public function execute(Request $request, WorkingFolder $workingFolder, Config $config, CacheManager $cache)
{
$fileName = (string) $request->get('fileName');
if (null === $fileName || !File::isValidName($fileName, $config->get('disallowUnsafeCharacters'))) {
throw new InvalidRequestException('Invalid file name');
}
if (!Image::isSupportedExtension(pathinfo($fileName, PATHINFO_EXTENSION))) {
throw new InvalidNameException('Invalid source file name');
}
if (!$workingFolder->containsFile($fileName)) {
throw new FileNotFoundException();
}
$cachePath = Path::combine($workingFolder->getResourceType()->getName(), $workingFolder->getClientCurrentFolder(), $fileName);
$imageInfo = array();
$cachedInfo = $cache->get($cachePath);
if ($cachedInfo && isset($cachedInfo['width']) && isset($cachedInfo['height'])) {
$imageInfo = $cachedInfo;
} else {
$file = new DownloadedFile($fileName, $this->app);
if ($file->isValid()) {
$image = Image::create($file->getContents());
$imageInfo = $image->getInfo();
$cache->set($cachePath, $imageInfo);
}
}
return $imageInfo;
}
public function execute(Request $request, WorkingFolder $workingFolder, EventDispatcher $dispatcher, CacheManager $cache, ResizedImageRepository $resizedImageRepository, ThumbnailRepository $thumbnailRepository, Acl $acl)
{
$fileName = (string) $request->query->get('fileName');
$editedImage = new EditedImage($fileName, $this->app);
$saveAsNew = false;
if (!$editedImage->exists()) {
$saveAsNew = true;
$editedImage->saveAsNew(true);
} else {
// If file exists check for FILE_DELETE permission
$resourceTypeName = $workingFolder->getResourceType()->getName();
$path = $workingFolder->getClientCurrentFolder();
if (!$acl->isAllowed($resourceTypeName, $path, Permission::FILE_DELETE)) {
throw new UnauthorizedException(sprintf('Unauthorized: no FILE_DELETE permission in %s:%s', $resourceTypeName, $path));
}
}
if (!Image::isSupportedExtension($editedImage->getExtension())) {
throw new InvalidExtensionException('Unsupported image type or not image file');
}
$imageFormat = Image::mimeTypeFromExtension($editedImage->getExtension());
$uploadedData = (string) $request->request->get('content');
if (null === $uploadedData || strpos($uploadedData, 'data:image/png;base64,') !== 0) {
throw new InvalidUploadException('Invalid upload. Expected base64 encoded PNG image.');
}
$data = explode(',', $uploadedData);
$data = isset($data[1]) ? base64_decode($data[1]) : false;
if (!$data) {
throw new InvalidUploadException();
}
try {
$uploadedImage = Image::create($data);
} catch (\Exception $e) {
// No need to check if secureImageUploads is enabled - image must be valid here
throw new InvalidUploadException('Invalid upload: corrupted image', Error::UPLOADED_CORRUPT, array(), $e);
}
$editedImage->setNewContents($uploadedImage->getData($imageFormat));
$editedImage->setNewDimensions($uploadedImage->getWidth(), $uploadedImage->getHeight());
if (!$editedImage->isValid()) {
throw new InvalidUploadException('Invalid file provided');
}
$editFileEvent = new EditFileEvent($this->app, $editedImage);
$imageInfo = $uploadedImage->getInfo();
$cache->set(Path::combine($workingFolder->getResourceType()->getName(), $workingFolder->getClientCurrentFolder(), $fileName), $uploadedImage->getInfo());
$dispatcher->dispatch(CKFinderEvent::SAVE_IMAGE, $editFileEvent);
$saved = false;
if (!$editFileEvent->isPropagationStopped()) {
$saved = $editedImage->save($editFileEvent->getNewContents());
if (!$saved) {
throw new AccessDeniedException("Couldn't save image file");
}
//Remove thumbnails and resized images in case if file is overwritten
if (!$saveAsNew && $saved) {
$resourceType = $workingFolder->getResourceType();
$thumbnailRepository->deleteThumbnails($resourceType, $workingFolder->getClientCurrentFolder(), $fileName);
$resizedImageRepository->deleteResizedImages($resourceType, $workingFolder->getClientCurrentFolder(), $fileName);
}
}
return array('saved' => (int) $saved, 'date' => Utils::formatDate(time()), 'size' => Utils::formatSize($imageInfo['size']));
}
public function execute(Request $request, WorkingFolder $workingFolder)
{
// The root folder cannot be renamed.
if ($workingFolder->getClientCurrentFolder() === '/') {
throw new InvalidRequestException('Cannot rename resource type root folder');
}
$newFolderName = $request->query->get('newFolderName');
return $workingFolder->rename($newFolderName);
}
/**
* Main command method.
*
* @param Request $request Current request object
* @param WorkingFolder $workingFolder Current working folder object
*
* @return array
*
* @throws \Exception
*/
public function execute(Request $request, WorkingFolder $workingFolder)
{
$fileName = $request->get('fileName');
$backend = $workingFolder->getBackend();
if (!$workingFolder->containsFile($fileName)) {
throw new \Exception('File not found', Error::FILE_NOT_FOUND);
}
$fileMetadada = $backend->getMetadata(Path::combine($workingFolder->getPath(), $fileName));
return $fileMetadada;
}
public function execute(Request $request, WorkingFolder $workingFolder, EventDispatcher $dispatcher, Config $config, CacheManager $cache, ThumbnailRepository $thumbsRepository)
{
// Don't add info about current folder to this command response
$workingFolder->omitResponseInfo();
$responseData = parent::execute($request, $workingFolder, $dispatcher, $config, $cache, $thumbsRepository);
// Get url to a file
if (isset($responseData['fileName'])) {
$responseData['url'] = $workingFolder->getFileUrl($responseData['fileName']);
}
return $responseData;
}
public function execute(Request $request, WorkingFolder $workingFolder, EventDispatcher $dispatcher)
{
$newFolderName = (string) $request->query->get('newFolderName', '');
$createFolderEvent = new CreateFolderEvent($this->app, $workingFolder, $newFolderName);
$dispatcher->dispatch(CKFinderEvent::CREATE_FOLDER, $createFolderEvent);
$created = false;
if (!$createFolderEvent->isPropagationStopped()) {
$newFolderName = $createFolderEvent->getNewFolderName();
$created = $workingFolder->createDir($newFolderName);
}
return array('newFolder' => $newFolderName, 'created' => (int) $created);
}
public function execute(Request $request, Config $config, WorkingFolder $workingFolder, ResizedImageRepository $resizedImageRepository, CacheManager $cache)
{
$fileName = (string) $request->query->get('fileName');
list($requestedWidth, $requestedHeight) = Image::parseSize((string) $request->get('size'));
$downloadedFile = new DownloadedFile($fileName, $this->app);
$downloadedFile->isValid();
if (!Image::isSupportedExtension(pathinfo($fileName, PATHINFO_EXTENSION), $config->get('thumbnails.bmpSupported'))) {
throw new InvalidExtensionException('Unsupported image type or not image file');
}
Utils::removeSessionCacheHeaders();
$response = new Response();
$response->setPublic();
$response->setEtag(dechex($downloadedFile->getTimestamp()) . "-" . dechex($downloadedFile->getSize()));
$lastModificationDate = new \DateTime();
$lastModificationDate->setTimestamp($downloadedFile->getTimestamp());
$response->setLastModified($lastModificationDate);
if ($response->isNotModified($request)) {
return $response;
}
$imagePreviewCacheExpires = (int) $config->get('cache.imagePreview');
if ($imagePreviewCacheExpires > 0) {
$response->setMaxAge($imagePreviewCacheExpires);
$expireTime = new \DateTime();
$expireTime->modify('+' . $imagePreviewCacheExpires . 'seconds');
$response->setExpires($expireTime);
}
$cachedInfoPath = Path::combine($workingFolder->getResourceType()->getName(), $workingFolder->getClientCurrentFolder(), $fileName);
$cachedInfo = $cache->get($cachedInfoPath);
$resultImage = null;
// Try to reuse existing resized image
if ($cachedInfo && isset($cachedInfo['width']) && isset($cachedInfo['height'])) {
// Fix received aspect ratio
$size = Image::calculateAspectRatio($requestedWidth, $requestedHeight, $cachedInfo['width'], $cachedInfo['height']);
$resizedImage = $resizedImageRepository->getResizedImageBySize($workingFolder->getResourceType(), $workingFolder->getClientCurrentFolder(), $fileName, $size['width'], $size['height']);
if ($resizedImage) {
$resultImage = Image::create($resizedImage->getImageData());
}
}
// Fallback - get and resize the original image
if (null === $resultImage) {
$resultImage = Image::create($downloadedFile->getContents(), $config->get('thumbnails.bmpSupported'));
$cache->set($cachedInfoPath, $resultImage->getInfo());
$resultImage->resize($requestedWidth, $requestedHeight);
}
$mimeType = $resultImage->getMimeType();
if (in_array($mimeType, array('image/bmp', 'image/x-ms-bmp'))) {
$mimeType = 'image/jpeg';
// Image::getData() by default converts resized images to JPG
}
$response->headers->set('Content-Type', $mimeType . '; name="' . $downloadedFile->getFileName() . '"');
$response->setContent($resultImage->getData());
return $response;
}
public function execute(Request $request, WorkingFolder $workingFolder, Config $config, ResizedImageRepository $resizedImageRepository)
{
$fileName = $request->get('fileName');
if (null === $fileName || !File::isValidName($fileName, $config->get('disallowUnsafeCharacters'))) {
throw new InvalidRequestException('Invalid file name');
}
$ext = strtolower(pathinfo($fileName, PATHINFO_EXTENSION));
if (!Image::isSupportedExtension($ext)) {
throw new InvalidNameException('Invalid source file name');
}
list($requestedWidth, $requestedHeight) = Image::parseSize($request->get('size'));
$resizedImage = $resizedImageRepository->getResizedImage($workingFolder->getResourceType(), $workingFolder->getClientCurrentFolder(), $fileName, $requestedWidth, $requestedHeight);
return array('url' => $resizedImage->getUrl());
}
public function execute(WorkingFolder $workingFolder, Request $request)
{
$fileName = (string) $request->get('fileName');
$thumbnail = (string) $request->get('thumbnail');
$fileNames = (array) $request->get('fileNames');
if (!empty($fileNames)) {
$urls = array();
foreach ($fileNames as $fileName) {
$urls[$fileName] = $workingFolder->getFileUrl($fileName);
}
return array('urls' => $urls);
}
return array('url' => $workingFolder->getFileUrl($fileName, $thumbnail));
}
public function execute(Request $request, WorkingFolder $workingFolder, EventDispatcher $dispatcher)
{
// The root folder cannot be renamed.
if ($workingFolder->getClientCurrentFolder() === '/') {
throw new InvalidRequestException('Cannot rename resource type root folder');
}
$newFolderName = (string) $request->query->get('newFolderName');
$renameFolderEvent = new RenameFolderEvent($this->app, $workingFolder, $newFolderName);
$dispatcher->dispatch(CKFinderEvent::RENAME_FOLDER, $renameFolderEvent);
if (!$renameFolderEvent->isPropagationStopped()) {
$newFolderName = $renameFolderEvent->getNewFolderName();
return $workingFolder->rename($newFolderName);
}
return array('renamed' => 0);
}
public function execute(WorkingFolder $workingFolder)
{
$data = new \stdClass();
$files = $workingFolder->listFiles();
$data->files = array();
foreach ($files as $file) {
$fileObject = array('name' => $file['basename'], 'date' => Utils::formatDate($file['timestamp']), 'size' => Utils::formatSize($file['size']));
$data->files[] = $fileObject;
}
// Sort files
usort($data->files, function ($a, $b) {
return strnatcasecmp($a['name'], $b['name']);
});
return $data;
}
public function execute(WorkingFolder $workingFolder)
{
$directories = $workingFolder->listDirectories();
$data = new \stdClass();
$data->folders = array();
$backend = $workingFolder->getBackend();
$resourceType = $workingFolder->getResourceType();
foreach ($directories as $directory) {
$data->folders[] = array('name' => $directory['basename'], 'hasChildren' => $backend->containsDirectories($resourceType, Path::combine($workingFolder->getClientCurrentFolder(), $directory['basename'])), 'acl' => $directory['acl']);
}
// Sort folders
usort($data->folders, function ($a, $b) {
return strnatcasecmp($a['name'], $b['name']);
});
return $data;
}
/**
* Copies current file
*
* @param string $copyOptions defines copy options in case if file already exists
* in target directory:
* - autorename - renames current file (see File::autorename())
* - overwrite - overwrites existing file
*
* @return bool true if file was copied successfully
*
* @throws \Exception
*/
public function doCopy($copyOptions)
{
$originalFileStream = $this->getContentsStream();
$originalFileName = $this->getFilename();
// Don't copy file to itself
if ($this->targetFolder->getBackend() === $this->resourceType->getBackend() && $this->targetFolder->getPath() === $this->getPath()) {
$this->addError(Error::SOURCE_AND_TARGET_PATH_EQUAL);
return false;
// Check if file already exists in target backend dir
} elseif ($this->targetFolder->containsFile($this->getFilename()) && strpos($copyOptions, 'overwrite') === false) {
if (strpos($copyOptions, 'autorename') !== false) {
$this->autorename();
} else {
$this->addError(Error::ALREADY_EXIST);
return false;
}
}
if ($this->targetFolder->putStream($this->getFilename(), $originalFileStream)) {
$resizedImageRepository = $this->resourceType->getResizedImageRepository();
$resizedImageRepository->copyResizedImages($this->resourceType, $this->folder, $originalFileName, $this->targetFolder->getResourceType(), $this->targetFolder->getClientCurrentFolder(), $this->getFilename());
$this->getCache()->copy(Path::combine($this->resourceType->getName(), $this->folder, $originalFileName), Path::combine($this->targetFolder->getResourceType()->getName(), $this->targetFolder->getClientCurrentFolder(), $this->getFilename()));
return true;
} else {
$this->addError(Error::ACCESS_DENIED);
return false;
}
}
/**
* Returns target file name of the copied file
*
* @return string
*/
public function getTargetFilename()
{
if ($this->targetFolder->containsFile($this->getFilename()) && strpos($this->copyOptions, 'overwrite') === false && strpos($this->copyOptions, 'autorename') !== false) {
$this->autorename();
}
return $this->fileName;
}
public function execute(WorkingFolder $workingFolder, EventDispatcher $dispatcher)
{
// The root folder cannot be deleted.
if ($workingFolder->getClientCurrentFolder() === '/') {
throw new InvalidRequestException('Cannot delete resource type root folder');
}
$deleteFolderEvent = new DeleteFolderEvent($this->app, $workingFolder);
$dispatcher->dispatch(CKFinderEvent::DELETE_FOLDER, $deleteFolderEvent);
$deleted = false;
if (!$deleteFolderEvent->isPropagationStopped()) {
$deleted = $workingFolder->delete();
}
if (!$deleted) {
throw new AccessDeniedException();
}
return array('deleted' => (int) $deleted);
}
public function execute(Request $request, WorkingFolder $workingFolder, EventDispatcher $dispatcher)
{
$fileName = (string) $request->query->get('fileName');
$newFileName = (string) $request->query->get('newFileName');
if (null === $fileName || null === $newFileName) {
throw new InvalidNameException('Invalid file name');
}
$renamedFile = new RenamedFile($newFileName, $fileName, $workingFolder->getClientCurrentFolder(), $workingFolder->getResourceType(), $this->app);
$renamed = false;
if ($renamedFile->isValid()) {
$renamedFileEvent = new RenameFileEvent($this->app, $renamedFile);
$dispatcher->dispatch(CKFinderEvent::RENAME_FILE, $renamedFileEvent);
if (!$renamedFileEvent->isPropagationStopped()) {
$renamed = $renamedFile->doRename();
}
}
return array('name' => $fileName, 'newName' => $renamedFile->getNewFileName(), 'renamed' => (int) $renamed);
}
public function execute(Request $request, WorkingFolder $workingFolder, Config $config, ThumbnailRepository $thumbnailRepository)
{
if (!$config->get('thumbnails.enabled')) {
throw new CKFinderException('Thumbnails feature is disabled', Error::THUMBNAILS_DISABLED);
}
$fileName = $request->get('fileName');
$ext = strtolower(pathinfo($fileName, PATHINFO_EXTENSION));
if (!Image::isSupportedExtension($ext, $thumbnailRepository->isBitmapSupportEnabled())) {
throw new InvalidNameException('Invalid source file name');
}
if (null === $fileName || !File::isValidName($fileName, $config->get('disallowUnsafeCharacters'))) {
throw new InvalidRequestException('Invalid file name');
}
list($requestedWidth, $requestedHeight) = Image::parseSize($request->get('size'));
$thumbnail = $thumbnailRepository->getThumbnail($workingFolder->getResourceType(), $workingFolder->getClientCurrentFolder(), $fileName, $requestedWidth, $requestedHeight);
/**
* This was added on purpose to reset any Cache-Control headers set
* for example by session_start(). Symfony Session has a workaround,
* but but we can't rely on this as application may not use Symfony
* components to handle sessions.
*/
header('Cache-Control:');
$response = new Response();
$response->setPublic();
$response->setEtag(dechex($thumbnail->getTimestamp()) . "-" . dechex($thumbnail->getSize()));
$lastModificationDate = new \DateTime();
$lastModificationDate->setTimestamp($thumbnail->getTimestamp());
$response->setLastModified($lastModificationDate);
if ($response->isNotModified($request)) {
return $response;
}
$thumbnailsCacheExpires = (int) $config->get('cache.thumbnails');
if ($thumbnailsCacheExpires > 0) {
$response->setMaxAge($thumbnailsCacheExpires);
$expireTime = new \DateTime();
$expireTime->modify('+' . $thumbnailsCacheExpires . 'seconds');
$response->setExpires($expireTime);
}
$response->headers->set('Content-Type', $thumbnail->getMimeType() . '; name="' . $thumbnail->getFileName() . '"');
$response->setContent($thumbnail->getImageData());
return $response;
}
public function execute(Request $request, WorkingFolder $workingFolder, EventDispatcher $dispatcher)
{
$fileName = (string) $request->query->get('fileName');
$downloadedFile = new DownloadedFile($fileName, $this->app);
$downloadedFile->isValid();
$downloadedFileEvent = new DownloadFileEvent($this->app, $downloadedFile);
$dispatcher->dispatch(CKFinderEvent::DOWNLOAD_FILE, $downloadedFileEvent);
if ($downloadedFileEvent->isPropagationStopped()) {
throw new AccessDeniedException();
}
$response = new StreamedResponse();
$response->headers->set('Cache-Control', 'cache, must-revalidate');
$response->headers->set('Pragma', 'public');
$response->headers->set('Expires', '0');
if ($request->get('format') === 'text') {
$response->headers->set('Content-Type', 'text/plain; charset=utf-8');
} else {
$userAgent = !empty($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
$encodedName = str_replace("\"", "\\\"", $fileName);
if (strpos($userAgent, 'MSIE') !== false) {
$encodedName = str_replace(array("+", "%2E"), array(" ", "."), urlencode($encodedName));
}
$response->headers->set('Content-Type', 'application/octet-stream; name="' . $fileName . '"');
$response->headers->set('Content-Disposition', 'attachment; filename="' . $encodedName . '"');
}
$response->headers->set('Content-Length', $downloadedFile->getSize());
$fileStream = $workingFolder->readStream($downloadedFile->getFilename());
$chunkSize = 1024 * 100;
// how many bytes per chunk
$response->setCallback(function () use($fileStream, $chunkSize) {
if ($fileStream === false) {
return false;
}
while (!feof($fileStream)) {
echo fread($fileStream, $chunkSize);
flush();
@set_time_limit(8);
}
return true;
});
return $response;
}
public function execute(Request $request, WorkingFolder $workingFolder, Config $config, ThumbnailRepository $thumbnailRepository)
{
if (!$config->get('thumbnails.enabled')) {
throw new CKFinderException('Thumbnails feature is disabled', Error::THUMBNAILS_DISABLED);
}
$fileName = (string) $request->get('fileName');
$ext = strtolower(pathinfo($fileName, PATHINFO_EXTENSION));
if (!Image::isSupportedExtension($ext, $thumbnailRepository->isBitmapSupportEnabled())) {
throw new InvalidNameException('Invalid source file name');
}
if (null === $fileName || !File::isValidName($fileName, $config->get('disallowUnsafeCharacters'))) {
throw new InvalidRequestException('Invalid file name');
}
if (!$workingFolder->containsFile($fileName)) {
throw new FileNotFoundException();
}
list($requestedWidth, $requestedHeight) = Image::parseSize((string) $request->get('size'));
$thumbnail = $thumbnailRepository->getThumbnail($workingFolder->getResourceType(), $workingFolder->getClientCurrentFolder(), $fileName, $requestedWidth, $requestedHeight);
Utils::removeSessionCacheHeaders();
$response = new Response();
$response->setPublic();
$response->setEtag(dechex($thumbnail->getTimestamp()) . "-" . dechex($thumbnail->getSize()));
$lastModificationDate = new \DateTime();
$lastModificationDate->setTimestamp($thumbnail->getTimestamp());
$response->setLastModified($lastModificationDate);
if ($response->isNotModified($request)) {
return $response;
}
$thumbnailsCacheExpires = (int) $config->get('cache.thumbnails');
if ($thumbnailsCacheExpires > 0) {
$response->setMaxAge($thumbnailsCacheExpires);
$expireTime = new \DateTime();
$expireTime->modify('+' . $thumbnailsCacheExpires . 'seconds');
$response->setExpires($expireTime);
}
$response->headers->set('Content-Type', $thumbnail->getMimeType() . '; name="' . $thumbnail->getFileName() . '"');
$response->setContent($thumbnail->getImageData());
return $response;
}
public function execute(Request $request, WorkingFolder $workingFolder, ResizedImageRepository $resizedImageRepository, Config $config, CacheManager $cache)
{
$fileName = $request->get('fileName');
$sizes = $request->get('sizes');
$ext = pathinfo($fileName, PATHINFO_EXTENSION);
if (!Image::isSupportedExtension($ext)) {
throw new InvalidRequestException('Invalid file extension');
}
if ($sizes) {
$sizes = explode(',', $sizes);
if (array_diff($sizes, array_keys($config->get('images.sizes')))) {
throw new InvalidRequestException(sprintf('Invalid size requested (%s)', $request->get('sizes')));
}
}
$data = array();
$cachedInfo = $cache->get(Path::combine($workingFolder->getResourceType()->getName(), $workingFolder->getClientCurrentFolder(), $fileName));
if ($cachedInfo && isset($cachedInfo['width']) && isset($cachedInfo['height'])) {
$data['originalSize'] = sprintf("%dx%d", $cachedInfo['width'], $cachedInfo['height']);
}
$resizedImages = $resizedImageRepository->getResizedImagesList($workingFolder->getResourceType(), $workingFolder->getClientCurrentFolder(), $fileName, $sizes ?: array());
$data['resized'] = $resizedImages;
return $data;
}
public function execute(WorkingFolder $workingFolder, Request $request, Config $config)
{
$fileName = $request->get('fileName');
$thumbnail = $request->get('thumbnail');
$fileNames = (array) $request->get('fileNames');
if (!empty($fileNames)) {
$urls = array();
foreach ($fileNames as $fileName) {
if (!File::isValidName($fileName, $config->get('disallowUnsafeCharacters'))) {
throw new InvalidRequestException(sprintf('Invalid file name: %s', $fileName));
}
$urls[$fileName] = $workingFolder->getFileUrl($fileName);
}
return array('urls' => $urls);
}
if (!File::isValidName($fileName, $config->get('disallowUnsafeCharacters')) || $thumbnail && !File::isValidName($thumbnail, $config->get('disallowUnsafeCharacters'))) {
throw new InvalidRequestException('Invalid file name');
}
if (!$workingFolder->containsFile($fileName)) {
throw new FileNotFoundException();
}
return array('url' => $workingFolder->getFileUrl($thumbnail ? Path::combine(ResizedImage::DIR, $fileName, $thumbnail) : $fileName));
}
public function isValid()
{
if (!$this->saveAsNew && !$this->exists()) {
throw new FileNotFoundException();
}
if ($this->newFileName) {
if (!File::isValidName($this->newFileName, $this->config->get('disallowUnsafeCharacters'))) {
throw new InvalidNameException('Invalid file name');
}
if ($this->workingFolder->containsFile($this->newFileName)) {
throw new AlreadyExistsException('File already exists');
}
if ($this->resourceType->getBackend()->isHiddenFile($this->newFileName)) {
throw new InvalidRequestException('New provided file name is hidden');
}
}
if (!$this->hasValidFilename() || !$this->hasValidPath()) {
throw new InvalidRequestException('Invalid filename or path');
}
if ($this->isHidden() || $this->hasHiddenPath()) {
throw new InvalidRequestException('Edited file is hidden');
}
return true;
}
/**
* Validates the file
*
* @return bool true if file passed the validation
*
* @throws AlreadyExistsException
* @throws FileNotFoundException
* @throws InvalidExtensionException
* @throws InvalidNameException
* @throws InvalidRequestException
* @throws InvalidUploadException
*/
public function isValid()
{
if ($this->newFileName) {
if (!File::isValidName($this->newFileName, $this->config->get('disallowUnsafeCharacters'))) {
throw new InvalidNameException('Invalid file name');
}
if ($this->resourceType->getBackend()->isHiddenFile($this->newFileName)) {
throw new InvalidRequestException('New provided file name is hidden');
}
if (!$this->resourceType->isAllowedExtension($this->getNewExtension())) {
throw new InvalidExtensionException();
}
if ($this->config->get('checkDoubleExtension') && !$this->areValidDoubleExtensions($this->newFileName)) {
throw new InvalidExtensionException();
}
if ($this->workingFolder->containsFile($this->newFileName)) {
throw new AlreadyExistsException('File already exists');
}
}
if (!$this->hasValidFilename() || !$this->hasValidPath()) {
throw new InvalidRequestException('Invalid filename or path');
}
if ($this->isHidden() || $this->hasHiddenPath()) {
throw new InvalidRequestException('Edited file is hidden');
}
if ($this->config->get('checkDoubleExtension') && !$this->areValidDoubleExtensions()) {
throw new InvalidExtensionException();
}
if (!$this->resourceType->isAllowedExtension($this->getExtension())) {
throw new InvalidExtensionException();
}
if (!$this->saveAsNew && !$this->exists()) {
throw new FileNotFoundException();
}
if ($this->newContents) {
if (Utils::containsHtml(substr($this->newContents, 0, 1024)) && !in_array(strtolower($this->newFileName ? $this->getNewExtension() : $this->getExtension()), $this->config->get('htmlExtensions'))) {
throw new InvalidUploadException('HTML detected in disallowed file type', Error::UPLOADED_WRONG_HTML_FILE);
}
$maxFileSize = $this->resourceType->getMaxSize();
if ($maxFileSize && strlen($this->newContents) > $maxFileSize) {
throw new InvalidUploadException('Uploaded file is too big', Error::UPLOADED_TOO_BIG);
}
}
return true;
}
public function execute(Request $request, WorkingFolder $workingFolder, EventDispatcher $dispatcher, CacheManager $cache, ResizedImageRepository $resizedImageRepository, ThumbnailRepository $thumbnailRepository)
{
$fileName = $request->query->get('fileName');
$editedFile = new EditedFile($fileName, $this->app);
$saveAsNew = false;
if (!$editedFile->exists()) {
$saveAsNew = true;
$editedFile->saveAsNew(true);
}
if (!$editedFile->isValid()) {
throw new InvalidUploadException('Invalid file provided');
}
if (!Image::isSupportedExtension($editedFile->getExtension())) {
throw new InvalidExtensionException('Unsupported image type or not image file');
}
$imageFormat = Image::mimeTypeFromExtension($editedFile->getExtension());
$uploadedData = $request->get('content');
if (null === $uploadedData || strpos($uploadedData, 'data:image/png;base64,') !== 0) {
throw new InvalidUploadException('Invalid upload. Expected base64 encoded PNG image.');
}
$data = explode(',', $uploadedData);
$data = isset($data[1]) ? base64_decode($data[1]) : false;
if (!$data) {
throw new InvalidUploadException();
}
$uploadedImage = Image::create($data);
$newContents = $uploadedImage->getData($imageFormat);
$editFileEvent = new EditFileEvent($this->app, $editedFile, $newContents);
$cache->set(Path::combine($workingFolder->getResourceType()->getName(), $workingFolder->getClientCurrentFolder(), $fileName), $uploadedImage->getInfo());
$dispatcher->dispatch(CKFinderEvent::SAVE_IMAGE, $editFileEvent);
$saved = false;
if (!$editFileEvent->isPropagationStopped()) {
$saved = $editedFile->setContents($editFileEvent->getNewContents());
//Remove thumbnails and resized images in case if file is overwritten
if (!$saveAsNew && $saved) {
$resourceType = $workingFolder->getResourceType();
$thumbnailRepository->deleteThumbnails($resourceType, $workingFolder->getClientCurrentFolder(), $fileName);
$resizedImageRepository->deleteResizedImages($resourceType, $workingFolder->getClientCurrentFolder(), $fileName);
}
}
return array('saved' => (int) $saved, 'date' => Utils::formatDate(time()));
}
public function execute(Request $request, WorkingFolder $workingFolder, EventDispatcher $dispatcher, Config $config)
{
$fileName = (string) $request->query->get('fileName');
$thumbnailFileName = (string) $request->query->get('thumbnail');
if (!File::isValidName($fileName, $config->get('disallowUnsafeCharacters'))) {
throw new InvalidRequestException(sprintf('Invalid file name: %s', $fileName));
}
$cacheLifetime = (int) $request->query->get('cache');
if (!$workingFolder->containsFile($fileName)) {
throw new FileNotFoundException();
}
if ($thumbnailFileName) {
if (!File::isValidName($thumbnailFileName, $config->get('disallowUnsafeCharacters'))) {
throw new InvalidRequestException(sprintf('Invalid resized image file name: %s', $fileName));
}
if (!$workingFolder->getResourceType()->isAllowedExtension(pathinfo($thumbnailFileName, PATHINFO_EXTENSION))) {
throw new InvalidExtensionException();
}
$resizedImageRespository = $this->app->getResizedImageRepository();
$file = $resizedImageRespository->getExistingResizedImage($workingFolder->getResourceType(), $workingFolder->getClientCurrentFolder(), $fileName, $thumbnailFileName);
$dataStream = $file->readStream();
} else {
$file = new DownloadedFile($fileName, $this->app);
$file->isValid();
$dataStream = $workingFolder->readStream($file->getFilename());
}
$proxyDownload = new ProxyDownloadEvent($this->app, $file);
$dispatcher->dispatch(CKFinderEvent::PROXY_DOWNLOAD, $proxyDownload);
if ($proxyDownload->isPropagationStopped()) {
throw new AccessDeniedException();
}
$response = new StreamedResponse();
$response->headers->set('Content-Type', $file->getMimeType());
$response->headers->set('Content-Length', $file->getSize());
$response->headers->set('Content-Disposition', 'inline; filename="' . $fileName . '"');
if ($cacheLifetime > 0) {
Utils::removeSessionCacheHeaders();
$response->setPublic();
$response->setEtag(dechex($file->getTimestamp()) . "-" . dechex($file->getSize()));
$lastModificationDate = new \DateTime();
$lastModificationDate->setTimestamp($file->getTimestamp());
$response->setLastModified($lastModificationDate);
if ($response->isNotModified($request)) {
return $response;
}
$response->setMaxAge($cacheLifetime);
$expireTime = new \DateTime();
$expireTime->modify('+' . $cacheLifetime . 'seconds');
$response->setExpires($expireTime);
}
$chunkSize = 1024 * 100;
$response->setCallback(function () use($dataStream, $chunkSize) {
if ($dataStream === false) {
return false;
}
while (!feof($dataStream)) {
echo fread($dataStream, $chunkSize);
flush();
@set_time_limit(8);
}
return true;
});
return $response;
}
/**
* Checks if file exists
*
* @return bool true if file exists
*/
public function exists()
{
return $this->workingFolder->containsFile($this->fileName);
}
/**
* @param Request $request
* @param WorkingFolder $workingFolder
* @param EventDispatcher $dispatcher
* @param Acl $acl
*
* @return array
*
* @throws \Exception
*/
public function execute(Request $request, WorkingFolder $workingFolder, EventDispatcher $dispatcher, Acl $acl, ResizedImageRepository $resizedImageRepository, ThumbnailRepository $thumbnailRepository)
{
$fileName = (string) $request->get('fileName');
$newFileName = (string) $request->get('newFileName');
$editedImage = new EditedImage($fileName, $this->app, $newFileName);
$resourceType = $workingFolder->getResourceType();
if (null === $newFileName) {
$resourceTypeName = $resourceType->getName();
$path = $workingFolder->getClientCurrentFolder();
if (!$acl->isAllowed($resourceTypeName, $path, Permission::FILE_DELETE)) {
throw new UnauthorizedException(sprintf('Unauthorized: no FILE_DELETE permission in %s:%s', $resourceTypeName, $path));
}
}
if (!Image::isSupportedExtension($editedImage->getExtension())) {
throw new InvalidExtensionException('Unsupported image type or not image file');
}
$image = Image::create($editedImage->getContents());
$actions = (array) $request->get('actions');
if (empty($actions)) {
throw new InvalidRequestException();
}
foreach ($actions as $actionInfo) {
if (!isset($actionInfo['action'])) {
throw new InvalidRequestException('ImageEdit: action name missing');
}
switch ($actionInfo['action']) {
case self::OPERATION_CROP:
if (!Utils::arrayContainsKeys($actionInfo, array('x', 'y', 'width', 'height'))) {
throw new InvalidRequestException();
}
$x = $actionInfo['x'];
$y = $actionInfo['y'];
$width = $actionInfo['width'];
$height = $actionInfo['height'];
$image->crop($x, $y, $width, $height);
break;
case self::OPERATION_ROTATE:
if (!isset($actionInfo['angle'])) {
throw new InvalidRequestException();
}
$degrees = $actionInfo['angle'];
$bgcolor = isset($actionInfo['bgcolor']) ? $actionInfo['bgcolor'] : 0;
$image->rotate($degrees, $bgcolor);
break;
case self::OPERATION_RESIZE:
if (!Utils::arrayContainsKeys($actionInfo, array('width', 'height'))) {
throw new InvalidRequestException();
}
$width = $actionInfo['width'];
$height = $actionInfo['height'];
$image->resize($width, $height);
break;
}
}
$editFileEvent = new EditFileEvent($this->app, $editedImage);
$editedImage->setNewContents($image->getData());
$editedImage->setNewDimensions($image->getWidth(), $image->getHeight());
if (!$editedImage->isValid()) {
throw new InvalidUploadException('Invalid file provided');
}
$dispatcher->dispatch(CKFinderEvent::EDIT_IMAGE, $editFileEvent);
$saved = false;
if (!$editFileEvent->isPropagationStopped()) {
$saved = $editedImage->save($editFileEvent->getNewContents());
//Remove thumbnails and resized images in case if file is overwritten
if ($newFileName === null && $saved) {
$thumbnailRepository->deleteThumbnails($resourceType, $workingFolder->getClientCurrentFolder(), $fileName);
$resizedImageRepository->deleteResizedImages($resourceType, $workingFolder->getClientCurrentFolder(), $fileName);
}
}
return array('saved' => (int) $saved, 'date' => Utils::formatDate(time()));
}
public function execute(Request $request, WorkingFolder $workingFolder, EventDispatcher $dispatcher, Config $config, CacheManager $cache, ThumbnailRepository $thumbsRepository)
{
// #111 IE9 download JSON issue workaround
if ($request->get('asPlainText')) {
$uploadEvents = array(CKFinderEvent::AFTER_COMMAND_FILE_UPLOAD, CKFinderEvent::AFTER_COMMAND_QUICK_UPLOAD);
foreach ($uploadEvents as $eventName) {
$dispatcher->addListener($eventName, function (AfterCommandEvent $event) {
$response = $event->getResponse();
$response->headers->set('Content-Type', 'text/plain');
});
}
}
$uploaded = 0;
$warningErrorCode = null;
$upload = $request->files->get('upload');
if (null === $upload) {
throw new InvalidUploadException();
}
$uploadedFile = new UploadedFile($upload, $this->app);
if (!$uploadedFile->isValid()) {
throw new InvalidUploadException($uploadedFile->getErrorMessage());
}
$uploadedFile->sanitizeFilename();
if ($uploadedFile->wasRenamed()) {
$warningErrorCode = Error::UPLOADED_INVALID_NAME_RENAMED;
}
if (!$uploadedFile->hasValidFilename() || $uploadedFile->isHiddenFile()) {
throw new InvalidNameException();
}
if (!$uploadedFile->hasAllowedExtension()) {
throw new InvalidExtensionException();
}
// Autorename if required
$overwriteOnUpload = $config->get('overwriteOnUpload');
if (!$overwriteOnUpload && $uploadedFile->autorename()) {
$warningErrorCode = Error::UPLOADED_FILE_RENAMED;
}
$fileName = $uploadedFile->getFilename();
if (!$uploadedFile->isAllowedHtmlFile() && $uploadedFile->containsHtml()) {
throw new InvalidUploadException('HTML detected in disallowed file type', Error::UPLOADED_WRONG_HTML_FILE);
}
if ($config->get('secureImageUploads') && $uploadedFile->isImage() && !$uploadedFile->isValidImage()) {
throw new InvalidUploadException('Invalid upload: corrupted image', Error::UPLOADED_CORRUPT);
}
$maxFileSize = $workingFolder->getResourceType()->getMaxSize();
if (!$config->get('checkSizeAfterScaling') && $maxFileSize && $uploadedFile->getSize() > $maxFileSize) {
throw new InvalidUploadException('Uploaded file is too big', Error::UPLOADED_TOO_BIG);
}
if (Image::isSupportedExtension($uploadedFile->getExtension())) {
$imagesConfig = $config->get('images');
$image = Image::create($uploadedFile->getContents());
if ($image->getWidth() > $imagesConfig['maxWidth'] || $image->getHeight() > $imagesConfig['maxHeight']) {
$image->resize($imagesConfig['maxWidth'], $imagesConfig['maxHeight'], $imagesConfig['quality']);
$imageData = $image->getData();
$uploadedFile->setContents($imageData);
}
$cache->set(Path::combine($workingFolder->getResourceType()->getName(), $workingFolder->getClientCurrentFolder(), $fileName), $image->getInfo());
unset($imageData);
unset($image);
}
if ($maxFileSize && $uploadedFile->getSize() > $maxFileSize) {
throw new InvalidUploadException('Uploaded file is too big', Error::UPLOADED_TOO_BIG);
}
$event = new FileUploadEvent($this->app, $uploadedFile);
$dispatcher->dispatch(CKFinderEvent::FILE_UPLOAD, $event);
if (!$event->isPropagationStopped()) {
$uploadedFileStream = $uploadedFile->getContentsStream();
$uploaded = (int) $workingFolder->putStream($fileName, $uploadedFileStream);
if ($overwriteOnUpload) {
$thumbsRepository->deleteThumbnails($workingFolder->getResourceType(), $workingFolder->getClientCurrentFolder(), $fileName);
}
if (!$uploaded) {
$warningErrorCode = Error::ACCESS_DENIED;
}
}
$responseData = array('fileName' => $fileName, 'uploaded' => $uploaded);
if ($warningErrorCode) {
$errorMessage = $this->app['translator']->translateErrorMessage($warningErrorCode, array($fileName));
$responseData['error'] = array('number' => $warningErrorCode, 'message' => $errorMessage);
}
return $responseData;
}
/**
* Check if current file name is defined as hidden in configuration settings
*
* @return bool true if filename is hidden
*/
public function isHiddenFile()
{
return $this->workingFolder->getBackend()->isHiddenFile($this->fileName);
}
public function execute(Request $request, WorkingFolder $workingFolder)
{
$newFolderName = (string) $request->query->get('newFolderName', '');
$workingFolder->createDir($newFolderName);
return array('newFolder' => $newFolderName);
}