file.php 11 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358
  1. <?php
  2. /* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
  3. /**
  4. * HTML class for a file upload field
  5. *
  6. * PHP versions 4 and 5
  7. *
  8. * LICENSE: This source file is subject to version 3.01 of the PHP license
  9. * that is available through the world-wide-web at the following URI:
  10. * http://www.php.net/license/3_01.txt If you did not receive a copy of
  11. * the PHP License and are unable to obtain it through the web, please
  12. * send a note to license@php.net so we can mail you a copy immediately.
  13. *
  14. * @category HTML
  15. * @package HTML_QuickForm
  16. * @author Adam Daniel <adaniel1@eesus.jnj.com>
  17. * @author Bertrand Mansion <bmansion@mamasam.com>
  18. * @author Alexey Borzov <avb@php.net>
  19. * @copyright 2001-2009 The PHP Group
  20. * @license http://www.php.net/license/3_01.txt PHP License 3.01
  21. * @version CVS: $Id: file.php,v 1.25 2009/04/04 21:34:02 avb Exp $
  22. * @link http://pear.php.net/package/HTML_QuickForm
  23. */
  24. /**
  25. * Base class for <input /> form elements
  26. */
  27. require_once 'HTML/QuickForm/input.php';
  28. // register file-related rules
  29. if (class_exists('HTML_QuickForm')) {
  30. HTML_QuickForm::registerRule('uploadedfile', 'callback', '_ruleIsUploadedFile', 'HTML_QuickForm_file');
  31. HTML_QuickForm::registerRule('maxfilesize', 'callback', '_ruleCheckMaxFileSize', 'HTML_QuickForm_file');
  32. HTML_QuickForm::registerRule('mimetype', 'callback', '_ruleCheckMimeType', 'HTML_QuickForm_file');
  33. HTML_QuickForm::registerRule('filename', 'callback', '_ruleCheckFileName', 'HTML_QuickForm_file');
  34. }
  35. /**
  36. * HTML class for a file upload field
  37. *
  38. * @category HTML
  39. * @package HTML_QuickForm
  40. * @author Adam Daniel <adaniel1@eesus.jnj.com>
  41. * @author Bertrand Mansion <bmansion@mamasam.com>
  42. * @author Alexey Borzov <avb@php.net>
  43. * @version Release: 3.2.11
  44. * @since 1.0
  45. */
  46. class HTML_QuickForm_file extends HTML_QuickForm_input
  47. {
  48. // {{{ properties
  49. /**
  50. * Uploaded file data, from $_FILES
  51. * @var array
  52. */
  53. var $_value = null;
  54. // }}}
  55. // {{{ constructor
  56. /**
  57. * Class constructor
  58. *
  59. * @param string Input field name attribute
  60. * @param string Input field label
  61. * @param mixed (optional)Either a typical HTML attribute string
  62. * or an associative array
  63. * @since 1.0
  64. * @access public
  65. */
  66. function HTML_QuickForm_file($elementName=null, $elementLabel=null, $attributes=null)
  67. {
  68. HTML_QuickForm_input::HTML_QuickForm_input($elementName, $elementLabel, $attributes);
  69. $this->setType('file');
  70. } //end constructor
  71. // }}}
  72. // {{{ setSize()
  73. /**
  74. * Sets size of file element
  75. *
  76. * @param int Size of file element
  77. * @since 1.0
  78. * @access public
  79. */
  80. function setSize($size)
  81. {
  82. $this->updateAttributes(array('size' => $size));
  83. } //end func setSize
  84. // }}}
  85. // {{{ getSize()
  86. /**
  87. * Returns size of file element
  88. *
  89. * @since 1.0
  90. * @access public
  91. * @return int
  92. */
  93. function getSize()
  94. {
  95. return $this->getAttribute('size');
  96. } //end func getSize
  97. // }}}
  98. // {{{ freeze()
  99. /**
  100. * Freeze the element so that only its value is returned
  101. *
  102. * @access public
  103. * @return bool
  104. */
  105. function freeze()
  106. {
  107. return false;
  108. } //end func freeze
  109. // }}}
  110. // {{{ setValue()
  111. /**
  112. * Sets value for file element.
  113. *
  114. * Actually this does nothing. The function is defined here to override
  115. * HTML_Quickform_input's behaviour of setting the 'value' attribute. As
  116. * no sane user-agent uses <input type="file">'s value for anything
  117. * (because of security implications) we implement file's value as a
  118. * read-only property with a special meaning.
  119. *
  120. * @param mixed Value for file element
  121. * @since 3.0
  122. * @access public
  123. */
  124. function setValue($value)
  125. {
  126. return null;
  127. } //end func setValue
  128. // }}}
  129. // {{{ getValue()
  130. /**
  131. * Returns information about the uploaded file
  132. *
  133. * @since 3.0
  134. * @access public
  135. * @return array
  136. */
  137. function getValue()
  138. {
  139. return $this->_value;
  140. } // end func getValue
  141. // }}}
  142. // {{{ onQuickFormEvent()
  143. /**
  144. * Called by HTML_QuickForm whenever form event is made on this element
  145. *
  146. * @param string Name of event
  147. * @param mixed event arguments
  148. * @param object calling object
  149. * @since 1.0
  150. * @access public
  151. * @return bool
  152. */
  153. function onQuickFormEvent($event, $arg, &$caller)
  154. {
  155. switch ($event) {
  156. case 'updateValue':
  157. if ($caller->getAttribute('method') == 'get') {
  158. return PEAR::raiseError('Cannot add a file upload field to a GET method form');
  159. }
  160. $this->_value = $this->_findValue();
  161. $caller->updateAttributes(array('enctype' => 'multipart/form-data'));
  162. $caller->setMaxFileSize();
  163. break;
  164. case 'addElement':
  165. $this->onQuickFormEvent('createElement', $arg, $caller);
  166. return $this->onQuickFormEvent('updateValue', null, $caller);
  167. break;
  168. case 'createElement':
  169. $className = get_class($this);
  170. $this->$className($arg[0], $arg[1], $arg[2]);
  171. break;
  172. }
  173. return true;
  174. } // end func onQuickFormEvent
  175. // }}}
  176. // {{{ moveUploadedFile()
  177. /**
  178. * Moves an uploaded file into the destination
  179. *
  180. * @param string Destination directory path
  181. * @param string New file name
  182. * @access public
  183. * @return bool Whether the file was moved successfully
  184. */
  185. function moveUploadedFile($dest, $fileName = '')
  186. {
  187. if ($dest != '' && substr($dest, -1) != '/') {
  188. $dest .= '/';
  189. }
  190. $fileName = ($fileName != '') ? $fileName : basename($this->_value['name']);
  191. return move_uploaded_file($this->_value['tmp_name'], $dest . $fileName);
  192. } // end func moveUploadedFile
  193. // }}}
  194. // {{{ isUploadedFile()
  195. /**
  196. * Checks if the element contains an uploaded file
  197. *
  198. * @access public
  199. * @return bool true if file has been uploaded, false otherwise
  200. */
  201. function isUploadedFile()
  202. {
  203. return $this->_ruleIsUploadedFile($this->_value);
  204. } // end func isUploadedFile
  205. // }}}
  206. // {{{ _ruleIsUploadedFile()
  207. /**
  208. * Checks if the given element contains an uploaded file
  209. *
  210. * @param array Uploaded file info (from $_FILES)
  211. * @access private
  212. * @return bool true if file has been uploaded, false otherwise
  213. */
  214. function _ruleIsUploadedFile($elementValue)
  215. {
  216. if ((isset($elementValue['error']) && $elementValue['error'] == 0) ||
  217. (!empty($elementValue['tmp_name']) && $elementValue['tmp_name'] != 'none')) {
  218. return is_uploaded_file($elementValue['tmp_name']);
  219. } else {
  220. return false;
  221. }
  222. } // end func _ruleIsUploadedFile
  223. // }}}
  224. // {{{ _ruleCheckMaxFileSize()
  225. /**
  226. * Checks that the file does not exceed the max file size
  227. *
  228. * @param array Uploaded file info (from $_FILES)
  229. * @param int Max file size
  230. * @access private
  231. * @return bool true if filesize is lower than maxsize, false otherwise
  232. */
  233. function _ruleCheckMaxFileSize($elementValue, $maxSize)
  234. {
  235. if (!empty($elementValue['error']) &&
  236. (UPLOAD_ERR_FORM_SIZE == $elementValue['error'] || UPLOAD_ERR_INI_SIZE == $elementValue['error'])) {
  237. return false;
  238. }
  239. if (!HTML_QuickForm_file::_ruleIsUploadedFile($elementValue)) {
  240. return true;
  241. }
  242. return ($maxSize >= @filesize($elementValue['tmp_name']));
  243. } // end func _ruleCheckMaxFileSize
  244. // }}}
  245. // {{{ _ruleCheckMimeType()
  246. /**
  247. * Checks if the given element contains an uploaded file of the right mime type
  248. *
  249. * @param array Uploaded file info (from $_FILES)
  250. * @param mixed Mime Type (can be an array of allowed types)
  251. * @access private
  252. * @return bool true if mimetype is correct, false otherwise
  253. */
  254. function _ruleCheckMimeType($elementValue, $mimeType)
  255. {
  256. if (!HTML_QuickForm_file::_ruleIsUploadedFile($elementValue)) {
  257. return true;
  258. }
  259. if (is_array($mimeType)) {
  260. return in_array($elementValue['type'], $mimeType);
  261. }
  262. return $elementValue['type'] == $mimeType;
  263. } // end func _ruleCheckMimeType
  264. // }}}
  265. // {{{ _ruleCheckFileName()
  266. /**
  267. * Checks if the given element contains an uploaded file of the filename regex
  268. *
  269. * @param array Uploaded file info (from $_FILES)
  270. * @param string Regular expression
  271. * @access private
  272. * @return bool true if name matches regex, false otherwise
  273. */
  274. function _ruleCheckFileName($elementValue, $regex)
  275. {
  276. if (!HTML_QuickForm_file::_ruleIsUploadedFile($elementValue)) {
  277. return true;
  278. }
  279. return (bool)preg_match($regex, $elementValue['name']);
  280. } // end func _ruleCheckFileName
  281. // }}}
  282. // {{{ _findValue()
  283. /**
  284. * Tries to find the element value from the values array
  285. *
  286. * Needs to be redefined here as $_FILES is populated differently from
  287. * other arrays when element name is of the form foo[bar]
  288. *
  289. * @access private
  290. * @return mixed
  291. */
  292. function _findValue(&$values = null)
  293. {
  294. if (empty($_FILES)) {
  295. return null;
  296. }
  297. $elementName = $this->getName();
  298. if (isset($_FILES[$elementName])) {
  299. return $_FILES[$elementName];
  300. } elseif (false !== ($pos = strpos($elementName, '['))) {
  301. $base = str_replace(
  302. array('\\', '\''), array('\\\\', '\\\''),
  303. substr($elementName, 0, $pos)
  304. );
  305. $idx = "['" . str_replace(
  306. array('\\', '\'', ']', '['), array('\\\\', '\\\'', '', "']['"),
  307. substr($elementName, $pos + 1, -1)
  308. ) . "']";
  309. $props = array('name', 'type', 'size', 'tmp_name', 'error');
  310. $code = "if (!isset(\$_FILES['{$base}']['name']{$idx})) {\n" .
  311. " return null;\n" .
  312. "} else {\n" .
  313. " \$value = array();\n";
  314. foreach ($props as $prop) {
  315. $code .= " \$value['{$prop}'] = \$_FILES['{$base}']['{$prop}']{$idx};\n";
  316. }
  317. return eval($code . " return \$value;\n}\n");
  318. } else {
  319. return null;
  320. }
  321. }
  322. // }}}
  323. } // end class HTML_QuickForm_file
  324. ?>