private function doTestStore($op)
{
$backendName = $this->backendClass();
$source = $op['src'];
$dest = $op['dst'];
$this->prepare(array('dir' => dirname($dest)));
file_put_contents($source, "Unit test file");
if (isset($op['overwrite']) || isset($op['overwriteSame'])) {
$this->backend->store($op);
}
$status = $this->backend->doOperation($op);
$this->assertGoodStatus($status, "Store from {$source} to {$dest} succeeded without warnings ({$backendName}).");
$this->assertEquals(true, $status->isOK(), "Store from {$source} to {$dest} succeeded ({$backendName}).");
$this->assertEquals(array(0 => true), $status->success, "Store from {$source} to {$dest} has proper 'success' field in Status ({$backendName}).");
$this->assertEquals(true, file_exists($source), "Source file {$source} still exists ({$backendName}).");
$this->assertEquals(true, $this->backend->fileExists(array('src' => $dest)), "Destination file {$dest} exists ({$backendName}).");
$this->assertEquals(filesize($source), $this->backend->getFileSize(array('src' => $dest)), "Destination file {$dest} has correct size ({$backendName}).");
$props1 = FSFile::getPropsFromPath($source);
$props2 = $this->backend->getFileProps(array('src' => $dest));
$this->assertEquals($props1, $props2, "Source and destination have the same props ({$backendName}).");
$this->assertBackendPathsConsistent(array($dest));
}
/**
* A verification routine suitable for partial files
*
* Runs the blacklist checks, but not any checks that may
* assume the entire file is present.
*
* @return Mixed true for valid or array with error message key.
*/
protected function verifyPartialFile()
{
global $wgAllowJavaUploads, $wgDisableUploadScriptChecks;
wfProfileIn(__METHOD__);
# getTitle() sets some internal parameters like $this->mFinalExtension
$this->getTitle();
$this->mFileProps = FSFile::getPropsFromPath($this->mTempPath, $this->mFinalExtension);
# check mime type, if desired
$mime = $this->mFileProps['file-mime'];
$status = $this->verifyMimeType($mime);
if ($status !== true) {
wfProfileOut(__METHOD__);
return $status;
}
# check for htmlish code and javascript
if (!$wgDisableUploadScriptChecks) {
if (self::detectScript($this->mTempPath, $mime, $this->mFinalExtension)) {
wfProfileOut(__METHOD__);
return array('uploadscripted');
}
if ($this->mFinalExtension == 'svg' || $mime == 'image/svg+xml') {
$svgStatus = $this->detectScriptInSvg($this->mTempPath);
if ($svgStatus !== false) {
wfProfileOut(__METHOD__);
return $svgStatus;
}
}
}
# Check for Java applets, which if uploaded can bypass cross-site
# restrictions.
if (!$wgAllowJavaUploads) {
$this->mJavaDetected = false;
$zipStatus = ZipDirectoryReader::read($this->mTempPath, array($this, 'zipEntryCallback'));
if (!$zipStatus->isOK()) {
$errors = $zipStatus->getErrorsArray();
$error = reset($errors);
if ($error[0] !== 'zip-wrong-format') {
wfProfileOut(__METHOD__);
return $error;
}
}
if ($this->mJavaDetected) {
wfProfileOut(__METHOD__);
return array('uploadjava');
}
}
# Scan the uploaded file for viruses
$virus = $this->detectVirus($this->mTempPath);
if ($virus) {
wfProfileOut(__METHOD__);
return array('uploadvirus', $virus);
}
wfProfileOut(__METHOD__);
return true;
}
/**
* Upload a file and record it in the DB
* @param string $srcPath Source storage path, virtual URL, or filesystem path
* @param string $comment Upload description
* @param string $pageText Text to use for the new description page,
* if a new description page is created
* @param int|bool $flags Flags for publish()
* @param array|bool $props File properties, if known. This can be used to
* reduce the upload time when uploading virtual URLs for which the file
* info is already known
* @param string|bool $timestamp Timestamp for img_timestamp, or false to use the
* current time
* @param User|null $user User object or null to use $wgUser
*
* @return FileRepoStatus object. On success, the value member contains the
* archive name, or an empty string if it was a new file.
*/
function upload($srcPath, $comment, $pageText, $flags = 0, $props = false, $timestamp = false, $user = null)
{
global $wgContLang;
if ($this->getRepo()->getReadOnlyReason() !== false) {
return $this->readOnlyFatalStatus();
}
if (!$props) {
wfProfileIn(__METHOD__ . '-getProps');
if ($this->repo->isVirtualUrl($srcPath) || FileBackend::isStoragePath($srcPath)) {
$props = $this->repo->getFileProps($srcPath);
} else {
$props = FSFile::getPropsFromPath($srcPath);
}
wfProfileOut(__METHOD__ . '-getProps');
}
$options = array();
$handler = MediaHandler::getHandler($props['mime']);
if ($handler) {
$options['headers'] = $handler->getStreamHeaders($props['metadata']);
} else {
$options['headers'] = array();
}
// Trim spaces on user supplied text
$comment = trim($comment);
// truncate nicely or the DB will do it for us
// non-nicely (dangling multi-byte chars, non-truncated version in cache).
$comment = $wgContLang->truncate($comment, 255);
$this->lock();
// begin
$status = $this->publish($srcPath, $flags, $options);
if ($status->successCount > 0) {
# Essentially we are displacing any existing current file and saving
# a new current file at the old location. If just the first succeeded,
# we still need to displace the current DB entry and put in a new one.
if (!$this->recordUpload2($status->value, $comment, $pageText, $props, $timestamp, $user)) {
$status->fatal('filenotfound', $srcPath);
}
}
$this->unlock();
// done
return $status;
}
/**
* Upload a file and record it in the DB
* @param string $srcPath Source storage path, virtual URL, or filesystem path
* @param string $comment Upload description
* @param string $pageText Text to use for the new description page,
* if a new description page is created
* @param int|bool $flags Flags for publish()
* @param array|bool $props File properties, if known. This can be used to
* reduce the upload time when uploading virtual URLs for which the file
* info is already known
* @param string|bool $timestamp Timestamp for img_timestamp, or false to use the
* current time
* @param User|null $user User object or null to use $wgUser
* @param string[] $tags Change tags to add to the log entry and page revision.
* (This doesn't check $user's permissions.)
* @return FileRepoStatus On success, the value member contains the
* archive name, or an empty string if it was a new file.
*/
function upload($srcPath, $comment, $pageText, $flags = 0, $props = false, $timestamp = false, $user = null, $tags = array())
{
global $wgContLang;
if ($this->getRepo()->getReadOnlyReason() !== false) {
return $this->readOnlyFatalStatus();
}
if (!$props) {
if ($this->repo->isVirtualUrl($srcPath) || FileBackend::isStoragePath($srcPath)) {
$props = $this->repo->getFileProps($srcPath);
} else {
$props = FSFile::getPropsFromPath($srcPath);
}
}
$options = array();
$handler = MediaHandler::getHandler($props['mime']);
if ($handler) {
$options['headers'] = $handler->getStreamHeaders($props['metadata']);
} else {
$options['headers'] = array();
}
// Trim spaces on user supplied text
$comment = trim($comment);
// Truncate nicely or the DB will do it for us
// non-nicely (dangling multi-byte chars, non-truncated version in cache).
$comment = $wgContLang->truncate($comment, 255);
$this->lock();
// begin
$status = $this->publish($srcPath, $flags, $options);
if ($status->successCount >= 2) {
// There will be a copy+(one of move,copy,store).
// The first succeeding does not commit us to updating the DB
// since it simply copied the current version to a timestamped file name.
// It is only *preferable* to avoid leaving such files orphaned.
// Once the second operation goes through, then the current version was
// updated and we must therefore update the DB too.
$oldver = $status->value;
if (!$this->recordUpload2($oldver, $comment, $pageText, $props, $timestamp, $user, $tags)) {
$status->fatal('filenotfound', $srcPath);
}
}
$this->unlock();
// done
return $status;
}
/**
* Get properties of a file with a given virtual URL
* The virtual URL must refer to this repo
*/
function getFileProps($virtualUrl)
{
$path = $this->resolveVirtualUrl($virtualUrl);
return FSFile::getPropsFromPath($path);
}
/**
* Load metadata from the file itself
*/
function loadFromFile()
{
$this->setProps(FSFile::getPropsFromPath($this->getPath()));
}
} else {
$commentText = file_get_contents($f);
if (!$commentText) {
echo " Failed to load comment file {$f}, using default comment. ";
}
}
}
if (!$commentText) {
$commentText = $comment;
}
}
# Import the file
if (isset($options['dry'])) {
echo " publishing {$file} by '" . $wgUser->getName() . "', comment '{$commentText}'... ";
} else {
$props = FSFile::getPropsFromPath($file);
$flags = 0;
$publishOptions = array();
$handler = MediaHandler::getHandler($props['mime']);
if ($handler) {
$publishOptions['headers'] = $handler->getStreamHeaders($props['metadata']);
} else {
$publishOptions['headers'] = array();
}
$archive = $image->publish($file, $flags, $publishOptions);
if (!$archive->isGood()) {
echo "failed. (" . $archive->getWikiText() . ")\n";
$failed++;
continue;
}
}
/**
* Stash a file in a temp directory and record that we did this in the database, along with other metadata.
*
* @param $path String: path to file you want stashed
* @param $sourceType String: the type of upload that generated this file (currently, I believe, 'file' or null)
* @throws UploadStashBadPathException
* @throws UploadStashFileException
* @throws UploadStashNotLoggedInException
* @return UploadStashFile: file, or null on failure
*/
public function stashFile($path, $sourceType = null)
{
if (!file_exists($path)) {
wfDebug(__METHOD__ . " tried to stash file at '{$path}', but it doesn't exist\n");
throw new UploadStashBadPathException("path doesn't exist");
}
$fileProps = FSFile::getPropsFromPath($path);
wfDebug(__METHOD__ . " stashing file at '{$path}'\n");
// we will be initializing from some tmpnam files that don't have extensions.
// most of MediaWiki assumes all uploaded files have good extensions. So, we fix this.
$extension = self::getExtensionForPath($path);
if (!preg_match("/\\.\\Q{$extension}\\E\$/", $path)) {
$pathWithGoodExtension = "{$path}.{$extension}";
if (!rename($path, $pathWithGoodExtension)) {
throw new UploadStashFileException("couldn't rename {$path} to have a better extension at {$pathWithGoodExtension}");
}
$path = $pathWithGoodExtension;
}
// If no key was supplied, make one. a mysql insertid would be totally reasonable here, except
// that for historical reasons, the key is this random thing instead. At least it's not guessable.
//
// some things that when combined will make a suitably unique key.
// see: http://www.jwz.org/doc/mid.html
list($usec, $sec) = explode(' ', microtime());
$usec = substr($usec, 2);
$key = wfBaseConvert($sec . $usec, 10, 36) . '.' . wfBaseConvert(mt_rand(), 10, 36) . '.' . $this->userId . '.' . $extension;
$this->fileProps[$key] = $fileProps;
if (!preg_match(self::KEY_FORMAT_REGEX, $key)) {
throw new UploadStashBadPathException("key '{$key}' is not in a proper format");
}
wfDebug(__METHOD__ . " key for '{$path}': {$key}\n");
// if not already in a temporary area, put it there
$storeStatus = $this->repo->storeTemp(basename($path), $path);
if (!$storeStatus->isOK()) {
// It is a convention in MediaWiki to only return one error per API exception, even if multiple errors
// are available. We use reset() to pick the "first" thing that was wrong, preferring errors to warnings.
// This is a bit lame, as we may have more info in the $storeStatus and we're throwing it away, but to fix it means
// redesigning API errors significantly.
// $storeStatus->value just contains the virtual URL (if anything) which is probably useless to the caller
$error = $storeStatus->getErrorsArray();
$error = reset($error);
if (!count($error)) {
$error = $storeStatus->getWarningsArray();
$error = reset($error);
if (!count($error)) {
$error = array('unknown', 'no error recorded');
}
}
// at this point, $error should contain the single "most important" error, plus any parameters.
$errorMsg = array_shift($error);
throw new UploadStashFileException("Error storing file in '{$path}': " . wfMessage($errorMsg, $error)->text());
}
$stashPath = $storeStatus->value;
// we have renamed the file so we have to cleanup once done
unlink($path);
// fetch the current user ID
if (!$this->isLoggedIn) {
throw new UploadStashNotLoggedInException(__METHOD__ . ' No user is logged in, files must belong to users');
}
// insert the file metadata into the db.
wfDebug(__METHOD__ . " inserting {$stashPath} under {$key}\n");
$dbw = $this->repo->getMasterDb();
$this->fileMetadata[$key] = array('us_id' => $dbw->nextSequenceValue('uploadstash_us_id_seq'), 'us_user' => $this->userId, 'us_key' => $key, 'us_orig_path' => $path, 'us_path' => $stashPath, 'us_size' => $fileProps['size'], 'us_sha1' => $fileProps['sha1'], 'us_mime' => $fileProps['mime'], 'us_media_type' => $fileProps['media_type'], 'us_image_width' => $fileProps['width'], 'us_image_height' => $fileProps['height'], 'us_image_bits' => $fileProps['bits'], 'us_source_type' => $sourceType, 'us_timestamp' => $dbw->timestamp(), 'us_status' => 'finished');
$dbw->insert('uploadstash', $this->fileMetadata[$key], __METHOD__);
// store the insertid in the class variable so immediate retrieval (possibly laggy) isn't necesary.
$this->fileMetadata[$key]['us_id'] = $dbw->insertId();
# create the UploadStashFile object for this file.
$this->initFile($key);
return $this->getFile($key);
}
/**
* @param string $fileName
* @return array
*/
function getFileProps($fileName)
{
if (FileRepo::isVirtualUrl($fileName)) {
list($repoName, , ) = $this->splitVirtualUrl($fileName);
if ($repoName === '') {
$repoName = 'local';
}
$repo = $this->getRepo($repoName);
return $repo->getFileProps($fileName);
} else {
return FSFile::getPropsFromPath($fileName);
}
}
/**
* Verifies that it's ok to include the uploaded file
*
* @return mixed true of the file is verified, array otherwise.
*/
protected function verifyFile()
{
global $wgAllowJavaUploads, $wgDisableUploadScriptChecks;
# get the title, even though we are doing nothing with it, because
# we need to populate mFinalExtension
$this->getTitle();
$this->mFileProps = FSFile::getPropsFromPath($this->mTempPath, $this->mFinalExtension);
# check mime type, if desired
$mime = $this->mFileProps['file-mime'];
$status = $this->verifyMimeType($mime);
if ($status !== true) {
return $status;
}
# check for htmlish code and javascript
if (!$wgDisableUploadScriptChecks) {
if (self::detectScript($this->mTempPath, $mime, $this->mFinalExtension)) {
return array('uploadscripted');
}
if ($this->mFinalExtension == 'svg' || $mime == 'image/svg+xml') {
if ($this->detectScriptInSvg($this->mTempPath)) {
return array('uploadscripted');
}
}
}
# Check for Java applets, which if uploaded can bypass cross-site
# restrictions.
if (!$wgAllowJavaUploads) {
$this->mJavaDetected = false;
$zipStatus = ZipDirectoryReader::read($this->mTempPath, array($this, 'zipEntryCallback'));
if (!$zipStatus->isOK()) {
$errors = $zipStatus->getErrorsArray();
$error = reset($errors);
if ($error[0] !== 'zip-wrong-format') {
return $error;
}
}
if ($this->mJavaDetected) {
return array('uploadjava');
}
}
# Scan the uploaded file for viruses
$virus = $this->detectVirus($this->mTempPath);
if ($virus) {
return array('uploadvirus', $virus);
}
$handler = MediaHandler::getHandler($mime);
if ($handler) {
$handlerStatus = $handler->verifyUpload($this->mTempPath);
if (!$handlerStatus->isOK()) {
$errors = $handlerStatus->getErrorsArray();
return reset($errors);
}
}
wfRunHooks('UploadVerifyFile', array($this, $mime, &$status));
if ($status !== true) {
return $status;
}
wfDebug(__METHOD__ . ": all clear; passing.\n");
return true;
}
