uploader.php

<?php
require_once(dirname(__FILE__).'/classes/core/startup.php');
require_once(dirname(__FILE__).'/config-defaults.php');
require_once(dirname(__FILE__).'/common.php');
require_once($homedir.'/classes/core/class.progressbar.php');
require_once(dirname(__FILE__).'/classes/core/language.php');

if (!isset($surveyid))
{
    $surveyid=returnglobal('sid');
}
else
{
    //This next line ensures that the $surveyid value is never anything but a number.
    $surveyid=sanitize_int($surveyid);
}

// Compute the Session name
// Session name is based:
// * on this specific limesurvey installation (Value SessionName in DB)
// * on the surveyid (from Get or Post param). If no surveyid is given we are on the public surveys portal
$usquery = "SELECT stg_value FROM ".db_table_name("settings_global")." where stg_name='SessionName'";
$usresult = db_execute_assoc($usquery,'',true);          //Checked
if ($usresult)
{
    $usrow = $usresult->FetchRow();
    $stg_SessionName=$usrow['stg_value'];
    if ($surveyid)
    {
        if (isset($_GET['preview']) && $_GET['preview'] == 1)
        {
            @session_name($stg_SessionName);
        }
        else
        {
            @session_name($stg_SessionName.'-runtime-'.$surveyid);
        }
    }
    else
    {
        @session_name($stg_SessionName.'-runtime-publicportal');
    }
}
else
{
    session_name("LimeSurveyRuntime-$surveyid");
}
session_set_cookie_params(0,$relativeurl.'/');
@session_start();

if (empty($_SESSION) || !isset($_SESSION['fieldname']))
{
    die("You don't have a valid session !");
}

if (isset($_GET['filegetcontents']))
{
    $sFileName=sanitize_filename($_GET['filegetcontents']);
    if (substr($sFileName,0,6)=='futmp_')
    {
        $sFileDir = $tempdir.'/upload/';
    }
    elseif(substr($sFileName,0,3)=='fu_'){
        $sFileDir = "{$uploaddir}/surveys/{$surveyid}/files/";
    }
    readfile($sFileDir.$sFileName);
    exit();
}

$meta = '<script type="text/javascript">
    var surveyid = "'.$surveyid.'";
    var fieldname = "'.$_GET['fieldname'].'";
    var questgrppreview  = '.$_GET['preview'].';
    var rooturl ="'.$rooturl.'";
</script>';

$meta .='<script type="text/javascript" src="scripts/ajaxupload.js"></script>
<script type="text/javascript" src="scripts/uploader.js"></script>
<link type="text/css" href="scripts/uploader.css" rel="stylesheet" />';
if (isset($_SESSION['s_lang']))
{
    $language = $_SESSION['s_lang'];
}
else
{
    $language = GetBaseLanguageFromSurveyID($surveyid);
}
$clang = new limesurvey_lang($language);
$header = getHeader($meta);

echo $header;

echo "<script type='text/javascript'>
        var translt = {
             titleFld: '" . $clang->gT('Title','js') . "',
             commentFld: '" . $clang->gT('Comment','js') . "',
             errorNoMoreFiles: '" . $clang->gT('Sorry, no more files can be uploaded!','js') . "',
             errorOnlyAllowed: '" . $clang->gT('Sorry, only %s files can be uploaded for this question!','js') . "',
             uploading: '" . $clang->gT('Uploading','js') . "',
             selectfile: '" . $clang->gT('Select file','js') . "',
             errorNeedMore: '" . $clang->gT('Please upload %s more file(s).','js') . "',
             errorMoreAllowed: '" . $clang->gT('If you wish, you may upload %s more file(s); else you may return back to survey.','js') . "',
             errorMaxReached: '" . $clang->gT('The maximum number of files has been uploaded. You may return back to survey.','js') . "',
             errorTooMuch: '" . $clang->gT('The maximum number of files has been uploaded. You may return back to survey.','js') . "',
             errorNeedMoreConfirm: '" . $clang->gT("You need to upload %s more files for this question.\nAre you sure you want to exit?",'js') . "'
            };
    </script>\n";

$fn = $_GET['fieldname'];
$qid = $_GET['qid'];
$minfiles = sanitize_int($_GET['minfiles']);
$maxfiles = sanitize_int($_GET['maxfiles']);
$qidattributes=getQuestionAttributes($qid);

$body = '
        <div id="notice"></div>
        <input type="hidden" id="ia"                value="'.$fn.'" />
        <input type="hidden" id="'.$fn.'_minfiles"          value="'.$minfiles.'" />
        <input type="hidden" id="'.$fn.'_maxfiles"          value="'.$maxfiles.'" />
        <input type="hidden" id="'.$fn.'_maxfilesize"       value="'.$qidattributes['max_filesize'].'" />
        <input type="hidden" id="'.$fn.'_allowed_filetypes" value="'.$qidattributes['allowed_filetypes'].'" />
        <input type="hidden" id="preview"                   value="'.$_SESSION['preview'].'" />
        <input type="hidden" id="'.$fn.'_show_comment"      value="'.$qidattributes['show_comment'].'" />
        <input type="hidden" id="'.$fn.'_show_title"        value="'.$qidattributes['show_title'].'" />
        <input type="hidden" id="'.$fn.'_licount"           value="0" />
        <input type="hidden" id="'.$fn.'_filecount"         value="0" />

        <!-- The upload button -->
        <div align="center" class="upload-div">
            <button id="button1" class="upload-button" type="button" >'.$clang->gT("Select file").'</button>
        </div>

        <p class="uploadmsg">'.sprintf($clang->gT("You can upload %s under %s KB each.",'js'),$qidattributes['allowed_filetypes'],$qidattributes['max_filesize']).'</p>
        <div class="uploadstatus" id="uploadstatus"></div>

        <!-- The list of uploaded files -->
        <ul id="'.$fn.'_listfiles"></ul>

    </body>
</html>';
echo $body;