Changeset 456

Timestamp:

10/17/2003 07:26:05 PM (22 years ago)

Author:

emc3

Message:

Applying patches from otaku42: Fix two bugs in images uploads. Fix time_difference limitations.

Location:

trunk

Files:

• b2-include/b2functions.php (modified) (1 diff)
• wp-admin/b2upload.php (modified) (4 diffs)
• wp-admin/upgrade-071-to-072.php (modified) (2 diffs)
• wp-admin/wp-edit.form.php (modified) (2 diffs)
• wp-admin/wp-install.php (modified) (2 diffs)

trunk/b2-include/b2functions.php

@@ -1285 +1285 @@
 }
 
+
+// implementation of in_array that also should work on PHP3
+if (!function_exists('in_array')) {
+
+    function in_array($needle, $haystack) {
+        $needle = strtolower($needle);
+        
+        for ($i = 0; $i < count($haystack); $i++) {
+        if (strtolower($haystack[$i]) == $needle) {
+            return true;
+        }
+        }
+    
+        return false;
+    }
+}
+
 ?>

trunk/wp-admin/b2upload.php

@@ -10 +10 @@
 if (!$use_fileupload) //Checks if file upload is enabled in the config
 die ("The admin disabled this function");
+
+$allowed_types = explode(" ", trim($fileupload_allowedtypes));
 
 ?><html>
@@ -93 +95 @@
 
 if (!$HTTP_POST_VARS["submit"]) {
-    $i = explode(" ",$fileupload_allowedtypes);
-    $i = implode(", ",array_slice($i, 1, count($i)-2));
-    ?>
+    $i = implode(", ", $allowed_types);
+?>
     <p><strong>File upload</strong></p>
     <p>You can upload files of type:<br /><em><?php echo $i ?></em></p>
@@ -136 +137 @@
 
     $imgtype = explode(".",$img1_name);
-    $imgtype = " ".$imgtype[count($imgtype)-1]." ";
-
-    if (!ereg(strtolower($imgtype), strtolower($fileupload_allowedtypes))) {
+    $imgtype = $imgtype[count($imgtype)-1];
+
+    if (in_array($imgtype, $allowed_types) == false) {
         die("File $img1_name of type $imgtype is not allowed.");
     }
@@ -188 +189 @@
     <input type="hidden" name="img1_type" value="<?php echo $img1_type;?>" />
     <input type="hidden" name="img1_name" value="<?php echo $img2_name;?>" />
+    <input type="hidden" name="img1_size" value="<?php echo $img1_size;?>" />
     <input type="hidden" name="img1" value="<?php echo $pathtofile2;?>" />
     Alternate name:<br /><input type="text" name="imgalt" size="30" class="uploadform" value="<?php echo $img2_name;?>" /><br />

trunk/wp-admin/upgrade-071-to-072.php

@@ -428 +428 @@
 "INSERT INTO $tableoptions (option_id, option_name, option_type, option_value, option_description, option_admin_level, option_width) VALUES(32,'fileupload_realpath', 3, '/home/your/site/wordpress/images', 'enter the real path of the directory where you\'ll upload the pictures \nif you\'re unsure about what your real path is, please ask your host\'s support staff \nnote that the  directory must be writable by the webserver (chmod 766) \nnote for windows-servers users: use forwardslashes instead of backslashes', 8, 40)",
 "INSERT INTO $tableoptions (option_id, option_name, option_type, option_value, option_description, option_admin_level, option_width) VALUES(33,'fileupload_url', 3, 'http://example.com/images', 'enter the URL of that directory (it\'s used to generate the links to the uploded files)', 8, 40)",
-"INSERT INTO $tableoptions (option_id, option_name, option_type, option_value, option_description, option_admin_level, option_width) VALUES(34,'fileupload_allowedtypes', 3, ' jpg gif png ', 'accepted file types, you can add to that list if you want. note: add a space before and after each file type. example: \' jpg gif png \'', 8, 20)",
+"INSERT INTO $tableoptions (option_id, option_name, option_type, option_value, option_description, option_admin_level, option_width) VALUES(34,'fileupload_allowedtypes', 3, ' jpg gif png ', 'accepted file types, separated by spaces. example: \'jpg gif png\'', 8, 20)",
 "INSERT INTO $tableoptions (option_id, option_name, option_type, option_value, option_description, option_admin_level, option_width) VALUES(35,'fileupload_maxk', 1, '96', 'by default, most servers limit the size of uploads to 2048 KB, if you want to set it to a lower value, here it is (you cannot set a higher value than your server limit)', 8, 20)",
 "INSERT INTO $tableoptions (option_id, option_name, option_type, option_value, option_description, option_admin_level, option_width) VALUES(36,'fileupload_minlevel', 1, '1', 'you may not want all users to upload pictures/files, so you can set a minimum level for this', 8, 20)",
-"INSERT INTO $tableoptions (option_id, option_name, option_type, option_value, option_description, option_admin_level, option_width) VALUES(37,'fileupload_allowedusers', 3, '', '...or you may authorize only some users. enter their logins here, separated by spaces if you leave that variable blank, all users who have the minimum level are authorized to upload note: add a space before and after each login name example: \' barbara anne \'', 8, 30)",
+"INSERT INTO $tableoptions (option_id, option_name, option_type, option_value, option_description, option_admin_level, option_width) VALUES(37,'fileupload_allowedusers', 3, '', '...or you may authorize only some users. enter their logins here, separated by spaces. if you leave this variable blank, all users who have the minimum level are authorized to upload. example: \'barbara anne george\'', 8, 30)",
 // email settings
 "INSERT INTO $tableoptions (option_id, option_name, option_type, option_value, option_description, option_admin_level, option_width) VALUES(38,'mailserver_url', 3, 'mail.example.com', 'mailserver settings', 8, 20)",
@@ -527 +527 @@
 "INSERT INTO $tableoptionvalues (option_id, optionvalue, optionvalue_desc, optionvalue_max, optionvalue_min, optionvalue_seq) VALUES (50, 'postbypost','post by post',null,null,4)",
 // select data for time diff
-"INSERT INTO $tableoptionvalues (option_id, optionvalue, optionvalue_desc, optionvalue_max, optionvalue_min, optionvalue_seq) VALUES (51, null, null, 13, -13, null)",
+"INSERT INTO $tableoptionvalues (option_id, optionvalue, optionvalue_desc, optionvalue_max, optionvalue_min, optionvalue_seq) VALUES (51, 'hours', 'hours', 23, -23, null)",
 // select data for start of week
 "INSERT INTO $tableoptionvalues (option_id, optionvalue, optionvalue_desc, optionvalue_max, optionvalue_min, optionvalue_seq) VALUES (9, '0', 'Sunday',   null,null,1)",

trunk/wp-admin/wp-edit.form.php

@@ -3 +3 @@
 <div class="wrap">
 <?php
+
+$allowed_users = explode(" ", trim($fileupload_allowedusers));
 
 function selected($selected, $current) {
@@ -207 +209 @@
 
 
-<?php if ( ($use_fileupload) && ($user_level >= $fileupload_minlevel) && ((ereg(" ".$user_login." ", $fileupload_allowedusers)) || (trim($fileupload_allowedusers)=="")) ) { ?>
+<?php if ( ($use_fileupload) && ($user_level >= $fileupload_minlevel) && (in_array($user_login, $allowed_users) || (trim($fileupload_allowedusers)=="")) ) { ?>
 <input type="button" value="upload a file/image" onclick="launchupload();" class="search"  tabindex="10" />
 <?php }

trunk/wp-admin/wp-install.php

@@ -407 +407 @@
 "INSERT INTO $tableoptions (option_id, option_name, option_type, option_value, option_description, option_admin_level, option_width) VALUES(32,'fileupload_realpath', 3, '/home/your/site/wordpress/images', 'enter the real path of the directory where you\'ll upload the pictures \nif you\'re unsure about what your real path is, please ask your host\'s support staff \nnote that the  directory must be writable by the webserver (chmod 766) \nnote for windows-servers users: use forwardslashes instead of backslashes', 8, 40)",
 "INSERT INTO $tableoptions (option_id, option_name, option_type, option_value, option_description, option_admin_level, option_width) VALUES(33,'fileupload_url', 3, 'http://example.com/images', 'enter the URL of that directory (it\'s used to generate the links to the uploded files)', 8, 40)",
-"INSERT INTO $tableoptions (option_id, option_name, option_type, option_value, option_description, option_admin_level, option_width) VALUES(34,'fileupload_allowedtypes', 3, ' jpg gif png ', 'accepted file types, you can add to that list if you want. note: add a space before and after each file type. example: \' jpg gif png \'', 8, 20)",
+"INSERT INTO $tableoptions (option_id, option_name, option_type, option_value, option_description, option_admin_level, option_width) VALUES(34,'fileupload_allowedtypes', 3, 'jpg gif png', 'accepted file types, separated by spaces. example: \'jpg gif png\'', 8, 20)",
 "INSERT INTO $tableoptions (option_id, option_name, option_type, option_value, option_description, option_admin_level, option_width) VALUES(35,'fileupload_maxk', 1, '96', 'by default, most servers limit the size of uploads to 2048 KB, if you want to set it to a lower value, here it is (you cannot set a higher value than your server limit)', 8, 20)",
 "INSERT INTO $tableoptions (option_id, option_name, option_type, option_value, option_description, option_admin_level, option_width) VALUES(36,'fileupload_minlevel', 1, '1', 'you may not want all users to upload pictures/files, so you can set a minimum level for this', 8, 20)",
-"INSERT INTO $tableoptions (option_id, option_name, option_type, option_value, option_description, option_admin_level, option_width) VALUES(37,'fileupload_allowedusers', 3, '', '...or you may authorize only some users. enter their logins here, separated by spaces if you leave that variable blank, all users who have the minimum level are authorized to upload note: add a space before and after each login name example: \' barbara anne \'', 8, 30)",
+"INSERT INTO $tableoptions (option_id, option_name, option_type, option_value, option_description, option_admin_level, option_width) VALUES(37,'fileupload_allowedusers', 3, '', '...or you may authorize only some users. enter their logins here, separated by spaces. if you leave this variable blank, all users who have the minimum level are authorized to upload. example: \'barbara anne george\'', 8, 30)",
 // email settings
 "INSERT INTO $tableoptions (option_id, option_name, option_type, option_value, option_description, option_admin_level, option_width) VALUES(38,'mailserver_url', 3, 'mail.example.com', 'mailserver settings', 8, 20)",
@@ -506 +506 @@
 "INSERT INTO $tableoptionvalues (option_id, optionvalue, optionvalue_desc, optionvalue_max, optionvalue_min, optionvalue_seq) VALUES (50, 'postbypost','post by post',null,null,4)",
 // select data for time diff
-"INSERT INTO $tableoptionvalues (option_id, optionvalue, optionvalue_desc, optionvalue_max, optionvalue_min, optionvalue_seq) VALUES (51, null, null, 13, -13, null)",
+"INSERT INTO $tableoptionvalues (option_id, optionvalue, optionvalue_desc, optionvalue_max, optionvalue_min, optionvalue_seq) VALUES (51, 'hours', 'hours', 23, -23, null)",
 // select data for start of week
 "INSERT INTO $tableoptionvalues (option_id, optionvalue, optionvalue_desc, optionvalue_max, optionvalue_min, optionvalue_seq) VALUES (9, '0', 'Sunday',   null,null,1)",