public function execute(Request $request, WorkingFolder $workingFolder, Config $config, CacheManager $cache) { $fileName = (string) $request->get('fileName'); if (null === $fileName || !File::isValidName($fileName, $config->get('disallowUnsafeCharacters'))) { throw new InvalidRequestException('Invalid file name'); } if (!Image::isSupportedExtension(pathinfo($fileName, PATHINFO_EXTENSION))) { throw new InvalidNameException('Invalid source file name'); } if (!$workingFolder->containsFile($fileName)) { throw new FileNotFoundException(); } $cachePath = Path::combine($workingFolder->getResourceType()->getName(), $workingFolder->getClientCurrentFolder(), $fileName); $imageInfo = array(); $cachedInfo = $cache->get($cachePath); if ($cachedInfo && isset($cachedInfo['width']) && isset($cachedInfo['height'])) { $imageInfo = $cachedInfo; } else { $file = new DownloadedFile($fileName, $this->app); if ($file->isValid()) { $image = Image::create($file->getContents()); $imageInfo = $image->getInfo(); $cache->set($cachePath, $imageInfo); } } return $imageInfo; }
public function execute(Request $request, WorkingFolder $workingFolder, EventDispatcher $dispatcher, CacheManager $cache, ResizedImageRepository $resizedImageRepository, ThumbnailRepository $thumbnailRepository, Acl $acl) { $fileName = (string) $request->query->get('fileName'); $editedImage = new EditedImage($fileName, $this->app); $saveAsNew = false; if (!$editedImage->exists()) { $saveAsNew = true; $editedImage->saveAsNew(true); } else { // If file exists check for FILE_DELETE permission $resourceTypeName = $workingFolder->getResourceType()->getName(); $path = $workingFolder->getClientCurrentFolder(); if (!$acl->isAllowed($resourceTypeName, $path, Permission::FILE_DELETE)) { throw new UnauthorizedException(sprintf('Unauthorized: no FILE_DELETE permission in %s:%s', $resourceTypeName, $path)); } } if (!Image::isSupportedExtension($editedImage->getExtension())) { throw new InvalidExtensionException('Unsupported image type or not image file'); } $imageFormat = Image::mimeTypeFromExtension($editedImage->getExtension()); $uploadedData = (string) $request->request->get('content'); if (null === $uploadedData || strpos($uploadedData, 'data:image/png;base64,') !== 0) { throw new InvalidUploadException('Invalid upload. Expected base64 encoded PNG image.'); } $data = explode(',', $uploadedData); $data = isset($data[1]) ? base64_decode($data[1]) : false; if (!$data) { throw new InvalidUploadException(); } try { $uploadedImage = Image::create($data); } catch (\Exception $e) { // No need to check if secureImageUploads is enabled - image must be valid here throw new InvalidUploadException('Invalid upload: corrupted image', Error::UPLOADED_CORRUPT, array(), $e); } $editedImage->setNewContents($uploadedImage->getData($imageFormat)); $editedImage->setNewDimensions($uploadedImage->getWidth(), $uploadedImage->getHeight()); if (!$editedImage->isValid()) { throw new InvalidUploadException('Invalid file provided'); } $editFileEvent = new EditFileEvent($this->app, $editedImage); $imageInfo = $uploadedImage->getInfo(); $cache->set(Path::combine($workingFolder->getResourceType()->getName(), $workingFolder->getClientCurrentFolder(), $fileName), $uploadedImage->getInfo()); $dispatcher->dispatch(CKFinderEvent::SAVE_IMAGE, $editFileEvent); $saved = false; if (!$editFileEvent->isPropagationStopped()) { $saved = $editedImage->save($editFileEvent->getNewContents()); if (!$saved) { throw new AccessDeniedException("Couldn't save image file"); } //Remove thumbnails and resized images in case if file is overwritten if (!$saveAsNew && $saved) { $resourceType = $workingFolder->getResourceType(); $thumbnailRepository->deleteThumbnails($resourceType, $workingFolder->getClientCurrentFolder(), $fileName); $resizedImageRepository->deleteResizedImages($resourceType, $workingFolder->getClientCurrentFolder(), $fileName); } } return array('saved' => (int) $saved, 'date' => Utils::formatDate(time()), 'size' => Utils::formatSize($imageInfo['size'])); }
public function execute(Request $request, WorkingFolder $workingFolder) { // The root folder cannot be renamed. if ($workingFolder->getClientCurrentFolder() === '/') { throw new InvalidRequestException('Cannot rename resource type root folder'); } $newFolderName = $request->query->get('newFolderName'); return $workingFolder->rename($newFolderName); }
/** * Main command method. * * @param Request $request Current request object * @param WorkingFolder $workingFolder Current working folder object * * @return array * * @throws \Exception */ public function execute(Request $request, WorkingFolder $workingFolder) { $fileName = $request->get('fileName'); $backend = $workingFolder->getBackend(); if (!$workingFolder->containsFile($fileName)) { throw new \Exception('File not found', Error::FILE_NOT_FOUND); } $fileMetadada = $backend->getMetadata(Path::combine($workingFolder->getPath(), $fileName)); return $fileMetadada; }
public function execute(Request $request, WorkingFolder $workingFolder, EventDispatcher $dispatcher, Config $config, CacheManager $cache, ThumbnailRepository $thumbsRepository) { // Don't add info about current folder to this command response $workingFolder->omitResponseInfo(); $responseData = parent::execute($request, $workingFolder, $dispatcher, $config, $cache, $thumbsRepository); // Get url to a file if (isset($responseData['fileName'])) { $responseData['url'] = $workingFolder->getFileUrl($responseData['fileName']); } return $responseData; }
public function execute(Request $request, WorkingFolder $workingFolder, EventDispatcher $dispatcher) { $newFolderName = (string) $request->query->get('newFolderName', ''); $createFolderEvent = new CreateFolderEvent($this->app, $workingFolder, $newFolderName); $dispatcher->dispatch(CKFinderEvent::CREATE_FOLDER, $createFolderEvent); $created = false; if (!$createFolderEvent->isPropagationStopped()) { $newFolderName = $createFolderEvent->getNewFolderName(); $created = $workingFolder->createDir($newFolderName); } return array('newFolder' => $newFolderName, 'created' => (int) $created); }
public function execute(Request $request, Config $config, WorkingFolder $workingFolder, ResizedImageRepository $resizedImageRepository, CacheManager $cache) { $fileName = (string) $request->query->get('fileName'); list($requestedWidth, $requestedHeight) = Image::parseSize((string) $request->get('size')); $downloadedFile = new DownloadedFile($fileName, $this->app); $downloadedFile->isValid(); if (!Image::isSupportedExtension(pathinfo($fileName, PATHINFO_EXTENSION), $config->get('thumbnails.bmpSupported'))) { throw new InvalidExtensionException('Unsupported image type or not image file'); } Utils::removeSessionCacheHeaders(); $response = new Response(); $response->setPublic(); $response->setEtag(dechex($downloadedFile->getTimestamp()) . "-" . dechex($downloadedFile->getSize())); $lastModificationDate = new \DateTime(); $lastModificationDate->setTimestamp($downloadedFile->getTimestamp()); $response->setLastModified($lastModificationDate); if ($response->isNotModified($request)) { return $response; } $imagePreviewCacheExpires = (int) $config->get('cache.imagePreview'); if ($imagePreviewCacheExpires > 0) { $response->setMaxAge($imagePreviewCacheExpires); $expireTime = new \DateTime(); $expireTime->modify('+' . $imagePreviewCacheExpires . 'seconds'); $response->setExpires($expireTime); } $cachedInfoPath = Path::combine($workingFolder->getResourceType()->getName(), $workingFolder->getClientCurrentFolder(), $fileName); $cachedInfo = $cache->get($cachedInfoPath); $resultImage = null; // Try to reuse existing resized image if ($cachedInfo && isset($cachedInfo['width']) && isset($cachedInfo['height'])) { // Fix received aspect ratio $size = Image::calculateAspectRatio($requestedWidth, $requestedHeight, $cachedInfo['width'], $cachedInfo['height']); $resizedImage = $resizedImageRepository->getResizedImageBySize($workingFolder->getResourceType(), $workingFolder->getClientCurrentFolder(), $fileName, $size['width'], $size['height']); if ($resizedImage) { $resultImage = Image::create($resizedImage->getImageData()); } } // Fallback - get and resize the original image if (null === $resultImage) { $resultImage = Image::create($downloadedFile->getContents(), $config->get('thumbnails.bmpSupported')); $cache->set($cachedInfoPath, $resultImage->getInfo()); $resultImage->resize($requestedWidth, $requestedHeight); } $mimeType = $resultImage->getMimeType(); if (in_array($mimeType, array('image/bmp', 'image/x-ms-bmp'))) { $mimeType = 'image/jpeg'; // Image::getData() by default converts resized images to JPG } $response->headers->set('Content-Type', $mimeType . '; name="' . $downloadedFile->getFileName() . '"'); $response->setContent($resultImage->getData()); return $response; }
public function execute(Request $request, WorkingFolder $workingFolder, Config $config, ResizedImageRepository $resizedImageRepository) { $fileName = $request->get('fileName'); if (null === $fileName || !File::isValidName($fileName, $config->get('disallowUnsafeCharacters'))) { throw new InvalidRequestException('Invalid file name'); } $ext = strtolower(pathinfo($fileName, PATHINFO_EXTENSION)); if (!Image::isSupportedExtension($ext)) { throw new InvalidNameException('Invalid source file name'); } list($requestedWidth, $requestedHeight) = Image::parseSize($request->get('size')); $resizedImage = $resizedImageRepository->getResizedImage($workingFolder->getResourceType(), $workingFolder->getClientCurrentFolder(), $fileName, $requestedWidth, $requestedHeight); return array('url' => $resizedImage->getUrl()); }
public function execute(WorkingFolder $workingFolder, Request $request) { $fileName = (string) $request->get('fileName'); $thumbnail = (string) $request->get('thumbnail'); $fileNames = (array) $request->get('fileNames'); if (!empty($fileNames)) { $urls = array(); foreach ($fileNames as $fileName) { $urls[$fileName] = $workingFolder->getFileUrl($fileName); } return array('urls' => $urls); } return array('url' => $workingFolder->getFileUrl($fileName, $thumbnail)); }
public function execute(Request $request, WorkingFolder $workingFolder, EventDispatcher $dispatcher) { // The root folder cannot be renamed. if ($workingFolder->getClientCurrentFolder() === '/') { throw new InvalidRequestException('Cannot rename resource type root folder'); } $newFolderName = (string) $request->query->get('newFolderName'); $renameFolderEvent = new RenameFolderEvent($this->app, $workingFolder, $newFolderName); $dispatcher->dispatch(CKFinderEvent::RENAME_FOLDER, $renameFolderEvent); if (!$renameFolderEvent->isPropagationStopped()) { $newFolderName = $renameFolderEvent->getNewFolderName(); return $workingFolder->rename($newFolderName); } return array('renamed' => 0); }
public function execute(WorkingFolder $workingFolder) { $data = new \stdClass(); $files = $workingFolder->listFiles(); $data->files = array(); foreach ($files as $file) { $fileObject = array('name' => $file['basename'], 'date' => Utils::formatDate($file['timestamp']), 'size' => Utils::formatSize($file['size'])); $data->files[] = $fileObject; } // Sort files usort($data->files, function ($a, $b) { return strnatcasecmp($a['name'], $b['name']); }); return $data; }
public function execute(WorkingFolder $workingFolder) { $directories = $workingFolder->listDirectories(); $data = new \stdClass(); $data->folders = array(); $backend = $workingFolder->getBackend(); $resourceType = $workingFolder->getResourceType(); foreach ($directories as $directory) { $data->folders[] = array('name' => $directory['basename'], 'hasChildren' => $backend->containsDirectories($resourceType, Path::combine($workingFolder->getClientCurrentFolder(), $directory['basename'])), 'acl' => $directory['acl']); } // Sort folders usort($data->folders, function ($a, $b) { return strnatcasecmp($a['name'], $b['name']); }); return $data; }
/** * Copies current file * * @param string $copyOptions defines copy options in case if file already exists * in target directory: * - autorename - renames current file (see File::autorename()) * - overwrite - overwrites existing file * * @return bool true if file was copied successfully * * @throws \Exception */ public function doCopy($copyOptions) { $originalFileStream = $this->getContentsStream(); $originalFileName = $this->getFilename(); // Don't copy file to itself if ($this->targetFolder->getBackend() === $this->resourceType->getBackend() && $this->targetFolder->getPath() === $this->getPath()) { $this->addError(Error::SOURCE_AND_TARGET_PATH_EQUAL); return false; // Check if file already exists in target backend dir } elseif ($this->targetFolder->containsFile($this->getFilename()) && strpos($copyOptions, 'overwrite') === false) { if (strpos($copyOptions, 'autorename') !== false) { $this->autorename(); } else { $this->addError(Error::ALREADY_EXIST); return false; } } if ($this->targetFolder->putStream($this->getFilename(), $originalFileStream)) { $resizedImageRepository = $this->resourceType->getResizedImageRepository(); $resizedImageRepository->copyResizedImages($this->resourceType, $this->folder, $originalFileName, $this->targetFolder->getResourceType(), $this->targetFolder->getClientCurrentFolder(), $this->getFilename()); $this->getCache()->copy(Path::combine($this->resourceType->getName(), $this->folder, $originalFileName), Path::combine($this->targetFolder->getResourceType()->getName(), $this->targetFolder->getClientCurrentFolder(), $this->getFilename())); return true; } else { $this->addError(Error::ACCESS_DENIED); return false; } }
/** * Returns target file name of the copied file * * @return string */ public function getTargetFilename() { if ($this->targetFolder->containsFile($this->getFilename()) && strpos($this->copyOptions, 'overwrite') === false && strpos($this->copyOptions, 'autorename') !== false) { $this->autorename(); } return $this->fileName; }
public function execute(WorkingFolder $workingFolder, EventDispatcher $dispatcher) { // The root folder cannot be deleted. if ($workingFolder->getClientCurrentFolder() === '/') { throw new InvalidRequestException('Cannot delete resource type root folder'); } $deleteFolderEvent = new DeleteFolderEvent($this->app, $workingFolder); $dispatcher->dispatch(CKFinderEvent::DELETE_FOLDER, $deleteFolderEvent); $deleted = false; if (!$deleteFolderEvent->isPropagationStopped()) { $deleted = $workingFolder->delete(); } if (!$deleted) { throw new AccessDeniedException(); } return array('deleted' => (int) $deleted); }
public function execute(Request $request, WorkingFolder $workingFolder, EventDispatcher $dispatcher) { $fileName = (string) $request->query->get('fileName'); $newFileName = (string) $request->query->get('newFileName'); if (null === $fileName || null === $newFileName) { throw new InvalidNameException('Invalid file name'); } $renamedFile = new RenamedFile($newFileName, $fileName, $workingFolder->getClientCurrentFolder(), $workingFolder->getResourceType(), $this->app); $renamed = false; if ($renamedFile->isValid()) { $renamedFileEvent = new RenameFileEvent($this->app, $renamedFile); $dispatcher->dispatch(CKFinderEvent::RENAME_FILE, $renamedFileEvent); if (!$renamedFileEvent->isPropagationStopped()) { $renamed = $renamedFile->doRename(); } } return array('name' => $fileName, 'newName' => $renamedFile->getNewFileName(), 'renamed' => (int) $renamed); }
public function execute(Request $request, WorkingFolder $workingFolder, Config $config, ThumbnailRepository $thumbnailRepository) { if (!$config->get('thumbnails.enabled')) { throw new CKFinderException('Thumbnails feature is disabled', Error::THUMBNAILS_DISABLED); } $fileName = $request->get('fileName'); $ext = strtolower(pathinfo($fileName, PATHINFO_EXTENSION)); if (!Image::isSupportedExtension($ext, $thumbnailRepository->isBitmapSupportEnabled())) { throw new InvalidNameException('Invalid source file name'); } if (null === $fileName || !File::isValidName($fileName, $config->get('disallowUnsafeCharacters'))) { throw new InvalidRequestException('Invalid file name'); } list($requestedWidth, $requestedHeight) = Image::parseSize($request->get('size')); $thumbnail = $thumbnailRepository->getThumbnail($workingFolder->getResourceType(), $workingFolder->getClientCurrentFolder(), $fileName, $requestedWidth, $requestedHeight); /** * This was added on purpose to reset any Cache-Control headers set * for example by session_start(). Symfony Session has a workaround, * but but we can't rely on this as application may not use Symfony * components to handle sessions. */ header('Cache-Control:'); $response = new Response(); $response->setPublic(); $response->setEtag(dechex($thumbnail->getTimestamp()) . "-" . dechex($thumbnail->getSize())); $lastModificationDate = new \DateTime(); $lastModificationDate->setTimestamp($thumbnail->getTimestamp()); $response->setLastModified($lastModificationDate); if ($response->isNotModified($request)) { return $response; } $thumbnailsCacheExpires = (int) $config->get('cache.thumbnails'); if ($thumbnailsCacheExpires > 0) { $response->setMaxAge($thumbnailsCacheExpires); $expireTime = new \DateTime(); $expireTime->modify('+' . $thumbnailsCacheExpires . 'seconds'); $response->setExpires($expireTime); } $response->headers->set('Content-Type', $thumbnail->getMimeType() . '; name="' . $thumbnail->getFileName() . '"'); $response->setContent($thumbnail->getImageData()); return $response; }
public function execute(Request $request, WorkingFolder $workingFolder, EventDispatcher $dispatcher) { $fileName = (string) $request->query->get('fileName'); $downloadedFile = new DownloadedFile($fileName, $this->app); $downloadedFile->isValid(); $downloadedFileEvent = new DownloadFileEvent($this->app, $downloadedFile); $dispatcher->dispatch(CKFinderEvent::DOWNLOAD_FILE, $downloadedFileEvent); if ($downloadedFileEvent->isPropagationStopped()) { throw new AccessDeniedException(); } $response = new StreamedResponse(); $response->headers->set('Cache-Control', 'cache, must-revalidate'); $response->headers->set('Pragma', 'public'); $response->headers->set('Expires', '0'); if ($request->get('format') === 'text') { $response->headers->set('Content-Type', 'text/plain; charset=utf-8'); } else { $userAgent = !empty($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ''; $encodedName = str_replace("\"", "\\\"", $fileName); if (strpos($userAgent, 'MSIE') !== false) { $encodedName = str_replace(array("+", "%2E"), array(" ", "."), urlencode($encodedName)); } $response->headers->set('Content-Type', 'application/octet-stream; name="' . $fileName . '"'); $response->headers->set('Content-Disposition', 'attachment; filename="' . $encodedName . '"'); } $response->headers->set('Content-Length', $downloadedFile->getSize()); $fileStream = $workingFolder->readStream($downloadedFile->getFilename()); $chunkSize = 1024 * 100; // how many bytes per chunk $response->setCallback(function () use($fileStream, $chunkSize) { if ($fileStream === false) { return false; } while (!feof($fileStream)) { echo fread($fileStream, $chunkSize); flush(); @set_time_limit(8); } return true; }); return $response; }
public function execute(Request $request, WorkingFolder $workingFolder, Config $config, ThumbnailRepository $thumbnailRepository) { if (!$config->get('thumbnails.enabled')) { throw new CKFinderException('Thumbnails feature is disabled', Error::THUMBNAILS_DISABLED); } $fileName = (string) $request->get('fileName'); $ext = strtolower(pathinfo($fileName, PATHINFO_EXTENSION)); if (!Image::isSupportedExtension($ext, $thumbnailRepository->isBitmapSupportEnabled())) { throw new InvalidNameException('Invalid source file name'); } if (null === $fileName || !File::isValidName($fileName, $config->get('disallowUnsafeCharacters'))) { throw new InvalidRequestException('Invalid file name'); } if (!$workingFolder->containsFile($fileName)) { throw new FileNotFoundException(); } list($requestedWidth, $requestedHeight) = Image::parseSize((string) $request->get('size')); $thumbnail = $thumbnailRepository->getThumbnail($workingFolder->getResourceType(), $workingFolder->getClientCurrentFolder(), $fileName, $requestedWidth, $requestedHeight); Utils::removeSessionCacheHeaders(); $response = new Response(); $response->setPublic(); $response->setEtag(dechex($thumbnail->getTimestamp()) . "-" . dechex($thumbnail->getSize())); $lastModificationDate = new \DateTime(); $lastModificationDate->setTimestamp($thumbnail->getTimestamp()); $response->setLastModified($lastModificationDate); if ($response->isNotModified($request)) { return $response; } $thumbnailsCacheExpires = (int) $config->get('cache.thumbnails'); if ($thumbnailsCacheExpires > 0) { $response->setMaxAge($thumbnailsCacheExpires); $expireTime = new \DateTime(); $expireTime->modify('+' . $thumbnailsCacheExpires . 'seconds'); $response->setExpires($expireTime); } $response->headers->set('Content-Type', $thumbnail->getMimeType() . '; name="' . $thumbnail->getFileName() . '"'); $response->setContent($thumbnail->getImageData()); return $response; }
public function execute(Request $request, WorkingFolder $workingFolder, ResizedImageRepository $resizedImageRepository, Config $config, CacheManager $cache) { $fileName = $request->get('fileName'); $sizes = $request->get('sizes'); $ext = pathinfo($fileName, PATHINFO_EXTENSION); if (!Image::isSupportedExtension($ext)) { throw new InvalidRequestException('Invalid file extension'); } if ($sizes) { $sizes = explode(',', $sizes); if (array_diff($sizes, array_keys($config->get('images.sizes')))) { throw new InvalidRequestException(sprintf('Invalid size requested (%s)', $request->get('sizes'))); } } $data = array(); $cachedInfo = $cache->get(Path::combine($workingFolder->getResourceType()->getName(), $workingFolder->getClientCurrentFolder(), $fileName)); if ($cachedInfo && isset($cachedInfo['width']) && isset($cachedInfo['height'])) { $data['originalSize'] = sprintf("%dx%d", $cachedInfo['width'], $cachedInfo['height']); } $resizedImages = $resizedImageRepository->getResizedImagesList($workingFolder->getResourceType(), $workingFolder->getClientCurrentFolder(), $fileName, $sizes ?: array()); $data['resized'] = $resizedImages; return $data; }
public function execute(WorkingFolder $workingFolder, Request $request, Config $config) { $fileName = $request->get('fileName'); $thumbnail = $request->get('thumbnail'); $fileNames = (array) $request->get('fileNames'); if (!empty($fileNames)) { $urls = array(); foreach ($fileNames as $fileName) { if (!File::isValidName($fileName, $config->get('disallowUnsafeCharacters'))) { throw new InvalidRequestException(sprintf('Invalid file name: %s', $fileName)); } $urls[$fileName] = $workingFolder->getFileUrl($fileName); } return array('urls' => $urls); } if (!File::isValidName($fileName, $config->get('disallowUnsafeCharacters')) || $thumbnail && !File::isValidName($thumbnail, $config->get('disallowUnsafeCharacters'))) { throw new InvalidRequestException('Invalid file name'); } if (!$workingFolder->containsFile($fileName)) { throw new FileNotFoundException(); } return array('url' => $workingFolder->getFileUrl($thumbnail ? Path::combine(ResizedImage::DIR, $fileName, $thumbnail) : $fileName)); }
public function isValid() { if (!$this->saveAsNew && !$this->exists()) { throw new FileNotFoundException(); } if ($this->newFileName) { if (!File::isValidName($this->newFileName, $this->config->get('disallowUnsafeCharacters'))) { throw new InvalidNameException('Invalid file name'); } if ($this->workingFolder->containsFile($this->newFileName)) { throw new AlreadyExistsException('File already exists'); } if ($this->resourceType->getBackend()->isHiddenFile($this->newFileName)) { throw new InvalidRequestException('New provided file name is hidden'); } } if (!$this->hasValidFilename() || !$this->hasValidPath()) { throw new InvalidRequestException('Invalid filename or path'); } if ($this->isHidden() || $this->hasHiddenPath()) { throw new InvalidRequestException('Edited file is hidden'); } return true; }
/** * Validates the file * * @return bool true if file passed the validation * * @throws AlreadyExistsException * @throws FileNotFoundException * @throws InvalidExtensionException * @throws InvalidNameException * @throws InvalidRequestException * @throws InvalidUploadException */ public function isValid() { if ($this->newFileName) { if (!File::isValidName($this->newFileName, $this->config->get('disallowUnsafeCharacters'))) { throw new InvalidNameException('Invalid file name'); } if ($this->resourceType->getBackend()->isHiddenFile($this->newFileName)) { throw new InvalidRequestException('New provided file name is hidden'); } if (!$this->resourceType->isAllowedExtension($this->getNewExtension())) { throw new InvalidExtensionException(); } if ($this->config->get('checkDoubleExtension') && !$this->areValidDoubleExtensions($this->newFileName)) { throw new InvalidExtensionException(); } if ($this->workingFolder->containsFile($this->newFileName)) { throw new AlreadyExistsException('File already exists'); } } if (!$this->hasValidFilename() || !$this->hasValidPath()) { throw new InvalidRequestException('Invalid filename or path'); } if ($this->isHidden() || $this->hasHiddenPath()) { throw new InvalidRequestException('Edited file is hidden'); } if ($this->config->get('checkDoubleExtension') && !$this->areValidDoubleExtensions()) { throw new InvalidExtensionException(); } if (!$this->resourceType->isAllowedExtension($this->getExtension())) { throw new InvalidExtensionException(); } if (!$this->saveAsNew && !$this->exists()) { throw new FileNotFoundException(); } if ($this->newContents) { if (Utils::containsHtml(substr($this->newContents, 0, 1024)) && !in_array(strtolower($this->newFileName ? $this->getNewExtension() : $this->getExtension()), $this->config->get('htmlExtensions'))) { throw new InvalidUploadException('HTML detected in disallowed file type', Error::UPLOADED_WRONG_HTML_FILE); } $maxFileSize = $this->resourceType->getMaxSize(); if ($maxFileSize && strlen($this->newContents) > $maxFileSize) { throw new InvalidUploadException('Uploaded file is too big', Error::UPLOADED_TOO_BIG); } } return true; }
public function execute(Request $request, WorkingFolder $workingFolder, EventDispatcher $dispatcher, CacheManager $cache, ResizedImageRepository $resizedImageRepository, ThumbnailRepository $thumbnailRepository) { $fileName = $request->query->get('fileName'); $editedFile = new EditedFile($fileName, $this->app); $saveAsNew = false; if (!$editedFile->exists()) { $saveAsNew = true; $editedFile->saveAsNew(true); } if (!$editedFile->isValid()) { throw new InvalidUploadException('Invalid file provided'); } if (!Image::isSupportedExtension($editedFile->getExtension())) { throw new InvalidExtensionException('Unsupported image type or not image file'); } $imageFormat = Image::mimeTypeFromExtension($editedFile->getExtension()); $uploadedData = $request->get('content'); if (null === $uploadedData || strpos($uploadedData, 'data:image/png;base64,') !== 0) { throw new InvalidUploadException('Invalid upload. Expected base64 encoded PNG image.'); } $data = explode(',', $uploadedData); $data = isset($data[1]) ? base64_decode($data[1]) : false; if (!$data) { throw new InvalidUploadException(); } $uploadedImage = Image::create($data); $newContents = $uploadedImage->getData($imageFormat); $editFileEvent = new EditFileEvent($this->app, $editedFile, $newContents); $cache->set(Path::combine($workingFolder->getResourceType()->getName(), $workingFolder->getClientCurrentFolder(), $fileName), $uploadedImage->getInfo()); $dispatcher->dispatch(CKFinderEvent::SAVE_IMAGE, $editFileEvent); $saved = false; if (!$editFileEvent->isPropagationStopped()) { $saved = $editedFile->setContents($editFileEvent->getNewContents()); //Remove thumbnails and resized images in case if file is overwritten if (!$saveAsNew && $saved) { $resourceType = $workingFolder->getResourceType(); $thumbnailRepository->deleteThumbnails($resourceType, $workingFolder->getClientCurrentFolder(), $fileName); $resizedImageRepository->deleteResizedImages($resourceType, $workingFolder->getClientCurrentFolder(), $fileName); } } return array('saved' => (int) $saved, 'date' => Utils::formatDate(time())); }
public function execute(Request $request, WorkingFolder $workingFolder, EventDispatcher $dispatcher, Config $config) { $fileName = (string) $request->query->get('fileName'); $thumbnailFileName = (string) $request->query->get('thumbnail'); if (!File::isValidName($fileName, $config->get('disallowUnsafeCharacters'))) { throw new InvalidRequestException(sprintf('Invalid file name: %s', $fileName)); } $cacheLifetime = (int) $request->query->get('cache'); if (!$workingFolder->containsFile($fileName)) { throw new FileNotFoundException(); } if ($thumbnailFileName) { if (!File::isValidName($thumbnailFileName, $config->get('disallowUnsafeCharacters'))) { throw new InvalidRequestException(sprintf('Invalid resized image file name: %s', $fileName)); } if (!$workingFolder->getResourceType()->isAllowedExtension(pathinfo($thumbnailFileName, PATHINFO_EXTENSION))) { throw new InvalidExtensionException(); } $resizedImageRespository = $this->app->getResizedImageRepository(); $file = $resizedImageRespository->getExistingResizedImage($workingFolder->getResourceType(), $workingFolder->getClientCurrentFolder(), $fileName, $thumbnailFileName); $dataStream = $file->readStream(); } else { $file = new DownloadedFile($fileName, $this->app); $file->isValid(); $dataStream = $workingFolder->readStream($file->getFilename()); } $proxyDownload = new ProxyDownloadEvent($this->app, $file); $dispatcher->dispatch(CKFinderEvent::PROXY_DOWNLOAD, $proxyDownload); if ($proxyDownload->isPropagationStopped()) { throw new AccessDeniedException(); } $response = new StreamedResponse(); $response->headers->set('Content-Type', $file->getMimeType()); $response->headers->set('Content-Length', $file->getSize()); $response->headers->set('Content-Disposition', 'inline; filename="' . $fileName . '"'); if ($cacheLifetime > 0) { Utils::removeSessionCacheHeaders(); $response->setPublic(); $response->setEtag(dechex($file->getTimestamp()) . "-" . dechex($file->getSize())); $lastModificationDate = new \DateTime(); $lastModificationDate->setTimestamp($file->getTimestamp()); $response->setLastModified($lastModificationDate); if ($response->isNotModified($request)) { return $response; } $response->setMaxAge($cacheLifetime); $expireTime = new \DateTime(); $expireTime->modify('+' . $cacheLifetime . 'seconds'); $response->setExpires($expireTime); } $chunkSize = 1024 * 100; $response->setCallback(function () use($dataStream, $chunkSize) { if ($dataStream === false) { return false; } while (!feof($dataStream)) { echo fread($dataStream, $chunkSize); flush(); @set_time_limit(8); } return true; }); return $response; }
/** * Checks if file exists * * @return bool true if file exists */ public function exists() { return $this->workingFolder->containsFile($this->fileName); }
/** * @param Request $request * @param WorkingFolder $workingFolder * @param EventDispatcher $dispatcher * @param Acl $acl * * @return array * * @throws \Exception */ public function execute(Request $request, WorkingFolder $workingFolder, EventDispatcher $dispatcher, Acl $acl, ResizedImageRepository $resizedImageRepository, ThumbnailRepository $thumbnailRepository) { $fileName = (string) $request->get('fileName'); $newFileName = (string) $request->get('newFileName'); $editedImage = new EditedImage($fileName, $this->app, $newFileName); $resourceType = $workingFolder->getResourceType(); if (null === $newFileName) { $resourceTypeName = $resourceType->getName(); $path = $workingFolder->getClientCurrentFolder(); if (!$acl->isAllowed($resourceTypeName, $path, Permission::FILE_DELETE)) { throw new UnauthorizedException(sprintf('Unauthorized: no FILE_DELETE permission in %s:%s', $resourceTypeName, $path)); } } if (!Image::isSupportedExtension($editedImage->getExtension())) { throw new InvalidExtensionException('Unsupported image type or not image file'); } $image = Image::create($editedImage->getContents()); $actions = (array) $request->get('actions'); if (empty($actions)) { throw new InvalidRequestException(); } foreach ($actions as $actionInfo) { if (!isset($actionInfo['action'])) { throw new InvalidRequestException('ImageEdit: action name missing'); } switch ($actionInfo['action']) { case self::OPERATION_CROP: if (!Utils::arrayContainsKeys($actionInfo, array('x', 'y', 'width', 'height'))) { throw new InvalidRequestException(); } $x = $actionInfo['x']; $y = $actionInfo['y']; $width = $actionInfo['width']; $height = $actionInfo['height']; $image->crop($x, $y, $width, $height); break; case self::OPERATION_ROTATE: if (!isset($actionInfo['angle'])) { throw new InvalidRequestException(); } $degrees = $actionInfo['angle']; $bgcolor = isset($actionInfo['bgcolor']) ? $actionInfo['bgcolor'] : 0; $image->rotate($degrees, $bgcolor); break; case self::OPERATION_RESIZE: if (!Utils::arrayContainsKeys($actionInfo, array('width', 'height'))) { throw new InvalidRequestException(); } $width = $actionInfo['width']; $height = $actionInfo['height']; $image->resize($width, $height); break; } } $editFileEvent = new EditFileEvent($this->app, $editedImage); $editedImage->setNewContents($image->getData()); $editedImage->setNewDimensions($image->getWidth(), $image->getHeight()); if (!$editedImage->isValid()) { throw new InvalidUploadException('Invalid file provided'); } $dispatcher->dispatch(CKFinderEvent::EDIT_IMAGE, $editFileEvent); $saved = false; if (!$editFileEvent->isPropagationStopped()) { $saved = $editedImage->save($editFileEvent->getNewContents()); //Remove thumbnails and resized images in case if file is overwritten if ($newFileName === null && $saved) { $thumbnailRepository->deleteThumbnails($resourceType, $workingFolder->getClientCurrentFolder(), $fileName); $resizedImageRepository->deleteResizedImages($resourceType, $workingFolder->getClientCurrentFolder(), $fileName); } } return array('saved' => (int) $saved, 'date' => Utils::formatDate(time())); }
public function execute(Request $request, WorkingFolder $workingFolder, EventDispatcher $dispatcher, Config $config, CacheManager $cache, ThumbnailRepository $thumbsRepository) { // #111 IE9 download JSON issue workaround if ($request->get('asPlainText')) { $uploadEvents = array(CKFinderEvent::AFTER_COMMAND_FILE_UPLOAD, CKFinderEvent::AFTER_COMMAND_QUICK_UPLOAD); foreach ($uploadEvents as $eventName) { $dispatcher->addListener($eventName, function (AfterCommandEvent $event) { $response = $event->getResponse(); $response->headers->set('Content-Type', 'text/plain'); }); } } $uploaded = 0; $warningErrorCode = null; $upload = $request->files->get('upload'); if (null === $upload) { throw new InvalidUploadException(); } $uploadedFile = new UploadedFile($upload, $this->app); if (!$uploadedFile->isValid()) { throw new InvalidUploadException($uploadedFile->getErrorMessage()); } $uploadedFile->sanitizeFilename(); if ($uploadedFile->wasRenamed()) { $warningErrorCode = Error::UPLOADED_INVALID_NAME_RENAMED; } if (!$uploadedFile->hasValidFilename() || $uploadedFile->isHiddenFile()) { throw new InvalidNameException(); } if (!$uploadedFile->hasAllowedExtension()) { throw new InvalidExtensionException(); } // Autorename if required $overwriteOnUpload = $config->get('overwriteOnUpload'); if (!$overwriteOnUpload && $uploadedFile->autorename()) { $warningErrorCode = Error::UPLOADED_FILE_RENAMED; } $fileName = $uploadedFile->getFilename(); if (!$uploadedFile->isAllowedHtmlFile() && $uploadedFile->containsHtml()) { throw new InvalidUploadException('HTML detected in disallowed file type', Error::UPLOADED_WRONG_HTML_FILE); } if ($config->get('secureImageUploads') && $uploadedFile->isImage() && !$uploadedFile->isValidImage()) { throw new InvalidUploadException('Invalid upload: corrupted image', Error::UPLOADED_CORRUPT); } $maxFileSize = $workingFolder->getResourceType()->getMaxSize(); if (!$config->get('checkSizeAfterScaling') && $maxFileSize && $uploadedFile->getSize() > $maxFileSize) { throw new InvalidUploadException('Uploaded file is too big', Error::UPLOADED_TOO_BIG); } if (Image::isSupportedExtension($uploadedFile->getExtension())) { $imagesConfig = $config->get('images'); $image = Image::create($uploadedFile->getContents()); if ($image->getWidth() > $imagesConfig['maxWidth'] || $image->getHeight() > $imagesConfig['maxHeight']) { $image->resize($imagesConfig['maxWidth'], $imagesConfig['maxHeight'], $imagesConfig['quality']); $imageData = $image->getData(); $uploadedFile->setContents($imageData); } $cache->set(Path::combine($workingFolder->getResourceType()->getName(), $workingFolder->getClientCurrentFolder(), $fileName), $image->getInfo()); unset($imageData); unset($image); } if ($maxFileSize && $uploadedFile->getSize() > $maxFileSize) { throw new InvalidUploadException('Uploaded file is too big', Error::UPLOADED_TOO_BIG); } $event = new FileUploadEvent($this->app, $uploadedFile); $dispatcher->dispatch(CKFinderEvent::FILE_UPLOAD, $event); if (!$event->isPropagationStopped()) { $uploadedFileStream = $uploadedFile->getContentsStream(); $uploaded = (int) $workingFolder->putStream($fileName, $uploadedFileStream); if ($overwriteOnUpload) { $thumbsRepository->deleteThumbnails($workingFolder->getResourceType(), $workingFolder->getClientCurrentFolder(), $fileName); } if (!$uploaded) { $warningErrorCode = Error::ACCESS_DENIED; } } $responseData = array('fileName' => $fileName, 'uploaded' => $uploaded); if ($warningErrorCode) { $errorMessage = $this->app['translator']->translateErrorMessage($warningErrorCode, array($fileName)); $responseData['error'] = array('number' => $warningErrorCode, 'message' => $errorMessage); } return $responseData; }
/** * Check if current file name is defined as hidden in configuration settings * * @return bool true if filename is hidden */ public function isHiddenFile() { return $this->workingFolder->getBackend()->isHiddenFile($this->fileName); }
public function execute(Request $request, WorkingFolder $workingFolder) { $newFolderName = (string) $request->query->get('newFolderName', ''); $workingFolder->createDir($newFolderName); return array('newFolder' => $newFolderName); }