/** * Create a new unique directory within the specified directory. * * @param string $basedir The directory to create your new unique directory within. * @param bool $exceptiononerror throw exception if error encountered * @return string The created directory * @throws invalid_dataroot_permissions */ function make_unique_writable_directory($basedir, $exceptiononerror = true) { if (!is_dir($basedir) || !is_writable($basedir)) { // The basedir is not writable. We will not be able to create the child directory. if ($exceptiononerror) { throw new invalid_dataroot_permissions($basedir . ' is not writable. Unable to create a unique directory within it.'); } else { return false; } } do { // Generate a new (hopefully unique) directory name. $uniquedir = $basedir . DIRECTORY_SEPARATOR . generate_uuid(); } while (is_writable($basedir) && !make_writable_directory($uniquedir, $exceptiononerror) && file_exists($uniquedir) && is_dir($uniquedir)); // Check that the directory was correctly created. if (!file_exists($uniquedir) || !is_dir($uniquedir) || !is_writable($uniquedir)) { if ($exceptiononerror) { throw new invalid_dataroot_permissions('Unique directory creation failed.'); } else { return false; } } return $uniquedir; }
/** * @param $value * @return string */ public function setUuidAttribute($value) { return $this->attributes['uuid'] = generate_uuid($value); }
/** * This function generates a unique token for the lock to use. * It is important that this token is not solely based on time as this could lead * to duplicates in a clustered environment (especially on VMs due to poor time precision). */ protected function generate_unique_token() { return generate_uuid(); }
/** * */ public function setUuidAttribute() { $this->attributes['uuid'] = generate_uuid(); }
/** * Create a new unique directory within the specified directory. * * @param string $basedir The directory to create your new unique directory within. * @param bool $exceptiononerror throw exception if error encountered * @return string The created directory * @throws invalid_dataroot_permissions */ function make_unique_writable_directory($basedir, $exceptiononerror = true) { if (!is_dir($basedir) || !is_writable($basedir)) { // The basedir is not writable. We will not be able to create the child directory. if ($exceptiononerror) { throw new invalid_dataroot_permissions($basedir . ' is not writable. Unable to create a unique directory within it.'); } else { return false; } } do { // Generate a new (hopefully unique) directory name. $uniquedir = $basedir . DIRECTORY_SEPARATOR . generate_uuid(); } while ( // Ensure that basedir is still writable - if we do not check, we could get stuck in a loop here. is_writable($basedir) && // Make the new unique directory. If the directory already exists, it will return false. !make_writable_directory($uniquedir, $exceptiononerror) && // Ensure that the directory now exists file_exists($uniquedir) && is_dir($uniquedir) ); // Check that the directory was correctly created. if (!file_exists($uniquedir) || !is_dir($uniquedir) || !is_writable($uniquedir)) { if ($exceptiononerror) { throw new invalid_dataroot_permissions('Unique directory creation failed.'); } else { return false; } } return $uniquedir; }
<?php include_once 'includes/config.php'; include_once 'includes/db_connect.php'; include_once 'includes/functions.php'; $upload_dir = UPLOAD_DIR; $content_dir = CONTENT_DIR; if (isset($_FILES['upl']) && $_FILES['upl']['error'] == 0) { $org_filename = $_FILES['upl']['name']; $extension = pathinfo($_FILES['upl']['name'], PATHINFO_EXTENSION); $uuid = generate_uuid(); if (!in_array(strtolower($extension), $allowed)) { echo '{"error":"notAllowed"}'; exit; } if (move_uploaded_file($_FILES['upl']['tmp_name'], $upload_dir . $org_filename)) { mkdir($content_dir . $uuid); if (strtolower($extension) == "zip") { if (unzip_file($upload_dir . $org_filename, $content_dir . $uuid)) { unlink($upload_dir . $org_filename); // parse unziped root folder $dh = opendir($content_dir . $uuid); while (false !== ($filename = readdir($dh))) { if ($filename == "." || $filename == "..") { continue; } else { $f_ext = pathinfo($filename, PATHINFO_EXTENSION); $content_type = getContentType($f_ext); if ($f_ext == "blend") { // adding blendfile to Database add_DBContent($mysqli, $filename, $uuid, "blender", $f_ext);
/** * Generates a 32-byte base64-encoded random string safe for URLs. */ function generate_csrf_token() { return base64encode(generate_uuid(), true); }
// check file name - return 406 (not acceptable) if file contains invalid characters foreach ($config['invalid_characters_in_filename'] as $invalidCharacter) { if (stripos($filename, $invalidCharacter) !== false) { sendHttpReturnCodeAndJson(406, ['msg' => 'Invalid character found in filename.', 'err_code' => 3, 'parameters' => ['invalid_character' => $invalidCharacter]]); } } // check file size - return 406 (not acceptable) if file too small if ($filesize <= 0) { sendHttpReturnCodeAndJson(406, ['msg' => 'File is empty.', 'err_code' => 1]); } // check file size - return 406 (not acceptable) if file too large if ($filesize > $config['max_upload_file_size']) { sendHttpReturnCodeAndJson(406, ['msg' => 'File too large.', 'err_code' => 2, 'parameters' => ['max_file_size' => $config['max_upload_file_size']]]); } // generate slot uuid, register slot uuid and expected file size and expected mime type $slotUUID = generate_uuid(); registerSlot($slotUUID, $filename, $filesize, $mimeType, $userJid, $config); if (!mkdir(getUploadFilePath($slotUUID, $config))) { sendHttpReturnCodeAndJson(500, "Could not create directory for upload."); } // return 200 for success and get / put url Json formatted ( ['get'=>url, 'put'=>url] ) $result = ['put' => $config['base_url_put'] . $slotUUID . '/' . $filename, 'get' => $config['base_url_get'] . $slotUUID . '/' . $filename]; } echo json_encode($result); break; case 'PUT': // check slot uuid - return 403 if not existing $uri = $_SERVER["REQUEST_URI"]; $slotUUID = getUUIDFromUri($uri); $filename = getFilenameFromUri($uri); if (!slotExists($slotUUID, $config)) {