Skip to content

Commit 493136a

Browse files
VINADES.,JSChoaquynhtim99
VINADES.,JSC
authored and
hoaquynhtim99
committed
Add config: Upload file exceeds size limit
1 parent d0c38f4 commit 493136a

File tree

13 files changed

+175
-96
lines changed

13 files changed

+175
-96
lines changed

admin/upload/admin.menu.php

+3-2
Original file line numberDiff line numberDiff line change
@@ -2,19 +2,20 @@
22

33
/**
44
* @Project NUKEVIET 4.x
5-
* @Author VINADES.,JSC ([email protected])
5+
* @Author VINADES.,JSC <[email protected]>
66
* @Copyright (C) 2014 VINADES.,JSC. All rights reserved
77
* @License GNU/GPL version 2 or any later version
88
* @Createdate 07/30/2013 10:27
99
*/
1010

11-
if (! defined('NV_ADMIN')) {
11+
if (!defined('NV_ADMIN')) {
1212
die('Stop!!!');
1313
}
1414

1515
if (defined('NV_IS_SPADMIN')) {
1616
$submenu['thumbconfig'] = $lang_module['thumbconfig'];
1717
$submenu['config'] = $lang_module['configlogo'];
18+
1819
if (defined('NV_IS_GODADMIN')) {
1920
$submenu['uploadconfig'] = $lang_module['uploadconfig'];
2021
}

admin/upload/functions.php

+39-32
Original file line numberDiff line numberDiff line change
@@ -8,15 +8,15 @@
88
* @Createdate 12/31/2009 2:29
99
*/
1010

11-
if (! defined('NV_ADMIN') or ! defined('NV_MAINFILE') or ! defined('NV_IS_MODADMIN')) {
11+
if (!defined('NV_ADMIN') or !defined('NV_MAINFILE') or !defined('NV_IS_MODADMIN')) {
1212
die('Stop!!!');
1313
}
1414

15-
$menu_top = array(
15+
$menu_top = [
1616
'title' => $module_name,
1717
'module_file' => '',
1818
'custom_title' => $lang_global['mod_upload']
19-
);
19+
];
2020

2121
define('NV_IS_FILE_ADMIN', true);
2222

@@ -26,12 +26,19 @@
2626
$array_url_instruction['config'] = 'https://wiki.nukeviet.vn/nukeviet4:admin:upload:config';
2727
$array_url_instruction['uploadconfig'] = 'https://wiki.nukeviet.vn/nukeviet4:admin:upload:uploadconfig';
2828

29-
$allow_func = array( 'main', 'imglist', 'delimg', 'createimg', 'dlimg', 'renameimg', 'moveimg', 'folderlist', 'delfolder', 'renamefolder', 'createfolder', 'upload', 'addlogo', 'cropimg', 'rotateimg', 'download' );
29+
$allow_func = [
30+
'main', 'imglist', 'delimg', 'createimg',
31+
'dlimg', 'renameimg', 'moveimg', 'folderlist',
32+
'delfolder', 'renamefolder', 'createfolder',
33+
'upload', 'addlogo', 'cropimg', 'rotateimg', 'download'
34+
35+
];
3036

3137
if (defined('NV_IS_SPADMIN')) {
3238
$allow_func[] = 'thumbconfig';
3339
$allow_func[] = 'recreatethumb';
3440
$allow_func[] = 'config';
41+
3542
if (defined('NV_IS_GODADMIN')) {
3643
$allow_func[] = 'uploadconfig';
3744
}
@@ -49,13 +56,13 @@ function nv_check_allow_upload_dir($dir)
4956

5057
$dir = trim($dir);
5158
if (empty($dir)) {
52-
return array();
59+
return [];
5360
}
5461

5562
$dir = str_replace("\\", '/', $dir);
5663
$dir = rtrim($dir, '/');
5764
$arr_dir = explode('/', $dir);
58-
$level = array();
65+
$level = [];
5966
$autologomod = explode(',', $global_config['autologomod']);
6067

6168
if (defined('NV_CONFIG_DIR')) {
@@ -90,7 +97,7 @@ function nv_check_allow_upload_dir($dir)
9097
}
9198

9299
// Cho phep doi ten, xoa thu muc
93-
if ($admin_info['allow_modify_subdirectories'] and ! in_array($dir, $allow_upload_dir)) {
100+
if ($admin_info['allow_modify_subdirectories'] and !in_array($dir, $allow_upload_dir)) {
94101
$level['rename_dir'] = true;
95102
$level['delete_dir'] = true;
96103

@@ -101,7 +108,7 @@ function nv_check_allow_upload_dir($dir)
101108
}
102109

103110
// Cho phep upload file
104-
if (! empty($admin_info['allow_files_type'])) {
111+
if (!empty($admin_info['allow_files_type'])) {
105112
$level['upload_file'] = true;
106113
}
107114

@@ -122,16 +129,16 @@ function nv_check_allow_upload_dir($dir)
122129
$level['create_dir'] = true;
123130
}
124131

125-
if (! empty($_dir_mod_sub) and $admin_info['allow_modify_subdirectories']) {
132+
if (!empty($_dir_mod_sub) and $admin_info['allow_modify_subdirectories']) {
126133
$level['rename_dir'] = true;
127134
$level['delete_dir'] = true;
128135
// Khong doi ten, xoa thu muc upload cua module hoac thu muc co chua thu muc con
129-
if (isset($site_mods[$mod_name]) and ! empty($_dir_mod_sub)) {
136+
if (isset($site_mods[$mod_name]) and !empty($_dir_mod_sub)) {
130137
unset($level['rename_dir'], $level['delete_dir']);
131138
}
132139
}
133140

134-
if (! empty($admin_info['allow_files_type'])) {
141+
if (!empty($admin_info['allow_files_type'])) {
135142
$level['upload_file'] = true;
136143
}
137144

@@ -200,11 +207,11 @@ function nv_get_viewImage($fileName, $refresh = 0)
200207
@nv_deletefile(NV_ROOTDIR . '/' . $viewFile);
201208
} else {
202209
$size = @getimagesize(NV_ROOTDIR . '/' . $viewFile);
203-
return array(
210+
return [
204211
$viewFile,
205212
$size[0],
206213
$size[1]
207-
);
214+
];
208215
}
209216
}
210217

@@ -269,22 +276,22 @@ function nv_get_viewImage($fileName, $refresh = 0)
269276
$error = $image->error;
270277
$image->close();
271278
if (empty($error)) {
272-
return array(
279+
return [
273280
$viewDir . '/' . basename($create_Image_info['src']),
274281
$create_Image_info['width'],
275282
$create_Image_info['height']
276-
);
283+
];
277284
}
278285
} elseif (copy(NV_ROOTDIR . '/' . $fileName, NV_ROOTDIR . '/' . $viewDir . '/' . $m[3] . $m[4])) {
279286
/**
280287
* Đối với kiểu resize ảnh khác nếu ảnh gốc nhỏ hơn ảnh resize
281288
* thì ảnh resize chính là ảnh gốc
282289
*/
283-
$return = array(
290+
$return = [
284291
$viewDir . '/' . $m[3] . $m[4],
285292
$image->fileinfo['width'],
286293
$image->fileinfo['height']
287-
);
294+
];
288295
$image->close();
289296
return $return;
290297
} else {
@@ -293,11 +300,11 @@ function nv_get_viewImage($fileName, $refresh = 0)
293300

294301
} else {
295302
$size = @getimagesize(NV_ROOTDIR . '/' . $fileName);
296-
return array(
303+
return [
297304
$fileName,
298305
$size[0],
299306
$size[1]
300-
);
307+
];
301308
}
302309
return false;
303310
}
@@ -318,7 +325,7 @@ function nv_getFileInfo($pathimg, $file)
318325
unset($matches);
319326
preg_match("/([a-zA-Z0-9\.\-\_\\s\(\)]+)\.([a-zA-Z0-9]+)$/", $file, $matches);
320327

321-
$info = array();
328+
$info = [];
322329
$info['name'] = $file;
323330
if (isset($file[17])) {
324331
$info['name'] = substr($matches[1], 0, (13 - strlen($matches[2]))) . '...' . $matches[2];
@@ -440,7 +447,7 @@ function nv_filesListRefresh($pathimg)
440447
{
441448
global $array_hidefolders, $admin_info, $db, $array_dirname;
442449

443-
$results = array();
450+
$results = [];
444451
$did = $array_dirname[$pathimg];
445452
if (is_dir(NV_ROOTDIR . '/' . $pathimg)) {
446453
$result = $db->query('SELECT * FROM ' . NV_UPLOAD_GLOBALTABLE . '_file WHERE did = ' . $did);
@@ -464,7 +471,7 @@ function nv_filesListRefresh($pathimg)
464471
if (isset($results[$title])) {
465472
$info['userid'] = $results[$title]['userid'];
466473
$dif = array_diff_assoc($info, $results[$title]);
467-
if (! empty($dif)) {
474+
if (!empty($dif)) {
468475
// Cập nhật CSDL file thay đổi
469476
$db->query("UPDATE " . NV_UPLOAD_GLOBALTABLE . "_file SET filesize=" . intval($info['filesize']) . ", src='" . $info['src'] . "', srcwidth=" . intval($info['srcwidth']) . ", srcheight=" . intval($info['srcheight']) . ", sizes='" . $info['sizes'] . "', userid=" . $admin_info['userid'] . ", mtime=" . $info['mtime'] . " WHERE did = " . $did . " AND title = " . $db->quote($title));
470477
}
@@ -487,7 +494,7 @@ function nv_filesListRefresh($pathimg)
487494
}
488495
closedir($dh);
489496

490-
if (! empty($results)) {
497+
if (!empty($results)) {
491498
// Xóa CSDL file không còn tồn tại
492499
foreach ($results as $_row) {
493500
$db->query("DELETE FROM " . NV_UPLOAD_GLOBALTABLE . "_file WHERE did = " . $did . " AND title=" . $db->quote($_row['title']));
@@ -509,7 +516,7 @@ function nv_filesListRefresh($pathimg)
509516
* @param mixed $real_dirlist
510517
* @return
511518
*/
512-
function nv_listUploadDir($dir, $real_dirlist = array())
519+
function nv_listUploadDir($dir, $real_dirlist = [])
513520
{
514521
$real_dirlist[] = $dir;
515522

@@ -528,15 +535,15 @@ function nv_listUploadDir($dir, $real_dirlist = array())
528535
return $real_dirlist;
529536
}
530537

531-
$allow_upload_dir = array( NV_UPLOADS_DIR );
532-
$array_hidefolders = array( '.', '..', 'index.html', '.htaccess', '.tmp' );
538+
$allow_upload_dir = [NV_UPLOADS_DIR];
539+
$array_hidefolders = ['.', '..', 'index.html', '.htaccess', '.tmp'];
533540

534-
$array_images = array( 'gif', 'jpg', 'jpeg', 'pjpeg', 'png', 'bmp', 'ico' );
535-
$array_flash = array( 'swf', 'swc', 'flv' );
536-
$array_archives = array( 'rar', 'zip', 'tar' );
537-
$array_documents = array( 'doc', 'xls', 'chm', 'pdf', 'docx', 'xlsx' );
538-
$array_dirname = array();
539-
$array_thumb_config = array();
541+
$array_images = ['gif', 'jpg', 'jpeg', 'pjpeg', 'png', 'bmp', 'ico'];
542+
$array_flash = ['swf', 'swc', 'flv'];
543+
$array_archives = ['rar', 'zip', 'tar'];
544+
$array_documents = ['doc', 'xls', 'chm', 'pdf', 'docx', 'xlsx'];
545+
$array_dirname = [];
546+
$array_thumb_config = [];
540547

541548
$refresh = $nv_Request->isset_request('refresh', 'get');
542549
$path = nv_check_path_upload($nv_Request->get_string('path', 'get', NV_UPLOADS_DIR));

admin/upload/main.php

+7-3
Original file line numberDiff line numberDiff line change
@@ -44,7 +44,10 @@
4444

4545
if ($popup) {
4646
$lang_module['browse_file'] = $lang_global['browse_file'];
47-
$sys_max_size = min($global_config['nv_max_size'], nv_converttoBytes(ini_get('upload_max_filesize')), nv_converttoBytes(ini_get('post_max_size')));
47+
$sys_max_size = $sys_max_size_local = min($global_config['nv_max_size'], nv_converttoBytes(ini_get('upload_max_filesize')), nv_converttoBytes(ini_get('post_max_size')));
48+
if ($global_config['nv_overflow_size'] > $sys_max_size and $global_config['upload_chunk_size'] > 0) {
49+
$sys_max_size_local = $global_config['nv_overflow_size'];
50+
}
4851

4952
$xtpl->assign('NV_MY_DOMAIN', NV_MY_DOMAIN);
5053
$xtpl->assign('NV_BASE_SITEURL', NV_BASE_SITEURL);
@@ -54,8 +57,9 @@
5457
$xtpl->assign('MODULE_NAME', $module_name);
5558
$xtpl->assign('NV_LANG_INTERFACE', NV_LANG_INTERFACE);
5659
$xtpl->assign('LANG', $lang_module);
57-
$xtpl->assign('NV_MAX_SIZE', nv_convertfromBytes($sys_max_size));
58-
$xtpl->assign('NV_MAX_SIZE_BYTES', $sys_max_size);
60+
$xtpl->assign('NV_MAX_SIZE_REMOTE', nv_convertfromBytes($sys_max_size));
61+
$xtpl->assign('NV_MAX_SIZE_LOCAL', nv_convertfromBytes($sys_max_size_local));
62+
$xtpl->assign('NV_MAX_SIZE_BYTES', $sys_max_size_local);
5963
$xtpl->assign('NV_MAX_WIDTH', NV_MAX_WIDTH);
6064
$xtpl->assign('NV_MAX_HEIGHT', NV_MAX_HEIGHT);
6165
$xtpl->assign('NV_MIN_WIDTH', 10);

admin/upload/upload.php

+13-3
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,7 @@
2727

2828
$error = '';
2929
$upload_info = [];
30+
$is_remote_upload = false;
3031

3132
if (!isset($check_allow_upload_dir['upload_file'])) {
3233
$error = $lang_module['notlevel'];
@@ -53,7 +54,12 @@
5354
$allow_files_type = [];
5455
}
5556

56-
$upload = new NukeViet\Files\Upload($allow_files_type, $global_config['forbid_extensions'], $global_config['forbid_mimes'], NV_UPLOAD_MAX_FILESIZE, NV_MAX_WIDTH, NV_MAX_HEIGHT);
57+
$sys_max_size = $sys_max_size_local = min($global_config['nv_max_size'], nv_converttoBytes(ini_get('upload_max_filesize')), nv_converttoBytes(ini_get('post_max_size')));
58+
if ($global_config['nv_overflow_size'] > $sys_max_size and $global_config['upload_chunk_size'] > 0) {
59+
$sys_max_size_local = $global_config['nv_overflow_size'];
60+
}
61+
62+
$upload = new NukeViet\Files\Upload($allow_files_type, $global_config['forbid_extensions'], $global_config['forbid_mimes'], [$sys_max_size, $sys_max_size_local], NV_MAX_WIDTH, NV_MAX_HEIGHT);
5763
$upload->setLanguage($lang_global);
5864

5965
if (isset($_FILES['upload']['tmp_name']) and is_uploaded_file($_FILES['upload']['tmp_name'])) {
@@ -65,6 +71,7 @@
6571
} else {
6672
$urlfile = rawurldecode(trim($nv_Request->get_string('fileurl', 'post')));
6773
$upload_info = $upload->save_urlfile($urlfile, NV_ROOTDIR . '/' . $path, false, $global_config['nv_auto_resize']);
74+
$is_remote_upload = true;
6875
}
6976

7077
if (!empty($upload_info['error'])) {
@@ -96,9 +103,12 @@
96103
$upload_info['size'] = filesize(NV_ROOTDIR . '/' . $path . '/' . $upload_info['basename']);
97104
}
98105

99-
if ($upload_info['size'] > NV_UPLOAD_MAX_FILESIZE) {
106+
if ($is_remote_upload and $upload_info['size'] > $sys_max_size) {
107+
nv_deletefile(NV_ROOTDIR . '/' . $path . '/' . $upload_info['basename']);
108+
$error = sprintf($lang_global['error_upload_max_user_size'], nv_convertfromBytes($sys_max_size));
109+
} elseif ($upload_info['size'] > $sys_max_size_local) {
100110
nv_deletefile(NV_ROOTDIR . '/' . $path . '/' . $upload_info['basename']);
101-
$error = sprintf($lang_global['error_upload_max_user_size'], NV_UPLOAD_MAX_FILESIZE);
111+
$error = sprintf($lang_global['error_upload_max_user_size'], nv_convertfromBytes($sys_max_size_local));
102112
} else {
103113
if ($upload_info['img_info'][0] > NV_MAX_WIDTH or $upload_info['img_info'][1] > NV_MAX_HEIGHT) {
104114
nv_deletefile(NV_ROOTDIR . '/' . $path . '/' . $upload_info['basename']);

0 commit comments

Comments
 (0)