public function upload($request)
{
if (!$request->headers->has('x-filename')) {
return new Response('Filename is missing (header X-FILENAME)', 400);
}
$filename = base64_decode($request->headers->get('x-filename'));
$pathinfo = pathinfo($filename);
$dpath = Utils::resurl($this->draftPath . '/files', Utils::sanitizeFilename($pathinfo['filename']), null, null, $pathinfo['extension']);
if (!$this->isSafeExtension($pathinfo['extension'])) {
return $this->json($request, array('status' => 1, 'errMessage' => 'Forbidden file extension ' . $pathinfo['extension']), 200);
}
$res = $this->fs->writeStream($dpath, fopen("php://input", 'r'));
if ($res === false) {
return $this->json($request, array('status' => 1, 'errMessage' => 'Unable to upload file ' . $pathinfo['filename'] . '.' . $pathinfo['extension']), 200);
} else {
return $this->json($request, array('status' => 0, 'url' => $dpath), 200);
}
}
public function upload($request)
{
// obtain the uploaded file, load image and get its details (filename, extension)
if (!$request->headers->has('x-filename')) {
return new Response('Filename is missing (header X-FILENAME)', 400);
}
$filename = base64_decode($request->headers->get('x-filename'));
$pathinfo = pathinfo($filename);
if (!in_array(strtolower($pathinfo['extension']), self::$imageExtensions)) {
return $this->json($request, array('status' => 1, 'errMessage' => "{$filename} is not an image file"), 200);
}
$filename = Utils::sanitizeFilename($pathinfo['filename']);
$ext = $pathinfo['extension'];
$img = WideImage::load("php://input");
// generate image set
$res = $this->generateImageSet($img, $filename, $ext);
$res = array('status' => 0, 'srcset' => $res['srcset'], 'ratio' => $res['ratio']);
return $this->json($request, $res, 200);
}
function test_sanitizeFilename()
{
$this->assertEquals("some-file-name", Utils::sanitizeFilename("some-file~name", "Unix"));
$this->assertEquals("ssscccczz", Utils::sanitizeFilename("sŠšČčĆćĐđŽž", "Unix"));
$this->assertEquals("jcukengshshzhfyvaproldzheyachsmitbyu", Utils::sanitizeFilename("йцукенгшщзхъфывапролджэячсмитьбю", "Unix"));
$this->assertEquals("file", Utils::sanitizeFilename("׳קראטוןםפשדגכעיחלךףזסבהנמצתץ", "Unix"));
$this->assertEquals("some-file-name", Utils::sanitizeFilename("some-file~name", "WINDOWS"));
$this->assertEquals("ssscccczz", Utils::sanitizeFilename("sŠšČčĆćĐđŽž", "WINDOWS"));
$this->assertEquals("jcukengshshzhfyvaproldzheyachsmitbyu", Utils::sanitizeFilename("йцукенгшщзхъфывапролджэячсмитьбю", "WINDOWS"));
}
