当前位置: 首页>>代码示例>>PHP>>正文


PHP CKFinder_Connector_Utils_FileSystem::secureFileName方法代码示例

本文整理汇总了PHP中CKFinder_Connector_Utils_FileSystem::secureFileName方法的典型用法代码示例。如果您正苦于以下问题:PHP CKFinder_Connector_Utils_FileSystem::secureFileName方法的具体用法?PHP CKFinder_Connector_Utils_FileSystem::secureFileName怎么用?PHP CKFinder_Connector_Utils_FileSystem::secureFileName使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在CKFinder_Connector_Utils_FileSystem的用法示例。


在下文中一共展示了CKFinder_Connector_Utils_FileSystem::secureFileName方法的2个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: sendResponse

 * Handle FileUpload command

 *

 * @package CKFinder

 * @subpackage CommandHandlers

 * @copyright CKSource - Frederico Knabben

 */
class CKFinder_Connector_CommandHandler_FileUpload extends CKFinder_Connector_CommandHandler_CommandHandlerBase
{
    /**

     * Command name

     *

     * @access protected

     * @var string

     */
    protected $command = "FileUpload";
    /**

     * send response (save uploaded file, resize if required)

     * @access public

     *

     */
    public function sendResponse()
    {
        $iErrorNumber = CKFINDER_CONNECTOR_ERROR_NONE;
        $_config =& CKFinder_Connector_Core_Factory::getInstance("Core_Config");
        $oRegistry =& CKFinder_Connector_Core_Factory::getInstance("Core_Registry");
        $oRegistry->set("FileUpload_fileName", "unknown file");
        $uploadedFile = array_shift($_FILES);
        if (!isset($uploadedFile['name'])) {
            $this->_errorHandler->throwError(CKFINDER_CONNECTOR_ERROR_UPLOADED_INVALID);
        }
        $sUnsafeFileName = CKFinder_Connector_Utils_FileSystem::convertToFilesystemEncoding(CKFinder_Connector_Utils_Misc::mbBasename($uploadedFile['name']));
        $sFileName = CKFinder_Connector_Utils_FileSystem::secureFileName($sUnsafeFileName);
        if ($sFileName != $sUnsafeFileName) {
            $iErrorNumber = CKFINDER_CONNECTOR_ERROR_UPLOADED_INVALID_NAME_RENAMED;
        }
        $oRegistry->set("FileUpload_fileName", $sFileName);
        $this->checkConnector();
        $this->checkRequest();
        if (!$this->_currentFolder->checkAcl(CKFINDER_CONNECTOR_ACL_FILE_UPLOAD)) {
            $this->_errorHandler->throwError(CKFINDER_CONNECTOR_ERROR_UNAUTHORIZED);
        }
        $_resourceTypeConfig = $this->_currentFolder->getResourceTypeConfig();
        if (!CKFinder_Connector_Utils_FileSystem::checkFileName($sFileName) || $_resourceTypeConfig->checkIsHiddenFile($sFileName)) {
            $this->_errorHandler->throwError(CKFINDER_CONNECTOR_ERROR_INVALID_NAME);
        }
        $resourceTypeInfo = $this->_currentFolder->getResourceTypeConfig();
        if (!$resourceTypeInfo->checkExtension($sFileName)) {
            $this->_errorHandler->throwError(CKFINDER_CONNECTOR_ERROR_INVALID_EXTENSION);
        }
        $oRegistry->set("FileUpload_fileName", $sFileName);
        $oRegistry->set("FileUpload_url", $this->_currentFolder->getUrl());
        $maxSize = $resourceTypeInfo->getMaxSize();
        if (!$_config->checkSizeAfterScaling() && $maxSize && $uploadedFile['size'] > $maxSize) {
            $this->_errorHandler->throwError(CKFINDER_CONNECTOR_ERROR_UPLOADED_TOO_BIG);
        }
        $htmlExtensions = $_config->getHtmlExtensions();
        $sExtension = CKFinder_Connector_Utils_FileSystem::getExtension($sFileName);
        if ($htmlExtensions && !CKFinder_Connector_Utils_Misc::inArrayCaseInsensitive($sExtension, $htmlExtensions) && ($detectHtml = CKFinder_Connector_Utils_FileSystem::detectHtml($uploadedFile['tmp_name'])) === true) {
            $this->_errorHandler->throwError(CKFINDER_CONNECTOR_ERROR_UPLOADED_WRONG_HTML_FILE);
        }
        $secureImageUploads = $_config->getSecureImageUploads();
        if ($secureImageUploads && ($isImageValid = CKFinder_Connector_Utils_FileSystem::isImageValid($uploadedFile['tmp_name'], $sExtension)) === false) {
            $this->_errorHandler->throwError(CKFINDER_CONNECTOR_ERROR_UPLOADED_CORRUPT);
        }
        switch ($uploadedFile['error']) {
            case UPLOAD_ERR_OK:
                break;
            case UPLOAD_ERR_INI_SIZE:
            case UPLOAD_ERR_FORM_SIZE:
                $this->_errorHandler->throwError(CKFINDER_CONNECTOR_ERROR_UPLOADED_TOO_BIG);
                break;
            case UPLOAD_ERR_PARTIAL:
            case UPLOAD_ERR_NO_FILE:
                $this->_errorHandler->throwError(CKFINDER_CONNECTOR_ERROR_UPLOADED_CORRUPT);
                break;
            case UPLOAD_ERR_NO_TMP_DIR:
                $this->_errorHandler->throwError(CKFINDER_CONNECTOR_ERROR_UPLOADED_NO_TMP_DIR);
                break;
            case UPLOAD_ERR_CANT_WRITE:
                $this->_errorHandler->throwError(CKFINDER_CONNECTOR_ERROR_ACCESS_DENIED);
                break;
            case UPLOAD_ERR_EXTENSION:
                $this->_errorHandler->throwError(CKFINDER_CONNECTOR_ERROR_ACCESS_DENIED);
                break;
        }
        $sServerDir = $this->_currentFolder->getServerPath();
//.........这里部分代码省略.........
开发者ID:neelmanis,项目名称:Jobready_New,代码行数:101,代码来源:FileUpload.php

示例2: checkOneFile

 /**
  * Check one file for security reasons
  *
  * @param object $filePathInfo
  * @param string $originalFileName
  * @return mixed bool(false) - if security checks fails. Otherwise string - ralative zip archive path with secured filename.
  */
 protected function checkOneFile($filePathInfo, $originalFileName)
 {
     $resourceTypeInfo = $this->_currentFolder->getResourceTypeConfig();
     // checked if it is a folder
     $fileStat = $this->zip->statName($originalFileName);
     if (empty($filePathInfo['extension']) && empty($fileStat['size'])) {
         $sNewFolderName = CKFinder_Connector_Utils_FileSystem::convertToFilesystemEncoding(rtrim($fileStat['name'], '/'));
         if ($this->_config->forceAscii()) {
             $sNewFolderName = CKFinder_Connector_Utils_FileSystem::convertToAscii($sNewFolderName);
         }
         if (!CKFinder_Connector_Utils_FileSystem::checkFolderPath($sNewFolderName) || $resourceTypeInfo->checkIsHiddenFolder($sNewFolderName)) {
             $this->errorCode = CKFINDER_CONNECTOR_ERROR_INVALID_NAME;
             $this->appendErrorNode($this->skippedFilesNode, $this->errorCode, $originalFileName);
             return false;
         }
         if (!is_writeable($this->_currentFolder->getServerPath())) {
             $this->errorCode = CKFINDER_CONNECTOR_ERROR_ACCESS_DENIED;
             $this->appendErrorNode($this->skippedFilesNode, $this->errorCode, $originalFileName);
             return false;
         }
         return $originalFileName;
     }
     $fileName = CKFinder_Connector_Utils_FileSystem::convertToFilesystemEncoding($filePathInfo['basename']);
     $sFileName = CKFinder_Connector_Utils_FileSystem::secureFileName($fileName);
     // max file size
     $maxSize = $resourceTypeInfo->getMaxSize();
     if ($maxSize && $fileStat['size'] > $maxSize) {
         $this->errorCode = CKFINDER_CONNECTOR_ERROR_UPLOADED_TOO_BIG;
         $this->appendErrorNode($this->skippedFilesNode, $this->errorCode, $originalFileName);
         return false;
     }
     // extension
     if (!$resourceTypeInfo->checkExtension($sFileName)) {
         $this->errorCode = CKFINDER_CONNECTOR_ERROR_INVALID_EXTENSION;
         $this->appendErrorNode($this->skippedFilesNode, $this->errorCode, $originalFileName);
         return false;
     }
     // hidden file
     if (!CKFinder_Connector_Utils_FileSystem::checkFileName($sFileName) || $resourceTypeInfo->checkIsHiddenFile($sFileName)) {
         $this->errorCode = CKFINDER_CONNECTOR_ERROR_INVALID_REQUEST;
         $this->appendErrorNode($this->skippedFilesNode, $this->errorCode, $originalFileName);
         return false;
     }
     // unpack file to tmp dir for detecting html and valid image
     $dir = CKFinder_Connector_Utils_FileSystem::getTmpDir() . '/';
     if (file_exists($dir . $sFileName) && !CKFinder_Connector_Utils_FileSystem::unlink($dir . $sFileName)) {
         $this->errorCode = CKFINDER_CONNECTOR_ERROR_INVALID_REQUEST;
         $this->appendErrorNode($this->skippedFilesNode, $this->errorCode, $originalFileName);
         return false;
     }
     if (copy('zip://' . $this->filePath . '#' . $originalFileName, $dir . $sFileName)) {
         // html extensions
         $htmlExtensions = $this->_config->getHtmlExtensions();
         $sExtension = CKFinder_Connector_Utils_FileSystem::getExtension($dir . $sFileName);
         if ($htmlExtensions && !CKFinder_Connector_Utils_Misc::inArrayCaseInsensitive($sExtension, $htmlExtensions) && CKFinder_Connector_Utils_FileSystem::detectHtml($dir . $sFileName) === true) {
             $this->errorCode = CKFINDER_CONNECTOR_ERROR_UPLOADED_INVALID;
             $this->appendErrorNode($this->skippedFilesNode, $this->errorCode, $originalFileName);
             return false;
         }
         // proper image
         $secureImageUploads = $this->_config->getSecureImageUploads();
         if ($secureImageUploads && ($isImageValid = CKFinder_Connector_Utils_FileSystem::isImageValid($dir . $sFileName, $sExtension)) === false) {
             $this->errorCode = CKFINDER_CONNECTOR_ERROR_UPLOADED_INVALID;
             $this->appendErrorNode($this->skippedFilesNode, $this->errorCode, $originalFileName);
             return false;
         }
     }
     $sDirName = $filePathInfo['dirname'] != '.' ? $filePathInfo['dirname'] . '/' : '';
     return $sDirName . $sFileName;
 }
开发者ID:jambik,项目名称:ikkf05,代码行数:77,代码来源:plugin.php


注:本文中的CKFinder_Connector_Utils_FileSystem::secureFileName方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。