From 18c6018b2429fdb6186a8f8c114547cd4f7131dc Mon Sep 17 00:00:00 2001 From: plegall Date: Tue, 29 Jun 2010 18:39:48 +0000 Subject: bug 1747 fixed: some checks were added to verify the upload will fail for a too big size or if the upload has failed for a too big size (test on upload_max_filesize and post_max_size) git-svn-id: http://piwigo.org/svn/branches/2.1@6624 68402e56-0260-453c-a942-63ccdbb3a9ee --- admin/include/functions_upload.inc.php | 78 ++++++++++++++++++++++++++++++++++ admin/include/uploadify/uploadify.php | 29 +++++++++++++ 2 files changed, 107 insertions(+) (limited to 'admin/include') diff --git a/admin/include/functions_upload.inc.php b/admin/include/functions_upload.inc.php index d1aed33ca..bfd5d5107 100644 --- a/admin/include/functions_upload.inc.php +++ b/admin/include/functions_upload.inc.php @@ -299,4 +299,82 @@ function is_valid_image_extension($extension) { return in_array(strtolower($extension), array('jpg', 'jpeg', 'png')); } + +function file_upload_error_message($error_code) +{ + switch ($error_code) { + case UPLOAD_ERR_INI_SIZE: + return sprintf( + l10n('The uploaded file exceeds the upload_max_filesize directive in php.ini: %sB'), + get_ini_size('upload_max_filesize', false) + ); + case UPLOAD_ERR_FORM_SIZE: + return l10n('The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form'); + case UPLOAD_ERR_PARTIAL: + return l10n('The uploaded file was only partially uploaded'); + case UPLOAD_ERR_NO_FILE: + return l10n('No file was uploaded'); + case UPLOAD_ERR_NO_TMP_DIR: + return l10n('Missing a temporary folder'); + case UPLOAD_ERR_CANT_WRITE: + return l10n('Failed to write file to disk'); + case UPLOAD_ERR_EXTENSION: + return l10n('File upload stopped by extension'); + default: + return l10n('Unknown upload error'); + } +} + +function get_ini_size($ini_key, $in_bytes=true) +{ + $size = ini_get($ini_key); + + if ($in_bytes) + { + $size = convert_shortand_notation_to_bytes($size); + } + + return $size; +} + +function convert_shortand_notation_to_bytes($value) +{ + $suffix = substr($value, -1); + $multiply_by = null; + + if ('K' == $suffix) + { + $multiply_by = 1024; + } + else if ('M' == $suffix) + { + $multiply_by = 1024*1024; + } + else if ('G' == $suffix) + { + $multiply_by = 1024*1024*1024; + } + + if (isset($multiply_by)) + { + $value = substr($value, 0, -1); + $value*= $multiply_by; + } + + return $value; +} + +function add_upload_error($upload_id, $error_message) +{ + if (!isset($_SESSION['uploads_error'])) + { + $_SESSION['uploads_error'] = array(); + } + if (!isset($_SESSION['uploads_error'][$upload_id])) + { + $_SESSION['uploads_error'][$upload_id] = array(); + } + + array_push($_SESSION['uploads_error'][$upload_id], $error_message); +} ?> \ No newline at end of file diff --git a/admin/include/uploadify/uploadify.php b/admin/include/uploadify/uploadify.php index 44db5a15b..8b3f49bb5 100644 --- a/admin/include/uploadify/uploadify.php +++ b/admin/include/uploadify/uploadify.php @@ -11,13 +11,35 @@ include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php'); check_pwg_token(); ob_start(); +echo '$_FILES'."\n"; print_r($_FILES); +echo '$_POST'."\n"; print_r($_POST); +echo '$user'."\n"; print_r($user); $tmp = ob_get_contents(); ob_end_clean(); // error_log($tmp, 3, "/tmp/php-".date('YmdHis').'-'.sprintf('%020u', rand()).".log"); +if ($_FILES['Filedata']['error'] !== UPLOAD_ERR_OK) +{ + $error_message = file_upload_error_message($_FILES['Filedata']['error']); + + add_upload_error( + $_POST['upload_id'], + sprintf( + l10n('Error on file "%s" : %s'), + $_FILES['Filedata']['name'], + $error_message + ) + ); + + echo "File Size Error"; + exit(); +} + +ob_start(); + $image_id = add_uploaded_file( $_FILES['Filedata']['tmp_name'], $_FILES['Filedata']['name'], @@ -40,5 +62,12 @@ array_push( $image_id ); +$output = ob_get_contents(); +ob_end_clean(); +if (!empty($output)) +{ + add_upload_error($_POST['upload_id'], $output); +} + echo "1"; ?> \ No newline at end of file -- cgit v1.2.3