GNUsocial/gnu-social
4
0
Fork 1
Code Issues Releases Wiki Activity

Test in Ostatus_profile if avatar is an image before writing to filesystem

Browse Source 
This clears one FIXME...

We also fix HTTPClient::quickGet() (and a related call in OStatus testfeed.php).
This commit is contained in:
Mikael Nordfeldth
2015-01-27 13:49:26 +01:00
parent cdd3c52633
commit cc996f58db
3 changed files with 11 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/httpclient.php
View File

@@ -177,10 +177,12 @@ class HTTPClient extends HTTP_Request2
/**
* Quick static function to GET a URL
*/
public static function quickGet($url, $accept='text/html,application/xhtml+xml')
public static function quickGet($url, $accept=null)
{
$client = new HTTPClient();
$client->setHeader('Accept', $accept);
if (!is_null($accept)) {
$client->setHeader('Accept', $accept);
}
$response = $client->get($url);
if (!$response->isOk()) {
// TRANS: Exception. %s is a profile URL.

14
plugins/OStatus/classes/Ostatus_profile.php
View File

@@ -1261,15 +1261,13 @@ class Ostatus_profile extends Managed_DataObject
// ripped from oauthstore.php (for old OMB client)
$temp_filename = tempnam(sys_get_temp_dir(), 'listener_avatar');
try {
$client = new HTTPClient();
$response = $client->get($url);
if (!$response->isOk()) {
// TRANS: Server exception. %s is a URL.
throw new ServerException(sprintf(_m('Unable to fetch avatar from %s.'), $url));
$imgData = HTTPClient::quickGet($url);
// Make sure it's at least an image file. ImageFile can do the rest.
if (false === getimagesizefromstring($imgData)) {
throw new UnsupportedMediaException(_('Downloaded group avatar was not an image.'));
}
// FIXME: make sure it's an image here instead of _after_ writing to a file?
file_put_contents($temp_filename, $response->getBody());
file_put_contents($temp_filename, $imgData);
unset($imgData); // No need to carry this in memory.
if ($this->isGroup()) {
$id = $this->group_id;

2
plugins/OStatus/scripts/testfeed.php
View File

@@ -53,7 +53,7 @@ if (!$sub) {
// Fetch the URL
try {
$xml = HTTPClient::quickGet($feedurl);
$xml = HTTPClient::quickGet($feedurl, 'text/html,application/xhtml+xml');
} catch (Exception $e) {
echo sprintf("Could not fetch feedurl %s (%d).\n", $e->getMessage(), $e->getCode());
exit(1);