Index: includes/bootstrap.inc
===================================================================
RCS file: /cvs/drupal/drupal/includes/bootstrap.inc,v
retrieving revision 1.230
diff -u -9 -p -r1.230 bootstrap.inc
--- includes/bootstrap.inc 6 Oct 2008 22:40:20 -0000 1.230
+++ includes/bootstrap.inc 9 Oct 2008 20:09:13 -0000
@@ -1,12 +1,16 @@
$directory)));
watchdog('file system', 'The directory %directory does not exist.', array('%directory' => $directory), WATCHDOG_ERROR);
}
return FALSE;
}
@@ -186,19 +186,19 @@ function file_check_directory(&$director
}
return FALSE;
}
}
if ((file_directory_path() == $directory || file_directory_temp() == $directory) && !is_file("$directory/.htaccess")) {
$htaccess_lines = "SetHandler Drupal_Security_Do_Not_Remove_See_SA_2006_006\nOptions None\nOptions +FollowSymLinks";
if (($fp = fopen("$directory/.htaccess", 'w')) && fputs($fp, $htaccess_lines)) {
fclose($fp);
- chmod($directory . '/.htaccess', 0664);
+ @chmod($directory . '/.htaccess', 0664);
}
else {
$variables = array('%directory' => $directory, '!htaccess' => '
' . nl2br(check_plain($htaccess_lines)));
form_set_error($form_item, t("Security warning: Couldn't write .htaccess file. Please create a .htaccess file in your %directory directory which contains the following lines: !htaccess", $variables));
watchdog('security', "Security warning: Couldn't write .htaccess file. Please create a .htaccess file in your %directory directory which contains the following lines: !htaccess", $variables, WATCHDOG_ERROR);
}
}
return TRUE;
@@ -244,27 +244,32 @@ function file_check_path(&$path) {
* @param $source
* A string set to the file to check.
* @param $directory
* A string where the file should be located.
* @return
* FALSE if the path does not exist in the directory; otherwise, the real
* path of the source.
*/
function file_check_location($source, $directory = '') {
- $check = realpath($source);
+ $check = drupal_realpath($source);
if ($check) {
$source = $check;
}
else {
+ // drupal_realpath() does not always resolve '/..'
+ $basename = basename($source);
+ if ($basename == '..') {
+ return FALSE;
+ }
// This file does not yet exist.
- $source = realpath(dirname($source)) . '/' . basename($source);
+ $source = drupal_realpath(dirname($source)) . '/' . $basename;
}
- $directory = realpath($directory);
+ $directory = drupal_realpath($directory);
if ($directory && strpos($source, $directory) !== 0) {
return FALSE;
}
return $source;
}
/**
* Load a file object from the database.
*
@@ -422,19 +427,19 @@ function file_copy($source, $destination
* - FILE_EXISTS_RENAME - Append _{incrementing number} until the filename is
* unique.
* - FILE_EXISTS_ERROR - Do nothing and return FALSE.
* @return
* The path to the new file, or FALSE in the event of an error.
*
* @see file_copy()
*/
function file_unmanaged_copy($source, $destination = NULL, $replace = FILE_EXISTS_RENAME) {
- $source = realpath($source);
+ $source = drupal_realpath($source);
if (!file_exists($source)) {
drupal_set_message(t('The specified file %file could not be copied, because no file by that name exists. Please check that you supplied the correct filename.', array('%file' => $source)), 'error');
return FALSE;
}
$destination = file_create_path($destination);
$directory = $destination;
$basename = file_check_path($directory);
@@ -450,19 +455,19 @@ function file_unmanaged_copy($source, $d
$destination = file_destination($directory . '/' . $basename, $replace);
if ($destination === FALSE) {
drupal_set_message(t('The specified file %file could not be copied because a file by that name already exists in the destination.', array('%file' => $source)), 'error');
return FALSE;
}
// Make sure source and destination filenames are not the same, makes no
// sense to copy it if they are. In fact copying the file will most likely
// result in a 0 byte file. Which is bad. Real bad.
- if ($source == realpath($destination)) {
+ if ($source == drupal_realpath($destination)) {
drupal_set_message(t('The specified file %file was not copied because it would overwrite itself.', array('%file' => $source)), 'error');
return FALSE;
}
if (!@copy($source, $destination)) {
drupal_set_message(t('The specified file %file could not be copied.', array('%file' => $source)), 'error');
return FALSE;
}
// Give everyone read access so that FTP'd users or
@@ -1340,19 +1345,22 @@ function file_scan_directory($dir, $mask
}
closedir($handle);
}
return $files;
}
/**
- * Determine the default temporary directory.
+ * Determine the default temporary directory. This may be used for storing
+ * temporary files within a single request.
+ * If a temporary file is to be used in several requests, it should be saved in
+ * file_directory_path with its status set to FILE_STATUS_TEMPORARY.
*
* @return
* A string containing a temp directory.
*/
function file_directory_temp() {
$temporary_directory = variable_get('file_directory_temp', NULL);
if (is_null($temporary_directory)) {
$directories = array();
@@ -1780,11 +1788,69 @@ function file_get_mimetype($filename, $m
if (preg_match('!\.('. $ext_preg .')$!i', $filename)) {
return $mime_match;
}
}
return 'application/octet-stream';
}
/**
+ * Check whether the path uses a wrapper prefix, e.g. "foo://".
+ *
+ * @param $path
+ * A string containing a path to a file or directory.
+ * @return
+ * TRUE if path contains a wrapper prefix, FALSE otherwise.
+ */
+function file_is_wrapper($path) {
+ // A wrapper prefix is at least two characters so that it can be distinguised
+ // from a Windows drive letter, "C:/temp"?.
+ return preg_match('@^([a-z0-9.+-]{2,})://@i', $path);
+}
+
+/**
+ * Get canonicalized absolute path of a file or directory. The Windows path
+ * separator "\" is converted to "/", and consecutive "/" characters are stripped.
+ * If path is a directory, the trailing "/" is stripped.
+ * For regular files:
+ * - Symbolic links are expanded.
+ * - "/./" and "/../" segments are resolved.
+ * For paths with protocol/wrapper prefix (e.g. "mywrapper://foo/bar.txt"):
+ * - Paths containing "/../" are blocked (FALSE is returned).
+ * - Paths are assumed to be case-sensitive (no case normalization is done).
+ *
+ * @code
+ * // Returns "/foo/bar/boo", or FALSE if the file does not exist:
+ * drupal_realpath('/foo//bar/./baz/..\\boo');
+ *
+ * // Returns FALSE due to "/../":
+ * drupal_realpath('mywrapper://foo/bar/../baz');
+ * @endcode
+ *
+ * @param $path
+ * A string containing a path to a file or directory.
+ * @return
+ * A string containing the absolute path to the file/directory, or FALSE if
+ * the file/directory does not exist.
+ */
+function drupal_realpath($path) {
+ // Does $path include an explicit protocol/wrapper prefix "foo://" (not a
+ // Windows drive letter "C:/temp")?
+ if (preg_match('@^([a-z0-9.+-]{2,})://(.*)@i', $path, $reg)) {
+ // Replace "\" and "//" with "/", except when "//" is preceded by a colon
+ // (this indicates a nested stream wrapper prefix, e.g. "foo://bar://".
+ $wrappedPath = preg_replace('@(?checkPermissions(array(), TRUE);
// Restore necessary variables.
variable_set('install_profile', 'default');
variable_set('install_task', 'profile-finished');
variable_set('clean_url', $clean_url_original);
// Use temporary files directory with the same prefix as database.
$this->original_file_directory = file_directory_path();
- variable_set('file_directory_path', file_directory_path() . '/' . $db_prefix);
+ // THIS SHOULD NOT BE COMMITTED!
+ variable_set('file_directory_path', 'dummy-stream-wrapper://' . file_directory_path() . '/' . $db_prefix);
+ variable_set('file_downloads', FILE_DOWNLOADS_PRIVATE);
file_check_directory(file_directory_path(), TRUE); // Create the files directory.
}
/**
* Refresh the in-memory set of variables. Useful after a page request is made
* that changes a variable in a different thread.
*
* In other words calling a settings page with $this->drupalPost() with a changed
* value would update a variable to reflect that change, but in the thread that
@@ -925,42 +927,71 @@ class DrupalWebTestCase {
if ($this->parse()) {
$edit_save = $edit;
// Let's iterate over all the forms.
$forms = $this->xpath('//form');
foreach ($forms as $form) {
// We try to set the fields of this form as specified in $edit.
$edit = $edit_save;
$post = array();
$upload = array();
+ $temp_dir = FALSE;
$submit_matches = $this->handleForm($post, $edit, $upload, $submit, $form);
$action = isset($form['action']) ? $this->getAbsoluteUrl($form['action']) : $this->getUrl();
// We post only if we managed to handle every field in edit and the
// submit button matches.
if (!$edit && $submit_matches) {
if ($upload) {
// TODO: cURL handles file uploads for us, but the implementation
// is broken. This is a less than elegant workaround. Alternatives
// are being explored at #253506.
foreach ($upload as $key => $file) {
- $post[$key] = '@' . realpath($file);
+ // cURL does not support stream wrappers
+ if (file_is_wrapper($file)) {
+ $temp_dir = file_directory_temp() . '/simpletest_drupal_web_test_case';
+ if (!is_dir($temp_dir)) {
+ mkdir($temp_dir);
+ }
+ $upload_file = $temp_dir . '/' . basename($file);
+ copy($file, $upload_file);
+ if (!is_file($upload_file)) {
+ $this->fail(t('Failed to create temporary file @file', array('@file' => $upload_file)));
+ return;
+ }
+ }
+ else {
+ $upload_file = realpath($file);
+ }
+ $post[$key] = '@' . $upload_file;
}
}
else {
foreach ($post as $key => $value) {
// Encode according to application/x-www-form-urlencoded
// Both names and values needs to be urlencoded, according to
// http://www.w3.org/TR/html4/interact/forms.html#h-17.13.4.1
$post[$key] = urlencode($key) . '=' . urlencode($value);
}
$post = implode('&', $post);
}
$out = $this->curlExec(array(CURLOPT_URL => $action, CURLOPT_POST => TRUE, CURLOPT_POSTFIELDS => $post, CURLOPT_HEADER => FALSE));
+
+ // Remove temporary directory and its contents.
+ if ($temp_dir) {
+ $files = scandir($temp_dir);
+ foreach ($files as $file) {
+ if ($file != '.' && $file != '..') {
+ file_unmanaged_delete($temp_dir . '/' . $file);
+ }
+ }
+ rmdir($temp_dir);
+ }
+
// Ensure that any changes to variables in the other thread are picked up.
$this->refreshVariables();
// Replace original page output with new output from redirected page(s).
if (($new = $this->checkForMetaRefresh())) {
$out = $new;
}
return $out;
}
Index: modules/simpletest/tests/file.test
===================================================================
RCS file: /cvs/drupal/drupal/modules/simpletest/tests/file.test,v
retrieving revision 1.6
diff -u -9 -p -r1.6 file.test
--- modules/simpletest/tests/file.test 9 Oct 2008 00:02:29 -0000 1.6
+++ modules/simpletest/tests/file.test 9 Oct 2008 20:09:14 -0000
@@ -24,18 +24,22 @@ class FileTestCase extends DrupalWebTest
*
* @param $filepath
* String file path.
* @param $expected_mode
* Octal integer like 0664 or 0777.
* @param $message
* Optional message.
*/
function assertFilePermissions($filepath, $expected_mode, $message = NULL) {
+ // File permissions are not supported by stream wrappers
+ if (file_is_wrapper($filepath)) {
+ return;
+ }
// Mask out all but the last three octets.
$actual_mode = fileperms($filepath) & 511;
if (is_null($message)) {
if ($actual_mode == $expected_mode) {
$message = t('File permissions set correctly.');
}
else {
$message = t('Expected file permission to be %expected, actually were %actual.', array('%actual' => decoct($actual_mode), '%expected' => decoct($expected_mode)));
}
@@ -209,29 +213,29 @@ class FileValidatorTest extends DrupalWe
$errors = file_validate_image_resolution($this->image, 0, '1x200');
$this->assertEqual(count($errors), 1, t("Got an error for an image that wasn't tall enough."), 'File');
$errors = file_validate_image_resolution($this->image, 0, '200x200');
$this->assertEqual(count($errors), 1, t('Small images report an error.'), 'File');
// Maximum size.
if (image_get_toolkit()) {
// Copy the image so that the original doesn't get resized.
$temp_dir = file_directory_temp();
- copy(realpath('misc/druplicon.png'), realpath($temp_dir) . '/druplicon.png');
+ copy('misc/druplicon.png', $temp_dir . '/druplicon.png');
$this->image->filepath = $temp_dir . '/druplicon.png';
$errors = file_validate_image_resolution($this->image, '10x5');
$this->assertEqual(count($errors), 0, t('No errors should be reported when an oversized image can be scaled down.'), 'File');
$info = image_get_info($this->image->filepath);
$this->assertTrue($info['width'] <= 10, t('Image scaled to correct width.'), 'File');
$this->assertTrue($info['height'] <= 5, t('Image scaled to correct height.'), 'File');
- unlink(realpath($temp_dir . '/druplicon.png'));
+ unlink($temp_dir . '/druplicon.png');
}
else {
// TODO: should check that the error is returned if no toolkit is available.
$errors = file_validate_image_resolution($this->image, '5x10');
$this->assertEqual(count($errors), 1, t("Oversize images that can't be scaled get an error."), 'File');
}
}
/**
@@ -316,26 +320,26 @@ class FileUnmanagedSaveDataTest extends
* Test the file_unmanaged_save_data() function.
*/
function testFileSaveData() {
$contents = $this->randomName(8);
// No filename.
$filepath = file_unmanaged_save_data($contents);
$this->assertTrue($filepath, t('Unnamed file saved correctly.'));
$this->assertEqual(file_directory_path(), dirname($filepath), t("File was placed in Drupal's files directory."));
- $this->assertEqual($contents, file_get_contents(realpath($filepath)), t('Contents of the file are correct.'));
+ $this->assertEqual($contents, file_get_contents($filepath), t('Contents of the file are correct.'));
// Provide a filename.
$filepath = file_unmanaged_save_data($contents, 'asdf.txt', FILE_EXISTS_REPLACE);
$this->assertTrue($filepath, t('Unnamed file saved correctly.'));
$this->assertEqual(file_directory_path(), dirname($filepath), t("File was placed in Drupal's files directory."));
$this->assertEqual('asdf.txt', basename($filepath), t('File was named correctly.'));
- $this->assertEqual($contents, file_get_contents(realpath($filepath)), t('Contents of the file are correct.'));
+ $this->assertEqual($contents, file_get_contents($filepath), t('Contents of the file are correct.'));
$this->assertFilePermissions($filepath, 0664);
}
}
/**
* Test the file_save_upload() function.
*/
class FileSaveUploadTest extends FileHookTestCase {
/**
@@ -353,19 +357,19 @@ class FileSaveUploadTest extends FileHoo
* Test the file_save_upload() function.
*/
function testFileSaveUpload() {
$max_fid_before = db_result(db_query('SELECT MAX(fid) AS fid FROM {files}'));
$upload_user = $this->drupalCreateUser(array('access content'));
$this->drupalLogin($upload_user);
$image = current($this->drupalGetTestFiles('image'));
$this->assertTrue(is_file($image->filename), t("The file we're going to upload exists."));
- $edit = array('files[file_test_upload]' => realpath($image->filename));
+ $edit = array('files[file_test_upload]' => $image->filename);
$this->drupalPost('file-test/upload', $edit, t('Submit'));
$this->assertResponse(200, t('Received a 200 response for posted test file.'));
// We can't easily check that the hooks were called but since
// file_save_upload() calles file_save() we can rely on file_save()'s
// test to catch problems invoking the hooks.
$max_fid_after = db_result(db_query('SELECT MAX(fid) AS fid FROM {files}'));
$this->assertTrue($max_fid_after > $max_fid_before, t('A new file was created.'));
@@ -404,26 +408,29 @@ class FileDirectoryTest extends FileTest
$errors = form_get_errors();
$this->assertEqual($errors[$form_element], t('The directory %directory does not exist.', array('%directory' => $directory)), t('Properly generated an error for the passed form element.'), 'File');
// Make a directory.
$this->assertTrue(file_check_directory($directory, FILE_CREATE_DIRECTORY), t('No error reported when creating a new directory.'), 'File');
// Make sure directory actually exists.
$this->assertTrue(is_dir($directory), t('Directory actually exists.'), 'File');
- // Make directory read only.
- @chmod($directory, 0444);
- $form_element = $this->randomName();
- $this->assertFalse(file_check_directory($directory, 0, $form_element), t('Error reported for a non-writeable directory.'), 'File');
-
- // Check if form error was set.
- $errors = form_get_errors();
- $this->assertEqual($errors[$form_element], t('The directory %directory is not writable', array('%directory' => $directory)), t('Properly generated an error for the passed form element.'), 'File');
+ // chmod() does not support stream wrappers.
+ if (!file_is_wrapper($directory)) {
+ // Make directory read only.
+ @chmod($directory, 0444);
+ $form_element = $this->randomName();
+ $this->assertFalse(file_check_directory($directory, 0, $form_element), t('Error reported for a non-writeable directory.'), 'File');
+
+ // Check if form error was set.
+ $errors = form_get_errors();
+ $this->assertEqual($errors[$form_element], t('The directory %directory is not writable', array('%directory' => $directory)), t('Properly generated an error for the passed form element.'), 'File');
+ }
// Test directory permission modification.
$this->assertTrue(file_check_directory($directory, FILE_MODIFY_PERMISSIONS), t('No error reported when making directory writeable.'), 'File');
// Verify directory actually is writeable.
$this->assertTrue(is_writeable($directory), t('Directory is writeable.'), 'File');
// Remove .htaccess file to then test that it gets re-created.
@unlink(file_directory_path() .'/.htaccess');
@@ -530,18 +537,20 @@ class FileDirectoryTest extends FileTest
$this->assertEqual($path, $destination, t('Non-existing filepath destination is correct with FILE_EXISTS_ERROR.'), 'File');
$destination = 'misc/druplicon.png';
$path = file_destination($destination, FILE_EXISTS_REPLACE);
$this->assertEqual($path, $destination, t('Existing filepath destination remains the same with FILE_EXISTS_REPLACE.'), 'File');
$path = file_destination($destination, FILE_EXISTS_RENAME);
$this->assertNotEqual($path, $destination, t('A new filepath destination is created when filepath destination already exists with FILE_EXISTS_RENAME.'), 'File');
$path = file_destination($destination, FILE_EXISTS_ERROR);
$this->assertEqual($path, FALSE, t('An error is returned when filepath destination already exists with FILE_EXISTS_ERROR.'), 'File');
+
+ drupal_get_messages();
}
}
/**
* Deletion related tests.
*/
class FileUnmanagedDeleteTest extends FileTestCase {
/**
@@ -1110,29 +1119,29 @@ class FileSaveDataTest extends FileHookT
* Test the file_save_data() function.
*/
function testFileSaveData() {
$contents = $this->randomName(8);
// No filename.
$file = file_save_data($contents);
$this->assertTrue($file, t("Unnamed file saved correctly."));
$this->assertEqual(file_directory_path(), dirname($file->filepath), t("File was placed in Drupal's files directory."));
- $this->assertEqual($contents, file_get_contents(realpath($file->filepath)), t("Contents of the file are correct."));
+ $this->assertEqual($contents, file_get_contents($file->filepath), t("Contents of the file are correct."));
$this->assertEqual($file->filemime, 'application/octet-stream', t("A MIME type was set."));
$this->assertEqual($file->status, FILE_STATUS_PERMANENT, t("The file's status was set to permanent."));
// Try loading the file.
$loaded_file = file_load($file->fid);
$this->assertTrue($loaded_file, t("File loaded from database."));
// Provide a filename.
$file = file_save_data($contents, 'asdf.txt', FILE_EXISTS_REPLACE);
$this->assertTrue($file, t("Unnamed file saved correctly."));
$this->assertEqual(file_directory_path(), dirname($file->filepath), t("File was placed in Drupal's files directory."));
$this->assertEqual('asdf.txt', basename($file->filepath), t("File was named correctly."));
- $this->assertEqual($contents, file_get_contents(realpath($file->filepath)), t("Contents of the file are correct."));
+ $this->assertEqual($contents, file_get_contents($file->filepath), t("Contents of the file are correct."));
// Check the overwrite error.
$file = file_save_data($contents, 'asdf.txt', FILE_EXISTS_ERROR);
$this->assertFalse($file, t("Overwriting a file fails when FILE_EXISTS_ERROR is specified."));
}
-}
\ No newline at end of file
+}
Index: modules/simpletest/tests/registry.test
===================================================================
RCS file: /cvs/drupal/drupal/modules/simpletest/tests/registry.test,v
retrieving revision 1.2
diff -u -9 -p -r1.2 registry.test
--- modules/simpletest/tests/registry.test 20 Sep 2008 20:22:24 -0000 1.2
+++ modules/simpletest/tests/registry.test 9 Oct 2008 20:09:14 -0000
@@ -97,18 +97,24 @@ class RegistryParseFilesTestCase extends
}
}
}
}
/**
* testRegistryParseFiles
*/
function testRegistryParseFiles() {
+ // Only files in the filesystem ever need to be parsed using registry
+ // functions. Stream wrappers are not supported.
+ if (file_is_wrapper(file_directory_path())) {
+ return;
+ }
+
_registry_parse_files($this->getFiles());
foreach ($this->fileTypes as $fileType) {
// Test that we have all the right resources.
foreach (array('functionName', 'className', 'interfaceName') as $resource) {
$foundName = db_result(db_query("SELECT name FROM {registry} WHERE name = '%s'", $this->$fileType->$resource));
$this->assertTrue($this->$fileType->$resource == $foundName, t('Resource "@resource" found.', array('@resource' => $this->$fileType->$resource)));
}
// Test that we have the right md5.
$md5 = db_result(db_query("SELECT md5 FROM {registry_file} WHERE filename = '%s'", $this->$fileType->fileName));
Index: modules/system/image.gd.inc
===================================================================
RCS file: /cvs/drupal/drupal/modules/system/image.gd.inc,v
retrieving revision 1.2
diff -u -9 -p -r1.2 image.gd.inc
--- modules/system/image.gd.inc 16 Jul 2008 21:59:28 -0000 1.2
+++ modules/system/image.gd.inc 9 Oct 2008 20:09:14 -0000
@@ -190,32 +190,40 @@ function image_gd_open($file, $extension
return $open_func($file);
}
/**
* GD helper to write an image resource to a destination file.
*
* @param $res
* An image resource created with image_gd_open().
* @param $destination
- * A string file path where the iamge should be saved.
+ * A string file path where the image should be saved.
* @param $extension
* A string containing one of the following extensions: gif, jpg, jpeg, png.
* @return
* Boolean indicating success.
*/
function image_gd_close($res, $destination, $extension) {
$extension = str_replace('jpg', 'jpeg', $extension);
$close_func = 'image' . $extension;
if (!function_exists($close_func)) {
return FALSE;
}
+
+ // These functions do not support stream wrappers.
+ $output_file = file_is_wrapper($destination) ? tempnam(drupal_realpath(file_directory_temp()), 'image') : $destination;
if ($extension == 'jpeg') {
- return $close_func($res, $destination, variable_get('image_jpeg_quality', 75));
+ $ok = $close_func($res, $output_file, variable_get('image_jpeg_quality', 75));
}
else {
- return $close_func($res, $destination);
+ $ok = $close_func($res, $output_file);
+ }
+
+ if ($ok && $destination != $output_file) {
+ $ok = file_move($output_file, $destination, FILE_EXISTS_REPLACE);
}
+ return $ok;
}
/**
* @} End of "ingroup image".
*/
Index: modules/system/system.admin.inc
===================================================================
RCS file: /cvs/drupal/drupal/modules/system/system.admin.inc,v
retrieving revision 1.95
diff -u -9 -p -r1.95 system.admin.inc
--- modules/system/system.admin.inc 9 Oct 2008 00:02:29 -0000 1.95
+++ modules/system/system.admin.inc 9 Oct 2008 20:09:14 -0000
@@ -1459,19 +1459,19 @@ function system_file_system_settings() {
'#description' => t('A file system path where the files will be stored. This directory must exist and be writable by Drupal. If the download method is set to public, this directory must be relative to the Drupal installation directory and be accessible over the web. If the download method is set to private, this directory should not be accessible over the web. Changing this location will modify all download paths and may cause unexpected problems on an existing site.'),
'#after_build' => array('system_check_directory'),
);
$form['file_directory_temp'] = array(
'#type' => 'textfield',
'#title' => t('Temporary directory'),
'#default_value' => file_directory_temp(),
'#maxlength' => 255,
- '#description' => t('A file system path where uploaded files will be stored during previews.'),
+ '#description' => t('A file system path where temporary files may be stored.'),
'#after_build' => array('system_check_directory'),
);
$form['file_downloads'] = array(
'#type' => 'radios',
'#title' => t('Download method'),
'#default_value' => variable_get('file_downloads', FILE_DOWNLOADS_PUBLIC),
'#options' => array(FILE_DOWNLOADS_PUBLIC => t('Public - files are available using HTTP directly.'), FILE_DOWNLOADS_PRIVATE => t('Private - files are transferred by Drupal.')),
'#description' => t('Choose the Public download method unless you wish to enforce fine-grained access controls over file downloads. Changing the download method will modify all download paths and may cause unexpected problems on an existing site.')
Index: modules/upload/upload.test
===================================================================
RCS file: /cvs/drupal/drupal/modules/upload/upload.test,v
retrieving revision 1.5
diff -u -9 -p -r1.5 upload.test
--- modules/upload/upload.test 9 Oct 2008 00:02:29 -0000 1.5
+++ modules/upload/upload.test 9 Oct 2008 20:09:14 -0000
@@ -44,20 +44,20 @@ class UploadTestCase extends DrupalWebTe
$files = array(current($text_files)->filename, next($text_files)->filename);
$this->uploadFile($node, $files[0]);
$this->uploadFile($node, $files[1]);
// Check to see that uploaded file is listed and actually accessible.
$this->assertText(basename($files[0]), basename($files[0]) . ' found on node.');
$this->assertText(basename($files[1]), basename($files[1]) . ' found on node.');
- $this->checkUploadedFile(basename($files[0]));
- $this->checkUploadedFile(basename($files[1]));
+ $this->checkUploadedFile($files[0]);
+ $this->checkUploadedFile($files[1]);
// Fetch db record and use fid to rename and delete file.
$upload = db_fetch_object(db_query('SELECT fid, description FROM {upload} WHERE nid = %d', array($node->nid)));
if ($upload) {
// Rename file.
$edit = array();
$edit['files[' . $upload->fid . '][description]'] = $new_name = substr($upload->description, 1);
$this->drupalPost('node/' . $node->nid . '/edit', $edit, t('Save'));
$this->assertRaw(t('Page %title has been updated.', array('%title' => $node->title)), 'File renamed successfully.');
@@ -66,19 +66,19 @@ class UploadTestCase extends DrupalWebTe
$this->assertNoText($upload->description, $upload->description . ' not found on node.');
// Delete a file.
$edit = array();
$edit['files[' . $upload->fid . '][remove]'] = TRUE;
$this->drupalPost('node/' . $node->nid . '/edit', $edit, t('Save'));
$this->assertRaw(t('Page %title has been updated.', array('%title' => $node->title)), 'File deleted successfully.');
$this->assertNoText($new_name, $new_name . ' not found on node.');
- $this->drupalGet(file_directory_path() . '/' . $upload->description);
+ $this->drupalGet(file_create_url($upload->description));
$this->assertResponse(array(404), 'Uploaded ' . $upload->description . ' is not accessible.');
}
else {
$this->fail('File upload record not found in database.');
}
}
/**
* Ensure the the file filter works correctly by attempting to upload a non-allowed file extension.
@@ -185,21 +185,21 @@ class UploadTestCase extends DrupalWebTe
$this->assertRaw(t('Page %title has been updated.', array('%title' => $node->title)), 'File attached successfully.');
}
}
/**
* Check that uploaded file is accessible and verify the contents against the original.
*
* @param string $filename Name of file to verifiy.
*/
- function checkUploadedFile($filename) {
- $file = realpath(file_directory_path() . '/' . $filename);
- $this->drupalGet(file_directory_path() . '/' . $filename);
+ function checkUploadedFile($file) {
+ $filename = basename($file);
+ $this->drupalGet(file_create_url($filename));
$this->assertResponse(array(200), 'Uploaded ' . $filename . ' is accessible.');
$this->assertEqual(file_get_contents($file), $this->drupalGetContent(), 'Uploaded contents of ' . $filename . ' verified.');
}
/**
* Get the role id of the 'simpletest' role associated with a SimpleTest test user.
*
* @param object $user User object.
* @return interger SimpleTest role id.
Index: modules/user/user.test
===================================================================
RCS file: /cvs/drupal/drupal/modules/user/user.test,v
retrieving revision 1.16
diff -u -9 -p -r1.16 user.test
--- modules/user/user.test 1 Oct 2008 00:54:43 -0000 1.16
+++ modules/user/user.test 9 Oct 2008 20:09:14 -0000
@@ -392,27 +392,27 @@ class UserPictureTestCase extends Drupal
// Set new variables: valid dimensions, valid filesize (0 = no limit).
$test_dim = ($info['width'] + 10) . 'x' . ($info['height'] + 10);
variable_set('user_picture_dimensions', $test_dim);
variable_set('user_picture_file_size', 0);
$pic_path = $this->saveUserPicture($image);
// check if image is displayed in user's profile page
- $this->assertRaw($pic_path, t("Image is displayed in user's profile page"));
+ $this->assertRaw(basename($pic_path), t("Image is displayed in user's profile page"));
// check if file is located in proper directory
$this->assertTrue(is_file($pic_path), t('File is located in proper directory'));
}
}
function saveUserPicture($image) {
- $edit = array('files[picture_upload]' => realpath($image->filename));
+ $edit = array('files[picture_upload]' => $image->filename);
$this->drupalPost('user/' . $this->user->uid.'/edit', $edit, t('Save'));
$img_info = image_get_info($image->filename);
$picture_dir = variable_get('user_picture_path', 'pictures');
$pic_path = file_directory_path() . '/' . $picture_dir . '/picture-' . $this->user->uid . '.' . $img_info['extension'];
return $pic_path;
}
}