本文整理汇总了PHP中JFilterInput::isSafeFile方法的典型用法代码示例。如果您正苦于以下问题:PHP JFilterInput::isSafeFile方法的具体用法?PHP JFilterInput::isSafeFile怎么用?PHP JFilterInput::isSafeFile使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类JFilterInput的用法示例。
在下文中一共展示了JFilterInput::isSafeFile方法的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: get
/**
* Gets a value from the input data.
*
* @param string $name The name of the input property (usually the name of the files INPUT tag) to get.
* @param mixed $default The default value to return if the named property does not exist.
* @param string $filter The filter to apply to the value.
*
* @return mixed The filtered input value.
*
* @see JFilterInput::clean()
* @since 11.1
*/
public function get($name, $default = null, $filter = 'cmd')
{
if (isset($this->data[$name])) {
$results = $this->decodeData(array($this->data[$name]['name'], $this->data[$name]['type'], $this->data[$name]['tmp_name'], $this->data[$name]['error'], $this->data[$name]['size']));
// Prevent returning an unsafe file unless speciffically requested
if ($filter != 'raw') {
$isSafe = JFilterInput::isSafeFile($results);
if (!$isSafe) {
return $default;
}
}
return $results;
}
return $default;
}示例2: __construct
/**
* The class constructor.
*
* @param array $source The source argument is ignored. $_FILES is always used.
* @param array $options An optional array of configuration options:
* filter : a custom JFilterInput object.
*
* @since 12.1
*/
public function __construct(array $source = null, array $options = array())
{
if (isset($options['filter'])) {
$this->filter = $options['filter'];
} else {
$this->filter = JFilterInput::getInstance();
}
// Set the data source.
$this->data =& $_FILES;
// Scan the files in the array
if (!empty($this->data)) {
foreach ($this->data as $name => &$descriptor) {
$descriptor['safe'] = JFilterInput::isSafeFile($descriptor);
}
}
// Set the options for the class.
$this->options = $options;
}示例3: isSafeFile
/**
* Checks an uploaded for suspicious naming and potential PHP contents which could indicate a hacking attempt.
*/
public static function isSafeFile($file, $options = array())
{
if (class_exists('JFilterInput') && method_exists(JFilterInput, 'isSafeFile')) {
return JFilterInput::isSafeFile($file, $options);
}
require_once dirname(__FILE__) . '/uploadshield.php';
return WFUploadShield::isSafeFile($file, $options);
}示例4: upload
/**
* Moves an uploaded file to a destination folder
*
* @param string $src The name of the php (temporary) uploaded file
* @param string $dest The path (including filename) to move the uploaded file to
* @param boolean $use_streams True to use streams
* @param boolean $allow_unsafe Allow the upload of unsafe files
* @param boolean $safeFileOptions Options to JFilterInput::isSafeFile
*
* @return boolean True on success
*
* @since 11.1
*/
public static function upload($src, $dest, $use_streams = false, $allow_unsafe = false, $safeFileOptions = array())
{
if (!$allow_unsafe) {
$descriptor = array('tmp_name' => $src, 'name' => basename($dest), 'type' => '', 'error' => '', 'size' => '');
$isSafe = JFilterInput::isSafeFile($descriptor, $safeFileOptions);
if (!$isSafe) {
JLog::add(JText::sprintf('JLIB_FILESYSTEM_ERROR_WARNFS_ERR03', $dest), JLog::WARNING, 'jerror');
return false;
}
}
// Ensure that the path is valid and clean
$pathObject = new JFilesystemWrapperPath();
$dest = $pathObject->clean($dest);
// Create the destination directory if it does not exist
$baseDir = dirname($dest);
if (!file_exists($baseDir)) {
$folderObject = new JFilesystemWrapperFolder();
$folderObject->create($baseDir);
}
if ($use_streams) {
$stream = JFactory::getStream();
if (!$stream->upload($src, $dest)) {
JLog::add(JText::sprintf('JLIB_FILESYSTEM_ERROR_UPLOAD', $stream->getError()), JLog::WARNING, 'jerror');
return false;
}
return true;
} else {
$FTPOptions = JClientHelper::getCredentials('ftp');
$ret = false;
if ($FTPOptions['enabled'] == 1) {
// Connect the FTP client
$ftp = JClientFtp::getInstance($FTPOptions['host'], $FTPOptions['port'], array(), $FTPOptions['user'], $FTPOptions['pass']);
// Translate path for the FTP account
$dest = $pathObject->clean(str_replace(JPATH_ROOT, $FTPOptions['root'], $dest), '/');
// Copy the file to the destination directory
if (is_uploaded_file($src) && $ftp->store($src, $dest)) {
unlink($src);
$ret = true;
} else {
JLog::add(JText::sprintf('JLIB_FILESYSTEM_ERROR_WARNFS_ERR04', $src, $dest), JLog::WARNING, 'jerror');
}
} else {
if (is_writeable($baseDir) && move_uploaded_file($src, $dest)) {
// Short circuit to prevent file permission errors
if ($pathObject->setPermissions($dest)) {
$ret = true;
} else {
JLog::add(JText::_('JLIB_FILESYSTEM_ERROR_WARNFS_ERR01'), JLog::WARNING, 'jerror');
}
} else {
JLog::add(JText::sprintf('JLIB_FILESYSTEM_ERROR_WARNFS_ERR04', $src, $dest), JLog::WARNING, 'jerror');
}
}
return $ret;
}
}