JI-1062 Add option for max file size + total size limits

pull/58/head
Frode Petterson 2019-03-14 14:53:25 +01:00
parent bf9250d80b
commit d38b3b1e8a
1 changed files with 26 additions and 3 deletions

View File

@ -762,9 +762,6 @@ class H5PValidator {
$tmpDir = $this->h5pF->getUploadedH5pFolderPath(); $tmpDir = $this->h5pF->getUploadedH5pFolderPath();
$tmpPath = $this->h5pF->getUploadedH5pPath(); $tmpPath = $this->h5pF->getUploadedH5pPath();
// Extract and then remove the package file.
$zip = new ZipArchive;
// Only allow files with the .h5p extension: // Only allow files with the .h5p extension:
if (strtolower(substr($tmpPath, -3)) !== 'h5p') { if (strtolower(substr($tmpPath, -3)) !== 'h5p') {
$this->h5pF->setErrorMessage($this->h5pF->t('The file you uploaded is not a valid HTML5 Package (It does not have the .h5p file extension)'), 'missing-h5p-extension'); $this->h5pF->setErrorMessage($this->h5pF->t('The file you uploaded is not a valid HTML5 Package (It does not have the .h5p file extension)'), 'missing-h5p-extension');
@ -772,7 +769,33 @@ class H5PValidator {
return FALSE; return FALSE;
} }
// Extract and then remove the package file.
$zip = new ZipArchive;
if ($zip->open($tmpPath) === true) { if ($zip->open($tmpPath) === true) {
if (!empty($this->h5pC->maxFileSize) || !empty($this->h5pC->maxTotalSize)) {
// We need to check the size of the files inside the zip before continuing
$total_size = 0;
for ($i = 0; $i < $zip->numFiles; $i++) {
$file_size = $zip->statIndex($i)['size'];
if (!empty($this->h5pC->maxFileSize) && $file_size > $this->h5pC->maxFileSize) {
// Error file is too large
$this->h5pF->setErrorMessage($this->h5pF->t('One of the files inside the package exceeds the maximum file size allowed.'), 'file-size-too-large');
H5PCore::deleteFileTree($tmpDir);
return FALSE;
}
$total_size += $file_size;
}
if (!empty($this->h5pC->maxTotalSize) && $total_size > $this->h5pC->maxTotalSize) {
// Error total size of the zip is too large
$this->h5pF->setErrorMessage($this->h5pF->t('The total size of the unpacked file exceeds the maximum size allowed.'), 'total-size-too-large');
H5PCore::deleteFileTree($tmpDir);
return FALSE;
}
}
$zip->extractTo($tmpDir); $zip->extractTo($tmpDir);
$zip->close(); $zip->close();
} }