Drupal
/
drupal
mirror of https://git.drupalcode.org/project/drupal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Issue #1984378 by Jaypan, JacobSanford, aroq | Dave Hirschman: $source argument is name of form field used to upload file, not "filepath or URI of the uploaded file."

merge-requests/26/head
David Rothstein 2014-01-31 15:34:22 -05:00
parent 5be1de31ae
commit e49fde1f1d
1 changed files with 24 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
includes/file.inc
View File

@ -1402,8 +1402,9 @@ function file_space_used($uid = NULL, $status = FILE_STATUS_PERMANENT) {
* Temporary files are periodically cleaned. To make the file a permanent file, * Temporary files are periodically cleaned. To make the file a permanent file,
* assign the status and use file_save() to save the changes. * assign the status and use file_save() to save the changes.
* *
* @param $source * @param $form_field_name
* A string specifying the filepath or URI of the uploaded file to save. * A string that is the associative array key of the upload form element in
* the form array.
* @param $validators * @param $validators
* An optional, associative array of callback functions used to validate the * An optional, associative array of callback functions used to validate the
* file. See file_validate() for a full discussion of the array format. * file. See file_validate() for a full discussion of the array format.
@ -1414,9 +1415,9 @@ function file_space_used($uid = NULL, $status = FILE_STATUS_PERMANENT) {
* (Beware: this is not safe and should only be allowed for trusted users, if * (Beware: this is not safe and should only be allowed for trusted users, if
* at all). * at all).
* @param $destination * @param $destination
* A string containing the URI $source should be copied to. * A string containing the URI that the file should be copied to. This must
* This must be a stream wrapper URI. If this value is omitted, Drupal's * be a stream wrapper URI. If this value is omitted, Drupal's temporary
* temporary files scheme will be used ("temporary://"). * files scheme will be used ("temporary://").
* @param $replace * @param $replace
* Replace behavior when the destination file already exists: * Replace behavior when the destination file already exists:
* - FILE_EXISTS_REPLACE: Replace the existing file. * - FILE_EXISTS_REPLACE: Replace the existing file.
@ -1434,45 +1435,45 @@ function file_space_used($uid = NULL, $status = FILE_STATUS_PERMANENT) {
* - source: Path to the file before it is moved. * - source: Path to the file before it is moved.
* - destination: Path to the file after it is moved (same as 'uri'). * - destination: Path to the file after it is moved (same as 'uri').
*/ */
function file_save_upload($source, $validators = array(), $destination = FALSE, $replace = FILE_EXISTS_RENAME) { function file_save_upload($form_field_name, $validators = array(), $destination = FALSE, $replace = FILE_EXISTS_RENAME) {
global $user; global $user;
static $upload_cache; static $upload_cache;
// Return cached objects without processing since the file will have // Return cached objects without processing since the file will have
// already been processed and the paths in _FILES will be invalid. // already been processed and the paths in _FILES will be invalid.
if (isset($upload_cache[$source])) { if (isset($upload_cache[$form_field_name])) {
return $upload_cache[$source]; return $upload_cache[$form_field_name];
} }
// Make sure there's an upload to process. // Make sure there's an upload to process.
if (empty($_FILES['files']['name'][$source])) { if (empty($_FILES['files']['name'][$form_field_name])) {
return NULL; return NULL;
} }
// Check for file upload errors and return FALSE if a lower level system // Check for file upload errors and return FALSE if a lower level system
// error occurred. For a complete list of errors: // error occurred. For a complete list of errors:
// See http://php.net/manual/features.file-upload.errors.php. // See http://php.net/manual/features.file-upload.errors.php.
switch ($_FILES['files']['error'][$source]) { switch ($_FILES['files']['error'][$form_field_name]) {
case UPLOAD_ERR_INI_SIZE: case UPLOAD_ERR_INI_SIZE:
case UPLOAD_ERR_FORM_SIZE: case UPLOAD_ERR_FORM_SIZE:
drupal_set_message(t('The file %file could not be saved, because it exceeds %maxsize, the maximum allowed size for uploads.', array('%file' => $_FILES['files']['name'][$source], '%maxsize' => format_size(file_upload_max_size()))), 'error'); drupal_set_message(t('The file %file could not be saved, because it exceeds %maxsize, the maximum allowed size for uploads.', array('%file' => $_FILES['files']['name'][$form_field_name], '%maxsize' => format_size(file_upload_max_size()))), 'error');
return FALSE; return FALSE;
case UPLOAD_ERR_PARTIAL: case UPLOAD_ERR_PARTIAL:
case UPLOAD_ERR_NO_FILE: case UPLOAD_ERR_NO_FILE:
drupal_set_message(t('The file %file could not be saved, because the upload did not complete.', array('%file' => $_FILES['files']['name'][$source])), 'error'); drupal_set_message(t('The file %file could not be saved, because the upload did not complete.', array('%file' => $_FILES['files']['name'][$form_field_name])), 'error');
return FALSE; return FALSE;
case UPLOAD_ERR_OK: case UPLOAD_ERR_OK:
// Final check that this is a valid upload, if it isn't, use the // Final check that this is a valid upload, if it isn't, use the
// default error handler. // default error handler.
if (is_uploaded_file($_FILES['files']['tmp_name'][$source])) { if (is_uploaded_file($_FILES['files']['tmp_name'][$form_field_name])) {
break; break;
} }
// Unknown error // Unknown error
default: default:
drupal_set_message(t('The file %file could not be saved. An unknown error has occurred.', array('%file' => $_FILES['files']['name'][$source])), 'error'); drupal_set_message(t('The file %file could not be saved. An unknown error has occurred.', array('%file' => $_FILES['files']['name'][$form_field_name])), 'error');
return FALSE; return FALSE;
} }
@ -1480,10 +1481,10 @@ function file_save_upload($source, $validators = array(), $destination = FALSE,
$file = new stdClass(); $file = new stdClass();
$file->uid = $user->uid; $file->uid = $user->uid;
$file->status = 0; $file->status = 0;
$file->filename = trim(drupal_basename($_FILES['files']['name'][$source]), '.'); $file->filename = trim(drupal_basename($_FILES['files']['name'][$form_field_name]), '.');
$file->uri = $_FILES['files']['tmp_name'][$source]; $file->uri = $_FILES['files']['tmp_name'][$form_field_name];
$file->filemime = file_get_mimetype($file->filename); $file->filemime = file_get_mimetype($file->filename);
$file->filesize = $_FILES['files']['size'][$source]; $file->filesize = $_FILES['files']['size'][$form_field_name];
$extensions = ''; $extensions = '';
if (isset($validators['file_validate_extensions'])) { if (isset($validators['file_validate_extensions'])) {
@ -1540,7 +1541,7 @@ function file_save_upload($source, $validators = array(), $destination = FALSE,
return FALSE; return FALSE;
} }
$file->source = $source; $file->source = $form_field_name;
// A URI may already have a trailing slash or look like "public://". // A URI may already have a trailing slash or look like "public://".
if (substr($destination, -1) != '/') { if (substr($destination, -1) != '/') {
$destination .= '/'; $destination .= '/';
@ -1549,7 +1550,7 @@ function file_save_upload($source, $validators = array(), $destination = FALSE,
// If file_destination() returns FALSE then $replace == FILE_EXISTS_ERROR and // If file_destination() returns FALSE then $replace == FILE_EXISTS_ERROR and
// there's an existing file so we need to bail. // there's an existing file so we need to bail.
if ($file->destination === FALSE) { if ($file->destination === FALSE) {
drupal_set_message(t('The file %source could not be uploaded because a file by that name already exists in the destination %directory.', array('%source' => $source, '%directory' => $destination)), 'error'); drupal_set_message(t('The file %source could not be uploaded because a file by that name already exists in the destination %directory.', array('%source' => $form_field_name, '%directory' => $destination)), 'error');
return FALSE; return FALSE;
} }
@ -1568,7 +1569,7 @@ function file_save_upload($source, $validators = array(), $destination = FALSE,
else { else {
$message .= ' ' . array_pop($errors); $message .= ' ' . array_pop($errors);
} }
form_set_error($source, $message); form_set_error($form_field_name, $message);
return FALSE; return FALSE;
} }
@ -1576,8 +1577,8 @@ function file_save_upload($source, $validators = array(), $destination = FALSE,
// directory. This overcomes open_basedir restrictions for future file // directory. This overcomes open_basedir restrictions for future file
// operations. // operations.
$file->uri = $file->destination; $file->uri = $file->destination;
if (!drupal_move_uploaded_file($_FILES['files']['tmp_name'][$source], $file->uri)) { if (!drupal_move_uploaded_file($_FILES['files']['tmp_name'][$form_field_name], $file->uri)) {
form_set_error($source, t('File upload error. Could not move uploaded file.')); form_set_error($form_field_name, t('File upload error. Could not move uploaded file.'));
watchdog('file', 'Upload error. Could not move uploaded file %file to destination %destination.', array('%file' => $file->filename, '%destination' => $file->uri)); watchdog('file', 'Upload error. Could not move uploaded file %file to destination %destination.', array('%file' => $file->filename, '%destination' => $file->uri));
return FALSE; return FALSE;
} }
@ -1597,7 +1598,7 @@ function file_save_upload($source, $validators = array(), $destination = FALSE,
// If we made it this far it's safe to record this file in the database. // If we made it this far it's safe to record this file in the database.
if ($file = file_save($file)) { if ($file = file_save($file)) {
// Add file to the cache. // Add file to the cache.
$upload_cache[$source] = $file; $upload_cache[$form_field_name] = $file;
return $file; return $file;
} }
return FALSE; return FALSE;