Skip to content
Browse files

[#30502] Replace use of JRequest in com_media

  • Loading branch information...
1 parent 3dee52d commit 6b8965bdc932ef18ed141a04b8af3b53a8feb85f @mbabker mbabker committed Apr 7, 2013
View
26 administrator/components/com_media/controllers/file.json.php
@@ -24,11 +24,14 @@ class MediaControllerFile extends JControllerLegacy
/**
* Upload a file
*
- * @since 1.5
+ * @return void
+ *
+ * @since 1.5
*/
function upload()
{
$params = JComponentHelper::getParams('com_media');
+
// Check for request forgeries
if (!JSession::checkToken('request'))
{
@@ -42,13 +45,11 @@ function upload()
// Get the user
$user = JFactory::getUser();
- $input = JFactory::getApplication()->input;
JLog::addLogger(array('text_file' => 'upload.error.php'), JLog::ALL, array('upload'));
// Get some data from the request
- $file = JRequest::getVar('Filedata', '', 'files', 'array');
- $folder = $input->get('folder', '', 'path');
- $return = $input->post->get('return-url', null, 'base64');
+ $file = $this->input->files->get('Filedata', '', 'array');
+ $folder = $this->input->get('folder', '', 'path');
if (
$_SERVER['CONTENT_LENGTH']>($params->get('upload_maxsize', 0) * 1024 * 1024) ||
@@ -69,7 +70,7 @@ function upload()
JClientHelper::setCredentialsFromRequest('ftp');
// Make the filename safe
- $file['name'] = JFile::makeSafe($file['name']);
+ $file['name'] = JFile::makeSafe($file['name']);
if (isset($file['name']))
{
@@ -81,10 +82,12 @@ function upload()
if (!MediaHelper::canUpload($file, $err))
{
JLog::add('Invalid: ' . $filepath . ': ' . $err, JLog::INFO, 'upload');
+
$response = array(
'status' => '0',
'error' => JText::_($err)
);
+
echo json_encode($response);
return;
}
@@ -95,14 +98,17 @@ function upload()
$object_file = new JObject($file);
$object_file->filepath = $filepath;
$result = $dispatcher->trigger('onContentBeforeSave', array('com_media.file', &$object_file));
+
if (in_array(false, $result, true))
{
// There are some errors in the plugins
JLog::add('Errors before save: ' . $object_file->filepath . ' : ' . implode(', ', $object_file->getErrors()), JLog::INFO, 'upload');
+
$response = array(
'status' => '0',
'error' => JText::plural('COM_MEDIA_ERROR_BEFORE_SAVE', count($errors = $object_file->getErrors()), implode('<br />', $errors))
);
+
echo json_encode($response);
return;
}
@@ -111,21 +117,25 @@ function upload()
{
// File exists
JLog::add('File exists: ' . $object_file->filepath . ' by user_id ' . $user->id, JLog::INFO, 'upload');
+
$response = array(
'status' => '0',
'error' => JText::_('COM_MEDIA_ERROR_FILE_EXISTS')
);
+
echo json_encode($response);
return;
}
elseif (!$user->authorise('core.create', 'com_media'))
{
// File does not exist and user is not authorised to create
JLog::add('Create not permitted: ' . $object_file->filepath . ' by user_id ' . $user->id, JLog::INFO, 'upload');
+
$response = array(
'status' => '0',
'error' => JText::_('COM_MEDIA_ERROR_CREATE_NOT_PERMITTED')
);
+
echo json_encode($response);
return;
}
@@ -134,10 +144,12 @@ function upload()
{
// Error in upload
JLog::add('Error on upload: ' . $object_file->filepath, JLog::INFO, 'upload');
+
$response = array(
'status' => '0',
'error' => JText::_('COM_MEDIA_ERROR_UNABLE_TO_UPLOAD_FILE')
);
+
echo json_encode($response);
return;
}
@@ -146,10 +158,12 @@ function upload()
// Trigger the onContentAfterSave event.
$dispatcher->trigger('onContentAfterSave', array('com_media.file', &$object_file, true));
JLog::add($folder, JLog::INFO, 'upload');
+
$response = array(
'status' => '1',
'error' => JText::sprintf('COM_MEDIA_UPLOAD_COMPLETE', substr($object_file->filepath, strlen(COM_MEDIA_BASE)))
);
+
echo json_encode($response);
return;
}
View
62 administrator/components/com_media/controllers/file.php
@@ -21,15 +21,19 @@
*/
class MediaControllerFile extends JControllerLegacy
{
- /*
+ /**
* The folder we are uploading into
+ *
+ * @var string
*/
protected $folder = '';
/**
* Upload one or more files
*
- * @since 1.5
+ * @return boolean
+ *
+ * @since 1.5
*/
public function upload()
{
@@ -38,7 +42,7 @@ public function upload()
$params = JComponentHelper::getParams('com_media');
// Get some data from the request
- $files = JRequest::getVar('Filedata', '', 'files', 'array');
+ $files = $this->input->files->get('Filedata', '', 'array');
$return = $this->input->post->get('return-url', null, 'base64');
$this->folder = $this->input->get('folder', '', 'path');
@@ -63,22 +67,19 @@ public function upload()
JError::raiseWarning(100, JText::_('COM_MEDIA_ERROR_WARNFILETOOLARGE'));
return false;
}
- // Input is in the form of an associative array containing numerically indexed arrays
- // We want a numerically indexed array containing associative arrays
- // Cast each item as array in case the Filedata parameter was not sent as such
- $files = array_map(
- array($this, 'reformatFilesArray'),
- (array) $files['name'], (array) $files['type'], (array) $files['tmp_name'], (array) $files['error'], (array) $files['size']
- );
// Perform basic checks on file info before attempting anything
foreach ($files as &$file)
{
+ $file['name'] = JFile::makeSafe($file['name']);
+ $file['filepath'] = JPath::clean(implode(DIRECTORY_SEPARATOR, array(COM_MEDIA_BASE, $this->folder, $file['name'])));
+
if ($file['error'] == 1)
{
JError::raiseWarning(100, JText::_('COM_MEDIA_ERROR_WARNFILETOOLARGE'));
return false;
}
+
if ($file['size'] > ($params->get('upload_maxsize', 0) * 1024 * 1024))
{
JError::raiseNotice(100, JText::_('COM_MEDIA_ERROR_WARNFILETOOLARGE'));
@@ -109,6 +110,7 @@ public function upload()
{
// The request is valid
$err = null;
+
if (!MediaHelper::canUpload($file, $err))
{
// The file can't be upload
@@ -119,6 +121,7 @@ public function upload()
// Trigger the onContentBeforeSave event.
$object_file = new JObject($file);
$result = $dispatcher->trigger('onContentBeforeSave', array('com_media.file', &$object_file));
+
if (in_array(false, $result, true))
{
// There are some errors in the plugins
@@ -144,38 +147,13 @@ public function upload()
}
/**
- * Used as a callback for array_map, turns the multi-file input array into a sensible array of files
- * Also, removes illegal characters from the 'name' and sets a 'filepath' as the final destination of the file
- *
- * @param string - file name ($files['name'])
- * @param string - file type ($files['type'])
- * @param string - temporary name ($files['tmp_name'])
- * @param string - error info ($files['error'])
- * @param string - file size ($files['size'])
- *
- * @return array
- * @access protected
- */
- protected function reformatFilesArray($name, $type, $tmp_name, $error, $size)
- {
- $name = JFile::makeSafe($name);
- return array(
- 'name' => $name,
- 'type' => $type,
- 'tmp_name' => $tmp_name,
- 'error' => $error,
- 'size' => $size,
- 'filepath' => JPath::clean(implode(DIRECTORY_SEPARATOR, array(COM_MEDIA_BASE, $this->folder, $name)))
- );
- }
-
- /**
* Check that the user is authorized to perform this action
*
* @param string $action - the action to be peformed (create or delete)
*
* @return boolean
- * @access protected
+ *
+ * @since 1.6
*/
protected function authoriseUser($action)
{
@@ -192,7 +170,9 @@ protected function authoriseUser($action)
/**
* Deletes paths from the current path
*
- * @since 1.5
+ * @return boolean
+ *
+ * @since 1.5
*/
public function delete()
{
@@ -204,11 +184,13 @@ public function delete()
$folder = $this->input->get('folder', '', 'path');
$redirect = 'index.php?option=com_media&folder=' . $folder;
+
if ($tmpl == 'component')
{
// We are inside the iframe
$redirect .= '&view=mediaList&tmpl=component';
}
+
$this->setRedirect($redirect);
// Nothing to delete
@@ -230,6 +212,7 @@ public function delete()
$dispatcher = JEventDispatcher::getInstance();
$ret = true;
+
foreach ($paths as $path)
{
if ($path !== JFile::makeSafe($path))
@@ -242,6 +225,7 @@ public function delete()
$fullPath = JPath::clean(implode(DIRECTORY_SEPARATOR, array(COM_MEDIA_BASE, $folder, $path)));
$object_file = new JObject(array('filepath' => $fullPath));
+
if (is_file($object_file->filepath))
{
// Trigger the onContentBeforeDelete event.
@@ -262,10 +246,12 @@ public function delete()
elseif (is_dir($object_file->filepath))
{
$contents = JFolder::files($object_file->filepath, '.', true, false, array('.svn', 'CVS', '.DS_Store', '__MACOSX', 'index.html'));
+
if (empty($contents))
{
// Trigger the onContentBeforeDelete event.
$result = $dispatcher->trigger('onContentBeforeDelete', array('com_media.folder', &$object_file));
+
if (in_array(false, $result, true))
{
// There are some errors in the plugins
View
27 administrator/components/com_media/controllers/folder.php
@@ -21,11 +21,12 @@
*/
class MediaControllerFolder extends JControllerLegacy
{
-
/**
* Deletes paths from the current path
*
- * @since 1.5
+ * @return boolean
+ *
+ * @since 1.5
*/
public function delete()
{
@@ -39,11 +40,13 @@ public function delete()
$folder = $this->input->get('folder', '', 'path');
$redirect = 'index.php?option=com_media&folder=' . $folder;
+
if ($tmpl == 'component')
{
// We are inside the iframe
$redirect .= '&view=mediaList&tmpl=component';
}
+
$this->setRedirect($redirect);
// Just return if there's nothing to do
@@ -66,6 +69,7 @@ public function delete()
JPluginHelper::importPlugin('content');
$dispatcher = JEventDispatcher::getInstance();
+
if (count($paths))
{
foreach ($paths as $path)
@@ -79,10 +83,12 @@ public function delete()
$fullPath = JPath::clean(implode(DIRECTORY_SEPARATOR, array(COM_MEDIA_BASE, $folder, $path)));
$object_file = new JObject(array('filepath' => $fullPath));
+
if (is_file($object_file->filepath))
{
// Trigger the onContentBeforeDelete event.
$result = $dispatcher->trigger('onContentBeforeDelete', array('com_media.file', &$object_file));
+
if (in_array(false, $result, true))
{
// There are some errors in the plugins
@@ -99,10 +105,12 @@ public function delete()
elseif (is_dir($object_file->filepath))
{
$contents = JFolder::files($object_file->filepath, '.', true, false, array('.svn', 'CVS', '.DS_Store', '__MACOSX', 'index.html'));
+
if (empty($contents))
{
// Trigger the onContentBeforeDelete event.
$result = $dispatcher->trigger('onContentBeforeDelete', array('com_media.folder', &$object_file));
+
if (in_array(false, $result, true))
{
// There are some errors in the plugins
@@ -123,15 +131,17 @@ public function delete()
}
}
}
- return $ret;
}
+
+ return $ret;
}
/**
* Create a folder
*
- * @param string $path Path of the folder to create
- * @since 1.5
+ * @return boolean
+ *
+ * @since 1.5
*/
public function create()
{
@@ -141,7 +151,7 @@ public function create()
$user = JFactory::getUser();
$folder = $this->input->get('foldername', '');
- $folderCheck = JRequest::getVar('foldername', null, '', 'string', JREQUEST_ALLOWRAW);
+ $folderCheck = (string) $this->input->get('foldername', null, 'raw');
$parent = $this->input->get('folderbase', '', 'path');
$this->setRedirect('index.php?option=com_media&folder=' . $parent . '&tmpl=' . $this->input->get('tmpl', 'index'));
@@ -167,13 +177,15 @@ public function create()
}
$path = JPath::clean(COM_MEDIA_BASE . '/' . $parent . '/' . $folder);
+
if (!is_dir($path) && !is_file($path))
{
// Trigger the onContentBeforeSave event.
$object_file = new JObject(array('filepath' => $path));
JPluginHelper::importPlugin('content');
$dispatcher = JEventDispatcher::getInstance();
$result = $dispatcher->trigger('onContentBeforeSave', array('com_media.folder', &$object_file));
+
if (in_array(false, $result, true))
{
// There are some errors in the plugins
@@ -189,7 +201,10 @@ public function create()
$dispatcher->trigger('onContentAfterSave', array('com_media.folder', &$object_file, true));
$this->setMessage(JText::sprintf('COM_MEDIA_CREATE_COMPLETE', substr($object_file->filepath, strlen(COM_MEDIA_BASE))));
}
+
$this->input->set('folder', ($parent) ? $parent.'/'.$folder : $folder);
}
+
+ return true;
}
}
View
5 installation/CHANGELOG
@@ -25,6 +25,9 @@ $ -> Language fix or change
- -> Removed
! -> Note3
+07-Apr-2013 Michael Babker
+ ^ [#30502] Replace use of JRequest in com_media
+
07-Apr-2013 Jean-Marie Simonet
# [#30226] *TAGS: Getting rid of all aspects concerning lang associations
@@ -45,7 +48,7 @@ $ -> Language fix or change
04-Apr-2013 Jean-Marie Simonet
# [#30454] Tags: Adding Tags via Batch function replaces all previous tags. Thanks David and Elin.
# [#30463] Missing closing div in compact tag layout. Thanks Thomas Hunziker and Constantin Romankiewicz
- # [#30464] ACL Undefined variable error in contentadministrator.php on line 112. Thanks Constantin Romankiewicz
+ # [#30464] ACL Undefined variable error in contentadministrator.php on line 112. Thanks Constantin Romankiewicz
# [#30062] Base Item option in mod_menu has no effect [regression]. Thanks René Alain Erichsen
# [#30422] Tags drill down incorrectly finds match to multi-tag tagged items menu item. Thanks Mark
# [#30210] Undefined index errors by using the style 'beezTabs' at an beez template. Thanks Constantin Romankiewicz

0 comments on commit 6b8965b

Please sign in to comment.
Something went wrong with that request. Please try again.