Hi,
No news yet, I'm depending on the Dev's to fix this
This file has been fixed already though so you should be able to get it here:http://forge.joomla.org/integration/vie ... 2&view=log
| Joomla! http://forum.joomla.org/ |
|
| [MEDIUM:FIXED:1.0.11] Can't upload image http://forum.joomla.org/viewtopic.php?f=376&t=90350 |
Page 1 of 1 |
| Author: | pcigre [ Wed Aug 30, 2006 8:59 am ] |
| Post subject: | [MEDIUM:FIXED:1.0.11] Can't upload image |
Description: When wrinting newarticle, can't upload images. Popup returns no autorisation text. Reported on: 1.0.11 Classification: High coz now autors that doesn't have ftp accress can't post articles. System info: PHP built On: Linux vps.pcigre.com 2.6.9-022stab078.14-enterprise #1 SMP Wed Jul 19 14:35:02 MSD 2006 i686 Database Version: 4.1.21-standard PHP Version: 4.4.4 Web Server: Apache WebServer to PHP interface: apache2handler Joomla! Version: Joomla! 1.0.11 Stable [ Sunbow ] 28 August 2006 20:00 UTC User Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 Firefox/1.5.0.6 |
|
| Author: | infograf768 [ Wed Aug 30, 2006 9:12 am ] |
| Post subject: | Re: [1.0.11] Can't upload image |
I confirm you have first to apply the changes i.e. create the content item first. Upload then works OK. There is a known bug for banners uploading. http://forum.joomla.org/index.php/topic,90039.0.html |
|
| Author: | pcigre [ Wed Aug 30, 2006 9:21 am ] |
| Post subject: | Re: [1.0.11] Can't upload image |
It works when content is saved... Now need to crate announcment to all authors about this... Thanks for hint. |
|
| Author: | infograf768 [ Wed Aug 30, 2006 9:36 am ] |
| Post subject: | Re: [1.0.11] Can't upload image |
http://forum.joomla.org/index.php/topic ... #msg457639 |
|
| Author: | Robin [ Wed Aug 30, 2006 12:03 pm ] |
| Post subject: | Re: [1.0.11] Can't upload image |
[TAGGED: Q&T] Status > Under Review |
|
| Author: | Robin [ Thu Aug 31, 2006 12:31 pm ] |
| Post subject: | Re: [ADDED TRACKER: 1.0.11] Can't upload image |
Confirmed and added a bug tracker report: http://forge.joomla.org/sf/go/artf5780?nav=1 |
|
| Author: | Shimon [ Thu Aug 31, 2006 3:09 pm ] |
| Post subject: | Re: [ADDED TRACKER: 1.0.11] Can't upload image |
Hi! What is the reason to make admin first to save content item, next to upload images? Here are few issues: 1. there is check for option and task from $_SESSION. So if you opened in one window already saved content item, next you open some component in another window (to copy and paste information for example) - seems that we'll get two problems at a time: a. the wrong option and task! (do we need the check, if we get the wrong result?) b. if the task of the last opened component is not 'edit' and is not 'editA' - the user will get error "You are not authorized to view this resource." 2. The message "You are not authorized to view this resource." is confusing users, as they are either used to upload and never got this message, or they are in status of admin or superadmin and they ARE authorized for such task. 3. If another component is using the STANDART Joomla! function to upload files, the user will get error "You are not authorized to view this resource." - the only one way to fix is to edit uploadimage.php (after every update?). It's not a bug. It's just something new and is not usable at all. It seems for me, that for example if you add the option to the Global Configuration, like 'allow users to upload files from nonsystem components', or something like that, and if you'll check for the usertype - the solution will be much more useful. |
|
| Author: | pcigre [ Thu Aug 31, 2006 3:10 pm ] |
| Post subject: | Re: [ADDED TRACKER: 1.0.11] Can't upload image |
It looks like its fixed in svn. Can someone post changes in files? |
|
| Author: | Shimon [ Thu Aug 31, 2006 3:14 pm ] |
| Post subject: | Re: [ADDED TRACKER: 1.0.11] Can't upload image |
Here is the last changed around 10 minutes ago code. # Fixed [artf5780] : lack of 'new' task in allowed tasks check # Fixed [artf5779] : lack of 'com_typedcontent' option in allowed options check # Fixed [art5766] : Bannerupload failt Code: <?php
/** * @version $Id$ * @package Joomla * @copyright Copyright (C) 2005 Open Source Matters. All rights reserved. * @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php * Joomla! is free software. This version may have been modified pursuant * to the GNU General Public License, and as distributed it includes or * is derivative of works licensed under the GNU General Public License or * other free or open source software licenses. * See COPYRIGHT.php for copyright notices and details. */ // Set flag that this is a parent file define( "_VALID_MOS", 1 ); /** security check */ require( '../includes/auth.php' ); include_once ( $mosConfig_absolute_path . '/language/' . $mosConfig_lang . '.php' ); /* * Stops file upload below /images/stories directory * Added 1.0.11 */ function limitDirectory( &$directory ) { if ( strpos($directory, '../') !== false ) { $directory = str_replace('../', '', $directory); } if ( strpos($directory, '..\\') !== false ) { $directory = str_replace('..\\', '', $directory); } if ( strpos($directory, ':') !== false ) { $directory = str_replace(':', '', $directory); } return $directory; } // limit access to functionality $option = strval( mosGetParam( $_SESSION, 'option', '' ) ); $task = strval( mosGetParam( $_SESSION, 'task', '' ) ); switch ($option) { case 'com_banners': break; case 'com_categories': case 'com_content': case 'com_sections': case 'com_typedcontent': if ( $task != 'edit' && $task != 'editA' && $task != 'new' ) { echo _NOT_AUTH; return; } break; default: echo _NOT_AUTH; return; break; } $directory = mosGetParam( $_REQUEST, 'directory', ''); $css = mosGetParam( $_REQUEST, 't',''); $media_path = $mosConfig_absolute_path.'/media/'; $userfile2 = (isset($_FILES['userfile']['tmp_name']) ? $_FILES['userfile']['tmp_name'] : ""); $userfile_name = (isset($_FILES['userfile']['name']) ? $_FILES['userfile']['name'] : ""); limitDirectory( $directory ); // check to see if directory exists if ( $directory != 'banners' && $directory != '' && !is_dir($mosConfig_absolute_path .'/images/stories/'. $directory)) { $directory = ''; } if (isset($_FILES['userfile'])) { if ($directory == 'banners') { $base_Dir = "../../images/banners/"; } else if ( $directory != '' ) { $base_Dir = '../../images/stories/'. $directory; if (!is_dir($mosConfig_absolute_path .'/images/stories/'. $directory)) { $base_Dir = '../../images/stories/'; $directory = ''; } } else { $base_Dir = '../../images/stories/'; } if (empty($userfile_name)) { echo "<script>alert('Please select an image to upload'); document.location.href='uploadimage.php';</script>"; } $filename = split("\.", $userfile_name); if (eregi("[^0-9a-zA-Z_]", $filename[0])) { mosErrorAlert('File must only contain alphanumeric characters and no spaces please.'); } if (file_exists($base_Dir.$userfile_name)) { mosErrorAlert('Image '.$userfile_name.' already exists.'); } if ((strcasecmp(substr($userfile_name,-4),'.gif')) && (strcasecmp(substr($userfile_name,-4),'.jpg')) && (strcasecmp(substr($userfile_name,-4),'.png')) && (strcasecmp(substr($userfile_name,-4),'.bmp')) &&(strcasecmp(substr($userfile_name,-4),'.doc')) && (strcasecmp(substr($userfile_name,-4),'.xls')) && (strcasecmp(substr($userfile_name,-4),'.ppt')) && (strcasecmp(substr($userfile_name,-4),'.swf')) && (strcasecmp(substr($userfile_name,-4),'.pdf'))) { mosErrorAlert('The file must be gif, png, jpg, bmp, swf, doc, xls or ppt'); } if (eregi('.pdf', $userfile_name) || eregi('.doc', $userfile_name) || eregi('.xls', $userfile_name) || eregi('.ppt', $userfile_name)) { if (!move_uploaded_file ($_FILES['userfile']['tmp_name'],$media_path.$_FILES['userfile']['name']) || !mosChmod($media_path.$_FILES['userfile']['name'])) { mosErrorAlert('Upload of '.$userfile_name.' failed'); } else { mosErrorAlert('Upload of '.$userfile_name.' to '.$base_Dir.' successful', "window.close()"); } } elseif (!move_uploaded_file ($_FILES['userfile']['tmp_name'],$base_Dir.$_FILES['userfile']['name']) || !mosChmod($base_Dir.$_FILES['userfile']['name'])) { mosErrorAlert('Upload of '.$userfile_name.' failed'); } else { mosErrorAlert('Upload of '.$userfile_name.' to '.$base_Dir.' successful', "window.close()"); } echo $base_Dir.$_FILES['userfile']['name']; } // css file handling // check to see if template exists if ( $css != '' && !is_dir($mosConfig_absolute_path .'/administrator/templates/'. $css .'/css/template_css.css' )) { $css = 'joomla_admin'; } else if ( $css == '' ) { $css = 'joomla_admin'; } $iso = split( '=', _ISO ); // xml prolog echo '<?xml version="1.0" encoding="'. $iso[1] .'"?' .'>'; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Upload a file</title> </head> <body> <link rel="stylesheet" href="../templates/<?php echo $css; ?>/css/template_css.css" type="text/css" /> <form method="post" action="uploadimage.php" enctype="multipart/form-data" name="filename"> <table class="adminform"> <tr> <th class="title"> File Upload : <?php echo $directory; ?> </th> </tr> <tr> <td align="center"> <input class="inputbox" name="userfile" type="file" /> </td> </tr> <tr> <td> <input class="button" type="submit" value="Upload" name="fileupload" /> Max size = <?php echo ini_get( 'post_max_size' );?> </td> </tr> </table> <input type="hidden" name="directory" value="<?php echo $directory;?>" /> </form> </body> </html> |
|
| Author: | Predator [ Thu Aug 31, 2006 3:29 pm ] |
| Post subject: | Re: [ADDED TRACKER: 1.0.11] Can't upload image |
Fixed in SVN |
|
| Author: | Shimon [ Thu Aug 31, 2006 3:35 pm ] |
| Post subject: | Re: [ADDED TRACKER: 1.0.11] Can't upload image |
Thanks to Predator and to facedancer for the fast bugfixing, I've checked on one of my websites - didn't get error message. But still there are the same issues:l Shimon wrote: 1. there is check for option and task from $_SESSION. So if you opened in one window already saved content item, next you open some component in another window (to copy and paste information for example) - seems that we'll get two problems at a time: a. the wrong option and task! (do we need the check, if we get the wrong result?) b. if the task of the last opened component is not 'edit' and is not 'editA' - the user will get error "You are not authorized to view this resource." 2. The message "You are not authorized to view this resource." is confusing users, as they are either used to upload and never got this message, or they are in status of admin or superadmin and they ARE authorized for such task. 3. If another component is using the STANDART Joomla! function to upload files, the user will get error "You are not authorized to view this resource." - the only one way to fix is to edit uploadimage.php (after every update?). Also, could you give to admin an ability to change in preferences the which directories are not allowed to upload to, such as i have a component, uploading images to images/tiles, so I'm using the pathway ../tiles - i had to comment the part of code which is checking for the '../' in the pathway of upload. And one more thing, seems to be a vulnerability. If you are logged in the frontend and editing content - you are working with the component com_content - the same as in the backend, with the same task 'edit' - uploadimage.php allows you to upload files from the frontend even if you are not logged in the backend and even if your status is just 'Author'. Code: http://website.com/administrator/popups/uploadimage.php?directory=&t=joomla_admin
|
|
| Author: | pcigre [ Thu Aug 31, 2006 4:11 pm ] |
| Post subject: | Re: [ADDED TRACKER: 1.0.11] Can't upload image |
Upload in backend now works fine. Thanks everyone. edit: it would be nice that Known issues 1.0.11 Sunbow topic is being updated with links to fixes. |
|
| Author: | Robin [ Thu Aug 31, 2006 8:21 pm ] |
| Post subject: | Re: [ADDED TRACKER: 1.0.11] Can't upload image |
Hi, I will be updating all Q&T topics tomorrow. I will add fixes to the known issue list as well. Regards Robin |
|
| Author: | Shimon [ Sun Sep 03, 2006 5:49 am ] |
| Post subject: | Re: [ADDED TRACKER: 1.0.11] Can't upload image |
RobInk wrote: Hi, I will be updating all Q&T topics tomorrow. I will add fixes to the known issue list as well. Regards Robin Hi! Is there any news? Any changes? |
|
| Author: | Robin [ Sun Sep 03, 2006 11:46 am ] |
| Post subject: | Re: [ADDED TRACKER: 1.0.11] Can't upload image |
Hi, No news yet, I'm depending on the Dev's to fix this This file has been fixed already though so you should be able to get it here:http://forge.joomla.org/integration/vie ... 2&view=log |
|
| Author: | lejovchina [ Mon Sep 04, 2006 11:56 am ] |
| Post subject: | Re: [ADDED TRACKER: 1.0.11] Can't upload image |
Shimon wrote: Here is the last changed around 10 minutes ago code. # Fixed [artf5780] : lack of 'new' task in allowed tasks check # Fixed [artf5779] : lack of 'com_typedcontent' option in allowed options check # Fixed [art5766] : Bannerupload failt Code: <?php /** * @version $Id$ * @package Joomla * @copyright Copyright (C) 2005 Open Source Matters. All rights reserved. * @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php * Joomla! is free software. This version may have been modified pursuant * to the GNU General Public License, and as distributed it includes or * is derivative of works licensed under the GNU General Public License or * other free or open source software licenses. * See COPYRIGHT.php for copyright notices and details. */ // Set flag that this is a parent file define( "_VALID_MOS", 1 ); /** security check */ require( '../includes/auth.php' ); include_once ( $mosConfig_absolute_path . '/language/' . $mosConfig_lang . '.php' ); /* * Stops file upload below /images/stories directory * Added 1.0.11 */ function limitDirectory( &$directory ) { if ( strpos($directory, '../') !== false ) { $directory = str_replace('../', '', $directory); } if ( strpos($directory, '..\\') !== false ) { $directory = str_replace('..\\', '', $directory); } if ( strpos($directory, ':') !== false ) { $directory = str_replace(':', '', $directory); } return $directory; } // limit access to functionality $option = strval( mosGetParam( $_SESSION, 'option', '' ) ); $task = strval( mosGetParam( $_SESSION, 'task', '' ) ); switch ($option) { case 'com_banners': break; case 'com_categories': case 'com_content': case 'com_sections': case 'com_typedcontent': if ( $task != 'edit' && $task != 'editA' && $task != 'new' ) { echo _NOT_AUTH; return; } break; default: echo _NOT_AUTH; return; break; } $directory = mosGetParam( $_REQUEST, 'directory', ''); $css = mosGetParam( $_REQUEST, 't',''); $media_path = $mosConfig_absolute_path.'/media/'; $userfile2 = (isset($_FILES['userfile']['tmp_name']) ? $_FILES['userfile']['tmp_name'] : ""); $userfile_name = (isset($_FILES['userfile']['name']) ? $_FILES['userfile']['name'] : ""); limitDirectory( $directory ); // check to see if directory exists if ( $directory != 'banners' && $directory != '' && !is_dir($mosConfig_absolute_path .'/images/stories/'. $directory)) { $directory = ''; } if (isset($_FILES['userfile'])) { if ($directory == 'banners') { $base_Dir = "../../images/banners/"; } else if ( $directory != '' ) { $base_Dir = '../../images/stories/'. $directory; if (!is_dir($mosConfig_absolute_path .'/images/stories/'. $directory)) { $base_Dir = '../../images/stories/'; $directory = ''; } } else { $base_Dir = '../../images/stories/'; } if (empty($userfile_name)) { echo "<script>alert('Please select an image to upload'); document.location.href='uploadimage.php';</script>"; } $filename = split("\.", $userfile_name); if (eregi("[^0-9a-zA-Z_]", $filename[0])) { mosErrorAlert('File must only contain alphanumeric characters and no spaces please.'); } if (file_exists($base_Dir.$userfile_name)) { mosErrorAlert('Image '.$userfile_name.' already exists.'); } if ((strcasecmp(substr($userfile_name,-4),'.gif')) && (strcasecmp(substr($userfile_name,-4),'.jpg')) && (strcasecmp(substr($userfile_name,-4),'.png')) && (strcasecmp(substr($userfile_name,-4),'.bmp')) &&(strcasecmp(substr($userfile_name,-4),'.doc')) && (strcasecmp(substr($userfile_name,-4),'.xls')) && (strcasecmp(substr($userfile_name,-4),'.ppt')) && (strcasecmp(substr($userfile_name,-4),'.swf')) && (strcasecmp(substr($userfile_name,-4),'.pdf'))) { mosErrorAlert('The file must be gif, png, jpg, bmp, swf, doc, xls or ppt'); } if (eregi('.pdf', $userfile_name) || eregi('.doc', $userfile_name) || eregi('.xls', $userfile_name) || eregi('.ppt', $userfile_name)) { if (!move_uploaded_file ($_FILES['userfile']['tmp_name'],$media_path.$_FILES['userfile']['name']) || !mosChmod($media_path.$_FILES['userfile']['name'])) { mosErrorAlert('Upload of '.$userfile_name.' failed'); } else { mosErrorAlert('Upload of '.$userfile_name.' to '.$base_Dir.' successful', "window.close()"); } } elseif (!move_uploaded_file ($_FILES['userfile']['tmp_name'],$base_Dir.$_FILES['userfile']['name']) || !mosChmod($base_Dir.$_FILES['userfile']['name'])) { mosErrorAlert('Upload of '.$userfile_name.' failed'); } else { mosErrorAlert('Upload of '.$userfile_name.' to '.$base_Dir.' successful', "window.close()"); } echo $base_Dir.$_FILES['userfile']['name']; } // css file handling // check to see if template exists if ( $css != '' && !is_dir($mosConfig_absolute_path .'/administrator/templates/'. $css .'/css/template_css.css' )) { $css = 'joomla_admin'; } else if ( $css == '' ) { $css = 'joomla_admin'; } $iso = split( '=', _ISO ); // xml prolog echo '<?xml version="1.0" encoding="'. $iso[1] .'"?' .'>'; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Upload a file</title> </head> <body> <link rel="stylesheet" href="../templates/<?php echo $css; ?>/css/template_css.css" type="text/css" /> <form method="post" action="uploadimage.php" enctype="multipart/form-data" name="filename"> <table class="adminform"> <tr> <th class="title"> File Upload : <?php echo $directory; ?> </th> </tr> <tr> <td align="center"> <input class="inputbox" name="userfile" type="file" /> </td> </tr> <tr> <td> <input class="button" type="submit" value="Upload" name="fileupload" /> Max size = <?php echo ini_get( 'post_max_size' );?> </td> </tr> </table> <input type="hidden" name="directory" value="<?php echo $directory;?>" /> </form> </body> </html> In which file is this supposed to go? Ljv. |
|
| Author: | Shimon [ Mon Sep 04, 2006 1:26 pm ] |
| Post subject: | Re: [ADDED TRACKER: 1.0.11] Can't upload image |
lejovchina wrote: In which file is this supposed to go? In administrator/popups/uploadimage.php
|
|
| Author: | Muneo [ Wed Sep 06, 2006 3:28 pm ] |
| Post subject: | Re: [ADDED TRACKER: 1.0.11] Can't upload image |
I detected the uploadimage.php is used in many other components (like artbanners), so this "default" in "switch" it's too specific. I changed: line 59: (now it's detected when request comes from all component) Code: default: $opt = explode("_", $option); $pos = strpos("com", $opt[0]); if($pos === false){ //if option comes "com" in name echo _NOT_AUTH; return; } line ~124: Code: } else { chmod($base_Dir.$_FILES['userfile']['name'], 0644); //correct chmod - in some cases, chmod set 600 when upload the file... mosErrorAlert('Upload of '.$userfile_name.' to '.$base_Dir.' successful', "window.close()"); } Could someone validate my code? |
|
| Author: | pstill [ Wed Sep 06, 2006 3:44 pm ] |
| Post subject: | Re: [ADDED TRACKER: 1.0.11] Can't upload image |
New addition to the "can't upload" and "restricted access" - I use a 3rd party plugin for an editor, wysiwygpro.com, and with all other version's uploading images within it, adding links, etc. was perfect - when ever I use it now to try and upload an image, or create a link, the popup sales "restricted access" --- help. |
|
| Author: | midway31 [ Wed Sep 06, 2006 9:48 pm ] |
| Post subject: | Re: [ADDED TRACKER: 1.0.11] Can't upload image |
Tried that although I am not sure what to do . I assume you mean swap line 59 for the code you posted, but not sure if you mean replace line 124 for code you posted. Also do I need to do any thing else besides just replace code? When i do the above i get this message Parse error: syntax error, unexpected $end in /home/oh/public_html/administrator/popups/uploadimage.php on line 175 |
|
| Author: | Muneo [ Wed Sep 06, 2006 11:45 pm ] |
| Post subject: | Re: [ADDED TRACKER: 1.0.11] Can't upload image |
I just add: Code: chmod($base_Dir.$_FILES['userfile']['name'], 0644); Because, in my case, the uploaded file have 600 (chmod), so this line, correct the permission... Well, this is my uploadimage.php Code: <?php
/** * @version $Id: uploadimage.php 4866 2006-08-31 15:02:22Z facedancer $ * @package Joomla * @copyright Copyright (C) 2005 Open Source Matters. All rights reserved. * @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php * Joomla! is free software. This version may have been modified pursuant * to the GNU General Public License, and as distributed it includes or * is derivative of works licensed under the GNU General Public License or * other free or open source software licenses. * See COPYRIGHT.php for copyright notices and details. */ // Set flag that this is a parent file define( "_VALID_MOS", 1 ); /** security check */ require( '../includes/auth.php' ); include_once ( $mosConfig_absolute_path . '/language/' . $mosConfig_lang . '.php' ); /* * Stops file upload below /images/stories directory * Added 1.0.11 */ function limitDirectory( &$directory ) { if ( strpos($directory, '../') !== false ) { $directory = str_replace('../', '', $directory); } if ( strpos($directory, '..\\') !== false ) { $directory = str_replace('..\\', '', $directory); } if ( strpos($directory, ':') !== false ) { $directory = str_replace(':', '', $directory); } return $directory; } // limit access to functionality $option = strval( mosGetParam( $_SESSION, 'option', '' ) ); $task = strval( mosGetParam( $_SESSION, 'task', '' ) ); switch ($option) { case 'com_banners': break; case 'com_categories': case 'com_content': case 'com_sections': case 'com_typedcontent': if ( $task != 'edit' && $task != 'editA' && $task != 'new' ) { echo _NOT_AUTH; return; } break; default: $opt = explode("_", $option); $pos = strpos("com", $opt[0]); if($pos === false){ echo _NOT_AUTH; return; } } $directory = mosGetParam( $_REQUEST, 'directory', ''); $css = mosGetParam( $_REQUEST, 't',''); $media_path = $mosConfig_absolute_path.'/media/'; $userfile2 = (isset($_FILES['userfile']['tmp_name']) ? $_FILES['userfile']['tmp_name'] : ""); $userfile_name = (isset($_FILES['userfile']['name']) ? $_FILES['userfile']['name'] : ""); limitDirectory( $directory ); // check to see if directory exists if ( $directory != 'banners' && $directory != '' && !is_dir($mosConfig_absolute_path .'/images/stories/'. $directory)) { $directory = ''; } if (isset($_FILES['userfile'])) { if ($directory == 'banners') { $base_Dir = "../../images/banners/"; } else if ( $directory != '' ) { $base_Dir = '../../images/stories/'. $directory; if (!is_dir($mosConfig_absolute_path .'/images/stories/'. $directory)) { $base_Dir = '../../images/stories/'; $directory = ''; } } else { $base_Dir = '../../images/stories/'; } if (empty($userfile_name)) { echo "<script>alert('Please select an image to upload'); document.location.href='uploadimage.php';</script>"; } $filename = split("\.", $userfile_name); if (eregi("[^0-9a-zA-Z_]", $filename[0])) { mosErrorAlert('File must only contain alphanumeric characters and no spaces please.'); } if (file_exists($base_Dir.$userfile_name)) { mosErrorAlert('Image '.$userfile_name.' already exists.'); } if ((strcasecmp(substr($userfile_name,-4),'.gif')) && (strcasecmp(substr($userfile_name,-4),'.jpg')) && (strcasecmp(substr($userfile_name,-4),'.png')) && (strcasecmp(substr($userfile_name,-4),'.bmp')) &&(strcasecmp(substr($userfile_name,-4),'.doc')) && (strcasecmp(substr($userfile_name,-4),'.xls')) && (strcasecmp(substr($userfile_name,-4),'.ppt')) && (strcasecmp(substr($userfile_name,-4),'.swf')) && (strcasecmp(substr($userfile_name,-4),'.pdf'))) { mosErrorAlert('The file must be gif, png, jpg, bmp, swf, doc, xls or ppt'); } if (eregi('.pdf', $userfile_name) || eregi('.doc', $userfile_name) || eregi('.xls', $userfile_name) || eregi('.ppt', $userfile_name)) { if (!move_uploaded_file ($_FILES['userfile']['tmp_name'],$media_path.$_FILES['userfile']['name']) || !mosChmod($media_path.$_FILES['userfile']['name'])) { mosErrorAlert('Upload of '.$userfile_name.' failed'); } else { mosErrorAlert('Upload of '.$userfile_name.' to '.$base_Dir.' successful', "window.close()"); } } elseif (!move_uploaded_file ($_FILES['userfile']['tmp_name'],$base_Dir.$_FILES['userfile']['name']) || !mosChmod($base_Dir.$_FILES['userfile']['name'])) { mosErrorAlert('Upload of '.$userfile_name.' failed'); } else { chmod($base_Dir.$_FILES['userfile']['name'], 0644); mosErrorAlert('Upload of '.$userfile_name.' to '.$base_Dir.' successful', "window.close()"); } echo $base_Dir.$_FILES['userfile']['name']; } // css file handling // check to see if template exists if ( $css != '' && !is_dir($mosConfig_absolute_path .'/administrator/templates/'. $css .'/css/template_css.css' )) { $css = 'joomla_admin'; } else if ( $css == '' ) { $css = 'joomla_admin'; } $iso = split( '=', _ISO ); // xml prolog echo '<?xml version="1.0" encoding="'. $iso[1] .'"?' .'>'; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Upload a file</title> </head> <body> <link rel="stylesheet" href="../templates/<?php echo $css; ?>/css/template_css.css" type="text/css" /> <form method="post" action="uploadimage.php" enctype="multipart/form-data" name="filename"> <table class="adminform"> <tr> <th class="title"> File Upload : <?php echo $directory; ?> </th> </tr> <tr> <td align="center"> <input class="inputbox" name="userfile" type="file" /> </td> </tr> <tr> <td> <input class="button" type="submit" value="Upload" name="fileupload" /> Max size = <?php echo ini_get( 'post_max_size' );?> </td> </tr> </table> <input type="hidden" name="directory" value="<?php echo $directory;?>" /> </form> </body> </html> |
|
| Author: | midway31 [ Thu Sep 07, 2006 12:26 am ] |
| Post subject: | Re: [ADDED TRACKER: 1.0.11] Can't upload image |
That worked thanks. I set it to 777.Not sure if it should be 766 as no-one else needs to upload images though. Only problem is the images are not showing in the adbanners plus banners. But they are uploading into the joomla banners folder |
|
| Author: | Robin [ Thu Sep 07, 2006 8:54 am ] |
| Post subject: | Re: [ADDED TRACKER: 1.0.11] Can't upload image |
Q&T Note; can we please stay on topic, only reply here if it is really related to the bug. Not add personal problems, replies etc. Thanks. |
|
| Author: | Robin [ Fri Sep 08, 2006 10:26 am ] |
| Post subject: | Re: [ADDED TRACKER: 1.0.11] Can't upload image |
Classification set to MEDIUM Edit; Fix has been tested and approved by Q&T, artifact was already closed, also closing forum topic and moving it to Resolved. |
|
| Page 1 of 1 | All times are UTC |
| Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group http://www.phpbb.com/ |
|