diff options
Diffstat (limited to 'phpBB/includes/functions_upload.php')
| -rw-r--r-- | phpBB/includes/functions_upload.php | 59 |
1 files changed, 47 insertions, 12 deletions
diff --git a/phpBB/includes/functions_upload.php b/phpBB/includes/functions_upload.php index b4e165502b..0847c3a550 100644 --- a/phpBB/includes/functions_upload.php +++ b/phpBB/includes/functions_upload.php @@ -1,9 +1,13 @@ <?php /** * -* @package phpBB3 -* @copyright (c) 2005 phpBB Group -* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -18,7 +22,6 @@ if (!defined('IN_PHPBB')) /** * Responsible for holding all file relevant information, as well as doing file-specific operations. * The {@link fileupload fileupload class} can be used to upload several files, each of them being this object to operate further on. -* @package phpBB3 */ class filespec { @@ -308,6 +311,9 @@ class filespec if (file_exists($this->destination_file) && !$overwrite) { @unlink($this->filename); + $this->error[] = $user->lang($this->upload->error_prefix . 'GENERAL_UPLOAD_ERROR', $this->destination_file); + $this->file_moved = false; + return false; } else { @@ -455,8 +461,6 @@ class filespec /** * Class for assigning error messages before a real filespec class can be assigned -* -* @package phpBB3 */ class fileerror extends filespec { @@ -469,8 +473,6 @@ class fileerror extends filespec /** * File upload class * Init class (all parameters optional and able to be set/overwritten separately) - scope is global and valid for all uploads -* -* @package phpBB3 */ class fileupload { @@ -483,6 +485,9 @@ class fileupload var $max_height = 0; var $error_prefix = ''; + /** @var int Timeout for remote upload */ + var $upload_timeout = 6; + /** * Init file upload class. * @@ -826,13 +831,28 @@ class fileupload fputs($fsock, "HOST: " . $host . "\r\n"); fputs($fsock, "Connection: close\r\n\r\n"); + // Set a proper timeout for the socket + socket_set_timeout($fsock, $this->upload_timeout); + $get_info = false; $data = ''; - while (!@feof($fsock)) + $length = false; + $timer_stop = time() + $this->upload_timeout; + + while ((!$length || $filesize < $length) && !@feof($fsock)) { if ($get_info) { - $block = @fread($fsock, 1024); + if ($length) + { + // Don't attempt to read past end of file if server indicated length + $block = @fread($fsock, min($length - $filesize, 1024)); + } + else + { + $block = @fread($fsock, 1024); + } + $filesize += strlen($block); if ($remote_max_filesize && $filesize > $remote_max_filesize) @@ -878,6 +898,15 @@ class fileupload } } } + + $stream_meta_data = stream_get_meta_data($fsock); + + // Cancel upload if we exceed timeout + if (!empty($stream_meta_data['timed_out']) || time() >= $timer_stop) + { + $file = new fileerror($user->lang[$this->error_prefix . 'REMOTE_UPLOAD_TIMEOUT']); + return $file; + } } @fclose($fsock); @@ -1049,7 +1078,7 @@ class fileupload */ static public function image_types() { - return array( + $result = array( IMAGETYPE_GIF => array('gif'), IMAGETYPE_JPEG => array('jpg', 'jpeg'), IMAGETYPE_PNG => array('png'), @@ -1062,10 +1091,16 @@ class fileupload IMAGETYPE_JP2 => array('jpg', 'jpeg'), IMAGETYPE_JPX => array('jpg', 'jpeg'), IMAGETYPE_JB2 => array('jpg', 'jpeg'), - IMAGETYPE_SWC => array('swc'), IMAGETYPE_IFF => array('iff'), IMAGETYPE_WBMP => array('wbmp'), IMAGETYPE_XBM => array('xbm'), ); + + if (defined('IMAGETYPE_SWC')) + { + $result[IMAGETYPE_SWC] = array('swc'); + } + + return $result; } } |