library/openflashchart/php-ofc-library/ofc_upload_image.php

   1 <?php
   2
   3 // EXIT THIS SCRIPT
   4 // Added by OpenEMR to fix security vulnerability.
   5 exit;
   6
   7 //
   8 // In Open Flash Chart -> save_image debug mode, you
   9 // will see the 'echo' text in a new window.
  10 //
  11
  12 /*
  13
  14 print_r( $_GET );
  15 print_r( $_POST );
  16 print_r( $_FILES );
  17
  18 print_r( $GLOBALS );
  19 print_r( $GLOBALS["HTTP_RAW_POST_DATA"] );
  20
  21 */
  22
  23
  24 // default path for the image to be stored //
  25 $default_path = '../tmp-upload-images/';
  26
  27 if (!file_exists($default_path)) mkdir($default_path, 0777, true);
  28
  29 // full path to the saved image including filename //
  30 $destination = $default_path . basename( $_GET[ 'name' ] );
  31
  32 echo 'Saving your image to: '. $destination;
  33 // print_r( $_POST );
  34 // print_r( $_SERVER );
  35 // echo $HTTP_RAW_POST_DATA;
  36
  37 //
  38 // POST data is usually string data, but we are passing a RAW .png
  39 // so PHP is a bit confused and $_POST is empty. But it has saved
  40 // the raw bits into $HTTP_RAW_POST_DATA
  41 //
  42
  43 $jfh = fopen($destination, 'w') or die("can't open file");
  44 fwrite($jfh, $HTTP_RAW_POST_DATA);
  45 fclose($jfh);
  46
  47 //
  48 // LOOK:
  49 //
  50 exit();
  51
  52
  53 //
  54 // PHP5:
  55 //
  56
  57
  58 // default path for the image to be stored //
  59 $default_path = 'tmp-upload-images/';
  60
  61 if (!file_exists($default_path)) mkdir($default_path, 0777, true);
  62
  63 // full path to the saved image including filename //
  64 $destination = $default_path . basename( $_FILES[ 'Filedata' ][ 'name' ] );
  65
  66 // move the image into the specified directory //
  67 if (move_uploaded_file($_FILES[ 'Filedata' ][ 'tmp_name' ], $destination)) {
  68     echo "The file " . basename( $_FILES[ 'Filedata' ][ 'name' ] ) . " has been uploaded;";
  69 } else {
  70     echo "FILE UPLOAD FAILED";
  71 }
  72
  73
  74 ?>