* @version 1.0.1 (June 30, 2004) * @package AutoIndex */ class Upload { /** * Uploads all files in the $_FILES array, then echos the results. */ public function do_upload() { $uploaded_files = $errors = ''; global $words, $log, $dir; foreach ($_FILES as $file_upload) { $filename = Item::get_basename($file_upload['name']); if ($filename == '') { continue; } if (DirectoryList::is_hidden($filename)) { $errors .= "

$filename [" . $words -> __get('filename is listed as a hidden file') . ']

'; continue; } $filename = Url::clean_input($filename); $fullpathname = realpath($dir) . '/' . $filename; if (@file_exists($fullpathname)) { $errors .= "

$filename [" . $words -> __get('file already exists') . ']

'; } else if (@move_uploaded_file($file_upload['tmp_name'], $fullpathname)) { @chmod($fullpathname, 0644); $uploaded_files .= "

$filename

"; $log -> add_entry("Uploaded file: $filename"); } else { $errors .= "

$filename

"; } } if ($errors == '') { $errors = '
[' . $words -> __get('none') . ']'; } if ($uploaded_files == '') { $uploaded_files = '
[' . $words -> __get('none') . ']'; } $str = '

' . '' . $words -> __get('uploaded files') . ": $uploaded_files

" . $words -> __get('failed files') . ": $errors" . '

' . $words -> __get('continue') . '.

'; echo new Display($str); die(); } /** * @param User $current_user Makes sure the user has permission to upload files */ public function __construct(User $current_user) { if ($current_user -> level < LEVEL_TO_UPLOAD) { throw new ExceptionDisplay('Your user account does not have permission to upload files.'); } } /** * @return string The HTML that makes up the upload form */ public function __toString() { global $words, $subdir; if (isset($_GET['num_uploads']) && (int)$_GET['num_uploads'] > 0) { $str = ''; $str = '

' . $str . '

' . $words -> __get('continue') . '.

'; echo new Display($str); die(); } return ''; } } ?>