summaryrefslogtreecommitdiffstats
path: root/system/libraries/Upload.php
diff options
context:
space:
mode:
Diffstat (limited to 'system/libraries/Upload.php')
-rw-r--r--system/libraries/Upload.php57
1 files changed, 22 insertions, 35 deletions
diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php
index 8ad67050d..c1e07de7a 100644
--- a/system/libraries/Upload.php
+++ b/system/libraries/Upload.php
@@ -78,6 +78,8 @@ class CI_Upload {
$this->initialize($props);
}
+ $this->mimes =& get_mimes();
+
log_message('debug', 'Upload Class Initialized');
}
@@ -113,7 +115,6 @@ class CI_Upload {
'image_type' => '',
'image_size_str' => '',
'error_msg' => array(),
- 'mimes' => array(),
'remove_spaces' => TRUE,
'xss_clean' => FALSE,
'temp_prefix' => 'temp_file_',
@@ -223,7 +224,7 @@ class CI_Upload {
}
// if we're overriding, let's now make sure the new name and type is allowed
- if ($this->_file_name_override != '')
+ if ($this->_file_name_override !== '')
{
$this->file_name = $this->_prep_filename($this->_file_name_override);
@@ -276,7 +277,7 @@ class CI_Upload {
}
// Remove white spaces in the name
- if ($this->remove_spaces == TRUE)
+ if ($this->remove_spaces === TRUE)
{
$this->file_name = preg_replace('/\s+/', '_', $this->file_name);
}
@@ -289,7 +290,7 @@ class CI_Upload {
*/
$this->orig_name = $this->file_name;
- if ($this->overwrite == FALSE)
+ if ($this->overwrite === FALSE)
{
$this->file_name = $this->set_filename($this->upload_path, $this->file_name);
@@ -397,7 +398,7 @@ class CI_Upload {
*/
public function set_filename($path, $filename)
{
- if ($this->encrypt_name == TRUE)
+ if ($this->encrypt_name === TRUE)
{
mt_srand();
$filename = md5(uniqid(mt_rand())).$this->file_ext;
@@ -420,7 +421,7 @@ class CI_Upload {
}
}
- if ($new_filename == '')
+ if ($new_filename === '')
{
$this->set_error('upload_bad_filename');
return FALSE;
@@ -545,7 +546,7 @@ class CI_Upload {
*/
public function set_xss_clean($flag = FALSE)
{
- $this->xss_clean = ($flag == TRUE);
+ $this->xss_clean = ($flag === TRUE);
}
// --------------------------------------------------------------------
@@ -641,7 +642,7 @@ class CI_Upload {
*/
public function is_allowed_filesize()
{
- return ($this->max_size == 0 OR $this->max_size > $this->file_size);
+ return ($this->max_size === 0 OR $this->max_size > $this->file_size);
}
// --------------------------------------------------------------------
@@ -687,7 +688,7 @@ class CI_Upload {
*/
public function validate_upload_path()
{
- if ($this->upload_path == '')
+ if ($this->upload_path === '')
{
$this->set_error('upload_no_filepath');
return FALSE;
@@ -725,7 +726,7 @@ class CI_Upload {
public function get_extension($filename)
{
$x = explode('.', $filename);
- return '.'.end($x);
+ return (count($x) !== 1) ? '.'.end($x) : '';
}
// --------------------------------------------------------------------
@@ -747,6 +748,8 @@ class CI_Upload {
';',
'?',
'/',
+ '!',
+ '#',
'%20',
'%22',
'%3c', // <
@@ -812,7 +815,7 @@ class CI_Upload {
return FALSE;
}
- if (function_exists('memory_get_usage') && memory_get_usage() && ini_get('memory_limit') != '')
+ if (function_exists('memory_get_usage') && memory_get_usage() && ini_get('memory_limit'))
{
$current = ini_get('memory_limit') * 1024 * 1024;
@@ -850,6 +853,10 @@ class CI_Upload {
{
return TRUE; // its an image, no "triggers" detected in the first 256 bytes, we're good
}
+ else
+ {
+ return FALSE;
+ }
}
if (($data = @file_get_contents($file)) === FALSE)
@@ -878,14 +885,14 @@ class CI_Upload {
{
foreach ($msg as $val)
{
- $msg = ($CI->lang->line($val) == FALSE) ? $val : $CI->lang->line($val);
+ $msg = ($CI->lang->line($val) === FALSE) ? $val : $CI->lang->line($val);
$this->error_msg[] = $msg;
log_message('error', $msg);
}
}
else
{
- $msg = ($CI->lang->line($msg) == FALSE) ? $msg : $CI->lang->line($msg);
+ $msg = ($CI->lang->line($msg) === FALSE) ? $msg : $CI->lang->line($msg);
$this->error_msg[] = $msg;
log_message('error', $msg);
}
@@ -918,26 +925,6 @@ class CI_Upload {
*/
public function mimes_types($mime)
{
- global $mimes;
-
- if (count($this->mimes) == 0)
- {
- if (defined('ENVIRONMENT') && is_file(APPPATH.'config/'.ENVIRONMENT.'/mimes.php'))
- {
- include(APPPATH.'config/'.ENVIRONMENT.'/mimes.php');
- }
- elseif (is_file(APPPATH.'config/mimes.php'))
- {
- include(APPPATH.'config/mimes.php');
- }
- else
- {
- return FALSE;
- }
-
- $this->mimes = $mimes;
- }
-
return isset($this->mimes[$mime]) ? $this->mimes[$mime] : FALSE;
}
@@ -954,7 +941,7 @@ class CI_Upload {
*/
protected function _prep_filename($filename)
{
- if (strpos($filename, '.') === FALSE OR $this->allowed_types == '*')
+ if (strpos($filename, '.') === FALSE OR $this->allowed_types === '*')
{
return $filename;
}
@@ -1032,7 +1019,7 @@ class CI_Upload {
*/
if (DIRECTORY_SEPARATOR !== '\\')
{
- $cmd = 'file --brief --mime ' . escapeshellarg($file['tmp_name']) . ' 2>&1';
+ $cmd = 'file --brief --mime '.escapeshellarg($file['tmp_name']).' 2>&1';
if (function_exists('exec'))
{