public function execute(Request $request, WorkingFolder $workingFolder, Config $config, CacheManager $cache)
{
$fileName = (string) $request->get('fileName');
if (null === $fileName || !File::isValidName($fileName, $config->get('disallowUnsafeCharacters'))) {
throw new InvalidRequestException('Invalid file name');
}
if (!Image::isSupportedExtension(pathinfo($fileName, PATHINFO_EXTENSION))) {
throw new InvalidNameException('Invalid source file name');
}
if (!$workingFolder->containsFile($fileName)) {
throw new FileNotFoundException();
}
$cachePath = Path::combine($workingFolder->getResourceType()->getName(), $workingFolder->getClientCurrentFolder(), $fileName);
$imageInfo = array();
$cachedInfo = $cache->get($cachePath);
if ($cachedInfo && isset($cachedInfo['width']) && isset($cachedInfo['height'])) {
$imageInfo = $cachedInfo;
} else {
$file = new DownloadedFile($fileName, $this->app);
if ($file->isValid()) {
$image = Image::create($file->getContents());
$imageInfo = $image->getInfo();
$cache->set($cachePath, $imageInfo);
}
}
return $imageInfo;
}
/**
* Checks whether `$folderName` is a valid folder name. Returns `true` on success.
*
* @param string $folderName
* @param bool $disallowUnsafeCharacters
*
* @return boolean
*/
public static function isValidName($folderName, $disallowUnsafeCharacters)
{
if ($disallowUnsafeCharacters) {
if (strpos($folderName, ".") !== false) {
return false;
}
}
return File::isValidName($folderName, $disallowUnsafeCharacters);
}
public function execute(Request $request, WorkingFolder $workingFolder, Config $config, ResizedImageRepository $resizedImageRepository)
{
$fileName = $request->get('fileName');
if (null === $fileName || !File::isValidName($fileName, $config->get('disallowUnsafeCharacters'))) {
throw new InvalidRequestException('Invalid file name');
}
$ext = strtolower(pathinfo($fileName, PATHINFO_EXTENSION));
if (!Image::isSupportedExtension($ext)) {
throw new InvalidNameException('Invalid source file name');
}
list($requestedWidth, $requestedHeight) = Image::parseSize($request->get('size'));
$resizedImage = $resizedImageRepository->getResizedImage($workingFolder->getResourceType(), $workingFolder->getClientCurrentFolder(), $fileName, $requestedWidth, $requestedHeight);
return array('url' => $resizedImage->getUrl());
}
/**
* Validates the file
*
* @return bool true if file passed the validation
*
* @throws AlreadyExistsException
* @throws FileNotFoundException
* @throws InvalidExtensionException
* @throws InvalidNameException
* @throws InvalidRequestException
* @throws InvalidUploadException
*/
public function isValid()
{
if ($this->newFileName) {
if (!File::isValidName($this->newFileName, $this->config->get('disallowUnsafeCharacters'))) {
throw new InvalidNameException('Invalid file name');
}
if ($this->resourceType->getBackend()->isHiddenFile($this->newFileName)) {
throw new InvalidRequestException('New provided file name is hidden');
}
if (!$this->resourceType->isAllowedExtension($this->getNewExtension())) {
throw new InvalidExtensionException();
}
if ($this->config->get('checkDoubleExtension') && !$this->areValidDoubleExtensions($this->newFileName)) {
throw new InvalidExtensionException();
}
if ($this->workingFolder->containsFile($this->newFileName)) {
throw new AlreadyExistsException('File already exists');
}
}
if (!$this->hasValidFilename() || !$this->hasValidPath()) {
throw new InvalidRequestException('Invalid filename or path');
}
if ($this->isHidden() || $this->hasHiddenPath()) {
throw new InvalidRequestException('Edited file is hidden');
}
if ($this->config->get('checkDoubleExtension') && !$this->areValidDoubleExtensions()) {
throw new InvalidExtensionException();
}
if (!$this->resourceType->isAllowedExtension($this->getExtension())) {
throw new InvalidExtensionException();
}
if (!$this->saveAsNew && !$this->exists()) {
throw new FileNotFoundException();
}
if ($this->newContents) {
if (Utils::containsHtml(substr($this->newContents, 0, 1024)) && !in_array(strtolower($this->newFileName ? $this->getNewExtension() : $this->getExtension()), $this->config->get('htmlExtensions'))) {
throw new InvalidUploadException('HTML detected in disallowed file type', Error::UPLOADED_WRONG_HTML_FILE);
}
$maxFileSize = $this->resourceType->getMaxSize();
if ($maxFileSize && strlen($this->newContents) > $maxFileSize) {
throw new InvalidUploadException('Uploaded file is too big', Error::UPLOADED_TOO_BIG);
}
}
return true;
}
public function execute(Request $request, WorkingFolder $workingFolder, Config $config, ThumbnailRepository $thumbnailRepository)
{
if (!$config->get('thumbnails.enabled')) {
throw new CKFinderException('Thumbnails feature is disabled', Error::THUMBNAILS_DISABLED);
}
$fileName = $request->get('fileName');
$ext = strtolower(pathinfo($fileName, PATHINFO_EXTENSION));
if (!Image::isSupportedExtension($ext, $thumbnailRepository->isBitmapSupportEnabled())) {
throw new InvalidNameException('Invalid source file name');
}
if (null === $fileName || !File::isValidName($fileName, $config->get('disallowUnsafeCharacters'))) {
throw new InvalidRequestException('Invalid file name');
}
list($requestedWidth, $requestedHeight) = Image::parseSize($request->get('size'));
$thumbnail = $thumbnailRepository->getThumbnail($workingFolder->getResourceType(), $workingFolder->getClientCurrentFolder(), $fileName, $requestedWidth, $requestedHeight);
/**
* This was added on purpose to reset any Cache-Control headers set
* for example by session_start(). Symfony Session has a workaround,
* but but we can't rely on this as application may not use Symfony
* components to handle sessions.
*/
header('Cache-Control:');
$response = new Response();
$response->setPublic();
$response->setEtag(dechex($thumbnail->getTimestamp()) . "-" . dechex($thumbnail->getSize()));
$lastModificationDate = new \DateTime();
$lastModificationDate->setTimestamp($thumbnail->getTimestamp());
$response->setLastModified($lastModificationDate);
if ($response->isNotModified($request)) {
return $response;
}
$thumbnailsCacheExpires = (int) $config->get('cache.thumbnails');
if ($thumbnailsCacheExpires > 0) {
$response->setMaxAge($thumbnailsCacheExpires);
$expireTime = new \DateTime();
$expireTime->modify('+' . $thumbnailsCacheExpires . 'seconds');
$response->setExpires($expireTime);
}
$response->headers->set('Content-Type', $thumbnail->getMimeType() . '; name="' . $thumbnail->getFileName() . '"');
$response->setContent($thumbnail->getImageData());
return $response;
}
public function execute(Request $request, WorkingFolder $workingFolder, Config $config, ThumbnailRepository $thumbnailRepository)
{
if (!$config->get('thumbnails.enabled')) {
throw new CKFinderException('Thumbnails feature is disabled', Error::THUMBNAILS_DISABLED);
}
$fileName = (string) $request->get('fileName');
$ext = strtolower(pathinfo($fileName, PATHINFO_EXTENSION));
if (!Image::isSupportedExtension($ext, $thumbnailRepository->isBitmapSupportEnabled())) {
throw new InvalidNameException('Invalid source file name');
}
if (null === $fileName || !File::isValidName($fileName, $config->get('disallowUnsafeCharacters'))) {
throw new InvalidRequestException('Invalid file name');
}
if (!$workingFolder->containsFile($fileName)) {
throw new FileNotFoundException();
}
list($requestedWidth, $requestedHeight) = Image::parseSize((string) $request->get('size'));
$thumbnail = $thumbnailRepository->getThumbnail($workingFolder->getResourceType(), $workingFolder->getClientCurrentFolder(), $fileName, $requestedWidth, $requestedHeight);
Utils::removeSessionCacheHeaders();
$response = new Response();
$response->setPublic();
$response->setEtag(dechex($thumbnail->getTimestamp()) . "-" . dechex($thumbnail->getSize()));
$lastModificationDate = new \DateTime();
$lastModificationDate->setTimestamp($thumbnail->getTimestamp());
$response->setLastModified($lastModificationDate);
if ($response->isNotModified($request)) {
return $response;
}
$thumbnailsCacheExpires = (int) $config->get('cache.thumbnails');
if ($thumbnailsCacheExpires > 0) {
$response->setMaxAge($thumbnailsCacheExpires);
$expireTime = new \DateTime();
$expireTime->modify('+' . $thumbnailsCacheExpires . 'seconds');
$response->setExpires($expireTime);
}
$response->headers->set('Content-Type', $thumbnail->getMimeType() . '; name="' . $thumbnail->getFileName() . '"');
$response->setContent($thumbnail->getImageData());
return $response;
}
public function execute(WorkingFolder $workingFolder, Request $request, Config $config)
{
$fileName = $request->get('fileName');
$thumbnail = $request->get('thumbnail');
$fileNames = (array) $request->get('fileNames');
if (!empty($fileNames)) {
$urls = array();
foreach ($fileNames as $fileName) {
if (!File::isValidName($fileName, $config->get('disallowUnsafeCharacters'))) {
throw new InvalidRequestException(sprintf('Invalid file name: %s', $fileName));
}
$urls[$fileName] = $workingFolder->getFileUrl($fileName);
}
return array('urls' => $urls);
}
if (!File::isValidName($fileName, $config->get('disallowUnsafeCharacters')) || $thumbnail && !File::isValidName($thumbnail, $config->get('disallowUnsafeCharacters'))) {
throw new InvalidRequestException('Invalid file name');
}
if (!$workingFolder->containsFile($fileName)) {
throw new FileNotFoundException();
}
return array('url' => $workingFolder->getFileUrl($thumbnail ? Path::combine(ResizedImage::DIR, $fileName, $thumbnail) : $fileName));
}
public function isValid()
{
if (!$this->saveAsNew && !$this->exists()) {
throw new FileNotFoundException();
}
if ($this->newFileName) {
if (!File::isValidName($this->newFileName, $this->config->get('disallowUnsafeCharacters'))) {
throw new InvalidNameException('Invalid file name');
}
if ($this->workingFolder->containsFile($this->newFileName)) {
throw new AlreadyExistsException('File already exists');
}
if ($this->resourceType->getBackend()->isHiddenFile($this->newFileName)) {
throw new InvalidRequestException('New provided file name is hidden');
}
}
if (!$this->hasValidFilename() || !$this->hasValidPath()) {
throw new InvalidRequestException('Invalid filename or path');
}
if ($this->isHidden() || $this->hasHiddenPath()) {
throw new InvalidRequestException('Edited file is hidden');
}
return true;
}
/**
* Validates the renamed file.
*
* @return bool
*
* @throws \Exception
*/
public function isValid()
{
$newExtension = pathinfo($this->newFileName, PATHINFO_EXTENSION);
if (!$this->hasAllowedExtension()) {
throw new InvalidRequestException('Invalid source file extension');
}
if (!$this->resourceType->isAllowedExtension($newExtension)) {
throw new InvalidExtensionException('Invalid target file extension');
}
if (!$this->hasValidFilename() || $this->isHidden()) {
throw new InvalidRequestException('Invalid source file name');
}
if (!File::isValidName($this->newFileName, $this->config->get('disallowUnsafeCharacters')) || $this->resourceType->getBackend()->isHiddenFile($this->newFileName)) {
throw new InvalidNameException('Invalid target file name');
}
if (!$this->exists()) {
throw new FileNotFoundException();
}
return true;
}
/**
* Constructor.
*
* @param string $fileName
* @param string $folder
* @param ResourceType $resourceType
* @param CKFinder $app
*/
public function __construct($fileName, $folder, ResourceType $resourceType, CKFinder $app)
{
$this->folder = $folder;
$this->resourceType = $resourceType;
parent::__construct($fileName, $app);
}
/**
* @copydoc File::autorename()
*/
public function autorename(Backend $backend = null, $path = '')
{
return parent::autorename($this->workingFolder->getBackend(), $this->workingFolder->getPath());
}
/**
* Returns URL to given file
*
* @param string $fileName
* @param string|null $thumbnailFileName
*
* @throws FileNotFoundException
* @throws InvalidExtensionException
* @throws InvalidRequestException
*
* @return null|string
*/
public function getFileUrl($fileName, $thumbnailFileName = null)
{
$config = $this->app['config'];
if (!File::isValidName($fileName, $config->get('disallowUnsafeCharacters'))) {
throw new InvalidRequestException('Invalid file name');
}
if ($thumbnailFileName) {
if (!File::isValidName($thumbnailFileName, $config->get('disallowUnsafeCharacters'))) {
throw new InvalidRequestException('Invalid thumbnail file name');
}
if (!$this->resourceType->isAllowedExtension(pathinfo($thumbnailFileName, PATHINFO_EXTENSION))) {
throw new InvalidExtensionException('Invalid thumbnail file name');
}
}
if (!$this->containsFile($fileName)) {
throw new FileNotFoundException();
}
return $this->backend->getFileUrl($this->resourceType, $this->getClientCurrentFolder(), $fileName, $thumbnailFileName);
}
/**
* Checks if current working folder contains a file with given name
*
* @param string $fileName
*
* @return bool
*/
public function containsFile($fileName)
{
$backend = $this->getBackend();
if (!File::isValidName($fileName, $this->app['config']->get('disallowUnsafeCharacters')) || $backend->isHiddenFile($fileName)) {
return false;
}
$filePath = Path::combine($this->getPath(), $fileName);
return $backend->has($filePath);
}
public function execute(Request $request, WorkingFolder $workingFolder, EventDispatcher $dispatcher, Config $config)
{
$fileName = (string) $request->query->get('fileName');
$thumbnailFileName = (string) $request->query->get('thumbnail');
if (!File::isValidName($fileName, $config->get('disallowUnsafeCharacters'))) {
throw new InvalidRequestException(sprintf('Invalid file name: %s', $fileName));
}
$cacheLifetime = (int) $request->query->get('cache');
if (!$workingFolder->containsFile($fileName)) {
throw new FileNotFoundException();
}
if ($thumbnailFileName) {
if (!File::isValidName($thumbnailFileName, $config->get('disallowUnsafeCharacters'))) {
throw new InvalidRequestException(sprintf('Invalid resized image file name: %s', $fileName));
}
if (!$workingFolder->getResourceType()->isAllowedExtension(pathinfo($thumbnailFileName, PATHINFO_EXTENSION))) {
throw new InvalidExtensionException();
}
$resizedImageRespository = $this->app->getResizedImageRepository();
$file = $resizedImageRespository->getExistingResizedImage($workingFolder->getResourceType(), $workingFolder->getClientCurrentFolder(), $fileName, $thumbnailFileName);
$dataStream = $file->readStream();
} else {
$file = new DownloadedFile($fileName, $this->app);
$file->isValid();
$dataStream = $workingFolder->readStream($file->getFilename());
}
$proxyDownload = new ProxyDownloadEvent($this->app, $file);
$dispatcher->dispatch(CKFinderEvent::PROXY_DOWNLOAD, $proxyDownload);
if ($proxyDownload->isPropagationStopped()) {
throw new AccessDeniedException();
}
$response = new StreamedResponse();
$response->headers->set('Content-Type', $file->getMimeType());
$response->headers->set('Content-Length', $file->getSize());
$response->headers->set('Content-Disposition', 'inline; filename="' . $fileName . '"');
if ($cacheLifetime > 0) {
Utils::removeSessionCacheHeaders();
$response->setPublic();
$response->setEtag(dechex($file->getTimestamp()) . "-" . dechex($file->getSize()));
$lastModificationDate = new \DateTime();
$lastModificationDate->setTimestamp($file->getTimestamp());
$response->setLastModified($lastModificationDate);
if ($response->isNotModified($request)) {
return $response;
}
$response->setMaxAge($cacheLifetime);
$expireTime = new \DateTime();
$expireTime->modify('+' . $cacheLifetime . 'seconds');
$response->setExpires($expireTime);
}
$chunkSize = 1024 * 100;
$response->setCallback(function () use($dataStream, $chunkSize) {
if ($dataStream === false) {
return false;
}
while (!feof($dataStream)) {
echo fread($dataStream, $chunkSize);
flush();
@set_time_limit(8);
}
return true;
});
return $response;
}
