From 8020ce0ac094a10800f376f6149c7c66f8ef5e37 Mon Sep 17 00:00:00 2001
From: Fabrizio Balliano <fabrizio.balliano@gmail.com>
Date: Fri, 6 Jan 2023 12:41:43 +0100
Subject: [PATCH] Better exceptions for file upload (#2902)

* Better exceptions for file upload

* PHPCS fixes

* PHPCS fixes
---
 lib/Varien/File/Uploader.php | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/lib/Varien/File/Uploader.php b/lib/Varien/File/Uploader.php
index 7ff010f217e..84996a075bf 100644
--- a/lib/Varien/File/Uploader.php
+++ b/lib/Varien/File/Uploader.php
@@ -32,6 +32,16 @@
 
 class Varien_File_Uploader
 {
+    public const UPLOAD_ERRORS = [
+        UPLOAD_ERR_INI_SIZE => 'The uploaded file exceeds the upload_max_filesize directive in php.ini',
+        UPLOAD_ERR_FORM_SIZE => 'The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form',
+        UPLOAD_ERR_PARTIAL => 'The uploaded file was only partially uploaded',
+        UPLOAD_ERR_NO_FILE => 'No file was uploaded',
+        UPLOAD_ERR_NO_TMP_DIR => 'Missing a temporary folder',
+        UPLOAD_ERR_CANT_WRITE => 'Failed to write file to disk',
+        UPLOAD_ERR_EXTENSION => 'A PHP extension stopped the file upload'
+    ];
+
     /**
      * Uploaded file handle (copy of $_FILES[] element)
      *
@@ -150,6 +160,10 @@ public function __construct($fileId)
     {
         $this->_setUploadFileId($fileId);
         if (empty($this->_file['tmp_name']) || !file_exists($this->_file['tmp_name'])) {
+            $errorCode = $this->_file['error'] ?? 0;
+            if ($errorCode && isset(self::UPLOAD_ERRORS[$errorCode])) {
+                throw new Exception(self::UPLOAD_ERRORS[$errorCode]);
+            }
             $code = empty($this->_file['tmp_name']) ? self::TMP_NAME_EMPTY : 0;
             throw new Exception('File was not uploaded.', $code);
         } else {