forked from GNUsocial/gnu-social
[ImageEncoder] Implement attachment validation for images. This limits the maximum dimensions of the file, enforces a per file, per user and per user-month size quota and fixes the title if it's a filename, by replacing the extension to the new one
This commit is contained in:
parent
93e1e4b7a9
commit
365a7b436f
@ -19,13 +19,17 @@
|
||||
|
||||
namespace Plugin\ImageEncoder;
|
||||
|
||||
use App\Core\Cache;
|
||||
use App\Core\DB\DB;
|
||||
use App\Core\Event;
|
||||
use App\Core\GSFile;
|
||||
use function App\Core\I18n\_m;
|
||||
use App\Core\Log;
|
||||
use App\Core\Modules\Plugin;
|
||||
use App\Entity\Attachment;
|
||||
use App\Entity\AttachmentThumbnail;
|
||||
use App\Util\Common;
|
||||
use App\Util\TemporaryFile;
|
||||
use Exception;
|
||||
use Jcupitt\Vips;
|
||||
|
||||
@ -47,11 +51,80 @@ class ImageEncoder extends Plugin
|
||||
*
|
||||
* @return bool
|
||||
*/
|
||||
public function onAttachmentValidation(\SplFileInfo &$file, ?string &$mimetype = null): bool
|
||||
public function onAttachmentValidation(\SplFileInfo &$file, ?string &$mimetype, ?string &$title): bool
|
||||
{
|
||||
$original_mimetype = $mimetype;
|
||||
// TODO: Encode in place
|
||||
//$mimetype = self::preferredType();
|
||||
if (GSFile::mimetypeMajor($original_mimetype) != 'image') {
|
||||
// Nothing concerning us
|
||||
return Event::next;
|
||||
}
|
||||
|
||||
$type = self::preferredType();
|
||||
$extension = image_type_to_extension($type, include_dot: true);
|
||||
$temp = new TemporaryFile(prefix: null, suffix: $extension); // This handles deleting the file if some error occurs
|
||||
$mimetype = image_type_to_mime_type($type);
|
||||
if ($mimetype != $original_mimetype) {
|
||||
// If title seems to be a filename with an extension
|
||||
if (preg_match('/\.[a-z0-9]/i', $title) === 1) {
|
||||
$title = substr($title, 0, strrpos($title, '.') - 1) . $extension;
|
||||
}
|
||||
}
|
||||
|
||||
$image = Vips\Image::newFromFile($file->getRealPath(), ['access' => 'sequential']);
|
||||
$width = Common::clamp($image->width, 0, Common::config('attachments', 'max_width'));
|
||||
$height = Common::clamp($image->height, 0, Common::config('attachments', 'max_height'));
|
||||
$image = $image->crop(0, 0, $width, $height);
|
||||
$image->writeToFile($temp->getRealPath());
|
||||
|
||||
$filesize = $temp->getSize();
|
||||
$filepath = $file->getRealPath();
|
||||
@unlink($filepath);
|
||||
|
||||
$file_quota = Common::config('attachments', 'file_quota');
|
||||
if ($filesize > $file_quota) {
|
||||
// TRANS: Message given if an upload is larger than the configured maximum.
|
||||
throw new ClientException(_m('No file may be larger than {quota} bytes and the file you sent was {size} bytes. ' .
|
||||
'Try to upload a smaller version.', ['quota' => $file_quota, 'size' => $filesize]));
|
||||
}
|
||||
|
||||
$user = Common::user();
|
||||
$query = <<<END
|
||||
select sum(at.size) as total
|
||||
from attachment at
|
||||
join attachment_to_note an with at.id = an.attachment_id
|
||||
join note n with an.note_id = n.id
|
||||
where n.gsactor_id = :actor_id and at.size is not null
|
||||
END;
|
||||
|
||||
$user_quota = Common::config('attachments', 'user_quota');
|
||||
if ($user_quota != false) {
|
||||
$cache_key_user_total = 'user-' . $user->getId() . 'file-quota';
|
||||
$user_total = Cache::get($cache_key_user_total, fn () => DB::dql($query, ['actor_id' => $user->getId()])[0]['total']);
|
||||
Cache::set($cache_key_user_total, $user_total + $filesize);
|
||||
|
||||
if ($user_total + $filesize > $user_quota) {
|
||||
// TRANS: Message given if an upload would exceed user quota.
|
||||
throw new ClientException(_m('A file this large would exceed your user quota of {quota} bytes.', ['quota' => $user_quota]));
|
||||
}
|
||||
}
|
||||
|
||||
$query .= ' AND MONTH(at.modified) = MONTH(CURRENT_DATE())'
|
||||
. ' AND YEAR(at.modified) = YEAR(CURRENT_DATE())';
|
||||
|
||||
$monthly_quota = Common::config('attachments', 'monthly_quota');
|
||||
if ($monthly_quota != false) {
|
||||
$cache_key_user_monthly = 'user-' . $user->getId() . 'monthly-file-quota';
|
||||
$monthly_total = Cache::get($cache_key_user_monthly, fn () => DB::dql($query, ['actor_id' => $user->getId()])[0]['total']);
|
||||
Cache::set($cache_key_user_monthly, $monthly_total + $filesize);
|
||||
|
||||
if ($monthly_total + $filesize > $monthly_quota) {
|
||||
// TRANS: Message given if an upload would exceed user quota.
|
||||
throw new ClientException(_m('A file this large would exceed your monthly quota of {quota} bytes.', ['quota' => $monthly_quota]));
|
||||
}
|
||||
}
|
||||
|
||||
$temp->commit($filepath);
|
||||
|
||||
return Event::stop;
|
||||
}
|
||||
|
||||
@ -86,8 +159,6 @@ class ImageEncoder extends Plugin
|
||||
$old_limit = ini_set('memory_limit', Common::config('attachments', 'memory_limit'));
|
||||
try {
|
||||
try {
|
||||
// -1 means load all pages, 'sequential' access means decode pixels on demand
|
||||
// $image = Vips\Image::newFromFile(self::getPath($attachment), ['n' => -1, 'access' => 'sequential']);
|
||||
$image = Vips\Image::thumbnail($source, $width, ['height' => $height]);
|
||||
} catch (Exception $e) {
|
||||
Log::error(__METHOD__ . ' encountered exception: ' . print_r($e, true));
|
||||
|
Loading…
Reference in New Issue
Block a user