Révision 6ff32cea
Ajouté par Florent Torregrosa il y a environ 9 ans
drupal7/modules/file/file.module | ||
---|---|---|
357 | 357 |
* support for a default value. |
358 | 358 |
*/ |
359 | 359 |
function file_managed_file_process($element, &$form_state, $form) { |
360 |
// Append the '-upload' to the #id so the field label's 'for' attribute |
|
361 |
// corresponds with the file element. |
|
362 |
$original_id = $element['#id']; |
|
363 |
$element['#id'] .= '-upload'; |
|
360 | 364 |
$fid = isset($element['#value']['fid']) ? $element['#value']['fid'] : 0; |
361 | 365 |
|
362 | 366 |
// Set some default element properties. |
... | ... | |
366 | 370 |
|
367 | 371 |
$ajax_settings = array( |
368 | 372 |
'path' => 'file/ajax/' . implode('/', $element['#array_parents']) . '/' . $form['form_build_id']['#value'], |
369 |
'wrapper' => $element['#id'] . '-ajax-wrapper',
|
|
373 |
'wrapper' => $original_id . '-ajax-wrapper',
|
|
370 | 374 |
'effect' => 'fade', |
371 | 375 |
'progress' => array( |
372 | 376 |
'type' => $element['#progress_indicator'], |
... | ... | |
461 | 465 |
$element['upload']['#attached']['js'] = array( |
462 | 466 |
array( |
463 | 467 |
'type' => 'setting', |
464 |
'data' => array('file' => array('elements' => array('#' . $element['#id'] . '-upload' => $extension_list)))
|
|
468 |
'data' => array('file' => array('elements' => array('#' . $element['#id'] => $extension_list))) |
|
465 | 469 |
) |
466 | 470 |
); |
467 | 471 |
} |
468 | 472 |
|
469 | 473 |
// Prefix and suffix used for Ajax replacement. |
470 |
$element['#prefix'] = '<div id="' . $element['#id'] . '-ajax-wrapper">';
|
|
474 |
$element['#prefix'] = '<div id="' . $original_id . '-ajax-wrapper">';
|
|
471 | 475 |
$element['#suffix'] = '</div>'; |
472 | 476 |
|
473 | 477 |
return $element; |
... | ... | |
515 | 519 |
// public file) to confirm it exists and that the current user has access |
516 | 520 |
// to it. |
517 | 521 |
if (isset($input['fid']) && ($file = file_load($input['fid']))) { |
518 |
if (file_uri_scheme($file->uri) == 'public' || file_download_access($file->uri)) { |
|
522 |
// By default the public:// file scheme provided by Drupal core is the |
|
523 |
// only one that allows files to be publicly accessible to everyone, so |
|
524 |
// it is the only one for which the file access checks are bypassed. |
|
525 |
// Other modules which provide publicly accessible streams of their own |
|
526 |
// in hook_stream_wrappers() can add the corresponding scheme to the |
|
527 |
// 'file_public_schema' variable to bypass file access checks for those |
|
528 |
// as well. This should only be done for schemes that are completely |
|
529 |
// publicly accessible, with no download restrictions; for security |
|
530 |
// reasons all other schemes must go through the file_download_access() |
|
531 |
// check. |
|
532 |
if (in_array(file_uri_scheme($file->uri), variable_get('file_public_schema', array('public'))) || file_download_access($file->uri)) { |
|
519 | 533 |
$fid = $file->fid; |
520 | 534 |
} |
521 | 535 |
// If the current user doesn't have access, don't let the file be |
Formats disponibles : Unified diff
Update core to 7.36