BackwardsCompatibilityBreak - renamed fUpload::setMaxFilesize() to fU…

…pload::setMaxSize() to be consistent with fFile::getSize()
flourishlib · Apr 12, 2012 · b604ea2 · b604ea2
1 parent 7945782
commit b604ea2
Showing 1 changed file with 45 additions and 16 deletions.
diff --git a/classes/fUpload.php b/classes/fUpload.php
@@ -9,16 +9,17 @@
  * @package    Flourish
  * @link       http://flourishlib.com/fUpload
  * 
- * @version    1.0.0b9
+ * @version    1.0.0b10
- * @changes    1.0.0b9  BackwardsCompatibilityBreak - the class no longer accepts uploaded files that start with a `.` unless ::allowDotFiles() is called - added ::setOptional() [wb, 2010-05-30]
+ * @changes    1.0.0b10  BackwardsCompatibilityBreak - renamed ::setMaxFilesize() to ::setMaxSize() to be consistent with fFile::getSize() [wb, 2010-05-30]
- * @changes    1.0.0b8  BackwardsCompatibilityBreak - ::validate() no longer returns the `$_FILES` array for the file being validated - added `$return_message` parameter to ::validate(), fixed a bug with detection of mime type for text files [wb, 2010-05-26]
+ * @changes    1.0.0b9   BackwardsCompatibilityBreak - the class no longer accepts uploaded files that start with a `.` unless ::allowDotFiles() is called - added ::setOptional() [wb, 2010-05-30]
- * @changes    1.0.0b7  Added ::filter() to allow for ignoring array file upload field entries that did not have a file uploaded [wb, 2009-10-06]
+ * @changes    1.0.0b8   BackwardsCompatibilityBreak - ::validate() no longer returns the `$_FILES` array for the file being validated - added `$return_message` parameter to ::validate(), fixed a bug with detection of mime type for text files [wb, 2010-05-26]
- * @changes    1.0.0b6  Updated ::move() to use the new fFilesystem::createObject() method [wb, 2009-01-21]
+ * @changes    1.0.0b7   Added ::filter() to allow for ignoring array file upload field entries that did not have a file uploaded [wb, 2009-10-06]
- * @changes    1.0.0b5  Removed some unnecessary error suppression operators from ::move() [wb, 2009-01-05]
+ * @changes    1.0.0b6   Updated ::move() to use the new fFilesystem::createObject() method [wb, 2009-01-21]
- * @changes    1.0.0b4  Updated ::validate() so it properly handles upload max filesize specified in human-readable notation [wb, 2009-01-05]
+ * @changes    1.0.0b5   Removed some unnecessary error suppression operators from ::move() [wb, 2009-01-05]
- * @changes    1.0.0b3  Removed the dependency on fRequest [wb, 2009-01-05]
+ * @changes    1.0.0b4   Updated ::validate() so it properly handles upload max filesize specified in human-readable notation [wb, 2009-01-05]
- * @changes    1.0.0b2  Fixed a bug with validating filesizes [wb, 2008-11-25]
+ * @changes    1.0.0b3   Removed the dependency on fRequest [wb, 2009-01-05]
- * @changes    1.0.0b   The initial implementation [wb, 2007-06-14]
+ * @changes    1.0.0b2   Fixed a bug with validating filesizes [wb, 2008-11-25]
+ * @changes    1.0.0b    The initial implementation [wb, 2007-06-14]
  */
 class fUpload
 {
@@ -156,7 +157,7 @@ static public function filter($field)
 	 * 
 	 * @var integer
 	 */
-	private $max_file_size = 0;
+	private $max_size = 0;
 
 	/**
 	 * The error message to display if the mime types do not match
@@ -330,14 +331,42 @@ public function move($directory, $field, $index=NULL)
 
 
 	/**
-	 * Sets the file mime types accepted, one per parameter
+	 * Sets the maximum size the uploaded file may be
+	 * 
+	 * This method should be used with the
+	 * [http://php.net/file-upload.post-method `MAX_FILE_SIZE`] hidden form
+	 * input since the hidden form input will reject a file that is too large
+	 * before the file completely uploads, while this method will wait until the
+	 * whole file has been uploaded. This method should always be used since it
+	 * is very easy for the `MAX_FILE_SIZE` post field to be manipulated on the
+	 * client side.
+	 * 
+	 * This method can only further restrict the
+	 * [http://php.net/upload_max_filesize `upload_max_filesize` ini setting],
+	 * it can not increase that setting. `upload_max_filesize` must be set
+	 * in the php.ini (or an Apache configuration) since file uploads are
+	 * handled before the request is handed off to PHP.
 	 * 
 	 * @param  string $size  The maximum file size (e.g. `1MB`, `200K`, `10.5M`) - `0` for no limit
 	 * @return void
 	 */
-	public function setMaxFileSize($size)
+	public function setMaxSize($size)
 	{
-		$this->max_file_size = fFilesystem::convertToBytes($size);
+		$ini_max_size = ini_get('upload_max_filesize');
+		$ini_max_size = (!is_numeric($ini_max_size)) ? fFilesystem::convertToBytes($ini_max_size) : $ini_max_size;
+
+		$size = fFilesystem::convertToBytes($size);
+
+		if ($size && $size > $ini_max_size) {
+			throw new fEnvironmentException(
+				'The requested max file upload size, %1$s, is larger than the %2$s ini setting, which is currently set at %3$s. The ini setting must be increased to allow files of this size.',
+				$max_size,
+				'upload_max_filesize',
+				$ini_max_size
+			);
+		}
+
+		$this->max_size = $size;
 	}
 
 
@@ -426,10 +455,10 @@ private function validateField($file_array)
 				fFilesystem::formatFilesize($max_size)
 			);
 		}
-		if ($this->max_file_size && $file_array['size'] > $this->max_file_size) {
+		if ($this->max_size && $file_array['size'] > $this->max_size) {
 			return self::compose(
 				'The file uploaded is over the limit of %s',
-				fFilesystem::formatFilesize($this->max_file_size)
+				fFilesystem::formatFilesize($this->max_size)
 			);
 		}