forked from ZwiiCMS-Team/ZwiiCMS
[9.2.14] mise à jour rfm
This commit is contained in:
parent
c26436efc7
commit
8dc8577244
@ -1,5 +1,9 @@
|
||||
# Changelog
|
||||
|
||||
## version 9.2.14
|
||||
- Mise à jour :
|
||||
- Script d'upload du gestionnaire de fichiers
|
||||
|
||||
## version 9.2.13
|
||||
- Corrections
|
||||
- Gestionnaire de fichiers, modifications des paramètres des miniatures.
|
||||
|
@ -33,7 +33,7 @@ class common {
|
||||
const TEMP_DIR = 'site/tmp/';
|
||||
|
||||
// Numéro de version
|
||||
const ZWII_VERSION = '9.2.13';
|
||||
const ZWII_VERSION = '9.2.14';
|
||||
|
||||
public static $actions = [];
|
||||
public static $coreModuleIds = [
|
||||
|
170
core/vendor/filemanager/UploadHandler.php
vendored
170
core/vendor/filemanager/UploadHandler.php
vendored
@ -38,6 +38,10 @@ class UploadHandler
|
||||
'image_resize' => 'Failed to resize image'
|
||||
);
|
||||
|
||||
const IMAGETYPE_GIF = 1;
|
||||
const IMAGETYPE_JPEG = 2;
|
||||
const IMAGETYPE_PNG = 3;
|
||||
|
||||
protected $image_objects = array();
|
||||
|
||||
public function __construct($options = null, $initialize = true, $error_messages = null) {
|
||||
@ -48,7 +52,7 @@ class UploadHandler
|
||||
'upload_url' => $this->get_full_url().'/files/',
|
||||
'input_stream' => 'php://input',
|
||||
'user_dirs' => false,
|
||||
'mkdir_mode' => 0777,
|
||||
'mkdir_mode' => 0755,
|
||||
'param_name' => 'files',
|
||||
// Set the following option to 'POST', if your server does not support
|
||||
// DELETE requests. This is a parameter sent to the client:
|
||||
@ -86,21 +90,36 @@ class UploadHandler
|
||||
'download_via_php' => false,
|
||||
// Read files in chunks to avoid memory limits when download_via_php
|
||||
// is enabled, set to 0 to disable chunked reading of files:
|
||||
'readfile_chunk_size' => 2 * 1024 * 1024, // 10 MiB
|
||||
'readfile_chunk_size' => 10 * 1024 * 1024, // 10 MiB
|
||||
// Defines which files can be displayed inline when downloaded:
|
||||
'inline_file_types' => '/\.(gif|jpe?g|png)$/i',
|
||||
// Defines which files (based on their names) are accepted for upload:
|
||||
'accept_file_types' => '/.+$/i',
|
||||
// Defines which files (based on their names) are accepted for upload.
|
||||
// By default, only allows file uploads with image file extensions.
|
||||
// Only change this setting after making sure that any allowed file
|
||||
// types cannot be executed by the webserver in the files directory,
|
||||
// e.g. PHP scripts, nor executed by the browser when downloaded,
|
||||
// e.g. HTML files with embedded JavaScript code.
|
||||
// Please also read the SECURITY.md document in this repository.
|
||||
'accept_file_types' => '/\.(gif|jpe?g|png)$/i',
|
||||
// Replaces dots in filenames with the given string.
|
||||
// Can be disabled by setting it to false or an empty string.
|
||||
// Note that this is a security feature for servers that support
|
||||
// multiple file extensions, e.g. the Apache AddHandler Directive:
|
||||
// https://httpd.apache.org/docs/current/mod/mod_mime.html#addhandler
|
||||
// Before disabling it, make sure that files uploaded with multiple
|
||||
// extensions cannot be executed by the webserver, e.g.
|
||||
// "example.php.png" with embedded PHP code, nor executed by the
|
||||
// browser when downloaded, e.g. "example.html.gif" with embedded
|
||||
// JavaScript code.
|
||||
'replace_dots_in_filenames' => '-',
|
||||
// The php.ini settings upload_max_filesize and post_max_size
|
||||
// take precedence over the following max_file_size setting:
|
||||
'max_file_size' => null,
|
||||
'min_file_size' => 1,
|
||||
// The maximum number of files for the upload directory:
|
||||
'max_number_of_files' => null,
|
||||
// Defines which files are handled as image files:
|
||||
'image_file_types' => '/\.(gif|jpe?g|png)$/i',
|
||||
// Use exif_imagetype on all files to correct file extensions:
|
||||
'correct_image_extensions' => true,
|
||||
// Reads first file bytes to identify and correct file extensions:
|
||||
'correct_image_extensions' => false,
|
||||
// Image resolution restrictions:
|
||||
'max_width' => null,
|
||||
'max_height' => null,
|
||||
@ -131,33 +150,40 @@ class UploadHandler
|
||||
// Command or path for to the ImageMagick identify binary:
|
||||
'identify_bin' => 'identify',
|
||||
'image_versions' => array(
|
||||
// The empty image version key defines options for the original image:
|
||||
// Keep in mind that these options are inherited by all other image versions!
|
||||
// The empty image version key defines options for the original image.
|
||||
// Keep in mind: these image manipulations are inherited by all other image versions from this point onwards.
|
||||
// Also note that the property 'no_cache' is not inherited, since it's not a manipulation.
|
||||
'' => array(
|
||||
// Automatically rotate images based on EXIF meta data:
|
||||
'auto_orient' => true
|
||||
),
|
||||
// Uncomment the following to create medium sized images:
|
||||
// You can add arrays to generate different versions.
|
||||
// The name of the key is the name of the version (example: 'medium').
|
||||
// the array contains the options to apply.
|
||||
/*
|
||||
'medium' => array(
|
||||
'max_width' => 800,
|
||||
'max_height' => 600
|
||||
),
|
||||
'thumbnail' => array(
|
||||
*/
|
||||
//'thumbnail' => array(
|
||||
// Uncomment the following to use a defined directory for the thumbnails
|
||||
// instead of a subdirectory based on the version identifier.
|
||||
// Make sure that this directory doesn't allow execution of files if you
|
||||
// don't pose any restrictions on the type of uploaded files, e.g. by
|
||||
// copying the .htaccess file from the files directory for Apache:
|
||||
//'upload_dir' => dirname($this->get_server_var('SCRIPT_FILENAME')).'/thumb/',
|
||||
'upload_url' => $this->get_full_url().'/thumb/',
|
||||
//'upload_url' => $this->get_full_url().'/thumb/',
|
||||
// Uncomment the following to force the max
|
||||
// dimensions and e.g. create square thumbnails:
|
||||
'crop' => true,
|
||||
'max_width' => 80,
|
||||
'max_height' => 80
|
||||
)
|
||||
*/
|
||||
// 'auto_orient' => true,
|
||||
// 'crop' => true,
|
||||
// 'jpeg_quality' => 70,
|
||||
// 'no_cache' => true, (there's a caching option, but this remembers thumbnail sizes from a previous action!)
|
||||
// 'strip' => true, (this strips EXIF tags, such as geolocation)
|
||||
// 'max_width' => 80, // either specify width, or set to 0. Then width is automatically adjusted - keeping aspect ratio to a specified max_height.
|
||||
// 'max_height' => 80 // either specify height, or set to 0. Then height is automatically adjusted - keeping aspect ratio to a specified max_width.
|
||||
// )
|
||||
),
|
||||
'print_response' => true
|
||||
);
|
||||
@ -380,10 +406,6 @@ class UploadHandler
|
||||
$file->error = $this->get_error_message('accept_file_types');
|
||||
return false;
|
||||
}
|
||||
if (preg_match($this->options['image_file_types'], $file->name) && function_exists('exif_imagetype') && !@exif_imagetype($uploaded_file)) {
|
||||
$file->error = $this->get_error_message('accept_file_types');
|
||||
return false;
|
||||
}
|
||||
if ($uploaded_file && is_uploaded_file($uploaded_file)) {
|
||||
$file_size = $this->get_file_size($uploaded_file);
|
||||
} else {
|
||||
@ -413,9 +435,8 @@ class UploadHandler
|
||||
$min_width = @$this->options['min_width'];
|
||||
$min_height = @$this->options['min_height'];
|
||||
if (($max_width || $max_height || $min_width || $min_height)
|
||||
&& preg_match($this->options['image_file_types'], $file->name)) {
|
||||
&& $this->is_valid_image_file($uploaded_file)) {
|
||||
list($img_width, $img_height) = $this->get_image_size($uploaded_file);
|
||||
|
||||
// If we are auto rotating the image by default, do the checks on
|
||||
// the correct orientation
|
||||
if (
|
||||
@ -429,7 +450,6 @@ class UploadHandler
|
||||
$img_height = $tmp;
|
||||
unset($tmp);
|
||||
}
|
||||
|
||||
}
|
||||
if (!empty($img_width)) {
|
||||
if ($max_width && $img_width > $max_width) {
|
||||
@ -491,16 +511,15 @@ class UploadHandler
|
||||
preg_match('/^image\/(gif|jpe?g|png)/', $type, $matches)) {
|
||||
$name .= '.'.$matches[1];
|
||||
}
|
||||
if ($this->options['correct_image_extensions'] &&
|
||||
function_exists('exif_imagetype')) {
|
||||
switch (@exif_imagetype($file_path)){
|
||||
case IMAGETYPE_JPEG:
|
||||
if ($this->options['correct_image_extensions']) {
|
||||
switch ($this->imagetype($file_path)) {
|
||||
case self::IMAGETYPE_JPEG:
|
||||
$extensions = array('jpg', 'jpeg');
|
||||
break;
|
||||
case IMAGETYPE_PNG:
|
||||
case self::IMAGETYPE_PNG:
|
||||
$extensions = array('png');
|
||||
break;
|
||||
case IMAGETYPE_GIF:
|
||||
case self::IMAGETYPE_GIF:
|
||||
$extensions = array('gif');
|
||||
break;
|
||||
}
|
||||
@ -523,7 +542,17 @@ class UploadHandler
|
||||
// Remove path information and dots around the filename, to prevent uploading
|
||||
// into different directories or replacing hidden system files.
|
||||
// Also remove control characters and spaces (\x00..\x20) around the filename:
|
||||
$name = trim($this->basename(stripslashes($name)), "\x00..\x20");
|
||||
$name = trim($this->basename(stripslashes($name)), ".\x00..\x20");
|
||||
// Replace dots in filenames to avoid security issues with servers
|
||||
// that interpret multiple file extensions, e.g. "example.php.png":
|
||||
$replacement = $this->options['replace_dots_in_filenames'];
|
||||
if (!empty($replacement)) {
|
||||
$parts = explode('.', $name);
|
||||
if (count($parts) > 2) {
|
||||
$ext = array_pop($parts);
|
||||
$name = implode($replacement, $parts).'.'.$ext;
|
||||
}
|
||||
}
|
||||
// Use a timestamp for empty filenames:
|
||||
if (!$name) {
|
||||
$name = str_replace('.', '-', microtime(true));
|
||||
@ -868,25 +897,31 @@ class UploadHandler
|
||||
if (!empty($options['auto_orient'])) {
|
||||
$image_oriented = $this->imagick_orient_image($image);
|
||||
}
|
||||
|
||||
$image_resize = false;
|
||||
$new_width = $max_width = $img_width = $image->getImageWidth();
|
||||
$new_height = $max_height = $img_height = $image->getImageHeight();
|
||||
if (!empty($options['max_width'])) {
|
||||
|
||||
// use isset(). User might be setting max_width = 0 (auto in regular resizing). Value 0 would be considered empty when you use empty()
|
||||
if (isset($options['max_width'])) {
|
||||
$image_resize = true;
|
||||
$new_width = $max_width = $options['max_width'];
|
||||
}
|
||||
if (!empty($options['max_height'])) {
|
||||
if (isset($options['max_height'])) {
|
||||
$image_resize = true;
|
||||
$new_height = $max_height = $options['max_height'];
|
||||
}
|
||||
$image_strip = false;
|
||||
if( !empty($options["strip"]) ) {
|
||||
$image_strip = $options["strip"];
|
||||
}
|
||||
|
||||
$image_strip = (isset($options['strip']) ? $options['strip'] : false);
|
||||
|
||||
if ( !$image_oriented && ($max_width >= $img_width) && ($max_height >= $img_height) && !$image_strip && empty($options["jpeg_quality"]) ) {
|
||||
if ($file_path !== $new_file_path) {
|
||||
return copy($file_path, $new_file_path);
|
||||
}
|
||||
return true;
|
||||
}
|
||||
$crop = !empty($options['crop']);
|
||||
$crop = (isset($options['crop']) ? $options['crop'] : false);
|
||||
|
||||
if ($crop) {
|
||||
$x = 0;
|
||||
$y = 0;
|
||||
@ -1012,6 +1047,7 @@ class UploadHandler
|
||||
}
|
||||
|
||||
protected function create_scaled_image($file_name, $version, $options) {
|
||||
try {
|
||||
if ($this->options['image_library'] === 2) {
|
||||
return $this->imagemagick_create_scaled_image($file_name, $version, $options);
|
||||
}
|
||||
@ -1019,6 +1055,10 @@ class UploadHandler
|
||||
return $this->imagick_create_scaled_image($file_name, $version, $options);
|
||||
}
|
||||
return $this->gd_create_scaled_image($file_name, $version, $options);
|
||||
} catch (\Exception $e) {
|
||||
error_log($e->getMessage());
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
protected function destroy_image_object($file_path) {
|
||||
@ -1027,15 +1067,30 @@ class UploadHandler
|
||||
}
|
||||
}
|
||||
|
||||
protected function is_valid_image_file($file_path) {
|
||||
if (!preg_match($this->options['image_file_types'], $file_path)) {
|
||||
protected function imagetype($file_path) {
|
||||
$fp = fopen($file_path, 'r');
|
||||
$data = fread($fp, 4);
|
||||
fclose($fp);
|
||||
// GIF: 47 49 46 38
|
||||
if ($data === 'GIF8') {
|
||||
return self::IMAGETYPE_GIF;
|
||||
}
|
||||
// JPG: FF D8 FF
|
||||
if (bin2hex(substr($data, 0, 3)) === 'ffd8ff') {
|
||||
return self::IMAGETYPE_JPEG;
|
||||
}
|
||||
// PNG: 89 50 4E 47
|
||||
if (bin2hex(@$data[0]).substr($data, 1, 4) === '89PNG') {
|
||||
return self::IMAGETYPE_PNG;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
if (function_exists('exif_imagetype')) {
|
||||
return @exif_imagetype($file_path);
|
||||
|
||||
protected function is_valid_image_file($file_path) {
|
||||
if (!preg_match('/\.(gif|jpe?g|png)$/i', $file_path)) {
|
||||
return false;
|
||||
}
|
||||
$image_info = $this->get_image_size($file_path);
|
||||
return $image_info && $image_info[0] && $image_info[1];
|
||||
return !!$this->imagetype($file_path);
|
||||
}
|
||||
|
||||
protected function handle_image_file($file_path, $file) {
|
||||
@ -1062,7 +1117,8 @@ class UploadHandler
|
||||
$this->destroy_image_object($file_path);
|
||||
}
|
||||
|
||||
protected function handle_file_upload($uploaded_file, $name, $size, $type, $error, $index = null, $content_range = null) {
|
||||
protected function handle_file_upload($uploaded_file, $name, $size, $type, $error,
|
||||
$index = null, $content_range = null) {
|
||||
$file = new \stdClass();
|
||||
$file->name = $this->get_file_name($uploaded_file, $name, $size, $type, $error,
|
||||
$index, $content_range);
|
||||
@ -1071,7 +1127,7 @@ class UploadHandler
|
||||
if ($this->validate($uploaded_file, $file, $error, $index)) {
|
||||
$this->handle_form_data($file, $index);
|
||||
$upload_dir = $this->get_upload_path();
|
||||
if (!$this->options['ftp'] && !is_dir($upload_dir)) {
|
||||
if (!is_dir($upload_dir)) {
|
||||
mkdir($upload_dir, $this->options['mkdir_mode'], true);
|
||||
}
|
||||
$file_path = $this->get_upload_path($file->name);
|
||||
@ -1089,10 +1145,6 @@ class UploadHandler
|
||||
move_uploaded_file($uploaded_file, $file_path);
|
||||
}
|
||||
} else {
|
||||
if($this->get_file_size($uploaded_file) == $file->size){
|
||||
copy($uploaded_file, $file_path);
|
||||
}else{
|
||||
|
||||
// Non-multipart uploads (PUT method support)
|
||||
file_put_contents(
|
||||
$file_path,
|
||||
@ -1100,9 +1152,7 @@ class UploadHandler
|
||||
$append_file ? FILE_APPEND : 0
|
||||
);
|
||||
}
|
||||
}
|
||||
$file_size = $this->get_file_size($file_path, $append_file);
|
||||
$file->path = $file_path;
|
||||
if ($file_size === $file->size) {
|
||||
$file->url = $this->get_download_url($file->name);
|
||||
if ($this->is_valid_image_file($file_path)) {
|
||||
@ -1317,7 +1367,6 @@ class UploadHandler
|
||||
$this->options['param_name'] => $this->get_file_objects()
|
||||
);
|
||||
}
|
||||
|
||||
return $this->generate_response($response, $print_response);
|
||||
}
|
||||
|
||||
@ -1334,11 +1383,6 @@ class UploadHandler
|
||||
'',
|
||||
$content_disposition_header
|
||||
)) : null;
|
||||
// TODO check
|
||||
// if (isset($content_disposition_header) && !empty($content_disposition_header) ) {
|
||||
// $file_name = str_replace('attachment; filename="', '', $content_disposition_header);
|
||||
// $file_name = str_replace('"', '', $file_name);
|
||||
// }
|
||||
// Parse the Content-Range header, which has the following form:
|
||||
// Content-Range: bytes 0-524287/2000000
|
||||
$content_range_header = $this->get_server_var('HTTP_CONTENT_RANGE');
|
||||
@ -1351,15 +1395,12 @@ class UploadHandler
|
||||
// param_name is an array identifier like "files[]",
|
||||
// $upload is a multi-dimensional array:
|
||||
foreach ($upload['tmp_name'] as $index => $value) {
|
||||
if(!isset($upload['error'][$index])){
|
||||
$upload['error'][$index] = null;
|
||||
}
|
||||
$files[] = $this->handle_file_upload(
|
||||
$upload['tmp_name'][$index],
|
||||
$file_name ? $file_name : $upload['name'][$index],
|
||||
$size ? $size : $upload['size'][$index],
|
||||
$upload['type'][$index],
|
||||
$upload['error'][$index],
|
||||
isset($upload['error']) ? $upload['error'][$index] : null,
|
||||
$index,
|
||||
$content_range
|
||||
);
|
||||
@ -1436,6 +1477,9 @@ class UploadHandler
|
||||
|
||||
$magicianObj -> saveImage($targetFile);
|
||||
}
|
||||
|
||||
|
||||
|
||||
$thumbResult = create_img($targetFile, $targetFileThumb, 122, 91);
|
||||
|
||||
if ( $thumbResult!==true)
|
||||
|
1595
core/vendor/filemanager/__UploadHandler.php
vendored
1595
core/vendor/filemanager/__UploadHandler.php
vendored
File diff suppressed because it is too large
Load Diff
Loading…
x
Reference in New Issue
Block a user