- Timestamp:
- Nov 23, 2005 9:29:33 PM (19 years ago)
- Location:
- trunk/lib
- Files:
-
- 7 edited
-
App.inc.php (modified) (10 diffs)
-
FormValidator.inc.php (modified) (1 diff)
-
Nav.inc.php (modified) (1 diff)
-
PEdit.inc.php (modified) (2 diffs)
-
RecordLock.inc.php (modified) (4 diffs)
-
Upload.inc.php (modified) (8 diffs)
-
Utilities.inc.php (modified) (3 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/lib/App.inc.php
r21 r22 152 152 } 153 153 154 if (!isset($_SESSION[$this->app])) {155 $_SESSION[$this->app] = array();156 }157 158 154 // Initialize default parameters. 159 155 $this->_params = array_merge($this->_params, $this->_param_defaults); … … 296 292 session_name($this->getParam('session_name')); 297 293 298 // Start the session. Access session data using: $_SESSION['...']294 // Start the session. 299 295 session_start(); 296 297 if (!isset($_SESSION[$this->app])) { 298 // Access session data using: $_SESSION['...']. 299 // Initialize here _after_ session has started. 300 $_SESSION[$this->app] = array( 301 'messages' => array(), 302 'boomerang' => array('url'), 303 ); 304 } 300 305 } 301 306 … … 374 379 375 380 if (!in_array($type, array(MSG_NOTICE, MSG_SUCCESS, MSG_WARNING, MSG_ERR))) { 376 App::logMsg(sprintf('Invalid MSG_* type: %s', $type), LOG_DEBUG, __FILE__, __LINE__);381 $this->logMsg(sprintf('Invalid MSG_* type: %s', $type), LOG_DEBUG, __FILE__, __LINE__); 377 382 } 378 383 } … … 752 757 if (preg_match('!^/!', $url)) { 753 758 // If relative URL is given, prepend correct local hostname. 754 $my_url = parse_url($_SERVER['SCRIPT_URI']); 755 $url = sprintf('%s://%s%s', $my_url['scheme'], $my_url['host'], $url); 756 } 757 759 $scheme = 'on' == getenv('HTTPS') ? 'https' : 'http'; 760 $host = getenv('HTTP_HOST'); 761 $url = sprintf('%s://%s%s', $scheme, $host, $url); 762 } 763 758 764 $url = $this->oHREF($url, $carry_args, $always_include_sid); 759 765 … … 787 793 if (isset($id) && isset($_SESSION[$this->app]['boomerang']['url'][$id])) { 788 794 $url = $_SESSION[$this->app]['boomerang']['url'][$id]; 795 $this->logMsg(sprintf('dieBoomerangURL(%s) found: %s', $id, $url), LOG_DEBUG, __FILE__, __LINE__); 789 796 } else { 790 797 $url = end($_SESSION[$this->app]['boomerang']['url']); 791 } 792 } else if (!refererIsMe() && !preg_match('/admin_common/', getenv('SCRIPT_NAME'))) { 798 $this->logMsg(sprintf('dieBoomerangURL(%s) using: %s', $id, $url), LOG_DEBUG, __FILE__, __LINE__); 799 } 800 // Delete stored boomerang. 801 $this->deleteBoomerangURL($id); 802 } else if (!refererIsMe()) { 793 803 // Ensure that the redirecting page is not also the referrer. 794 // admin_common is an alias of 'admin', which confuses this function. Just here for local testing.795 804 $url = getenv('HTTP_REFERER'); 805 $this->logMsg(sprintf('dieBoomerangURL(%s) using referrer: %s', $id, $url), LOG_DEBUG, __FILE__, __LINE__); 796 806 } else { 797 $url = ''; 798 } 799 800 $this->logMsg(sprintf('dieBoomerangURL: %s', $url), LOG_DEBUG, __FILE__, __LINE__); 801 802 // Delete stored boomerang. 803 $this->deleteBoomerangURL($id); 807 // If URL is not specified, use the redirect_home_url. 808 $url = $this->getParam('redirect_home_url'); 809 $this->logMsg(sprintf('dieBoomerangURL(%s) not found, using redirect_home_url: %s', $id, $url), LOG_DEBUG, __FILE__, __LINE__); 810 } 811 804 812 805 813 // A redirection will never happen immediatly twice. … … 825 833 return false; 826 834 } 827 828 835 // A redirection will never happen immediatly after setting the boomerangURL. 829 836 // Set the time so ensure this doesn't happen. See App::validBoomerangURL for more. 830 837 831 if ( isset($url)&& is_string($url)) {838 if ('' != $url && is_string($url)) { 832 839 // Delete any boomerang request keys in the query string. 833 840 $url = preg_replace('/boomerang=[\w]+/', '', $url); 834 841 835 if (is _array($_SESSION[$this->app]['boomerang']['url']) && !empty($_SESSION[$this->app]['boomerang']['url'])) {842 if (isset($_SESSION[$this->app]['boomerang']['url']) && is_array($_SESSION[$this->app]['boomerang']['url']) && !empty($_SESSION[$this->app]['boomerang']['url'])) { 836 843 // If the URL currently exists in the boomerang array, delete. 837 844 while ($existing_key = array_search($url, $_SESSION[$this->app]['boomerang']['url'])) { … … 845 852 $_SESSION[$this->app]['boomerang']['url'][] = $url; 846 853 } 847 $this->logMsg(sprintf('setBoomerangURL : %s', $url), LOG_DEBUG, __FILE__, __LINE__);854 $this->logMsg(sprintf('setBoomerangURL(%s): %s', $id, $url), LOG_DEBUG, __FILE__, __LINE__); 848 855 return true; 849 856 } else { 857 $this->logMsg(sprintf('setBoomerangURL(%s) is empty!', $id, $url), LOG_NOTICE, __FILE__, __LINE__); 850 858 return false; 851 859 } … … 895 903 } 896 904 905 $this->logMsg(sprintf('deleteBoomerangURL(%s): %s', $id, $this->getBoomerangURL($id)), LOG_DEBUG, __FILE__, __LINE__); 906 897 907 if (isset($id) && isset($_SESSION[$this->app]['boomerang']['url'][$id])) { 898 908 unset($_SESSION[$this->app]['boomerang']['url'][$id]); … … 927 937 $boomerang_time = isset($_SESSION[$this->app]['boomerang']['time']) ? $_SESSION[$this->app]['boomerang']['time'] : 0; 928 938 939 $url = ''; 929 940 if (isset($id) && isset($_SESSION[$this->app]['boomerang']['url'][$id])) { 930 941 $url = $_SESSION[$this->app]['boomerang']['url'][$id]; … … 934 945 } 935 946 936 $this->logMsg(sprintf('validBoomerangURL testing url: %s', $url), LOG_DEBUG, __FILE__, __LINE__); 937 if (empty($url)) { 947 $this->logMsg(sprintf('validBoomerangURL(%s) testing: %s', $id, $url), LOG_DEBUG, __FILE__, __LINE__); 948 949 if ('' == $url) { 950 $this->logMsg(sprintf('validBoomerangURL(%s) not valid, empty!', $id), LOG_NOTICE, __FILE__, __LINE__); 938 951 return false; 939 952 } 940 953 if ($url == absoluteMe()) { 941 954 // The URL we are directing to is the current page. 942 $this->logMsg(sprintf(' Boomerang URL not valid, same as absoluteMe: %s', $url), LOG_WARNING, __FILE__, __LINE__);955 $this->logMsg(sprintf('validBoomerangURL(%s) not valid, same as absoluteMe: %s', $id, $url), LOG_NOTICE, __FILE__, __LINE__); 943 956 return false; 944 957 } 945 958 if ($boomerang_time >= (time() - 2)) { 946 959 // Last boomerang direction was more than 2 seconds ago. 947 $this->logMsg(sprintf(' Boomerang URL not valid, boomerang_time too short: %s', time() - $boomerang_time), LOG_WARNING, __FILE__, __LINE__);948 return false; 949 } 950 951 $this->logMsg(sprintf('validBoomerangURL found: %s', $url), LOG_DEBUG, __FILE__, __LINE__);960 $this->logMsg(sprintf('validBoomerangURL(%s) not valid, boomerang_time too short: %s', $id, time() - $boomerang_time), LOG_NOTICE, __FILE__, __LINE__); 961 return false; 962 } 963 964 $this->logMsg(sprintf('validBoomerangURL(%s) is valid: %s', $id, $url), LOG_DEBUG, __FILE__, __LINE__); 952 965 return true; 953 966 } -
trunk/lib/FormValidator.inc.php
r21 r22 433 433 $phone = getFormData($form_name); 434 434 435 $this->checkRegex($form_name, '/^[0-9 +().-]*$/', true, sprintf(_("The phone number <strong>%s</strong> is not valid."), $phone));436 $this->stringLength($form_name, 0, 25, sprintf(_("The phone number <strong>%s</strong> is too long"), $phone));435 return $this->checkRegex($form_name, '/^[0-9 +().-]*$/', true, sprintf(_("The phone number <strong>%s</strong> is not valid."), $phone)) 436 && $this->stringLength($form_name, 0, 25, sprintf(_("The phone number <strong>%s</strong> is too long"), $phone)); 437 437 } 438 438 -
trunk/lib/Nav.inc.php
r21 r22 148 148 149 149 if ($this->getFeature('title', $page_id)) { 150 return oTxt($this->pages[$page_id]['title'] , true);150 return oTxt($this->pages[$page_id]['title']); 151 151 } else { 152 152 return false; -
trunk/lib/PEdit.inc.php
r21 r22 163 163 ?> 164 164 <tr> 165 <td valign="top"nowrap="nowrap"><p><?php echo date('r', $v['unixtime']); ?></p></td>166 <td valign="top"nowrap="nowrap"><p> <?php printf(_("%s bytes"), $v['filesize']); ?></p></td>167 <td valign="top"nowrap="nowrap"><p> [<a href="<?php echo App::oHREF(dirname($_SERVER['PHP_SELF']) . (preg_match('!/$!', dirname($_SERVER['PHP_SELF'])) ? '' : '/') . $v['filename']); ?>" target="_blank"><?php echo _("view"); ?></a>]</p></td>168 <td valign="top"nowrap="nowrap"><p> [<a href="<?php echo App::oHREF($_SERVER['PHP_SELF'] . '?op=Restore&with_file=' . $v['filename'] . '&file_hash=' . md5('frog_guts' . $this->_filename)); ?>"><?php echo _("restore"); ?></a>]</p></td>165 <td nowrap="nowrap"><p><?php echo date('r', $v['unixtime']); ?></p></td> 166 <td nowrap="nowrap"><p> <?php printf(_("%s bytes"), $v['filesize']); ?></p></td> 167 <td nowrap="nowrap"><p> [<a href="<?php echo App::oHREF(dirname($_SERVER['PHP_SELF']) . (preg_match('!/$!', dirname($_SERVER['PHP_SELF'])) ? '' : '/') . $v['filename']); ?>" target="_blank"><?php echo _("view"); ?></a>]</p></td> 168 <td nowrap="nowrap"><p> [<a href="<?php echo App::oHREF($_SERVER['PHP_SELF'] . '?op=Restore&with_file=' . $v['filename'] . '&file_hash=' . md5('frog_guts' . $this->_filename)); ?>"><?php echo _("restore"); ?></a>]</p></td> 169 169 </tr> 170 170 <?php … … 237 237 ?> 238 238 <table border="0" cellspacing="0" cellpadding="2"><tr> 239 <td valign="top"><input type="hidden" name="data[<?php echo $name; ?>]" value="off" /><input type="checkbox" name="data[<?php echo $name; ?>]" <?php echo $checked; ?>/></td>240 <td valign="top"><?php echo oTxt($this->_data[$name]['corresponding_text']); ?></td>239 <td><input type="hidden" name="data[<?php echo $name; ?>]" value="off" /><input type="checkbox" name="data[<?php echo $name; ?>]" <?php echo $checked; ?>/></td> 240 <td><?php echo oTxt($this->_data[$name]['corresponding_text']); ?></td> 241 241 </tr></table> 242 242 <?php -
trunk/lib/RecordLock.inc.php
r21 r22 33 33 { 34 34 static $instances = array(); 35 36 if (!is_a($auth_object, 'Auth_SQL')) {37 trigger_error('Constructor not provided a valid Auth_SQL object.', E_USER_ERROR);38 }39 35 40 36 if (!isset($instances[$auth_object->getVal('auth_name')])) { … … 52 48 function RecordLock($auth_object) 53 49 { 50 if (!is_a($auth_object, 'Auth_SQL')) { 51 trigger_error('Constructor not provided a valid Auth_SQL object.', E_USER_ERROR); 52 } 53 54 54 $this->_auth = $auth_object; 55 55 … … 168 168 } 169 169 if ($this->data = mysql_fetch_assoc($qid)) { 170 App::logMsg(sprintf('Found locked record: %s %s %s', $record_table_or_lock_id, $record_key, $record_val), LOG_DEBUG, __FILE__, __LINE__); 170 App::logMsg(sprintf('Selecting %slocked record: %s %s %s', ($this->data['set_by_admin_id'] == $this->_auth->getVal('user_id') ? 'self-' : ''), $record_table_or_lock_id, $record_key, $record_val), LOG_DEBUG, __FILE__, __LINE__); 171 /// FIX ME: What if admin set lock, but public user is current lock user? 171 172 $this->data['editor'] = $this->_auth->getUsername($this->data['set_by_admin_id']); 172 173 return true; … … 275 276 WHERE lock_id = '" . addslashes($this->data['lock_id']) . "' 276 277 "); 278 279 App::logMsg(sprintf('Removing lock: %s', $this->data['lock_id']), LOG_DEBUG, __FILE__, __LINE__); 277 280 } 278 281 -
trunk/lib/Upload.inc.php
r21 r22 30 30 'dest_file_perms' => 0600, 31 31 32 // Require file to have one of the following file extentions.32 // Require file to have one of the following file name extentions. 33 33 'valid_file_extensions' => array('jpg', 'jpeg', 'gif', 'png', 'pdf', 'txt', 'text', 'html', 'htm'), 34 34 ); … … 37 37 var $errors = array(); 38 38 39 // Array of file extensions and corresponding mime-types.39 // Array of file name extensions and corresponding mime-types. 40 40 var $mime_extension_map = array( 41 41 'Z' => 'application/x-compress', … … 278 278 } 279 279 280 // Ensure the file form element specified actually exists. 280 281 if (!isset($_FILES[$form_name])) { 281 App::logMsg(sprintf(_("Form element %s not posted."), $form_name), LOG_ERR, __FILE__, __LINE__);282 $this->raiseMsg(_("There was a problem with the file upload. Please try again ."), MSG_ERR, __FILE__, __LINE__);282 App::logMsg(sprintf(_("Form element %s does not exist."), $form_name), LOG_ERR, __FILE__, __LINE__); 283 $this->raiseMsg(_("There was a problem with the file upload. Please try again later."), MSG_ERR, __FILE__, __LINE__); 283 284 return false; 284 285 } … … 314 315 } 315 316 316 // Check The php upload error messages. 317 if (UPLOAD_ERR_INI_SIZE === $files['error'][$i]) { 318 if ($this->getParam('display_messages')) { 319 $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: it exceeds the maximum allowed upload file size of %s."), $files['name'][$i], ini_get('upload_max_filesize')), MSG_ERR, __FILE__, __LINE__); 320 } 321 App::logMsg(sprintf(_("The file %s failed uploading with PHP error %s UPLOAD_ERR_INI_SIZE (currently %s)."), $files['error'][$i], $files['name'][$i], ini_get('upload_max_filesize')), LOG_ERR, __FILE__, __LINE__); 322 $this->errors[] = $files['name'][$i]; 323 continue; 324 } 325 if (UPLOAD_ERR_FORM_SIZE === $files['error'][$i]) { 326 $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: it exceeds the maximum allowed upload file size of %s."), $files['name'][$i], $_POST['MAX_FILE_SIZE']), MSG_ERR, __FILE__, __LINE__); 327 App::logMsg(sprintf(_("The file %s failed uploading with PHP error %s UPLOAD_ERR_FORM_SIZE (currently %s)."), $files['error'][$i], $files['name'][$i], $_POST['MAX_FILE_SIZE']), LOG_ERR, __FILE__, __LINE__); 328 $this->errors[] = $files['name'][$i]; 329 continue; 330 } 331 if (UPLOAD_ERR_PARTIAL === $files['error'][$i]) { 332 $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: it was only partially uploaded."), $files['name'][$i]), MSG_ERR, __FILE__, __LINE__); 333 App::logMsg(sprintf(_("The file %s failed uploading with PHP error %s UPLOAD_ERR_PARTIAL."), $files['error'][$i], $files['name'][$i]), LOG_ERR, __FILE__, __LINE__); 334 $this->errors[] = $files['name'][$i]; 335 continue; 336 } 337 if (UPLOAD_ERR_NO_FILE === $files['error'][$i]) { 338 $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: no file was uploaded."), $files['name'][$i]), MSG_ERR, __FILE__, __LINE__); 339 App::logMsg(sprintf(_("The file %s failed uploading with PHP error %s UPLOAD_ERR_NO_FILE."), $files['error'][$i], $files['name'][$i]), LOG_ERR, __FILE__, __LINE__); 340 $this->errors[] = $files['name'][$i]; 341 continue; 342 } 343 if (UPLOAD_ERR_NO_TMP_DIR === $files['error'][$i]) { 344 $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: temporary upload directory missing."), $files['name'][$i]), MSG_ERR, __FILE__, __LINE__); 345 App::logMsg(sprintf(_("The file %s failed uploading with PHP error %s UPLOAD_ERR_NO_TMP_DIR."), $files['error'][$i], $files['name'][$i]), LOG_ERR, __FILE__, __LINE__); 346 $this->errors[] = $files['name'][$i]; 347 continue; 348 } 349 350 // Check to be sure it's an uploaded file. 351 if (!is_uploaded_file($files['tmp_name'][$i])) { 352 $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading."), $files['name'][$i]), MSG_ERR, __FILE__, __LINE__); 353 App::logMsg(sprintf(_("The file %s failed is_uploaded_file."), $files['name'][$i]), LOG_ERR, __FILE__, __LINE__); 354 $this->errors[] = $files['name'][$i]; 355 continue; 356 } 357 358 // Check to be sure the file is not empty. 359 if ($files['size'][$i] < 1) { 360 $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: it contains zero bytes."), $files['name'][$i]), MSG_ERR, __FILE__, __LINE__); 361 App::logMsg(sprintf(_("The uploaded file %s contains zero bytes."), $files['name'][$i]), LOG_ERR, __FILE__, __LINE__); 362 $this->errors[] = $files['name'][$i]; 363 continue; 364 } 365 366 // Check to be sure the file has a valid file extension. 367 if (!in_array(strtolower($this->getFilenameExtension($files['name'][$i])), $this->getParam('valid_file_extensions'))) { 368 $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: it is an unrecognized type. Files must have one of the following file extensions: %s."), $files['name'][$i], join(', ', $this->getParam('valid_file_extensions'))), MSG_ERR, __FILE__, __LINE__); 369 App::logMsg(sprintf(_("The uploaded file %s has an unrecognized file extension."), $files['name'][$i]), LOG_WARNING, __FILE__, __LINE__); 370 $this->errors[] = $files['name'][$i]; 371 continue; 372 } 373 374 // Check to be sure the file has a unique file name. 375 if (!$this->getParam('allow_overwriting') && $this->exists($files['name'][$i])) { 376 $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: a file with that name already exists."), $files['name'][$i]), MSG_ERR, __FILE__, __LINE__); 377 App::logMsg(sprintf(_("The uploaded file %s doesn't have a unique filename."), $files['name'][$i]), LOG_WARNING, __FILE__, __LINE__); 378 $this->errors[] = $files['name'][$i]; 379 continue; 380 } 381 382 // Determine file name. 317 // Determine final file name. 383 318 if ($num == 1) { 384 319 // Single upload. … … 420 355 $file_path_name = $this->getParam('upload_path') . '/' . $file_name; 421 356 357 358 // Check The php upload error messages. 359 if (UPLOAD_ERR_INI_SIZE === $files['error'][$i]) { 360 if ($this->getParam('display_messages')) { 361 $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: it exceeds the maximum allowed upload file size of %s."), $file_name, ini_get('upload_max_filesize')), MSG_ERR, __FILE__, __LINE__); 362 } 363 App::logMsg(sprintf(_("The file %s failed uploading with PHP error %s UPLOAD_ERR_INI_SIZE (currently %s)."), $files['error'][$i], $file_name, ini_get('upload_max_filesize')), LOG_ERR, __FILE__, __LINE__); 364 $this->errors[] = $file_name; 365 continue; 366 } 367 if (UPLOAD_ERR_FORM_SIZE === $files['error'][$i]) { 368 $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: it exceeds the maximum allowed upload file size of %s."), $file_name, $_POST['MAX_FILE_SIZE']), MSG_ERR, __FILE__, __LINE__); 369 App::logMsg(sprintf(_("The file %s failed uploading with PHP error %s UPLOAD_ERR_FORM_SIZE (currently %s)."), $files['error'][$i], $file_name, $_POST['MAX_FILE_SIZE']), LOG_ERR, __FILE__, __LINE__); 370 $this->errors[] = $file_name; 371 continue; 372 } 373 if (UPLOAD_ERR_PARTIAL === $files['error'][$i]) { 374 $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: it was only partially uploaded."), $file_name), MSG_ERR, __FILE__, __LINE__); 375 App::logMsg(sprintf(_("The file %s failed uploading with PHP error %s UPLOAD_ERR_PARTIAL."), $files['error'][$i], $file_name), LOG_ERR, __FILE__, __LINE__); 376 $this->errors[] = $file_name; 377 continue; 378 } 379 if (UPLOAD_ERR_NO_FILE === $files['error'][$i]) { 380 $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: no file was uploaded."), $file_name), MSG_ERR, __FILE__, __LINE__); 381 App::logMsg(sprintf(_("The file %s failed uploading with PHP error %s UPLOAD_ERR_NO_FILE."), $files['error'][$i], $file_name), LOG_ERR, __FILE__, __LINE__); 382 $this->errors[] = $file_name; 383 continue; 384 } 385 if (UPLOAD_ERR_NO_TMP_DIR === $files['error'][$i]) { 386 $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: temporary upload directory missing."), $file_name), MSG_ERR, __FILE__, __LINE__); 387 App::logMsg(sprintf(_("The file %s failed uploading with PHP error %s UPLOAD_ERR_NO_TMP_DIR."), $files['error'][$i], $file_name), LOG_ERR, __FILE__, __LINE__); 388 $this->errors[] = $file_name; 389 continue; 390 } 391 392 // Check to be sure it's an uploaded file. 393 if (!is_uploaded_file($files['tmp_name'][$i])) { 394 $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading."), $file_name), MSG_ERR, __FILE__, __LINE__); 395 App::logMsg(sprintf(_("The file %s failed is_uploaded_file."), $file_name), LOG_ERR, __FILE__, __LINE__); 396 $this->errors[] = $file_name; 397 continue; 398 } 399 400 // Check to be sure the file is not empty. 401 if ($files['size'][$i] < 1) { 402 $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: it contains zero bytes."), $file_name), MSG_ERR, __FILE__, __LINE__); 403 App::logMsg(sprintf(_("The uploaded file %s contains zero bytes."), $file_name), LOG_ERR, __FILE__, __LINE__); 404 $this->errors[] = $file_name; 405 continue; 406 } 407 408 // Check to be sure the file has a valid file name extension. 409 if (!in_array(strtolower($this->getFilenameExtension($file_name)), $this->getParam('valid_file_extensions'))) { 410 $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: it is an unrecognized type. Files must have one of the following file name extensions: %s."), $file_name, join(', ', $this->getParam('valid_file_extensions'))), MSG_ERR, __FILE__, __LINE__); 411 App::logMsg(sprintf(_("The uploaded file %s has an unrecognized file name extension."), $file_name), LOG_WARNING, __FILE__, __LINE__); 412 $this->errors[] = $file_name; 413 continue; 414 } 415 416 // Check to be sure the file has a unique file name. 417 if (!$this->getParam('allow_overwriting') && $this->exists($file_name)) { 418 $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: a file with that name already exists."), $file_name), MSG_ERR, __FILE__, __LINE__); 419 App::logMsg(sprintf(_("The uploaded file %s doesn't have a unique filename."), $file_name), LOG_WARNING, __FILE__, __LINE__); 420 $this->errors[] = $file_name; 421 continue; 422 } 423 422 424 // Move the file to the final place. 423 425 if (move_uploaded_file($files['tmp_name'][$i], $file_path_name)) { 424 426 chmod($file_path_name, $this->getParam('dest_file_perms')); 425 $this->raiseMsg(sprintf(_("The file <strong>%s</strong> uploaded successfully."), $file s['name'][$i]), MSG_SUCCESS, __FILE__, __LINE__);427 $this->raiseMsg(sprintf(_("The file <strong>%s</strong> uploaded successfully."), $file_name), MSG_SUCCESS, __FILE__, __LINE__); 426 428 if (!isset($custom_file_name) && $files['name'][$i] != $file_name) { 427 429 // Notify user if uploaded file name was modified (unless a custom file name will be used anyways). … … 435 437 continue; 436 438 } else { 437 $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading."), $file s['name'][$i]), MSG_ERR, __FILE__, __LINE__);439 $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading."), $file_name), MSG_ERR, __FILE__, __LINE__); 438 440 App::logMsg(sprintf(_("Moving file failed: %s -> %s"), $files['tmp_name'][$i], $file_path_name), LOG_ALERT, __FILE__, __LINE__); 439 $this->errors[] = $files['name'][$i]; 440 continue; 441 } 442 } 443 return (sizeof($new_file_names) > 0) ? $new_file_names : false; 441 $this->errors[] = $file_name; 442 continue; 443 } 444 } 445 446 // Return names of files uploaded (or empty array when none processed). 447 return $new_file_names; 444 448 } 445 449 … … 543 547 * 544 548 */ 549 function anyErrors() 550 { 551 return sizeof($this->errors) > 0; 552 } 553 554 /** 555 * 556 */ 545 557 function cleanFileName($file_name) 546 558 { … … 560 572 { 561 573 preg_match('/.*?\.(\w+)$/i', $file_name, $ext); 562 return $ext[1];574 return isset($ext[1]) ? $ext[1] : ''; 563 575 } 564 576 -
trunk/lib/Utilities.inc.php
r21 r22 532 532 * @access public 533 533 * @param string $val The string to sign. 534 * @param string $ key(Optional) A text key to use for computing the signature.534 * @param string $seed_key (Optional) A text key to use for computing the signature. 535 535 * @return string The original value with a signature appended. 536 536 */ 537 function addSignature($val, $ key=null)537 function addSignature($val, $seed_key=null) 538 538 { 539 539 if ('' == $val) { … … 541 541 } 542 542 543 if (!isset($ key)) {544 $ key = App::getParam('signing_key');545 } 546 547 return $val . '-' . substr(md5($val . $ key), 0, 18);543 if (!isset($seed_key)) { 544 $seed_key = App::getParam('signing_key'); 545 } 546 547 return $val . '-' . substr(md5($val . $seed_key), 0, 18); 548 548 } 549 549 … … 566 566 * @access public 567 567 * @param string $signed_val A value with appended signature. 568 * @param string $ key(Optional) A text key to use for computing the signature.568 * @param string $seed_key (Optional) A text key to use for computing the signature. 569 569 * @return bool True if the signature matches the var. 570 570 */ 571 function verifySignature($signed_val, $ key=null)571 function verifySignature($signed_val, $seed_key=null) 572 572 { 573 573 // Strip the value from the signed value. 574 $val = substr($signed_val, 0, strrpos($signed_val, '-'));574 $val = removeSignature($signed_val); 575 575 // If the signed value matches the original signed value we consider the value safe. 576 if ($signed_val == addSignature($val, $ key)) {576 if ($signed_val == addSignature($val, $seed_key)) { 577 577 // Signature verified. 578 578 return true;
Note: See TracChangeset
for help on using the changeset viewer.
