From aa2bc152f794592f7ac4ce2072c318a116e6a9b9 Mon Sep 17 00:00:00 2001
From: Peter Rotich <peter@osticket.com>
Date: Wed, 25 Jul 2012 11:53:45 -0400
Subject: [PATCH] Add check for file upload error and ability to bailout of a
failed chunked INSERT
---
include/class.file.php | 19 ++++++++-----------
1 file changed, 8 insertions(+), 11 deletions(-)
diff --git a/include/class.file.php b/include/class.file.php
index 891a8b5bf..c27c9fdd0 100644
--- a/include/class.file.php
+++ b/include/class.file.php
@@ -141,7 +141,7 @@ class AttachmentFile {
/* Function assumes the files types have been validated */
function upload($file) {
- if(!$file['name'] || !is_uploaded_file($file['tmp_name']))
+ if(!$file['name'] || $file['error'] || !is_uploaded_file($file['tmp_name']))
return false;
$info=array('type'=>$file['type'],
@@ -160,13 +160,6 @@ class AttachmentFile {
$file['hash']=MD5(MD5($file['data']).time());
if(!$file['size'])
$file['size']=strlen($file['data']);
-
-
-
- //TODO: Do chunked INSERTs -
- if(($mps=db_get_variable('max_allowed_packet')) && $file['size']>($mps*0.7)) {
- @db_set_variable('max_allowed_packet',$file['size']+$mps);
- }
$sql='INSERT INTO '.FILE_TABLE.' SET created=NOW() '
.',type='.db_input($file['type'])
@@ -178,11 +171,15 @@ class AttachmentFile {
return false;
foreach (str_split($file['data'], 1024*100) as $chunk) {
- if (!db_query('UPDATE '.FILE_TABLE.' SET filedata = CONCAT(filedata,'
- .db_input($chunk).') WHERE id='.db_input($id)))
- # Remove partially uploaded file contents
+ $sql='UPDATE '.FILE_TABLE
+ .' SET filedata = CONCAT(filedata,'.db_input($chunk).')'
+ .' WHERE id='.db_input($id);
+ if(!db_query($sql)) {
+ db_query('DELETE FROM '.FILE_TABLE.' WHERE id='.db_input($id).' LIMIT 1');
return false;
+ }
}
+
return $id;
}
--
GitLab