wp_handle_upload() and image upload improvements from Andy. fixes #1806

git-svn-id: http://svn.automattic.com/wordpress/trunk@2979 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2005-11-01 21:28:03 +00:00
parent 56e058d6d8
commit 45435f003e
3 changed files with 780 additions and 507 deletions

View File

@ -1,6 +1,5 @@
<?php <?php
// Creates a new post from the "Write Post" form using $_POST information. // Creates a new post from the "Write Post" form using $_POST information.
function write_post() { function write_post() {
global $user_ID; global $user_ID;
@ -285,6 +284,8 @@ function edit_user($user_id = 0) {
} }
if (isset ($_POST['first_name'])) if (isset ($_POST['first_name']))
$user->first_name = wp_specialchars(trim($_POST['first_name'])); $user->first_name = wp_specialchars(trim($_POST['first_name']));
if (isset ($_POST['middle_name']))
$user->middle_name = wp_specialchars(trim($_POST['middle_name']));
if (isset ($_POST['last_name'])) if (isset ($_POST['last_name']))
$user->last_name = wp_specialchars(trim($_POST['last_name'])); $user->last_name = wp_specialchars(trim($_POST['last_name']));
if (isset ($_POST['nickname'])) if (isset ($_POST['nickname']))
@ -299,6 +300,8 @@ function edit_user($user_id = 0) {
$user->aim = wp_specialchars(trim($_POST['aim'])); $user->aim = wp_specialchars(trim($_POST['aim']));
if (isset ($_POST['yim'])) if (isset ($_POST['yim']))
$user->yim = wp_specialchars(trim($_POST['yim'])); $user->yim = wp_specialchars(trim($_POST['yim']));
if (isset ($_POST['flickr_username']))
$user->flickr_username = wp_specialchars(trim($_POST['flickr_username']));
$errors = array (); $errors = array ();
@ -1542,4 +1545,145 @@ function wp_upload_dir() {
return apply_filters('upload_dir', $uploads); return apply_filters('upload_dir', $uploads);
} }
// array wp_handle_upload ( array &file [, array overrides] )
// file: reference to a single element of $_FILES. Call the function once for each uploaded file.
// overrides: an associative array of names=>values to override default variables with extract($overrides, EXTR_OVERWRITE).
// On success, returns an associative array of file attributes.
// On failure, returns $overrides['upload_error_handler'](&$file, $message) or array('error'=>$message).
function wp_handle_upload(&$file, $overrides = false) {
// The default error handler.
function wp_handle_upload_error(&$file, $message) {
return array('error'=>$message);
}
// You may define your own function and pass the name in $overrides['upload_error_handler']
$upload_error_handler = 'wp_handle_upload_error';
// $_POST['action'] must be set and its value must equal $overrides['action'] or this:
$action = 'wp_handle_upload';
// Courtesy of php.net, the strings that describe the error indicated in $_FILES[{form field}]['error'].
$upload_error_strings = array(false,
__("The uploaded file exceeds the <code>upload_max_filesize</code> directive in <code>php.ini</code>."),
__("The uploaded file exceeds the <em>MAX_FILE_SIZE</em> directive that was specified in the HTML form."),
__("The uploaded file was only partially uploaded."),
__("No file was uploaded."),
__("Missing a temporary folder."),
__("Failed to write file to disk."));
// Accepted MIME types are set here as PCRE. Override with $override['mimes'].
$mimes = apply_filters('upload_mimes', array(
'image/jpeg' => 'jpg|jpeg|jpe',
'image/gif' => 'gif',
'image/(png|x-png)' => 'png',
'image/(bmp|x-bmp|x-ms-bmp)' => 'bmp',
'image/(tiff|x-tiff)' => 'tif|tiff',
'image/(ico|x-ico)' => 'ico',
'video/(asf|x-asf|x-ms-asf)' => 'asf|asx|wma|wax|wmv|wmx',
'video/(wmv|x-wmv|x-ms-wmv)' => 'wmv',
'video/(msvideo|x-msvideo)' => 'avi',
'video/(quicktime|x-quicktime)' => 'mov|qt',
'video/(mpeg|x-mpeg)' => 'mpeg|mpg|mpe',
'text/plain' => 'txt|c|cc|h|php',
'text/richtext' => 'rtx',
'text/css' => 'css',
'text/html' => 'htm|html',
'text/javascript' => 'js',
'audio/(mpeg|x-mpeg|mpeg3|x-mpeg3)' => 'mp3',
'audio/x-realaudio' => 'ra|ram',
'audio/(wav|x-wav)' => 'wav',
'audio/(ogg|x-ogg)' => 'ogg',
'audio/(midi|x-midi)' => 'mid|midi',
'application/pdf' => 'pdf',
'application/msword' => 'doc',
'application/mspowerpoint' => 'pot|pps|ppt',
'application/mswrite' => 'wri',
'application/(msexcel|vnd.ms-excel)' => 'xla|xls|xlt|xlw',
'application/msaccess' => 'mdb',
'application/msproject' => 'mpp',
'application/x-shockwave-flash' => 'swf',
'application/java' => 'class',
'application/x-tar' => 'tar',
'application/(zip|x-zip-compressed)' => 'zip',
'application/(x-gzip|x-gzip-compressed)' => 'gz|gzip'));
// For security, we never trust HTTP Content-Type headers unless the user overrides this.
$trust_content_type = false;
// All tests are on by default. Most can be turned off by $override[{test_name}] = false;
$test_form = true;
$test_size = true;
$test_type = true;
// Install user overrides. Did we mention that this voids your warranty?
if ( is_array($overrides) )
extract($overrides, EXTR_OVERWRITE);
// A correct form post will pass this test.
if ( $test_form && (!isset($_POST['action']) || ($_POST['action'] != $action)) )
return $upload_error_handler($file, __('Invalid form submission.'));
// A successful upload will pass this test. It makes no sense to override this one.
if ( $file['error'] > 0 )
return $upload_error_handler($file, $upload_error_strings[$file['error']]);
// A non-empty file will pass this test.
if ( $test_size && !($file['size'] > 0) )
return $upload_error_handler($file, __('File is empty. Please upload something more substantial.'));
// A properly uploaded file will pass this test. There should be no reason to override this one.
if (! is_uploaded_file($file['tmp_name']) )
return $upload_error_handler($file, __('Specified file failed upload test.'));
// A correct MIME type will pass this test. We can't always determine it programatically, so we'll trust the HTTP headers.
if ( $test_type ) {
$type = false;
$ext = false;
foreach ($mimes as $mime_preg => $ext_preg) {
$mime_preg = '!^' . $mime_preg . '$!i';
$ext_preg = '![^.]\.(' . $ext_preg . ')$!i';
if ( preg_match($mime_preg, $file['type'], $type) ) {
if ( preg_match($ext_preg, $file['name'], $ext) ) {
break;
} else {
return $upload_error_handler($file, __('File extension does not match file type. Try another.'));
}
}
}
if (! $type && $ext )
return $upload_error_handler($file, __('File type does not meet security guidelines. Try another.'));
$type = $type[0];
$ext = $ext[1];
}
// A writable uploads dir will pass this test. Again, there's no point overriding this one.
if ( ! ( ( $uploads = wp_upload_dir() ) && false === $uploads['error'] ) )
return $upload_error_handler($file, $uploads['error']);
// Increment the file number until we have a unique file to save in $dir. Use $override['unique_filename_callback'] if supplied.
if ( isset($unique_filename_callback) && function_exists($unique_filename_callback) ) {
$filename = $unique_filename_callback($uploads['path'], $file['name']);
} else {
$number = '';
$filename = $file['name'];
while ( file_exists($uploads['path'] . "/$filename") )
$filename = str_replace("$number.$ext", ++$number . ".$ext", $filename);
}
// Move the file to the uploads dir
$new_file = $uploads['path'] . "/$filename";
if ( false === move_uploaded_file($file['tmp_name'], $new_file) )
die('The uploaded file could not be moved to $file.');
// Set correct file permissions
$stat = stat(dirname($new_file));
$perms = $stat['mode'] & 0000777;
@ chmod($new_file, $perms);
// Compute the URL
$url = $uploads['url'] . "/$filename";
return array('file' => $new_file, 'url' => $url);
}
?> ?>

File diff suppressed because it is too large Load Diff

View File

@ -33,6 +33,9 @@ $bookmarklet_height= 440;
<p><label><?php _e('First name:') ?><br /> <p><label><?php _e('First name:') ?><br />
<input type="text" name="first_name" value="<?php echo $profiledata->first_name ?>" /></label></p> <input type="text" name="first_name" value="<?php echo $profiledata->first_name ?>" /></label></p>
<p><label><?php _e('Middle name:') ?><br />
<input type="text" name="middle_name" value="<?php echo $profiledata->middle_name ?>" /></label></p>
<p><label><?php _e('Last name:') ?><br /> <p><label><?php _e('Last name:') ?><br />
<input type="text" name="last_name" value="<?php echo $profiledata->last_name ?>" /></label></p> <input type="text" name="last_name" value="<?php echo $profiledata->last_name ?>" /></label></p>
@ -53,6 +56,9 @@ $bookmarklet_height= 440;
<?php if ( !empty( $profiledata->first_name ) && !empty( $profiledata->last_name ) ) : ?> <?php if ( !empty( $profiledata->first_name ) && !empty( $profiledata->last_name ) ) : ?>
<option value="<?php echo $profiledata->first_name." ".$profiledata->last_name ?>"><?php echo $profiledata->first_name." ".$profiledata->last_name ?></option> <option value="<?php echo $profiledata->first_name." ".$profiledata->last_name ?>"><?php echo $profiledata->first_name." ".$profiledata->last_name ?></option>
<option value="<?php echo $profiledata->last_name." ".$profiledata->first_name ?>"><?php echo $profiledata->last_name." ".$profiledata->first_name ?></option> <option value="<?php echo $profiledata->last_name." ".$profiledata->first_name ?>"><?php echo $profiledata->last_name." ".$profiledata->first_name ?></option>
<?php if ( !empty( $profiledata->middle_name ) ) : ?>
<option value="<?php echo $n = $profiledata->first_name." ".$profiledata->middle_name." ".$profiledata->last_name ?>"><?php echo $n ?></option>
<?php endif; ?>
<?php endif; ?> <?php endif; ?>
</select></label></p> </select></label></p>
</fieldset> </fieldset>
@ -67,6 +73,10 @@ $bookmarklet_height= 440;
<input type="text" name="url" value="<?php echo $profiledata->user_url ?>" /> <input type="text" name="url" value="<?php echo $profiledata->user_url ?>" />
</label></p> </label></p>
<p><label><?php _e('Flickr Username:') ?><br />
<input type="text" name="flickr_username" value="<?php echo $profiledata->flickr_username ?>" />
</label></p>
<p><label><?php _e('AIM:') ?><br /> <p><label><?php _e('AIM:') ?><br />
<input type="text" name="aim" value="<?php echo $profiledata->aim ?>" /> <input type="text" name="aim" value="<?php echo $profiledata->aim ?>" />
</label></p> </label></p>
@ -133,4 +143,4 @@ if ( $show_password_fields ) :
</div> </div>
<?php include('admin-footer.php'); ?> <?php include('admin-footer.php'); ?>