aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/phpbb/avatar/driver/upload.php
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/phpbb/avatar/driver/upload.php')
-rw-r--r--phpBB/phpbb/avatar/driver/upload.php70
1 files changed, 47 insertions, 23 deletions
diff --git a/phpBB/phpbb/avatar/driver/upload.php b/phpBB/phpbb/avatar/driver/upload.php
index 0dae5607f6..a012bb15b6 100644
--- a/phpBB/phpbb/avatar/driver/upload.php
+++ b/phpBB/phpbb/avatar/driver/upload.php
@@ -19,9 +19,9 @@ namespace phpbb\avatar\driver;
class upload extends \phpbb\avatar\driver\driver
{
/**
- * @var \phpbb\mimetype\guesser
- */
- protected $mimetype_guesser;
+ * @var \phpbb\filesystem\filesystem_interface
+ */
+ protected $filesystem;
/**
* @var \phpbb\event\dispatcher_interface
@@ -29,24 +29,31 @@ class upload extends \phpbb\avatar\driver\driver
protected $dispatcher;
/**
+ * @var \phpbb\files\factory
+ */
+ protected $files_factory;
+
+ /**
* Construct a driver object
*
* @param \phpbb\config\config $config phpBB configuration
* @param string $phpbb_root_path Path to the phpBB root
* @param string $php_ext PHP file extension
- * @param \phpbb_path_helper $path_helper phpBB path helper
- * @param \phpbb\mimetype\guesser $mimetype_guesser Mimetype guesser
+ * @param \phpbb\filesystem\filesystem_interface $filesystem phpBB filesystem helper
+ * @param \phpbb\path_helper $path_helper phpBB path helper
* @param \phpbb\event\dispatcher_interface $dispatcher phpBB Event dispatcher object
+ * @param \phpbb\files\factory $files_factory File classes factory
* @param \phpbb\cache\driver\driver_interface $cache Cache driver
*/
- public function __construct(\phpbb\config\config $config, $phpbb_root_path, $php_ext, \phpbb\path_helper $path_helper, \phpbb\mimetype\guesser $mimetype_guesser, \phpbb\event\dispatcher_interface $dispatcher, \phpbb\cache\driver\driver_interface $cache = null)
+ public function __construct(\phpbb\config\config $config, $phpbb_root_path, $php_ext, \phpbb\filesystem\filesystem_interface $filesystem, \phpbb\path_helper $path_helper, \phpbb\event\dispatcher_interface $dispatcher, \phpbb\files\factory $files_factory, \phpbb\cache\driver\driver_interface $cache = null)
{
$this->config = $config;
$this->phpbb_root_path = $phpbb_root_path;
$this->php_ext = $php_ext;
+ $this->filesystem = $filesystem;
$this->path_helper = $path_helper;
- $this->mimetype_guesser = $mimetype_guesser;
$this->dispatcher = $dispatcher;
+ $this->files_factory = $files_factory;
$this->cache = $cache;
}
@@ -92,19 +99,24 @@ class upload extends \phpbb\avatar\driver\driver
return false;
}
- if (!class_exists('fileupload'))
- {
- include($this->phpbb_root_path . 'includes/functions_upload.' . $this->php_ext);
- }
-
- $upload = new \fileupload('AVATAR_', $this->allowed_extensions, $this->config['avatar_filesize'], $this->config['avatar_min_width'], $this->config['avatar_min_height'], $this->config['avatar_max_width'], $this->config['avatar_max_height'], (isset($this->config['mime_triggers']) ? explode('|', $this->config['mime_triggers']) : false));
+ /** @var \phpbb\files\upload $upload */
+ $upload = $this->files_factory->get('upload')
+ ->set_error_prefix('AVATAR_')
+ ->set_allowed_extensions($this->allowed_extensions)
+ ->set_max_filesize($this->config['avatar_filesize'])
+ ->set_allowed_dimensions(
+ $this->config['avatar_min_width'],
+ $this->config['avatar_min_height'],
+ $this->config['avatar_max_width'],
+ $this->config['avatar_max_height'])
+ ->set_disallowed_content((isset($this->config['mime_triggers']) ? explode('|', $this->config['mime_triggers']) : false));
$url = $request->variable('avatar_upload_url', '');
$upload_file = $request->file('avatar_upload_file');
if (!empty($upload_file['name']))
{
- $file = $upload->form_upload('avatar_upload_file', $this->mimetype_guesser);
+ $file = $upload->handle_upload('files.types.form', 'avatar_upload_file');
}
else if (!empty($this->config['allow_avatar_remote_upload']) && !empty($url))
{
@@ -136,7 +148,8 @@ class upload extends \phpbb\avatar\driver\driver
// Do not allow specifying the port (see RFC 3986) or IP addresses
// remote_upload() will do its own check for allowed filetypes
- if (preg_match('@^(http|https|ftp)://[^/:?#]+:[0-9]+[/:?#]@i', $url) ||
+ if (!preg_match('#^(http|https|ftp)://(?:(.*?\.)*?[a-z0-9\-]+?\.[a-z]{2,4}|(?:\d{1,3}\.){3,5}\d{1,3}):?([0-9]*?).*?\.('. implode('|', $this->allowed_extensions) . ')$#i', $url) ||
+ preg_match('@^(http|https|ftp)://[^/:?#]+:[0-9]+[/:?#]@i', $url) ||
preg_match('#^(http|https|ftp)://(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])#i', $url) ||
preg_match('#^(http|https|ftp)://(?:(?:(?:[\dA-F]{1,4}:){6}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:::(?:[\dA-F]{1,4}:){0,5}(?:[\dA-F]{1,4}(?::[\dA-F]{1,4})?|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:):(?:[\dA-F]{1,4}:){4}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,2}:(?:[\dA-F]{1,4}:){3}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,3}:(?:[\dA-F]{1,4}:){2}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,4}:(?:[\dA-F]{1,4}:)(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,5}:(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,6}:[\dA-F]{1,4})|(?:(?:[\dA-F]{1,4}:){1,7}:)|(?:::))#i', $url))
{
@@ -144,7 +157,7 @@ class upload extends \phpbb\avatar\driver\driver
return false;
}
- $file = $upload->remote_upload($url, $this->mimetype_guesser);
+ $file = $upload->handle_upload('files.types.remote', $url);
}
else
{
@@ -155,7 +168,7 @@ class upload extends \phpbb\avatar\driver\driver
$file->clean_filename('avatar', $prefix, $row['id']);
// If there was an error during upload, then abort operation
- if (sizeof($file->error))
+ if (count($file->error))
{
$file->remove();
$error = $file->error;
@@ -191,15 +204,18 @@ class upload extends \phpbb\avatar\driver\driver
*
* @event core.avatar_driver_upload_move_file_before
* @var array filedata Array containing uploaded file data
+ * @var \phpbb\files\filespec file Instance of filespec class
* @var string destination Destination directory where the file is going to be moved
* @var string prefix Prefix for the avatar filename
* @var array row Array with avatar row data
* @var array error Array of errors, if filled in by this event file will not be moved
* @since 3.1.6-RC1
* @changed 3.1.9-RC1 Added filedata
+ * @changed 3.2.3-RC1 Added file
*/
$vars = array(
'filedata',
+ 'file',
'destination',
'prefix',
'row',
@@ -209,7 +225,7 @@ class upload extends \phpbb\avatar\driver\driver
unset($filedata);
- if (!sizeof($error))
+ if (!count($error))
{
// Move file and overwrite any existing image
$file->move_file($destination, true);
@@ -217,7 +233,7 @@ class upload extends \phpbb\avatar\driver\driver
// If there was an error during move, then clean up leftovers
$error = array_merge($error, $file->error);
- if (sizeof($error))
+ if (count($error))
{
$file->remove();
return false;
@@ -279,12 +295,20 @@ class upload extends \phpbb\avatar\driver\driver
);
extract($this->dispatcher->trigger_event('core.avatar_driver_upload_delete_before', compact($vars)));
- if (!sizeof($error) && file_exists($filename))
+ if (!count($error) && $this->filesystem->exists($filename))
{
- @unlink($filename);
+ try
+ {
+ $this->filesystem->remove($filename);
+ return true;
+ }
+ catch (\phpbb\filesystem\exception\filesystem_exception $e)
+ {
+ // Fail is covered by return statement below
+ }
}
- return true;
+ return false;
}
/**
@@ -302,6 +326,6 @@ class upload extends \phpbb\avatar\driver\driver
*/
protected function can_upload()
{
- return (file_exists($this->phpbb_root_path . $this->config['avatar_path']) && phpbb_is_writable($this->phpbb_root_path . $this->config['avatar_path']) && (@ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on'));
+ return ($this->filesystem->exists($this->phpbb_root_path . $this->config['avatar_path']) && $this->filesystem->is_writable($this->phpbb_root_path . $this->config['avatar_path']) && (@ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on'));
}
}
generated by cgit v1.2.1 (git 2.21.0) at 2024-05-22 21:49:40 +0000