return $att;
}
- function saveNew($redir_data, $given_url) {
+ /**
+ * Save a new file record.
+ *
+ * @param array $redir_data lookup data eg from File_redirection::where()
+ * @param string $given_url
+ * @return File
+ */
+ function saveNew(array $redir_data, $given_url) {
$x = new File;
$x->url = $given_url;
if (!empty($redir_data['protected'])) $x->protected = $redir_data['protected'];
if (isset($redir_data['time']) && $redir_data['time'] > 0) $x->date = intval($redir_data['time']);
$file_id = $x->insert();
+ $x->saveOembed($redir_data, $given_url);
+ return $x;
+ }
+
+ /**
+ * Save embedding information for this file, if applicable.
+ *
+ * Normally this won't need to be called manually, as File::saveNew()
+ * takes care of it.
+ *
+ * @param array $redir_data lookup data eg from File_redirection::where()
+ * @param string $given_url
+ * @return boolean success
+ */
+ public function saveOembed($redir_data, $given_url)
+ {
if (isset($redir_data['type'])
&& (('text/html' === substr($redir_data['type'], 0, 9) || 'application/xhtml+xml' === substr($redir_data['type'], 0, 21)))
&& ($oembed_data = File_oembed::_getOembed($given_url))) {
- $fo = File_oembed::staticGet('file_id', $file_id);
+ $fo = File_oembed::staticGet('file_id', $this->id);
if (empty($fo)) {
- File_oembed::saveNew($oembed_data, $file_id);
+ File_oembed::saveNew($oembed_data, $this->id);
+ return true;
} else {
common_log(LOG_WARNING, "Strangely, a File_oembed object exists for new file $file_id", __FILE__);
}
}
- return $x;
+ return false;
}
function processNew($given_url, $notice_id=null) {
$redir_url = $redir_data['url'];
} elseif (is_string($redir_data)) {
$redir_url = $redir_data;
+ $redir_data = array();
} else {
throw new ServerException("Can't process url '$given_url'");
}
{
require_once 'MIME/Type/Extension.php';
$mte = new MIME_Type_Extension();
- $ext = $mte->getExtension($mimetype);
+ try {
+ $ext = $mte->getExtension($mimetype);
+ } catch ( Exception $e) {
+ $ext = strtolower(preg_replace('/\W/', '', $mimetype));
+ }
$nickname = $profile->nickname;
$datestamp = strftime('%Y%m%dT%H%M%S', time());
$random = strtolower(common_confirmation_code(32));
return "$nickname-$datestamp-$random.$ext";
}
+ /**
+ * Validation for as-saved base filenames
+ */
+ static function validFilename($filename)
+ {
+ return preg_match('/^[A-Za-z0-9._-]+$/', $filename);
+ }
+
+ /**
+ * @throws ClientException on invalid filename
+ */
static function path($filename)
{
+ if (!self::validFilename($filename)) {
+ throw new ClientException("Invalid filename");
+ }
$dir = common_config('attachments', 'dir');
if ($dir[strlen($dir)-1] != '/') {
static function url($filename)
{
+ if (!self::validFilename($filename)) {
+ throw new ClientException("Invalid filename");
+ }
if(common_config('site','private')) {
return common_local_url('getfile',
$server = common_config('site', 'server');
}
- // XXX: protocol
+ $ssl = common_config('attachments', 'ssl');
+
+ if (is_null($ssl)) { // null -> guess
+ if (common_config('site', 'ssl') == 'always' &&
+ !common_config('attachments', 'server')) {
+ $ssl = true;
+ } else {
+ $ssl = false;
+ }
+ }
+
+ $protocol = ($ssl) ? 'https' : 'http';
- return 'http://'.$server.$path.$filename;
+ return $protocol.'://'.$server.$path.$filename;
}
}
$enclosure->mimetype=$this->mimetype;
if(! isset($this->filename)){
- $notEnclosureMimeTypes = array('text/html','application/xhtml+xml');
+ $notEnclosureMimeTypes = array(null,'text/html','application/xhtml+xml');
$mimetype = strtolower($this->mimetype);
$semicolon = strpos($mimetype,';');
if($semicolon){
if($oembed->modified) $enclosure->modified=$oembed->modified;
unset($oembed->size);
}
+ } else {
+ return false;
}
}
}
return $enclosure;
}
+
+ // quick back-compat hack, since there's still code using this
+ function isEnclosure()
+ {
+ $enclosure = $this->getEnclosure();
+ return !empty($enclosure);
+ }
}