| [ Index ] |
|
Code source de vtiger CRM 5.0.2 |
1 <?php 2 3 /********************************************************************************* 4 ** The contents of this file are subject to the vtiger CRM Public License Version 1.0 5 * ("License"); You may not use this file except in compliance with the License 6 * The Original Code is: vtiger CRM Open Source 7 * The Initial Developer of the Original Code is vtiger. 8 * Portions created by vtiger are Copyright (C) vtiger. 9 * All Rights Reserved. 10 * 11 ********************************************************************************/ 12 13 14 require_once ('include/database/PearDatabase.php'); 15 require_once ('include/utils/utils.php'); 16 17 $uploaddir = $root_directory ."/test/upload/" ;// set this to wherever 18 // Arbitrary File Upload Vulnerability fix - Philip 19 $binFile = $_FILES['binFile']['name']; 20 $ext_pos = strrpos($binFile, "."); 21 22 $ext = substr($binFile, $ext_pos + 1); 23 24 if (in_array($ext, $upload_badext)) 25 { 26 $binFile .= ".txt"; 27 } 28 $_FILES["binFile"]["name"] = $binFile; 29 // Vulnerability fix ends 30 31 if(move_uploaded_file($_FILES["binFile"]["tmp_name"],$uploaddir.$_FILES["binFile"]["name"])) 32 { 33 $binFile = $_FILES['binFile']['name']; 34 $filename = basename($binFile); 35 $filetype= $_FILES['binFile']['type']; 36 $filesize = $_FILES['binFile']['size']; 37 38 $error_flag =""; 39 $filetype_array = explode("/",$filetype); 40 41 $file_type_value = strtolower($filetype_array[1]); 42 43 if($filesize != 0) 44 { 45 if($file_type_value == "msword" || $file_type_value == "doc" || $file_type_value == "document") 46 { 47 if($result!=false) 48 { 49 $savefile="true"; 50 } 51 } 52 else 53 { 54 $savefile="false"; 55 $error_flag="1"; 56 } 57 58 $data = base64_encode(fread(fopen($uploaddir.$binFile, "r"), $filesize)); 59 //$data = addslashes(fread(fopen($uploaddir.$binFile, "r"), $filesize)); 60 $textDesc = $_REQUEST['txtDescription']; 61 $strDescription = addslashes($textDesc); 62 // $fileid = create_guid(); 63 $date_entered = date('YmdHis'); 64 //Retreiving the return module and setting the parent type 65 $ret_module = $_REQUEST['return_module']; 66 $parent_type; 67 if($_REQUEST['return_module'] == 'Leads') 68 { 69 $parent_type = 'Lead'; 70 } 71 elseif($_REQUEST['return_module'] == 'Accounts') 72 { 73 $parent_type = 'Account'; 74 } 75 elseif($_REQUEST['return_module'] == 'Contacts') 76 { 77 $parent_type = 'Contact'; 78 } 79 elseif($_REQUEST['return_module'] == 'Potentials') 80 { 81 $parent_type = 'Potential'; 82 } 83 84 $genQueryId = $adb->getUniqueID("vtiger_wordtemplates"); 85 if($genQueryId != '') 86 { 87 if($result!=false && $savefile=="true") 88 { 89 $module = $_REQUEST['target_module']; 90 $sql = "INSERT INTO vtiger_wordtemplates "; 91 $sql .= "(templateid,module,date_entered,parent_type,data,description,filename,filesize,filetype) "; 92 $sql .= "VALUES (".$genQueryId.",'".$module."',".$adb->formatString('vtiger_wordtemplates','date_entered',$date_entered).",'$parent_type',".$adb->getEmptyBlob().",'$strDescription',"; 93 $sql .= "'$filename', '$filesize', '$filetype')"; 94 95 $result = $adb->query($sql); 96 $result = $adb->updateBlob('vtiger_wordtemplates','data'," filename='".$filename."'",$data); 97 deleteFile($uploaddir,$filename); 98 header("Location: index.php?action=listwordtemplates&module=Users&parenttab=Settings"); 99 } 100 elseif($savefile=="false") 101 { 102 header("Location: index.php?action=upload&module=Users&parenttab=Settings&flag=".$error_flag); 103 104 } 105 else 106 { 107 include('themes/'.$theme.'/header.php'); 108 $errormessage = "<font color='red'><B>Error Message<ul> 109 <li><font color='red'>Invalid file OR</font> 110 <li><font color='red'>File has no data</font> 111 </ul></B></font> <br>" ; 112 echo $errormessage; 113 deleteFile($uploaddir,$filename); 114 include "upload.php"; 115 } 116 } 117 } 118 } 119 else 120 { 121 $errorCode = $_FILES['binFile']['error']; 122 123 if($errorCode == 4) 124 { 125 include('themes/'.$theme.'/header.php'); 126 include "upload.php"; 127 // $errormessage = "<B><font color='red'>Kindly give a valid file for upload!</font></B> <br>" ; 128 echo "<script>alert('Please Specify a File to Merge')</script>"; 129 } 130 else if($errorCode == 2) 131 { 132 include('themes/'.$theme.'/header.php'); 133 include "upload.php"; 134 //$errormessage = "<B><font color='red'>Sorry, the uploaded file exceeds the maximum filesize limit. Please try a smaller file</font></B> <br>"; 135 echo "<script>alert('Sorry, the uploaded file exceeds the maximum filesize limit. Please try a smaller file')</script>"; 136 //echo $errormessage; 137 //echo $errorCode; 138 } 139 else if($errorCode == 3) 140 { 141 include('themes/'.$theme.'/header.php'); 142 include "upload.php"; 143 echo "<script>alert('Problems in file upload. Please try again!')</script>"; 144 145 } 146 147 } 148 149 function deleteFile($dir,$filename) 150 { 151 unlink($dir.$filename); 152 } 153 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Sun Feb 25 10:22:19 2007 | par Balluche grâce à PHPXref 0.7 |