mirror of
https://github.com/Lastorder-DC/rhymix.git
synced 2026-01-05 17:51:40 +09:00
Automatically set module_srl in upload info, and check it strictly
This commit is contained in:
Kijin Sung
parent
bffa50dd15
commit
eda9af546c
3 changed files with 20 additions and 9 deletions
|
|
@ -36,11 +36,11 @@ class FileController extends File
|
|||
$module_srl = $this->module_srl;
|
||||
if (empty($_SESSION['upload_info'][$editor_sequence]->enabled))
|
||||
{
|
||||
throw new Rhymix\Framework\Exceptions\NotPermitted;
|
||||
throw new Rhymix\Framework\Exceptions\InvalidRequest('file.msg_invalid_upload_info');
|
||||
}
|
||||
if ($_SESSION['upload_info'][$editor_sequence]->module_srl && $_SESSION['upload_info'][$editor_sequence]->module_srl !== $module_srl)
|
||||
if ($_SESSION['upload_info'][$editor_sequence]->module_srl !== $module_srl)
|
||||
{
|
||||
throw new Rhymix\Framework\Exceptions\NotPermitted;
|
||||
throw new Rhymix\Framework\Exceptions\InvalidRequest('file.msg_invalid_upload_info');
|
||||
}
|
||||
|
||||
// Validate upload_target_srl.
|
||||
|
|
@ -48,7 +48,7 @@ class FileController extends File
|
|||
$submitted_upload_target_srl = intval(Context::get('uploadTargetSrl')) ?: intval(Context::get('upload_target_srl'));
|
||||
if ($submitted_upload_target_srl && $submitted_upload_target_srl !== intval($upload_target_srl))
|
||||
{
|
||||
throw new Rhymix\Framework\Exceptions\TargetNotFound;
|
||||
throw new Rhymix\Framework\Exceptions\InvalidRequest('file.msg_invalid_upload_info');
|
||||
}
|
||||
if (!$upload_target_srl)
|
||||
{
|
||||
|
|
@ -180,11 +180,11 @@ class FileController extends File
|
|||
$module_srl = $this->module_srl;
|
||||
if (empty($_SESSION['upload_info'][$editor_sequence]->enabled))
|
||||
{
|
||||
throw new Rhymix\Framework\Exceptions\NotPermitted;
|
||||
throw new Rhymix\Framework\Exceptions\InvalidRequest('file.msg_invalid_upload_info');
|
||||
}
|
||||
if ($_SESSION['upload_info'][$editor_sequence]->module_srl && $_SESSION['upload_info'][$editor_sequence]->module_srl !== $module_srl)
|
||||
if ($_SESSION['upload_info'][$editor_sequence]->module_srl !== $module_srl)
|
||||
{
|
||||
throw new Rhymix\Framework\Exceptions\NotPermitted;
|
||||
throw new Rhymix\Framework\Exceptions\InvalidRequest('file.msg_invalid_upload_info');
|
||||
}
|
||||
|
||||
// Get upload_target_srl
|
||||
|
|
@ -192,7 +192,7 @@ class FileController extends File
|
|||
$submitted_upload_target_srl = intval(Context::get('uploadTargetSrl')) ?: intval(Context::get('upload_target_srl'));
|
||||
if ($submitted_upload_target_srl && $submitted_upload_target_srl !== intval($upload_target_srl))
|
||||
{
|
||||
throw new Rhymix\Framework\Exceptions\TargetNotFound;
|
||||
throw new Rhymix\Framework\Exceptions\InvalidRequest('file.msg_invalid_upload_info');
|
||||
}
|
||||
if (!$upload_target_srl)
|
||||
{
|
||||
|
|
@ -749,6 +749,14 @@ class FileController extends File
|
|||
}
|
||||
$editor_sequence = ++$_SESSION['_editor_sequence_'];
|
||||
}
|
||||
if(!$module_srl)
|
||||
{
|
||||
$current_module_info = Context::get('current_module_info');
|
||||
if (!empty($current_module_info->module_srl))
|
||||
{
|
||||
$module_srl = $current_module_info->module_srl;
|
||||
}
|
||||
}
|
||||
if(!isset($_SESSION['upload_info']) || !is_array($_SESSION['upload_info']))
|
||||
{
|
||||
$_SESSION['upload_info'] = array();
|
||||
|
|
@ -762,8 +770,9 @@ class FileController extends File
|
|||
$_SESSION['upload_info'][$editor_sequence]->module_srl = (int)$module_srl;
|
||||
if (!$module_srl)
|
||||
{
|
||||
trigger_error('FileController::setUploadInfo() called without module_srl', E_USER_WARNING);
|
||||
trigger_error('No module_srl supplied to setUploadInfo(), and cannot determine automatically', E_USER_WARNING);
|
||||
}
|
||||
|
||||
return $editor_sequence;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -49,6 +49,7 @@ $lang->about_save_changelog = 'Keep a log of new and deleted files in the databa
|
|||
$lang->cmd_delete_checked_file = 'Delete Selected Item(s)';
|
||||
$lang->cmd_move_to_document = 'Move to Document';
|
||||
$lang->cmd_download = 'Download';
|
||||
$lang->msg_invalid_upload_info = 'Invalid upload target information.';
|
||||
$lang->msg_not_permitted_download = 'You do not have a permission to download.';
|
||||
$lang->msg_file_cart_is_null = 'Please select a file(s) to delete.';
|
||||
$lang->msg_checked_file_is_deleted = '%d attachment(s) was(were) deleted.';
|
||||
|
|
|
|||
|
|
@ -49,6 +49,7 @@ $lang->about_save_changelog = '파일 저장 및 삭제 내역을 DB에 기록
|
|||
$lang->cmd_delete_checked_file = '선택항목 삭제';
|
||||
$lang->cmd_move_to_document = '문서로 이동';
|
||||
$lang->cmd_download = '다운로드';
|
||||
$lang->msg_invalid_upload_info = '업로드 대상 정보가 일치하지 않습니다.';
|
||||
$lang->msg_not_permitted_download = '다운로드할 수 있는 권한이 없습니다.';
|
||||
$lang->msg_file_cart_is_null = '삭제할 파일을 선택해주세요.';
|
||||
$lang->msg_checked_file_is_deleted = '%d개의 첨부 파일이 삭제되었습니다.';
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue