File.php 34 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848
  1. <?php
  2. /**
  3. * GNU social - a federating social network
  4. *
  5. * Abstraction for files
  6. *
  7. * LICENCE: This program is free software: you can redistribute it and/or modify
  8. * it under the terms of the GNU Affero General Public License as published by
  9. * the Free Software Foundation, either version 3 of the License, or
  10. * (at your option) any later version.
  11. *
  12. * This program is distributed in the hope that it will be useful,
  13. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  15. * GNU Affero General Public License for more details.
  16. *
  17. * You should have received a copy of the GNU Affero General Public License
  18. * along with this program. If not, see <http://www.gnu.org/licenses/>.
  19. *
  20. * @category Files
  21. * @package GNUsocial
  22. * @author Mikael Nordfeldth <mmn@hethane.se>
  23. * @author Miguel Dantas <biodantas@gmail.com>
  24. * @copyright 2008-2009, 2019 Free Software Foundation http://fsf.org
  25. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  26. * @link https://www.gnu.org/software/social/
  27. */
  28. defined('GNUSOCIAL') || die();
  29. /**
  30. * Table Definition for file
  31. */
  32. class File extends Managed_DataObject
  33. {
  34. public $__table = 'file'; // table name
  35. public $id; // int(4) primary_key not_null
  36. public $urlhash; // varchar(64) unique_key
  37. public $url; // text
  38. public $filehash; // varchar(64) indexed
  39. public $mimetype; // varchar(50)
  40. public $size; // int(4)
  41. public $title; // text()
  42. public $date; // int(4)
  43. public $protected; // int(4)
  44. public $filename; // text()
  45. public $width; // int(4)
  46. public $height; // int(4)
  47. public $modified; // timestamp() not_null default_CURRENT_TIMESTAMP
  48. const URLHASH_ALG = 'sha256';
  49. const FILEHASH_ALG = 'sha256';
  50. public static function schemaDef()
  51. {
  52. return array(
  53. 'fields' => array(
  54. 'id' => array('type' => 'serial', 'not null' => true),
  55. 'urlhash' => array('type' => 'varchar', 'length' => 64, 'not null' => true, 'description' => 'sha256 of destination URL (url field)'),
  56. 'url' => array('type' => 'text', 'description' => 'destination URL after following possible redirections'),
  57. 'filehash' => array('type' => 'varchar', 'length' => 64, 'not null' => false, 'description' => 'sha256 of the file contents, only for locally stored files of course'),
  58. 'mimetype' => array('type' => 'varchar', 'length' => 50, 'description' => 'mime type of resource'),
  59. 'size' => array('type' => 'int', 'description' => 'size of resource when available'),
  60. 'title' => array('type' => 'text', 'description' => 'title of resource when available'),
  61. 'date' => array('type' => 'int', 'description' => 'date of resource according to http query'),
  62. 'protected' => array('type' => 'int', 'description' => 'true when URL is private (needs login)'),
  63. 'filename' => array('type' => 'text', 'description' => 'if file is stored locally (too) this is the filename'),
  64. 'width' => array('type' => 'int', 'description' => 'width in pixels, if it can be described as such and data is available'),
  65. 'height' => array('type' => 'int', 'description' => 'height in pixels, if it can be described as such and data is available'),
  66. 'modified' => array('type' => 'timestamp', 'not null' => true, 'description' => 'date this record was modified'),
  67. ),
  68. 'primary key' => array('id'),
  69. 'unique keys' => array(
  70. 'file_urlhash_key' => array('urlhash'),
  71. ),
  72. 'indexes' => array(
  73. 'file_filehash_idx' => array('filehash'),
  74. ),
  75. );
  76. }
  77. public static function isProtected($url)
  78. {
  79. $protected_urls_exps = array(
  80. 'https://www.facebook.com/login.php',
  81. common_path('main/login')
  82. );
  83. foreach ($protected_urls_exps as $protected_url_exp) {
  84. if (preg_match('!^'.preg_quote($protected_url_exp).'(.*)$!i', $url) === 1) {
  85. return true;
  86. }
  87. }
  88. return false;
  89. }
  90. /**
  91. * Save a new file record.
  92. *
  93. * @param array $redir_data lookup data eg from File_redirection::where()
  94. * @param string $given_url
  95. * @return File
  96. * @throws ServerException
  97. */
  98. public static function saveNew(array $redir_data, $given_url)
  99. {
  100. $file = null;
  101. try {
  102. // I don't know why we have to keep doing this but we run a last check to avoid
  103. // uniqueness bugs.
  104. $file = File::getByUrl($given_url);
  105. return $file;
  106. } catch (NoResultException $e) {
  107. // We don't have the file's URL since before, so let's continue.
  108. }
  109. // if the given url is an local attachment url and the id already exists, don't
  110. // save a new file record. This should never happen, but let's make it foolproof
  111. // FIXME: how about attachments servers?
  112. $u = parse_url($given_url);
  113. if (isset($u['host']) && $u['host'] === common_config('site', 'server')) {
  114. $r = Router::get();
  115. // Skip the / in the beginning or $r->map won't match
  116. try {
  117. $args = $r->map(mb_substr($u['path'], 1));
  118. if ($args['action'] === 'attachment') {
  119. try {
  120. // $args['attachment'] should always be set if action===attachment, given our routing rules
  121. $file = File::getByID($args['attachment']);
  122. return $file;
  123. } catch (EmptyPkeyValueException $e) {
  124. // ...but $args['attachment'] can also be 0...
  125. } catch (NoResultException $e) {
  126. // apparently this link goes to us, but is _not_ an existing attachment (File) ID?
  127. }
  128. }
  129. } catch (Exception $e) {
  130. // Some other exception was thrown from $r->map, likely a
  131. // ClientException (404) because of some malformed link to
  132. // our own instance. It's still a valid URL however, so we
  133. // won't abort anything... I noticed this when linking:
  134. // https://social.umeahackerspace.se/mmn/foaf' (notice the
  135. // apostrophe in the end, making it unrecognizable for our
  136. // URL routing.
  137. // That specific issue (the apostrophe being part of a link
  138. // is something that may or may not have been fixed since,
  139. // in lib/util.php in common_replace_urls_callback().
  140. }
  141. }
  142. $file = new File;
  143. $file->url = $given_url;
  144. if (!empty($redir_data['protected'])) {
  145. $file->protected = $redir_data['protected'];
  146. }
  147. if (!empty($redir_data['title'])) {
  148. $file->title = $redir_data['title'];
  149. }
  150. if (!empty($redir_data['type'])) {
  151. $file->mimetype = $redir_data['type'];
  152. }
  153. if (!empty($redir_data['size'])) {
  154. $file->size = intval($redir_data['size']);
  155. }
  156. if (isset($redir_data['time']) && $redir_data['time'] > 0) {
  157. $file->date = intval($redir_data['time']);
  158. }
  159. $file->saveFile();
  160. return $file;
  161. }
  162. public function saveFile()
  163. {
  164. $this->urlhash = self::hashurl($this->url);
  165. if (!Event::handle('StartFileSaveNew', array(&$this))) {
  166. throw new ServerException('File not saved due to an aborted StartFileSaveNew event.');
  167. }
  168. $this->id = $this->insert();
  169. if ($this->id === false) {
  170. throw new ServerException('File/URL metadata could not be saved to the database.');
  171. }
  172. Event::handle('EndFileSaveNew', array($this));
  173. }
  174. /**
  175. * Go look at a URL and possibly save data about it if it's new:
  176. * - follow redirect chains and store them in file_redirection
  177. * - if a thumbnail is available, save it in file_thumbnail
  178. * - save file record with basic info
  179. * - optionally save a file_to_post record
  180. * - return the File object with the full reference
  181. *
  182. * @param string $given_url the URL we're looking at
  183. * @param Notice $notice (optional)
  184. * @param bool $followRedirects defaults to true
  185. *
  186. * @return mixed File on success, -1 on some errors
  187. *
  188. * @throws ServerException on failure
  189. */
  190. public static function processNew($given_url, Notice $notice=null, $followRedirects=true)
  191. {
  192. if (empty($given_url)) {
  193. throw new ServerException('No given URL to process');
  194. }
  195. $given_url = File_redirection::_canonUrl($given_url);
  196. if (empty($given_url)) {
  197. throw new ServerException('No canonical URL from given URL to process');
  198. }
  199. $redir = File_redirection::where($given_url);
  200. try {
  201. $file = $redir->getFile();
  202. } catch (EmptyPkeyValueException $e) {
  203. common_log(LOG_ERR, 'File_redirection::where gave object with empty file_id for given_url '._ve($given_url));
  204. throw new ServerException('URL processing failed without new File object');
  205. } catch (NoResultException $e) {
  206. // This should not happen
  207. common_log(LOG_ERR, 'File_redirection after discovery could still not return a File object.');
  208. throw new ServerException('URL processing failed without new File object');
  209. }
  210. if ($notice instanceof Notice) {
  211. File_to_post::processNew($file, $notice);
  212. }
  213. return $file;
  214. }
  215. public static function respectsQuota(Profile $scoped, $fileSize)
  216. {
  217. if ($fileSize > common_config('attachments', 'file_quota')) {
  218. // TRANS: Message used to be inserted as %2$s in the text "No file may
  219. // TRANS: be larger than %1$d byte and the file you sent was %2$s.".
  220. // TRANS: %1$d is the number of bytes of an uploaded file.
  221. $fileSizeText = sprintf(_m('%1$d byte', '%1$d bytes', $fileSize), $fileSize);
  222. $fileQuota = common_config('attachments', 'file_quota');
  223. // TRANS: Message given if an upload is larger than the configured maximum.
  224. // TRANS: %1$d (used for plural) is the byte limit for uploads,
  225. // TRANS: %2$s is the proper form of "n bytes". This is the only ways to have
  226. // TRANS: gettext support multiple plurals in the same message, unfortunately...
  227. throw new ClientException(
  228. sprintf(
  229. _m(
  230. 'No file may be larger than %1$d byte and the file you sent was %2$s. Try to upload a smaller version.',
  231. 'No file may be larger than %1$d bytes and the file you sent was %2$s. Try to upload a smaller version.',
  232. $fileQuota
  233. ),
  234. $fileQuota,
  235. $fileSizeText
  236. )
  237. );
  238. }
  239. $file = new File;
  240. $query = "select sum(size) as total from file join file_to_post on file_to_post.file_id = file.id join notice on file_to_post.post_id = notice.id where profile_id = {$scoped->id} and file.url like '%/notice/%/file'";
  241. $file->query($query);
  242. $file->fetch();
  243. $total = $file->total + $fileSize;
  244. if ($total > common_config('attachments', 'user_quota')) {
  245. // TRANS: Message given if an upload would exceed user quota.
  246. // TRANS: %d (number) is the user quota in bytes and is used for plural.
  247. throw new ClientException(
  248. sprintf(
  249. _m(
  250. 'A file this large would exceed your user quota of %d byte.',
  251. 'A file this large would exceed your user quota of %d bytes.',
  252. common_config('attachments', 'user_quota')
  253. ),
  254. common_config('attachments', 'user_quota')
  255. )
  256. );
  257. }
  258. $query .= ' AND EXTRACT(month FROM file.modified) = EXTRACT(month FROM now()) and EXTRACT(year FROM file.modified) = EXTRACT(year FROM now())';
  259. $file->query($query);
  260. $file->fetch();
  261. $total = $file->total + $fileSize;
  262. if ($total > common_config('attachments', 'monthly_quota')) {
  263. // TRANS: Message given id an upload would exceed a user's monthly quota.
  264. // TRANS: $d (number) is the monthly user quota in bytes and is used for plural.
  265. throw new ClientException(
  266. sprintf(
  267. _m(
  268. 'A file this large would exceed your monthly quota of %d byte.',
  269. 'A file this large would exceed your monthly quota of %d bytes.',
  270. common_config('attachments', 'monthly_quota')
  271. ),
  272. common_config('attachments', 'monthly_quota')
  273. )
  274. );
  275. }
  276. return true;
  277. }
  278. public function getFilename()
  279. {
  280. return self::tryFilename($this->filename);
  281. }
  282. public function getSize()
  283. {
  284. return intval($this->size);
  285. }
  286. // where should the file go?
  287. public static function filename(Profile $profile, $origname, $mimetype)
  288. {
  289. $ext = self::guessMimeExtension($mimetype, $origname);
  290. // Normalize and make the original filename more URL friendly.
  291. $origname = basename($origname, ".$ext");
  292. if (class_exists('Normalizer')) {
  293. // http://php.net/manual/en/class.normalizer.php
  294. // http://www.unicode.org/reports/tr15/
  295. $origname = Normalizer::normalize($origname, Normalizer::FORM_KC);
  296. }
  297. $origname = preg_replace('/[^A-Za-z0-9\.\_]/', '_', $origname);
  298. $nickname = $profile->getNickname();
  299. $datestamp = strftime('%Y%m%d', time());
  300. do {
  301. // generate new random strings until we don't run into a filename collision.
  302. $random = strtolower(common_confirmation_code(16));
  303. $filename = "$nickname-$datestamp-$origname-$random.$ext";
  304. } while (file_exists(self::path($filename)));
  305. return $filename;
  306. }
  307. /**
  308. * @param $mimetype string The mimetype we've discovered for this file.
  309. * @param $filename string An optional filename which we can use on failure.
  310. * @return mixed|string
  311. * @throws ClientException
  312. */
  313. public static function guessMimeExtension($mimetype, $filename=null)
  314. {
  315. try {
  316. // first see if we know the extension for our mimetype
  317. $ext = common_supported_mime_to_ext($mimetype);
  318. // we do, so use it!
  319. return $ext;
  320. } catch (UnknownMimeExtensionException $e) {
  321. // We don't know the extension for this mimetype, but let's guess.
  322. // If we can't recognize the extension from the MIME, we try
  323. // to guess based on filename, if one was supplied.
  324. if (!is_null($filename) && preg_match('/^.+\.([A-Za-z0-9]+)$/', $filename, $matches)) {
  325. // we matched on a file extension, so let's see if it means something.
  326. $ext = mb_strtolower($matches[1]);
  327. $blacklist = common_config('attachments', 'extblacklist');
  328. // If we got an extension from $filename we want to check if it's in a blacklist
  329. // so we avoid people uploading .php files etc.
  330. if (array_key_exists($ext, $blacklist)) {
  331. if (!is_string($blacklist[$ext])) {
  332. // we don't have a safe replacement extension
  333. throw new ClientException(_('Blacklisted file extension.'));
  334. }
  335. common_debug('Found replaced extension for filename '._ve($filename).': '._ve($ext));
  336. // return a safe replacement extension ('php' => 'phps' for example)
  337. return $blacklist[$ext];
  338. }
  339. // the attachment extension based on its filename was not blacklisted so it's ok to use it
  340. return $ext;
  341. }
  342. } catch (Exception $e) {
  343. common_log(LOG_INFO, 'Problem when figuring out extension for mimetype: '._ve($e));
  344. }
  345. // If nothing else has given us a result, try to extract it from
  346. // the mimetype value (this turns .jpg to .jpeg for example...)
  347. $matches = array();
  348. // FIXME: try to build a regexp that will get jpeg from image/jpeg as well as json from application/jrd+json
  349. if (!preg_match('/\/([a-z0-9]+)/', mb_strtolower($mimetype), $matches)) {
  350. throw new Exception('Malformed mimetype: '.$mimetype);
  351. }
  352. return mb_strtolower($matches[1]);
  353. }
  354. /**
  355. * Validation for as-saved base filenames
  356. * @param $filename
  357. * @return false|int
  358. */
  359. public static function validFilename($filename)
  360. {
  361. return preg_match('/^[A-Za-z0-9._-]+$/', $filename);
  362. }
  363. public static function tryFilename($filename)
  364. {
  365. if (!self::validFilename($filename)) {
  366. throw new InvalidFilenameException($filename);
  367. }
  368. // if successful, return the filename for easy if-statementing
  369. return $filename;
  370. }
  371. /**
  372. * @param $filename
  373. * @return string
  374. * @throws InvalidFilenameException
  375. */
  376. public static function path($filename)
  377. {
  378. self::tryFilename($filename);
  379. $dir = common_config('attachments', 'dir');
  380. if (!in_array($dir[mb_strlen($dir)-1], ['/', '\\'])) {
  381. $dir .= DIRECTORY_SEPARATOR;
  382. }
  383. return $dir . $filename;
  384. }
  385. public static function url($filename)
  386. {
  387. self::tryFilename($filename);
  388. if (common_config('site', 'private')) {
  389. return common_local_url(
  390. 'getfile',
  391. array('filename' => $filename)
  392. );
  393. }
  394. if (GNUsocial::useHTTPS()) {
  395. $sslserver = common_config('attachments', 'sslserver');
  396. if (empty($sslserver)) {
  397. // XXX: this assumes that background dir == site dir + /file/
  398. // not true if there's another server
  399. if (is_string(common_config('site', 'sslserver')) &&
  400. mb_strlen(common_config('site', 'sslserver')) > 0) {
  401. $server = common_config('site', 'sslserver');
  402. } elseif (common_config('site', 'server')) {
  403. $server = common_config('site', 'server');
  404. }
  405. $path = common_config('site', 'path') . '/file/';
  406. } else {
  407. $server = $sslserver;
  408. $path = common_config('attachments', 'sslpath');
  409. if (empty($path)) {
  410. $path = common_config('attachments', 'path');
  411. }
  412. }
  413. $protocol = 'https';
  414. } else {
  415. $path = common_config('attachments', 'path');
  416. $server = common_config('attachments', 'server');
  417. if (empty($server)) {
  418. $server = common_config('site', 'server');
  419. }
  420. $ssl = common_config('attachments', 'ssl');
  421. $protocol = ($ssl) ? 'https' : 'http';
  422. }
  423. if ($path[strlen($path)-1] != '/') {
  424. $path .= '/';
  425. }
  426. if ($path[0] != '/') {
  427. $path = '/'.$path;
  428. }
  429. return $protocol.'://'.$server.$path.$filename;
  430. }
  431. public static $_enclosures = array();
  432. public function getEnclosure()
  433. {
  434. if (isset(self::$_enclosures[$this->getID()])) {
  435. return self::$_enclosures[$this->getID()];
  436. }
  437. $enclosure = (object) array();
  438. foreach (array('title', 'url', 'date', 'modified', 'size', 'mimetype', 'width', 'height') as $key) {
  439. if ($this->$key !== '') {
  440. $enclosure->$key = $this->$key;
  441. }
  442. }
  443. $needMoreMetadataMimetypes = array(null, 'application/xhtml+xml', 'text/html');
  444. if (!isset($this->filename) && in_array(common_bare_mime($enclosure->mimetype), $needMoreMetadataMimetypes)) {
  445. // This fetches enclosure metadata for non-local links with unset/HTML mimetypes,
  446. // which may be enriched through oEmbed or similar (implemented as plugins)
  447. Event::handle('FileEnclosureMetadata', array($this, &$enclosure));
  448. }
  449. if (empty($enclosure->mimetype)) {
  450. // This means we either don't know what it is, so it can't
  451. // be shown as an enclosure, or it is an HTML link which
  452. // does not link to a resource with further metadata.
  453. throw new ServerException('Unknown enclosure mimetype, not enough metadata');
  454. }
  455. self::$_enclosures[$this->getID()] = $enclosure;
  456. return $enclosure;
  457. }
  458. public function hasThumbnail()
  459. {
  460. try {
  461. $this->getThumbnail();
  462. } catch (Exception $e) {
  463. return false;
  464. }
  465. return true;
  466. }
  467. /**
  468. * Get the attachment's thumbnail record, if any.
  469. * Make sure you supply proper 'int' typed variables (or null).
  470. *
  471. * @param $width int Max width of thumbnail in pixels. (if null, use common_config values)
  472. * @param $height int Max height of thumbnail in pixels. (if null, square-crop to $width)
  473. * @param $crop bool Crop to the max-values' aspect ratio
  474. * @param $force_still bool Don't allow fallback to showing original (such as animated GIF)
  475. * @param $upscale mixed Whether or not to scale smaller images up to larger thumbnail sizes. (null = site default)
  476. *
  477. * @return File_thumbnail
  478. *
  479. * @throws UseFileAsThumbnailException if the file is considered an image itself and should be itself as thumbnail
  480. * @throws UnsupportedMediaException if, despite trying, we can't understand how to make a thumbnail for this format
  481. * @throws ServerException on various other errors
  482. */
  483. public function getThumbnail($width=null, $height=null, $crop=false, $force_still=true, $upscale=null)
  484. {
  485. // Get some more information about this file through our ImageFile class
  486. $image = ImageFile::fromFileObject($this);
  487. if ($image->animated && !common_config('thumbnail', 'animated')) {
  488. // null means "always use file as thumbnail"
  489. // false means you get choice between frozen frame or original when calling getThumbnail
  490. if (is_null(common_config('thumbnail', 'animated')) || !$force_still) {
  491. try {
  492. // remote files with animated GIFs as thumbnails will match this
  493. return File_thumbnail::byFile($this);
  494. } catch (NoResultException $e) {
  495. // and if it's not a remote file, it'll be safe to use the locally stored File
  496. throw new UseFileAsThumbnailException($this);
  497. }
  498. }
  499. }
  500. return $image->getFileThumbnail(
  501. $width,
  502. $height,
  503. $crop,
  504. !is_null($upscale) ? $upscale : common_config('thumbnail', 'upscale')
  505. );
  506. }
  507. public function getPath()
  508. {
  509. $filepath = self::path($this->filename);
  510. if (!file_exists($filepath)) {
  511. throw new FileNotFoundException($filepath);
  512. }
  513. return $filepath;
  514. }
  515. public function getAttachmentUrl()
  516. {
  517. return common_local_url('attachment', array('attachment'=>$this->getID()));
  518. }
  519. /**
  520. * @param mixed $use_local true means require local, null means prefer local, false means use whatever is stored
  521. * @return string
  522. * @throws FileNotStoredLocallyException
  523. */
  524. public function getUrl($use_local=null)
  525. {
  526. if ($use_local !== false) {
  527. if (is_string($this->filename) || !empty($this->filename)) {
  528. // A locally stored file, so let's generate a URL for our instance.
  529. return self::url($this->getFilename());
  530. }
  531. if ($use_local) {
  532. // if the file wasn't stored locally (has filename) and we require a local URL
  533. throw new FileNotStoredLocallyException($this);
  534. }
  535. }
  536. // No local filename available, return the URL we have stored
  537. return $this->url;
  538. }
  539. public static function getByUrl($url)
  540. {
  541. $file = new File();
  542. $file->urlhash = self::hashurl($url);
  543. if (!$file->find(true)) {
  544. throw new NoResultException($file);
  545. }
  546. return $file;
  547. }
  548. /**
  549. * @param string $hashstr String of (preferrably lower case) hexadecimal characters, same as result of 'hash_file(...)'
  550. * @return File
  551. * @throws NoResultException
  552. */
  553. public static function getByHash($hashstr)
  554. {
  555. $file = new File();
  556. $file->filehash = strtolower($hashstr);
  557. if (!$file->find(true)) {
  558. throw new NoResultException($file);
  559. }
  560. return $file;
  561. }
  562. public function updateUrl($url)
  563. {
  564. $file = File::getKV('urlhash', self::hashurl($url));
  565. if ($file instanceof File) {
  566. throw new ServerException('URL already exists in DB');
  567. }
  568. $sql = 'UPDATE %1$s SET urlhash=%2$s, url=%3$s WHERE urlhash=%4$s;';
  569. $result = $this->query(sprintf(
  570. $sql,
  571. $this->tableName(),
  572. $this->_quote((string)self::hashurl($url)),
  573. $this->_quote((string)$url),
  574. $this->_quote((string)$this->urlhash)
  575. ));
  576. if ($result === false) {
  577. common_log_db_error($this, 'UPDATE', __FILE__);
  578. throw new ServerException("Could not UPDATE {$this->tableName()}.url");
  579. }
  580. return $result;
  581. }
  582. /**
  583. * Blow the cache of notices that link to this URL
  584. *
  585. * @param boolean $last Whether to blow the "last" cache too
  586. *
  587. * @return void
  588. */
  589. public function blowCache($last=false)
  590. {
  591. self::blow('file:notice-ids:%s', $this->id);
  592. if ($last) {
  593. self::blow('file:notice-ids:%s;last', $this->id);
  594. }
  595. self::blow('file:notice-count:%d', $this->id);
  596. }
  597. /**
  598. * Stream of notices linking to this URL
  599. *
  600. * @param integer $offset Offset to show; default is 0
  601. * @param integer $limit Limit of notices to show
  602. * @param integer $since_id Since this notice
  603. * @param integer $max_id Before this notice
  604. *
  605. * @return array ids of notices that link to this file
  606. */
  607. public function stream($offset=0, $limit=NOTICES_PER_PAGE, $since_id=0, $max_id=0)
  608. {
  609. // FIXME: Try to get the Profile::current() here in some other way to avoid mixing
  610. // the current session user with possibly background/queue processing.
  611. $stream = new FileNoticeStream($this, Profile::current());
  612. return $stream->getNotices($offset, $limit, $since_id, $max_id);
  613. }
  614. public function noticeCount()
  615. {
  616. $cacheKey = sprintf('file:notice-count:%d', $this->id);
  617. $count = self::cacheGet($cacheKey);
  618. if ($count === false) {
  619. $f2p = new File_to_post();
  620. $f2p->file_id = $this->id;
  621. $count = $f2p->count();
  622. self::cacheSet($cacheKey, $count);
  623. }
  624. return $count;
  625. }
  626. public function isLocal()
  627. {
  628. return !empty($this->filename);
  629. }
  630. public function delete($useWhere=false)
  631. {
  632. // Delete the file, if it exists locally
  633. if (!empty($this->filename) && file_exists(self::path($this->filename))) {
  634. $deleted = @unlink(self::path($this->filename));
  635. if (!$deleted) {
  636. common_log(LOG_ERR, sprintf('Could not unlink existing file: "%s"', self::path($this->filename)));
  637. }
  638. }
  639. // Clear out related things in the database and filesystem, such as thumbnails
  640. if (Event::handle('FileDeleteRelated', array($this))) {
  641. $thumbs = new File_thumbnail();
  642. $thumbs->file_id = $this->id;
  643. if ($thumbs->find()) {
  644. while ($thumbs->fetch()) {
  645. $thumbs->delete();
  646. }
  647. }
  648. $f2p = new File_to_post();
  649. $f2p->file_id = $this->id;
  650. if ($f2p->find()) {
  651. while ($f2p->fetch()) {
  652. $f2p->delete();
  653. }
  654. }
  655. }
  656. // And finally remove the entry from the database
  657. return parent::delete($useWhere);
  658. }
  659. public function getTitle()
  660. {
  661. $title = $this->title ?: $this->filename;
  662. return $title ?: null;
  663. }
  664. public function setTitle($title)
  665. {
  666. $orig = clone($this);
  667. $this->title = mb_strlen($title) > 0 ? $title : null;
  668. return $this->update($orig);
  669. }
  670. public static function hashurl($url)
  671. {
  672. if (empty($url)) {
  673. throw new Exception('No URL provided to hash algorithm.');
  674. }
  675. return hash(self::URLHASH_ALG, $url);
  676. }
  677. public static function beforeSchemaUpdate()
  678. {
  679. $table = strtolower(get_called_class());
  680. $schema = Schema::get();
  681. $schemadef = $schema->getTableDef($table);
  682. // 2015-02-19 We have to upgrade our table definitions to have the urlhash field populated
  683. if (isset($schemadef['fields']['urlhash']) && isset($schemadef['unique keys']['file_urlhash_key'])) {
  684. // We already have the urlhash field, so no need to migrate it.
  685. return;
  686. }
  687. echo "\nFound old $table table, upgrading it to contain 'urlhash' field...";
  688. $file = new File();
  689. $file->query(sprintf('SELECT id, LEFT(url, 191) AS shortenedurl, COUNT(*) AS c FROM %1$s WHERE LENGTH(url)>191 GROUP BY shortenedurl HAVING c > 1', $schema->quoteIdentifier($table)));
  690. print "\nFound {$file->N} URLs with too long entries in file table\n";
  691. while ($file->fetch()) {
  692. // We've got a URL that is too long for our future file table
  693. // so we'll cut it. We could save the original URL, but there is
  694. // no guarantee it is complete anyway since the previous max was 255 chars.
  695. $dupfile = new File();
  696. // First we find file entries that would be duplicates of this when shortened
  697. // ... and we'll just throw the dupes out the window for now! It's already so borken.
  698. $dupfile->query(sprintf('SELECT * FROM file WHERE LEFT(url, 191) = %1$s', $dupfile->_quote($file->shortenedurl)));
  699. // Leave one of the URLs in the database by using ->find(true) (fetches first entry)
  700. if ($dupfile->find(true)) {
  701. print "\nShortening url entry for $table id: {$file->id} [";
  702. $orig = clone($dupfile);
  703. $origurl = $dupfile->url; // save for logging purposes
  704. $dupfile->url = $file->shortenedurl; // make sure it's only 191 chars from now on
  705. $dupfile->update($orig);
  706. print "\nDeleting duplicate entries of too long URL on $table id: {$file->id} [";
  707. // only start deleting with this fetch.
  708. while ($dupfile->fetch()) {
  709. common_log(LOG_INFO, sprintf('Deleting duplicate File entry of %1$d: %2$d (original URL: %3$s collides with these first 191 characters: %4$s', $dupfile->id, $file->id, $origurl, $file->shortenedurl));
  710. print ".";
  711. $dupfile->delete();
  712. }
  713. print "]\n";
  714. } else {
  715. print "\nWarning! URL suddenly disappeared from database: {$file->url}\n";
  716. }
  717. }
  718. echo "...and now all the non-duplicates which are longer than 191 characters...\n";
  719. $file->query('UPDATE file SET url=LEFT(url, 191) WHERE LENGTH(url)>191');
  720. echo "\n...now running hacky pre-schemaupdate change for $table:";
  721. // We have to create a urlhash that is _not_ the primary key,
  722. // transfer data and THEN run checkSchema
  723. $schemadef['fields']['urlhash'] = array(
  724. 'type' => 'varchar',
  725. 'length' => 64,
  726. 'not null' => false, // this is because when adding column, all entries will _be_ NULL!
  727. 'description' => 'sha256 of destination URL (url field)',
  728. );
  729. $schemadef['fields']['url'] = array(
  730. 'type' => 'text',
  731. 'description' => 'destination URL after following possible redirections',
  732. );
  733. unset($schemadef['unique keys']);
  734. $schema->ensureTable($table, $schemadef);
  735. echo "DONE.\n";
  736. $classname = ucfirst($table);
  737. $tablefix = new $classname;
  738. // urlhash is hash('sha256', $url) in the File table
  739. echo "Updating urlhash fields in $table table...";
  740. // Maybe very MySQL specific :(
  741. $tablefix->query(sprintf(
  742. 'UPDATE %1$s SET %2$s=%3$s;',
  743. $schema->quoteIdentifier($table),
  744. 'urlhash',
  745. // The line below is "result of sha256 on column `url`"
  746. 'SHA2(url, 256)'
  747. ));
  748. echo "DONE.\n";
  749. echo "Resuming core schema upgrade...";
  750. }
  751. }