51ff3226 |
1 | <?php |
2 | class filez { |
3 | |
f657368b |
4 | //XXX function not used, remove? |
5 | |
6 | public static function files($id) { |
51ff3226 |
7 | global $db,$error; |
8 | if (!is_dir(FILE_DIR.$_SESSION['user_id'])) { |
9 | mkdir(FILE_DIR.$_SESSION['user_id']); |
10 | } |
11 | copy($_FILES['data_file']['tmp_name'],FILE_DIR.$_SESSION['user_id'].'/'.$_FILES['data_file']['name']); |
12 | return $_SESSION['user_id'].'/'.$_FILES['data_file']['name']; |
13 | } |
14 | |
f657368b |
15 | // Function that check if given filename is "secure" (for uploading) |
16 | // Dont use for reading files, directory traversal is not checked |
17 | |
45a1b870 |
18 | public static function filename_secure($name){ |
f657368b |
19 | $suffix = array_pop(explode('.', basename($name))); |
20 | |
21 | // This is unfornately blacklist |
22 | // TODO extend for all possible server configuations |
23 | // TODO: why js? |
24 | $preg_disallowed = '/([a-z]*)(php|htm|inc|js|vbs|cgi|asp|jsp|htaccess)([a-z]*)$/i'; |
25 | if (preg_match($preg_disallowed, $suffix) > 0) { |
26 | return false; |
27 | } |
28 | return true; |
29 | } |
30 | |
51ff3226 |
31 | } |
32 | |
33 | /* |
34 | * Returns disk usage in bytes of directory $d. Limit depth level with $depth. |
35 | * Updates, documentation and examples: http://daniel.lorch.cc/projects/disk_usage/ |
36 | * |
37 | * Revision: 1.00 |
38 | */ |
39 | |
40 | function disk_usage($d, $depth = NULL) { |
41 | if(is_file($d)) |
42 | return filesize($d); |
43 | |
44 | if(isset($depth) && $depth < 0) |
45 | return 0; |
46 | |
47 | if($d[strlen($d)-1] != '\\' || $d[strlen($d)-1] != '/') |
48 | $d .= '/'; |
49 | |
50 | $dh=@opendir($d); |
51 | if(!$dh) |
52 | return 0; |
53 | |
54 | while($e = readdir($dh)) |
55 | if($e != '.' && $e != '..') |
56 | $usage += disk_usage($d.$e, isset($depth) ? $depth - 1 : NULL); |
57 | |
58 | closedir($dh); |
59 | |
60 | return $usage; |
61 | } |
62 | |
63 | |
f657368b |
64 | ?> |