file_check_upload

Definition

file_check_upload($source = 'upload')
drupal/includes/file.inc, line 170
Code

function file_check_upload($source = 'upload') { 

  // Cache for uploaded files. Since the data in _FILES is modified 

  // by this function, we cache the result. 

  static $upload_cache; 



  // Test source to see if it is an object. 

  if (is_object($source)) { 



    // Validate the file path if an object was passed in instead of 

    // an upload key. 

    if (is_file($source->filepath)) { 

      return $source; 

    } 

    else { 

      return false; 

    } 

  } 



  // Return cached objects without processing since the file will have 

  // already been processed and the paths in _FILES will be invalid. 

  if (isset($upload_cache[$source])) { 

    return $upload_cache[$source]; 

  } 



  // If a file was uploaded, process it. 

  if ($_FILES["edit"]["name"][$source] && is_uploaded_file($_FILES["edit"]["tmp_name"][$source])) { 



    // Check for file upload errors and return false if a 

    // lower level system error occurred. 

    switch ($_FILES["edit"]["error"][$source]) { 



      // @see http://php.net/manual/en/features.file-upload.errors.php 

      case UPLOAD_ERR_OK: 

        break; 



      case UPLOAD_ERR_INI_SIZE: 

      case UPLOAD_ERR_FORM_SIZE: 

        drupal_set_message(t('The file %file could not be saved, because it exceeds the maximum allowed size for uploads.', array('%file' => theme('placeholder', $source))), 'error'); 

        return 0; 



      case UPLOAD_ERR_PARTIAL: 

      case UPLOAD_ERR_NO_FILE: 

        drupal_set_message(t('The file %file could not be saved, because the upload did not complete.', array('%file' => theme('placeholder', $source))), 'error'); 

        return 0; 



      // Unknown error 

      default: 

        drupal_set_message(t('The file %file could not be saved. An unknown error has occurred.', array('%file' => theme('placeholder', $source))),'error'); 

        return 0; 

    } 



    // Begin building file object. 

    $file = new StdClass(); 

    $file->filename = trim(basename($_FILES["edit"]["name"][$source]), '.'); 



    // Create temporary name/path for newly uploaded files. 

    $file->filepath = tempnam(file_directory_temp(), 'tmp_'); 



    $file->filemime = $_FILES["edit"]["type"][$source]; 



    // Rename potentially executable files, to help prevent exploits. 

    if (((substr($file->filemime, 0, 5) == 'text/' || strpos($file->filemime, 'javascript')) && (substr($file->filename, -4) != '.txt')) || preg_match('/\.(php|pl|py|cgi|asp)$/i', $file->filename)) { 

      $file->filemime = 'text/plain'; 

      $file->filepath .= '.txt'; 

      $file->filename .= '.txt'; 

    } 



    // Move uploaded files from php's upload_tmp_dir to Drupal's file temp. 

    // This overcomes open_basedir restrictions for future file operations. 

    if (!move_uploaded_file($_FILES["edit"]["tmp_name"][$source], $file->filepath)) { 

      drupal_set_message(t('File upload error. Could not move uploaded file.')); 

      watchdog('file', t('Upload Error. Could not move uploaded file(%file) to destination(%destination).', array('%file' => theme('placeholder', $_FILES["edit"]["tmp_name"][$source]), '%destination' => theme('placeholder', $file->filepath)))); 

      return false; 

    } 



    $file->filesize = $_FILES["edit"]["size"][$source]; 

    $file->source = $source; 



    // Add processed file to the cache. 

    $upload_cache[$source] = $file; 

    return $file; 

  } 



  else { 

    // In case of previews return previous file object. 

    if (file_exists($_SESSION['file_uploads'][$source]->filepath)) { 

      return $_SESSION['file_uploads'][$source]; 

    } 

  } 

  // If nothing was done, return false. 

  return false; 

}
api.drupal.org BETA

Navigation

API module bugs

file_check_upload

Definition

Code
