james/fembooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Changed upload to detect unrecognized files so that it doesn't just blankly refresh when the type isn't handled

Browse Source
This commit is contained in:
Matthew Barbour 2019-06-14 12:59:58 -05:00 committed by matthew
parent 58acb71282
commit 8950d27d64
1 changed files with 30 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
ext/upload/main.php
View File

@ -27,7 +27,6 @@ class DataUploadEvent extends Event
public $merged = false; public $merged = false;
/** /**
* Some data is being uploaded. * Some data is being uploaded.
* This should be caught by a file handler. * This should be caught by a file handler.
@ -49,10 +48,10 @@ class DataUploadEvent extends Event
if ($config->get_bool("upload_use_mime")) { if ($config->get_bool("upload_use_mime")) {
$this->set_type(get_extension_from_mime($tmpname)); $this->set_type(get_extension_from_mime($tmpname));
} else { } else {
if (array_key_exists('extension', $metadata)&&!empty($metadata['extension'])) { if (array_key_exists('extension', $metadata) && !empty($metadata['extension'])) {
$this->type = strtolower($metadata['extension']); $this->type = strtolower($metadata['extension']);
} else { } else {
throw new UploadException("Could not determine extension for file ".$metadata["filename"]); throw new UploadException("Could not determine extension for file " . $metadata["filename"]);
} }
} }
} }
@ -130,9 +129,9 @@ class Upload extends Extension
$sb->position = 10; $sb->position = 10;
// Output the limits from PHP so the user has an idea of what they can set. // Output the limits from PHP so the user has an idea of what they can set.
$sb->add_int_option("upload_count", "Max uploads: "); $sb->add_int_option("upload_count", "Max uploads: ");
$sb->add_label("<i>PHP Limit = ".ini_get('max_file_uploads')."</i>"); $sb->add_label("<i>PHP Limit = " . ini_get('max_file_uploads') . "</i>");
$sb->add_shorthand_int_option("upload_size", "<br/>Max size per file: "); $sb->add_shorthand_int_option("upload_size", "<br/>Max size per file: ");
$sb->add_label("<i>PHP Limit = ".ini_get('upload_max_filesize')."</i>"); $sb->add_label("<i>PHP Limit = " . ini_get('upload_max_filesize') . "</i>");
$sb->add_choice_option("transload_engine", $tes, "<br/>Transload: "); $sb->add_choice_option("transload_engine", $tes, "<br/>Transload: ");
$sb->add_bool_option("upload_tlsource", "<br/>Use transloaded URL as source if none is provided: "); $sb->add_bool_option("upload_tlsource", "<br/>Use transloaded URL as source if none is provided: ");
$sb->add_bool_option("upload_use_mime", "<br/>Use mime type to determine file types: "); $sb->add_bool_option("upload_use_mime", "<br/>Use mime type to determine file types: ");
@ -314,7 +313,7 @@ class Upload extends Extension
* #param string[] $file * #param string[] $file
* #param string[] $tags * #param string[] $tags
*/ */
private function try_upload(array $file, array $tags, ?string $source=null, int $replace=-1): bool private function try_upload(array $file, array $tags, ?string $source = null, int $replace = -1): bool
{ {
global $page; global $page;
@ -348,11 +347,14 @@ class Upload extends Extension
$event = new DataUploadEvent($file['tmp_name'], $metadata); $event = new DataUploadEvent($file['tmp_name'], $metadata);
send_event($event); send_event($event);
$page->add_http_header("X-Shimmie-Image-ID: ".int_escape($event->image_id)); if ($event->image_id == -1) {
throw new UploadException("File type not supported: " . $metadata['extension']);
}
$page->add_http_header("X-Shimmie-Image-ID: " . int_escape($event->image_id));
} catch (UploadException $ex) { } catch (UploadException $ex) {
$this->theme->display_upload_error( $this->theme->display_upload_error(
$page, $page,
"Error with ".html_escape($file['name']), "Error with " . html_escape($file['name']),
$ex->getMessage() $ex->getMessage()
); );
$ok = false; $ok = false;
@ -362,7 +364,7 @@ class Upload extends Extension
return $ok; return $ok;
} }
private function try_transload(string $url, array $tags, string $source=null, int $replace=-1): bool private function try_transload(string $url, array $tags, string $source = null, int $replace = -1): bool
{ {
global $page, $config, $user; global $page, $config, $user;
@ -394,8 +396,8 @@ class Upload extends Extension
if (!$headers) { if (!$headers) {
$this->theme->display_upload_error( $this->theme->display_upload_error(
$page, $page,
"Error with ".html_escape($filename), "Error with " . html_escape($filename),
"Error reading from ".html_escape($url) "Error reading from " . html_escape($url)
); );
return false; return false;
} }
@ -403,7 +405,7 @@ class Upload extends Extension
if (filesize($tmp_filename) == 0) { if (filesize($tmp_filename) == 0) {
$this->theme->display_upload_error( $this->theme->display_upload_error(
$page, $page,
"Error with ".html_escape($filename), "Error with " . html_escape($filename),
"No data found -- perhaps the site has hotlink protection?" "No data found -- perhaps the site has hotlink protection?"
); );
$ok = false; $ok = false;
@ -441,10 +443,13 @@ class Upload extends Extension
try { try {
$event = new DataUploadEvent($tmp_filename, $metadata); $event = new DataUploadEvent($tmp_filename, $metadata);
send_event($event); send_event($event);
if ($event->image_id == -1) {
throw new UploadException("File type not supported: " . $metadata['extension']);
}
} catch (UploadException $ex) { } catch (UploadException $ex) {
$this->theme->display_upload_error( $this->theme->display_upload_error(
$page, $page,
"Error with ".html_escape($url), "Error with " . html_escape($url),
$ex->getMessage() $ex->getMessage()
); );
$ok = false; $ok = false;