MDL-26890 Forums check on filesize if the file is added to the forum from private...
authorAnkit Kumar Agarwal <ankit_frenz@yahoo.co.in>
Thu, 15 Sep 2011 04:08:09 +0000 (09:38 +0530)
committerAnkit Kumar Agarwal <ankit_frenz@yahoo.co.in>
Tue, 20 Sep 2011 04:31:42 +0000 (10:01 +0530)
lang/en/repository.php
repository/lib.php
repository/repository_ajax.php

index cc63fb0..0e84fcd 100644 (file)
@@ -101,6 +101,7 @@ $string['filename'] = 'Filename';
 $string['filenotnull'] = 'You must select a file to upload.';
 $string['filesaved'] = 'The file has been saved';
 $string['filepicker'] = 'File picker';
+$string['filesizenull'] = 'File size cannot be determined';
 $string['getfile'] = 'Select this file';
 $string['hidden'] = 'Hidden';
 $string['choosealink'] = 'Choose a link...';
index 81b1c67..4418218 100644 (file)
@@ -1356,6 +1356,31 @@ abstract class repository {
         return array('path'=>$path, 'url'=>$url);
     }
 
+    /**
+     * Return size of a file in bytes.
+     *
+     * @param string $source encoded and serialized data of file
+     * @return integer file size in bytes
+     */
+    public function get_file_size($source) {
+        $browser    = get_file_browser();
+        $params     = unserialize(base64_decode($source));
+        $contextid  = clean_param($params['contextid'], PARAM_INT);
+        $fileitemid = clean_param($params['itemid'], PARAM_INT);
+        $filename   = clean_param($params['filename'], PARAM_FILE);
+        $filepath   = clean_param($params['filepath'], PARAM_PATH);
+        $filearea   = clean_param($params['filearea'], PARAM_SAFEDIR);
+        $component  = clean_param($params['component'], PARAM_ALPHAEXT);
+        $context    = get_context_instance_by_id($contextid);
+        $file_info  = $browser->get_file_info($context, $component, $filearea, $fileitemid, $filepath, $filename);
+        if (!empty($file_info)) {
+            $filesize = $file_info->get_filesize();
+        } else {
+            $filesize = null;
+        }
+        return $filesize;
+    }
+
     /**
      * Return is the instance is visible
      * (is the type visible ? is the context enable ?)
index a954ee6..82d8591 100644 (file)
@@ -205,6 +205,15 @@ switch ($action) {
             // method, so we use copy_to_area method
             // (local, user, coursefiles, recent)
             if ($repo->has_moodle_files()) {
+                // check filesize against max allowed size
+                $filesize = $repo->get_file_size($source);
+                if (empty($filesize)) {
+                    $err->error = get_string('filesizenull', 'repository');
+                    die(json_encode($err));
+                }
+                if (($maxbytes !== -1) && ($filesize > $maxbytes)) {
+                    throw new file_exception('maxbytes');
+                }
                 $fileinfo = $repo->copy_to_area($source, $itemid, $saveas_path, $saveas_filename);
                 echo json_encode($fileinfo);
                 die;