- check for errors when uploading the file

2025-06-01 14:37:20 +00:00 · 2011-01-28 07:37:53 +00:00 · 2011-01-28 07:37:53 +00:00 · e14323478d
commit e14323478d
parent 4481185dab
1 changed files with 62 additions and 58 deletions
--- a/op/op.AddFile.php
+++ b/op/op.AddFile.php
@ -1,66 +1,70 @@
-<?php
+<?php
-//    MyDMS. Document Management System
+//    MyDMS. Document Management System
-//    Copyright (C) 2010 Matteo Lucarelli
+//    Copyright (C) 2010 Matteo Lucarelli
-//
+//
-//    This program is free software; you can redistribute it and/or modify
+//    This program is free software; you can redistribute it and/or modify
-//    it under the terms of the GNU General Public License as published by
+//    it under the terms of the GNU General Public License as published by
-//    the Free Software Foundation; either version 2 of the License, or
+//    the Free Software Foundation; either version 2 of the License, or
-//    (at your option) any later version.
+//    (at your option) any later version.
-//
+//
-//    This program is distributed in the hope that it will be useful,
+//    This program is distributed in the hope that it will be useful,
-//    but WITHOUT ANY WARRANTY; without even the implied warranty of
+//    but WITHOUT ANY WARRANTY; without even the implied warranty of
-//    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+//    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-//    GNU General Public License for more details.
+//    GNU General Public License for more details.
-//
+//
-//    You should have received a copy of the GNU General Public License
+//    You should have received a copy of the GNU General Public License
-//    along with this program; if not, write to the Free Software
+//    along with this program; if not, write to the Free Software
-//    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+//    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-
+
-include("../inc/inc.Settings.php");
+include("../inc/inc.Settings.php");
-include("../inc/inc.Utils.php");
+include("../inc/inc.Utils.php");
-include("../inc/inc.ClassEmail.php");
+include("../inc/inc.ClassEmail.php");
 include("../inc/inc.DBInit.php");
-include("../inc/inc.Language.php");
+include("../inc/inc.Language.php");
-include("../inc/inc.ClassUI.php");
+include("../inc/inc.ClassUI.php");
 include("../inc/inc.Authentication.php");
-
+
-if (!isset($_POST["documentid"]) || !is_numeric($_POST["documentid"]) || intval($_POST["documentid"])<1) {
+if (!isset($_POST["documentid"]) || !is_numeric($_POST["documentid"]) || intval($_POST["documentid"])<1) {
-	UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
+	UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
 }
 $documentid = $_POST["documentid"];
 $document = $dms->getDocument($documentid);
 if (!is_object($document)) {
 	UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
 }
-$folder = $document->getFolder();
+$documentid = $_POST["documentid"];
-
+$document = $dms->getDocument($documentid);
 if (!is_object($document)) {
 	UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
 }
 $folder = $document->getFolder();
 if ($document->getAccessMode($user) < M_READWRITE) {
 	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied"));
-}
+}
-
+
 if (is_uploaded_file($_FILES["userfile"]["tmp_name"]) && $_FILES["userfile"]["size"] > 0 && $_FILES['userfile']['error']!=0){
 	UI::exitError(getMLText("folder_title", array("foldername" => $folder->getName())),getMLText("uploading_failed"));
 }
-
+
-$name     = sanitizeString($_POST["name"]);
+$name     = sanitizeString($_POST["name"]);
-$comment  = sanitizeString($_POST["comment"]);
+$comment  = sanitizeString($_POST["comment"]);
-
+
-$userfiletmp = $_FILES["userfile"]["tmp_name"];
+if($_FILES["userfile"]["error"]) {
-$userfiletype = sanitizeString($_FILES["userfile"]["type"]);
+	UI::exitError(getMLText("folder_title", array("foldername" => $folder->getName())),getMLText("error_occured"));
-$userfilename = sanitizeString($_FILES["userfile"]["name"]);
+}
-
+
-$lastDotIndex = strrpos(basename($userfilename), ".");
+$userfiletmp = $_FILES["userfile"]["tmp_name"];
-if (is_bool($lastDotIndex) && !$lastDotIndex)
+$userfiletype = sanitizeString($_FILES["userfile"]["type"]);
-	$fileType = ".";
+$userfilename = sanitizeString($_FILES["userfile"]["name"]);
-else
+
-	$fileType = substr($userfilename, $lastDotIndex);
+$lastDotIndex = strrpos(basename($userfilename), ".");
-
+if (is_bool($lastDotIndex) && !$lastDotIndex)
 	$fileType = ".";
 else
 	$fileType = substr($userfilename, $lastDotIndex);
 $res = $document->addDocumentFile($name, $comment, $user, $userfiletmp, 
                                  basename($userfilename),$fileType, $userfiletype );
-                                
+                                
 if (is_bool($res) && !$res) {
 	UI::exitError(getMLText("folder_title", array("foldername" => $folder->getName())),getMLText("error_occured"));
 } else {
@ -85,9 +89,9 @@ if (is_bool($res) && !$res) {
 	}
 }
-add_log_line("?name=".$name."&documentid=".$documentid);
+add_log_line("?name=".$name."&documentid=".$documentid);
-
+
-header("Location:../out/out.ViewDocument.php?documentid=".$documentid);
+header("Location:../out/out.ViewDocument.php?documentid=".$documentid);
-
+
-
+
-?>
+?>