summaryrefslogtreecommitdiff
path: root/actions
diff options
context:
space:
mode:
Diffstat (limited to 'actions')
-rw-r--r--actions/newnotice.php69
1 files changed, 33 insertions, 36 deletions
diff --git a/actions/newnotice.php b/actions/newnotice.php
index a24d62684..3e6ff1518 100644
--- a/actions/newnotice.php
+++ b/actions/newnotice.php
@@ -113,12 +113,12 @@ class NewnoticeAction extends Action
}
}
- function isSupportedFileType() {
+ function getUploadedFileType() {
require_once 'MIME/Type.php';
$filetype = MIME_Type::autoDetect($_FILES['attach']['tmp_name']);
if (in_array($filetype, common_config('attachments', 'supported'))) {
- return true;
+ return $filetype;
}
$media = MIME_Type::getMedia($filetype);
if ('application' !== $media) {
@@ -186,43 +186,39 @@ class NewnoticeAction extends Action
}
if (isset($_FILES['attach']['error'])) {
- switch ($_FILES['attach']['error']) {
- case UPLOAD_ERR_NO_FILE:
- // no file uploaded
- // nothing to do
- break;
+ switch ($_FILES['attach']['error']) {
+ case UPLOAD_ERR_NO_FILE:
+ // no file uploaded, nothing to do
+ break;
- case UPLOAD_ERR_OK:
- // file was uploaded alright
- // lets check if we really support its format
- // and it doesn't go over quotas
+ case UPLOAD_ERR_OK:
+ $mimetype = $this->getUploadedFileType();
+ if (!$this->isRespectsQuota($user)) {
+ die('clientError() should trigger an exception before reaching here.');
+ }
+ break;
- if (!$this->isSupportedFileType() || !$this->isRespectsQuota($user)) {
- die('clientError() should trigger an exception before reaching here.');
- }
- break;
+ case UPLOAD_ERR_INI_SIZE:
+ $this->clientError(_('The uploaded file exceeds the upload_max_filesize directive in php.ini.'));
- case UPLOAD_ERR_INI_SIZE:
- $this->clientError(_('The uploaded file exceeds the upload_max_filesize directive in php.ini.'));
+ case UPLOAD_ERR_FORM_SIZE:
+ $this->clientError(_('The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form.'));
- case UPLOAD_ERR_FORM_SIZE:
- $this->clientError(_('The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form.'));
+ case UPLOAD_ERR_PARTIAL:
+ $this->clientError(_('The uploaded file was only partially uploaded.'));
- case UPLOAD_ERR_PARTIAL:
- $this->clientError(_('The uploaded file was only partially uploaded.'));
+ case UPLOAD_ERR_NO_TMP_DIR:
+ $this->clientError(_('Missing a temporary folder.'));
- case UPLOAD_ERR_NO_TMP_DIR:
- $this->clientError(_('Missing a temporary folder.'));
+ case UPLOAD_ERR_CANT_WRITE:
+ $this->clientError(_('Failed to write file to disk.'));
- case UPLOAD_ERR_CANT_WRITE:
- $this->clientError(_('Failed to write file to disk.'));
+ case UPLOAD_ERR_EXTENSION:
+ $this->clientError(_('File upload stopped by extension.'));
- case UPLOAD_ERR_EXTENSION:
- $this->clientError(_('File upload stopped by extension.'));
-
- default:
- die('Should never reach here.');
- }
+ default:
+ die('Should never reach here.');
+ }
}
$notice = Notice::saveNew($user->id, $content_shortened, 'web', 1,
@@ -232,7 +228,9 @@ class NewnoticeAction extends Action
$this->clientError($notice);
}
- $this->storeFile($notice);
+ if (isset($mimetype)) {
+ $this->storeFile($notice, $mimetype);
+ }
$this->saveUrls($notice);
common_broadcast_notice($notice);
@@ -259,8 +257,7 @@ class NewnoticeAction extends Action
}
}
- function storeFile($notice) {
- if (UPLOAD_ERR_NO_FILE === $_FILES['attach']['error']) return;
+ function storeFile($notice, $mimetype) {
$filename = basename($_FILES['attach']['name']);
$destination = "file/{$notice->id}-$filename";
if (move_uploaded_file($_FILES['attach']['tmp_name'], INSTALLDIR . "/$destination")) {
@@ -268,7 +265,7 @@ class NewnoticeAction extends Action
$file->url = common_local_url('file', array('notice' => $notice->id));
$file->size = filesize(INSTALLDIR . "/$destination");
$file->date = time();
- $file->mimetype = $_FILES['attach']['type'];
+ $file->mimetype = $mimetype;
if ($file_id = $file->insert()) {
$file_redir = new File_redirection;
$file_redir->url = common_path($destination);
@@ -285,7 +282,6 @@ class NewnoticeAction extends Action
}
}
-
/** save all urls in the notice to the db
*
* follow redirects and save all available file information
@@ -408,3 +404,4 @@ class NewnoticeAction extends Action
$nli->show();
}
}
+