From 1ea6210303357b6c50379d2b929853a3c6a0566c Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Mon, 7 May 2012 21:26:38 -0700 Subject: Use legal_file::get_extensions() and variants where appropriate. Fixes #1815. --- modules/server_add/controllers/server_add.php | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) (limited to 'modules/server_add') diff --git a/modules/server_add/controllers/server_add.php b/modules/server_add/controllers/server_add.php index a3333ae2..c6d36a11 100644 --- a/modules/server_add/controllers/server_add.php +++ b/modules/server_add/controllers/server_add.php @@ -61,7 +61,7 @@ class Server_Add_Controller extends Admin_Controller { } if (!is_dir($file)) { $ext = strtolower(pathinfo($file, PATHINFO_EXTENSION)); - if (!in_array($ext, array("gif", "jpeg", "jpg", "png", "flv", "mp4", "m4v"))) { + if (!in_array($ext, legal_file::get_extensions())) { continue; } } @@ -169,8 +169,7 @@ class Server_Add_Controller extends Admin_Controller { foreach ($child_paths as $child_path) { if (!is_dir($child_path)) { $ext = strtolower(pathinfo($child_path, PATHINFO_EXTENSION)); - if (!in_array($ext, array("gif", "jpeg", "jpg", "png", "flv", "mp4", "m4v")) || - !filesize($child_path)) { + if (!in_array($ext, legal_file::get_extensions()) || !filesize($child_path)) { // Not importable, skip it. continue; } @@ -256,7 +255,7 @@ class Server_Add_Controller extends Admin_Controller { } else { try { $extension = strtolower(pathinfo($name, PATHINFO_EXTENSION)); - if (in_array($extension, array("gif", "png", "jpg", "jpeg"))) { + if (in_array($extension, legal_file::get_photo_extensions())) { $photo = ORM::factory("item"); $photo->type = "photo"; $photo->parent_id = $parent->id; @@ -266,7 +265,7 @@ class Server_Add_Controller extends Admin_Controller { $photo->owner_id = $owner_id; $photo->save(); $entry->item_id = $photo->id; - } else if (in_array($extension, array("flv", "mp4", "m4v"))) { + } else if (in_array($extension, legal_file::get_movie_extensions())) { $movie = ORM::factory("item"); $movie->type = "movie"; $movie->parent_id = $parent->id; -- cgit v1.2.3 From ca037dc9550590d19a2d25d23391c6ddf48203cd Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Fri, 11 May 2012 15:58:33 -0700 Subject: Improve the way server add deals with wacky directory names. Fixes #1857. --- modules/server_add/controllers/admin_server_add.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'modules/server_add') diff --git a/modules/server_add/controllers/admin_server_add.php b/modules/server_add/controllers/admin_server_add.php index 0c741513..954c9ef6 100644 --- a/modules/server_add/controllers/admin_server_add.php +++ b/modules/server_add/controllers/admin_server_add.php @@ -35,12 +35,12 @@ class Admin_Server_Add_Controller extends Admin_Controller { $form = $this->_get_admin_form(); $paths = unserialize(module::get_var("server_add", "authorized_paths", "a:0:{}")); if ($form->validate()) { - if (is_link($form->add_path->path->value)) { + $path = html_entity_decode($form->add_path->path->value); + if (is_link($path)) { $form->add_path->path->add_error("is_symlink", 1); - } else if (!is_readable($form->add_path->path->value)) { + } else if (!is_readable($path)) { $form->add_path->path->add_error("not_readable", 1); } else { - $path = $form->add_path->path->value; $paths[$path] = 1; module::set_var("server_add", "authorized_paths", serialize($paths)); message::success(t("Added path %path", array("path" => $path))); @@ -75,7 +75,7 @@ class Admin_Server_Add_Controller extends Admin_Controller { $path_prefix = Input::instance()->get("q"); foreach (glob("{$path_prefix}*") as $file) { if (is_dir($file) && !is_link($file)) { - $directories[] = $file; + $directories[] = html::clean($file); } } -- cgit v1.2.3