2015-10-01 22:18:47 +02:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
if (!defined('GNUSOCIAL')) { exit(1); }
|
|
|
|
|
|
|
|
|
|
// FIXME: To support remote video/whatever files, this plugin needs reworking.
|
|
|
|
|
|
|
|
|
|
class StoreRemoteMediaPlugin extends Plugin
|
|
|
|
|
{
|
|
|
|
|
// settings which can be set in config.php with addPlugin('Oembed', array('param'=>'value', ...));
|
|
|
|
|
// WARNING, these are _regexps_ (slashes added later). Always escape your dots and end your strings
|
|
|
|
|
public $domain_whitelist = array( // hostname => service provider
|
|
|
|
|
'^i\d*\.ytimg\.com$' => 'YouTube',
|
|
|
|
|
'^i\d*\.vimeocdn\.com$' => 'Vimeo',
|
|
|
|
|
);
|
|
|
|
|
public $append_whitelist = array(); // fill this array as domain_whitelist to add more trusted sources
|
|
|
|
|
public $check_whitelist = false; // security/abuse precaution
|
|
|
|
|
|
2016-03-02 15:41:17 +00:00
|
|
|
public $domain_blacklist = array();
|
|
|
|
|
public $check_blacklist = false;
|
|
|
|
|
|
2015-10-01 22:18:47 +02:00
|
|
|
protected $imgData = array();
|
|
|
|
|
|
|
|
|
|
// these should be declared protected everywhere
|
|
|
|
|
public function initialize()
|
|
|
|
|
{
|
|
|
|
|
parent::initialize();
|
|
|
|
|
|
|
|
|
|
$this->domain_whitelist = array_merge($this->domain_whitelist, $this->append_whitelist);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Save embedding information for a File, if applicable.
|
|
|
|
|
*
|
|
|
|
|
* Normally this event is called through File::saveNew()
|
|
|
|
|
*
|
2015-11-02 05:15:08 +00:00
|
|
|
* @param File $file The abount-to-be-inserted File object.
|
2015-10-01 22:18:47 +02:00
|
|
|
*
|
|
|
|
|
* @return boolean success
|
|
|
|
|
*/
|
2015-11-02 05:15:08 +00:00
|
|
|
public function onStartFileSaveNew(File &$file)
|
2015-10-01 22:18:47 +02:00
|
|
|
{
|
|
|
|
|
// save given URL as title if it's a media file this plugin understands
|
|
|
|
|
// which will make it shown in the AttachmentList widgets
|
|
|
|
|
|
2015-11-02 05:15:08 +00:00
|
|
|
if (isset($file->title) && strlen($file->title)>0) {
|
2015-10-01 22:18:47 +02:00
|
|
|
// Title is already set
|
|
|
|
|
return true;
|
|
|
|
|
}
|
2015-11-02 05:15:08 +00:00
|
|
|
if (!isset($file->mimetype)) {
|
2015-10-01 22:18:47 +02:00
|
|
|
// Unknown mimetype, it's not our job to figure out what it is.
|
|
|
|
|
return true;
|
|
|
|
|
}
|
2015-11-02 05:15:08 +00:00
|
|
|
switch (common_get_mime_media($file->mimetype)) {
|
2015-10-01 22:18:47 +02:00
|
|
|
case 'image':
|
|
|
|
|
// Just to set something for now at least...
|
2015-11-02 05:15:08 +00:00
|
|
|
$file->title = $file->mimetype;
|
2015-10-01 22:18:47 +02:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function onCreateFileImageThumbnailSource(File $file, &$imgPath, $media=null)
|
|
|
|
|
{
|
|
|
|
|
// If we are on a private node, we won't do any remote calls (just as a precaution until
|
|
|
|
|
// we can configure this from config.php for the private nodes)
|
|
|
|
|
if (common_config('site', 'private')) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ($media !== 'image') {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// If there is a local filename, it is either a local file already or has already been downloaded.
|
|
|
|
|
if (!empty($file->filename)) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2016-03-02 15:41:17 +00:00
|
|
|
if (!$this->checkWhiteList($file->getUrl()) ||
|
|
|
|
|
!$this->checkBlackList($file->getUrl())) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
2015-10-01 22:18:47 +02:00
|
|
|
|
|
|
|
|
// First we download the file to memory and test whether it's actually an image file
|
2016-02-07 01:54:37 +01:00
|
|
|
common_debug(sprintf('Downloading remote file id==%u with URL: %s', $file->getID(), _ve($file->getUrl())));
|
|
|
|
|
try {
|
|
|
|
|
$imgData = HTTPClient::quickGet($file->getUrl());
|
|
|
|
|
} catch (HTTP_Request2_ConnectionException $e) {
|
|
|
|
|
common_log(LOG_ERR, __CLASS__.': quickGet on URL: '._ve($file->getUrl()).' threw exception: '.$e->getMessage());
|
|
|
|
|
return true;
|
|
|
|
|
}
|
2015-10-01 22:18:47 +02:00
|
|
|
$info = @getimagesizefromstring($imgData);
|
|
|
|
|
if ($info === false) {
|
2015-12-15 12:30:35 +01:00
|
|
|
throw new UnsupportedMediaException(_('Remote file format was not identified as an image.'), $file->getUrl());
|
2015-10-01 22:18:47 +02:00
|
|
|
} elseif (!$info[0] || !$info[1]) {
|
|
|
|
|
throw new UnsupportedMediaException(_('Image file had impossible geometry (0 width or height)'));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$filehash = hash(File::FILEHASH_ALG, $imgData);
|
|
|
|
|
try {
|
|
|
|
|
// Exception will be thrown before $file is set to anything, so old $file value will be kept
|
|
|
|
|
$file = File::getByHash($filehash);
|
|
|
|
|
|
|
|
|
|
//FIXME: Add some code so we don't have to store duplicate File rows for same hash files.
|
|
|
|
|
} catch (NoResultException $e) {
|
|
|
|
|
$filename = $filehash . '.' . common_supported_mime_to_ext($info['mime']);
|
|
|
|
|
$fullpath = File::path($filename);
|
|
|
|
|
|
|
|
|
|
// Write the file to disk if it doesn't exist yet. Throw Exception on failure.
|
|
|
|
|
if (!file_exists($fullpath) && file_put_contents($fullpath, $imgData) === false) {
|
|
|
|
|
throw new ServerException(_('Could not write downloaded file to disk.'));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Updated our database for the file record
|
|
|
|
|
$orig = clone($file);
|
|
|
|
|
$file->filehash = $filehash;
|
|
|
|
|
$file->filename = $filename;
|
|
|
|
|
$file->width = $info[0]; // array indexes documented on php.net:
|
|
|
|
|
$file->height = $info[1]; // https://php.net/manual/en/function.getimagesize.php
|
|
|
|
|
// Throws exception on failure.
|
2016-01-28 16:42:59 +01:00
|
|
|
$file->updateWithKeys($orig);
|
2015-10-01 22:18:47 +02:00
|
|
|
}
|
|
|
|
|
// Get rid of the file from memory
|
|
|
|
|
unset($imgData);
|
|
|
|
|
|
|
|
|
|
$imgPath = $file->getPath();
|
|
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
2016-03-02 15:41:17 +00:00
|
|
|
* @return boolean true if given url passes blacklist check
|
2015-10-01 22:18:47 +02:00
|
|
|
*/
|
2016-03-02 15:41:17 +00:00
|
|
|
protected function checkBlackList($url)
|
2015-10-01 22:18:47 +02:00
|
|
|
{
|
2016-03-02 15:41:17 +00:00
|
|
|
if (!$this->check_blacklist) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
$host = parse_url($url, PHP_URL_HOST);
|
|
|
|
|
foreach ($this->domain_blacklist as $regex => $provider) {
|
|
|
|
|
if (preg_match("/$regex/", $host)) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
2015-10-01 22:18:47 +02:00
|
|
|
}
|
|
|
|
|
|
2016-03-02 15:41:17 +00:00
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/***
|
|
|
|
|
* @return boolean true if given url passes whitelist check
|
|
|
|
|
*/
|
|
|
|
|
protected function checkWhiteList($url)
|
|
|
|
|
{
|
|
|
|
|
if (!$this->check_whitelist) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
2015-10-01 22:18:47 +02:00
|
|
|
$host = parse_url($url, PHP_URL_HOST);
|
|
|
|
|
foreach ($this->domain_whitelist as $regex => $provider) {
|
|
|
|
|
if (preg_match("/$regex/", $host)) {
|
2016-03-02 15:41:17 +00:00
|
|
|
return true;
|
2015-10-01 22:18:47 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2016-03-02 15:41:17 +00:00
|
|
|
return false;
|
2015-10-01 22:18:47 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function onPluginVersion(array &$versions)
|
|
|
|
|
{
|
|
|
|
|
$versions[] = array('name' => 'StoreRemoteMedia',
|
|
|
|
|
'version' => GNUSOCIAL_VERSION,
|
|
|
|
|
'author' => 'Mikael Nordfeldth',
|
|
|
|
|
'homepage' => 'https://gnu.io/',
|
|
|
|
|
'description' =>
|
|
|
|
|
// TRANS: Plugin description.
|
|
|
|
|
_m('Plugin for downloading remotely attached files to local server.'));
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
}
|
