diff options
| -rw-r--r-- | phpBB/includes/functions_upload.php | 31 | ||||
| -rw-r--r-- | phpBB/language/en/common.php | 1 | ||||
| -rw-r--r-- | phpBB/language/en/posting.php | 1 |
3 files changed, 31 insertions, 2 deletions
diff --git a/phpBB/includes/functions_upload.php b/phpBB/includes/functions_upload.php index c640865212..0847c3a550 100644 --- a/phpBB/includes/functions_upload.php +++ b/phpBB/includes/functions_upload.php @@ -485,6 +485,9 @@ class fileupload var $max_height = 0; var $error_prefix = ''; + /** @var int Timeout for remote upload */ + var $upload_timeout = 6; + /** * Init file upload class. * @@ -828,13 +831,28 @@ class fileupload fputs($fsock, "HOST: " . $host . "\r\n"); fputs($fsock, "Connection: close\r\n\r\n"); + // Set a proper timeout for the socket + socket_set_timeout($fsock, $this->upload_timeout); + $get_info = false; $data = ''; - while (!@feof($fsock)) + $length = false; + $timer_stop = time() + $this->upload_timeout; + + while ((!$length || $filesize < $length) && !@feof($fsock)) { if ($get_info) { - $block = @fread($fsock, 1024); + if ($length) + { + // Don't attempt to read past end of file if server indicated length + $block = @fread($fsock, min($length - $filesize, 1024)); + } + else + { + $block = @fread($fsock, 1024); + } + $filesize += strlen($block); if ($remote_max_filesize && $filesize > $remote_max_filesize) @@ -880,6 +898,15 @@ class fileupload } } } + + $stream_meta_data = stream_get_meta_data($fsock); + + // Cancel upload if we exceed timeout + if (!empty($stream_meta_data['timed_out']) || time() >= $timer_stop) + { + $file = new fileerror($user->lang[$this->error_prefix . 'REMOTE_UPLOAD_TIMEOUT']); + return $file; + } } @fclose($fsock); diff --git a/phpBB/language/en/common.php b/phpBB/language/en/common.php index 68b8b594c4..b9eb0fd11d 100644 --- a/phpBB/language/en/common.php +++ b/phpBB/language/en/common.php @@ -109,6 +109,7 @@ $lang = array_merge($lang, array( 'AVATAR_PARTIAL_UPLOAD' => 'The specified file was only partially uploaded.', 'AVATAR_PHP_SIZE_NA' => 'The avatar’s filesize is too large.<br />The maximum allowed filesize set in php.ini could not be determined.', 'AVATAR_PHP_SIZE_OVERRUN' => 'The avatar’s filesize is too large. The maximum allowed upload size is %1$d %2$s.<br />Please note this is set in php.ini and cannot be overridden.', + 'AVATAR_REMOTE_UPLOAD_TIMEOUT' => 'The specified avatar could not be uploaded because the request timed out.', 'AVATAR_URL_INVALID' => 'The URL you specified is invalid.', 'AVATAR_URL_NOT_FOUND' => 'The file specified could not be found.', 'AVATAR_WRONG_FILESIZE' => 'The avatar’s filesize must be between 0 and %1$d %2$s.', diff --git a/phpBB/language/en/posting.php b/phpBB/language/en/posting.php index e8a8643cfd..31d49e8bdf 100644 --- a/phpBB/language/en/posting.php +++ b/phpBB/language/en/posting.php @@ -225,6 +225,7 @@ $lang = array_merge($lang, array( ), 'QUOTE_NO_NESTING' => 'You may not embed quotes within each other.', + 'REMOTE_UPLOAD_TIMEOUT' => 'The specified file could not be uploaded because the request timed out.', 'SAVE' => 'Save', 'SAVE_DATE' => 'Saved at', 'SAVE_DRAFT' => 'Save draft', |