Skip to content

Commit 16de61b

Browse files
trippotrippo
authored
Merge branch 'master' into tui-image-editor
2 parents aa6b744 + d88c379 commit 16de61b

File tree

6 files changed

+180
-134
lines changed

6 files changed

+180
-134
lines changed

filemanager/UploadHandler.php

Lines changed: 121 additions & 78 deletions
Original file line numberDiff line numberDiff line change
@@ -38,6 +38,10 @@ class UploadHandler
3838
'image_resize' => 'Failed to resize image'
3939
);
4040

41+
const IMAGETYPE_GIF = 1;
42+
const IMAGETYPE_JPEG = 2;
43+
const IMAGETYPE_PNG = 3;
44+
4145
protected $image_objects = array();
4246

4347
public function __construct($options = null, $initialize = true, $error_messages = null) {
@@ -48,7 +52,7 @@ public function __construct($options = null, $initialize = true, $error_messages
4852
'upload_url' => $this->get_full_url().'/files/',
4953
'input_stream' => 'php://input',
5054
'user_dirs' => false,
51-
'mkdir_mode' => 0777,
55+
'mkdir_mode' => 0755,
5256
'param_name' => 'files',
5357
// Set the following option to 'POST', if your server does not support
5458
// DELETE requests. This is a parameter sent to the client:
@@ -86,21 +90,36 @@ public function __construct($options = null, $initialize = true, $error_messages
8690
'download_via_php' => false,
8791
// Read files in chunks to avoid memory limits when download_via_php
8892
// is enabled, set to 0 to disable chunked reading of files:
89-
'readfile_chunk_size' => 2 * 1024 * 1024, // 10 MiB
93+
'readfile_chunk_size' => 10 * 1024 * 1024, // 10 MiB
9094
// Defines which files can be displayed inline when downloaded:
9195
'inline_file_types' => '/\.(gif|jpe?g|png)$/i',
92-
// Defines which files (based on their names) are accepted for upload:
93-
'accept_file_types' => '/.+$/i',
96+
// Defines which files (based on their names) are accepted for upload.
97+
// By default, only allows file uploads with image file extensions.
98+
// Only change this setting after making sure that any allowed file
99+
// types cannot be executed by the webserver in the files directory,
100+
// e.g. PHP scripts, nor executed by the browser when downloaded,
101+
// e.g. HTML files with embedded JavaScript code.
102+
// Please also read the SECURITY.md document in this repository.
103+
'accept_file_types' => '/\.(gif|jpe?g|png)$/i',
104+
// Replaces dots in filenames with the given string.
105+
// Can be disabled by setting it to false or an empty string.
106+
// Note that this is a security feature for servers that support
107+
// multiple file extensions, e.g. the Apache AddHandler Directive:
108+
// https://httpd.apache.org/docs/current/mod/mod_mime.html#addhandler
109+
// Before disabling it, make sure that files uploaded with multiple
110+
// extensions cannot be executed by the webserver, e.g.
111+
// "example.php.png" with embedded PHP code, nor executed by the
112+
// browser when downloaded, e.g. "example.html.gif" with embedded
113+
// JavaScript code.
114+
'replace_dots_in_filenames' => '-',
94115
// The php.ini settings upload_max_filesize and post_max_size
95116
// take precedence over the following max_file_size setting:
96117
'max_file_size' => null,
97118
'min_file_size' => 1,
98119
// The maximum number of files for the upload directory:
99120
'max_number_of_files' => null,
100-
// Defines which files are handled as image files:
101-
'image_file_types' => '/\.(gif|jpe?g|png)$/i',
102-
// Use exif_imagetype on all files to correct file extensions:
103-
'correct_image_extensions' => true,
121+
// Reads first file bytes to identify and correct file extensions:
122+
'correct_image_extensions' => false,
104123
// Image resolution restrictions:
105124
'max_width' => null,
106125
'max_height' => null,
@@ -131,33 +150,40 @@ public function __construct($options = null, $initialize = true, $error_messages
131150
// Command or path for to the ImageMagick identify binary:
132151
'identify_bin' => 'identify',
133152
'image_versions' => array(
134-
// The empty image version key defines options for the original image:
135-
// Keep in mind that these options are inherited by all other image versions!
153+
// The empty image version key defines options for the original image.
154+
// Keep in mind: these image manipulations are inherited by all other image versions from this point onwards.
155+
// Also note that the property 'no_cache' is not inherited, since it's not a manipulation.
136156
'' => array(
137157
// Automatically rotate images based on EXIF meta data:
138158
'auto_orient' => true
139159
),
140-
// Uncomment the following to create medium sized images:
160+
// You can add arrays to generate different versions.
161+
// The name of the key is the name of the version (example: 'medium').
162+
// the array contains the options to apply.
141163
/*
142164
'medium' => array(
143165
'max_width' => 800,
144166
'max_height' => 600
145167
),
168+
*/
146169
'thumbnail' => array(
147170
// Uncomment the following to use a defined directory for the thumbnails
148171
// instead of a subdirectory based on the version identifier.
149172
// Make sure that this directory doesn't allow execution of files if you
150173
// don't pose any restrictions on the type of uploaded files, e.g. by
151174
// copying the .htaccess file from the files directory for Apache:
152175
//'upload_dir' => dirname($this->get_server_var('SCRIPT_FILENAME')).'/thumb/',
153-
'upload_url' => $this->get_full_url().'/thumb/',
176+
//'upload_url' => $this->get_full_url().'/thumb/',
154177
// Uncomment the following to force the max
155178
// dimensions and e.g. create square thumbnails:
156-
'crop' => true,
157-
'max_width' => 80,
158-
'max_height' => 80
179+
// 'auto_orient' => true,
180+
// 'crop' => true,
181+
// 'jpeg_quality' => 70,
182+
// 'no_cache' => true, (there's a caching option, but this remembers thumbnail sizes from a previous action!)
183+
// 'strip' => true, (this strips EXIF tags, such as geolocation)
184+
'max_width' => 80, // either specify width, or set to 0. Then width is automatically adjusted - keeping aspect ratio to a specified max_height.
185+
'max_height' => 80 // either specify height, or set to 0. Then height is automatically adjusted - keeping aspect ratio to a specified max_width.
159186
)
160-
*/
161187
),
162188
'print_response' => true
163189
);
@@ -380,10 +406,6 @@ protected function validate($uploaded_file, $file, $error, $index) {
380406
$file->error = $this->get_error_message('accept_file_types');
381407
return false;
382408
}
383-
if (preg_match($this->options['image_file_types'], $file->name) && function_exists('exif_imagetype') && !@exif_imagetype($uploaded_file)) {
384-
$file->error = $this->get_error_message('accept_file_types');
385-
return false;
386-
}
387409
if ($uploaded_file && is_uploaded_file($uploaded_file)) {
388410
$file_size = $this->get_file_size($uploaded_file);
389411
} else {
@@ -413,9 +435,8 @@ protected function validate($uploaded_file, $file, $error, $index) {
413435
$min_width = @$this->options['min_width'];
414436
$min_height = @$this->options['min_height'];
415437
if (($max_width || $max_height || $min_width || $min_height)
416-
&& preg_match($this->options['image_file_types'], $file->name)) {
438+
&& $this->is_valid_image_file($uploaded_file)) {
417439
list($img_width, $img_height) = $this->get_image_size($uploaded_file);
418-
419440
// If we are auto rotating the image by default, do the checks on
420441
// the correct orientation
421442
if (
@@ -429,7 +450,6 @@ function_exists('exif_read_data') &&
429450
$img_height = $tmp;
430451
unset($tmp);
431452
}
432-
433453
}
434454
if (!empty($img_width)) {
435455
if ($max_width && $img_width > $max_width) {
@@ -491,16 +511,15 @@ protected function fix_file_extension($file_path, $name, $size, $type, $error,
491511
preg_match('/^image\/(gif|jpe?g|png)/', $type, $matches)) {
492512
$name .= '.'.$matches[1];
493513
}
494-
if ($this->options['correct_image_extensions'] &&
495-
function_exists('exif_imagetype')) {
496-
switch (@exif_imagetype($file_path)){
497-
case IMAGETYPE_JPEG:
514+
if ($this->options['correct_image_extensions']) {
515+
switch ($this->imagetype($file_path)) {
516+
case self::IMAGETYPE_JPEG:
498517
$extensions = array('jpg', 'jpeg');
499518
break;
500-
case IMAGETYPE_PNG:
519+
case self::IMAGETYPE_PNG:
501520
$extensions = array('png');
502521
break;
503-
case IMAGETYPE_GIF:
522+
case self::IMAGETYPE_GIF:
504523
$extensions = array('gif');
505524
break;
506525
}
@@ -523,7 +542,17 @@ protected function trim_file_name($file_path, $name, $size, $type, $error,
523542
// Remove path information and dots around the filename, to prevent uploading
524543
// into different directories or replacing hidden system files.
525544
// Also remove control characters and spaces (\x00..\x20) around the filename:
526-
$name = trim($this->basename(stripslashes($name)), "\x00..\x20");
545+
$name = trim($this->basename(stripslashes($name)), ".\x00..\x20");
546+
// Replace dots in filenames to avoid security issues with servers
547+
// that interpret multiple file extensions, e.g. "example.php.png":
548+
$replacement = $this->options['replace_dots_in_filenames'];
549+
if (!empty($replacement)) {
550+
$parts = explode('.', $name);
551+
if (count($parts) > 2) {
552+
$ext = array_pop($parts);
553+
$name = implode($replacement, $parts).'.'.$ext;
554+
}
555+
}
527556
// Use a timestamp for empty filenames:
528557
if (!$name) {
529558
$name = str_replace('.', '-', microtime(true));
@@ -867,26 +896,32 @@ protected function imagick_create_scaled_image($file_name, $version, $options) {
867896
$image_oriented = false;
868897
if (!empty($options['auto_orient'])) {
869898
$image_oriented = $this->imagick_orient_image($image);
870-
}
899+
}
900+
901+
$image_resize = false;
871902
$new_width = $max_width = $img_width = $image->getImageWidth();
872-
$new_height = $max_height = $img_height = $image->getImageHeight();
873-
if (!empty($options['max_width'])) {
874-
$new_width = $max_width = $options['max_width'];
875-
}
876-
if (!empty($options['max_height'])) {
903+
$new_height = $max_height = $img_height = $image->getImageHeight();
904+
905+
// use isset(). User might be setting max_width = 0 (auto in regular resizing). Value 0 would be considered empty when you use empty()
906+
if (isset($options['max_width'])) {
907+
$image_resize = true;
908+
$new_width = $max_width = $options['max_width'];
909+
}
910+
if (isset($options['max_height'])) {
911+
$image_resize = true;
877912
$new_height = $max_height = $options['max_height'];
878913
}
879-
$image_strip = false;
880-
if( !empty($options["strip"]) ) {
881-
$image_strip = $options["strip"];
882-
}
883-
if ( !$image_oriented && ($max_width >= $img_width) && ($max_height >= $img_height) && !$image_strip && empty($options["jpeg_quality"]) ) {
914+
915+
$image_strip = (isset($options['strip']) ? $options['strip'] : false);
916+
917+
if ( !$image_oriented && ($max_width >= $img_width) && ($max_height >= $img_height) && !$image_strip && empty($options["jpeg_quality"]) ) {
884918
if ($file_path !== $new_file_path) {
885919
return copy($file_path, $new_file_path);
886920
}
887921
return true;
888922
}
889-
$crop = !empty($options['crop']);
923+
$crop = (isset($options['crop']) ? $options['crop'] : false);
924+
890925
if ($crop) {
891926
$x = 0;
892927
$y = 0;
@@ -1012,13 +1047,18 @@ protected function get_image_size($file_path) {
10121047
}
10131048

10141049
protected function create_scaled_image($file_name, $version, $options) {
1015-
if ($this->options['image_library'] === 2) {
1016-
return $this->imagemagick_create_scaled_image($file_name, $version, $options);
1017-
}
1018-
if ($this->options['image_library'] && extension_loaded('imagick')) {
1019-
return $this->imagick_create_scaled_image($file_name, $version, $options);
1050+
try {
1051+
if ($this->options['image_library'] === 2) {
1052+
return $this->imagemagick_create_scaled_image($file_name, $version, $options);
1053+
}
1054+
if ($this->options['image_library'] && extension_loaded('imagick')) {
1055+
return $this->imagick_create_scaled_image($file_name, $version, $options);
1056+
}
1057+
return $this->gd_create_scaled_image($file_name, $version, $options);
1058+
} catch (\Exception $e) {
1059+
error_log($e->getMessage());
1060+
return false;
10201061
}
1021-
return $this->gd_create_scaled_image($file_name, $version, $options);
10221062
}
10231063

10241064
protected function destroy_image_object($file_path) {
@@ -1027,15 +1067,30 @@ protected function destroy_image_object($file_path) {
10271067
}
10281068
}
10291069

1070+
protected function imagetype($file_path) {
1071+
$fp = fopen($file_path, 'r');
1072+
$data = fread($fp, 4);
1073+
fclose($fp);
1074+
// GIF: 47 49 46 38
1075+
if ($data === 'GIF8') {
1076+
return self::IMAGETYPE_GIF;
1077+
}
1078+
// JPG: FF D8 FF
1079+
if (bin2hex(substr($data, 0, 3)) === 'ffd8ff') {
1080+
return self::IMAGETYPE_JPEG;
1081+
}
1082+
// PNG: 89 50 4E 47
1083+
if (bin2hex(@$data[0]).substr($data, 1, 4) === '89PNG') {
1084+
return self::IMAGETYPE_PNG;
1085+
}
1086+
return false;
1087+
}
1088+
10301089
protected function is_valid_image_file($file_path) {
1031-
if (!preg_match($this->options['image_file_types'], $file_path)) {
1090+
if (!preg_match('/\.(gif|jpe?g|png)$/i', $file_path)) {
10321091
return false;
10331092
}
1034-
if (function_exists('exif_imagetype')) {
1035-
return @exif_imagetype($file_path);
1036-
}
1037-
$image_info = $this->get_image_size($file_path);
1038-
return $image_info && $image_info[0] && $image_info[1];
1093+
return !!$this->imagetype($file_path);
10391094
}
10401095

10411096
protected function handle_image_file($file_path, $file) {
@@ -1062,7 +1117,8 @@ protected function handle_image_file($file_path, $file) {
10621117
$this->destroy_image_object($file_path);
10631118
}
10641119

1065-
protected function handle_file_upload($uploaded_file, $name, $size, $type, $error, $index = null, $content_range = null) {
1120+
protected function handle_file_upload($uploaded_file, $name, $size, $type, $error,
1121+
$index = null, $content_range = null) {
10661122
$file = new \stdClass();
10671123
$file->name = $this->get_file_name($uploaded_file, $name, $size, $type, $error,
10681124
$index, $content_range);
@@ -1071,7 +1127,7 @@ protected function handle_file_upload($uploaded_file, $name, $size, $type, $erro
10711127
if ($this->validate($uploaded_file, $file, $error, $index)) {
10721128
$this->handle_form_data($file, $index);
10731129
$upload_dir = $this->get_upload_path();
1074-
if (!$this->options['ftp'] && !is_dir($upload_dir)) {
1130+
if (!is_dir($upload_dir)) {
10751131
mkdir($upload_dir, $this->options['mkdir_mode'], true);
10761132
}
10771133
$file_path = $this->get_upload_path($file->name);
@@ -1089,20 +1145,14 @@ protected function handle_file_upload($uploaded_file, $name, $size, $type, $erro
10891145
move_uploaded_file($uploaded_file, $file_path);
10901146
}
10911147
} else {
1092-
if($this->get_file_size($uploaded_file) == $file->size){
1093-
copy($uploaded_file, $file_path);
1094-
}else{
1095-
1096-
// Non-multipart uploads (PUT method support)
1097-
file_put_contents(
1098-
$file_path,
1099-
fopen($this->options['input_stream'], 'r'),
1100-
$append_file ? FILE_APPEND : 0
1101-
);
1102-
}
1148+
// Non-multipart uploads (PUT method support)
1149+
file_put_contents(
1150+
$file_path,
1151+
fopen($this->options['input_stream'], 'r'),
1152+
$append_file ? FILE_APPEND : 0
1153+
);
11031154
}
11041155
$file_size = $this->get_file_size($file_path, $append_file);
1105-
$file->path = $file_path;
11061156
if ($file_size === $file->size) {
11071157
$file->url = $this->get_download_url($file->name);
11081158
if ($this->is_valid_image_file($file_path)) {
@@ -1317,7 +1367,6 @@ public function get($print_response = true) {
13171367
$this->options['param_name'] => $this->get_file_objects()
13181368
);
13191369
}
1320-
13211370
return $this->generate_response($response, $print_response);
13221371
}
13231372

@@ -1334,11 +1383,6 @@ public function post($print_response = true) {
13341383
'',
13351384
$content_disposition_header
13361385
)) : null;
1337-
// TODO check
1338-
// if (isset($content_disposition_header) && !empty($content_disposition_header) ) {
1339-
// $file_name = str_replace('attachment; filename="', '', $content_disposition_header);
1340-
// $file_name = str_replace('"', '', $file_name);
1341-
// }
13421386
// Parse the Content-Range header, which has the following form:
13431387
// Content-Range: bytes 0-524287/2000000
13441388
$content_range_header = $this->get_server_var('HTTP_CONTENT_RANGE');
@@ -1351,15 +1395,12 @@ public function post($print_response = true) {
13511395
// param_name is an array identifier like "files[]",
13521396
// $upload is a multi-dimensional array:
13531397
foreach ($upload['tmp_name'] as $index => $value) {
1354-
if(!isset($upload['error'][$index])){
1355-
$upload['error'][$index] = null;
1356-
}
13571398
$files[] = $this->handle_file_upload(
13581399
$upload['tmp_name'][$index],
13591400
$file_name ? $file_name : $upload['name'][$index],
13601401
$size ? $size : $upload['size'][$index],
13611402
$upload['type'][$index],
1362-
$upload['error'][$index],
1403+
isset($upload['error']) ? $upload['error'][$index] : null,
13631404
$index,
13641405
$content_range
13651406
);
@@ -1437,6 +1478,8 @@ public function onUploadEnd ($res){
14371478
$magicianObj -> saveImage($targetFile);
14381479
}
14391480

1481+
1482+
14401483
$thumbResult = create_img($targetFile, $targetFileThumb, 122, 91);
14411484

14421485
if ( $thumbResult!==true)

0 commit comments

Comments
 (0)