const FILETYPE_MISSING = 8;
const FILETYPE_BADTYPE = 9;
const VERIFICATION_ERROR = 10;
-
- # HOOK_ABORTED is the new name of UPLOAD_VERIFICATION_ERROR
- const UPLOAD_VERIFICATION_ERROR = 11;
const HOOK_ABORTED = 11;
const FILE_TOO_LARGE = 12;
const WINDOWS_NONASCII_FILENAME = 13;
return true;
}
+ /**
+ * Returns true if the user has surpassed the upload rate limit, false otherwise.
+ *
+ * @param User $user
+ * @return bool
+ */
+ public static function isThrottled( $user ) {
+ return $user->pingLimiter( 'upload' );
+ }
+
// Upload handlers. Should probably just be a global.
private static $uploadHandlers = array( 'Stash', 'File', 'Url' );
$warnings['exists'] = $exists;
}
+ if ( $localFile->wasDeleted() && !$localFile->exists() ) {
+ $warnings['was-deleted'] = $filename;
+ }
+
// Check dupes against existing files
$hash = $this->getTempFileSha1Base36();
$dupes = RepoGroup::singleton()->findBySha1( $hash );
'<a href',
'<body',
'<head',
- '<html', #also in safari
+ '<html', # also in safari
'<img',
'<pre',
- '<script', #also in safari
+ '<script', # also in safari
'<table'
);
# image/svg, text/xml, application/xml, and text/html, which can contain scripts
if ( $stripped == 'href' && strncasecmp( 'data:', $value, 5 ) === 0 ) {
// rfc2397 parameters. This is only slightly slower than (;[\w;]+)*.
+ // @codingStandardsIgnoreStart Generic.Files.LineLength
$parameters = '(?>;[a-zA-Z0-9\!#$&\'*+.^_`{|}~-]+=(?>[a-zA-Z0-9\!#$&\'*+.^_`{|}~-]+|"(?>[\0-\x0c\x0e-\x21\x23-\x5b\x5d-\x7f]+|\\\\[\0-\x7f])*"))*(?:;base64)?';
+ // @codingStandardsIgnoreEnd
+
if ( !preg_match( "!^data:\s*image/(gif|jpeg|jpg|png)$parameters,!i", $value ) ) {
wfDebug( __METHOD__ . ": Found href to unwhitelisted data: uri "
. "\"<$strippedElement '$attrib'='$value'...\" in uploaded file.\n" );
}
}
- return false; //No scripts detected
+ return false; // No scripts detected
}
/**
$output = trim( $output );
if ( !$output ) {
- $output = true; #if there's no output, return true
+ $output = true; # if there's no output, return true
} elseif ( $msgPattern ) {
$groups = array();
if ( preg_match( $msgPattern, $output, $groups ) ) {
return array( 'warning' => 'page-exists', 'file' => $file );
}
- if ( $file->wasDeleted() && !$file->exists() ) {
- return array( 'warning' => 'was-deleted', 'file' => $file );
- }
-
if ( strpos( $file->getName(), '.' ) == false ) {
$partname = $file->getName();
$extension = '';
// We're not using the normalized form of the extension.
// Normal form is lowercase, using most common of alternate
// extensions (eg 'jpg' rather than 'JPEG').
- //
+
// Check for another file using the normalized form...
$nt_lc = Title::makeTitle( NS_FILE, "{$partname}.{$normalizedExtension}" );
$file_lc = wfLocalFile( $nt_lc );
}
/**
+ * Get the MediaWiki maximum uploaded file size for given type of upload, based on
+ * $wgMaxUploadSize.
+ *
* @param null|string $forType
* @return int
*/
}
}
+ /**
+ * Get the PHP maximum uploaded file size, based on ini settings. If there is no limit or the
+ * limit can't be guessed, returns a very large number (PHP_INT_MAX).
+ *
+ * @since 1.27
+ * @return int
+ */
+ public static function getMaxPhpUploadSize() {
+ $phpMaxFileSize = wfShorthandToInteger(
+ ini_get( 'upload_max_filesize' ) ?: ini_get( 'hhvm.server.upload.upload_max_file_size' ),
+ PHP_INT_MAX
+ );
+ $phpMaxPostSize = wfShorthandToInteger(
+ ini_get( 'post_max_size' ) ?: ini_get( 'hhvm.server.max_post_size' ),
+ PHP_INT_MAX
+ ) ?: PHP_INT_MAX;
+ return min( $phpMaxFileSize, $phpMaxPostSize );
+ }
+
/**
* Get the current status of a chunked upload (used for polling)
*
if ( $value === false ) {
$cache->delete( $key );
} else {
- $cache->set( $key, $value, 86400 );
+ $cache->set( $key, $value, $cache::TTL_DAY );
}
}
}