Recover temp file removal logic to bundled upload handler (upload.php…

…) and make it functional.
moxiecode · Dec 27, 2011 · 898df77 · 898df77
1 parent d8f916d
commit 898df77
Showing 1 changed file with 25 additions and 17 deletions.
diff --git a/examples/upload.php b/examples/upload.php
@@ -18,10 +18,10 @@
 
 // Settings
 $targetDir = ini_get("upload_tmp_dir") . DIRECTORY_SEPARATOR . "plupload";
-//$targetDir = 'uploads/';
+//$targetDir = 'uploads';
 
-//$cleanupTargetDir = false; // Remove old files
+$cleanupTargetDir = true; // Remove old files
-//$maxFileAge = 60 * 60; // Temp file age in seconds
+$maxFileAge = 5 * 3600; // Temp file age in seconds
 
 // 5 minutes execution time
 @set_time_limit(5 * 60);
@@ -30,12 +30,12 @@
 // usleep(5000);
 
 // Get parameters
-$chunk = isset($_REQUEST["chunk"]) ? $_REQUEST["chunk"] : 0;
+$chunk = isset($_REQUEST["chunk"]) ? intval($_REQUEST["chunk"]) : 0;
-$chunks = isset($_REQUEST["chunks"]) ? $_REQUEST["chunks"] : 0;
+$chunks = isset($_REQUEST["chunks"]) ? intval($_REQUEST["chunks"]) : 0;
 $fileName = isset($_REQUEST["name"]) ? $_REQUEST["name"] : '';
 
 // Clean the fileName for security reasons
-$fileName = preg_replace('/[^\w\._]+/', '', $fileName);
+$fileName = preg_replace('/[^\w\._]+/', '_', $fileName);
 
 // Make sure the fileName is unique but only if chunking is disabled
 if ($chunks < 2 && file_exists($targetDir . DIRECTORY_SEPARATOR . $fileName)) {
@@ -50,26 +50,27 @@
 	$fileName = $fileName_a . '_' . $count . $fileName_b;
 }
 
+$filePath = $targetDir . DIRECTORY_SEPARATOR . $fileName;
+
 // Create target dir
 if (!file_exists($targetDir))
 	@mkdir($targetDir);
 
-// Remove old temp files
+// Remove old temp files	
-/* this doesn't really work by now
+if ($cleanupTargetDir && is_dir($targetDir) && ($dir = opendir($targetDir))) {
-	
-if (is_dir($targetDir) && ($dir = opendir($targetDir))) {
 	while (($file = readdir($dir)) !== false) {
-		$filePath = $targetDir . DIRECTORY_SEPARATOR . $file;
+		$tmpfilePath = $targetDir . DIRECTORY_SEPARATOR . $file;
 
-		// Remove temp files if they are older than the max age
+		// Remove temp file if it is older than the max age and is not the current file
-		if (preg_match('/\\.tmp$/', $file) && (filemtime($filePath) < time() - $maxFileAge))
+		if (preg_match('/\.part$/', $file) && (filemtime($tmpfilePath) < time() - $maxFileAge) && ($tmpfilePath != "{$filePath}.part")) {
-			@unlink($filePath);
+			@unlink($tmpfilePath);
+		}
 	}
 
 	closedir($dir);
 } else
 	die('{"jsonrpc" : "2.0", "error" : {"code": 100, "message": "Failed to open temp directory."}, "id" : "id"}');
-*/
+	
 
 // Look for the content type header
 if (isset($_SERVER["HTTP_CONTENT_TYPE"]))
@@ -82,7 +83,7 @@
 if (strpos($contentType, "multipart") !== false) {
 	if (isset($_FILES['file']['tmp_name']) && is_uploaded_file($_FILES['file']['tmp_name'])) {
 		// Open temp file
-		$out = fopen($targetDir . DIRECTORY_SEPARATOR . $fileName, $chunk == 0 ? "wb" : "ab");
+		$out = fopen("{$filePath}.part", $chunk == 0 ? "wb" : "ab");
 		if ($out) {
 			// Read binary input stream and append it to temp file
 			$in = fopen($_FILES['file']['tmp_name'], "rb");
@@ -101,7 +102,7 @@
 		die('{"jsonrpc" : "2.0", "error" : {"code": 103, "message": "Failed to move uploaded file."}, "id" : "id"}');
 } else {
 	// Open temp file
-	$out = fopen($targetDir . DIRECTORY_SEPARATOR . $fileName, $chunk == 0 ? "wb" : "ab");
+	$out = fopen("{$filePath}.part", $chunk == 0 ? "wb" : "ab");
 	if ($out) {
 		// Read binary input stream and append it to temp file
 		$in = fopen("php://input", "rb");
@@ -118,6 +119,13 @@
 		die('{"jsonrpc" : "2.0", "error" : {"code": 102, "message": "Failed to open output stream."}, "id" : "id"}');
 }
 
+// Check if file has been uploaded
+if (!$chunks || $chunk == $chunks - 1) {
+	// Strip the temp .part suffix off 
+	rename("{$filePath}.part", $filePath);
+}
+
+
 // Return JSON-RPC response
 die('{"jsonrpc" : "2.0", "result" : null, "id" : "id"}');