/usr/share/php/kohana3.1/system/classes/kohana/upload.php is in libkohana3.1-core-php 3.1.4-2.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 | <?php defined('SYSPATH') or die('No direct script access.');
/**
* Upload helper class for working with uploaded files and [Validation].
*
* $array = Validation::factory($_FILES);
*
* [!!] Remember to define your form with "enctype=multipart/form-data" or file
* uploading will not work!
*
* The following configuration properties can be set:
*
* - [Upload::$remove_spaces]
* - [Upload::$default_directory]
*
* @package Kohana
* @category Helpers
* @author Kohana Team
* @copyright (c) 2007-2011 Kohana Team
* @license http://kohanaframework.org/license
*/
class Kohana_Upload {
/**
* @var boolean remove spaces in uploaded files
*/
public static $remove_spaces = TRUE;
/**
* @var string default upload directory
*/
public static $default_directory = 'upload';
/**
* Save an uploaded file to a new location. If no filename is provided,
* the original filename will be used, with a unique prefix added.
*
* This method should be used after validating the $_FILES array:
*
* if ($array->check())
* {
* // Upload is valid, save it
* Upload::save($array['file']);
* }
*
* @param array uploaded file data
* @param string new filename
* @param string new directory
* @param integer chmod mask
* @return string on success, full path to new file
* @return FALSE on failure
*/
public static function save(array $file, $filename = NULL, $directory = NULL, $chmod = 0644)
{
if ( ! isset($file['tmp_name']) OR ! is_uploaded_file($file['tmp_name']))
{
// Ignore corrupted uploads
return FALSE;
}
if ($filename === NULL)
{
// Use the default filename, with a timestamp pre-pended
$filename = uniqid().$file['name'];
}
if (Upload::$remove_spaces === TRUE)
{
// Remove spaces from the filename
$filename = preg_replace('/\s+/u', '_', $filename);
}
if ($directory === NULL)
{
// Use the pre-configured upload directory
$directory = Upload::$default_directory;
}
if ( ! is_dir($directory) OR ! is_writable(realpath($directory)))
{
throw new Kohana_Exception('Directory :dir must be writable',
array(':dir' => Debug::path($directory)));
}
// Make the filename into a complete path
$filename = realpath($directory).DIRECTORY_SEPARATOR.$filename;
if (move_uploaded_file($file['tmp_name'], $filename))
{
if ($chmod !== FALSE)
{
// Set permissions on filename
chmod($filename, $chmod);
}
// Return new file path
return $filename;
}
return FALSE;
}
/**
* Tests if upload data is valid, even if no file was uploaded. If you
* _do_ require a file to be uploaded, add the [Upload::not_empty] rule
* before this rule.
*
* $array->rule('file', 'Upload::valid')
*
* @param array $_FILES item
* @return bool
*/
public static function valid($file)
{
return (isset($file['error'])
AND isset($file['name'])
AND isset($file['type'])
AND isset($file['tmp_name'])
AND isset($file['size']));
}
/**
* Tests if a successful upload has been made.
*
* $array->rule('file', 'Upload::not_empty');
*
* @param array $_FILES item
* @return bool
*/
public static function not_empty(array $file)
{
return (isset($file['error'])
AND isset($file['tmp_name'])
AND $file['error'] === UPLOAD_ERR_OK
AND is_uploaded_file($file['tmp_name']));
}
/**
* Test if an uploaded file is an allowed file type, by extension.
*
* $array->rule('file', 'Upload::type', array(':value', array('jpg', 'png', 'gif')));
*
* @param array $_FILES item
* @param array allowed file extensions
* @return bool
*/
public static function type(array $file, array $allowed)
{
if ($file['error'] !== UPLOAD_ERR_OK)
return TRUE;
$ext = strtolower(pathinfo($file['name'], PATHINFO_EXTENSION));
return in_array($ext, $allowed);
}
/**
* Validation rule to test if an uploaded file is allowed by file size.
* File sizes are defined as: SB, where S is the size (1, 8.5, 300, etc.)
* and B is the byte unit (K, MiB, GB, etc.). All valid byte units are
* defined in Num::$byte_units
*
* $array->rule('file', 'Upload::size', array(':value', '1M'))
* $array->rule('file', 'Upload::size', array(':value', '2.5KiB'))
*
* @param array $_FILES item
* @param string maximum file size allowed
* @return bool
*/
public static function size(array $file, $size)
{
if ($file['error'] === UPLOAD_ERR_INI_SIZE)
{
// Upload is larger than PHP allowed size (upload_max_filesize)
return FALSE;
}
if ($file['error'] !== UPLOAD_ERR_OK)
{
// The upload failed, no size to check
return TRUE;
}
// Convert the provided size to bytes for comparison
$size = Num::bytes($size);
// Test that the file is under or equal to the max size
return ($file['size'] <= $size);
}
} // End upload
|