<?
# =================================================================== #
#
# iMarc PHP Library
# Copyright 1999, 2002 David Fox, Angryrobot Productions 
#                (See below for full license)
# 
# VERSION: 2.0
# LAST UPDATE: 2020-04-02
# CONTENT: PHP file upload class
#
# =================================================================== #
# 
# USAGE and SETUP instructions at the bottom of this page (README)
# 
# =================================================================== #
/*
	METHODS:
		max_filesize() - set a max filesize in bytes
		max_image_size() - set max pixel dimenstions for image uploads
		upload() - checks if file is acceptable, uploads file to server's temp directory
		save_file() - moves the uploaded file and renames it depending on the save_file($mode)
	Error codes:
		$errors[0] - "No file was uploaded"
		$errors[1] - "Maximum file size exceeded"
		$errors[2] - "Maximum image size exceeded"
		$errors[3] - "Only specified file type may be uploaded"
		$errors[4] - "File already exists" (save only)
*/
# ------------------------------------------------------------------- #
# UPLOADER CLASS
# ------------------------------------------------------------------- #
class uploader {
	var $file;
	var $errors;
	var $accepted;
	var $max_filesize;
	var $max_image_width;
	var $max_image_height;
	var $uploaded_file;
	# ----------------------------------- #
	# FUNCTION: max_filesize 
	# ARGS: $size
	# DESCRIPTION: Set the maximum file size
	# in bytes ($size), allowable by the object.
	#
	# NOTE: PHP's configuration file also can control
	# the maximum upload size, which is set to 2 or 4 
	# megs by default. To upload larger files, you'll 
	# have to change the php.ini file first.
	# ----------------------------------- #
	function max_filesize($size){
		$this->max_filesize = $size;
	}
	# ----------------------------------- #
	# FUNCTION: max_image_size 
	# ARGS: $width, $height
	# DESCRIPTION: Sets the maximum pixel dimensions
	# for image uploads
	# ----------------------------------- #
	function max_image_size($width, $height){
		$this->max_image_width = $width;
		$this->max_image_height = $height;
	}
	# ----------------------------------- #
	# FUNCTION: upload 
	# ARGS: $filename, $accept_type, $extension
	# DESCRIPTION: Checks and sets the raw 
	# file data, checks if the content type is 
	# acceptable (if $accept_type) is set, and 
	# adds a default extension ($extention) if
	# there is no ".xxx" in the filename
	# ----------------------------------- #
	function upload($filename, $accept_type='', $extention='') {
		// get all the properties of the file
		$index = array("file", "name", "size", "type");
		for($i = 0; $i < 4; $i++) {
			$file_var = '$' . $filename . (($index[$i] != "file") ? "_" . $index[$i] : "");
			eval('global ' . $file_var . ';');
			eval('$this->file[$index[$i]] = ' . $file_var . ';');
		}
		if($this->file["file"] && $this->file["file"] != "none") {
			// test max size
			if($this->max_filesize && $this->file["size"] > $this->max_filesize) {
				$this->errors[1] = "Maximum file size exceeded. File may be no larger than " . $this->max_filesize/1000 . "KB (" . $this->max_filesize . " bytes).";
				return FALSE;
			}
	 		if(ereg("image", $this->file["type"])) {
	 			$image = getimagesize($this->file["file"]);
	 			$this->file["width"]  = $image[0];
	 			$this->file["height"] = $image[1];
				// test max image size
				if(($this->max_image_width || $this->max_image_height) && (($this->file["width"] > $this->max_image_width) || ($this->file["height"] > $this->max_image_height))) {
					$this->errors[2] = "Maximum image size exceeded. Image may be no more than " . $this->max_image_width . " x " . $this->max_image_height . " pixels";
					return FALSE;
				}
	 			switch($image[2]) {
	 				case 1:
	 					$this->file["extention"] = ".gif";
	 					break;
	 				case 2:
	 					$this->file["extention"] = ".jpg";
	 					break;
	 				case 3:
	 					$this->file["extention"] = ".png";
	 					break;
	 				default:
						$this->file["extention"] = $extention;
	 					break;
	 			}
			} elseif(!ereg("(\.)([a-z0-9]{3,5})$", $this->file["name"]) && !$extention) {
				// add new mime types here
				switch($this->file["type"]) {
					case "text/plain":
						$this->file["extention"] = ".txt";
						break;
					default:
						break;
				}
	 		} else {
				$this->file["extention"] = $extention;
			}
			// check to see if the file is of type specified
			if($accept_type) {
				if(ereg($accept_type, $this->file["type"])) {
					$this->accepted = TRUE;
				} else { 
					$this->accepted = FALSE;
					$this->errors[3] = "Only " . ereg_replace("\|", " or ", $accept_type) . " files may be uploaded";
				}
			} else { 
				$this->accepted = TRUE;
			}
		} else { 
			$this->accepted  = FALSE;
			$this->errors[0] = "No file was uploaded";
		}
		return $this->accepted;		
	}
	# ----------------------------------- #
	# FUNCTION: save_file 
	# ARGS: $path, $mode
	# DESCRIPTION: Writes the file data to 
	# $path, after renaming the file by stripping
	# out non-alphanumeric characters. This function
	# also checks the upload $mode:
	#
	#	$mode = 1 :: overwrite existing file
	#	$mode = 2 :: rename new file if a file
	#	             with the same name already 
	#                exists: file.txt becomes file_copy0.txt
	#	$mode = 3 :: do nothing if a file with the
	#	             same name already exists
	# ----------------------------------- #
	function save_file($path, $mode="3"){
		$this->path = $path;	
		if($this->accepted) {
			// very strict naming of file.. only lowercase letters, numbers and underscores
			$this->file["name"] = ereg_replace("[^a-z0-9._]", "", ereg_replace(" ", "_", ereg_replace("%20", "_", strtolower($this->file["name"]))));
			// check for extention and remove - we want to get JUST the 
			// filename (without the extenstion) into the variable $name
			if(ereg("(\.)([a-z0-9]{2,5})$", $this->file["name"])) {
				$pos = strrpos($this->file["name"], ".");
				if(!$this->file["extention"]) { 
					$this->file["extention"] = substr($this->file["name"], $pos, strlen($this->file["name"]));
				}
				$name = substr($this->file["name"], 0, $pos);
			} else {
				$name = $this->file["name"];
				if ($this->file["extention"]) {
					$this->file["name"] = $this->file["name"] . $this->file["extention"];
				}
			}
			$this->uploaded_file = $this->path . $this->file["name"];
			if(ereg("text", $this->file["type"])) {
				// If it's a text file, we may need to convert MAC and/or PC
				// line breaks to UNIX
				// chr(13)  = CR (carridge return) = Macintosh
				// chr(10)  = LF (line feed)       = Unix
				// Win line break = CRLF
				$new_file  = '';
				$old_file  = '';
				$fcontents = file($this->file["file"]);
				while (list ($line_num, $line) = each($fcontents)) {
					$old_file .= $line;
					$new_file .= str_replace(chr(13), chr(10), $line);
				}
				if ($old_file != $new_file) {
					// Open the uploaded file, and re-write it
					// with the new changes
					$fp = fopen($this->file["file"], "w");
					fwrite($fp, $new_file);
					fclose($fp);
				}
			}
			switch($mode) {
				case 1: // overwrite mode
					$aok = copy($this->file["file"], $this->uploaded_file);
					break;
				case 2: // create new with incremental extention
					while(file_exists($this->path . $name . $copy . $this->file["extention"])) {
						$copy = "_copy" . $n;
						$n++;
					}
					$this->file["name"]  = $name . $copy . $this->file["extention"];
					$this->uploaded_file = $this->path . $this->file["name"];
					$aok = copy($this->file["file"], $this->uploaded_file);
					break;
				case 3: // do nothing if exists, highest protection
					if(file_exists($this->uploaded_file)){
						$this->errors[4] = "A file named " . $this->uploaded_file . " already exists. Please use another name.";
					} else {
						$aok = copy($this->file["file"], $this->uploaded_file);
					}
					break;
				default:
					break;
			}
			if(!$aok) { unset($this->uploaded_file); }
			return $aok;
		} else {
			return FALSE;
		}
	}
}
/*
<readme>
	fileupload.class can be used to upload files of any type
	to a web server using a web browser. The uploaded file's name will 
	get cleaned up - special characters will be deleted, and spaces 
	get replaced with underscores, and moved to a specified 
	directory (on your server). fileupload.class also does its best to 
	determine the file's type (text, GIF, JPEG, etc). If the user 
	has named the file with the correct extension (.txt, .gif, etc), 
	then the class will use that, but if the user tries to upload 
	an extensionless file, PHP does can identify text, gif, jpeg, 
	and png files for you. As a last resort, if there is no 
	specified extension, and PHP can not determine the type, you 
	can set a default extension to be added.
	SETUP:
		Make sure that the directory that you plan on uploading 
		files to has enough permissions for your web server to 
		write/upload to it. (usually, this means making it world writable)
			- cd /your/web/dir
			- chmod 777 <fileupload_dir>
		The HTML FORM used to upload the file should look like this:
		<form method="post" action="upload.php" enctype="multipart/form-data">
			<input type="file" name="userfile"> 
			<input type="submit" value="Submit">
		</form>
	USAGE:
		// Create a new instance of the class
		$my_uploader = new uploader;
		// OPTIONAL: set the max filesize of uploadable files in bytes
		$my_uploader->max_filesize(90000);
		// OPTIONAL: if you're uploading images, you can set the max pixel dimensions 
		$my_uploader->max_image_size(150, 300); // max_image_size($width, $height)
		// UPLOAD the file
		// $my_uploader->upload($upload_file_name, $acceptable_file_types, $default_extension)
		$success = $my_uploader->upload("userfile", "", ".jpg");
		if ($success) {
			// MOVE THE FILE to it's final destination
			//	$mode = 1 :: overwrite existing file
			//	$mode = 2 :: rename new file if a file
			//	             with the same name already 
			//               exists: file.txt becomes file_copy0.txt
			//	$mode = 3 :: do nothing if a file with the
			//	             same name already exists
			$success = $my_uploader->save_file("/your/web/dir/fileupload_dir", int $mode);
		}
		if ($success) {
			// Successful upload!
			$file_name = $my_uploader->file['name'];
			print($file_name . " was successfully uploaded!");
		} else {
			// ERROR uploading...
 			if($my_uploader->errors) {
				while(list($key, $var) = each($my_uploader->errors)){
				echo $var . "<br>";
			}
 		}
</readme>
<license>
	///// fileupload.class /////
	Copyright (c) 1999, 2002 David Fox, Angryrobot Productions
	(http://www.angryrobot.com) All rights reserved.
	Redistribution and use in source and binary forms, with or without 
	modification, are permitted provided that the following conditions 
	are met:
	1. Redistributions of source code must retain the above copyright 
	   notice, this list of conditions and the following disclaimer.
	2. Redistributions in binary form must reproduce the above 
	   copyright notice, this list of conditions and the following 
	   disclaimer in the documentation and/or other materials provided 
	   with the distribution.
	3. Neither the name of author nor the names of its contributors 
	   may be used to endorse or promote products derived from this 
	   software without specific prior written permission.
	DISCLAIMER:
	THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS" 
	AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 
	TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A 
	PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR 
	CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 
	SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 
	LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF 
	USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 
	AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
	LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 
	IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF 
	THE POSSIBILITY OF SUCH DAMAGE.
</license>
*/
?>