Pwirth has uploaded a new change for review.
https://gerrit.wikimedia.org/r/176353
Change subject: BsFileSystemHelper: Merged all changes and fixes
......................................................................
BsFileSystemHelper: Merged all changes and fixes
* merged all changes and fixes from master
Change-Id: I9537c7bfd1567c3782c7d6bdb16024d998719653
---
M includes/utility/FileSystemHelper.class.php
1 file changed, 86 insertions(+), 55 deletions(-)
git pull
ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/BlueSpiceFoundation
refs/changes/53/176353/1
diff --git a/includes/utility/FileSystemHelper.class.php
b/includes/utility/FileSystemHelper.class.php
index 7d79dfd..33656d4 100644
--- a/includes/utility/FileSystemHelper.class.php
+++ b/includes/utility/FileSystemHelper.class.php
@@ -5,7 +5,7 @@
/**
*
* @param string $sSubDirName
- * @return Status
+ * @return Status
*/
public static function ensureCacheDirectory($sSubDirName = '') {
wfProfileIn(__METHOD__);
@@ -13,7 +13,7 @@
return
Status::newFatal(wfMessage("bs-filesystemhelper-has-path-traversal")->plain());
if (!empty($sSubDirName) && !preg_match('#^[a-zA-Z/\\\]+#',
$sSubDirName)) {
wfProfileOut(__METHOD__);
- return Status::newFatal('Requested subdirectory of ' .
BS_DATA_DIR . ' contains illegal chars');
+ return Status::newFatal('Requested subdirectory of ' .
BS_CACHE_DIR . ' contains illegal chars');
}
if (!is_dir(BS_CACHE_DIR)) {
if (!mkdir(BS_CACHE_DIR, 0777, true)) {
@@ -24,21 +24,24 @@
if (empty($sSubDirName)) {
wfProfileOut(__METHOD__);
return Status::newGood(BS_CACHE_DIR);
- } elseif (is_dir(BS_CACHE_DIR . '/' . $sSubDirName)) {
+ } elseif (is_dir(BS_CACHE_DIR . DS . $sSubDirName)) {
wfProfileOut(__METHOD__);
- return Status::newGood(BS_CACHE_DIR . '/' .
$sSubDirName);
+ return Status::newGood(BS_CACHE_DIR . DS .
$sSubDirName);
}
- if (!mkdir(BS_CACHE_DIR . '/' . $sSubDirName, 0777, true)) {
+ if (!mkdir(BS_CACHE_DIR . DS . $sSubDirName, 0777, true)) {
wfProfileOut(__METHOD__);
return Status::newFatal(BS_CACHE_DIR . ' is not
accessible');
}
+
+ wfProfileOut(__METHOD__);
+ return Status::newGood(BS_CACHE_DIR . DS . $sSubDirName);
}
/**
*
* @param string $sSubDirName
- * @return Status
+ * @return Status
*/
public static function ensureDataDirectory($sSubDirName = '') {
wfProfileIn(__METHOD__);
@@ -58,24 +61,24 @@
if (empty($sSubDirName)) {
wfProfileOut(__METHOD__);
return Status::newGood(BS_DATA_DIR);
- } elseif (is_dir(BS_DATA_DIR . '/' . $sSubDirName)) {
+ } elseif (is_dir(BS_DATA_DIR . DS . $sSubDirName)) {
wfProfileOut(__METHOD__);
- return Status::newGood(BS_DATA_DIR . '/' .
$sSubDirName);
+ return Status::newGood(BS_DATA_DIR . DS . $sSubDirName);
}
- if (!mkdir(BS_DATA_DIR . '/' . $sSubDirName, 0777, true)) {
+ if (!mkdir(BS_DATA_DIR . DS . $sSubDirName, 0777, true)) {
wfProfileOut(__METHOD__);
return Status::newFatal(BS_DATA_DIR . ' is not
accessible');
}
wfProfileOut(__METHOD__);
- return Status::newGood(BS_DATA_DIR . '/' . $sSubDirName);
+ return Status::newGood(BS_DATA_DIR . DS . $sSubDirName);
}
/**
*
* @param string $sSubDirName
* @param mixed $data
- * @return Status
+ * @return Status
*/
public static function saveToCacheDirectory($sFileName, $data,
$sSubDirName = '') {
wfProfileIn(__METHOD__);
@@ -89,7 +92,7 @@
if (!file_put_contents($oStatus->getValue() . DS . $sFileName,
$data)) {
wfProfileOut(__METHOD__);
- return Status::newFatal('could not save "' . $sFileName
. '" to location: ' . $oStatus->getValue() . '/' . $sFileName);
+ return Status::newFatal('could not save "' . $sFileName
. '" to location: ' . $oStatus->getValue() . DS . $sFileName);
}
wfProfileOut(__METHOD__);
@@ -100,7 +103,7 @@
*
* @param string $sSubDirName
* @param mixed $data
- * @return Status
+ * @return Status
*/
public static function saveToDataDirectory($sFileName, $data,
$sSubDirName = '') {
wfProfileIn(__METHOD__);
@@ -115,7 +118,7 @@
//todo: via FileRepo
if (!file_put_contents($oStatus->getValue() . DS . $sFileName,
$data)) {
wfProfileOut(__METHOD__);
- return Status::newFatal('could not save "' . $sFileName
. '" to location: ' . $oStatus->getValue() . '/' . $sFileName);
+ return Status::newFatal('could not save "' . $sFileName
. '" to location: ' . $oStatus->getValue() . DS . $sFileName);
}
wfProfileOut(__METHOD__);
@@ -125,31 +128,28 @@
/**
*
* @param string $sSubDirName
- * @return string Filepath
+ * @return string Filepath
*/
public static function getDataDirectory($sSubDirName = '') {
- $sDataDir = ( $sSubDirName ) ? BS_DATA_DIR . DS . $sSubDirName
: BS_DATA_DIR;
- return $sDataDir;
+ return empty( $sSubDirName ) ? BS_DATA_DIR : BS_DATA_DIR . DS .
$sSubDirName;
}
/**
*
* @param string $sSubDirName
- * @return string URL
+ * @return string URL
*/
- public static function getDataPath($sSubDirName = '') {
- $sDataPath = ( $sSubDirName ) ? BS_DATA_PATH . '/' .
$sSubDirName : BS_DATA_PATH;
- return $sDataPath;
+ public static function getDataPath( $sSubDirName = '' ) {
+ return empty( $sSubDirName ) ? BS_DATA_PATH : BS_DATA_PATH .
'/' . $sSubDirName;
}
/**
*
* @param string $sSubDirName
- * @return string Filepath
+ * @return string Filepath
*/
- public static function getCacheDirectory($sSubDirName = '') {
- $sCacheDir = ( $sSubDirName ) ? BS_CACHE_DIR . '/' .
$sSubDirName : BS_CACHE_DIR;
- return $sCacheDir;
+ public static function getCacheDirectory( $sSubDirName = '' ) {
+ return empty( $sSubDirName ) ? BS_CACHE_DIR : BS_CACHE_DIR . DS
. $sSubDirName;
}
/**
@@ -164,10 +164,10 @@
wfMkdirParents($sDestination);
while (false !== ( $sFileName = readdir($rDir))) {
if (( $sFileName != '.' ) && ( $sFileName != '..' )) {
- if (is_dir($sSource . '/' . $sFileName)) {
- self::copyRecursive($sSource . '/' .
$sFileName, $sDestination . '/' . $sFileName);
+ if (is_dir($sSource . DS . $sFileName)) {
+ self::copyRecursive($sSource . DS .
$sFileName, $sDestination . DS . $sFileName);
} else {
- copy($sSource . '/' . $sFileName,
$sDestination . '/' . $sFileName);
+ copy($sSource . DS . $sFileName,
$sDestination . DS . $sFileName);
}
}
}
@@ -191,10 +191,10 @@
}
/**
- * Get the content of a file
+ * Get the content of a file in data directory
* @param String $sFileName
* @param String $sDir
- * @return String The file's content.
+ * @return Status (->getValue() for the file's content).
*/
public static function getFileContent($sFileName, $sDir) {
if (self::hasTraversal($sDir . DS . $sFileName))
@@ -204,6 +204,23 @@
if (!file_exists(BS_DATA_DIR . DS . $sDir . DS . $sFileName))
return
Status::newFatal(wfMessage("bs-filesystemhelper-file-not-exists",
$sFileName)->plain());
$sFile = file_get_contents(BS_DATA_DIR . DS . $sDir . DS .
$sFileName);
+ return Status::newGood($sFile);
+ }
+
+ /**
+ * Get the content of a file in cache directory
+ * @param String $sFileName
+ * @param String $sDir
+ * @return Status (->getValue() for the file's content).
+ */
+ public static function getCacheFileContent($sFileName, $sDir) {
+ if (self::hasTraversal($sDir . DS . $sFileName))
+ return
Status::newFatal(wfMessage("bs-filesystemhelper-has-path-traversal")->plain());
+ if (!is_dir(BS_CACHE_DIR . DS . $sDir))
+ return
Status::newFatal(wfMessage("bs-filesystemhelper-no-directory", $sDir)->plain());
+ if (!file_exists(BS_CACHE_DIR . DS . $sDir . DS . $sFileName))
+ return
Status::newFatal(wfMessage("bs-filesystemhelper-file-not-exists",
$sFileName)->plain());
+ $sFile = file_get_contents(BS_CACHE_DIR . DS . $sDir . DS .
$sFileName);
return Status::newGood($sFile);
}
@@ -330,7 +347,7 @@
}
/**
- *
+ *
* @global type $wgRequest
* @param type $sName
* @param type $sDir
@@ -339,31 +356,38 @@
* @return type
* @throws MWException
*/
- public static function uploadFile($sName, $sDir, $sFileName = '',
$sRequiredExtension = '') {
- global $wgRequest;
+ public static function uploadFile( $sName, $sDir, $sFileName = '',
$sRequiredExtension = '' ) {
$oWebRequest = new WebRequest();
- $oWebRequestUpload = $oWebRequest->getUpload($sName);
+ $oWebRequestUpload = $oWebRequest->getUpload( $sName );
$oUploadFromFile = new UploadFromFile();
- $oUploadFromFile->initialize($wgRequest->getVal('name'),
$oWebRequestUpload);
+ $oUploadFromFile->initialize(
RequestContext::getMain()->getRequest()->getVal( 'name' ), $oWebRequestUpload );
$aStatus = $oUploadFromFile->verifyUpload();
- if ($aStatus['status'] != 0) {
- return
Status::newFatal(wfMessage('bs-filesystemhelper-upload-err-code', '{{int:' .
UploadBase::getVerificationErrorCode($aStatus['status']) . '}}')->parse());
+ if ( $aStatus['status'] != 0 ) {
+ return Status::newFatal(
+ wfMessage(
+ 'bs-filesystemhelper-upload-err-code',
+ '{{int:' .
UploadBase::getVerificationErrorCode( $aStatus['status'] ) . '}}'
+ )->parse()
+ );
}
+
$sRemoteFileName = $oWebRequestUpload->getName();
- $sRemoteFileExt = pathinfo($sRemoteFileName,
PATHINFO_EXTENSION);
- if ($sRequiredExtension && strtolower($sRemoteFileExt) !=
strtolower($sRequiredExtension)) {
- return
Status::newFatal(wfMessage('bs-filesystemhelper-upload-wrong-ext',
$sRequiredExtension));
+ $sRemoteFileExt = pathinfo( $sRemoteFileName,
PATHINFO_EXTENSION );
+ if ( $sRequiredExtension && ( strtolower( $sRemoteFileExt ) !=
strtolower( $sRequiredExtension ) ) ) {
+ return Status::newFatal( wfMessage(
'bs-filesystemhelper-upload-wrong-ext', $sRequiredExtension )->plain() );
}
- $oStatus = self::ensureDataDirectory($sDir);
- if (!$oStatus->isGood())
+
+ $oStatus = self::ensureDataDirectory( $sDir );
+ if ( !$oStatus->isGood() )
return $oStatus;
$sTmpName = BS_DATA_DIR . DS . $sDir . DS;
- $sTmpName .= ($sFileName) ? $sFileName : $sRemoteFileName;
- if (self::hasTraversal($sTmpName, true))
- return
Status::newFatal(wfMessage("bs-filesystemhelper-has-path-traversal")->plain());
- move_uploaded_file($oWebRequestUpload->getTempName(),
$sTmpName);
- return Status::newGood($oWebRequestUpload->getName());
+ $sTmpName .= ( $sFileName ) ? $sFileName : $sRemoteFileName;
+ if ( self::hasTraversal( $sTmpName, true ) )
+ return Status::newFatal( wfMessage(
"bs-filesystemhelper-has-path-traversal" )->plain() );
+
+ move_uploaded_file( $oWebRequestUpload->getTempName(),
$sTmpName );
+ return Status::newGood( $oWebRequestUpload->getName() );
}
/**
@@ -383,7 +407,7 @@
$aStatus = $oUploadFromFile->verifyUpload();
if ($aStatus['status'] != 0) {
- return
Status::newFatal(wfMessage('bs-filesystemhelper-upload-err-code', '{{int:' .
UploadBase::getVerificationErrorCode($aStatus['status']) . '}}')->parse());
+ return
Status::newFatal(wfMessage('bs-filesystemhelper-upload-err-code', '{{int:' .
UploadBase::getVerificationErrorCode( $aStatus['status'] ) . '}}')->parse());
}
$sRemoteFileName = $oWebRequestUpload->getName();
@@ -446,11 +470,18 @@
public static function hasTraversal($sPath, $bIsAbsolute = false) {
if (!$sPath)
return true; // BS_DATA_DIR without trailing DS. Bail
out.
- $sCheckPath = ($bIsAbsolute ? '' : BS_DATA_DIR . DS) . $sPath;
- if (file_exists($sCheckPath)) {
- return (strpos(realpath($sCheckPath), BS_DATA_DIR . DS)
!== 0);
+ $sCheckDataPath = ($bIsAbsolute ? '' : BS_DATA_DIR . DS) .
$sPath;
+ $sCheckCachePath = ($bIsAbsolute ? '' : BS_CACHE_DIR . DS) .
$sPath;
+ if (file_exists($sCheckDataPath)) {
+ return (strpos(realpath($sCheckDataPath), BS_DATA_DIR .
DS) !== 0);
+ } elseif (file_exists($sCheckCachePath)) {
+ return (strpos(realpath($sCheckCachePath), BS_CACHE_DIR
. DS) !== 0);
} else {
- return (self::normalizePath($sCheckPath) === null);
+ $sPath = self::normalizePath($sCheckDataPath);
+ if( $sPath === null ) {
+ $sPath = self::normalizePath($sCheckCachePath);
+ }
+ return ($sPath === null);
}
}
@@ -494,7 +525,7 @@
else
return Status::newGood($sFileName);
}
-
+
public static function uploadLocalFile($sFilename, $bDeleteSrc = false,
$sComment = "", $sPageText = "", $bWatch = false){
global $wgLocalFileRepo, $wgUser;
$oUploadStash = new UploadStash(new
LocalRepo($wgLocalFileRepo));
@@ -509,7 +540,7 @@
}
$status = $oUploadFromStash->performUpload($sComment,
$sPageText, $bWatch, $wgUser);
$oUploadFromStash->cleanupTempFile();
-
+
if (file_exists($sFilename) && $bDeleteSrc)
unlink($sFilename);
$oFile = wfFindFile(basename($sFilename));
@@ -523,5 +554,5 @@
else
return Status::newFatal
(wfMessage('bs-filesystemhelper-upload-local-error-create')->plain());
}
-
+
}
--
To view, visit https://gerrit.wikimedia.org/r/176353
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I9537c7bfd1567c3782c7d6bdb16024d998719653
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/BlueSpiceFoundation
Gerrit-Branch: REL1_22
Gerrit-Owner: Pwirth <wi...@hallowelt.biz>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
