Skip to content

Commit

Permalink
Modify recursive creation of directories
Browse files Browse the repository at this point in the history 
Changed the order in which recursive creation of directories is
executed. The 'old' way was to start at the root and work the way up to
the dir to be created. This caused problems when open_basedir
restriction is activated. The 'new' behaviour is to start at the dir to
be created, then work up to the first dir that needs to be created and
then work back down. As long as the "basedir" exists, this will keep
Zoph from trying to pry on the filesystem outside of the basedir.

Also, did some refactoring, moving a few related function out of
util.inc.php into the file class.

Issue #79
  • Loading branch information
@jeroenrnl
jeroenrnl committed Aug 23, 2016
1 parent c15d1d0 commit 7f8714d
Show file tree
Hide file tree
Showing 6 changed files with 62 additions and 51 deletions.
13 changes: 6 additions & 7 deletions php/classes/photo.inc.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -414,16 +414,16 @@ public function import(file $file) {
}

if (conf::get("import.dated.hier")) {
$newPath .= cleanup_path(str_replace("-", "/", $date));
$newPath .= file::cleanupPath(str_replace("-", "/", $date));
} else {
$newPath .= cleanup_path(str_replace("-", ".", $date));
$newPath .= file::cleanupPath(str_replace("-", ".", $date));
}
}
$toPath="/" . cleanup_path(conf::get("path.images") . "/" . $newPath) . "/";
$toPath="/" . file::cleanupPath(conf::get("path.images") . "/" . $newPath) . "/";

$path=$file->getPath();
create_dir_recursive($toPath . "/" . MID_PREFIX);
create_dir_recursive($toPath . "/" . THUMB_PREFIX);
file::createDirRecursive($toPath . "/" . MID_PREFIX);
file::createDirRecursive($toPath . "/" . THUMB_PREFIX);

if ($path ."/" != $toPath) {
$file->setDestination($toPath);
Expand Down Expand Up @@ -475,7 +475,7 @@ public function import(file $file) {
$this->set("name", $newname);
}
// Update the db to the new path;
$this->set("path", cleanup_path($newPath));
$this->set("path", file::cleanupPath($newPath));
}

/**
Expand Down Expand Up @@ -1530,7 +1530,6 @@ public static function getFromHash($hash, $type="file") {
}
$qry->addParam(new param(":hash", $hash, PDO::PARAM_STR));
$qry->where($where);

$photos=static::getRecordsFromQuery($qry);
if (is_array($photos) && sizeof($photos) > 0) {
return $photos[0];
Expand Down
6 changes: 3 additions & 3 deletions php/cli/cli.inc.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -177,12 +177,12 @@ private function lookupFile($file) {

if (substr($path,0,2)=="./") {
// Path relative to the current dir given, change into absolute path
$path="/" . cleanup_path(getcwd() . "/" . $path);
$path="/" . file::cleanupPath(getcwd() . "/" . $path);
}
if ($path[0]=="/") {
// absolute path given

$path="/" . cleanup_path($path) . "/";
$path="/" . file::cleanupPath($path) . "/";

// check if path is in conf::get("path.images")
if (substr($path, 0, strlen(conf::get("path.images")))!=conf::get("path.images")) {
Expand All @@ -196,7 +196,7 @@ private function lookupFile($file) {
}
}
} else {
$path=cleanup_path($path);
$path=file::cleanupPath($path);
}
$photos=photo::getByName($filename, $path);
if (sizeof($photos)==0) {
Expand Down
52 changes: 51 additions & 1 deletion php/file.inc.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -178,7 +178,7 @@ public function delete($thumbs=false, $thumbs_only=false) {
* @param string destination of the file
*/
public function setDestination($path) {
$this->destPath="/" . cleanup_path($path) . "/";
$this->destPath="/" . file::cleanupPath($path) . "/";
$this->destName=basename($this->readlink());
}

Expand Down Expand Up @@ -356,5 +356,55 @@ public static function getFromDir($dir, $recursive = false, $search=null) {
}
return $return;
}

/**
* Cleans up a path, by removing all double slashes, "/./",
* leading and trailing slashes.
*/
public static function cleanupPath($path) {
$search = array ( "/(\/+)/", "/(\/\.\/)/", "/(\/$)/", "/(^\/)/" );
$replace = array ( "/", "/", "", "" );
return preg_replace($search,$replace, $path);
}

/**
* Create a directory
* @param string directory to create
* @return bool true when succesful
* @throws FileDirCreationFailedException when creation fails
*/
private static function createDir($directory) {
if (file_exists($directory) == false) {
if (@mkdir($directory, octdec(conf::get("import.dirmode")))) {
if (!defined("CLI") || conf::get("import.cli.verbose")>=1) {
log::msg(translate("Created directory") . ": $directory", log::NOTIFY, log::GENERAL);
}
return true;
} else {
throw new FileDirCreationFailedException(
translate("Could not create directory") . ": $directory<br>\n");
}
}
}

/**
* Recursively create directory
* checks if the parent dir of the dir to be created exists and if not so, tries to
* create it first
* @param string directory to create
* @return bool true when succesful
*/
public static function createDirRecursive($directory) {
$directory="/" . static::cleanupPath($directory);

if (!file_exists(dirname($directory))) {
static::createDirRecursive(dirname($directory));
}
try {
static::createDir($directory);
} catch (FileDirCreationFailedException $e) {
log::msg($e->getMessage(), log::FATAL, log::GENERAL);
}
}
}
?>
2 changes: 1 addition & 1 deletion php/import.inc.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ public static function photos(Array $files, Array $vars) {
$cur=0;

if (isset($vars["_path"])) {
$path=cleanup_path("/" . $vars["_path"] . "/");
$path=file::cleanupPath("/" . $vars["_path"] . "/");
if (strpos($path, "..") !== false) {
log::msg("Illegal characters in path", log::FATAL, log::IMPORT);
die();
Expand Down
38 changes: 0 additions & 38 deletions php/util.inc.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -384,16 +384,6 @@ function rawurlencode_array($var, $varName, $separator = '&') {
return implode($separator, $toImplode);
}

/**
* Cleans up a path, by removing all double slashes, "/./",
* leading and trailing slashes.
*/
function cleanup_path($path) {
$search = array ( "/(\/+)/", "/(\/\.\/)/", "/(\/$)/", "/(^\/)/" );
$replace = array ( "/", "/", "", "" );
return preg_replace($search,$replace, $path);
}

function create_actionlinks($actionlinks) {
if (is_array($actionlinks)) {
$html="<ul class=\"actionlink\">\n";
Expand Down Expand Up @@ -478,33 +468,5 @@ function redirect($url = "zoph.php", $msg = "Access denied") {
die();
}

function create_dir($directory) {
if (file_exists($directory) == false) {
if (@mkdir($directory, octdec(conf::get("import.dirmode")))) {
if (!defined("CLI") || conf::get("import.cli.verbose")>=1) {
log::msg(translate("Created directory") . ": $directory", log::NOTIFY, log::GENERAL);
}
return true;
} else {
throw new FileDirCreationFailedException(
translate("Could not create directory") . ": $directory<br>\n");
}
}
return 0;
}

function create_dir_recursive($directory){
$nextdir="";
$directory="/" . cleanup_path($directory);
foreach (explode("/",$directory) as $subdir) {
$nextdir=$nextdir . $subdir . "/";
try {
$result=create_dir($nextdir);
} catch (FileException $e) {
throw $e;
}
}
return $result;
}

?>
2 changes: 1 addition & 1 deletion php/webimport.inc.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -131,7 +131,7 @@ public static function processUpload($file) {
if ($realDir === false) {
log::msg($dir . " does not exist, creating...", log::WARN, log::IMPORT);
try {
create_dir_recursive($dir);
file::createDirRecursive($dir);
} catch (FileDirCreationFailedException $e) {
log::msg($dir . " does not exist, and I can not create it. (" .
$e->getMessage() . ")", log::FATAL, log::IMPORT);
Expand Down

0 comments on commit 7f8714d

Please sign in to comment.