summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--CHANGELOG.txt2
-rw-r--r--includes/file.inc19
-rw-r--r--modules/simpletest/tests/file.test8
3 files changed, 9 insertions, 20 deletions
diff --git a/CHANGELOG.txt b/CHANGELOG.txt
index e6f9c38d2..986c4825a 100644
--- a/CHANGELOG.txt
+++ b/CHANGELOG.txt
@@ -1,6 +1,8 @@
Drupal 7.32, xxxx-xx-xx (development version)
-----------------------
+- Removed special-case behavior for file uploads which allowed user #1 to
+ bypass maximum file size and user quota limits.
Drupal 7.31, 2014-08-06
----------------------
diff --git a/includes/file.inc b/includes/file.inc
index d3008cc4f..fb2685659 100644
--- a/includes/file.inc
+++ b/includes/file.inc
@@ -1729,8 +1729,6 @@ function file_validate_extensions(stdClass $file, $extensions) {
/**
* Checks that the file's size is below certain limits.
*
- * This check is not enforced for the user #1.
- *
* @param $file
* A Drupal file object.
* @param $file_limit
@@ -1748,20 +1746,17 @@ function file_validate_extensions(stdClass $file, $extensions) {
*/
function file_validate_size(stdClass $file, $file_limit = 0, $user_limit = 0) {
global $user;
-
$errors = array();
- // Bypass validation for uid = 1.
- if ($user->uid != 1) {
- if ($file_limit && $file->filesize > $file_limit) {
- $errors[] = t('The file is %filesize exceeding the maximum file size of %maxsize.', array('%filesize' => format_size($file->filesize), '%maxsize' => format_size($file_limit)));
- }
+ if ($file_limit && $file->filesize > $file_limit) {
+ $errors[] = t('The file is %filesize exceeding the maximum file size of %maxsize.', array('%filesize' => format_size($file->filesize), '%maxsize' => format_size($file_limit)));
+ }
- // Save a query by only calling file_space_used() when a limit is provided.
- if ($user_limit && (file_space_used($user->uid) + $file->filesize) > $user_limit) {
- $errors[] = t('The file is %filesize which would exceed your disk quota of %quota.', array('%filesize' => format_size($file->filesize), '%quota' => format_size($user_limit)));
- }
+ // Save a query by only calling file_space_used() when a limit is provided.
+ if ($user_limit && (file_space_used($user->uid) + $file->filesize) > $user_limit) {
+ $errors[] = t('The file is %filesize which would exceed your disk quota of %quota.', array('%filesize' => format_size($file->filesize), '%quota' => format_size($user_limit)));
}
+
return $errors;
}
diff --git a/modules/simpletest/tests/file.test b/modules/simpletest/tests/file.test
index 20dd27376..0e66775a9 100644
--- a/modules/simpletest/tests/file.test
+++ b/modules/simpletest/tests/file.test
@@ -484,14 +484,6 @@ class FileValidatorTest extends DrupalWebTestCase {
$original_user = $user;
drupal_save_session(FALSE);
- // Run these test as uid = 1.
- $user = user_load(1);
-
- $file = new stdClass();
- $file->filesize = 999999;
- $errors = file_validate_size($file, 1, 1);
- $this->assertEqual(count($errors), 0, 'No size limits enforced on uid=1.', 'File');
-
// Run these tests as a regular user.
$user = $this->drupalCreateUser();
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-17 00:56:07 +0000