forked from GNUsocial/gnu-social
[Cover] Input restrictions, Code cleanup
This commit is contained in:
parent
0d18615fd8
commit
e2df8aec10
@ -27,23 +27,55 @@ use function App\Core\I18n\_m;
|
|||||||
use App\Entity\Cover as CoverEntity;
|
use App\Entity\Cover as CoverEntity;
|
||||||
use App\Util\Common;
|
use App\Util\Common;
|
||||||
use App\Util\Exception\ClientException;
|
use App\Util\Exception\ClientException;
|
||||||
use App\Util\Exception\RedirectException;
|
use App\Util\Exception\ServerException;
|
||||||
use Component\Media\Media;
|
use Component\Media\Media;
|
||||||
use Component\Media\Media as M;
|
use Component\Media\Media as M;
|
||||||
use Symfony\Component\Form\Extension\Core\Type\FileType;
|
use Symfony\Component\Form\Extension\Core\Type\FileType;
|
||||||
use Symfony\Component\Form\Extension\Core\Type\HiddenType;
|
use Symfony\Component\Form\Extension\Core\Type\HiddenType;
|
||||||
use Symfony\Component\Form\Extension\Core\Type\SubmitType;
|
use Symfony\Component\Form\Extension\Core\Type\SubmitType;
|
||||||
use Symfony\Component\HttpFoundation\Request;
|
use Symfony\Component\HttpFoundation\Request;
|
||||||
|
use Symfony\Component\Validator\Constraints\File as F;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Cover controller
|
||||||
|
*
|
||||||
|
* @package GNUsocial
|
||||||
|
* @category CoverPlugin
|
||||||
|
*
|
||||||
|
* @author Daniel Brandao <up201705812@fe.up.pt>
|
||||||
|
* @copyright 2020 Free Software Foundation, Inc http://www.fsf.org
|
||||||
|
* @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
|
||||||
|
*/
|
||||||
class Cover
|
class Cover
|
||||||
{
|
{
|
||||||
/**
|
/**
|
||||||
* Display and handle the cover edit page
|
* Display and handle the cover edit page, where a user can add or
|
||||||
|
* edit their cover image
|
||||||
|
*
|
||||||
|
* @param Request $request
|
||||||
|
*
|
||||||
|
* @throws ClientException Invalid form
|
||||||
|
* @throws ServerException Invalid file type
|
||||||
|
*
|
||||||
|
* @return array template
|
||||||
*/
|
*/
|
||||||
public function coverSettings(Request $request)
|
public function coverSettings(Request $request)
|
||||||
{
|
{
|
||||||
$form = Form::create([
|
$form = Form::create([
|
||||||
['cover', FileType::class, ['label' => _m('Cover'), 'help' => _m('You can upload your personal cover. The maximum file size is 2MB.')]],
|
['cover', FileType::class, ['label' => _m('Cover'), 'help' => _m('You can upload your personal cover. The maximum file size is 2MB.'),
|
||||||
|
'constraints' => [
|
||||||
|
new F([
|
||||||
|
'maxSize' => '2048k',
|
||||||
|
'mimeTypes' => [
|
||||||
|
'image/gif',
|
||||||
|
'image/png',
|
||||||
|
'image/jpeg',
|
||||||
|
'image/bmp',
|
||||||
|
'image/webp',
|
||||||
|
],
|
||||||
|
'maxSizeMessage' => 'Image exceeded maximum size',
|
||||||
|
'mimeTypesMessage' => 'Please upload a valid image',
|
||||||
|
]), ], ]],
|
||||||
['hidden', HiddenType::class, []],
|
['hidden', HiddenType::class, []],
|
||||||
['save', SubmitType::class, ['label' => _m('Submit')]],
|
['save', SubmitType::class, ['label' => _m('Submit')]],
|
||||||
]);
|
]);
|
||||||
@ -56,6 +88,10 @@ class Cover
|
|||||||
} else {
|
} else {
|
||||||
throw new ClientException('Invalid form');
|
throw new ClientException('Invalid form');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (explode('/',$sfile->getMimeType())[0] != 'image') {
|
||||||
|
throw new ServerException('Invalid file type');
|
||||||
|
}
|
||||||
$user = Common::user();
|
$user = Common::user();
|
||||||
$actor_id = $user->getId();
|
$actor_id = $user->getId();
|
||||||
$file = Media::validateAndStoreFile($sfile, Common::config('cover', 'dir'), $title = null, $is_local = true, $use_unique = $actor_id);
|
$file = Media::validateAndStoreFile($sfile, Common::config('cover', 'dir'), $title = null, $is_local = true, $use_unique = $actor_id);
|
||||||
@ -63,7 +99,6 @@ class Cover
|
|||||||
$cover = DB::find('cover', ['gsactor_id' => $actor_id]);
|
$cover = DB::find('cover', ['gsactor_id' => $actor_id]);
|
||||||
// Must get old id before inserting another one
|
// Must get old id before inserting another one
|
||||||
if ($cover != null) {
|
if ($cover != null) {
|
||||||
var_dump('test');
|
|
||||||
$old_file = $cover->delete();
|
$old_file = $cover->delete();
|
||||||
DB::remove($cover);
|
DB::remove($cover);
|
||||||
}
|
}
|
||||||
@ -78,13 +113,16 @@ class Cover
|
|||||||
if ($old_file != null) {
|
if ($old_file != null) {
|
||||||
@unlink($old_file);
|
@unlink($old_file);
|
||||||
}
|
}
|
||||||
throw new RedirectException();
|
|
||||||
//var_dump($cover->getFilePath());
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return ['_template' => 'cover/cover.html.twig', 'form' => $form->createView()];
|
return ['_template' => 'cover/cover.html.twig', 'form' => $form->createView()];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* get user cover
|
||||||
|
*
|
||||||
|
* @return mixed cover file
|
||||||
|
*/
|
||||||
public function cover()
|
public function cover()
|
||||||
{
|
{
|
||||||
$cover = DB::find('cover', ['gsactor_id' => Common::user()->getId()]);
|
$cover = DB::find('cover', ['gsactor_id' => Common::user()->getId()]);
|
||||||
|
@ -26,6 +26,16 @@ use App\Core\Module;
|
|||||||
use App\Core\Router\RouteLoader;
|
use App\Core\Router\RouteLoader;
|
||||||
use App\Util\Common;
|
use App\Util\Common;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Cover plugin main class
|
||||||
|
*
|
||||||
|
* @package GNUsocial
|
||||||
|
* @category CoverPlugin
|
||||||
|
*
|
||||||
|
* @author Daniel Brandao <up201705812@fe.up.pt>
|
||||||
|
* @copyright 2020 Free Software Foundation, Inc http://www.fsf.org
|
||||||
|
* @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
|
||||||
|
*/
|
||||||
class Cover extends Module
|
class Cover extends Module
|
||||||
{
|
{
|
||||||
/**
|
/**
|
||||||
@ -56,15 +66,15 @@ class Cover extends Module
|
|||||||
]];
|
]];
|
||||||
|
|
||||||
if (Common::user() != null) {
|
if (Common::user() != null) {
|
||||||
if (array_key_exists('profile_temp',$vars)) {
|
if (array_key_exists('profile_extras',$vars)) {
|
||||||
$vars['profile_temp'] = [];
|
$vars['profile_extras'] = [];
|
||||||
}
|
}
|
||||||
|
|
||||||
$cover = DB::find('cover', ['gsactor_id' => Common::user()->getId()]);
|
$cover = DB::find('cover', ['gsactor_id' => Common::user()->getId()]);
|
||||||
if ($cover != null) {
|
if ($cover != null) {
|
||||||
$vars['profile_temp'][] = ['name' => 'cover', 'vars' => ['img' => '/cover']];
|
$vars['profile_extras'][] = ['name' => 'cover', 'vars' => ['img' => '/cover']];
|
||||||
} else {
|
} else {
|
||||||
$vars['profile_temp'][] = ['name' => 'cover', 'vars' => []];
|
$vars['profile_extras'][] = ['name' => 'cover', 'vars' => []];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return Event::next;
|
return Event::next;
|
||||||
|
@ -26,6 +26,16 @@ use App\Core\Entity;
|
|||||||
use App\Util\Common;
|
use App\Util\Common;
|
||||||
use DateTimeInterface;
|
use DateTimeInterface;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* For storing a cover
|
||||||
|
*
|
||||||
|
* @package GNUsocial
|
||||||
|
* @category CoverPlugin
|
||||||
|
*
|
||||||
|
* @author Daniel Brandao <up201705812@fe.up.pt>
|
||||||
|
* @copyright 2020 Free Software Foundation, Inc http://www.fsf.org
|
||||||
|
* @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
|
||||||
|
*/
|
||||||
class Cover extends Entity
|
class Cover extends Entity
|
||||||
{
|
{
|
||||||
// {{{ Autocode
|
// {{{ Autocode
|
||||||
@ -83,17 +93,22 @@ class Cover extends Entity
|
|||||||
|
|
||||||
private ?File $file = null;
|
private ?File $file = null;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* get cover file
|
||||||
|
*
|
||||||
|
* @return File
|
||||||
|
*/
|
||||||
public function getFile(): File
|
public function getFile(): File
|
||||||
{
|
{
|
||||||
$this->file = $this->file ?: DB::find('file', ['id' => $this->file_id]);
|
$this->file = $this->file ?: DB::find('file', ['id' => $this->file_id]);
|
||||||
return $this->file;
|
return $this->file;
|
||||||
}
|
}
|
||||||
|
|
||||||
public static function getFilePathStatic(string $filename): string
|
/**
|
||||||
{
|
* get cover file path
|
||||||
return Common::config('cover', 'dir') . $filename;
|
*
|
||||||
}
|
* @return string
|
||||||
|
*/
|
||||||
public function getFilePath(): string
|
public function getFilePath(): string
|
||||||
{
|
{
|
||||||
return Common::config('cover', 'dir') . $this->getFile()->getFileName();
|
return Common::config('cover', 'dir') . $this->getFile()->getFileName();
|
||||||
@ -101,6 +116,12 @@ class Cover extends Entity
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Delete this cover and the corresponding file and thumbnails, which this owns
|
* Delete this cover and the corresponding file and thumbnails, which this owns
|
||||||
|
*
|
||||||
|
* @param bool $flush
|
||||||
|
* @param bool $delete_files_now
|
||||||
|
* @param bool $cascading
|
||||||
|
*
|
||||||
|
* @return array files deleted (if delete_files_now is true)
|
||||||
*/
|
*/
|
||||||
public function delete(bool $flush = false, bool $delete_files_now = false, bool $cascading = false): array
|
public function delete(bool $flush = false, bool $delete_files_now = false, bool $cascading = false): array
|
||||||
{
|
{
|
||||||
@ -108,7 +129,6 @@ class Cover extends Entity
|
|||||||
if (!$cascading) {
|
if (!$cascading) {
|
||||||
$files = $this->getFile()->delete($cascade = true, $file_flush = false, $delete_files_now);
|
$files = $this->getFile()->delete($cascade = true, $file_flush = false, $delete_files_now);
|
||||||
} else {
|
} else {
|
||||||
var_dump('test3');
|
|
||||||
DB::remove(DB::getReference('cover', ['gsactor_id' => $this->gsactor_id]));
|
DB::remove(DB::getReference('cover', ['gsactor_id' => $this->gsactor_id]));
|
||||||
$file_path = $this->getFilePath();
|
$file_path = $this->getFilePath();
|
||||||
$files[] = $file_path;
|
$files[] = $file_path;
|
||||||
|
@ -2,12 +2,6 @@
|
|||||||
|
|
||||||
{% block title %}Cover Settings{% endblock %}
|
{% block title %}Cover Settings{% endblock %}
|
||||||
|
|
||||||
{% block stylesheets %}
|
|
||||||
{{ parent() }}
|
|
||||||
<link href="{{ asset('assets/javascript/cropperjs/dist/cropper.css') }}" rel="stylesheet">
|
|
||||||
<script src="{{ asset('assets/javascript/cropperjs/dist/cropper.js') }}"></script>
|
|
||||||
{% endblock %}
|
|
||||||
|
|
||||||
{% block body %}
|
{% block body %}
|
||||||
{{ parent() }}
|
{{ parent() }}
|
||||||
{% endblock body %}
|
{% endblock body %}
|
||||||
@ -15,12 +9,5 @@
|
|||||||
{% block form %}
|
{% block form %}
|
||||||
<div class='form'>
|
<div class='form'>
|
||||||
{{ form(form) }}
|
{{ form(form) }}
|
||||||
<div id="img-container">
|
|
||||||
<img id="img-cropped">
|
|
||||||
</div>
|
|
||||||
</div>
|
</div>
|
||||||
{% endblock form %}
|
{% endblock form %}
|
||||||
|
|
||||||
{% block javascripts %}
|
|
||||||
<script type="text/javascript" src="{{ asset('assets/javascript/cropping.js') }}"></script>
|
|
||||||
{% endblock javascripts %}
|
|
@ -17,8 +17,8 @@
|
|||||||
<div class='navbar'>
|
<div class='navbar'>
|
||||||
<div class="left-nav">
|
<div class="left-nav">
|
||||||
<div class='profile'>
|
<div class='profile'>
|
||||||
{% for temp in profile_temp %}
|
{% for extra in profile_extras %}
|
||||||
{% include '/'~ temp.name ~ '/view.html.twig' with {'vars': temp.vars} only %}
|
{% include '/'~ extra.name ~ '/view.html.twig' with {'vars': extra.vars} only %}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
<a href="{{ path('settings_avatar') }}">
|
<a href="{{ path('settings_avatar') }}">
|
||||||
<img src='{{ user_avatar }}' alt="Your avatar." class="icon icon-avatar">
|
<img src='{{ user_avatar }}' alt="Your avatar." class="icon icon-avatar">
|
||||||
|
Loading…
Reference in New Issue
Block a user