# HG changeset patch # User Dan # Date 1200963269 18000 # Node ID 7e16181545e13ee1a26e5794387b3551915250bf # Parent cc6bf4d636842f43a49d1da9a433dedab00b191b Localized Special:UploadFile and Special:DownloadFile diff -r cc6bf4d63684 -r 7e16181545e1 language/english/core.json --- a/language/english/core.json Mon Jan 21 18:33:44 2008 -0500 +++ b/language/english/core.json Mon Jan 21 19:54:29 2008 -0500 @@ -17,7 +17,7 @@ var enano_lang = { categories: [ - 'page', 'comment', 'onpage', 'etc', 'editor', 'history', 'catedit', 'tags', 'delvote', 'ajax', 'sidebar', 'perm', 'plugin', 'paginate', + 'page', 'comment', 'onpage', 'etc', 'editor', 'history', 'catedit', 'tags', 'delvote', 'ajax', 'sidebar', 'perm', 'plugin', 'paginate', 'upload', ], strings: { meta: { @@ -35,6 +35,7 @@ perm: 'Page actions (for ACLs)', plugin: 'Plugin names and descriptions', paginate: 'Pagination widget', + upload: 'File upload interface', plural: 's', enano_about_th: 'About the Enano Content Management System', enano_about_poweredby: '

This website is powered by Enano, the lightweight and open source CMS that everyone can use. Enano is copyright © 2006-2007 Dan Fuhry. For legal information, along with a list of libraries that Enano uses, please see Legal Information.

The developers and maintainers of Enano strongly believe that software should not only be free to use, but free to be modified, distributed, and used to create derivative works. For more information about Free Software, check out the Wikipedia page or the Free Software Foundation\'s homepage.

', @@ -444,6 +445,34 @@ err_bad_page_title: 'Invalid entry', err_bad_page_body: 'Please enter a page number between 1 and %max%.', }, + upload: { + err_disabled_site: 'File uploads are disabled this website.', + err_disabled_acl: 'File uploads are disabled for your user account or group.', + + err_title: 'Upload failed', + err_cant_get_file_meta: 'The server could not retrieve the array $_FILES[\'data\'].', + err_too_big_or_small: 'The file you uploaded is either too large or 0 bytes in length.', + err_banned_ext: 'The file type ".%ext%" is not allowed.', + err_banned_chars: 'The filename contains invalid characters.', + err_already_exists: 'The file already exists. You can upload a new version of this file.', + err_replace_protected: 'Either the file does not exist (and therefore cannot be updated) or the file is protected.', + err_move_failed: 'Could not move uploaded file to the new location.', + err_replace_denied: 'Uploading new versions of files has been disabled for your user account or group.', + + success_title: 'Upload complete', + success_body: 'Your file has been uploaded successfully. View the file\'s page.', + + intro: 'Using this form you can upload a file to the %config.site_name% site.', + max_filesize: 'The maximum file size is %config.max_file_size% %this.etc_unit_bytes% (%size%).', + field_file: 'File:', + field_renameto: 'Rename to:', + field_comments: 'Comments:
(can be wiki-formatted)', + field_reason: 'Reason for uploading the new version:', + btn_upload: 'Upload file', + + err_not_found_title: 'File not found', + err_not_found_body: 'The file "%filename%" cannot be found.', + }, etc: { redirect_title: 'Redirecting...', redirect_body: 'Please wait while you are redirected.', diff -r cc6bf4d63684 -r 7e16181545e1 plugins/SpecialUpdownload.php --- a/plugins/SpecialUpdownload.php Mon Jan 21 18:33:44 2008 -0500 +++ b/plugins/SpecialUpdownload.php Mon Jan 21 19:54:29 2008 -0500 @@ -43,11 +43,12 @@ function page_Special_UploadFile() { global $db, $session, $paths, $template, $plugins; // Common objects + global $lang; global $mime_types; - if(getConfig('enable_uploads')!='1') { die_friendly('Access denied', '

File uploads are disabled this website.

'); } + if(getConfig('enable_uploads')!='1') { die_friendly($lang->get('etc_access_denied_short'), '

' . $lang->get('upload_err_disabled_site') . '

'); } if ( !$session->get_permissions('upload_files') ) { - die_friendly('Access denied', '

File uploads are disabled for your user account or group.

'); + die_friendly($lang->get('etc_access_denied_short'), '

' . $lang->get('upload_err_disabled_acl') . '

'); } if(isset($_POST['doit'])) { @@ -61,42 +62,18 @@ } if ( !is_array($file) ) { - die_friendly('Upload failed', '

The server could not retrieve the array $_FILES[\'data\'].

'); + die_friendly($lang->get('upload_err_title'), '

' . $lang->get('upload_err_cant_get_file_meta') . '

'); } if ( $file['size'] == 0 || $file['size'] > (int)getConfig('max_file_size') ) { - die_friendly('Upload failed', '

The file you uploaded is either too large or 0 bytes in length.

'); + die_friendly($lang->get('upload_err_title'), '

' . $lang->get('upload_err_too_big_or_small') . '

'); } - /* - $allowed_mime_types = Array( - 'text/plain', - 'image/png', - 'image/jpeg', - 'image/tiff', - 'image/gif', - 'text/html', // Safe because the file is stashed in the database - 'application/x-bzip2', - 'application/x-gzip', - 'text/x-c++' - ); - if(function_exists('finfo_open') && $fi = finfo_open(FILEINFO_MIME, ENANO_ROOT.'/includes/magic')) // First try to use the fileinfo extension, this is the best way to determine the mimetype - { - if(!$fi) die_friendly('Upload failed', '

Enano was unable to determine the format of the uploaded file.

'.@finfo_file($fi, $file['tmp_name']).'

'); - $type = @finfo_file($fi, $file['tmp_name']); - @finfo_close($fi); - } - elseif(function_exists('mime_content_type')) - $type = mime_content_type($file['tmp_name']); // OK, no fileinfo function. Use a (usually) built-in PHP function - elseif(isset($file['type'])) - $type = $file['type']; // LAST RESORT: use the mimetype the browser sent us, though this is likely to be spoofed - else // DANG! Not even the browser told us. Bail out. - die_friendly('Upload failed', '

Enano was unable to determine the format of the uploaded file.

'); - */ + $types = fetch_allowed_extensions(); $ext = substr($file['name'], strrpos($file['name'], '.')+1, strlen($file['name'])); if ( !isset($types[$ext]) || ( isset($types[$ext]) && !$types[$ext] ) ) { - die_friendly('Upload failed', '

The file type ".'.$ext.'" is not allowed.

'); + die_friendly($lang->get('upload_err_title'), '

' . $lang->get('upload_err_banned_ext', array('ext' => htmlspecialchars($ext))) . '

'); } $type = $mime_types[$ext]; //$type = explode(';', $type); $type = $type[0]; @@ -112,12 +89,16 @@ $bad_chars = Array(':', '\\', '/', '<', '>', '|', '*', '?', '"', '#', '+'); foreach($bad_chars as $ch) { - if(strstr($filename, $ch) || preg_match('/^([ ]+)$/is', $filename)) die_friendly('Upload failed', '

The filename contains invalid characters.

'); + if(strstr($filename, $ch) || preg_match('/^([ ]+)$/is', $filename)) + { + die_friendly($lang->get('upload_err_title'), '

' . $lang->get('upload_err_banned_chars') . '

'); + } } if ( isset ( $paths->pages[ $paths->nslist['File'] . $filename ] ) && !isset ( $_POST['update'] ) ) { - die_friendly('Upload failed', '

The file already exists. You can upload a new version of this file.

'); + $upload_link = makeUrlNS('Special', 'UploadFile/'.$filename); + die_friendly($lang->get('upload_err_title'), '

' . $lang->get('upload_err_already_exists', array('upload_link' => $upload_link)) . '

'); } else if ( isset($_POST['update']) && ( !isset($paths->pages[$paths->nslist['File'].$filename]) || @@ -126,7 +107,7 @@ ) ) { - die_friendly('Upload failed', '

Either the file does not exist (and therefore cannot be updated) or the file is protected.

'); + die_friendly($lang->get('upload_err_title'), '

' . $lang->get('upload_err_replace_protected') . '

'); } $utime = time(); @@ -144,7 +125,7 @@ if(!@move_uploaded_file($file['tmp_name'], $targetname)) { - die_friendly('Upload failed', '

Could not move uploaded file to the new location.

'); + die_friendly($lang->get('upload_err_title'), '

' . $lang->get('upload_err_move_failed') . '

'); } if(getConfig('file_history') != '1') @@ -162,7 +143,7 @@ { if(!$db->sql_query('INSERT INTO '.table_prefix.'logs(time_id,date_string,log_type,action,author,page_id,namespace,edit_summary) VALUES('.$utime.', \''.enano_date('d M Y h:i a').'\', \'page\', \'reupload\', \''.$session->username.'\', \''.$filename.'\', \''.'File'.'\', \''.$comments.'\');')) $db->_die('The page log could not be updated.'); } - die_friendly('Upload complete', '

Your file has been uploaded successfully. View the file\'s page.

'); + die_friendly($lang->get('upload_success_title'), '

' . $lang->get('upload_success_body', array('file_link' => makeUrlNS('File', $filename))) . '

'); } else { @@ -170,40 +151,44 @@ $fn = $paths->getParam(0); if ( $fn && !$session->get_permissions('upload_new_version') ) { - die_friendly('Access denied', '

Uploading new versions of files has been disabled for your user account or group.

'); + die_friendly($lang->get('etc_access_denied_short'), '

' . $lang->get('upload_err_replace_denied') . '

'); } ?> -

Using this form you can upload a file to the site.

-

The maximum file size is get('upload_intro'); ?>

+

= 1048576) { $fs = round($fs / 1048576, 1); - echo ' ('.$fs.' MB)'; + $unitized = $fs . ' ' . $lang->get('etc_unit_megabytes_short'); } elseif($fs >= 1024) { $fs = round($fs / 1024, 1); - echo ' ('.$fs.' KB)'; + $unitized = $fs . ' ' . $lang->get('etc_unit_kilobytes_short'); } - ?>.

+ + echo $lang->get('upload_max_filesize', array( + 'size' => $unitized + )); + ?>

- - + + '; - else echo ''; + if(!$fn) echo ''; + else echo ''; ?>
File:
Rename to: />
get('upload_field_file'); ?>
get('upload_field_renameto'); ?> />
Comments:
(can be wiki-formatted)
Reason for uploading the new version:
' . $lang->get('upload_field_comments') . '
' . $lang->get('upload_field_reason') . '
'; ?> - +
@@ -215,6 +200,7 @@ function page_Special_DownloadFile() { global $db, $session, $paths, $template, $plugins; // Common objects + global $lang; global $do_gzip; $filename = rawurldecode($paths->getParam(0)); $timeid = $paths->getParam(1); @@ -235,7 +221,7 @@ if ( $db->numrows() < 1 ) { header('HTTP/1.1 404 Not Found'); - die_friendly('File not found', '

The file "'.htmlspecialchars($filename).'" cannot be found.

'); + die_friendly($lang->get('upload_err_not_found_title'), '

' . $lang->get('upload_err_not_found_body', array('filename' => htmlspecialchars($filename))) . '

'); } $row = $db->fetchrow(); $db->free_result(); @@ -244,7 +230,7 @@ $perms = $session->fetch_page_acl($row['page_id'], 'File'); if ( !$perms->get_permissions('read') ) { - die_friendly('Access denied', '

Access to the specified file is denied.

'); + die_friendly($lang->get('etc_access_denied_short'), '

' . $lang->get('etc_access_denied') . '

'); } $fname = ENANO_ROOT . '/files/' . $row['file_key'] . '_' . $row['time_id'] . $row['file_extension'];