Gitiles
Code Review Sign In
www.giggi.me / code-igniter-v3-giggi / 5fd3ae8d33a4f5d3159b86683b9a670e973a63f5 / . / system / libraries / Upload.php
blob: 76bbc244ef64b3b62e3dab67ff823fab0858fa91 [file] [log] [blame]
Andrey Andreev6ca407e2012-03-01 15:33:21 +0200[diff] [blame]1<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]2/**
3 * CodeIgniter
4 *
Phil Sturgeon07c1ac82012-03-09 17:03:37 +0000[diff] [blame]5 * An open source application development framework for PHP 5.2.4 or newer
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]6 *
Derek Jonesf4a4bd82011-10-20 12:18:42 -0500[diff] [blame]7 * NOTICE OF LICENSE
Andrey Andreev3a459572011-12-21 11:23:11 +0200[diff] [blame]8 *
Derek Jonesf4a4bd82011-10-20 12:18:42 -0500[diff] [blame]9 * Licensed under the Open Software License version 3.0
Andrey Andreev3a459572011-12-21 11:23:11 +0200[diff] [blame]10 *
Derek Jonesf4a4bd82011-10-20 12:18:42 -0500[diff] [blame]11 * This source file is subject to the Open Software License (OSL 3.0) that is
12 * bundled with this package in the files license.txt / license.rst. It is
13 * also available through the world wide web at this URL:
14 * http://opensource.org/licenses/OSL-3.0
15 * If you did not receive a copy of the license and are unable to obtain it
16 * through the world wide web, please send an email to
17 * licensing@ellislab.com so we can send you a copy immediately.
18 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]19 * @package CodeIgniter
Derek Jonesf4a4bd82011-10-20 12:18:42 -0500[diff] [blame]20 * @author EllisLab Dev Team
Greg Aker0defe5d2012-01-01 18:46:41 -0600[diff] [blame]21 * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/)
Derek Jonesf4a4bd82011-10-20 12:18:42 -0500[diff] [blame]22 * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]23 * @link http://codeigniter.com
24 * @since Version 1.0
25 * @filesource
26 */
27
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]28/**
29 * File Uploading Class
30 *
31 * @package CodeIgniter
32 * @subpackage Libraries
33 * @category Uploads
Derek Jonesf4a4bd82011-10-20 12:18:42 -0500[diff] [blame]34 * @author EllisLab Dev Team
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]35 * @link http://codeigniter.com/user_guide/libraries/file_uploading.html
36 */
37class CI_Upload {
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]38
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]39 public $max_size = 0;
40 public $max_width = 0;
41 public $max_height = 0;
42 public $max_filename = 0;
Adam Jackettccbbea12011-08-21 16:19:11 -0400[diff] [blame]43 public $max_filename_increment = 100;
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]44 public $allowed_types = '';
45 public $file_temp = '';
46 public $file_name = '';
47 public $orig_name = '';
48 public $file_type = '';
49 public $file_size = '';
50 public $file_ext = '';
51 public $upload_path = '';
52 public $overwrite = FALSE;
53 public $encrypt_name = FALSE;
54 public $is_image = FALSE;
55 public $image_width = '';
56 public $image_height = '';
57 public $image_type = '';
58 public $image_size_str = '';
59 public $error_msg = array();
60 public $mimes = array();
61 public $remove_spaces = TRUE;
Andrey Andreevd60e7002012-06-17 00:03:03 +0300[diff] [blame]62 public $detect_mime = TRUE;
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]63 public $xss_clean = FALSE;
64 public $temp_prefix = 'temp_file_';
65 public $client_name = '';
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]66
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]67 protected $_file_name_override = '';
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]68
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]69 /**
70 * Constructor
71 *
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]72 * @param array
73 * @return void
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]74 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]75 public function __construct($props = array())
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]76 {
77 if (count($props) > 0)
78 {
79 $this->initialize($props);
80 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]81
Andrey Andreev6ef498b2012-06-05 22:01:58 +0300[diff] [blame]82 $this->mimes =& get_mimes();
83
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]84 log_message('debug', 'Upload Class Initialized');
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]85 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]86
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]87 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]88
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]89 /**
90 * Initialize preferences
91 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]92 * @param array
93 * @return void
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]94 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]95 public function initialize($config = array())
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]96 {
97 $defaults = array(
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]98 'max_size' => 0,
99 'max_width' => 0,
100 'max_height' => 0,
101 'max_filename' => 0,
102 'max_filename_increment' => 100,
103 'allowed_types' => '',
104 'file_temp' => '',
105 'file_name' => '',
106 'orig_name' => '',
107 'file_type' => '',
108 'file_size' => '',
109 'file_ext' => '',
110 'upload_path' => '',
111 'overwrite' => FALSE,
112 'encrypt_name' => FALSE,
113 'is_image' => FALSE,
114 'image_width' => '',
115 'image_height' => '',
116 'image_type' => '',
117 'image_size_str' => '',
118 'error_msg' => array(),
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]119 'remove_spaces' => TRUE,
Andrey Andreevd60e7002012-06-17 00:03:03 +0300[diff] [blame]120 'detect_mime' => TRUE,
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]121 'xss_clean' => FALSE,
122 'temp_prefix' => 'temp_file_',
123 'client_name' => ''
124 );
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]125
126
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]127 foreach ($defaults as $key => $val)
128 {
129 if (isset($config[$key]))
130 {
131 $method = 'set_'.$key;
132 if (method_exists($this, $method))
133 {
134 $this->$method($config[$key]);
135 }
136 else
137 {
138 $this->$key = $config[$key];
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]139 }
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]140 }
141 else
142 {
143 $this->$key = $val;
144 }
145 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]146
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]147 // if a file_name was provided in the config, use it instead of the user input
148 // supplied file name for all uploads until initialized again
149 $this->_file_name_override = $this->file_name;
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]150 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]151
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]152 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]153
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]154 /**
155 * Perform the file upload
156 *
Andrey Andreev5fd3ae82012-10-24 14:55:35 +0300[diff] [blame^]157 * @param string $field = 'userfile'
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]158 * @return bool
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]159 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]160 public function do_upload($field = 'userfile')
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]161 {
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]162 // Is $_FILES[$field] set? If not, no reason to continue.
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]163 if ( ! isset($_FILES[$field]))
164 {
165 $this->set_error('upload_no_file_selected');
166 return FALSE;
167 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]168
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]169 // Is the upload path valid?
170 if ( ! $this->validate_upload_path())
171 {
172 // errors will already be set by validate_upload_path() so just return FALSE
173 return FALSE;
174 }
175
176 // Was the file able to be uploaded? If not, determine the reason why.
177 if ( ! is_uploaded_file($_FILES[$field]['tmp_name']))
178 {
179 $error = ( ! isset($_FILES[$field]['error'])) ? 4 : $_FILES[$field]['error'];
180
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]181 switch ($error)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]182 {
183 case 1: // UPLOAD_ERR_INI_SIZE
184 $this->set_error('upload_file_exceeds_limit');
185 break;
186 case 2: // UPLOAD_ERR_FORM_SIZE
187 $this->set_error('upload_file_exceeds_form_limit');
188 break;
189 case 3: // UPLOAD_ERR_PARTIAL
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]190 $this->set_error('upload_file_partial');
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]191 break;
192 case 4: // UPLOAD_ERR_NO_FILE
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]193 $this->set_error('upload_no_file_selected');
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]194 break;
195 case 6: // UPLOAD_ERR_NO_TMP_DIR
196 $this->set_error('upload_no_temp_directory');
197 break;
198 case 7: // UPLOAD_ERR_CANT_WRITE
199 $this->set_error('upload_unable_to_write_file');
200 break;
201 case 8: // UPLOAD_ERR_EXTENSION
202 $this->set_error('upload_stopped_by_extension');
203 break;
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]204 default:
205 $this->set_error('upload_no_file_selected');
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]206 break;
207 }
208
209 return FALSE;
210 }
211
212 // Set the uploaded data as class variables
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]213 $this->file_temp = $_FILES[$field]['tmp_name'];
214 $this->file_size = $_FILES[$field]['size'];
Andrey Andreevd60e7002012-06-17 00:03:03 +0300[diff] [blame]215
216 // Skip MIME type detection?
217 if ($this->detect_mime !== FALSE)
218 {
219 $this->_file_mime_type($_FILES[$field]);
220 }
221
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]222 $this->file_type = preg_replace('/^(.+?);.*$/', '\\1', $this->file_type);
Derek Jones616fb022010-04-22 16:52:18 -0500[diff] [blame]223 $this->file_type = strtolower(trim(stripslashes($this->file_type), '"'));
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]224 $this->file_name = $this->_prep_filename($_FILES[$field]['name']);
225 $this->file_ext = $this->get_extension($this->file_name);
226 $this->client_name = $this->file_name;
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]227
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]228 // Is the file type allowed to be uploaded?
229 if ( ! $this->is_allowed_filetype())
230 {
231 $this->set_error('upload_invalid_filetype');
232 return FALSE;
233 }
234
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]235 // if we're overriding, let's now make sure the new name and type is allowed
Alex Bilbied261b1e2012-06-02 11:12:16 +0100[diff] [blame]236 if ($this->_file_name_override !== '')
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]237 {
238 $this->file_name = $this->_prep_filename($this->_file_name_override);
Phil Sturgeon1e74da22010-12-15 10:45:06 +0000[diff] [blame]239
240 // If no extension was provided in the file_name config item, use the uploaded one
Pascal Kriete14287f32011-02-14 13:39:34 -0500[diff] [blame]241 if (strpos($this->_file_name_override, '.') === FALSE)
Phil Sturgeon1e74da22010-12-15 10:45:06 +0000[diff] [blame]242 {
243 $this->file_name .= $this->file_ext;
244 }
Phil Sturgeon1e74da22010-12-15 10:45:06 +0000[diff] [blame]245 else
246 {
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]247 // An extension was provided, lets have it!
248 $this->file_ext = $this->get_extension($this->_file_name_override);
Phil Sturgeon1e74da22010-12-15 10:45:06 +0000[diff] [blame]249 }
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]250
251 if ( ! $this->is_allowed_filetype(TRUE))
252 {
253 $this->set_error('upload_invalid_filetype');
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]254 return FALSE;
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]255 }
256 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]257
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]258 // Convert the file size to kilobytes
259 if ($this->file_size > 0)
260 {
261 $this->file_size = round($this->file_size/1024, 2);
262 }
263
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]264 // Is the file size within the allowed maximum?
265 if ( ! $this->is_allowed_filesize())
266 {
267 $this->set_error('upload_invalid_filesize');
268 return FALSE;
269 }
270
271 // Are the image dimensions within the allowed size?
272 // Note: This can fail if the server has an open_basdir restriction.
273 if ( ! $this->is_allowed_dimensions())
274 {
275 $this->set_error('upload_invalid_dimensions');
276 return FALSE;
277 }
278
279 // Sanitize the file name for security
280 $this->file_name = $this->clean_file_name($this->file_name);
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]281
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]282 // Truncate the file name if it's too long
283 if ($this->max_filename > 0)
284 {
285 $this->file_name = $this->limit_filename_length($this->file_name, $this->max_filename);
286 }
287
288 // Remove white spaces in the name
Alex Bilbied261b1e2012-06-02 11:12:16 +0100[diff] [blame]289 if ($this->remove_spaces === TRUE)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]290 {
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]291 $this->file_name = preg_replace('/\s+/', '_', $this->file_name);
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]292 }
293
294 /*
295 * Validate the file name
296 * This function appends an number onto the end of
297 * the file if one with the same name already exists.
298 * If it returns false there was a problem.
299 */
300 $this->orig_name = $this->file_name;
301
Alex Bilbied261b1e2012-06-02 11:12:16 +0100[diff] [blame]302 if ($this->overwrite === FALSE)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]303 {
304 $this->file_name = $this->set_filename($this->upload_path, $this->file_name);
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]305
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]306 if ($this->file_name === FALSE)
307 {
308 return FALSE;
309 }
310 }
311
312 /*
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]313 * Run the file through the XSS hacking filter
314 * This helps prevent malicious code from being
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]315 * embedded within a file. Scripts can easily
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]316 * be disguised as images or other file types.
317 */
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]318 if ($this->xss_clean && $this->do_xss_clean() === FALSE)
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]319 {
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]320 $this->set_error('upload_unable_to_write_file');
321 return FALSE;
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]322 }
323
324 /*
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]325 * Move the file to the final destination
326 * To deal with different server configurations
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]327 * we'll attempt to use copy() first. If that fails
328 * we'll use move_uploaded_file(). One of the two should
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]329 * reliably work in most environments
330 */
331 if ( ! @copy($this->file_temp, $this->upload_path.$this->file_name))
332 {
333 if ( ! @move_uploaded_file($this->file_temp, $this->upload_path.$this->file_name))
334 {
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]335 $this->set_error('upload_destination_error');
336 return FALSE;
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]337 }
338 }
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]339
340 /*
341 * Set the finalized image dimensions
342 * This sets the image width/height (assuming the
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]343 * file was an image). We use this information
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]344 * in the "data" function.
345 */
346 $this->set_image_properties($this->upload_path.$this->file_name);
347
348 return TRUE;
349 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]350
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]351 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]352
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]353 /**
354 * Finalized Data Array
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]355 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]356 * Returns an associative array containing all of the information
357 * related to the upload, allowing the developer easy access in one array.
358 *
Michiel Vugteveendca9f232012-06-11 09:17:14 +0200[diff] [blame]359 * @param string
Michiel Vugteveen0ee287e2012-06-11 10:38:14 +0200[diff] [blame]360 * @return mixed
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]361 */
Michiel Vugteveendca9f232012-06-11 09:17:14 +0200[diff] [blame]362 public function data($index = NULL)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]363 {
Michiel Vugteveendca9f232012-06-11 09:17:14 +0200[diff] [blame]364 $data = array(
Michiel Vugteveen3a7fb042012-06-11 09:29:16 +0200[diff] [blame]365 'file_name' => $this->file_name,
366 'file_type' => $this->file_type,
367 'file_path' => $this->upload_path,
368 'full_path' => $this->upload_path.$this->file_name,
369 'raw_name' => str_replace($this->file_ext, '', $this->file_name),
370 'orig_name' => $this->orig_name,
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]371 'client_name' => $this->client_name,
Michiel Vugteveen3a7fb042012-06-11 09:29:16 +0200[diff] [blame]372 'file_ext' => $this->file_ext,
373 'file_size' => $this->file_size,
374 'is_image' => $this->is_image(),
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]375 'image_width' => $this->image_width,
376 'image_height' => $this->image_height,
377 'image_type' => $this->image_type,
378 'image_size_str' => $this->image_size_str,
379 );
Michiel Vugteveendca9f232012-06-11 09:17:14 +0200[diff] [blame]380
Michiel Vugteveen46a04292012-06-11 10:37:52 +0200[diff] [blame]381 if ( ! empty($index))
Michiel Vugteveendca9f232012-06-11 09:17:14 +0200[diff] [blame]382 {
Michiel Vugteveen46a04292012-06-11 10:37:52 +0200[diff] [blame]383 return isset($data[$index]) ? $data[$index] : NULL;
Michiel Vugteveendca9f232012-06-11 09:17:14 +0200[diff] [blame]384 }
385
Michiel Vugteveen46a04292012-06-11 10:37:52 +0200[diff] [blame]386 return $data;
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]387 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]388
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]389 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]390
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]391 /**
392 * Set Upload Path
393 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]394 * @param string
395 * @return void
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]396 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]397 public function set_upload_path($path)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]398 {
399 // Make sure it has a trailing slash
400 $this->upload_path = rtrim($path, '/').'/';
401 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]402
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]403 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]404
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]405 /**
406 * Set the file name
407 *
408 * This function takes a filename/path as input and looks for the
409 * existence of a file with the same name. If found, it will append a
410 * number to the end of the filename to avoid overwriting a pre-existing file.
411 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]412 * @param string
413 * @param string
414 * @return string
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]415 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]416 public function set_filename($path, $filename)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]417 {
Alex Bilbied261b1e2012-06-02 11:12:16 +0100[diff] [blame]418 if ($this->encrypt_name === TRUE)
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]419 {
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]420 mt_srand();
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]421 $filename = md5(uniqid(mt_rand())).$this->file_ext;
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]422 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]423
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]424 if ( ! file_exists($path.$filename))
425 {
426 return $filename;
427 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]428
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]429 $filename = str_replace($this->file_ext, '', $filename);
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]430
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]431 $new_filename = '';
Adam Jackettccbbea12011-08-21 16:19:11 -0400[diff] [blame]432 for ($i = 1; $i < $this->max_filename_increment; $i++)
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]433 {
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]434 if ( ! file_exists($path.$filename.$i.$this->file_ext))
435 {
436 $new_filename = $filename.$i.$this->file_ext;
437 break;
438 }
439 }
440
Alex Bilbied261b1e2012-06-02 11:12:16 +0100[diff] [blame]441 if ($new_filename === '')
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]442 {
443 $this->set_error('upload_bad_filename');
444 return FALSE;
445 }
446 else
447 {
448 return $new_filename;
449 }
450 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]451
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]452 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]453
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]454 /**
455 * Set Maximum File Size
456 *
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]457 * @param int
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]458 * @return void
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]459 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]460 public function set_max_filesize($n)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]461 {
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]462 $this->max_size = ((int) $n < 0) ? 0 : (int) $n;
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]463 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]464
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]465 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]466
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]467 /**
468 * Set Maximum File Name Length
469 *
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]470 * @param int
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]471 * @return void
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]472 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]473 public function set_max_filename($n)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]474 {
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]475 $this->max_filename = ((int) $n < 0) ? 0 : (int) $n;
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]476 }
477
478 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]479
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]480 /**
481 * Set Maximum Image Width
482 *
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]483 * @param int
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]484 * @return void
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]485 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]486 public function set_max_width($n)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]487 {
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]488 $this->max_width = ((int) $n < 0) ? 0 : (int) $n;
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]489 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]490
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]491 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]492
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]493 /**
494 * Set Maximum Image Height
495 *
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]496 * @param int
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]497 * @return void
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]498 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]499 public function set_max_height($n)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]500 {
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]501 $this->max_height = ((int) $n < 0) ? 0 : (int) $n;
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]502 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]503
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]504 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]505
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]506 /**
507 * Set Allowed File Types
508 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]509 * @param string
510 * @return void
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]511 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]512 public function set_allowed_types($types)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]513 {
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]514 if ( ! is_array($types) && $types === '*')
Derek Jonese12f64e2010-03-02 22:55:08 -0600[diff] [blame]515 {
516 $this->allowed_types = '*';
517 return;
518 }
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]519 $this->allowed_types = explode('|', $types);
520 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]521
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]522 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]523
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]524 /**
525 * Set Image Properties
526 *
527 * Uses GD to determine the width/height/type of image
528 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]529 * @param string
530 * @return void
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]531 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]532 public function set_image_properties($path = '')
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]533 {
534 if ( ! $this->is_image())
535 {
536 return;
537 }
538
539 if (function_exists('getimagesize'))
540 {
541 if (FALSE !== ($D = @getimagesize($path)))
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]542 {
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]543 $types = array(1 => 'gif', 2 => 'jpeg', 3 => 'png');
544
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]545 $this->image_width = $D[0];
546 $this->image_height = $D[1];
547 $this->image_type = isset($types[$D[2]]) ? $types[$D[2]] : 'unknown';
548 $this->image_size_str = $D[3]; // string containing height and width
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]549 }
550 }
551 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]552
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]553 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]554
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]555 /**
556 * Set XSS Clean
557 *
558 * Enables the XSS flag so that the file that was uploaded
559 * will be run through the XSS filter.
560 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]561 * @param bool
562 * @return void
563 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]564 public function set_xss_clean($flag = FALSE)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]565 {
Alex Bilbied261b1e2012-06-02 11:12:16 +0100[diff] [blame]566 $this->xss_clean = ($flag === TRUE);
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]567 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]568
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]569 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]570
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]571 /**
572 * Validate the image
573 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]574 * @return bool
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]575 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]576 public function is_image()
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]577 {
578 // IE will sometimes return odd mime-types during upload, so here we just standardize all
579 // jpegs or pngs to the same file type.
580
Derek Jones4b9c6292011-07-01 17:40:48 -0500[diff] [blame]581 $png_mimes = array('image/x-png');
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]582 $jpeg_mimes = array('image/jpg', 'image/jpe', 'image/jpeg', 'image/pjpeg');
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]583
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]584 if (in_array($this->file_type, $png_mimes))
585 {
586 $this->file_type = 'image/png';
587 }
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]588 elseif (in_array($this->file_type, $jpeg_mimes))
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]589 {
590 $this->file_type = 'image/jpeg';
591 }
592
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]593 $img_mimes = array('image/gif', 'image/jpeg', 'image/png');
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]594
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]595 return in_array($this->file_type, $img_mimes, TRUE);
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]596 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]597
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]598 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]599
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]600 /**
601 * Verify that the filetype is allowed
602 *
Andrey Andreev6ca407e2012-03-01 15:33:21 +0200[diff] [blame]603 * @param bool
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]604 * @return bool
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]605 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]606 public function is_allowed_filetype($ignore_mime = FALSE)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]607 {
Andrey Andreev6ca407e2012-03-01 15:33:21 +0200[diff] [blame]608 if ($this->allowed_types === '*')
Derek Jonese12f64e2010-03-02 22:55:08 -0600[diff] [blame]609 {
610 return TRUE;
611 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]612
Andrey Andreev6ca407e2012-03-01 15:33:21 +0200[diff] [blame]613 if ( ! is_array($this->allowed_types) OR count($this->allowed_types) === 0)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]614 {
615 $this->set_error('upload_no_file_types');
616 return FALSE;
617 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]618
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]619 $ext = strtolower(ltrim($this->file_ext, '.'));
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]620
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]621 if ( ! in_array($ext, $this->allowed_types))
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]622 {
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]623 return FALSE;
624 }
Derek Jonesafa282f2009-02-10 17:11:52 +0000[diff] [blame]625
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]626 // Images get some additional checks
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]627 $image_types = array('gif', 'jpg', 'jpeg', 'png', 'jpe');
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]628
Andrey Andreev6ca407e2012-03-01 15:33:21 +0200[diff] [blame]629 if (in_array($ext, $image_types) && @getimagesize($this->file_temp) === FALSE)
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]630 {
Andrey Andreev6ca407e2012-03-01 15:33:21 +0200[diff] [blame]631 return FALSE;
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]632 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]633
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]634 if ($ignore_mime === TRUE)
635 {
636 return TRUE;
637 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]638
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]639 $mime = $this->mimes_types($ext);
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]640
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]641 if (is_array($mime) && in_array($this->file_type, $mime, TRUE))
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]642 {
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]643 return TRUE;
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]644 }
Andrey Andreev6ca407e2012-03-01 15:33:21 +0200[diff] [blame]645 elseif ($mime === $this->file_type)
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]646 {
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]647 return TRUE;
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]648 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]649
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]650 return FALSE;
651 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]652
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]653 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]654
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]655 /**
656 * Verify that the file is within the allowed size
657 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]658 * @return bool
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]659 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]660 public function is_allowed_filesize()
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]661 {
Alex Bilbied261b1e2012-06-02 11:12:16 +0100[diff] [blame]662 return ($this->max_size === 0 OR $this->max_size > $this->file_size);
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]663 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]664
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]665 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]666
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]667 /**
668 * Verify that the image is within the allowed width/height
669 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]670 * @return bool
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]671 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]672 public function is_allowed_dimensions()
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]673 {
674 if ( ! $this->is_image())
675 {
676 return TRUE;
677 }
678
679 if (function_exists('getimagesize'))
680 {
681 $D = @getimagesize($this->file_temp);
682
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]683 if ($this->max_width > 0 && $D[0] > $this->max_width)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]684 {
685 return FALSE;
686 }
687
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]688 if ($this->max_height > 0 && $D[1] > $this->max_height)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]689 {
690 return FALSE;
691 }
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]692 }
693
694 return TRUE;
695 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]696
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]697 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]698
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]699 /**
700 * Validate Upload Path
701 *
702 * Verifies that it is a valid upload path with proper permissions.
703 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]704 * @return bool
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]705 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]706 public function validate_upload_path()
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]707 {
Alex Bilbied261b1e2012-06-02 11:12:16 +0100[diff] [blame]708 if ($this->upload_path === '')
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]709 {
710 $this->set_error('upload_no_filepath');
711 return FALSE;
712 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]713
Andrey Andreevc839d282012-06-07 14:35:27 +0300[diff] [blame]714 if (@realpath($this->upload_path) !== FALSE)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]715 {
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]716 $this->upload_path = str_replace('\\', '/', realpath($this->upload_path));
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]717 }
718
719 if ( ! @is_dir($this->upload_path))
720 {
721 $this->set_error('upload_no_filepath');
722 return FALSE;
723 }
724
725 if ( ! is_really_writable($this->upload_path))
726 {
727 $this->set_error('upload_not_writable');
728 return FALSE;
729 }
730
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]731 $this->upload_path = preg_replace('/(.+?)\/*$/', '\\1/', $this->upload_path);
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]732 return TRUE;
733 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]734
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]735 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]736
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]737 /**
738 * Extract the file extension
739 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]740 * @param string
741 * @return string
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]742 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]743 public function get_extension($filename)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]744 {
745 $x = explode('.', $filename);
Andrey Andreev46d53fb2012-05-11 13:42:24 +0300[diff] [blame]746 return (count($x) !== 1) ? '.'.end($x) : '';
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]747 }
748
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]749 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]750
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]751 /**
752 * Clean the file name for security
753 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]754 * @param string
755 * @return string
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]756 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]757 public function clean_file_name($filename)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]758 {
759 $bad = array(
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]760 '<!--', '-->',
761 "'", '"',
762 '<', '>',
763 '&', '$',
764 '=',
765 ';',
766 '?',
767 '/',
Andrey Andreev470805b2012-05-24 21:57:21 +0300[diff] [blame]768 '!',
769 '#',
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]770 '%20',
771 '%22',
772 '%3c', // <
773 '%253c', // <
774 '%3e', // >
775 '%0e', // >
776 '%28', // (
777 '%29', // )
778 '%2528', // (
779 '%26', // &
780 '%24', // $
781 '%3f', // ?
782 '%3b', // ;
783 '%3d' // =
784 );
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]785
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]786 return stripslashes(str_replace($bad, '', $filename));
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]787 }
788
789 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]790
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]791 /**
792 * Limit the File Name Length
793 *
Andrey Andreev5fd3ae82012-10-24 14:55:35 +0300[diff] [blame^]794 * @param string $filename
795 * @param int $length
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]796 * @return string
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]797 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]798 public function limit_filename_length($filename, $length)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]799 {
800 if (strlen($filename) < $length)
801 {
802 return $filename;
803 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]804
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]805 $ext = '';
806 if (strpos($filename, '.') !== FALSE)
807 {
808 $parts = explode('.', $filename);
809 $ext = '.'.array_pop($parts);
810 $filename = implode('.', $parts);
811 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]812
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]813 return substr($filename, 0, ($length - strlen($ext))).$ext;
814 }
815
816 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]817
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]818 /**
819 * Runs the file through the XSS clean function
820 *
821 * This prevents people from embedding malicious code in their files.
822 * I'm not sure that it won't negatively affect certain files in unexpected ways,
823 * but so far I haven't found that it causes trouble.
824 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]825 * @return void
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]826 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]827 public function do_xss_clean()
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]828 {
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]829 $file = $this->file_temp;
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]830
Andrey Andreev5036c9c2012-06-04 15:34:56 +0300[diff] [blame]831 if (filesize($file) == 0)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]832 {
833 return FALSE;
834 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]835
Andrey Andreevc839d282012-06-07 14:35:27 +0300[diff] [blame]836 if (memory_get_usage() && ($memory_limit = ini_get('memory_limit')))
Greg Akerf82e51c2010-04-14 19:33:50 -0500[diff] [blame]837 {
Andrey Andreevc839d282012-06-07 14:35:27 +0300[diff] [blame]838 $memory_limit *= 1024 * 1024;
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]839
Greg Akerc78a2592010-06-09 11:45:32 -0500[diff] [blame]840 // There was a bug/behavioural change in PHP 5.2, where numbers over one million get output
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]841 // into scientific notation. number_format() ensures this number is an integer
Greg Akerc78a2592010-06-09 11:45:32 -0500[diff] [blame]842 // http://bugs.php.net/bug.php?id=43053
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]843
Andrey Andreevc839d282012-06-07 14:35:27 +0300[diff] [blame]844 $memory_limit = number_format(ceil(filesize($file) + $memory_limit), 0, '.', '');
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]845
Andrey Andreevc839d282012-06-07 14:35:27 +0300[diff] [blame]846 ini_set('memory_limit', $memory_limit); // When an integer is used, the value is measured in bytes. - PHP.net
Greg Akerf82e51c2010-04-14 19:33:50 -0500[diff] [blame]847 }
848
849 // If the file being uploaded is an image, then we should have no problem with XSS attacks (in theory), but
850 // IE can be fooled into mime-type detecting a malformed image as an html file, thus executing an XSS attack on anyone
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]851 // using IE who looks at the image. It does this by inspecting the first 255 bytes of an image. To get around this
852 // CI will itself look at the first 255 bytes of an image to determine its relative safety. This can save a lot of
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]853 // processor power and time if it is actually a clean image, as it will be in nearly all instances _except_ an
Greg Akerf82e51c2010-04-14 19:33:50 -0500[diff] [blame]854 // attempted XSS attack.
855
856 if (function_exists('getimagesize') && @getimagesize($file) !== FALSE)
857 {
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]858 if (($file = @fopen($file, 'rb')) === FALSE) // "b" to force binary
859 {
Greg Akerf82e51c2010-04-14 19:33:50 -0500[diff] [blame]860 return FALSE; // Couldn't open the file, return FALSE
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]861 }
Greg Akerf82e51c2010-04-14 19:33:50 -0500[diff] [blame]862
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]863 $opening_bytes = fread($file, 256);
864 fclose($file);
Greg Akerf82e51c2010-04-14 19:33:50 -0500[diff] [blame]865
866 // These are known to throw IE into mime-type detection chaos
867 // <a, <body, <head, <html, <img, <plaintext, <pre, <script, <table, <title
868 // title is basically just in SVG, but we filter it anyhow
869
Andrey Andreevc839d282012-06-07 14:35:27 +0300[diff] [blame]870 // if its an image or no "triggers" detected in the first 256 bytes - we're good
871 return ! preg_match('/<(a|body|head|html|img|plaintext|pre|script|table|title)[\s>]/i', $opening_bytes);
Greg Akerf82e51c2010-04-14 19:33:50 -0500[diff] [blame]872 }
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]873
874 if (($data = @file_get_contents($file)) === FALSE)
875 {
876 return FALSE;
877 }
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]878
Greg Akerf82e51c2010-04-14 19:33:50 -0500[diff] [blame]879 $CI =& get_instance();
Greg Akerf82e51c2010-04-14 19:33:50 -0500[diff] [blame]880 return $CI->security->xss_clean($data, TRUE);
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]881 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]882
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]883 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]884
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]885 /**
886 * Set an error message
887 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]888 * @param string
889 * @return void
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]890 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]891 public function set_error($msg)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]892 {
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]893 $CI =& get_instance();
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]894 $CI->lang->load('upload');
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]895
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]896 if (is_array($msg))
897 {
898 foreach ($msg as $val)
899 {
Alex Bilbied261b1e2012-06-02 11:12:16 +0100[diff] [blame]900 $msg = ($CI->lang->line($val) === FALSE) ? $val : $CI->lang->line($val);
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]901 $this->error_msg[] = $msg;
902 log_message('error', $msg);
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]903 }
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]904 }
905 else
906 {
Alex Bilbied261b1e2012-06-02 11:12:16 +0100[diff] [blame]907 $msg = ($CI->lang->line($msg) === FALSE) ? $msg : $CI->lang->line($msg);
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]908 $this->error_msg[] = $msg;
909 log_message('error', $msg);
910 }
911 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]912
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]913 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]914
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]915 /**
916 * Display the error message
917 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]918 * @param string
919 * @param string
920 * @return string
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]921 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]922 public function display_errors($open = '<p>', $close = '</p>')
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]923 {
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]924 return (count($this->error_msg) > 0) ? $open.implode($close.$open, $this->error_msg).$close : '';
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]925 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]926
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]927 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]928
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]929 /**
930 * List of Mime Types
931 *
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]932 * This is a list of mime types. We use it to validate
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]933 * the "allowed types" set by the developer
934 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]935 * @param string
936 * @return string
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]937 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]938 public function mimes_types($mime)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]939 {
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]940 return isset($this->mimes[$mime]) ? $this->mimes[$mime] : FALSE;
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]941 }
942
943 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]944
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]945 /**
946 * Prep Filename
947 *
948 * Prevents possible script execution from Apache's handling of files multiple extensions
949 * http://httpd.apache.org/docs/1.3/mod/mod_mime.html#multipleext
950 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]951 * @param string
952 * @return string
953 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]954 protected function _prep_filename($filename)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]955 {
Alex Bilbied261b1e2012-06-02 11:12:16 +0100[diff] [blame]956 if (strpos($filename, '.') === FALSE OR $this->allowed_types === '*')
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]957 {
958 return $filename;
959 }
Derek Allard616dab82009-02-16 15:44:32 +0000[diff] [blame]960
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]961 $parts = explode('.', $filename);
962 $ext = array_pop($parts);
963 $filename = array_shift($parts);
Derek Allard616dab82009-02-16 15:44:32 +0000[diff] [blame]964
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]965 foreach ($parts as $part)
966 {
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]967 if ( ! in_array(strtolower($part), $this->allowed_types) OR $this->mimes_types(strtolower($part)) === FALSE)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]968 {
969 $filename .= '.'.$part.'_';
970 }
971 else
972 {
973 $filename .= '.'.$part;
974 }
975 }
Derek Allardd70b0642009-02-16 13:51:42 +0000[diff] [blame]976
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]977 return $filename.'.'.$ext;
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]978 }
979
980 // --------------------------------------------------------------------
981
Andrey Andreev3a3c9472011-09-24 14:25:33 +0300[diff] [blame]982 /**
983 * File MIME type
984 *
985 * Detects the (actual) MIME type of the uploaded file, if possible.
986 * The input array is expected to be $_FILES[$field]
987 *
988 * @param array
989 * @return void
990 */
991 protected function _file_mime_type($file)
992 {
Andrey Andreeva49e3812011-12-09 13:05:22 +0200[diff] [blame]993 // We'll need this to validate the MIME info string (e.g. text/plain; charset=us-ascii)
Andrey Andreevf7aed122011-12-13 11:01:06 +0200[diff] [blame]994 $regexp = '/^([a-z\-]+\/[a-z0-9\-\.\+]+)(;\s.+)?$/';
Andrey Andreeva49e3812011-12-09 13:05:22 +0200[diff] [blame]995
996 /* Fileinfo extension - most reliable method
997 *
998 * Unfortunately, prior to PHP 5.3 - it's only available as a PECL extension and the
999 * more convenient FILEINFO_MIME_TYPE flag doesn't exist.
1000 */
1001 if (function_exists('finfo_file'))
Andrey Andreev3a3c9472011-09-24 14:25:33 +0300[diff] [blame]1002 {
Andrey Andreevd60e7002012-06-17 00:03:03 +0300[diff] [blame]1003 $finfo = @finfo_open(FILEINFO_MIME);
Andrey Andreeva49e3812011-12-09 13:05:22 +0200[diff] [blame]1004 if (is_resource($finfo)) // It is possible that a FALSE value is returned, if there is no magic MIME database file found on the system
Andrey Andreev3a3c9472011-09-24 14:25:33 +0300[diff] [blame]1005 {
Andrey Andreeva49e3812011-12-09 13:05:22 +0200[diff] [blame]1006 $mime = @finfo_file($finfo, $file['tmp_name']);
1007 finfo_close($finfo);
Andrey Andreev3a3c9472011-09-24 14:25:33 +0300[diff] [blame]1008
1009 /* According to the comments section of the PHP manual page,
1010 * it is possible that this function returns an empty string
Andrey Andreev2cec39f2011-09-24 22:59:37 +0300[diff] [blame]1011 * for some files (e.g. if they don't exist in the magic MIME database)
Andrey Andreev3a3c9472011-09-24 14:25:33 +0300[diff] [blame]1012 */
Andrey Andreeva49e3812011-12-09 13:05:22 +0200[diff] [blame]1013 if (is_string($mime) && preg_match($regexp, $mime, $matches))
Andrey Andreev3a3c9472011-09-24 14:25:33 +0300[diff] [blame]1014 {
Andrey Andreeva49e3812011-12-09 13:05:22 +0200[diff] [blame]1015 $this->file_type = $matches[1];
Andrey Andreev3a3c9472011-09-24 14:25:33 +0300[diff] [blame]1016 return;
1017 }
1018 }
1019 }
1020
Andrey Andreeva49e3812011-12-09 13:05:22 +0200[diff] [blame]1021 /* This is an ugly hack, but UNIX-type systems provide a "native" way to detect the file type,
1022 * which is still more secure than depending on the value of $_FILES[$field]['type'], and as it
1023 * was reported in issue #750 (https://github.com/EllisLab/CodeIgniter/issues/750) - it's better
1024 * than mime_content_type() as well, hence the attempts to try calling the command line with
1025 * three different functions.
Andrey Andreev6700b932011-09-24 14:25:33 +0300[diff] [blame]1026 *
1027 * Notes:
Andrey Andreev59654312011-12-02 14:28:54 +0200[diff] [blame]1028 * - the DIRECTORY_SEPARATOR comparison ensures that we're not on a Windows system
Andrey Andreeva49e3812011-12-09 13:05:22 +0200[diff] [blame]1029 * - many system admins would disable the exec(), shell_exec(), popen() and similar functions
1030 * due to security concerns, hence the function_exists() checks
Andrey Andreev6700b932011-09-24 14:25:33 +0300[diff] [blame]1031 */
Andrey Andreeva49e3812011-12-09 13:05:22 +0200[diff] [blame]1032 if (DIRECTORY_SEPARATOR !== '\\')
Andrey Andreev6700b932011-09-24 14:25:33 +0300[diff] [blame]1033 {
Andrey Andreevd60e7002012-06-17 00:03:03 +0300[diff] [blame]1034 $cmd = function_exists('escapeshellarg')
1035 ? 'file --brief --mime '.escapeshellarg($file['tmp_name']).' 2>&1'
1036 : 'file --brief --mime '.$file['tmp_name'].' 2>&1';
Andrey Andreeva49e3812011-12-09 13:05:22 +0200[diff] [blame]1037
1038 if (function_exists('exec'))
Andrey Andreev6700b932011-09-24 14:25:33 +0300[diff] [blame]1039 {
Andrey Andreeva49e3812011-12-09 13:05:22 +0200[diff] [blame]1040 /* This might look confusing, as $mime is being populated with all of the output when set in the second parameter.
1041 * However, we only neeed the last line, which is the actual return value of exec(), and as such - it overwrites
1042 * anything that could already be set for $mime previously. This effectively makes the second parameter a dummy
1043 * value, which is only put to allow us to get the return status code.
1044 */
1045 $mime = @exec($cmd, $mime, $return_status);
1046 if ($return_status === 0 && is_string($mime) && preg_match($regexp, $mime, $matches))
1047 {
1048 $this->file_type = $matches[1];
1049 return;
1050 }
1051 }
1052
1053 if ( (bool) @ini_get('safe_mode') === FALSE && function_exists('shell_exec'))
1054 {
1055 $mime = @shell_exec($cmd);
1056 if (strlen($mime) > 0)
1057 {
1058 $mime = explode("\n", trim($mime));
1059 if (preg_match($regexp, $mime[(count($mime) - 1)], $matches))
1060 {
1061 $this->file_type = $matches[1];
1062 return;
1063 }
1064 }
1065 }
1066
1067 if (function_exists('popen'))
1068 {
1069 $proc = @popen($cmd, 'r');
1070 if (is_resource($proc))
1071 {
tubalmartin010f1f42012-03-03 22:24:31 +0100[diff] [blame]1072 $mime = @fread($proc, 512);
Andrey Andreeva49e3812011-12-09 13:05:22 +0200[diff] [blame]1073 @pclose($proc);
1074 if ($mime !== FALSE)
1075 {
1076 $mime = explode("\n", trim($mime));
1077 if (preg_match($regexp, $mime[(count($mime) - 1)], $matches))
1078 {
1079 $this->file_type = $matches[1];
1080 return;
1081 }
1082 }
1083 }
1084 }
1085 }
1086
1087 // Fall back to the deprecated mime_content_type(), if available (still better than $_FILES[$field]['type'])
Andrey Andreev3a3c9472011-09-24 14:25:33 +0300[diff] [blame]1088 if (function_exists('mime_content_type'))
1089 {
1090 $this->file_type = @mime_content_type($file['tmp_name']);
Andrey Andreeva49e3812011-12-09 13:05:22 +0200[diff] [blame]1091 if (strlen($this->file_type) > 0) // It's possible that mime_content_type() returns FALSE or an empty string
Andrey Andreev3a3c9472011-09-24 14:25:33 +0300[diff] [blame]1092 {
Andrey Andreev3a3c9472011-09-24 14:25:33 +0300[diff] [blame]1093 return;
1094 }
1095 }
1096
1097 $this->file_type = $file['type'];
1098 }
1099
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]1100}
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]1101
1102/* End of file Upload.php */
Andrey Andreev56454792012-05-17 14:32:19 +0300[diff] [blame]1103/* Location: ./system/libraries/Upload.php */