= ecu_user_uploads_per_hour()) {
$alert = sprintf(__('You are only permitted to upload %u files per hour.', 'easy-comment-uploads'),
ecu_user_uploads_per_hour());
} else if (!wp_verify_nonce($_REQUEST['_wpnonce'],
'ecu_upload_form')) {
// Check referer
$alert = __('Invalid Referrer!');
} else if (move_uploaded_file($_FILES['file']['tmp_name'],
$target_path)) {
$filelink = $target_url . $target_name;
$filecode = "[$type]$filelink\[/$type]";
// Add the filecode to the comment form
write_js("write_comment('$filecode');");
// Post info below upload form
write_html_form("");
if ($is_image) {
$thumbnail = ecu_thumbnail($filelink, 300);
write_html_form(""
. "
"
. '
');
}
ecu_user_record_upload_time();
if (get_option('ecu_media_library_insertion'))
ecu_insert_attachment($target_path);
} else {
$alert = __('There was an error uploading the file, '
. 'please try again!', 'easy-comment-uploads');
}
write_js('upload_end()');
// Alert the user of any errors
if (isset($alert))
js_alert($alert);
// Check upload against blacklist and return true unless it matches
function filetype_blacklisted() {
$blacklist = ecu_get_blacklist();
return preg_match('/\\.((' . implode('|', $blacklist)
. ')|~)([^a-z0-9]|$)/i', $_FILES['file']['name']);
}
// Check upload against whitelist and return true if it matches
function filetype_whitelisted() {
$whitelist = ecu_get_whitelist();
return preg_match('/^[^\\.]+\\.(' . implode('|', $whitelist)
. ')$/i', $_FILES['file']['name']);
}
// Check whether file in within size
function file_within_size(&$extension, &$limit) {
$extension = '';
$limits = get_option('ecu_per_filetype_upload_limits');
$limit = get_option('ecu_max_file_size');
if (preg_match('/(?<=\.)[a-z0-9]+$/i',
$_FILES['file']['name'], $matches)
&& array_key_exists($matches[0], $limits)) {
$extension = $matches[0];
$limit = $limits[$extension];
}
return $limit == 0 || $_FILES['file']['size'] < $limit*1024;
}
// Write script as js to the page
function write_js($script) {
echo "\n";
}
// Send message to user in an alert
function js_alert($msg) {
write_js("alert('$msg');");
}
// Write html to the preview iframe
function write_html_form ($html) {
write_js("parent.parent.document.getElementById('ecu_preview')"
. ".innerHTML = \"$html\""
. "+ parent.parent.document.getElementById('ecu_preview')"
. ".innerHTML");
}
// Find a unique filename similar to $prototype
function find_unique_target ($prototype) {
$prototype_parts = pathinfo ($prototype);
$ext = $prototype_parts['extension'];
$dir = $prototype_parts['dirname'];
$name = sanitize_file_name(filter_var($prototype_parts['filename'],
FILTER_SANITIZE_URL));
$dot = $ext == '' ? '' : '.';
if (!file_exists("$dir/$name.$ext")) {
return "$dir/$name$dot$ext";
} else {
$i = 1;
while (file_exists("$dir/$name-$i$dot$ext")) { ++$i; }
return "$dir/$name-$i$dot$ext";
}
}
?>