Commit df5c0c5c authored by attiks's avatar attiks

Fix theme_webform_render_multifile

parent 82d7fdd4
......@@ -394,7 +394,8 @@ function theme_webform_render_multifile($element) {
$webform_nid = $element['#webform_component']['nid'];
$component_id = $element['#webform_component']['cid'];
$submission_id = arg(3);
if ($fids = unserialize($value)) {
module_load_include('inc', 'webform_multifile', 'safe_unserialize');
if ($fids = safe_unserialize($value)) {
$suffix = '';
foreach (webform_get_multifile($fids) as $file) {
$suffix .= '<div class="multifile-file"> ';
......@@ -538,7 +539,8 @@ function _webform_validate_multifile($element, &$form_state) {
* Implementation of _webform_submit_component().
*/
function _webform_submit_multifile($component, $value) {
$old_fids = isset($value['_old_fids']) ? unserialize($value['_old_fids']) : NULL;
module_load_include('inc', 'webform_multifile', 'safe_unserialize');
$old_fids = isset($value['_old_fids']) ? safe_unserialize($value['_old_fids']) : NULL;
if ($fids = $value['_fids']) {
$files = webform_get_multifile($fids);
......@@ -564,7 +566,8 @@ function _webform_submit_multifile($component, $value) {
* Implementation of _webform_display_component().
*/
function _webform_display_multifile($component, $value, $format = 'html') {
$fids = isset($value[0]) ? unserialize($value[0]) : NULL;
module_load_include('inc', 'webform_multifile', 'safe_unserialize');
$fids = isset($value[0]) ? safe_unserialize($value[0]) : NULL;
return array(
'#title' => $component['name'],
......@@ -606,7 +609,8 @@ function theme_webform_display_multifile($element) {
*/
function _webform_delete_multifile($component, $value) {
// Delete a set of files on an individual submission.
$fids = isset($value[0]) ? unserialize($value[0]) : NULL;
module_load_include('inc', 'webform_multifile', 'safe_unserialize');
$fids = isset($value[0]) ? safe_unserialize($value[0]) : NULL;
foreach (webform_get_multifile($fids) as $file) {
file_delete($file->filepath);
db_query("DELETE FROM {files} WHERE fid = '%d'", $file->fid);
......@@ -617,6 +621,7 @@ function _webform_delete_multifile($component, $value) {
* Implementation of _webform_analysis_component().
*/
function _webform_analysis_multifile($component, $sids = array()) {
module_load_include('inc', 'webform_multifile', 'safe_unserialize');
$placeholders = count($sids) ? array_fill(0, count($sids), "'%s'") : array();
$sidfilter = count($sids) ? " AND sid in (" . implode(",", $placeholders) . ")" : "";
$query = 'SELECT data ' .
......@@ -630,7 +635,7 @@ function _webform_analysis_multifile($component, $sids = array()) {
$result = db_query($query, array_merge(array($component['nid'], $component['cid']), $sids));
$numfiles = 0;
while ($data = db_fetch_array($result)) {
if ($fids = unserialize($data['data'])) {
if ($fids = safe_unserialize($data['data'])) {
$counter = 0;
foreach (webform_get_multifile($fids) as $file) {
if (isset($file->filesize)) {
......@@ -657,8 +662,9 @@ function _webform_analysis_multifile($component, $sids = array()) {
* Implementation of _webform_table_component().
*/
function _webform_table_multifile($component, $value) {
module_load_include('inc', 'webform_multifile', 'safe_unserialize');
$links = array();
if ($fids = (isset($value[0]) ? unserialize($value[0]) : FALSE)) {
if ($fids = (isset($value[0]) ? safe_unserialize($value[0]) : FALSE)) {
foreach (webform_get_multifile($fids) as $file) {
if (!empty($file->fid)) {
$link = l(webform_multifile_name($file->filename), webform_multifile_url($file->filepath));
......@@ -688,9 +694,10 @@ function _webform_csv_headers_multifile($component, $export_options) {
* Implementation of _webform_csv_data_component().
*/
function _webform_csv_data_multifile($component, $export_options, $value) {
module_load_include('inc', 'webform_multifile', 'safe_unserialize');
$filenames = array();
$sizes = array();
if ($fids = (isset($value[0]) ? unserialize($value[0]) : FALSE)) {
if ($fids = (isset($value[0]) ? safe_unserialize($value[0]) : FALSE)) {
foreach (webform_get_multifile($fids) as $file) {
$filenames[] = webform_multifile_url($file->filepath);
$sizes[] = (int) ($file->filesize/1024);
......@@ -709,8 +716,9 @@ function _webform_csv_data_multifile($component, $export_options, $value) {
* Implementation of _webform_get_files_component().
*/
function _webform_get_files_multifile($value) {
module_load_include('inc', 'webform_multifile', 'safe_unserialize');
$files = array();
if ($fids = (isset($value[0]) ? unserialize($value[0]) : FALSE)) {
if ($fids = (isset($value[0]) ? safe_unserialize($value[0]) : FALSE)) {
foreach (webform_get_multifile($fids) as $file) {
$files[] = $file;
}
......@@ -801,8 +809,9 @@ function _webform_multifile_get_files_array_value($value, $form_key) {
* Implements _webform_attachments_component().
*/
function _webform_attachments_multifile($component, $value) {
module_load_include('inc', 'webform_multifile', 'safe_unserialize');
static $files = array();
$fids = unserialize($value[0]);
$fids = safe_unserialize($value[0]);
$return_files = array();
foreach ($fids as $fid) {
if (!isset($files[$fid])) {
......
<?php
/**
* @file
* Contains helper functions for webform_multifile_update_7001().
*/
/**
* Safe unserialize() replacement
* - accepts a strict subset of PHP's native serialized representation
* - does not unserialize objects
*
* @param string $str
* @return mixed
* @throw Exception if $str is malformed or contains unsupported types (e.g., resources, objects)
*/
function _safe_unserialize($str) {
if (empty($str) || !is_string($str)) {
return false;
}
$stack = array();
$expected = array();
/*
* states:
* 0 - initial state, expecting a single value or array
* 1 - terminal state
* 2 - in array, expecting end of array or a key
* 3 - in array, expecting value or another array
*/
$state = 0;
while ($state != 1) {
$type = isset($str[0]) ? $str[0] : '';
if ($type == '}') {
$str = substr($str, 1);
}
else if ($type == 'N' && $str[1] == ';') {
$value = null;
$str = substr($str, 2);
}
else if ($type == 'b' && preg_match('/^b:([01]);/', $str, $matches)) {
$value = $matches[1] == '1' ? true : false;
$str = substr($str, 4);
}
else if ($type == 'i' && preg_match('/^i:(-?[0-9]+);(.*)/s', $str, $matches)) {
$value = (int) $matches[1];
$str = $matches[2];
}
else if ($type == 'd' && preg_match('/^d:(-?[0-9]+\.?[0-9]*(E[+-][0-9]+)?);(.*)/s', $str, $matches)) {
$value = (float) $matches[1];
$str = $matches[3];
}
else if ($type == 's' && preg_match('/^s:([0-9]+):"(.*)/s', $str, $matches) && substr($matches[2], (int) $matches[1], 2) == '";') {
$value = substr($matches[2], 0, (int) $matches[1]);
$str = substr($matches[2], (int) $matches[1] + 2);
}
else if ($type == 'a' && preg_match('/^a:([0-9]+):{(.*)/s', $str, $matches)) {
$expectedLength = (int) $matches[1];
$str = $matches[2];
}
else {
// object or unknown/malformed type
return false;
}
switch ($state) {
case 3: // in array, expecting value or another array
if ($type == 'a') {
$stack[] = &$list;
$list[$key] = array();
$list = &$list[$key];
$expected[] = $expectedLength;
$state = 2;
break;
}
if ($type != '}') {
$list[$key] = $value;
$state = 2;
break;
}
// missing array value
return false;
case 2: // in array, expecting end of array or a key
if ($type == '}') {
if (count($list) < end($expected)) {
// array size less than expected
return false;
}
unset($list);
$list = &$stack[count($stack) - 1];
array_pop($stack);
// go to terminal state if we're at the end of the root array
array_pop($expected);
if (count($expected) == 0) {
$state = 1;
}
break;
}
if ($type == 'i' || $type == 's') {
if (count($list) >= end($expected)) {
// array size exceeds expected length
return false;
}
$key = $value;
$state = 3;
break;
}
// illegal array index type
return false;
case 0: // expecting array or value
if ($type == 'a') {
$data = array();
$list = &$data;
$expected[] = $expectedLength;
$state = 2;
break;
}
if ($type != '}') {
$data = $value;
$state = 1;
break;
}
// not in array
return false;
}
}
if (!empty($str)) {
// trailing data in input
return false;
}
return $data;
}
/**
* Wrapper for _safe_unserialize() that handles exceptions and multibyte encoding issue
*
* @param string $str
* @return mixed
*/
function safe_unserialize($str) {
// ensure we use the byte count for strings even when strlen() is overloaded by mb_strlen()
if (function_exists('mb_internal_encoding') &&
(((int) ini_get('mbstring.func_overload')) & 2)) {
$mbIntEnc = mb_internal_encoding();
mb_internal_encoding('ASCII');
}
$out = _safe_unserialize($str);
if (isset($mbIntEnc)) {
mb_internal_encoding($mbIntEnc);
}
return $out;
}
......@@ -72,10 +72,11 @@ function webform_multifile_delete_form($form, &$form_state, $webform, $submissio
+ * Form submit callback.
+ */
function webform_multifile_delete_form_submit($form, &$form_state) {
module_load_include('inc', 'webform_multifile', 'safe_unserialize');
$filepath = file_load($form_state['values']['filepath']);
file_delete($filepath);
// Update the submission data and re-save it without the deleted fid.
$fids = unserialize($form_state['values']['submission']->data[$form_state['values']['component_id']]['value'][0]);
$fids = safe_unserialize($form_state['values']['submission']->data[$form_state['values']['component_id']]['value'][0]);
$key = array_search($form_state['values']['fid'], $fids);
unset($fids[$key]);
$form_state['values']['submission']->data[$form_state['values']['component_id']]['value'][0] = serialize($fids);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment