Gitiles
Code Review Sign In
www.giggi.me / code-igniter-v3-giggi / c5536aac5752054f7f76e448d58b86407d8f574e / . / system / libraries / Upload.php
blob: f8c712297fe5ffd06f2d66e0e9fae858363c339e [file] [log] [blame]
Andrey Andreevc5536aa2012-11-01 17:33:58 +0200[diff] [blame^]1<?php
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]2/**
3 * CodeIgniter
4 *
Phil Sturgeon07c1ac82012-03-09 17:03:37 +0000[diff] [blame]5 * An open source application development framework for PHP 5.2.4 or newer
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]6 *
Derek Jonesf4a4bd82011-10-20 12:18:42 -0500[diff] [blame]7 * NOTICE OF LICENSE
Andrey Andreev3a459572011-12-21 11:23:11 +0200[diff] [blame]8 *
Derek Jonesf4a4bd82011-10-20 12:18:42 -0500[diff] [blame]9 * Licensed under the Open Software License version 3.0
Andrey Andreev3a459572011-12-21 11:23:11 +0200[diff] [blame]10 *
Derek Jonesf4a4bd82011-10-20 12:18:42 -0500[diff] [blame]11 * This source file is subject to the Open Software License (OSL 3.0) that is
12 * bundled with this package in the files license.txt / license.rst. It is
13 * also available through the world wide web at this URL:
14 * http://opensource.org/licenses/OSL-3.0
15 * If you did not receive a copy of the license and are unable to obtain it
16 * through the world wide web, please send an email to
17 * licensing@ellislab.com so we can send you a copy immediately.
18 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]19 * @package CodeIgniter
Derek Jonesf4a4bd82011-10-20 12:18:42 -0500[diff] [blame]20 * @author EllisLab Dev Team
Greg Aker0defe5d2012-01-01 18:46:41 -0600[diff] [blame]21 * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/)
Derek Jonesf4a4bd82011-10-20 12:18:42 -0500[diff] [blame]22 * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]23 * @link http://codeigniter.com
24 * @since Version 1.0
25 * @filesource
26 */
Andrey Andreevc5536aa2012-11-01 17:33:58 +0200[diff] [blame^]27defined('BASEPATH') OR exit('No direct script access allowed');
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]28
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]29/**
30 * File Uploading Class
31 *
32 * @package CodeIgniter
33 * @subpackage Libraries
34 * @category Uploads
Derek Jonesf4a4bd82011-10-20 12:18:42 -0500[diff] [blame]35 * @author EllisLab Dev Team
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]36 * @link http://codeigniter.com/user_guide/libraries/file_uploading.html
37 */
38class CI_Upload {
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]39
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]40 public $max_size = 0;
41 public $max_width = 0;
42 public $max_height = 0;
43 public $max_filename = 0;
Adam Jackettccbbea12011-08-21 16:19:11 -0400[diff] [blame]44 public $max_filename_increment = 100;
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]45 public $allowed_types = '';
46 public $file_temp = '';
47 public $file_name = '';
48 public $orig_name = '';
49 public $file_type = '';
50 public $file_size = '';
51 public $file_ext = '';
52 public $upload_path = '';
53 public $overwrite = FALSE;
54 public $encrypt_name = FALSE;
55 public $is_image = FALSE;
56 public $image_width = '';
57 public $image_height = '';
58 public $image_type = '';
59 public $image_size_str = '';
60 public $error_msg = array();
61 public $mimes = array();
62 public $remove_spaces = TRUE;
Andrey Andreevd60e7002012-06-17 00:03:03 +0300[diff] [blame]63 public $detect_mime = TRUE;
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]64 public $xss_clean = FALSE;
65 public $temp_prefix = 'temp_file_';
66 public $client_name = '';
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]67
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]68 protected $_file_name_override = '';
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]69
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]70 /**
71 * Constructor
72 *
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]73 * @param array
74 * @return void
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]75 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]76 public function __construct($props = array())
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]77 {
78 if (count($props) > 0)
79 {
80 $this->initialize($props);
81 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]82
Andrey Andreev6ef498b2012-06-05 22:01:58 +0300[diff] [blame]83 $this->mimes =& get_mimes();
84
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]85 log_message('debug', 'Upload Class Initialized');
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]86 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]87
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]88 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]89
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]90 /**
91 * Initialize preferences
92 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]93 * @param array
94 * @return void
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]95 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]96 public function initialize($config = array())
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]97 {
98 $defaults = array(
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]99 'max_size' => 0,
100 'max_width' => 0,
101 'max_height' => 0,
102 'max_filename' => 0,
103 'max_filename_increment' => 100,
104 'allowed_types' => '',
105 'file_temp' => '',
106 'file_name' => '',
107 'orig_name' => '',
108 'file_type' => '',
109 'file_size' => '',
110 'file_ext' => '',
111 'upload_path' => '',
112 'overwrite' => FALSE,
113 'encrypt_name' => FALSE,
114 'is_image' => FALSE,
115 'image_width' => '',
116 'image_height' => '',
117 'image_type' => '',
118 'image_size_str' => '',
119 'error_msg' => array(),
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]120 'remove_spaces' => TRUE,
Andrey Andreevd60e7002012-06-17 00:03:03 +0300[diff] [blame]121 'detect_mime' => TRUE,
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]122 'xss_clean' => FALSE,
123 'temp_prefix' => 'temp_file_',
124 'client_name' => ''
125 );
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]126
127
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]128 foreach ($defaults as $key => $val)
129 {
130 if (isset($config[$key]))
131 {
132 $method = 'set_'.$key;
133 if (method_exists($this, $method))
134 {
135 $this->$method($config[$key]);
136 }
137 else
138 {
139 $this->$key = $config[$key];
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]140 }
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]141 }
142 else
143 {
144 $this->$key = $val;
145 }
146 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]147
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]148 // if a file_name was provided in the config, use it instead of the user input
149 // supplied file name for all uploads until initialized again
150 $this->_file_name_override = $this->file_name;
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]151 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]152
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]153 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]154
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]155 /**
156 * Perform the file upload
157 *
Andrey Andreev5fd3ae82012-10-24 14:55:35 +0300[diff] [blame]158 * @param string $field = 'userfile'
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]159 * @return bool
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]160 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]161 public function do_upload($field = 'userfile')
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]162 {
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]163 // Is $_FILES[$field] set? If not, no reason to continue.
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]164 if ( ! isset($_FILES[$field]))
165 {
166 $this->set_error('upload_no_file_selected');
167 return FALSE;
168 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]169
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]170 // Is the upload path valid?
171 if ( ! $this->validate_upload_path())
172 {
173 // errors will already be set by validate_upload_path() so just return FALSE
174 return FALSE;
175 }
176
177 // Was the file able to be uploaded? If not, determine the reason why.
178 if ( ! is_uploaded_file($_FILES[$field]['tmp_name']))
179 {
180 $error = ( ! isset($_FILES[$field]['error'])) ? 4 : $_FILES[$field]['error'];
181
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]182 switch ($error)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]183 {
184 case 1: // UPLOAD_ERR_INI_SIZE
185 $this->set_error('upload_file_exceeds_limit');
186 break;
187 case 2: // UPLOAD_ERR_FORM_SIZE
188 $this->set_error('upload_file_exceeds_form_limit');
189 break;
190 case 3: // UPLOAD_ERR_PARTIAL
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]191 $this->set_error('upload_file_partial');
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]192 break;
193 case 4: // UPLOAD_ERR_NO_FILE
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]194 $this->set_error('upload_no_file_selected');
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]195 break;
196 case 6: // UPLOAD_ERR_NO_TMP_DIR
197 $this->set_error('upload_no_temp_directory');
198 break;
199 case 7: // UPLOAD_ERR_CANT_WRITE
200 $this->set_error('upload_unable_to_write_file');
201 break;
202 case 8: // UPLOAD_ERR_EXTENSION
203 $this->set_error('upload_stopped_by_extension');
204 break;
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]205 default:
206 $this->set_error('upload_no_file_selected');
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]207 break;
208 }
209
210 return FALSE;
211 }
212
213 // Set the uploaded data as class variables
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]214 $this->file_temp = $_FILES[$field]['tmp_name'];
215 $this->file_size = $_FILES[$field]['size'];
Andrey Andreevd60e7002012-06-17 00:03:03 +0300[diff] [blame]216
217 // Skip MIME type detection?
218 if ($this->detect_mime !== FALSE)
219 {
220 $this->_file_mime_type($_FILES[$field]);
221 }
222
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]223 $this->file_type = preg_replace('/^(.+?);.*$/', '\\1', $this->file_type);
Derek Jones616fb022010-04-22 16:52:18 -0500[diff] [blame]224 $this->file_type = strtolower(trim(stripslashes($this->file_type), '"'));
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]225 $this->file_name = $this->_prep_filename($_FILES[$field]['name']);
226 $this->file_ext = $this->get_extension($this->file_name);
227 $this->client_name = $this->file_name;
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]228
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]229 // Is the file type allowed to be uploaded?
230 if ( ! $this->is_allowed_filetype())
231 {
232 $this->set_error('upload_invalid_filetype');
233 return FALSE;
234 }
235
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]236 // if we're overriding, let's now make sure the new name and type is allowed
Alex Bilbied261b1e2012-06-02 11:12:16 +0100[diff] [blame]237 if ($this->_file_name_override !== '')
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]238 {
239 $this->file_name = $this->_prep_filename($this->_file_name_override);
Phil Sturgeon1e74da22010-12-15 10:45:06 +0000[diff] [blame]240
241 // If no extension was provided in the file_name config item, use the uploaded one
Pascal Kriete14287f32011-02-14 13:39:34 -0500[diff] [blame]242 if (strpos($this->_file_name_override, '.') === FALSE)
Phil Sturgeon1e74da22010-12-15 10:45:06 +0000[diff] [blame]243 {
244 $this->file_name .= $this->file_ext;
245 }
Phil Sturgeon1e74da22010-12-15 10:45:06 +0000[diff] [blame]246 else
247 {
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]248 // An extension was provided, lets have it!
249 $this->file_ext = $this->get_extension($this->_file_name_override);
Phil Sturgeon1e74da22010-12-15 10:45:06 +0000[diff] [blame]250 }
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]251
252 if ( ! $this->is_allowed_filetype(TRUE))
253 {
254 $this->set_error('upload_invalid_filetype');
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]255 return FALSE;
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]256 }
257 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]258
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]259 // Convert the file size to kilobytes
260 if ($this->file_size > 0)
261 {
262 $this->file_size = round($this->file_size/1024, 2);
263 }
264
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]265 // Is the file size within the allowed maximum?
266 if ( ! $this->is_allowed_filesize())
267 {
268 $this->set_error('upload_invalid_filesize');
269 return FALSE;
270 }
271
272 // Are the image dimensions within the allowed size?
273 // Note: This can fail if the server has an open_basdir restriction.
274 if ( ! $this->is_allowed_dimensions())
275 {
276 $this->set_error('upload_invalid_dimensions');
277 return FALSE;
278 }
279
280 // Sanitize the file name for security
281 $this->file_name = $this->clean_file_name($this->file_name);
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]282
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]283 // Truncate the file name if it's too long
284 if ($this->max_filename > 0)
285 {
286 $this->file_name = $this->limit_filename_length($this->file_name, $this->max_filename);
287 }
288
289 // Remove white spaces in the name
Alex Bilbied261b1e2012-06-02 11:12:16 +0100[diff] [blame]290 if ($this->remove_spaces === TRUE)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]291 {
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]292 $this->file_name = preg_replace('/\s+/', '_', $this->file_name);
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]293 }
294
295 /*
296 * Validate the file name
297 * This function appends an number onto the end of
298 * the file if one with the same name already exists.
299 * If it returns false there was a problem.
300 */
301 $this->orig_name = $this->file_name;
302
Alex Bilbied261b1e2012-06-02 11:12:16 +0100[diff] [blame]303 if ($this->overwrite === FALSE)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]304 {
305 $this->file_name = $this->set_filename($this->upload_path, $this->file_name);
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]306
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]307 if ($this->file_name === FALSE)
308 {
309 return FALSE;
310 }
311 }
312
313 /*
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]314 * Run the file through the XSS hacking filter
315 * This helps prevent malicious code from being
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]316 * embedded within a file. Scripts can easily
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]317 * be disguised as images or other file types.
318 */
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]319 if ($this->xss_clean && $this->do_xss_clean() === FALSE)
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]320 {
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]321 $this->set_error('upload_unable_to_write_file');
322 return FALSE;
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]323 }
324
325 /*
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]326 * Move the file to the final destination
327 * To deal with different server configurations
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]328 * we'll attempt to use copy() first. If that fails
329 * we'll use move_uploaded_file(). One of the two should
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]330 * reliably work in most environments
331 */
332 if ( ! @copy($this->file_temp, $this->upload_path.$this->file_name))
333 {
334 if ( ! @move_uploaded_file($this->file_temp, $this->upload_path.$this->file_name))
335 {
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]336 $this->set_error('upload_destination_error');
337 return FALSE;
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]338 }
339 }
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]340
341 /*
342 * Set the finalized image dimensions
343 * This sets the image width/height (assuming the
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]344 * file was an image). We use this information
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]345 * in the "data" function.
346 */
347 $this->set_image_properties($this->upload_path.$this->file_name);
348
349 return TRUE;
350 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]351
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]352 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]353
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]354 /**
355 * Finalized Data Array
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]356 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]357 * Returns an associative array containing all of the information
358 * related to the upload, allowing the developer easy access in one array.
359 *
Michiel Vugteveendca9f232012-06-11 09:17:14 +0200[diff] [blame]360 * @param string
Michiel Vugteveen0ee287e2012-06-11 10:38:14 +0200[diff] [blame]361 * @return mixed
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]362 */
Michiel Vugteveendca9f232012-06-11 09:17:14 +0200[diff] [blame]363 public function data($index = NULL)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]364 {
Michiel Vugteveendca9f232012-06-11 09:17:14 +0200[diff] [blame]365 $data = array(
Michiel Vugteveen3a7fb042012-06-11 09:29:16 +0200[diff] [blame]366 'file_name' => $this->file_name,
367 'file_type' => $this->file_type,
368 'file_path' => $this->upload_path,
369 'full_path' => $this->upload_path.$this->file_name,
370 'raw_name' => str_replace($this->file_ext, '', $this->file_name),
371 'orig_name' => $this->orig_name,
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]372 'client_name' => $this->client_name,
Michiel Vugteveen3a7fb042012-06-11 09:29:16 +0200[diff] [blame]373 'file_ext' => $this->file_ext,
374 'file_size' => $this->file_size,
375 'is_image' => $this->is_image(),
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]376 'image_width' => $this->image_width,
377 'image_height' => $this->image_height,
378 'image_type' => $this->image_type,
379 'image_size_str' => $this->image_size_str,
380 );
Michiel Vugteveendca9f232012-06-11 09:17:14 +0200[diff] [blame]381
Michiel Vugteveen46a04292012-06-11 10:37:52 +0200[diff] [blame]382 if ( ! empty($index))
Michiel Vugteveendca9f232012-06-11 09:17:14 +0200[diff] [blame]383 {
Michiel Vugteveen46a04292012-06-11 10:37:52 +0200[diff] [blame]384 return isset($data[$index]) ? $data[$index] : NULL;
Michiel Vugteveendca9f232012-06-11 09:17:14 +0200[diff] [blame]385 }
386
Michiel Vugteveen46a04292012-06-11 10:37:52 +0200[diff] [blame]387 return $data;
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]388 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]389
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]390 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]391
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]392 /**
393 * Set Upload Path
394 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]395 * @param string
396 * @return void
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]397 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]398 public function set_upload_path($path)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]399 {
400 // Make sure it has a trailing slash
401 $this->upload_path = rtrim($path, '/').'/';
402 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]403
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]404 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]405
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]406 /**
407 * Set the file name
408 *
409 * This function takes a filename/path as input and looks for the
410 * existence of a file with the same name. If found, it will append a
411 * number to the end of the filename to avoid overwriting a pre-existing file.
412 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]413 * @param string
414 * @param string
415 * @return string
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]416 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]417 public function set_filename($path, $filename)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]418 {
Alex Bilbied261b1e2012-06-02 11:12:16 +0100[diff] [blame]419 if ($this->encrypt_name === TRUE)
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]420 {
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]421 mt_srand();
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]422 $filename = md5(uniqid(mt_rand())).$this->file_ext;
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]423 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]424
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]425 if ( ! file_exists($path.$filename))
426 {
427 return $filename;
428 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]429
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]430 $filename = str_replace($this->file_ext, '', $filename);
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]431
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]432 $new_filename = '';
Adam Jackettccbbea12011-08-21 16:19:11 -0400[diff] [blame]433 for ($i = 1; $i < $this->max_filename_increment; $i++)
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]434 {
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]435 if ( ! file_exists($path.$filename.$i.$this->file_ext))
436 {
437 $new_filename = $filename.$i.$this->file_ext;
438 break;
439 }
440 }
441
Alex Bilbied261b1e2012-06-02 11:12:16 +0100[diff] [blame]442 if ($new_filename === '')
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]443 {
444 $this->set_error('upload_bad_filename');
445 return FALSE;
446 }
447 else
448 {
449 return $new_filename;
450 }
451 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]452
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]453 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]454
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]455 /**
456 * Set Maximum File Size
457 *
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]458 * @param int
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]459 * @return void
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]460 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]461 public function set_max_filesize($n)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]462 {
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]463 $this->max_size = ((int) $n < 0) ? 0 : (int) $n;
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]464 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]465
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]466 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]467
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]468 /**
469 * Set Maximum File Name Length
470 *
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]471 * @param int
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]472 * @return void
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]473 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]474 public function set_max_filename($n)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]475 {
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]476 $this->max_filename = ((int) $n < 0) ? 0 : (int) $n;
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]477 }
478
479 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]480
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]481 /**
482 * Set Maximum Image Width
483 *
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]484 * @param int
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]485 * @return void
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]486 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]487 public function set_max_width($n)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]488 {
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]489 $this->max_width = ((int) $n < 0) ? 0 : (int) $n;
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]490 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]491
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]492 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]493
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]494 /**
495 * Set Maximum Image Height
496 *
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]497 * @param int
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]498 * @return void
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]499 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]500 public function set_max_height($n)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]501 {
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]502 $this->max_height = ((int) $n < 0) ? 0 : (int) $n;
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]503 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]504
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]505 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]506
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]507 /**
508 * Set Allowed File Types
509 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]510 * @param string
511 * @return void
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]512 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]513 public function set_allowed_types($types)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]514 {
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]515 if ( ! is_array($types) && $types === '*')
Derek Jonese12f64e2010-03-02 22:55:08 -0600[diff] [blame]516 {
517 $this->allowed_types = '*';
518 return;
519 }
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]520 $this->allowed_types = explode('|', $types);
521 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]522
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]523 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]524
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]525 /**
526 * Set Image Properties
527 *
528 * Uses GD to determine the width/height/type of image
529 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]530 * @param string
531 * @return void
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]532 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]533 public function set_image_properties($path = '')
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]534 {
535 if ( ! $this->is_image())
536 {
537 return;
538 }
539
540 if (function_exists('getimagesize'))
541 {
542 if (FALSE !== ($D = @getimagesize($path)))
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]543 {
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]544 $types = array(1 => 'gif', 2 => 'jpeg', 3 => 'png');
545
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]546 $this->image_width = $D[0];
547 $this->image_height = $D[1];
548 $this->image_type = isset($types[$D[2]]) ? $types[$D[2]] : 'unknown';
549 $this->image_size_str = $D[3]; // string containing height and width
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]550 }
551 }
552 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]553
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]554 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]555
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]556 /**
557 * Set XSS Clean
558 *
559 * Enables the XSS flag so that the file that was uploaded
560 * will be run through the XSS filter.
561 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]562 * @param bool
563 * @return void
564 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]565 public function set_xss_clean($flag = FALSE)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]566 {
Alex Bilbied261b1e2012-06-02 11:12:16 +0100[diff] [blame]567 $this->xss_clean = ($flag === TRUE);
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]568 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]569
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]570 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]571
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]572 /**
573 * Validate the image
574 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]575 * @return bool
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]576 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]577 public function is_image()
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]578 {
579 // IE will sometimes return odd mime-types during upload, so here we just standardize all
580 // jpegs or pngs to the same file type.
581
Derek Jones4b9c6292011-07-01 17:40:48 -0500[diff] [blame]582 $png_mimes = array('image/x-png');
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]583 $jpeg_mimes = array('image/jpg', 'image/jpe', 'image/jpeg', 'image/pjpeg');
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]584
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]585 if (in_array($this->file_type, $png_mimes))
586 {
587 $this->file_type = 'image/png';
588 }
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]589 elseif (in_array($this->file_type, $jpeg_mimes))
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]590 {
591 $this->file_type = 'image/jpeg';
592 }
593
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]594 $img_mimes = array('image/gif', 'image/jpeg', 'image/png');
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]595
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]596 return in_array($this->file_type, $img_mimes, TRUE);
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]597 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]598
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]599 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]600
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]601 /**
602 * Verify that the filetype is allowed
603 *
Andrey Andreev6ca407e2012-03-01 15:33:21 +0200[diff] [blame]604 * @param bool
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]605 * @return bool
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]606 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]607 public function is_allowed_filetype($ignore_mime = FALSE)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]608 {
Andrey Andreev6ca407e2012-03-01 15:33:21 +0200[diff] [blame]609 if ($this->allowed_types === '*')
Derek Jonese12f64e2010-03-02 22:55:08 -0600[diff] [blame]610 {
611 return TRUE;
612 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]613
Andrey Andreev6ca407e2012-03-01 15:33:21 +0200[diff] [blame]614 if ( ! is_array($this->allowed_types) OR count($this->allowed_types) === 0)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]615 {
616 $this->set_error('upload_no_file_types');
617 return FALSE;
618 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]619
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]620 $ext = strtolower(ltrim($this->file_ext, '.'));
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]621
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]622 if ( ! in_array($ext, $this->allowed_types))
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]623 {
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]624 return FALSE;
625 }
Derek Jonesafa282f2009-02-10 17:11:52 +0000[diff] [blame]626
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]627 // Images get some additional checks
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]628 $image_types = array('gif', 'jpg', 'jpeg', 'png', 'jpe');
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]629
Andrey Andreev6ca407e2012-03-01 15:33:21 +0200[diff] [blame]630 if (in_array($ext, $image_types) && @getimagesize($this->file_temp) === FALSE)
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]631 {
Andrey Andreev6ca407e2012-03-01 15:33:21 +0200[diff] [blame]632 return FALSE;
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]633 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]634
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]635 if ($ignore_mime === TRUE)
636 {
637 return TRUE;
638 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]639
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]640 $mime = $this->mimes_types($ext);
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]641
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]642 if (is_array($mime) && in_array($this->file_type, $mime, TRUE))
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]643 {
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]644 return TRUE;
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]645 }
Andrey Andreev6ca407e2012-03-01 15:33:21 +0200[diff] [blame]646 elseif ($mime === $this->file_type)
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]647 {
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]648 return TRUE;
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]649 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]650
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]651 return FALSE;
652 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]653
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]654 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]655
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]656 /**
657 * Verify that the file is within the allowed size
658 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]659 * @return bool
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]660 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]661 public function is_allowed_filesize()
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]662 {
Alex Bilbied261b1e2012-06-02 11:12:16 +0100[diff] [blame]663 return ($this->max_size === 0 OR $this->max_size > $this->file_size);
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]664 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]665
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]666 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]667
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]668 /**
669 * Verify that the image is within the allowed width/height
670 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]671 * @return bool
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]672 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]673 public function is_allowed_dimensions()
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]674 {
675 if ( ! $this->is_image())
676 {
677 return TRUE;
678 }
679
680 if (function_exists('getimagesize'))
681 {
682 $D = @getimagesize($this->file_temp);
683
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]684 if ($this->max_width > 0 && $D[0] > $this->max_width)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]685 {
686 return FALSE;
687 }
688
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]689 if ($this->max_height > 0 && $D[1] > $this->max_height)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]690 {
691 return FALSE;
692 }
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]693 }
694
695 return TRUE;
696 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]697
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]698 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]699
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]700 /**
701 * Validate Upload Path
702 *
703 * Verifies that it is a valid upload path with proper permissions.
704 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]705 * @return bool
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]706 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]707 public function validate_upload_path()
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]708 {
Alex Bilbied261b1e2012-06-02 11:12:16 +0100[diff] [blame]709 if ($this->upload_path === '')
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]710 {
711 $this->set_error('upload_no_filepath');
712 return FALSE;
713 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]714
Andrey Andreevc839d282012-06-07 14:35:27 +0300[diff] [blame]715 if (@realpath($this->upload_path) !== FALSE)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]716 {
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]717 $this->upload_path = str_replace('\\', '/', realpath($this->upload_path));
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]718 }
719
720 if ( ! @is_dir($this->upload_path))
721 {
722 $this->set_error('upload_no_filepath');
723 return FALSE;
724 }
725
726 if ( ! is_really_writable($this->upload_path))
727 {
728 $this->set_error('upload_not_writable');
729 return FALSE;
730 }
731
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]732 $this->upload_path = preg_replace('/(.+?)\/*$/', '\\1/', $this->upload_path);
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]733 return TRUE;
734 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]735
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]736 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]737
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]738 /**
739 * Extract the file extension
740 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]741 * @param string
742 * @return string
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]743 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]744 public function get_extension($filename)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]745 {
746 $x = explode('.', $filename);
Andrey Andreev46d53fb2012-05-11 13:42:24 +0300[diff] [blame]747 return (count($x) !== 1) ? '.'.end($x) : '';
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]748 }
749
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]750 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]751
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]752 /**
753 * Clean the file name for security
754 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]755 * @param string
756 * @return string
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]757 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]758 public function clean_file_name($filename)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]759 {
760 $bad = array(
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]761 '<!--', '-->',
762 "'", '"',
763 '<', '>',
764 '&', '$',
765 '=',
766 ';',
767 '?',
768 '/',
Andrey Andreev470805b2012-05-24 21:57:21 +0300[diff] [blame]769 '!',
770 '#',
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]771 '%20',
772 '%22',
773 '%3c', // <
774 '%253c', // <
775 '%3e', // >
776 '%0e', // >
777 '%28', // (
778 '%29', // )
779 '%2528', // (
780 '%26', // &
781 '%24', // $
782 '%3f', // ?
783 '%3b', // ;
784 '%3d' // =
785 );
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]786
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]787 return stripslashes(str_replace($bad, '', $filename));
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]788 }
789
790 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]791
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]792 /**
793 * Limit the File Name Length
794 *
Andrey Andreev5fd3ae82012-10-24 14:55:35 +0300[diff] [blame]795 * @param string $filename
796 * @param int $length
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]797 * @return string
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]798 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]799 public function limit_filename_length($filename, $length)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]800 {
801 if (strlen($filename) < $length)
802 {
803 return $filename;
804 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]805
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]806 $ext = '';
807 if (strpos($filename, '.') !== FALSE)
808 {
809 $parts = explode('.', $filename);
810 $ext = '.'.array_pop($parts);
811 $filename = implode('.', $parts);
812 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]813
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]814 return substr($filename, 0, ($length - strlen($ext))).$ext;
815 }
816
817 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]818
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]819 /**
820 * Runs the file through the XSS clean function
821 *
822 * This prevents people from embedding malicious code in their files.
823 * I'm not sure that it won't negatively affect certain files in unexpected ways,
824 * but so far I haven't found that it causes trouble.
825 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]826 * @return void
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]827 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]828 public function do_xss_clean()
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]829 {
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]830 $file = $this->file_temp;
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]831
Andrey Andreev5036c9c2012-06-04 15:34:56 +0300[diff] [blame]832 if (filesize($file) == 0)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]833 {
834 return FALSE;
835 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]836
Andrey Andreevc839d282012-06-07 14:35:27 +0300[diff] [blame]837 if (memory_get_usage() && ($memory_limit = ini_get('memory_limit')))
Greg Akerf82e51c2010-04-14 19:33:50 -0500[diff] [blame]838 {
Andrey Andreevc839d282012-06-07 14:35:27 +0300[diff] [blame]839 $memory_limit *= 1024 * 1024;
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]840
Greg Akerc78a2592010-06-09 11:45:32 -0500[diff] [blame]841 // There was a bug/behavioural change in PHP 5.2, where numbers over one million get output
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]842 // into scientific notation. number_format() ensures this number is an integer
Greg Akerc78a2592010-06-09 11:45:32 -0500[diff] [blame]843 // http://bugs.php.net/bug.php?id=43053
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]844
Andrey Andreevc839d282012-06-07 14:35:27 +0300[diff] [blame]845 $memory_limit = number_format(ceil(filesize($file) + $memory_limit), 0, '.', '');
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]846
Andrey Andreevc839d282012-06-07 14:35:27 +0300[diff] [blame]847 ini_set('memory_limit', $memory_limit); // When an integer is used, the value is measured in bytes. - PHP.net
Greg Akerf82e51c2010-04-14 19:33:50 -0500[diff] [blame]848 }
849
850 // If the file being uploaded is an image, then we should have no problem with XSS attacks (in theory), but
851 // IE can be fooled into mime-type detecting a malformed image as an html file, thus executing an XSS attack on anyone
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]852 // using IE who looks at the image. It does this by inspecting the first 255 bytes of an image. To get around this
853 // CI will itself look at the first 255 bytes of an image to determine its relative safety. This can save a lot of
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]854 // processor power and time if it is actually a clean image, as it will be in nearly all instances _except_ an
Greg Akerf82e51c2010-04-14 19:33:50 -0500[diff] [blame]855 // attempted XSS attack.
856
857 if (function_exists('getimagesize') && @getimagesize($file) !== FALSE)
858 {
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]859 if (($file = @fopen($file, 'rb')) === FALSE) // "b" to force binary
860 {
Greg Akerf82e51c2010-04-14 19:33:50 -0500[diff] [blame]861 return FALSE; // Couldn't open the file, return FALSE
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]862 }
Greg Akerf82e51c2010-04-14 19:33:50 -0500[diff] [blame]863
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]864 $opening_bytes = fread($file, 256);
865 fclose($file);
Greg Akerf82e51c2010-04-14 19:33:50 -0500[diff] [blame]866
867 // These are known to throw IE into mime-type detection chaos
868 // <a, <body, <head, <html, <img, <plaintext, <pre, <script, <table, <title
869 // title is basically just in SVG, but we filter it anyhow
870
Andrey Andreevc839d282012-06-07 14:35:27 +0300[diff] [blame]871 // if its an image or no "triggers" detected in the first 256 bytes - we're good
872 return ! preg_match('/<(a|body|head|html|img|plaintext|pre|script|table|title)[\s>]/i', $opening_bytes);
Greg Akerf82e51c2010-04-14 19:33:50 -0500[diff] [blame]873 }
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]874
875 if (($data = @file_get_contents($file)) === FALSE)
876 {
877 return FALSE;
878 }
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]879
Greg Akerf82e51c2010-04-14 19:33:50 -0500[diff] [blame]880 $CI =& get_instance();
Greg Akerf82e51c2010-04-14 19:33:50 -0500[diff] [blame]881 return $CI->security->xss_clean($data, TRUE);
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]882 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]883
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]884 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]885
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]886 /**
887 * Set an error message
888 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]889 * @param string
890 * @return void
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]891 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]892 public function set_error($msg)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]893 {
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]894 $CI =& get_instance();
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]895 $CI->lang->load('upload');
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]896
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]897 if (is_array($msg))
898 {
899 foreach ($msg as $val)
900 {
Alex Bilbied261b1e2012-06-02 11:12:16 +0100[diff] [blame]901 $msg = ($CI->lang->line($val) === FALSE) ? $val : $CI->lang->line($val);
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]902 $this->error_msg[] = $msg;
903 log_message('error', $msg);
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]904 }
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]905 }
906 else
907 {
Alex Bilbied261b1e2012-06-02 11:12:16 +0100[diff] [blame]908 $msg = ($CI->lang->line($msg) === FALSE) ? $msg : $CI->lang->line($msg);
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]909 $this->error_msg[] = $msg;
910 log_message('error', $msg);
911 }
912 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]913
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]914 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]915
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]916 /**
917 * Display the error message
918 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]919 * @param string
920 * @param string
921 * @return string
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]922 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]923 public function display_errors($open = '<p>', $close = '</p>')
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]924 {
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]925 return (count($this->error_msg) > 0) ? $open.implode($close.$open, $this->error_msg).$close : '';
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]926 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]927
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]928 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]929
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]930 /**
931 * List of Mime Types
932 *
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]933 * This is a list of mime types. We use it to validate
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]934 * the "allowed types" set by the developer
935 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]936 * @param string
937 * @return string
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]938 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]939 public function mimes_types($mime)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]940 {
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]941 return isset($this->mimes[$mime]) ? $this->mimes[$mime] : FALSE;
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]942 }
943
944 // --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]945
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]946 /**
947 * Prep Filename
948 *
949 * Prevents possible script execution from Apache's handling of files multiple extensions
950 * http://httpd.apache.org/docs/1.3/mod/mod_mime.html#multipleext
951 *
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]952 * @param string
953 * @return string
954 */
Greg Aker58fdee82010-11-10 15:07:09 -0600[diff] [blame]955 protected function _prep_filename($filename)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]956 {
Alex Bilbied261b1e2012-06-02 11:12:16 +0100[diff] [blame]957 if (strpos($filename, '.') === FALSE OR $this->allowed_types === '*')
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]958 {
959 return $filename;
960 }
Derek Allard616dab82009-02-16 15:44:32 +0000[diff] [blame]961
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]962 $parts = explode('.', $filename);
963 $ext = array_pop($parts);
964 $filename = array_shift($parts);
Derek Allard616dab82009-02-16 15:44:32 +0000[diff] [blame]965
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]966 foreach ($parts as $part)
967 {
Derek Jonese9d723f2010-07-12 10:10:59 -0500[diff] [blame]968 if ( ! in_array(strtolower($part), $this->allowed_types) OR $this->mimes_types(strtolower($part)) === FALSE)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]969 {
970 $filename .= '.'.$part.'_';
971 }
972 else
973 {
974 $filename .= '.'.$part;
975 }
976 }
Derek Allardd70b0642009-02-16 13:51:42 +0000[diff] [blame]977
Andrey Andreev8e6f7a92012-03-26 20:13:00 +0300[diff] [blame]978 return $filename.'.'.$ext;
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]979 }
980
981 // --------------------------------------------------------------------
982
Andrey Andreev3a3c9472011-09-24 14:25:33 +0300[diff] [blame]983 /**
984 * File MIME type
985 *
986 * Detects the (actual) MIME type of the uploaded file, if possible.
987 * The input array is expected to be $_FILES[$field]
988 *
989 * @param array
990 * @return void
991 */
992 protected function _file_mime_type($file)
993 {
Andrey Andreeva49e3812011-12-09 13:05:22 +0200[diff] [blame]994 // We'll need this to validate the MIME info string (e.g. text/plain; charset=us-ascii)
Andrey Andreevf7aed122011-12-13 11:01:06 +0200[diff] [blame]995 $regexp = '/^([a-z\-]+\/[a-z0-9\-\.\+]+)(;\s.+)?$/';
Andrey Andreeva49e3812011-12-09 13:05:22 +0200[diff] [blame]996
997 /* Fileinfo extension - most reliable method
998 *
999 * Unfortunately, prior to PHP 5.3 - it's only available as a PECL extension and the
1000 * more convenient FILEINFO_MIME_TYPE flag doesn't exist.
1001 */
1002 if (function_exists('finfo_file'))
Andrey Andreev3a3c9472011-09-24 14:25:33 +0300[diff] [blame]1003 {
Andrey Andreevd60e7002012-06-17 00:03:03 +0300[diff] [blame]1004 $finfo = @finfo_open(FILEINFO_MIME);
Andrey Andreeva49e3812011-12-09 13:05:22 +0200[diff] [blame]1005 if (is_resource($finfo)) // It is possible that a FALSE value is returned, if there is no magic MIME database file found on the system
Andrey Andreev3a3c9472011-09-24 14:25:33 +0300[diff] [blame]1006 {
Andrey Andreeva49e3812011-12-09 13:05:22 +0200[diff] [blame]1007 $mime = @finfo_file($finfo, $file['tmp_name']);
1008 finfo_close($finfo);
Andrey Andreev3a3c9472011-09-24 14:25:33 +0300[diff] [blame]1009
1010 /* According to the comments section of the PHP manual page,
1011 * it is possible that this function returns an empty string
Andrey Andreev2cec39f2011-09-24 22:59:37 +0300[diff] [blame]1012 * for some files (e.g. if they don't exist in the magic MIME database)
Andrey Andreev3a3c9472011-09-24 14:25:33 +0300[diff] [blame]1013 */
Andrey Andreeva49e3812011-12-09 13:05:22 +0200[diff] [blame]1014 if (is_string($mime) && preg_match($regexp, $mime, $matches))
Andrey Andreev3a3c9472011-09-24 14:25:33 +0300[diff] [blame]1015 {
Andrey Andreeva49e3812011-12-09 13:05:22 +0200[diff] [blame]1016 $this->file_type = $matches[1];
Andrey Andreev3a3c9472011-09-24 14:25:33 +0300[diff] [blame]1017 return;
1018 }
1019 }
1020 }
1021
Andrey Andreeva49e3812011-12-09 13:05:22 +0200[diff] [blame]1022 /* This is an ugly hack, but UNIX-type systems provide a "native" way to detect the file type,
1023 * which is still more secure than depending on the value of $_FILES[$field]['type'], and as it
1024 * was reported in issue #750 (https://github.com/EllisLab/CodeIgniter/issues/750) - it's better
1025 * than mime_content_type() as well, hence the attempts to try calling the command line with
1026 * three different functions.
Andrey Andreev6700b932011-09-24 14:25:33 +0300[diff] [blame]1027 *
1028 * Notes:
Andrey Andreev59654312011-12-02 14:28:54 +0200[diff] [blame]1029 * - the DIRECTORY_SEPARATOR comparison ensures that we're not on a Windows system
Andrey Andreeva49e3812011-12-09 13:05:22 +0200[diff] [blame]1030 * - many system admins would disable the exec(), shell_exec(), popen() and similar functions
1031 * due to security concerns, hence the function_exists() checks
Andrey Andreev6700b932011-09-24 14:25:33 +0300[diff] [blame]1032 */
Andrey Andreeva49e3812011-12-09 13:05:22 +0200[diff] [blame]1033 if (DIRECTORY_SEPARATOR !== '\\')
Andrey Andreev6700b932011-09-24 14:25:33 +0300[diff] [blame]1034 {
Andrey Andreevd60e7002012-06-17 00:03:03 +0300[diff] [blame]1035 $cmd = function_exists('escapeshellarg')
1036 ? 'file --brief --mime '.escapeshellarg($file['tmp_name']).' 2>&1'
1037 : 'file --brief --mime '.$file['tmp_name'].' 2>&1';
Andrey Andreeva49e3812011-12-09 13:05:22 +0200[diff] [blame]1038
1039 if (function_exists('exec'))
Andrey Andreev6700b932011-09-24 14:25:33 +0300[diff] [blame]1040 {
Andrey Andreeva49e3812011-12-09 13:05:22 +0200[diff] [blame]1041 /* This might look confusing, as $mime is being populated with all of the output when set in the second parameter.
1042 * However, we only neeed the last line, which is the actual return value of exec(), and as such - it overwrites
1043 * anything that could already be set for $mime previously. This effectively makes the second parameter a dummy
1044 * value, which is only put to allow us to get the return status code.
1045 */
1046 $mime = @exec($cmd, $mime, $return_status);
1047 if ($return_status === 0 && is_string($mime) && preg_match($regexp, $mime, $matches))
1048 {
1049 $this->file_type = $matches[1];
1050 return;
1051 }
1052 }
1053
1054 if ( (bool) @ini_get('safe_mode') === FALSE && function_exists('shell_exec'))
1055 {
1056 $mime = @shell_exec($cmd);
1057 if (strlen($mime) > 0)
1058 {
1059 $mime = explode("\n", trim($mime));
1060 if (preg_match($regexp, $mime[(count($mime) - 1)], $matches))
1061 {
1062 $this->file_type = $matches[1];
1063 return;
1064 }
1065 }
1066 }
1067
1068 if (function_exists('popen'))
1069 {
1070 $proc = @popen($cmd, 'r');
1071 if (is_resource($proc))
1072 {
tubalmartin010f1f42012-03-03 22:24:31 +0100[diff] [blame]1073 $mime = @fread($proc, 512);
Andrey Andreeva49e3812011-12-09 13:05:22 +0200[diff] [blame]1074 @pclose($proc);
1075 if ($mime !== FALSE)
1076 {
1077 $mime = explode("\n", trim($mime));
1078 if (preg_match($regexp, $mime[(count($mime) - 1)], $matches))
1079 {
1080 $this->file_type = $matches[1];
1081 return;
1082 }
1083 }
1084 }
1085 }
1086 }
1087
1088 // Fall back to the deprecated mime_content_type(), if available (still better than $_FILES[$field]['type'])
Andrey Andreev3a3c9472011-09-24 14:25:33 +0300[diff] [blame]1089 if (function_exists('mime_content_type'))
1090 {
1091 $this->file_type = @mime_content_type($file['tmp_name']);
Andrey Andreeva49e3812011-12-09 13:05:22 +0200[diff] [blame]1092 if (strlen($this->file_type) > 0) // It's possible that mime_content_type() returns FALSE or an empty string
Andrey Andreev3a3c9472011-09-24 14:25:33 +0300[diff] [blame]1093 {
Andrey Andreev3a3c9472011-09-24 14:25:33 +0300[diff] [blame]1094 return;
1095 }
1096 }
1097
1098 $this->file_type = $file['type'];
1099 }
1100
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]1101}
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]1102
1103/* End of file Upload.php */
Andrey Andreev56454792012-05-17 14:32:19 +0300[diff] [blame]1104/* Location: ./system/libraries/Upload.php */