editors/ckeditor_4_4/uploader/EnkaUploader.php


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145

<html>
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
    <!--			<link rel="stylesheet" type="text/css" href="upload.css">-->


<?php


include_once('../../../function.php');

// Ce imamo v GET-u lang naložimo jezikovno datoteko
if(isset($_GET['lang'])){
    $language = ($_GET['lang'] == 'en') ? '2' : '1';
    $file = '../../../lang/'.$language.'.php';
    include($file);
}


//Prikaže možnost za IMAGE UPLOAD
if (!isset ($_POST['posted']) && (isset ($_GET['image']) && $_GET['image'] == 1)) {

    if (isset($_GET['error']) && $_GET['error'] == 1)
           echo "<strong style='font-family: Arial; font-size: 12px; color: red; font-weight: bold;'>" . $lang['upload_img_exe'] . "</strong>";
?>
    <body style="margin-top: 0px; top: 0px; margin-left: 0px; left: 0px; padding-top: 0px;">
    <form name="uploader" method="post" enctype="multipart/form-data"
          action="<?= $site_url ?>editors/ckeditor_4_4/uploader/EnkaUploader.php" style="height: 15px;">
        <input type="hidden" name="posted" value="1"/>
        <input type="hidden" name="urlsrc" value="<?= $_GET['url'] ?>"/>
        <input type="hidden" name="type" value="image"/>
        <!--	Podatki o sliki, ki jo nalagamo	-->
        <!--		<input type="hidden" value="eitorSlika" name="-->
        <?php //echo ini_get("session.upload_progress.name"); ?><!--">-->
        <strong style="font-family: Arial; font-size: 12px; font-weight: bold;"><?= $lang['upload_img'] ?></strong><input
            type="file" name="eitorSlika" onChange="submit();"/>
    </form>
    <!--	<script type="text/javascript" src="upload.js"></script>-->
<?php
}elseif (!isset ($_POST['posted']) && (!isset ($_GET['image']) || $_GET['image'] != "1")) {
?>
    <body style="margin-top: 0px; top: 0px; margin-left: 0px; left: 0px; padding-top: 0px;">
    <form name="uploader" method="post" enctype="multipart/form-data"
          action="<?= $site_url ?>editors/ckeditor_4_4/uploader/EnkaUploader.php" style="height: 15px;">
        <input type="hidden" name="posted" value="1"/>
        <input type="hidden" name="urlsrc" value="<?= $_GET['url'] ?>"/>
        <input type="hidden" name="type" value="file"/>
        <strong style="font-family: Arial; font-size: 12px; font-weight: bold;"><?= $lang['upload_select_file'] ?></strong>
        <br/>
        <input type="file" name="editorDatoteka" style="width: 100%;" onChange="submit();"/>
    </form>
<?php
}elseif ($_POST['type'] == "file") {

    if (isset ($_FILES['editorDatoteka']['name'])) {
        $ime = preg_replace ("/[^a-zA-Z0-9_\.\-]/", "", $_FILES['editorDatoteka']['name']);
        if (strpos (strtolower ($ime), ".exe")!==false || strpos (strtolower ($ime), ".bat")!==false || strpos (strtolower ($ime), ".com")!==false ||
                strpos (strtolower ($ime), ".vbs")!==false || strpos (strtolower ($ime), ".pl")!==false || strpos (strtolower ($ime), ".php")!==false || strpos (strtolower ($ime), ".php3")!==false) {
?>
                    <strong style="font-family: Arial; font-size: 12px; color: red; font-weight: bold;"><?=$lang['upload_exe']?></strong>
<?php
                }else {
                     $nakljucno = time();
                     $final = $nakljucno .$ime;

                     // Preverimo protokol in ga ustrezno replacamo
                     $upload_protocol = (strpos($site_url, 'https://') !== FALSE) ? 'https://' : 'http://';
                     $file_url = str_replace($upload_protocol, "", $site_url).'uploadi/editor/doc/'.$final;

                    if (move_uploaded_file($_FILES['editorDatoteka']['tmp_name'], $site_path .'uploadi/editor/doc/' .$final)) {
?>
                    <body bgcolor="#ebebeb" onload="
                        parent.document.getElementById(parent.urlsrc).value='<?=$file_url?>'; 
                        if(parent.document.getElementById('cke_75_select')){
                            parent.document.getElementById('cke_75_select').value = '<?=$upload_protocol?>';
                        }
                        window.location.href='<?= $site_url ?>editors/ckeditor_4_4/uploader/EnkaUploader.php'; 
                    ">
                    <strong style="font-family: Arial; font-size: 12px; font-weight: bold;"><?=$lang['upload_done']?></strong>
<?php
                    }else {
                        if (!file_exists($site_path .'uploadi/editor/doc/')) {
                            mkdir($site_path .'uploadi/editor/doc/', 0755, true);
                        }
?>
                    <strong style="font-family: Arial; font-size: 12px; color: red; font-weight: bold;"><?=$lang['upload_not_ok']?></strong>
<?php
                    }
                }

     }
     unset ($_POST['posted']);
     unset ($_POST['type']);
     unset ($_FILES['ul']['name']);
}else {
        //
        // IMG HANDLER
        //
        include_once('upload_class.php');
        include_once('imageresizer.class.php');

        if (isset ($_FILES['eitorSlika']['name'])) {
            $ime = preg_replace("/[^a-zA-Z0-9_\.\-]/", "", $_FILES['eitorSlika']['name']);
            $ime = strtolower($ime);
            if (strpos($ime, ".jpg") === false && strpos($ime, ".jpeg") === false && strpos($ime, ".gif") === false &&
            strpos($ime, ".png") === false && strpos($ime, ".bmp") === false && strpos($ime, ".svg") === false) {
?>
                <body onload="window.location.href='<?= $site_url ?>editors/ckeditor_4_4/uploader/EnkaUploader.php?image=1&error=1';">
 <?php
            }else {
               $nakljucno = time();
               $final = $nakljucno . $ime;
               $UF_obj = new Upload();
               $UF_obj->File = $_FILES['eitorSlika'];
               $UF_obj->SavePath = $site_path . '/uploadi/editor';
               $UF_obj->NewName = $_FILES['eitorSlika']['name'];

               //Širina in višina slike nastavimo
               $UF_obj->NewWidth = 1920;
               $UF_obj->NewHeight = 1920;

               $ime = $UF_obj->NameCase = 'lower';
               $UF_obj->OverWrite = false;
               $Error = $UF_obj->UploadFile();
               if (empty($Error)) {
 ?>
                    <body onload="parent.document.getElementById(parent.urlsrc).value='<?= $site_url ?>uploadi/editor/<?= $final ?>'; parent.document.querySelector('img[id$=_previewImage]').src='<?= $site_url ?>uploadi/editor/<?= $final ?>'; parent.document.querySelector('img[id$=_previewImage]').style.display='block'; window.location.href='<?= $site_url ?>editors/ckeditor_4_4/uploader/EnkaUploader.php?image=1';">
                    <strong style="font-family: Arial; font-size: 12px; font-weight: bold;"><?= $lang['upload_img_done'] ?></strong>
<?php
                }else {
?>
                    <strong style="font-family: Arial; font-size: 12px; color: blue; font-weight: bold;"><?= $lang['upload_img_not_ok'] ?></strong>
<?php
                }
            }
         }
    unset ($_POST['posted']);
    unset ($_POST['type']);
    unset ($_FILES['eitorSlika']);
    echo '<body style="margin-top: 0px; top: 0px; margin-left: 0px; left: 0px; padding-top: 0px;">';
}
?>

</body>
</html>