Tighten up file upload error reporting

craigdietrich · craigdietrich · commit 0f75b1bcc0b1 · 2016-03-13T12:13:17.000-07:00
diff --git a/system/application/controllers/book.php b/system/application/controllers/book.php
@@ -414,8 +414,15 @@ private function upload() {
 
 		$this->data['view'] = __FUNCTION__;
 
-		if ($action == 'add' || $action == 'replace') {
-			$return = array('error'=>'');
+		if (empty($_FILES) && empty($_POST) && isset($_SERVER['REQUEST_METHOD']) && 'post'==strtolower($_SERVER['REQUEST_METHOD'])) {
+
+			echo json_encode( array('error'=>'The file is larger than the server\'s max upload size') );
+			exit;
+
+		} elseif ($action == 'add' || $action == 'replace') {
+
+			$return = array();
+
 			try {
 	            $slug = confirm_slash($this->data['book']->slug);
 				$url = $this->file_upload->uploadMedia($slug, $chmod_mode, $this->versions);
@@ -427,16 +434,20 @@ private function upload() {
 				exit;
 			}
 
-			$this->load->library('Image_Metadata', 'image_metadata');
-			$return = array();
-			$return[$url] = $this->image_metadata->get($path, Image_Metadata::FORMAT_NS);
+			try {
+				$this->load->library('Image_Metadata', 'image_metadata');
+				$return[$url] = $this->image_metadata->get($path, Image_Metadata::FORMAT_NS);
+			} catch (Exception $e) {
+				// Don't throw exception since this isn't critical
+			}
+
 			if (false!==$thumbUrl) {
 				$return[$url]['scalar:thumbnail'] = confirm_slash(base_url()).$slug.$thumbUrl;
 			}
 			echo json_encode($return);
 			exit;
 
-		}
+		} // if
 
 		// List of media pages
 		$this->data['book_media'] = $this->pages->get_all($this->data['book']->book_id, 'media', null, false);
diff --git a/system/application/libraries/File_Upload.php b/system/application/libraries/File_Upload.php
@@ -4,13 +4,7 @@ class File_Upload {
 
     	const THUMB_WIDTH = 120;
 
-        public function __construct() {
-
-        }
-        private function upload($tempFile,$targetFile,$chmodMode) {
-            if (!move_uploaded_file($tempFile,$targetFile)) throw new Exception('Problem moving temp file. The file could be too large.');
-            @chmod($targetFile, $chmodMode);
-        }
+        public function __construct() {}
 
         public function uploadMedia($slug,$chmodMode,$versions=null) {
             if (empty($_FILES)) throw new Exception('Could not find uploaded file');
@@ -76,9 +70,44 @@ public function uploadPublisherThumb($slug,$chmodMode) {
             return 'media/'.$targetName;
         }
 
+        private function upload($tempFile,$targetFile,$chmodMode) {
+            if (!move_uploaded_file($tempFile,$targetFile)) throw new Exception('Problem moving temp file. The file is likely larger than the system\'s max upload size ('.$this->getMaximumFileUploadSize().').');
+            @chmod($targetFile, $chmodMode);
+        }
+
         private function resize($targetFile,$width) {
             require confirm_slash(APPPATH).'libraries/wideimage/WideImage.php';
             WideImage::load($targetFile)->resize($width)->saveToFile($targetFile);
         }
+
+		private function convertPHPSizeToBytes($sSize)  {  // http://stackoverflow.com/questions/13076480/php-get-actual-maximum-upload-size
+		    if ( is_numeric( $sSize) ) {
+		   		return $sSize;
+		    }
+		    $sSuffix = substr($sSize, -1);
+		    $iValue = substr($sSize, 0, -1);
+		    switch(strtoupper($sSuffix)){
+			    case 'P':
+			        $iValue *= 1024;
+			    case 'T':
+			        $iValue *= 1024;
+			    case 'G':
+			        $iValue *= 1024;
+			    case 'M':
+			        $iValue *= 1024;
+			    case 'K':
+			        $iValue *= 1024;
+			        break;
+		    }
+		    return $iValue;
+		}
+
+		private function getMaximumFileUploadSize()  {  // http://stackoverflow.com/questions/13076480/php-get-actual-maximum-upload-size
+    		$size = min($this->convertPHPSizeToBytes(ini_get('post_max_size')), $this->convertPHPSizeToBytes(ini_get('upload_max_filesize')));
+    		$base = log($size) / log(1024);
+			$suffix = array("", "k", "M", "G", "T")[floor($base)];
+			return pow(1024, $base - floor($base)) . $suffix;
+		}
+
     }
 ?>
diff --git a/system/application/libraries/Image_Metadata.php b/system/application/libraries/Image_Metadata.php
@@ -8,6 +8,9 @@ class Image_Metadata {
 	private $iptc_ns = 'iptc';
 	private $iptc_uri = '';
 	private $iptc = array();
+	private $exif_ns = 'exif';
+	private $exif_uri = '';
+	private $exif = array();
 
 	public function __construct() {
 
@@ -25,7 +28,7 @@ public function get($path='', $format=Image_Metadata::FORMAT_NS) {
 		$return = array();
 
 		$iptc_arr = (!empty($this->iptc_ns)) ? $this->get_iptc($path) : array();
-		//$exif_arr = $this->get_exif($path);
+		$exif_arr = (!empty($this->exif_ns)) ? $this->get_exif($path) : array();
 		foreach ($iptc_arr as $field => $value) {
 			switch ($format) {
 				case Image_Metadata::FORMAT_NS:
@@ -43,7 +46,9 @@ public function get($path='', $format=Image_Metadata::FORMAT_NS) {
 
 	private function get_exif($path='') {
 
-		$exif = exif_read_data($path);
+		// $exif = exif_read_data($path);
+		// TODO
+		return array();
 
 	}
 
