diff options
Diffstat (limited to 'phpBB/includes')
| -rw-r--r-- | phpBB/includes/functions_upload.php | 25 |
1 files changed, 24 insertions, 1 deletions
diff --git a/phpBB/includes/functions_upload.php b/phpBB/includes/functions_upload.php index 054af29045..51fed45ebd 100644 --- a/phpBB/includes/functions_upload.php +++ b/phpBB/includes/functions_upload.php @@ -775,7 +775,18 @@ class fileupload { if ($get_info) { - $data .= @fread($fsock, 1024); + $block = @fread($fsock, 1024); + $filesize += strlen($block); + + if ($this->max_filesize && $filesize > $this->max_filesize) + { + $max_filesize = get_formatted_filesize($this->max_filesize, false); + + $file = new fileerror(sprintf($user->lang[$this->error_prefix . 'WRONG_FILESIZE'], $max_filesize['value'], $max_filesize['unit'])); + return $file; + } + + $data .= $block; } else { @@ -791,6 +802,18 @@ class fileupload { $upload_ary['type'] = rtrim(str_replace('content-type: ', '', strtolower($line))); } + else if ($this->max_filesize && stripos($line, 'content-length: ') !== false) + { + $length = (int) str_replace('content-length: ', '', strtolower($line)); + + if ($length && $length > $this->max_filesize) + { + $max_filesize = get_formatted_filesize($this->max_filesize, false); + + $file = new fileerror(sprintf($user->lang[$this->error_prefix . 'WRONG_FILESIZE'], $max_filesize['value'], $max_filesize['unit'])); + return $file; + } + } else if (stripos($line, '404 not found') !== false) { $file = new fileerror($user->lang[$this->error_prefix . 'URL_NOT_FOUND']); |