From a1bddbe80603cba13227475117dd885433242772 Mon Sep 17 00:00:00 2001 From: plegall Date: Tue, 29 Jun 2010 18:42:11 +0000 Subject: merge r6624 from branch 2.1 to trunk bug 1747 fixed: some checks were added to verify the upload will fail for a too big size or if the upload has failed for a too big size (test on upload_max_filesize and post_max_size) git-svn-id: http://piwigo.org/svn/trunk@6625 68402e56-0260-453c-a942-63ccdbb3a9ee --- admin/include/functions_upload.inc.php | 78 +++++++++++++++++++++ admin/include/uploadify/uploadify.php | 29 ++++++++ admin/photos_add_direct.php | 80 +++++++++++++++++++--- .../themes/default/template/photos_add_direct.tpl | 47 ++++++++++--- 4 files changed, 214 insertions(+), 20 deletions(-) (limited to 'admin') diff --git a/admin/include/functions_upload.inc.php b/admin/include/functions_upload.inc.php index d1aed33ca..bfd5d5107 100644 --- a/admin/include/functions_upload.inc.php +++ b/admin/include/functions_upload.inc.php @@ -299,4 +299,82 @@ function is_valid_image_extension($extension) { return in_array(strtolower($extension), array('jpg', 'jpeg', 'png')); } + +function file_upload_error_message($error_code) +{ + switch ($error_code) { + case UPLOAD_ERR_INI_SIZE: + return sprintf( + l10n('The uploaded file exceeds the upload_max_filesize directive in php.ini: %sB'), + get_ini_size('upload_max_filesize', false) + ); + case UPLOAD_ERR_FORM_SIZE: + return l10n('The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form'); + case UPLOAD_ERR_PARTIAL: + return l10n('The uploaded file was only partially uploaded'); + case UPLOAD_ERR_NO_FILE: + return l10n('No file was uploaded'); + case UPLOAD_ERR_NO_TMP_DIR: + return l10n('Missing a temporary folder'); + case UPLOAD_ERR_CANT_WRITE: + return l10n('Failed to write file to disk'); + case UPLOAD_ERR_EXTENSION: + return l10n('File upload stopped by extension'); + default: + return l10n('Unknown upload error'); + } +} + +function get_ini_size($ini_key, $in_bytes=true) +{ + $size = ini_get($ini_key); + + if ($in_bytes) + { + $size = convert_shortand_notation_to_bytes($size); + } + + return $size; +} + +function convert_shortand_notation_to_bytes($value) +{ + $suffix = substr($value, -1); + $multiply_by = null; + + if ('K' == $suffix) + { + $multiply_by = 1024; + } + else if ('M' == $suffix) + { + $multiply_by = 1024*1024; + } + else if ('G' == $suffix) + { + $multiply_by = 1024*1024*1024; + } + + if (isset($multiply_by)) + { + $value = substr($value, 0, -1); + $value*= $multiply_by; + } + + return $value; +} + +function add_upload_error($upload_id, $error_message) +{ + if (!isset($_SESSION['uploads_error'])) + { + $_SESSION['uploads_error'] = array(); + } + if (!isset($_SESSION['uploads_error'][$upload_id])) + { + $_SESSION['uploads_error'][$upload_id] = array(); + } + + array_push($_SESSION['uploads_error'][$upload_id], $error_message); +} ?> \ No newline at end of file diff --git a/admin/include/uploadify/uploadify.php b/admin/include/uploadify/uploadify.php index 44db5a15b..8b3f49bb5 100644 --- a/admin/include/uploadify/uploadify.php +++ b/admin/include/uploadify/uploadify.php @@ -11,13 +11,35 @@ include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php'); check_pwg_token(); ob_start(); +echo '$_FILES'."\n"; print_r($_FILES); +echo '$_POST'."\n"; print_r($_POST); +echo '$user'."\n"; print_r($user); $tmp = ob_get_contents(); ob_end_clean(); // error_log($tmp, 3, "/tmp/php-".date('YmdHis').'-'.sprintf('%020u', rand()).".log"); +if ($_FILES['Filedata']['error'] !== UPLOAD_ERR_OK) +{ + $error_message = file_upload_error_message($_FILES['Filedata']['error']); + + add_upload_error( + $_POST['upload_id'], + sprintf( + l10n('Error on file "%s" : %s'), + $_FILES['Filedata']['name'], + $error_message + ) + ); + + echo "File Size Error"; + exit(); +} + +ob_start(); + $image_id = add_uploaded_file( $_FILES['Filedata']['tmp_name'], $_FILES['Filedata']['name'], @@ -40,5 +62,12 @@ array_push( $image_id ); +$output = ob_get_contents(); +ob_end_clean(); +if (!empty($output)) +{ + add_upload_error($_POST['upload_id'], $output); +} + echo "1"; ?> \ No newline at end of file diff --git a/admin/photos_add_direct.php b/admin/photos_add_direct.php index 6a7aea884..1026abd17 100644 --- a/admin/photos_add_direct.php +++ b/admin/photos_add_direct.php @@ -62,15 +62,33 @@ DELETE FROM '.CADDIE_TABLE.' // | process form | // +-----------------------------------------------------------------------+ -if (isset($_POST['submit_upload'])) +if (isset($_GET['processed'])) { // echo '
POST'."\n"; print_r($_POST); echo '
'; // echo '
FILES'."\n"; print_r($_FILES); echo '
'; // echo '
SESSION'."\n"; print_r($_SESSION); echo '
'; // exit(); + + // sometimes, you have submitted the form but you have nothing in $_POST + // and $_FILES. This may happen when you have an HTML upload and you + // exceeded the post_max_size (but not the upload_max_size) + if (!isset($_POST['submit_upload'])) + { + array_push( + $page['errors'], + sprintf( + l10n('The uploaded files exceed the post_max_size directive in php.ini: %sB'), + ini_get('post_max_size') + ) + ); + } $category_id = null; - if ('existing' == $_POST['category_type']) + if (!isset($_POST['category_type'])) + { + // nothing to do, we certainly have the post_max_size issue + } + elseif ('existing' == $_POST['category_type']) { $category_id = $_POST['category']; } @@ -193,6 +211,19 @@ if (isset($_POST['submit_upload'])) // TODO: if $image_id is not an integer, something went wrong } } + else + { + $error_message = file_upload_error_message($error); + + array_push( + $page['errors'], + sprintf( + l10n('Error on file "%s" : %s'), + $_FILES['image_upload']['name'][$idx], + $error_message + ) + ); + } } $endtime = get_moment(); @@ -204,21 +235,32 @@ if (isset($_POST['submit_upload'])) if (isset($_POST['upload_id'])) { // we're on a multiple upload, with uploadify and so on - $image_ids = $_SESSION['uploads'][ $_POST['upload_id'] ]; + if (isset($_SESSION['uploads_error'][ $_POST['upload_id'] ])) + { + foreach ($_SESSION['uploads_error'][ $_POST['upload_id'] ] as $error) + { + array_push($page['errors'], $error); + } + } - associate_images_to_categories( - $image_ids, - array($category_id) - ); + if (isset($_SESSION['uploads'][ $_POST['upload_id'] ])) + { + $image_ids = $_SESSION['uploads'][ $_POST['upload_id'] ]; - $query = ' + associate_images_to_categories( + $image_ids, + array($category_id) + ); + + $query = ' UPDATE '.IMAGES_TABLE.' SET level = '.$_POST['level'].' WHERE id IN ('.implode(', ', $image_ids).') ;'; - pwg_query($query); + pwg_query($query); - invalidate_user_cache(); + invalidate_user_cache(); + } } $page['thumbnails'] = array(); @@ -325,6 +367,10 @@ $template->assign( array( 'F_ADD_ACTION'=> PHOTOS_ADD_BASE_URL, 'uploadify_path' => $uploadify_path, + 'upload_max_filesize' => min( + get_ini_size('upload_max_filesize'), + get_ini_size('post_max_size') + ), ) ); @@ -345,10 +391,12 @@ $upload_switch = $upload_modes[ ($upload_mode_index + 1) % 2 ]; $template->assign( array( 'upload_mode' => $upload_mode, + 'form_action' => PHOTOS_ADD_BASE_URL.'&upload_mode='.$upload_mode.'&processed=1', 'switch_url' => PHOTOS_ADD_BASE_URL.'&upload_mode='.$upload_switch, 'upload_id' => md5(rand()), 'session_id' => session_id(), 'pwg_token' => get_pwg_token(), + 'another_upload_link' => PHOTOS_ADD_BASE_URL.'&upload_mode='.$upload_mode, ) ); @@ -464,6 +512,18 @@ if ($conf['use_exif'] and !function_exists('read_exif_data')) ); } +if (get_ini_size('upload_max_filesize') > get_ini_size('post_max_size')) +{ + array_push( + $setup_warnings, + sprintf( + l10n('In your php.ini file, the upload_max_filesize (%sB) is bigger than post_max_size (%sB), you should change this setting'), + get_ini_size('upload_max_filesize', false), + get_ini_size('post_max_size', false) + ) + ); +} + $template->assign( array( 'setup_errors'=> $setup_errors, diff --git a/admin/themes/default/template/photos_add_direct.tpl b/admin/themes/default/template/photos_add_direct.tpl index ff1ada8e2..91d191ecb 100644 --- a/admin/themes/default/template/photos_add_direct.tpl +++ b/admin/themes/default/template/photos_add_direct.tpl @@ -49,6 +49,26 @@ jQuery(document).ready(function(){ } + function humanReadableFileSize(bytes) { + var byteSize = Math.round(bytes / 1024 * 100) * .01; + var suffix = 'KB'; + + if (byteSize > 1000) { + byteSize = Math.round(byteSize *.001 * 100) * .01; + suffix = 'MB'; + } + + var sizeParts = byteSize.toString().split('.'); + if (sizeParts.length > 1) { + byteSize = sizeParts[0] + '.' + sizeParts[1].substr(0,2); + } + else { + byteSize = sizeParts[0]; + } + + return byteSize+suffix; + } + if ($("select[name=category] option").length == 0) { $('input[name=category_type][value=existing]').attr('disabled', true); $('input[name=category_type]').attr('checked', false); @@ -90,6 +110,7 @@ var upload_id = '{$upload_id}'; var session_id = '{$session_id}'; var pwg_token = '{$pwg_token}'; var buttonText = 'Browse'; +var sizeLimit = {$upload_max_filesize}; {literal} jQuery("#uploadify").uploadify({ @@ -108,6 +129,7 @@ var buttonText = 'Browse'; 'multi' : true, 'fileDesc' : 'Photo files (*.jpg,*.jpeg,*.png)', 'fileExt' : '*.jpg;*.JPG;*.jpeg;*.JPEG;*.png;*.PNG', + 'sizeLimit' : sizeLimit, 'onAllComplete' : function(event, data) { if (data.errors) { return false; @@ -118,18 +140,23 @@ var buttonText = 'Browse'; }, onError: function (event, queueID ,fileObj, errorObj) { var msg; - if (errorObj.status == 404) { - alert('Could not find upload script.'); - msg = 'Could not find upload script.'; - } - else if (errorObj.type === "HTTP") { - msg = errorObj.type+": "+errorObj.status; + + if (errorObj.type === "HTTP") { + if (errorObj.info === 404) { + alert('Could not find upload script.'); + msg = 'Could not find upload script.'; + } + else { + msg = errorObj.type+": "+errorObj.info; + } } else if (errorObj.type ==="File Size") { - msg = fileObj.name+'
'+errorObj.type+' Limit: '+Math.round(errorObj.sizeLimit/1024)+'KB'; + msg = "File too big"; + msg = msg + '
'+fileObj.name+': '+humanReadableFileSize(fileObj.size); + msg = msg + '
Limit: '+humanReadableFileSize(sizeLimit); } else { - msg = errorObj.type+": "+errorObj.text; + msg = errorObj.type+": "+errorObj.info; } $.jGrowl( @@ -239,7 +266,7 @@ var buttonText = 'Browse'; -

{'Add another set of photos'|@translate}

+

{'Add another set of photos'|@translate}

{else} -
+
{'Drop into category'|@translate} {if $upload_mode eq 'multiple'} -- cgit v1.2.3