/** * Extract the downloaded archive from tmp directory, return the bouquet directory * If the file does not exist, throw an exception * * @param $file * @throws \Exception */ private function extract($file) { if (file_exists($file)) { $unzip = new Unzip(); $unzip->extract($file, $this->tmpDir); $this->renameDirectory(); } else { throw new \RuntimeException("File not found"); } }
/** * .zip file contains a file with an absolute path */ public function test_absolutePathAttack() { $extractDir = __DIR__ . '/fixtures/tmp/'; $test = 'zaabs'; $filename = __DIR__ . '/fixtures/' . $test . '.zip'; $unzip = new Unzip(); try { $res = $unzip->extract($filename, $extractDir); $this->fail(); } catch (\Exception $e) { $this->assertEquals('Invalid filename path in zip archive', $e->getMessage()); } $this->assertFalse(isset($res)); $this->assertFileNotExists($extractDir . $test . '.txt'); $this->assertFileNotExists(dirname(__FILE__) . '/' . $test . '.txt'); }
protected function execute(InputInterface $input, OutputInterface $output) { $tempDir = $this->context->parameters['tempDir']; //$downloader = $this->context->getByType(Downloader::class); $zip = $this->downloader->download(); $tempFile = $tempDir . '/translations.zip'; file_put_contents($tempFile, $zip); $unzip = new Unzip(); try { $unzip->extract($tempFile, $this->outputFolder); $catalogueCompiler = $this->context->getByType(CatalogueCompiler::class); $catalogueCompiler->invalidateCache(); $output->writeln('<info>Downloaded</info>'); } catch (\Exception $e) { $output->writeln('<error>' . $e->getMessage() . '</error>'); } finally { unlink($tempFile); } }
public function download($pluginHandle) { Craft::log(__METHOD__, LogLevel::Info, true); // ------------------------------- // Get ready to download & unzip // ------------------------------- $return = array('success' => false); $filesystem = new Filesystem(); $pluginComponent = craft()->plugins->getPlugin($pluginHandle, false); // plugin path $pluginZipDir = CRAFT_PLUGINS_PATH . "_" . $pluginHandle . "/"; $pluginZipPath = CRAFT_PLUGINS_PATH . "_" . $pluginHandle . ".zip"; // remote plugin zip url $remotePlugin = $this->_getRemotePlugin($pluginHandle); if (!$remotePlugin) { $return['msg'] = "Couldn't get plugin last version"; Craft::log(__METHOD__ . ' : Could not get last version', LogLevel::Info, true); return $return; } $remotePluginZipUrl = $remotePlugin['xml']->enclosure['url']; // ------------------------------- // Download & Install // ------------------------------- try { // download remotePluginZipUrl to pluginZipPath $zipContents = file_get_contents($remotePluginZipUrl); file_put_contents($pluginZipPath, $zipContents); // unzip pluginZipPath into pluginZipDir $unzipper = new Unzip(); $contents = $unzipper->extract($pluginZipPath, $pluginZipDir); // remove current files // make a backup of existing plugin (to storage ?) ? $filesystem->rename(CRAFT_PLUGINS_PATH . $pluginHandle, CRAFT_PLUGINS_PATH . '_old_' . $pluginHandle); // move new files to final destination $filesystem->rename($pluginZipDir . $contents[0] . '/' . $pluginHandle . '/', CRAFT_PLUGINS_PATH . $pluginHandle); } catch (\Exception $e) { $return['msg'] = $e->getMessage(); Craft::log(__METHOD__ . ' : Crashed : ' . $e->getMessage(), LogLevel::Info, true); return $return; } // remove download files try { $filesystem->remove($pluginZipDir); $filesystem->remove(CRAFT_PLUGINS_PATH . '_old_' . $pluginHandle); if (!IOHelper::deleteFile($pluginZipPath)) { Craft::log(__METHOD__ . ' : Crashed : ' . "Could not remove plugin zip file", LogLevel::Info, true); } } catch (\Exception $e) { $return['msg'] = $e->getMessage(); Craft::log(__METHOD__ . ' : Crashed : ' . $e->getMessage(), LogLevel::Info, true); return $return; } Craft::log(__METHOD__ . ' : Success : ', LogLevel::Info, true); $return['success'] = true; return $return; }