diff --git a/modules/backend/traits/UploadableWidget.php b/modules/backend/traits/UploadableWidget.php index 1f6c28eda2..28659410f7 100644 --- a/modules/backend/traits/UploadableWidget.php +++ b/modules/backend/traits/UploadableWidget.php @@ -26,6 +26,11 @@ trait UploadableWidget // */ // public $uploadPath; + /** + * @var bool $validateFileName Determines whether the file name should be validated. + */ + public bool $validateMediaFileName = true; + /** * Returns the disk that will be used to store the uploaded file */ @@ -171,7 +176,7 @@ public function validateMediaFileName(string $fileName, string $extension): stri /* * File name contains non-latin characters, attempt to slug the value */ - if (!$this->validateFileName($fileName)) { + if (!$this->validateFileName($fileName) && $this->validateMediaFileName) { $fileName = $this->cleanFileName(File::name($fileName)) . '.' . $extension; } diff --git a/modules/backend/widgets/MediaManager.php b/modules/backend/widgets/MediaManager.php index 067d53a50d..88b0fbbd48 100644 --- a/modules/backend/widgets/MediaManager.php +++ b/modules/backend/widgets/MediaManager.php @@ -62,6 +62,7 @@ public function __construct($controller, $alias, $readOnly = false) { $this->alias = $alias; $this->readOnly = $readOnly; + $this->validateMediaFileName = Config::get('cms.storage.media.validateMediaFileName', true); parent::__construct($controller, []); } @@ -109,6 +110,32 @@ public function render(): string // AJAX handlers // + /** + * Process file uploads submitted via AJAX + * + * @throws ApplicationException If the file "file_data" wasn't detected in the request or if the file failed to pass validation / security checks + */ + public function onUpload(): ?\Illuminate\Http\Response + { + ini_set('memory_limit', Config::get('cms.storage.media.memoryLimit', ini_get('memory_limit'))); + + if ($this->readOnly) { + return null; + } + + /** + * @event backend.widgets.uploadable.onUpload + * Provides an opportunity to process the file upload using custom logic. + * + * Example usage () + */ + if ($result = Event::fire('backend.widgets.uploadable.onUpload', [$this], true)) { + return $result; + } + + return $this->onUploadDirect(); + } + /** * Perform a search with the query specified in the request ("search") */ diff --git a/modules/backend/widgets/mediamanager/assets/js/mediamanager.js b/modules/backend/widgets/mediamanager/assets/js/mediamanager.js index 9c206e6810..40a5ca8b0c 100644 --- a/modules/backend/widgets/mediamanager/assets/js/mediamanager.js +++ b/modules/backend/widgets/mediamanager/assets/js/mediamanager.js @@ -732,7 +732,8 @@ paramName: 'file_data', timeout: 0, headers: {}, - createImageThumbnails: false + createImageThumbnails: false, + maxFilesize: this.options.maxFilesize, // fallback: implement method that would set a flag that the uploader is not supported by the browser } @@ -837,7 +838,7 @@ MediaManager.prototype.uploadError = function(file, message) { this.updateUploadBar('error', 'progress-bar progress-bar-danger'); - if (file.xhr.status === 413) { + if (file?.xhr?.status === 413) { message = 'Server rejected the file because it was too large, try increasing post_max_size'; } if (!message) { @@ -1309,7 +1310,8 @@ selectSingleImage: 'Please select a single image.', selectionNotImage: 'The selected item is not an image.', bottomToolbar: false, - cropAndInsertButton: false + cropAndInsertButton: false, + maxFileSize: 0, } var old = $.fn.mediaManager