Changeset 527
- Timestamp:
- 05/24/08 17:27:20 (5 years ago)
- Files:
-
- 1 modified
Legend:
- Unmodified
- Added
- Removed
-
downloadDatabase/files/lib/acp/form/DownloadDBDataAddForm.class.php
r524 r527 11 11 * 12 12 * @author Robert "Tatzelwurm" Hempel 13 * @copyright 2007/2008 INSIDE das H rspiel13 * @copyright 2007/2008 INSIDE das Hörspiel 14 14 * @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php> 15 15 * @package de.inside.wcf.downloaddb … … 61 61 62 62 if (isset($_POST['katID'])) $this->katID = intval($_REQUEST['katID']); 63 if (isset($_POST['name'])) $this->name = escapeString(StringUtil::trim($_REQUEST['name']));64 if (isset($_POST['description'])) $this->description = escapeString(StringUtil::trim($_POST['description']));63 if (isset($_POST['name'])) $this->name = StringUtil::trim($_REQUEST['name']); 64 if (isset($_POST['description'])) $this->description = StringUtil::trim($_POST['description']); 65 65 if (isset($_POST['previewIMG'])) $this->previewIMG = StringUtil::encodeHTML($_POST['previewIMG']); 66 66 if (isset($_POST['previewFile'])) $this->previewFile = StringUtil::encodeHTML($_POST['previewFile']); … … 80 80 if (isset($_FILES['previewArray'])) $this->previewArray = $_FILES['previewArray']; 81 81 // Action 82 if (isset($_POST['action'])) $this->action = escapeString($_POST['action']);82 if (isset($_POST['action'])) $this->action = StringUtil::toLowerCase(escapeString($_POST['action'])); 83 83 } 84 84 … … 135 135 // import file 136 136 $this->dataID = DownloadDBDataEditor::createFile($this->upload['tmp_name'], $this->upload['name'], $this->upload['type'], 'upload'); 137 $this->groesse = $this->upload['size'];137 $this->groesse = intval($this->upload['size']); 138 138 } else { 139 139 throw new UserInputException('upload'); … … 150 150 } 151 151 $this->groesse = @filesize($_SERVER['DOCUMENT_ROOT'].$this->link); 152 $this->mimeType = '';153 152 // Funktioniert nur wenn "fileinfo" in php aktiviert ist!! 154 153 // $finfo = @finfo_open(FILEINFO_MIME); // return mime type ala mimetype extension 155 154 // $this->mimeType = @finfo_file($finfo, $_SERVER['DOCUMENT_ROOT'].$this->link); 155 $this->mimeType = ''; /*#### Entfernen wenn fileinfo aktiv ist ###*/ 156 156 // daher ist $mimeType = ''; 157 157 } … … 168 168 // Funktioniert nur wenn "fileinfo" in php aktiviert ist!! 169 169 // $finfo = @finfo_open(FILEINFO_MIME); // return mime type ala mimetype extension 170 // $this->mimeType = finfo_file($finfo, $this->link); 170 // $this->mimeType = @finfo_file($finfo, $_SERVER['DOCUMENT_ROOT'].$this->link); 171 $this->mimeType = ''; /*#### Entfernen wenn fileinfo aktiv ist ###*/ 171 172 // daher ist $mimeType = ''; 172 173 } … … 205 206 $dataset->updateDataset(array( 206 207 'katID' => intval($this->katID), 207 'name' => $this->name,208 'description' => $this->description,208 'name' => escapeString($this->name), 209 'description' => escapeString($this->description), 209 210 'previewIMG' => escapeString($this->previewIMG), 210 211 'previewFile' => StringUtil::encodeHTML($this->previewFile), … … 229 230 // dataID = NULL 230 231 //Create new Dataset if no file is given 231 $dataset = DownloadDBDataEditor::createDataset(intval($this->katID), $this->name, $this->description,array(232 $dataset = DownloadDBDataEditor::createDataset(intval($this->katID), escapeString($this->name), escapeString($this->description) ,array( 232 233 'link' => $this->link, 233 234 'fileName' => escapeString($this->fileName), … … 308 309 'katOptions' => $this->katOptions, 309 310 'katID' => $this->katID, 310 'name' => stripslashes($this->name),311 'description' => stripslashes($this->description),311 'name' => $this->name, 312 'description' => $this->description, 312 313 'previewIMG' => $this->previewIMG, 313 314 'previewFile' => $this->previewFile,
