aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorplegall <plg@piwigo.org>2008-09-04 22:45:27 +0000
committerplegall <plg@piwigo.org>2008-09-04 22:45:27 +0000
commit116f1bc4fb9c2825a87d7fab9dbfdde78434431a (patch)
tree9f89e004fd0b7f17f87d9f7d8fe3abf5c6bc1508 /include
parent255a4f393a8de4e5cbc133f9d56ed68c2cbf6068 (diff)
improvement: ws method pwg.images.add checks the dumped files against the
expected md5 sum. bug fixed: ws method pwg.images.add invalidate the user cache so that category date_last and category nb_images (and related data) git-svn-id: http://piwigo.org/svn/trunk@2501 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to '')
-rw-r--r--include/ws_functions.inc.php25
1 files changed, 22 insertions, 3 deletions
diff --git a/include/ws_functions.inc.php b/include/ws_functions.inc.php
index 116db6687..d99b901bd 100644
--- a/include/ws_functions.inc.php
+++ b/include/ws_functions.inc.php
@@ -939,6 +939,7 @@ function ws_images_add($params, &$service)
list($dbnow) = mysql_fetch_row(pwg_query('SELECT NOW();'));
list($year, $month, $day) = preg_split('/[^\d]/', $dbnow, 4);
+ // upload directory hierarchy
$upload_dir = sprintf(
PHPWG_ROOT_PATH.'upload/%s/%s/%s',
$year,
@@ -948,30 +949,40 @@ function ws_images_add($params, &$service)
//fwrite($fh_log, $upload_dir."\n");
+ // create the upload directory tree if not exists
if (!is_dir($upload_dir)) {
umask(0000);
$recursive = true;
mkdir($upload_dir, 0777, $recursive);
}
+ // compute file path
$date_string = preg_replace('/[^\d]/', '', $dbnow);
$random_string = substr($params['file_sum'], 0, 8);
-
$filename_wo_ext = $date_string.'-'.$random_string;
-
$file_path = $upload_dir.'/'.$filename_wo_ext.'.jpg';
+
+ // dump the photo file
$fh_file = fopen($file_path, 'w');
fwrite($fh_file, base64_decode($params['file_content']));
fclose($fh_file);
- // check dumped file md5sum with expected md5sum
+ // check dumped file md5sum against expected md5sum
+ $dumped_md5 = md5_file($file_path);
+ if ($dumped_md5 != $params['file_sum']) {
+ return new PwgError(500, 'file transfert failed');
+ }
+ // thumbnail directory is a subdirectory of the photo file, hard coded
+ // "thumbnail"
$thumbnail_dir = $upload_dir.'/thumbnail';
if (!is_dir($thumbnail_dir)) {
umask(0000);
mkdir($thumbnail_dir, 0777);
}
+ // thumbnail path, the filename may use a prefix and the extension is
+ // always "jpg" (no matter what the real file format is)
$thumbnail_path = sprintf(
'%s/%s%s.%s',
$thumbnail_dir,
@@ -979,11 +990,17 @@ function ws_images_add($params, &$service)
$filename_wo_ext,
'jpg'
);
+
+ // dump the thumbnail
$fh_thumbnail = fopen($thumbnail_path, 'w');
fwrite($fh_thumbnail, base64_decode($params['thumbnail_content']));
fclose($fh_thumbnail);
// check dumped thumbnail md5
+ $dumped_md5 = md5_file($thumbnail_path);
+ if ($dumped_md5 != $params['thumbnail_sum']) {
+ return new PwgError(500, 'thumbnail transfert failed');
+ }
// fwrite($fh_log, 'output: '.md5_file($file_path)."\n");
// fwrite($fh_log, 'output: '.md5_file($thumbnail_path)."\n");
@@ -1016,6 +1033,8 @@ function ws_images_add($params, &$service)
array($insert)
);
+ invalidate_user_cache();
+
// fclose($fh_log);
}