123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984 |
- <?php
- defined('GNUSOCIAL') || die();
- class File extends Managed_DataObject
- {
- public $__table = 'file';
- public $id;
- public $urlhash;
- public $url;
- public $filehash;
- public $mimetype;
- public $size;
- public $title;
- public $date;
- public $protected;
- public $filename;
- public $width;
- public $height;
- public $modified;
- const URLHASH_ALG = 'sha256';
- const FILEHASH_ALG = 'sha256';
- public static function schemaDef()
- {
- return array(
- 'fields' => array(
- 'id' => array('type' => 'serial', 'not null' => true),
- 'urlhash' => array('type' => 'varchar', 'length' => 64, 'not null' => true, 'description' => 'sha256 of destination URL (url field)'),
- 'url' => array('type' => 'text', 'description' => 'destination URL after following possible redirections'),
- 'filehash' => array('type' => 'varchar', 'length' => 64, 'not null' => false, 'description' => 'sha256 of the file contents, only for locally stored files of course'),
- 'mimetype' => array('type' => 'varchar', 'length' => 50, 'description' => 'mime type of resource'),
- 'size' => array('type' => 'int', 'description' => 'size of resource when available'),
- 'title' => array('type' => 'text', 'description' => 'title of resource when available'),
- 'date' => array('type' => 'int', 'description' => 'date of resource according to http query'),
- 'protected' => array('type' => 'int', 'description' => 'true when URL is private (needs login)'),
- 'filename' => array('type' => 'text', 'description' => 'if file is stored locally (too) this is the filename'),
- 'width' => array('type' => 'int', 'description' => 'width in pixels, if it can be described as such and data is available'),
- 'height' => array('type' => 'int', 'description' => 'height in pixels, if it can be described as such and data is available'),
- 'modified' => array('type' => 'datetime', 'not null' => true, 'default' => 'CURRENT_TIMESTAMP', 'description' => 'date this record was modified'),
- ),
- 'primary key' => array('id'),
- 'unique keys' => array(
- 'file_urlhash_key' => array('urlhash'),
- ),
- 'indexes' => array(
- 'file_filehash_idx' => array('filehash'),
- ),
- );
- }
- public static function isProtected($url)
- {
- $protected_urls_exps = array(
- 'https://www.facebook.com/login.php',
- common_path('main/login')
- );
- foreach ($protected_urls_exps as $protected_url_exp) {
- if (preg_match('!^'.preg_quote($protected_url_exp).'(.*)$!i', $url) === 1) {
- return true;
- }
- }
- return false;
- }
-
- public static function saveNew(array $redir_data, $given_url)
- {
- $file = null;
- try {
-
-
- $file = File::getByUrl($given_url);
- return $file;
- } catch (NoResultException $e) {
-
- }
-
-
-
- $u = parse_url($given_url);
- if (isset($u['host']) && $u['host'] === common_config('site', 'server')) {
- $r = Router::get();
-
- try {
- $args = $r->map(mb_substr($u['path'], 1));
- if ($args['action'] === 'attachment') {
- try {
- if (!empty($args['attachment'])) {
- return File::getByID($args['attachment']);
- } elseif ($args['filehash']) {
- return File::getByHash($args['filehash']);
- }
- } catch (NoResultException $e) {
-
- }
- }
- } catch (Exception $e) {
-
-
-
-
-
-
-
-
-
-
- }
- }
- $file = new File;
- $file->url = $given_url;
- if (!empty($redir_data['protected'])) {
- $file->protected = $redir_data['protected'];
- }
- if (!empty($redir_data['title'])) {
- $file->title = $redir_data['title'];
- }
- if (!empty($redir_data['type'])) {
- $file->mimetype = $redir_data['type'];
- }
- if (!empty($redir_data['size'])) {
- $file->size = intval($redir_data['size']);
- }
- if (isset($redir_data['time']) && $redir_data['time'] > 0) {
- $file->date = intval($redir_data['time']);
- }
- $file->saveFile();
- return $file;
- }
- public function saveFile()
- {
- $this->urlhash = self::hashurl($this->url);
- if (!Event::handle('StartFileSaveNew', array(&$this))) {
- throw new ServerException('File not saved due to an aborted StartFileSaveNew event.');
- }
- $this->id = $this->insert();
- if ($this->id === false) {
- throw new ServerException('File/URL metadata could not be saved to the database.');
- }
- Event::handle('EndFileSaveNew', array($this));
- }
-
- public static function processNew($given_url, Notice $notice=null, $followRedirects=true)
- {
- if (empty($given_url)) {
- throw new ServerException('No given URL to process');
- }
- $given_url = File_redirection::_canonUrl($given_url);
- if (empty($given_url)) {
- throw new ServerException('No canonical URL from given URL to process');
- }
- $redir = File_redirection::where($given_url);
- try {
- $file = $redir->getFile();
- } catch (EmptyPkeyValueException $e) {
- common_log(LOG_ERR, 'File_redirection::where gave object with empty file_id for given_url '._ve($given_url));
- throw new ServerException('URL processing failed without new File object');
- } catch (NoResultException $e) {
-
- common_log(LOG_ERR, 'File_redirection after discovery could still not return a File object.');
- throw new ServerException('URL processing failed without new File object');
- }
- if ($notice instanceof Notice) {
- File_to_post::processNew($file, $notice);
- }
- return $file;
- }
- public static function respectsQuota(Profile $scoped, $fileSize)
- {
- if ($fileSize > common_config('attachments', 'file_quota')) {
-
-
-
- $fileSizeText = sprintf(_m('%1$d byte', '%1$d bytes', $fileSize), $fileSize);
- $fileQuota = common_config('attachments', 'file_quota');
-
-
-
-
- throw new ClientException(
- sprintf(
- _m(
- 'No file may be larger than %1$d byte and the file you sent was %2$s. Try to upload a smaller version.',
- 'No file may be larger than %1$d bytes and the file you sent was %2$s. Try to upload a smaller version.',
- $fileQuota
- ),
- $fileQuota,
- $fileSizeText
- )
- );
- }
- $file = new File;
- $query = "SELECT sum(size) AS total
- FROM file
- INNER JOIN file_to_post
- ON file_to_post.file_id = file.id
- INNER JOIN notice
- ON file_to_post.post_id = notice.id
- WHERE profile_id = {$scoped->id} AND
- file.url LIKE '%/notice/%/file'";
- $file->query($query);
- $file->fetch();
- $total = $file->total + $fileSize;
- if ($total > common_config('attachments', 'user_quota')) {
-
-
- throw new ClientException(
- sprintf(
- _m(
- 'A file this large would exceed your user quota of %d byte.',
- 'A file this large would exceed your user quota of %d bytes.',
- common_config('attachments', 'user_quota')
- ),
- common_config('attachments', 'user_quota')
- )
- );
- }
- $query .= ' AND EXTRACT(MONTH FROM file.modified) = EXTRACT(MONTH FROM CURRENT_DATE)'
- . ' AND EXTRACT(YEAR FROM file.modified) = EXTRACT(YEAR FROM CURRENT_DATE)';
- $file->query($query);
- $file->fetch();
- $total = $file->total + $fileSize;
- if ($total > common_config('attachments', 'monthly_quota')) {
-
-
- throw new ClientException(
- sprintf(
- _m(
- 'A file this large would exceed your monthly quota of %d byte.',
- 'A file this large would exceed your monthly quota of %d bytes.',
- common_config('attachments', 'monthly_quota')
- ),
- common_config('attachments', 'monthly_quota')
- )
- );
- }
- return true;
- }
- public function getFilename()
- {
- return self::tryFilename($this->filename);
- }
- public function getSize(): int
- {
- return (int)$this->size;
- }
-
- public static function filename(Profile $profile, $origname, $mimetype)
- {
- $ext = self::guessMimeExtension($mimetype, $origname);
-
- $origname = basename($origname, ".$ext");
- if (class_exists('Normalizer')) {
-
-
- $origname = Normalizer::normalize($origname, Normalizer::FORM_KC);
- }
- $origname = preg_replace('/[^A-Za-z0-9\.\_]/', '_', $origname);
- $nickname = $profile->getNickname();
- $datestamp = strftime('%Y%m%d', time());
- do {
-
- $random = strtolower(common_confirmation_code(16));
- $filename = "$nickname-$datestamp-$origname-$random.$ext";
- } while (file_exists(self::path($filename)));
- return $filename;
- }
-
- public static function getSafeExtension(string $filename)
- {
- if (preg_match('/^.+?\.([A-Za-z0-9]+)$/', $filename, $matches) === 1) {
-
- $ext = mb_strtolower($matches[1]);
- $blacklist = common_config('attachments', 'extblacklist');
-
-
- if (array_key_exists($ext, $blacklist)) {
- if (!is_string($blacklist[$ext])) {
-
- return false;
- }
-
- return $blacklist[$ext];
- } else {
-
- return $ext;
- }
- } else {
-
- return null;
- }
- }
-
- public static function guessMimeExtension($mimetype, $filename=null)
- {
- try {
-
- $ext = common_supported_mime_to_ext($mimetype);
-
- return $ext;
- } catch (UnknownMimeExtensionException $e) {
-
-
-
- if (!is_null($filename)) {
- $ext = self::getSafeExtension($filename);
- if ($ext === false) {
-
- throw new ClientException(_m('Blacklisted file extension.'));
- } else {
- return $ext;
- }
- }
- } catch (Exception $e) {
- common_log(LOG_INFO, 'Problem when figuring out extension for mimetype: '._ve($e));
- }
-
-
- $matches = array();
-
- if (!preg_match('/[\/+-\.]([a-z0-9]+)/', mb_strtolower($mimetype), $matches)) {
- throw new Exception("Malformed mimetype: {$mimetype}");
- }
- return mb_strtolower($matches[1]);
- }
-
- public static function validFilename($filename)
- {
- return preg_match('/^[A-Za-z0-9._-]+$/', $filename);
- }
-
- public static function tryFilename($filename): string
- {
- if (!self::validFilename($filename)) {
- throw new InvalidFilenameException($filename);
- }
-
- return $filename;
- }
-
- public static function path($filename, ?string $dir = null, bool $test_filename = true)
- {
- if ($test_filename) {
- self::tryFilename($filename);
- }
- $dir = $dir ?? common_config('attachments', 'dir');
- if (!in_array($dir[mb_strlen($dir)-1], ['/', '\\'])) {
- $dir .= DIRECTORY_SEPARATOR;
- }
- return $dir . $filename;
- }
- public static function url($filename)
- {
- self::tryFilename($filename);
- if (common_config('site', 'private')) {
- return common_local_url(
- 'getfile',
- array('filename' => $filename)
- );
- }
- if (GNUsocial::useHTTPS()) {
- $sslserver = common_config('attachments', 'sslserver');
- if (empty($sslserver)) {
-
-
- if (is_string(common_config('site', 'sslserver')) &&
- mb_strlen(common_config('site', 'sslserver')) > 0) {
- $server = common_config('site', 'sslserver');
- } elseif (common_config('site', 'server')) {
- $server = common_config('site', 'server');
- }
- $path = common_config('site', 'path') . '/file/';
- } else {
- $server = $sslserver;
- $path = common_config('attachments', 'sslpath');
- if (empty($path)) {
- $path = common_config('attachments', 'path');
- }
- }
- $protocol = 'https';
- } else {
- $path = common_config('attachments', 'path');
- $server = common_config('attachments', 'server');
- if (empty($server)) {
- $server = common_config('site', 'server');
- }
- $ssl = common_config('attachments', 'ssl');
- $protocol = ($ssl) ? 'https' : 'http';
- }
- if ($path[strlen($path)-1] != '/') {
- $path .= '/';
- }
- if ($path[0] != '/') {
- $path = '/'.$path;
- }
- return $protocol.'://'.$server.$path.$filename;
- }
- public static $_enclosures = array();
- public function getEnclosure()
- {
- if (isset(self::$_enclosures[$this->getID()])) {
- return self::$_enclosures[$this->getID()];
- }
- $enclosure = (object) array();
- foreach (array('title', 'url', 'date', 'modified', 'size', 'mimetype', 'width', 'height') as $key) {
- if ($this->$key !== '') {
- $enclosure->$key = $this->$key;
- }
- }
- $needMoreMetadataMimetypes = array(null, 'application/xhtml+xml', 'text/html');
- if (!isset($this->filename) && in_array(common_bare_mime($enclosure->mimetype), $needMoreMetadataMimetypes)) {
-
-
- Event::handle('FileEnclosureMetadata', array($this, &$enclosure));
- }
- if (empty($enclosure->mimetype)) {
-
-
-
- throw new ServerException('Unknown enclosure mimetype, not enough metadata');
- }
- self::$_enclosures[$this->getID()] = $enclosure;
- return $enclosure;
- }
- public function hasThumbnail()
- {
- try {
- $this->getThumbnail();
- } catch (Exception $e) {
- return false;
- }
- return true;
- }
-
- public function getThumbnail($width = null, $height = null, $crop = false, $force_still = true, $upscale = null): File_thumbnail
- {
-
- $image = ImageFile::fromFileObject($this);
- if ($image->animated && !common_config('thumbnail', 'animated')) {
-
-
- if (is_null(common_config('thumbnail', 'animated')) || !$force_still) {
- try {
-
- return File_thumbnail::byFile($this);
- } catch (NoResultException $e) {
-
- throw new UseFileAsThumbnailException($this);
- }
- }
- }
- return $image->getFileThumbnail(
- $width,
- $height,
- $crop,
- !is_null($upscale) ? $upscale : common_config('thumbnail', 'upscale')
- );
- }
- public function getPath()
- {
- $filepath = self::path($this->filename);
- if (!file_exists($filepath)) {
- throw new FileNotFoundException($filepath);
- }
- return $filepath;
- }
-
- public function getFileOrThumbnailPath(?File_thumbnail $thumbnail = null): string
- {
- if (!empty($thumbnail)) {
- return $thumbnail->getPath();
- }
- if (!empty($this->filename)) {
- $filepath = self::path($this->filename);
- if (file_exists($filepath)) {
- return $filepath;
- } else {
- throw new FileNotFoundException($filepath);
- }
- } else {
- try {
- return File_thumbnail::byFile($this, true)->getPath();
- } catch (NoResultException $e) {
-
- throw new FileNotStoredLocallyException($this);
- }
- }
- }
-
- public function getFileOrThumbnailMimetype(?File_thumbnail $thumbnail = null) : string
- {
- if (!empty($thumbnail)) {
- $filepath = $thumbnail->getPath();
- } elseif (!empty($this->filename)) {
- return $this->mimetype;
- } else {
- $filepath = File_thumbnail::byFile($this, true)->getPath();
- }
- $info = @getimagesize($filepath);
- if ($info !== false) {
- return $info['mime'];
- } else {
- throw new UnsupportedMediaException(_m("Thumbnail is not an image."));
- }
- }
-
- public function getFileOrThumbnailSize(?File_thumbnail $thumbnail = null) : int
- {
- if (!empty($thumbnail)) {
- return filesize($thumbnail->getPath());
- } elseif (!empty($this->filename)) {
- return $this->getSize();
- } else {
- return filesize(File_thumbnail::byFile($this)->getPath());
- }
- }
- public function getAttachmentUrl()
- {
- return common_local_url('attachment', array('attachment'=>$this->getID()));
- }
- public function getAttachmentDownloadUrl()
- {
- return common_local_url('attachment_download', array('attachment'=>$this->getID()));
- }
- public function getAttachmentViewUrl()
- {
- return common_local_url('attachment_view', array('attachment'=>$this->getID()));
- }
-
- public function getUrl($use_local=null)
- {
- if ($use_local !== false) {
- if (is_string($this->filename) || !empty($this->filename)) {
-
- return $this->getAttachmentViewUrl();
- }
- if ($use_local) {
-
- throw new FileNotStoredLocallyException($this);
- }
- }
-
- return $this->url;
- }
- public static function getByUrl($url)
- {
- $file = new File();
- $file->urlhash = self::hashurl($url);
- if (!$file->find(true)) {
- throw new NoResultException($file);
- }
- return $file;
- }
-
- public static function getByHash($hashstr)
- {
- $file = new File();
- $file->filehash = strtolower($hashstr);
- if (!$file->find(true)) {
- throw new NoResultException($file);
- }
- return $file;
- }
- public function updateUrl($url)
- {
- $file = File::getKV('urlhash', self::hashurl($url));
- if ($file instanceof File) {
- throw new ServerException('URL already exists in DB');
- }
- $sql = 'UPDATE %1$s SET urlhash = %2$s, url = %3$s WHERE urlhash = %4$s;';
- $result = $this->query(sprintf(
- $sql,
- $this->tableName(),
- $this->_quote((string)self::hashurl($url)),
- $this->_quote((string)$url),
- $this->_quote((string)$this->urlhash)
- ));
- if ($result === false) {
- common_log_db_error($this, 'UPDATE', __FILE__);
- throw new ServerException("Could not UPDATE {$this->tableName()}.url");
- }
- return $result;
- }
-
- public function blowCache($last=false)
- {
- self::blow('file:notice-ids:%s', $this->id);
- if ($last) {
- self::blow('file:notice-ids:%s;last', $this->id);
- }
- self::blow('file:notice-count:%d', $this->id);
- }
-
- public function stream($offset=0, $limit=NOTICES_PER_PAGE, $since_id=0, $max_id=0)
- {
-
-
- $stream = new FileNoticeStream($this, Profile::current());
- return $stream->getNotices($offset, $limit, $since_id, $max_id);
- }
- public function noticeCount()
- {
- $cacheKey = sprintf('file:notice-count:%d', $this->id);
- $count = self::cacheGet($cacheKey);
- if ($count === false) {
- $f2p = new File_to_post();
- $f2p->file_id = $this->id;
- $count = $f2p->count();
- self::cacheSet($cacheKey, $count);
- }
- return $count;
- }
- public function isLocal()
- {
- return !empty($this->filename);
- }
- public function delete($useWhere=false)
- {
-
- if (!empty($this->filename) && file_exists(self::path($this->filename))) {
- $deleted = @unlink(self::path($this->filename));
- if (!$deleted) {
- common_log(LOG_ERR, sprintf('Could not unlink existing file: "%s"', self::path($this->filename)));
- }
- }
-
- if (Event::handle('FileDeleteRelated', array($this))) {
- $thumbs = new File_thumbnail();
- $thumbs->file_id = $this->id;
- if ($thumbs->find()) {
- while ($thumbs->fetch()) {
- $thumbs->delete();
- }
- }
- $f2p = new File_to_post();
- $f2p->file_id = $this->id;
- if ($f2p->find()) {
- while ($f2p->fetch()) {
- $f2p->delete();
- }
- }
- }
-
- return parent::delete($useWhere);
- }
- public function getTitle()
- {
- $title = $this->title ?: MediaFile::getDisplayName($this);
- return $title ?: null;
- }
- public function setTitle($title)
- {
- $orig = clone($this);
- $this->title = mb_strlen($title) > 0 ? $title : null;
- return $this->update($orig);
- }
- public static function hashurl($url)
- {
- if (empty($url)) {
- throw new Exception('No URL provided to hash algorithm.');
- }
- return hash(self::URLHASH_ALG, $url);
- }
- public static function beforeSchemaUpdate()
- {
- $table = strtolower(get_called_class());
- $schema = Schema::get();
- $schemadef = $schema->getTableDef($table);
-
- if (isset($schemadef['fields']['urlhash']) && isset($schemadef['unique keys']['file_urlhash_key'])) {
-
- return;
- }
- echo "\nFound old $table table, upgrading it to contain 'urlhash' field...";
- $file = new File();
- $file->query(sprintf(
- 'SELECT id, LEFT(url, 191) AS shortenedurl, COUNT(*) FROM %1$s ' .
- 'WHERE LENGTH(url) > 191 GROUP BY id, shortenedurl HAVING COUNT(*) > 1',
- common_database_tablename($table)
- ));
- print "\nFound {$file->N} URLs with too long entries in file table\n";
- while ($file->fetch()) {
-
-
-
- $dupfile = new File();
-
-
- $dupfile->query(sprintf('SELECT * FROM file WHERE LEFT(url, 191) = %1$s', $dupfile->_quote($file->shortenedurl)));
-
- if ($dupfile->find(true)) {
- print "\nShortening url entry for $table id: {$file->id} [";
- $orig = clone($dupfile);
- $origurl = $dupfile->url;
- $dupfile->url = $file->shortenedurl;
- $dupfile->update($orig);
- print "\nDeleting duplicate entries of too long URL on $table id: {$file->id} [";
-
- while ($dupfile->fetch()) {
- common_log(LOG_INFO, sprintf('Deleting duplicate File entry of %1$d: %2$d (original URL: %3$s collides with these first 191 characters: %4$s', $dupfile->id, $file->id, $origurl, $file->shortenedurl));
- print ".";
- $dupfile->delete();
- }
- print "]\n";
- } else {
- print "\nWarning! URL suddenly disappeared from database: {$file->url}\n";
- }
- }
- echo "...and now all the non-duplicates which are longer than 191 characters...\n";
- $file->query('UPDATE file SET url=LEFT(url, 191) WHERE LENGTH(url)>191');
- echo "\n...now running hacky pre-schemaupdate change for $table:";
-
-
- $schemadef['fields']['urlhash'] = array(
- 'type' => 'varchar',
- 'length' => 64,
- 'not null' => false,
- 'description' => 'sha256 of destination URL (url field)',
- );
- $schemadef['fields']['url'] = array(
- 'type' => 'text',
- 'description' => 'destination URL after following possible redirections',
- );
- unset($schemadef['unique keys']);
- $schema->ensureTable($table, $schemadef);
- echo "DONE.\n";
- $classname = ucfirst($table);
- $tablefix = new $classname;
-
- echo "Updating urlhash fields in $table table...";
- switch (common_config('db', 'type')) {
- case 'pgsql':
- $url_sha256 = 'encode(sha256(CAST("url" AS bytea)), \'hex\')';
- break;
- case 'mysql':
- $url_sha256 = 'sha2(`url`, 256)';
- break;
- default:
- throw new ServerException('Unknown DB type selected.');
- }
- $tablefix->query(sprintf(
- 'UPDATE %1$s SET urlhash = %2$s;',
- $tablefix->escapedTableName(),
- $url_sha256
- ));
- echo "DONE.\n";
- echo "Resuming core schema upgrade...";
- }
- }
|