diff --git a/core/avatar/avatarcontroller.php b/core/avatar/avatarcontroller.php index 95baf23f4f..2c4be82773 100644 --- a/core/avatar/avatarcontroller.php +++ b/core/avatar/avatarcontroller.php @@ -134,6 +134,10 @@ class AvatarController extends Controller { if (isset($path)) { $path = stripslashes($path); $view = new \OC\Files\View('/'.$userId.'/files'); + if ($view->filesize($path) > 20*1024*1024) { + return new DataResponse(['data' => ['message' => $this->l->t('File is too big')]], + Http::STATUS_BAD_REQUEST); + } $fileName = $view->getLocalFile($path); } elseif (!is_null($files)) { if ( @@ -141,6 +145,10 @@ class AvatarController extends Controller { is_uploaded_file($files['tmp_name'][0]) && !\OC\Files\Filesystem::isFileBlacklisted($files['tmp_name'][0]) ) { + if ($files['size'][0] > 20*1024*1024) { + return new DataResponse(['data' => ['message' => $this->l->t('File is too big')]], + Http::STATUS_BAD_REQUEST); + } $this->cache->set('avatar_upload', file_get_contents($files['tmp_name'][0]), 7200); $view = new \OC\Files\View('/'.$userId.'/cache'); $fileName = $view->getLocalFile('avatar_upload'); diff --git a/settings/js/personal.js b/settings/js/personal.js index ac18f52580..9e4dd54090 100644 --- a/settings/js/personal.js +++ b/settings/js/personal.js @@ -234,6 +234,20 @@ $(document).ready(function () { var uploadparms = { done: function (e, data) { avatarResponseHandler(data.result); + }, + fail: function (e, data){ + var msg = data.jqXHR.statusText + ' (' + data.jqXHR.status + ')'; + if (!_.isUndefined(data.jqXHR.responseJSON) && + !_.isUndefined(data.jqXHR.responseJSON.data) && + !_.isUndefined(data.jqXHR.responseJSON.data.message) + ) { + msg = data.jqXHR.responseJSON.data.message; + } + avatarResponseHandler({ + data: { + message: t('settings', 'An error occurred: {message}', { message: msg }) + } + }); } }; @@ -247,7 +261,25 @@ $(document).ready(function () { OC.dialogs.filepicker( t('settings', "Select a profile picture"), function (path) { - $.post(OC.generateUrl('/avatar/'), {path: path}, avatarResponseHandler); + $.ajax({ + type: "POST", + url: OC.generateUrl('/avatar/'), + data: { path: path } + }).done(avatarResponseHandler) + .fail(function(jqXHR, status){ + var msg = jqXHR.statusText + ' (' + jqXHR.status + ')'; + if (!_.isUndefined(jqXHR.responseJSON) && + !_.isUndefined(jqXHR.responseJSON.data) && + !_.isUndefined(jqXHR.responseJSON.data.message) + ) { + msg = jqXHR.responseJSON.data.message; + } + avatarResponseHandler({ + data: { + message: t('settings', 'An error occurred: {message}', { message: msg }) + } + }); + }); }, false, ["image/png", "image/jpeg"] diff --git a/settings/templates/personal.php b/settings/templates/personal.php index 02ee261cd1..e7832b85eb 100644 --- a/settings/templates/personal.php +++ b/settings/templates/personal.php @@ -159,7 +159,7 @@ if($_['passwordChangeSupported']) {