Skip to content

Commit

Permalink
Fixed issue #5371: File was no properly deleted/shown when submitting…
Browse files Browse the repository at this point in the history 
… page and coming back later

git-svn-id: file:///Users/Shitiz/Downloads/lssvn/source/limesurvey@10624 b72ed6b6-b9f8-46b5-92b4-906544132732
  • Loading branch information
@c-schmitz
c-schmitz committed Aug 2, 2011
1 parent d48e6ed commit ea21c44
Show file tree
Hide file tree
Showing 7 changed files with 182 additions and 175 deletions.
46 changes: 30 additions & 16 deletions delete.php
View file
Expand Up @@ -50,26 +50,40 @@
die("You don't have a valid session !");
}

$file_index = (int)$_GET['file_index'];
$fieldname = $_GET['fieldname'];
$filename = "tmp/upload/".$_SESSION[$fieldname]['files'][$file_index]['filename'];
$name = $_SESSION[$fieldname]['files'][$file_index]['name'];
$sFieldname = $_GET['fieldname'];
$sFilename = sanitize_filename($_GET['filename']);
$sOriginalFileName=sanitize_filename($_GET['name']);
if (substr($sFilename,0,6)=='futmp_')
{
$sFileDir = $tempdir.'/upload/';
}
elseif(substr($sFilename,0,3)=='fu_'){
$sFileDir = "{$uploaddir}/surveys/{$surveyid}/files/";
}
else die('Invalid filename');

$fh = fopen($filename, 'w') or die("can't open file");
fclose($fh);
$sJSON = $_SESSION[$fieldname];
$aFiles = json_decode(stripslashes($sJSON),true);

if (unlink($filename))
{
echo sprintf($clang->gT('File %s deleted'), rawurldecode($name));
for ($i = $file_index; $i < $_SESSION[$fieldname]['filecount']; $i++)
if(substr($sFilename,0,3)=='fu_'){
$iFileIndex=0;
$found=false;
foreach ($aFiles as $aFile)
{
$_SESSION[$fieldname]['files'][$i]['name'] = $_SESSION[$fieldname]['files'][$i + 1]['name'];
$_SESSION[$fieldname]['files'][$i]['size'] = $_SESSION[$fieldname]['files'][$i + 1]['size'];
$_SESSION[$fieldname]['files'][$i]['ext'] = $_SESSION[$fieldname]['files'][$i + 1]['ext'];
$_SESSION[$fieldname]['files'][$i]['filename'] = $_SESSION[$fieldname]['files'][$i + 1]['filename'];
if ($aFile['filename']==$sFilename)
{
$found=true;
break;
}
$iFileIndex++;
}
$_SESSION[$fieldname]['files'][$_SESSION[$fieldname]['filecount']] = NULL;
$_SESSION[$fieldname]['filecount'] -= 1;
if ($found==true) unset($aFiles[$iFileIndex]);
$_SESSION[$fieldname] = json_encode($aFiles);
}

if (@unlink($sFileDir.$sFilename))
{
echo sprintf($clang->gT('File %s deleted'), $sOriginalFileName);
}
else
echo $clang->gT('Oops, There was an error deleting the file');
Expand Down
3 changes: 1 addition & 2 deletions qanda.php
View file
Expand Up @@ -3804,9 +3804,8 @@ function do_file_upload($ia)

$answer .= "<div id='".$ia[1]."_uploadedfiles'></div>";

//$answer .= '<br />Trouble uploading files? Try the <a href="#" onclick="showBasic()">Simple Uploader</a><div id="basic">'.$basic.'</div>';

$answer .= '<script type="text/javascript">
var surveyid = '.$surveyid.';
$(document).ready(function(){
var fieldname = "'.$ia[1].'";
var filecount = $("#"+fieldname+"_filecount").val();
Expand Down
9 changes: 5 additions & 4 deletions save.php
View file
Expand Up @@ -507,11 +507,12 @@ function createinsertquery()

for ($i = 0; $i < count($phparray); $i++)
{
if (!rename($tmp . $phparray[$i]->filename, $target . $phparray[$i]->filename))
echo "Error Moving file to its destination";

$_SESSION[$value] = json_encode($phparray);
$sDestinationFileName='fu_'.sRandomChars(15);
if (!rename($tmp . $phparray[$i]->filename, $target . $sDestinationFileName))
echo "Error moving file to its destination";
$phparray[$i]->filename=$sDestinationFileName;
}
$_SESSION[$value] = json_encode($phparray);
}
$values[] = $connect->qstr($_SESSION[$value], get_magic_quotes_gpc());
// filename is changed from undefined to a random value
Expand Down
14 changes: 7 additions & 7 deletions scripts/modaldialog.js
View file
Expand Up @@ -16,13 +16,13 @@ $(function() {
var buttonsOpts = {};
buttonsOpts[translt.returnTxt] = function() {
// Fix for the IE bug 04965
var pass; if(document.getElementById('uploader').contentDocument) { if(document.getElementById('uploader').contentDocument.defaultView) { /*Firefox*/ pass=document.getElementById('uploader').contentDocument.defaultView.saveAndExit(fieldname,show_title,show_comment,pos); }else{ /*IE8*/ pass=document.getElementById('uploader').contentWindow.saveAndExit(fieldname,show_title,show_comment,pos); } }else{ /*IE6*/ pass=document.getElementById('uploader').contentWindow.saveAndExit(fieldname,show_title,show_comment,pos); }
var pass; if(document.getElementById('uploader').contentDocument) { if(document.getElementById('uploader').contentDocument.defaultView) { /*Firefox*/ pass=document.getElementById('uploader').contentDocument.defaultView.saveAndExit(fieldname,show_title,show_comment,pos); }else{ /*IE8*/ pass=document.getElementById('uploader').contentWindow.saveAndExit(fieldname,show_title,show_comment,pos); } }else{ /*IE6*/ pass=document.getElementById('uploader').contentWindow.saveAndExit(fieldname,show_title,show_comment,pos); }
if (pass) {
$(this).dialog('destroy');
$('iframe#uploader').remove();
}
};

var horizontalPadding = 30;
var verticalPadding = 20;
$('#uploader').dialog('destroy'); // destroy the old modal dialog
Expand All @@ -41,7 +41,7 @@ $(function() {
draggable: true,
closeOnEscape: false,
beforeclose: function() {
var pass; if(document.getElementById('uploader').contentDocument) { if(document.getElementById('uploader').contentDocument.defaultView) { /*Firefox*/ pass=document.getElementById('uploader').contentDocument.defaultView.saveAndExit(fieldname,show_title,show_comment,pos); }else{ /*IE8*/ pass=document.getElementById('uploader').contentWindow.saveAndExit(fieldname,show_title,show_comment,pos); } }else{ /*IE6*/ pass=document.getElementById('uploader').contentWindow.saveAndExit(fieldname,show_title,show_comment,pos); }
var pass; if(document.getElementById('uploader').contentDocument) { if(document.getElementById('uploader').contentDocument.defaultView) { /*Firefox*/ pass=document.getElementById('uploader').contentDocument.defaultView.saveAndExit(fieldname,show_title,show_comment,pos); }else{ /*IE8*/ pass=document.getElementById('uploader').contentWindow.saveAndExit(fieldname,show_title,show_comment,pos); } }else{ /*IE6*/ pass=document.getElementById('uploader').contentWindow.saveAndExit(fieldname,show_title,show_comment,pos); }
if (pass) {
$(this).dialog('destroy');
$('iframe#uploader').remove();
Expand Down Expand Up @@ -72,7 +72,7 @@ $(function() {
draggable: true,
closeOnEscape: false,
beforeclose: function() {
var pass; if(document.getElementById('uploader').contentDocument) { if(document.getElementById('uploader').contentDocument.defaultView) { /*Firefox*/ pass=document.getElementById('uploader').contentDocument.defaultView.saveAndExit(fieldname,show_title,show_comment,pos); }else{ /*IE8*/ pass=document.getElementById('uploader').contentWindow.saveAndExit(fieldname,show_title,show_comment,pos); } }else{ /*IE6*/ pass=document.getElementById('uploader').contentWindow.saveAndExit(fieldname,show_title,show_comment,pos); }
var pass; if(document.getElementById('uploader').contentDocument) { if(document.getElementById('uploader').contentDocument.defaultView) { /*Firefox*/ pass=document.getElementById('uploader').contentDocument.defaultView.saveAndExit(fieldname,show_title,show_comment,pos); }else{ /*IE8*/ pass=document.getElementById('uploader').contentWindow.saveAndExit(fieldname,show_title,show_comment,pos); } }else{ /*IE6*/ pass=document.getElementById('uploader').contentWindow.saveAndExit(fieldname,show_title,show_comment,pos); }
return pass;
},
overlay: {
Expand Down Expand Up @@ -119,7 +119,7 @@ function displayUploadedFiles(jsonstring, filecount, fieldname, show_title, show
$('#'+fieldname+'_uploadedfiles').html(display);
return;
}

if (jsonstring !== '')
{
jsonobj = eval('(' + jsonstring + ')');
Expand All @@ -136,7 +136,7 @@ function displayUploadedFiles(jsonstring, filecount, fieldname, show_title, show
if (pos)
{
if (isValueInArray(image_extensions, jsonobj[i].ext))
display += '<tr><td><img src="uploader.php?filegetcontents='+decodeURIComponent(jsonobj[i].filename)+'" height=100px align="center"/></td>';
display += '<tr><td><img src="uploader.php?sid='+surveyid+'&amp;filegetcontents='+decodeURIComponent(jsonobj[i].filename)+'" height=100px align="center"/></td>';
else
display += '<tr><td><img src="images/placeholder.png" height=100px align="center"/></td>';
}
Expand All @@ -162,7 +162,7 @@ function displayUploadedFiles(jsonstring, filecount, fieldname, show_title, show
function copyJSON(jsonstring, filecount, fieldname, show_title, show_comment, pos) {
$('#'+fieldname).val(jsonstring);
$('#'+fieldname+'_filecount').val(filecount);

displayUploadedFiles(jsonstring, filecount, fieldname, show_title, show_comment, pos);
}

Expand Down
5 changes: 3 additions & 2 deletions scripts/uploader.js
View file
Expand Up @@ -298,7 +298,8 @@ function deletefile(fieldname, count) {
$('#uploadstatus').html(translt.errorMoreAllowed.replace('%s',(maxfiles - filecount)));
}
}
file_index = $("#"+fieldname+"_file_index_"+count).val();
xmlhttp.open('GET','delete.php?sid='+surveyid+'&fieldname='+fieldname+'&file_index='+file_index, true);
filename=$("#"+fieldname+"_filename_"+count).val();
name=$("#"+fieldname+"_name_"+count).val();
xmlhttp.open('GET','delete.php?sid='+surveyid+'&fieldname='+fieldname+'&filename='+filename+'&name='+encodeURI(name), true);
xmlhttp.send();
}
19 changes: 1 addition & 18 deletions upload.php
View file
Expand Up @@ -59,7 +59,7 @@
$baselang = GetBaseLanguageFromSurveyID($surveyid);
$clang = new limesurvey_lang($baselang);

$randfilename = sRandomChars(15);
$randfilename = 'futmp_'.sRandomChars(15);
$sTempUploadDir = $tempdir.'/upload/';
$randfileloc = $sTempUploadDir . $randfilename;
$filename = $_FILES['uploadfile']['name'];
Expand Down Expand Up @@ -105,14 +105,6 @@

else if (move_uploaded_file($_FILES['uploadfile']['tmp_name'], $randfileloc))
{
if (!isset($_SESSION[$fieldname]['filecount']))
$_SESSION[$fieldname]['filecount'] = 0;

$filecount = $_SESSION[$fieldname]['filecount'] += 1;
$_SESSION[$fieldname]['files'][$filecount]['name'] = rawurlencode(basename($filename));
$_SESSION[$fieldname]['files'][$filecount]['size'] = $size;
$_SESSION[$fieldname]['files'][$filecount]['ext'] = $ext;
$_SESSION[$fieldname]['files'][$filecount]['filename'] = $randfilename;

$return = array(
"success" => true,
Expand Down Expand Up @@ -150,19 +142,10 @@
}
elseif (move_uploaded_file($_FILES['uploadfile']['tmp_name'], $randfileloc))
{
if (!isset($_SESSION[$fieldname]['filecount']))
$_SESSION[$fieldname]['filecount'] = 0;

$filecount = $_SESSION[$fieldname]['filecount'] += 1;

$_SESSION[$fieldname]['files'][$filecount]['name'] = rawurlencode(basename($filename));
$_SESSION[$fieldname]['files'][$filecount]['size'] = $size;
$_SESSION[$fieldname]['files'][$filecount]['ext'] = $ext;
$_SESSION[$fieldname]['files'][$filecount]['filename'] = $randfilename;

$return = array(
"success" => true,
"file_index" => $filecount,
"size" => $size,
"name" => rawurlencode(basename($filename)),
"ext" => $ext,
Expand Down

0 comments on commit ea21c44

Please sign in to comment.