From 54e98ffe222014d6165d0ca0d0eb31163feaea60 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Wed, 26 Jan 2011 15:49:57 -0800 Subject: [PATCH] Fix ticket #3013: MAX_FILE_SIZE hidden fields were incorrectly placed In order to apply to PHP's POST processing, the MAX_FILE_SIZE field must appear *before* the file upload field. They were incorrectly placed after, where they had no effect on POST processing. --- actions/avatarsettings.php | 6 +++--- actions/designadminpanel.php | 8 ++++---- actions/grouplogo.php | 6 +++--- lib/applicationeditform.php | 8 ++++---- lib/designsettings.php | 8 ++++---- lib/noticeform.php | 2 +- plugins/MobileProfile/MobileProfilePlugin.php | 2 +- 7 files changed, 20 insertions(+), 20 deletions(-) diff --git a/actions/avatarsettings.php b/actions/avatarsettings.php index 10c82ebfd7..c81c024081 100644 --- a/actions/avatarsettings.php +++ b/actions/avatarsettings.php @@ -157,13 +157,13 @@ class AvatarsettingsAction extends AccountSettingsAction } $this->elementStart('li', array ('id' => 'settings_attach')); - $this->element('input', array('name' => 'avatarfile', - 'type' => 'file', - 'id' => 'avatarfile')); $this->element('input', array('name' => 'MAX_FILE_SIZE', 'type' => 'hidden', 'id' => 'MAX_FILE_SIZE', 'value' => ImageFile::maxFileSizeInt())); + $this->element('input', array('name' => 'avatarfile', + 'type' => 'file', + 'id' => 'avatarfile')); $this->elementEnd('li'); $this->elementEnd('ul'); diff --git a/actions/designadminpanel.php b/actions/designadminpanel.php index dd422bce91..34e6de851a 100644 --- a/actions/designadminpanel.php +++ b/actions/designadminpanel.php @@ -516,6 +516,10 @@ class DesignAdminPanelForm extends AdminForm $this->out->elementStart('ul', 'form_data'); $this->li(); + $this->out->element('input', array('name' => 'MAX_FILE_SIZE', + 'type' => 'hidden', + 'id' => 'MAX_FILE_SIZE', + 'value' => ImageFile::maxFileSizeInt())); $this->out->element('label', array('for' => 'design_background-image_file'), // TRANS: Field label for background image on theme designer page. _('Background')); @@ -526,10 +530,6 @@ class DesignAdminPanelForm extends AdminForm // TRANS: Form guide for background image upload form on theme designer page. sprintf(_('You can upload a background image for the site. ' . 'The maximum file size is %1$s.'), ImageFile::maxFileSize())); - $this->out->element('input', array('name' => 'MAX_FILE_SIZE', - 'type' => 'hidden', - 'id' => 'MAX_FILE_SIZE', - 'value' => ImageFile::maxFileSizeInt())); $this->unli(); if (!empty($design->backgroundimage)) { diff --git a/actions/grouplogo.php b/actions/grouplogo.php index d2e8fd0e91..e4a497cf8f 100644 --- a/actions/grouplogo.php +++ b/actions/grouplogo.php @@ -228,13 +228,13 @@ class GrouplogoAction extends GroupDesignAction } $this->elementStart('li', array ('id' => 'settings_attach')); - $this->element('input', array('name' => 'avatarfile', - 'type' => 'file', - 'id' => 'avatarfile')); $this->element('input', array('name' => 'MAX_FILE_SIZE', 'type' => 'hidden', 'id' => 'MAX_FILE_SIZE', 'value' => ImageFile::maxFileSizeInt())); + $this->element('input', array('name' => 'avatarfile', + 'type' => 'file', + 'id' => 'avatarfile')); $this->elementEnd('li'); $this->elementEnd('ul'); diff --git a/lib/applicationeditform.php b/lib/applicationeditform.php index f53c31feb4..ec6702cd64 100644 --- a/lib/applicationeditform.php +++ b/lib/applicationeditform.php @@ -168,6 +168,10 @@ class ApplicationEditForm extends Form $this->out->element('img', array('src' => $icon)); } + $this->out->element('input', array('name' => 'MAX_FILE_SIZE', + 'type' => 'hidden', + 'id' => 'MAX_FILE_SIZE', + 'value' => ImageFile::maxFileSizeInt())); $this->out->element('label', array('for' => 'app_icon'), // TRANS: Form input field label for application icon. _('Icon')); @@ -176,10 +180,6 @@ class ApplicationEditForm extends Form 'id' => 'app_icon')); // TRANS: Form guide. $this->out->element('p', 'form_guide', _('Icon for this application')); - $this->out->element('input', array('name' => 'MAX_FILE_SIZE', - 'type' => 'hidden', - 'id' => 'MAX_FILE_SIZE', - 'value' => ImageFile::maxFileSizeInt())); $this->out->elementEnd('li'); $this->out->elementStart('li'); diff --git a/lib/designsettings.php b/lib/designsettings.php index 90296a64da..d7da0b77d8 100644 --- a/lib/designsettings.php +++ b/lib/designsettings.php @@ -98,6 +98,10 @@ class DesignSettingsAction extends AccountSettingsAction $this->element('legend', null, _('Change background image')); $this->elementStart('ul', 'form_data'); $this->elementStart('li'); + $this->element('input', array('name' => 'MAX_FILE_SIZE', + 'type' => 'hidden', + 'id' => 'MAX_FILE_SIZE', + 'value' => ImageFile::maxFileSizeInt())); $this->element('label', array('for' => 'design_background-image_file'), // TRANS: Label in form on profile design page. // TRANS: Field contains file name on user's computer that could be that user's custom profile background image. @@ -108,10 +112,6 @@ class DesignSettingsAction extends AccountSettingsAction // TRANS: Instructions for form on profile design page. $this->element('p', 'form_guide', _('You can upload your personal ' . 'background image. The maximum file size is 2MB.')); - $this->element('input', array('name' => 'MAX_FILE_SIZE', - 'type' => 'hidden', - 'id' => 'MAX_FILE_SIZE', - 'value' => ImageFile::maxFileSizeInt())); $this->elementEnd('li'); if (!empty($design->backgroundimage)) { diff --git a/lib/noticeform.php b/lib/noticeform.php index 5140663569..271d360707 100644 --- a/lib/noticeform.php +++ b/lib/noticeform.php @@ -190,12 +190,12 @@ class NoticeForm extends Form } if (common_config('attachments', 'uploads')) { + $this->out->hidden('MAX_FILE_SIZE', common_config('attachments', 'file_quota')); $this->out->element('label', array('for' => 'notice_data-attach'),_('Attach')); $this->out->element('input', array('id' => 'notice_data-attach', 'type' => 'file', 'name' => 'attach', 'title' => _('Attach a file'))); - $this->out->hidden('MAX_FILE_SIZE', common_config('attachments', 'file_quota')); } if ($this->action) { $this->out->hidden('notice_return-to', $this->action, 'returnto'); diff --git a/plugins/MobileProfile/MobileProfilePlugin.php b/plugins/MobileProfile/MobileProfilePlugin.php index b042bf7edd..b50440682f 100644 --- a/plugins/MobileProfile/MobileProfilePlugin.php +++ b/plugins/MobileProfile/MobileProfilePlugin.php @@ -358,12 +358,12 @@ class MobileProfilePlugin extends WAP20Plugin if (common_config('attachments', 'uploads')) { if ($this->mobileFeatures['inputfiletype']) { + $form->out->hidden('MAX_FILE_SIZE', common_config('attachments', 'file_quota')); $form->out->element('label', array('for' => 'notice_data-attach'), _m('Attach')); $form->out->element('input', array('id' => 'notice_data-attach', 'type' => 'file', 'name' => 'attach', 'title' => _m('Attach a file'))); - $form->out->hidden('MAX_FILE_SIZE', common_config('attachments', 'file_quota')); } } if ($form->action) { -- 2.39.2