Fixes #7 Jirafeau can now limit file size

- Can limit file size whatever upload method is used
- Add a <div> for error handling
- Fix courgette style
This commit is contained in:
Jerome Jutteau 2015-03-12 20:16:34 +01:00
parent d60db97801
commit c5571d9237
7 changed files with 121 additions and 21 deletions

View File

@ -141,6 +141,9 @@ if (jirafeau_has_upload_password ($cfg))
</p> </p>
</div> </div>
<div id="error_pop" class="error">
</div>
<div id="upload"> <div id="upload">
<fieldset> <fieldset>
<legend> <legend>
@ -148,10 +151,7 @@ if (jirafeau_has_upload_password ($cfg))
</legend> </legend>
<p> <p>
<input type="file" id="file_select" size="30" <input type="file" id="file_select" size="30"
onchange=" onchange="control_selected_file_size(<?php echo $cfg['maximal_upload_size'] ?>, '<?php echo t ('File is too big') . ', ' . t ('File size is limited to') . " " . $cfg['maximal_upload_size'] . " MB"; ?>')"/>
document.getElementById('options').style.display = '';
document.getElementById('send').style.display = '';
"/>
</p> </p>
<div id="options"> <div id="options">
@ -190,6 +190,15 @@ if (jirafeau_has_upload_password ($cfg))
<?php } ?> <?php } ?>
</select></td> </select></td>
</tr> </tr>
<?php
if ($cfg['maximal_upload_size'] > 0)
{
echo '<p class="config">' . t ('File size is limited to');
echo " " . $cfg['maximal_upload_size'] . " MB</p>";
}
?>
<p id="max_file_size" class="config"></p> <p id="max_file_size" class="config"></p>
<p> <p>
<?php <?php
@ -231,6 +240,7 @@ if (jirafeau_has_upload_password ($cfg))
</div> </div>
<script lang="Javascript"> <script lang="Javascript">
document.getElementById('error_pop').style.display = 'none';
document.getElementById('uploading').style.display = 'none'; document.getElementById('uploading').style.display = 'none';
document.getElementById('upload_finished').style.display = 'none'; document.getElementById('upload_finished').style.display = 'none';
document.getElementById('options').style.display = 'none'; document.getElementById('options').style.display = 'none';

View File

@ -80,6 +80,10 @@ $cfg['availabilities'] = array ('minute' => true,
'month' => true, 'month' => true,
'year' => false, 'year' => false,
'none' => false); 'none' => false);
/* Set maximal upload size expressed in MB.
* 0 mean unlimited upload size.
*/
$cfg['maximal_upload_size'] = 0;
/* Installation is done ? */ /* Installation is done ? */
$cfg['installation_done'] = false; $cfg['installation_done'] = false;

View File

@ -125,25 +125,52 @@ function upload_progress (e)
show_upload_progression (p.toString() + '%'); show_upload_progression (p.toString() + '%');
} }
function upload_failed (e) function control_selected_file_size(max_size, error_str)
{ {
/* Todo: Considere showing a error div. */ f_size = document.getElementById('file_select').files[0].size;
alert ('Sorry, upload failed'); if (max_size > 0 && f_size > max_size * 1024 * 1024)
{
pop_failure(error_str);
document.getElementById('send').style.display = 'none';
}
else
{
document.getElementById('options').style.display = '';
document.getElementById('send').style.display = '';
document.getElementById('error_pop').style.display = 'none';
}
}
function pop_failure (e)
{
var text = "An error occured";
if (typeof e !== 'undefined')
text = e;
text = "<p>" + text + "</p>";
document.getElementById('error_pop').innerHTML = e;
document.getElementById('uploading').style.display = 'none';
document.getElementById('error_pop').style.display = '';
document.getElementById('upload').style.display = '';
document.getElementById('send').style.display = '';
} }
function classic_upload (url, file, time, password, one_time, upload_password) function classic_upload (url, file, time, password, one_time, upload_password)
{ {
var req = new XMLHttpRequest (); var req = new XMLHttpRequest ();
req.upload.addEventListener ("progress", upload_progress, false); req.upload.addEventListener ("progress", upload_progress, false);
req.addEventListener ("error", upload_failed, false); req.addEventListener ("error", pop_failure, false);
req.addEventListener ("abort", upload_failed, false); req.addEventListener ("abort", pop_failure, false);
req.onreadystatechange = function () req.onreadystatechange = function ()
{ {
if (req.readyState == 4 && req.status == 200) if (req.readyState == 4 && req.status == 200)
{ {
var res = req.responseText; var res = req.responseText;
if (res == "Error") if (res == "Error")
{
pop_failure ();
return; return;
}
res = res.split ("\n"); res = res.split ("\n");
if (time != 'none') if (time != 'none')
{ {
@ -208,15 +235,18 @@ function async_upload_start (url, max_size, file, time, password, one_time, uplo
async_global_time = time; async_global_time = time;
var req = new XMLHttpRequest (); var req = new XMLHttpRequest ();
req.addEventListener ("error", upload_failed, false); req.addEventListener ("error", pop_failure, false);
req.addEventListener ("abort", upload_failed, false); req.addEventListener ("abort", pop_failure, false);
req.onreadystatechange = function () req.onreadystatechange = function ()
{ {
if (req.readyState == 4 && req.status == 200) if (req.readyState == 4 && req.status == 200)
{ {
var res = req.responseText; var res = req.responseText;
if (res == "Error") if (res == "Error")
{
pop_failure ();
return; return;
}
res = res.split ("\n"); res = res.split ("\n");
async_global_ref = res[0]; async_global_ref = res[0];
var code = res[1]; var code = res[1];
@ -260,15 +290,18 @@ function async_upload_push (code)
} }
var req = new XMLHttpRequest (); var req = new XMLHttpRequest ();
req.upload.addEventListener ("progress", async_upload_progress, false); req.upload.addEventListener ("progress", async_upload_progress, false);
req.addEventListener ("error", upload_failed, false); req.addEventListener ("error", pop_failure, false);
req.addEventListener ("abort", upload_failed, false); req.addEventListener ("abort", pop_failure, false);
req.onreadystatechange = function () req.onreadystatechange = function ()
{ {
if (req.readyState == 4 && req.status == 200) if (req.readyState == 4 && req.status == 200)
{ {
var res = req.responseText; var res = req.responseText;
if (res == "Error") if (res == "Error")
{
pop_failure ();
return; return;
}
res = res.split ("\n"); res = res.split ("\n");
var code = res[0] var code = res[0]
async_global_transfered = async_global_transfering; async_global_transfered = async_global_transfering;
@ -295,15 +328,18 @@ function async_upload_push (code)
function async_upload_end (code) function async_upload_end (code)
{ {
var req = new XMLHttpRequest (); var req = new XMLHttpRequest ();
req.addEventListener ("error", upload_failed, false); req.addEventListener ("error", pop_failure, false);
req.addEventListener ("abort", upload_failed, false); req.addEventListener ("abort", pop_failure, false);
req.onreadystatechange = function () req.onreadystatechange = function ()
{ {
if (req.readyState == 4 && req.status == 200) if (req.readyState == 4 && req.status == 200)
{ {
var res = req.responseText; var res = req.responseText;
if (res == "Error") if (res == "Error")
{
pop_failure ();
return; return;
}
res = res.split ("\n"); res = res.split ("\n");
if (async_global_time != 'none') if (async_global_time != 'none')
{ {

View File

@ -841,10 +841,11 @@ jirafeau_async_init ($filename, $type, $one_time, $key, $time, $ip)
* @param $ref asynchronous upload reference * @param $ref asynchronous upload reference
* @param $file piece of data * @param $file piece of data
* @param $code client code for this operation * @param $code client code for this operation
* @param $max_file_size maximum allowed file size
* @return a string containing a next code to use or the string "Error" * @return a string containing a next code to use or the string "Error"
*/ */
function function
jirafeau_async_push ($ref, $data, $code) jirafeau_async_push ($ref, $data, $code, $max_file_size)
{ {
/* Get async infos. */ /* Get async infos. */
$a = jirafeau_get_async_ref ($ref); $a = jirafeau_get_async_ref ($ref);
@ -858,9 +859,21 @@ jirafeau_async_push ($ref, $data, $code)
$p = s2p ($ref); $p = s2p ($ref);
/* File path. */
$r_path = $data['tmp_name'];
$w_path = VAR_ASYNC . $p . $ref . '_data';
/* Check that file size is not above upload limit. */
if ($max_file_size > 0 &&
filesize ($r_path) + filesize ($w_path) > $max_file_size * 1024 * 1024)
{
jirafeau_async_delete ($ref);
return "Error";
}
/* Concatenate data. */ /* Concatenate data. */
$r = fopen ($data['tmp_name'], 'r'); $r = fopen ($r_path, 'r');
$w = fopen (VAR_ASYNC . $p . $ref . '_data', 'a'); $w = fopen ($w_path, 'a');
while (!feof ($r)) while (!feof ($r))
{ {
if (fwrite ($w, fread ($r, 1024)) === false) if (fwrite ($w, fread ($r, 1024)) === false)
@ -873,7 +886,7 @@ jirafeau_async_push ($ref, $data, $code)
} }
fclose ($r); fclose ($r);
fclose ($w); fclose ($w);
unlink ($data['tmp_name']); unlink ($r_path);
/* Update async file. */ /* Update async file. */
$code = jirafeau_gen_random (4); $code = jirafeau_gen_random (4);

View File

@ -39,6 +39,8 @@ $tr = array (
'One year' => 'Une année', 'One year' => 'Une année',
'None' => 'Aucune', 'None' => 'Aucune',
'Upload password' => 'Mot de passe', 'Upload password' => 'Mot de passe',
'File is too big' => 'Le fichier est trop volumineux',
'File size is limited to' => 'La taille de fichier est limité à',
'The file directory is not writable' => 'Le dossier \'file\' ne peut être écrit.', 'The file directory is not writable' => 'Le dossier \'file\' ne peut être écrit.',
'The link directory is not writable' => 'Le dossier \'link\' ne peut être écrit.', 'The link directory is not writable' => 'Le dossier \'link\' ne peut être écrit.',
'The async directory is not writable!' => 'Le dossier \'async\' ne peut être écrit.', 'The async directory is not writable!' => 'Le dossier \'async\' ne peut être écrit.',
@ -143,6 +145,8 @@ $tr = array (
'This interface permits to script your uploads and downloads.' => 'Cette interface permet de programmer vos envoie et téléversements.', 'This interface permits to script your uploads and downloads.' => 'Cette interface permet de programmer vos envoie et téléversements.',
'The instructions above show how to query this interface.' => 'Les instructions ci-dessous montrent comment interroger cette interface.', 'The instructions above show how to query this interface.' => 'Les instructions ci-dessous montrent comment interroger cette interface.',
'Get server capacity' => 'Récupérer la capacité d\'envoie du serveur', 'Get server capacity' => 'Récupérer la capacité d\'envoie du serveur',
'Maximal allowed size of an uploaded file' => 'Récupérer la taille maximal autorisée d\'un envoie de fichier',
'First line returns size (in MB).' => 'La première ligne correspond à la taille exprimée en MB.',
'Get Jirafeau\'s version' => 'Récupérer la version de Jirafeau', 'Get Jirafeau\'s version' => 'Récupérer la version de Jirafeau',
'Send a GET query to' => 'Envoyez une requette GET à', 'Send a GET query to' => 'Envoyez une requette GET à',
'Send a POST query to' => 'Envoyez une requette POST à', 'Send a POST query to' => 'Envoyez une requette POST à',

View File

@ -239,7 +239,9 @@ input[type="submit"]:focus {
.message, .message,
.error { .error {
color: #d55548;
font-style: italic; font-style: italic;
font-weight: bold;
} }
/* ========================================================================== /* ==========================================================================

View File

@ -83,6 +83,19 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0)
echo t('Example') . ": <a href=\"" . $web_root . "script.php?get_capacity=1\">" . $web_root . "script.php?get_capacity=1</a> "; echo t('Example') . ": <a href=\"" . $web_root . "script.php?get_capacity=1\">" . $web_root . "script.php?get_capacity=1</a> ";
echo '</p>'; echo '</p>';
echo '<h3>' . t('Maximal allowed size of an uploaded file') . ':</h3>';
echo '<p>';
echo t('Send a GET query to') . ': <i>' . $web_root . 'script.php</i><br />';
echo '<br />';
echo t('Parameters') . ':<br />';
echo "<b>get_maximal_upload_size=</b>1<i> (" . t('Required') . ")</i> <br />";
echo '</p>';
echo '<p>' . t('This will return brut text content.') . ' ' .
t('First line returns size (in MB).') . '<br /></p>';
echo '<p>';
echo t('Example') . ": <a href=\"" . $web_root . "script.php?get_maximal_upload_size=1\">" . $web_root . "script.php?get_maximal_upload_size=1</a> ";
echo '</p>';
echo '<h3>' . t('Upload a file') . ':</h3>'; echo '<h3>' . t('Upload a file') . ':</h3>';
echo '<p>'; echo '<p>';
echo t('Send a POST query to') . ': <i>' . $web_root . 'script.php</i><br />'; echo t('Send a POST query to') . ': <i>' . $web_root . 'script.php</i><br />';
@ -248,6 +261,15 @@ if (isset ($_FILES['file']) && is_writable (VAR_FILES)
$time = JIRAFEAU_INFINITY; $time = JIRAFEAU_INFINITY;
break; break;
} }
// Check file size
if ($cfg['maximal_upload_size'] > 0 &&
$_FILES['file']['size'] > $cfg['maximal_upload_size'] * 1024 * 1024)
{
echo "Error";
exit;
}
$res = jirafeau_upload ($_FILES['file'], $res = jirafeau_upload ($_FILES['file'],
isset ($_POST['one_time_download']), isset ($_POST['one_time_download']),
$key, $time, $_SERVER['REMOTE_ADDR'], $key, $time, $_SERVER['REMOTE_ADDR'],
@ -336,6 +358,10 @@ elseif (isset ($_GET['get_capacity']))
echo min (jirafeau_ini_to_bytes (ini_get ('post_max_size')), echo min (jirafeau_ini_to_bytes (ini_get ('post_max_size')),
jirafeau_ini_to_bytes (ini_get ('upload_max_filesize'))); jirafeau_ini_to_bytes (ini_get ('upload_max_filesize')));
} }
elseif (isset ($_GET['get_maximal_upload_size']))
{
echo $cfg['maximal_upload_size'];
}
elseif (isset ($_GET['get_version'])) elseif (isset ($_GET['get_version']))
{ {
echo JIRAFEAU_VERSION; echo JIRAFEAU_VERSION;
@ -547,7 +573,12 @@ elseif (isset ($_GET['push_async']))
|| (!isset ($_POST['code']))) || (!isset ($_POST['code'])))
echo "Error"; echo "Error";
else else
echo jirafeau_async_push ($_POST['ref'], $_FILES['data'], $_POST['code']); {
echo jirafeau_async_push ($_POST['ref'],
$_FILES['data'],
$_POST['code'],
$cfg['maximal_upload_size']);
}
} }
/* Finalize an asynchronous upload. */ /* Finalize an asynchronous upload. */
elseif (isset ($_GET['end_async'])) elseif (isset ($_GET['end_async']))