227,7 → 227,7 |
{ |
if (!ALLOW_FILES) |
{ |
$page->drawError("This system doesn't allow file uploading."); |
$this->drawError("This system doesn't allow file uploading."); |
return false; |
} |
|
234,7 → 234,7 |
$this->checkLoggedIn(); |
if ($this->getLoggedInUser()->accessID >= 2) |
{ |
$page->drawError('You do not have permission to access this page.'); |
$this->drawError('You do not have permission to access this page.'); |
} |
|
$allowedExts = array("gif", "jpeg", "jpg", "png", "tga"); |
246,13 → 246,14 |
|| ($_FILES[$fname]["type"] == "image/pjpeg") |
|| ($_FILES[$fname]["type"] == "image/x-png") |
|| ($_FILES[$fname]["type"] == "image/png") |
|| ($_FILES[$fname]["type"] == "image/tga")) |
|| ($_FILES[$fname]["type"] == "image/x-targa") |
|| ($_FILES[$fname]["type"] == "image/x-tga")) |
&& ($_FILES[$fname]["size"] < 200000) // file size limit (bytes) |
&& in_array($extension, $allowedExts)) |
{ |
if ($_FILES[$fname]["error"] > 0) |
{ |
$page->drawError("File Upload Error: " . $_FILES[$fname]["error"]); |
$this->drawError("File Upload Error: " . $_FILES[$fname]["error"]); |
} |
else |
{ |
263,13 → 264,13 |
$lname = "upload/" . $this->rndString(12) . "." . $extension; |
} |
|
move_uploaded_file($_FILES[$fname]["tmp_name"], $lname); |
return $lname; |
move_uploaded_file($_FILES[$fname]["tmp_name"], $this->url . $lname); |
return ROOT_PATH . $lname; |
} |
} |
else |
{ |
$page->drawError("Invalid file"); |
$this->drawError("Invalid file"); |
} |
|
return false; |