+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forumdisplay.php?fid=23)
+--- Thread: Upload Library Bug :: Allowed Types (/showthread.php?tid=15776)
Upload Library Bug :: Allowed Types - El Forum - 02-14-2009
[eluser]dprock[/eluser]
The Allowed Type config variable takes a pipe delimited string, which is usually fine, no doubt, but for my File manager application the list looks like this:
Code:
'allowed_types' => 'hqx|cpt|csv|bin|dms|lha|lzh|exe|class|psd|so|sea|dll|oda|pdf|ai|eps|ps|smi|smil|mif|xls|ppt|wbxml|wmlc|dcr|dir|dxr|dvi|gtar|gz|php|php4|php3|phtml|phps|js|swf|sit|tar|tgz|xhtml|xht|zip|mid|midi|mpga|mp2|mp3|aif|aiff|aifc|ram|rm|rpm|ra|rv|wav|bmp|gif|jpeg|jpg|jpe|png|tiff|tif|css|html|htm|shtml|txt|text|log|rtx|rtf|xml|xsl|mpeg|mpg|mpe|qt|mov|avi|movie|doc|docx|xlsx|word|xl|eml'However, In the Upload Library CI_Upload::is_allowed_filetype there is an additional image check for the small array 'image_types' which checks images size:
Code:
if (getimagesize($this->file_temp) === FALSE)
{
return FALSE;
}Bug
When the non-image temp file fails this check, the script returns FALSE, which isn't so good when you are trying to upload a non-image.
I have a workaround and a fix:
Workaround
Place the image extensions at the end of your delimited list: e.g.
Code:
'...|gif|jpeg|jpg|jpe|png';Fix
Passes thru MY_Upload::is_image to get a boolean response on the $this->file_type, which checks File Type against the mimes array values.
Create a MY_Upload Lib extension in your 'application/libraries' folder.
For MY_Upload::is_allowed_filetype wrap the above conditional with this:
Code:
if ($this->is_image())
{
if (getimagesize($this->file_temp) === FALSE)
{
return FALSE;
}
}Upload Library Bug :: Allowed Types - El Forum - 02-15-2009
[eluser]abmcr[/eluser]
Thank you.... i also have found the bug but only in the 1.7.1. release
I post my MY_Upload library
Code:
<?php if (!defined('BASEPATH')) exit('No direct script access allowed');
/**
*
*/
class My_Upload extends CI_Upload
{
function My_Upload()
{
parent::CI_Upload();
}
function is_allowed_filetype()
{
if (count($this->allowed_types) == 0 OR ! is_array($this->allowed_types))
{
$this->set_error('upload_no_file_types');
return FALSE;
}
$image_types = array('gif', 'jpg', 'jpeg', 'png', 'jpe');
foreach ($this->allowed_types as $val)
{
$mime = $this->mimes_types(strtolower($val));
// Images get some additional checks
if (in_array($val, $image_types))
{
if ($this->is_image){
if (getimagesize($this->file_temp) === FALSE)
{
return FALSE;
}
}
}
if (is_array($mime))
{
if (in_array($this->file_type, $mime, TRUE))
{
return TRUE;
}
}
else
{
if ($mime == $this->file_type)
{
return TRUE;
}
}
}
return FALSE;
}
}
?>Upload Library Bug :: Allowed Types - El Forum - 02-15-2009
[eluser]pistolPete[/eluser]
I submitted a bug report.
Upload Library Bug :: Allowed Types - El Forum - 02-15-2009
[eluser]dprock[/eluser]
Oh. Nice.
It is available as a class var? I won't need to run it through the other func then.
Thanks
Upload Library Bug :: Allowed Types - El Forum - 03-11-2009
[eluser]Thorpe Obazee[/eluser]
Nice catch. this has been bugging me. Just now that it occurred to me that there might be some bugs. :|