- Patch #115267 by drewish, dopry et al: simplified file uploads code, improved file API, centralized file validation, implemented quotas and fixed file previews.

1 files changed, 37 insertions, 19 deletions

diff --git a/modules/system/system.module b/modules/system/system.module
index 53b496d30..3a3e094c3 100644
--- a/modules/system/system.module
+++ b/modules/system/system.module
@@ -13,6 +13,9 @@ define('DRUPAL_MINIMUM_MYSQL',  '4.1.0'); // If using MySQL
 define('DRUPAL_MINIMUM_PGSQL',  '7.4');   // If using PostgreSQL
 define('DRUPAL_MINIMUM_APACHE', '1.3');   // If using Apache
 
+// Maximum age of temporary files in seconds.
+define('DRUPAL_MAXIMUM_TEMP_FILE_AGE', 1440);
+
 /**
  * Implementation of hook_help().
  */
@@ -83,7 +86,7 @@ function system_theme() {
  * Implementation of hook_perm().
  */
 function system_perm() {
-  return array('administer site configuration', 'access administration pages', 'select different theme');
+  return array('administer site configuration', 'access administration pages', 'select different theme', 'administer files');
 }
 
 /**
@@ -2171,28 +2174,29 @@ function system_theme_settings($key = '') {
   $form['var'] = array('#type' => 'hidden', '#value' => $var);
 
   // Check for a new uploaded logo, and use that instead.
-  if ($file = file_check_upload('logo_upload')) {
-    if ($info = image_get_info($file->filepath)) {
-      $parts = pathinfo($file->filename);
-      $filename = ($key) ? str_replace('/', '_', $key) .'_logo.'. $parts['extension'] : 'logo.'. $parts['extension'];
-
-      if ($file = file_save_upload('logo_upload', $filename, 1)) {
-        $_POST['default_logo'] = 0;
-        $_POST['logo_path'] = $file->filepath;
-        $_POST['toggle_logo'] = 1;
-      }
-    }
-    else {
-      form_set_error('file_upload', t('Only JPEG, PNG and GIF images are allowed to be used as logos.'));
+  if ($file = file_save_upload('logo_upload', array('file_validate_is_image' => array()))) {
+    $parts = pathinfo($file->filename);
+    $filename = ($key) ? str_replace('/', '_', $key) .'_logo.'. $parts['extension'] : 'logo.'. $parts['extension'];
+
+    // The image was saved using file_save_upload() and was added to the
+    // files table as a temorary file. We'll make a copy and let the garbage
+    // collector delete the original upload.
+    if (file_copy($file, $filename, FILE_EXISTS_REPLACE)) {
+      $_POST['default_logo'] = 0;
+      $_POST['logo_path'] = $file->filepath;
+      $_POST['toggle_logo'] = 1;
     }
   }
 
   // Check for a new uploaded favicon, and use that instead.
-  if ($file = file_check_upload('favicon_upload')) {
+  if ($file = file_save_upload('favicon_upload')) {
     $parts = pathinfo($file->filename);
     $filename = ($key) ? str_replace('/', '_', $key) .'_favicon.'. $parts['extension'] : 'favicon.'. $parts['extension'];
 
-    if ($file = file_save_upload('favicon_upload', $filename, 1)) {
+    // The image was saved using file_save_upload() and was added to the
+    // files table as a temorary file. We'll make a copy and let the garbage
+    // collector delete the original upload.
+    if (file_copy($file, $filename)) {
       $_POST['default_favicon'] = 0;
       $_POST['favicon_path'] = $file->filepath;
       $_POST['toggle_favicon'] = 1;
@@ -2636,13 +2640,27 @@ function theme_system_admin_by_module($menu_items) {
 /**
  * Implementation of hook_cron().
  *
- * Remove older rows from flood table
+ * Remove older rows from flood and batch table. Remove old temporary files.
  */
 function system_cron() {
-  // Cleanup the flood
+  // Cleanup the flood.
   db_query('DELETE FROM {flood} WHERE timestamp < %d', time() - 3600);
-  // Cleanup the batch table
+  // Cleanup the batch table.
   db_query('DELETE FROM {batch} WHERE timestamp < %d', time() - 864000);
+
+  // Remove temporary files that are older than DRUPAL_MAXIMUM_TEMP_FILE_AGE.
+  $result = db_query('SELECT * FROM {files} WHERE status = %s and timestamp < %d', FILE_STATUS_TEMPORARY, time() - DRUPAL_MAXIMUM_TEMP_FILE_AGE);
+  while ($file = db_fetch_object($result)) {
+    if (file_exists($file->filepath)) {
+      // If files that exist cannot be deleted, continue so the database remains
+      // consistant.
+      if (!file_delete($file->filepath)) {
+        watchdog('file system', t('Could not delete temporary file "%path" during garbage collection', array('%path' => $file->filepath)), 'error');
+        continue;
+      }
+    }
+    db_query('DELETE FROM {files} WHERE fid = %d', $file->fid);
+  }
 }
 
 /**