diff --git a/modules/file/file.admin.controller.php b/modules/file/file.admin.controller.php
index 410e7393b..6775f990a 100644
--- a/modules/file/file.admin.controller.php
+++ b/modules/file/file.admin.controller.php
@@ -62,11 +62,13 @@ class fileAdminController extends file
function procFileAdminInsertUploadConfig()
{
// Update configuration
- $oFileModel = getModel('file');
- $config = $oFileModel->getFileConfig();
+ $config = getModel('module')->getModuleConfig('file');
$config->allowed_filesize = Context::get('allowed_filesize');
$config->allowed_attach_size = Context::get('allowed_attach_size');
$config->allowed_filetypes = str_replace(' ', '', Context::get('allowed_filetypes'));
+ $config->max_image_width = intval(Context::get('max_image_width')) ?: '';
+ $config->max_image_height = intval(Context::get('max_image_height')) ?: '';
+ $config->max_image_size_action = Context::get('max_image_size_action') ?: '';
// Check maximum file size
if (PHP_INT_SIZE < 8)
@@ -93,8 +95,7 @@ class fileAdminController extends file
function procFileAdminInsertDownloadConfig()
{
// Update configuration
- $oFileModel = getModel('file');
- $config = $oFileModel->getFileConfig();
+ $config = getModel('module')->getModuleConfig('file');
$config->allow_outlink = Context::get('allow_outlink');
$config->allow_outlink_format = Context::get('allow_outlink_format');
$config->allow_outlink_site = Context::get('allow_outlink_site');
diff --git a/modules/file/file.controller.php b/modules/file/file.controller.php
index 392511f92..d59a4ff9e 100644
--- a/modules/file/file.controller.php
+++ b/modules/file/file.controller.php
@@ -861,48 +861,100 @@ class fileController extends file
$file_info['name'] = base64_decode(strtr($match[1], ':', '/'));
}
- if(!$manual_insert)
- {
- // Get the file configurations
- $logged_info = Context::get('logged_info');
- if($logged_info->is_admin != 'Y')
- {
- $oFileModel = getModel('file');
- $config = $oFileModel->getFileConfig($module_srl);
-
- // check file type
- if(isset($config->allowed_filetypes) && $config->allowed_filetypes !== '*.*')
- {
- $filetypes = explode(';', $config->allowed_filetypes);
- $ext = array();
- foreach($filetypes as $item) {
- $item = explode('.', $item);
- $ext[] = strtolower($item[1]);
- }
- $uploaded_ext = explode('.', $file_info['name']);
- $uploaded_ext = strtolower(array_pop($uploaded_ext));
-
- if(!in_array($uploaded_ext, $ext))
- {
- throw new Rhymix\Framework\Exception('msg_not_allowed_filetype');
- }
- }
-
- $allowed_filesize = $config->allowed_filesize * 1024 * 1024;
- $allowed_attach_size = $config->allowed_attach_size * 1024 * 1024;
- // An error appears if file size exceeds a limit
- if($allowed_filesize < filesize($file_info['tmp_name'])) throw new Rhymix\Framework\Exception('msg_exceeds_limit_size');
- // Get total file size of all attachements (from DB)
- $size_args = new stdClass;
- $size_args->upload_target_srl = $upload_target_srl;
- $output = executeQuery('file.getAttachedFileSize', $size_args);
- $attached_size = (int)$output->data->attached_size + filesize($file_info['tmp_name']);
- if($attached_size > $allowed_attach_size) throw new Rhymix\Framework\Exception('msg_exceeds_limit_size');
- }
- }
-
// Sanitize filename
$file_info['name'] = Rhymix\Framework\Filters\FilenameFilter::clean($file_info['name']);
+
+ // Get extension
+ $extension = explode('.', $file_info['name']) ?: array('');
+ $extension = strtolower(array_pop($extension));
+
+ // Check file type, size, and other attributes
+ if(!$manual_insert && !$this->user->isAdmin())
+ {
+ // Get file module configuration
+ $oFileModel = getModel('file');
+ $config = $oFileModel->getFileConfig($module_srl);
+
+ // Check file type
+ if(isset($config->allowed_filetypes) && $config->allowed_filetypes !== '*.*')
+ {
+ $filetypes = explode(';', $config->allowed_filetypes);
+ $ext = array();
+ foreach($filetypes as $item) {
+ $item = explode('.', $item);
+ $ext[] = strtolower($item[1]);
+ }
+
+ if(!in_array($extension, $ext))
+ {
+ throw new Rhymix\Framework\Exception('msg_not_allowed_filetype');
+ }
+ }
+
+ // Check file size
+ $allowed_filesize = $config->allowed_filesize * 1024 * 1024;
+ $allowed_attach_size = $config->allowed_attach_size * 1024 * 1024;
+ if($allowed_filesize < filesize($file_info['tmp_name']))
+ {
+ throw new Rhymix\Framework\Exception('msg_exceeds_limit_size');
+ }
+
+ // Get total size of all attachements
+ $size_args = new stdClass;
+ $size_args->upload_target_srl = $upload_target_srl;
+ $output = executeQuery('file.getAttachedFileSize', $size_args);
+ $attached_size = (int)$output->data->attached_size + filesize($file_info['tmp_name']);
+ if($attached_size > $allowed_attach_size)
+ {
+ throw new Rhymix\Framework\Exception('msg_exceeds_limit_size');
+ }
+
+ // Check image dimensions
+ if($config->max_image_size_action && ($config->max_image_width || $config->max_image_height))
+ {
+ if(in_array($extension, array('gif', 'jpg', 'png', 'webp', 'bmp')))
+ {
+ if ($image_info = @getimagesize($file_info['tmp_name']))
+ {
+ $image_width = $image_info[0];
+ $image_height = $image_info[1];
+ $exceeded = false;
+ if ($config->max_image_width > 0 && $image_width > $config->max_image_width)
+ {
+ $exceeded = true;
+ }
+ elseif ($config->max_image_height > 0 && $image_height > $config->max_image_height)
+ {
+ $exceeded = true;
+ }
+
+ if ($exceeded)
+ {
+ if ($config->max_image_size_action === 'block')
+ {
+ if ($config->max_image_width && $config->max_image_height)
+ {
+ $message = sprintf(lang('msg_exceeds_max_image_size'), $config->max_image_width, $config->max_image_height);
+ }
+ elseif ($config->max_image_width)
+ {
+ $message = sprintf(lang('msg_exceeds_max_image_width'), $config->max_image_width);
+ }
+ else
+ {
+ $message = sprintf(lang('msg_exceeds_max_image_height'), $config->max_image_height);
+ }
+ throw new Rhymix\Framework\Exception($message);
+ }
+ else
+ {
+ // TODO
+ }
+ }
+ }
+ }
+ }
+ }
// Get file_srl
$file_srl = getNextSequence();
diff --git a/modules/file/file.model.php b/modules/file/file.model.php
index f3b48d35f..25e85fed7 100644
--- a/modules/file/file.model.php
+++ b/modules/file/file.model.php
@@ -189,11 +189,15 @@ class fileModel extends file
$config->allowed_attach_size = $file_config->allowed_attach_size;
$config->allowed_filetypes = $file_config->allowed_filetypes;
$config->inline_download_format = $file_config->inline_download_format;
+ $config->max_image_width = $file_config->max_image_width;
+ $config->max_image_height = $file_config->max_image_height;
+ $config->max_image_size_action = $file_config->max_image_size_action;
$config->download_grant = $file_config->download_grant;
$config->allow_outlink = $file_config->allow_outlink;
$config->allow_outlink_site = $file_config->allow_outlink_site;
$config->allow_outlink_format = $file_config->allow_outlink_format;
}
+
// Property for all files comes first than each property
if(!$config->allowed_filesize) $config->allowed_filesize = $file_module_config->allowed_filesize;
if(!$config->allowed_attach_size) $config->allowed_attach_size = $file_module_config->allowed_attach_size;
@@ -202,6 +206,10 @@ class fileModel extends file
if(!$config->allow_outlink_site) $config->allow_outlink_site = $file_module_config->allow_outlink_site;
if(!$config->allow_outlink_format) $config->allow_outlink_format = $file_module_config->allow_outlink_format;
if(!$config->download_grant) $config->download_grant = $file_module_config->download_grant;
+ if(!$config->max_image_width) $config->max_image_width = $file_module_config->max_image_width;
+ if(!$config->max_image_height) $config->max_image_height = $file_module_config->max_image_height;
+ if(!$config->max_image_size_action) $config->max_image_size_action = $file_module_config->max_image_size_action;
+
// Default setting if not exists
if(!$config->allowed_filesize) $config->allowed_filesize = '2';
if(!$config->allowed_attach_size) $config->allowed_attach_size = '3';
diff --git a/modules/file/lang/en.php b/modules/file/lang/en.php
index 5bba633c1..59ca07299 100644
--- a/modules/file/lang/en.php
+++ b/modules/file/lang/en.php
@@ -17,6 +17,10 @@ $lang->allow_outlink_format = 'Allowed Formats';
$lang->allowed_filesize = 'Maximum File Size';
$lang->allowed_attach_size = 'Maximum Attachments';
$lang->allowed_filetypes = 'Allowed extentsions';
+$lang->max_image_size = 'Maximum Image Size';
+$lang->max_image_size_action_nothing = 'If exceeded, do nothing';
+$lang->max_image_size_action_block = 'If exceeded, block upload';
+$lang->max_image_size_action_resize = 'If exceeded, resize automatically';
$lang->inline_download_format = 'Open in current window';
$lang->inline_download_image = 'Image';
$lang->inline_download_audio = 'Audio';
@@ -34,6 +38,7 @@ $lang->about_allowed_filesize_global = 'This is the global limit on the size of
$lang->about_allowed_attach_size_global = 'This is the global limit on the combined size of all attachments in one document.';
$lang->about_allowed_size_limits = 'The file size will be limited to the value set in php.ini (%sB) in IE9 and below and older Android browsers.';
$lang->about_allowed_filetypes = 'To allow an extension, use "*.[extention]". To allow multiple extensions, use ";" between each extension. ex) *.* or *.jpg;*.gif; ';
+$lang->about_max_image_size = 'You can limit the maximum width and height of uploaded images.';
$lang->cmd_delete_checked_file = 'Delete Selected Item(s)';
$lang->cmd_move_to_document = 'Move to Document';
$lang->cmd_download = 'Download';
@@ -41,6 +46,9 @@ $lang->msg_not_permitted_download = 'You do not have a permission to download.';
$lang->msg_file_cart_is_null = 'Please select a file(s) to delete.';
$lang->msg_checked_file_is_deleted = '%d attachment(s) was(were) deleted.';
$lang->msg_exceeds_limit_size = 'This file exceeds the attachment limit.';
+$lang->msg_exceeds_max_image_size = 'This image is too large. Images must be no larger than %dx%dpx.';
+$lang->msg_exceeds_max_image_width = 'This image is too large. The maximum permitted width is %dpx.';
+$lang->msg_exceeds_max_image_height = 'This image is too large. The maximum permitted height is %dpx.';
$lang->msg_file_not_found = 'Could not find requested file.';
$lang->msg_file_key_expired = 'This download link is expired. Please initiate the download again.';
$lang->file_search_target_list['filename'] = 'File Name';
diff --git a/modules/file/lang/ko.php b/modules/file/lang/ko.php
index 87bbf7276..cc17f19b7 100644
--- a/modules/file/lang/ko.php
+++ b/modules/file/lang/ko.php
@@ -14,9 +14,13 @@ $lang->file_list = '첨부 파일 목록';
$lang->allow_outlink = '다운로드 링크 외부 접근 허용';
$lang->allow_outlink_site = '외부 접근 허용 사이트';
$lang->allow_outlink_format = '외부 접근 허용 확장자';
-$lang->allowed_filesize = '파일 크기 제한';
+$lang->allowed_filesize = '파일 용량 제한';
$lang->allowed_attach_size = '문서 첨부 제한';
$lang->allowed_filetypes = '허용 확장자';
+$lang->max_image_size = '이미지 크기 제한';
+$lang->max_image_size_action_nothing = '초과시 아무 것도 하지 않음';
+$lang->max_image_size_action_block = '초과시 업로드 금지';
+$lang->max_image_size_action_resize = '초과시 자동 크기 조정';
$lang->inline_download_format = '다운로드시 현재 창 사용';
$lang->inline_download_image = '이미지';
$lang->inline_download_audio = '오디오';
@@ -34,6 +38,7 @@ $lang->about_allowed_filesize_global = '관리자를 포함하여 사이트 전
$lang->about_allowed_attach_size_global = '관리자를 포함하여 사이트 전체에 적용되는 문서당 총 첨부 용량 제한입니다.';
$lang->about_allowed_size_limits = 'IE9 이하, 구버전 안드로이드 등에서는 php.ini에서 지정한 %sB로 제한됩니다.';
$lang->about_allowed_filetypes = '"*.확장자"로 지정할 수 있고 ";" 으로 여러 개 지정이 가능합니다. 예) *.* or *.jpg;*.gif;';
+$lang->about_max_image_size = '이미지 파일의 가로세로 크기를 제한할 수 있습니다.';
$lang->cmd_delete_checked_file = '선택항목 삭제';
$lang->cmd_move_to_document = '문서로 이동';
$lang->cmd_download = '다운로드';
@@ -42,6 +47,9 @@ $lang->msg_file_cart_is_null = '삭제할 파일을 선택해주세요.';
$lang->msg_checked_file_is_deleted = '%d개의 첨부 파일이 삭제되었습니다.';
$lang->msg_exceeds_limit_size = '허용된 용량을 초과하여 첨부가 되지 않았습니다.';
$lang->msg_not_allowed_filetype = '업로드할 수 없는 파일 형식입니다.';
+$lang->msg_exceeds_max_image_size = '이미지가 너무 큽니다. %dx%dpx 이하의 이미지만 허용됩니다.';
+$lang->msg_exceeds_max_image_width = '이미지가 너무 큽니다. 폭 %dpx 이하의 이미지만 허용됩니다.';
+$lang->msg_exceeds_max_image_height = '이미지가 너무 큽니다. 높이 %dpx 이하의 이미지만 허용됩니다.';
$lang->msg_file_not_found = '요청한 파일을 찾을 수 없습니다.';
$lang->msg_file_key_expired = '다운로드 링크의 유효기간이 지났습니다. 다시 다운로드하여 주시기 바랍니다.';
$lang->file_search_target_list['filename'] = '파일 이름';
diff --git a/modules/file/tpl/upload_config.html b/modules/file/tpl/upload_config.html
index b1589d449..52bd3ff47 100644
--- a/modules/file/tpl/upload_config.html
+++ b/modules/file/tpl/upload_config.html
@@ -22,6 +22,19 @@
{$lang->about_allowed_attach_size_global}
{sprintf($lang->about_allowed_size_limits, ini_get('upload_max_filesize'))}
+
+
+
+
×
+
px
+
+
{$lang->about_max_image_size}
+
+