private function _upload($control, $upload_path, $filename = true)
{
// trim trailing slash from folder
$path = rtrim($upload_path, '\\/');
// if upload folder does not have a trailing slash, add the trailing slash
$path = $path . (substr($path, -1) != DIRECTORY_SEPARATOR ? DIRECTORY_SEPARATOR : '');
// if
if (isset($_FILES[$control]) && $_FILES[$control]['error'] == 0 && is_dir($path)) {
// if file names should be random
if ($filename === ZEBRA_FORM_UPLOAD_RANDOM_NAMES) {
// generate a random name for the file we're about to upload
$file_name = md5(mt_rand() . microtime() . $_FILES[$control]['name']) . (strrpos($_FILES[$control]['name'], '.') !== false ? substr($_FILES[$control]['name'], strrpos($_FILES[$control]['name'], '.')) : '');
} else {
// if the file we are about to upload does have an extension
if (strrpos($_FILES[$control]['name'], '.') !== false) {
// split the file name into "file name"...
$file_name = substr($_FILES[$control]['name'], 0, strrpos($_FILES[$control]['name'], '.'));
// ...and "file extension"
$file_extension = substr($_FILES[$control]['name'], strrpos($_FILES[$control]['name'], '.'));
// if the file we are about to upload does not have an extension
} else {
// the file name will be the actual file name...
$file_name = $_FILES[$control]['name'];
// ...while the extension will be an empty string
$file_extension = '';
}
// prefix the file name if required
$file_name = ($filename !== true ? $filename : '') . $file_name;
$suffix = '';
// knowing the suffix...
// loop as long as
while (is_file($path . $file_name . $suffix . $file_extension)) {
// if no suffix was yet set
if ($suffix === '') {
// start the suffix like this
$suffix = '_1';
} else {
// drop the "_" from the suffix
$suffix = str_replace('_', '', $suffix);
// increment the suffix
$suffix = '_' . ++$suffix;
}
}
// the final file name
$file_name = $file_name . $suffix . $file_extension;
}
// if file could be uploaded
if (@move_uploaded_file($_FILES[$control]['tmp_name'], $path . $file_name)) {
// get a list of functions disabled via configuration
$disabled_functions = @ini_get('disable_functions');
// if the 'chmod' function is not disabled via configuration
if ($disabled_functions != '' && strpos('chmod', $disabled_functions) === false) {
// chmod the file
chmod($path . $file_name, intval($this->file_upload_permissions, 8));
}
// set a special property
// the value of the property will be an array will information about the uploaded file
$this->file_upload[$control] = $_FILES[$control];
$this->file_upload[$control]['path'] = rtrim($upload_path, '/') . '/';
$this->file_upload[$control]['file_name'] = $file_name;
// if uploaded file is an image
if ($imageinfo = @getimagesize($path . $this->file_upload[$control]['file_name'])) {
// rename some of the attributes returned by getimagesize
$imageinfo['width'] = $imageinfo[0];
unset($imageinfo[0]);
$imageinfo['height'] = $imageinfo[1];
unset($imageinfo[1]);
$imageinfo['type'] = $imageinfo[2];
unset($imageinfo[2]);
$imageinfo['html'] = $imageinfo[3];
unset($imageinfo[3]);
// append image info to the file_upload property
$this->file_upload[$control]['imageinfo'] = $imageinfo;
}
// return true, as everything went as planned
return true;
}
}
// if script gets this far, return false as something must've gone wrong
return false;
}