public function validateUpload($InputName, $ThrowException = true)
{
$Ex = false;
if (!array_key_exists($InputName, $_FILES) || !is_uploaded_file($_FILES[$InputName]['tmp_name']) && GetValue('error', $_FILES[$InputName], 0) == 0) {
// Check the content length to see if we exceeded the max post size.
$ContentLength = Gdn::request()->getValueFrom('server', 'CONTENT_LENGTH');
$MaxPostSize = self::unformatFileSize(ini_get('post_max_size'));
if ($ContentLength > $MaxPostSize) {
$Ex = sprintf(t('Gdn_Upload.Error.MaxPostSize', 'The file is larger than the maximum post size. (%s)'), self::formatFileSize($MaxPostSize));
} else {
$Ex = t('The file failed to upload.');
}
} else {
switch ($_FILES[$InputName]['error']) {
case 1:
case 2:
$MaxFileSize = self::unformatFileSize(ini_get('upload_max_filesize'));
$Ex = sprintf(T('Gdn_Upload.Error.PhpMaxFileSize', 'The file is larger than the server\'s maximum file size. (%s)'), self::formatFileSize($MaxFileSize));
break;
case 3:
case 4:
$Ex = T('The file failed to upload.');
break;
case 6:
$Ex = T('The temporary upload folder has not been configured.');
break;
case 7:
$Ex = T('Failed to write the file to disk.');
break;
case 8:
$Ex = T('The upload was stopped by extension.');
break;
}
}
$Foo = self::formatFileSize($this->_MaxFileSize);
// Check the maxfilesize again just in case the value was spoofed in the form.
if (!$Ex && $this->_MaxFileSize > 0 && filesize($_FILES[$InputName]['tmp_name']) > $this->_MaxFileSize) {
$Ex = sprintf(T('Gdn_Upload.Error.MaxFileSize', 'The file is larger than the maximum file size. (%s)'), self::formatFileSize($this->_MaxFileSize));
} elseif (!$Ex) {
// Make sure that the file extension is allowed.
$Extension = pathinfo($_FILES[$InputName]['name'], PATHINFO_EXTENSION);
if (!InArrayI($Extension, $this->_AllowedFileExtensions)) {
$Ex = sprintf(T('You cannot upload files with this extension (%s). Allowed extension(s) are %s.'), htmlspecialchars($Extension), implode(', ', $this->_AllowedFileExtensions));
}
}
if ($Ex) {
if ($ThrowException) {
throw new Gdn_UserException($Ex);
} else {
$this->Exception = $Ex;
return false;
}
} else {
// If all validations were successful, return the tmp name/location of the file.
$this->_UploadedFile = $_FILES[$InputName];
return $this->_UploadedFile['tmp_name'];
}
}