Bug fix for PHP 5.6 when upload images
This commit is contained in:
parent
febd7256e4
commit
600345ee57
8 changed files with 23 additions and 22 deletions
|
@ -178,7 +178,7 @@ function uploadImages() {
|
||||||
// Check file type/extension
|
// Check file type/extension
|
||||||
const validImageTypes = ['image/gif', 'image/jpeg', 'image/png', 'image/svg+xml'];
|
const validImageTypes = ['image/gif', 'image/jpeg', 'image/png', 'image/svg+xml'];
|
||||||
if (!validImageTypes.includes(images[i].type)) {
|
if (!validImageTypes.includes(images[i].type)) {
|
||||||
showMediaAlert("<?php echo $L->g('File type is not supported. Allowed types:').' '.implode(', ',ALLOWED_IMG_EXTENSION) ?>");
|
showMediaAlert("<?php echo $L->g('File type is not supported. Allowed types:').' '.implode(', ',$GLOBALS['ALLOWED_IMG_EXTENSION']) ?>");
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -17,8 +17,8 @@ if (!isset($_FILES['inputFile'])) {
|
||||||
// File extension
|
// File extension
|
||||||
$fileExtension = Filesystem::extension($_FILES['inputFile']['name']);
|
$fileExtension = Filesystem::extension($_FILES['inputFile']['name']);
|
||||||
$fileExtension = Text::lowercase($fileExtension);
|
$fileExtension = Text::lowercase($fileExtension);
|
||||||
if (!in_array($fileExtension, ALLOWED_IMG_EXTENSION) ) {
|
if (!in_array($fileExtension, $GLOBALS['ALLOWED_IMG_EXTENSION']) ) {
|
||||||
$message = 'File type is not supported. Allowed types: '.implode(', ',ALLOWED_IMG_EXTENSION);
|
$message = 'File type is not supported. Allowed types: '.implode(', ',$GLOBALS['ALLOWED_IMG_EXTENSION']);
|
||||||
Log::set($message, LOG_TYPE_ERROR);
|
Log::set($message, LOG_TYPE_ERROR);
|
||||||
ajaxResponse(1, $message);
|
ajaxResponse(1, $message);
|
||||||
}
|
}
|
||||||
|
|
|
@ -15,21 +15,15 @@ if (!isset($_FILES['profilePictureInputFile'])) {
|
||||||
ajaxResponse(1, 'Error trying to upload the profile picture.');
|
ajaxResponse(1, 'Error trying to upload the profile picture.');
|
||||||
}
|
}
|
||||||
|
|
||||||
// File extension
|
// Check file extension
|
||||||
$fileExtension = Filesystem::extension($_FILES['profilePictureInputFile']['name']);
|
$fileExtension = Filesystem::extension($_FILES['profilePictureInputFile']['name']);
|
||||||
$fileExtension = Text::lowercase($fileExtension);
|
$fileExtension = Text::lowercase($fileExtension);
|
||||||
if (!in_array($fileExtension, ALLOWED_IMG_EXTENSION) ) {
|
if (!in_array($fileExtension, $GLOBALS['ALLOWED_IMG_EXTENSION']) ) {
|
||||||
$message = 'File type is not supported. Allowed types: '.implode(', ',ALLOWED_IMG_EXTENSION);
|
$message = 'File type is not supported. Allowed types: '.implode(', ',$GLOBALS['ALLOWED_IMG_EXTENSION']);
|
||||||
Log::set($message, LOG_TYPE_ERROR);
|
Log::set($message, LOG_TYPE_ERROR);
|
||||||
ajaxResponse(1, $message);
|
ajaxResponse(1, $message);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Tmp filename
|
|
||||||
$tmpFilename = $username.'.'.$fileExtension;
|
|
||||||
|
|
||||||
// Final filename
|
|
||||||
$filename = $username.'.png';
|
|
||||||
|
|
||||||
// Check path traversal
|
// Check path traversal
|
||||||
if (Text::stringContains($username, DS, false)) {
|
if (Text::stringContains($username, DS, false)) {
|
||||||
$message = 'Path traversal detected.';
|
$message = 'Path traversal detected.';
|
||||||
|
@ -37,6 +31,9 @@ if (Text::stringContains($username, DS, false)) {
|
||||||
ajaxResponse(1, $message);
|
ajaxResponse(1, $message);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Tmp filename
|
||||||
|
$tmpFilename = $username.'.'.$fileExtension;
|
||||||
|
|
||||||
// Move from temporary directory to uploads folder
|
// Move from temporary directory to uploads folder
|
||||||
rename($_FILES['profilePictureInputFile']['tmp_name'], PATH_TMP.$tmpFilename);
|
rename($_FILES['profilePictureInputFile']['tmp_name'], PATH_TMP.$tmpFilename);
|
||||||
|
|
||||||
|
@ -48,6 +45,9 @@ $image->saveImage(PATH_UPLOADS_PROFILES.$filename, PROFILE_IMG_QUALITY, false, t
|
||||||
// Remove the tmp file
|
// Remove the tmp file
|
||||||
unlink(PATH_TMP.$tmpFilename);
|
unlink(PATH_TMP.$tmpFilename);
|
||||||
|
|
||||||
|
// Final filename
|
||||||
|
$filename = $username.'.png';
|
||||||
|
|
||||||
// Permissions
|
// Permissions
|
||||||
chmod(PATH_UPLOADS_PROFILES.$filename, 0644);
|
chmod(PATH_UPLOADS_PROFILES.$filename, 0644);
|
||||||
|
|
||||||
|
|
|
@ -47,7 +47,7 @@ foreach ($_FILES['images']['name'] as $uuid=>$filename) {
|
||||||
$filename = Filesystem::filename($image);
|
$filename = Filesystem::filename($image);
|
||||||
array_push($images, $filename);
|
array_push($images, $filename);
|
||||||
} else {
|
} else {
|
||||||
$message = $L->g('File type is not supported. Allowed types:').' '.implode(', ',ALLOWED_IMG_EXTENSION);
|
$message = $L->g('File type is not supported. Allowed types:').' '.implode(', ',$GLOBALS['ALLOWED_IMG_EXTENSION']);
|
||||||
Log::set($message, LOG_TYPE_ERROR);
|
Log::set($message, LOG_TYPE_ERROR);
|
||||||
ajaxResponse(1, $message);
|
ajaxResponse(1, $message);
|
||||||
}
|
}
|
||||||
|
|
|
@ -92,12 +92,6 @@ define('SESSION_GC_MAXLIFETIME', 3600);
|
||||||
// The value 0 means until the browser is closed
|
// The value 0 means until the browser is closed
|
||||||
define('SESSION_COOKIE_LIFE_TIME', 0);
|
define('SESSION_COOKIE_LIFE_TIME', 0);
|
||||||
|
|
||||||
// Tags, type of pages included in the tag database
|
|
||||||
define('DB_TAGS_TYPES', array('published','static','sticky'));
|
|
||||||
|
|
||||||
// Allowed image extensions
|
|
||||||
define('ALLOWED_IMG_EXTENSION', array('gif', 'png', 'jpg', 'jpeg', 'svg'));
|
|
||||||
|
|
||||||
// Alert notification dissappear in X seconds
|
// Alert notification dissappear in X seconds
|
||||||
define('ALERT_DISSAPEAR_IN', 3);
|
define('ALERT_DISSAPEAR_IN', 3);
|
||||||
|
|
||||||
|
@ -107,3 +101,10 @@ define('MEDIA_MANAGER_NUMBER_OF_FILES', 5);
|
||||||
// Sort the image by date
|
// Sort the image by date
|
||||||
define('MEDIA_MANAGER_SORT_BY_DATE', true);
|
define('MEDIA_MANAGER_SORT_BY_DATE', true);
|
||||||
|
|
||||||
|
// Constant arrays using define are not allowed in PHP 5.6 or earlier
|
||||||
|
|
||||||
|
// Type of pages included in the tag database
|
||||||
|
$GLOBALS['DB_TAGS_TYPES'] = array('published','static','sticky');
|
||||||
|
|
||||||
|
// Allowed image extensions
|
||||||
|
$GLOBALS['ALLOWED_IMG_EXTENSION'] = array('gif', 'png', 'jpg', 'jpeg', 'svg');
|
||||||
|
|
|
@ -827,7 +827,7 @@ function transformImage($file, $imageDir, $thumbnailDir=false) {
|
||||||
// Check image extension
|
// Check image extension
|
||||||
$fileExtension = Filesystem::extension($file);
|
$fileExtension = Filesystem::extension($file);
|
||||||
$fileExtension = Text::lowercase($fileExtension);
|
$fileExtension = Text::lowercase($fileExtension);
|
||||||
if (!in_array($fileExtension, ALLOWED_IMG_EXTENSION) ) {
|
if (!in_array($fileExtension, $GLOBALS['ALLOWED_IMG_EXTENSION']) ) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -18,7 +18,7 @@ class Tags extends dbList {
|
||||||
$db = $pages->getDB($onlyKeys=false);
|
$db = $pages->getDB($onlyKeys=false);
|
||||||
$tagsIndex = array();
|
$tagsIndex = array();
|
||||||
foreach ($db as $pageKey=>$pageFields) {
|
foreach ($db as $pageKey=>$pageFields) {
|
||||||
if (in_array($pageFields['type'], DB_TAGS_TYPES)) {
|
if (in_array($pageFields['type'], $GLOBALS['DB_TAGS_TYPES'])) {
|
||||||
$tags = $pageFields['tags'];
|
$tags = $pageFields['tags'];
|
||||||
foreach ($tags as $tagKey=>$tagName) {
|
foreach ($tags as $tagKey=>$tagName) {
|
||||||
if (isset($tagsIndex[$tagKey])) {
|
if (isset($tagsIndex[$tagKey])) {
|
||||||
|
|
|
@ -58,7 +58,7 @@ class pluginDisqus extends Plugin {
|
||||||
global $url;
|
global $url;
|
||||||
global $WHERE_AM_I;
|
global $WHERE_AM_I;
|
||||||
|
|
||||||
// Do not shows
|
// Do not shows disqus on page not found
|
||||||
if ($url->notFound()) {
|
if ($url->notFound()) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue