| 
									
										
										
										
											2021-04-18 02:17:57 +01:00
										 |  |  | <?php | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // {{{ License
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // This file is part of GNU social - https://www.gnu.org/software/social
 | 
					
						
							|  |  |  | //
 | 
					
						
							|  |  |  | // GNU social is free software: you can redistribute it and/or modify
 | 
					
						
							|  |  |  | // it under the terms of the GNU Affero General Public License as published by
 | 
					
						
							|  |  |  | // the Free Software Foundation, either version 3 of the License, or
 | 
					
						
							|  |  |  | // (at your option) any later version.
 | 
					
						
							|  |  |  | //
 | 
					
						
							|  |  |  | // GNU social is distributed in the hope that it will be useful,
 | 
					
						
							|  |  |  | // but WITHOUT ANY WARRANTY; without even the implied warranty of
 | 
					
						
							|  |  |  | // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 | 
					
						
							|  |  |  | // GNU Affero General Public License for more details.
 | 
					
						
							|  |  |  | //
 | 
					
						
							|  |  |  | // You should have received a copy of the GNU Affero General Public License
 | 
					
						
							|  |  |  | // along with GNU social.  If not, see <http://www.gnu.org/licenses/>.
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // }}}
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | namespace App\Core; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | use App\Core\DB\DB; | 
					
						
							| 
									
										
										
										
											2021-07-22 20:56:29 +01:00
										 |  |  | use function App\Core\I18n\_m; | 
					
						
							| 
									
										
										
										
											2021-04-18 02:17:57 +01:00
										 |  |  | use App\Entity\Attachment; | 
					
						
							|  |  |  | use App\Util\Common; | 
					
						
							| 
									
										
										
										
											2021-07-20 21:17:53 +01:00
										 |  |  | use App\Util\Exception\DuplicateFoundException; | 
					
						
							| 
									
										
										
										
											2021-04-18 02:17:57 +01:00
										 |  |  | use App\Util\Exception\NoSuchFileException; | 
					
						
							| 
									
										
										
										
											2021-05-02 15:46:12 +00:00
										 |  |  | use App\Util\Exception\NotFoundException; | 
					
						
							| 
									
										
										
										
											2021-05-01 13:02:14 +00:00
										 |  |  | use App\Util\Exception\ServerException; | 
					
						
							| 
									
										
										
										
											2021-08-03 10:22:55 +00:00
										 |  |  | use App\Util\Formatting; | 
					
						
							| 
									
										
										
										
											2021-07-20 21:17:53 +01:00
										 |  |  | use SplFileInfo; | 
					
						
							| 
									
										
										
										
											2021-04-18 02:17:57 +01:00
										 |  |  | use Symfony\Component\HttpFoundation\BinaryFileResponse; | 
					
						
							|  |  |  | use Symfony\Component\HttpFoundation\HeaderUtils; | 
					
						
							|  |  |  | use Symfony\Component\HttpFoundation\Response; | 
					
						
							| 
									
										
										
										
											2021-07-22 20:56:29 +01:00
										 |  |  | use Symfony\Component\Mime\MimeTypes; | 
					
						
							| 
									
										
										
										
											2021-04-18 02:17:57 +01:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2021-07-20 21:17:53 +01:00
										 |  |  | /** | 
					
						
							|  |  |  |  * GNU social's File Abstraction | 
					
						
							|  |  |  |  * | 
					
						
							|  |  |  |  * @category  Files | 
					
						
							|  |  |  |  * @package   GNUsocial | 
					
						
							|  |  |  |  * | 
					
						
							|  |  |  |  * @author    Hugo Sales <hugo@hsal.es> | 
					
						
							|  |  |  |  * @author    Diogo Peralta Cordeiro <mail@diogo.site> | 
					
						
							|  |  |  |  * @copyright 2020-2021 Free Software Foundation, Inc http://www.fsf.org | 
					
						
							|  |  |  |  * @license   https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later | 
					
						
							|  |  |  |  */ | 
					
						
							| 
									
										
										
										
											2021-04-18 02:17:57 +01:00
										 |  |  | class GSFile | 
					
						
							|  |  |  | { | 
					
						
							|  |  |  |     /** | 
					
						
							| 
									
										
										
										
											2021-08-14 16:47:45 +01:00
										 |  |  |      * Perform file validation (checks and normalization), store the given file if needed and increment lives | 
					
						
							| 
									
										
										
										
											2021-07-20 21:17:53 +01:00
										 |  |  |      * | 
					
						
							|  |  |  |      * @param SplFileInfo $file | 
					
						
							| 
									
										
										
										
											2021-07-22 20:56:29 +01:00
										 |  |  |      * @param string      $dest_dir | 
					
						
							| 
									
										
										
										
											2021-07-20 21:17:53 +01:00
										 |  |  |      * @param null|string $title | 
					
						
							| 
									
										
										
										
											2021-07-22 20:56:29 +01:00
										 |  |  |      * @param bool        $is_local | 
					
						
							|  |  |  |      * @param null|int    $actor_id | 
					
						
							| 
									
										
										
										
											2021-07-20 21:17:53 +01:00
										 |  |  |      * | 
					
						
							|  |  |  |      * @throws DuplicateFoundException | 
					
						
							| 
									
										
										
										
											2021-07-22 20:56:29 +01:00
										 |  |  |      * | 
					
						
							|  |  |  |      * @return Attachment | 
					
						
							| 
									
										
										
										
											2021-04-18 02:17:57 +01:00
										 |  |  |      */ | 
					
						
							| 
									
										
										
										
											2021-08-14 16:47:45 +01:00
										 |  |  |     public static function sanitizeAndStoreFileAsAttachment(SplFileInfo $file, | 
					
						
							|  |  |  |                                                             string $dest_dir): Attachment | 
					
						
							| 
									
										
										
										
											2021-04-18 02:17:57 +01:00
										 |  |  |     { | 
					
						
							| 
									
										
										
										
											2021-08-04 19:26:48 +01:00
										 |  |  |         if (!Formatting::startsWith($dest_dir, Common::config('storage', 'dir'))) { | 
					
						
							|  |  |  |             throw new \InvalidArgumentException("Attempted to store a file in a directory outside the GNU social files location: {$dest_dir}"); | 
					
						
							| 
									
										
										
										
											2021-08-03 10:22:55 +00:00
										 |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2021-07-20 21:17:53 +01:00
										 |  |  |         $hash = null; | 
					
						
							|  |  |  |         Event::handle('HashFile', [$file->getPathname(), &$hash]); | 
					
						
							| 
									
										
										
										
											2021-05-02 15:46:12 +00:00
										 |  |  |         try { | 
					
						
							| 
									
										
										
										
											2021-08-14 16:47:45 +01:00
										 |  |  |             $attachment = DB::findOneBy('attachment', ['filehash' => $hash]); | 
					
						
							|  |  |  |             $attachment->livesIncrementAndGet(); | 
					
						
							| 
									
										
										
										
											2021-05-02 15:46:12 +00:00
										 |  |  |         } catch (NotFoundException) { | 
					
						
							|  |  |  |             // The following properly gets the mimetype with `file` or other
 | 
					
						
							|  |  |  |             // available methods, so should be safe
 | 
					
						
							| 
									
										
										
										
											2021-07-20 21:17:53 +01:00
										 |  |  |             $mimetype = $file->getMimeType(); | 
					
						
							| 
									
										
										
										
											2021-07-22 20:56:29 +01:00
										 |  |  |             $width    = $height    = null; | 
					
						
							| 
									
										
										
										
											2021-08-14 16:47:45 +01:00
										 |  |  |             Event::handle('AttachmentSanitization', [&$file, &$mimetype, &$width, &$height]); | 
					
						
							| 
									
										
										
										
											2021-05-02 15:46:12 +00:00
										 |  |  |             $attachment = Attachment::create([ | 
					
						
							| 
									
										
										
										
											2021-08-14 16:47:45 +01:00
										 |  |  |                 'filehash' => $hash, | 
					
						
							|  |  |  |                 'mimetype' => $mimetype, | 
					
						
							|  |  |  |                 'filename' => Formatting::removePrefix($dest_dir, Common::config('attachments', 'dir')) . $hash, | 
					
						
							|  |  |  |                 'size'     => $file->getSize(), | 
					
						
							|  |  |  |                 'width'    => $width, | 
					
						
							|  |  |  |                 'height'   => $height, | 
					
						
							| 
									
										
										
										
											2021-05-02 15:46:12 +00:00
										 |  |  |             ]); | 
					
						
							| 
									
										
										
										
											2021-07-20 21:17:53 +01:00
										 |  |  |             $file->move($dest_dir, $hash); | 
					
						
							| 
									
										
										
										
											2021-05-02 15:46:12 +00:00
										 |  |  |             DB::persist($attachment); | 
					
						
							|  |  |  |             Event::handle('AttachmentStoreNew', [&$attachment]); | 
					
						
							| 
									
										
										
										
											2021-04-25 21:14:35 +00:00
										 |  |  |         } | 
					
						
							| 
									
										
										
										
											2021-08-14 16:47:45 +01:00
										 |  |  |         return $attachment; | 
					
						
							| 
									
										
										
										
											2021-04-18 02:17:57 +01:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Include $filepath in the response, for viewing or downloading. | 
					
						
							|  |  |  |      * | 
					
						
							|  |  |  |      * @throws ServerException | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public static function sendFile(string $filepath, string $mimetype, ?string $output_filename, string $disposition = 'inline'): Response | 
					
						
							|  |  |  |     { | 
					
						
							| 
									
										
										
										
											2021-05-01 13:02:14 +00:00
										 |  |  |         if (is_file($filepath)) { | 
					
						
							|  |  |  |             $response = new BinaryFileResponse( | 
					
						
							|  |  |  |                 $filepath, | 
					
						
							|  |  |  |                 Response::HTTP_OK, | 
					
						
							|  |  |  |                 [ | 
					
						
							|  |  |  |                     'Content-Description' => 'File Transfer', | 
					
						
							| 
									
										
										
										
											2021-07-22 20:56:29 +01:00
										 |  |  |                     'Content-Type'        => $mimetype, | 
					
						
							|  |  |  |                     'Content-Disposition' => HeaderUtils::makeDisposition($disposition, $output_filename ?? _m('Untitled attachment') . '.' . MimeTypes::getDefault()->getExtensions($mimetype)[0]), | 
					
						
							|  |  |  |                     'Cache-Control'       => 'public', | 
					
						
							| 
									
										
										
										
											2021-05-01 13:02:14 +00:00
										 |  |  |                 ], | 
					
						
							| 
									
										
										
										
											2021-07-22 20:56:29 +01:00
										 |  |  |                 public: true, | 
					
						
							|  |  |  |                 // contentDisposition: $disposition,
 | 
					
						
							|  |  |  |                 autoEtag: true, | 
					
						
							|  |  |  |                 autoLastModified: true | 
					
						
							| 
									
										
										
										
											2021-05-01 13:02:14 +00:00
										 |  |  |             ); | 
					
						
							|  |  |  |             if (Common::config('site', 'x_static_delivery')) { | 
					
						
							| 
									
										
										
										
											2021-08-08 00:37:02 +00:00
										 |  |  |                 // @codeCoverageIgnoreStart
 | 
					
						
							| 
									
										
										
										
											2021-05-01 13:02:14 +00:00
										 |  |  |                 $response->trustXSendfileTypeHeader(); | 
					
						
							| 
									
										
										
										
											2021-08-08 00:37:02 +00:00
										 |  |  |                 // @codeCoverageIgnoreEnd
 | 
					
						
							| 
									
										
										
										
											2021-05-01 13:02:14 +00:00
										 |  |  |             } | 
					
						
							|  |  |  |             return $response; | 
					
						
							|  |  |  |         } else { | 
					
						
							|  |  |  |             throw new ServerException(_m('This attachment is not stored locally')); | 
					
						
							| 
									
										
										
										
											2021-04-18 02:17:57 +01:00
										 |  |  |         } | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Throw a client exception if the cache key $id doesn't contain | 
					
						
							|  |  |  |      * exactly one entry | 
					
						
							|  |  |  |      * | 
					
						
							|  |  |  |      * @param mixed $except | 
					
						
							|  |  |  |      * @param mixed $id | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public static function error($except, $id, array $res) | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         switch (count($res)) { | 
					
						
							|  |  |  |             case 0: | 
					
						
							|  |  |  |                 throw new $except(); | 
					
						
							|  |  |  |             case 1: | 
					
						
							|  |  |  |                 return $res[0]; | 
					
						
							|  |  |  |             default: | 
					
						
							| 
									
										
										
										
											2021-08-08 00:37:02 +00:00
										 |  |  |                 // @codeCoverageIgnoreStart
 | 
					
						
							| 
									
										
										
										
											2021-04-18 02:17:57 +01:00
										 |  |  |                 Log::error('Media query returned more than one result for identifier: \"' . $id . '\"'); | 
					
						
							| 
									
										
										
										
											2021-08-08 00:37:02 +00:00
										 |  |  |                 throw new ServerException(_m('Internal server error')); | 
					
						
							|  |  |  |                 // @codeCoverageIgnoreEnd
 | 
					
						
							| 
									
										
										
										
											2021-04-18 02:17:57 +01:00
										 |  |  |         } | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Get the file info by id | 
					
						
							|  |  |  |      * | 
					
						
							|  |  |  |      * Returns the file's hash, mimetype and title | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public static function getFileInfo(int $id) | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |         return self::error(NoSuchFileException::class, | 
					
						
							|  |  |  |             $id, | 
					
						
							|  |  |  |             Cache::get("file-info-{$id}", | 
					
						
							|  |  |  |                 function () use ($id) { | 
					
						
							| 
									
										
										
										
											2021-08-14 16:47:45 +01:00
										 |  |  |                     return DB::dql('select at.filename, at.mimetype ' . | 
					
						
							| 
									
										
										
										
											2021-04-18 02:17:57 +01:00
										 |  |  |                         'from App\\Entity\\Attachment at ' . | 
					
						
							|  |  |  |                         'where at.id = :id', | 
					
						
							|  |  |  |                         ['id' => $id]); | 
					
						
							|  |  |  |                 })); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     // ----- Attachment ------
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Get the attachment file info by id | 
					
						
							|  |  |  |      * | 
					
						
							|  |  |  |      * Returns the attachment file's hash, mimetype, title and path | 
					
						
							|  |  |  |      */ | 
					
						
							|  |  |  |     public static function getAttachmentFileInfo(int $id): array | 
					
						
							|  |  |  |     { | 
					
						
							| 
									
										
										
										
											2021-07-22 20:56:29 +01:00
										 |  |  |         $res             = self::getFileInfo($id); | 
					
						
							| 
									
										
										
										
											2021-08-03 17:51:23 +00:00
										 |  |  |         $res['filepath'] = Common::config('attachments', 'dir') . $res['filename']; | 
					
						
							| 
									
										
										
										
											2021-04-18 02:17:57 +01:00
										 |  |  |         return $res; | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     // ------------------------
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Get the minor part of a mimetype. image/webp -> image | 
					
						
							|  |  |  |      */ | 
					
						
							| 
									
										
										
										
											2021-07-28 21:10:32 +00:00
										 |  |  |     public static function mimetypeMajor(string $mime): string | 
					
						
							| 
									
										
										
										
											2021-04-18 02:17:57 +01:00
										 |  |  |     { | 
					
						
							| 
									
										
										
										
											2021-04-25 21:14:35 +00:00
										 |  |  |         return explode('/', self::mimetypeBare($mime))[0]; | 
					
						
							| 
									
										
										
										
											2021-04-18 02:17:57 +01:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      * Get the minor part of a mimetype. image/webp -> webp | 
					
						
							|  |  |  |      */ | 
					
						
							| 
									
										
										
										
											2021-07-28 21:10:32 +00:00
										 |  |  |     public static function mimetypeMinor(string $mime): string | 
					
						
							| 
									
										
										
										
											2021-04-18 02:17:57 +01:00
										 |  |  |     { | 
					
						
							| 
									
										
										
										
											2021-04-25 21:14:35 +00:00
										 |  |  |         return explode('/', self::mimetypeBare($mime))[1]; | 
					
						
							| 
									
										
										
										
											2021-04-18 02:17:57 +01:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							|  |  |  |      *  Get only the mimetype and not additional info (separated from bare mime with semi-colon) | 
					
						
							|  |  |  |      */ | 
					
						
							| 
									
										
										
										
											2021-07-28 21:10:32 +00:00
										 |  |  |     public static function mimetypeBare(string $mimetype): string | 
					
						
							| 
									
										
										
										
											2021-04-18 02:17:57 +01:00
										 |  |  |     { | 
					
						
							|  |  |  |         $mimetype = mb_strtolower($mimetype); | 
					
						
							|  |  |  |         if (($semicolon = mb_strpos($mimetype, ';')) !== false) { | 
					
						
							|  |  |  |             $mimetype = mb_substr($mimetype, 0, $semicolon); | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  |         return trim($mimetype); | 
					
						
							|  |  |  |     } | 
					
						
							| 
									
										
										
										
											2021-07-22 20:56:29 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  |     /** | 
					
						
							| 
									
										
										
										
											2021-08-14 16:47:45 +01:00
										 |  |  |      * Given an attachment filename and mimetype allows to generate the most appropriate filename. | 
					
						
							| 
									
										
										
										
											2021-07-22 20:56:29 +01:00
										 |  |  |      * | 
					
						
							| 
									
										
										
										
											2021-08-14 16:47:45 +01:00
										 |  |  |      * @param string      $title    Original filename with or without extension | 
					
						
							|  |  |  |      * @param string      $mimetype Original mimetype of the file | 
					
						
							|  |  |  |      * @param null|string $ext      Extension we believe to be best | 
					
						
							|  |  |  |      * @param bool        $force    Should we force the extension we believe to be best? Defaults to false | 
					
						
							| 
									
										
										
										
											2021-07-22 20:56:29 +01:00
										 |  |  |      * | 
					
						
							|  |  |  |      * @return null|string | 
					
						
							|  |  |  |      */ | 
					
						
							| 
									
										
										
										
											2021-08-14 16:47:45 +01:00
										 |  |  |     public static function ensureFilenameWithProperExtension(string $title, string $mimetype, ?string &$ext = null, bool $force = false): string | null | 
					
						
							| 
									
										
										
										
											2021-07-22 20:56:29 +01:00
										 |  |  |     { | 
					
						
							|  |  |  |         $valid_extensions = MimeTypes::getDefault()->getExtensions($mimetype); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         // If title seems to be a filename with an extension
 | 
					
						
							|  |  |  |         if (preg_match('/\.[a-z0-9]/i', $title) === 1) { | 
					
						
							|  |  |  |             $title_without_extension = substr($title, 0, strrpos($title, '.')); | 
					
						
							|  |  |  |             $original_extension      = substr($title, strrpos($title, '.') + 1); | 
					
						
							|  |  |  |             if (empty(MimeTypes::getDefault()->getMimeTypes($original_extension)) || !in_array($original_extension, $valid_extensions)) { | 
					
						
							|  |  |  |                 unset($title_without_extension, $original_extension); | 
					
						
							|  |  |  |             } | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         if ($force) { | 
					
						
							|  |  |  |             return ($title_without_extension ?? $title) . ".{$ext}"; | 
					
						
							|  |  |  |         } else { | 
					
						
							|  |  |  |             if (isset($original_extension)) { | 
					
						
							|  |  |  |                 return $title; | 
					
						
							|  |  |  |             } else { | 
					
						
							|  |  |  |                 if (!empty($valid_extensions)) { | 
					
						
							|  |  |  |                     return "{$title}.{$valid_extensions[0]}"; | 
					
						
							|  |  |  |                 } else { | 
					
						
							| 
									
										
										
										
											2021-08-14 16:47:45 +01:00
										 |  |  |                     if (!is_null($ext)) { | 
					
						
							|  |  |  |                         return ($title_without_extension ?? $title) . ".{$ext}"; | 
					
						
							|  |  |  |                     } | 
					
						
							| 
									
										
										
										
											2021-07-22 20:56:29 +01:00
										 |  |  |                     return null; | 
					
						
							|  |  |  |                 } | 
					
						
							|  |  |  |             } | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  |     } | 
					
						
							| 
									
										
										
										
											2021-04-18 02:17:57 +01:00
										 |  |  | } |