forked from GNUsocial/gnu-social
		
	Fix ticket #3013: MAX_FILE_SIZE hidden fields were incorrectly placed
In order to apply to PHP's POST processing, the MAX_FILE_SIZE field must appear *before* the file upload field. They were incorrectly placed after, where they had no effect on POST processing.
This commit is contained in:
		| @@ -157,13 +157,13 @@ class AvatarsettingsAction extends AccountSettingsAction | |||||||
|             } |             } | ||||||
|  |  | ||||||
|             $this->elementStart('li', array ('id' => 'settings_attach')); |             $this->elementStart('li', array ('id' => 'settings_attach')); | ||||||
|             $this->element('input', array('name' => 'avatarfile', |  | ||||||
|                                           'type' => 'file', |  | ||||||
|                                           'id' => 'avatarfile')); |  | ||||||
|             $this->element('input', array('name' => 'MAX_FILE_SIZE', |             $this->element('input', array('name' => 'MAX_FILE_SIZE', | ||||||
|                                           'type' => 'hidden', |                                           'type' => 'hidden', | ||||||
|                                           'id' => 'MAX_FILE_SIZE', |                                           'id' => 'MAX_FILE_SIZE', | ||||||
|                                           'value' => ImageFile::maxFileSizeInt())); |                                           'value' => ImageFile::maxFileSizeInt())); | ||||||
|  |             $this->element('input', array('name' => 'avatarfile', | ||||||
|  |                                           'type' => 'file', | ||||||
|  |                                           'id' => 'avatarfile')); | ||||||
|             $this->elementEnd('li'); |             $this->elementEnd('li'); | ||||||
|             $this->elementEnd('ul'); |             $this->elementEnd('ul'); | ||||||
|  |  | ||||||
|   | |||||||
| @@ -516,6 +516,10 @@ class DesignAdminPanelForm extends AdminForm | |||||||
|         $this->out->elementStart('ul', 'form_data'); |         $this->out->elementStart('ul', 'form_data'); | ||||||
|  |  | ||||||
|         $this->li(); |         $this->li(); | ||||||
|  |         $this->out->element('input', array('name' => 'MAX_FILE_SIZE', | ||||||
|  |                                           'type' => 'hidden', | ||||||
|  |                                           'id' => 'MAX_FILE_SIZE', | ||||||
|  |                                           'value' => ImageFile::maxFileSizeInt())); | ||||||
|         $this->out->element('label', array('for' => 'design_background-image_file'), |         $this->out->element('label', array('for' => 'design_background-image_file'), | ||||||
|                                // TRANS: Field label for background image on theme designer page. |                                // TRANS: Field label for background image on theme designer page. | ||||||
|                                 _('Background')); |                                 _('Background')); | ||||||
| @@ -526,10 +530,6 @@ class DesignAdminPanelForm extends AdminForm | |||||||
|             // TRANS: Form guide for background image upload form on theme designer page. |             // TRANS: Form guide for background image upload form on theme designer page. | ||||||
|             sprintf(_('You can upload a background image for the site. ' . |             sprintf(_('You can upload a background image for the site. ' . | ||||||
|               'The maximum file size is %1$s.'), ImageFile::maxFileSize())); |               'The maximum file size is %1$s.'), ImageFile::maxFileSize())); | ||||||
|         $this->out->element('input', array('name' => 'MAX_FILE_SIZE', |  | ||||||
|                                           'type' => 'hidden', |  | ||||||
|                                           'id' => 'MAX_FILE_SIZE', |  | ||||||
|                                           'value' => ImageFile::maxFileSizeInt())); |  | ||||||
|         $this->unli(); |         $this->unli(); | ||||||
|  |  | ||||||
|         if (!empty($design->backgroundimage)) { |         if (!empty($design->backgroundimage)) { | ||||||
|   | |||||||
| @@ -228,13 +228,13 @@ class GrouplogoAction extends GroupDesignAction | |||||||
|         } |         } | ||||||
|  |  | ||||||
|         $this->elementStart('li', array ('id' => 'settings_attach')); |         $this->elementStart('li', array ('id' => 'settings_attach')); | ||||||
|         $this->element('input', array('name' => 'avatarfile', |  | ||||||
|                                       'type' => 'file', |  | ||||||
|                                       'id' => 'avatarfile')); |  | ||||||
|         $this->element('input', array('name' => 'MAX_FILE_SIZE', |         $this->element('input', array('name' => 'MAX_FILE_SIZE', | ||||||
|                                       'type' => 'hidden', |                                       'type' => 'hidden', | ||||||
|                                       'id' => 'MAX_FILE_SIZE', |                                       'id' => 'MAX_FILE_SIZE', | ||||||
|                                       'value' => ImageFile::maxFileSizeInt())); |                                       'value' => ImageFile::maxFileSizeInt())); | ||||||
|  |         $this->element('input', array('name' => 'avatarfile', | ||||||
|  |                                       'type' => 'file', | ||||||
|  |                                       'id' => 'avatarfile')); | ||||||
|         $this->elementEnd('li'); |         $this->elementEnd('li'); | ||||||
|         $this->elementEnd('ul'); |         $this->elementEnd('ul'); | ||||||
|  |  | ||||||
|   | |||||||
| @@ -168,6 +168,10 @@ class ApplicationEditForm extends Form | |||||||
|             $this->out->element('img', array('src' => $icon)); |             $this->out->element('img', array('src' => $icon)); | ||||||
|         } |         } | ||||||
|  |  | ||||||
|  |         $this->out->element('input', array('name' => 'MAX_FILE_SIZE', | ||||||
|  |                                            'type' => 'hidden', | ||||||
|  |                                            'id' => 'MAX_FILE_SIZE', | ||||||
|  |                                            'value' => ImageFile::maxFileSizeInt())); | ||||||
|         $this->out->element('label', array('for' => 'app_icon'), |         $this->out->element('label', array('for' => 'app_icon'), | ||||||
|                             // TRANS: Form input field label for application icon. |                             // TRANS: Form input field label for application icon. | ||||||
|                             _('Icon')); |                             _('Icon')); | ||||||
| @@ -176,10 +180,6 @@ class ApplicationEditForm extends Form | |||||||
|                                            'id' => 'app_icon')); |                                            'id' => 'app_icon')); | ||||||
|         // TRANS: Form guide. |         // TRANS: Form guide. | ||||||
|         $this->out->element('p', 'form_guide', _('Icon for this application')); |         $this->out->element('p', 'form_guide', _('Icon for this application')); | ||||||
|         $this->out->element('input', array('name' => 'MAX_FILE_SIZE', |  | ||||||
|                                            'type' => 'hidden', |  | ||||||
|                                            'id' => 'MAX_FILE_SIZE', |  | ||||||
|                                            'value' => ImageFile::maxFileSizeInt())); |  | ||||||
|         $this->out->elementEnd('li'); |         $this->out->elementEnd('li'); | ||||||
|  |  | ||||||
|         $this->out->elementStart('li'); |         $this->out->elementStart('li'); | ||||||
|   | |||||||
| @@ -98,6 +98,10 @@ class DesignSettingsAction extends AccountSettingsAction | |||||||
|         $this->element('legend', null, _('Change background image')); |         $this->element('legend', null, _('Change background image')); | ||||||
|         $this->elementStart('ul', 'form_data'); |         $this->elementStart('ul', 'form_data'); | ||||||
|         $this->elementStart('li'); |         $this->elementStart('li'); | ||||||
|  |         $this->element('input', array('name' => 'MAX_FILE_SIZE', | ||||||
|  |                                       'type' => 'hidden', | ||||||
|  |                                       'id' => 'MAX_FILE_SIZE', | ||||||
|  |                                       'value' => ImageFile::maxFileSizeInt())); | ||||||
|         $this->element('label', array('for' => 'design_background-image_file'), |         $this->element('label', array('for' => 'design_background-image_file'), | ||||||
|                                 // TRANS: Label in form on profile design page. |                                 // TRANS: Label in form on profile design page. | ||||||
|                                 // TRANS: Field contains file name on user's computer that could be that user's custom profile background image. |                                 // TRANS: Field contains file name on user's computer that could be that user's custom profile background image. | ||||||
| @@ -108,10 +112,6 @@ class DesignSettingsAction extends AccountSettingsAction | |||||||
|         // TRANS: Instructions for form on profile design page. |         // TRANS: Instructions for form on profile design page. | ||||||
|         $this->element('p', 'form_guide', _('You can upload your personal ' . |         $this->element('p', 'form_guide', _('You can upload your personal ' . | ||||||
|             'background image. The maximum file size is 2MB.')); |             'background image. The maximum file size is 2MB.')); | ||||||
|         $this->element('input', array('name' => 'MAX_FILE_SIZE', |  | ||||||
|                                       'type' => 'hidden', |  | ||||||
|                                       'id' => 'MAX_FILE_SIZE', |  | ||||||
|                                       'value' => ImageFile::maxFileSizeInt())); |  | ||||||
|         $this->elementEnd('li'); |         $this->elementEnd('li'); | ||||||
|  |  | ||||||
|         if (!empty($design->backgroundimage)) { |         if (!empty($design->backgroundimage)) { | ||||||
|   | |||||||
| @@ -190,12 +190,12 @@ class NoticeForm extends Form | |||||||
|             } |             } | ||||||
|  |  | ||||||
|             if (common_config('attachments', 'uploads')) { |             if (common_config('attachments', 'uploads')) { | ||||||
|  |                 $this->out->hidden('MAX_FILE_SIZE', common_config('attachments', 'file_quota')); | ||||||
|                 $this->out->element('label', array('for' => 'notice_data-attach'),_('Attach')); |                 $this->out->element('label', array('for' => 'notice_data-attach'),_('Attach')); | ||||||
|                 $this->out->element('input', array('id' => 'notice_data-attach', |                 $this->out->element('input', array('id' => 'notice_data-attach', | ||||||
|                                                    'type' => 'file', |                                                    'type' => 'file', | ||||||
|                                                    'name' => 'attach', |                                                    'name' => 'attach', | ||||||
|                                                    'title' => _('Attach a file'))); |                                                    'title' => _('Attach a file'))); | ||||||
|                 $this->out->hidden('MAX_FILE_SIZE', common_config('attachments', 'file_quota')); |  | ||||||
|             } |             } | ||||||
|             if ($this->action) { |             if ($this->action) { | ||||||
|                 $this->out->hidden('notice_return-to', $this->action, 'returnto'); |                 $this->out->hidden('notice_return-to', $this->action, 'returnto'); | ||||||
|   | |||||||
| @@ -358,12 +358,12 @@ class MobileProfilePlugin extends WAP20Plugin | |||||||
|  |  | ||||||
|         if (common_config('attachments', 'uploads')) { |         if (common_config('attachments', 'uploads')) { | ||||||
|             if ($this->mobileFeatures['inputfiletype']) { |             if ($this->mobileFeatures['inputfiletype']) { | ||||||
|  |                 $form->out->hidden('MAX_FILE_SIZE', common_config('attachments', 'file_quota')); | ||||||
|                 $form->out->element('label', array('for' => 'notice_data-attach'), _m('Attach')); |                 $form->out->element('label', array('for' => 'notice_data-attach'), _m('Attach')); | ||||||
|                 $form->out->element('input', array('id' => 'notice_data-attach', |                 $form->out->element('input', array('id' => 'notice_data-attach', | ||||||
|                                                    'type' => 'file', |                                                    'type' => 'file', | ||||||
|                                                    'name' => 'attach', |                                                    'name' => 'attach', | ||||||
|                                                    'title' => _m('Attach a file'))); |                                                    'title' => _m('Attach a file'))); | ||||||
|                 $form->out->hidden('MAX_FILE_SIZE', common_config('attachments', 'file_quota')); |  | ||||||
|             } |             } | ||||||
|         } |         } | ||||||
|         if ($form->action) { |         if ($form->action) { | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user