Add files via upload
This commit is contained in:
Fernando Méndez
GitHub
@ -41,7 +41,7 @@ class FormUploadFiles extends Form {
|
||||
$archivo = $_FILES['archivo'];
|
||||
$nombre = $_FILES['archivo']['name'];
|
||||
/* 1.a) Valida el nombre del archivo */
|
||||
$ok = check_file_uploaded_name($nombre) && check_file_uploaded_length($nombre) ;
|
||||
$ok = $this->check_file_uploaded_name($nombre) && $this->check_file_uploaded_length($nombre) ;
|
||||
/* 1.b) Sanitiza el nombre del archivo
|
||||
$ok = sanitize_file_uploaded_name($nombre);
|
||||
*/
|
||||
@ -82,7 +82,7 @@ class FormUploadFiles extends Form {
|
||||
* @author Yousef Ismaeil Cliprz
|
||||
* @See http://php.net/manual/es/function.move-uploaded-file.php#111412
|
||||
*/
|
||||
function check_file_uploaded_name ($filename) {
|
||||
protected function check_file_uploaded_name ($filename) {
|
||||
return (bool) ((mb_ereg_match('/^[0-9A-Z-_\.]+$/i',$filename) === 1) ? true : false );
|
||||
}
|
||||
|
||||
@ -97,7 +97,7 @@ class FormUploadFiles extends Form {
|
||||
* @author Sean Vieira
|
||||
* @see http://stackoverflow.com/a/2021729
|
||||
*/
|
||||
function sanitize_file_uploaded_name($filename) {
|
||||
protected function sanitize_file_uploaded_name($filename) {
|
||||
/* Remove anything which isn't a word, whitespace, number
|
||||
* or any of the following caracters -_~,;[]().
|
||||
* If you don't need to handle multi-byte characters
|
||||
@ -118,7 +118,7 @@ class FormUploadFiles extends Form {
|
||||
* @author Yousef Ismaeil Cliprz.
|
||||
* @See http://php.net/manual/es/function.move-uploaded-file.php#111412
|
||||
*/
|
||||
function check_file_uploaded_length ($filename) {
|
||||
protected function check_file_uploaded_length ($filename) {
|
||||
return (bool) ((mb_strlen($filename,'UTF-8') < 250) ? true : false);
|
||||
}
|
||||
}
|
||||
|
||||
@ -16,8 +16,8 @@
|
||||
/**
|
||||
* Image files directory.
|
||||
*/
|
||||
define('FILMS_DIR', dirname(RAIZ_APP).'img/films/tmp');
|
||||
define('FILMS_DIR_PROTECTED', RAIZ_APP.'img/films/tmp');
|
||||
define('FILMS_DIR', dirname(RAIZ_APP).'/img/films/tmp');
|
||||
define('FILMS_DIR_PROTECTED', RAIZ_APP.'/img/films/tmp');
|
||||
|
||||
/**
|
||||
* Allowed extensions for image files.
|
||||
|
||||
@ -251,7 +251,7 @@ abstract class Form {
|
||||
/* <<< Permite definir cadena en múltiples líneas.
|
||||
* Revisa https://www.php.net/manual/en/language.types.string.php#language.types.string.syntax.heredoc
|
||||
*/
|
||||
$htmlForm = "<form method='POST' action='{$this->action}' id='{$this->formId}{$classAtt}{$enctypeAtt}' >
|
||||
$htmlForm = "<form method='POST' action='{$this->action}' id='{$this->formId}'{$classAtt}{$enctypeAtt} >
|
||||
<input type='hidden' name='action' value='{$this->tipoFormulario}' />
|
||||
".$tokenCSRF.$htmlCamposFormularios."
|
||||
</form>";
|
||||
|
||||
Reference in New Issue
Block a user