Update of /cvsroot/openfirst/photogallery
In directory sc8-pr-cvs1:/tmp/cvs-serv8297
Modified Files:
upload.php
Log Message:
Changes made according to task 79060. Implemented file checking for all uploads. To remove errors I made the extensions all upper case so that people don't find errors when trying to upload.
Index: upload.php
===================================================================
RCS file: /cvsroot/openfirst/photogallery/upload.php,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -d -r1.1 -r1.2
*** upload.php 5 Jun 2003 01:56:56 -0000 1.1
--- upload.php 5 Jun 2003 14:16:27 -0000 1.2
***************
*** 43,57 ****
$dirlocate = $gallerydir.$gallery->GalleryName;
! for ($num=1;$num<=$_POST['NUM_UPLOADS'];$num++){
! if (! $_FILES['upload'.$num]['name'] == ""){
! copy($_FILES['upload'.$num]['tmp_name'], $dirlocate."/".$_FILES['upload'.$num]['name']) or $error = true;
! echo "<center><br>".$_FILES['upload'.$num]['name']." - ".$_FILES['upload'.$num]['size']." - ".$_FILES['upload'.$num]['type']." - ";
! if(empty($error)){
! echo "<font color='Green'>Successful</font><br></center>\n";
! }else{
! echo "<font color='Red'>Not Successful</font><br></center>\n";
! }
! }
}
}
--- 43,81 ----
$dirlocate = $gallerydir.$gallery->GalleryName;
! $imgtypes = explode(",",$imgtypes);
!
! for ($num=1;$num<=$_POST['NUM_UPLOADS'];$num++){
!
! $continue = false;
!
! // NOTE: The change to uppercase in the if statement helps remove errors
! // I noticed this when I found that some software applications save images
! // extensions as upper case, so just making sure it doesn't give people problems.
!
! foreach($imgtypes As $type){
! $extension = substr($_FILES['upload'.$num]['name'],-3);
! if(strtoupper($extension) == strtoupper($type)){
! $continue = true;
! continue;
! }
}
+
+ if(! $continue){
+ echo "<center><br>".$_FILES['upload'.$num]['name']." - ".$_FILES['upload'.$num]['size']." - ".$_FILES['upload'.$num]['type']." - <font color='Red'>Illegal file type!</font></center>";
+ continue;
+ }
+
+ if (! $_FILES['upload'.$num]['name'] == ""){
+ copy($_FILES['upload'.$num]['tmp_name'], $dirlocate."/".$_FILES['upload'.$num]['name']) or $error = true;
+ echo "<center><br>".$_FILES['upload'.$num]['name']." - ".$_FILES['upload'.$num]['size']." - ".$_FILES['upload'.$num]['type']." - ";
+
+ if(empty($error)){
+ echo "<font color='Green'>Successful</font><br></center>\n";
+ }else{
+ echo "<font color='Red'>Not Successful</font><br></center>\n";
+ }
+
+ }
+ }
}
***************
*** 77,81 ****
<input name="setuploads" type="submit" id="setuploads" value="Add Spaces">
<input type="hidden" name="MAX_FILE_SIZE" size="5200000">
! <input type="hidden" name="NUM_UPLOADS" value="<?php echo $uploads; ?>">
<?php
--- 101,105 ----
<input name="setuploads" type="submit" id="setuploads" value="Add Spaces">
<input type="hidden" name="MAX_FILE_SIZE" size="5200000">
! <input type="hidden" name="NUM_UPLOADS" value="<?php echo $uploads; ?>"><br>
<?php
|
