function file_check_upload in Drupal 4
Same name and namespace in other branches
- 5 includes/file.inc \file_check_upload()
Check if $source is a valid file upload. If so, move the file to Drupal's tmp dir and return it as an object.
The use of SESSION['file_uploads'] should probably be externalized to upload.module
@todo Rename file_check_upload to file_prepare upload. @todo Refactor or merge file_save_upload. @todo Extenalize SESSION['file_uploads'] to modules.
Parameters
$source An upload source (the name of the upload form item), or a file:
Return value
false for an invalid file or upload. A file object for valid uploads/files.
Related topics
5 calls to file_check_upload()
- file_save_upload in includes/
file.inc - Saves a file upload to a new location. The source file is validated as a proper upload and handled as such.
- system_theme_settings in modules/
system.module - Menu callback; display theme configuration for entire site and individual themes.
- _locale_admin_import_submit in includes/
locale.inc - Process the locale import form submission.
- _upload_prepare in modules/
upload.module - Save new uploads and attach them to the node object. append file_previews to the node object as well.
- _user_edit_validate in modules/
user.module
File
- includes/
file.inc, line 170 - API for handling file uploads and server file management.
Code
function file_check_upload($source = 'upload') {
// Cache for uploaded files. Since the data in _FILES is modified
// by this function, we cache the result.
static $upload_cache;
// Test source to see if it is an object.
if (is_object($source)) {
// Validate the file path if an object was passed in instead of
// an upload key.
if (is_file($source->filepath)) {
return $source;
}
else {
return false;
}
}
// Return cached objects without processing since the file will have
// already been processed and the paths in _FILES will be invalid.
if (isset($upload_cache[$source])) {
return $upload_cache[$source];
}
// If a file was uploaded, process it.
if ($_FILES["edit"]["name"][$source] && is_uploaded_file($_FILES["edit"]["tmp_name"][$source])) {
// Check for file upload errors and return false if a
// lower level system error occurred.
switch ($_FILES["edit"]["error"][$source]) {
// @see http://php.net/manual/en/features.file-upload.errors.php
case UPLOAD_ERR_OK:
break;
case UPLOAD_ERR_INI_SIZE:
case UPLOAD_ERR_FORM_SIZE:
drupal_set_message(t('The file %file could not be saved, because it exceeds the maximum allowed size for uploads.', array(
'%file' => theme('placeholder', $source),
)), 'error');
return 0;
case UPLOAD_ERR_PARTIAL:
case UPLOAD_ERR_NO_FILE:
drupal_set_message(t('The file %file could not be saved, because the upload did not complete.', array(
'%file' => theme('placeholder', $source),
)), 'error');
return 0;
// Unknown error
default:
drupal_set_message(t('The file %file could not be saved. An unknown error has occurred.', array(
'%file' => theme('placeholder', $source),
)), 'error');
return 0;
}
// Begin building file object.
$file = new StdClass();
$file->filename = trim(basename($_FILES["edit"]["name"][$source]), '.');
// Create temporary name/path for newly uploaded files.
$file->filepath = tempnam(file_directory_temp(), 'tmp_');
$file->filemime = $_FILES["edit"]["type"][$source];
// Rename potentially executable files, to help prevent exploits.
if ((substr($file->filemime, 0, 5) == 'text/' || strpos($file->filemime, 'javascript')) && substr($file->filename, -4) != '.txt' || preg_match('/\\.(php|pl|py|cgi|asp)$/i', $file->filename)) {
$file->filemime = 'text/plain';
$file->filepath .= '.txt';
$file->filename .= '.txt';
}
// Move uploaded files from php's upload_tmp_dir to Drupal's file temp.
// This overcomes open_basedir restrictions for future file operations.
if (!move_uploaded_file($_FILES["edit"]["tmp_name"][$source], $file->filepath)) {
drupal_set_message(t('File upload error. Could not move uploaded file.'));
watchdog('file', t('Upload Error. Could not move uploaded file(%file) to destination(%destination).', array(
'%file' => theme('placeholder', $_FILES["edit"]["tmp_name"][$source]),
'%destination' => theme('placeholder', $file->filepath),
)));
return false;
}
$file->filesize = $_FILES["edit"]["size"][$source];
$file->source = $source;
// Add processed file to the cache.
$upload_cache[$source] = $file;
return $file;
}
else {
// In case of previews return previous file object.
if (file_exists($_SESSION['file_uploads'][$source]->filepath)) {
return $_SESSION['file_uploads'][$source];
}
}
// If nothing was done, return false.
return false;
}