bug 2725: Piwigo isn't compatible with suPHP + better handling of wat…

…ermark upload errors git-svn-id: http://piwigo.org/svn/trunk@17675 68402e56-0260-453c-a942-63ccdbb3a9ee
Piwigo · Aug 30, 2012 · c918bb9 · c918bb9
1 parent d985414
commit c918bb9
Show file tree

Hide file tree

Showing 6 changed files with 26 additions and 52 deletions.
diff --git a/admin/include/configuration_watermark_process.inc.php b/admin/include/configuration_watermark_process.inc.php
@@ -43,16 +43,24 @@
   else
   {
     $upload_dir = PHPWG_ROOT_PATH.PWG_LOCAL_DIR.'watermarks';
-
-    include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php');
-    prepare_directory($upload_dir);
-
-    $new_name = get_filename_wo_extension($_FILES['watermarkImage']['name']).'.png';
-    $file_path = $upload_dir.'/'.$new_name;
-
-    move_uploaded_file($_FILES['watermarkImage']['tmp_name'], $file_path);
-
-    $pwatermark['file'] = substr($file_path, strlen(PHPWG_ROOT_PATH));
+    if (mkgetdir($upload_dir, MKGETDIR_DEFAULT&~MKGETDIR_DIE_ON_ERROR))
+    {
+      $new_name = get_filename_wo_extension($_FILES['watermarkImage']['name']).'.png';
+      $file_path = $upload_dir.'/'.$new_name;
+
+      if (move_uploaded_file($_FILES['watermarkImage']['tmp_name'], $file_path))
+      {
+        $pwatermark['file'] = substr($file_path, strlen(PHPWG_ROOT_PATH));
+      }
+      else
+      {
+        $page['errors'][] = $errors['watermarkImage'] = "$file_path " .l10n('no write access');
+      }
+    }
+    else
+    {
+      $page['errors'][] = $errors['watermarkImage'] = sprintf( l10n('Add write access to the "%s" directory'), $upload_dir);
+    }
   }
 }
 

diff --git a/admin/include/functions_upload.inc.php b/admin/include/functions_upload.inc.php
@@ -246,6 +246,7 @@ function add_uploaded_file($source_filepath, $original_filename=null, $categorie
   {
     rename($source_filepath, $file_path);
   }
+  @chmod($file_path, 0644);
 
   if (pwg_image::get_library() != 'gd')
   {

diff --git a/admin/themes/default/template/configuration.tpl b/admin/themes/default/template/configuration.tpl
@@ -518,7 +518,7 @@ jQuery(document).ready(function() {
       <span id="addWatermark"{if isset($ferrors.watermarkImage)} style="display:inline"{/if}>
       {'add a new watermark'|@translate} {'... or '|@translate}<a href="#" class="addWatermarkOpen">{'Select a file'|@translate}</a>
       <br><input type="file" size="60" id="watermarkImage" name="watermarkImage"{if isset($ferrors.watermarkImage)} class="dError"{/if}> (png)
-      {if isset($ferrors.watermarkImage)}<span class="dErrorDesc" title="{$ferrors.watermarkImage}">!</span>{/if}
+      {if isset($ferrors.watermarkImage)}<span class="dErrorDesc" title="{$ferrors.watermarkImage|@htmlspecialchars}">!</span>{/if}
       </span>{* #addWatermark *}
     </li>
 

diff --git a/i.php b/i.php
@@ -623,6 +623,7 @@ class json_response
 $image->set_compression_quality( ImageStdParams::$quality );
 $image->write( $page['derivative_path'] );
 $image->destroy();
+@chmod($page['derivative_path'], 0644);
 $timing['save'] = time_step($step);
 
 send_derivative($expires);

diff --git a/include/template.class.php b/include/template.class.php
@@ -78,28 +78,6 @@ function Template($root = ".", $theme= "", $path = "template")
       }
     }
 
-    if (!isset($conf['combined_dir_checked']))
-    {
-      $dir = PHPWG_ROOT_PATH.PWG_COMBINED_DIR;
-      mkgetdir($dir, MKGETDIR_DEFAULT&~MKGETDIR_DIE_ON_ERROR);
-      if (!is_writable($dir))
-      {
-        load_language('admin.lang');
-        fatal_error(
-          sprintf(
-            l10n('Give write access (chmod 777) to "%s" directory at the root of your Piwigo installation'),
-            PWG_COMBINED_DIR
-            ),
-          l10n('an error happened'),
-          false // show trace
-          );
-      }
-      if (function_exists('pwg_query')) {
-        conf_update_param('combined_dir_checked', 1);
-      }
-    }
-
-
     $compile_dir = PHPWG_ROOT_PATH.$conf['data_location'].'templates_c';
     mkgetdir( $compile_dir );
 
@@ -1343,7 +1321,9 @@ function combine(&$out_file, &$out_version)
       $output .= "\n";
     }
 
-    file_put_contents( PHPWG_ROOT_PATH . $file,  $output );
+    mkgetdir( dirname(PHPWG_ROOT_PATH.$file) );
+    file_put_contents( PHPWG_ROOT_PATH.$file,  $output );
+    @chmod(PHPWG_ROOT_PATH.$file, 0644);
     $out_file = $file;
     $out_version = false;
     $this->clear();

diff --git a/include/ws_functions.inc.php b/include/ws_functions.inc.php
@@ -1507,27 +1507,11 @@ function ws_images_add_chunk($params, &$service)
   $upload_dir = $conf['upload_dir'].'/buffer';
 
   // create the upload directory tree if not exists
-  if (!is_dir($upload_dir)) {
-    umask(0000);
-    if (!@mkdir($upload_dir, 0777, true))
-    {
-      return new PwgError(500, 'error during buffer directory creation');
-    }
-  }
-
-  if (!is_writable($upload_dir))
+  if (!mkgetdir($upload_dir, MKGETDIR_DEFAULT&~MKGETDIR_DIE_ON_ERROR))
   {
-    // last chance to make the directory writable
-    @chmod($upload_dir, 0777);
-
-    if (!is_writable($upload_dir))
-    {
-      return new PwgError(500, 'buffer directory has no write access');
-    }
+    return new PwgError(500, 'error during buffer directory creation');
   }
 
-  secure_directory($upload_dir);
-
   $filename = sprintf(
     '%s-%s-%05u.block',
     $params['original_sum'],