[Web] limit logo file upload

This commit is contained in:
FreddleSpl0it 2024-01-15 16:34:47 +01:00
parent 43bb26f28c
commit 7f6f7e0e9f
No known key found for this signature in database
GPG Key ID: 00E14E7634F4BEC5
4 changed files with 31 additions and 0 deletions

View File

@ -2,6 +2,7 @@
function customize($_action, $_item, $_data = null) { function customize($_action, $_item, $_data = null) {
global $redis; global $redis;
global $lang; global $lang;
global $LOGO_LIMITS;
switch ($_action) { switch ($_action) {
case 'add': case 'add':
@ -35,6 +36,23 @@ function customize($_action, $_item, $_data = null) {
); );
return false; return false;
} }
if ($_data[$_item]['size'] > $LOGO_LIMITS['max_size']) {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_item, $_data),
'msg' => 'img_size_exceeded'
);
return false;
}
list($width, $height) = getimagesize($_data[$_item]['tmp_name']);
if ($width > $LOGO_LIMITS['max_width'] || $height > $LOGO_LIMITS['max_height']) {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_item, $_data),
'msg' => 'img_dimensions_exceeded'
);
return false;
}
$image = new Imagick($_data[$_item]['tmp_name']); $image = new Imagick($_data[$_item]['tmp_name']);
if ($image->valid() !== true) { if ($image->valid() !== true) {
$_SESSION['return'][] = array( $_SESSION['return'][] = array(

View File

@ -126,6 +126,15 @@ $MAILCOW_APPS = array(
) )
); );
// Logo max file size in bytes
$LOGO_LIMITS['max_size'] = 15 * 1024 * 1024; // 15MB
// Logo max width in pixels
$LOGO_LIMITS['max_width'] = 1920;
// Logo max height in pixels
$LOGO_LIMITS['max_height'] = 1920;
// Rows until pagination begins // Rows until pagination begins
$PAGINATION_SIZE = 25; $PAGINATION_SIZE = 25;

View File

@ -394,7 +394,9 @@
"goto_invalid": "Ziel-Adresse %s ist ungültig", "goto_invalid": "Ziel-Adresse %s ist ungültig",
"ham_learn_error": "Ham Lernfehler: %s", "ham_learn_error": "Ham Lernfehler: %s",
"imagick_exception": "Fataler Bildverarbeitungsfehler", "imagick_exception": "Fataler Bildverarbeitungsfehler",
"img_dimensions_exceeded": "Grafik überschreitet die maximale Bildgröße",
"img_invalid": "Grafik konnte nicht validiert werden", "img_invalid": "Grafik konnte nicht validiert werden",
"img_size_exceeded": "Grafik überschreitet die maximale Dateigröße",
"img_tmp_missing": "Grafik konnte nicht validiert werden: Erstellung temporärer Datei fehlgeschlagen.", "img_tmp_missing": "Grafik konnte nicht validiert werden: Erstellung temporärer Datei fehlgeschlagen.",
"invalid_bcc_map_type": "Ungültiger BCC-Map-Typ", "invalid_bcc_map_type": "Ungültiger BCC-Map-Typ",
"invalid_destination": "Ziel-Format \"%s\" ist ungültig", "invalid_destination": "Ziel-Format \"%s\" ist ungültig",

View File

@ -394,7 +394,9 @@
"goto_invalid": "Goto address %s is invalid", "goto_invalid": "Goto address %s is invalid",
"ham_learn_error": "Ham learn error: %s", "ham_learn_error": "Ham learn error: %s",
"imagick_exception": "Error: Imagick exception while reading image", "imagick_exception": "Error: Imagick exception while reading image",
"img_dimensions_exceeded": "Image exceeds the maximum image size",
"img_invalid": "Cannot validate image file", "img_invalid": "Cannot validate image file",
"img_size_exceeded": "Image exceeds the maximum file size",
"img_tmp_missing": "Cannot validate image file: Temporary file not found", "img_tmp_missing": "Cannot validate image file: Temporary file not found",
"invalid_bcc_map_type": "Invalid BCC map type", "invalid_bcc_map_type": "Invalid BCC map type",
"invalid_destination": "Destination format \"%s\" is invalid", "invalid_destination": "Destination format \"%s\" is invalid",