1: | <?php
|
2: | namespace Opencart\Admin\Controller\Tool;
|
3: | |
4: | |
5: | |
6: | |
7: |
|
8: | class Upload extends \Opencart\System\Engine\Controller {
|
9: | |
10: | |
11: | |
12: | |
13: |
|
14: | public function index(): void {
|
15: | $this->load->language('tool/upload');
|
16: |
|
17: | $this->document->setTitle($this->language->get('heading_title'));
|
18: |
|
19: | $url = '';
|
20: |
|
21: | if (isset($this->request->get['sort'])) {
|
22: | $url .= '&sort=' . $this->request->get['sort'];
|
23: | }
|
24: |
|
25: | if (isset($this->request->get['order'])) {
|
26: | $url .= '&order=' . $this->request->get['order'];
|
27: | }
|
28: |
|
29: | if (isset($this->request->get['page'])) {
|
30: | $url .= '&page=' . $this->request->get['page'];
|
31: | }
|
32: |
|
33: | $data['breadcrumbs'] = [];
|
34: |
|
35: | $data['breadcrumbs'][] = [
|
36: | 'text' => $this->language->get('text_home'),
|
37: | 'href' => $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'])
|
38: | ];
|
39: |
|
40: | $data['breadcrumbs'][] = [
|
41: | 'text' => $this->language->get('heading_title'),
|
42: | 'href' => $this->url->link('tool/upload', 'user_token=' . $this->session->data['user_token'] . $url)
|
43: | ];
|
44: |
|
45: | $data['add'] = $this->url->link('tool/upload.form', 'user_token=' . $this->session->data['user_token'] . $url);
|
46: | $data['delete'] = $this->url->link('tool/upload.delete', 'user_token=' . $this->session->data['user_token']);
|
47: |
|
48: | $data['list'] = $this->getList();
|
49: |
|
50: | $data['user_token'] = $this->session->data['user_token'];
|
51: |
|
52: | $data['header'] = $this->load->controller('common/header');
|
53: | $data['column_left'] = $this->load->controller('common/column_left');
|
54: | $data['footer'] = $this->load->controller('common/footer');
|
55: |
|
56: | $this->response->setOutput($this->load->view('tool/upload', $data));
|
57: | }
|
58: |
|
59: | |
60: | |
61: | |
62: | |
63: |
|
64: | public function list(): void {
|
65: | $this->load->language('tool/upload');
|
66: |
|
67: | $this->response->setOutput($this->getList());
|
68: | }
|
69: |
|
70: | |
71: | |
72: | |
73: | |
74: |
|
75: | protected function getList(): string {
|
76: | if (isset($this->request->get['filter_name'])) {
|
77: | $filter_name = $this->request->get['filter_name'];
|
78: | } else {
|
79: | $filter_name = '';
|
80: | }
|
81: |
|
82: | if (isset($this->request->get['filter_date_from'])) {
|
83: | $filter_date_from = $this->request->get['filter_date_from'];
|
84: | } else {
|
85: | $filter_date_from = '';
|
86: | }
|
87: |
|
88: | if (isset($this->request->get['filter_date_to'])) {
|
89: | $filter_date_to = $this->request->get['filter_date_to'];
|
90: | } else {
|
91: | $filter_date_to = '';
|
92: | }
|
93: |
|
94: | if (isset($this->request->get['sort'])) {
|
95: | $sort = (string)$this->request->get['sort'];
|
96: | } else {
|
97: | $sort = 'date_added';
|
98: | }
|
99: |
|
100: | if (isset($this->request->get['order'])) {
|
101: | $order = (string)$this->request->get['order'];
|
102: | } else {
|
103: | $order = 'DESC';
|
104: | }
|
105: |
|
106: | if (isset($this->request->get['page'])) {
|
107: | $page = (int)$this->request->get['page'];
|
108: | } else {
|
109: | $page = 1;
|
110: | }
|
111: |
|
112: | $url = '';
|
113: |
|
114: | if (isset($this->request->get['filter_name'])) {
|
115: | $url .= '&filter_name=' . urlencode(html_entity_decode($this->request->get['filter_name'], ENT_QUOTES, 'UTF-8'));
|
116: | }
|
117: |
|
118: | if (isset($this->request->get['filter_date_from'])) {
|
119: | $url .= '&filter_date_from=' . $this->request->get['filter_date_from'];
|
120: | }
|
121: |
|
122: | if (isset($this->request->get['filter_date_to'])) {
|
123: | $url .= '&filter_date_to=' . $this->request->get['filter_date_to'];
|
124: | }
|
125: |
|
126: | if (isset($this->request->get['sort'])) {
|
127: | $url .= '&sort=' . $this->request->get['sort'];
|
128: | }
|
129: |
|
130: | if (isset($this->request->get['order'])) {
|
131: | $url .= '&order=' . $this->request->get['order'];
|
132: | }
|
133: |
|
134: | if (isset($this->request->get['page'])) {
|
135: | $url .= '&page=' . $this->request->get['page'];
|
136: | }
|
137: |
|
138: | $data['action'] = $this->url->link('tool/upload.list', 'user_token=' . $this->session->data['user_token'] . $url);
|
139: |
|
140: | $data['uploads'] = [];
|
141: |
|
142: | $filter_data = [
|
143: | 'filter_name' => $filter_name,
|
144: | 'filter_date_from' => $filter_date_from,
|
145: | 'filter_date_to' => $filter_date_to,
|
146: | 'sort' => $sort,
|
147: | 'order' => $order,
|
148: | 'start' => ($page - 1) * $this->config->get('config_pagination_admin'),
|
149: | 'limit' => $this->config->get('config_pagination_admin')
|
150: | ];
|
151: |
|
152: | $this->load->model('tool/upload');
|
153: |
|
154: | $results = $this->model_tool_upload->getUploads($filter_data);
|
155: |
|
156: | foreach ($results as $result) {
|
157: | $data['uploads'][] = [
|
158: | 'upload_id' => $result['upload_id'],
|
159: | 'name' => $result['name'],
|
160: | 'code' => $result['code'],
|
161: | 'date_added' => date($this->language->get('date_format_short'), strtotime($result['date_added'])),
|
162: | 'download' => $this->url->link('tool/upload.download', 'user_token=' . $this->session->data['user_token'] . '&code=' . $result['code'] . $url)
|
163: | ];
|
164: | }
|
165: |
|
166: | $url = '';
|
167: |
|
168: | if (isset($this->request->get['filter_name'])) {
|
169: | $url .= '&filter_name=' . urlencode(html_entity_decode($this->request->get['filter_name'], ENT_QUOTES, 'UTF-8'));
|
170: | }
|
171: |
|
172: | if (isset($this->request->get['filter_date_from'])) {
|
173: | $url .= '&filter_date_from=' . $this->request->get['filter_date_from'];
|
174: | }
|
175: |
|
176: | if (isset($this->request->get['filter_date_to'])) {
|
177: | $url .= '&filter_date_to=' . $this->request->get['filter_date_to'];
|
178: | }
|
179: |
|
180: | if ($order == 'ASC') {
|
181: | $url .= '&order=DESC';
|
182: | } else {
|
183: | $url .= '&order=ASC';
|
184: | }
|
185: |
|
186: | if (isset($this->request->get['page'])) {
|
187: | $url .= '&page=' . $this->request->get['page'];
|
188: | }
|
189: |
|
190: | $data['sort_name'] = $this->url->link('tool/upload.list', 'user_token=' . $this->session->data['user_token'] . '&sort=name' . $url);
|
191: | $data['sort_code'] = $this->url->link('tool/upload.list', 'user_token=' . $this->session->data['user_token'] . '&sort=code' . $url);
|
192: | $data['sort_date_added'] = $this->url->link('tool/upload.list', 'user_token=' . $this->session->data['user_token'] . '&sort=date_added' . $url);
|
193: |
|
194: | $url = '';
|
195: |
|
196: | if (isset($this->request->get['filter_name'])) {
|
197: | $url .= '&filter_name=' . urlencode(html_entity_decode($this->request->get['filter_name'], ENT_QUOTES, 'UTF-8'));
|
198: | }
|
199: |
|
200: | if (isset($this->request->get['filter_date_from'])) {
|
201: | $url .= '&filter_date_from=' . $this->request->get['filter_date_from'];
|
202: | }
|
203: |
|
204: | if (isset($this->request->get['filter_date_to'])) {
|
205: | $url .= '&filter_date_to=' . $this->request->get['filter_date_to'];
|
206: | }
|
207: |
|
208: | if (isset($this->request->get['sort'])) {
|
209: | $url .= '&sort=' . $this->request->get['sort'];
|
210: | }
|
211: |
|
212: | if (isset($this->request->get['order'])) {
|
213: | $url .= '&order=' . $this->request->get['order'];
|
214: | }
|
215: |
|
216: | $upload_total = $this->model_tool_upload->getTotalUploads($filter_data);
|
217: |
|
218: | $data['pagination'] = $this->load->controller('common/pagination', [
|
219: | 'total' => $upload_total,
|
220: | 'page' => $page,
|
221: | 'limit' => $this->config->get('config_pagination_admin'),
|
222: | 'url' => $this->url->link('tool/upload.list', 'user_token=' . $this->session->data['user_token'] . $url . '&page={page}')
|
223: | ]);
|
224: |
|
225: | $data['results'] = sprintf($this->language->get('text_pagination'), ($upload_total) ? (($page - 1) * $this->config->get('config_pagination_admin')) + 1 : 0, ((($page - 1) * $this->config->get('config_pagination_admin')) > ($upload_total - $this->config->get('config_pagination_admin'))) ? $upload_total : ((($page - 1) * $this->config->get('config_pagination_admin')) + $this->config->get('config_pagination_admin')), $upload_total, ceil($upload_total / $this->config->get('config_pagination_admin')));
|
226: |
|
227: | $data['filter_name'] = $filter_name;
|
228: | $data['filter_date_from'] = $filter_date_from;
|
229: | $data['filter_date_to'] = $filter_date_to;
|
230: |
|
231: | $data['sort'] = $sort;
|
232: | $data['order'] = $order;
|
233: |
|
234: | return $this->load->view('tool/upload_list', $data);
|
235: | }
|
236: |
|
237: | |
238: | |
239: | |
240: | |
241: |
|
242: | public function delete(): void {
|
243: | $this->load->language('tool/upload');
|
244: |
|
245: | $json = [];
|
246: |
|
247: | if (isset($this->request->post['selected'])) {
|
248: | $selected = $this->request->post['selected'];
|
249: | } else {
|
250: | $selected = [];
|
251: | }
|
252: |
|
253: | if (!$this->user->hasPermission('modify', 'tool/upload')) {
|
254: | $json['error'] = $this->language->get('error_permission');
|
255: | }
|
256: |
|
257: | if (!$json) {
|
258: | $this->load->model('tool/upload');
|
259: |
|
260: | foreach ($selected as $upload_id) {
|
261: |
|
262: | $upload_info = $this->model_tool_upload->getUpload($upload_id);
|
263: |
|
264: | if ($upload_info && is_file(DIR_UPLOAD . $upload_info['filename'])) {
|
265: | unlink(DIR_UPLOAD . $upload_info['filename']);
|
266: | }
|
267: |
|
268: | $this->model_tool_upload->deleteUpload($upload_id);
|
269: | }
|
270: |
|
271: | $json['success'] = $this->language->get('text_success');
|
272: | }
|
273: |
|
274: | $this->response->addHeader('Content-Type: application/json');
|
275: | $this->response->setOutput(json_encode($json));
|
276: | }
|
277: |
|
278: | |
279: | |
280: | |
281: | |
282: |
|
283: | public function download(): void {
|
284: | $this->load->language('tool/upload');
|
285: |
|
286: | if (isset($this->request->get['code'])) {
|
287: | $code = $this->request->get['code'];
|
288: | } else {
|
289: | $code = '';
|
290: | }
|
291: |
|
292: | $this->load->model('tool/upload');
|
293: |
|
294: | $upload_info = $this->model_tool_upload->getUploadByCode($code);
|
295: |
|
296: | if ($upload_info) {
|
297: | $file = DIR_UPLOAD . $upload_info['filename'];
|
298: | $mask = basename($upload_info['name']);
|
299: |
|
300: | if (!headers_sent()) {
|
301: | if (is_file($file)) {
|
302: | header('Content-Type: application/octet-stream');
|
303: | header('Content-Description: File Transfer');
|
304: | header('Content-Disposition: attachment; filename="' . ($mask ?: basename($file)) . '"');
|
305: | header('Content-Transfer-Encoding: binary');
|
306: | header('Expires: 0');
|
307: | header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
|
308: | header('Pragma: public');
|
309: | header('Content-Length: ' . filesize($file));
|
310: |
|
311: | readfile($file);
|
312: | exit;
|
313: | } else {
|
314: | exit(sprintf($this->language->get('error_not_found'), basename($file)));
|
315: | }
|
316: | } else {
|
317: | exit($this->language->get('error_headers_sent'));
|
318: | }
|
319: | } else {
|
320: | $this->load->language('error/not_found');
|
321: |
|
322: | $this->document->setTitle($this->language->get('heading_title'));
|
323: |
|
324: | $data['breadcrumbs'] = [];
|
325: |
|
326: | $data['breadcrumbs'][] = [
|
327: | 'text' => $this->language->get('text_home'),
|
328: | 'href' => $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'])
|
329: | ];
|
330: |
|
331: | $data['breadcrumbs'][] = [
|
332: | 'text' => $this->language->get('heading_title'),
|
333: | 'href' => $this->url->link('error/not_found', 'user_token=' . $this->session->data['user_token'])
|
334: | ];
|
335: |
|
336: | $data['header'] = $this->load->controller('common/header');
|
337: | $data['column_left'] = $this->load->controller('common/column_left');
|
338: | $data['footer'] = $this->load->controller('common/footer');
|
339: |
|
340: | $this->response->setOutput($this->load->view('error/not_found', $data));
|
341: | }
|
342: | }
|
343: |
|
344: | |
345: | |
346: | |
347: | |
348: |
|
349: | public function upload(): void {
|
350: | $this->load->language('tool/upload');
|
351: |
|
352: | $json = [];
|
353: |
|
354: |
|
355: | if (!$this->user->hasPermission('modify', 'tool/upload')) {
|
356: | $json['error'] = $this->language->get('error_permission');
|
357: | }
|
358: |
|
359: | if (empty($this->request->files['file']['name']) || !is_file($this->request->files['file']['tmp_name'])) {
|
360: | $json['error'] = $this->language->get('error_upload');
|
361: | }
|
362: |
|
363: | if (!$json) {
|
364: |
|
365: | $filename = basename(html_entity_decode($this->request->files['file']['name'], ENT_QUOTES, 'UTF-8'));
|
366: |
|
367: |
|
368: | if ((oc_strlen($filename) < 3) || (oc_strlen($filename) > 128)) {
|
369: | $json['error'] = $this->language->get('error_filename');
|
370: | }
|
371: |
|
372: |
|
373: | $allowed = [];
|
374: |
|
375: | $extension_allowed = preg_replace('~\r?\n~', "\n", $this->config->get('config_file_ext_allowed'));
|
376: |
|
377: | $filetypes = explode("\n", $extension_allowed);
|
378: |
|
379: | foreach ($filetypes as $filetype) {
|
380: | $allowed[] = trim($filetype);
|
381: | }
|
382: |
|
383: | if (!in_array(strtolower(substr(strrchr($filename, '.'), 1)), $allowed)) {
|
384: | $json['error'] = $this->language->get('error_file_type');
|
385: | }
|
386: |
|
387: |
|
388: | $allowed = [];
|
389: |
|
390: | $mime_allowed = preg_replace('~\r?\n~', "\n", $this->config->get('config_file_mime_allowed'));
|
391: |
|
392: | $filetypes = explode("\n", $mime_allowed);
|
393: |
|
394: | foreach ($filetypes as $filetype) {
|
395: | $allowed[] = trim($filetype);
|
396: | }
|
397: |
|
398: | if (!in_array($this->request->files['file']['type'], $allowed)) {
|
399: | $json['error'] = $this->language->get('error_file_type');
|
400: | }
|
401: |
|
402: |
|
403: | if ($this->request->files['file']['error'] != UPLOAD_ERR_OK) {
|
404: | $json['error'] = $this->language->get('error_upload_' . $this->request->files['file']['error']);
|
405: | }
|
406: | }
|
407: |
|
408: | if (!$json) {
|
409: | $file = $filename . '.' . oc_token(32);
|
410: |
|
411: | move_uploaded_file($this->request->files['file']['tmp_name'], DIR_UPLOAD . $file);
|
412: |
|
413: |
|
414: | $this->load->model('tool/upload');
|
415: |
|
416: | $json['code'] = $this->model_tool_upload->addUpload($filename, $file);
|
417: |
|
418: | $json['success'] = $this->language->get('text_success');
|
419: | }
|
420: |
|
421: | $this->response->addHeader('Content-Type: application/json');
|
422: | $this->response->setOutput(json_encode($json));
|
423: | }
|
424: | }
|
425: | |