| 1 | <?php |
| 2 | class filez { |
| 3 | |
| 4 | //XXX function not used, remove? |
| 5 | |
| 6 | public static function files($id) { |
| 7 | global $db,$error; |
| 8 | if (!is_dir(FILE_DIR.$_SESSION['user_id'])) { |
| 9 | mkdir(FILE_DIR.$_SESSION['user_id']); |
| 10 | } |
| 11 | copy($_FILES['data_file']['tmp_name'],FILE_DIR.$_SESSION['user_id'].'/'.$_FILES['data_file']['name']); |
| 12 | return $_SESSION['user_id'].'/'.$_FILES['data_file']['name']; |
| 13 | } |
| 14 | |
| 15 | // Function that check if given filename is "secure" (for uploading) |
| 16 | // Dont use for reading files, directory traversal is not checked |
| 17 | |
| 18 | public static function filename_secure($name){ |
| 19 | $suffix = array_pop(explode('.', basename($name))); |
| 20 | |
| 21 | // This is unfornately blacklist |
| 22 | // TODO extend for all possible server configuations |
| 23 | // TODO: why js? |
| 24 | $preg_disallowed = '/([a-z]*)(php|htm|inc|js|vbs|cgi|asp|jsp|htaccess)([a-z]*)$/i'; |
| 25 | if (preg_match($preg_disallowed, $suffix) > 0) { |
| 26 | return false; |
| 27 | } |
| 28 | return true; |
| 29 | } |
| 30 | |
| 31 | } |
| 32 | |
| 33 | /* |
| 34 | * Returns disk usage in bytes of directory $d. Limit depth level with $depth. |
| 35 | * Updates, documentation and examples: http://daniel.lorch.cc/projects/disk_usage/ |
| 36 | * |
| 37 | * Revision: 1.00 |
| 38 | */ |
| 39 | |
| 40 | function disk_usage($d, $depth = NULL) { |
| 41 | if(is_file($d)) |
| 42 | return filesize($d); |
| 43 | |
| 44 | if(isset($depth) && $depth < 0) |
| 45 | return 0; |
| 46 | |
| 47 | if($d[strlen($d)-1] != '\\' || $d[strlen($d)-1] != '/') |
| 48 | $d .= '/'; |
| 49 | |
| 50 | $dh=@opendir($d); |
| 51 | if(!$dh) |
| 52 | return 0; |
| 53 | |
| 54 | while($e = readdir($dh)) |
| 55 | if($e != '.' && $e != '..') |
| 56 | $usage += disk_usage($d.$e, isset($depth) ? $depth - 1 : NULL); |
| 57 | |
| 58 | closedir($dh); |
| 59 | |
| 60 | return $usage; |
| 61 | } |
| 62 | |
| 63 | |
| 64 | ?> |