Changeset 1231

Show
Ignore:
Timestamp:
08/05/08 06:45:05 (4 months ago)
Author:
_ck_
Message:

attempt at more robust PHP upload error detection/reporting (no version bump)

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • bb-attachments/trunk/bb-attachments.php

    r1230 r1231  
    6363 
    6464$bb_attachments['status']=array("ok","deleted","failed","denied extension","denied mime","denied size","denied count","denied duplicate","denied dimensions"); 
     65 
     66$bb_attachments['errors']=array("ok","uploaded file exceeds UPLOAD_MAX_FILESIZE in php.ini","uploaded file exceeds MAX_FILE_SIZE in the HTML form", 
     67"uploaded file was only partially uploaded","no file was uploaded","temporary folder missing","failed to write file to disk","file upload stopped by PHP extension"); 
    6568 
    6669// really stop editing! 
     
    259262                // don't trust these, check after upload $_FILES['bb_attachments']['type']   $_FILES['bb_attachments']['size']                   
    260263                 
    261                 $filename=trim(str_replace($strip,'_',stripslashes($value)));   // sanitize filename further ???                
     264                $filename=trim(str_replace($strip,'_',stripslashes($value)));   // sanitize filename further ???         
    262265                         
    263                 if (intval($_FILES['bb_attachments']['error'][$key])==0) { 
    264                         
     266                if (intval($_FILES['bb_attachments']['error'][$key])==0 && $_FILES['bb_attachments']['size'][$key]>0) {                 
     267                 
    265268                        $ext = (strrpos($filename, '.')===false) ? "" : trim(strtolower(substr($filename, strrpos($filename, '.')+1))); 
    266269                                                 
     
    326329                if ($status>0) { 
    327330                        if ($id>0) {$bbdb->query("UPDATE  bb_attachments SET `status` = $status WHERE `id` = $id");} 
    328                         $output.="<li><span style='color:red'><strong>$filename "." <span class='num'>(".round($size/1024,1)." KB)</span> ".__('error:')." ".$bb_attachments['status'][$status]."</strong></span></li>"; 
     331                        $error=""; if ($_FILES['bb_attachments']['error'][$key]>0) {$error=" (".$bb_attachments['errors'][$_FILES['bb_attachments']['error'][$key]].") ";} 
     332                        $output.="<li><span style='color:red'><strong>$filename "." <span class='num'>(".round($size/1024,1)." KB)</span> ".__('error:')." ".$bb_attachments['status'][$status]."</strong>$error</span></li>"; 
    329333                } else {$output.="<li><span style='color:green'><strong>$filename "." <span class='num'>(".round($size/1024,1)." KB)</span> ".__('successful')."</strong></span></li>";} 
    330334        } // end !$empty