From 0253f81cdc6244c2d195f128214fd872a6a61c55 Mon Sep 17 00:00:00 2001 From: Isabeau Kisler Date: Sat, 22 Jul 2017 20:35:22 -0700 Subject: [PATCH] Catch errors when uploading files Check if error code is greater than 0, and generate appropriate error message. --- build/index.php | 179 +++++++++++++++++++++++++++++++++++++ modules/feature-upload.php | 13 +++ 2 files changed, 192 insertions(+) diff --git a/build/index.php b/build/index.php index f8e6baf..e58b6b8 100644 --- a/build/index.php +++ b/build/index.php @@ -4369,6 +4369,19 @@ register_module([ http_response_code(401); exit(page_renderer::render("Upload failed - $settings->sitename", "

Your upload couldn't be processed because you are not logged in.

Try logging in first.")); } + + // Check for php upload errors + if($_FILES["file"]["error"] > 0) + { + if(!empty($_FILES["file"])) + unlink($_FILES["file"]["tmp_name"]); + if($_FILES["file"]["error"] == 1 || $_FILES["file"]["error"] == 2) + http_response_code(413); // file is too large + else + http_response_code(500); // something else went wrong + exit(page_renderer::render("Upload failed - $settings->sitename", "

Your upload couldn't be processed because " . (($_FILES["file"]["error"] == 1 || $_FILES["file"]["error"] == 2) ? "the file is too large" : "an error occurred") . ".

Please contact the administrator for assistance.

")); + + } // Calculate the target name, removing any characters we // are unsure about. @@ -6918,6 +6931,172 @@ register_module([ + +register_module([ + "name" => "Old Default Parser", + "version" => "0.10", + "author" => "Johnny Broadway & Starbeamrainbowlabs", + "description" => "The *old* default parser for Pepperminty Wiki. Based on Johnny Broadway's Slimdown (with more than a few modifications). This parser's features are documented in the help page. Superceded by a customised extension of parsedown extra.", + "id" => "parser-default-old", + "optional" => true, + "code" => function() { + global $settings; + + add_parser("default", function($markdown) { + return Slimdown::render($markdown); + }); + + // Register the help section + if($settings->parser != "default") + return; // Don't register the help section if we aren't the currently set parser. + add_help_section("20-parser-default", "Editor Syntax", "

$settings->sitename's editor uses a modified version of slimdown, a flavour of markdown that is implementated using regular expressions. See the credits page for more information and links to the original source for this. A quick reference can be found below:

+ + + + + + + + + + + + + + + + + +
Type ThisTo get this
_italics_italics
*bold*bold
~~Strikethrough~~Strikethough
`code`code
# Heading

Heading

## Sub Heading

Sub Heading

[[Internal Link]]Internal Link
[[Display Text|Internal Link]]Display Text
[Display text](//google.com/)Display Text
> Blockquote
> Some text
Blockquote
Some text
- Apples
* Oranges
  • Apples
  • Oranges
1. This is
2. an ordered list
  1. This is
  2. an ordered list
+ --- +
![Alt text](//starbeamrainbowlabs.com/favicon-small.png)Alt text
+ +

In addition, the following extra syntax is supported for images:

+ + 
Size the image to at most 250 pixels wide:
+	![Alt text](//starbeamrainbowlabs.com/favicon-small.png 250px)
+	
+	Size the image to at most 120px wide and have it float at the right ahnd size of the page:
+	![Alt text](//starbeamrainbowlabs.com/favicon-small.png 120px right)
"); + } +]); + +/*********************************************************************** + * ███████ ██ ██ ███ ███ ██████ ██████ ██ ██ ███ ██ * + * ██ ██ ██ ████ ████ ██ ██ ██ ██ ██ ██ ████ ██ * + * ███████ ██ ██ ██ ████ ██ ██ ██ ██ ██ ██ █ ██ ██ ██ ██ * + * ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ███ ██ ██ ██ ██ * + * ███████ ███████ ██ ██ ██ ██████ ██████ ███ ███ ██ ████ * + ***********************************************************************/ +/** + * Slimdown - A very basic regex-based Markdown parser. Supports the + * following elements (and can be extended via Slimdown::add_rule()): + * + * - Headers + * - Links + * - Bold + * - Emphasis + * - Deletions + * - Quotes + * - Inline code + * - Blockquotes + * - Ordered/unordered lists + * - Horizontal rules + * + * Author: Johnny Broadway + * Website: https://gist.github.com/jbroadway/2836900 + * License: MIT + */ + +/** + * Modified by Starbeamrainbowlabs (starbeamrainbowlabs) + * + * Changed bold to use single asterisks + * Changed italics to use single underscores + * Added one to add the heading levels (no

tags allowed) + * Added wiki style internal link parsing + * Added wiki style internal link parsing with display text + * Added image support + */ +class Slimdown { + public static $rules = array ( + '/\r\n/' => "\n", // new line normalisation + '/^(#+)(.*)/' => 'self::header', // headers + '/(\*+)(.*?)\1/' => '\2', // bold + '/(_)(.*?)\1/' => '\2', // emphasis + + '/!\[(.*)\]\(([^\s]+)\s(\d+.+)\s(left|right)\)/' => '\1', // images with size + '/!\[(.*)\]\(([^\s]+)\s(\d+.+)\)/' => '\1', // images with size + '/!\[(.*)\]\((.*)\)/' => '\1', // basic images + + '/\[\[([a-zA-Z0-9\_\- ]+)\|([a-zA-Z0-9\_\- ]+)\]\]/' => '\2', //internal links with display text + '/\[\[([a-zA-Z0-9\_\- ]+)\]\]/' => '\1', //internal links + '/\[([^\[]+)\]\(([^\)]+)\)/' => '\1', // links + '/\~\~(.*?)\~\~/' => '\1', // del + '/\:\"(.*?)\"\:/' => '\1', // quote + '/`(.*?)`/' => '\1', // inline code + '/\n\s*(\*|-)(.*)/' => 'self::ul_list', // ul lists + '/\n[0-9]+\.(.*)/' => 'self::ol_list', // ol lists + '/\n(>|\>)(.*)/' => 'self::blockquote', // blockquotes + '/\n-{3,}/' => "\n
", // horizontal rule + '/\n([^\n]+)\n\n/' => 'self::para', // add paragraphs + '/<\/ul>\s?
    /' => '', // fix extra ul + '/<\/ol>\s?
      /' => '', // fix extra ol + '/<\/blockquote>
      /' => "\n" // fix extra blockquote + ); + private static function para ($regs) { + $line = $regs[1]; + $trimmed = trim ($line); + if (preg_match ('/^<\/?(ul|ol|li|h|p|bl)/', $trimmed)) { + return "\n" . $line . "\n"; + } + return sprintf ("\n

      %s

      \n", $trimmed); + } + private static function ul_list ($regs) { + $item = $regs[2]; + return sprintf ("\n
        \n\t
      • %s
        • \n
      ", trim($item)); + } + private static function ol_list ($regs) { + $item = $regs[1]; + return sprintf ("\n
        \n\t
      1. %s
        2. \n
      ", trim($item)); + } + private static function blockquote ($regs) { + $item = $regs[2]; + return sprintf ("\n
      %s
      ", trim($item)); + } + private static function header ($regs) { + list ($tmp, $chars, $header) = $regs; + $level = strlen ($chars); + return sprintf ('%s', $level + 1, trim($header), $level + 1); + } + + /** + * Add a rule. + */ + public static function add_rule ($regex, $replacement) { + self::$rules[$regex] = $replacement; + } + /** + * Render some Markdown into HTML. + */ + public static function render ($text) { + foreach (self::$rules as $regex => $replacement) { + if (is_callable ( $replacement)) { + $text = preg_replace_callback ($regex, $replacement, $text); + } else { + $text = preg_replace ($regex, $replacement, $text); + } + } + return trim ($text); + } +} +//////////////////////////////////////////////////////////////////////////////////////////// +//////////////////////////////////////////////////////////////////////////////////////////// + + + register_module([ "name" => "Parsedown", diff --git a/modules/feature-upload.php b/modules/feature-upload.php index 42b6a08..c32a871 100644 --- a/modules/feature-upload.php +++ b/modules/feature-upload.php @@ -118,6 +118,19 @@ register_module([ http_response_code(401); exit(page_renderer::render("Upload failed - $settings->sitename", "

      Your upload couldn't be processed because you are not logged in.

      Try logging in first.")); } + + // Check for php upload errors + if($_FILES["file"]["error"] > 0) + { + if(!empty($_FILES["file"])) + unlink($_FILES["file"]["tmp_name"]); + if($_FILES["file"]["error"] == 1 || $_FILES["file"]["error"] == 2) + http_response_code(413); // file is too large + else + http_response_code(500); // something else went wrong + exit(page_renderer::render("Upload failed - $settings->sitename", "

      Your upload couldn't be processed because " . (($_FILES["file"]["error"] == 1 || $_FILES["file"]["error"] == 2) ? "the file is too large" : "an error occurred") . ".

      Please contact the administrator for assistance.

      ")); + + } // Calculate the target name, removing any characters we // are unsure about.