[Pushed] Attachments not working properly in latest version
#1
Hi everyone, I am pasting a portion of this here:

https://community.mybb.com/thread-219817.html

First in this file:

https://github.com/mybb/mybb/blob/featur...upload.php

The function:

function add_attachments($pid, $forumpermissions, $attachwhere, $action=false)

looks quite deficient and buggy. It's error reporting is quite bad. Should complaint when some of the things fail but it silently ignores the errors. Very badly programmed (no alternative else reporting error).

I made some amendments (in my copy) checking for $total == 0 that is what was happening and realized the error was reported but not displayed.

I then realized the form was sending "attachment" instead of "attachments" (notice the ending S) so I wen ahead and fixed the template to change the name to "attachments".

But then some other error is happening after the "fix". Of course no error is displayed for whatever reason.

Any Idea on why this error is not displayed only showing an empty alert when this variable is populated:

$ret['errors'][] = ...

Maybe I could track down this further.

Ok I figured out everything and I found some bugs in MyBB 1.8.19.

First seems the upgrade path using changed files and update script misses to add a new template piece called "error_inline_item"

in inc/functions.php (https://github.com/mybb/mybb/blob/87e187...ctions.php) the function

function inline_error($errors, $title="", $json_data=array())

I reverted the line:

eval("\$errorlist .= \"".$templates->get("error_inline_item")."\";");

to:

$errorlist .= "<li>".$error."</li>\n";

as in here https://github.com/mybb/mybb/blob/b7ffd9...ctions.php

That way I could print the errors. So then I got this cryptic error:

The "C" file is empty

Where C was the first letter of the file I attempted to upload.

So this made me take a look at parts of the code to figure out from where that could come.

Long story short there is this bug in the new uploads code with that index

in file inc/functions_upload.php

/**
 * Process adding attachment(s) when the "Add Attachment" button is pressed.
 *
 * @param int $pid The ID of the post.
 * @param array $forumpermission The permissions for the forum.
 * @param string $attachwhere Search string "pid='$pid'" or "posthash='".$db->escape_string($mybb->get_input('posthash'))."'"
 * @param string $action Where called from: "newthread", "newreply", or "editpost"
 *
 * @return array Array of errors if any, empty array otherwise
 */
function add_attachments($pid, $forumpermissions, $attachwhere, $action=false)
{
	global $db, $mybb, $editdraftpid, $lang;

	$ret = array();

	if($forumpermissions['canpostattachments'])
	{
		$attachments = array();
		$fields = array ('name', 'type', 'tmp_name', 'error', 'size');
		$aid = array();

		$total = isset($_FILES['attachments']['name']) ? count($_FILES['attachments']['name']) : 0;
		$filenames = "";
		$delim = "";
		
		//if(!isset($_FILES['attachments']['name']))
		//{
		//	$ret['errors'][] = " no files ";
		//}
		
		if(0 == $total)
		{
			$ret['errors'][] = " no files ";
		}
		
		for($i=0; $i<$total; ++$i)
		{
			foreach($fields as $field)
			{
				$attach1[$field] = $_FILES['attachments'][$field][$key];
				$attachments[$i][$field] = $_FILES['attachments'][$field]; //[$i]; <----- nasty bug
			}

			$FILE = $attachments[$i];
			if(!empty($FILE['name']) && !empty($FILE['type']) && $FILE['size'] > 0)
			{
				$filenames .= $delim . "'" . $db->escape_string($FILE['name']) . "'";
				$delim = ",";
			}
		}
		
		

		if ($filenames != '')
		{
			$query = $db->simple_select("attachments", "filename", "{$attachwhere} AND filename IN (".$filenames.")");

			while ($row = $db->fetch_array($query))
			{
				$aid[$row['filename']] = true;
			}
		}

		foreach($attachments as $FILE)
		{
			if(!empty($FILE['name']) && !empty($FILE['type']))
			{
				if($FILE['size'] > 0)
				{
					$filename = $db->escape_string($FILE['name']);
					$exists = $aid[$filename];

					$update_attachment = false;
					if($action == "editpost")
					{
						if($exists && $mybb->get_input('updateattachment') && ($mybb->usergroup['caneditattachments'] || $forumpermissions['caneditattachments']))
						{
							$update_attachment = true;
						}
					}
					else
					{
						if($exists && $mybb->get_input('updateattachment'))
						{
							$update_attachment = true;
						}
					}

					$attachedfile = upload_attachment($FILE, $update_attachment);

					if(!empty($attachedfile['error']))
					{
						$ret['errors'][] = $attachedfile['error'];
						$mybb->input['action'] = $action;
					}
				}
				else
				{
					$ret['errors'][] = $lang->sprintf($lang->error_uploadempty, htmlspecialchars_uni($FILE['name']));
					$mybb->input['action'] = $action;
				}
			}
		}
	}
	else
	{
		$ret['errors'][] = "no permission";
	}
	

	return $ret;
}

This fixes it for me at least for ONE file upload (and should not be correct for multiple uploads)

I think maybe a better implementation for multiupload would be this (is not working for me in php 7 the hardcoded index)



<form action="" method="post" enctype="multipart/form-data">
<p>Pictures:
<input type="file" name="pictures[]" />
<input type="file" name="pictures[]" />
<input type="file" name="pictures[]" />
<input type="submit" value="Send" />
</p>
</form>

<?php
foreach ($_FILES["pictures"]["error"] as $key => $error) {
    if ($error == UPLOAD_ERR_OK) {
        $tmp_name = $_FILES["pictures"]["tmp_name"][$key];
        // basename() may prevent filesystem traversal attacks;
        // further validation/sanitation of the filename may be appropriate
        $name = basename($_FILES["pictures"]["name"][$key]);
        move_uploaded_file($tmp_name, "data/$name");
    }
}
?>


as in here:

http://php.net/manual/en/features.file-u...method.php
Reply
#2
Anybody from the MyBB dev team can check this? Thank you!
[MyBB 1.8 Czech translation] [MyBB 1.8 plugins]: Prune old PMs + optimize DB plugin --- Thank you/like system
Reply
#3
Hi,

Thank you for your report. We have pushed this issue to our Github repository for further analysis where you can track our commits and progress with fixing this bug. Discussions regarding this bug may also take place there too.

Follow this link to visit the issue on Github: https://github.com/mybb/mybb/issues/3618

Thanks for contributing to MyBB!

Regards,
The MyBB Group
Reply
#4
Just curious if a fix for this issue will make it into the 1.8.21 release being it is now in release preview?
Reply
#5
(2019-06-02, 05:45 PM)Shark007 Wrote: Just curious if a fix for this issue will make it into the 1.8.21 release being it is now in release preview?

It won't I'm afraid. A fix for this will be included in the release of 1.8.22. If you keep an eye out for a PR on GitHub you can always manually apply the changes for this fix if it is important for your forum.
-Ben

Please do not PM me for support. I am looking to be hired for paid services.

You can view my paid services here.
Reply
#6
(2019-06-02, 05:59 PM)Ben Wrote:
(2019-06-02, 05:45 PM)Shark007 Wrote: Just curious if a fix for this issue will make it into the 1.8.21 release being it is now in release preview?

It won't I'm afraid. A fix for this will be included in the release of 1.8.22. If you keep an eye out for a PR on GitHub you can always manually apply the changes for this fix if it is important for your forum.

I've been watching Github for a fix to apply manually ever since you pushed it there.
Then I noticed the pre-release and thought I'd check in here.

Thanks Ben... for all that you do.
Reply
#7
as discovered in THIS POST
adding this to the headerinclude template has solved my issue.
var templates = {modal: '{$jsTemplates['modal']}',modal_button: '{$jsTemplates['modal_button']}'};
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)