private function validateUploadedFile($file) { // check the POST data array if (empty($file)) { throw new InvalidArgumentException('Upload Failed: No data'); } // tmp name must exist if (empty($file['tmp_name'])) { throw new InvalidArgumentException('Upload Failed: No data'); } // check for tmp_name and is valid uploaded file if (!is_uploaded_file($file['tmp_name'])) { @unlink($file['tmp_name']); throw new InvalidArgumentException('Upload Failed: Not an uploaded file'); } $upload = $this->get('upload'); // remove exif data if (!empty($upload['remove_exif']) && preg_match('#\\.(jpg|jpeg|png)$#i', $file['name'])) { if (WFUtility::removeExifData($file['tmp_name']) === false) { @unlink($file['tmp_name']); throw new InvalidArgumentException(WFText::_('WF_MANAGER_UPLOAD_EXIF_REMOVE_ERROR')); } } // check file for various issues if (WFUtility::isSafeFile($file) !== true) { @unlink($file['tmp_name']); throw new InvalidArgumentException('Upload Failed: Invalid file'); } // get extension $ext = WFUtility::getExtension($file['name']); // check extension is allowed $allowed = $this->getFileTypes('array'); if (is_array($allowed) && !empty($allowed) && in_array(strtolower($ext), $allowed) === false) { @unlink($file['tmp_name']); throw new InvalidArgumentException(WFText::_('WF_MANAGER_UPLOAD_INVALID_EXT_ERROR')); } $size = round(filesize($file['tmp_name']) / 1024); if (empty($upload['max_size'])) { $upload['max_size'] = 1024; } // validate size if ($size > (int) $upload['max_size']) { @unlink($file['tmp_name']); throw new InvalidArgumentException(WFText::sprintf('WF_MANAGER_UPLOAD_SIZE_ERROR', $file['name'], $size, $upload['max_size'])); } // validate mimetype if ($upload['validate_mimetype']) { wfimport('editor.libraries.classes.mime'); if (WFMimeType::check($file['name'], $file['tmp_name']) === false) { @unlink($file['tmp_name']); throw new InvalidArgumentException(WFText::_('WF_MANAGER_UPLOAD_MIME_ERROR')); } } }
private function validateUploadedFile($file) { // check the POST data array if (empty($file)) { throw new InvalidArgumentException('INVALID UPLOAD DATA'); } // tmp name must exist if (empty($file['tmp_name'])) { throw new InvalidArgumentException('INVALID UPLOAD DATA'); } // check for tmp_name and is valid uploaded file if (!is_uploaded_file($file['tmp_name'])) { @unlink($file['tmp_name']); throw new InvalidArgumentException('INVALID UPLOAD DATA'); } if (WFUtility::isSafeFile($file) !== true) { @unlink($file['tmp_name']); throw new InvalidArgumentException('INVALID UPLOAD DATA'); } if (WFUtility::validateFileName($file['name']) === false) { @unlink($file['tmp_name']); throw new InvalidArgumentException('INVALID UPLOAD DATA'); } // get extension $ext = WFUtility::getExtension($file['name']); // check extension is allowed $allowed = $this->getFileTypes('array'); if (is_array($allowed) && !empty($allowed) && in_array(strtolower($ext), $allowed) === false) { @unlink($file['tmp_name']); throw new InvalidArgumentException(WFText::_('WF_MANAGER_UPLOAD_INVALID_EXT_ERROR')); } // validate image if (preg_match('#\\.(jpeg|jpg|jpe|png|gif|wbmp|bmp|tiff|tif|webp|psd|swc|iff|jpc|jp2|jpx|jb2|xbm|ico|xcf|odg)$#i', $file['name'])) { if (@getimagesize($file['tmp_name']) === false) { @unlink($file['tmp_name']); throw new InvalidArgumentException('INVALID IMAGE FILE'); } } $upload = $this->get('upload'); $size = round(filesize($file['tmp_name']) / 1024); if (empty($upload['max_size'])) { $upload['max_size'] = 1024; } // validate size if ($size > (int) $upload['max_size']) { @unlink($file['tmp_name']); throw new InvalidArgumentException(WFText::sprintf('WF_MANAGER_UPLOAD_SIZE_ERROR', $file['name'], $size, $upload['max_size'])); } // validate mimetype if ($upload['validate_mimetype']) { wfimport('editor.libraries.classes.mime'); if (WFMimeType::check($file['name'], $file['tmp_name']) === false) { @unlink($file['tmp_name']); throw new InvalidArgumentException('INVALID MIME TYPE'); } } // check for html tags in files (IE XSS bug) if (!preg_match('#\\.(htm|html|xml|txt)$#i', $file['name'])) { $data = JFile::read($file['tmp_name'], false, 256); $tags = 'a,abbr,acronym,address,area,b,base,bdo,big,blockquote,body,br,button,caption,cite,code,col,colgroup,dd,del,dfn,div,dl,dt,em,fieldset,form,h1,h2,h3,h4,h5,h6,head,hr,html,i,img,input,ins,kbd,label,legend,li,link,map,meta,noscript,object,ol,optgroup,option,p,param,pre,q,samp,script,select,small,span,strong,style,sub,sup,table,tbody,td,textarea,tfoot,th,thead,title,tr,tt,ul,var'; foreach (explode(',', $tags) as $tag) { // check for tag eg: <body> or <body if (stripos($data, '<' . $tag . '>') !== false || stripos($data, '<' . $tag . ' ') !== false) { @unlink($file['tmp_name']); throw new InvalidArgumentException('INVALID TAG IN FILE'); } } } }