Overview

Packages

  • Auth
    • Ads
    • Ldap
    • Xoops
  • Autotasks
  • Config
    • Category
    • Item
    • Option
  • Core
    • Filesystem
    • Filters
    • Logger
    • Mail
    • Message
    • Password
    • Security
    • StopSpammer
    • Template
    • Textsanitizer
    • VersionChecker
  • Data
    • Avatar
    • Comment
  • Database
    • Connection
    • Criteria
    • Legacy
    • MySQL
    • PDO
    • Updater
  • Feeds
    • RSS
  • File
  • Form
    • Base
    • Elements
  • ICMS
    • IPF
      • View
  • Image
    • Category
  • Ipf
    • Category
    • Controller
    • Export
    • form
    • Keyhighlighter
    • Member
    • Object
    • Permission
    • richfile
    • Tree
    • urllink
    • View
  • kernel
    • Set
  • Member
    • Group
    • GroupMembership
    • GroupPermission
    • User
  • Messaging
  • Module
  • None
  • Notification
  • Page
  • Plugins
    • Editor
  • Preload
    • Libraries
  • Privmessage
  • Session
  • SmartObject
  • View
    • Block
    • Breadcrumb
    • PageNav
    • PrinterFriendly
    • Template
    • Templates
    • Theme
    • Tree

Classes

  • icms_auth_Ads
  • icms_auth_Factory
  • icms_auth_Ldap
  • icms_auth_Object
  • icms_auth_Provisionning
  • icms_auth_Xoops
  • icms_Autoloader
  • icms_config_category_Handler
  • icms_config_category_Object
  • icms_config_Handler
  • icms_config_Item_Handler
  • icms_config_Item_Object
  • icms_config_option_Handler
  • icms_config_option_Object
  • icms_core_DataFilter
  • icms_core_Debug
  • icms_core_Filesystem
  • icms_core_HTMLFilter
  • icms_core_Logger
  • icms_core_Message
  • icms_core_Object
  • icms_core_ObjectHandler
  • icms_core_OnlineHandler
  • icms_core_Password
  • icms_core_Security
  • icms_core_Session
  • icms_core_StopSpammer
  • icms_core_Textsanitizer
  • icms_core_Versionchecker
  • icms_data_avatar_Handler
  • icms_data_avatar_Object
  • icms_data_comment_Handler
  • icms_data_comment_Object
  • icms_data_comment_Renderer
  • icms_data_file_Handler
  • icms_data_file_Object
  • icms_data_notification_Handler
  • icms_data_notification_Object
  • icms_data_page_Handler
  • icms_data_page_Object
  • icms_data_privmessage_Handler
  • icms_data_privmessage_Object
  • icms_data_urllink_Handler
  • icms_data_urllink_Object
  • icms_db_Connection
  • icms_db_criteria_Compo
  • icms_db_criteria_Element
  • icms_db_criteria_Item
  • icms_db_Factory
  • icms_db_legacy_Database
  • icms_db_legacy_Factory
  • icms_db_legacy_mysql_Database
  • icms_db_legacy_mysql_Proxy
  • icms_db_legacy_mysql_Safe
  • icms_db_legacy_mysql_Utility
  • icms_db_legacy_PdoDatabase
  • icms_db_legacy_updater_Handler
  • icms_db_legacy_updater_Table
  • icms_db_mysql_Connection
  • icms_db_mysql_Utility
  • icms_Event
  • icms_feeds_Rss
  • icms_feeds_Simplerss
  • icms_file_DownloadHandler
  • icms_file_MediaUploadHandler
  • icms_file_TarDownloader
  • icms_file_TarFileHandler
  • icms_file_ZipDownloader
  • icms_file_ZipFileHandler
  • icms_form_Base
  • icms_form_Element
  • icms_form_elements_Button
  • icms_form_elements_Captcha
  • icms_form_elements_captcha_Image
  • icms_form_elements_captcha_ImageHandler
  • icms_form_elements_captcha_Object
  • icms_form_elements_captcha_Text
  • icms_form_elements_Checkbox
  • icms_form_elements_Colorpicker
  • icms_form_elements_Date
  • icms_form_elements_Datetime
  • icms_form_elements_Dhtmltextarea
  • icms_form_elements_Editor
  • icms_form_elements_File
  • icms_form_elements_Groupperm
  • icms_form_elements_Hidden
  • icms_form_elements_Hiddentoken
  • icms_form_elements_Label
  • icms_form_elements_Password
  • icms_form_elements_Radio
  • icms_form_elements_Radioyn
  • icms_form_elements_Select
  • icms_form_elements_select_Country
  • icms_form_elements_select_Editor
  • icms_form_elements_select_Group
  • icms_form_elements_select_Image
  • icms_form_elements_select_Lang
  • icms_form_elements_select_Matchoption
  • icms_form_elements_select_Theme
  • icms_form_elements_select_Timezone
  • icms_form_elements_select_User
  • icms_form_elements_Text
  • icms_form_elements_Textarea
  • icms_form_elements_Tray
  • icms_form_Groupperm
  • icms_form_Simple
  • icms_form_Table
  • icms_form_Theme
  • icms_image_category_Handler
  • icms_image_category_Object
  • icms_image_Handler
  • icms_image_Object
  • icms_image_set_Handler
  • icms_image_set_Object
  • icms_ipf_About
  • icms_ipf_category_Handler
  • icms_ipf_category_Object
  • icms_ipf_Controller
  • icms_ipf_export_Handler
  • icms_ipf_export_Renderer
  • icms_ipf_form_Base
  • icms_ipf_form_elements_Autocomplete
  • icms_ipf_form_elements_Blockoptions
  • icms_ipf_form_elements_Checkbox
  • icms_ipf_form_elements_Date
  • icms_ipf_form_elements_Datetime
  • icms_ipf_form_elements_File
  • icms_ipf_form_elements_Fileupload
  • icms_ipf_form_elements_Image
  • icms_ipf_form_elements_Imageupload
  • icms_ipf_form_elements_Language
  • icms_ipf_form_elements_Page
  • icms_ipf_form_elements_Parentcategory
  • icms_ipf_form_elements_Passwordtray
  • icms_ipf_form_elements_Radio
  • icms_ipf_form_elements_Richfile
  • icms_ipf_form_elements_Section
  • icms_ipf_form_elements_Select
  • icms_ipf_form_elements_Selectmulti
  • icms_ipf_form_elements_Signature
  • icms_ipf_form_elements_Source
  • icms_ipf_form_elements_Text
  • icms_ipf_form_elements_Time
  • icms_ipf_form_elements_Upload
  • icms_ipf_form_elements_Urllink
  • icms_ipf_form_elements_User
  • icms_ipf_form_elements_Yesno
  • icms_ipf_form_Secure
  • icms_ipf_Handler
  • icms_ipf_Highlighter
  • icms_ipf_member_Handler
  • icms_ipf_Metagen
  • icms_ipf_Object
  • icms_ipf_permission_Handler
  • icms_ipf_registry_Handler
  • icms_ipf_seo_Object
  • icms_ipf_Tree
  • icms_ipf_view_Column
  • icms_ipf_view_Row
  • icms_ipf_view_Single
  • icms_ipf_view_Table
  • icms_ipf_view_Tree
  • icms_member_group_Handler
  • icms_member_group_membership_Handler
  • icms_member_group_membership_Object
  • icms_member_group_Object
  • icms_member_groupperm_Handler
  • icms_member_groupperm_Object
  • icms_member_Handler
  • icms_member_user_Handler
  • icms_member_user_Object
  • icms_messaging_EmailHandler
  • icms_messaging_Handler
  • icms_module_Handler
  • icms_module_Object
  • icms_plugins_EditorHandler
  • icms_plugins_Handler
  • icms_plugins_Object
  • icms_preload_Handler
  • icms_preload_Item
  • icms_preload_LibrariesHandler
  • icms_sys_autotasks_System
  • icms_Utils
  • icms_view_block_Handler
  • icms_view_block_Object
  • icms_view_block_position_Handler
  • icms_view_block_position_Object
  • icms_view_Breadcrumb
  • icms_view_PageBuilder
  • icms_view_PageNav
  • icms_view_Printerfriendly
  • icms_view_template_file_Handler
  • icms_view_template_file_Object
  • icms_view_template_set_Handler
  • icms_view_template_set_Object
  • icms_view_theme_Factory
  • icms_view_theme_Object
  • icms_view_Tpl
  • icms_view_Tree

Interfaces

  • icms_db_IConnection
  • icms_db_IUtility
  • icms_db_legacy_IDatabase
  • icms_sys_autotasks_ISystem
  • Overview
  • Package
  • Class
  1:   2:   3:   4:   5:   6:   7:   8:   9:  10:  11:  12:  13:  14:  15:  16:  17:  18:  19:  20:  21:  22:  23:  24:  25:  26:  27:  28:  29:  30:  31:  32:  33:  34:  35:  36:  37:  38:  39:  40:  41:  42:  43:  44:  45:  46:  47:  48:  49:  50:  51:  52:  53:  54:  55:  56:  57:  58:  59:  60:  61:  62:  63:  64:  65:  66:  67:  68:  69:  70:  71:  72:  73:  74:  75:  76:  77:  78:  79:  80:  81:  82:  83:  84:  85:  86:  87:  88:  89:  90:  91:  92:  93:  94:  95:  96:  97:  98:  99: 100: 101: 102: 103: 104: 105: 106: 107: 108: 109: 110: 111: 112: 113: 114: 115: 116: 117: 118: 119: 120: 121: 122: 123: 124: 125: 126: 127: 128: 129: 130: 131: 132: 133: 134: 135: 136: 137: 138: 139: 140: 141: 142: 143: 144: 145: 146: 147: 148: 149: 150: 151: 152: 153: 154: 155: 156: 157: 158: 159: 160: 161: 162: 163: 164: 165: 166: 167: 168: 169: 170: 171: 172: 173: 174: 175: 176: 177: 178: 179: 180: 181: 182: 183: 184: 185: 186: 187: 188: 189: 190: 191: 192: 193: 194: 195: 196: 197: 198: 199: 200: 201: 202: 203: 204: 205: 206: 207: 208: 209: 210: 211: 212: 213: 214: 215: 216: 217: 218: 219: 220: 221: 222: 223: 224: 225: 226: 227: 228: 229: 230: 231: 232: 233: 234: 235: 236: 237: 238: 239: 240: 241: 242: 243: 244: 245: 246: 247: 248: 249: 250: 251: 252: 253: 254: 255: 256: 257: 258: 259: 260: 261: 262: 263: 264: 265: 266: 267: 268: 269: 270: 271: 272: 273: 274: 275: 276: 277: 278: 279: 280: 281: 282: 283: 284: 285: 286: 287: 288: 289: 290: 291: 292: 293: 294: 295: 296: 297: 298: 299: 300: 301: 302: 303: 304: 305: 306: 307: 308: 309: 310: 311: 312: 313: 314: 315: 316: 317: 318: 319: 320: 321: 322: 323: 324: 325: 326: 327: 328: 329: 330: 331: 332: 333: 334: 335: 336: 337: 338: 339: 340: 341: 342: 343: 344: 345: 346: 347: 348: 349: 350: 351: 352: 353: 354: 355: 356: 357: 358: 359: 360: 361: 362: 363: 364: 365: 366: 367: 368: 369: 370: 371: 372: 373: 374: 375: 376: 377: 378: 379: 380: 381: 382: 383: 384: 385: 386: 387: 388: 389: 390: 391: 392: 393: 394: 395: 396: 397: 398: 399: 400: 401: 402: 403: 404: 405: 406: 407: 408: 409: 410: 411: 412: 413: 414: 415: 416: 417: 418: 419: 420: 421: 422: 423: 424: 425: 426: 427: 428: 429: 430: 431: 432: 433: 434: 435: 436: 437: 438: 439: 440: 441: 442: 443: 444: 445: 446: 447: 448: 449: 450: 451: 452: 453: 454: 455: 456: 457: 458: 459: 460: 461: 462: 463: 464: 465: 466: 467: 468: 469: 470: 471: 472: 473: 474: 475: 476: 477: 478: 479: 480: 481: 482: 483: 484: 485: 486: 487: 488: 489: 490: 491: 492: 493: 494: 495: 496: 497: 498: 499: 500: 501: 502: 503: 504: 505: 506: 507: 508: 509: 510: 511: 512: 513: 514: 515: 516: 517: 518: 519: 520: 521: 522: 523: 524: 525: 526: 527: 528: 529: 530: 531: 532: 533: 534: 535: 536: 537: 538: 539: 540: 541: 542: 543: 544: 545: 546: 547: 548: 549: 550: 551: 552: 553: 554: 555: 556: 557: 558: 559: 560: 561: 562: 563: 564: 565: 566: 567: 568: 569: 570: 571: 572: 573: 574: 575: 576: 577: 578: 579: 580: 581: 582: 583: 584: 585: 586: 587: 588: 589: 590: 591: 592: 593: 594: 595: 596: 597: 598: 
<?php
//  ------------------------------------------------------------------------ //
//                XOOPS - PHP Content Management System                      //
//                    Copyright (c) 2000 XOOPS.org                           //
//                       <http://www.xoops.org/>                             //
//  ------------------------------------------------------------------------ //
//  This program is free software; you can redistribute it and/or modify     //
//  it under the terms of the GNU General Public License as published by     //
//  the Free Software Foundation; either version 2 of the License, or        //
//  (at your option) any later version.                                      //
//                                                                           //
//  You may not change or alter any portion of this comment or credits       //
//  of supporting developers from this source code or any supporting         //
//  source code which is considered copyrighted (c) material of the          //
//  original comment or credit authors.                                      //
//                                                                           //
//  This program is distributed in the hope that it will be useful,          //
//  but WITHOUT ANY WARRANTY; without even the implied warranty of           //
//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the            //
//  GNU General Public License for more details.                             //
//                                                                           //
//  You should have received a copy of the GNU General Public License        //
//  along with this program; if not, write to the Free Software              //
//  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA //
//  ------------------------------------------------------------------------ //
// Author: Kazumi Ono (AKA onokazu)                                          //
// URL: http://www.myweb.ne.jp/, http://www.xoops.org/, http://jp.xoops.org/ //
// Project: The XOOPS Project                                                //
// ------------------------------------------------------------------------- //
/**
 * The uploader class of media files
 *
 * @copyright   http://www.impresscms.org/ The ImpressCMS Project
 * @license     http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU General Public License (GPL)
 *
 * @category    ICMS
 * @package     File
 * @version     SVN: $Id: MediaUploadHandler.php 12313 2013-09-15 21:14:35Z skenow $
 */
/*!
 Example

 $allowed_mimetypes = array('image/gif', 'image/jpeg', 'image/pjpeg', 'image/x-png');
 $maxfilesize = 50000;
 $maxfilewidth = 120;
 $maxfileheight = 120;
 $uploader = new icms_file_MediaUploadHandler('/home/httpdocs/uploads', $allowed_mimetypes, $maxfilesize, $maxfilewidth, $maxfileheight);
 if($uploader->fetchMedia($_POST['uploade_file_name'])) {
     if(!$uploader->upload()) {
         echo $uploader->getErrors();
     } else {
         echo '<h4>File uploaded successfully!</h4>'
         echo 'Saved as: ' . $uploader->getSavedFileName() . '<br />';
         echo 'Full path: ' . $uploader->getSavedDestination();
     }
 } else {
     echo $uploader->getErrors();
 }
 */
/**
 * Upload Media files
 * Example of usage:
 * <code>
 * $allowed_mimetypes = array('image/gif', 'image/jpeg', 'image/pjpeg', 'image/x-png');
 * $maxfilesize = 50000;
 * $maxfilewidth = 120;
 * $maxfileheight = 120;
 * $uploader = new icms_file_MediaUploadHandler('/home/httpdocs/uploads', $allowed_mimetypes, $maxfilesize, $maxfilewidth, $maxfileheight);
 * if($uploader->fetchMedia($_POST['uploade_file_name'])) {
 *     if(!$uploader->upload()) {
 *         echo $uploader->getErrors();
 *     } else {
 *         echo '<h4>File uploaded successfully!</h4>'
 *         echo 'Saved as: ' . $uploader->getSavedFileName() . '<br />';
 *         echo 'Full path: ' . $uploader->getSavedDestination();
 *     }
 * } else {
 *   echo $uploader->getErrors();
 * }
 * </code>
 * @category    ICMS
 * @package     File
 *
 * @author      Kazumi Ono     <onokazu@xoops.org>
 * @author      phppp
 * @copyright   copyright (c) 2000-2007 XOOPS.org
 */
class icms_file_MediaUploadHandler {

    /**
     * @var bool Flag indicating if unrecognized mimetypes should be allowed (use with precaution ! may lead to security issues )
     **/
    private $allowUnknownTypes = false;

    /** @var string Name of the file to upload */
    private $mediaName;

    /** @var string Type of the file to upload */
    private $mediaType;

    /** @var string Size of the file to upload */
    private $mediaSize;

    /** @var string Temp name after the file was uploaded */
    private $mediaTmpName;

    /** @var string Was there an error in media type or name */
    private $mediaError;

    /** @var string Real typ after upload */
    private $mediaRealType = '';

    /** @var string Upload directory */
    private $uploadDir = '';

    /** @var array Allowed Mime Types */
    private $allowedMimeTypes = array();

    /** @var string Denied Mime types */
    private $deniedMimeTypes = array(
        "application/x-httpd-php"
        );

    /** @var int Maximum Filesize */
    private $maxFileSize = 0;

    /** @var string Maximum witdth */
    private $maxWidth;

    /** @var string Maximum height */
    private $maxHeight;

    /** @var string Target Filename */
    private $targetFileName;

    /** @var string Prefix (for filename?) */
    private $prefix;

    /** @var array The errors that have occurred */
    private $errors = array();

    /** @var string Saved Destination after upload */
    private $savedDestination;

    /** @var string Saved Filename after upload */
    private $savedFileName;

    /** @var array */
    private $extensionToMime = array();

    /** @var bool Would you like to check the image type? */
    private $checkImageType = true;

    /** @var array */
    private $extensionsToBeSanitized = array(
        'php',
        'phtml',
        'phtm',
        'php3',
        'php4',
        'cgi',
        'pl',
        'asp',
        'php5'
    );

    // extensions needed image check (anti-IE Content-Type XSS)
    /** @var array */
    private $imageExtensions = array(
        1 => 'gif',
        2 => 'jpg',
        3 => 'png',
        4 => 'swf',
        5 => 'psd',
        6 => 'bmp',
        7 => 'tif',
        8 => 'tif',
        9 => 'jpc',
        10 => 'jp2',
        11 => 'jpx',
        12 => 'jb2',
        13 => 'swc',
        14 => 'iff',
        15 => 'wbmp',
        16 => 'xbm'
    );

    /**
     * Constructor
     *
     * @param   string  $uploadDir
     * @param   array   $allowedMimeTypes
     * @param   int     $maxFileSize
     * @param   int     $maxWidth
     * @param   int     $maxHeight
     */
    public function __construct($uploadDir, $allowedMimeTypes, $maxFileSize = 0, $maxWidth = null, $maxHeight = null) {
        $this->extensionToMime = icms_Utils::mimetypes() ;
        if (!is_array($this->extensionToMime)) {
            $this->extensionToMime = array();
            return false;
        }
        if (is_array($allowedMimeTypes)) {
            $this->allowedMimeTypes = & $allowedMimeTypes;
        }
        $this->uploadDir = $uploadDir;
        $this->maxFileSize = (int) $maxFileSize;
        if (isset($maxWidth)) {
            $this->maxWidth = (int) $maxWidth;
        }
        if (isset($maxHeight)) {
            $this->maxHeight = (int) $maxHeight;
        }

        icms_loadLanguageFile('core', 'uploader');
    }

    /**
     * Fetch the uploaded file
     * @todo    Remote get_magic_quotes_gpd - is is deprecated and will always return FALSE in PHP 5.4
     * @param   string  $media_name Name of the file field
     * @param   int     $index      Index of the file (if more than one uploaded under that name)
     * @return  bool
     */
    public function fetchMedia($media_name, $index = null) {
        if (empty($this->extensionToMime)) {
            self::setErrors(_ER_UP_MIMETYPELOAD);
            return false;
        }
        if (!isset($_FILES[$media_name])) {
            self::setErrors(_ER_UP_FILENOTFOUND);
            return false;
        } elseif (is_array($_FILES[$media_name]['name']) && isset($index)) {
            $index = (int) ($index);
            $this->mediaName = $_FILES[$media_name]['name'][$index];
            $this->mediaType = $_FILES[$media_name]['type'][$index];
            $this->mediaSize = $_FILES[$media_name]['size'][$index];
            $this->mediaTmpName = $_FILES[$media_name]['tmp_name'][$index];
            $this->mediaError = !empty($_FILES[$media_name]['error'][$index]) ? $_FILES[$media_name]['error'][$index] : 0;
        } else {
            $media_name = & $_FILES[$media_name];
            $this->mediaName = $media_name['name'];
            $this->mediaType = $media_name['type'];
            $this->mediaSize = $media_name['size'];
            $this->mediaTmpName = $media_name['tmp_name'];
            $this->mediaError = !empty($media_name['error']) ? $media_name['error'] : 0;
        }
        if (($ext = strrpos($this->mediaName, '.')) !== false) {
            $ext = strtolower(substr($this->mediaName, $ext +1));
            if (isset($this->extensionToMime[$ext])) {
                $this->mediaRealType = $this->extensionToMime[$ext];
            }
        }
        $this->errors = array();
        if ( (int) ($this->mediaSize) < 0) {
            self::setErrors(_ER_UP_INVALIDFILESIZE);
            return false;
        }
        if ($this->mediaName == '') {
            self::setErrors(_ER_UP_FILENAMEEMPTY);
            return false;
        }
        if ($this->mediaTmpName == 'none' || !is_uploaded_file($this->mediaTmpName)) {
            self::setErrors($this->getUploadErrorText($media_name['error']));
            return false;
        }
        if ($this->mediaError > 0) {
            self::setErrors(sprintf(_ER_UP_ERROROCCURRED, $this->mediaError));
            return false;
        }
        return true;
    }

    /**
     * Get Text messages for POST upload errors
     *
     * @param int $err error number
     * @return string error message
     */
    private function getUploadErrorText($err) {
        switch ($err) {
            case UPLOAD_ERR_INI_SIZE:
            case UPLOAD_ERR_FORM_SIZE:
                $err = _ER_UP_INVALIDFILESIZE;
                break;
            case UPLOAD_ERR_PARTIAL:
                $err = _ER_UP_PARTIALLY;
                break;
            case UPLOAD_ERR_NO_FILE:
                $err = _ER_UP_NOFILEUPLOADED;
                break;
            case UPLOAD_ERR_NO_TMP_DIR:
                $err = _ER_UP_NO_TMP_DIR;
                break;
            case UPLOAD_ERR_CANT_WRITE:
                $err = _ER_UP_CANT_WRITE;
                break;
            case UPLOAD_ERR_EXTENSION:
                $err = _ER_UP_NOFILEUPLOADED;
                break;
        }
        return $err;
    }

    /**
     * Set the target filename
     * @param   string  $value
     */
    public function setTargetFileName($value) {
        $this->targetFileName = (string) (trim($value));
    }

    /**
     * Set the prefix
     * @param    string  $value
     * @param    bool    $unique
     */
    public function setPrefix($value, $unique = true) {
        if (isset($value) && $value !== '') {
            if (!isset($unique) || (isset($unique) && $unique !== true)) {
                $this->prefix = (string) trim($value);
            } elseif (isset($unique) && $unique == true) {
                $this->prefix = (string) (trim($value)) . '_' . uniqid(rand(0, 32767));
            }
        } elseif (!isset($value) || $value == '') {
            if (!isset($unique) || (isset($unique) && $unique !== true)) {
                $this->prefix = '';
            } elseif (isset($unique) && $unique == true) {
                $this->prefix = uniqid(rand(0, 32767));
            }
        }
    }

    /**
     * Get the uploaded filename
     * @return  string
     */
    public function getMediaName() {
        return $this->mediaName;
    }

    /**
     * Get the type of the uploaded file
     * @return  string
     */
    public function getMediaType() {
        return $this->mediaType;
    }

    /**
     * Get the size of the uploaded file
     * @return  int
     */
    public function getMediaSize() {
        return $this->mediaSize;
    }

    /**
     * Get the temporary name that the uploaded file was stored under
     * @return  string
     */
    public function getMediaTmpName() {
        return $this->mediaTmpName;
    }

    /**
     * Get the saved filename
     * @return  string
     */
    public function getSavedFileName() {
        return $this->savedFileName;
    }

    /**
     * Get the destination the file is saved to
     * @return  string
     */
    public function getSavedDestination() {
        return $this->savedDestination;
    }

    /**
     * Check the file and copy it to the destination
     * @return  bool
     */
    public function upload($chmod = 0644) {
        if ($this->uploadDir == '') {
            self::setErrors(_ER_UP_UPLOADDIRNOTSET);
            return false;
        }
        if (!is_dir($this->uploadDir)) {
            self::setErrors(sprintf(_ER_UP_FAILEDOPENDIR, $this->uploadDir));
            return false;
        }
        if (!is_writeable($this->uploadDir)) {
            self::setErrors(sprintf(_ER_UP_FAILEDOPENDIRWRITE, $this->uploadDir));
            return false;
        }
        self::sanitizeMultipleExtensions();

        if (!self::checkMaxFileSize()) {
            return false;
        }
        if (!self::checkMimeType()) {
            return false;
        }
        if (!self::checkImageType()) {
            return false;
        }
        if (!self::checkMaxWidth()) {
            return false;
        }
        if (!self::checkMaxHeight()) {
            return false;
        }
        if (count($this->errors) > 0) {
            return false;
        }
        return self::_copyFile($chmod);
    }

    /**
     * Copy the file to its destination
     * @return  bool
     */
    private function _copyFile($chmod) {
        $matched = array();
        if (!preg_match("/\.([a-zA-Z0-9]+)$/", $this->mediaName, $matched)) {
            self::setErrors(sprintf(_ER_UP_INVALIDFILENAME, $this->mediaName));
            return false;
        }
        if (isset($this->targetFileName)) {
            $this->savedFileName = $this->targetFileName;
        } elseif (isset($this->prefix) && $this->prefix !== '') {
            $this->savedFileName = $this->prefix . '.' . strtolower($matched[1]);
        } else {
            $this->savedFileName = strtolower($this->mediaName);
        }
        $this->savedDestination = $this->uploadDir . '/' . $this->savedFileName;
        if (!move_uploaded_file($this->mediaTmpName, $this->savedDestination)) {
            self::setErrors(sprintf(_ER_UP_FAILEDSAVEFILE, $this->savedDestination));
            return false;
        }
        // Check IE XSS before returning success
        $ext = strtolower(substr(strrchr($this->savedDestination, '.'), 1));
        if (in_array($ext, $this->imageExtensions)) {
            $info = @ getimagesize($this->savedDestination);
            if ($info === false || $this->imageExtensions[(int) $info[2]] != $ext) {
                self::setErrors(_ER_UP_SUSPICIOUSREFUSED);
                @ unlink($this->savedDestination);
                return false;
            }
        }
        @ chmod($this->savedDestination, $chmod);
        return true;
    }

    /**
     * Is the file the right size?
     * @return  bool
     */
    public function checkMaxFileSize() {
        if (!isset($this->maxFileSize)) {
            return true;
        }
        if ($this->mediaSize > $this->maxFileSize) {
            self::setErrors(sprintf(_ER_UP_FILESIZETOOLARGE, $this->maxFileSize, $this->mediaSize));
            return false;
        }
        return true;
    }

    /**
     * Is the picture the right width?
     * @return  bool
     */
    public function checkMaxWidth() {
        if (!isset($this->maxWidth)) {
            return true;
        }
        if (false !== $dimension = getimagesize($this->mediaTmpName)) {
            if ($dimension[0] > $this->maxWidth) {
                self::setErrors(sprintf(_ER_UP_FILEWIDTHTOOLARGE, $this->maxWidth, $dimension[0]));
                return false;
            }
        } else {
            trigger_error(sprintf(_ER_UP_FAILEDFETCHIMAGESIZE, $this->mediaTmpName), E_USER_WARNING);
        }
        return true;
    }

    /**
     * Is the picture the right height?
     *
     * @return  bool
     */
    public function checkMaxHeight() {
        if (!isset($this->maxHeight)) {
            return true;
        }
        if (false !== $dimension = getimagesize($this->mediaTmpName)) {
            if ($dimension[1] > $this->maxHeight) {
                self::setErrors(sprintf(_ER_UP_FILEHEIGHTTOOLARGE, $this->maxHeight, $dimension[1]));
                return false;
            }
        } else {
            trigger_error(sprintf(_ER_UP_FAILEDFETCHIMAGESIZE, $this->mediaTmpName), E_USER_WARNING);
        }
        return true;
    }

    /**
     * Check whether or not the uploaded file type is allowed
     * @return  bool
     */
    public function checkMimeType() {
        global $icmsModule;
        $mimetypeHandler = icms_getModulehandler('mimetype', 'system');
        $modulename = (isset($icmsModule) && is_object($icmsModule)) ? $icmsModule->getVar('dirname') : 'system';
        if (empty($this->mediaRealType) && empty($this->allowUnknownTypes)) {
            self::setErrors(_ER_UP_UNKNOWNFILETYPEREJECTED);
            return false;
        }
        $AllowedMimeTypes = $mimetypeHandler->AllowedModules($this->mediaRealType, $modulename);
        if ((!empty($this->allowedMimeTypes) && !in_array($this->mediaRealType, $this->allowedMimeTypes))
                || (!empty($this->deniedMimeTypes) && in_array($this->mediaRealType, $this->deniedMimeTypes))
                || (empty($this->allowedMimeTypes) && !$AllowedMimeTypes))
            {
            self::setErrors(sprintf(_ER_UP_MIMETYPENOTALLOWED, $this->mediaType));
            return false;
        }
        return true;
    }

    /**
     * Check whether or not the uploaded image type is valid
     * @return  bool
     */
    public function checkImageType() {
        if (empty($this->checkImageType)) {
            return true;
        }
        if (("image" == substr($this->mediaType, 0, strpos($this->mediaType, "/")))
                || (!empty($this->mediaRealType) && "image" == substr($this->mediaRealType, 0, strpos($this->mediaRealType, "/")))
            ) {
            if (!($info = @ getimagesize($this->mediaTmpName))) {
                self::setErrors(_ER_UP_INVALIDIMAGEFILE);
                return false;
            }
        }
        return true;
    }

    /**
     * Sanitize executable filename with multiple extensions
     */
    public function sanitizeMultipleExtensions() {
        if (empty($this->extensionsToBeSanitized)) {
            return;
        }
        $patterns = array();
        $replaces = array();
        foreach ($this->extensionsToBeSanitized as $ext) {
            $patterns[] = "/\." . preg_quote($ext) . "\./i";
            $replaces[] = "_" . $ext . ".";
        }
        $this->mediaName = preg_replace($patterns, $replaces, $this->mediaName);
    }

    /**
     * Add an error
     * @param   string  $error
     */
    public function setErrors($error) {
        $this->errors[] = trim($error);
    }

    /**
     * Get generated errors
     * @param    bool    $ashtml Format using HTML?
     * @return    array|string    Array of array messages OR HTML string
     */
    public function getErrors($ashtml = true) {
        if (!$ashtml) {
            return $this->errors;
        } else {
            $ret = '';
            if (count($this->errors) > 0) {
                $ret = '<h4>' . _ER_UP_ERRORSRETURNED . '</h4>';
                foreach ($this->errors as $error) {
                    $ret .= $error . '<br />';
                }
            }
            return $ret;
        }
    }
}
API documentation generated by ApiGen