aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB
diff options
context:
space:
mode:
authorAndreas Fischer <bantu@phpbb.com>2012-11-10 23:49:29 +0100
committerAndreas Fischer <bantu@phpbb.com>2012-11-10 23:49:29 +0100
commite86ecc0f3bd6383d31a670896720a970b8faaaa9 (patch)
tree0bb5af4cffd3b53f3225ea2c72670e343709d86d /phpBB
parent847feb07e784ccbe646257553f1efba8c5032b7f (diff)
parent1f9bff2126bbec514c4a7b675723bfe7f26c432e (diff)
downloadforums-e86ecc0f3bd6383d31a670896720a970b8faaaa9.tar
forums-e86ecc0f3bd6383d31a670896720a970b8faaaa9.tar.gz
forums-e86ecc0f3bd6383d31a670896720a970b8faaaa9.tar.bz2
forums-e86ecc0f3bd6383d31a670896720a970b8faaaa9.tar.xz
forums-e86ecc0f3bd6383d31a670896720a970b8faaaa9.zip
Merge remote-tracking branch 'Fyorl/ticket/10939' into develop
* Fyorl/ticket/10939: [ticket/10939] Added documentation for phpbb_request::file [ticket/10939] Added tests for phpbb_request::file [ticket/10939] Modified the default return for $request->file [ticket/10939] Modified fileupload tests to deal with new behaviour [ticket/10939] Modified mock request class to handle deactivated $_FILES [ticket/10939] Modified acp_groups.php to not use $_FILES [ticket/10939] Modified ucp_groups.php to not use $_FILES [ticket/10939] Modified functions_user.php to not use $_FILES [ticket/10939] Modified message_parser.php to not use $_FILES [ticket/10939] Modified functions_upload to not use $_FILES [ticket/10939] Modified request test slightly to include $_FILES [ticket/10939] Added $_FILES handling to phpbb_request
Diffstat (limited to 'phpBB')
-rw-r--r--phpBB/includes/acp/acp_groups.php6
-rw-r--r--phpBB/includes/functions_upload.php45
-rw-r--r--phpBB/includes/functions_user.php10
-rw-r--r--phpBB/includes/message_parser.php5
-rw-r--r--phpBB/includes/request/interface.php1
-rw-r--r--phpBB/includes/request/request.php14
-rw-r--r--phpBB/includes/ucp/ucp_groups.php5
7 files changed, 56 insertions, 30 deletions
diff --git a/phpBB/includes/acp/acp_groups.php b/phpBB/includes/acp/acp_groups.php
index 9621407211..b604e20094 100644
--- a/phpBB/includes/acp/acp_groups.php
+++ b/phpBB/includes/acp/acp_groups.php
@@ -26,6 +26,7 @@ class acp_groups
{
global $config, $db, $user, $auth, $template, $cache;
global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix, $file_uploads;
+ global $request;
$user->add_lang('acp/groups');
$this->tpl_name = 'acp_groups';
@@ -323,7 +324,8 @@ class acp_groups
$submit_ary['founder_manage'] = isset($_REQUEST['group_founder_manage']) ? 1 : 0;
}
- if (!empty($_FILES['uploadfile']['tmp_name']) || $data['uploadurl'] || $data['remotelink'])
+ $uploadfile = $request->file('uploadfile');
+ if (!empty($uploadfile['tmp_name']) || $data['uploadurl'] || $data['remotelink'])
{
// Avatar stuff
$var_ary = array(
@@ -337,7 +339,7 @@ class acp_groups
{
$data['user_id'] = "g$group_id";
- if ((!empty($_FILES['uploadfile']['tmp_name']) || $data['uploadurl']) && $can_upload)
+ if ((!empty($uploadfile['tmp_name']) || $data['uploadurl']) && $can_upload)
{
list($submit_ary['avatar_type'], $submit_ary['avatar'], $submit_ary['avatar_width'], $submit_ary['avatar_height']) = avatar_upload($data, $error);
}
diff --git a/phpBB/includes/functions_upload.php b/phpBB/includes/functions_upload.php
index d4c6b42cf4..b467aa93d1 100644
--- a/phpBB/includes/functions_upload.php
+++ b/phpBB/includes/functions_upload.php
@@ -566,10 +566,11 @@ class fileupload
*/
function form_upload($form_name)
{
- global $user;
+ global $user, $request;
- unset($_FILES[$form_name]['local_mode']);
- $file = new filespec($_FILES[$form_name], $this);
+ $upload = $request->file($form_name);
+ unset($upload['local_mode']);
+ $file = new filespec($upload, $this);
if ($file->init_error)
{
@@ -578,9 +579,9 @@ class fileupload
}
// Error array filled?
- if (isset($_FILES[$form_name]['error']))
+ if (isset($upload['error']))
{
- $error = $this->assign_internal_error($_FILES[$form_name]['error']);
+ $error = $this->assign_internal_error($upload['error']);
if ($error !== false)
{
@@ -590,7 +591,7 @@ class fileupload
}
// Check if empty file got uploaded (not catched by is_uploaded_file)
- if (isset($_FILES[$form_name]['size']) && $_FILES[$form_name]['size'] == 0)
+ if (isset($upload['size']) && $upload['size'] == 0)
{
$file->error[] = $user->lang[$this->error_prefix . 'EMPTY_FILEUPLOAD'];
return $file;
@@ -631,17 +632,17 @@ class fileupload
*/
function local_upload($source_file, $filedata = false)
{
- global $user;
+ global $user, $request;
- $form_name = 'local';
+ $upload = array();
- $_FILES[$form_name]['local_mode'] = true;
- $_FILES[$form_name]['tmp_name'] = $source_file;
+ $upload['local_mode'] = true;
+ $upload['tmp_name'] = $source_file;
if ($filedata === false)
{
- $_FILES[$form_name]['name'] = utf8_basename($source_file);
- $_FILES[$form_name]['size'] = 0;
+ $upload['name'] = utf8_basename($source_file);
+ $upload['size'] = 0;
$mimetype = '';
if (function_exists('mime_content_type'))
@@ -655,16 +656,16 @@ class fileupload
$mimetype = 'application/octetstream';
}
- $_FILES[$form_name]['type'] = $mimetype;
+ $upload['type'] = $mimetype;
}
else
{
- $_FILES[$form_name]['name'] = $filedata['realname'];
- $_FILES[$form_name]['size'] = $filedata['size'];
- $_FILES[$form_name]['type'] = $filedata['type'];
+ $upload['name'] = $filedata['realname'];
+ $upload['size'] = $filedata['size'];
+ $upload['type'] = $filedata['type'];
}
- $file = new filespec($_FILES[$form_name], $this);
+ $file = new filespec($upload, $this);
if ($file->init_error)
{
@@ -672,9 +673,9 @@ class fileupload
return $file;
}
- if (isset($_FILES[$form_name]['error']))
+ if (isset($upload['error']))
{
- $error = $this->assign_internal_error($_FILES[$form_name]['error']);
+ $error = $this->assign_internal_error($upload['error']);
if ($error !== false)
{
@@ -709,6 +710,7 @@ class fileupload
}
$this->common_checks($file);
+ $request->overwrite('local', $upload, phpbb_request_interface::FILES);
return $file;
}
@@ -1001,7 +1003,10 @@ class fileupload
*/
function is_valid($form_name)
{
- return (isset($_FILES[$form_name]) && $_FILES[$form_name]['name'] != 'none') ? true : false;
+ global $request;
+ $upload = $request->file($form_name);
+
+ return (!empty($upload) && $upload['name'] !== 'none');
}
diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php
index 0e347fe477..8f9c9198f4 100644
--- a/phpBB/includes/functions_user.php
+++ b/phpBB/includes/functions_user.php
@@ -2140,13 +2140,14 @@ function avatar_remote($data, &$error)
*/
function avatar_upload($data, &$error)
{
- global $phpbb_root_path, $config, $db, $user, $phpEx;
+ global $phpbb_root_path, $config, $db, $user, $phpEx, $request;
// Init upload class
include_once($phpbb_root_path . 'includes/functions_upload.' . $phpEx);
$upload = new fileupload('AVATAR_', array('jpg', 'jpeg', 'gif', 'png'), $config['avatar_filesize'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height'], (isset($config['mime_triggers']) ? explode('|', $config['mime_triggers']) : false));
- if (!empty($_FILES['uploadfile']['name']))
+ $uploadfile = $request->file('uploadfile');
+ if (!empty($uploadfile['name']))
{
$file = $upload->form_upload('uploadfile');
}
@@ -2369,7 +2370,7 @@ function avatar_get_dimensions($avatar, $avatar_type, &$error, $current_x = 0, $
*/
function avatar_process_user(&$error, $custom_userdata = false, $can_upload = null)
{
- global $config, $phpbb_root_path, $auth, $user, $db;
+ global $config, $phpbb_root_path, $auth, $user, $db, $request;
$data = array(
'uploadurl' => request_var('uploadurl', ''),
@@ -2411,7 +2412,8 @@ function avatar_process_user(&$error, $custom_userdata = false, $can_upload = nu
$can_upload = ($config['allow_avatar_upload'] && file_exists($phpbb_root_path . $config['avatar_path']) && phpbb_is_writable($phpbb_root_path . $config['avatar_path']) && $change_avatar && (@ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on')) ? true : false;
}
- if ((!empty($_FILES['uploadfile']['name']) || $data['uploadurl']) && $can_upload)
+ $uploadfile = $request->file('uploadfile');
+ if ((!empty($uploadfile['name']) || $data['uploadurl']) && $can_upload)
{
list($sql_ary['user_avatar_type'], $sql_ary['user_avatar'], $sql_ary['user_avatar_width'], $sql_ary['user_avatar_height']) = avatar_upload($data, $error);
}
diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php
index 6695047b56..1cd2a46fa1 100644
--- a/phpBB/includes/message_parser.php
+++ b/phpBB/includes/message_parser.php
@@ -1363,13 +1363,14 @@ class parse_message extends bbcode_firstpass
*/
function parse_attachments($form_name, $mode, $forum_id, $submit, $preview, $refresh, $is_message = false)
{
- global $config, $auth, $user, $phpbb_root_path, $phpEx, $db;
+ global $config, $auth, $user, $phpbb_root_path, $phpEx, $db, $request;
$error = array();
$num_attachments = sizeof($this->attachment_data);
$this->filename_data['filecomment'] = utf8_normalize_nfc(request_var('filecomment', '', true));
- $upload_file = (isset($_FILES[$form_name]) && $_FILES[$form_name]['name'] != 'none' && trim($_FILES[$form_name]['name'])) ? true : false;
+ $upload = $request->file($form_name);
+ $upload_file = (!empty($upload) && $upload['name'] !== 'none' && trim($upload['name']));
$add_file = (isset($_POST['add_file'])) ? true : false;
$delete_file = (isset($_POST['delete_file'])) ? true : false;
diff --git a/phpBB/includes/request/interface.php b/phpBB/includes/request/interface.php
index afd53002e3..741db35917 100644
--- a/phpBB/includes/request/interface.php
+++ b/phpBB/includes/request/interface.php
@@ -30,6 +30,7 @@ interface phpbb_request_interface
const REQUEST = 2;
const COOKIE = 3;
const SERVER = 4;
+ const FILES = 5;
/**#@-*/
/**
diff --git a/phpBB/includes/request/request.php b/phpBB/includes/request/request.php
index a06fc0d85d..ae3c526d89 100644
--- a/phpBB/includes/request/request.php
+++ b/phpBB/includes/request/request.php
@@ -34,6 +34,7 @@ class phpbb_request implements phpbb_request_interface
phpbb_request_interface::REQUEST => '_REQUEST',
phpbb_request_interface::COOKIE => '_COOKIE',
phpbb_request_interface::SERVER => '_SERVER',
+ phpbb_request_interface::FILES => '_FILES',
);
/**
@@ -269,6 +270,19 @@ class phpbb_request implements phpbb_request_interface
}
/**
+ * Shortcut method to retrieve $_FILES variables
+ *
+ * @param string $form_name The name of the file input form element
+ *
+ * @return array The uploaded file's information or an empty array if the
+ * variable does not exist in _FILES.
+ */
+ public function file($form_name)
+ {
+ return $this->variable($form_name, array('name' => 'none'), false, phpbb_request_interface::FILES);
+ }
+
+ /**
* Checks whether a certain variable was sent via POST.
* To make sure that a request was sent using POST you should call this function
* on at least one variable.
diff --git a/phpBB/includes/ucp/ucp_groups.php b/phpBB/includes/ucp/ucp_groups.php
index 65ab92e78e..9652986cf2 100644
--- a/phpBB/includes/ucp/ucp_groups.php
+++ b/phpBB/includes/ucp/ucp_groups.php
@@ -513,7 +513,8 @@ class ucp_groups
$data['height'] = request_var('height', '');
$delete = request_var('delete', '');
- if (!empty($_FILES['uploadfile']['tmp_name']) || $data['uploadurl'] || $data['remotelink'])
+ $uploadfile = $request->file('uploadfile');
+ if (!empty($uploadfile['tmp_name']) || $data['uploadurl'] || $data['remotelink'])
{
// Avatar stuff
$var_ary = array(
@@ -527,7 +528,7 @@ class ucp_groups
{
$data['user_id'] = "g$group_id";
- if ((!empty($_FILES['uploadfile']['tmp_name']) || $data['uploadurl']) && $can_upload)
+ if ((!empty($uploadfile['tmp_name']) || $data['uploadurl']) && $can_upload)
{
list($submit_ary['avatar_type'], $submit_ary['avatar'], $submit_ary['avatar_width'], $submit_ary['avatar_height']) = avatar_upload($data, $error);
}
generated by cgit v1.2.1 (git 2.21.0) at 2024-11-15 12:29:05 +0000