From 001ee79c2a438c06773e9e2e91631d157722ec5f Mon Sep 17 00:00:00 2001 From: Antonio de la Rosa Date: Thu, 8 Dec 2016 04:42:29 +0100 Subject: [PATCH] Security fixes in filedfield and imagefield --- src/CoreFields/FileField.php | 80 ++++++----- src/CoreFields/ImageField.php | 251 ++++++++++++++++++---------------- 2 files changed, 179 insertions(+), 152 deletions(-) diff --git a/src/CoreFields/FileField.php b/src/CoreFields/FileField.php index fee5827..0b055d5 100644 --- a/src/CoreFields/FileField.php +++ b/src/CoreFields/FileField.php @@ -60,44 +60,58 @@ class FileField extends PhangoField { if($_FILES[$file_field]['tmp_name']!='') { - - $name_file=basename($_FILES[$file_field]['tmp_name']); - - if($this->prefix_id) + if(is_uploaded_file($_FILES[$file_field]['tmp_name'])) { + + $name_file=basename($_FILES[$file_field]['tmp_name']); - $name_file=hash('sha256', (call_user_func_array($this->func_token, array(25)))).'_'.$name_file; + if($this->prefix_id) + { + + $name_file=hash('sha256', (call_user_func_array($this->func_token, array(25)))).'_'.$name_file; + + } + + if( move_uploaded_file ( $_FILES[$file_field]['tmp_name'] , $this->path.'/'.$name_file ) ) + { + + if($old_file!='') + { + + if(!@unlink($this->path.'/'.$old_file)) + { + $this->std_error=I18n::lang('common', 'cannot_delete_old_file', 'Cannot delete old files, please, check permissions'); + } + + } + + return $name_file; + + //return $this->path.'/'.$_FILES[$file]['name']; + + } + else + { + + $this->std_error=I18n::lang('common', 'error_cannot_upload_this_file_to_the_server', 'Error: Cannot upload this file to the server'); + + $this->error=1; + + return ''; + + } } - - if( move_uploaded_file ( $_FILES[$file_field]['tmp_name'] , $this->path.'/'.$name_file ) ) - { + else + { + + $this->std_error=I18n::lang('common', 'error_cannot_upload_this_file_to_the_server', 'Error: Cannot upload this file to the server'); - if($old_file!='') - { - - if(!@unlink($this->path.'/'.$old_file)) - { - $this->std_error=I18n::lang('common', 'cannot_delete_old_file', 'Cannot delete old files, please, check permissions'); - } - - } - - return $name_file; - - //return $this->path.'/'.$_FILES[$file]['name']; - - } - else - { - - $this->std_error=I18n::lang('common', 'error_cannot_upload_this_file_to_the_server', 'Error: Cannot upload this file to the server'); - - $this->error=1; - - return ''; - - } + $this->error=1; + + return ''; + + } } diff --git a/src/CoreFields/ImageField.php b/src/CoreFields/ImageField.php index 021d0a7..88afd62 100644 --- a/src/CoreFields/ImageField.php +++ b/src/CoreFields/ImageField.php @@ -78,134 +78,147 @@ class ImageField extends PhangoField { if(trim($_FILES[$file_name]['tmp_name'])!=='') { - - $name_image=$_FILES[$file_name]['name']; - - $base_name_image=basename($name_image); - - $file_extension=pathinfo($base_name_image, PATHINFO_EXTENSION); - - $base_name_image=str_replace('.'.$file_extension, '', $base_name_image); - - $name_image=$base_name_image.'.jpg'; - - if($this->prefix_id) + if(is_uploaded_file($_FILES[$file_name]['tmp_name'])) { - - $name_image=hash('sha256', (call_user_func_array($this->func_token, array(25)))).'_'.$name_image; - - } - - $manager = new ImageManager(array('driver' => $this->driver)); - - if( ($image=$manager->make($_FILES[$file_name]['tmp_name']))!=false) - { - - if($old_image!='') - { - - if(!@unlink($this->path.'/'.$old_image)) - { - $this->std_error=I18n::lang('common', 'cannot_delete_old_image', 'Cannot delete old images, please, check permissions'); - } - - $base_old_image=basename($old_image); - - foreach($this->img_width as $prefix => $width) - { - - if(!@unlink($this->path.'/'.$prefix.'_'.$base_old_image)) - { - - // $this->error=true; - - $this->std_error=I18n::lang('common', 'cannot_delete_old_image', 'Cannot delete old thumb images, please, check permissions'); - } - - } - } - - $image->backup(); - - //$with= - - //if(make('foo.jpg')->resize(300, 200)->save('bar.jpg'); - - $real_size=$image->width(); - - $max_size=0; - - if(isset($this->img_width[''])) - { - - if($this->img_width['']<$real_size) - { - - $max_size=$this->img_width['']; - - unset($this->img_width['']); - - } - - } - - if($this->thumb) - { - - foreach($this->img_width as $prefix => $width) - { - - $image->reset(); - - //In nexts versions, save in tmp and move with ftp copy. - - if(!$image->resize($width, null, function ($constraint) {$constraint->aspectRatio();})->encode('jpg', $this->quality_jpeg)->save($this->path.'/'.$prefix.'_'.$name_image)) - { - - $this->error=true; - - $this->std_error=I18n::lang('common', 'cannot_save_images', 'Cannot save images. Please, check permissions'); - - } - - } - - } - - //Copy the image - - $image->reset(); - - if($max_size>0) - { - - $image->resize( $max_size, null, function ($constraint) {$constraint->aspectRatio();}); - - } - - if(!$image->encode('jpg', $this->quality_jpeg)->save($this->path.'/'.$name_image)) - { - $this->error=1; - - $this->std_error=I18n::lang('common', 'cannot_save_images', 'Cannot save images, please, check permissions'); - - return ''; - - } - - return $name_image; + $name_image=$_FILES[$file_name]['name']; + $base_name_image=basename($name_image); + + $file_extension=pathinfo($base_name_image, PATHINFO_EXTENSION); + + $base_name_image=str_replace('.'.$file_extension, '', $base_name_image); + + $name_image=$base_name_image.'.jpg'; + + if($this->prefix_id) + { + + $name_image=hash('sha256', (call_user_func_array($this->func_token, array(25)))).'_'.$name_image; + + } + + $manager = new ImageManager(array('driver' => $this->driver)); + + if( ($image=$manager->make($_FILES[$file_name]['tmp_name']))!=false) + { + + if($old_image!='') + { + + if(!@unlink($this->path.'/'.$old_image)) + { + $this->std_error=I18n::lang('common', 'cannot_delete_old_image', 'Cannot delete old images, please, check permissions'); + } + + $base_old_image=basename($old_image); + + foreach($this->img_width as $prefix => $width) + { + + if(!@unlink($this->path.'/'.$prefix.'_'.$base_old_image)) + { + + // $this->error=true; + + $this->std_error=I18n::lang('common', 'cannot_delete_old_image', 'Cannot delete old thumb images, please, check permissions'); + } + + } + } + + $image->backup(); + + //$with= + + //if(make('foo.jpg')->resize(300, 200)->save('bar.jpg'); + + $real_size=$image->width(); + + $max_size=0; + + if(isset($this->img_width[''])) + { + + if($this->img_width['']<$real_size) + { + + $max_size=$this->img_width['']; + + unset($this->img_width['']); + + } + + } + + if($this->thumb) + { + + foreach($this->img_width as $prefix => $width) + { + + $image->reset(); + + //In nexts versions, save in tmp and move with ftp copy. + + if(!$image->resize($width, null, function ($constraint) {$constraint->aspectRatio();})->encode('jpg', $this->quality_jpeg)->save($this->path.'/'.$prefix.'_'.$name_image)) + { + + $this->error=true; + + $this->std_error=I18n::lang('common', 'cannot_save_images', 'Cannot save images. Please, check permissions'); + + } + + } + + } + + //Copy the image + + $image->reset(); + + if($max_size>0) + { + + $image->resize( $max_size, null, function ($constraint) {$constraint->aspectRatio();}); + + } + + if(!$image->encode('jpg', $this->quality_jpeg)->save($this->path.'/'.$name_image)) + { + + $this->error=1; + + $this->std_error=I18n::lang('common', 'cannot_save_images', 'Cannot save images, please, check permissions'); + + return ''; + + } + + return $name_image; + + } + else + { + + $this->std_error=I18n::lang('common', 'no_valid_image', 'This image is wrong'); + + $this->error=1; + + return ''; + + } } else { - - $this->std_error=I18n::lang('common', 'no_valid_image', 'This image is wrong'); - + + $this->std_error=I18n::lang('common', 'no_valid_image', 'This image is not upload'); + $this->error=1; return ''; - + } } else