• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Upload File Bug

#21
[eluser]Josepzin[/eluser]
Fix of my code, the previous version dont work with extension in uppercase and dont work with extension with size greater or less of 3 chars... example .JPEG or .7z

THis is the correct code:

Code:
// example
// $_FILES['userfile']['name'] = 'H010101.JPEG'
$config['allowed_types']  = 'jpg|jpeg|gif|pdf';

// the fix code
$tmp_ext = strtolower(substr($_FILES['userfile']['name'], strrpos($_FILES['userfile']['name'], '.')+1));
$config['allowed_types'] = substr($config['allowed_types'], strpos($config['allowed_types'], $tmp_ext), strlen($tmp_ext));

// result: $config['allowed_types'] = 'jpeg'

$this->load->library('upload', $config);
if ( ! $this->upload->do_upload($file_id))...

#22
[eluser]adamp1[/eluser]
Is there any official CI response on this bug? Anyone?

#23
[eluser]tottyandbaty[/eluser]
[quote author="Dregond Rahl" date="1242848529"]i'v been testing this class a bit and i think this would solve the first problem

Code:
if (in_array($val, $image_types) && $this->is_image())
{
    if (getimagesize($this->file_temp) === FALSE)
    {
        return FALSE;
    }
}


And for the PDF problem returning "application/octet" do you have Adobe acrobat reader on your comp? iv noticed it only returns an error for this if the application for that file isn't there. =/[/quote]

Very good!

#24
[eluser]tottyandbaty[/eluser]
about pdf files

IE:

Array ( [name] => DS3323019-1c_FTM-3001C-SL15G.pdf [type] => application/pdf [tmp_name] => C:\WINDOWS\Temp\php105.tmp [error] => 0 [size] => 251959 )



FF:
Array ( [name] => DS3323019-1c_FTM-3001C-SL15G.pdf [type] => application/octet-stream [tmp_name] => C:\WINDOWS\TEMP\phpA9C.tmp [error] => 0 [size] => 251959 )

#25
[eluser]Unknown[/eluser]
quoting Hendrix from http://codeigniter.com/bug_tracker/bug/7291/:

"Temp fix: Reverse the list of allowed_types and put image (|gif|jpg|png) at the end of the string."

This worked for me anyways.

Matt

#26
[eluser]Unknown[/eluser]
I was such a settlement!
Questions is file type!

mimes.php

Code:
$mime = $this->mimes_types(strtolower($val));
print_r($mime);

Array ( [0] => audio/wav [1] => audio/x-wav )

upfile.php
Code:
print_r($_FILES);

Array ( [files] => Array ( [name] => S.H.E.mp3 [type] => audio/mpeg [tmp_name] => D:\Temp Files\php1CFF.tmp [error] => 0 [size] => 1862711 ) )

$_FILES[files][type] != $mime

So it can not upload!

#27
[eluser]mcnux[/eluser]
I've just gone through the is_allowed_filetype method and have come up with the following to fix the mixing images with other file types bug.

Essentially it first checks that the mime type matches before checking for valid image, which is what the function should have been doing in the first place - you don't want to check that the image is valid before you know that you have an image!

Had a quick test and appears to be fine. Also a few lines less than the original ;-)

Code:
function is_allowed_filetype()
    {
        if (count($this->allowed_types) == 0 OR ! is_array($this->allowed_types))
        {
            $this->set_error('upload_no_file_types');
            return FALSE;
        }

        $image_types = array('gif', 'jpg', 'jpeg', 'png', 'jpe');

        foreach ($this->allowed_types as $val)
        {
            $mime = $this->mimes_types(strtolower($val));
            // force $mime into an array
            if (!is_array($mime))
            {
                $mime = array($mime);
            }
            
            if (in_array($this->file_type,$mime,TRUE))
            {
                // matched file type
                
                if (in_array($val,$image_types))
                {
                    // check image is ok
                    if (getimagesize($this->file_temp) === FALSE)
                    {
                        return FALSE;
                    }
                }
                
                // super
                return TRUE;
            }
        }
        
        // didn't match
        return FALSE;
    }

#28
[eluser]gscharlemann[/eluser]
I've tried several different approaches with this, both rewriting the is_allowed_filetype() function as shown above and
Code:
// example
// $_FILES['userfile']['name'] = 'H010101.JPEG'
$config['allowed_types']  = 'jpg|jpeg|gif|pdf';

// the fix code
$tmp_ext = strtolower(substr($_FILES['userfile']['name'], strrpos($_FILES['userfile']['name'], '.')+1));
$config['allowed_types'] = substr($config['allowed_types'], strpos($config['allowed_types'], $tmp_ext), strlen($tmp_ext));

// result: $config['allowed_types'] = 'jpeg'

$this->load->library('upload', $config);
if ( ! $this->upload->do_upload($file_id))...

Both seem to work in IE and Safari, but Firefox throws the "The filetype you are attempting to upload is not allowed." error. Is anyone else experiencing this?

#29
[eluser][At!][/eluser]
My quick bug fix entails add an additional mime type.

When I check what
Code:
$_FILES['userfile']
was passing,
I saw "type" part was escaped
Code:
$_FILES['userfile']['type'] => \"application/pdf\"

I don't know why the it's escaped, but my bug fix was to include the escaped string to the mime type array

Code:
'pdf'    =>    array('\"application/pdf\"' ,'application/pdf', 'application/x-download', 'application/download')

Hope it helps some one.

At the moment I can't sit and do a proper fix so the about does the job for me.

#30
[eluser]GreGre[/eluser]
I've noticed something funny here.
If I pass
Code:
$config['allowed_types'] = 'txt|pdf|doc|gif|jpg|png';
it works perfectly well
however if I put image extensions first
Code:
$config['allowed_types'] = 'gif|jpg|png|txt|pdf|doc';
only image file types get uploaded, others fail.


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2021 MyBB Group.