beenull/adminerevo
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Allowed extensions

Browse source
This commit is contained in:
Jakub Vrana 2011-10-09 23:28:18 -07:00
parent 319abbaf2f
commit 468644e2d8
1 changed files with 6 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
plugins/file-upload.php
View file

@ -1,4 +1,5 @@
<?php <?php
//! delete
/** Edit fields ending with "_path" by <input type="file"> and link to the uploaded files from select /** Edit fields ending with "_path" by <input type="file"> and link to the uploaded files from select
* @author Jakub Vrana, http://www.vrana.cz/ * @author Jakub Vrana, http://www.vrana.cz/
@ -7,15 +8,17 @@
*/ */
class AdminerFileUpload { class AdminerFileUpload {
/** @access protected */ /** @access protected */
var $uploadPath, $displayPath; var $uploadPath, $displayPath, $extensions;
/** /**
* @param string prefix for uploading data (create writable subdirectory for each table containing uploadable fields) * @param string prefix for uploading data (create writable subdirectory for each table containing uploadable fields)
* @param string prefix for displaying data, null stands for $uploadPath * @param string prefix for displaying data, null stands for $uploadPath
* @param string regular expression with allowed file extensions
*/ */
function AdminerFileUpload($uploadPath = "../static/data/", $displayPath = null) { function AdminerFileUpload($uploadPath = "../static/data/", $displayPath = null, $extensions = "[a-zA-Z0-9]+") {
$this->uploadPath = $uploadPath; $this->uploadPath = $uploadPath;
$this->displayPath = (isset($displayPath) ? $displayPath : $uploadPath); $this->displayPath = (isset($displayPath) ? $displayPath : $uploadPath);
$this->extensions = $extensions;
} }
function editInput($table, $field, $attrs, $value) { function editInput($table, $field, $attrs, $value) {
@ -28,7 +31,7 @@ class AdminerFileUpload {
if (ereg('(.*)_path$', $field["field"], $regs)) { if (ereg('(.*)_path$', $field["field"], $regs)) {
$table = ($_GET["edit"] != "" ? $_GET["edit"] : $_GET["select"]); $table = ($_GET["edit"] != "" ? $_GET["edit"] : $_GET["select"]);
$name = "fields-$field[field]"; $name = "fields-$field[field]";
if ($_FILES[$name]["error"] || !eregi('(\\.([a-z0-9]+))?$', $_FILES[$name]["name"], $regs2)) { if ($_FILES[$name]["error"] || !ereg("(\\.($this->extensions))?\$", $_FILES[$name]["name"], $regs2)) {
return false; return false;
} }
//! unlink old //! unlink old