diogo
/
symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[HttpFoundation] File: Add settable permissions and adopt stricter defaults

This commit is contained in:
Diogo Peralta Cordeiro 2021-07-26 21:33:14 +01:00
parent 2c91390bce
commit c1e604a2dc
Signed by: diogo
GPG Key ID: 18D2D35001FBFAB0
2 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/Symfony/Component/HttpFoundation/File/File.php
View File

@ -82,9 +82,9 @@ class File extends \SplFileInfo
* *
* @throws FileException if the target file could not be created * @throws FileException if the target file could not be created
*/ */
public function move(string $directory, string $name = null): self public function move(string $directory, string $name = null, int $dirmode = 0755, int $filemode = 0644): self
{ {
$target = $this->getTargetFile($directory, $name); $target = $this->getTargetFile($directory, $name, $dirmode);
set_error_handler(function ($type, $msg) use (&$error) { $error = $msg; }); set_error_handler(function ($type, $msg) use (&$error) { $error = $msg; });
try { try {
@ -96,7 +96,7 @@ class File extends \SplFileInfo
throw new FileException(sprintf('Could not move the file "%s" to "%s" (%s).', $this->getPathname(), $target, strip_tags($error))); throw new FileException(sprintf('Could not move the file "%s" to "%s" (%s).', $this->getPathname(), $target, strip_tags($error)));
} }
@chmod($target, 0666 & ~umask()); @chmod($target, $filemode & ~umask());
return $target; return $target;
} }
@ -112,10 +112,10 @@ class File extends \SplFileInfo
return $content; return $content;
} }
protected function getTargetFile(string $directory, string $name = null): self protected function getTargetFile(string $directory, string $name = null, int $dirmode = 0755): self
{ {
if (!is_dir($directory)) { if (!is_dir($directory)) {
if (false === @mkdir($directory, 0777, true) && !is_dir($directory)) { if (false === @mkdir($directory, $dirmode, true) && !is_dir($directory)) {
throw new FileException(sprintf('Unable to create the "%s" directory.', $directory)); throw new FileException(sprintf('Unable to create the "%s" directory.', $directory));
} }
} elseif (!is_writable($directory)) { } elseif (!is_writable($directory)) {

8
src/Symfony/Component/HttpFoundation/File/UploadedFile.php
View File

@ -158,14 +158,14 @@ class UploadedFile extends File
* *
* @throws FileException if, for any reason, the file could not have been moved * @throws FileException if, for any reason, the file could not have been moved
*/ */
public function move(string $directory, string $name = null): File public function move(string $directory, string $name = null, int $dirmode = 0755, int $filemode = 0644): File
{ {
if ($this->isValid()) { if ($this->isValid()) {
if ($this->test) { if ($this->test) {
return parent::move($directory, $name); return parent::move($directory, $name, $dirmode, $filemode);
} }
$target = $this->getTargetFile($directory, $name); $target = $this->getTargetFile($directory, $name, $dirmode);
set_error_handler(function ($type, $msg) use (&$error) { $error = $msg; }); set_error_handler(function ($type, $msg) use (&$error) { $error = $msg; });
try { try {
@ -177,7 +177,7 @@ class UploadedFile extends File
throw new FileException(sprintf('Could not move the file "%s" to "%s" (%s).', $this->getPathname(), $target, strip_tags($error))); throw new FileException(sprintf('Could not move the file "%s" to "%s" (%s).', $this->getPathname(), $target, strip_tags($error)));
} }
@chmod($target, 0666 & ~umask()); @chmod($target, $filemode & ~umask());
return $target; return $target;
} }