From 0299beb05ee4af647fbb25ae113018e05aeb39ba Mon Sep 17 00:00:00 2001
From: Neil Drumm <drumm@3064.no-reply.drupal.org>
Date: Sun, 6 Aug 2006 22:49:27 +0000
Subject: [PATCH] #72545 by pwolanin, validation for upload module
administration.
---
includes/file.inc | 36 +++++++++++++++++++
modules/upload/upload.module | 70 ++++++++++++++++++++++++++++++++----
2 files changed, 99 insertions(+), 7 deletions(-)
diff --git a/includes/file.inc b/includes/file.inc
index d234bb9de68e..0d8f53ea23a4 100644
--- a/includes/file.inc
+++ b/includes/file.inc
@@ -712,4 +712,40 @@ function file_directory_path() {
return variable_get('file_directory_path', 'files');
}
+/**
+ * Helper function for file_upload_max_size().
+ */
+function _file_convert_to_mb($val){
+ $val = trim($val);
+ $last = strtolower($val[strlen($val) - 1]);
+ switch ($last) {
+ // The 'G' modifier is available since PHP 5.1.0
+ case 'g':
+ $size = $val * 1024;
+ break;
+ case 'k':
+ $size = $val / 1024;
+ break;
+ default:
+ $size = (int) $val;
+ }
+ return $size;
+}
+
+/**
+ * Determine the maximum file upload size by querying the PHP settings.
+ *
+ * @return
+ * A file size limit in MB based on the PHP upload_max_filesize and post_max_size
+ */
+function file_upload_max_size() {
+ static $max_size = -1;
+ if ($max_size < 0) {
+ $upload_max = _file_convert_to_mb(ini_get('upload_max_filesize'));
+ // sanity check- a single upload should not be more than 50% the size limit of the total post
+ $post_max = _file_convert_to_mb(ini_get('post_max_size')) / 2;
+ $max_size = ($upload_max < $post_max) ? $upload_max : $post_max;
+ }
+ return $max_size;
+}
diff --git a/modules/upload/upload.module b/modules/upload/upload.module
index 99455281d9bc..6ad97cc53e59 100644
--- a/modules/upload/upload.module
+++ b/modules/upload/upload.module
@@ -112,6 +112,59 @@ function upload_menu($may_cache) {
return $items;
}
+/**
+ * Form API callback to validate the upload settings form.
+ */
+function upload_admin_settings_validate($form_id, $form_values) {
+ if (($form_values['upload_max_resolution'] != '0')) {
+ if (!preg_match('/^[0-9]+x[0-9]+$/', $form_values['upload_max_resolution'])) {
+ form_set_error('upload_max_resolution', t('The maximum allowed image size expressed as WIDTHxHEIGHT (e.g. 640x480). Set to 0 for no restriction.'));
+ }
+ }
+
+ $default_uploadsize = $form_values['upload_uploadsize_default'];
+ $default_usersize = $form_values['upload_usersize_default'];
+
+ $exceed_max_msg = t('Your PHP settings limit the maximum file size per upload to %size MB.', array('%size' => file_upload_max_size())).'<br/>';
+ $more_info = t("Depending on your sever environment, these settings may be changed in the system-wide php.ini file, a php.ini file in your Drupal root directory, in your Drupal site's settings.php file, or in the .htaccess file in your Drupal root directory.");
+
+ if (!is_numeric($default_uploadsize) || ($default_uploadsize <= 0)) {
+ form_set_error('upload_uploadsize_default', t('The %role file size limit must be a number and greater than zero.', array('%role' => t('default'))));
+ }
+ if (!is_numeric($default_usersize) || ($default_usersize <= 0)) {
+ form_set_error('upload_usersize_default', t('The %role file size limit must be a number and greater than zero.', array('%role' => t('default'))));
+ }
+ if ($default_uploadsize > file_upload_max_size()) {
+ form_set_error('upload_uploadsize_default', $exceed_max_msg . $more_info);
+ $more_info = '';
+ }
+ if ($default_uploadsize > $default_usersize) {
+ form_set_error('upload_uploadsize_default', t('The %role maximum file size per upload is greater than the total file size allowed per user', array('%role' => t('default'))));
+ }
+
+ foreach ($form_values['roles'] as $rid => $role) {
+ $uploadsize = $form_values['upload_uploadsize_'. $rid];
+ $usersize = $form_values['upload_usersize_'. $rid];
+
+ if (!is_numeric($uploadsize) || ($uploadsize <= 0)) {
+ form_set_error('upload_uploadsize_'. $rid, t('The %role file size limit must be a number and greater than zero.', array('%role' => theme('placeholder', $role))));
+ }
+ if (!is_numeric($usersize) || ($usersize <= 0)) {
+ form_set_error('upload_usersize_'. $rid, t('The %role file size limit must be a number and greater than zero.', array('%role' => theme('placeholder', $role))));
+ }
+ if ($uploadsize > file_upload_max_size()) {
+ form_set_error('upload_uploadsize_'. $rid, $exceed_max_msg . $more_info);
+ $more_info = '';
+ }
+ if ($uploadsize > $usersize) {
+ form_set_error('upload_uploadsize_'. $rid, t('The %role maximum file size per upload is greater than the total file size allowed per user', array('%role' => theme('placeholder', $role))));
+ }
+ }
+}
+
+/**
+ * Menu callback for the upload settings form.
+ */
function upload_admin_settings() {
$upload_extensions_default = variable_get('upload_extensions_default', 'jpg jpeg gif png txt html doc xls pdf ppt pps');
$upload_uploadsize_default = variable_get('upload_uploadsize_default', 1);
@@ -162,34 +215,37 @@ function upload_admin_settings() {
'#description' => t('The default maximum size of all files a user can have on the site (in megabytes).'),
);
+ $form['upload_max_size'] = array('#value' => '<p>'. t('Your PHP settings limit the maximum file size per upload to %size MB.', array('%size' => file_upload_max_size())).'</p>');
+
$roles = user_roles(0, 'upload files');
+ $form['roles'] = array('#type' => 'value', '#value' => $roles);
foreach ($roles as $rid => $role) {
- $form["settings_role_$rid"] = array(
+ $form['settings_role_'. $rid] = array(
'#type' => 'fieldset',
'#title' => t('Settings for %role', array('%role' => theme('placeholder', $role))),
'#collapsible' => TRUE,
'#collapsed' => TRUE,
);
- $form["settings_role_$rid"]["upload_extensions_$rid"] = array(
+ $form['settings_role_'. $rid]['upload_extensions_'. $rid] = array(
'#type' => 'textfield',
'#title' => t('Permitted file extensions'),
- '#default_value' => variable_get("upload_extensions_$rid", $upload_extensions_default),
+ '#default_value' => variable_get('upload_extensions_'. $rid, $upload_extensions_default),
'#maxlength' => 255,
'#description' => t('Extensions that users in this role can upload. Separate extensions with a space and do not include the leading dot.'),
);
- $form["settings_role_$rid"]["upload_uploadsize_$rid"] = array(
+ $form['settings_role_'. $rid]['upload_uploadsize_'. $rid] = array(
'#type' => 'textfield',
'#title' => t('Maximum file size per upload'),
- '#default_value' => variable_get("upload_uploadsize_$rid", $upload_uploadsize_default),
+ '#default_value' => variable_get('upload_uploadsize_'. $rid, $upload_uploadsize_default),
'#size' => 5,
'#maxlength' => 5,
'#description' => t('The maximum size of a file a user can upload (in megabytes).'),
);
- $form["settings_role_$rid"]["upload_usersize_$rid"] = array(
+ $form['settings_role_'. $rid]['upload_usersize_'. $rid] = array(
'#type' => 'textfield',
'#title' => t('Total file size per user'),
- '#default_value' => variable_get("upload_usersize_$rid", $upload_usersize_default),
+ '#default_value' => variable_get('upload_usersize_'. $rid, $upload_usersize_default),
'#size' => 5,
'#maxlength' => 5,
'#description' => t('The maximum size of all files a user can have on the site (in megabytes).'),
--
GitLab