Mercurial Mercurial > repos > enano-1.1 / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
plugins/SpecialUpdownload.php
changeset 229 97ae8e9d5e29
parent 192 9237767a23ae
child 230 3daa715e0f69
equal deleted inserted replaced
147:d8156d18ac58 229:97ae8e9d5e29 
     2 /*
 
     2 /*
 
     3 Plugin Name: Upload/download frontend
 
     3 Plugin Name: Upload/download frontend
 
     4 Plugin URI: http://enanocms.org/
 
     4 Plugin URI: http://enanocms.org/
 
     5 Description: Provides the pages Special:UploadFile and Special:DownloadFile. UploadFile is used to upload files to the site, and DownloadFile fetches the file from the database, creates thumbnails if necessary, and sends the file to the user.
 
     5 Description: Provides the pages Special:UploadFile and Special:DownloadFile. UploadFile is used to upload files to the site, and DownloadFile fetches the file from the database, creates thumbnails if necessary, and sends the file to the user.
 
     6 Author: Dan Fuhry
 
     6 Author: Dan Fuhry
 
     7 Version: 1.0.1
 
     7 Version: 1.0.2
 
     8 Author URI: http://enanocms.org/
 
     8 Author URI: http://enanocms.org/
 
     9 */
 
     9 */
 
    10 
    10 
    11 /*
 
    11 /*
 
    12  * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
 
    12  * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
 
    13  * Version 1.0 release candidate 2
 
    13  * Version 1.0.2
 
    14  * Copyright (C) 2006-2007 Dan Fuhry
 
    14  * Copyright (C) 2006-2007 Dan Fuhry
 
    15  * SpecialUpdownload.php - handles uploading and downloading of user-uploaded files - possibly the most rigorously security-enforcing script in all of Enano, although sessions.php comes in a close second
 
    15  * SpecialUpdownload.php - handles uploading and downloading of user-uploaded files - possibly the most rigorously security-enforcing script in all of Enano, although sessions.php comes in a close second
 
    16  *
 
    16  *
 
    17  * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
 
    17  * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
 
    18  * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
 
    18  * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
 
    57     }
 
    57     }
 
    58     else
 
    58     else
 
    59     {
 
    59     {
 
    60       $file = false;
 
    60       $file = false;
 
    61     }
 
    61     }
 
    62     if(!is_array($file)) die_friendly('Upload failed', '<p>The server could not retrieve the array $_FILES[\'data\'].</p>');
 
    62     if ( !is_array($file) )
 
    63     if($file['size'] == 0 || $file['size'] > (int)getConfig('max_file_size')) die_friendly('Upload failed', '<p>The file you uploaded is either too large or 0 bytes in length.</p>');
 
    63     {
 
       
    64       die_friendly('Upload failed', '<p>The server could not retrieve the array $_FILES[\'data\'].</p>');
 
       
    65     }
 
       
    66     if ( $file['size'] == 0 || $file['size'] > (int)getConfig('max_file_size') )
 
       
    67     {
 
       
    68       die_friendly('Upload failed', '<p>The file you uploaded is either too large or 0 bytes in length.</p>');
 
       
    69     }
 
    64     /*
 
    70     /*
 
    65     $allowed_mime_types = Array(
 
    71     $allowed_mime_types = Array(
 
    66         'text/plain',
 
    72         'text/plain',
 
    67         'image/png',
 
    73         'image/png',
 
    68         'image/jpeg',
 
    74         'image/jpeg',
 
    86     else // DANG! Not even the browser told us. Bail out.
 
    92     else // DANG! Not even the browser told us. Bail out.
 
    87       die_friendly('Upload failed', '<p>Enano was unable to determine the format of the uploaded file.</p>');
 
    93       die_friendly('Upload failed', '<p>Enano was unable to determine the format of the uploaded file.</p>');
 
    88     */
 
    94     */
 
    89     $types = fetch_allowed_extensions();
 
    95     $types = fetch_allowed_extensions();
 
    90     $ext = substr($file['name'], strrpos($file['name'], '.')+1, strlen($file['name']));
 
    96     $ext = substr($file['name'], strrpos($file['name'], '.')+1, strlen($file['name']));
 
    91     if(!isset($types[$ext]) || ( isset($types[$ext]) && !$types[$ext] ) )
 
    97     if ( !isset($types[$ext]) || ( isset($types[$ext]) && !$types[$ext] ) )
 
    92     {
 
    98     {
 
    93       die_friendly('Upload failed', '<p>The file type ".'.$ext.'" is not allowed.</p>');
 
    99       die_friendly('Upload failed', '<p>The file type ".'.$ext.'" is not allowed.</p>');
 
    94     }
 
   100     }
 
    95     $type = $mime_types[$ext];
 
   101     $type = $mime_types[$ext];
 
    96     //$type = explode(';', $type); $type = $type[0];
 
   102     //$type = explode(';', $type); $type = $type[0];
Enano CMS (1.1.x)