mirror of
https://github.com/Karaka-Management/oms-Media.git
synced 2026-02-16 01:08:41 +00:00
[Media] Optimization for external use
This commit is contained in:
parent
4ff01c1c6f
commit
85b5b62c70
|
|
@ -207,7 +207,7 @@ class Controller extends ModuleAbstract implements WebInterface
|
||||||
* @since 1.0.0
|
* @since 1.0.0
|
||||||
* @author Dennis Eichhorn <d.eichhorn@oms.com>
|
* @author Dennis Eichhorn <d.eichhorn@oms.com>
|
||||||
*/
|
*/
|
||||||
public function uploadFiles(array $files, int $account, string $basePath = '/Modules/Media/Files') : array
|
public function uploadFiles(array $files, int $account, string $basePath = 'Modules/Media/Files') : array
|
||||||
{
|
{
|
||||||
$mediaCreated = [];
|
$mediaCreated = [];
|
||||||
|
|
||||||
|
|
@ -224,10 +224,10 @@ class Controller extends ModuleAbstract implements WebInterface
|
||||||
return $mediaCreated;
|
return $mediaCreated;
|
||||||
}
|
}
|
||||||
|
|
||||||
public static function createMediaPath(string $basePath = '/Modules/Media/Files') : string
|
public static function createMediaPath(string $basePath = 'Modules/Media/Files') : string
|
||||||
{
|
{
|
||||||
$rndPath = str_pad(dechex(rand(0, 65535)), 4, '0', STR_PAD_LEFT);
|
$rndPath = str_pad(dechex(rand(0, 65535)), 4, '0', STR_PAD_LEFT);
|
||||||
return '/' . trim($basePath, '/\\.') . '/' . $rndPath[0] . $rndPath[1] . '/' . $rndPath[2] . $rndPath[3];
|
return $basePath . '/' . $rndPath[0] . $rndPath[1] . '/' . $rndPath[2] . $rndPath[3];
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -244,20 +244,29 @@ class Controller extends ModuleAbstract implements WebInterface
|
||||||
$mediaCreated = [];
|
$mediaCreated = [];
|
||||||
|
|
||||||
foreach ($status as $uFile) {
|
foreach ($status as $uFile) {
|
||||||
if ($uFile['status'] === UploadStatus::OK) {
|
$mediaCreated[] = self::createDbEntry($uFile, $account);
|
||||||
$media = new Media();
|
|
||||||
$media->setPath(trim($uFile['path'], '/') . '/' . $uFile['filename']);
|
|
||||||
$media->setName($uFile['filename']);
|
|
||||||
$media->setSize($uFile['size']);
|
|
||||||
$media->setCreatedBy($account);
|
|
||||||
$media->setCreatedAt(new \DateTime('NOW'));
|
|
||||||
$media->setExtension($uFile['extension']);
|
|
||||||
|
|
||||||
$mediaCreated[] = MediaMapper::create($media);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return $mediaCreated;
|
return $mediaCreated;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public static function createDbEntry(array $status, int $account)
|
||||||
|
{
|
||||||
|
$media = null;
|
||||||
|
|
||||||
|
if ($status['status'] === UploadStatus::OK) {
|
||||||
|
$media = new Media();
|
||||||
|
$media->setPath(trim($status['path'], '/') . '/' . $status['filename']);
|
||||||
|
$media->setName($status['name']);
|
||||||
|
$media->setSize($status['size']);
|
||||||
|
$media->setCreatedBy($account);
|
||||||
|
$media->setCreatedAt(new \DateTime('NOW'));
|
||||||
|
$media->setExtension($status['extension']);
|
||||||
|
|
||||||
|
MediaMapper::create($media);
|
||||||
|
}
|
||||||
|
|
||||||
|
return $media;
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -330,4 +330,9 @@ class Media
|
||||||
{
|
{
|
||||||
$this->versioned = $versioned;
|
$this->versioned = $versioned;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function toArray()
|
||||||
|
{
|
||||||
|
return [];
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -31,6 +31,7 @@ use phpOMS\System\File\Local\Directory;
|
||||||
*/
|
*/
|
||||||
class UploadFile
|
class UploadFile
|
||||||
{
|
{
|
||||||
|
const PATH_GENERATION_LIMIT = 1000;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Upload max size.
|
* Upload max size.
|
||||||
|
|
@ -54,7 +55,7 @@ class UploadFile
|
||||||
* @var string
|
* @var string
|
||||||
* @since 1.0.0
|
* @since 1.0.0
|
||||||
*/
|
*/
|
||||||
private $outputDir = '/Modules/Media/Files';
|
private $outputDir = 'Modules/Media/Files';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Output file name.
|
* Output file name.
|
||||||
|
|
@ -79,6 +80,8 @@ class UploadFile
|
||||||
*
|
*
|
||||||
* @return array
|
* @return array
|
||||||
*
|
*
|
||||||
|
* @throws \Exception
|
||||||
|
*
|
||||||
* @since 1.0.0
|
* @since 1.0.0
|
||||||
* @author Dennis Eichhorn <d.eichhorn@oms.com>
|
* @author Dennis Eichhorn <d.eichhorn@oms.com>
|
||||||
*/
|
*/
|
||||||
|
|
@ -138,7 +141,7 @@ class UploadFile
|
||||||
if (!$this->fileName || empty($this->fileName) || file_exists($path . '/' . $this->fileName)) {
|
if (!$this->fileName || empty($this->fileName) || file_exists($path . '/' . $this->fileName)) {
|
||||||
$rnd = '';
|
$rnd = '';
|
||||||
|
|
||||||
// todo: implement limit since this could get exploited
|
$limit = 0;
|
||||||
do {
|
do {
|
||||||
$sha = sha1_file($f['tmp_name'] . $rnd);
|
$sha = sha1_file($f['tmp_name'] . $rnd);
|
||||||
|
|
||||||
|
|
@ -152,11 +155,16 @@ class UploadFile
|
||||||
|
|
||||||
$this->fileName = $sha;
|
$this->fileName = $sha;
|
||||||
$rnd = mt_rand();
|
$rnd = mt_rand();
|
||||||
} while (file_exists($path . '/' . $this->fileName));
|
$limit++;
|
||||||
|
} while (file_exists($path . '/' . $this->fileName) && $limit < self::PATH_GENERATION_LIMIT);
|
||||||
|
|
||||||
|
if($limit >= self::PATH_GENERATION_LIMIT) {
|
||||||
|
throw new \Exception('No file path could be found. Potential attack!');
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!is_dir($path)) {
|
if (!is_dir($path)) {
|
||||||
Directory::createPath($path, '0655', true);
|
Directory::create($path, '0655', true);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!is_uploaded_file($f['tmp_name'])) {
|
if (!is_uploaded_file($f['tmp_name'])) {
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user