diff --git a/include/class.file.php b/include/class.file.php index 891a8b5bfb851415c1ab3cbe804284ae5217f229..c27c9fdd07b5aa7477336c009af2fdb75605233c 100644 --- a/include/class.file.php +++ b/include/class.file.php @@ -141,7 +141,7 @@ class AttachmentFile { /* Function assumes the files types have been validated */ function upload($file) { - if(!$file['name'] || !is_uploaded_file($file['tmp_name'])) + if(!$file['name'] || $file['error'] || !is_uploaded_file($file['tmp_name'])) return false; $info=array('type'=>$file['type'], @@ -160,13 +160,6 @@ class AttachmentFile { $file['hash']=MD5(MD5($file['data']).time()); if(!$file['size']) $file['size']=strlen($file['data']); - - - - //TODO: Do chunked INSERTs - - if(($mps=db_get_variable('max_allowed_packet')) && $file['size']>($mps*0.7)) { - @db_set_variable('max_allowed_packet',$file['size']+$mps); - } $sql='INSERT INTO '.FILE_TABLE.' SET created=NOW() ' .',type='.db_input($file['type']) @@ -178,11 +171,15 @@ class AttachmentFile { return false; foreach (str_split($file['data'], 1024*100) as $chunk) { - if (!db_query('UPDATE '.FILE_TABLE.' SET filedata = CONCAT(filedata,' - .db_input($chunk).') WHERE id='.db_input($id))) - # Remove partially uploaded file contents + $sql='UPDATE '.FILE_TABLE + .' SET filedata = CONCAT(filedata,'.db_input($chunk).')' + .' WHERE id='.db_input($id); + if(!db_query($sql)) { + db_query('DELETE FROM '.FILE_TABLE.' WHERE id='.db_input($id).' LIMIT 1'); return false; + } } + return $id; }