Implement a class for automatic temporary file handling

And adopt it all over the code.
This commit is contained in:
Alexei Sorokin 2020-09-04 13:15:23 +03:00
parent 4884a97223
commit 08145f635f
9 changed files with 626 additions and 362 deletions

View File

@ -1,48 +1,44 @@
<?php
// This file is part of GNU social - https://www.gnu.org/software/social
//
// GNU social is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// GNU social is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with GNU social. If not, see <http://www.gnu.org/licenses/>.
/**
* StatusNet, the distributed open-source microblogging tool
*
* Upload an image via the API
*
* PHP version 5
*
* LICENCE: This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* @category API
* @author Zach Copley <zach@status.net>
* @copyright 2010 StatusNet, Inc.
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://status.net/
* @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
*/
if (!defined('GNUSOCIAL')) { exit(1); }
defined('GNUSOCIAL') || die();
/**
* Upload an image via the API. Returns a shortened URL for the image
* to the user. Apparently modelled after a former Twitpic API.
*
* @category API
* @package StatusNet
* @package GNUsocial
* @author Zach Copley <zach@status.net>
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://status.net/
* @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
*/
class ApiMediaUploadAction extends ApiAuthAction
{
protected $needPost = true;
protected function prepare(array $args=array())
protected function prepare(array $args = [])
{
parent::prepare($args);
@ -79,20 +75,21 @@ class ApiMediaUploadAction extends ApiAuthAction
$upload = MediaFile::fromUpload('media', $this->scoped);
} catch (NoUploadedMediaException $e) {
common_debug('No media file was uploaded to the _FILES array');
$fh = tmpfile();
$tempfile = new TemporaryFile('gs-mediaupload');
if ($this->arg('media')) {
common_debug('Found media parameter which we hope contains a media file!');
fwrite($fh, $this->arg('media'));
fwrite($tempfile->getResource(), $this->arg('media'));
} elseif ($this->arg('media_data')) {
common_debug('Found media_data parameter which we hope contains a base64-encoded media file!');
fwrite($fh, base64_decode($this->arg('media_data')));
fwrite($tempfile->getResource(), base64_decode($this->arg('media_data')));
} else {
common_debug('No media|media_data POST parameter was supplied');
fclose($fh);
unset($tempfile);
throw $e;
}
common_debug('MediaFile importing the uploaded file with fromFilehandle');
$upload = MediaFile::fromFilehandle($fh, $this->scoped);
common_debug('MediaFile importing the uploaded file with fromFileInfo');
fflush($tempfile->getResource());
$upload = MediaFile::fromFileInfo($tempfile, $this->scoped);
}
common_debug('MediaFile completed and saved us fileRecord with id=='._ve($upload->fileRecord->id));
@ -168,9 +165,9 @@ class ApiMediaUploadAction extends ApiAuthAction
/**
* Overrided clientError to show a more Twitpic-like error
*
* @param String $msg an error message
* @param string $msg an error message
*/
function clientError($msg, $code=400, $format=null)
public function clientError($msg, $code = 400, $format = null)
{
$this->initDocument($this->format);
switch ($this->format) {

View File

@ -30,6 +30,8 @@
*/
defined('GNUSOCIAL') || die();
require_once INSTALLDIR . '/lib/util/tempfile.php';
/**
* Class responsible for abstracting media files
*/
@ -462,74 +464,77 @@ class MediaFile
throw new ServerException(sprintf('Invalid remote media URL %s.', $url));
}
$temp_filename = tempnam(sys_get_temp_dir(), 'tmp' . common_timestamp());
$tempfile = new TemporaryFile('gs-mediafile');
fwrite($tempfile->getResource(), HTTPClient::quickGet($url));
fflush($tempfile->getResource());
try {
$fileData = HTTPClient::quickGet($url);
file_put_contents($temp_filename, $fileData);
unset($fileData); // No need to carry this in memory.
$filehash = strtolower(self::getHashOfFile($temp_filename));
$filehash = strtolower(self::getHashOfFile($tempfile->getRealPath()));
try {
$file = File::getByHash($filehash);
// If no exception is thrown the file exists locally, so we'll use that and just add redirections.
// but if the _actual_ locally stored file doesn't exist, getPath will throw FileNotFoundException
/*
* If no exception is thrown the file exists locally, so we'll use
* that and just add redirections.
* But if the _actual_ locally stored file doesn't exist, getPath
* will throw FileNotFoundException.
*/
$filepath = $file->getPath();
$mimetype = $file->mimetype;
} catch (FileNotFoundException | NoResultException $e) {
// We have to save the downloaded as a new local file. This is the normal course of action.
// We have to save the downloaded as a new local file.
// This is the normal course of action.
if ($scoped instanceof Profile) {
// Throws exception if additional size does not respect quota
// This test is only needed, of course, if we're uploading something new.
File::respectsQuota($scoped, filesize($temp_filename));
// This test is only needed, of course, if something new is uploaded.
File::respectsQuota($scoped, filesize($tempfile->getRealPath()));
}
$mimetype = self::getUploadedMimeType($temp_filename, $name ?? false);
$mimetype = self::getUploadedMimeType(
$tempfile->getRealPath(),
$name ?? false
);
$media = common_get_mime_media($mimetype);
$basename = basename($name ?? $temp_filename);
$basename = basename($name ?? ('media' . common_timestamp()));
if ($media == 'image') {
// Use -1 for the id to avoid adding this temporary file to the DB
$img = new ImageFile(-1, $temp_filename);
// Validate the image by re-encoding it. Additionally normalizes old formats to PNG,
// keeping JPEG and GIF untouched
if ($media === 'image') {
// Use -1 for the id to avoid adding this temporary file to the DB.
$img = new ImageFile(-1, $tempfile->getRealPath());
// Validate the image by re-encoding it.
// Additionally normalises old formats to PNG,
// keeping JPEG and GIF untouched.
$outpath = $img->resizeTo($img->filepath);
$ext = image_type_to_extension($img->preferredType(), false);
}
$filename = self::encodeFilename($basename, $filehash, isset($ext) ? $ext : File::getSafeExtension($basename));
$filename = self::encodeFilename(
$basename,
$filehash,
$ext ?? File::getSafeExtension($basename)
);
$filepath = File::path($filename);
if ($media == 'image') {
if ($media === 'image') {
$result = rename($outpath, $filepath);
} else {
$result = rename($temp_filename, $filepath);
$result = $tempfile->commit($filepath);
}
if (!$result) {
// TRANS: Client exception thrown when a file upload operation fails because the file could
// TRANS: not be moved from the temporary folder to the permanent file location.
// TRANS: Server exception thrown when a file upload operation fails because the file could
// TRANS: not be moved from the temporary directory to the permanent file location.
throw new ServerException(_m('File could not be moved to destination directory.'));
}
if ($media == 'image') {
if ($media === 'image') {
return new ImageFile(null, $filepath);
}
}
return new self($filepath, $mimetype, $filehash);
} catch (Exception $e) {
unlink($temp_filename); // Garbage collect
throw $e;
}
}
public static function fromFilehandle($fh, Profile $scoped = null)
public static function fromFileInfo(SplFileInfo $finfo, Profile $scoped = null)
{
$stream = stream_get_meta_data($fh);
// So far we're only handling filehandles originating from tmpfile(),
// so we can always do hash_file on $stream['uri'] as far as I can tell!
$filehash = hash_file(File::FILEHASH_ALG, $stream['uri']);
$filehash = hash_file(File::FILEHASH_ALG, $finfo->getRealPath());
try {
$file = File::getByHash($filehash);
@ -541,13 +546,12 @@ class MediaFile
} catch (FileNotFoundException $e) {
// This happens if the file we have uploaded has disappeared
// from the local filesystem for some reason. Since we got the
// File object from a sha256 check in fromFilehandle, it's safe
// File object from a sha256 check in fromFileInfo, it's safe
// to just copy the uploaded data to disk!
fseek($fh, 0); // just to be sure, go to the beginning
// dump the contents of our filehandle to the path from our exception
// and report error if it failed.
if (false === file_put_contents($e->path, fread($fh, filesize($stream['uri'])))) {
if (file_put_contents($e->path, file_get_contents($finfo->getRealPath())) === false) {
// TRANS: Client exception thrown when a file upload operation fails because the file could
// TRANS: not be moved from the temporary folder to the permanent file location.
throw new ClientException(_m('File could not be moved to destination directory.'));
@ -560,15 +564,15 @@ class MediaFile
$mimetype = $file->mimetype;
} catch (NoResultException $e) {
if ($scoped instanceof Profile) {
File::respectsQuota($scoped, filesize($stream['uri']));
File::respectsQuota($scoped, filesize($finfo->getRealPath()));
}
$mimetype = self::getUploadedMimeType($stream['uri']);
$mimetype = self::getUploadedMimeType($finfo->getRealPath());
$filename = strtolower($filehash) . '.' . File::guessMimeExtension($mimetype);
$filepath = File::path($filename);
$result = copy($stream['uri'], $filepath) && chmod($filepath, 0664);
$result = copy($finfo->getRealPath(), $filepath) && chmod($filepath, 0664);
if (!$result) {
common_log(LOG_ERR, 'File could not be moved (or chmodded) from ' . _ve($stream['uri']) . ' to ' . _ve($filepath));

View File

@ -1,35 +1,40 @@
<?php
// This file is part of GNU social - https://www.gnu.org/software/social
//
// GNU social is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// GNU social is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with GNU social. If not, see <http://www.gnu.org/licenses/>.
/*
* StatusNet - the distributed open-source microblogging tool
* Copyright (C) 2008, 2009, StatusNet, Inc.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
* @copyright 2008, 2009 StatusNet, Inc.
* @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
*/
defined('GNUSOCIAL') || die();
require_once INSTALLDIR . '/lib/util/tempfile.php';
require_once INSTALLDIR . '/lib/util/mail.php';
require_once('Mail/mimeDecode.php');
require_once 'Mail/mimeDecode.php';
// @todo FIXME: we use both Mail_mimeDecode and mailparse
// Need to move everything to mailparse
class MailHandler
{
function __construct()
public function __construct()
{
}
function handle_message($rawmessage)
public function handle_message($rawmessage)
{
list($from, $to, $msg, $attachments) = $this->parse_message($rawmessage);
if (!$from || !$to || !$msg) {
@ -61,10 +66,12 @@ class MailHandler
$msg = $user->shortenLinks($msg);
if (Notice::contentTooLong($msg)) {
// TRANS: Error message in incoming mail handler used when an incoming e-mail contains too many characters.
$this->error($from, sprintf(_m('That\'s too long. Maximum notice size is %d character.',
$this->error($from, sprintf(
_m('That\'s too long. Maximum notice size is %d character.',
'That\'s too long. Maximum notice size is %d characters.',
Notice::maxContent()),
Notice::maxContent()));
Notice::maxContent()
));
}
$mediafiles = array();
@ -73,7 +80,7 @@ class MailHandler
$mf = null;
try {
$mf = MediaFile::fromFilehandle($attachment, $user->getProfile());
$mf = MediaFile::fromFileInfo($attachment, $user->getProfile());
} catch (ClientException $ce) {
$this->error($from, $ce->getMessage());
}
@ -94,13 +101,13 @@ class MailHandler
}
}
function error($from, $msg)
public function error($from, $msg)
{
file_put_contents("php://stderr", $msg . "\n");
exit(1);
}
function user_from_header($from_hdr)
public function user_from_header($from_hdr)
{
$froms = mailparse_rfc822_parse_addresses($from_hdr);
if (!$froms) {
@ -115,7 +122,7 @@ class MailHandler
return $user;
}
function user_match_to($user, $to_hdr)
public function user_match_to($user, $to_hdr)
{
$incoming = $user->incomingemail;
$tos = mailparse_rfc822_parse_addresses($to_hdr);
@ -127,7 +134,7 @@ class MailHandler
return false;
}
function handle_command($user, $from, $msg)
public function handle_command($user, $from, $msg)
{
$inter = new CommandInterpreter();
$cmd = $inter->handle_command($user, $msg);
@ -138,7 +145,7 @@ class MailHandler
return false;
}
function respond($from, $to, $response)
public function respond($from, $to, $response)
{
$headers['From'] = $to;
$headers['To'] = $from;
@ -148,12 +155,12 @@ class MailHandler
return mail_send(array($from), $headers, $response);
}
function log($level, $msg)
public function log($level, $msg)
{
common_log($level, 'MailDaemon: '.$msg);
}
function add_notice($user, $msg, $mediafiles)
public function add_notice($user, $msg, $mediafiles)
{
try {
$notice = Notice::saveNew($user->id, $msg, 'mail');
@ -165,17 +172,21 @@ class MailHandler
$mf->attachToNotice($notice);
}
$this->log(LOG_INFO,
'Added notice ' . $notice->id . ' from user ' . $user->nickname);
$this->log(
LOG_INFO,
"Added notice {$notice->id} from user {$user->nickname}"
);
return true;
}
function parse_message($contents)
public function parse_message($contents)
{
$parsed = Mail_mimeDecode::decode(array('input' => $contents,
$parsed = Mail_mimeDecode::decode([
'input' => $contents,
'include_bodies' => true,
'decode_headers' => true,
'decode_bodies' => true));
'decode_bodies' => true,
]);
if (!$parsed) {
return null;
}
@ -193,33 +204,40 @@ class MailHandler
return array($from, $to, $msg, $attachments);
}
function extract_part($parsed,&$msg,&$attachments){
if ($parsed->ctype_primary == 'multipart') {
if($parsed->ctype_secondary == 'alternative'){
public function extract_part($parsed, &$msg, &$attachments)
{
if ($parsed->ctype_primary === 'multipart') {
if ($parsed->ctype_secondary === 'alternative') {
$altmsg = $this->extract_msg_from_multipart_alternative_part($parsed);
if(!empty($altmsg)) $msg = $altmsg;
if (!empty($altmsg)) {
$msg = $altmsg;
}
} else {
foreach ($parsed->parts as $part) {
$this->extract_part($part, $msg, $attachments);
}
}
} else if ($parsed->ctype_primary == 'text'
&& $parsed->ctype_secondary=='plain') {
} elseif (
$parsed->ctype_primary === 'text'
&& $parsed->ctype_secondary === 'plain'
) {
$msg = $parsed->body;
if(strtolower($parsed->ctype_parameters['charset']) != "utf-8"){
if (strtolower($parsed->ctype_parameters['charset']) !== 'utf-8') {
$msg = utf8_encode($msg);
}
} elseif (!empty($parsed->body)) {
if (common_config('attachments', 'uploads')) {
//only save attachments if uploads are enabled
$attachment = tmpfile();
fwrite($attachment, $parsed->body);
// Only save attachments if uploads are enabled
$attachment = new TemporaryFile('gs-mailattach');
fwrite($attachment->getResource(), $parsed->body);
fflush($attachment->getResource());
$attachments[] = $attachment;
}
}
}
function extract_msg_from_multipart_alternative_part($parsed){
public function extract_msg_from_multipart_alternative_part($parsed)
{
foreach ($parsed->parts as $part) {
$this->extract_part($part, $msg, $attachments);
}
@ -227,14 +245,14 @@ class MailHandler
return $msg;
}
function unsupported_type($type)
public function unsupported_type($type)
{
// TRANS: Error message in incoming mail handler used when an incoming e-mail is of an unsupported type.
// TRANS: %s is the unsupported type.
$this->error(null, sprintf(_('Unsupported message type: %s.'), $type));
}
function cleanup_msg($msg)
public function cleanup_msg($msg)
{
$lines = explode("\n", $msg);
@ -258,9 +276,10 @@ class MailHandler
}
// skip everything after a sig
if (preg_match('/^\s*--+\s*$/', $line) ||
preg_match('/^\s*__+\s*$/', $line))
{
if (
preg_match('/^\s*--+\s*$/', $line)
|| preg_match('/^\s*__+\s*$/', $line)
) {
break;
}
// skip everything after Outlook quote

155
lib/util/tempfile.php Normal file
View File

@ -0,0 +1,155 @@
<?php
// This file is part of GNU social - https://www.gnu.org/software/social
//
// GNU social is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// GNU social is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with GNU social. If not, see <http://www.gnu.org/licenses/>.
/**
* @package GNUsocial
* @author Alexei Sorokin <sor.alexei@meowr.ru>
* @copyright 2020 Free Software Foundation, Inc http://www.fsf.org
* @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
*/
defined('GNUSOCIAL') || die();
/**
* Exception wrapper for TemporaryFile errors
*
* @package GNUsocial
* @author Alexei Sorokin <sor.alexei@meowr.ru>
* @copyright 2020 Free Software Foundation, Inc http://www.fsf.org
* @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
*/
class TemporaryFileException extends Exception
{
}
/**
* Class oriented at providing automatic temporary file handling.
*
* @package GNUsocial
* @author Alexei Sorokin <sor.alexei@meowr.ru>
* @copyright 2020 Free Software Foundation, Inc http://www.fsf.org
* @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
*/
class TemporaryFile extends SplFileInfo
{
protected $resource = null;
/**
* @param string|null $prefix The file name will begin with that prefix
* ("php" by default)
* @param string|null $mode File open mode ("w+b" by default)
*/
public function __construct(
?string $prefix = null,
?string $mode = null
) {
$filename = tempnam(sys_get_temp_dir(), $prefix ?? 'gs-php');
if ($filename === false) {
throw new TemporaryFileException('Could not create file: ' . $filename);
}
parent::__construct($filename);
if (($this->resource = fopen($filename, $mode ?? 'w+b')) === false) {
$this->cleanup();
throw new TemporaryFileException('Could not open file: ' . $filename);
}
}
public function __destruct()
{
$this->close();
$this->cleanup();
}
/**
* Closes the file descriptor if opened.
*
* @return bool Whether successful
*/
protected function close(): bool
{
$ret = true;
if (!is_null($this->resource)) {
$ret = fclose($this->resource);
}
if ($ret) {
$this->resource = null;
}
return $ret;
}
/**
* Closes the file descriptor and removes the temporary file.
*
* @return void
*/
protected function cleanup(): void
{
$path = $this->getRealPath();
$this->close();
if (file_exists($path)) {
unlink($path);
}
}
/**
* Get the file resource.
*
* @return resource
*/
public function getResource()
{
return $this->resource;
}
/**
* Release the hold on the temporary file and move it to the desired
* location, setting file permissions in the process.
*
* @param string File destination
* @param int New file permissions (in octal mode)
* @return void
* @throws TemporaryFileException
*/
public function commit(string $destpath, int $umode = 0644): void
{
$temppath = $this->getRealPath();
// Might be attempted, and won't end well
if ($destpath === $temppath) {
throw new TemporaryFileException('Cannot use self as destination');
}
// Memorise if the file was there and see if there is access
$exists = file_exists($destpath);
if (!touch($destpath)) {
throw new TemporaryFileException(
'Insufficient permissions for destination: "' . $destpath . '"'
);
} elseif (!$exists) {
// If the file wasn't there, clean it up in case of a later failure
unlink($destpath);
}
if (!$this->close()) {
throw new TemporaryFileException('Could not close the resource');
}
rename($temppath, $destpath);
chmod($destpath, $umode);
}
}

View File

@ -30,8 +30,11 @@ class FFmpegPlugin extends Plugin
{
const PLUGIN_VERSION = '0.1.0';
public function onStartResizeImageFile(ImageFile $imagefile, string $outpath, array $box): bool
{
public function onStartResizeImageFile(
ImageFile $imagefile,
string $outpath,
array $box
): bool {
switch ($imagefile->mimetype) {
case 'image/gif':
// resize only if an animated GIF
@ -60,7 +63,7 @@ class FFmpegPlugin extends Plugin
// FFmpeg can't edit existing files in place,
// generate temporary output file to avoid that
$tmp_outpath = tempnam(sys_get_temp_dir(), 'outpath-');
$tempfile = new TemporaryFile('gs-outpath');
// Generate palette file. FFmpeg explictly needs to be told the
// extension for PNG files outputs
@ -89,7 +92,7 @@ class FFmpegPlugin extends Plugin
$commands_2[] = '-f';
$commands_2[] = 'gif';
$commands_2[] = '-y';
$commands_2[] = $tmp_outpath;
$commands_2[] = $tempfile->getRealPath();
$success = true;
@ -112,10 +115,9 @@ class FFmpegPlugin extends Plugin
}
if ($success) {
$success = @rename($tmp_outpath, $outpath);
$success = $tempfile->commit($outpath);
}
@unlink($tmp_outpath);
@unlink($palette);
return $success;

View File

@ -1,15 +1,37 @@
<?php
// This file is part of GNU social - https://www.gnu.org/software/social
//
// GNU social is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// GNU social is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with GNU social. If not, see <http://www.gnu.org/licenses/>.
function linkback_lenient_target_match($body, $target) {
return strpos(''.$body, str_replace(array('http://www.', 'http://', 'https://www.', 'https://'), '', preg_replace('/\/+$/', '', preg_replace( '/#.*/', '', $target))));
defined('GNUSOCIAL') || die();
function linkback_lenient_target_match($body, $target)
{
return strpos('' . $body, str_replace(
['http://www.', 'http://', 'https://www.', 'https://'],
'',
preg_replace('/\/+$/', '', preg_replace('/#.*/', '', $target))
));
}
function linkback_get_source($source, $target) {
function linkback_get_source($source, $target)
{
// Check if we are pinging ourselves and ignore
$localprefix = common_config('site', 'server') . '/' . common_config('site', 'path');
if (linkback_lenient_target_match($source, $localprefix) === 0) {
common_debug('Ignoring self ping from ' . $source . ' to ' . $target);
return NULL;
return null;
}
$request = HTTPClient::start();
@ -17,26 +39,27 @@ function linkback_get_source($source, $target) {
try {
$response = $request->get($source);
} catch (Exception $ex) {
return NULL;
return null;
}
$body = htmlspecialchars_decode($response->getBody());
// We're slightly more lenient in our link detection than the spec requires
if(linkback_lenient_target_match($body, $target) === FALSE) {
return NULL;
if (linkback_lenient_target_match($body, $target) === false) {
return null;
}
return $response;
}
function linkback_get_target($target) {
function linkback_get_target($target)
{
// Resolve target (https://github.com/converspace/webmention/issues/43)
$request = HTTPClient::start();
try {
$response = $request->head($target);
} catch (Exception $ex) {
return NULL;
return null;
}
try {
@ -56,7 +79,10 @@ function linkback_get_target($target) {
}
if (!$user) {
preg_match('/\/([^\/\?#]+)(?:#.*)?$/', $response->getEffectiveUrl(), $match);
if(linkback_lenient_target_match(common_profile_url($match[1]), $response->getEffectiveUrl()) !== FALSE) {
if (linkback_lenient_target_match(
common_profile_url($match[1]),
$response->getEffectiveUrl()
) !== false) {
$user = User::getKV('nickname', $match[1]);
}
}
@ -65,21 +91,31 @@ function linkback_get_target($target) {
}
}
return NULL;
return null;
}
function linkback_is_contained_in($entry, $target) {
function linkback_is_contained_in($entry, $target)
{
foreach ((array)$entry['properties'] as $key => $values) {
if(count(array_filter($values, function($x) use ($target) { return linkback_lenient_target_match($x, $target) !== FALSE; })) > 0) {
if (count(array_filter($values, function ($x) use ($target) {
return linkback_lenient_target_match($x, $target) !== false;
})) > 0) {
return $entry['properties'];
}
// check included h-* formats and their links
foreach ($values as $obj) {
if(isset($obj['type']) && array_intersect(array('h-cite', 'h-entry'), $obj['type']) &&
isset($obj['properties']) && isset($obj['properties']['url']) &&
count(array_filter($obj['properties']['url'],
function($x) use ($target) { return linkback_lenient_target_match($x, $target) !== FALSE; })) > 0
if (
array_key_exists('type', $obj)
&& array_intersect(['h-cite', 'h-entry'], $obj['type'])
&& array_key_exists('properties', $obj)
&& array_key_exists('url', $obj['properties'])
&& count(array_filter(
$obj['properties']['url'],
function ($x) use ($target) {
return linkback_lenient_target_match($x, $target) !== false;
}
)) > 0
) {
return $entry['properties'];
}
@ -104,15 +140,22 @@ function linkback_is_contained_in($entry, $target) {
}
// Based on https://github.com/acegiak/Semantic-Linkbacks/blob/master/semantic-linkbacks-microformats-handler.php, GPL-2.0+
function linkback_find_entry($mf2, $target) {
if(isset($mf2['items'][0]['type']) && in_array("h-feed", $mf2['items'][0]["type"]) && isset($mf2['items'][0]['children'])) {
function linkback_find_entry($mf2, $target)
{
if (
array_key_exists('type', $mf2['items'][0])
&& in_array('h-feed', $mf2['items'][0]['type'])
&& array_key_exists('children', $mf2['items'][0])
) {
$mf2['items'] = $mf2['items'][0]['children'];
}
$entries = array_filter($mf2['items'], function($x) { return isset($x['type']) && in_array('h-entry', $x['type']); });
$entries = array_filter($mf2['items'], function ($x) {
return array_key_exists('type', $x) && in_array('h-entry', $x['type']);
});
foreach ($entries as $entry) {
if($prop = linkback_is_contained_in($entry, $target)) {
if (($prop = linkback_is_contained_in($entry, $target))) {
return $prop;
}
}
@ -122,15 +165,18 @@ function linkback_find_entry($mf2, $target) {
return $entries[0]['properties'];
}
return NULL;
return null;
}
function linkback_entry_type($entry, $mf2, $target) {
if(!$entry) { return 'mention'; }
function linkback_entry_type($entry, $mf2, $target)
{
if (!$entry) {
return 'mention';
}
if ($mf2['rels'] && $mf2['rels']['in-reply-to']) {
foreach ($mf2['rels']['in-reply-to'] as $url) {
if(linkback_lenient_target_match($url, $target) !== FALSE) {
if (linkback_lenient_target_match($url, $target) !== false) {
return 'reply';
}
}
@ -144,17 +190,30 @@ function linkback_entry_type($entry, $mf2, $target) {
);
foreach ((array) $entry as $key => $values) {
if(count(array_filter($values, function($x) use ($target) { return linkback_lenient_target_match($x, $target) != FALSE; })) > 0) {
if($classes[$key]) { return $classes[$key]; }
if (count(array_filter($values, function ($x) use ($target) {
return linkback_lenient_target_match($x, $target) !== false;
})) > 0) {
if ($classes[$key]) {
return $classes[$key];
}
}
foreach ($values as $obj) {
if(isset($obj['type']) && array_intersect(array('h-cite', 'h-entry'), $obj['type']) &&
isset($obj['properties']) && isset($obj['properties']['url']) &&
count(array_filter($obj['properties']['url'],
function($x) use ($target) { return linkback_lenient_target_match($x, $target) != FALSE; })) > 0
if (
array_key_exists('type', $obj)
&& array_intersect(['h-cite', 'h-entry'], $obj['type'])
&& array_key_exists('properties', $obj)
&& array_key_exists('url', $obj['properties'])
&& count(array_filter(
$obj['properties']['url'],
function ($x) use ($target) {
return linkback_lenient_target_match($x, $target) !== false;
}
)) > 0
) {
if($classes[$key]) { return $classes[$key]; }
if ($classes[$key]) {
return $classes[$key];
}
}
}
}
@ -162,7 +221,8 @@ function linkback_entry_type($entry, $mf2, $target) {
return 'mention';
}
function linkback_is_dupe($key, $url) {
function linkback_is_dupe($key, $url)
{
$dupe = Notice::getKV($key, $url);
if ($dupe instanceof Notice) {
return $dupe;
@ -172,7 +232,8 @@ function linkback_is_dupe($key, $url) {
}
function linkback_hcard($mf2, $url) {
function linkback_hcard($mf2, $url)
{
if (empty($mf2['items'])) {
return null;
}
@ -184,7 +245,10 @@ function linkback_hcard($mf2, $url) {
}
// We found a match, return it immediately
if(isset($item['properties']['url']) && in_array($url, $item['properties']['url'])) {
if (
array_key_exists('url', $item['properties'])
&& in_array($url, $item['properties']['url'])
) {
return $item['properties'];
}
@ -200,13 +264,14 @@ function linkback_hcard($mf2, $url) {
return null;
}
function linkback_notice($source, $notice_or_user, $entry, $author, $mf2) {
function linkback_notice($source, $notice_or_user, $entry, $author, $mf2)
{
$content = isset($entry['content']) ? $entry['content'][0]['html'] :
(isset($entry['summary']) ? $entry['summary'][0] : $entry['name'][0]);
$rendered = common_purify($content);
if($notice_or_user instanceof Notice && $entry['type'] == 'mention') {
if ($notice_or_user instanceof Notice && $entry['type'] === 'mention') {
$name = isset($entry['name']) ? $entry['name'][0] : substr(common_strip_html($content), 0, 20).'…';
$rendered = _m('linked to this from <a href="'.htmlspecialchars($source).'">'.htmlspecialchars($name).'</a>');
}
@ -214,9 +279,11 @@ function linkback_notice($source, $notice_or_user, $entry, $author, $mf2) {
$content = common_strip_html($rendered);
$shortened = common_shorten_links($content);
if (Notice::contentTooLong($shortened)) {
$content = substr($content,
$content = substr(
$content,
0,
Notice::maxContent() - (mb_strlen($source) + 2));
(Notice::maxContent() - (mb_strlen($source) + 2))
);
$rendered = $content . '<a href="'.htmlspecialchars($source).'">…</a>';
$content .= ' ' . $source;
}
@ -234,7 +301,7 @@ function linkback_notice($source, $notice_or_user, $entry, $author, $mf2) {
if ($notice_or_user instanceof User) {
$options['replies'][] = $notice_or_user->getUri();
} else {
if($entry['type'] == 'repost') {
if ($entry['type'] === 'repost') {
$options['repeat_of'] = $notice_or_user->id;
} else {
$options['reply_to'] = $notice_or_user->id;
@ -255,7 +322,9 @@ function linkback_notice($source, $notice_or_user, $entry, $author, $mf2) {
foreach ((array) $entry['category'] as $tag) {
$tag = common_canonical_tag($tag);
if($tag) { $options['tags'][] = $tag; }
if ($tag) {
$options['tags'][] = $tag;
}
}
@ -269,52 +338,51 @@ function linkback_notice($source, $notice_or_user, $entry, $author, $mf2) {
foreach ($mf2['rels']['tag'] as $url) {
preg_match('/\/([^\/]+)\/*$/', $url, $match);
$tag = common_canonical_tag($match[1]);
if($tag) { $options['tags'][] = $tag; }
if ($tag) {
$options['tags'][] = $tag;
}
}
}
if($entry['type'] != 'reply' && $entry['type'] != 'repost') {
$options['urls'] = array();
if ($entry['type'] !== 'reply' && $entry['type'] !== 'repost') {
$options['urls'] = [];
}
return array($content, $options);
return [$content, $options];
}
function linkback_avatar($profile, $url) {
function linkback_avatar($profile, $url)
{
// Ripped from OStatus plugin for now
$temp_filename = tempnam(sys_get_temp_dir(), 'linback_avatar');
try {
$imgData = HTTPClient::quickGet($url);
$tempfile = new TemporaryFile('gs-avatarlinback');
$img_data = HTTPClient::quickGet($url);
// Make sure it's at least an image file. ImageFile can do the rest.
if (false === getimagesizefromstring($imgData)) {
if (getimagesizefromstring($img_data) === false) {
return false;
}
file_put_contents($temp_filename, $imgData);
unset($imgData); // No need to carry this in memory.
fwrite($tempfile->getResource(), $img_data);
fflush($tempfile->getResource());
// No need to carry this in memory.
unset($img_data);
$imagefile = new ImageFile(null, $temp_filename);
$filename = Avatar::filename($profile->id,
$imagefile = new ImageFile(-1, $tempfile->getRealPath());
$filename = Avatar::filename(
$profile->id,
image_type_to_extension($imagefile->type),
null,
common_timestamp());
rename($temp_filename, Avatar::path($filename));
} catch (Exception $e) {
unlink($temp_filename);
throw $e;
}
// @todo FIXME: Hardcoded chmod is lame, but seems to be necessary to
// keep from accidentally saving images from command-line (queues)
// that can't be read from web server, which causes hard-to-notice
// problems later on:
//
// http://status.net/open-source/issues/2663
chmod(Avatar::path($filename), 0644);
common_timestamp()
);
$tempfile->commit(Avatar::path($filename));
$profile->setOriginal($filename);
}
function linkback_profile($entry, $mf2, $response, $target) {
if(isset($entry['author']) && isset($entry['author'][0]['properties'])) {
function linkback_profile($entry, $mf2, $response, $target)
{
if (
array_key_exists('author', $entry)
&& array_key_exists('properties', $entry['author'][0])
) {
$author = $entry['author'][0]['properties'];
} else {
$author = linkback_hcard($mf2, $response->getEffectiveUrl());
@ -357,11 +425,18 @@ function linkback_profile($entry, $mf2, $response, $target) {
return array($profile, $author);
}
function linkback_save($source, $target, $response, $notice_or_user) {
function linkback_save($source, $target, $response, $notice_or_user)
{
$dupe = linkback_is_dupe('uri', $response->getEffectiveUrl());
if(!$dupe) { $dupe = linkback_is_dupe('url', $response->getEffectiveUrl()); }
if(!$dupe) { $dupe = linkback_is_dupe('uri', $source); }
if(!$dupe) { $dupe = linkback_is_dupe('url', $source); }
if (!$dupe) {
$dupe = linkback_is_dupe('url', $response->getEffectiveUrl());
}
if (!$dupe) {
$dupe = linkback_is_dupe('uri', $source);
}
if (!$dupe) {
$dupe = linkback_is_dupe('url', $source);
}
$mf2 = new Mf2\Parser($response->getBody(), $response->getEffectiveUrl());
$mf2 = $mf2->parse();
@ -379,8 +454,12 @@ function linkback_save($source, $target, $response, $notice_or_user) {
$entry['url'] = array($response->getEffectiveUrl());
}
if(!$dupe) { $dupe = linkback_is_dupe('uri', $entry['url'][0]); }
if(!$dupe) { $dupe = linkback_is_dupe('url', $entry['url'][0]); }
if (!$dupe) {
$dupe = linkback_is_dupe('uri', $entry['url'][0]);
}
if (!$dupe) {
$dupe = linkback_is_dupe('url', $entry['url'][0]);
}
$entry['type'] = linkback_entry_type($entry, $mf2, $target);
list($profile, $author) = linkback_profile($entry, $mf2, $response, $target);
@ -391,9 +470,18 @@ function linkback_save($source, $target, $response, $notice_or_user) {
try {
// Ignore duplicate save error
try { $dupe->saveKnownReplies($options['replies']); } catch (ServerException $ex) {}
try { $dupe->saveKnownTags($options['tags']); } catch (ServerException $ex) {}
try { $dupe->saveKnownUrls($options['urls']); } catch (ServerException $ex) {}
try {
$dupe->saveKnownReplies($options['replies']);
} catch (ServerException $ex) {
}
try {
$dupe->saveKnownTags($options['tags']);
} catch (ServerException $ex) {
}
try {
$dupe->saveKnownUrls($options['urls']);
} catch (ServerException $ex) {
}
if (isset($options['reply_to'])) {
$dupe->reply_to = $options['reply_to'];
@ -408,8 +496,13 @@ function linkback_save($source, $target, $response, $notice_or_user) {
$dupe->conversation = $parent->conversation;
}
}
if($dupe->update($orig)) { $saved = $dupe; }
if($dupe->conversation != $orig->conversation && Conversation::noticeCount($orig->conversation) < 1) {
if ($dupe->update($orig)) {
$saved = $dupe;
}
if (
$dupe->conversation !== $orig->conversation
&& Conversation::noticeCount($orig->conversation) < 1
) {
// Delete empty conversation
$emptyConversation = Conversation::getKV('id', $orig->conversation);
$emptyConversation->delete();
@ -419,7 +512,10 @@ function linkback_save($source, $target, $response, $notice_or_user) {
return false;
}
common_log(LOG_INFO, "Linkback updated remote message $source as notice id $saved->id");
} else if($entry['type'] == 'like' || ($entry['type'] == 'reply' && $entry['rsvp'])) {
} elseif (
$entry['type'] === 'like'
|| ($entry['type'] === 'reply' && $entry['rsvp'])
) {
$act = new Activity();
$act->type = ActivityObject::ACTIVITY;
$act->time = $options['created'] ? strtotime($options['created']) : time();
@ -430,19 +526,22 @@ function linkback_save($source, $target, $response, $notice_or_user) {
// TRANS: Message that is the "content" of a favorite (%1$s is the actor's nickname, %2$ is the favorited
// notice's nickname and %3$s is the content of the favorited notice.)
$act->content = sprintf(_('%1$s favorited something by %2$s: %3$s'),
$profile->getNickname(), $notice_or_user->getProfile()->getNickname(),
$notice_or_user->getRendered());
$act->content = sprintf(
_('%1$s favorited something by %2$s: %3$s'),
$profile->getNickname(),
$notice_or_user->getProfile()->getNickname(),
$notice_or_user->getRendered()
);
if ($entry['rsvp']) {
$act->content = $options['rendered'];
}
$act->verb = ActivityVerb::FAVORITE;
if(strtolower($entry['rsvp'][0]) == 'yes') {
if (strtolower($entry['rsvp'][0]) === 'yes') {
$act->verb = 'http://activitystrea.ms/schema/1.0/rsvp-yes';
} else if(strtolower($entry['rsvp'][0]) == 'no') {
} elseif (strtolower($entry['rsvp'][0]) === 'no') {
$act->verb = 'http://activitystrea.ms/schema/1.0/rsvp-no';
} else if(strtolower($entry['rsvp'][0]) == 'maybe') {
} elseif (strtolower($entry['rsvp'][0]) === 'maybe') {
$act->verb = 'http://activitystrea.ms/schema/1.0/rsvp-maybe';
}
@ -464,10 +563,12 @@ function linkback_save($source, $target, $response, $notice_or_user) {
} else {
// Fallback is to make a notice manually
try {
$saved = Notice::saveNew($profile->id,
$saved = Notice::saveNew(
$profile->id,
$content,
'linkback',
$options);
$options
);
} catch (Exception $e) {
common_log(LOG_ERR, "Linkback save of remote message $source failed: " . $e->getMessage());
return false;

View File

@ -1,51 +1,38 @@
<?php
// This file is part of GNU social - https://www.gnu.org/software/social
//
// GNU social is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// GNU social is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with GNU social. If not, see <http://www.gnu.org/licenses/>.
/**
* StatusNet - the distributed open-source microblogging tool
* Copyright (C) 2010, StatusNet, Inc.
*
* Plugin to pull WikiHow-style user avatars at OpenID setup time.
* These are not currently exposed via OpenID.
*
* PHP version 5
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* @category Plugins
* @package StatusNet
* @package GNUsocial
* @author Brion Vibber <brion@status.net>
* @copyright 2010 StatusNet, Inc.
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0
* @link http://status.net/
* @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
*/
if (!defined('STATUSNET')) {
// This check helps protect against security problems;
// your code file can't be executed directly from the web.
exit(1);
}
defined('GNUSOCIAL') || die();
/**
* Sample plugin main class
*
* Each plugin requires a main class to interact with the StatusNet system.
*
* @category Plugins
* @package WikiHowProfilePlugin
* @author Brion Vibber <brion@status.net>
* @copyright 2010 StatusNet, Inc.
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0
* @link http://status.net/
* @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
*/
class WikiHowProfilePlugin extends Plugin
{
@ -70,7 +57,7 @@ class WikiHowProfilePlugin extends Plugin
* @param string $canonical OpenID provider URL
* @param array $sreg query data from provider
*/
function onEndOpenIDCreateNewUser($user, $canonical, $sreg)
public function onEndOpenIDCreateNewUser($user, $canonical, $sreg)
{
$this->updateProfile($user, $canonical);
return true;
@ -83,7 +70,7 @@ class WikiHowProfilePlugin extends Plugin
* @param string $canonical OpenID provider URL (wiki profile page)
* @param array $sreg query data from provider
*/
function onEndOpenIDUpdateUser($user, $canonical, $sreg)
public function onEndOpenIDUpdateUser($user, $canonical, $sreg)
{
$this->updateProfile($user, $canonical);
return true;
@ -180,26 +167,25 @@ class WikiHowProfilePlugin extends Plugin
// @todo FIXME: This should be better encapsulated
// ripped from OStatus via oauthstore.php (for old OMB client)
$temp_filename = tempnam(sys_get_temp_dir(), 'listener_avatar');
try {
if (!copy($url, $temp_filename)) {
// TRANS: Exception thrown when fetching an avatar from a URL fails.
// TRANS: %s is a URL.
throw new ServerException(sprintf(_m('Unable to fetch avatar from %s.'), $url));
$tempfile = new TemporaryFile('gs-avatarlisten');
$img_data = HTTPClient::quickGet($url);
// Make sure it's at least an image file. ImageFile can do the rest.
if (getimagesizefromstring($img_data) === false) {
return false;
}
fwrite($tempfile->getResource(), $img_data);
fflush($tempfile->getResource());
$profile = $user->getProfile();
$id = $profile->id;
$imagefile = new ImageFile(null, $temp_filename);
$filename = Avatar::filename($id,
$imagefile = new ImageFile(-1, $tempfile->getRealPath());
$filename = Avatar::filename(
$id,
image_type_to_extension($imagefile->type),
null,
common_timestamp());
rename($temp_filename, Avatar::path($filename));
} catch (Exception $e) {
unlink($temp_filename);
throw $e;
}
common_timestamp()
);
$tempfile->commit(Avatar::path($filename));
$profile->setOriginal($filename);
}
}

View File

@ -74,7 +74,7 @@ if ($plugin) {
function getVersion()
{
// define('GNUSOCIAL_VERSION', '0.9.1');
$source = file_get_contents(INSTALLDIR . '/lib/common.php');
$source = file_get_contents(INSTALLDIR . '/lib/util/common.php');
if (preg_match('/^\s*define\s*\(\s*[\'"]GNUSOCIAL_VERSION[\'"]\s*,\s*[\'"](.*)[\'"]\s*\)\s*;/m', $source, $matches)) {
return $matches[1];
}

View File

@ -32,6 +32,7 @@ if (!defined('STATUSNET')) { // Compatibility
use ClientException;
use Exception;
use MediaFile;
use TemporaryFile;
use PHPUnit\Framework\TestCase;
use ServerException;
@ -83,11 +84,11 @@ final class MediaFileTest extends TestCase
if (!file_exists($filename)) {
throw new Exception("WTF? {$filename} test file missing");
}
$tmp = tmpfile();
fwrite($tmp, file_get_contents($filename));
$tempfile = new TemporaryFile('gs-mediafiletest');
fwrite($tempfile->getResource(), file_get_contents($filename));
fflush($tempfile->getResource());
$tmp_metadata = stream_get_meta_data($tmp);
$type = MediaFile::getUploadedMimeType($tmp_metadata['uri'], basename($filename));
$type = MediaFile::getUploadedMimeType($tempfile->getRealPath(), basename($filename));
static::assertSame($expectedType, $type);
}
@ -124,4 +125,3 @@ final class MediaFileTest extends TestCase
return $dataset;
}
}