本文整理汇总了PHP中Minify_Controller_Base::_fileIsSafe方法的典型用法代码示例。如果您正苦于以下问题:PHP Minify_Controller_Base::_fileIsSafe方法的具体用法?PHP Minify_Controller_Base::_fileIsSafe怎么用?PHP Minify_Controller_Base::_fileIsSafe使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类Minify_Controller_Base
的用法示例。
在下文中一共展示了Minify_Controller_Base::_fileIsSafe方法的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: setupSources
/**
* Set up groups of files as sources
*
* @param array $options controller and Minify options
* @return array Minify options
*
*/
public function setupSources($options)
{
// PHP insecure by default: realpath() and other FS functions can't handle null bytes.
if (isset($_GET['files'])) {
$_GET['files'] = str_replace("", '', (string) $_GET['files']);
}
self::_setupDefines();
if (MINIFY_USE_CACHE) {
$cacheDir = defined('MINIFY_CACHE_DIR') ? MINIFY_CACHE_DIR : '';
Minify::setCache($cacheDir);
}
$options['badRequestHeader'] = 'HTTP/1.0 404 Not Found';
$options['contentTypeCharset'] = MINIFY_ENCODING;
// The following restrictions are to limit the URLs that minify will
// respond to. Ideally there should be only one way to reference a file.
if (!isset($_GET['files']) || !preg_match('/^[^,]+\\.(css|js)(,[^,]+\\.\\1)*$/', $_GET['files'], $m) || strpos($_GET['files'], '//') !== false || strpos($_GET['files'], '\\') !== false || preg_match('/(?:^|[^\\.])\\.\\//', $_GET['files'])) {
return $options;
}
$extension = $m[1];
$files = explode(',', $_GET['files']);
if (count($files) > MINIFY_MAX_FILES) {
return $options;
}
// strings for prepending to relative/absolute paths
$prependRelPaths = dirname($_SERVER['SCRIPT_FILENAME']) . DIRECTORY_SEPARATOR;
$prependAbsPaths = $_SERVER['DOCUMENT_ROOT'];
$sources = array();
$goodFiles = array();
$hasBadSource = false;
$allowDirs = isset($options['allowDirs']) ? $options['allowDirs'] : MINIFY_BASE_DIR;
foreach ($files as $file) {
// prepend appropriate string for abs/rel paths
$file = ($file[0] === '/' ? $prependAbsPaths : $prependRelPaths) . $file;
// make sure a real file!
$file = realpath($file);
// don't allow unsafe or duplicate files
if (parent::_fileIsSafe($file, $allowDirs) && !in_array($file, $goodFiles)) {
$goodFiles[] = $file;
$srcOptions = array('filepath' => $file);
$this->sources[] = new Minify_Source($srcOptions);
} else {
$hasBadSource = true;
break;
}
}
if ($hasBadSource) {
$this->sources = array();
}
if (!MINIFY_REWRITE_CSS_URLS) {
$options['rewriteCssUris'] = false;
}
return $options;
}
示例2: setupSources
//.........这里部分代码省略.........
}
$files = $cOptions['groups'][$_GET['g']];
// if $files is a single object, casting will break it
if (is_object($files)) {
$files = array($files);
} elseif (!is_array($files)) {
$files = (array) $files;
}
foreach ($files as $file) {
if ($file instanceof Minify_Source) {
$sources[] = $file;
continue;
}
if (0 === strpos($file, '//')) {
$file = $_SERVER['DOCUMENT_ROOT'] . substr($file, 1);
}
$realPath = realpath($file);
if (is_file($realPath)) {
$sources[] = new Minify_Source(array('filepath' => $realPath));
} else {
$this->log("The path \"{$realPath}\" could not be found (or was not a file)");
continue;
}
}
} elseif (!$cOptions['groupsOnly'] && isset($_GET['f'])) {
$config = w3_instance('W3_Config');
$external = $config->get_array('minify.cache.files');
$files = $_GET['f'];
$temp_files = array();
$external_files = 0;
foreach ($files as $file) {
if (!is_string($file)) {
$url = $file->minifyOptions['prependRelativePath'];
$verified = false;
foreach ($external as $ext) {
if (preg_match('#' . w3_get_url_regexp($ext) . '#', $url) && !$verified) {
$verified = true;
}
}
if (!$verified) {
$this->log("GET['f'] param part invalid, not in accepted external files list: \"{$url}\"");
return $options;
}
$external_files++;
} else {
$temp_files[] = $file;
}
}
if ($temp_files) {
$imploded = implode(',', $temp_files);
if (!preg_match('/^[^,]+\\.(css|js)(?:,[^,]+\\.\\1)*$/', $imploded) || strpos($imploded, '//') !== false || strpos($imploded, '\\') !== false || preg_match('/(?:^|[^\\.])\\.\\//', $imploded)) {
$this->log("GET['f'] param part invalid: \"{$imploded}\"");
return $options;
}
}
if (count($files) > $cOptions['maxFiles'] || count($files) - $external_files != count(array_unique($temp_files))) {
$this->log("Too many or duplicate files specified: \"" . implode(', ', $temp_files) . "\"");
return $options;
}
if (!empty($_GET['b'])) {
// check for validity
if (preg_match('@^[^/]+(?:/[^/]+)*$@', $_GET['b']) && false === strpos($_GET['b'], '..') && $_GET['b'] !== '.') {
// valid base
$base = "/{$_GET['b']}/";
} else {
$this->log("GET['b'] param invalid: \"{$_GET['b']}\"");
return $options;
}
} else {
$base = '/';
}
$allowDirs = array();
foreach ((array) $cOptions['allowDirs'] as $allowDir) {
$allowDirs[] = realpath(str_replace('//', $_SERVER['DOCUMENT_ROOT'] . '/', $allowDir));
}
foreach ($files as $file) {
if ($file instanceof Minify_Source) {
$sources[] = $file;
continue;
}
$path = $_SERVER['DOCUMENT_ROOT'] . $base . $file;
$file = realpath($path);
if (false === $file) {
$this->log("Path \"{$path}\" failed realpath()");
return $options;
} elseif (!parent::_fileIsSafe($file, $allowDirs)) {
$this->log("Path \"{$path}\" failed Minify_Controller_Base::_fileIsSafe()");
return $options;
} else {
$sources[] = new Minify_Source(array('filepath' => $file));
}
}
}
if ($sources) {
$this->sources = $sources;
} else {
$this->log("No sources to serve");
}
return $options;
}
示例3: setupSources
/**
* Set up groups of files as sources
*
* @param array $options controller and Minify options
* @return array Minify options
*
*/
public function setupSources($options)
{
// filter controller options
$cOptions = array_merge(array('allowDirs' => '//', 'groupsOnly' => false, 'groups' => array(), 'maxFiles' => 10), isset($options['minApp']) ? $options['minApp'] : array());
unset($options['minApp']);
$sources = array();
if (isset($_GET['g'])) {
// try groups
if (!isset($cOptions['groups'][$_GET['g']])) {
$this->log("A group configuration for \"{$_GET['g']}\" was not set");
return $options;
}
$files = $cOptions['groups'][$_GET['g']];
// if $files is a single object, casting will break it
if (is_object($files)) {
$files = array($files);
} elseif (!is_array($files)) {
$files = (array) $files;
}
foreach ($files as $file) {
if ($file instanceof Minify_Source) {
$sources[] = $file;
continue;
}
if (0 === strpos($file, '//')) {
$file = $_SERVER['DOCUMENT_ROOT'] . substr($file, 1);
}
$realPath = realpath($file);
if (is_file($realPath)) {
$sources[] = new Minify_Source(array('filepath' => $realPath));
} else {
$this->log("The path \"{$realPath}\" could not be found (or was not a file)");
continue;
}
}
} elseif (!$cOptions['groupsOnly'] && isset($_GET['f'])) {
// try user files
// The following restrictions are to limit the URLs that minify will
// respond to. Ideally there should be only one way to reference a file.
if (!preg_match('/^[^,]+\\.(css|js)(?:,[^,]+\\.\\1)*$/', $_GET['f']) || strpos($_GET['f'], '//') !== false || strpos($_GET['f'], '\\') !== false || preg_match('/(?:^|[^\\.])\\.\\//', $_GET['f'])) {
$this->log("GET['f'] param invalid: \"{$_GET['f']}\"");
return $options;
}
$files = explode(',', $_GET['f']);
if (count($files) > $cOptions['maxFiles'] || $files != array_unique($files)) {
$this->log("Too many or duplicate files specified: \"" . implode(', ', $files) . "\"");
return $options;
}
if (!empty($_GET['b'])) {
// check for validity
if (preg_match('@^[^/]+(?:/[^/]+)*$@', $_GET['b']) && false === strpos($_GET['b'], '..') && $_GET['b'] !== '.') {
// valid base
$base = "/{$_GET['b']}/";
} else {
$this->log("GET['b'] param invalid: \"{$_GET['b']}\"");
return $options;
}
} else {
$base = '/';
}
$allowDirs = array();
foreach ((array) $cOptions['allowDirs'] as $allowDir) {
$allowDirs[] = realpath(str_replace('//', $_SERVER['DOCUMENT_ROOT'] . '/', $allowDir));
}
foreach ($files as $file) {
$path = $_SERVER['DOCUMENT_ROOT'] . $base . $file;
$file = realpath($path);
if (false === $file) {
$this->log("Path \"{$path}\" failed realpath()");
return $options;
} elseif (!parent::_fileIsSafe($file, $allowDirs)) {
$this->log("Path \"{$path}\" failed Minify_Controller_Base::_fileIsSafe()");
return $options;
} else {
$sources[] = new Minify_Source(array('filepath' => $file));
}
}
}
if ($sources) {
$this->sources = $sources;
} else {
$this->log("No sources to serve");
}
return $options;
}
示例4: setupSources
/**
* Set up groups of files as sources
*
* @param array $options controller and Minify options
* @return array Minify options
*
*/
public function setupSources($options)
{
// filter controller options
$cOptions = array_merge(array('allowDirs' => '//', 'groupsOnly' => false, 'groups' => array(), 'maxFiles' => 10), isset($options['minApp']) ? $options['minApp'] : array());
unset($options['minApp']);
$sources = array();
if (isset($_GET['g'])) {
// try groups
if (!isset($cOptions['groups'][$_GET['g']])) {
return $options;
}
foreach ((array) $cOptions['groups'][$_GET['g']] as $file) {
if ($file instanceof Minify_Source) {
$sources[] = $file;
continue;
}
if (0 === strpos($file, '//')) {
$file = $_SERVER['DOCUMENT_ROOT'] . substr($file, 1);
}
$file = realpath($file);
if (is_file($file)) {
$sources[] = new Minify_Source(array('filepath' => $file));
} else {
// file doesn't exist
return $options;
}
}
} elseif (!$cOptions['groupsOnly'] && isset($_GET['f'])) {
// try user files
// The following restrictions are to limit the URLs that minify will
// respond to. Ideally there should be only one way to reference a file.
if (!preg_match('/^[^,]+\\.(css|js)(?:,[^,]+\\.\\1)*$/', $_GET['f']) || strpos($_GET['f'], '//') !== false || strpos($_GET['f'], '\\') !== false || preg_match('/(?:^|[^\\.])\\.\\//', $_GET['f'])) {
return $options;
}
$files = explode(',', $_GET['f']);
if (count($files) > $cOptions['maxFiles'] || $files != array_unique($files)) {
// too many or duplicate files
return $options;
}
if (isset($_GET['b'])) {
// check for validity
if (preg_match('@^[^/]+(?:/[^/]+)*$@', $_GET['b']) && false === strpos($_GET['b'], '..') && $_GET['b'] !== '.') {
// valid base
$base = "/{$_GET['b']}/";
} else {
return $options;
}
} else {
$base = '/';
}
$allowDirs = array();
foreach ((array) $cOptions['allowDirs'] as $allowDir) {
$allowDirs[] = realpath(str_replace('//', $_SERVER['DOCUMENT_ROOT'] . '/', $allowDir));
}
foreach ($files as $file) {
$file = realpath($_SERVER['DOCUMENT_ROOT'] . $base . $file);
// don't allow unsafe or duplicate files
if (parent::_fileIsSafe($file, $allowDirs)) {
$sources[] = new Minify_Source(array('filepath' => $file));
} else {
// unsafe file
return $options;
}
}
}
if ($sources) {
$this->sources = $sources;
}
return $options;
}