[phpwiki-checkins] SF.net SVN: phpwiki:[9262] trunk/lib

[<var...@us...>]

Revision: 9262
          http://sourceforge.net/p/phpwiki/code/9262
Author:   vargenau
Date:     2014-10-15 09:10:49 +0000 (Wed, 15 Oct 2014)
Log Message:
-----------
Better test uploads directory

Modified Paths:
--------------
    trunk/lib/config.php
    trunk/lib/plugin/UpLoad.php

Modified: trunk/lib/config.php
===================================================================
--- trunk/lib/config.php	2014-10-14 16:44:38 UTC (rev 9261)
+++ trunk/lib/config.php	2014-10-15 09:10:49 UTC (rev 9262)
@@ -60,8 +60,10 @@
     if (strstr($agent, "Mozilla/4.0 (compatible; MSIE"))
         return (float)substr($agent, 30);
     elseif (strstr($agent, "Mozilla/5.0 (compatible; Konqueror/"))
-        return (float)substr($agent, 36); elseif (strstr($agent, "AppleWebKit/"))
-        return (float)substr($agent, strpos($agent, "AppleWebKit/") + 12); else
+        return (float)substr($agent, 36);
+    elseif (strstr($agent, "AppleWebKit/"))
+        return (float)substr($agent, strpos($agent, "AppleWebKit/") + 12);
+    else
         return (float)substr($agent, 8);
 }
 
@@ -75,7 +77,8 @@
 // http://sourceforge.net/tracker/index.php?func=detail&aid=945154&group_id=6121&atid=106121
 function isBrowserKonqueror($version = false)
 {
-    if ($version) return browserDetect('Konqueror/') and browserVersion() >= $version;
+    if ($version)
+        return browserDetect('Konqueror/') and browserVersion() >= $version;
     return browserDetect('Konqueror/');
 }
 
@@ -85,13 +88,15 @@
 {
     $found = browserDetect('Spoofer/');
     $found = browserDetect('AppleWebKit/') or $found;
-    if ($version) return $found and browserVersion() >= $version;
+    if ($version)
+        return $found and browserVersion() >= $version;
     return $found;
 }
 
 function isBrowserOpera($version = false)
 {
-    if ($version) return browserDetect('Opera/') and browserVersion() >= $version;
+    if ($version)
+        return browserDetect('Opera/') and browserVersion() >= $version;
     return browserDetect('Opera/');
 }
 
@@ -188,8 +193,10 @@
         // do the reverse: return the detected locale collapsed to our LANG
         $locale = setlocale($category, '');
         if ($locale) {
-            if (strstr($locale, '_')) list ($lang) = explode('_', $locale);
-            else $lang = $locale;
+            if (strstr($locale, '_'))
+                list ($lang) = explode('_', $locale);
+            else
+                $lang = $locale;
             if (strlen($lang) > 2) {
                 foreach ($alt as $try => $locs) {
                     if (in_array($locale, $locs) or in_array($lang, $locs)) {
@@ -314,10 +321,6 @@
 {
 
     if (defined('UPLOAD_FILE_PATH')) {
-        // Force creation of the returned directory if it does not exist.
-        if (!file_exists(UPLOAD_FILE_PATH)) {
-            mkdir(UPLOAD_FILE_PATH, 0775, true);
-        }
         if (string_ends_with(UPLOAD_FILE_PATH, "/")
             or string_ends_with(UPLOAD_FILE_PATH, "\\")
         ) {

Modified: trunk/lib/plugin/UpLoad.php
===================================================================
--- trunk/lib/plugin/UpLoad.php	2014-10-14 16:44:38 UTC (rev 9261)
+++ trunk/lib/plugin/UpLoad.php	2014-10-15 09:10:49 UTC (rev 9262)
@@ -52,7 +52,6 @@
             // end of the page (or current page)
             'autolink' => true,
             'page' => '[pagename]',
-            'size' => 50,
             'mode' => 'actionpage', // or edit
         );
     }
@@ -81,7 +80,7 @@
         extract($args);
 
         $file_dir = getUploadFilePath();
-        $file_dir .= "/";
+
         $form = HTML::form(array('action' => $request->getPostURL(),
             'enctype' => 'multipart/form-data',
             'method' => 'post'));
@@ -90,8 +89,8 @@
             'name' => 'MAX_FILE_SIZE',
             'value' => MAX_UPLOAD_SIZE)));
         $contents->pushContent(HTML::input(array('name' => 'userfile',
-            'type' => 'file',
-            'size' => $size)));
+            'required' => 'required',
+            'type' => 'file')));
         if ($mode == 'edit') {
             $contents->pushContent(HTML::input(array('name' => 'action',
                 'type' => 'hidden',
@@ -122,13 +121,10 @@
                         )
                     ));
                 } else {
-                    $message->pushContent(HTML::div(array('class' => 'error'),
-                        HTML::p(_("ACCESS DENIED: You must log in to upload files."))));
+                    $message->pushContent(HTML::p(array('class' => 'error'),
+                        _("ACCESS DENIED: You must log in to upload files.")));
                 }
-                $result = HTML();
-                $result->pushContent($form);
-                $result->pushContent($message);
-                return $result;
+                return HTML($message, $form);
             }
         }
 
@@ -138,20 +134,30 @@
             $userfile_name = trim(basename($userfile_name));
             if (UPLOAD_USERDIR) {
                 $file_dir .= $request->_user->_userid;
-                if (!file_exists($file_dir))
-                    mkdir($file_dir, 0775);
                 $file_dir .= "/";
                 $u_userfile = $request->_user->_userid . "/" . $userfile_name;
             } else {
                 $u_userfile = $userfile_name;
             }
+            $trimmed_file_dir = rtrim($file_dir, '/');
+
+            if (file_exists($trimmed_file_dir) && !is_dir($trimmed_file_dir)) {
+                $message->pushContent(HTML::p(array('class' => 'error'), fmt("Cannot upload, “%s” is not a directory.", $trimmed_file_dir)));
+                return HTML($message, $form);
+            }
+            if (!file_exists($trimmed_file_dir) && !@mkdir($file_dir, 0775)) {
+                $message->pushContent(HTML::p(array('class' => 'error'), fmt("Cannot create upload directory “%s”.", $file_dir)));
+                return HTML($message, $form);
+            }
+            if (!is_writable($trimmed_file_dir)) {
+                $message->pushContent(HTML::p(array('class' => 'error'), fmt("Cannot upload, “%s” is not writable.", $file_dir)));
+                return HTML($message, $form);
+            }
+
             $u_userfile = preg_replace("/ /", "%20", $u_userfile);
             $userfile_tmpname = $userfile->getTmpName();
-            $err_header = HTML::div(array('class' => 'error'),
-                HTML::p(fmt("Error uploading “%s”", $userfile_name)));
-            if (preg_match("/(\." . join("|\.", $this->disallowed_extensions) . ")(\.|\$)/i",
-                $userfile_name)
-            ) {
+            $err_header = HTML::div(array('class' => 'error'), HTML::p(fmt("Error uploading “%s”", $userfile_name)));
+            if (preg_match("/(\." . join("|\.", $this->disallowed_extensions) . ")(\.|\$)/i", $userfile_name)) {
                 $err_header->pushContent(HTML::p(fmt("Files with extension %s are not allowed.",
                     join(", ", $this->disallowed_extensions))));
                 $message->pushContent($err_header);
@@ -202,15 +208,9 @@
                 $err_header->pushContent(HTML::p(_("Uploading failed.")));
                 $message->pushContent($err_header);
             }
-        } else {
-            $message->pushContent(HTML::br(), _("No file selected. Please select one."), HTML::br());
         }
 
-        //$result = HTML::div( array( 'class' => 'wikiaction' ) );
-        $result = HTML();
-        $result->pushContent($form);
-        $result->pushContent($message);
-        return $result;
+        return HTML($message, $form);
     }
 
     function log($userfile, $upload_log, &$message)

This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.