mirror of
				https://git.code.sf.net/p/seeddms/code
				synced 2025-10-25 10:11:18 +00:00 
			
		
		
		
	check if post request succeeds
This commit is contained in:
		
							parent
							
								
									0c888bc9d1
								
							
						
					
					
						commit
						afb7736f9b
					
				|  | @ -33,6 +33,13 @@ include("../inc/inc.ClassController.php"); | ||||||
| $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); | $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); | ||||||
| $controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user)); | $controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user)); | ||||||
| 
 | 
 | ||||||
|  | /* if post_max_size is to small, then $_POST will not be set and the content | ||||||
|  |  * lenght will exceed post_max_size | ||||||
|  |  */ | ||||||
|  | if(empty($_POST) && $_SERVER['CONTENT_LENGTH'] > SeedDMS_Core_File::parse_filesize(ini_get('post_max_size'))) { | ||||||
|  | 	UI::exitError(getMLText("folder_title", array("foldername" => '')),getMLText("uploading_postmaxsize")); | ||||||
|  | } | ||||||
|  | 
 | ||||||
| /* Check if the form data comes from a trusted request */ | /* Check if the form data comes from a trusted request */ | ||||||
| if(!checkFormKey('adddocument')) { | if(!checkFormKey('adddocument')) { | ||||||
| 	UI::exitError(getMLText("folder_title", array("foldername" => getMLText("invalid_request_token"))),getMLText("invalid_request_token")); | 	UI::exitError(getMLText("folder_title", array("foldername" => getMLText("invalid_request_token"))),getMLText("invalid_request_token")); | ||||||
|  | @ -330,15 +337,18 @@ if(!empty($_POST['notification_groups'])) { | ||||||
| /* Check files for Errors first */ | /* Check files for Errors first */ | ||||||
| $maxuploadsize = SeedDMS_Core_File::parse_filesize($settings->_maxUploadSize); | $maxuploadsize = SeedDMS_Core_File::parse_filesize($settings->_maxUploadSize); | ||||||
| foreach($file_ary as $file) { | foreach($file_ary as $file) { | ||||||
|  | 	if($file['error']==1) { | ||||||
|  | 		UI::exitError(getMLText("folder_title", array("foldername" => $folder->getName())),getMLText("uploading_maxsize")); | ||||||
|  | 	} | ||||||
|  | 	if($file['error']!=0) { | ||||||
|  | 		UI::exitError(getMLText("folder_title", array("foldername" => $folder->getName())),getMLText("uploading_failed")); | ||||||
|  | 	} | ||||||
| 	if ($file["size"]==0) { | 	if ($file["size"]==0) { | ||||||
| 		UI::exitError(getMLText("folder_title", array("foldername" => $folder->getName())),getMLText("uploading_zerosize")); | 		UI::exitError(getMLText("folder_title", array("foldername" => $folder->getName())),getMLText("uploading_zerosize")); | ||||||
| 	} | 	} | ||||||
| 	if ($maxuploadsize && $file["size"] > $maxuploadsize) { | 	if ($maxuploadsize && $file["size"] > $maxuploadsize) { | ||||||
| 		UI::exitError(getMLText("folder_title", array("foldername" => $folder->getName())),getMLText("uploading_maxsize")); | 		UI::exitError(getMLText("folder_title", array("foldername" => $folder->getName())),getMLText("uploading_maxsize")); | ||||||
| 	} | 	} | ||||||
| 	if($file['error']!=0) { |  | ||||||
| 		UI::exitError(getMLText("folder_title", array("foldername" => $folder->getName())),getMLText("uploading_failed")); |  | ||||||
| 	} |  | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| foreach($file_ary as $file) { | foreach($file_ary as $file) { | ||||||
|  |  | ||||||
|  | @ -27,6 +27,13 @@ include("../inc/inc.DBInit.php"); | ||||||
| include("../inc/inc.ClassUI.php"); | include("../inc/inc.ClassUI.php"); | ||||||
| include("../inc/inc.Authentication.php"); | include("../inc/inc.Authentication.php"); | ||||||
| 
 | 
 | ||||||
|  | /* if post_max_size is to small, then $_POST will not be set and the content | ||||||
|  |  * lenght will exceed post_max_size | ||||||
|  |  */ | ||||||
|  | if(empty($_POST) && $_SERVER['CONTENT_LENGTH'] > SeedDMS_Core_File::parse_filesize(ini_get('post_max_size'))) { | ||||||
|  | 	UI::exitError(getMLText("document_title", array("documentname" => '')),getMLText("uploading_postmaxsize")); | ||||||
|  | } | ||||||
|  | 
 | ||||||
| if (!isset($_POST["documentid"]) || !is_numeric($_POST["documentid"]) || intval($_POST["documentid"])<1) { | if (!isset($_POST["documentid"]) || !is_numeric($_POST["documentid"]) || intval($_POST["documentid"])<1) { | ||||||
| 	UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); | 	UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); | ||||||
| } | } | ||||||
|  |  | ||||||
|  | @ -31,6 +31,13 @@ include("../inc/inc.ClassController.php"); | ||||||
| $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); | $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); | ||||||
| $controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user)); | $controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user)); | ||||||
| 
 | 
 | ||||||
|  | /* if post_max_size is to small, then $_POST will not be set and the content | ||||||
|  |  * lenght will exceed post_max_size | ||||||
|  |  */ | ||||||
|  | if(empty($_POST) && $_SERVER['CONTENT_LENGTH'] > SeedDMS_Core_File::parse_filesize(ini_get('post_max_size'))) { | ||||||
|  | 	UI::exitError(getMLText("folder_title", array("foldername" => '')),getMLText("uploading_postmaxsize")); | ||||||
|  | } | ||||||
|  | 
 | ||||||
| /* Check if the form data comes from a trusted request */ | /* Check if the form data comes from a trusted request */ | ||||||
| if(!checkFormKey('updatedocument')) { | if(!checkFormKey('updatedocument')) { | ||||||
| 	UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_request_token"))),getMLText("invalid_request_token")); | 	UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_request_token"))),getMLText("invalid_request_token")); | ||||||
|  | @ -129,6 +136,12 @@ if(!$file_ary) { | ||||||
| 
 | 
 | ||||||
| $file = $file_ary[0]; | $file = $file_ary[0]; | ||||||
| if ($file['error'] == 0) { | if ($file['error'] == 0) { | ||||||
|  | 	if($file['error']==1) { | ||||||
|  | 		UI::exitError(getMLText("folder_title", array("foldername" => $folder->getName())),getMLText("uploading_maxsize")); | ||||||
|  | 	} | ||||||
|  | 	if($file['error']!=0) { | ||||||
|  | 		UI::exitError(getMLText("folder_title", array("foldername" => $folder->getName())),getMLText("uploading_failed")); | ||||||
|  | 	} | ||||||
| 	if ($file["size"]==0) { | 	if ($file["size"]==0) { | ||||||
| 		UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("uploading_zerosize")); | 		UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("uploading_zerosize")); | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
		Loading…
	
		Reference in New Issue
	
	Block a user
	 Uwe Steinmann
						Uwe Steinmann