?
GR0V Shell
GR0V shell
Linux www.koreapackagetour.com 2.6.32-042stab145.3 #1 SMP Thu Jun 11 14:05:04 MSK 2020 x86_64
<?php
/**
* @copyright Copyright (C) 2005 - 2013 Open Source Matters, Inc. All rights reserved.
* @license GNU General Public License version 2 or later; see LICENSE.txt
*/
// No direct access
defined('_JEXEC') or die;
jimport('joomla.filesystem.file');
jimport('joomla.filesystem.folder');
/**
* File Media Controller
*
* @package Joomla.Administrator
* @subpackage com_media
* @since 1.6
*/
class MediaControllerFile extends JControllerLegacy
{
/**
* Upload a file
*
* @since 1.5
*/
function upload()
{
$params = JComponentHelper::getParams('com_media');
// Check for request forgeries
if (!JSession::checkToken('request')) {
$response = array(
'status' => '0',
'error' => JText::_('JINVALID_TOKEN')
);
echo json_encode($response);
return;
}
// Get the user
$user = JFactory::getUser();
$log = JLog::getInstance('upload.error.php');
// Get some data from the request
$file = JRequest::getVar('Filedata', '', 'files', 'array');
$folder = JRequest::getVar('folder', '', '', 'path');
$return = JRequest::getVar('return-url', null, 'post', 'base64');
if (
$_SERVER['CONTENT_LENGTH']>($params->get('upload_maxsize', 0) * 1024 * 1024) ||
$_SERVER['CONTENT_LENGTH']>(int)(ini_get('upload_max_filesize'))* 1024 * 1024 ||
$_SERVER['CONTENT_LENGTH']>(int)(ini_get('post_max_size'))* 1024 * 1024 ||
$_SERVER['CONTENT_LENGTH']>(int)(ini_get('memory_limit'))* 1024 * 1024
)
{
$response = array(
'status' => '0',
'error' => JText::_('COM_MEDIA_ERROR_WARNFILETOOLARGE')
);
echo json_encode($response);
return;
}
// Set FTP credentials, if given
JClientHelper::setCredentialsFromRequest('ftp');
// Make the filename safe
$file['name'] = JFile::makeSafe($file['name']);
if (isset($file['name']))
{
// The request is valid
$err = null;
$filepath = JPath::clean(COM_MEDIA_BASE . '/' . $folder . '/' . strtolower($file['name']));
if (!MediaHelper::canUpload($file, $err))
{
$log->addEntry(array('comment' => 'Invalid: '.$filepath.': '.$err));
$response = array(
'status' => '0',
'error' => JText::_($err)
);
echo json_encode($response);
return;
}
// Trigger the onContentBeforeSave event.
JPluginHelper::importPlugin('content');
$dispatcher = JDispatcher::getInstance();
$object_file = new JObject($file);
$object_file->filepath = $filepath;
$result = $dispatcher->trigger('onContentBeforeSave', array('com_media.file', &$object_file));
if (in_array(false, $result, true)) {
// There are some errors in the plugins
$log->addEntry(array('comment' => 'Errors before save: '.$filepath.' : '.implode(', ', $object_file->getErrors())));
$response = array(
'status' => '0',
'error' => JText::plural('COM_MEDIA_ERROR_BEFORE_SAVE', count($errors = $object_file->getErrors()), implode('<br />', $errors))
);
echo json_encode($response);
return;
}
if (JFile::exists($filepath))
{
// File exists
$log->addEntry(array('comment' => 'File exists: '.$filepath.' by user_id '.$user->id));
$response = array(
'status' => '0',
'error' => JText::_('COM_MEDIA_ERROR_FILE_EXISTS')
);
echo json_encode($response);
return;
}
elseif (!$user->authorise('core.create', 'com_media'))
{
// File does not exist and user is not authorised to create
$log->addEntry(array('comment' => 'Create not permitted: '.$filepath.' by user_id '.$user->id));
$response = array(
'status' => '0',
'error' => JText::_('COM_MEDIA_ERROR_CREATE_NOT_PERMITTED')
);
echo json_encode($response);
return;
}
$file = (array) $object_file;
if (!JFile::upload($file['tmp_name'], $file['filepath']))
{
// Error in upload
$log->addEntry(array('comment' => 'Error on upload: '.$filepath));
$response = array(
'status' => '0',
'error' => JText::_('COM_MEDIA_ERROR_UNABLE_TO_UPLOAD_FILE')
);
echo json_encode($response);
return;
}
else
{
// Trigger the onContentAfterSave event.
$dispatcher->trigger('onContentAfterSave', array('com_media.file', &$object_file, true));
$log->addEntry(array('comment' => $folder));
$response = array(
'status' => '1',
'error' => JText::sprintf('COM_MEDIA_UPLOAD_COMPLETE', substr($file['filepath'], strlen(COM_MEDIA_BASE)))
);
echo json_encode($response);
return;
}
}
else
{
$response = array(
'status' => '0',
'error' => JText::_('COM_MEDIA_ERROR_BAD_REQUEST')
);
echo json_encode($response);
return;
}
}
}
T1KUS90T