Révision b4adf10d
Ajouté par Assos Assos il y a plus de 9 ans
| drupal7/includes/file.inc | ||
|---|---|---|
| 1152 | 1152 |
// Remove any null bytes. See http://php.net/manual/security.filesystem.nullbytes.php |
| 1153 | 1153 |
$filename = str_replace(chr(0), '', $filename); |
| 1154 | 1154 |
|
| 1155 |
$whitelist = array_unique(explode(' ', trim($extensions)));
|
|
| 1155 |
$whitelist = array_unique(explode(' ', strtolower(trim($extensions))));
|
|
| 1156 | 1156 |
|
| 1157 | 1157 |
// Split the filename up by periods. The first part becomes the basename |
| 1158 | 1158 |
// the last part the final extension. |
| ... | ... | |
| 1165 | 1165 |
// of allowed extensions. |
| 1166 | 1166 |
foreach ($filename_parts as $filename_part) {
|
| 1167 | 1167 |
$new_filename .= '.' . $filename_part; |
| 1168 |
if (!in_array($filename_part, $whitelist) && preg_match("/^[a-zA-Z]{2,5}\d?$/", $filename_part)) {
|
|
| 1168 |
if (!in_array(strtolower($filename_part), $whitelist) && preg_match("/^[a-zA-Z]{2,5}\d?$/", $filename_part)) {
|
|
| 1169 | 1169 |
$new_filename .= '_'; |
| 1170 | 1170 |
} |
| 1171 | 1171 |
} |
| ... | ... | |
| 1729 | 1729 |
/** |
| 1730 | 1730 |
* Checks that the file's size is below certain limits. |
| 1731 | 1731 |
* |
| 1732 |
* This check is not enforced for the user #1. |
|
| 1733 |
* |
|
| 1734 | 1732 |
* @param $file |
| 1735 | 1733 |
* A Drupal file object. |
| 1736 | 1734 |
* @param $file_limit |
| ... | ... | |
| 1748 | 1746 |
*/ |
| 1749 | 1747 |
function file_validate_size(stdClass $file, $file_limit = 0, $user_limit = 0) {
|
| 1750 | 1748 |
global $user; |
| 1751 |
|
|
| 1752 | 1749 |
$errors = array(); |
| 1753 | 1750 |
|
| 1754 |
// Bypass validation for uid = 1. |
|
| 1755 |
if ($user->uid != 1) {
|
|
| 1756 |
if ($file_limit && $file->filesize > $file_limit) {
|
|
| 1757 |
$errors[] = t('The file is %filesize exceeding the maximum file size of %maxsize.', array('%filesize' => format_size($file->filesize), '%maxsize' => format_size($file_limit)));
|
|
| 1758 |
} |
|
| 1751 |
if ($file_limit && $file->filesize > $file_limit) {
|
|
| 1752 |
$errors[] = t('The file is %filesize exceeding the maximum file size of %maxsize.', array('%filesize' => format_size($file->filesize), '%maxsize' => format_size($file_limit)));
|
|
| 1753 |
} |
|
| 1759 | 1754 |
|
| 1760 |
// Save a query by only calling file_space_used() when a limit is provided. |
|
| 1761 |
if ($user_limit && (file_space_used($user->uid) + $file->filesize) > $user_limit) {
|
|
| 1762 |
$errors[] = t('The file is %filesize which would exceed your disk quota of %quota.', array('%filesize' => format_size($file->filesize), '%quota' => format_size($user_limit)));
|
|
| 1763 |
} |
|
| 1755 |
// Save a query by only calling file_space_used() when a limit is provided. |
|
| 1756 |
if ($user_limit && (file_space_used($user->uid) + $file->filesize) > $user_limit) {
|
|
| 1757 |
$errors[] = t('The file is %filesize which would exceed your disk quota of %quota.', array('%filesize' => format_size($file->filesize), '%quota' => format_size($user_limit)));
|
|
| 1764 | 1758 |
} |
| 1759 |
|
|
| 1765 | 1760 |
return $errors; |
| 1766 | 1761 |
} |
| 1767 | 1762 |
|
Formats disponibles : Unified diff
Udpate to 7.33