summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authoruckelman <uckelman@nomic.net>2010-05-10 20:51:08 +0000
committeruckelman <uckelman@nomic.net>2010-05-10 20:51:08 +0000
commitd24f1c91acfab85cddd72a5155acd2dc87ba060d (patch)
tree8768748f39e52607c5617943d678c6991f7ce4d2 /src
parent3205ceac8416fbba0e726bde0688c994a962272e (diff)
Added logic for writing attachments.
git-svn-id: https://vassalengine.svn.sourceforge.net/svnroot/vassalengine/site-src/trunk@6845 67b53d14-2c14-4ace-a08f-0dab2b34000c
Diffstat (limited to 'src')
-rw-r--r--src/attachment_writer.php42
1 files changed, 41 insertions, 1 deletions
diff --git a/src/attachment_writer.php b/src/attachment_writer.php
index ee638c7..bd00b14 100644
--- a/src/attachment_writer.php
+++ b/src/attachment_writer.php
@@ -4,9 +4,49 @@ if (!array_key_exists('password', $_POST)) {
die('No password given');
}
-var_dump($_FILES);
+if ($_POST['password'] != 'foo') {
+ die('Incorrect password');
+}
+
+$attach_dir = '/var/www/forum/files';
+
+foreach ($_FILES as $file) {
+ # Check for errors
+ switch ($file['error']) {
+ case UPLOAD_ERR_OK:
+ break;
+ case UPLOAD_ERR_INI_SIZE:
+ die('Error UPLOAD_ERR_INI_SIZE: ' . $file['name']);
+ case UPLOAD_ERR_FORM_SIZE:
+ die('Error UPLOAD_ERR_FORM_SIZE: ' . $file['name']);
+ case UPLOAD_ERR_PARTIAL:
+ die('Error UPLOAD_ERR_PARTIAL: ' . $file['name']);
+ case UPLOAD_ERR_NO_FILE:
+ die('Error UPLOAD_ERR_NO_FILE: ' . $file['name']);
+ case UPLOAD_ERR_NO_TMP_DIR:
+ die('Error UPLOAD_ERR_NO_TMP_DIR: ' . $file['name']);
+ case UPLOAD_ERR_CANT_WRITE:
+ die('Error UPLOAD_ERR_CANT_WRITE: ' . $file['name']);
+ case UPLOAD_ERR_EXTENSION:
+ die('Error UPLOAD_ERR_EXTENSION: ' . $file['name']);
+ default:
+ die('Unrecognized error code: ' . $file['error'] . ' ' $file['name']);
+ }
+ # Don't continue if the name isn't what phpBB expects
+ if (preg_match('/^\d+_[0-9a-f]{32}$/', $file['name']) != 1) {
+ die('Bad destination filename: ' . $file['name']);
+ }
+ $src = $file['tmp_name'];
+ $dst = $attach_dir . '/' . $file['name'];
+
+ # Move temp file to attachments dir
+ if (!move_uploaded_file($src, $dst)) {
+ die("Failed to move $src to $dst.");
+ }
}
+return 1;
+
?>