07 14:35:27 +03001040 $memory_limit *= 1024 * 1024;
Barry Mienydd671972010-10-04 16:33:58 +02001041
Greg Akerc78a2592010-06-09 11:45:32 -05001042 // There was a bug/behavioural change in PHP 5.2, where numbers over one million get output
Andrey Andreev8e6f7a92012-03-26 20:13:00 +03001043 // into scientific notation. number_format() ensures this number is an integer
Greg Akerc78a2592010-06-09 11:45:32 -05001044 // http://bugs.php.net/bug.php?id=43053
Barry Mienydd671972010-10-04 16:33:58 +02001045
Andrey Andreevc839d282012-06-07 14:35:27 +03001046 $memory_limit = number_format(ceil(filesize($file) + $memory_limit), 0, '.', '');
Barry Mienydd671972010-10-04 16:33:58 +02001047
Andrey Andreevc839d282012-06-07 14:35:27 +03001048 ini_set('memory_limit', $memory_limit); // When an integer is used, the value is measured in bytes. - PHP.net
Greg Akerf82e51c2010-04-14 19:33:50 -05001049 }
1050
1051 // If the file being uploaded is an image, then we should have no problem with XSS attacks (in theory), but
1052 // IE can be fooled into mime-type detecting a malformed image as an html file, thus executing an XSS attack on anyone
Andrey Andreev8e6f7a92012-03-26 20:13:00 +03001053 // using IE who looks at the image. It does this by inspecting the first 255 bytes of an image. To get around this
1054 // CI will itself look at the first 255 bytes of an image to determine its relative safety. This can save a lot of
Barry Mienydd671972010-10-04 16:33:58 +02001055 // processor power and time if it is actually a clean image, as it will be in nearly all instances _except_ an
Greg Akerf82e51c2010-04-14 19:33:50 -05001056 // attempted XSS attack.
1057
1058 if (function_exists('getimagesize') && @getimagesize($file) !== FALSE)
1059 {
Barry Mienydd671972010-10-04 16:33:58 +02001060 if (($file = @fopen($file, 'rb')) === FALSE) // "b" to force binary
1061 {
Greg Akerf82e51c2010-04-14 19:33:50 -05001062 return FALSE; // Couldn't open the file, return FALSE
Barry Mienydd671972010-10-04 16:33:58 +02001063 }
Greg Akerf82e51c2010-04-14 19:33:50 -05001064
Barry Mienydd671972010-10-04 16:33:58 +02001065 $opening_bytes = fread($file, 256);
1066 fclose($file);
Greg Akerf82e51c2010-04-14 19:33:50 -05001067
1068 // These are known to throw IE into mime-type detection chaos
1069 // <a, <body, <head, <html, <img, <plaintext, <pre, <script, <table, <title
1070 // title is basically just in SVG, but we filter it anyhow
1071
vlakoff35672462013-02-15 01:36:04 +01001072 // if it's an image or no "triggers" detected in the first 256 bytes - we're good
Andrey Andreevc839d282012-06-07 14:35:27 +03001073 return ! preg_match('/<(a|body|head|html|img|plaintext|pre|script|table|title)[\s>]/i', $opening_bytes);
Greg Akerf82e51c2010-04-14 19:33:50 -05001074 }
Derek Allard2067d1a2008-11-13 22:59:24 +00001075
1076 if (($data = @file_get_contents($file)) === FALSE)
1077 {
1078 return FALSE;
1079 }
Derek Allard2067d1a2008-11-13 22:59:24 +00001080
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +02001081 return $this->_CI->security->xss_clean($data, TRUE);
Derek Allard2067d1a2008-11-13 22:59:24 +00001082 }
Barry Mienydd671972010-10-04 16:33:58 +02001083
Derek Allard2067d1a2008-11-13 22:59:24 +00001084 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +02001085
Derek Allard2067d1a2008-11-13 22:59:24 +00001086 /**
1087 * Set an error message
1088 *
Andrey Andreevf5ccd122012-11-02 00:17:39 +02001089 * @param string $msg
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +02001090 * @return CI_Upload
Barry Mienydd671972010-10-04 16:33:58 +02001091 */
Greg Aker58fdee82010-11-10 15:07:09 -06001092 public function set_error($msg)
Derek Allard2067d1a2008-11-13 22:59:24 +00001093 {
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +02001094 $this->_CI->lang->load('upload');
Barry Mienydd671972010-10-04 16:33:58 +02001095
Andrey Andreev119d8a72014-01-08 15:27:53 +02001096 is_array($msg) OR $msg = array($msg);
Darren Benney4a8d1902013-03-30 20:07:49 +00001097
Darren Benney38d5f4b2013-03-30 21:00:38 +00001098 foreach ($msg as $val)
Derek Allard2067d1a2008-11-13 22:59:24 +00001099 {
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +02001100 $msg = ($this->_CI->lang->line($val) === FALSE) ? $val : $this->_CI->lang->line($val);
Derek Allard2067d1a2008-11-13 22:59:24 +00001101 $this->error_msg[] = $msg;
1102 log_message('error', $msg);
1103 }
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +02001104
1105 return $this;
Derek Allard2067d1a2008-11-13 22:59:24 +00001106 }
Barry Mienydd671972010-10-04 16:33:58 +02001107
Derek Allard2067d1a2008-11-13 22:59:24 +00001108 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +02001109
Derek Allard2067d1a2008-11-13 22:59:24 +00001110 /**
1111 * Display the error message
1112 *
Andrey Andreevf5ccd122012-11-02 00:17:39 +02001113 * @param string $open
1114 * @param string $close
Derek Allard2067d1a2008-11-13 22:59:24 +00001115 * @return string
Barry Mienydd671972010-10-04 16:33:58 +02001116 */
Greg Aker58fdee82010-11-10 15:07:09 -06001117 public function display_errors($open = '<p>', $close = '</p>')
Derek Allard2067d1a2008-11-13 22:59:24 +00001118 {
Andrey Andreev8e6f7a92012-03-26 20:13:00 +03001119 return (count($this->error_msg) > 0) ? $open.implode($close.$open, $this->error_msg).$close : '';
Derek Allard2067d1a2008-11-13 22:59:24 +00001120 }
Barry Mienydd671972010-10-04 16:33:58 +02001121
Derek Allard2067d1a2008-11-13 22:59:24 +00001122 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +02001123
Derek Allard2067d1a2008-11-13 22:59:24 +00001124 /**
Derek Allard2067d1a2008-11-13 22:59:24 +00001125 * Prep Filename
1126 *
Andrey Andreevf5ccd122012-11-02 00:17:39 +02001127 * Prevents possible script execution from Apache's handling
1128 * of files' multiple extensions.
Derek Allard2067d1a2008-11-13 22:59:24 +00001129 *
Andrey Andreevf5ccd122012-11-02 00:17:39 +02001130 * @link http://httpd.apache.org/docs/1.3/mod/mod_mime.html#multipleext
1131 *
1132 * @param string $filename
Derek Allard2067d1a2008-11-13 22:59:24 +00001133 * @return string
1134 */
Greg Aker58fdee82010-11-10 15:07:09 -06001135 protected function _prep_filename($filename)
Derek Allard2067d1a2008-11-13 22:59:24 +00001136 {
Andrey Andreev32c72122013-10-21 15:35:05 +03001137 if ($this->mod_mime_fix === FALSE OR $this->allowed_types === '*' OR strpos($filename, '.') === FALSE)
Derek Allard2067d1a2008-11-13 22:59:24 +00001138 {
1139 return $filename;
1140 }
Derek Allard616dab82009-02-16 15:44:32 +00001141
Derek Allard2067d1a2008-11-13 22:59:24 +00001142 $parts = explode('.', $filename);
1143 $ext = array_pop($parts);
1144 $filename = array_shift($parts);
Derek Allard616dab82009-02-16 15:44:32 +00001145
Derek Allard2067d1a2008-11-13 22:59:24 +00001146 foreach ($parts as $part)
1147 {
Andrey Andreev2cf4c9b2014-02-21 15:01:48 +02001148 if ( ! in_array(strtolower($part), $this->allowed_types) OR ! isset($this->_mimes[strtolower($part)]))
Derek Allard2067d1a2008-11-13 22:59:24 +00001149 {
1150 $filename .= '.'.$part.'_';
1151 }
1152 else
1153 {
1154 $filename .= '.'.$part;
1155 }
1156 }
Derek Allardd70b0642009-02-16 13:51:42 +00001157
Andrey Andreev8e6f7a92012-03-26 20:13:00 +03001158 return $filename.'.'.$ext;
Derek Allard2067d1a2008-11-13 22:59:24 +00001159 }
1160
1161 // --------------------------------------------------------------------
1162
Andrey Andreev3a3c9472011-09-24 14:25:33 +03001163 /**
1164 * File MIME type
1165 *
1166 * Detects the (actual) MIME type of the uploaded file, if possible.
1167 * The input array is expected to be $_FILES[$field]
1168 *
Andrey Andreevf5ccd122012-11-02 00:17:39 +02001169 * @param array $file
Andrey Andreev3a3c9472011-09-24 14:25:33 +03001170 * @return void
1171 */
1172 protected function _file_mime_type($file)
1173 {
Andrey Andreeva49e3812011-12-09 13:05:22 +02001174 // We'll need this to validate the MIME info string (e.g. text/plain; charset=us-ascii)
Andrey Andreevf7aed122011-12-13 11:01:06 +02001175 $regexp = '/^([a-z\-]+\/[a-z0-9\-\.\+]+)(;\s.+)?$/';
Andrey Andreeva49e3812011-12-09 13:05:22 +02001176
1177 /* Fileinfo extension - most reliable method
1178 *
1179 * Unfortunately, prior to PHP 5.3 - it's only available as a PECL extension and the
1180 * more convenient FILEINFO_MIME_TYPE flag doesn't exist.
1181 */
1182 if (function_exists('finfo_file'))
Andrey Andreev3a3c9472011-09-24 14:25:33 +03001183 {
Andrey Andreevd60e7002012-06-17 00:03:03 +03001184 $finfo = @finfo_open(FILEINFO_MIME);
Andrey Andreeva49e3812011-12-09 13:05:22 +02001185 if (is_resource($finfo)) // It is possible that a FALSE value is returned, if there is no magic MIME database file found on the system
Andrey Andreev3a3c9472011-09-24 14:25:33 +03001186 {
Andrey Andreeva49e3812011-12-09 13:05:22 +02001187 $mime = @finfo_file($finfo, $file['tmp_name']);
1188 finfo_close($finfo);
Andrey Andreev3a3c9472011-09-24 14:25:33 +03001189
1190 /* According to the comments section of the PHP manual page,
1191 * it is possible that this function returns an empty string
Andrey Andreev2cec39f2011-09-24 22:59:37 +03001192 * for some files (e.g. if they don't exist in the magic MIME database)
Andrey Andreev3a3c9472011-09-24 14:25:33 +03001193 */
Andrey Andreeva49e3812011-12-09 13:05:22 +02001194 if (is_string($mime) && preg_match($regexp, $mime, $matches))
Andrey Andreev3a3c9472011-09-24 14:25:33 +03001195 {
Andrey Andreeva49e3812011-12-09 13:05:22 +02001196 $this->file_type = $matches[1];
Andrey Andreev3a3c9472011-09-24 14:25:33 +03001197 return;
1198 }
1199 }
1200 }
1201
Andrey Andreeva49e3812011-12-09 13:05:22 +02001202 /* This is an ugly hack, but UNIX-type systems provide a "native" way to detect the file type,
1203 * which is still more secure than depending on the value of $_FILES[$field]['type'], and as it
1204 * was reported in issue #750 (https://github.com/EllisLab/CodeIgniter/issues/750) - it's better
1205 * than mime_content_type() as well, hence the attempts to try calling the command line with
1206 * three different functions.
Andrey Andreev6700b932011-09-24 14:25:33 +03001207 *
1208 * Notes:
Andrey Andreev59654312011-12-02 14:28:54 +02001209 * - the DIRECTORY_SEPARATOR comparison ensures that we're not on a Windows system
Andrey Andreeva49e3812011-12-09 13:05:22 +02001210 * - many system admins would disable the exec(), shell_exec(), popen() and similar functions
vlakofff3994252013-02-19 01:45:23 +01001211 * due to security concerns, hence the function_usable() checks
Andrey Andreev6700b932011-09-24 14:25:33 +03001212 */
Andrey Andreeva49e3812011-12-09 13:05:22 +02001213 if (DIRECTORY_SEPARATOR !== '\\')
Andrey Andreev6700b932011-09-24 14:25:33 +03001214 {
Andrey Andreevd60e7002012-06-17 00:03:03 +03001215 $cmd = function_exists('escapeshellarg')
1216 ? 'file --brief --mime '.escapeshellarg($file['tmp_name']).' 2>&1'
1217 : 'file --brief --mime '.$file['tmp_name'].' 2>&1';
Andrey Andreeva49e3812011-12-09 13:05:22 +02001218
Andrey Andreeve9d2dc82012-11-07 14:23:29 +02001219 if (function_usable('exec'))
Andrey Andreev6700b932011-09-24 14:25:33 +03001220 {
Andrey Andreeva49e3812011-12-09 13:05:22 +02001221 /* This might look confusing, as $mime is being populated with all of the output when set in the second parameter.
vlakofff3994252013-02-19 01:45:23 +01001222 * However, we only need the last line, which is the actual return value of exec(), and as such - it overwrites
Andrey Andreeva49e3812011-12-09 13:05:22 +02001223 * anything that could already be set for $mime previously. This effectively makes the second parameter a dummy
1224 * value, which is only put to allow us to get the return status code.
1225 */
1226 $mime = @exec($cmd, $mime, $return_status);
1227 if ($return_status === 0 && is_string($mime) && preg_match($regexp, $mime, $matches))
1228 {
1229 $this->file_type = $matches[1];
1230 return;
1231 }
1232 }
1233
Andrey Andreevf6274742014-02-20 18:05:58 +02001234 if ( ! ini_get('safe_mode') && function_usable('shell_exec'))
Andrey Andreeva49e3812011-12-09 13:05:22 +02001235 {
1236 $mime = @shell_exec($cmd);
1237 if (strlen($mime) > 0)
1238 {
1239 $mime = explode("\n", trim($mime));
1240 if (preg_match($regexp, $mime[(count($mime) - 1)], $matches))
1241 {
1242 $this->file_type = $matches[1];
1243 return;
1244 }
1245 }
1246 }
1247
Andrey Andreeve9d2dc82012-11-07 14:23:29 +02001248 if (function_usable('popen'))
Andrey Andreeva49e3812011-12-09 13:05:22 +02001249 {
1250 $proc = @popen($cmd, 'r');
1251 if (is_resource($proc))
1252 {
tubalmartin010f1f42012-03-03 22:24:31 +01001253 $mime = @fread($proc, 512);
Andrey Andreeva49e3812011-12-09 13:05:22 +02001254 @pclose($proc);
1255 if ($mime !== FALSE)
1256 {
1257 $mime = explode("\n", trim($mime));
1258 if (preg_match($regexp, $mime[(count($mime) - 1)], $matches))
1259 {
1260 $this->file_type = $matches[1];
1261 return;
1262 }
1263 }
1264 }
1265 }
1266 }
1267
1268 // Fall back to the deprecated mime_content_type(), if available (still better than $_FILES[$field]['type'])
Andrey Andreev3a3c9472011-09-24 14:25:33 +03001269 if (function_exists('mime_content_type'))
1270 {
1271 $this->file_type = @mime_content_type($file['tmp_name']);
Andrey Andreeva49e3812011-12-09 13:05:22 +02001272 if (strlen($this->file_type) > 0) // It's possible that mime_content_type() returns FALSE or an empty string
Andrey Andreev3a3c9472011-09-24 14:25:33 +03001273 {
Andrey Andreev3a3c9472011-09-24 14:25:33 +03001274 return;
1275 }
1276 }
1277
1278 $this->file_type = $file['type'];
1279 }
1280
Derek Allard2067d1a2008-11-13 22:59:24 +00001281}
Derek Allard2067d1a2008-11-13 22:59:24 +00001282
1283/* End of file Upload.php */
Adrian74a228b2013-06-25 12:09:22 +02001284/* Location: ./system/libraries/Upload.php */