function check()
 {
     if (isset($_FILES[$this->ref])) {
         $this->fileInfo = $_FILES[$this->ref];
     } else {
         $this->fileInfo = array('name' => '', 'type' => '', 'size' => 0, 'tmp_name' => '', 'error' => UPLOAD_ERR_NO_FILE);
     }
     if ($this->fileInfo['error'] == UPLOAD_ERR_NO_FILE) {
         if ($this->required) {
             return $this->container->errors[$this->ref] = jForms::ERRDATA_REQUIRED;
         }
     } else {
         if ($this->fileInfo['error'] == UPLOAD_ERR_NO_TMP_DIR || $this->fileInfo['error'] == UPLOAD_ERR_CANT_WRITE) {
             return $this->container->errors[$this->ref] = jForms::ERRDATA_FILE_UPLOAD_ERROR;
         }
         if ($this->fileInfo['error'] == UPLOAD_ERR_INI_SIZE || $this->fileInfo['error'] == UPLOAD_ERR_FORM_SIZE || $this->maxsize && $this->fileInfo['size'] > $this->maxsize) {
             return $this->container->errors[$this->ref] = jForms::ERRDATA_INVALID_FILE_SIZE;
         }
         if ($this->fileInfo['error'] == UPLOAD_ERR_PARTIAL || !is_uploaded_file($this->fileInfo['tmp_name'])) {
             return $this->container->errors[$this->ref] = jForms::ERRDATA_INVALID;
         }
         if (count($this->mimetype)) {
             $this->fileInfo['type'] = jFile::getMimeType($this->fileInfo['tmp_name']);
             if ($this->fileInfo['type'] == 'application/octet-stream') {
                 // let's try with the name
                 $this->fileInfo['type'] = jFile::getMimeTypeFromFilename($this->fileInfo['name']);
             }
             if (!in_array($this->fileInfo['type'], $this->mimetype)) {
                 return $this->container->errors[$this->ref] = jForms::ERRDATA_INVALID_FILE_TYPE;
             }
         }
     }
     return null;
 }
 function check()
 {
     if (isset($_FILES[$this->ref])) {
         $this->fileInfo = $_FILES[$this->ref];
     } else {
         $this->fileInfo = array('name' => '', 'type' => '', 'size' => 0, 'tmp_name' => '', 'error' => UPLOAD_ERR_NO_FILE);
     }
     if ($this->fileInfo['error'] == UPLOAD_ERR_NO_FILE) {
         if ($this->required) {
             return $this->container->errors[$this->ref] = jForms::ERRDATA_REQUIRED;
         }
     } else {
         if ($this->fileInfo['error'] != UPLOAD_ERR_OK || !is_uploaded_file($this->fileInfo['tmp_name'])) {
             return $this->container->errors[$this->ref] = jForms::ERRDATA_INVALID;
         }
         if ($this->maxsize && $this->fileInfo['size'] > $this->maxsize) {
             return $this->container->errors[$this->ref] = jForms::ERRDATA_INVALID;
         }
         if (count($this->mimetype)) {
             $this->fileInfo['type'] = jFile::getMimeType($this->fileInfo['tmp_name']);
             if (!in_array($this->fileInfo['type'], $this->mimetype)) {
                 return $this->container->errors[$this->ref] = jForms::ERRDATA_INVALID;
             }
         }
     }
     return null;
 }
 /**
  * Get a media file (image, html, csv, pdf, etc.) store in the repository.
  * Used to display media in the popup, via the information icon, etc.
  *
  * @param string $repository Repository of the project.
  * @param string $project Project key.
  * @param string $path Path to the media relative to the project file.
  * @return binary object The media.
  */
 function getMedia()
 {
     // Get repository data
     $repository = $this->param('repository');
     $lrep = lizmap::getRepository($repository);
     if (!jAcl2::check('lizmap.repositories.view', $lrep->getKey())) {
         $rep = $this->getResponse('redirect');
         $rep->action = 'view~default:error';
         jMessage::add(jLocale::get('view~default.repository.access.denied'), 'error');
         return $rep;
     }
     // Get the project
     $project = $this->param('project');
     // Get the file
     $path = $this->param('path');
     $repositoryPath = realpath($lrep->getPath());
     $abspath = realpath($repositoryPath . '/' . $path);
     $n_repositoryPath = str_replace('\\', '/', $repositoryPath);
     $n_abspath = str_replace('\\', '/', $abspath);
     $ok = True;
     // Only allow files within the repository for safety reasons
     // and in the media folder
     if (!preg_match("#^" . $n_repositoryPath . "(/)?media/#", $n_abspath)) {
         $ok = False;
     }
     // Check if file exists
     if ($ok and !file_exists($abspath)) {
         $ok = False;
     }
     // Redirect if errors
     if (!$ok) {
         $content = "No media file in the specified path";
         $rep = $this->getResponse('text');
         $rep->content = $content;
         return $rep;
     }
     // Prepare the file to return
     $rep = $this->getResponse('binary');
     $rep->doDownload = false;
     $rep->fileName = $abspath;
     // Get the name of the file
     $path_parts = pathinfo($abspath);
     $ext = $path_parts['extension'];
     $name = $path_parts['basename'] . '.' . $ext;
     $rep->outputFileName = $name;
     // Get the mime type
     $mime = jFile::getMimeType($abspath);
     if ($mime == 'text/plain') {
         if ($ext == 'css') {
             $mime = 'text/css';
         }
         if ($ext == 'js') {
             $mime = 'text/javascript';
         }
     }
     if ($mime) {
         $rep->mimeType = $mime;
     }
     $mimeTextArray = array('text/html', 'text/text');
     if (in_array($mime, $mimeTextArray)) {
         $content = jFile::read($abspath);
         $rep->fileName = Null;
         $rep->content = $content;
     }
     $rep->setExpires('+60 seconds');
     return $rep;
 }
 /**
  * Get a media file (image, html, csv, pdf, etc.) store in the repository.
  * Used to display media in the popup, via the information icon, etc.
  *
  * @param string $repository Repository of the project.
  * @param string $project Project key.
  * @param string $path Path to the media relative to the project file.
  * @return binary object The media.
  */
 function getMedia()
 {
     // Get repository data
     $repository = $this->param('repository');
     $lrep = lizmap::getRepository($repository);
     if (!$lrep) {
         return $this->error404('');
     }
     if (!jAcl2::check('lizmap.repositories.view', $lrep->getKey())) {
         return $this->error403(jLocale::get('view~default.repository.access.denied'));
     }
     // Get the project
     $project = $this->param('project');
     // Get lizmapProject class
     try {
         $lproj = lizmap::getProject($lrep->getKey() . '~' . $project);
         if (!$lproj) {
             return $this->error404('The lizmapProject ' . strtoupper($project) . ' does not exist !');
         }
     } catch (UnknownLizmapProjectException $e) {
         jLog::logEx($e, 'error');
         return $this->error404('The lizmapProject ' . strtoupper($project) . ' does not exist !');
     }
     // Redirect if no right to access the project
     if (!$lproj->checkAcl()) {
         return $this->error403(jLocale::get('view~default.repository.access.denied'));
     }
     // Get the file
     $path = $this->param('path');
     $repositoryPath = realpath($lrep->getPath());
     $abspath = realpath($repositoryPath . '/' . $path);
     $n_repositoryPath = str_replace('\\', '/', $repositoryPath);
     $n_abspath = $n_repositoryPath . '/' . trim($path, '/');
     //manually canonize path to authorize symlink
     $n_abspath = explode('/', $n_abspath);
     $n_keys = array_keys($n_abspath, '..');
     foreach ($n_keys as $keypos => $key) {
         array_splice($address, $key - ($keypos * 2 + 1), 2);
     }
     $n_abspath = implode('/', $n_abspath);
     $n_abspath = str_replace('./', '', $n_abspath);
     $ok = True;
     // Only allow files within the repository for safety reasons
     // and in the media folder
     if (!preg_match("#^" . $n_repositoryPath . "(/)?media/#", $n_abspath)) {
         $ok = False;
     }
     // Check if file exists
     if ($ok && !is_file($abspath)) {
         $ok = False;
     }
     // Redirect if errors
     if (!$ok) {
         $content = "No media file in the specified path: " . $path;
         if (is_link($repositoryPath . '/' . $path)) {
             $content .= " " . readlink($repositoryPath . '/' . $path);
         }
         return $this->error404($content);
     }
     // Prepare the file to return
     $rep = $this->getResponse('binary');
     $rep->doDownload = false;
     $rep->fileName = $abspath;
     // Get the name of the file
     $path_parts = pathinfo($abspath);
     if (isset($path_parts['extension'])) {
         $rep->outputFileName = $path_parts['basename'] . '.' . $path_parts['extension'];
     } else {
         $rep->outputFileName = $path_parts['basename'];
     }
     // Get the mime type
     $mime = jFile::getMimeType($abspath);
     if ($mime == 'text/plain') {
         if ($ext == 'css') {
             $mime = 'text/css';
         }
         if ($ext == 'js') {
             $mime = 'text/javascript';
         }
     }
     if ($mime) {
         $rep->mimeType = $mime;
     }
     $mimeTextArray = array('text/html', 'text/text');
     if (in_array($mime, $mimeTextArray)) {
         $content = jFile::read($abspath);
         $rep->fileName = Null;
         $rep->content = $content;
     }
     $rep->setExpires('+60 seconds');
     return $rep;
 }