/**
* Validate an image path and extension
* @param type $path Image path
* @throws InvalidArgumentException
*/
private static function validateImagePath($path)
{
// nothing to validate
if (empty($path)) {
return false;
}
// check file
WFUtility::checkPath($path);
// check name for extensions
if (preg_match('#\\.(php|php(3|4|5)|phtml|pl|py|jsp|asp|htm|html|shtml|sh|cgi)\\b#i', basename($path))) {
throw new InvalidArgumentException('Invalid file name');
}
// check extension - must be an image
if (preg_match('#\\.(jpeg|jpg|png|gif|bmp)$#', basename($path)) === false) {
throw new InvalidArgumentException('Invalid file extension');
}
}
/**
* Copy a file.
* @param string $files The relative file or comma seperated list of files
* @param string $dest The relative path of the destination dir
* @return string $error on failure
*/
public function moveItem($items, $destination)
{
// check for feature access
if (!$this->checkFeature('move', 'folder') && !$this->checkFeature('move', 'file')) {
JError::raiseError(403, 'Access to this resource is restricted');
}
$filesystem = $this->getFileSystem();
$items = explode(",", rawurldecode($items));
// decode
$destination = rawurldecode($destination);
// check destination path
WFUtility::checkPath($destination);
// check for extension in destination name
if (WFUtility::validateFileName($destination) === false) {
JError::raiseError(403, 'INVALID PATH NAME');
}
foreach ($items as $item) {
// decode
$item = rawurldecode($item);
// check source path
WFUtility::checkPath($item);
if ($filesystem->is_file($item)) {
if ($this->checkFeature('move', 'file') === false) {
JError::raiseError(403, 'Access to this resource is restricted');
}
} elseif ($filesystem->is_dir($item)) {
if ($this->checkFeature('move', 'folder') === false) {
JError::raiseError(403, 'Access to this resource is restricted');
}
}
$result = $filesystem->move($item, $destination);
if ($result instanceof WFFileSystemResult) {
if (!$result->state) {
if ($result->message) {
$this->setResult($result->message, 'error');
} else {
$this->setResult(JText::sprintf('WF_MANAGER_MOVE_' . strtoupper($result->type) . '_ERROR', basename($item)), 'error');
}
} else {
$this->setResult($this->fireEvent('on' . ucfirst($result->type) . 'Move', array($item)));
$this->setResult($destination, $result->type);
}
}
}
return $this->getResult();
}
public function loadTemplate($file)
{
$browser = $this->getBrowser();
$filesystem = $browser->getFileSystem();
// check path
WFUtility::checkPath($file);
$content = $filesystem->read($file);
// Remove body etc.
if (preg_match('/<body[^>]*>([\\s\\S]+?)<\\/body>/', $content, $matches)) {
$content = trim($matches[1]);
}
// Replace variables
$content = preg_replace_callback('/\\{\\$(.+?)\\}/i', array($this, 'replaceVars'), $content);
return $content;
}
/**
* Copy a file.
* @param string $files The relative file or comma seperated list of files
* @param string $dest The relative path of the destination dir
* @return string $error on failure
*/
public function moveItem($items, $destination)
{
// check for feature access
if (!$this->checkFeature('move', 'folder') && !$this->checkFeature('move', 'file')) {
JError::raiseError(403, 'RESTRICTED ACCESS');
}
$filesystem = $this->getFileSystem();
$items = explode(",", rawurldecode($items));
// decode
$destination = rawurldecode($destination);
// check destination path
WFUtility::checkPath($destination);
foreach ($items as $item) {
// decode
$item = rawurldecode($item);
// check source path
WFUtility::checkPath($item);
$result = $filesystem->move($item, $destination);
if ($result instanceof WFFileSystemResult) {
if (!$result->state) {
if ($result->message) {
$this->setResult($result->message, 'error');
} else {
$this->setResult(JText::sprintf('WF_MANAGER_MOVE_' . strtoupper($result->type) . '_ERROR', basename($item)), 'error');
}
} else {
$this->setResult($this->fireEvent('on' . ucfirst($result->type) . 'Move', array($item)));
$this->setResult($destination, $result->type);
}
}
}
return $this->getResult();
}
/**
* New folder base function. A wrapper for the JFolder::create function
* @param string $folder The folder to create
* @return boolean true on success
*/
function folderCreate($folder)
{
// check folder path
WFUtility::checkPath($folder);
$filesystem = $this->getFileSystem();
return $filesystem->folderCreate($folder);
}
function createCacheThumb($file)
{
jimport('joomla.filesystem.file');
$browser = $this->getBrowser();
$editor = $this->getImageEditor();
// check path
WFUtility::checkPath($file);
$file = WFUtility::makePath($browser->getBaseDir(), $file);
// default for list thumbnails
$width = 100;
$height = 100;
$quality = 75;
$data = @getimagesize($file);
$mime = $data['mime'];
if ($data[0] < $width && $data[1] < $height) {
return $this->outputImage($file, $mime);
}
// try exif thumbnail
if ($mime == 'image/jpeg' || $mime == 'image/tiff') {
$exif = exif_thumbnail($file, $width, $height, $type);
if ($exif !== false) {
header("Content-type: " . image_type_to_mime_type($type));
die($exif);
}
}
$thumb = $this->getCacheThumbPath($file, $width, $height);
if (JFile::exists($thumb)) {
return $this->outputImage($thumb, $mime);
}
$coords = $this->cropThumbnail($dim[0], $dim[1], $width, $height);
if ($this->checkMem($dim[0] * $dim[1])) {
if ($editor->resize($file, $thumb, $width, $height, $quality, $coords['sx'], $coords['sy'], $coords['sw'], $coords['sh'])) {
if (JFile::exists($thumb)) {
return $this->outputImage($thumb, $mime);
}
}
}
// exit with no data
exit;
}
