Jingga/oms-Media
1
0
Fork 0
mirror of https://github.com/Karaka-Management/oms-Media.git synced 2026-02-01 18:28:42 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

[Media] Optimization for external use

Browse Source
This commit is contained in:
Dennis Eichhorn 2016-11-23 23:49:21 +01:00
parent 4ff01c1c6f
commit 85b5b62c70
3 changed files with 40 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
Controller.php
View File

@ -207,7 +207,7 @@ class Controller extends ModuleAbstract implements WebInterface
* @since 1.0.0
* @author Dennis Eichhorn <d.eichhorn@oms.com>
*/
public function uploadFiles(array $files, int $account, string $basePath = '/Modules/Media/Files') : array
public function uploadFiles(array $files, int $account, string $basePath = 'Modules/Media/Files') : array
{
$mediaCreated = [];
@ -224,10 +224,10 @@ class Controller extends ModuleAbstract implements WebInterface
return $mediaCreated;
}
public static function createMediaPath(string $basePath = '/Modules/Media/Files') : string
public static function createMediaPath(string $basePath = 'Modules/Media/Files') : string
{
$rndPath = str_pad(dechex(rand(0, 65535)), 4, '0', STR_PAD_LEFT);
return '/' . trim($basePath, '/\\.') . '/' . $rndPath[0] . $rndPath[1] . '/' . $rndPath[2] . $rndPath[3];
return $basePath . '/' . $rndPath[0] . $rndPath[1] . '/' . $rndPath[2] . $rndPath[3];
}
/**
@ -244,20 +244,29 @@ class Controller extends ModuleAbstract implements WebInterface
$mediaCreated = [];
foreach ($status as $uFile) {
if ($uFile['status'] === UploadStatus::OK) {
$media = new Media();
$media->setPath(trim($uFile['path'], '/') . '/' . $uFile['filename']);
$media->setName($uFile['filename']);
$media->setSize($uFile['size']);
$media->setCreatedBy($account);
$media->setCreatedAt(new \DateTime('NOW'));
$media->setExtension($uFile['extension']);
$mediaCreated[] = MediaMapper::create($media);
}
$mediaCreated[] = self::createDbEntry($uFile, $account);
}
return $mediaCreated;
}
public static function createDbEntry(array $status, int $account)
{
$media = null;
if ($status['status'] === UploadStatus::OK) {
$media = new Media();
$media->setPath(trim($status['path'], '/') . '/' . $status['filename']);
$media->setName($status['name']);
$media->setSize($status['size']);
$media->setCreatedBy($account);
$media->setCreatedAt(new \DateTime('NOW'));
$media->setExtension($status['extension']);
MediaMapper::create($media);
}
return $media;
}
}

5
Models/Media.php
View File

@ -330,4 +330,9 @@ class Media
{
$this->versioned = $versioned;
}
public function toArray()
{
return [];
}
}

16
Models/UploadFile.php
View File

@ -31,6 +31,7 @@ use phpOMS\System\File\Local\Directory;
*/
class UploadFile
{
const PATH_GENERATION_LIMIT = 1000;
/**
* Upload max size.
@ -54,7 +55,7 @@ class UploadFile
* @var string
* @since 1.0.0
*/
private $outputDir = '/Modules/Media/Files';
private $outputDir = 'Modules/Media/Files';
/**
* Output file name.
@ -79,6 +80,8 @@ class UploadFile
*
* @return array
*
* @throws \Exception
*
* @since 1.0.0
* @author Dennis Eichhorn <d.eichhorn@oms.com>
*/
@ -138,7 +141,7 @@ class UploadFile
if (!$this->fileName || empty($this->fileName) || file_exists($path . '/' . $this->fileName)) {
$rnd = '';
// todo: implement limit since this could get exploited
$limit = 0;
do {
$sha = sha1_file($f['tmp_name'] . $rnd);
@ -152,11 +155,16 @@ class UploadFile
$this->fileName = $sha;
$rnd = mt_rand();
} while (file_exists($path . '/' . $this->fileName));
$limit++;
} while (file_exists($path . '/' . $this->fileName) && $limit < self::PATH_GENERATION_LIMIT);
if($limit >= self::PATH_GENERATION_LIMIT) {
throw new \Exception('No file path could be found. Potential attack!');
}
}
if (!is_dir($path)) {
Directory::createPath($path, '0655', true);
Directory::create($path, '0655', true);
}
if (!is_uploaded_file($f['tmp_name'])) {