INVAILD FILE (Error 202) when uploading swf
There seems to be an issue with uploading swf files through the filebrowser in fckeditor 2.5 and 2.5.1 and possibly earlier versions.
After rewriting error codes, and tracing functions I have tracked the probelm down to the IsImageValid() function within the fckeditor\editor\filemanager\connectors\php\util.php file
On servers with the 'version_compare' class installed the script runs the IsImageValid() function which incorrectly also checks .swf files as an image.
THE FIX
Open fckeditor\editor\filemanager\connectors\php\util.php
On line 152 change -
$imageCheckExtensions = array('gif', 'jpeg', 'jpg', 'png', 'swf', 'psd', 'bmp', 'iff');
To -
$imageCheckExtensions = array('gif', 'jpeg', 'jpg', 'png', 'psd', 'bmp', 'iff');
Save the file and upload, you should now be able to upload .swf file types normally.
--------------
UPLOAD ERROR CHECKING
I have also re-written these files to give more detailed error checking, please find corresponding code listed below each-
fckeditor\editor\filemanager\connectors\php\commands.php
<?php
/*
* FCKeditor - The text editor for Internet - http://www.fckeditor.net
* Copyright (C) 2003-2007 Frederico Caldeira Knabben
*
* == BEGIN LICENSE ==
*
* Licensed under the terms of any of the following licenses at your
* choice:
*
* - GNU General Public License Version 2 or later (the "GPL")
* http://www.gnu.org/licenses/gpl.html
*
* - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
* http://www.gnu.org/licenses/lgpl.html
*
* - Mozilla Public License Version 1.1 or later (the "MPL")
* http://www.mozilla.org/MPL/MPL-1.1.html
*
* == END LICENSE ==
*
* This is the File Manager Connector for PHP.
*/
function GetFolders( $resourceType, $currentFolder )
{
// Map the virtual path to the local server path.
$sServerDir = ServerMapFolder( $resourceType, $currentFolder, 'GetFolders' ) ;
// Array that will hold the folders names.
$aFolders = array() ;
$oCurrentFolder = opendir( $sServerDir ) ;
while ( $sFile = readdir( $oCurrentFolder ) )
{
if ( $sFile != '.' && $sFile != '..' && is_dir( $sServerDir . $sFile ) )
$aFolders[] = '<Folder name="' . ConvertToXmlAttribute( $sFile ) . '" />' ;
}
closedir( $oCurrentFolder ) ;
// Open the "Folders" node.
echo "<Folders>" ;
natcasesort( $aFolders ) ;
foreach ( $aFolders as $sFolder )
echo $sFolder ;
// Close the "Folders" node.
echo "</Folders>" ;
}
function GetFoldersAndFiles( $resourceType, $currentFolder )
{
// Map the virtual path to the local server path.
$sServerDir = ServerMapFolder( $resourceType, $currentFolder, 'GetFoldersAndFiles' ) ;
// Arrays that will hold the folders and files names.
$aFolders = array() ;
$aFiles = array() ;
$oCurrentFolder = opendir( $sServerDir ) ;
while ( $sFile = readdir( $oCurrentFolder ) )
{
if ( $sFile != '.' && $sFile != '..' )
{
if ( is_dir( $sServerDir . $sFile ) )
$aFolders[] = '<Folder name="' . ConvertToXmlAttribute( $sFile ) . '" />' ;
else
{
$iFileSize = @filesize( $sServerDir . $sFile ) ;
if ( !$iFileSize ) {
$iFileSize = 0 ;
}
if ( $iFileSize > 0 )
{
$iFileSize = round( $iFileSize / 1024 ) ;
if ( $iFileSize < 1 ) $iFileSize = 1 ;
}
$aFiles[] = '<File name="' . ConvertToXmlAttribute( $sFile ) . '" size="' . $iFileSize . '" />' ;
}
}
}
// Send the folders
natcasesort( $aFolders ) ;
echo '<Folders>' ;
foreach ( $aFolders as $sFolder )
echo $sFolder ;
echo '</Folders>' ;
// Send the files
natcasesort( $aFiles ) ;
echo '<Files>' ;
foreach ( $aFiles as $sFiles )
echo $sFiles ;
echo '</Files>' ;
}
function CreateFolder( $resourceType, $currentFolder )
{
if (!isset($_GET)) {
global $_GET;
}
$sErrorNumber = '0' ;
$sErrorMsg = '' ;
if ( isset( $_GET['NewFolderName'] ) )
{
$sNewFolderName = $_GET['NewFolderName'] ;
$sNewFolderName = SanitizeFolderName( $sNewFolderName ) ;
if ( strpos( $sNewFolderName, '..' ) !== FALSE )
$sErrorNumber = '102' ; // Invalid folder name.
else
{
// Map the virtual path to the local server path of the current folder.
$sServerDir = ServerMapFolder( $resourceType, $currentFolder, 'CreateFolder' ) ;
if ( is_writable( $sServerDir ) )
{
$sServerDir .= $sNewFolderName ;
$sErrorMsg = CreateServerFolder( $sServerDir ) ;
switch ( $sErrorMsg )
{
case '' :
$sErrorNumber = '0' ;
break ;
case 'Invalid argument' :
case 'No such file or directory' :
$sErrorNumber = '102' ; // Path too long.
break ;
default :
$sErrorNumber = '110' ;
break ;
}
}
else
$sErrorNumber = '103' ;
}
}
else
$sErrorNumber = '102' ;
// Create the "Error" node.
echo '<Error number="' . $sErrorNumber . '" originalDescription="' . ConvertToXmlAttribute( $sErrorMsg ) . '" />' ;
}
function FileUpload( $resourceType, $currentFolder, $sCommand )
{
if (!isset($_FILES)) {
global $_FILES;
}
$sErrorNumber = '0' ;
$sFileName = '' ;
if ( isset( $_FILES['NewFile'] ) && !is_null( $_FILES['NewFile']['tmp_name'] ) )
{
global $Config ;
$oFile = $_FILES['NewFile'] ;
// Map the virtual path to the local server path.
$sServerDir = ServerMapFolder( $resourceType, $currentFolder, $sCommand ) ;
// Get the uploaded file name.
$sFileName = $oFile['name'] ;
$sFileName = SanitizeFileName( $sFileName ) ;
$sOriginalFileName = $sFileName ;
// Get the extension.
$sExtension = substr( $sFileName, ( strrpos($sFileName, '.') + 1 ) ) ;
$sExtension = strtolower( $sExtension ) ;
if ( isset( $Config['SecureImageUploads'] ) )
{
if ( !IsImageValid( $oFile['tmp_name'], $sExtension ) )
{
$sErrorNumber = '203' ;
}
}
if ( isset( $Config['HtmlExtensions'] ) )
{
if ( !IsHtmlExtension( $sExtension, $Config['HtmlExtensions'] ) && DetectHtml( $oFile['tmp_name'] ) )
{
$sErrorNumber = '204' ;
}
}
// Check if it is an allowed extension.
if ( !$sErrorNumber && IsAllowedExt( $sExtension, $resourceType ) )
{
$iCounter = 0 ;
while ( true )
{
$sFilePath = $sServerDir . $sFileName ;
if ( is_file( $sFilePath ) )
{
$iCounter++ ;
$sFileName = RemoveExtension( $sOriginalFileName ) . '(' . $iCounter . ').' . $sExtension ;
$sErrorNumber = '201' ;
}
else
{
move_uploaded_file( $oFile['tmp_name'], $sFilePath ) ;
if ( is_file( $sFilePath ) )
{
$oldumask = umask(0) ;
chmod( $sFilePath, 0777 ) ;
umask( $oldumask ) ;
}
break ;
}
}
}
else
$sErrorNumber = '205' ;
}
else
$sErrorNumber = '206' ;
$sFileUrl = CombinePaths( GetResourceTypePath( $resourceType, $sCommand ) , $currentFolder ) ;
$sFileUrl = CombinePaths( $sFileUrl, $sFileName ) ;
SendUploadResults( $sErrorNumber, $sFileUrl, $sFileName ) ;
exit ;
}
?>
Re: 202 Error "Invalid file" when uploading flash swf
<cffunction name="IsImageValid" returntype="boolean" output="true"> <cfargument name="filePath" required="true" type="String"> <cfargument name="extension" required="true" type="String"> <cfset var imageCFC = ""> <cfset var imageInfo = ""> <!--- <cfif not ListFindNoCase("gif,jpeg,jpg,png,swf,psd,bmp,iff,tiff,tif,swc,jpc,jp2,jpx,jb2,xmb,wbmp", ARGUMENTS.extension)> <cfreturn true> </cfif> ---> <cfif not ListFindNoCase("gif,jpeg,jpg,png,psd,bmp,iff,tiff,tif,swc,jpc,jp2,jpx,jb2,xmb,wbmp", ARGUMENTS.extension)> <cfreturn true> </cfif> <cftry> <cfif REQUEST.CFVersion gte 8> <cfset objImage = ImageRead(ARGUMENTS.filePath) > <cfset imageInfo = ImageInfo(objImage)> <!--- <cfimage action="info" source="#ARGUMENTS.filePath#" structName="imageInfo" /> ---> <cfelse> <cfset imageCFC = createObject("component", "image")> <cfset imageInfo = imageCFC.getImageInfo("", ARGUMENTS.filePath)> </cfif> <cfif imageInfo.height lte 0 or imageInfo.width lte 0> <cfreturn false> </cfif> <cfcatch type="any"> <cfreturn false> </cfcatch> </cftry> <cfreturn true> </cffunction>You need to take the 'swf' option out of the file extensions it's checking. Note that I commented out the old code and just had the rest of the extensions left.
By the way, I had been searching FOREVER to find this, but had been searching for "invalid file type" rather than just "invalid file" like in the subject line. Hopefully, someone else will be able to find this now! I'll try to report the bug also.
Re: 202 Error "Invalid file" when uploading flash swf
Thank you for the information. As of version 2.6.4.1 this is still an issue and your fix worked perfectly.