#72545 by pwolanin, validation for upload module administration.

0299beb0 · Neil Drumm · 4387247a · 0299beb0 · 0299beb0
Commit 0299beb0 authored 18 years ago by Neil Drumm
--- a/includes/file.inc
+++ b/includes/file.inc
@@ -712,4 +712,40 @@ function file_directory_path() {
  return variable_get('file_directory_path', 'files');
 }

+/**
+ * Helper function for file_upload_max_size().
+ */
+function _file_convert_to_mb($val){
+  $val = trim($val);
+  $last = strtolower($val[strlen($val) - 1]);
+  switch ($last) {
+    // The 'G' modifier is available since PHP 5.1.0
+    case 'g':
+      $size = $val * 1024;
+      break;
+    case 'k':
+      $size = $val / 1024;
+      break;
+    default:
+      $size = (int) $val;
+  }
+  return $size;
+}
+
+/**
+ * Determine the maximum file upload size by querying the PHP settings.
+ *
+ * @return
+ *   A file size limit in MB based on the PHP upload_max_filesize and post_max_size
+ */
+function file_upload_max_size() {
+  static $max_size = -1;

+  if ($max_size < 0) {
+    $upload_max = _file_convert_to_mb(ini_get('upload_max_filesize'));
+    // sanity check- a single upload should not be more than 50% the size limit of the total post
+    $post_max = _file_convert_to_mb(ini_get('post_max_size')) / 2;
+    $max_size = ($upload_max < $post_max) ? $upload_max : $post_max;
+  }
+  return $max_size;
+}
--- a/modules/upload/upload.module
+++ b/modules/upload/upload.module
@@ -112,6 +112,59 @@ function upload_menu($may_cache) {
  return $items;
 }

+/**
+ * Form API callback to validate the upload settings form.
+ */
+function upload_admin_settings_validate($form_id, $form_values) {
+  if (($form_values['upload_max_resolution'] != '0')) {
+    if (!preg_match('/^[0-9]+x[0-9]+$/', $form_values['upload_max_resolution'])) {
+      form_set_error('upload_max_resolution', t('The maximum allowed image size expressed as WIDTHxHEIGHT (e.g. 640x480). Set to 0 for no restriction.'));
+    }
+  }
+
+  $default_uploadsize = $form_values['upload_uploadsize_default'];
+  $default_usersize = $form_values['upload_usersize_default'];
+
+  $exceed_max_msg = t('Your PHP settings limit the maximum file size per upload to %size MB.', array('%size' => file_upload_max_size())).'<br/>';
+  $more_info = t("Depending on your sever environment, these settings may be changed in the system-wide php.ini file, a php.ini file in your Drupal root directory, in your Drupal site's settings.php file, or in the .htaccess file in your Drupal root directory.");
+
+  if (!is_numeric($default_uploadsize) || ($default_uploadsize <= 0)) {
+    form_set_error('upload_uploadsize_default', t('The %role file size limit must be a number and greater than zero.', array('%role' => t('default'))));
+  }
+  if (!is_numeric($default_usersize) || ($default_usersize <= 0)) {
+    form_set_error('upload_usersize_default', t('The %role file size limit must be a number and greater than zero.', array('%role' => t('default'))));
+  }
+  if ($default_uploadsize > file_upload_max_size()) {
+   form_set_error('upload_uploadsize_default', $exceed_max_msg . $more_info);
+   $more_info = '';
+  }
+  if ($default_uploadsize > $default_usersize) {
+   form_set_error('upload_uploadsize_default', t('The %role maximum file size per upload is greater than the total file size allowed per user', array('%role' => t('default'))));
+  }
+
+  foreach ($form_values['roles'] as $rid => $role) {
+    $uploadsize = $form_values['upload_uploadsize_'. $rid];
+    $usersize = $form_values['upload_usersize_'. $rid];
+
+    if (!is_numeric($uploadsize) || ($uploadsize <= 0)) {
+      form_set_error('upload_uploadsize_'. $rid, t('The %role file size limit must be a number and greater than zero.', array('%role' => theme('placeholder', $role))));
+    }
+    if (!is_numeric($usersize) || ($usersize <= 0)) {
+      form_set_error('upload_usersize_'. $rid, t('The %role file size limit must be a number and greater than zero.', array('%role' => theme('placeholder', $role))));
+    }
+    if ($uploadsize > file_upload_max_size()) {
+     form_set_error('upload_uploadsize_'. $rid, $exceed_max_msg . $more_info);
+     $more_info = '';
+    }
+    if ($uploadsize > $usersize) {
+     form_set_error('upload_uploadsize_'. $rid, t('The %role maximum file size per upload is greater than the total file size allowed per user', array('%role' => theme('placeholder', $role))));
+    }
+  }
+}
+
+/**
+ * Menu callback for the upload settings form.
+ */
 function upload_admin_settings() {
  $upload_extensions_default = variable_get('upload_extensions_default', 'jpg jpeg gif png txt html doc xls pdf ppt pps');
  $upload_uploadsize_default = variable_get('upload_uploadsize_default', 1);
@@ -162,34 +215,37 @@ function upload_admin_settings() {
    '#description' => t('The default maximum size of all files a user can have on the site (in megabytes).'),
  );

+  $form['upload_max_size'] = array('#value' => '<p>'. t('Your PHP settings limit the maximum file size per upload to %size MB.', array('%size' => file_upload_max_size())).'</p>');
+
  $roles = user_roles(0, 'upload files');
+  $form['roles'] = array('#type' => 'value', '#value' => $roles);

  foreach ($roles as $rid => $role) {
-    $form["settings_role_$rid"] = array(
+    $form['settings_role_'. $rid] = array(
      '#type' => 'fieldset',
      '#title' => t('Settings for %role', array('%role' => theme('placeholder', $role))),
      '#collapsible' => TRUE,
      '#collapsed' => TRUE,
    );
-    $form["settings_role_$rid"]["upload_extensions_$rid"] = array(
+    $form['settings_role_'. $rid]['upload_extensions_'. $rid] = array(
      '#type' => 'textfield',
      '#title' => t('Permitted file extensions'),
-      '#default_value' => variable_get("upload_extensions_$rid", $upload_extensions_default),
+      '#default_value' => variable_get('upload_extensions_'. $rid, $upload_extensions_default),
      '#maxlength' => 255,
      '#description' => t('Extensions that users in this role can upload. Separate extensions with a space and do not include the leading dot.'),
    );
-    $form["settings_role_$rid"]["upload_uploadsize_$rid"] = array(
+    $form['settings_role_'. $rid]['upload_uploadsize_'. $rid] = array(
      '#type' => 'textfield',
      '#title' => t('Maximum file size per upload'),
-      '#default_value' => variable_get("upload_uploadsize_$rid", $upload_uploadsize_default),
+      '#default_value' => variable_get('upload_uploadsize_'. $rid, $upload_uploadsize_default),
      '#size' => 5,
      '#maxlength' => 5,
      '#description' => t('The maximum size of a file a user can upload (in megabytes).'),
    );
-    $form["settings_role_$rid"]["upload_usersize_$rid"] = array(
+    $form['settings_role_'. $rid]['upload_usersize_'. $rid] = array(
      '#type' => 'textfield',
      '#title' => t('Total file size per user'),
-      '#default_value' => variable_get("upload_usersize_$rid", $upload_usersize_default),
+      '#default_value' => variable_get('upload_usersize_'. $rid, $upload_usersize_default),
      '#size' => 5,
      '#maxlength' => 5,
      '#description' => t('The maximum size of all files a user can have on the site (in megabytes).'),