diff options
Diffstat (limited to 'phpBB/phpbb/avatar/driver/upload.php')
-rw-r--r-- | phpBB/phpbb/avatar/driver/upload.php | 66 |
1 files changed, 27 insertions, 39 deletions
diff --git a/phpBB/phpbb/avatar/driver/upload.php b/phpBB/phpbb/avatar/driver/upload.php index a5b704b4ff..da1e78cb83 100644 --- a/phpBB/phpbb/avatar/driver/upload.php +++ b/phpBB/phpbb/avatar/driver/upload.php @@ -13,15 +13,18 @@ namespace phpbb\avatar\driver; +use bantu\IniGetWrapper\IniGetWrapper; +use \phpbb\storage\exception\exception as storage_exception; + /** * Handles avatars uploaded to the board */ class upload extends \phpbb\avatar\driver\driver { /** - * @var \phpbb\filesystem\filesystem_interface + * @var \phpbb\storage\storage */ - protected $filesystem; + protected $storage; /** * @var \phpbb\event\dispatcher_interface @@ -34,27 +37,32 @@ class upload extends \phpbb\avatar\driver\driver protected $files_factory; /** + * @var IniGetWrapper + */ + protected $php_ini; + + /** * Construct a driver object * * @param \phpbb\config\config $config phpBB configuration * @param string $phpbb_root_path Path to the phpBB root * @param string $php_ext PHP file extension - * @param \phpbb\filesystem\filesystem_interface $filesystem phpBB filesystem helper + * @param \phpbb\storage\storage phpBB avatar storage * @param \phpbb\path_helper $path_helper phpBB path helper * @param \phpbb\event\dispatcher_interface $dispatcher phpBB Event dispatcher object * @param \phpbb\files\factory $files_factory File classes factory - * @param \phpbb\cache\driver\driver_interface $cache Cache driver + * @param IniGetWrapper $php_ini ini_get() wrapper */ - public function __construct(\phpbb\config\config $config, $phpbb_root_path, $php_ext, \phpbb\filesystem\filesystem_interface $filesystem, \phpbb\path_helper $path_helper, \phpbb\event\dispatcher_interface $dispatcher, \phpbb\files\factory $files_factory, \phpbb\cache\driver\driver_interface $cache = null) + public function __construct(\phpbb\config\config $config, $phpbb_root_path, $php_ext, \phpbb\storage\storage $storage, \phpbb\path_helper $path_helper, \phpbb\event\dispatcher_interface $dispatcher, \phpbb\files\factory $files_factory, IniGetWrapper $php_ini) { $this->config = $config; $this->phpbb_root_path = $phpbb_root_path; $this->php_ext = $php_ext; - $this->filesystem = $filesystem; + $this->storage = $storage; $this->path_helper = $path_helper; $this->dispatcher = $dispatcher; $this->files_factory = $files_factory; - $this->cache = $cache; + $this->php_ini = $php_ini; } /** @@ -117,7 +125,7 @@ class upload extends \phpbb\avatar\driver\driver if (!empty($upload_file['name'])) { - $file = $upload->handle_upload('files.types.form', 'avatar_upload_file'); + $file = $upload->handle_upload('files.types.form_storage', 'avatar_upload_file'); } else if (!empty($this->config['allow_avatar_remote_upload']) && !empty($url)) { @@ -158,7 +166,7 @@ class upload extends \phpbb\avatar\driver\driver return false; } - $file = $upload->handle_upload('files.types.remote', $url); + $file = $upload->handle_upload('files.types.remote_storage', $url); } else { @@ -171,26 +179,11 @@ class upload extends \phpbb\avatar\driver\driver // If there was an error during upload, then abort operation if (count($file->error)) { - $file->remove(); + $file->remove($this->storage); $error = $file->error; return false; } - // Calculate new destination - $destination = $this->config['avatar_path']; - - // Adjust destination path (no trailing slash) - if (substr($destination, -1, 1) == '/' || substr($destination, -1, 1) == '\\') - { - $destination = substr($destination, 0, -1); - } - - $destination = str_replace(array('../', '..\\', './', '.\\'), '', $destination); - if ($destination && ($destination[0] == '/' || $destination[0] == "\\")) - { - $destination = ''; - } - $filedata = array( 'filename' => $file->get('filename'), 'filesize' => $file->get('filesize'), @@ -206,7 +199,6 @@ class upload extends \phpbb\avatar\driver\driver * @event core.avatar_driver_upload_move_file_before * @var array filedata Array containing uploaded file data * @var \phpbb\files\filespec file Instance of filespec class - * @var string destination Destination directory where the file is going to be moved * @var string prefix Prefix for the avatar filename * @var array row Array with avatar row data * @var array error Array of errors, if filled in by this event file will not be moved @@ -217,7 +209,6 @@ class upload extends \phpbb\avatar\driver\driver $vars = array( 'filedata', 'file', - 'destination', 'prefix', 'row', 'error', @@ -229,14 +220,14 @@ class upload extends \phpbb\avatar\driver\driver if (!count($error)) { // Move file and overwrite any existing image - $file->move_file($destination, true); + $file->move_file($this->storage, true); } // If there was an error during move, then clean up leftovers $error = array_merge($error, $file->error); if (count($error)) { - $file->remove(); + $file->remove($this->storage); return false; } @@ -262,7 +253,6 @@ class upload extends \phpbb\avatar\driver\driver return array( 'allow_avatar_remote_upload'=> array('lang' => 'ALLOW_REMOTE_UPLOAD', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 'avatar_filesize' => array('lang' => 'MAX_FILESIZE', 'validate' => 'int:0', 'type' => 'number:0', 'explain' => true, 'append' => ' ' . $user->lang['BYTES']), - 'avatar_path' => array('lang' => 'AVATAR_STORAGE_PATH', 'validate' => 'rpath', 'type' => 'text:20:255', 'explain' => true), ); } @@ -273,37 +263,35 @@ class upload extends \phpbb\avatar\driver\driver { $error = array(); - $destination = $this->config['avatar_path']; $prefix = $this->config['avatar_salt'] . '_'; $ext = substr(strrchr($row['avatar'], '.'), 1); - $filename = $this->phpbb_root_path . $destination . '/' . $prefix . $row['id'] . '.' . $ext; + $filename = $prefix . $row['id'] . '.' . $ext; /** * Before deleting an existing avatar * * @event core.avatar_driver_upload_delete_before - * @var string destination Destination directory where the file is going to be deleted * @var string prefix Prefix for the avatar filename * @var array row Array with avatar row data * @var array error Array of errors, if filled in by this event file will not be deleted * @since 3.1.6-RC1 + * @changed 3.3.0-a1 Remove destination */ $vars = array( - 'destination', 'prefix', 'row', 'error', ); extract($this->dispatcher->trigger_event('core.avatar_driver_upload_delete_before', compact($vars))); - if (!count($error) && $this->filesystem->exists($filename)) + if (!count($error) && $this->storage->exists($filename)) { try { - $this->filesystem->remove($filename); + $this->storage->delete($filename); return true; } - catch (\phpbb\filesystem\exception\filesystem_exception $e) + catch (storage_exception $e) { // Fail is covered by return statement below } @@ -321,12 +309,12 @@ class upload extends \phpbb\avatar\driver\driver } /** - * Check if user is able to upload an avatar + * Check if user is able to upload an avatar to a temporary folder * * @return bool True if user can upload, false if not */ protected function can_upload() { - return ($this->filesystem->exists($this->phpbb_root_path . $this->config['avatar_path']) && $this->filesystem->is_writable($this->phpbb_root_path . $this->config['avatar_path']) && (@ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on')); + return $this->php_ini->getBool('file_uploads'); } } |