Bug fix for PHP 5.6 when upload images

This commit is contained in:
Diego Najar 2019-05-29 19:28:11 +02:00
parent febd7256e4
commit 600345ee57
8 changed files with 23 additions and 22 deletions

View File

@ -178,7 +178,7 @@ function uploadImages() {
// Check file type/extension
const validImageTypes = ['image/gif', 'image/jpeg', 'image/png', 'image/svg+xml'];
if (!validImageTypes.includes(images[i].type)) {
showMediaAlert("<?php echo $L->g('File type is not supported. Allowed types:').' '.implode(', ',ALLOWED_IMG_EXTENSION) ?>");
showMediaAlert("<?php echo $L->g('File type is not supported. Allowed types:').' '.implode(', ',$GLOBALS['ALLOWED_IMG_EXTENSION']) ?>");
return false;
}

View File

@ -17,8 +17,8 @@ if (!isset($_FILES['inputFile'])) {
// File extension
$fileExtension = Filesystem::extension($_FILES['inputFile']['name']);
$fileExtension = Text::lowercase($fileExtension);
if (!in_array($fileExtension, ALLOWED_IMG_EXTENSION) ) {
$message = 'File type is not supported. Allowed types: '.implode(', ',ALLOWED_IMG_EXTENSION);
if (!in_array($fileExtension, $GLOBALS['ALLOWED_IMG_EXTENSION']) ) {
$message = 'File type is not supported. Allowed types: '.implode(', ',$GLOBALS['ALLOWED_IMG_EXTENSION']);
Log::set($message, LOG_TYPE_ERROR);
ajaxResponse(1, $message);
}

View File

@ -15,21 +15,15 @@ if (!isset($_FILES['profilePictureInputFile'])) {
ajaxResponse(1, 'Error trying to upload the profile picture.');
}
// File extension
// Check file extension
$fileExtension = Filesystem::extension($_FILES['profilePictureInputFile']['name']);
$fileExtension = Text::lowercase($fileExtension);
if (!in_array($fileExtension, ALLOWED_IMG_EXTENSION) ) {
$message = 'File type is not supported. Allowed types: '.implode(', ',ALLOWED_IMG_EXTENSION);
if (!in_array($fileExtension, $GLOBALS['ALLOWED_IMG_EXTENSION']) ) {
$message = 'File type is not supported. Allowed types: '.implode(', ',$GLOBALS['ALLOWED_IMG_EXTENSION']);
Log::set($message, LOG_TYPE_ERROR);
ajaxResponse(1, $message);
}
// Tmp filename
$tmpFilename = $username.'.'.$fileExtension;
// Final filename
$filename = $username.'.png';
// Check path traversal
if (Text::stringContains($username, DS, false)) {
$message = 'Path traversal detected.';
@ -37,6 +31,9 @@ if (Text::stringContains($username, DS, false)) {
ajaxResponse(1, $message);
}
// Tmp filename
$tmpFilename = $username.'.'.$fileExtension;
// Move from temporary directory to uploads folder
rename($_FILES['profilePictureInputFile']['tmp_name'], PATH_TMP.$tmpFilename);
@ -48,6 +45,9 @@ $image->saveImage(PATH_UPLOADS_PROFILES.$filename, PROFILE_IMG_QUALITY, false, t
// Remove the tmp file
unlink(PATH_TMP.$tmpFilename);
// Final filename
$filename = $username.'.png';
// Permissions
chmod(PATH_UPLOADS_PROFILES.$filename, 0644);

View File

@ -47,7 +47,7 @@ foreach ($_FILES['images']['name'] as $uuid=>$filename) {
$filename = Filesystem::filename($image);
array_push($images, $filename);
} else {
$message = $L->g('File type is not supported. Allowed types:').' '.implode(', ',ALLOWED_IMG_EXTENSION);
$message = $L->g('File type is not supported. Allowed types:').' '.implode(', ',$GLOBALS['ALLOWED_IMG_EXTENSION']);
Log::set($message, LOG_TYPE_ERROR);
ajaxResponse(1, $message);
}

View File

@ -92,12 +92,6 @@ define('SESSION_GC_MAXLIFETIME', 3600);
// The value 0 means until the browser is closed
define('SESSION_COOKIE_LIFE_TIME', 0);
// Tags, type of pages included in the tag database
define('DB_TAGS_TYPES', array('published','static','sticky'));
// Allowed image extensions
define('ALLOWED_IMG_EXTENSION', array('gif', 'png', 'jpg', 'jpeg', 'svg'));
// Alert notification dissappear in X seconds
define('ALERT_DISSAPEAR_IN', 3);
@ -107,3 +101,10 @@ define('MEDIA_MANAGER_NUMBER_OF_FILES', 5);
// Sort the image by date
define('MEDIA_MANAGER_SORT_BY_DATE', true);
// Constant arrays using define are not allowed in PHP 5.6 or earlier
// Type of pages included in the tag database
$GLOBALS['DB_TAGS_TYPES'] = array('published','static','sticky');
// Allowed image extensions
$GLOBALS['ALLOWED_IMG_EXTENSION'] = array('gif', 'png', 'jpg', 'jpeg', 'svg');

View File

@ -827,7 +827,7 @@ function transformImage($file, $imageDir, $thumbnailDir=false) {
// Check image extension
$fileExtension = Filesystem::extension($file);
$fileExtension = Text::lowercase($fileExtension);
if (!in_array($fileExtension, ALLOWED_IMG_EXTENSION) ) {
if (!in_array($fileExtension, $GLOBALS['ALLOWED_IMG_EXTENSION']) ) {
return false;
}

View File

@ -18,7 +18,7 @@ class Tags extends dbList {
$db = $pages->getDB($onlyKeys=false);
$tagsIndex = array();
foreach ($db as $pageKey=>$pageFields) {
if (in_array($pageFields['type'], DB_TAGS_TYPES)) {
if (in_array($pageFields['type'], $GLOBALS['DB_TAGS_TYPES'])) {
$tags = $pageFields['tags'];
foreach ($tags as $tagKey=>$tagName) {
if (isset($tagsIndex[$tagKey])) {

View File

@ -58,7 +58,7 @@ class pluginDisqus extends Plugin {
global $url;
global $WHERE_AM_I;
// Do not shows
// Do not shows disqus on page not found
if ($url->notFound()) {
return false;
}