Test in Ostatus_profile if avatar is an image before writing to filesystem

This clears one FIXME...

We also fix HTTPClient::quickGet() (and a related call in OStatus testfeed.php).
This commit is contained in:
Mikael Nordfeldth 2015-01-27 13:49:26 +01:00
parent cdd3c52633
commit cc996f58db
3 changed files with 11 additions and 11 deletions

View File

@ -177,10 +177,12 @@ class HTTPClient extends HTTP_Request2
/** /**
* Quick static function to GET a URL * Quick static function to GET a URL
*/ */
public static function quickGet($url, $accept='text/html,application/xhtml+xml') public static function quickGet($url, $accept=null)
{ {
$client = new HTTPClient(); $client = new HTTPClient();
if (!is_null($accept)) {
$client->setHeader('Accept', $accept); $client->setHeader('Accept', $accept);
}
$response = $client->get($url); $response = $client->get($url);
if (!$response->isOk()) { if (!$response->isOk()) {
// TRANS: Exception. %s is a profile URL. // TRANS: Exception. %s is a profile URL.

View File

@ -1261,15 +1261,13 @@ class Ostatus_profile extends Managed_DataObject
// ripped from oauthstore.php (for old OMB client) // ripped from oauthstore.php (for old OMB client)
$temp_filename = tempnam(sys_get_temp_dir(), 'listener_avatar'); $temp_filename = tempnam(sys_get_temp_dir(), 'listener_avatar');
try { try {
$client = new HTTPClient(); $imgData = HTTPClient::quickGet($url);
$response = $client->get($url); // Make sure it's at least an image file. ImageFile can do the rest.
if (false === getimagesizefromstring($imgData)) {
if (!$response->isOk()) { throw new UnsupportedMediaException(_('Downloaded group avatar was not an image.'));
// TRANS: Server exception. %s is a URL.
throw new ServerException(sprintf(_m('Unable to fetch avatar from %s.'), $url));
} }
// FIXME: make sure it's an image here instead of _after_ writing to a file? file_put_contents($temp_filename, $imgData);
file_put_contents($temp_filename, $response->getBody()); unset($imgData); // No need to carry this in memory.
if ($this->isGroup()) { if ($this->isGroup()) {
$id = $this->group_id; $id = $this->group_id;

View File

@ -53,7 +53,7 @@ if (!$sub) {
// Fetch the URL // Fetch the URL
try { try {
$xml = HTTPClient::quickGet($feedurl); $xml = HTTPClient::quickGet($feedurl, 'text/html,application/xhtml+xml');
} catch (Exception $e) { } catch (Exception $e) {
echo sprintf("Could not fetch feedurl %s (%d).\n", $e->getMessage(), $e->getCode()); echo sprintf("Could not fetch feedurl %s (%d).\n", $e->getMessage(), $e->getCode());
exit(1); exit(1);