PluginProbe ʕ •ᴥ•ʔ
Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress / trunk
Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress vtrunk
4.16.18 4.16.17 4.16.16 trunk 1.0 1.0.1 1.0.2 1.1 1.1.1 1.1.2 1.1.3 1.1.4 1.1.5 1.1.5a 1.1.6 1.1.7 1.2 1.2.1 1.2.2 1.2.3 1.2.4 1.2.5 1.2.6 1.3 1.3.1 1.3.2 1.3.3 1.3.4 1.3.5 1.3.6 1.4 1.4.1 1.4.2 1.5 1.5.1 1.5.2 1.5.3 1.5.4 1.5.5 1.5.6 1.5.7 1.5.8 1.6 1.6.1 1.6.2 1.6.3 1.6.4 1.6.5 1.6.6 1.6.7 1.6.8 1.7 1.7.1 1.7.2 1.8 1.8.1 1.8.10 1.8.2 1.8.3 1.8.4 1.8.5 1.8.6 1.8.7 1.8.8 1.8.9 1.9 1.9.1 1.9.10 1.9.11 1.9.12 1.9.13 1.9.2 1.9.3 1.9.4 1.9.5 1.9.6 1.9.7 1.9.8 1.9.9 2.1.9 2.2.10 2.2.11 2.2.12 2.2.13 2.2.14 2.2.15 2.2.16 2.2.2 2.2.5 2.2.6 2.2.7 2.2.8 2.2.9 3.0 3.1 3.1.1 3.1.10 3.1.11 3.1.12 3.1.13 3.1.14 3.1.15 3.1.16 3.1.17 3.1.18 3.1.19 3.1.2 3.1.3 3.1.4 3.1.5 3.1.6 3.1.7 3.1.8 3.1.9 3.2.0 3.2.1 3.2.10 3.2.11 3.2.12 3.2.13 3.2.14 3.2.15 3.2.16 3.2.2 3.2.3 3.2.4 3.2.5 3.2.6 3.2.7 3.2.8 3.2.9 4.0.0 4.0.1 4.0.2 4.0.3 4.1.0 4.1.1 4.1.2 4.1.3 4.1.4 4.10.0 4.10.1 4.10.2 4.10.3 4.11.0 4.12.0 4.13.0 4.13.1 4.13.2 4.13.3 4.13.4 4.14.0 4.14.1 4.14.2 4.14.3 4.14.4 4.15.0 4.15.1 4.15.10 4.15.11 4.15.12 4.15.13 4.15.14 4.15.15 4.15.16 4.15.17 4.15.18 4.15.19 4.15.2 4.15.20 4.15.20.1 4.15.21 4.15.22 4.15.23 4.15.24 4.15.25 4.15.3 4.15.4 4.15.5 4.15.6 4.15.7 4.15.8 4.15.9 4.16.0 4.16.1 4.16.10 4.16.11 4.16.12 4.16.13 4.16.14 4.16.15 4.16.2 4.16.3 4.16.4 4.16.5 4.16.6 4.16.7 4.16.8 4.16.9 4.2.0 4.3.0 4.3.1 4.3.2 4.4.0 4.4.1 4.5.0 4.5.1 4.5.2 4.5.3 4.5.4 4.5.5 4.6.0 4.7.0 4.8.0 4.9.0
wp-user-avatar / src / Classes / FileUploader.php
wp-user-avatar / src / Classes Last commit date
Installer 3 years ago AdminNotices.php 2 months ago AjaxHandler.php 1 year ago Autologin.php 9 months ago BlockRegistrations.php 10 months ago BuddyPressBbPress.php 3 years ago DisableConcurrentLogins.php 2 years ago EditUserProfile.php 5 months ago ExtensionManager.php 1 month ago FileUploader.php 3 months ago FormPreviewHandler.php 5 months ago FormRepository.php 1 year ago FormShortcodeDefaults.php 1 month ago GDPR.php 3 years ago Geolocation.php 3 years ago GlobalSiteAccess.php 3 years ago ImageUploader.php 1 year ago LoginAuth.php 1 year ago Miscellaneous.php 3 years ago ModifyRedirectDefaultLinks.php 2 hours ago PPRESS_Session.php 1 year ago PROFILEPRESS_sql.php 1 year ago PasswordReset.php 1 year ago ProfileUrlRewrite.php 4 years ago RegistrationAuth.php 1 week ago SendEmail.php 3 years ago ShortcodeThemeFactory.php 5 years ago UserAvatar.php 1 year ago UserSignupLocationListingPage.php 3 years ago UsernameEmailRestrictLogin.php 4 years ago WPProfileFieldParserTrait.php 1 year ago WelcomeEmailAfterSignup.php 1 year ago default-email-template.php 1 year ago index.php 3 years ago
FileUploader.php
196 lines
1 <?php
2
3 namespace ProfilePress\Core\Classes;
4
5 use WP_Error;
6
7 /**
8 * @package ProfilePress custom file upload PHP class
9 */
10 class FileUploader
11 {
12 /** init poop */
13 public static function init()
14 {
15 $result = array();
16
17 if (empty($_FILES)) return $result;
18
19 // remove registration and edit profile avatar and cover photo from files uploaded to be processed.
20 $skip = ['wpua-file', 'reg_avatar', 'eup_avatar', 'reg_cover_image', 'eup_cover_image'];
21
22 $valid_custom_usermeta = array_keys(ppress_custom_fields_key_value_pair(true));
23
24 foreach ($_FILES as $field_key => $uploaded_file_array) {
25
26 if ( ! in_array($field_key, $skip) && in_array($field_key, $valid_custom_usermeta) && ! empty($uploaded_file_array['name'])) {
27 $result[$field_key] = self::process($uploaded_file_array, $field_key);
28 }
29 }
30
31 return $result;
32 }
33
34 /**
35 * Upload the file
36 *
37 * @param $file
38 *
39 * @return bool|WP_Error
40 */
41 public static function process($file, $field_key)
42 {
43 /**
44 * Fires before image is process for validation and uploading
45 */
46 do_action('ppress_before_saving_file', $file, $field_key);
47
48 // validate all uploaded file but only return error for file with hidden "required-"field-key" field POSTed data.
49 // i.e if the file has the "required" shortcode attribute.
50 // added in "reg_custom_profile_field" in registration shortcode parser.
51
52 if ($file["error"] !== 0) {
53 self::error_file_logger($file, self::codeToMessage($file["error"]));
54 if (isset($_POST["required-{$field_key}"])) {
55 return new WP_Error(
56 'file_error',
57 apply_filters('ppress_file_unexpected_error',
58 esc_html__('Unexpected error with file upload, Please try again.', 'wp-user-avatar'),
59 $field_key
60 )
61 );
62 }
63
64 return false;
65 }
66
67 // filesize in megabyte. default is 10MB
68 $file_size = apply_filters('ppress_file_upload_size', 10, $field_key);
69
70 if ($file["size"] > ($file_size * 1000000)) {
71 return new WP_Error('file_too_large', apply_filters(
72 'ppress_file_too_large',
73 sprintf(
74 esc_html__('Uploaded file is greater than the allowed sized of %s', 'wp-user-avatar'),
75 "$file_size MB"
76 ),
77 $field_key
78 )
79 );
80 }
81
82 // array of allowed file extensions
83 $extensions = PROFILEPRESS_sql::get_field_option_values($field_key);
84
85 $allowed_extensions = array_filter(array_map('trim', explode(',', $extensions)), function ($value) {
86 return ! empty($value);
87 });
88
89 if (empty($allowed_extensions)) $allowed_extensions = [];
90
91 $filename = $file['name'];
92
93 $mime_check = ppress_check_type_and_ext($file, [], $allowed_extensions);
94
95 if (is_wp_error($mime_check)) {
96
97 return new WP_Error('invalid_file', $filename . ' ' . apply_filters('ppress_invalid_file_error', esc_html__('appears to be of an invalid file format. Please try again.', 'wp-user-avatar'), $field_key));
98 }
99
100 $file_upload_dir = apply_filters('ppress_file_upload_dir', PPRESS_FILE_UPLOAD_DIR, $field_key);
101
102 // ensure a safe filename
103 $file_name = apply_filters('ppress_file_upload_filename', preg_replace("/[^A-Z0-9._-]/i", "_", $filename), $field_key, $file);
104
105 // don't overwrite an existing file
106 $i = 0;
107 $file_exist_parts = pathinfo($file_name);
108 while (file_exists($file_upload_dir . $file_name)) {
109 $i++;
110 $file_name = $file_exist_parts["filename"] . "-" . $i . "." . $file_exist_parts["extension"];
111 }
112
113 // does file uploads folder exist? if NO, create it.
114 if ( ! file_exists($file_upload_dir)) {
115 mkdir($file_upload_dir, 0755);
116 }
117
118 // create index.php file in file uploads folder
119 if ( ! file_exists($file_upload_dir . '/index.php')) {
120 ppress_create_index_file($file_upload_dir);
121 }
122
123 // preserve file from temporary directory
124 $success = @move_uploaded_file($file["tmp_name"], $file_upload_dir . $file_name);
125
126 if ( ! $success) {
127 return new WP_Error ('save_error',
128 sprintf(__("Unable to save %s, please try again.", 'wp-user-avatar'), $file_name));
129 }
130
131 // set proper permissions on the new file
132 chmod($file_upload_dir . $file_name, 0644);
133
134 /**
135 * Fires after file have been saved
136 *
137 * @param string $file_name uploaded image url
138 */
139 do_action('ppress_after_saving_file', $file_name, $file_upload_dir);
140
141 return $file_name;
142 }
143
144 /**
145 * Error message of file upload converted from errorCode to readable message.
146 *
147 * @param int $code
148 *
149 * @return string
150 */
151 public static function codeToMessage($code)
152 {
153 switch ($code) {
154 case UPLOAD_ERR_INI_SIZE:
155 $message = __("The uploaded file exceeds the upload_max_filesize directive in php.ini", 'wp-user-avatar');
156 break;
157 case UPLOAD_ERR_FORM_SIZE:
158 $message = __("The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form", 'wp-user-avatar');
159 break;
160 case UPLOAD_ERR_PARTIAL:
161 $message = __("The uploaded file was only partially uploaded", 'wp-user-avatar');
162 break;
163 case UPLOAD_ERR_NO_FILE:
164 $message = __("No file was uploaded", 'wp-user-avatar');
165 break;
166 case UPLOAD_ERR_NO_TMP_DIR:
167 $message = __("Missing a temporary folder", 'wp-user-avatar');
168 break;
169 case UPLOAD_ERR_CANT_WRITE:
170 $message = __("Failed to write file to disk", 'wp-user-avatar');
171 break;
172 case UPLOAD_ERR_EXTENSION:
173 $message = __("File upload stopped by extension", 'wp-user-avatar');
174 break;
175
176 default:
177 $message = "Unknown upload error";
178 break;
179 }
180
181 return $message;
182 }
183
184
185 /**
186 * @param array $file_array global $_File['field_key'] of the file.
187 * @param string $error_message
188 */
189 public static function error_file_logger($file_array, $error_message)
190 {
191 $error = $error_message . ' => ' . json_encode($file_array);
192
193 ppress_log_error($error);
194 }
195 }
196