Fatal error: Call to undefined function _upload_file_limits() in modules\taxonomy_xml\taxonomy_xml.module on line 393
tommytom - April 28, 2009 - 21:58
| Project: | Taxonomy import/export via XML |
| Version: | 6.x-1.x-dev |
| Component: | CVS format |
| Category: | bug report |
| Priority: | critical |
| Assigned: | Unassigned |
| Status: | closed |
Jump to:
Description
I get this error when I try to import this file http://www.google.com/basepages/producttype/taxonomy.xls (but convertet to CSV by excel).
error:
Fatal error: Call to undefined function _upload_file_limits() in modules\taxonomy_xml\taxonomy_xml.module on line 393
#1
Ok, yeah.
case 'upload-file' :
// Retrieve submitted data and parse it
global $user;
$limits = _upload_file_limits($user);
$validators = array('file_validate_extensions' => array($limits['extensions']),);
if ($file = file_save_upload('upload_file', $validators)) {
$fd = fopen($file->filepath, "rb");
if (!$fd) {
form_set_error('upload_file', t('Vocabulary import failed: file %filename cannot be read.', array('%filename' => $file->filename)));
}
Looks like this was the mistake
It introduced a dependency on upload.module, when it was TRYING to allow non-uid=1 users to do uploads (they couldn't before).
Hm. Which way to go?
Dependency on upload.module is unwarranted, so just copying the way it did it (which is what I did) was a mistake. But I don't want to mysteriously introduce a hole in security by allowing non-admin users to upload any executable files....
Needs thought.
In the meantime, I'd suggest either
* just enabling upload.module
* or patching your version back to undo this change (one line).
until I get a chance to test a bit.
#2
Problem code is gone. This may re-introduce the problem of non-uid-1 users not being able to upload disallowed file extensions (xml is not allowed by default). Adding xml to the allowed list is boring, but possibly the only thing to do and still be secure.
#3
Automatically closed -- issue fixed for 2 weeks with no activity.