本文整理汇总了PHP中TYPO3\CMS\Core\Utility\GeneralUtility::isAllowedAbsPath方法的典型用法代码示例。如果您正苦于以下问题:PHP GeneralUtility::isAllowedAbsPath方法的具体用法?PHP GeneralUtility::isAllowedAbsPath怎么用?PHP GeneralUtility::isAllowedAbsPath使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类TYPO3\CMS\Core\Utility\GeneralUtility的用法示例。
在下文中一共展示了GeneralUtility::isAllowedAbsPath方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: getRelativePath
/**
* Gets the relative path from a source directory to a target directory.
* The allowed TYPO3 path is checked as well, thus it's not possible to go to upper levels.
*
* @param string $sourcePath Absolute source path
* @param string $targetPath Absolute target path
* @return NULL|string
*/
public static function getRelativePath($sourcePath, $targetPath)
{
$relativePath = NULL;
$sourcePath = rtrim(GeneralUtility::fixWindowsFilePath($sourcePath), '/');
$targetPath = rtrim(GeneralUtility::fixWindowsFilePath($targetPath), '/');
if ($sourcePath !== $targetPath) {
$commonPrefix = self::getCommonPrefix(array($sourcePath, $targetPath));
if ($commonPrefix !== NULL && \TYPO3\CMS\Core\Utility\GeneralUtility::isAllowedAbsPath($commonPrefix)) {
$commonPrefixLength = strlen($commonPrefix);
$resolvedSourcePath = '';
$resolvedTargetPath = '';
$sourcePathSteps = 0;
if (strlen($sourcePath) > $commonPrefixLength) {
$resolvedSourcePath = (string) substr($sourcePath, $commonPrefixLength);
}
if (strlen($targetPath) > $commonPrefixLength) {
$resolvedTargetPath = (string) substr($targetPath, $commonPrefixLength);
}
if ($resolvedSourcePath !== '') {
$sourcePathSteps = count(explode('/', $resolvedSourcePath));
}
$relativePath = self::sanitizeTrailingSeparator(str_repeat('../', $sourcePathSteps) . $resolvedTargetPath);
}
}
return $relativePath;
}示例2: setLogFile
/**
* Sets the path to the log file.
*
* @param string $logFile path to the log file, relative to PATH_site
* @return WriterInterface
* @throws \InvalidArgumentException
*/
public function setLogFile($logFile)
{
// Skip handling if logFile is a stream resource. This is used by unit tests with vfs:// directories
if (FALSE === strpos($logFile, '://')) {
if (!GeneralUtility::isAllowedAbsPath(PATH_site . $logFile)) {
throw new \InvalidArgumentException('Log file path "' . $logFile . '" is not valid!', 1326411176);
}
$logFile = GeneralUtility::getFileAbsFileName($logFile);
}
$this->logFile = $logFile;
$this->openLogFile();
return $this;
}示例3: validatePath
/**
* Makes the given path absolute and ensures that it is allowed.
*
* The validation verifies that the path is under the web root or in any path allowed by
* $GLOBALS['TYPO3_CONF_VARS']['BE']['lockRootPath'].
*
* @param string $path Path to handle
* @return string Modified and validated path
* @throws ImportExportException
*/
public function validatePath($path)
{
// Make path absolute
$localPath = GeneralUtility::getFileAbsFileName($path, FALSE);
// Make sure the path has a trailing slash
if (strrpos($localPath, '/') !== strlen($localPath) - 1) {
$localPath .= '/';
}
// Remove double slashes due to user's input mistake
$localPath = str_replace('//', '/', $localPath);
if (!GeneralUtility::isAllowedAbsPath($localPath)) {
throw new ImportExportException(sprintf('Path not allowed (%s)', $localPath), 1389105498);
}
return $localPath;
}示例4: validateAdditionalFields
/**
* Validates the additional fields' values
*
* @param array $submittedData An array containing the data submitted by the add/edit task form
* @param \TYPO3\CMS\Scheduler\Controller\SchedulerModuleController $schedulerModule Reference to the scheduler backend module
* @return boolean TRUE if validation was ok (or selected class is not relevant), FALSE otherwise
*/
public function validateAdditionalFields(array &$submittedData, SchedulerModuleController $schedulerModule)
{
$validInput = true;
$directoriesToClean = GeneralUtility::trimExplode(LF, $submittedData[$this->fieldPrefix . 'DirectoriesToClean'], true);
foreach ($directoriesToClean as $path) {
$path = trim($path, DIRECTORY_SEPARATOR);
if (!(strlen($path) > 0 && file_exists(PATH_site . $path) && GeneralUtility::isAllowedAbsPath(PATH_site . $path) && GeneralUtility::validPathStr($path) && !GeneralUtility::inList($this->blackList, $path))) {
$validInput = false;
break;
}
}
if (empty($submittedData[$this->fieldPrefix . 'DirectoriesToClean']) || $validInput === false) {
$schedulerModule->addMessage($GLOBALS['LANG']->sL('LLL:EXT:minicleaner/locallang.xml:error.pathNotValid'), FlashMessage::ERROR);
$validInput = false;
}
return $validInput;
}示例5: getPath
/**
* prepare path, resolve relative path and resolve EXT: path
*
* @param string $path absolute or relative path or EXT:foobar/
* @return string/bool false if path is invalid, else the absolute path
*/
protected function getPath($path)
{
// getFileAbsFileName can't handle directory path with trailing / correctly
if (substr($path, -1) === '/') {
$path = substr($path, 0, -1);
}
// FIXME remove this hacky part
// skip path checks for CLI mode
if (defined('TYPO3_cliMode')) {
return $path;
}
$path = \TYPO3\CMS\Core\Utility\GeneralUtility::getFileAbsFileName($path);
if (\TYPO3\CMS\Core\Utility\GeneralUtility::isAllowedAbsPath($path)) {
return $path;
} else {
return false;
}
}开发者ID:ohartwig,项目名称:caretaker_instance,代码行数:24,代码来源:class.tx_caretakerinstance_Operation_CheckPathExists.php
示例6: execute
public function execute()
{
$directories = GeneralUtility::trimExplode(LF, $this->directoriesToClean, true);
if (is_array($directories)) {
foreach ($directories as $key => $directory) {
$path = PATH_site . trim($directory, DIRECTORY_SEPARATOR);
if ($path != PATH_site && file_exists($path) && GeneralUtility::isAllowedAbsPath($path) && GeneralUtility::validPathStr($path) && !GeneralUtility::inList($this->blackList, $path)) {
$result = GeneralUtility::flushDirectory($path, true);
if ($result === false) {
GeneralUtility::devLog($GLOBALS['LANG']->sL('LLL:EXT:minicleaner/locallang.xml:error.couldNotFlushDirectory'), 'minicleaner', 3);
return false;
}
} else {
GeneralUtility::devLog($GLOBALS['LANG']->sL('LLL:EXT:minicleaner/locallang.xml:error.pathNotFound'), 'minicleaner', 3);
return false;
}
}
}
return true;
}示例7: getCorrectUrl
/**
* If it is an URL, nothing to do, if it is a file, check if path is allowed and prepend current url
*
* @param string $url
* @return string
* @throws \UnexpectedValueException
*/
public static function getCorrectUrl($url)
{
if (empty($url)) {
throw new \UnexpectedValueException('An empty url is given');
}
$url = self::getFalFilename($url);
// check URL
$urlInfo = parse_url($url);
// means: it is no external url
if (!isset($urlInfo['scheme'])) {
// resolve paths like ../
$url = GeneralUtility::resolveBackPath($url);
// absolute path is used to check path
$absoluteUrl = GeneralUtility::getFileAbsFileName($url);
if (!GeneralUtility::isAllowedAbsPath($absoluteUrl)) {
throw new \UnexpectedValueException('The path "' . $url . '" is not allowed.');
}
// append current domain
$url = GeneralUtility::getIndpEnv('TYPO3_SITE_URL') . $url;
}
return $url;
}示例8: exportClipElementParameters
/**
* Creates GET parameters for linking to the export module.
*
* @return array GET parameters for current clipboard content to be exported
*/
protected function exportClipElementParameters()
{
// Init
$pad = $this->current;
$params = array();
$params['tx_impexp[action]'] = 'export';
// Traverse items:
if (is_array($this->clipData[$pad]['el'])) {
foreach ($this->clipData[$pad]['el'] as $k => $v) {
if ($v) {
list($table, $uid) = explode('|', $k);
// Rendering files/directories on the clipboard
if ($table == '_FILE') {
if (file_exists($v) && GeneralUtility::isAllowedAbsPath($v)) {
$params['tx_impexp[' . (is_dir($v) ? 'dir' : 'file') . '][]'] = $v;
}
} else {
// Rendering records:
$rec = BackendUtility::getRecord($table, $uid);
if (is_array($rec)) {
$params['tx_impexp[record][]'] = $table . ':' . $uid;
}
}
}
}
}
return $params;
}示例9: writeFile
/**
* Write content to a file.
*
* @param string $content Content to write to the file
* @param string $absFile File name to write into. If empty a temp file will be created.
* @return string|boolean File name or FALSE
* @todo Define visibility
*/
public function writeFile($content, $absFile = '')
{
if (!$absFile) {
$absFile = $this->tempFile($this->prefixId);
}
if ($absFile && \TYPO3\CMS\Core\Utility\GeneralUtility::isAllowedAbsPath($absFile)) {
if ($fd = @fopen($absFile, 'wb')) {
@fwrite($fd, $content);
@fclose($fd);
} else {
$this->errorPush(T3_ERR_SV_FILE_WRITE, 'Can not write to file: ' . $absFile);
$absFile = FALSE;
}
}
return $absFile;
}示例10: getHtmlTemplate
/**
* Function to load a HTML template file with markers.
* When calling from own extension, use syntax getHtmlTemplate('EXT:extkey/template.html')
*
* @param string $filename tmpl name, usually in the typo3/template/ directory
* @return string HTML of template
*/
public function getHtmlTemplate($filename)
{
// setting the name of the original HTML template
$this->moduleTemplateFilename = $filename;
if ($GLOBALS['TBE_STYLES']['htmlTemplates'][$filename]) {
$filename = $GLOBALS['TBE_STYLES']['htmlTemplates'][$filename];
}
if (GeneralUtility::isFirstPartOfStr($filename, 'EXT:')) {
$filename = GeneralUtility::getFileAbsFileName($filename, true, true);
} elseif (!GeneralUtility::isAbsPath($filename)) {
$filename = GeneralUtility::resolveBackPath($filename);
} elseif (!GeneralUtility::isAllowedAbsPath($filename)) {
$filename = '';
}
$htmlTemplate = '';
if ($filename !== '') {
$htmlTemplate = GeneralUtility::getUrl($filename);
}
return $htmlTemplate;
}示例11: release
/**
* Release the lock
*
* @return bool Returns TRUE on success or FALSE on failure
*/
public function release()
{
if (!$this->isAcquired) {
return TRUE;
}
$success = TRUE;
if (GeneralUtility::isAllowedAbsPath($this->filePath) && GeneralUtility::isFirstPartOfStr($this->filePath, PATH_site . self::FILE_LOCK_FOLDER)) {
if (@unlink($this->filePath) === FALSE) {
$success = FALSE;
}
}
$this->isAcquired = FALSE;
return $success;
}示例12: forwardJumpUrlSecureFileData
/**
* If the submitted hash is correct and the user has access to the
* related content element the contents of the submitted file will
* be output to the user.
*
* @param string $jumpUrl The URL to the file that should be output to the user
* @throws \Exception
*/
protected function forwardJumpUrlSecureFileData($jumpUrl)
{
// Set the parameters required for handling a secure jumpUrl link
// The locationData GET parameter, containing information about the record that created the URL
$locationData = (string) GeneralUtility::_GP('locationData');
// The optional mimeType GET parameter
$mimeType = (string) GeneralUtility::_GP('mimeType');
// The jump Url Hash GET parameter
$juHash = (string) GeneralUtility::_GP('juHash');
// validate the hash GET parameter against the other parameters
if ($juHash !== JumpUrlUtility::calculateHashSecure($jumpUrl, $locationData, $mimeType)) {
throw new \Exception('The calculated Jump URL secure hash ("juHash") did not match the submitted "juHash" query parameter.', 1294585196);
}
if (!$this->isLocationDataValid($locationData)) {
throw new \Exception('The calculated secure location data "' . $locationData . '" is not accessible.', 1294585195);
}
// Allow spaces / special chars in filenames.
$jumpUrl = rawurldecode($jumpUrl);
// Deny access to files that match TYPO3_CONF_VARS[SYS][fileDenyPattern] and whose parent directory
// is typo3conf/ (there could be a backup file in typo3conf/ which does not match against the fileDenyPattern)
$absoluteFileName = GeneralUtility::getFileAbsFileName(GeneralUtility::resolveBackPath($jumpUrl), false);
if (!GeneralUtility::isAllowedAbsPath($absoluteFileName) || !GeneralUtility::verifyFilenameAgainstDenyPattern($absoluteFileName) || GeneralUtility::isFirstPartOfStr($absoluteFileName, PATH_site . 'typo3conf')) {
throw new \Exception('The requested file was not allowed to be accessed through Jump URL. The path or file is not allowed.', 1294585194);
}
try {
$resourceFactory = $this->getResourceFactory();
$file = $resourceFactory->retrieveFileOrFolderObject($absoluteFileName);
$this->readFileAndExit($file, $mimeType);
} catch (\Exception $e) {
throw new \Exception('The requested file "' . $jumpUrl . '" for Jump URL was not found..', 1294585193);
}
}示例13: exportClipElementParameters
/**
* Creates GET parameters for linking to the export module.
*
* @return string GET parameters for current clipboard content to be exported.
* @todo Define visibility
*/
public function exportClipElementParameters()
{
// Init
$pad = $this->current;
$params = array();
$params[] = 'tx_impexp[action]=export';
// Traverse items:
if (is_array($this->clipData[$pad]['el'])) {
foreach ($this->clipData[$pad]['el'] as $k => $v) {
if ($v) {
list($table, $uid) = explode('|', $k);
// Rendering files/directories on the clipboard
if ($table == '_FILE') {
if (file_exists($v) && \TYPO3\CMS\Core\Utility\GeneralUtility::isAllowedAbsPath($v)) {
$params[] = 'tx_impexp[' . (is_dir($v) ? 'dir' : 'file') . '][]=' . rawurlencode($v);
}
} else {
// Rendering records:
$rec = \TYPO3\CMS\Backend\Utility\BackendUtility::getRecord($table, $uid);
if (is_array($rec)) {
$params[] = 'tx_impexp[record][]=' . rawurlencode($table . ':' . $uid);
}
}
}
}
}
return '?' . implode('&', $params);
}示例14: crawler_execute_type2
/**
* Indexing files from fileadmin
*
* @param array $cfgRec Indexing Configuration Record
* @param array $session_data Session data for the indexing session spread over multiple instances of the script. Passed by reference so changes hereto will be saved for the next call!
* @param array $params Parameters from the log queue.
* @param object $pObj Parent object (from "crawler" extension!)
* @return void
*/
public function crawler_execute_type2($cfgRec, &$session_data, $params, &$pObj)
{
// Prepare path, making it absolute and checking:
$readpath = $params['url'];
if (!GeneralUtility::isAbsPath($readpath)) {
$readpath = GeneralUtility::getFileAbsFileName($readpath);
}
if (GeneralUtility::isAllowedAbsPath($readpath)) {
if (@is_file($readpath)) {
// If file, index it!
// Get root line (need to provide this when indexing external files)
$rl = $this->getUidRootLineForClosestTemplate($cfgRec['pid']);
// (Re)-Indexing file on page.
$indexerObj = GeneralUtility::makeInstance(\TYPO3\CMS\IndexedSearch\Indexer::class);
$indexerObj->backend_initIndexer($cfgRec['pid'], 0, 0, '', $rl);
$indexerObj->backend_setFreeIndexUid($cfgRec['uid'], $cfgRec['set_id']);
$indexerObj->hash['phash'] = -1;
// EXPERIMENT - but to avoid phash_t3 being written to file sections (otherwise they are removed when page is reindexed!!!)
// Index document:
$indexerObj->indexRegularDocument(\TYPO3\CMS\Core\Utility\PathUtility::stripPathSitePrefix($readpath), TRUE);
} elseif (@is_dir($readpath)) {
// If dir, read content and create new pending items for log:
// Select files and directories in path:
$extList = implode(',', GeneralUtility::trimExplode(',', $cfgRec['extensions'], TRUE));
$fileArr = array();
$files = GeneralUtility::getAllFilesAndFoldersInPath($fileArr, $readpath, $extList, 0, 0);
$directoryList = GeneralUtility::get_dirs($readpath);
if (is_array($directoryList) && $params['depth'] < $cfgRec['depth']) {
foreach ($directoryList as $subdir) {
if ((string) $subdir != '') {
$files[] = $readpath . $subdir . '/';
}
}
}
$files = GeneralUtility::removePrefixPathFromList($files, PATH_site);
// traverse the items and create log entries:
foreach ($files as $path) {
$this->instanceCounter++;
if ($path !== $params['url']) {
// Parameters:
$nparams = array('indexConfigUid' => $cfgRec['uid'], 'url' => $path, 'procInstructions' => array('[Index Cfg UID#' . $cfgRec['uid'] . ']'), 'depth' => $params['depth'] + 1);
$pObj->addQueueEntry_callBack($cfgRec['set_id'], $nparams, $this->callBack, $cfgRec['pid'], $GLOBALS['EXEC_TIME'] + $this->instanceCounter * $this->secondsPerExternalUrl);
}
}
}
}
}示例15: addAttachmentsFromElements
/**
* Loop through all elements and attach the file when the element
* is a fileupload
*
* @param array $elements
* @param array $submittedValues
* @return void
*/
protected function addAttachmentsFromElements($elements, $submittedValues)
{
/** @var $element \TYPO3\CMS\Form\Domain\Model\Element\AbstractElement */
foreach ($elements as $element) {
if (is_a($element, 'TYPO3\\CMS\\Form\\Domain\\Model\\Element\\ContainerElement')) {
$this->addAttachmentsFromElements($element->getElements(), $submittedValues);
continue;
}
if (is_a($element, 'TYPO3\\CMS\\Form\\Domain\\Model\\Element\\FileuploadElement')) {
$elementName = $element->getName();
if (is_array($submittedValues[$elementName]) && isset($submittedValues[$elementName]['tempFilename'])) {
$filename = $submittedValues[$elementName]['tempFilename'];
if (is_file($filename) && \TYPO3\CMS\Core\Utility\GeneralUtility::isAllowedAbsPath($filename)) {
$this->mailMessage->attach(\Swift_Attachment::fromPath($filename)->setFilename($submittedValues[$elementName]['originalFilename']));
}
}
}
}
}