merge r6624 from branch 2.1 to trunk
bug 1747 fixed: some checks were added to verify the upload will fail for a too big size or if the upload has failed for a too big size (test on upload_max_filesize and post_max_size) git-svn-id: http://piwigo.org/svn/trunk@6625 68402e56-0260-453c-a942-63ccdbb3a9ee
This commit is contained in:
plegall
parent
de5efe8330
commit
a1bddbe806
6 changed files with 238 additions and 20 deletions
|
|
@ -299,4 +299,82 @@ function is_valid_image_extension($extension)
|
|||
{
|
||||
return in_array(strtolower($extension), array('jpg', 'jpeg', 'png'));
|
||||
}
|
||||
|
||||
function file_upload_error_message($error_code)
|
||||
{
|
||||
switch ($error_code) {
|
||||
case UPLOAD_ERR_INI_SIZE:
|
||||
return sprintf(
|
||||
l10n('The uploaded file exceeds the upload_max_filesize directive in php.ini: %sB'),
|
||||
get_ini_size('upload_max_filesize', false)
|
||||
);
|
||||
case UPLOAD_ERR_FORM_SIZE:
|
||||
return l10n('The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form');
|
||||
case UPLOAD_ERR_PARTIAL:
|
||||
return l10n('The uploaded file was only partially uploaded');
|
||||
case UPLOAD_ERR_NO_FILE:
|
||||
return l10n('No file was uploaded');
|
||||
case UPLOAD_ERR_NO_TMP_DIR:
|
||||
return l10n('Missing a temporary folder');
|
||||
case UPLOAD_ERR_CANT_WRITE:
|
||||
return l10n('Failed to write file to disk');
|
||||
case UPLOAD_ERR_EXTENSION:
|
||||
return l10n('File upload stopped by extension');
|
||||
default:
|
||||
return l10n('Unknown upload error');
|
||||
}
|
||||
}
|
||||
|
||||
function get_ini_size($ini_key, $in_bytes=true)
|
||||
{
|
||||
$size = ini_get($ini_key);
|
||||
|
||||
if ($in_bytes)
|
||||
{
|
||||
$size = convert_shortand_notation_to_bytes($size);
|
||||
}
|
||||
|
||||
return $size;
|
||||
}
|
||||
|
||||
function convert_shortand_notation_to_bytes($value)
|
||||
{
|
||||
$suffix = substr($value, -1);
|
||||
$multiply_by = null;
|
||||
|
||||
if ('K' == $suffix)
|
||||
{
|
||||
$multiply_by = 1024;
|
||||
}
|
||||
else if ('M' == $suffix)
|
||||
{
|
||||
$multiply_by = 1024*1024;
|
||||
}
|
||||
else if ('G' == $suffix)
|
||||
{
|
||||
$multiply_by = 1024*1024*1024;
|
||||
}
|
||||
|
||||
if (isset($multiply_by))
|
||||
{
|
||||
$value = substr($value, 0, -1);
|
||||
$value*= $multiply_by;
|
||||
}
|
||||
|
||||
return $value;
|
||||
}
|
||||
|
||||
function add_upload_error($upload_id, $error_message)
|
||||
{
|
||||
if (!isset($_SESSION['uploads_error']))
|
||||
{
|
||||
$_SESSION['uploads_error'] = array();
|
||||
}
|
||||
if (!isset($_SESSION['uploads_error'][$upload_id]))
|
||||
{
|
||||
$_SESSION['uploads_error'][$upload_id] = array();
|
||||
}
|
||||
|
||||
array_push($_SESSION['uploads_error'][$upload_id], $error_message);
|
||||
}
|
||||
?>
|
||||
|
|
@ -11,13 +11,35 @@ include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php');
|
|||
check_pwg_token();
|
||||
|
||||
ob_start();
|
||||
echo '$_FILES'."\n";
|
||||
print_r($_FILES);
|
||||
echo '$_POST'."\n";
|
||||
print_r($_POST);
|
||||
echo '$user'."\n";
|
||||
print_r($user);
|
||||
$tmp = ob_get_contents();
|
||||
ob_end_clean();
|
||||
// error_log($tmp, 3, "/tmp/php-".date('YmdHis').'-'.sprintf('%020u', rand()).".log");
|
||||
|
||||
if ($_FILES['Filedata']['error'] !== UPLOAD_ERR_OK)
|
||||
{
|
||||
$error_message = file_upload_error_message($_FILES['Filedata']['error']);
|
||||
|
||||
add_upload_error(
|
||||
$_POST['upload_id'],
|
||||
sprintf(
|
||||
l10n('Error on file "%s" : %s'),
|
||||
$_FILES['Filedata']['name'],
|
||||
$error_message
|
||||
)
|
||||
);
|
||||
|
||||
echo "File Size Error";
|
||||
exit();
|
||||
}
|
||||
|
||||
ob_start();
|
||||
|
||||
$image_id = add_uploaded_file(
|
||||
$_FILES['Filedata']['tmp_name'],
|
||||
$_FILES['Filedata']['name'],
|
||||
|
|
@ -40,5 +62,12 @@ array_push(
|
|||
$image_id
|
||||
);
|
||||
|
||||
$output = ob_get_contents();
|
||||
ob_end_clean();
|
||||
if (!empty($output))
|
||||
{
|
||||
add_upload_error($_POST['upload_id'], $output);
|
||||
}
|
||||
|
||||
echo "1";
|
||||
?>
|
||||
|
|
@ -62,15 +62,33 @@ DELETE FROM '.CADDIE_TABLE.'
|
|||
// | process form |
|
||||
// +-----------------------------------------------------------------------+
|
||||
|
||||
if (isset($_POST['submit_upload']))
|
||||
if (isset($_GET['processed']))
|
||||
{
|
||||
// echo '<pre>POST'."\n"; print_r($_POST); echo '</pre>';
|
||||
// echo '<pre>FILES'."\n"; print_r($_FILES); echo '</pre>';
|
||||
// echo '<pre>SESSION'."\n"; print_r($_SESSION); echo '</pre>';
|
||||
// exit();
|
||||
|
||||
// sometimes, you have submitted the form but you have nothing in $_POST
|
||||
// and $_FILES. This may happen when you have an HTML upload and you
|
||||
// exceeded the post_max_size (but not the upload_max_size)
|
||||
if (!isset($_POST['submit_upload']))
|
||||
{
|
||||
array_push(
|
||||
$page['errors'],
|
||||
sprintf(
|
||||
l10n('The uploaded files exceed the post_max_size directive in php.ini: %sB'),
|
||||
ini_get('post_max_size')
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
$category_id = null;
|
||||
if ('existing' == $_POST['category_type'])
|
||||
if (!isset($_POST['category_type']))
|
||||
{
|
||||
// nothing to do, we certainly have the post_max_size issue
|
||||
}
|
||||
elseif ('existing' == $_POST['category_type'])
|
||||
{
|
||||
$category_id = $_POST['category'];
|
||||
}
|
||||
|
|
@ -193,6 +211,19 @@ if (isset($_POST['submit_upload']))
|
|||
// TODO: if $image_id is not an integer, something went wrong
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
$error_message = file_upload_error_message($error);
|
||||
|
||||
array_push(
|
||||
$page['errors'],
|
||||
sprintf(
|
||||
l10n('Error on file "%s" : %s'),
|
||||
$_FILES['image_upload']['name'][$idx],
|
||||
$error_message
|
||||
)
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
$endtime = get_moment();
|
||||
|
|
@ -204,21 +235,32 @@ if (isset($_POST['submit_upload']))
|
|||
if (isset($_POST['upload_id']))
|
||||
{
|
||||
// we're on a multiple upload, with uploadify and so on
|
||||
$image_ids = $_SESSION['uploads'][ $_POST['upload_id'] ];
|
||||
if (isset($_SESSION['uploads_error'][ $_POST['upload_id'] ]))
|
||||
{
|
||||
foreach ($_SESSION['uploads_error'][ $_POST['upload_id'] ] as $error)
|
||||
{
|
||||
array_push($page['errors'], $error);
|
||||
}
|
||||
}
|
||||
|
||||
associate_images_to_categories(
|
||||
$image_ids,
|
||||
array($category_id)
|
||||
);
|
||||
if (isset($_SESSION['uploads'][ $_POST['upload_id'] ]))
|
||||
{
|
||||
$image_ids = $_SESSION['uploads'][ $_POST['upload_id'] ];
|
||||
|
||||
$query = '
|
||||
associate_images_to_categories(
|
||||
$image_ids,
|
||||
array($category_id)
|
||||
);
|
||||
|
||||
$query = '
|
||||
UPDATE '.IMAGES_TABLE.'
|
||||
SET level = '.$_POST['level'].'
|
||||
WHERE id IN ('.implode(', ', $image_ids).')
|
||||
;';
|
||||
pwg_query($query);
|
||||
pwg_query($query);
|
||||
|
||||
invalidate_user_cache();
|
||||
invalidate_user_cache();
|
||||
}
|
||||
}
|
||||
|
||||
$page['thumbnails'] = array();
|
||||
|
|
@ -325,6 +367,10 @@ $template->assign(
|
|||
array(
|
||||
'F_ADD_ACTION'=> PHOTOS_ADD_BASE_URL,
|
||||
'uploadify_path' => $uploadify_path,
|
||||
'upload_max_filesize' => min(
|
||||
get_ini_size('upload_max_filesize'),
|
||||
get_ini_size('post_max_size')
|
||||
),
|
||||
)
|
||||
);
|
||||
|
||||
|
|
@ -345,10 +391,12 @@ $upload_switch = $upload_modes[ ($upload_mode_index + 1) % 2 ];
|
|||
$template->assign(
|
||||
array(
|
||||
'upload_mode' => $upload_mode,
|
||||
'form_action' => PHOTOS_ADD_BASE_URL.'&upload_mode='.$upload_mode.'&processed=1',
|
||||
'switch_url' => PHOTOS_ADD_BASE_URL.'&upload_mode='.$upload_switch,
|
||||
'upload_id' => md5(rand()),
|
||||
'session_id' => session_id(),
|
||||
'pwg_token' => get_pwg_token(),
|
||||
'another_upload_link' => PHOTOS_ADD_BASE_URL.'&upload_mode='.$upload_mode,
|
||||
)
|
||||
);
|
||||
|
||||
|
|
@ -464,6 +512,18 @@ if ($conf['use_exif'] and !function_exists('read_exif_data'))
|
|||
);
|
||||
}
|
||||
|
||||
if (get_ini_size('upload_max_filesize') > get_ini_size('post_max_size'))
|
||||
{
|
||||
array_push(
|
||||
$setup_warnings,
|
||||
sprintf(
|
||||
l10n('In your php.ini file, the upload_max_filesize (%sB) is bigger than post_max_size (%sB), you should change this setting'),
|
||||
get_ini_size('upload_max_filesize', false),
|
||||
get_ini_size('post_max_size', false)
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
$template->assign(
|
||||
array(
|
||||
'setup_errors'=> $setup_errors,
|
||||
|
|
|
|||
|
|
@ -49,6 +49,26 @@ jQuery(document).ready(function(){
|
|||
|
||||
}
|
||||
|
||||
function humanReadableFileSize(bytes) {
|
||||
var byteSize = Math.round(bytes / 1024 * 100) * .01;
|
||||
var suffix = 'KB';
|
||||
|
||||
if (byteSize > 1000) {
|
||||
byteSize = Math.round(byteSize *.001 * 100) * .01;
|
||||
suffix = 'MB';
|
||||
}
|
||||
|
||||
var sizeParts = byteSize.toString().split('.');
|
||||
if (sizeParts.length > 1) {
|
||||
byteSize = sizeParts[0] + '.' + sizeParts[1].substr(0,2);
|
||||
}
|
||||
else {
|
||||
byteSize = sizeParts[0];
|
||||
}
|
||||
|
||||
return byteSize+suffix;
|
||||
}
|
||||
|
||||
if ($("select[name=category] option").length == 0) {
|
||||
$('input[name=category_type][value=existing]').attr('disabled', true);
|
||||
$('input[name=category_type]').attr('checked', false);
|
||||
|
|
@ -90,6 +110,7 @@ var upload_id = '{$upload_id}';
|
|||
var session_id = '{$session_id}';
|
||||
var pwg_token = '{$pwg_token}';
|
||||
var buttonText = 'Browse';
|
||||
var sizeLimit = {$upload_max_filesize};
|
||||
|
||||
{literal}
|
||||
jQuery("#uploadify").uploadify({
|
||||
|
|
@ -108,6 +129,7 @@ var buttonText = 'Browse';
|
|||
'multi' : true,
|
||||
'fileDesc' : 'Photo files (*.jpg,*.jpeg,*.png)',
|
||||
'fileExt' : '*.jpg;*.JPG;*.jpeg;*.JPEG;*.png;*.PNG',
|
||||
'sizeLimit' : sizeLimit,
|
||||
'onAllComplete' : function(event, data) {
|
||||
if (data.errors) {
|
||||
return false;
|
||||
|
|
@ -118,18 +140,23 @@ var buttonText = 'Browse';
|
|||
},
|
||||
onError: function (event, queueID ,fileObj, errorObj) {
|
||||
var msg;
|
||||
if (errorObj.status == 404) {
|
||||
alert('Could not find upload script.');
|
||||
msg = 'Could not find upload script.';
|
||||
}
|
||||
else if (errorObj.type === "HTTP") {
|
||||
msg = errorObj.type+": "+errorObj.status;
|
||||
|
||||
if (errorObj.type === "HTTP") {
|
||||
if (errorObj.info === 404) {
|
||||
alert('Could not find upload script.');
|
||||
msg = 'Could not find upload script.';
|
||||
}
|
||||
else {
|
||||
msg = errorObj.type+": "+errorObj.info;
|
||||
}
|
||||
}
|
||||
else if (errorObj.type ==="File Size") {
|
||||
msg = fileObj.name+'<br>'+errorObj.type+' Limit: '+Math.round(errorObj.sizeLimit/1024)+'KB';
|
||||
msg = "File too big";
|
||||
msg = msg + '<br>'+fileObj.name+': '+humanReadableFileSize(fileObj.size);
|
||||
msg = msg + '<br>Limit: '+humanReadableFileSize(sizeLimit);
|
||||
}
|
||||
else {
|
||||
msg = errorObj.type+": "+errorObj.text;
|
||||
msg = errorObj.type+": "+errorObj.info;
|
||||
}
|
||||
|
||||
$.jGrowl(
|
||||
|
|
@ -239,7 +266,7 @@ var buttonText = 'Browse';
|
|||
</div>
|
||||
<p id="batchLink"><a href="{$batch_link}">{$batch_label}</a></p>
|
||||
</fieldset>
|
||||
<p><a href="">{'Add another set of photos'|@translate}</a></p>
|
||||
<p><a href="{$another_upload_link}">{'Add another set of photos'|@translate}</a></p>
|
||||
{else}
|
||||
|
||||
<div id="formErrors" class="errors" style="display:none">
|
||||
|
|
@ -250,7 +277,7 @@ var buttonText = 'Browse';
|
|||
<div class="hideButton" style="text-align:center"><a href="#" id="hideErrors">{'Hide'|@translate}</a></div>
|
||||
</div>
|
||||
|
||||
<form id="uploadForm" enctype="multipart/form-data" method="post" action="{$F_ACTION}" class="properties">
|
||||
<form id="uploadForm" enctype="multipart/form-data" method="post" action="{$form_action}" class="properties">
|
||||
<fieldset>
|
||||
<legend>{'Drop into category'|@translate}</legend>
|
||||
{if $upload_mode eq 'multiple'}
|
||||
|
|
|
|||
|
|
@ -757,4 +757,16 @@ $lang['Add another set of photos'] = 'Add another set of photos';
|
|||
$lang['Order of menubar items has been updated successfully.'] = 'Order of menubar items has been updated successfully.';
|
||||
$lang['This theme was not designed to be directly activated'] = 'This theme was not designed to be directly activated';
|
||||
$lang['Pending Comments'] = 'Pending Comments';
|
||||
$lang['In your php.ini file, the upload_max_filesize (%sB) is bigger than post_max_size (%sB), you should change this setting'] = 'In your php.ini file, the upload_max_filesize (%sB) is bigger than post_max_size (%sB), you should change this setting';
|
||||
$lang['Exif extension not available, admin should disable exif use'] = 'Exif extension not available, admin should disable exif use';
|
||||
$lang['The uploaded file exceeds the upload_max_filesize directive in php.ini: %sB'] = 'The uploaded file exceeds the upload_max_filesize directive in php.ini: %sB';
|
||||
$lang['The uploaded files exceed the post_max_size directive in php.ini: %sB'] = 'The uploaded files exceed the post_max_size directive in php.ini: %sB';
|
||||
$lang['The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form'] = 'The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form';
|
||||
$lang['The uploaded file was only partially uploaded'] = 'The uploaded file was only partially uploaded';
|
||||
$lang['No file was uploaded'] = 'No file was uploaded';
|
||||
$lang['Missing a temporary folder'] = 'Missing a temporary folder';
|
||||
$lang['Failed to write file to disk'] = 'Failed to write file to disk';
|
||||
$lang['File upload stopped by extension'] = 'File upload stopped by extension';
|
||||
$lang['Unknown upload error'] = 'Unknown upload error';
|
||||
$lang['Error on file "%s" : %s'] = 'Error on file "%s" : %s';
|
||||
?>
|
||||
|
|
@ -762,4 +762,16 @@ $lang['Add another set of photos'] = 'Ajouter d\'autres photos';
|
|||
$lang['Order of menubar items has been updated successfully.'] = 'L\'ordre des éléments du menu a été mis à jour avec succès.';
|
||||
$lang['This theme was not designed to be directly activated'] = 'Ce thème n\'est pas conçu pour être activé directement';
|
||||
$lang['Pending Comments'] = 'Commentaires en attente';
|
||||
$lang['In your php.ini file, the upload_max_filesize (%sB) is bigger than post_max_size (%sB), you should change this setting'] = 'Dans votre fichier php.ini, la variable upload_max_filesize (%sB) est plus grande que post_max_size (%sB), vous devriez modifier ce paramétrage';
|
||||
$lang['Exif extension not available, admin should disable exif use'] = 'L\'extension Exif n\'est pas disponible, un administrateur devrait désactiver l\'utilisation des métadonnées Exif';
|
||||
$lang['The uploaded file exceeds the upload_max_filesize directive in php.ini: %sB'] = 'Le poids du fichier transféré dépasse la valeur de upload_max_filesize définie dans votre fichier php.ini: %sB';
|
||||
$lang['The uploaded files exceed the post_max_size directive in php.ini: %sB'] = 'Le poids total des fichiers transférés dépasse la valeur de post_max_size dans votre fichier php.ini: %sB';
|
||||
$lang['The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form'] = 'Le poids du fichier transféré dépasse la valeur de MAX_FILE_SIZE définie dans le formulaire HTML';
|
||||
$lang['The uploaded file was only partially uploaded'] = 'Le fichier n\é até que partiellement transféré';
|
||||
$lang['No file was uploaded'] = 'Aucun fichier n\'a été transféré';
|
||||
$lang['Missing a temporary folder'] = 'Impossible de trouver le répertoire temporaire';
|
||||
$lang['Failed to write file to disk'] = 'Échec à l\'écriture du fichier sur le serveur';
|
||||
$lang['File upload stopped by extension'] = 'Le transfert du fichier a été arrêté par une extension';
|
||||
$lang['Unknown upload error'] = 'Erreur inconnue survenue lors du transfert';
|
||||
$lang['Error on file "%s" : %s'] = 'Erreur sur le fichier "%s" : %s';
|
||||
?>
|
||||
Loading…
Reference in a new issue