From f75af6a90876e75eef9cb48404b8dbe10554990d Mon Sep 17 00:00:00 2001
From: shish <shish@7f39781d-f577-437e-ae19-be835c7a54ca>
Date: Fri, 20 Jul 2007 09:34:31 +0000
Subject: [PATCH] fixes

git-svn-id: file:///home/shish/svn/shimmie2/trunk@342 7f39781d-f577-437e-ae19-be835c7a54ca
---
 ext/upload/main.php | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

diff --git a/ext/upload/main.php b/ext/upload/main.php
index 056c002d..cc4a8e48 100644
--- a/ext/upload/main.php
+++ b/ext/upload/main.php
@@ -110,6 +110,8 @@ class Upload extends Extension {
 
 		$ok = false;
 
+		// PHP falls back to system default if /tmp fails, can't we just
+		// use the system default to start with? :-/
 		$tmp_filename = tempnam("/tmp", "shimmie_transload");
 
 		if($config->get_string("transload_engine") == "fopen") {
@@ -119,11 +121,13 @@ class Upload extends Extension {
 					"Error reading from ".html_escape($url));
 				return false;
 			}
-			$data = fread($fp, $config->get_int('upload_size'));
+			$data = "";
+			while(!feof($fp) && $length <= $config->get_int('upload_size')) {
+				$data .= fread($fp, 8192);
+				$length = strlen($data);
+			}
 			fclose($fp);
 
-			// PHP falls back to system default if /tmp fails, can't we just
-			// use the system default to start with? :-/
 			$fp = fopen($tmp_filename, "w");
 			fwrite($fp, $data);
 			fclose($fp);
@@ -141,7 +145,12 @@ class Upload extends Extension {
 			fclose($fp);
 		}
 		
-		if(!($info = getimagesize($tmp_filename))) {
+		if(filesize($tmp_filename) > $config->get_int('upload_size')) {
+			$this->theme->display_upload_error($page, "Error with ".html_escape($file['name']),
+				"File too large (".filesize($tmp_filename)." &gt; ".
+				($config->get_int('upload_size')).")");
+		}
+		else if(!($info = getimagesize($tmp_filename))) {
 			$this->theme->display_upload_error($page, "Error with ".html_escape(basename($url)),
 				"PHP doesn't recognise this as an image file");
 		}