Implement a class for automatic temporary file handling

And adopt it all over the code.
This commit is contained in:
Alexei Sorokin 2020-09-04 13:15:23 +03:00 committed by Diogo Peralta Cordeiro
parent 590891139f
commit 7fa4d56f05
9 changed files with 626 additions and 362 deletions

View File

@ -1,48 +1,44 @@
<?php <?php
// This file is part of GNU social - https://www.gnu.org/software/social
//
// GNU social is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// GNU social is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with GNU social. If not, see <http://www.gnu.org/licenses/>.
/** /**
* StatusNet, the distributed open-source microblogging tool
*
* Upload an image via the API * Upload an image via the API
* *
* PHP version 5
*
* LICENCE: This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* @category API * @category API
* @author Zach Copley <zach@status.net> * @author Zach Copley <zach@status.net>
* @copyright 2010 StatusNet, Inc. * @copyright 2010 StatusNet, Inc.
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
* @link http://status.net/
*/ */
if (!defined('GNUSOCIAL')) { exit(1); } defined('GNUSOCIAL') || die();
/** /**
* Upload an image via the API. Returns a shortened URL for the image * Upload an image via the API. Returns a shortened URL for the image
* to the user. Apparently modelled after a former Twitpic API. * to the user. Apparently modelled after a former Twitpic API.
* *
* @category API * @category API
* @package StatusNet * @package GNUsocial
* @author Zach Copley <zach@status.net> * @author Zach Copley <zach@status.net>
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
* @link http://status.net/
*/ */
class ApiMediaUploadAction extends ApiAuthAction class ApiMediaUploadAction extends ApiAuthAction
{ {
protected $needPost = true; protected $needPost = true;
protected function prepare(array $args=array()) protected function prepare(array $args = [])
{ {
parent::prepare($args); parent::prepare($args);
@ -79,20 +75,21 @@ class ApiMediaUploadAction extends ApiAuthAction
$upload = MediaFile::fromUpload('media', $this->scoped); $upload = MediaFile::fromUpload('media', $this->scoped);
} catch (NoUploadedMediaException $e) { } catch (NoUploadedMediaException $e) {
common_debug('No media file was uploaded to the _FILES array'); common_debug('No media file was uploaded to the _FILES array');
$fh = tmpfile(); $tempfile = new TemporaryFile('gs-mediaupload');
if ($this->arg('media')) { if ($this->arg('media')) {
common_debug('Found media parameter which we hope contains a media file!'); common_debug('Found media parameter which we hope contains a media file!');
fwrite($fh, $this->arg('media')); fwrite($tempfile->getResource(), $this->arg('media'));
} elseif ($this->arg('media_data')) { } elseif ($this->arg('media_data')) {
common_debug('Found media_data parameter which we hope contains a base64-encoded media file!'); common_debug('Found media_data parameter which we hope contains a base64-encoded media file!');
fwrite($fh, base64_decode($this->arg('media_data'))); fwrite($tempfile->getResource(), base64_decode($this->arg('media_data')));
} else { } else {
common_debug('No media|media_data POST parameter was supplied'); common_debug('No media|media_data POST parameter was supplied');
fclose($fh); unset($tempfile);
throw $e; throw $e;
} }
common_debug('MediaFile importing the uploaded file with fromFilehandle'); common_debug('MediaFile importing the uploaded file with fromFileInfo');
$upload = MediaFile::fromFilehandle($fh, $this->scoped); fflush($tempfile->getResource());
$upload = MediaFile::fromFileInfo($tempfile, $this->scoped);
} }
common_debug('MediaFile completed and saved us fileRecord with id=='._ve($upload->fileRecord->id)); common_debug('MediaFile completed and saved us fileRecord with id=='._ve($upload->fileRecord->id));
@ -168,9 +165,9 @@ class ApiMediaUploadAction extends ApiAuthAction
/** /**
* Overrided clientError to show a more Twitpic-like error * Overrided clientError to show a more Twitpic-like error
* *
* @param String $msg an error message * @param string $msg an error message
*/ */
function clientError($msg, $code=400, $format=null) public function clientError($msg, $code = 400, $format = null)
{ {
$this->initDocument($this->format); $this->initDocument($this->format);
switch ($this->format) { switch ($this->format) {

View File

@ -30,6 +30,8 @@
*/ */
defined('GNUSOCIAL') || die(); defined('GNUSOCIAL') || die();
require_once INSTALLDIR . '/lib/util/tempfile.php';
/** /**
* Class responsible for abstracting media files * Class responsible for abstracting media files
*/ */
@ -462,74 +464,77 @@ class MediaFile
throw new ServerException(sprintf('Invalid remote media URL %s.', $url)); throw new ServerException(sprintf('Invalid remote media URL %s.', $url));
} }
$temp_filename = tempnam(sys_get_temp_dir(), 'tmp' . common_timestamp()); $tempfile = new TemporaryFile('gs-mediafile');
fwrite($tempfile->getResource(), HTTPClient::quickGet($url));
fflush($tempfile->getResource());
try { $filehash = strtolower(self::getHashOfFile($tempfile->getRealPath()));
$fileData = HTTPClient::quickGet($url);
file_put_contents($temp_filename, $fileData);
unset($fileData); // No need to carry this in memory.
$filehash = strtolower(self::getHashOfFile($temp_filename));
try { try {
$file = File::getByHash($filehash); $file = File::getByHash($filehash);
// If no exception is thrown the file exists locally, so we'll use that and just add redirections. /*
// but if the _actual_ locally stored file doesn't exist, getPath will throw FileNotFoundException * If no exception is thrown the file exists locally, so we'll use
* that and just add redirections.
* But if the _actual_ locally stored file doesn't exist, getPath
* will throw FileNotFoundException.
*/
$filepath = $file->getPath(); $filepath = $file->getPath();
$mimetype = $file->mimetype; $mimetype = $file->mimetype;
} catch (FileNotFoundException | NoResultException $e) { } catch (FileNotFoundException | NoResultException $e) {
// We have to save the downloaded as a new local file. This is the normal course of action. // We have to save the downloaded as a new local file.
// This is the normal course of action.
if ($scoped instanceof Profile) { if ($scoped instanceof Profile) {
// Throws exception if additional size does not respect quota // Throws exception if additional size does not respect quota
// This test is only needed, of course, if we're uploading something new. // This test is only needed, of course, if something new is uploaded.
File::respectsQuota($scoped, filesize($temp_filename)); File::respectsQuota($scoped, filesize($tempfile->getRealPath()));
} }
$mimetype = self::getUploadedMimeType($temp_filename, $name ?? false); $mimetype = self::getUploadedMimeType(
$tempfile->getRealPath(),
$name ?? false
);
$media = common_get_mime_media($mimetype); $media = common_get_mime_media($mimetype);
$basename = basename($name ?? $temp_filename); $basename = basename($name ?? ('media' . common_timestamp()));
if ($media == 'image') { if ($media === 'image') {
// Use -1 for the id to avoid adding this temporary file to the DB // Use -1 for the id to avoid adding this temporary file to the DB.
$img = new ImageFile(-1, $temp_filename); $img = new ImageFile(-1, $tempfile->getRealPath());
// Validate the image by re-encoding it. Additionally normalizes old formats to PNG, // Validate the image by re-encoding it.
// keeping JPEG and GIF untouched // Additionally normalises old formats to PNG,
// keeping JPEG and GIF untouched.
$outpath = $img->resizeTo($img->filepath); $outpath = $img->resizeTo($img->filepath);
$ext = image_type_to_extension($img->preferredType(), false); $ext = image_type_to_extension($img->preferredType(), false);
} }
$filename = self::encodeFilename($basename, $filehash, isset($ext) ? $ext : File::getSafeExtension($basename)); $filename = self::encodeFilename(
$basename,
$filehash,
$ext ?? File::getSafeExtension($basename)
);
$filepath = File::path($filename); $filepath = File::path($filename);
if ($media == 'image') { if ($media === 'image') {
$result = rename($outpath, $filepath); $result = rename($outpath, $filepath);
} else { } else {
$result = rename($temp_filename, $filepath); $result = $tempfile->commit($filepath);
} }
if (!$result) { if (!$result) {
// TRANS: Client exception thrown when a file upload operation fails because the file could // TRANS: Server exception thrown when a file upload operation fails because the file could
// TRANS: not be moved from the temporary folder to the permanent file location. // TRANS: not be moved from the temporary directory to the permanent file location.
throw new ServerException(_m('File could not be moved to destination directory.')); throw new ServerException(_m('File could not be moved to destination directory.'));
} }
if ($media == 'image') { if ($media === 'image') {
return new ImageFile(null, $filepath); return new ImageFile(null, $filepath);
} }
} }
return new self($filepath, $mimetype, $filehash); return new self($filepath, $mimetype, $filehash);
} catch (Exception $e) {
unlink($temp_filename); // Garbage collect
throw $e;
}
} }
public static function fromFilehandle($fh, Profile $scoped = null) public static function fromFileInfo(SplFileInfo $finfo, Profile $scoped = null)
{ {
$stream = stream_get_meta_data($fh); $filehash = hash_file(File::FILEHASH_ALG, $finfo->getRealPath());
// So far we're only handling filehandles originating from tmpfile(),
// so we can always do hash_file on $stream['uri'] as far as I can tell!
$filehash = hash_file(File::FILEHASH_ALG, $stream['uri']);
try { try {
$file = File::getByHash($filehash); $file = File::getByHash($filehash);
@ -541,13 +546,12 @@ class MediaFile
} catch (FileNotFoundException $e) { } catch (FileNotFoundException $e) {
// This happens if the file we have uploaded has disappeared // This happens if the file we have uploaded has disappeared
// from the local filesystem for some reason. Since we got the // from the local filesystem for some reason. Since we got the
// File object from a sha256 check in fromFilehandle, it's safe // File object from a sha256 check in fromFileInfo, it's safe
// to just copy the uploaded data to disk! // to just copy the uploaded data to disk!
fseek($fh, 0); // just to be sure, go to the beginning
// dump the contents of our filehandle to the path from our exception // dump the contents of our filehandle to the path from our exception
// and report error if it failed. // and report error if it failed.
if (false === file_put_contents($e->path, fread($fh, filesize($stream['uri'])))) { if (file_put_contents($e->path, file_get_contents($finfo->getRealPath())) === false) {
// TRANS: Client exception thrown when a file upload operation fails because the file could // TRANS: Client exception thrown when a file upload operation fails because the file could
// TRANS: not be moved from the temporary folder to the permanent file location. // TRANS: not be moved from the temporary folder to the permanent file location.
throw new ClientException(_m('File could not be moved to destination directory.')); throw new ClientException(_m('File could not be moved to destination directory.'));
@ -560,15 +564,15 @@ class MediaFile
$mimetype = $file->mimetype; $mimetype = $file->mimetype;
} catch (NoResultException $e) { } catch (NoResultException $e) {
if ($scoped instanceof Profile) { if ($scoped instanceof Profile) {
File::respectsQuota($scoped, filesize($stream['uri'])); File::respectsQuota($scoped, filesize($finfo->getRealPath()));
} }
$mimetype = self::getUploadedMimeType($stream['uri']); $mimetype = self::getUploadedMimeType($finfo->getRealPath());
$filename = strtolower($filehash) . '.' . File::guessMimeExtension($mimetype); $filename = strtolower($filehash) . '.' . File::guessMimeExtension($mimetype);
$filepath = File::path($filename); $filepath = File::path($filename);
$result = copy($stream['uri'], $filepath) && chmod($filepath, 0664); $result = copy($finfo->getRealPath(), $filepath) && chmod($filepath, 0664);
if (!$result) { if (!$result) {
common_log(LOG_ERR, 'File could not be moved (or chmodded) from ' . _ve($stream['uri']) . ' to ' . _ve($filepath)); common_log(LOG_ERR, 'File could not be moved (or chmodded) from ' . _ve($stream['uri']) . ' to ' . _ve($filepath));

View File

@ -1,35 +1,40 @@
<?php <?php
// This file is part of GNU social - https://www.gnu.org/software/social
//
// GNU social is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// GNU social is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with GNU social. If not, see <http://www.gnu.org/licenses/>.
/* /*
* StatusNet - the distributed open-source microblogging tool * @copyright 2008, 2009 StatusNet, Inc.
* Copyright (C) 2008, 2009, StatusNet, Inc. * @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/ */
defined('GNUSOCIAL') || die();
require_once INSTALLDIR . '/lib/util/tempfile.php';
require_once INSTALLDIR . '/lib/util/mail.php'; require_once INSTALLDIR . '/lib/util/mail.php';
require_once('Mail/mimeDecode.php'); require_once 'Mail/mimeDecode.php';
// @todo FIXME: we use both Mail_mimeDecode and mailparse // @todo FIXME: we use both Mail_mimeDecode and mailparse
// Need to move everything to mailparse // Need to move everything to mailparse
class MailHandler class MailHandler
{ {
function __construct() public function __construct()
{ {
} }
function handle_message($rawmessage) public function handle_message($rawmessage)
{ {
list($from, $to, $msg, $attachments) = $this->parse_message($rawmessage); list($from, $to, $msg, $attachments) = $this->parse_message($rawmessage);
if (!$from || !$to || !$msg) { if (!$from || !$to || !$msg) {
@ -61,20 +66,22 @@ class MailHandler
$msg = $user->shortenLinks($msg); $msg = $user->shortenLinks($msg);
if (Notice::contentTooLong($msg)) { if (Notice::contentTooLong($msg)) {
// TRANS: Error message in incoming mail handler used when an incoming e-mail contains too many characters. // TRANS: Error message in incoming mail handler used when an incoming e-mail contains too many characters.
$this->error($from, sprintf(_m('That\'s too long. Maximum notice size is %d character.', $this->error($from, sprintf(
_m('That\'s too long. Maximum notice size is %d character.',
'That\'s too long. Maximum notice size is %d characters.', 'That\'s too long. Maximum notice size is %d characters.',
Notice::maxContent()), Notice::maxContent()),
Notice::maxContent())); Notice::maxContent()
));
} }
$mediafiles = array(); $mediafiles = array();
foreach($attachments as $attachment){ foreach ($attachments as $attachment) {
$mf = null; $mf = null;
try { try {
$mf = MediaFile::fromFilehandle($attachment, $user->getProfile()); $mf = MediaFile::fromFileInfo($attachment, $user->getProfile());
} catch(ClientException $ce) { } catch (ClientException $ce) {
$this->error($from, $ce->getMessage()); $this->error($from, $ce->getMessage());
} }
@ -94,13 +101,13 @@ class MailHandler
} }
} }
function error($from, $msg) public function error($from, $msg)
{ {
file_put_contents("php://stderr", $msg . "\n"); file_put_contents("php://stderr", $msg . "\n");
exit(1); exit(1);
} }
function user_from_header($from_hdr) public function user_from_header($from_hdr)
{ {
$froms = mailparse_rfc822_parse_addresses($from_hdr); $froms = mailparse_rfc822_parse_addresses($from_hdr);
if (!$froms) { if (!$froms) {
@ -115,7 +122,7 @@ class MailHandler
return $user; return $user;
} }
function user_match_to($user, $to_hdr) public function user_match_to($user, $to_hdr)
{ {
$incoming = $user->incomingemail; $incoming = $user->incomingemail;
$tos = mailparse_rfc822_parse_addresses($to_hdr); $tos = mailparse_rfc822_parse_addresses($to_hdr);
@ -127,7 +134,7 @@ class MailHandler
return false; return false;
} }
function handle_command($user, $from, $msg) public function handle_command($user, $from, $msg)
{ {
$inter = new CommandInterpreter(); $inter = new CommandInterpreter();
$cmd = $inter->handle_command($user, $msg); $cmd = $inter->handle_command($user, $msg);
@ -138,7 +145,7 @@ class MailHandler
return false; return false;
} }
function respond($from, $to, $response) public function respond($from, $to, $response)
{ {
$headers['From'] = $to; $headers['From'] = $to;
$headers['To'] = $from; $headers['To'] = $from;
@ -148,12 +155,12 @@ class MailHandler
return mail_send(array($from), $headers, $response); return mail_send(array($from), $headers, $response);
} }
function log($level, $msg) public function log($level, $msg)
{ {
common_log($level, 'MailDaemon: '.$msg); common_log($level, 'MailDaemon: '.$msg);
} }
function add_notice($user, $msg, $mediafiles) public function add_notice($user, $msg, $mediafiles)
{ {
try { try {
$notice = Notice::saveNew($user->id, $msg, 'mail'); $notice = Notice::saveNew($user->id, $msg, 'mail');
@ -161,21 +168,25 @@ class MailHandler
$this->log(LOG_ERR, $e->getMessage()); $this->log(LOG_ERR, $e->getMessage());
return $e->getMessage(); return $e->getMessage();
} }
foreach($mediafiles as $mf){ foreach ($mediafiles as $mf) {
$mf->attachToNotice($notice); $mf->attachToNotice($notice);
} }
$this->log(LOG_INFO, $this->log(
'Added notice ' . $notice->id . ' from user ' . $user->nickname); LOG_INFO,
"Added notice {$notice->id} from user {$user->nickname}"
);
return true; return true;
} }
function parse_message($contents) public function parse_message($contents)
{ {
$parsed = Mail_mimeDecode::decode(array('input' => $contents, $parsed = Mail_mimeDecode::decode([
'input' => $contents,
'include_bodies' => true, 'include_bodies' => true,
'decode_headers' => true, 'decode_headers' => true,
'decode_bodies' => true)); 'decode_bodies' => true,
]);
if (!$parsed) { if (!$parsed) {
return null; return null;
} }
@ -188,53 +199,60 @@ class MailHandler
$attachments = array(); $attachments = array();
$this->extract_part($parsed,$msg,$attachments); $this->extract_part($parsed, $msg, $attachments);
return array($from, $to, $msg, $attachments); return array($from, $to, $msg, $attachments);
} }
function extract_part($parsed,&$msg,&$attachments){ public function extract_part($parsed, &$msg, &$attachments)
if ($parsed->ctype_primary == 'multipart') { {
if($parsed->ctype_secondary == 'alternative'){ if ($parsed->ctype_primary === 'multipart') {
if ($parsed->ctype_secondary === 'alternative') {
$altmsg = $this->extract_msg_from_multipart_alternative_part($parsed); $altmsg = $this->extract_msg_from_multipart_alternative_part($parsed);
if(!empty($altmsg)) $msg = $altmsg; if (!empty($altmsg)) {
}else{ $msg = $altmsg;
foreach($parsed->parts as $part){ }
$this->extract_part($part,$msg,$attachments); } else {
foreach ($parsed->parts as $part) {
$this->extract_part($part, $msg, $attachments);
} }
} }
} else if ($parsed->ctype_primary == 'text' } elseif (
&& $parsed->ctype_secondary=='plain') { $parsed->ctype_primary === 'text'
&& $parsed->ctype_secondary === 'plain'
) {
$msg = $parsed->body; $msg = $parsed->body;
if(strtolower($parsed->ctype_parameters['charset']) != "utf-8"){ if (strtolower($parsed->ctype_parameters['charset']) !== 'utf-8') {
$msg = utf8_encode($msg); $msg = utf8_encode($msg);
} }
}else if(!empty($parsed->body)){ } elseif (!empty($parsed->body)) {
if(common_config('attachments', 'uploads')){ if (common_config('attachments', 'uploads')) {
//only save attachments if uploads are enabled // Only save attachments if uploads are enabled
$attachment = tmpfile(); $attachment = new TemporaryFile('gs-mailattach');
fwrite($attachment, $parsed->body); fwrite($attachment->getResource(), $parsed->body);
fflush($attachment->getResource());
$attachments[] = $attachment; $attachments[] = $attachment;
} }
} }
} }
function extract_msg_from_multipart_alternative_part($parsed){ public function extract_msg_from_multipart_alternative_part($parsed)
{
foreach ($parsed->parts as $part) { foreach ($parsed->parts as $part) {
$this->extract_part($part,$msg,$attachments); $this->extract_part($part, $msg, $attachments);
} }
//we don't want any attachments that are a result of this parsing //we don't want any attachments that are a result of this parsing
return $msg; return $msg;
} }
function unsupported_type($type) public function unsupported_type($type)
{ {
// TRANS: Error message in incoming mail handler used when an incoming e-mail is of an unsupported type. // TRANS: Error message in incoming mail handler used when an incoming e-mail is of an unsupported type.
// TRANS: %s is the unsupported type. // TRANS: %s is the unsupported type.
$this->error(null, sprintf(_('Unsupported message type: %s.'), $type)); $this->error(null, sprintf(_('Unsupported message type: %s.'), $type));
} }
function cleanup_msg($msg) public function cleanup_msg($msg)
{ {
$lines = explode("\n", $msg); $lines = explode("\n", $msg);
@ -258,9 +276,10 @@ class MailHandler
} }
// skip everything after a sig // skip everything after a sig
if (preg_match('/^\s*--+\s*$/', $line) || if (
preg_match('/^\s*__+\s*$/', $line)) preg_match('/^\s*--+\s*$/', $line)
{ || preg_match('/^\s*__+\s*$/', $line)
) {
break; break;
} }
// skip everything after Outlook quote // skip everything after Outlook quote

155
lib/util/tempfile.php Normal file
View File

@ -0,0 +1,155 @@
<?php
// This file is part of GNU social - https://www.gnu.org/software/social
//
// GNU social is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// GNU social is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with GNU social. If not, see <http://www.gnu.org/licenses/>.
/**
* @package GNUsocial
* @author Alexei Sorokin <sor.alexei@meowr.ru>
* @copyright 2020 Free Software Foundation, Inc http://www.fsf.org
* @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
*/
defined('GNUSOCIAL') || die();
/**
* Exception wrapper for TemporaryFile errors
*
* @package GNUsocial
* @author Alexei Sorokin <sor.alexei@meowr.ru>
* @copyright 2020 Free Software Foundation, Inc http://www.fsf.org
* @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
*/
class TemporaryFileException extends Exception
{
}
/**
* Class oriented at providing automatic temporary file handling.
*
* @package GNUsocial
* @author Alexei Sorokin <sor.alexei@meowr.ru>
* @copyright 2020 Free Software Foundation, Inc http://www.fsf.org
* @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
*/
class TemporaryFile extends SplFileInfo
{
protected $resource = null;
/**
* @param string|null $prefix The file name will begin with that prefix
* ("php" by default)
* @param string|null $mode File open mode ("w+b" by default)
*/
public function __construct(
?string $prefix = null,
?string $mode = null
) {
$filename = tempnam(sys_get_temp_dir(), $prefix ?? 'gs-php');
if ($filename === false) {
throw new TemporaryFileException('Could not create file: ' . $filename);
}
parent::__construct($filename);
if (($this->resource = fopen($filename, $mode ?? 'w+b')) === false) {
$this->cleanup();
throw new TemporaryFileException('Could not open file: ' . $filename);
}
}
public function __destruct()
{
$this->close();
$this->cleanup();
}
/**
* Closes the file descriptor if opened.
*
* @return bool Whether successful
*/
protected function close(): bool
{
$ret = true;
if (!is_null($this->resource)) {
$ret = fclose($this->resource);
}
if ($ret) {
$this->resource = null;
}
return $ret;
}
/**
* Closes the file descriptor and removes the temporary file.
*
* @return void
*/
protected function cleanup(): void
{
$path = $this->getRealPath();
$this->close();
if (file_exists($path)) {
unlink($path);
}
}
/**
* Get the file resource.
*
* @return resource
*/
public function getResource()
{
return $this->resource;
}
/**
* Release the hold on the temporary file and move it to the desired
* location, setting file permissions in the process.
*
* @param string File destination
* @param int New file permissions (in octal mode)
* @return void
* @throws TemporaryFileException
*/
public function commit(string $destpath, int $umode = 0644): void
{
$temppath = $this->getRealPath();
// Might be attempted, and won't end well
if ($destpath === $temppath) {
throw new TemporaryFileException('Cannot use self as destination');
}
// Memorise if the file was there and see if there is access
$exists = file_exists($destpath);
if (!touch($destpath)) {
throw new TemporaryFileException(
'Insufficient permissions for destination: "' . $destpath . '"'
);
} elseif (!$exists) {
// If the file wasn't there, clean it up in case of a later failure
unlink($destpath);
}
if (!$this->close()) {
throw new TemporaryFileException('Could not close the resource');
}
rename($temppath, $destpath);
chmod($destpath, $umode);
}
}

View File

@ -30,8 +30,11 @@ class FFmpegPlugin extends Plugin
{ {
const PLUGIN_VERSION = '0.1.0'; const PLUGIN_VERSION = '0.1.0';
public function onStartResizeImageFile(ImageFile $imagefile, string $outpath, array $box): bool public function onStartResizeImageFile(
{ ImageFile $imagefile,
string $outpath,
array $box
): bool {
switch ($imagefile->mimetype) { switch ($imagefile->mimetype) {
case 'image/gif': case 'image/gif':
// resize only if an animated GIF // resize only if an animated GIF
@ -60,7 +63,7 @@ class FFmpegPlugin extends Plugin
// FFmpeg can't edit existing files in place, // FFmpeg can't edit existing files in place,
// generate temporary output file to avoid that // generate temporary output file to avoid that
$tmp_outpath = tempnam(sys_get_temp_dir(), 'outpath-'); $tempfile = new TemporaryFile('gs-outpath');
// Generate palette file. FFmpeg explictly needs to be told the // Generate palette file. FFmpeg explictly needs to be told the
// extension for PNG files outputs // extension for PNG files outputs
@ -89,7 +92,7 @@ class FFmpegPlugin extends Plugin
$commands_2[] = '-f'; $commands_2[] = '-f';
$commands_2[] = 'gif'; $commands_2[] = 'gif';
$commands_2[] = '-y'; $commands_2[] = '-y';
$commands_2[] = $tmp_outpath; $commands_2[] = $tempfile->getRealPath();
$success = true; $success = true;
@ -112,10 +115,9 @@ class FFmpegPlugin extends Plugin
} }
if ($success) { if ($success) {
$success = @rename($tmp_outpath, $outpath); $success = $tempfile->commit($outpath);
} }
@unlink($tmp_outpath);
@unlink($palette); @unlink($palette);
return $success; return $success;

View File

@ -1,85 +1,121 @@
<?php <?php
// This file is part of GNU social - https://www.gnu.org/software/social
//
// GNU social is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// GNU social is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with GNU social. If not, see <http://www.gnu.org/licenses/>.
function linkback_lenient_target_match($body, $target) { defined('GNUSOCIAL') || die();
return strpos(''.$body, str_replace(array('http://www.', 'http://', 'https://www.', 'https://'), '', preg_replace('/\/+$/', '', preg_replace( '/#.*/', '', $target))));
function linkback_lenient_target_match($body, $target)
{
return strpos('' . $body, str_replace(
['http://www.', 'http://', 'https://www.', 'https://'],
'',
preg_replace('/\/+$/', '', preg_replace('/#.*/', '', $target))
));
} }
function linkback_get_source($source, $target) { function linkback_get_source($source, $target)
{
// Check if we are pinging ourselves and ignore // Check if we are pinging ourselves and ignore
$localprefix = common_config('site', 'server') . '/' . common_config('site', 'path'); $localprefix = common_config('site', 'server') . '/' . common_config('site', 'path');
if(linkback_lenient_target_match($source, $localprefix) === 0) { if (linkback_lenient_target_match($source, $localprefix) === 0) {
common_debug('Ignoring self ping from ' . $source . ' to ' . $target); common_debug('Ignoring self ping from ' . $source . ' to ' . $target);
return NULL; return null;
} }
$request = HTTPClient::start(); $request = HTTPClient::start();
try { try {
$response = $request->get($source); $response = $request->get($source);
} catch(Exception $ex) { } catch (Exception $ex) {
return NULL; return null;
} }
$body = htmlspecialchars_decode($response->getBody()); $body = htmlspecialchars_decode($response->getBody());
// We're slightly more lenient in our link detection than the spec requires // We're slightly more lenient in our link detection than the spec requires
if(linkback_lenient_target_match($body, $target) === FALSE) { if (linkback_lenient_target_match($body, $target) === false) {
return NULL; return null;
} }
return $response; return $response;
} }
function linkback_get_target($target) { function linkback_get_target($target)
{
// Resolve target (https://github.com/converspace/webmention/issues/43) // Resolve target (https://github.com/converspace/webmention/issues/43)
$request = HTTPClient::start(); $request = HTTPClient::start();
try { try {
$response = $request->head($target); $response = $request->head($target);
} catch(Exception $ex) { } catch (Exception $ex) {
return NULL; return null;
} }
try { try {
$notice = Notice::fromUri($response->getEffectiveUrl()); $notice = Notice::fromUri($response->getEffectiveUrl());
} catch(UnknownUriException $ex) { } catch (UnknownUriException $ex) {
preg_match('/\/notice\/(\d+)(?:#.*)?$/', $response->getEffectiveUrl(), $match); preg_match('/\/notice\/(\d+)(?:#.*)?$/', $response->getEffectiveUrl(), $match);
$notice = Notice::getKV('id', $match[1]); $notice = Notice::getKV('id', $match[1]);
} }
if($notice instanceof Notice && $notice->isLocal()) { if ($notice instanceof Notice && $notice->isLocal()) {
return $notice; return $notice;
} else { } else {
$user = User::getKV('uri', $response->getEffectiveUrl()); $user = User::getKV('uri', $response->getEffectiveUrl());
if(!$user) { if (!$user) {
preg_match('/\/user\/(\d+)(?:#.*)?$/', $response->getEffectiveUrl(), $match); preg_match('/\/user\/(\d+)(?:#.*)?$/', $response->getEffectiveUrl(), $match);
$user = User::getKV('id', $match[1]); $user = User::getKV('id', $match[1]);
} }
if(!$user) { if (!$user) {
preg_match('/\/([^\/\?#]+)(?:#.*)?$/', $response->getEffectiveUrl(), $match); preg_match('/\/([^\/\?#]+)(?:#.*)?$/', $response->getEffectiveUrl(), $match);
if(linkback_lenient_target_match(common_profile_url($match[1]), $response->getEffectiveUrl()) !== FALSE) { if (linkback_lenient_target_match(
common_profile_url($match[1]),
$response->getEffectiveUrl()
) !== false) {
$user = User::getKV('nickname', $match[1]); $user = User::getKV('nickname', $match[1]);
} }
} }
if($user instanceof User) { if ($user instanceof User) {
return $user; return $user;
} }
} }
return NULL; return null;
} }
function linkback_is_contained_in($entry, $target) { function linkback_is_contained_in($entry, $target)
{
foreach ((array)$entry['properties'] as $key => $values) { foreach ((array)$entry['properties'] as $key => $values) {
if(count(array_filter($values, function($x) use ($target) { return linkback_lenient_target_match($x, $target) !== FALSE; })) > 0) { if (count(array_filter($values, function ($x) use ($target) {
return linkback_lenient_target_match($x, $target) !== false;
})) > 0) {
return $entry['properties']; return $entry['properties'];
} }
// check included h-* formats and their links // check included h-* formats and their links
foreach ($values as $obj) { foreach ($values as $obj) {
if(isset($obj['type']) && array_intersect(array('h-cite', 'h-entry'), $obj['type']) && if (
isset($obj['properties']) && isset($obj['properties']['url']) && array_key_exists('type', $obj)
count(array_filter($obj['properties']['url'], && array_intersect(['h-cite', 'h-entry'], $obj['type'])
function($x) use ($target) { return linkback_lenient_target_match($x, $target) !== FALSE; })) > 0 && array_key_exists('properties', $obj)
&& array_key_exists('url', $obj['properties'])
&& count(array_filter(
$obj['properties']['url'],
function ($x) use ($target) {
return linkback_lenient_target_match($x, $target) !== false;
}
)) > 0
) { ) {
return $entry['properties']; return $entry['properties'];
} }
@ -94,8 +130,8 @@ function linkback_is_contained_in($entry, $target) {
} }
} }
foreach((array)$entry['children'] as $mf2) { foreach ((array) $entry['children'] as $mf2) {
if(linkback_is_contained_in($mf2, $target)) { if (linkback_is_contained_in($mf2, $target)) {
return $entry['properties']; return $entry['properties'];
} }
} }
@ -104,33 +140,43 @@ function linkback_is_contained_in($entry, $target) {
} }
// Based on https://github.com/acegiak/Semantic-Linkbacks/blob/master/semantic-linkbacks-microformats-handler.php, GPL-2.0+ // Based on https://github.com/acegiak/Semantic-Linkbacks/blob/master/semantic-linkbacks-microformats-handler.php, GPL-2.0+
function linkback_find_entry($mf2, $target) { function linkback_find_entry($mf2, $target)
if(isset($mf2['items'][0]['type']) && in_array("h-feed", $mf2['items'][0]["type"]) && isset($mf2['items'][0]['children'])) { {
if (
array_key_exists('type', $mf2['items'][0])
&& in_array('h-feed', $mf2['items'][0]['type'])
&& array_key_exists('children', $mf2['items'][0])
) {
$mf2['items'] = $mf2['items'][0]['children']; $mf2['items'] = $mf2['items'][0]['children'];
} }
$entries = array_filter($mf2['items'], function($x) { return isset($x['type']) && in_array('h-entry', $x['type']); }); $entries = array_filter($mf2['items'], function ($x) {
return array_key_exists('type', $x) && in_array('h-entry', $x['type']);
});
foreach ($entries as $entry) { foreach ($entries as $entry) {
if($prop = linkback_is_contained_in($entry, $target)) { if (($prop = linkback_is_contained_in($entry, $target))) {
return $prop; return $prop;
} }
} }
// Default to first one // Default to first one
if(count($entries) > 0) { if (count($entries) > 0) {
return $entries[0]['properties']; return $entries[0]['properties'];
} }
return NULL; return null;
} }
function linkback_entry_type($entry, $mf2, $target) { function linkback_entry_type($entry, $mf2, $target)
if(!$entry) { return 'mention'; } {
if (!$entry) {
return 'mention';
}
if($mf2['rels'] && $mf2['rels']['in-reply-to']) { if ($mf2['rels'] && $mf2['rels']['in-reply-to']) {
foreach($mf2['rels']['in-reply-to'] as $url) { foreach ($mf2['rels']['in-reply-to'] as $url) {
if(linkback_lenient_target_match($url, $target) !== FALSE) { if (linkback_lenient_target_match($url, $target) !== false) {
return 'reply'; return 'reply';
} }
} }
@ -143,18 +189,31 @@ function linkback_entry_type($entry, $mf2, $target) {
'tag-of' => 'tag' 'tag-of' => 'tag'
); );
foreach((array)$entry as $key => $values) { foreach ((array) $entry as $key => $values) {
if(count(array_filter($values, function($x) use ($target) { return linkback_lenient_target_match($x, $target) != FALSE; })) > 0) { if (count(array_filter($values, function ($x) use ($target) {
if($classes[$key]) { return $classes[$key]; } return linkback_lenient_target_match($x, $target) !== false;
})) > 0) {
if ($classes[$key]) {
return $classes[$key];
}
} }
foreach ($values as $obj) { foreach ($values as $obj) {
if(isset($obj['type']) && array_intersect(array('h-cite', 'h-entry'), $obj['type']) && if (
isset($obj['properties']) && isset($obj['properties']['url']) && array_key_exists('type', $obj)
count(array_filter($obj['properties']['url'], && array_intersect(['h-cite', 'h-entry'], $obj['type'])
function($x) use ($target) { return linkback_lenient_target_match($x, $target) != FALSE; })) > 0 && array_key_exists('properties', $obj)
&& array_key_exists('url', $obj['properties'])
&& count(array_filter(
$obj['properties']['url'],
function ($x) use ($target) {
return linkback_lenient_target_match($x, $target) !== false;
}
)) > 0
) { ) {
if($classes[$key]) { return $classes[$key]; } if ($classes[$key]) {
return $classes[$key];
}
} }
} }
} }
@ -162,7 +221,8 @@ function linkback_entry_type($entry, $mf2, $target) {
return 'mention'; return 'mention';
} }
function linkback_is_dupe($key, $url) { function linkback_is_dupe($key, $url)
{
$dupe = Notice::getKV($key, $url); $dupe = Notice::getKV($key, $url);
if ($dupe instanceof Notice) { if ($dupe instanceof Notice) {
return $dupe; return $dupe;
@ -172,19 +232,23 @@ function linkback_is_dupe($key, $url) {
} }
function linkback_hcard($mf2, $url) { function linkback_hcard($mf2, $url)
if(empty($mf2['items'])) { {
if (empty($mf2['items'])) {
return null; return null;
} }
$hcards = array(); $hcards = array();
foreach($mf2['items'] as $item) { foreach ($mf2['items'] as $item) {
if(!in_array('h-card', $item['type'])) { if (!in_array('h-card', $item['type'])) {
continue; continue;
} }
// We found a match, return it immediately // We found a match, return it immediately
if(isset($item['properties']['url']) && in_array($url, $item['properties']['url'])) { if (
array_key_exists('url', $item['properties'])
&& in_array($url, $item['properties']['url'])
) {
return $item['properties']; return $item['properties'];
} }
@ -200,23 +264,26 @@ function linkback_hcard($mf2, $url) {
return null; return null;
} }
function linkback_notice($source, $notice_or_user, $entry, $author, $mf2) { function linkback_notice($source, $notice_or_user, $entry, $author, $mf2)
{
$content = isset($entry['content']) ? $entry['content'][0]['html'] : $content = isset($entry['content']) ? $entry['content'][0]['html'] :
(isset($entry['summary']) ? $entry['summary'][0] : $entry['name'][0]); (isset($entry['summary']) ? $entry['summary'][0] : $entry['name'][0]);
$rendered = common_purify($content); $rendered = common_purify($content);
if($notice_or_user instanceof Notice && $entry['type'] == 'mention') { if ($notice_or_user instanceof Notice && $entry['type'] === 'mention') {
$name = isset($entry['name']) ? $entry['name'][0] : substr(common_strip_html($content), 0, 20).'…'; $name = isset($entry['name']) ? $entry['name'][0] : substr(common_strip_html($content), 0, 20).'…';
$rendered = _m('linked to this from <a href="'.htmlspecialchars($source).'">'.htmlspecialchars($name).'</a>'); $rendered = _m('linked to this from <a href="'.htmlspecialchars($source).'">'.htmlspecialchars($name).'</a>');
} }
$content = common_strip_html($rendered); $content = common_strip_html($rendered);
$shortened = common_shorten_links($content); $shortened = common_shorten_links($content);
if(Notice::contentTooLong($shortened)) { if (Notice::contentTooLong($shortened)) {
$content = substr($content, $content = substr(
$content,
0, 0,
Notice::maxContent() - (mb_strlen($source) + 2)); (Notice::maxContent() - (mb_strlen($source) + 2))
);
$rendered = $content . '<a href="'.htmlspecialchars($source).'">…</a>'; $rendered = $content . '<a href="'.htmlspecialchars($source).'">…</a>';
$content .= ' ' . $source; $content .= ' ' . $source;
} }
@ -231,10 +298,10 @@ function linkback_notice($source, $notice_or_user, $entry, $author, $mf2) {
'tags' => array(), 'tags' => array(),
'urls' => array()); 'urls' => array());
if($notice_or_user instanceof User) { if ($notice_or_user instanceof User) {
$options['replies'][] = $notice_or_user->getUri(); $options['replies'][] = $notice_or_user->getUri();
} else { } else {
if($entry['type'] == 'repost') { if ($entry['type'] === 'repost') {
$options['repeat_of'] = $notice_or_user->id; $options['repeat_of'] = $notice_or_user->id;
} else { } else {
$options['reply_to'] = $notice_or_user->id; $options['reply_to'] = $notice_or_user->id;
@ -253,74 +320,75 @@ function linkback_notice($source, $notice_or_user, $entry, $author, $mf2) {
common_debug('Linkback got invalid HTTP URL for photo: '._ve($entry['photo'])); common_debug('Linkback got invalid HTTP URL for photo: '._ve($entry['photo']));
} }
foreach((array)$entry['category'] as $tag) { foreach ((array) $entry['category'] as $tag) {
$tag = common_canonical_tag($tag); $tag = common_canonical_tag($tag);
if($tag) { $options['tags'][] = $tag; } if ($tag) {
$options['tags'][] = $tag;
}
} }
if($mf2['rels'] && $mf2['rels']['enclosure']) { if ($mf2['rels'] && $mf2['rels']['enclosure']) {
foreach($mf2['rels']['enclosure'] as $url) { foreach ($mf2['rels']['enclosure'] as $url) {
$options['urls'][] = $url; $options['urls'][] = $url;
} }
} }
if($mf2['rels'] && $mf2['rels']['tag']) { if ($mf2['rels'] && $mf2['rels']['tag']) {
foreach($mf2['rels']['tag'] as $url) { foreach ($mf2['rels']['tag'] as $url) {
preg_match('/\/([^\/]+)\/*$/', $url, $match); preg_match('/\/([^\/]+)\/*$/', $url, $match);
$tag = common_canonical_tag($match[1]); $tag = common_canonical_tag($match[1]);
if($tag) { $options['tags'][] = $tag; } if ($tag) {
$options['tags'][] = $tag;
}
} }
} }
if($entry['type'] != 'reply' && $entry['type'] != 'repost') { if ($entry['type'] !== 'reply' && $entry['type'] !== 'repost') {
$options['urls'] = array(); $options['urls'] = [];
} }
return array($content, $options); return [$content, $options];
} }
function linkback_avatar($profile, $url) { function linkback_avatar($profile, $url)
{
// Ripped from OStatus plugin for now // Ripped from OStatus plugin for now
$temp_filename = tempnam(sys_get_temp_dir(), 'linback_avatar'); $tempfile = new TemporaryFile('gs-avatarlinback');
try { $img_data = HTTPClient::quickGet($url);
$imgData = HTTPClient::quickGet($url);
// Make sure it's at least an image file. ImageFile can do the rest. // Make sure it's at least an image file. ImageFile can do the rest.
if (false === getimagesizefromstring($imgData)) { if (getimagesizefromstring($img_data) === false) {
return false; return false;
} }
file_put_contents($temp_filename, $imgData); fwrite($tempfile->getResource(), $img_data);
unset($imgData); // No need to carry this in memory. fflush($tempfile->getResource());
// No need to carry this in memory.
unset($img_data);
$imagefile = new ImageFile(null, $temp_filename); $imagefile = new ImageFile(-1, $tempfile->getRealPath());
$filename = Avatar::filename($profile->id, $filename = Avatar::filename(
$profile->id,
image_type_to_extension($imagefile->type), image_type_to_extension($imagefile->type),
null, null,
common_timestamp()); common_timestamp()
rename($temp_filename, Avatar::path($filename)); );
} catch (Exception $e) { $tempfile->commit(Avatar::path($filename));
unlink($temp_filename);
throw $e;
}
// @todo FIXME: Hardcoded chmod is lame, but seems to be necessary to
// keep from accidentally saving images from command-line (queues)
// that can't be read from web server, which causes hard-to-notice
// problems later on:
//
// http://status.net/open-source/issues/2663
chmod(Avatar::path($filename), 0644);
$profile->setOriginal($filename); $profile->setOriginal($filename);
} }
function linkback_profile($entry, $mf2, $response, $target) { function linkback_profile($entry, $mf2, $response, $target)
if(isset($entry['author']) && isset($entry['author'][0]['properties'])) { {
if (
array_key_exists('author', $entry)
&& array_key_exists('properties', $entry['author'][0])
) {
$author = $entry['author'][0]['properties']; $author = $entry['author'][0]['properties'];
} else { } else {
$author = linkback_hcard($mf2, $response->getEffectiveUrl()); $author = linkback_hcard($mf2, $response->getEffectiveUrl());
} }
if(!$author) { if (!$author) {
$author = array('name' => $entry['name']); $author = array('name' => $entry['name']);
} }
@ -336,7 +404,7 @@ function linkback_profile($entry, $mf2, $response, $target) {
try { try {
$profile = Profile::fromUri($author['url'][0]); $profile = Profile::fromUri($author['url'][0]);
} catch(UnknownUriException $ex) { } catch (UnknownUriException $ex) {
$profile = Profile::getKV('profileurl', $author['url'][0]); $profile = Profile::getKV('profileurl', $author['url'][0]);
} }
@ -349,7 +417,7 @@ function linkback_profile($entry, $mf2, $response, $target) {
$profile->created = common_sql_now(); $profile->created = common_sql_now();
$profile->insert(); $profile->insert();
if($author['photo'] && $author['photo'][0]) { if ($author['photo'] && $author['photo'][0]) {
linkback_avatar($profile, $author['photo'][0]); linkback_avatar($profile, $author['photo'][0]);
} }
} }
@ -357,17 +425,24 @@ function linkback_profile($entry, $mf2, $response, $target) {
return array($profile, $author); return array($profile, $author);
} }
function linkback_save($source, $target, $response, $notice_or_user) { function linkback_save($source, $target, $response, $notice_or_user)
{
$dupe = linkback_is_dupe('uri', $response->getEffectiveUrl()); $dupe = linkback_is_dupe('uri', $response->getEffectiveUrl());
if(!$dupe) { $dupe = linkback_is_dupe('url', $response->getEffectiveUrl()); } if (!$dupe) {
if(!$dupe) { $dupe = linkback_is_dupe('uri', $source); } $dupe = linkback_is_dupe('url', $response->getEffectiveUrl());
if(!$dupe) { $dupe = linkback_is_dupe('url', $source); } }
if (!$dupe) {
$dupe = linkback_is_dupe('uri', $source);
}
if (!$dupe) {
$dupe = linkback_is_dupe('url', $source);
}
$mf2 = new Mf2\Parser($response->getBody(), $response->getEffectiveUrl()); $mf2 = new Mf2\Parser($response->getBody(), $response->getEffectiveUrl());
$mf2 = $mf2->parse(); $mf2 = $mf2->parse();
$entry = linkback_find_entry($mf2, $target); $entry = linkback_find_entry($mf2, $target);
if(!$entry) { if (!$entry) {
preg_match('/<title>([^<]+)', $response->getBody(), $match); preg_match('/<title>([^<]+)', $response->getBody(), $match);
$entry = array( $entry = array(
'content' => array('html' => $response->getBody()), 'content' => array('html' => $response->getBody()),
@ -375,25 +450,38 @@ function linkback_save($source, $target, $response, $notice_or_user) {
); );
} }
if(!$entry['url']) { if (!$entry['url']) {
$entry['url'] = array($response->getEffectiveUrl()); $entry['url'] = array($response->getEffectiveUrl());
} }
if(!$dupe) { $dupe = linkback_is_dupe('uri', $entry['url'][0]); } if (!$dupe) {
if(!$dupe) { $dupe = linkback_is_dupe('url', $entry['url'][0]); } $dupe = linkback_is_dupe('uri', $entry['url'][0]);
}
if (!$dupe) {
$dupe = linkback_is_dupe('url', $entry['url'][0]);
}
$entry['type'] = linkback_entry_type($entry, $mf2, $target); $entry['type'] = linkback_entry_type($entry, $mf2, $target);
list($profile, $author) = linkback_profile($entry, $mf2, $response, $target); list($profile, $author) = linkback_profile($entry, $mf2, $response, $target);
list($content, $options) = linkback_notice($source, $notice_or_user, $entry, $author, $mf2); list($content, $options) = linkback_notice($source, $notice_or_user, $entry, $author, $mf2);
if($dupe) { if ($dupe) {
$orig = clone($dupe); $orig = clone($dupe);
try { try {
// Ignore duplicate save error // Ignore duplicate save error
try { $dupe->saveKnownReplies($options['replies']); } catch (ServerException $ex) {} try {
try { $dupe->saveKnownTags($options['tags']); } catch (ServerException $ex) {} $dupe->saveKnownReplies($options['replies']);
try { $dupe->saveKnownUrls($options['urls']); } catch (ServerException $ex) {} } catch (ServerException $ex) {
}
try {
$dupe->saveKnownTags($options['tags']);
} catch (ServerException $ex) {
}
try {
$dupe->saveKnownUrls($options['urls']);
} catch (ServerException $ex) {
}
if (isset($options['reply_to'])) { if (isset($options['reply_to'])) {
$dupe->reply_to = $options['reply_to']; $dupe->reply_to = $options['reply_to'];
@ -403,13 +491,18 @@ function linkback_save($source, $target, $response, $notice_or_user) {
} }
if ($dupe->reply_to != $orig->reply_to || $dupe->repeat_of != $orig->repeat_of) { if ($dupe->reply_to != $orig->reply_to || $dupe->repeat_of != $orig->repeat_of) {
$parent = Notice::getKV('id', $dupe->repeat_of ?: $dupe->reply_to); $parent = Notice::getKV('id', $dupe->repeat_of ?: $dupe->reply_to);
if($parent instanceof Notice) { if ($parent instanceof Notice) {
// If we changed the reply_to or repeat_of we might live in a new conversation now // If we changed the reply_to or repeat_of we might live in a new conversation now
$dupe->conversation = $parent->conversation; $dupe->conversation = $parent->conversation;
} }
} }
if($dupe->update($orig)) { $saved = $dupe; } if ($dupe->update($orig)) {
if($dupe->conversation != $orig->conversation && Conversation::noticeCount($orig->conversation) < 1) { $saved = $dupe;
}
if (
$dupe->conversation !== $orig->conversation
&& Conversation::noticeCount($orig->conversation) < 1
) {
// Delete empty conversation // Delete empty conversation
$emptyConversation = Conversation::getKV('id', $orig->conversation); $emptyConversation = Conversation::getKV('id', $orig->conversation);
$emptyConversation->delete(); $emptyConversation->delete();
@ -419,7 +512,10 @@ function linkback_save($source, $target, $response, $notice_or_user) {
return false; return false;
} }
common_log(LOG_INFO, "Linkback updated remote message $source as notice id $saved->id"); common_log(LOG_INFO, "Linkback updated remote message $source as notice id $saved->id");
} else if($entry['type'] == 'like' || ($entry['type'] == 'reply' && $entry['rsvp'])) { } elseif (
$entry['type'] === 'like'
|| ($entry['type'] === 'reply' && $entry['rsvp'])
) {
$act = new Activity(); $act = new Activity();
$act->type = ActivityObject::ACTIVITY; $act->type = ActivityObject::ACTIVITY;
$act->time = $options['created'] ? strtotime($options['created']) : time(); $act->time = $options['created'] ? strtotime($options['created']) : time();
@ -430,19 +526,22 @@ function linkback_save($source, $target, $response, $notice_or_user) {
// TRANS: Message that is the "content" of a favorite (%1$s is the actor's nickname, %2$ is the favorited // TRANS: Message that is the "content" of a favorite (%1$s is the actor's nickname, %2$ is the favorited
// notice's nickname and %3$s is the content of the favorited notice.) // notice's nickname and %3$s is the content of the favorited notice.)
$act->content = sprintf(_('%1$s favorited something by %2$s: %3$s'), $act->content = sprintf(
$profile->getNickname(), $notice_or_user->getProfile()->getNickname(), _('%1$s favorited something by %2$s: %3$s'),
$notice_or_user->getRendered()); $profile->getNickname(),
if($entry['rsvp']) { $notice_or_user->getProfile()->getNickname(),
$notice_or_user->getRendered()
);
if ($entry['rsvp']) {
$act->content = $options['rendered']; $act->content = $options['rendered'];
} }
$act->verb = ActivityVerb::FAVORITE; $act->verb = ActivityVerb::FAVORITE;
if(strtolower($entry['rsvp'][0]) == 'yes') { if (strtolower($entry['rsvp'][0]) === 'yes') {
$act->verb = 'http://activitystrea.ms/schema/1.0/rsvp-yes'; $act->verb = 'http://activitystrea.ms/schema/1.0/rsvp-yes';
} else if(strtolower($entry['rsvp'][0]) == 'no') { } elseif (strtolower($entry['rsvp'][0]) === 'no') {
$act->verb = 'http://activitystrea.ms/schema/1.0/rsvp-no'; $act->verb = 'http://activitystrea.ms/schema/1.0/rsvp-no';
} else if(strtolower($entry['rsvp'][0]) == 'maybe') { } elseif (strtolower($entry['rsvp'][0]) === 'maybe') {
$act->verb = 'http://activitystrea.ms/schema/1.0/rsvp-maybe'; $act->verb = 'http://activitystrea.ms/schema/1.0/rsvp-maybe';
} }
@ -464,10 +563,12 @@ function linkback_save($source, $target, $response, $notice_or_user) {
} else { } else {
// Fallback is to make a notice manually // Fallback is to make a notice manually
try { try {
$saved = Notice::saveNew($profile->id, $saved = Notice::saveNew(
$profile->id,
$content, $content,
'linkback', 'linkback',
$options); $options
);
} catch (Exception $e) { } catch (Exception $e) {
common_log(LOG_ERR, "Linkback save of remote message $source failed: " . $e->getMessage()); common_log(LOG_ERR, "Linkback save of remote message $source failed: " . $e->getMessage());
return false; return false;

View File

@ -1,51 +1,38 @@
<?php <?php
// This file is part of GNU social - https://www.gnu.org/software/social
//
// GNU social is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// GNU social is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with GNU social. If not, see <http://www.gnu.org/licenses/>.
/** /**
* StatusNet - the distributed open-source microblogging tool
* Copyright (C) 2010, StatusNet, Inc.
*
* Plugin to pull WikiHow-style user avatars at OpenID setup time. * Plugin to pull WikiHow-style user avatars at OpenID setup time.
* These are not currently exposed via OpenID. * These are not currently exposed via OpenID.
* *
* PHP version 5
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* @category Plugins * @category Plugins
* @package StatusNet * @package GNUsocial
* @author Brion Vibber <brion@status.net> * @author Brion Vibber <brion@status.net>
* @copyright 2010 StatusNet, Inc. * @copyright 2010 StatusNet, Inc.
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0 * @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
* @link http://status.net/
*/ */
if (!defined('STATUSNET')) { defined('GNUSOCIAL') || die();
// This check helps protect against security problems;
// your code file can't be executed directly from the web.
exit(1);
}
/** /**
* Sample plugin main class
*
* Each plugin requires a main class to interact with the StatusNet system.
*
* @category Plugins * @category Plugins
* @package WikiHowProfilePlugin * @package WikiHowProfilePlugin
* @author Brion Vibber <brion@status.net> * @author Brion Vibber <brion@status.net>
* @copyright 2010 StatusNet, Inc. * @copyright 2010 StatusNet, Inc.
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0 * @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
* @link http://status.net/
*/ */
class WikiHowProfilePlugin extends Plugin class WikiHowProfilePlugin extends Plugin
{ {
@ -70,7 +57,7 @@ class WikiHowProfilePlugin extends Plugin
* @param string $canonical OpenID provider URL * @param string $canonical OpenID provider URL
* @param array $sreg query data from provider * @param array $sreg query data from provider
*/ */
function onEndOpenIDCreateNewUser($user, $canonical, $sreg) public function onEndOpenIDCreateNewUser($user, $canonical, $sreg)
{ {
$this->updateProfile($user, $canonical); $this->updateProfile($user, $canonical);
return true; return true;
@ -83,7 +70,7 @@ class WikiHowProfilePlugin extends Plugin
* @param string $canonical OpenID provider URL (wiki profile page) * @param string $canonical OpenID provider URL (wiki profile page)
* @param array $sreg query data from provider * @param array $sreg query data from provider
*/ */
function onEndOpenIDUpdateUser($user, $canonical, $sreg) public function onEndOpenIDUpdateUser($user, $canonical, $sreg)
{ {
$this->updateProfile($user, $canonical); $this->updateProfile($user, $canonical);
return true; return true;
@ -180,26 +167,25 @@ class WikiHowProfilePlugin extends Plugin
// @todo FIXME: This should be better encapsulated // @todo FIXME: This should be better encapsulated
// ripped from OStatus via oauthstore.php (for old OMB client) // ripped from OStatus via oauthstore.php (for old OMB client)
$temp_filename = tempnam(sys_get_temp_dir(), 'listener_avatar'); $tempfile = new TemporaryFile('gs-avatarlisten');
try { $img_data = HTTPClient::quickGet($url);
if (!copy($url, $temp_filename)) { // Make sure it's at least an image file. ImageFile can do the rest.
// TRANS: Exception thrown when fetching an avatar from a URL fails. if (getimagesizefromstring($img_data) === false) {
// TRANS: %s is a URL. return false;
throw new ServerException(sprintf(_m('Unable to fetch avatar from %s.'), $url));
} }
fwrite($tempfile->getResource(), $img_data);
fflush($tempfile->getResource());
$profile = $user->getProfile(); $profile = $user->getProfile();
$id = $profile->id; $id = $profile->id;
$imagefile = new ImageFile(null, $temp_filename); $imagefile = new ImageFile(-1, $tempfile->getRealPath());
$filename = Avatar::filename($id, $filename = Avatar::filename(
$id,
image_type_to_extension($imagefile->type), image_type_to_extension($imagefile->type),
null, null,
common_timestamp()); common_timestamp()
rename($temp_filename, Avatar::path($filename)); );
} catch (Exception $e) { $tempfile->commit(Avatar::path($filename));
unlink($temp_filename);
throw $e;
}
$profile->setOriginal($filename); $profile->setOriginal($filename);
} }
} }

View File

@ -74,7 +74,7 @@ if ($plugin) {
function getVersion() function getVersion()
{ {
// define('GNUSOCIAL_VERSION', '0.9.1'); // define('GNUSOCIAL_VERSION', '0.9.1');
$source = file_get_contents(INSTALLDIR . '/lib/common.php'); $source = file_get_contents(INSTALLDIR . '/lib/util/common.php');
if (preg_match('/^\s*define\s*\(\s*[\'"]GNUSOCIAL_VERSION[\'"]\s*,\s*[\'"](.*)[\'"]\s*\)\s*;/m', $source, $matches)) { if (preg_match('/^\s*define\s*\(\s*[\'"]GNUSOCIAL_VERSION[\'"]\s*,\s*[\'"](.*)[\'"]\s*\)\s*;/m', $source, $matches)) {
return $matches[1]; return $matches[1];
} }

View File

@ -32,6 +32,7 @@ if (!defined('STATUSNET')) { // Compatibility
use ClientException; use ClientException;
use Exception; use Exception;
use MediaFile; use MediaFile;
use TemporaryFile;
use PHPUnit\Framework\TestCase; use PHPUnit\Framework\TestCase;
use ServerException; use ServerException;
@ -83,11 +84,11 @@ final class MediaFileTest extends TestCase
if (!file_exists($filename)) { if (!file_exists($filename)) {
throw new Exception("WTF? {$filename} test file missing"); throw new Exception("WTF? {$filename} test file missing");
} }
$tmp = tmpfile(); $tempfile = new TemporaryFile('gs-mediafiletest');
fwrite($tmp, file_get_contents($filename)); fwrite($tempfile->getResource(), file_get_contents($filename));
fflush($tempfile->getResource());
$tmp_metadata = stream_get_meta_data($tmp); $type = MediaFile::getUploadedMimeType($tempfile->getRealPath(), basename($filename));
$type = MediaFile::getUploadedMimeType($tmp_metadata['uri'], basename($filename));
static::assertSame($expectedType, $type); static::assertSame($expectedType, $type);
} }
@ -124,4 +125,3 @@ final class MediaFileTest extends TestCase
return $dataset; return $dataset;
} }
} }