Skip to content
This repository has been archived by the owner on Feb 23, 2021. It is now read-only.

fix checking file path for empty type (for thumbnails to work) #141

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

fix checking file path for empty type (for thumbnails to work) #141

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
8da6209
fix checking file path for empty type (for thumbnails to work)
Eccenux Apr 27, 2016
88f776b
new config: allow overwitting files on upload
Eccenux Apr 27, 2016
7936d26
don't show linux-style hidden files in browser
Eccenux Apr 27, 2016
9f2bc20
fix: even when normalizing names overwritten file can contain `(1)`.
Eccenux Apr 27, 2016
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions conf/config.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -112,6 +112,7 @@
'_check4htaccess' => true,
'_normalizeFilenames' => false,
'_dropUploadMaxFilesize' => 10485760,
'_appendUniqueSuffixOnOverwrite' => true, // If it is set to true files will not be overwritten and instead (upon coflict) a numeric suffix will be appended to uploaded file name.
//'_tinyMCEPath' => "/tiny_mce",
//'_cssMinCmd' => "java -jar /path/to/yuicompressor.jar --type css {file}",
//'_jsMinCmd' => "java -jar /path/to/yuicompressor.jar --type js {file}",
Expand Down
5 changes: 4 additions & 1 deletion core/class/browser.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -673,7 +673,10 @@ protected function moveUploadFile($file, $dir) {
}

$filename = $this->normalizeFilename($file['name']);
$target = "$dir/" . file::getInexistantFilename($filename, $dir);
if (isset($this->config['_appendUniqueSuffixOnOverwrite']) && $this->config['_appendUniqueSuffixOnOverwrite']) {
$filename = file::getInexistantFilename($filename, $dir);
}
$target = "$dir/$filename";

if (!@move_uploaded_file($file['tmp_name'], $target) &&
!@rename($file['tmp_name'], $target) &&
Expand Down
8 changes: 5 additions & 3 deletions core/class/uploader.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -103,7 +103,7 @@ public function __construct() {
)
$this->cms = $_GET['cms'];

// LINKING UPLOADED FILE
// LINKING UPLOADED FILE
if (count($_FILES))
$this->file = &$_FILES[key($_FILES)];

Expand Down Expand Up @@ -358,7 +358,9 @@ protected function checkFilePath($file) {
$rPath = realpath($file);
if (strtoupper(substr(PHP_OS, 0, 3)) == "WIN")
$rPath = str_replace("\\", "/", $rPath);
return (substr($rPath, 0, strlen($this->typeDir)) === $this->typeDir);
$rPath = rtrim($rPath, '/') . '/';
$baseDir = rtrim($this->typeDir, '/') . '/';
return (substr($rPath, 0, strlen($baseDir)) === $baseDir);
}

protected function checkFilename($file) {
Expand All @@ -367,7 +369,7 @@ protected function checkFilename($file) {
(
isset($this->config['_normalizeFilenames']) &&
$this->config['_normalizeFilenames'] &&
preg_match('/[^0-9a-z\.\- _]/si', $file)
preg_match('/[^0-9a-z\.\- _\(\)]/si', $file) // note `(1)` is added to file name when preventing overwrite
)
)
return false;
Expand Down
2 changes: 1 addition & 1 deletion lib/helper_dir.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -95,7 +95,7 @@ static function content($dir, array $options=null) {
'types' => "all", // Allowed: "all" or possible return values
// of filetype(), or an array with them
'addPath' => true, // Whether to add directory path to filenames
'pattern' => '/./', // Regular expression pattern for filename
'pattern' => '/^[^\.].+/', // Regular expression pattern for filename -- by default don't show hidden files
'followLinks' => true
);

Expand Down