From 09c9b1a75561881a40ada71f02710355923602e2 Mon Sep 17 00:00:00 2001
From: Tim Almdal <tnalmdal@shaw.ca>
Date: Fri, 10 Jul 2009 11:35:28 -0700
Subject: Added the upload::required validation in order to insure that failed
 uploads are not treated as successful. Log any exceptions to the Kohana log
 and return the error message

---
 modules/gallery/controllers/simple_uploader.php | 19 ++++++++++++++-----
 1 file changed, 14 insertions(+), 5 deletions(-)

(limited to 'modules')

diff --git a/modules/gallery/controllers/simple_uploader.php b/modules/gallery/controllers/simple_uploader.php
index 713e30af..a059f986 100644
--- a/modules/gallery/controllers/simple_uploader.php
+++ b/modules/gallery/controllers/simple_uploader.php
@@ -1,3 +1,4 @@
+
 <?php defined("SYSPATH") or die("No direct script access.");
 /**
  * Gallery - a web based photo album viewer and editor
@@ -43,7 +44,7 @@ class Simple_Uploader_Controller extends Controller {
 
     $file_validation = new Validation($_FILES);
     $file_validation->add_rules(
-      "Filedata", "upload::valid", "upload::type[gif,jpg,jpeg,png,flv,mp4]");
+      "Filedata", "upload::valid",  "upload::required", "upload::type[gif,jpg,jpeg,png,flv,mp4]");
     if ($file_validation->validate()) {
       // SimpleUploader.swf does not yet call /start directly, so simulate it here for now.
       if (!batch::in_progress()) {
@@ -54,7 +55,7 @@ class Simple_Uploader_Controller extends Controller {
       try {
         $name = substr(basename($temp_filename), 10);  // Skip unique identifier Kohana adds
         $title = item::convert_filename_to_title($name);
-        $path_info = pathinfo($temp_filename);
+        $path_info = @pathinfo($temp_filename);
         if (array_key_exists("extension", $path_info) &&
             in_array(strtolower($path_info["extension"]), array("flv", "mp4"))) {
           $movie = movie::create($album, $temp_filename, $name, $title);
@@ -66,12 +67,20 @@ class Simple_Uploader_Controller extends Controller {
                        html::anchor("photos/$photo->id", t("view photo")));
         }
       } catch (Exception $e) {
-        unlink($temp_filename);
-        throw $e;
+        Kohana::log("alert", $e->__toString());
+        if (file_exists($temp_filename)) {
+          unlink($temp_filename);
+        }
+        header("HTTP/1.1 500 Internal Server Error");
+        print "ERROR:" . $e->getMessage();
+        return;
       }
       unlink($temp_filename);
+      print "FILEID: $photo->id";
+    } else {
+      header("HTTP/1.1 400 Bad Request");
+      print "ERROR: Invalid Upload";
     }
-    print "File Received";
   }
 
   public function finish() {
-- 
cgit v1.2.3