/**
* Filter an image's URL to enforce restrictions on its dimensions
*
* @see bbcode_firstpass::bbcode_img()
*
* @param string $url Original URL
* @param array $url_config Config used by the URL filter
* @param Logger $logger
* @param integer $max_height Maximum height allowed
* @param integer $max_width Maximum width allowed
* @return string|bool Original value if valid, FALSE otherwise
*/
public static function filter_img_url($url, array $url_config, Logger $logger, $max_height, $max_width)
{
// Validate the URL
$url = BuiltInFilters::filterUrl($url, $url_config, $logger);
if ($url === false) {
return false;
}
if ($max_height || $max_width) {
$imagesize = new \fastImageSize\fastImageSize();
$size_info = $imagesize->getImageSize($url);
if ($size_info === false) {
$logger->err('UNABLE_GET_IMAGE_SIZE');
return false;
}
if ($max_height && $max_height < $size_info['height']) {
$logger->err('MAX_IMG_HEIGHT_EXCEEDED', array('max_height' => $max_height));
return false;
}
if ($max_width && $max_width < $size_info['width']) {
$logger->err('MAX_IMG_WIDTH_EXCEEDED', array('max_width' => $max_width));
return false;
}
}
return $url;
}
/**
* Parse img tag
*/
function bbcode_img($in)
{
global $user, $config;
if (!$this->check_bbcode('img', $in)) {
return $in;
}
$in = trim($in);
$error = false;
$in = str_replace(' ', '%20', $in);
// Checking urls
if (!preg_match('#^' . get_preg_expression('url') . '$#iu', $in) && !preg_match('#^' . get_preg_expression('www_url') . '$#iu', $in)) {
return '[img]' . $in . '[/img]';
}
// Try to cope with a common user error... not specifying a protocol but only a subdomain
if (!preg_match('#^[a-z0-9]+://#i', $in)) {
$in = 'http://' . $in;
}
if ($config['max_' . $this->mode . '_img_height'] || $config['max_' . $this->mode . '_img_width']) {
$imagesize = new \fastImageSize\fastImageSize();
$size_info = $imagesize->getImageSize(htmlspecialchars_decode($in));
if ($size_info === false) {
$error = true;
$this->warn_msg[] = $user->lang['UNABLE_GET_IMAGE_SIZE'];
} else {
if ($config['max_' . $this->mode . '_img_height'] && $config['max_' . $this->mode . '_img_height'] < $size_info['height']) {
$error = true;
$this->warn_msg[] = $user->lang('MAX_IMG_HEIGHT_EXCEEDED', (int) $config['max_' . $this->mode . '_img_height']);
}
if ($config['max_' . $this->mode . '_img_width'] && $config['max_' . $this->mode . '_img_width'] < $size_info['width']) {
$error = true;
$this->warn_msg[] = $user->lang('MAX_IMG_WIDTH_EXCEEDED', (int) $config['max_' . $this->mode . '_img_width']);
}
}
}
if ($error || $this->path_in_domain($in)) {
return '[img]' . $in . '[/img]';
}
return '[img:' . $this->bbcode_uid . ']' . $this->bbcode_specialchars($in) . '[/img:' . $this->bbcode_uid . ']';
}
/**
* Move file to destination folder
* The phpbb_root_path variable will be applied to the destination path
*
* @param string $destination Destination path, for example $config['avatar_path']
* @param bool $overwrite If set to true, an already existing file will be overwritten
* @param bool $skip_image_check If set to true, the check for the file to be a valid image is skipped
* @param string $chmod Permission mask for chmodding the file after a successful move. The mode entered here reflects the mode defined by {@link phpbb_chmod()}
*
* @access public
*/
function move_file($destination, $overwrite = false, $skip_image_check = false, $chmod = false)
{
global $user, $phpbb_root_path;
if (sizeof($this->error)) {
return false;
}
$chmod = $chmod === false ? CHMOD_READ | CHMOD_WRITE : $chmod;
// We need to trust the admin in specifying valid upload directories and an attacker not being able to overwrite it...
$this->destination_path = $phpbb_root_path . $destination;
// Check if the destination path exist...
if (!file_exists($this->destination_path)) {
@unlink($this->filename);
return false;
}
$upload_mode = @ini_get('open_basedir') || @ini_get('safe_mode') || strtolower(@ini_get('safe_mode')) == 'on' ? 'move' : 'copy';
$upload_mode = $this->local ? 'local' : $upload_mode;
$this->destination_file = $this->destination_path . '/' . utf8_basename($this->realname);
// Check if the file already exist, else there is something wrong...
if (file_exists($this->destination_file) && !$overwrite) {
@unlink($this->filename);
$this->error[] = $user->lang($this->upload->error_prefix . 'GENERAL_UPLOAD_ERROR', $this->destination_file);
$this->file_moved = false;
return false;
} else {
if (file_exists($this->destination_file)) {
@unlink($this->destination_file);
}
switch ($upload_mode) {
case 'copy':
if (!@copy($this->filename, $this->destination_file)) {
if (!@move_uploaded_file($this->filename, $this->destination_file)) {
$this->error[] = sprintf($user->lang[$this->upload->error_prefix . 'GENERAL_UPLOAD_ERROR'], $this->destination_file);
}
}
break;
case 'move':
if (!@move_uploaded_file($this->filename, $this->destination_file)) {
if (!@copy($this->filename, $this->destination_file)) {
$this->error[] = sprintf($user->lang[$this->upload->error_prefix . 'GENERAL_UPLOAD_ERROR'], $this->destination_file);
}
}
break;
case 'local':
if (!@copy($this->filename, $this->destination_file)) {
$this->error[] = sprintf($user->lang[$this->upload->error_prefix . 'GENERAL_UPLOAD_ERROR'], $this->destination_file);
}
break;
}
// Remove temporary filename
@unlink($this->filename);
if (sizeof($this->error)) {
return false;
}
try {
$this->filesystem->phpbb_chmod($this->destination_file, $chmod);
} catch (\phpbb\filesystem\exception\filesystem_exception $e) {
// Do nothing
}
}
// Try to get real filesize from destination folder
$this->filesize = @filesize($this->destination_file) ? @filesize($this->destination_file) : $this->filesize;
// Get mimetype of supplied file
$this->mimetype = $this->get_mimetype($this->destination_file);
if ($this->is_image() && !$skip_image_check) {
$this->width = $this->height = 0;
// Get imagesize class
$imagesize = new \fastImageSize\fastImageSize();
$this->image_info = $imagesize->getImageSize($this->destination_file, $this->mimetype);
if ($this->image_info !== false) {
$this->width = $this->image_info['width'];
$this->height = $this->image_info['height'];
// Check image type
$types = fileupload::image_types();
if (!isset($types[$this->image_info['type']]) || !in_array($this->extension, $types[$this->image_info['type']])) {
if (!isset($types[$this->image_info['type']])) {
$this->error[] = $user->lang('IMAGE_FILETYPE_INVALID', $this->image_info['type'], $this->mimetype);
} else {
$this->error[] = $user->lang('IMAGE_FILETYPE_MISMATCH', $types[$this->image_info['type']][0], $this->extension);
}
}
// Make sure the dimensions match a valid image
if (empty($this->width) || empty($this->height)) {
$this->error[] = $user->lang['ATTACHED_IMAGE_NOT_IMAGE'];
}
} else {
$this->error[] = $user->lang['UNABLE_GET_IMAGE_SIZE'];
}
}
$this->file_moved = true;
$this->additional_checks();
unset($this->upload);
return true;
}
