Exemplo n.º 1
0
 /**
  * detects MIME type of a file. Includes workarounds for buggy detection
  *
  * @param string $path path to file
  * @return string the MIME type
  */
 protected function fileMime($path, $restrictHtml = false)
 {
     if (file_exists($path)) {
         $mime = FileMime::mime($path);
     } else {
         $mime = false;
     }
     if (!$mime || $mime == "application/msword") {
         $mime = "application/octet-stream";
     }
     if ($restrictHtml && preg_match(self::$HTML_MIME_TYPES, $mime)) {
         $mime = self::$HTML_SERVE_AS;
     }
     return $mime;
 }
Exemplo n.º 2
0
 public function uploadAvatarUriEvent($runData)
 {
     $pl = $runData->getParameterList();
     $uri = $pl->getParameterValue("uri");
     if (preg_match("/^(http[s]?:\\/\\/)|(ftp:\\/\\/)[a-zA-Z0-9\\-]+\\/.*/", $uri) == 0) {
         $runData->ajaxResponseAdd("status", "wrong_uri");
         return;
     }
     $fileContent = file_get_contents($uri);
     if (!$fileContent) {
         $runData->ajaxResponseAdd("status", "fetch_failed");
         return;
     }
     $dir = WIKIDOT_ROOT . '/web/files--common/tmp/avatars-upload';
     $tmpname = tempnam($dir, "uriup");
     file_put_contents($tmpname, $fileContent);
     $fmime = FileMime::mime($tmpname);
     if ($fmime != "image/png" && $fmime != "image/jpeg" && $fmime != "image/gif") {
         $status = "wrong_mime";
         $runData->ajaxResponseAdd("status", $status);
         $runData->ajaxResponseAdd("mime", $fmime);
         return;
     }
     $size = getimagesize($tmpname);
     if ($size == false) {
         $status = "not_image";
         $runData->ajaxResponseAdd("status", $status);
         return;
     }
     if ($size[0] < 16 || $size[1] < 16) {
         $status = "too_small";
         $runData->contextAdd("status", $status);
         return;
     }
     $im48fn = tempnam($dir, "av") . ".png";
     $im16fn = tempnam($dir, "av") . ".png";
     if ($size[0] != 100 && $size[1] != 100) {
         // need to resize...
         $w = $size[0];
         $h = $size[1];
         $r = $h / $w;
         $cmd = "convert -resize '100x100>' " . escapeshellarg($tmpname) . " " . escapeshellarg($im48fn);
         exec($cmd, $out);
         $runData->contextAdd("originalSize", $size);
         $runData->contextAdd("resized", true);
     } else {
         $cmd = "convert  " . escapeshellarg($tmpname) . " " . escapeshellarg($im48fn);
         exec($cmd);
     }
     $cmd = "convert -resize 16x16! -unsharp 0x1.0+1.0+0.10 " . escapeshellarg($im48fn) . " " . escapeshellarg($im16fn);
     exec($cmd);
     $runData->ajaxResponseAdd("im48", basename($im48fn));
     $runData->ajaxResponseAdd("im16", basename($im16fn));
 }
Exemplo n.º 3
0
 public function uploadFileEvent($runData)
 {
     try {
         // the event method will not use OZONE functionality for file processing but
         // rather a low-level approach.
         $status = "ok";
         // status variable that will be passed to template
         $pl = $runData->getParameterList();
         $site = $runData->getTemp("site");
         $pageId = $pl->getParameterValue("page_id");
         $page = DB_PagePeer::instance()->selectByPrimaryKey($pageId);
         if ($page == null || $page->getSiteId() != $site->getSiteId()) {
             $status = "error";
             $runData->contextAdd("status", $status);
             $runData->contextAdd("message", _("Page does not exist???"));
             return;
         }
         $category = $page->getCategory();
         // now check for permissions!!!
         $user = $runData->getUser();
         WDPermissionManager::instance()->hasPagePermission('attach_file', $user, $category, $page);
         $userId = $runData->getUserId();
         if ($userId == null) {
             $userString = $runData->createIpString();
         }
         $file = $_FILES['userfile'];
         $comments = trim($pl->getParameterValue("comments"));
         $comments = substr($comments, 0, 110);
         if ($file['error'] === 2 || $file['error'] === 1) {
             $status = "size_error";
             $runData->contextAdd("status", $file['error']);
             $runData->contextAdd("message", _("Error uploading file - file size exceeds limit."));
             return;
         }
         if ($file['error'] === 3) {
             $status = "partial_error";
             $runData->contextAdd("status", $file['error']);
             $runData->contextAdd("message", _("Error uploading file - file only partially uploaded."));
             return;
         }
         if ($file['error'] == 4) {
             $status = "no_file";
             $runData->contextAdd("status", $file['error']);
             $runData->contextAdd("message", _("Error uploading file - no file uploaded."));
             return;
         }
         if ($file['error'] != 0) {
             $status = "other_error";
             $runData->contextAdd("status", $file['error']);
             $runData->contextAdd("message", _("Error uploading file - no file uploaded."));
             return;
         }
         if ($file['size'] == 0) {
             $status = "zero_size";
             $runData->contextAdd("status", $status);
             $runData->contextAdd("message", _("Error uploading file - the file has 0 bytes size."));
             return;
         }
         if (!is_uploaded_file($file['tmp_name'])) {
             $status = "invalid_file";
             $runData->contextAdd("status", $status);
             $runData->contextAdd("message", _("Error uploading file - invalid file."));
             return;
         }
         $totalSize = FileHelper::totalSiteFilesSize($site->getSiteId());
         $allowed = $site->getSettings()->getFileStorageSize();
         $maxUpload = min($allowed - $totalSize, $site->getSettings()->getMaxUploadFileSize());
         if ($file['size'] > $maxUpload) {
             $status = "too_big";
             $runData->contextAdd("status", $status);
             $runData->contextAdd("message", _("Error uploading file - file size exceeds limit."));
             return;
         }
         // check if destination file exists!
         $destinationFilename = $pl->getParameterValue("dfilename");
         if ($destinationFilename === "" || $destinationFilename == null) {
             // use the original name
             $destinationFilename = $file['name'];
         }
         $c = new Criteria();
         $c->add("filename", $destinationFilename);
         $c->add("site_id", $site->getSiteId());
         $c->add("page_id", $pageId);
         $conflictFiles = DB_FilePeer::instance()->select($c);
         if (count($conflictFiles) > 0) {
             // file already exists!!!
             try {
                 WDPermissionManager::instance()->hasPagePermission('replace_file', $user, $category, $page);
                 $overwritePermission = true;
             } catch (Exception $e) {
                 $overwritePermission = false;
             }
             if ($pl->getParameterValue("force") && $overwritePermission) {
                 DB_FilePeer::instance()->delete($c);
             } else {
                 $status = "file_exists";
                 $runData->contextAdd("status", $status);
                 $runData->contextAdd("message", _("Error uploading file - file by that name already exists."));
                 return;
             }
         }
         // determine mime type using file cmd
         $fdesc = FileMime::description($file['tmp_name']);
         $fmime = FileMime::mime($file['tmp_name']);
         $uploadDir = $site->getLocalFilesPath() . "/files/" . $page->getUnixName();
         mkdirfull($uploadDir);
         $dest = $uploadDir . "/" . $destinationFilename;
         move_uploaded_file($file['tmp_name'], $dest);
         // check if image and resize
         // DO NOT RUN identify ON ALL FILES!!!!!!!!!!!!
         // OR limit the resources please
         $cmd = 'identify ' . escapeshellarg($dest);
         $res = exec_time($cmd, 8, $out);
         if ($res) {
             // is at least "imageable" - can have thumbnails
             // resized images dir
             $resizedDir = $site->getLocalFilesPath() . "/resized-images/" . $page->getUnixName() . '/' . $destinationFilename;
             mkdirfull($resizedDir);
             $hasResized = $this->resizeImages($resizedDir, $dest);
         }
         $db = Database::connection();
         $db->begin();
         // if successfull create new file object and insert into database.
         $f = new DB_File();
         $f->setPageId($pageId);
         $f->setFilename($destinationFilename);
         $f->setSize($file['size']);
         $f->setDateAdded(new ODate());
         if ($userId) {
             $f->setUserId($userId);
         } else {
             $f->setUserId(0);
             $f->setUserString($userString);
         }
         $f->setSiteId($site->getSiteId());
         $f->setComment($comments);
         $f->setMimetype($fmime);
         $f->setDescription($fdesc);
         $f->setHasResized($hasResized);
         $sdesc = explode(",", $fdesc);
         $sdesc = $sdesc[0];
         $f->setDescriptionShort($sdesc);
         $f->save();
         // create a new revision
         $revision = $page->getCurrentRevision();
         $revision->setNew(true);
         $revision->setRevisionId(null);
         $revision->resetFlags();
         $revision->setFlagFile(true);
         $revision->setComments("Uploaded file \"{$destinationFilename}\".");
         if ($userId) {
             $revision->setUserId($userId);
             $page->setLastEditUserId($userId);
         } else {
             $revision->setUserId(0);
             $page->setLastEditUserId(0);
             $revision->setUserString($userString);
             $page->setLastEditUserString($userString);
         }
         $revision->setRevisionNumber($revision->getRevisionNumber() + 1);
         $now = new ODate();
         $revision->setDateLastEdited($now);
         $revision->save();
         $page->setRevisionId($revision->getRevisionId());
         $page->setDateLastEdited($now);
         $page->setRevisionNumber($revision->getRevisionNumber());
         $page->save();
         // in case there is a gallery plugin or an image pointing
         // to the file - simpy recompile the page
         $od = new Outdater();
         $od->pageEvent('file_change', $page);
         $db->commit();
         $runData->contextAdd("status", "ok");
     } catch (Exception $e) {
         $status = "not_ok";
         $runData->contextAdd("status", $status);
         $runData->contextAdd("message", _("Error uploading file."));
         $db->rollback();
     }
 }