/** * Upload file into source path * * @param $folder_id * @param string $action to take in case of filename conflict * @param string $action_info additional information for action * @param string $file_name being in conflict * @return array * @throws Exception */ public function upload_file($folder_id, $action = '', $action_info = '', $file_name = '') { if (!Assets_helper::is_allowed_file_name($file_name)) { throw new Exception(lang('invalid_file_name')); } // a follow-up to an upload if (!empty($action)) { $this->cache['merge_in_progress'] = TRUE; $data = $this->_merge_uploaded_files($action, $action_info, $file_name); $this->cache['merge_in_progress'] = FALSE; return $data; } $folder_row = $this->get_folder_row_by_id($folder_id); $source = $this->instantiate_source_type($folder_row); require_once PATH_THIRD . 'assets/lib/fileuploader.php'; $result = $source->upload_file($folder_id); // Upload naming conflict if (isset($result['new_file_id'])) { $this->EE->assets_lib->call_extension('assets_upload_file', array($source->get_file($result['new_file_id']), $folder_row)); } elseif (isset($result['file_id'])) { $this->EE->assets_lib->call_extension('assets_upload_file', array($source->get_file($result['file_id']), $folder_row)); } if (isset($result['success'])) { // turn the returned path into a source path $result['folder_id'] = $folder_id; } else { if (empty($result['prompt']) && !empty($result['error'])) { throw new Exception($result['error']); } } return $result; }
/** * Return true if a file path is allowed according to settings. * * @param $path * @return bool */ protected function _is_allowed_file_path($path) { $filename = pathinfo($path, PATHINFO_BASENAME); $path_to = pathinfo($path, PATHINFO_DIRNAME); // Check if folder is allowed if (!empty($path_to) && $path_to != '.' && !$this->_is_allowed_folder_path($path_to)) { return FALSE; } return Assets_helper::is_allowed_file_name($filename); }
/** * Start indexing a folder * @param $session_id * @param StdClass $folder_row * @return array */ public function start_folder_index($session_id, $folder_row) { $filedir = $this->_source_settings; $resolvedPath = $filedir->server_path . $folder_row->full_path; $file_list = glob($resolvedPath . '[!_.]*', GLOB_MARK); $offset = 0; $count = 0; if (is_array($file_list)) { foreach ($file_list as $file) { // parse folders and add files $file = Assets_helper::normalize_path($file); if (substr($file, -1) != '/' && Assets_helper::is_allowed_file_name(pathinfo($file, PATHINFO_BASENAME))) { $count++; $this->_store_index_entry($session_id, $this->get_source_type(), $this->get_source_id(), $offset++, $file); } } $this->_execute_index_batch(); } return array('total' => $count); }