function check()
{
if (isset($_FILES[$this->ref])) {
$this->fileInfo = $_FILES[$this->ref];
} else {
$this->fileInfo = array('name' => '', 'type' => '', 'size' => 0, 'tmp_name' => '', 'error' => UPLOAD_ERR_NO_FILE);
}
if ($this->fileInfo['error'] == UPLOAD_ERR_NO_FILE) {
if ($this->required) {
return $this->container->errors[$this->ref] = jForms::ERRDATA_REQUIRED;
}
} else {
if ($this->fileInfo['error'] == UPLOAD_ERR_NO_TMP_DIR || $this->fileInfo['error'] == UPLOAD_ERR_CANT_WRITE) {
return $this->container->errors[$this->ref] = jForms::ERRDATA_FILE_UPLOAD_ERROR;
}
if ($this->fileInfo['error'] == UPLOAD_ERR_INI_SIZE || $this->fileInfo['error'] == UPLOAD_ERR_FORM_SIZE || $this->maxsize && $this->fileInfo['size'] > $this->maxsize) {
return $this->container->errors[$this->ref] = jForms::ERRDATA_INVALID_FILE_SIZE;
}
if ($this->fileInfo['error'] == UPLOAD_ERR_PARTIAL || !is_uploaded_file($this->fileInfo['tmp_name'])) {
return $this->container->errors[$this->ref] = jForms::ERRDATA_INVALID;
}
if (count($this->mimetype)) {
$this->fileInfo['type'] = jFile::getMimeType($this->fileInfo['tmp_name']);
if ($this->fileInfo['type'] == 'application/octet-stream') {
// let's try with the name
$this->fileInfo['type'] = jFile::getMimeTypeFromFilename($this->fileInfo['name']);
}
if (!in_array($this->fileInfo['type'], $this->mimetype)) {
return $this->container->errors[$this->ref] = jForms::ERRDATA_INVALID_FILE_TYPE;
}
}
}
return null;
}
function check()
{
if (isset($_FILES[$this->ref])) {
$this->fileInfo = $_FILES[$this->ref];
} else {
$this->fileInfo = array('name' => '', 'type' => '', 'size' => 0, 'tmp_name' => '', 'error' => UPLOAD_ERR_NO_FILE);
}
if ($this->fileInfo['error'] == UPLOAD_ERR_NO_FILE) {
if ($this->required) {
return $this->container->errors[$this->ref] = jForms::ERRDATA_REQUIRED;
}
} else {
if ($this->fileInfo['error'] != UPLOAD_ERR_OK || !is_uploaded_file($this->fileInfo['tmp_name'])) {
return $this->container->errors[$this->ref] = jForms::ERRDATA_INVALID;
}
if ($this->maxsize && $this->fileInfo['size'] > $this->maxsize) {
return $this->container->errors[$this->ref] = jForms::ERRDATA_INVALID;
}
if (count($this->mimetype)) {
$this->fileInfo['type'] = jFile::getMimeType($this->fileInfo['tmp_name']);
if (!in_array($this->fileInfo['type'], $this->mimetype)) {
return $this->container->errors[$this->ref] = jForms::ERRDATA_INVALID;
}
}
}
return null;
}
/**
* Get a media file (image, html, csv, pdf, etc.) store in the repository.
* Used to display media in the popup, via the information icon, etc.
*
* @param string $repository Repository of the project.
* @param string $project Project key.
* @param string $path Path to the media relative to the project file.
* @return binary object The media.
*/
function getMedia()
{
// Get repository data
$repository = $this->param('repository');
$lrep = lizmap::getRepository($repository);
if (!jAcl2::check('lizmap.repositories.view', $lrep->getKey())) {
$rep = $this->getResponse('redirect');
$rep->action = 'view~default:error';
jMessage::add(jLocale::get('view~default.repository.access.denied'), 'error');
return $rep;
}
// Get the project
$project = $this->param('project');
// Get the file
$path = $this->param('path');
$repositoryPath = realpath($lrep->getPath());
$abspath = realpath($repositoryPath . '/' . $path);
$n_repositoryPath = str_replace('\\', '/', $repositoryPath);
$n_abspath = str_replace('\\', '/', $abspath);
$ok = True;
// Only allow files within the repository for safety reasons
// and in the media folder
if (!preg_match("#^" . $n_repositoryPath . "(/)?media/#", $n_abspath)) {
$ok = False;
}
// Check if file exists
if ($ok and !file_exists($abspath)) {
$ok = False;
}
// Redirect if errors
if (!$ok) {
$content = "No media file in the specified path";
$rep = $this->getResponse('text');
$rep->content = $content;
return $rep;
}
// Prepare the file to return
$rep = $this->getResponse('binary');
$rep->doDownload = false;
$rep->fileName = $abspath;
// Get the name of the file
$path_parts = pathinfo($abspath);
$ext = $path_parts['extension'];
$name = $path_parts['basename'] . '.' . $ext;
$rep->outputFileName = $name;
// Get the mime type
$mime = jFile::getMimeType($abspath);
if ($mime == 'text/plain') {
if ($ext == 'css') {
$mime = 'text/css';
}
if ($ext == 'js') {
$mime = 'text/javascript';
}
}
if ($mime) {
$rep->mimeType = $mime;
}
$mimeTextArray = array('text/html', 'text/text');
if (in_array($mime, $mimeTextArray)) {
$content = jFile::read($abspath);
$rep->fileName = Null;
$rep->content = $content;
}
$rep->setExpires('+60 seconds');
return $rep;
}
/**
* Get a media file (image, html, csv, pdf, etc.) store in the repository.
* Used to display media in the popup, via the information icon, etc.
*
* @param string $repository Repository of the project.
* @param string $project Project key.
* @param string $path Path to the media relative to the project file.
* @return binary object The media.
*/
function getMedia()
{
// Get repository data
$repository = $this->param('repository');
$lrep = lizmap::getRepository($repository);
if (!$lrep) {
return $this->error404('');
}
if (!jAcl2::check('lizmap.repositories.view', $lrep->getKey())) {
return $this->error403(jLocale::get('view~default.repository.access.denied'));
}
// Get the project
$project = $this->param('project');
// Get lizmapProject class
try {
$lproj = lizmap::getProject($lrep->getKey() . '~' . $project);
if (!$lproj) {
return $this->error404('The lizmapProject ' . strtoupper($project) . ' does not exist !');
}
} catch (UnknownLizmapProjectException $e) {
jLog::logEx($e, 'error');
return $this->error404('The lizmapProject ' . strtoupper($project) . ' does not exist !');
}
// Redirect if no right to access the project
if (!$lproj->checkAcl()) {
return $this->error403(jLocale::get('view~default.repository.access.denied'));
}
// Get the file
$path = $this->param('path');
$repositoryPath = realpath($lrep->getPath());
$abspath = realpath($repositoryPath . '/' . $path);
$n_repositoryPath = str_replace('\\', '/', $repositoryPath);
$n_abspath = $n_repositoryPath . '/' . trim($path, '/');
//manually canonize path to authorize symlink
$n_abspath = explode('/', $n_abspath);
$n_keys = array_keys($n_abspath, '..');
foreach ($n_keys as $keypos => $key) {
array_splice($address, $key - ($keypos * 2 + 1), 2);
}
$n_abspath = implode('/', $n_abspath);
$n_abspath = str_replace('./', '', $n_abspath);
$ok = True;
// Only allow files within the repository for safety reasons
// and in the media folder
if (!preg_match("#^" . $n_repositoryPath . "(/)?media/#", $n_abspath)) {
$ok = False;
}
// Check if file exists
if ($ok && !is_file($abspath)) {
$ok = False;
}
// Redirect if errors
if (!$ok) {
$content = "No media file in the specified path: " . $path;
if (is_link($repositoryPath . '/' . $path)) {
$content .= " " . readlink($repositoryPath . '/' . $path);
}
return $this->error404($content);
}
// Prepare the file to return
$rep = $this->getResponse('binary');
$rep->doDownload = false;
$rep->fileName = $abspath;
// Get the name of the file
$path_parts = pathinfo($abspath);
if (isset($path_parts['extension'])) {
$rep->outputFileName = $path_parts['basename'] . '.' . $path_parts['extension'];
} else {
$rep->outputFileName = $path_parts['basename'];
}
// Get the mime type
$mime = jFile::getMimeType($abspath);
if ($mime == 'text/plain') {
if ($ext == 'css') {
$mime = 'text/css';
}
if ($ext == 'js') {
$mime = 'text/javascript';
}
}
if ($mime) {
$rep->mimeType = $mime;
}
$mimeTextArray = array('text/html', 'text/text');
if (in_array($mime, $mimeTextArray)) {
$content = jFile::read($abspath);
$rep->fileName = Null;
$rep->content = $content;
}
$rep->setExpires('+60 seconds');
return $rep;
}