/** * @throws SMSConfigurationException * @version : v0.1 */ public function setup() { $fileNamespace = $this->getXMLFileNamespace(); $vendor = RootClassLoader::getVendor($fileNamespace); $libPath = RootClassLoader::getLoaderByVendor($vendor)->getRootPath(); $basePath = str_replace('\\', '/', RootClassLoader::getNamespaceWithoutVendor($fileNamespace)); $filename = $this->getXMLFilename(); $fullPath = $libPath . (empty($basePath) ? '' : '/' . $basePath) . '/' . $filename; if (!file_exists($fullPath)) { throw new SMSConfigurationException('[SMSXMLMapper::setup()] XML file "' . $filename . '" in namespace "' . $fileNamespace . '" could not be found. (Full path: "' . $fullPath . '").', E_USER_ERROR); } $this->XML_DOMDocument = new \DOMDocument(); $this->XML_DOMDocument->load($fullPath); // we need to validate the document, to let the DTD be parsed and the id attribute be recognized as id by DOMDocument::getElementById(). // do not care about failures this time $this->XML_DOMDocument->validate(); }
public function run() { // Bug 782: read params and sanitize them to avoid security issues $namespace = $this->getSanitizedNamespace(); $fileBody = $this->getSanitizedFileBody(); $extension = $this->getSanitizedExtension(); $fileName = $fileBody . '.' . $extension; // Bug 782: check for allowed extension to avoid access to configuration files. $allowedExtensions = $this->getAllowedExtensions(); if ($this->isAllowedExtension($allowedExtensions, $extension)) { // ID#107: get specific vendor and map to root path instead of APF-only $vendor = RootClassLoader::getVendor($namespace); $rootPath = RootClassLoader::getLoaderByVendor($vendor)->getRootPath(); // Re-map namespace since as of 2.0 it contains the vendor that // refers to the root path. Keeping the vendor would cause the // sub-path to map to the wrong folder. $namespace = str_replace($vendor . '\\', '', $namespace); $filePath = $rootPath . '/' . str_replace('\\', '/', $namespace) . '/' . $fileName; if (file_exists($filePath)) { // map extension to known mime type $contentType = $this->getMimeType($allowedExtensions, $extension); // send desired header $response = $this->getResponse(); $response->setHeader(new HeaderImpl('Content-Type', $contentType)); // send headers to allow caching $delta = 7 * 24 * 60 * 60; // caching for 7 days $response->setHeader(new HeaderImpl('Cache-Control', 'public; max-age=' . $delta)); $modifiedDate = date('D, d M Y H:i:s \\G\\M\\T', time()); $response->setHeader(new HeaderImpl('Last-Modified', '' . $modifiedDate)); $expiresDate = date('D, d M Y H:i:s \\G\\M\\T', time() + $delta); $response->setHeader(new HeaderImpl('Expires', '' . $expiresDate)); $response->send(false); @readfile($filePath); exit; } else { throw new Exception('File with name "' . $fileName . '" cannot be found under sub-path "' . $namespace . '"!'); } } throw new Exception('You are not allowed to request "' . $fileName . '" under sub-path "' . $namespace . '"!'); }
public function testGetVendor() { $this->assertEquals('APF', RootClassLoader::getVendor('APF\\StandardClassLoader')); $this->assertEquals('APF', RootClassLoader::getVendor('APF\\core\\loader\\StandardClassLoader')); }