/** * returns binary image data from a image identified by a imagelink * * @param array $imageParams * @return string binary data * @throws Tinebase_Exception_UnexpectedValue */ public static function getImageData($imageParams) { $tempFile = Tinebase_TempFile::getInstance()->getTempFile($imageParams['id']); if (!Tinebase_ImageHelper::isImageFile($tempFile->path)) { throw new Tinebase_Exception_UnexpectedValue('Given file is not an image.'); } return file_get_contents($tempFile->path); }
/** * download message part * * @param string $_messageId * @param string $_partId * @param string $disposition * @param boolean $validateImage */ protected function _outputMessagePart($_messageId, $_partId = NULL, $disposition = 'attachment', $validateImage = FALSE) { $oldMaxExcecutionTime = Tinebase_Core::setExecutionLifeTime(0); try { // fetch extracted winmail dat contents if (strstr($_partId, 'winmail-')) { $partIndex = explode('winmail-', $_partId); $partIndex = intval($partIndex[1]); $files = Felamimail_Controller_Message::getInstance()->extractWinMailDat($_messageId); $file = $files[$partIndex]; $part = NULL; $path = Tinebase_Core::getTempDir() . '/winmail/'; $path = $path . $_messageId . '/'; $contentType = mime_content_type($path . $file); $this->_prepareHeader($file, $contentType); $stream = fopen($path . $file, 'r'); } else { // fetch normal attachment $part = Felamimail_Controller_Message::getInstance()->getMessagePart($_messageId, $_partId); $contentType = $_partId === NULL ? Felamimail_Model_Message::CONTENT_TYPE_MESSAGE_RFC822 : $part->type; $filename = $this->_getDownloadFilename($part, $_messageId, $contentType); if (Tinebase_Core::isLogLevel(Zend_Log::DEBUG)) { Tinebase_Core::getLogger()->debug(__METHOD__ . '::' . __LINE__ . ' ' . ' filename: ' . $filename . ' content type ' . $contentType); } if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) { Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' ' . print_r($part, TRUE)); } $this->_prepareHeader($filename, $contentType); $stream = $_partId === NULL ? $part->getRawStream() : $part->getDecodedStream(); } if ($validateImage) { $tmpPath = tempnam(Tinebase_Core::getTempDir(), 'tine20_tmp_imgdata'); $tmpFile = fopen($tmpPath, 'w'); stream_copy_to_stream($stream, $tmpFile); fclose($tmpFile); // @todo check given mimetype or all images types? if (!Tinebase_ImageHelper::isImageFile($tmpPath)) { if (Tinebase_Core::isLogLevel(Zend_Log::WARN)) { Tinebase_Core::getLogger()->warn(__METHOD__ . '::' . __LINE__ . ' Resource is no image file: ' . $filename); } } else { if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) { Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' Verified ' . $contentType . ' image.'); } readfile($tmpPath); } } else { fpassthru($stream); } fclose($stream); } catch (Exception $e) { Tinebase_Core::getLogger()->warn(__METHOD__ . '::' . __LINE__ . ' Failed to get message part: ' . $e->getMessage()); } Tinebase_Core::setExecutionLifeTime($oldMaxExcecutionTime); exit; }
/** * tests if isImageFile is working * */ public function testIsImageFile() { $this->assertTrue(Tinebase_ImageHelper::isImageFile($this->_testImagePath)); $this->assertFalse(Tinebase_ImageHelper::isImageFile(__FILE__)); }
/** * check if data is valid, check and allow * * @param HTMLPurifier_URI $uri * @param HTMLPurifier_Token $token * @return boolean */ protected function _checkData($uri, $token) { $result = FALSE; if ($token->name === 'img' && isset($token->attr['src'])) { $imgSrc = $token->attr['src']; $imgSrc = str_replace(array("\r", "\n"), '', $imgSrc); if (preg_match('/([a-z\\/]*);base64,(.*)/', $imgSrc, $matches)) { $mimetype = $matches[1]; $base64 = $matches[2]; if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) { Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' Found base64 image: ' . $base64); } $tmpPath = tempnam(Tinebase_Core::getTempDir(), 'tine20_tmp_imgdata'); file_put_contents($tmpPath, @base64_decode($base64)); // @todo check given mimetype or all images types? if (!Tinebase_ImageHelper::isImageFile($tmpPath)) { if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) { Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' URI data is no image file: ' . $uri->toString()); } } else { if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) { Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' Verified ' . $mimetype . ' image.'); } $result = TRUE; } } } else { if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) { Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' Only allow images data uris, discarding: ' . $token->name); } } return $result; }