From 3bda8dfa32ebdc99f21c538ede14f788580b3550 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Roland=20H=C3=A4der?= Date: Thu, 23 Jun 2022 06:04:05 +0200 Subject: [PATCH] Changes: - changed more double-quotes to single - cleaned up js_upload/file-uploader/server/php.php a lot - added some type-hints --- .../advancedcontentfilter.php | 28 +- blackout/blackout.php | 16 +- js_upload/file-uploader/server/php.php | 285 +++++++++--------- 3 files changed, 172 insertions(+), 157 deletions(-) diff --git a/advancedcontentfilter/advancedcontentfilter.php b/advancedcontentfilter/advancedcontentfilter.php index 9f6a7cff..45ab3f3e 100644 --- a/advancedcontentfilter/advancedcontentfilter.php +++ b/advancedcontentfilter/advancedcontentfilter.php @@ -64,7 +64,7 @@ function advancedcontentfilter_install(App $a) Hook::add('dbstructure_definition' , __FILE__, 'advancedcontentfilter_dbstructure_definition'); DBStructure::performUpdate(); - Logger::notice("installed advancedcontentfilter"); + Logger::notice('installed advancedcontentfilter'); } /* @@ -73,20 +73,20 @@ function advancedcontentfilter_install(App $a) function advancedcontentfilter_dbstructure_definition(App $a, &$database) { - $database["advancedcontentfilter_rules"] = [ - "comment" => "Advancedcontentfilter addon rules", - "fields" => [ - "id" => ["type" => "int unsigned", "not null" => "1", "extra" => "auto_increment", "primary" => "1", "comment" => "Auto incremented rule id"], - "uid" => ["type" => "int unsigned", "not null" => "1", "comment" => "Owner user id"], - "name" => ["type" => "varchar(255)", "not null" => "1", "comment" => "Rule name"], - "expression" => ["type" => "mediumtext" , "not null" => "1", "comment" => "Expression text"], - "serialized" => ["type" => "mediumtext" , "not null" => "1", "comment" => "Serialized parsed expression"], - "active" => ["type" => "boolean" , "not null" => "1", "default" => "1", "comment" => "Whether the rule is active or not"], - "created" => ["type" => "datetime" , "not null" => "1", "default" => DBA::NULL_DATETIME, "comment" => "Creation date"], + $database['advancedcontentfilter_rules'] = [ + 'comment' => 'Advancedcontentfilter addon rules', + 'fields' => [ + 'id' => ['type' => 'int unsigned', 'not null' => '1', 'extra' => 'auto_increment', 'primary' => '1', 'comment' => 'Auto incremented rule id'], + 'uid' => ['type' => 'int unsigned', 'not null' => '1', 'comment' => 'Owner user id'], + 'name' => ['type' => 'varchar(255)', 'not null' => '1', 'comment' => 'Rule name'], + 'expression' => ['type' => 'mediumtext' , 'not null' => '1', 'comment' => 'Expression text'], + 'serialized' => ['type' => 'mediumtext' , 'not null' => '1', 'comment' => 'Serialized parsed expression'], + 'active' => ['type' => 'boolean' , 'not null' => '1', 'default' => '1', 'comment' => 'Whether the rule is active or not'], + 'created' => ['type' => 'datetime' , 'not null' => '1', 'default' => DBA::NULL_DATETIME, 'comment' => 'Creation date'], ], - "indexes" => [ - "PRIMARY" => ["id"], - "uid_active" => ["uid", "active"], + 'indexes' => [ + 'PRIMARY' => ['id'], + 'uid_active' => ['uid', 'active'], ] ]; } diff --git a/blackout/blackout.php b/blackout/blackout.php index 18e74570..ecb04c76 100644 --- a/blackout/blackout.php +++ b/blackout/blackout.php @@ -82,17 +82,17 @@ function blackout_redirect ($a, $b) { function blackout_addon_admin(&$a, &$o) { $mystart = DI::config()->get('blackout','begindate'); - if (! is_string($mystart)) { $mystart = "YYYY-MM-DD hh:mm"; } + if (! is_string($mystart)) { $mystart = 'YYYY-MM-DD hh:mm'; } $myend = DI::config()->get('blackout','enddate'); - if (! is_string($myend)) { $myend = "YYYY-MM-DD hh:mm"; } + if (! is_string($myend)) { $myend = 'YYYY-MM-DD hh:mm'; } $myurl = DI::config()->get('blackout','url'); - if (! is_string($myurl)) { $myurl = "https://www.example.com"; } - $t = Renderer::getMarkupTemplate( "admin.tpl", "addon/blackout/" ); + if (! is_string($myurl)) { $myurl = 'https://www.example.com'; } + $t = Renderer::getMarkupTemplate( 'admin.tpl', 'addon/blackout/' ); $date1 = DateTime::createFromFormat('Y-m-d G:i', $mystart); $date2 = DateTime::createFromFormat('Y-m-d G:i', $myend); // a note for the admin - $adminnote = ""; + $adminnote = ''; if ($date2 < $date1) { $adminnote = DI::l10n()->t("The end-date is prior to the start-date of the blackout, you should fix this."); } else { @@ -100,9 +100,9 @@ function blackout_addon_admin(&$a, &$o) { } $o = Renderer::replaceMacros($t, [ '$submit' => DI::l10n()->t('Save Settings'), - '$rurl' => ["rurl", DI::l10n()->t("Redirect URL"), $myurl, DI::l10n()->t("All your visitors from the web will be redirected to this URL."), "", "", "url"], - '$startdate' => ["startdate", DI::l10n()->t("Begin of the Blackout"), $mystart, DI::l10n()->t("Format is YYYY-MM-DD hh:mm; YYYY year, MM month, DD day, hh hour and mm minute.")], - '$enddate' => ["enddate", DI::l10n()->t("End of the Blackout"), $myend, ""], + '$rurl' => ['rurl', DI::l10n()->t("Redirect URL"), $myurl, DI::l10n()->t("All your visitors from the web will be redirected to this URL."), '', '', 'url'], + '$startdate' => ['startdate', DI::l10n()->t("Begin of the Blackout"), $mystart, DI::l10n()->t("Format is YYYY-MM-DD hh:mm; YYYY year, MM month, DD day, hh hour and mm minute.")], + '$enddate' => ['enddate', DI::l10n()->t("End of the Blackout"), $myend, ''], '$adminnote' => $adminnote, '$aboutredirect' => DI::l10n()->t("Note: The redirect will be active from the moment you press the submit button. Users currently logged in will not be thrown out but can't login again after logging out while the blackout is still in place."), ]); diff --git a/js_upload/file-uploader/server/php.php b/js_upload/file-uploader/server/php.php index 915c86c6..2248c8f0 100644 --- a/js_upload/file-uploader/server/php.php +++ b/js_upload/file-uploader/server/php.php @@ -4,155 +4,170 @@ * Handle file uploads via XMLHttpRequest */ class qqUploadedFileXhr { - /** - * Save the file to the specified path - * @return boolean TRUE on success - */ - function save($path) { - $input = fopen("php://input", "r"); - $temp = tmpfile(); - $realSize = stream_copy_to_stream($input, $temp); - fclose($input); - - if ($realSize != $this->getSize()){ - return false; - } - - $target = fopen($path, "w"); - fseek($temp, 0, SEEK_SET); - stream_copy_to_stream($temp, $target); - fclose($target); - - return true; - } - function getName() { - return $_GET['qqfile']; - } - function getSize() { - if (isset($_SERVER["CONTENT_LENGTH"])){ - return (int)$_SERVER["CONTENT_LENGTH"]; - } else { - throw new Exception('Getting content length is not supported.'); - } - } + /** + * Save the file to the specified path + * @return boolean TRUE on success + */ + public function save(string $path): bool + { + $input = fopen('php://input', 'r'); + $temp = tmpfile(); + $realSize = stream_copy_to_stream($input, $temp); + fclose($input); + + if ($realSize != $this->getSize()) { + return false; + } + + $target = fopen($path, 'w'); + fseek($temp, 0, SEEK_SET); + stream_copy_to_stream($temp, $target); + fclose($target); + + return true; + } + + public function getName(): string + { + return $_GET['qqfile']; + } + + public function getSize(): int + { + if (isset($_SERVER['CONTENT_LENGTH'])) { + return (int)$_SERVER['CONTENT_LENGTH']; + } else { + throw new Exception('Getting content length is not supported.'); + } + } } /** * Handle file uploads via regular form post (uses the $_FILES array) */ -class qqUploadedFileForm { - /** - * Save the file to the specified path - * @return boolean TRUE on success - */ - function save($path) { - if(!move_uploaded_file($_FILES['qqfile']['tmp_name'], $path)){ - return false; - } - return true; - } - function getName() { - return $_FILES['qqfile']['name']; - } - function getSize() { - return $_FILES['qqfile']['size']; - } +class qqUploadedFileForm { + /** + * Save the file to the specified path + * @return boolean TRUE on success + */ + public function save(string $path): bool + { + if(!move_uploaded_file($_FILES['qqfile']['tmp_name'], $path)) { + return false; + } + return true; + } + + public function getName(): string + { + return $_FILES['qqfile']['name']; + } + + public function getSize(): int + { + return $_FILES['qqfile']['size']; + } } class qqFileUploader { - private $allowedExtensions = array(); - private $sizeLimit = 10485760; - private $file; + private $allowedExtensions = []; + private $sizeLimit = 10485760; + private $file; - function __construct(array $allowedExtensions = array(), $sizeLimit = 10485760){ - $allowedExtensions = array_map("strtolower", $allowedExtensions); - - $this->allowedExtensions = $allowedExtensions; - $this->sizeLimit = $sizeLimit; - - $this->checkServerSettings(); + public function __construct(array $allowedExtensions = [], $sizeLimit = 10485760) + { + $allowedExtensions = array_map('strtolower', $allowedExtensions); + + $this->allowedExtensions = $allowedExtensions; + $this->sizeLimit = $sizeLimit; + + $this->checkServerSettings(); - if (isset($_GET['qqfile'])) { - $this->file = new qqUploadedFileXhr(); - } elseif (isset($_FILES['qqfile'])) { - $this->file = new qqUploadedFileForm(); - } else { - $this->file = false; - } - } - - private function checkServerSettings(){ - $postSize = $this->toBytes(ini_get('post_max_size')); - $uploadSize = $this->toBytes(ini_get('upload_max_filesize')); - - if ($postSize < $this->sizeLimit || $uploadSize < $this->sizeLimit){ - $size = max(1, $this->sizeLimit / 1024 / 1024) . 'M'; - die("{'error':'increase post_max_size and upload_max_filesize to $size'}"); - } - } - - private function toBytes($str){ - $val = trim($str); - $last = strtolower($str[strlen($str)-1]); - switch($last) { - case 'g': $val *= 1024; - case 'm': $val *= 1024; - case 'k': $val *= 1024; - } - return $val; - } - - /** - * Returns array('success'=>true) or array('error'=>'error message') - */ - function handleUpload($uploadDirectory, $replaceOldFile = FALSE){ - if (!is_writable($uploadDirectory)){ - return array('error' => "Server error. Upload directory isn't writable."); - } - - if (!$this->file){ - return array('error' => 'No files were uploaded.'); - } - - $size = $this->file->getSize(); - - if ($size == 0) { - return array('error' => 'File is empty'); - } - - if ($size > $this->sizeLimit) { - return array('error' => 'File is too large'); - } - - $pathinfo = pathinfo($this->file->getName()); - $filename = $pathinfo['filename']; - //$filename = md5(uniqid()); - $ext = $pathinfo['extension']; + if (isset($_GET['qqfile'])) { + $this->file = new qqUploadedFileXhr(); + } elseif (isset($_FILES['qqfile'])) { + $this->file = new qqUploadedFileForm(); + } else { + $this->file = false; + } + } - if($this->allowedExtensions && !in_array(strtolower($ext), $this->allowedExtensions)){ - $these = implode(', ', $this->allowedExtensions); - return array('error' => 'File has an invalid extension, it should be one of '. $these . '.'); - } - - if(!$replaceOldFile){ - /// don't overwrite previous files that were uploaded - while (file_exists($uploadDirectory . $filename . '.' . $ext)) { - $filename .= rand(10, 99); - } - } - - if ($this->file->save($uploadDirectory . $filename . '.' . $ext)){ - return array('success'=>true); - } else { - return array('error'=> 'Could not save uploaded file.' . - 'The upload was cancelled, or server error encountered'); - } - - } + private function checkServerSettings() + { + $postSize = $this->toBytes(ini_get('post_max_size')); + $uploadSize = $this->toBytes(ini_get('upload_max_filesize')); + + if ($postSize < $this->sizeLimit || $uploadSize < $this->sizeLimit) { + $size = max(1, $this->sizeLimit / 1024 / 1024) . 'M'; + die("{'error':'increase post_max_size and upload_max_filesize to $size'}"); + } + } + + private function toBytes(string $str): int + { + $val = trim($str); + $last = strtolower($str[strlen($str) - 1]); + + switch($last) { + case 'g': $val *= 1024; + case 'm': $val *= 1024; + case 'k': $val *= 1024; + } + + return $val; + } + + /** + * Returns array('success'=>true) or array('error'=>'error message') + */ + public function handleUpload(string $uploadDirectory, bool $replaceOldFile = false): array + { + if (!is_writable($uploadDirectory)) { + return ['error' => "Server error. Upload directory isn't writable."]; + } + + if (!$this->file) { + return ['error' => 'No files were uploaded.']; + } + + $size = $this->file->getSize(); + + if ($size == 0) { + return ['error' => 'File is empty']; + } + + if ($size > $this->sizeLimit) { + return ['error' => 'File is too large']; + } + + $pathinfo = pathinfo($this->file->getName()); + $filename = $pathinfo['filename']; + //$filename = md5(uniqid()); + $ext = $pathinfo['extension']; + + if($this->allowedExtensions && !in_array(strtolower($ext), $this->allowedExtensions)) { + $these = implode(', ', $this->allowedExtensions); + return ['error' => 'File has an invalid extension, it should be one of '. $these . '.']; + } + + if(!$replaceOldFile) { + /// don't overwrite previous files that were uploaded + while (file_exists($uploadDirectory . $filename . '.' . $ext)) { + $filename .= rand(10, 99); + } + } + + if ($this->file->save($uploadDirectory . $filename . '.' . $ext)) { + return ['success' => true]; + } else { + return ['error'=> 'Could not save uploaded file. The upload was cancelled, or server error encountered']; + } + } } // list of valid extensions, ex. array("jpeg", "xml", "bmp") -$allowedExtensions = array(); +$allowedExtensions = []; + // max file size in bytes $sizeLimit = 10 * 1024 * 1024;