TPS
/
ORIENT
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Throw an exception when the file_data is missing from the request 

Fixes #1712
This commit is contained in:
Samuel Georges 2016-03-25 16:11:01 +11:00
parent a585fe3316
commit 767ce5f2e7
3 changed files with 27 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
modules/cms/widgets/MediaManager.php
View File

@ -950,14 +950,13 @@ class MediaManager extends WidgetBase
{
$fileName = null;
if (!($uniqueId = post('X_OCTOBER_FILEUPLOAD')) || $uniqueId != $this->getId()) {
if (!($uniqueId = Request::header('X-OCTOBER-FILEUPLOAD')) || $uniqueId != $this->getId()) {
return;
}
try {
if (!Input::hasFile('file_data')) {
return;
throw new ApplicationException('File missing from request');
}
$uploadedFile = Input::file('file_data');
@ -999,12 +998,13 @@ class MediaManager extends WidgetBase
File::get($uploadedFile->getRealPath())
);
die('success');
Response::json(['result' => 'success'])->send();
}
catch (Exception $ex) {
Response::make($ex->getMessage(), 406)->send();
die();
Response::json($ex->getMessage(), 400)->send();
}
exit;
}
/**

10
modules/cms/widgets/mediamanager/assets/js/mediamanager-browser-min.js vendored
View File

@ -280,7 +280,10 @@ this.scrollContentElement.insertBefore(this.selectionMarker,this.scrollContentEl
MediaManager.prototype.doObjectsCollide=function(aTop,aLeft,aWidth,aHeight,bTop,bLeft,bWidth,bHeight){return!(((aTop+aHeight)<(bTop))||(aTop>(bTop+bHeight))||((aLeft+aWidth)<bLeft)||(aLeft>(bLeft+bWidth)))}
MediaManager.prototype.initUploader=function(){if(!this.itemListElement)
return
var uploaderOptions={clickable:this.$el.find('[data-control="upload"]').get(0),method:'POST',url:window.location,paramName:'file_data',createImageThumbnails:false}
var uploaderOptions={clickable:this.$el.find('[data-control="upload"]').get(0),url:this.options.url,paramName:'file_data',headers:{},createImageThumbnails:false}
if(this.options.uniqueId){uploaderOptions.headers['X-OCTOBER-FILEUPLOAD']=this.options.uniqueId}
var token=$('meta[name="csrf-token"]').attr('content')
if(token){uploaderOptions.headers['X-CSRF-TOKEN']=token}
this.dropzone=new Dropzone(this.$el.get(0),uploaderOptions)
this.dropzone.on('addedfile',this.proxy(this.uploadFileAdded))
this.dropzone.on('totaluploadprogress',this.proxy(this.uploadUpdateTotalProgress))
@ -308,8 +311,7 @@ progressBar.setAttribute('class','progress-bar')}
MediaManager.prototype.uploadQueueComplete=function(){this.$el.find('[data-command="cancel-uploading"]').addClass('hide')
this.$el.find('[data-command="close-uploader"]').removeClass('hide')
this.refresh()}
MediaManager.prototype.uploadSending=function(file,xhr,formData){formData.append('path',this.$el.find('[data-type="current-folder"]').val())
formData.append('X_OCTOBER_FILEUPLOAD',this.options.uniqueId)}
MediaManager.prototype.uploadSending=function(file,xhr,formData){formData.append('path',this.$el.find('[data-type="current-folder"]').val())}
MediaManager.prototype.uploadCancelAll=function(){this.dropzone.removeAllFiles(true)
this.hideUploadUi()}
MediaManager.prototype.updateUploadBar=function(templateName,classNames){var fileNumberLabel=this.$el.get(0).querySelector('[data-label="file-number-and-progress"]'),successTemplate=fileNumberLabel.getAttribute('data-'+templateName+'-template'),progressBar=this.$el.get(0).querySelector('[data-control="upload-progress-bar"]')
@ -463,7 +465,7 @@ eventHandled=true
break;}
if(eventHandled){ev.preventDefault()
ev.stopPropagation()}}
MediaManager.DEFAULTS={alias:'',uniqueId:null,deleteEmpty:'Please select files to delete.',deleteConfirm:'Do you really want to delete the selected file(s)?',moveEmpty:'Please select files to move.',selectSingleImage:'Please select a single image.',selectionNotImage:'The selected item is not an image.',bottomToolbar:false,cropAndInsertButton:false}
MediaManager.DEFAULTS={url:window.location,alias:'',uniqueId:null,deleteEmpty:'Please select files to delete.',deleteConfirm:'Do you really want to delete the selected file(s)?',moveEmpty:'Please select files to move.',selectSingleImage:'Please select a single image.',selectionNotImage:'The selected item is not an image.',bottomToolbar:false,cropAndInsertButton:false}
var old=$.fn.mediaManager
$.fn.mediaManager=function(option){var args=Array.prototype.slice.call(arguments,1),result=undefined
this.each(function(){var $this=$(this)

18
modules/cms/widgets/mediamanager/assets/js/mediamanager.js
View File

@ -717,13 +717,25 @@
var uploaderOptions = {
clickable: this.$el.find('[data-control="upload"]').get(0),
method: 'POST',
url: window.location,
url: this.options.url,
paramName: 'file_data',
headers: {},
createImageThumbnails: false
// fallback: implement method that would set a flag that the uploader is not supported by the browser
}
if (this.options.uniqueId) {
uploaderOptions.headers['X-OCTOBER-FILEUPLOAD'] = this.options.uniqueId
}
/*
* Add CSRF token to headers
*/
var token = $('meta[name="csrf-token"]').attr('content')
if (token) {
uploaderOptions.headers['X-CSRF-TOKEN'] = token
}
this.dropzone = new Dropzone(this.$el.get(0), uploaderOptions)
this.dropzone.on('addedfile', this.proxy(this.uploadFileAdded))
this.dropzone.on('totaluploadprogress', this.proxy(this.uploadUpdateTotalProgress))
@ -791,7 +803,6 @@
MediaManager.prototype.uploadSending = function(file, xhr, formData) {
formData.append('path', this.$el.find('[data-type="current-folder"]').val())
formData.append('X_OCTOBER_FILEUPLOAD', this.options.uniqueId)
}
MediaManager.prototype.uploadCancelAll = function() {
@ -1253,6 +1264,7 @@
// ============================
MediaManager.DEFAULTS = {
url: window.location,
alias: '',
uniqueId: null,
deleteEmpty: 'Please select files to delete.',