php - Codeigniter upload unallowed file not producing error -


i running issue using simple codeigniter image upload based on examples in ci documentation.

what going wrong:

1.) if incorrect file type uploaded, not return error. sets of post variables null , continues process.

2.) able upload .sql , (but not all) .exe files, wityh allowed filetypes limited jpg, gif , png.

so, not commonly reported problem of rejecting allowed filetypes, being permissive, , not returning error when should.

    $photo = $this->input->post("photo");      $config['upload_path'] = './profile_img/';     $config['allowed_types'] = 'gif|jpg|png';     $config['max_size'] = '100';     $config['max_width']  = '1024';     $config['max_height']  = '768';      $this->load->library('upload', $config);      if(isset($_files['userfile']) && $_files['userfile']['size'] > 0){           if ( ! $this->upload->do_upload('userfile'))         {                 $error = $this->upload->display_errors();                 $this->session->set_userdata("message", $error);                 header("location: /page/account");         }         else         {                 $upload_data = $this->upload->data();                 $photo = $upload_data['file_name'];         }     }      $data = array(         'first_name' => $this->input->post("first_name"),         'last_name' => $this->input->post("last_name"),         'username' => $this->input->post("username"),         'default_meeting_duration' => $this->input->post("default_meeting_duration"),         'notification_type' => $this->input->post("notification_type"),         'photo' => $photo     );      $this->user_model->update($data, $this->ion_auth->get_user_id());     $this->session->set_userdata("message", "account settings saved");     header("location: /page/account");

oddly enough, solution in inserting exit() after first redirect within error condition.

apparently, behavior such if error condition found, redirect ignored, , rest of script executed. bug in ci baffling , difficult find.


Comments

Post a Comment

Popular posts from this blog

android - Get AccessToken using signpost OAuth without opening a browser (Two legged Oauth) -

i using signpost oauth access data magento server. have read various tutorials on same , reach point open browser user can enter credentials. however, per requirement have automate part. hence, user should not browser page. have set-up done on server side ( magento ), hit url , returned call page. same through program in android. i have tried below, consumer = new commonshttpoauthconsumer(key, secret); provider = new commonshttpoauthprovider(oauth_init_url,access_token_url, authorize_url); try { provider.retrieverequesttoken(consumer, oauth.out_of_band); log.d("tokens" , consumer.gettoken() + " -- " + consumer.gettokensecret()); } and request tokens. dont know how bypass next step. tried directly accessing accesstoken (stupid of me) provider.retrieveaccesstoken(consumer, "mycallback://callback"); no luck, ends in oauth.signpost.exception.oauthnotauthorizedexception: authorization failed (server replied 401). ...
Read more

org.mockito.exceptions.misusing.InvalidUseOfMatchersException: mockito -

getting error org.mockito.exceptions.misusing.invaliduseofmatchersexception: invalid use of argument matchers! 1 matchers expected, 2 recorded. exception may occur if matchers combined raw values: //incorrect: somemethod(anyobject(), "raw string"); when using matchers, arguments have provided matchers. example: //correct: somemethod(anyobject(), eq("string matcher")); at when( getprogramservice .callservice(any(getprogramtype.class))) .thenreturn(jaxbresponse); please explain error , possible resolution the code posted looks fine; don't see problem it. code before or above causing exception. key here: invalid use of argument matchers! 1 matchers expected, 2 recorded. any , used above, doesn't return "special kind of null" or "special kind of getprogramtype"; don't exist. instead, returns null , side effect puts matcher on stack. whe...
Read more

google shop client API returns 400 bad request error while adding an item -

i'm working on solution add items in google shopping market java application. following tutorial real mess because of missing classes of laste release, after setting 1.5-beta maven managed make base example typecheck correctly classes. still can make simple task of adding 1 item. instead of posting whole code i'm posting part creates product feed. private product createproduct(string id) { product product = new product(); product.title = "red wool sweater"; product.content = new content( "text", "comfortable , soft, sweater keep warm on " + "cold winter nights. red , blue stripes."); product.appcontrol = new appcontrol(); product.appcontrol.addrequireddestination("productads"); product.externalid = id; product.lang = "it"; product.country = "it"; product.condition = "nuovo"; product.price = new price("eu...
Read more