if (isset($redir_data['type'])
&& (('text/html' === substr($redir_data['type'], 0, 9) || 'application/xhtml+xml' === substr($redir_data['type'], 0, 21)))
&& ($oembed_data = File_oembed::_getOembed($given_url))) {
+
+ $fo = File_oembed::staticGet('file_id', $file_id);
+
+ if (empty($fo)) {
File_oembed::saveNew($oembed_data, $file_id);
+ } else {
+ common_log(LOG_WARNING, "Strangely, a File_oembed object exists for new file $file_id", __FILE__);
+ }
}
return $x;
}
} elseif (is_string($redir_data)) {
$redir_url = $redir_data;
} else {
- throw new ServerException("Cannot process url '$given_url'");
+ throw new ServerException("Can't process url '$given_url'");
}
// TODO: max field length
if ($redir_url === $given_url || strlen($redir_url) > 255) {
return "$nickname-$datestamp-$random.$ext";
}
+ /**
+ * Validation for as-saved base filenames
+ */
+ static function validFilename($filename)
+ {
+ return preg_match('/^[A-Za-z0-9._-]+$/', $filename);
+ }
+
+ /**
+ * @throws ClientException on invalid filename
+ */
static function path($filename)
{
+ if (!self::validFilename($filename)) {
+ throw new ClientException("Invalid filename");
+ }
$dir = common_config('attachments', 'dir');
if ($dir[strlen($dir)-1] != '/') {
static function url($filename)
{
- $path = common_config('attachments', 'path');
-
- if ($path[strlen($path)-1] != '/') {
- $path .= '/';
+ if (!self::validFilename($filename)) {
+ throw new ClientException("Invalid filename");
}
+ if(common_config('site','private')) {
- if ($path[0] != '/') {
- $path = '/'.$path;
- }
+ return common_local_url('getfile',
+ array('filename' => $filename));
- $server = common_config('attachments', 'server');
+ } else {
+ $path = common_config('attachments', 'path');
- if (empty($server)) {
- $server = common_config('site', 'server');
- }
+ if ($path[strlen($path)-1] != '/') {
+ $path .= '/';
+ }
+
+ if ($path[0] != '/') {
+ $path = '/'.$path;
+ }
- // XXX: protocol
+ $server = common_config('attachments', 'server');
- return 'http://'.$server.$path.$filename;
+ if (empty($server)) {
+ $server = common_config('site', 'server');
+ }
+
+ // XXX: protocol
+
+ return 'http://'.$server.$path.$filename;
+ }
}
function getEnclosure(){
if($oembed->modified) $enclosure->modified=$oembed->modified;
unset($oembed->size);
}
+ } else {
+ return false;
}
}
}