File_redirection.php 19 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492
  1. <?php
  2. // This file is part of GNU social - https://www.gnu.org/software/social
  3. //
  4. // GNU social is free software: you can redistribute it and/or modify
  5. // it under the terms of the GNU Affero General Public License as published by
  6. // the Free Software Foundation, either version 3 of the License, or
  7. // (at your option) any later version.
  8. //
  9. // GNU social is distributed in the hope that it will be useful,
  10. // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11. // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  12. // GNU Affero General Public License for more details.
  13. //
  14. // You should have received a copy of the GNU Affero General Public License
  15. // along with GNU social. If not, see <http://www.gnu.org/licenses/>.
  16. defined('GNUSOCIAL') || die();
  17. /**
  18. * Table Definition for file_redirection
  19. */
  20. class File_redirection extends Managed_DataObject
  21. {
  22. ###START_AUTOCODE
  23. /* the code below is auto generated do not remove the above tag */
  24. public $__table = 'file_redirection'; // table name
  25. public $urlhash; // varchar(64) primary_key not_null
  26. public $url; // text
  27. public $file_id; // int(4)
  28. public $redirections; // int(4)
  29. public $httpcode; // int(4)
  30. public $modified; // timestamp() not_null default_CURRENT_TIMESTAMP
  31. public $redir_url;
  32. /* the code above is auto generated do not remove the tag below */
  33. ###END_AUTOCODE
  34. protected $file; /* Cache the associated file sometimes */
  35. public static function schemaDef()
  36. {
  37. return array(
  38. 'fields' => array(
  39. 'urlhash' => array('type' => 'varchar', 'length' => 64, 'not null' => true, 'description' => 'sha256 hash of the URL'),
  40. 'url' => array('type' => 'text', 'description' => 'short URL (or any other kind of redirect) for file (id)'),
  41. 'file_id' => array('type' => 'int', 'description' => 'short URL for what URL/file'),
  42. 'redirections' => array('type' => 'int', 'description' => 'redirect count'),
  43. 'httpcode' => array('type' => 'int', 'description' => 'HTTP status code (20x, 30x, etc.)'),
  44. 'modified' => array('type' => 'timestamp', 'not null' => true, 'description' => 'date this record was modified'),
  45. ),
  46. 'primary key' => array('urlhash'),
  47. 'foreign keys' => array(
  48. 'file_redirection_file_id_fkey' => array('file', array('file_id' => 'id')),
  49. ),
  50. 'indexes' => array(
  51. 'file_redirection_file_id_idx' => array('file_id'),
  52. ),
  53. );
  54. }
  55. public static function getByUrl($url)
  56. {
  57. return self::getByPK(array('urlhash' => File::hashurl($url)));
  58. }
  59. public static function _commonHttp($url, $redirs)
  60. {
  61. $request = new HTTPClient($url);
  62. $request->setConfig(array(
  63. 'connect_timeout' => 10, // # seconds to wait
  64. 'max_redirs' => $redirs, // # max number of http redirections to follow
  65. 'follow_redirects' => false, // We follow redirects ourselves in lib/httpclient.php
  66. 'store_body' => false, // We won't need body content here.
  67. ));
  68. return $request;
  69. }
  70. /**
  71. * Check if this URL is a redirect and return redir info.
  72. *
  73. * Most code should call File_redirection::where instead, to check if we
  74. * already know that redirection and avoid extra hits to the web.
  75. *
  76. * The URL is hit and any redirects are followed, up to 10 levels or until
  77. * a protected URL is reached.
  78. *
  79. * @param string $in_url
  80. * @return mixed one of:
  81. * string - target URL, if this is a direct link or can't be followed
  82. * array - redirect info if this is an *unknown* redirect:
  83. * associative array with the following elements:
  84. * code: HTTP status code
  85. * redirects: count of redirects followed
  86. * url: URL string of final target
  87. * type (optional): MIME type from Content-Type header
  88. * size (optional): byte size from Content-Length header
  89. * time (optional): timestamp from Last-Modified header
  90. */
  91. public static function lookupWhere($short_url, $redirs = 10, $protected = false)
  92. {
  93. if ($redirs < 0) {
  94. return false;
  95. }
  96. if (strpos($short_url, '://') === false) {
  97. return $short_url;
  98. }
  99. try {
  100. $request = self::_commonHttp($short_url, $redirs);
  101. // Don't include body in output
  102. $request->setMethod(HTTP_Request2::METHOD_HEAD);
  103. $response = $request->send();
  104. if (405 == $response->getStatus() || 204 == $response->getStatus()) {
  105. // HTTP 405 Unsupported Method
  106. // Server doesn't support HEAD method? Can this really happen?
  107. // We'll try again as a GET and ignore the response data.
  108. //
  109. // HTTP 204 No Content
  110. // YFrog sends 204 responses back for our HEAD checks, which
  111. // seems like it may be a logic error in their servers. If
  112. // we get a 204 back, re-run it as a GET... if there's really
  113. // no content it'll be cheap. :)
  114. $request = self::_commonHttp($short_url, $redirs);
  115. $response = $request->send();
  116. } elseif (400 == $response->getStatus()) {
  117. throw new Exception('Got error 400 on HEAD request, will not go further.');
  118. }
  119. } catch (Exception $e) {
  120. // Invalid URL or failure to reach server
  121. common_log(LOG_ERR, "Error while following redirects for $short_url: " . $e->getMessage());
  122. return $short_url;
  123. }
  124. // if last url after all redirections is protected,
  125. // use the url before it in the redirection chain
  126. if ($response->getRedirectCount() && File::isProtected($response->getEffectiveUrl())) {
  127. $return_url = $response->redirUrls[$response->getRedirectCount() - 1];
  128. } else {
  129. $return_url = $response->getEffectiveUrl();
  130. }
  131. $ret = array('code' => $response->getStatus()
  132. , 'redirects' => $response->getRedirectCount()
  133. , 'url' => $return_url);
  134. $type = $response->getHeader('Content-Type');
  135. if ($type) {
  136. $ret['type'] = $type;
  137. }
  138. if ($protected) {
  139. $ret['protected'] = true;
  140. }
  141. $size = $response->getHeader('Content-Length'); // @fixme bytes?
  142. if ($size) {
  143. $ret['size'] = $size;
  144. }
  145. $time = $response->getHeader('Last-Modified');
  146. if ($time) {
  147. $ret['time'] = strtotime($time);
  148. }
  149. return $ret;
  150. }
  151. /**
  152. * Check if this URL is a redirect and return redir info.
  153. * If a File record is present for this URL, it is not considered a redirect.
  154. * If a File_redirection record is present for this URL, the recorded target is returned.
  155. *
  156. * If no File or File_redirect record is present, the URL is hit and any
  157. * redirects are followed, up to 10 levels or until a protected URL is
  158. * reached.
  159. *
  160. * @param string $in_url
  161. * @param boolean $discover true to attempt dereferencing the redirect if we don't know it already
  162. * @return File_redirection
  163. */
  164. public static function where($in_url, $discover = true)
  165. {
  166. $redir = new File_redirection();
  167. $redir->url = $in_url;
  168. $redir->urlhash = File::hashurl($redir->url);
  169. $redir->redirections = 0;
  170. try {
  171. $r = File_redirection::getByUrl($in_url);
  172. try {
  173. $f = File::getByID($r->file_id);
  174. $r->file = $f;
  175. $r->redir_url = $f->url;
  176. } catch (NoResultException $e) {
  177. // Invalid entry, delete and run again
  178. common_log(
  179. LOG_ERR,
  180. 'Could not find File with id=' . $r->file_id . ' referenced in File_redirection, deleting File redirection entry and and trying again...'
  181. );
  182. $r->delete();
  183. return self::where($in_url);
  184. }
  185. // File_redirecion and File record found, return both
  186. return $r;
  187. } catch (NoResultException $e) {
  188. // File_redirecion record not found, but this might be a direct link to a file
  189. try {
  190. $f = File::getByUrl($in_url);
  191. $redir->file_id = $f->id;
  192. $redir->file = $f;
  193. return $redir;
  194. } catch (NoResultException $e) {
  195. // nope, this was not a direct link to a file either, let's keep going
  196. }
  197. }
  198. if ($discover) {
  199. // try to follow redirects and get the final url
  200. $redir_info = File_redirection::lookupWhere($in_url);
  201. if (is_string($redir_info)) {
  202. $redir_info = array('url' => $redir_info);
  203. }
  204. // the last url in the redirection chain can actually be a redirect!
  205. // this is the case with local /attachment/{file_id} links
  206. // in that case we have the file id already
  207. try {
  208. $r = File_redirection::getByUrl($redir_info['url']);
  209. $f = File::getKV('id', $r->file_id);
  210. if ($f instanceof File) {
  211. $redir->file = $f;
  212. $redir->redir_url = $f->url;
  213. } else {
  214. // Invalid entry in File_redirection, delete and run again
  215. common_log(
  216. LOG_ERR,
  217. 'Could not find File with id=' . $r->file_id . ' referenced in File_redirection, deleting File_redirection entry and trying again...'
  218. );
  219. $r->delete();
  220. return self::where($in_url);
  221. }
  222. } catch (NoResultException $e) {
  223. // save the file now when we know that we don't have it in File_redirection
  224. try {
  225. $redir->file = File::saveNew($redir_info, $redir_info['url']);
  226. } catch (ServerException $e) {
  227. common_log(LOG_ERR, $e);
  228. }
  229. }
  230. // If this is a redirection and we have a file to redirect to, save it
  231. // (if it doesn't exist in File_redirection already)
  232. if ($redir->file instanceof File && $redir_info['url'] != $in_url) {
  233. try {
  234. $file_redir = File_redirection::getByUrl($in_url);
  235. } catch (NoResultException $e) {
  236. $file_redir = new File_redirection();
  237. $file_redir->urlhash = File::hashurl($in_url);
  238. $file_redir->url = $in_url;
  239. $file_redir->file_id = $redir->file->getID();
  240. $file_redir->insert();
  241. $file_redir->redir_url = $redir->file->url;
  242. }
  243. $file_redir->file = $redir->file;
  244. return $file_redir;
  245. }
  246. }
  247. return $redir;
  248. }
  249. /**
  250. * Shorten a URL with the current user's configured shortening
  251. * options, if applicable.
  252. *
  253. * If it cannot be shortened or the "short" URL is longer than the
  254. * original, the original is returned.
  255. *
  256. * If the referenced item has not been seen before, embedding data
  257. * may be saved.
  258. *
  259. * @param string $long_url
  260. * @param User $user whose shortening options to use; defaults to the current web session user
  261. * @return string
  262. */
  263. public static function makeShort($long_url, $user = null)
  264. {
  265. $canon = File_redirection::_canonUrl($long_url);
  266. $short_url = File_redirection::_userMakeShort($canon, $user);
  267. // Did we get one? Is it shorter?
  268. return !empty($short_url) ? $short_url : $long_url;
  269. }
  270. /**
  271. * Shorten a URL with the current user's configured shortening
  272. * options, if applicable.
  273. *
  274. * If it cannot be shortened or the "short" URL is longer than the
  275. * original, the original is returned.
  276. *
  277. * If the referenced item has not been seen before, embedding data
  278. * may be saved.
  279. *
  280. * @param string $long_url
  281. * @return string
  282. */
  283. public static function forceShort($long_url, $user)
  284. {
  285. $canon = File_redirection::_canonUrl($long_url);
  286. $short_url = File_redirection::_userMakeShort($canon, $user, true);
  287. // Did we get one? Is it shorter?
  288. return !empty($short_url) ? $short_url : $long_url;
  289. }
  290. public static function _userMakeShort($long_url, User $user = null, $force = false)
  291. {
  292. $short_url = common_shorten_url($long_url, $user, $force);
  293. if (!empty($short_url) && $short_url != $long_url) {
  294. $short_url = (string)$short_url;
  295. // store it
  296. try {
  297. $file = File::getByUrl($long_url);
  298. } catch (NoResultException $e) {
  299. // Check if the target URL is itself a redirect...
  300. // This should already have happened in processNew in common_shorten_url()
  301. $redir = File_redirection::where($long_url);
  302. $file = $redir->file;
  303. }
  304. // Now we definitely have a File object in $file
  305. try {
  306. $file_redir = File_redirection::getByUrl($short_url);
  307. } catch (NoResultException $e) {
  308. $file_redir = new File_redirection();
  309. $file_redir->urlhash = File::hashurl($short_url);
  310. $file_redir->url = $short_url;
  311. $file_redir->file_id = $file->getID();
  312. $file_redir->insert();
  313. }
  314. return $short_url;
  315. }
  316. return null;
  317. }
  318. /**
  319. * Basic attempt to canonicalize a URL, cleaning up some standard variants
  320. * such as funny syntax or a missing path. Used internally when cleaning
  321. * up URLs for storage and following redirect chains.
  322. *
  323. * Note that despite being on File_redirect, this function DOES NOT perform
  324. * any dereferencing of redirects.
  325. *
  326. * @param string $in_url input URL
  327. * @param string $default_scheme if given a bare link; defaults to 'http://'
  328. * @return string
  329. */
  330. public static function _canonUrl($in_url, $default_scheme = 'http://')
  331. {
  332. if (empty($in_url)) {
  333. return false;
  334. }
  335. $out_url = $in_url;
  336. $p = parse_url($out_url);
  337. if (empty($p['host']) || empty($p['scheme'])) {
  338. list($scheme) = explode(':', $in_url, 2);
  339. switch (strtolower($scheme)) {
  340. case 'fax':
  341. case 'tel':
  342. $out_url = str_replace('.-()', '', $out_url);
  343. break;
  344. // non-HTTP schemes, so no redirects
  345. case 'bitcoin':
  346. case 'mailto':
  347. case 'aim':
  348. case 'jabber':
  349. case 'xmpp':
  350. // don't touch anything
  351. break;
  352. // URLs without domain name, so no redirects
  353. case 'magnet':
  354. // don't touch anything
  355. break;
  356. // URLs with coordinates, not browsable domain names
  357. case 'geo':
  358. // don't touch anything
  359. break;
  360. default:
  361. $out_url = $default_scheme . ltrim($out_url, '/');
  362. $p = parse_url($out_url);
  363. if (empty($p['scheme'])) {
  364. return false;
  365. }
  366. break;
  367. }
  368. }
  369. if (('ftp' == $p['scheme']) || ('ftps' == $p['scheme']) || ('http' == $p['scheme']) || ('https' == $p['scheme'])) {
  370. if (empty($p['host'])) {
  371. return false;
  372. }
  373. if (empty($p['path'])) {
  374. $out_url .= '/';
  375. }
  376. }
  377. return $out_url;
  378. }
  379. public static function saveNew($data, $file_id, $url)
  380. {
  381. $file_redir = new File_redirection;
  382. $file_redir->urlhash = File::hashurl($url);
  383. $file_redir->url = $url;
  384. $file_redir->file_id = $file_id;
  385. $file_redir->redirections = intval($data['redirects']);
  386. $file_redir->httpcode = intval($data['code']);
  387. $file_redir->insert();
  388. }
  389. public static function beforeSchemaUpdate()
  390. {
  391. $table = strtolower(get_called_class());
  392. $schema = Schema::get();
  393. $schemadef = $schema->getTableDef($table);
  394. // 2015-02-19 We have to upgrade our table definitions to have the urlhash field populated
  395. if (isset($schemadef['fields']['urlhash']) && in_array('urlhash', $schemadef['primary key'])) {
  396. // We already have the urlhash field, so no need to migrate it.
  397. return;
  398. }
  399. echo "\nFound old $table table, upgrading it to contain 'urlhash' field...";
  400. // We have to create a urlhash that is _not_ the primary key,
  401. // transfer data and THEN run checkSchema
  402. $schemadef['fields']['urlhash'] = [
  403. 'type' => 'varchar',
  404. 'length' => 64,
  405. 'not null' => true,
  406. 'description' => 'sha256 hash of the URL',
  407. ];
  408. $schemadef['fields']['url'] = [
  409. 'type' => 'text',
  410. 'description' => 'short URL (or any other kind of redirect) for file (id)',
  411. ];
  412. unset($schemadef['primary key']);
  413. $schema->ensureTable($table, $schemadef);
  414. echo "DONE.\n";
  415. $classname = ucfirst($table);
  416. $tablefix = new $classname;
  417. // urlhash is hash('sha256', $url) in the File table
  418. echo "Updating urlhash fields in $table table...";
  419. switch (common_config('db', 'type')) {
  420. case 'pgsql':
  421. $url_sha256 = 'encode(sha256(CAST("url" AS bytea)), \'hex\')';
  422. break;
  423. case 'mysql':
  424. $url_sha256 = 'sha2(`url`, 256)';
  425. break;
  426. default:
  427. throw new ServerException('Unknown DB type selected.');
  428. }
  429. $tablefix->query(sprintf(
  430. 'UPDATE %1$s SET urlhash = %2$s, modified = CURRENT_TIMESTAMP;',
  431. $tablefix->escapedTableName(),
  432. $url_sha256
  433. ));
  434. echo "DONE.\n";
  435. echo "Resuming core schema upgrade...";
  436. }
  437. public function getFile()
  438. {
  439. if (!$this->file instanceof File) {
  440. $this->file = File::getByID($this->file_id);
  441. }
  442. return $this->file;
  443. }
  444. }