if (isset($redir_data['type'])
&& (('text/html' === substr($redir_data['type'], 0, 9) || 'application/xhtml+xml' === substr($redir_data['type'], 0, 21)))
&& ($oembed_data = File_oembed::_getOembed($given_url))) {
+
+ $fo = File_oembed::staticGet('file_id', $file_id);
+
+ if (empty($fo)) {
File_oembed::saveNew($oembed_data, $file_id);
+ } else {
+ common_log(LOG_WARNING, "Strangely, a File_oembed object exists for new file $file_id", __FILE__);
+ }
}
return $x;
}
$file_redir = File_redirection::staticGet('url', $given_url);
if (empty($file_redir)) {
$redir_data = File_redirection::where($given_url);
- $redir_url = $redir_data['url'];
+ if (is_array($redir_data)) {
+ $redir_url = $redir_data['url'];
+ } elseif (is_string($redir_data)) {
+ $redir_url = $redir_data;
+ } else {
+ throw new ServerException("Can't process url '$given_url'");
+ }
// TODO: max field length
if ($redir_url === $given_url || strlen($redir_url) > 255) {
$x = File::saveNew($redir_data, $given_url);
return "$nickname-$datestamp-$random.$ext";
}
+ /**
+ * Validation for as-saved base filenames
+ */
+ static function validFilename($filename)
+ {
+ return preg_match('^/[A-Za-z0-9._-]+$/', $filename);
+ }
+
+ /**
+ * @throws ClientException on invalid filename
+ */
static function path($filename)
{
+ if (!self::validFilename($filename)) {
+ throw new ClientException("Invalid filename");
+ }
$dir = common_config('attachments', 'dir');
if ($dir[strlen($dir)-1] != '/') {
static function url($filename)
{
- $path = common_config('attachments', 'path');
-
- if ($path[strlen($path)-1] != '/') {
- $path .= '/';
+ if (!self::validFilename($filename)) {
+ throw new ClientException("Invalid filename");
}
+ if(common_config('site','private')) {
- if ($path[0] != '/') {
- $path = '/'.$path;
- }
+ return common_local_url('getfile',
+ array('filename' => $filename));
- $server = common_config('attachments', 'server');
+ } else {
+ $path = common_config('attachments', 'path');
- if (empty($server)) {
- $server = common_config('site', 'server');
- }
+ if ($path[strlen($path)-1] != '/') {
+ $path .= '/';
+ }
+
+ if ($path[0] != '/') {
+ $path = '/'.$path;
+ }
- // XXX: protocol
+ $server = common_config('attachments', 'server');
- return 'http://'.$server.$path.$filename;
+ if (empty($server)) {
+ $server = common_config('site', 'server');
+ }
+
+ // XXX: protocol
+
+ return 'http://'.$server.$path.$filename;
+ }
}
function getEnclosure(){
if($oembed->modified) $enclosure->modified=$oembed->modified;
unset($oembed->size);
}
+ } else {
+ return false;
}
}
}