This commit is contained in:
Fred Tempez 2021-12-31 11:17:12 +01:00
commit 8310343886
15 changed files with 6186 additions and 5484 deletions

View File

@ -24,8 +24,8 @@
AddOutputFilterByType DEFLATE application/x-javascript
</IfModule>
# Cache le PHPSESSID de l'url
SetEnv SESSION_USE_TRANS_SID 0
# Cache le PHPSESSID de l'url // Désormais géré par index.php
# SetEnv SESSION_USE_TRANS_SID 0
# Bloque l'accès à la liste des fichiers
Options -Indexes

View File

@ -45,7 +45,7 @@ class common {
// Numéro de version
const ZWII_UPDATE_URL = 'https://forge.chapril.org/ZwiiCMS-Team/update/raw/branch/master/';
const ZWII_VERSION = '11.2.00.29';
const ZWII_VERSION = '11.2.00.30';
const ZWII_UPDATE_CHANNEL = "test";
public static $actions = [];

View File

@ -41,6 +41,7 @@ class UploadHandler
const IMAGETYPE_GIF = 1;
const IMAGETYPE_JPEG = 2;
const IMAGETYPE_PNG = 3;
const IMAGETYPE_WEBP = 4;
protected $image_objects = array();
@ -75,12 +76,12 @@ class UploadHandler
),
// By default, allow redirects to the referer protocol+host:
'redirect_allow_target' => '/^'.preg_quote(
parse_url($this->get_server_var('HTTP_REFERER'), PHP_URL_SCHEME)
.'://'
.parse_url($this->get_server_var('HTTP_REFERER'), PHP_URL_HOST)
.'/', // Trailing slash to not match subdomains by mistake
'/' // preg_quote delimiter param
).'/',
parse_url($this->get_server_var('HTTP_REFERER'), PHP_URL_SCHEME)
.'://'
.parse_url($this->get_server_var('HTTP_REFERER'), PHP_URL_HOST)
.'/', // Trailing slash to not match subdomains by mistake
'/' // preg_quote delimiter param
).'/',
// Enable to provide file downloads via GET requests to the PHP script:
// 1. Set to 1 to download files via readfile method through PHP
// 2. Set to 2 to send a X-Sendfile header for lighttpd/Apache
@ -167,22 +168,22 @@ class UploadHandler
),
*/
//'thumbnail' => array(
// Uncomment the following to use a defined directory for the thumbnails
// instead of a subdirectory based on the version identifier.
// Make sure that this directory doesn't allow execution of files if you
// don't pose any restrictions on the type of uploaded files, e.g. by
// copying the .htaccess file from the files directory for Apache:
//'upload_dir' => dirname($this->get_server_var('SCRIPT_FILENAME')).'/thumb/',
//'upload_url' => $this->get_full_url().'/thumb/',
// Uncomment the following to force the max
// dimensions and e.g. create square thumbnails:
// 'auto_orient' => true,
// 'crop' => true,
// 'jpeg_quality' => 70,
// 'no_cache' => true, (there's a caching option, but this remembers thumbnail sizes from a previous action!)
// 'strip' => true, (this strips EXIF tags, such as geolocation)
// 'max_width' => 80, // either specify width, or set to 0. Then width is automatically adjusted - keeping aspect ratio to a specified max_height.
// 'max_height' => 80 // either specify height, or set to 0. Then height is automatically adjusted - keeping aspect ratio to a specified max_width.
// Uncomment the following to use a defined directory for the thumbnails
// instead of a subdirectory based on the version identifier.
// Make sure that this directory doesn't allow execution of files if you
// don't pose any restrictions on the type of uploaded files, e.g. by
// copying the .htaccess file from the files directory for Apache:
//'upload_dir' => dirname($this->get_server_var('SCRIPT_FILENAME')).'/thumb/',
//'upload_url' => $this->get_full_url().'/thumb/',
// Uncomment the following to force the max
// dimensions and e.g. create square thumbnails:
// 'auto_orient' => true,
// 'crop' => true,
// 'jpeg_quality' => 70,
// 'no_cache' => true, (there's a caching option, but this remembers thumbnail sizes from a previous action!)
// 'strip' => true, (this strips EXIF tags, such as geolocation)
// 'max_width' => 80, // either specify width, or set to 0. Then width is automatically adjusted - keeping aspect ratio to a specified max_height.
// 'max_height' => 80 // either specify height, or set to 0. Then height is automatically adjusted - keeping aspect ratio to a specified max_width.
// )
),
'print_response' => true
@ -223,13 +224,13 @@ class UploadHandler
protected function get_full_url() {
$https = !empty($_SERVER['HTTPS']) && strcasecmp($_SERVER['HTTPS'], 'on') === 0 ||
!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) &&
strcasecmp($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') === 0;
strcasecmp($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') === 0;
return
($https ? 'https://' : 'http://').
(!empty($_SERVER['REMOTE_USER']) ? $_SERVER['REMOTE_USER'].'@' : '').
(isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : ($_SERVER['SERVER_NAME'].
($https && $_SERVER['SERVER_PORT'] === 443 ||
$_SERVER['SERVER_PORT'] === 80 ? '' : ':'.$_SERVER['SERVER_PORT']))).
($https && $_SERVER['SERVER_PORT'] === 443 ||
$_SERVER['SERVER_PORT'] === 80 ? '' : ':'.$_SERVER['SERVER_PORT']))).
substr($_SERVER['SCRIPT_NAME'],0, strrpos($_SERVER['SCRIPT_NAME'], '/'));
}
@ -360,9 +361,9 @@ class UploadHandler
return array();
}
return array_values(array_filter(array_map(
array($this, $iteration_method),
scandir($upload_dir)
)));
array($this, $iteration_method),
scandir($upload_dir)
)));
}
protected function count_file_objects() {
@ -414,7 +415,7 @@ class UploadHandler
if ($this->options['max_file_size'] && (
$file_size > $this->options['max_file_size'] ||
$file->size > $this->options['max_file_size'])
) {
) {
$file->error = $this->get_error_message('max_file_size');
return false;
}
@ -424,9 +425,9 @@ class UploadHandler
return false;
}
if (is_int($this->options['max_number_of_files']) &&
($this->count_file_objects() >= $this->options['max_number_of_files']) &&
// Ignore additional chunks of existing files:
!is_file($this->get_upload_path($file->name))) {
($this->count_file_objects() >= $this->options['max_number_of_files']) &&
// Ignore additional chunks of existing files:
!is_file($this->get_upload_path($file->name))) {
$file->error = $this->get_error_message('max_number_of_files');
return false;
}
@ -488,27 +489,30 @@ class UploadHandler
}
protected function get_unique_filename($file_path, $name, $size, $type, $error,
$index, $content_range) {
$index, $content_range) {
while(is_dir($this->get_upload_path($name))) {
$name = $this->upcount_name($name);
}
// Keep an existing filename if this is part of a chunked upload:
$uploaded_bytes = $this->fix_integer_overflow((int)$content_range[1]);
$uploaded_bytes =!empty($content_range[1]) ? $this->fix_integer_overflow((int)$content_range[1]) : 0;
while (is_file($this->get_upload_path($name))) {
if ($uploaded_bytes === $this->get_file_size(
$this->get_upload_path($name))) {
break;
if(isset($uploaded_bytes)){
if ($uploaded_bytes === $this->get_file_size(
$this->get_upload_path($name))) {
break;
}
}
$name = $this->upcount_name($name);
}
return $name;
}
protected function fix_file_extension($file_path, $name, $size, $type, $error,
$index, $content_range) {
$index, $content_range) {
// Add missing file extension for known image types:
if (strpos($name, '.') === false &&
preg_match('/^image\/(gif|jpe?g|png)/', $type, $matches)) {
preg_match('/^image\/(gif|jpe?g|png|webp)/', $type, $matches)) {
$name .= '.'.$matches[1];
}
if ($this->options['correct_image_extensions']) {
@ -522,6 +526,9 @@ class UploadHandler
case self::IMAGETYPE_GIF:
$extensions = array('gif');
break;
case self::IMAGETYPE_WEBP:
$extensions = array('webp');
break;
}
// Adjust incorrect image file extensions:
if (!empty($extensions)) {
@ -538,7 +545,7 @@ class UploadHandler
}
protected function trim_file_name($file_path, $name, $size, $type, $error,
$index, $content_range) {
$index, $content_range) {
// Remove path information and dots around the filename, to prevent uploading
// into different directories or replacing hidden system files.
// Also remove control characters and spaces (\x00..\x20) around the filename:
@ -561,13 +568,13 @@ class UploadHandler
}
protected function get_file_name($file_path, $name, $size, $type, $error,
$index, $content_range) {
$index, $content_range) {
$name = $this->trim_file_name($file_path, $name, $size, $type, $error,
$index, $content_range);
$index, $content_range);
return $this->get_unique_filename(
$file_path,
$this->fix_file_extension($file_path, $name, $size, $type, $error,
$index, $content_range),
$index, $content_range),
$size,
$type,
$error,
@ -734,6 +741,12 @@ class UploadHandler
$image_quality = isset($options['png_quality']) ?
$options['png_quality'] : 9;
break;
case 'webp':
$src_func = 'imagecreatefromwebp';
$write_func = 'imagewebp';
$image_quality = isset($options['webp_quality']) ?
$options['webp_quality'] : 75;
break;
default:
return false;
}
@ -803,17 +816,17 @@ class UploadHandler
break;
}
$success = imagecopyresampled(
$new_img,
$src_img,
$dst_x,
$dst_y,
0,
0,
$new_width,
$new_height,
$img_width,
$img_height
) && $write_func($new_img, $new_file_path, $image_quality);
$new_img,
$src_img,
$dst_x,
$dst_y,
0,
0,
$new_width,
$new_height,
$img_width,
$img_height
) && $write_func($new_img, $new_file_path, $image_quality);
$this->gd_set_image_object($file_path, $new_img);
return $success;
}
@ -1083,6 +1096,9 @@ class UploadHandler
if (bin2hex(@$data[0]).substr($data, 1, 4) === '89PNG') {
return self::IMAGETYPE_PNG;
}
if ($data === 'RIFF') {
return self::IMAGETYPE_WEBP;
}
return false;
}
@ -1111,17 +1127,17 @@ class UploadHandler
}
if (count($failed_versions)) {
$file->error = $this->get_error_message('image_resize')
.' ('.implode($failed_versions, ', ').')';
.' ('.implode(', ', $failed_versions).')';
}
// Free memory:
$this->destroy_image_object($file_path);
}
protected function handle_file_upload($uploaded_file, $name, $size, $type, $error,
$index = null, $content_range = null) {
$index = null, $content_range = null) {
$file = new \stdClass();
$file->name = $this->get_file_name($uploaded_file, $name, $size, $type, $error,
$index, $content_range);
$index, $content_range);
$file->size = $this->fix_integer_overflow((int)$size);
$file->type = $type;
if ($this->validate($uploaded_file, $file, $error, $index)) {
@ -1203,11 +1219,19 @@ class UploadHandler
}
protected function get_query_param($id) {
return @$_GET[$id];
if (isset($_GET[$id])) {
return @$_GET[$id];
}
return false;
}
protected function get_server_var($id) {
return @$_SERVER[$id];
if (isset($_SERVER[$id])) {
return @$_SERVER[$id];
}
return false;
}
protected function handle_form_data($file, $index) {
@ -1306,11 +1330,11 @@ class UploadHandler
protected function send_access_control_headers() {
$this->header('Access-Control-Allow-Origin: '.$this->options['access_control_allow_origin']);
$this->header('Access-Control-Allow-Credentials: '
.($this->options['access_control_allow_credentials'] ? 'true' : 'false'));
.($this->options['access_control_allow_credentials'] ? 'true' : 'false'));
$this->header('Access-Control-Allow-Methods: '
.implode(', ', $this->options['access_control_allow_methods']));
.implode(', ', $this->options['access_control_allow_methods']));
$this->header('Access-Control-Allow-Headers: '
.implode(', ', $this->options['access_control_allow_headers']));
.implode(', ', $this->options['access_control_allow_headers']));
}
public function generate_response($content, $print_response = true) {
@ -1328,8 +1352,8 @@ class UploadHandler
$content[$this->options['param_name']] : null;
if ($files && is_array($files) && is_object($files[0]) && $files[0]->size) {
$this->header('Range: 0-'.(
$this->fix_integer_overflow((int)$files[0]->size) - 1
));
$this->fix_integer_overflow((int)$files[0]->size) - 1
));
}
}
$this->body($json);
@ -1379,10 +1403,10 @@ class UploadHandler
$content_disposition_header = $this->get_server_var('HTTP_CONTENT_DISPOSITION');
$file_name = $content_disposition_header ?
rawurldecode(preg_replace(
'/(^[^"]+")|("$)/',
'',
$content_disposition_header
)) : null;
'/(^[^"]+")|("$)/',
'',
$content_disposition_header
)) : null;
// Parse the Content-Range header, which has the following form:
// Content-Range: bytes 0-524287/2000000
$content_range_header = $this->get_server_var('HTTP_CONTENT_RANGE');
@ -1411,11 +1435,11 @@ class UploadHandler
$files[] = $this->handle_file_upload(
isset($upload['tmp_name']) ? $upload['tmp_name'] : null,
$file_name ? $file_name : (isset($upload['name']) ?
$upload['name'] : null),
$upload['name'] : null),
$size ? $size : (isset($upload['size']) ?
$upload['size'] : $this->get_server_var('CONTENT_LENGTH')),
$upload['size'] : $this->get_server_var('CONTENT_LENGTH')),
isset($upload['type']) ?
$upload['type'] : $this->get_server_var('CONTENT_TYPE'),
$upload['type'] : $this->get_server_var('CONTENT_TYPE'),
isset($upload['error']) ? $upload['error'] : null,
null,
$content_range
@ -1426,7 +1450,7 @@ class UploadHandler
$name = $file_name ? $file_name : $upload['name'][0];
$res = $this->generate_response($response, $print_response);
if(is_file($this->get_upload_path($name))){
$uploaded_bytes = $this->fix_integer_overflow((int)$content_range[1]);
$uploaded_bytes =!empty($content_range[1]) ? $this->fix_integer_overflow((int)$content_range[1]) : 0;
$totalSize = $this->get_file_size($this->get_upload_path($name));
if ($totalSize - $uploaded_bytes - $this->options['readfile_chunk_size'] < 0) {
$this->onUploadEnd($res);
@ -1451,10 +1475,12 @@ class UploadHandler
if (!is_dir($targetPathThumb)) {
mkdir($targetPathThumb, $this->options['mkdir_mode'], true);
}
if(is_file($targetFile)) {
chmod($targetFile, $this->options['config']['filePermission']);
}elseif(is_dir($targetFile)){
chmod($targetFile, $this->options['config']['folderPermission']);
if(is_function_callable('chmod')){
if(is_file($targetFile)) {
chmod($targetFile, $this->options['config']['filePermission']);
}elseif(is_dir($targetFile)){
chmod($targetFile, $this->options['config']['folderPermission']);
}
}
}else{
$targetFile = $this->options['config']['ftp_temp_folder'].$res['files'][0]->name;

View File

@ -454,7 +454,7 @@ $config = array(
//**********************
//Allowed extensions (lowercase insert)
//**********************
'ext_img' => array( 'jpg', 'jpeg', 'png', 'gif', 'bmp', 'tiff','svg', 'ico' ), //Images
'ext_img' => array( 'jpg', 'jpeg', 'png', 'gif', 'bmp', 'tiff','svg', 'ico', 'webp' ), //Images
'ext_file' => array( 'doc', 'docx', 'rtf', 'pdf', 'xls', 'xlsx', 'txt', 'csv', 'html', 'xhtml', 'psd', 'sql', 'log', 'fla', 'xml', 'ade', 'adp', 'mdb', 'accdb', 'ppt', 'pptx', 'odt', 'ots', 'ott', 'odb', 'odg', 'otp', 'otg', 'odf', 'ods', 'odp', 'css', 'ai', 'kmz','dwg', 'dxf', 'hpgl', 'plt', 'spl', 'step', 'stp', 'iges', 'igs', 'sat', 'cgm', 'ics', 'gpx', 'kml', ''), //Files
'ext_video' => array( 'mov', 'mpeg', 'm4v', 'mp4', 'avi', 'mpg', 'wma', "flv", "webm" ), //Video
'ext_music' => array( 'mp3', 'mpga', 'm4a', 'ac3', 'aiff', 'mid', 'ogg', 'wav' ), //Audio

File diff suppressed because it is too large Load Diff

View File

@ -41,7 +41,21 @@ while ($cycle && $i < $max_cycles) {
}
if (file_exists($path . "config.php")) {
require_once $path . "config.php";
$configMain = $config;
$configTemp = include $path . "config.php";
if(is_array($configTemp) && count($configTemp) > 0){
$config = array_merge($configMain, $configTemp);
$config['ext'] = array_merge(
$config['ext_img'],
$config['ext_file'],
$config['ext_misc'],
$config['ext_video'],
$config['ext_music']
);
}
else{
$config = $configMain;
}
$cycle = false;
}
$path = fix_dirname($path) . "/";

View File

@ -9,357 +9,357 @@
*/
class Response {
const HTTP_CONTINUE = 100;
const HTTP_SWITCHING_PROTOCOLS = 101;
const HTTP_PROCESSING = 102; // RFC2518
const HTTP_OK = 200;
const HTTP_CREATED = 201;
const HTTP_ACCEPTED = 202;
const HTTP_NON_AUTHORITATIVE_INFORMATION = 203;
const HTTP_NO_CONTENT = 204;
const HTTP_RESET_CONTENT = 205;
const HTTP_PARTIAL_CONTENT = 206;
const HTTP_MULTI_STATUS = 207; // RFC4918
const HTTP_ALREADY_REPORTED = 208; // RFC5842
const HTTP_IM_USED = 226; // RFC3229
const HTTP_MULTIPLE_CHOICES = 300;
const HTTP_MOVED_PERMANENTLY = 301;
const HTTP_FOUND = 302;
const HTTP_SEE_OTHER = 303;
const HTTP_NOT_MODIFIED = 304;
const HTTP_USE_PROXY = 305;
const HTTP_RESERVED = 306;
const HTTP_TEMPORARY_REDIRECT = 307;
const HTTP_PERMANENTLY_REDIRECT = 308; // RFC7238
const HTTP_BAD_REQUEST = 400;
const HTTP_UNAUTHORIZED = 401;
const HTTP_PAYMENT_REQUIRED = 402;
const HTTP_FORBIDDEN = 403;
const HTTP_NOT_FOUND = 404;
const HTTP_METHOD_NOT_ALLOWED = 405;
const HTTP_NOT_ACCEPTABLE = 406;
const HTTP_PROXY_AUTHENTICATION_REQUIRED = 407;
const HTTP_REQUEST_TIMEOUT = 408;
const HTTP_CONFLICT = 409;
const HTTP_GONE = 410;
const HTTP_LENGTH_REQUIRED = 411;
const HTTP_PRECONDITION_FAILED = 412;
const HTTP_REQUEST_ENTITY_TOO_LARGE = 413;
const HTTP_REQUEST_URI_TOO_LONG = 414;
const HTTP_UNSUPPORTED_MEDIA_TYPE = 415;
const HTTP_REQUESTED_RANGE_NOT_SATISFIABLE = 416;
const HTTP_EXPECTATION_FAILED = 417;
const HTTP_I_AM_A_TEAPOT = 418; // RFC2324
const HTTP_UNPROCESSABLE_ENTITY = 422; // RFC4918
const HTTP_LOCKED = 423; // RFC4918
const HTTP_FAILED_DEPENDENCY = 424; // RFC4918
const HTTP_RESERVED_FOR_WEBDAV_ADVANCED_COLLECTIONS_EXPIRED_PROPOSAL = 425; // RFC2817
const HTTP_UPGRADE_REQUIRED = 426; // RFC2817
const HTTP_PRECONDITION_REQUIRED = 428; // RFC6585
const HTTP_TOO_MANY_REQUESTS = 429; // RFC6585
const HTTP_REQUEST_HEADER_FIELDS_TOO_LARGE = 431; // RFC6585
const HTTP_INTERNAL_SERVER_ERROR = 500;
const HTTP_NOT_IMPLEMENTED = 501;
const HTTP_BAD_GATEWAY = 502;
const HTTP_SERVICE_UNAVAILABLE = 503;
const HTTP_GATEWAY_TIMEOUT = 504;
const HTTP_VERSION_NOT_SUPPORTED = 505;
const HTTP_VARIANT_ALSO_NEGOTIATES_EXPERIMENTAL = 506; // RFC2295
const HTTP_INSUFFICIENT_STORAGE = 507; // RFC4918
const HTTP_LOOP_DETECTED = 508; // RFC5842
const HTTP_NOT_EXTENDED = 510; // RFC2774
const HTTP_NETWORK_AUTHENTICATION_REQUIRED = 511; // RFC6585
const HTTP_CONTINUE = 100;
const HTTP_SWITCHING_PROTOCOLS = 101;
const HTTP_PROCESSING = 102; // RFC2518
const HTTP_OK = 200;
const HTTP_CREATED = 201;
const HTTP_ACCEPTED = 202;
const HTTP_NON_AUTHORITATIVE_INFORMATION = 203;
const HTTP_NO_CONTENT = 204;
const HTTP_RESET_CONTENT = 205;
const HTTP_PARTIAL_CONTENT = 206;
const HTTP_MULTI_STATUS = 207; // RFC4918
const HTTP_ALREADY_REPORTED = 208; // RFC5842
const HTTP_IM_USED = 226; // RFC3229
const HTTP_MULTIPLE_CHOICES = 300;
const HTTP_MOVED_PERMANENTLY = 301;
const HTTP_FOUND = 302;
const HTTP_SEE_OTHER = 303;
const HTTP_NOT_MODIFIED = 304;
const HTTP_USE_PROXY = 305;
const HTTP_RESERVED = 306;
const HTTP_TEMPORARY_REDIRECT = 307;
const HTTP_PERMANENTLY_REDIRECT = 308; // RFC7238
const HTTP_BAD_REQUEST = 400;
const HTTP_UNAUTHORIZED = 401;
const HTTP_PAYMENT_REQUIRED = 402;
const HTTP_FORBIDDEN = 403;
const HTTP_NOT_FOUND = 404;
const HTTP_METHOD_NOT_ALLOWED = 405;
const HTTP_NOT_ACCEPTABLE = 406;
const HTTP_PROXY_AUTHENTICATION_REQUIRED = 407;
const HTTP_REQUEST_TIMEOUT = 408;
const HTTP_CONFLICT = 409;
const HTTP_GONE = 410;
const HTTP_LENGTH_REQUIRED = 411;
const HTTP_PRECONDITION_FAILED = 412;
const HTTP_REQUEST_ENTITY_TOO_LARGE = 413;
const HTTP_REQUEST_URI_TOO_LONG = 414;
const HTTP_UNSUPPORTED_MEDIA_TYPE = 415;
const HTTP_REQUESTED_RANGE_NOT_SATISFIABLE = 416;
const HTTP_EXPECTATION_FAILED = 417;
const HTTP_I_AM_A_TEAPOT = 418; // RFC2324
const HTTP_UNPROCESSABLE_ENTITY = 422; // RFC4918
const HTTP_LOCKED = 423; // RFC4918
const HTTP_FAILED_DEPENDENCY = 424; // RFC4918
const HTTP_RESERVED_FOR_WEBDAV_ADVANCED_COLLECTIONS_EXPIRED_PROPOSAL = 425; // RFC2817
const HTTP_UPGRADE_REQUIRED = 426; // RFC2817
const HTTP_PRECONDITION_REQUIRED = 428; // RFC6585
const HTTP_TOO_MANY_REQUESTS = 429; // RFC6585
const HTTP_REQUEST_HEADER_FIELDS_TOO_LARGE = 431; // RFC6585
const HTTP_INTERNAL_SERVER_ERROR = 500;
const HTTP_NOT_IMPLEMENTED = 501;
const HTTP_BAD_GATEWAY = 502;
const HTTP_SERVICE_UNAVAILABLE = 503;
const HTTP_GATEWAY_TIMEOUT = 504;
const HTTP_VERSION_NOT_SUPPORTED = 505;
const HTTP_VARIANT_ALSO_NEGOTIATES_EXPERIMENTAL = 506; // RFC2295
const HTTP_INSUFFICIENT_STORAGE = 507; // RFC4918
const HTTP_LOOP_DETECTED = 508; // RFC5842
const HTTP_NOT_EXTENDED = 510; // RFC2774
const HTTP_NETWORK_AUTHENTICATION_REQUIRED = 511; // RFC6585
/**
* Status codes translation table.
*
* The list of codes is complete according to the
* {@link http://www.iana.org/assignments/http-status-codes/ Hypertext Transfer Protocol (HTTP) Status Code Registry}
* (last updated 2012-02-13).
*
* Unless otherwise noted, the status code is defined in RFC2616.
*
* @var array
*/
public static $statusTexts = array(
100 => 'Continue',
101 => 'Switching Protocols',
102 => 'Processing', // RFC2518
200 => 'OK',
201 => 'Created',
202 => 'Accepted',
203 => 'Non-Authoritative Information',
204 => 'No Content',
205 => 'Reset Content',
206 => 'Partial Content',
207 => 'Multi-Status', // RFC4918
208 => 'Already Reported', // RFC5842
226 => 'IM Used', // RFC3229
300 => 'Multiple Choices',
301 => 'Moved Permanently',
302 => 'Found',
303 => 'See Other',
304 => 'Not Modified',
305 => 'Use Proxy',
306 => 'Reserved',
307 => 'Temporary Redirect',
308 => 'Permanent Redirect', // RFC7238
400 => 'Bad Request',
401 => 'Unauthorized',
402 => 'Payment Required',
403 => 'Forbidden',
404 => 'Not Found',
405 => 'Method Not Allowed',
406 => 'Not Acceptable',
407 => 'Proxy Authentication Required',
408 => 'Request Timeout',
409 => 'Conflict',
410 => 'Gone',
411 => 'Length Required',
412 => 'Precondition Failed',
413 => 'Request Entity Too Large',
414 => 'Request-URI Too Long',
415 => 'Unsupported Media Type',
416 => 'Requested Range Not Satisfiable',
417 => 'Expectation Failed',
418 => 'I\'m a teapot', // RFC2324
422 => 'Unprocessable Entity', // RFC4918
423 => 'Locked', // RFC4918
424 => 'Failed Dependency', // RFC4918
425 => 'Reserved for WebDAV advanced collections expired proposal', // RFC2817
426 => 'Upgrade Required', // RFC2817
428 => 'Precondition Required', // RFC6585
429 => 'Too Many Requests', // RFC6585
431 => 'Request Header Fields Too Large', // RFC6585
500 => 'Internal Server Error',
501 => 'Not Implemented',
502 => 'Bad Gateway',
503 => 'Service Unavailable',
504 => 'Gateway Timeout',
505 => 'HTTP Version Not Supported',
506 => 'Variant Also Negotiates (Experimental)', // RFC2295
507 => 'Insufficient Storage', // RFC4918
508 => 'Loop Detected', // RFC5842
510 => 'Not Extended', // RFC2774
511 => 'Network Authentication Required', // RFC6585
);
/**
* Status codes translation table.
*
* The list of codes is complete according to the
* {@link http://www.iana.org/assignments/http-status-codes/ Hypertext Transfer Protocol (HTTP) Status Code Registry}
* (last updated 2012-02-13).
*
* Unless otherwise noted, the status code is defined in RFC2616.
*
* @var array
*/
public static $statusTexts = array(
100 => 'Continue',
101 => 'Switching Protocols',
102 => 'Processing', // RFC2518
200 => 'OK',
201 => 'Created',
202 => 'Accepted',
203 => 'Non-Authoritative Information',
204 => 'No Content',
205 => 'Reset Content',
206 => 'Partial Content',
207 => 'Multi-Status', // RFC4918
208 => 'Already Reported', // RFC5842
226 => 'IM Used', // RFC3229
300 => 'Multiple Choices',
301 => 'Moved Permanently',
302 => 'Found',
303 => 'See Other',
304 => 'Not Modified',
305 => 'Use Proxy',
306 => 'Reserved',
307 => 'Temporary Redirect',
308 => 'Permanent Redirect', // RFC7238
400 => 'Bad Request',
401 => 'Unauthorized',
402 => 'Payment Required',
403 => 'Forbidden',
404 => 'Not Found',
405 => 'Method Not Allowed',
406 => 'Not Acceptable',
407 => 'Proxy Authentication Required',
408 => 'Request Timeout',
409 => 'Conflict',
410 => 'Gone',
411 => 'Length Required',
412 => 'Precondition Failed',
413 => 'Request Entity Too Large',
414 => 'Request-URI Too Long',
415 => 'Unsupported Media Type',
416 => 'Requested Range Not Satisfiable',
417 => 'Expectation Failed',
418 => 'I\'m a teapot', // RFC2324
422 => 'Unprocessable Entity', // RFC4918
423 => 'Locked', // RFC4918
424 => 'Failed Dependency', // RFC4918
425 => 'Reserved for WebDAV advanced collections expired proposal', // RFC2817
426 => 'Upgrade Required', // RFC2817
428 => 'Precondition Required', // RFC6585
429 => 'Too Many Requests', // RFC6585
431 => 'Request Header Fields Too Large', // RFC6585
500 => 'Internal Server Error',
501 => 'Not Implemented',
502 => 'Bad Gateway',
503 => 'Service Unavailable',
504 => 'Gateway Timeout',
505 => 'HTTP Version Not Supported',
506 => 'Variant Also Negotiates (Experimental)', // RFC2295
507 => 'Insufficient Storage', // RFC4918
508 => 'Loop Detected', // RFC5842
510 => 'Not Extended', // RFC2774
511 => 'Network Authentication Required', // RFC6585
);
/**
* @var string
*/
protected $content;
/**
* @var string
*/
protected $content;
/**
* @var int
*/
protected $statusCode;
/**
* @var int
*/
protected $statusCode;
/**
* @var string
*/
protected $statusText;
/**
* @var string
*/
protected $statusText;
/**
* @var array
*/
public $headers;
/**
* @var array
*/
public $headers;
/**
* @var string
*/
protected $version;
/**
* @var string
*/
protected $version;
/**
* Construct the response
*
* @param mixed $content
* @param int $statusCode
* @param array $headers
*/
public function __construct($content = '', $statusCode = 200, $headers = array())
{
$this->setContent($content);
$this->setStatusCode($statusCode);
$this->headers = $headers;
$this->version = '1.1';
}
/**
* Construct the response
*
* @param mixed $content
* @param int $statusCode
* @param array $headers
*/
public function __construct($content = '', $statusCode = 200, $headers = array())
{
$this->setContent($content);
$this->setStatusCode($statusCode);
$this->headers = $headers;
$this->version = '1.1';
}
/**
* Set the content on the response.
*
* @param mixed $content
* @return $this
*/
public function setContent($content)
{
if ($content instanceof ArrayObject || is_array($content))
{
$this->headers['Content-Type'] = array('application/json');
/**
* Set the content on the response.
*
* @param mixed $content
* @return $this
*/
public function setContent($content)
{
if ($content instanceof ArrayObject || is_array($content))
{
$this->headers['Content-Type'] = array('application/json');
$content = json_encode($content);
}
$content = json_encode($content);
}
$this->content = $content;
}
$this->content = $content;
}
/**
* Returns the Response as an HTTP string.
*
* The string representation of the Response is the same as the
* one that will be sent to the client only if the prepare() method
* has been called before.
*
* @return string The Response as an HTTP string
*
* @see prepare()
*/
public function __toString()
{
return
sprintf('HTTP/%s %s %s', $this->version, $this->statusCode, $this->statusText)."\r\n".
$this->headers."\r\n".
$this->getContent();
}
/**
* Returns the Response as an HTTP string.
*
* The string representation of the Response is the same as the
* one that will be sent to the client only if the prepare() method
* has been called before.
*
* @return string The Response as an HTTP string
*
* @see prepare()
*/
public function __toString()
{
return
sprintf('HTTP/%s %s %s', $this->version, $this->statusCode, $this->statusText)."\r\n".
$this->headers."\r\n".
$this->getContent();
}
/**
* Sets the response status code.
*
* @param int $code HTTP status code
* @param mixed $text HTTP status text
*
* If the status text is null it will be automatically populated for the known
* status codes and left empty otherwise.
*
* @return Response
*
* @throws \InvalidArgumentException When the HTTP status code is not valid
*
* @api
*/
public function setStatusCode($code, $text = null)
{
$this->statusCode = $code = (int) $code;
if ($this->isInvalid()) {
throw new InvalidArgumentException(sprintf('The HTTP status code "%s" is not valid.', $code));
}
/**
* Sets the response status code.
*
* @param int $code HTTP status code
* @param mixed $text HTTP status text
*
* If the status text is null it will be automatically populated for the known
* status codes and left empty otherwise.
*
* @return Response
*
* @throws \InvalidArgumentException When the HTTP status code is not valid
*
* @api
*/
public function setStatusCode($code, $text = null)
{
$this->statusCode = $code = (int) $code;
if ($this->isInvalid()) {
throw new InvalidArgumentException(sprintf('The HTTP status code "%s" is not valid.', $code));
}
if (null === $text) {
$this->statusText = isset(self::$statusTexts[$code]) ? self::$statusTexts[$code] : '';
if (null === $text) {
$this->statusText = isset(self::$statusTexts[$code]) ? self::$statusTexts[$code] : '';
return $this;
}
return $this;
}
if (false === $text) {
$this->statusText = '';
if (false === $text) {
$this->statusText = '';
return $this;
}
return $this;
}
$this->statusText = $text;
$this->statusText = $text;
return $this;
}
return $this;
}
// http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html
/**
* Is response invalid?
*
* @return bool
*
* @api
*/
public function isInvalid()
{
return $this->statusCode < 100 || $this->statusCode >= 600;
}
// http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html
/**
* Is response invalid?
*
* @return bool
*
* @api
*/
public function isInvalid()
{
return $this->statusCode < 100 || $this->statusCode >= 600;
}
/**
* Set a header on the Response.
*
* @param string $key
* @param string $value
* @param bool $replace
* @return $this
*/
public function header($key, $value, $replace = true)
{
if (empty($this->headers[$key]))
{
$this->headers[$key] = array();
}
if ($replace)
{
$this->headers[$key] = array($value);
}
else
{
$this->headers[$key][] = $value;
}
/**
* Set a header on the Response.
*
* @param string $key
* @param string $value
* @param bool $replace
* @return $this
*/
public function header($key, $value, $replace = true)
{
if (empty($this->headers[$key]))
{
$this->headers[$key] = array();
}
if ($replace)
{
$this->headers[$key] = array($value);
}
else
{
$this->headers[$key][] = $value;
}
return $this;
}
return $this;
}
/**
* Sends HTTP headers and content.
*
* @return Response
*
* @api
*/
public function send()
{
$this->sendHeaders();
$this->sendContent();
/**
* Sends HTTP headers and content.
*
* @return Response
*
* @api
*/
public function send()
{
$this->sendHeaders();
$this->sendContent();
if (function_exists('fastcgi_finish_request')) {
fastcgi_finish_request();
}
if (function_exists('fastcgi_finish_request')) {
fastcgi_finish_request();
}
return $this;
}
return $this;
}
/**
* Sends content for the current web response.
*
* @return Response
*/
public function sendContent()
{
echo $this->content;
/**
* Sends content for the current web response.
*
* @return Response
*/
public function sendContent()
{
echo $this->content;
return $this;
}
return $this;
}
/**
* Sends HTTP headers.
*
* @return Response
*/
public function sendHeaders()
{
// headers have already been sent by the developer
if (headers_sent()) {
return $this;
}
/**
* Sends HTTP headers.
*
* @return Response
*/
public function sendHeaders()
{
// headers have already been sent by the developer
if (headers_sent()) {
return $this;
}
// status
header(sprintf('HTTP/%s %s %s', $this->version, $this->statusCode, $this->statusText), true, $this->statusCode);
// status
header(sprintf('HTTP/%s %s %s', $this->version, $this->statusCode, $this->statusText), true, $this->statusCode);
// headers
foreach ($this->headers as $name => $values) {
if (is_array($values))
{
foreach ($values as $value)
{
header($name . ': ' . $value, false, $this->statusCode);
}
}
else
{
header($name . ': ' . $values, false, $this->statusCode);
}
}
// headers
foreach ($this->headers as $name => $values) {
if (is_array($values))
{
foreach ($values as $value)
{
header($name . ': ' . $value, false, $this->statusCode);
}
}
else
{
header($name . ': ' . $values, false, $this->statusCode);
}
}
return $this;
}
return $this;
}
}

View File

@ -0,0 +1,75 @@
<?php
/**
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License
*
* This code was originally taken from:
* https://github.com/ktomk/Miscellaneous/blob/master/get_png_imageinfo/get_png_imageinfo.php
* It has been modified to fix bugs and improve code formatting
*
* Get image-information from PNG file
*
* php's getimagesize does not support additional image information
* from PNG files like channels or bits.
*
* get_png_imageinfo() can be used to obtain this information
* from PNG files.
*
* @author Tom Klingenberg <lastflood.net>
* @license Apache 2.0
* @link https://github.com/ktomk/Miscellaneous/blob/master/get_png_imageinfo/get_png_imageinfo.php
* @link http://www.libpng.org/pub/png/spec/iso/index-object.html#11IHDR
*
* @param string $file filename
* @return array|bool image information, FALSE on error
*/
function get_png_imageinfo($file) {
if (! is_file($file)) {
return false;
}
$info = unpack(
'a8sig/Nchunksize/A4chunktype/Nwidth/Nheight/Cbit-depth/Ccolor/Ccompression/Cfilter/Cinterface',
file_get_contents($file, 0, null, 0, 29)
);
if (empty($info)) {
return false;
}
if ("\x89\x50\x4E\x47\x0D\x0A\x1A\x0A" != array_shift($info)) {
return false; // no PNG signature
}
if (13 != array_shift($info)) {
return false; // wrong length for IHDR chunk
}
if ('IHDR'!==array_shift($info)) {
return false; // a non-IHDR chunk singals invalid data
}
$color = $info['color'];
$type = array(
0 => 'Greyscale',
2 => 'Truecolour',
3 => 'Indexed-colour',
4 => 'Greyscale with alpha',
6 => 'Truecolour with alpha'
);
if (empty($type[$color])) {
return false; // invalid color value
}
$info['color-type'] = $type[$color];
$samples = ((($color % 4) % 3) ? 3 : 1) + ($color > 3 ? 1 : 0);
$info['channels'] = $samples;
$info['bits'] = $info['bit-depth'];
return $info;
}

View File

@ -1,249 +1,252 @@
<?php
$mime_types = array(
"application/postscript" => "ps",
"audio/x-aiff" => "aiff",
"text/plain" => "txt",
"video/x-ms-asf" => "asx",
"audio/basic" => "snd",
"video/x-msvideo" => "avi",
"application/x-bcpio" => "bcpio",
"application/octet-stream" => "so",
"image/bmp" => "bmp",
"application/x-rar" => "rar",
"application/x-bzip2" => "bz2",
"application/x-netcdf" => "nc",
"application/x-kchart" => "chrt",
"application/x-cpio" => "cpio",
"application/mac-compactpro" => "cpt",
"application/x-csh" => "csh",
"text/css" => "css",
"application/x-director" => "dxr",
"image/vnd.djvu" => "djvu",
"application/x-dvi" => "dvi",
"image/vnd.dwg" => "dwg",
"application/epub" => "epub",
"application/epub+zip" => "epub",
"text/x-setext" => "etx",
"application/andrew-inset" => "ez",
"video/x-flv" => "flv",
"image/gif" => "gif",
"application/x-gtar" => "gtar",
"application/x-gzip" => "tgz",
"application/x-hdf" => "hdf",
"application/mac-binhex40" => "hqx",
"text/html" => "html",
"text/htm" => "htm",
"x-conference/x-cooltalk" => "ice",
"image/ief" => "ief",
"model/iges" => "igs",
"text/vnd.sun.j2me.app-descriptor" => "jad",
"application/x-java-archive" => "jar",
"application/x-java-jnlp-file" => "jnlp",
"image/jpeg" => "jpg",
"application/x-javascript" => "js",
"audio/midi" => "midi",
"application/x-killustrator" => "kil",
"application/x-kpresenter" => "kpt",
"application/x-kspread" => "ksp",
"application/x-kword" => "kwt",
"application/vnd.google-earth.kml+xml" => "kml",
"application/vnd.google-earth.kmz" => "kmz",
"application/x-latex" => "latex",
"audio/x-mpegurl" => "m3u",
"application/x-troff-man" => "man",
"application/x-troff-me" => "me",
"model/mesh" => "silo",
"application/vnd.mif" => "mif",
"video/quicktime" => "mov",
"video/x-sgi-movie" => "movie",
"audio/mpeg" => "mp3",
"video/mp4" => "mp4",
"video/mpeg" => "mpeg",
"application/x-troff-ms" => "ms",
"video/vnd.mpegurl" => "mxu",
"application/vnd.oasis.opendocument.database" => "odb",
"application/vnd.oasis.opendocument.chart" => "odc",
"application/vnd.oasis.opendocument.formula" => "odf",
"application/vnd.oasis.opendocument.graphics" => "odg",
"application/vnd.oasis.opendocument.image" => "odi",
"application/vnd.oasis.opendocument.text-master" => "odm",
"application/vnd.oasis.opendocument.presentation" => "odp",
"application/vnd.oasis.opendocument.spreadsheet" => "ods",
"application/vnd.oasis.opendocument.text" => "odt",
"application/ogg" => "ogg",
"video/ogg" => "ogv",
"application/vnd.oasis.opendocument.graphics-template" => "otg",
"application/vnd.oasis.opendocument.text-web" => "oth",
"application/vnd.oasis.opendocument.presentation-template" => "otp",
"application/vnd.oasis.opendocument.spreadsheet-template" => "ots",
"application/vnd.oasis.opendocument.text-template" => "ott",
"image/x-portable-bitmap" => "pbm",
"chemical/x-pdb" => "pdb",
"application/pdf" => "pdf",
"image/x-portable-graymap" => "pgm",
"application/x-chess-pgn" => "pgn",
"text/x-php" => "php",
"image/png" => "png",
"image/x-portable-anymap" => "pnm",
"image/x-portable-pixmap" => "ppm",
"application/vnd.ms-powerpoint" => "ppt",
"audio/x-realaudio" => "ra",
"audio/x-pn-realaudio" => "rm",
"image/x-cmu-raster" => "ras",
"image/x-rgb" => "rgb",
"application/x-troff" => "tr",
"application/x-rpm" => "rpm",
"text/rtf" => "rtf",
"text/richtext" => "rtx",
"text/sgml" => "sgml",
"application/x-sh" => "sh",
"application/x-shar" => "shar",
"application/vnd.symbian.install" => "sis",
"application/x-stuffit" => "sit",
"application/x-koan" => "skt",
"application/smil" => "smil",
"image/svg+xml" => "svg",
"application/x-futuresplash" => "spl",
"application/x-wais-source" => "src",
"application/vnd.sun.xml.calc.template" => "stc",
"application/vnd.sun.xml.draw.template" => "std",
"application/vnd.sun.xml.impress.template" => "sti",
"application/vnd.sun.xml.writer.template" => "stw",
"application/x-sv4cpio" => "sv4cpio",
"application/x-sv4crc" => "sv4crc",
"application/x-shockwave-flash" => "swf",
"application/vnd.sun.xml.calc" => "sxc",
"application/vnd.sun.xml.draw" => "sxd",
"application/vnd.sun.xml.writer.global" => "sxg",
"application/vnd.sun.xml.impress" => "sxi",
"application/vnd.sun.xml.math" => "sxm",
"application/vnd.sun.xml.writer" => "sxw",
"application/x-tar" => "tar",
"application/x-tcl" => "tcl",
"application/x-tex" => "tex",
"application/x-texinfo" => "texinfo",
"image/tiff" => "tiff",
"image/tiff-fx" => "tiff",
"application/x-bittorrent" => "torrent",
"text/tab-separated-values" => "tsv",
"application/x-ustar" => "ustar",
"application/x-cdlink" => "vcd",
"model/vrml" => "wrl",
"audio/x-wav" => "wav",
"audio/x-ms-wax" => "wax",
"image/vnd.wap.wbmp" => "wbmp",
"application/vnd.wap.wbxml" => "wbxml",
"video/x-ms-wm" => "wm",
"audio/x-ms-wma" => "wma",
"text/vnd.wap.wml" => "wml",
"application/vnd.wap.wmlc" => "wmlc",
"text/vnd.wap.wmlscript" => "wmls",
"application/vnd.wap.wmlscriptc" => "wmlsc",
"video/x-ms-wmv" => "wmv",
"video/x-ms-wmx" => "wmx",
"video/x-ms-wvx" => "wvx",
"image/x-xbitmap" => "xbm",
"application/xhtml+xml" => "xhtml",
"application/xml" => "xml",
"image/x-xpixmap" => "xpm",
"text/xsl" => "xsl",
"image/x-xwindowdump" => "xwd",
"chemical/x-xyz" => "xyz",
"application/zip" => "zip",
"application/msword" => "doc",
"application/vnd.openxmlformats-officedocument.wordprocessingml.document" => "docx",
"application/vnd.openxmlformats-officedocument.wordprocessingml.template" => "dotx",
"application/vnd.ms-word.document.macroEnabled.12" => "docm",
"application/vnd.ms-excel" => "xls",
"application/vnd.openxmlformats-officedocument.spreadsheetml.sheet" => "xlsx",
"application/vnd.openxmlformats-officedocument.spreadsheetml.template" => "xltx",
"application/vnd.ms-excel.sheet.macroEnabled.12" => "xlsm",
"application/vnd.ms-excel.template.macroEnabled.12" => "xltm",
"application/vnd.ms-excel.addin.macroEnabled.12" => "xlam",
"application/vnd.ms-excel.sheet.binary.macroEnabled.12" => "xlsb",
"application/vnd.openxmlformats-officedocument.presentationml.presentation" => "pptx",
"application/vnd.openxmlformats-officedocument.presentationml.template" => "potx",
"application/vnd.openxmlformats-officedocument.presentationml.slideshow" => "ppsx",
"application/vnd.ms-powerpoint.addin.macroEnabled.12" => "ppam",
"application/vnd.ms-powerpoint.presentation.macroEnabled.12" => "pptm",
"application/vnd.ms-powerpoint.template.macroEnabled.12" => "potm",
"application/vnd.ms-powerpoint.slideshow.macroEnabled.12" => "ppsm",
"application/postscript" => "ps",
"audio/x-aiff" => "aiff",
"text/plain" => "txt",
"video/x-ms-asf" => "asx",
"audio/basic" => "snd",
"video/x-msvideo" => "avi",
"application/x-bcpio" => "bcpio",
"application/octet-stream" => "so",
"image/bmp" => "bmp",
"application/x-rar" => "rar",
"application/x-bzip2" => "bz2",
"application/x-netcdf" => "nc",
"application/x-kchart" => "chrt",
"application/x-cpio" => "cpio",
"application/mac-compactpro" => "cpt",
"application/x-csh" => "csh",
"text/css" => "css",
"text/csv" => "csv",
"application/x-director" => "dxr",
"image/vnd.djvu" => "djvu",
"application/x-dvi" => "dvi",
"image/vnd.dwg" => "dwg",
"application/epub" => "epub",
"application/epub+zip" => "epub",
"text/x-setext" => "etx",
"application/andrew-inset" => "ez",
"video/x-flv" => "flv",
"image/gif" => "gif",
"application/x-gtar" => "gtar",
"application/x-gzip" => "tgz",
"application/x-hdf" => "hdf",
"application/mac-binhex40" => "hqx",
"text/html" => "html",
"text/htm" => "htm",
"x-conference/x-cooltalk" => "ice",
"image/ief" => "ief",
"model/iges" => "igs",
"text/vnd.sun.j2me.app-descriptor" => "jad",
"application/x-java-archive" => "jar",
"application/x-java-jnlp-file" => "jnlp",
"image/jpeg" => "jpg",
"application/x-javascript" => "js",
"audio/midi" => "midi",
"application/x-killustrator" => "kil",
"application/x-kpresenter" => "kpt",
"application/x-kspread" => "ksp",
"application/x-kword" => "kwt",
"application/vnd.google-earth.kml+xml" => "kml",
"application/vnd.google-earth.kmz" => "kmz",
"application/x-latex" => "latex",
"audio/x-mpegurl" => "m3u",
"application/x-troff-man" => "man",
"application/x-troff-me" => "me",
"model/mesh" => "silo",
"application/vnd.mif" => "mif",
"video/quicktime" => "mov",
"video/x-sgi-movie" => "movie",
"audio/mpeg" => "mp3",
"video/mp4" => "mp4",
"video/mpeg" => "mpeg",
"application/x-troff-ms" => "ms",
"video/vnd.mpegurl" => "mxu",
"application/vnd.oasis.opendocument.database" => "odb",
"application/vnd.oasis.opendocument.chart" => "odc",
"application/vnd.oasis.opendocument.formula" => "odf",
"application/vnd.oasis.opendocument.graphics" => "odg",
"application/vnd.oasis.opendocument.image" => "odi",
"application/vnd.oasis.opendocument.text-master" => "odm",
"application/vnd.oasis.opendocument.presentation" => "odp",
"application/vnd.oasis.opendocument.spreadsheet" => "ods",
"application/vnd.oasis.opendocument.text" => "odt",
"application/ogg" => "ogg",
"video/ogg" => "ogv",
"application/vnd.oasis.opendocument.graphics-template" => "otg",
"application/vnd.oasis.opendocument.text-web" => "oth",
"application/vnd.oasis.opendocument.presentation-template" => "otp",
"application/vnd.oasis.opendocument.spreadsheet-template" => "ots",
"application/vnd.oasis.opendocument.text-template" => "ott",
"image/x-portable-bitmap" => "pbm",
"chemical/x-pdb" => "pdb",
"application/pdf" => "pdf",
"image/x-portable-graymap" => "pgm",
"application/x-chess-pgn" => "pgn",
"text/x-php" => "php",
"image/png" => "png",
"image/x-portable-anymap" => "pnm",
"image/x-portable-pixmap" => "ppm",
"application/vnd.ms-powerpoint" => "ppt",
"audio/x-realaudio" => "ra",
"audio/x-pn-realaudio" => "rm",
"image/x-cmu-raster" => "ras",
"image/x-rgb" => "rgb",
"application/x-troff" => "tr",
"application/x-rpm" => "rpm",
"text/rtf" => "rtf",
"text/richtext" => "rtx",
"text/sgml" => "sgml",
"application/x-sh" => "sh",
"application/x-shar" => "shar",
"application/vnd.symbian.install" => "sis",
"application/x-stuffit" => "sit",
"application/x-koan" => "skt",
"application/smil" => "smil",
"image/svg+xml" => "svg",
"application/x-futuresplash" => "spl",
"application/x-wais-source" => "src",
"application/vnd.sun.xml.calc.template" => "stc",
"application/vnd.sun.xml.draw.template" => "std",
"application/vnd.sun.xml.impress.template" => "sti",
"application/vnd.sun.xml.writer.template" => "stw",
"application/x-sv4cpio" => "sv4cpio",
"application/x-sv4crc" => "sv4crc",
"application/x-shockwave-flash" => "swf",
"application/vnd.sun.xml.calc" => "sxc",
"application/vnd.sun.xml.draw" => "sxd",
"application/vnd.sun.xml.writer.global" => "sxg",
"application/vnd.sun.xml.impress" => "sxi",
"application/vnd.sun.xml.math" => "sxm",
"application/vnd.sun.xml.writer" => "sxw",
"application/x-tar" => "tar",
"application/x-tcl" => "tcl",
"application/x-tex" => "tex",
"application/x-texinfo" => "texinfo",
"image/tiff" => "tiff",
"image/tiff-fx" => "tiff",
"application/x-bittorrent" => "torrent",
"text/tab-separated-values" => "tsv",
"application/x-ustar" => "ustar",
"application/x-cdlink" => "vcd",
"model/vrml" => "wrl",
"audio/x-wav" => "wav",
"audio/x-ms-wax" => "wax",
"image/vnd.wap.wbmp" => "wbmp",
"application/vnd.wap.wbxml" => "wbxml",
"video/webm" => "webm",
"image/webp" => "webp",
"video/x-ms-wm" => "wm",
"audio/x-ms-wma" => "wma",
"text/vnd.wap.wml" => "wml",
"application/vnd.wap.wmlc" => "wmlc",
"text/vnd.wap.wmlscript" => "wmls",
"application/vnd.wap.wmlscriptc" => "wmlsc",
"video/x-ms-wmv" => "wmv",
"video/x-ms-wmx" => "wmx",
"video/x-ms-wvx" => "wvx",
"image/x-xbitmap" => "xbm",
"application/xhtml+xml" => "xhtml",
"application/xml" => "xml",
"image/x-xpixmap" => "xpm",
"text/xsl" => "xsl",
"image/x-xwindowdump" => "xwd",
"chemical/x-xyz" => "xyz",
"application/zip" => "zip",
"application/msword" => "doc",
"application/vnd.openxmlformats-officedocument.wordprocessingml.document" => "docx",
"application/vnd.openxmlformats-officedocument.wordprocessingml.template" => "dotx",
"application/vnd.ms-word.document.macroEnabled.12" => "docm",
"application/vnd.ms-excel" => "xls",
"application/vnd.openxmlformats-officedocument.spreadsheetml.sheet" => "xlsx",
"application/vnd.openxmlformats-officedocument.spreadsheetml.template" => "xltx",
"application/vnd.ms-excel.sheet.macroEnabled.12" => "xlsm",
"application/vnd.ms-excel.template.macroEnabled.12" => "xltm",
"application/vnd.ms-excel.addin.macroEnabled.12" => "xlam",
"application/vnd.ms-excel.sheet.binary.macroEnabled.12" => "xlsb",
"application/vnd.openxmlformats-officedocument.presentationml.presentation" => "pptx",
"application/vnd.openxmlformats-officedocument.presentationml.template" => "potx",
"application/vnd.openxmlformats-officedocument.presentationml.slideshow" => "ppsx",
"application/vnd.ms-powerpoint.addin.macroEnabled.12" => "ppam",
"application/vnd.ms-powerpoint.presentation.macroEnabled.12" => "pptm",
"application/vnd.ms-powerpoint.template.macroEnabled.12" => "potm",
"application/vnd.ms-powerpoint.slideshow.macroEnabled.12" => "ppsm",
);
if ( ! function_exists('get_extension_from_mime'))
{
function get_extension_from_mime($mime){
global $mime_types;
if(strpos($mime, ';')!==FALSE){
$mime = substr($mime, 0,strpos($mime, ';'));
}
if(isset($mime_types[$mime])){
return $mime_types[$mime];
}
return '';
}
function get_extension_from_mime($mime){
global $mime_types;
if(strpos($mime, ';')!==FALSE){
$mime = substr($mime, 0,strpos($mime, ';'));
}
if(isset($mime_types[$mime])){
return $mime_types[$mime];
}
return '';
}
}
if ( ! function_exists('get_file_mime_type'))
{
function get_file_mime_type($filename, $debug = false)
{
if (function_exists('finfo_open') && function_exists('finfo_file') && function_exists('finfo_close'))
{
$fileinfo = finfo_open(FILEINFO_MIME_TYPE);
$mime_type = finfo_file($fileinfo, $filename);
finfo_close($fileinfo);
function get_file_mime_type($filename, $debug = false)
{
if (function_exists('finfo_open') && function_exists('finfo_file') && function_exists('finfo_close'))
{
$fileinfo = finfo_open(FILEINFO_MIME_TYPE);
$mime_type = finfo_file($fileinfo, $filename);
finfo_close($fileinfo);
if ( ! empty($mime_type))
{
if (true === $debug)
{
return array( 'mime_type' => $mime_type, 'method' => 'fileinfo' );
}
if ( ! empty($mime_type))
{
if (true === $debug)
{
return array( 'mime_type' => $mime_type, 'method' => 'fileinfo' );
}
return $mime_type;
}
}
return $mime_type;
}
}
if (function_exists('mime_content_type'))
{
$mime_type = mime_content_type($filename);
if (function_exists('mime_content_type'))
{
$mime_type = mime_content_type($filename);
if ( ! empty($mime_type))
{
if (true === $debug)
{
return array( 'mime_type' => $mime_type, 'method' => 'mime_content_type' );
}
if ( ! empty($mime_type))
{
if (true === $debug)
{
return array( 'mime_type' => $mime_type, 'method' => 'mime_content_type' );
}
return $mime_type;
}
}
return $mime_type;
}
}
global $mime_types;
$mime_types = array_flip($mime_types);
global $mime_types;
$mime_types = array_flip($mime_types);
$tmp_array = explode('.', $filename);
$ext = strtolower(array_pop($tmp_array));
$tmp_array = explode('.', $filename);
$ext = strtolower(array_pop($tmp_array));
if ( ! empty($mime_types[ $ext ]))
{
if (true === $debug)
{
return array( 'mime_type' => $mime_types[ $ext ], 'method' => 'from_array' );
}
if ( ! empty($mime_types[ $ext ]))
{
if (true === $debug)
{
return array( 'mime_type' => $mime_types[ $ext ], 'method' => 'from_array' );
}
return $mime_types[ $ext ];
}
return $mime_types[ $ext ];
}
if (true === $debug)
{
return array( 'mime_type' => 'application/octet-stream', 'method' => 'last_resort' );
}
if (true === $debug)
{
return array( 'mime_type' => 'application/octet-stream', 'method' => 'last_resort' );
}
return 'application/octet-stream';
}
return 'application/octet-stream';
}
}

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

View File

@ -50,8 +50,21 @@ try {
$cycle = false;
}
if (file_exists($path . "config.php")) {
$configMain = $config;
$configTemp = include $path . 'config.php';
$config = array_merge($config, $configTemp);
if(is_array($configTemp) && count($configTemp) > 0){
$config = array_merge($configMain, $configTemp);
$config['ext'] = array_merge(
$config['ext_img'],
$config['ext_file'],
$config['ext_misc'],
$config['ext_video'],
$config['ext_music']
);
}
else{
$config = $configMain;
}
//TODO switch to array
$cycle = false;
}
@ -63,35 +76,36 @@ try {
if (trans("Upload_error_messages") !== "Upload_error_messages") {
$messages = trans("Upload_error_messages");
}
if ($config['url_upload']) {
// make sure the length is limited to avoid DOS attacks
if (isset($_POST['url']) && strlen($_POST['url']) < 2000) {
$url = $_POST['url'];
$urlPattern = '/^(https?:\/\/)?([\da-z\.-]+\.[a-z\.]{2,6}|[\d\.]+)([\/?=&#]{1}[\da-z\.-]+)*[\/\?]?$/i';
// make sure the length is limited to avoid DOS attacks
if (isset($_POST['url']) && strlen($_POST['url']) < 2000) {
$url = $_POST['url'];
$urlPattern = '/^(https?:\/\/)?([\da-z\.-]+\.[a-z\.]{2,6}|[\d\.]+)([\/?=&#]{1}[\da-z\.-]+)*[\/\?]?$/i';
if (preg_match($urlPattern, $url)) {
$temp = tempnam('/tmp', 'RF');
if (preg_match($urlPattern, $url)) {
$temp = tempnam('/tmp','RF');
$ch = curl_init($url);
$fp = fopen($temp, 'wb');
curl_setopt($ch, CURLOPT_FILE, $fp);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_exec($ch);
if (curl_errno($ch)) {
$ch = curl_init($url);
$fp = fopen($temp, 'wb');
curl_setopt($ch, CURLOPT_FILE, $fp);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_exec($ch);
if (curl_errno($ch)) {
curl_close($ch);
throw new Exception('Invalid URL');
}
curl_close($ch);
throw new Exception('Invalid URL');
}
curl_close($ch);
fclose($fp);
fclose($fp);
$_FILES['files'] = array(
'name' => array(basename($_POST['url'])),
'tmp_name' => array($temp),
'size' => array(filesize($temp)),
'type' => null
);
} else {
throw new Exception('Is not a valid URL.');
$_FILES['files'] = array(
'name' => array(basename($_POST['url'])),
'tmp_name' => array($temp),
'size' => array(filesize($temp)),
'type' => null
);
} else {
throw new Exception('Is not a valid URL.');
}
}
}

View File

@ -17,6 +17,9 @@
/**
* Initialisation de Zwii
*/
// Remplace la directive htaccess
ini_set('session.use_trans_sid', FALSE);
// Démarre la session
session_start();
/**

3
module/.htaccess Normal file
View File

@ -0,0 +1,3 @@
# Bloque l'accès à la librairie
Order deny,allow
Deny from all