I have not checked Joomla's recommended ways to do it, but somehow I mixed the scripts with common php codes.
Some validations applied here are extensions, file size, MIME types. Customize them according to your need.
In the layout form, insert this submit button.
<input type="file" name="file_upload" />
<input type="submit" />
<input type="hidden" name="task" value="export_now" />
<input type="hidden" name="option" value="com_testdata" />
<?php echo JHtml::_('form.token'); ?>
</form>
Below the codes, which I put in the controller. It's bit messy but they work:
function export_now()
{
clearstatcache();
jimport('joomla.filesystem.file');
jimport('joomla.filesystem.folder');
//$file = JFactory::getApplication()->input->get('file_upload');
if(!defined('DS')) define('DS', DIRECTORY_SEPARATOR);
if(!defined('DS')) define('DS', '/');
$fileName = basename($_FILES["file_upload"]["name"]);
//check the file extension is ok
$uploadedFileNameParts = explode('.',$fileName);
$uploadedFileExtension = array_pop($uploadedFileNameParts);
$validFileExts = explode(',', 'jpeg,jpg,png,gif,csv'); //change when needed
$extOk = false;
foreach($validFileExts as $key => $value)
{
if( preg_match("/$value/i", $uploadedFileExtension ) )
{
$extOk = true;
}
}
if ($extOk == false)
{
echo JText::_( 'INVALID EXTENSION' );
return;
}
//we are going to define what file extensions/MIMEs are ok, and only let these ones in (whitelisting), rather than try to scan for bad
//types, where we might miss one (whitelisting is always better than blacklisting)
$okMIMETypes = 'image/jpeg,image/pjpeg,image/png,image/x-png,image/gif,text/csv';
$validFileTypes = explode(",", $okMIMETypes);
$uploadOk = 1; // default success validation
//if the temp file does not have a width or a height, or it has a non ok MIME, return
if( !$validFileTypes)
{
$er = JText::_( 'INVALID FILETYPE' );
$uploadOk = 0;
}
$fileTemp = $_FILES["file_upload"]["tmp_name"];
$fileSize = $_FILES["file_upload"]["size"];
//lose any special characters in the filename
$fileName = preg_replace("/[^A-Za-z0-9]/i", "-", $fileName);
//always use constants when making file paths, to avoid the possibilty of remote file inclusion
$target_file = JPATH_SITE . DS . "tmp" . DS . $fileName;
// Check if file already exists
if (file_exists($target_file)) {
$er = "Sorry, file already exists.";
$uploadOk = 0;
}
// Check file size
if ($fileSize > 200000 || $fileSize <= 0 ) { //2kb
$er = "Sorry, your file is too large : " . $fileSize;
$uploadOk = 0;
}
if($uploadOk == 1)
{
if(!JFile::upload($fileTemp, $target_file))
{
echo JText::_( 'ERROR MOVING FILE' );
echo 'target file upload: '.$target_file.'<br/>';
return;
}
else
{
// success, exit with code 0 for Mac users, otherwise they receive an IO Error
echo 'success <br/>';
echo 'target file upload: '.$target_file.'<br/>';
return;
}
}
else{
echo 'error, '. $er;
echo 'target file upload: '.$target_file.'<br/>';
return;
}
}
Tidak ada komentar:
Posting Komentar