diff -r cc6bf4d63684 -r 7e16181545e1 plugins/SpecialUpdownload.php --- a/plugins/SpecialUpdownload.php Mon Jan 21 18:33:44 2008 -0500 +++ b/plugins/SpecialUpdownload.php Mon Jan 21 19:54:29 2008 -0500 @@ -43,11 +43,12 @@ function page_Special_UploadFile() { global $db, $session, $paths, $template, $plugins; // Common objects + global $lang; global $mime_types; - if(getConfig('enable_uploads')!='1') { die_friendly('Access denied', '
File uploads are disabled this website.
'); } + if(getConfig('enable_uploads')!='1') { die_friendly($lang->get('etc_access_denied_short'), '' . $lang->get('upload_err_disabled_site') . '
'); } if ( !$session->get_permissions('upload_files') ) { - die_friendly('Access denied', 'File uploads are disabled for your user account or group.
'); + die_friendly($lang->get('etc_access_denied_short'), '
' . $lang->get('upload_err_disabled_acl') . '
'); } if(isset($_POST['doit'])) { @@ -61,42 +62,18 @@ } if ( !is_array($file) ) { - die_friendly('Upload failed', 'The server could not retrieve the array $_FILES[\'data\'].
'); + die_friendly($lang->get('upload_err_title'), '' . $lang->get('upload_err_cant_get_file_meta') . '
'); } if ( $file['size'] == 0 || $file['size'] > (int)getConfig('max_file_size') ) { - die_friendly('Upload failed', 'The file you uploaded is either too large or 0 bytes in length.
'); + die_friendly($lang->get('upload_err_title'), '' . $lang->get('upload_err_too_big_or_small') . '
'); } - /* - $allowed_mime_types = Array( - 'text/plain', - 'image/png', - 'image/jpeg', - 'image/tiff', - 'image/gif', - 'text/html', // Safe because the file is stashed in the database - 'application/x-bzip2', - 'application/x-gzip', - 'text/x-c++' - ); - if(function_exists('finfo_open') && $fi = finfo_open(FILEINFO_MIME, ENANO_ROOT.'/includes/magic')) // First try to use the fileinfo extension, this is the best way to determine the mimetype - { - if(!$fi) die_friendly('Upload failed', 'Enano was unable to determine the format of the uploaded file.
'.@finfo_file($fi, $file['tmp_name']).'
'); - $type = @finfo_file($fi, $file['tmp_name']); - @finfo_close($fi); - } - elseif(function_exists('mime_content_type')) - $type = mime_content_type($file['tmp_name']); // OK, no fileinfo function. Use a (usually) built-in PHP function - elseif(isset($file['type'])) - $type = $file['type']; // LAST RESORT: use the mimetype the browser sent us, though this is likely to be spoofed - else // DANG! Not even the browser told us. Bail out. - die_friendly('Upload failed', 'Enano was unable to determine the format of the uploaded file.
'); - */ + $types = fetch_allowed_extensions(); $ext = substr($file['name'], strrpos($file['name'], '.')+1, strlen($file['name'])); if ( !isset($types[$ext]) || ( isset($types[$ext]) && !$types[$ext] ) ) { - die_friendly('Upload failed', 'The file type ".'.$ext.'" is not allowed.
'); + die_friendly($lang->get('upload_err_title'), '' . $lang->get('upload_err_banned_ext', array('ext' => htmlspecialchars($ext))) . '
'); } $type = $mime_types[$ext]; //$type = explode(';', $type); $type = $type[0]; @@ -112,12 +89,16 @@ $bad_chars = Array(':', '\\', '/', '<', '>', '|', '*', '?', '"', '#', '+'); foreach($bad_chars as $ch) { - if(strstr($filename, $ch) || preg_match('/^([ ]+)$/is', $filename)) die_friendly('Upload failed', 'The filename contains invalid characters.
'); + if(strstr($filename, $ch) || preg_match('/^([ ]+)$/is', $filename)) + { + die_friendly($lang->get('upload_err_title'), '' . $lang->get('upload_err_banned_chars') . '
'); + } } if ( isset ( $paths->pages[ $paths->nslist['File'] . $filename ] ) && !isset ( $_POST['update'] ) ) { - die_friendly('Upload failed', 'The file already exists. You can upload a new version of this file.
'); + $upload_link = makeUrlNS('Special', 'UploadFile/'.$filename); + die_friendly($lang->get('upload_err_title'), '' . $lang->get('upload_err_already_exists', array('upload_link' => $upload_link)) . '
'); } else if ( isset($_POST['update']) && ( !isset($paths->pages[$paths->nslist['File'].$filename]) || @@ -126,7 +107,7 @@ ) ) { - die_friendly('Upload failed', 'Either the file does not exist (and therefore cannot be updated) or the file is protected.
'); + die_friendly($lang->get('upload_err_title'), '' . $lang->get('upload_err_replace_protected') . '
'); } $utime = time(); @@ -144,7 +125,7 @@ if(!@move_uploaded_file($file['tmp_name'], $targetname)) { - die_friendly('Upload failed', 'Could not move uploaded file to the new location.
'); + die_friendly($lang->get('upload_err_title'), '' . $lang->get('upload_err_move_failed') . '
'); } if(getConfig('file_history') != '1') @@ -162,7 +143,7 @@ { if(!$db->sql_query('INSERT INTO '.table_prefix.'logs(time_id,date_string,log_type,action,author,page_id,namespace,edit_summary) VALUES('.$utime.', \''.enano_date('d M Y h:i a').'\', \'page\', \'reupload\', \''.$session->username.'\', \''.$filename.'\', \''.'File'.'\', \''.$comments.'\');')) $db->_die('The page log could not be updated.'); } - die_friendly('Upload complete', 'Your file has been uploaded successfully. View the file\'s page.
'); + die_friendly($lang->get('upload_success_title'), '' . $lang->get('upload_success_body', array('file_link' => makeUrlNS('File', $filename))) . '
'); } else { @@ -170,40 +151,44 @@ $fn = $paths->getParam(0); if ( $fn && !$session->get_permissions('upload_new_version') ) { - die_friendly('Access denied', 'Uploading new versions of files has been disabled for your user account or group.
'); + die_friendly($lang->get('etc_access_denied_short'), '
' . $lang->get('upload_err_replace_denied') . '
'); } ?> -
Using this form you can upload a file to the site.
-The maximum file size is get('upload_intro'); ?>
+= 1048576) { $fs = round($fs / 1048576, 1); - echo ' ('.$fs.' MB)'; + $unitized = $fs . ' ' . $lang->get('etc_unit_megabytes_short'); } elseif($fs >= 1024) { $fs = round($fs / 1024, 1); - echo ' ('.$fs.' KB)'; + $unitized = $fs . ' ' . $lang->get('etc_unit_kilobytes_short'); } - ?>.
+ + echo $lang->get('upload_max_filesize', array( + 'size' => $unitized + )); + ?> @@ -215,6 +200,7 @@ function page_Special_DownloadFile() { global $db, $session, $paths, $template, $plugins; // Common objects + global $lang; global $do_gzip; $filename = rawurldecode($paths->getParam(0)); $timeid = $paths->getParam(1); @@ -235,7 +221,7 @@ if ( $db->numrows() < 1 ) { header('HTTP/1.1 404 Not Found'); - die_friendly('File not found', 'The file "'.htmlspecialchars($filename).'" cannot be found.
'); + die_friendly($lang->get('upload_err_not_found_title'), '' . $lang->get('upload_err_not_found_body', array('filename' => htmlspecialchars($filename))) . '
'); } $row = $db->fetchrow(); $db->free_result(); @@ -244,7 +230,7 @@ $perms = $session->fetch_page_acl($row['page_id'], 'File'); if ( !$perms->get_permissions('read') ) { - die_friendly('Access denied', 'Access to the specified file is denied.
'); + die_friendly($lang->get('etc_access_denied_short'), '' . $lang->get('etc_access_denied') . '
'); } $fname = ENANO_ROOT . '/files/' . $row['file_key'] . '_' . $row['time_id'] . $row['file_extension'];