/** * Determines the system's upload limit. This limit is determined by * the maximum upload filesize (PHP), the maximum POST request size (PHP) * and the maximum database packet size. * * @return An array containing three elements: the overall system's maximum * upload size, the maximum as imposed by PHP and the maximum as * imposed by the database. */ function phorum_get_system_max_upload() { global $PHORUM; // Determine limit as imposed by PHP. $pms = phorum_phpcfgsize2bytes(ini_get('post_max_size')); $umf = phorum_phpcfgsize2bytes(ini_get('upload_max_filesize')); $php_limit = $umf > $pms ? $pms : $umf; // Determines the database server's limit for file uploads. This limit // is determined by the maximum packet size that the database can handle. // We asume that there's a 40% overhead in the packet, so that 60% of // the packet can be used for sending an uploaded file to the database. $db_limit = phorum_db_maxpacketsize(); if ($db_limit != NULL) { $db_limit = $db_limit * 0.6; } $limit = $php_limit; if ($db_limit && $db_limit < $php_limit) { $limit = $db_limit; } $data = array($limit, $php_limit, $db_limit); /* * [hook] * system_max_upload * * [description] * This hook allows a module to control the maximum file size for * a file upload. Most notable would be file system storage. It * could ignore the db_limit. * * [category] * File storage * * [when] * In * <filename>include/upload_functions.php</filename>, * in the function phorum_get_system_max_upload. * * [input] * An array containing the default limit, the data layer limit and * the PHP limit * * [output] * A 3 part array with the limits adjusted as you wish. The first * element in the array would be the most important. * * [example] * <hookcode> * function phorum_mod_foo_system_max_upload($data) * { * // ignore the db_limit * $data[0] = $data[2]; * return $data; * } * </hookcode> */ if (isset($PHORUM["hooks"]["system_max_upload"])) { $data = phorum_hook("system_max_upload", $data); } return $data; }
/** * Determines the system's upload limit. This limit is determined by * the maximum upload filesize (PHP), the maximum POST request size (PHP) * and the maximum database packet size. * * @return An array containing three elements: the overall system's maximum * upload size, the maximum as imposed by PHP and the maximum as * imposed by the database. */ function phorum_get_system_max_upload() { // Determine limit as imposed by PHP. $pms = phorum_phpcfgsize2bytes(ini_get('post_max_size')); $umf = phorum_phpcfgsize2bytes(ini_get('upload_max_filesize')); $php_limit = $umf > $pms ? $pms : $umf; // Determines the database server's limit for file uploads. This limit // is determined by the maximum packet size that the database can handle. // We asume that there's a 40% overhead in the packet, so that 60% of // the packet can be used for sending an uploaded file to the database. $db_limit = phorum_db_maxpacketsize(); if ($db_limit != NULL) { $db_limit = $db_limit * 0.6; } $limit = $php_limit; if ($db_limit && $db_limit < $php_limit) { $limit = $db_limit; } return array($limit, $php_limit, $db_limit); }
foreach ($_FILES as $file) { // Not too many attachments? if ($attach_count >= $PHORUM["max_attachments"]) break; // Check if the tempfile is an uploaded file? if(! is_uploaded_file($file["tmp_name"])) continue; // Some problems in uploading result in files which are // zero in size. We asume that people who upload zero byte // files will almost always have problems uploading. if ($file["size"] == 0) continue; // check with PHP and MySQL on attachment size $php_limit = ini_get('upload_max_filesize')*1024; $max_packetsize = phorum_db_maxpacketsize(); if ($max_packetsize == NULL) { $db_limit = $php_limit; } else { $db_limit = $max_packetsize/1024*.6; } if($PHORUM["max_attachment_size"]==0){ $PHORUM["max_attachment_size"] = min($php_limit, $db_limit); } else { $PHORUM["max_attachment_size"] = min($PHORUM["max_attachment_size"], $php_limit, $db_limit); } // Isn't the attachment too large? if ($PHORUM["max_attachment_size"] > 0 && $file["size"] > $PHORUM["max_attachment_size"]*1024) { $PHORUM["DATA"]["ERROR"] = str_replace(
function phorum_check_upload_limits() { $PHORUM = $GLOBALS["PHORUM"]; // Keep track if uploads are used. $upload_used = false; // Get the maximum file upload size for PHP. $php_max_upload = phorum_php_max_upload(); // Get the maximum packet size for the database. // For determining the maximum allowed upload size, // we have to take packet overhead into account. $max_packetsize = phorum_db_maxpacketsize(); if ($max_packetsize == NULL) { $db_max_upload = $php_max_upload; } else { $db_max_upload = phorum_db_maxpacketsize() * 0.6; } // Check limits for file uploading in personal profile. if ($PHORUM["file_uploads"] && $PHORUM["max_file_size"]) { $upload_used = true; $res = phorum_single_check_upload_limits( $PHORUM["max_file_size"]*1024, "the Max File Size option for user file uploads " . "(in their profile)", $php_max_upload, $db_max_upload ); if ($res != NULL) return $res; } // Check limits for attachment uploading in forums. $forums = phorum_db_get_forums(); foreach ($forums as $id => $forum) { if ($forum["max_attachments"] > 0 && $forum["max_attachment_size"]) { $upload_used = true; $res = phorum_single_check_upload_limits( $forum["max_attachment_size"]*1024, "the Max File Size option for uploading attachments in the forum \"{$forum['name']}\"", $php_max_upload, $db_max_upload ); } } // No upload functionality found so far? Then we're done. if (! $upload_used) return array(PHORUM_SANITY_OK, NULL); // Check if the upload temp directory can be written. $tmpdir = get_cfg_var('upload_tmp_dir'); if (!empty($tmpdir)) { $fp = @fopen("$tmpdir/sanity_checks_dummy_uploadtmpfile", "w"); if (! $fp) return array( PHORUM_SANITY_CRIT, "The system is unable to write files to PHP's upload tmpdir \"".htmlspecialchars($tmpdir)."\". The system error was:<br/><br/>". htmlspecialchars($php_errormsg).".", "Change the upload_tmp_dir setting in your php.ini file or give your webserver more permissions for the current upload directory." ); } fclose($fp); unlink("$tmpdir/sanity_checks_dummy_uploadtmpfile"); return array(PHORUM_SANITY_OK, NULL); }