? .svn
? plupload
Index: plupload.module
===================================================================
RCS file: /cvs/drupal-contrib/contributions/modules/plupload/plupload.module,v
retrieving revision 1.1
diff -u -p -r1.1 plupload.module
--- plupload.module	30 Jun 2010 02:51:56 -0000	1.1
+++ plupload.module	5 Jul 2010 20:18:32 -0000
@@ -5,7 +5,7 @@
  * Implementation of hook_perm().
  */
 function plupload_perm() {
-  return array('bulk upload files with plupload', 'administer plupload bulk uploads');
+  return array('upload files with plupload', 'administer plupload bulk uploads');
 }
 
 /**
@@ -20,6 +20,7 @@ function plupload_menu() {
     'type' => MENU_CALLBACK,
   );
   $items['file-plupload'] = array(
+    'title' => 'Upload files',
     'page callback' => 'plupload_upload_page',
     'access callback' => 'user_access',
     'access arguments' => array('upload files with plupload'),
@@ -110,17 +111,31 @@ __RSD__;
 }
 
 function plupload_pernode() {
-  $temp_directory = file_directory_temp();
 
+  // Put the file into a temporary location with a random name.
+  $temp = file_directory_temp();
+  // On Windows, tempnam() requires an absolute path, so we use realpath().
+  $temp_filename = tempnam(realpath($temp), 'file');
+  
   // Chunk it?
   $chunk = isset($_REQUEST["chunk"]) ? $_REQUEST["chunk"] : 0;
   
   // Get and clean the filename.
-  $file_name = isset($_REQUEST["name"]) ? $_REQUEST["name"] : '';
+  $filename = isset($_REQUEST["name"]) ? $_REQUEST["name"] : '';
 
   // Clean the fileName for security reasons
-  $file_name = preg_replace('/[^\w\._]+/', '', $file_name);
+  $filename = preg_replace('/[^\w\._]+/', '', $filename);
+  $extensions = '';
+  global $user;
+  foreach ($user->roles as $rid => $name) {
+    $extensions .= ' '. variable_get("upload_extensions_$rid",
+    variable_get('upload_extensions_default', 'jpg jpeg gif png txt html doc xls pdf ppt pps odt ods odp'));
+  }
+
+  $filename = file_munge_filename(trim(basename($_FILES['files']['name'][$source]), '.'), $extensions);
+  
   
+  // @todo use a temporary filename.
   
   // Look for the content type header
   if (isset($_SERVER["HTTP_CONTENT_TYPE"])) {
@@ -134,7 +149,7 @@ function plupload_pernode() {
   if (strpos($content_type, "multipart") !== false) {
     if (isset($_FILES['file']['tmp_name']) && is_uploaded_file($_FILES['file']['tmp_name'])) {
       // Open temp file
-      $out = fopen($targetDir . DIRECTORY_SEPARATOR . $file_name, $chunk == 0 ? "wb" : "ab");
+      $out = fopen($temp_filename, $chunk == 0 ? "wb" : "ab");
       if ($out) {
         // Read binary input stream and append it to temp file
         $in = fopen($_FILES['file']['tmp_name'], "rb");
@@ -154,7 +169,7 @@ function plupload_pernode() {
   }
   else {
     // Open temp file
-    $out = fopen($temp_directory . DIRECTORY_SEPARATOR . $file_name, $chunk == 0 ? "wb" : "ab");
+    $out = fopen($temp_filename, $chunk == 0 ? "wb" : "ab");
     if ($out) {
       // Read binary input stream and append it to temp file
       $in = fopen("php://input", "rb");
@@ -173,7 +188,7 @@ function plupload_pernode() {
   // Move it to it's final home.
   $path = file_directory_path();
 
-  $image_node = plupload_imagefield_create_node_from($temp_directory . DIRECTORY_SEPARATOR . $file_name, $file_name);
+  $image_node = plupload_imagefield_create_node_from($temp_filename, $filename);
 
   // @todo check the $image_node and do some error handling.
   
@@ -192,7 +207,7 @@ function plupload_pernode() {
  * @return $node
  *   a node object.
  */
-function plupload_imagefield_create_node_from($temp_filepath, $file_name) {
+function plupload_imagefield_create_node_from($temp_filepath, $filename) {
   // Only get files from Drupal's tmp directory.
   $directory = file_directory_temp();
   if (file_check_location($temp_filepath, $directory)) {
@@ -211,7 +226,7 @@ function plupload_imagefield_create_node
   
       // Create some defaults that imagefield expects.
       $form_state_values = array(
-        'title' => $file_name,
+        'title' => $filename,
         'body' => '',
         'field_photo' => array(0 => array(
             'fid' => 0,
@@ -234,7 +249,7 @@ function plupload_imagefield_create_node
         'node_status' => NULL,
         )
       );
-      // Save the file and create a node.
+      // Actually save the file and create a node.
       if ($file = field_file_save_file($temp_filepath, $validators, $directory)) {
         $file['original_path'] = $temp_filepath;
         $node = _plupload_imagefield_import_create_node($field, $form_state_values, $file);