From 3f6433096ba4182782463ad7a0d9824bedfc17f0 Mon Sep 17 00:00:00 2001 From: deva Date: Sun, 12 Oct 2008 11:40:08 +0000 Subject: Fixed parser to only recognize files when using numbers. --- forum/htdocs/config.php.defaults | 1 + forum/utils/filehandler.php | 5 ++++- forum/utils/parser.php | 2 +- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/forum/htdocs/config.php.defaults b/forum/htdocs/config.php.defaults index 512758f..51f7f4e 100644 --- a/forum/htdocs/config.php.defaults +++ b/forum/htdocs/config.php.defaults @@ -6,4 +6,5 @@ $ADMIN_TIMEOUT = 100000; $PERMSTORE = $DATA_DIR . "/files"; $IMAGECACHE = $DATA_DIR . "/imagecache"; $LOG_FILE = $DATA_DIR . "/forum.log"; +$FILE_MAX_SIZE = 5*1024*1024; // 5kb ?> diff --git a/forum/utils/filehandler.php b/forum/utils/filehandler.php index 9cacb1c..dfe0c80 100644 --- a/forum/utils/filehandler.php +++ b/forum/utils/filehandler.php @@ -4,10 +4,13 @@ include_once($UTIL_DIR . "/files.php"); $files = new Files($DATA_DIR . "/files.xml"); if($task == "upload") { + if(is_uploaded_file($_FILES['userfile']['tmp_name'])) { $name = $filename; if(!$filename) $name = $_FILES['userfile']['name']; - $files->newFile($_FILES['userfile']['tmp_name'], $name); + if(filesize($_FILES['userfile']['tmp_name']) <= $FILE_MAX_SIZE) $files->newFile($_FILES['userfile']['tmp_name'], $name); + else echo "File is too big " . sprintf("%.0f", filesize($_FILES['userfile']['tmp_name'])/1024). + "kb, max file size: " . sprintf("%.0f", $FILE_MAX_SIZE/1024) . "kb."; } } diff --git a/forum/utils/parser.php b/forum/utils/parser.php index 5ba5724..6d47162 100644 --- a/forum/utils/parser.php +++ b/forum/utils/parser.php @@ -48,7 +48,7 @@ function parse($input, $indent = "") $output = preg_replace("/".$imgstartmarker."(.*?)".$imgendmarker."/s", "\"$1\"", $output); // Replace URLs with tags - $output = preg_replace("/\{\{(.*?)\}\}/s", "File: $1", $output); + $output = preg_replace("/\{\{([0-9]*?)\}\}/s", "File: $1", $output); // Replace [quote title=...]...[/quote] $urls = ""; -- cgit v1.2.3