Upload: Fix available file extension check #1506

Merged
tobias merged 1 commit from heluecht/friendica-addons:upload into develop 2024-05-20 12:09:57 +02:00

View file

@ -7,11 +7,11 @@
* Maintainer: Hypolite Petovan <https://friendica.mrpetovan.com/profile/hypolite> * Maintainer: Hypolite Petovan <https://friendica.mrpetovan.com/profile/hypolite>
*/ */
use Friendica\App;
use Friendica\Core\Hook; use Friendica\Core\Hook;
use Friendica\Core\Logger; use Friendica\Core\Logger;
use Friendica\Core\Renderer; use Friendica\Core\Renderer;
use Friendica\DI; use Friendica\DI;
use Friendica\Util\Images;
use Friendica\Util\Strings; use Friendica\Util\Strings;
global $js_upload_jsonresponse; global $js_upload_jsonresponse;
@ -48,7 +48,10 @@ function js_upload_post_init(array &$b)
global $js_upload_result, $js_upload_jsonresponse; global $js_upload_result, $js_upload_jsonresponse;
// list of valid extensions // list of valid extensions
$allowedExtensions = ['jpeg', 'gif', 'png', 'jpg']; $allowedExtensions = [];
foreach (Images::IMAGETYPES as $type) {
$allowedExtensions[] = image_type_to_extension($type, false);
}
// max file size in bytes // max file size in bytes
$sizeLimit = Strings::getBytesFromShorthand(DI::config()->get('system', 'maximagesize')); $sizeLimit = Strings::getBytesFromShorthand(DI::config()->get('system', 'maximagesize'));
@ -78,7 +81,6 @@ function js_upload_post_file(array &$b)
$b['src'] = $result['path']; $b['src'] = $result['path'];
$b['filename'] = $result['filename']; $b['filename'] = $result['filename'];
$b['filesize'] = filesize($b['src']); $b['filesize'] = filesize($b['src']);
} }
function js_upload_post_end(int &$b) function js_upload_post_end(int &$b)
@ -179,11 +181,11 @@ class qqUploadedFileForm
class qqFileUploader class qqFileUploader
{ {
private $allowedExtensions = []; private $allowedExtensions;
private $sizeLimit = 10485760; private $sizeLimit;
private $file; private $file;
function __construct(array $allowedExtensions = [], $sizeLimit = 10485760) function __construct(array $allowedExtensions = [], $sizeLimit)
{ {
$allowedExtensions = array_map('strtolower', $allowedExtensions); $allowedExtensions = array_map('strtolower', $allowedExtensions);
@ -197,7 +199,6 @@ class qqFileUploader
} else { } else {
$this->file = false; $this->file = false;
} }
} }
/** /**
@ -216,11 +217,9 @@ class qqFileUploader
} }
// if ($size > $this->sizeLimit) { // if ($size > $this->sizeLimit) {
// return array('error' => DI::l10n()->t('Uploaded file is too large')); // return array('error' => DI::l10n()->t('Uploaded file is too large'));
// } // }
$maximagesize = Strings::getBytesFromShorthand(DI::config()->get('system', 'maximagesize')); $maximagesize = Strings::getBytesFromShorthand(DI::config()->get('system', 'maximagesize'));
if (($maximagesize) && ($size > $maximagesize)) { if (($maximagesize) && ($size > $maximagesize)) {