Commit b652f342 authored by Carsten  Rose's avatar Carsten Rose
Browse files

Feature 5295: Upload: check if given QFQ 'maxFileSize' is higher than php.in...

Feature 5295: Upload: check if given QFQ 'maxFileSize' is higher than php.in post_max_size, upload_max_filesize
parent 8c1fe1d3
......@@ -3158,7 +3158,7 @@ See also `downloadButton`_ to offer a download of an uploaded file.
* If for a specific filetype is no mime type available, the definition of file extension(s) is possible. This is **less
secure**, cause there is no *content* check on the server after the upload.
* *maxFileSize*: max filesize in bytes for an uploaded file. Default: 10485760 (=10MB)
* *maxFileSize*: max filesize in bytes (no unit), kilobytes (k/K) or megabytes (m/M) for an uploaded file. Default: 10MB.
* *fileDestination*: Destination where to copy the file. A good practice is to specify a relative `fileDestination` -
such an installation (filesystem and database) are moveable.
......
......@@ -2845,6 +2845,15 @@ abstract class AbstractBuildForm {
$arr[EXISTING_PATH_FILE_NAME] = $value;
$arr[FE_FILE_MIME_TYPE_ACCEPT] = $formElement[FE_FILE_MIME_TYPE_ACCEPT];
$arr[FE_FILE_MAX_FILE_SIZE] = empty($formElement[FE_FILE_MAX_FILE_SIZE]) ? UPLOAD_DEFAULT_MAX_SIZE : $formElement[FE_FILE_MAX_FILE_SIZE];
$arr[FE_FILE_MAX_FILE_SIZE] = Support::returnBytes($arr[FE_FILE_MAX_FILE_SIZE]);
if ((Support::returnBytes(ini_get('post_max_size')) < $arr[FE_FILE_MAX_FILE_SIZE]) ||
(Support::returnBytes(ini_get('upload_max_filesize')) < $arr[FE_FILE_MAX_FILE_SIZE])
) {
throw new UserFormException("Configured 'maxFileSize'=" . $arr[FE_FILE_MAX_FILE_SIZE] .
" bigger than at least of one of the php.ini setttings 'post_max_size'=" . ini_get('post_max_size') .
" or 'upload_max_filesize'=" . ini_get('upload_max_filesize'), ERROR_MAX_FILE_SIZE_TOO_BIG);
}
$sipUpload = $this->sip->queryStringToSip(OnArray::toString($arr), RETURN_SIP);
......
......@@ -185,6 +185,7 @@ const ERROR_MISSING_DEFINITON = 1078;
const ERROR_QFQ_VERSION = 1079;
const ERROR_PLAY_SQL_FILE = 1080;
const ERROR_MISSING_FILE_NAME = 1081;
const ERROR_MAX_FILE_SIZE_TOO_BIG = 1082;
// Subrecord
const ERROR_SUBRECORD_MISSING_COLUMN_ID = 1100;
......@@ -1058,7 +1059,7 @@ const UPLOAD_MODE_UNCHANGED = 'unchanged';
const UPLOAD_MODE_NEW = 'new';
const UPLOAD_MODE_DELETEOLD = 'deleteOld';
const UPLOAD_MODE_DELETEOLD_NEW = 'deleteOld+new';
const UPLOAD_DEFAULT_MAX_SIZE = 10485760; /* 10MB */
const UPLOAD_DEFAULT_MAX_SIZE = '10M';
const UPLOAD_DEFAULT_MIME_TYPE = 'application/pdf';
// $_FILES
const FILES_NAME = 'name';
......
......@@ -1113,4 +1113,26 @@ class Support {
return $data;
}
/**
* Calculates a value with 'm', 'k', 'g' in Bytes.
*/
public static function returnBytes($size_str) {
$size_str = trim($size_str);
switch (substr($size_str, -1)) {
case 'M':
case 'm':
return (int)$size_str * 1048576;
case 'K':
case 'k':
return (int)$size_str * 1024;
case 'G':
case 'g':
return (int)$size_str * 1073741824;
default:
return $size_str;
}
}
}
\ No newline at end of file
......@@ -696,6 +696,40 @@ class SupportTest extends \PHPUnit_Framework_TestCase {
}
public function testReturnBytes() {
$this->assertEquals('', Support::returnBytes(''));
$this->assertEquals(0, Support::returnBytes(0));
$this->assertEquals(1, Support::returnBytes(1));
$this->assertEquals(1000, Support::returnBytes(1000));
$this->assertEquals(0, Support::returnBytes('0'));
$this->assertEquals(1, Support::returnBytes('1'));
$this->assertEquals(1000, Support::returnBytes('1000'));
$this->assertEquals(0, Support::returnBytes('0K'));
$this->assertEquals(1024, Support::returnBytes('1K'));
$this->assertEquals(1024000, Support::returnBytes('1000K'));
$this->assertEquals(0, Support::returnBytes('0M'));
$this->assertEquals(1048576, Support::returnBytes('1M'));
$this->assertEquals(1048576000, Support::returnBytes('1000M'));
$this->assertEquals(0, Support::returnBytes('0G'));
$this->assertEquals(1073741824, Support::returnBytes('1G'));
$this->assertEquals(1073741824000, Support::returnBytes('1000G'));
$this->assertEquals(0, Support::returnBytes('0k'));
$this->assertEquals(1024, Support::returnBytes('1k'));
$this->assertEquals(1024000, Support::returnBytes('1000k'));
$this->assertEquals(0, Support::returnBytes('0m'));
$this->assertEquals(1048576, Support::returnBytes('1m'));
$this->assertEquals(1048576000, Support::returnBytes('1000m'));
$this->assertEquals(0, Support::returnBytes('0g'));
$this->assertEquals(1073741824, Support::returnBytes('1g'));
$this->assertEquals(1073741824000, Support::returnBytes('1000g'));
}
protected function setUp() {
parent::setUp();
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment