Gah, bad syntax

[quix0rs-gnu-social.git] / plugins / StoreRemoteMedia / StoreRemoteMediaPlugin.php

diff --git a/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php b/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php
index 34846748e757676a01ed9d861ea2cfa1572db8a8..f38ca4713ecd4b9d7503835d3dac49972ca45ae0 100644 (file)
--- a/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php
+++ b/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php
@@ -15,6 +15,9 @@ class StoreRemoteMediaPlugin extends Plugin
     public $append_whitelist = array(); // fill this array as domain_whitelist to add more trusted sources
     public $check_whitelist  = false;    // security/abuse precaution
 
+    public $domain_blacklist = array();
+    public $check_blacklist = false;
+
     protected $imgData = array();
 
     // these should be declared protected everywhere
@@ -74,11 +77,19 @@ class StoreRemoteMediaPlugin extends Plugin
             return true;
         }
 
-        $this->checkWhitelist($file->getUrl());
+        if (!$this->checkWhiteList($file->getUrl()) ||
+            !$this->checkBlackList($file->getUrl())) {
+                   return true;
+        }
 
         // First we download the file to memory and test whether it's actually an image file
-        $imgData = HTTPClient::quickGet($file->getUrl());
-        common_debug(sprintf('Downloading remote file id==%u with URL: %s', $file->id, $file->getUrl()));
+        common_debug(sprintf('Downloading remote file id==%u with URL: %s', $file->getID(), _ve($file->getUrl())));
+        try {
+            $imgData = HTTPClient::quickGet($file->getUrl());
+        } catch (HTTP_Request2_ConnectionException $e) {
+            common_log(LOG_ERR, __CLASS__.': quickGet on URL: '._ve($file->getUrl()).' threw exception: '.$e->getMessage());
+            return true;
+        }
         $info = @getimagesizefromstring($imgData);
         if ($info === false) {
             throw new UnsupportedMediaException(_('Remote file format was not identified as an image.'), $file->getUrl());
@@ -119,23 +130,39 @@ class StoreRemoteMediaPlugin extends Plugin
     }
 
     /**
-     * @return boolean          false on no check made, provider name on success
-     * @throws ServerException  if check is made but fails
+     * @return boolean          true if given url passes blacklist check
      */
-    protected function checkWhitelist($url)
+    protected function checkBlackList($url)
     {
-        if (!$this->check_whitelist) {
-            return false;   // indicates "no check made"
+        if (!$this->check_blacklist) {
+            return true;
+        }
+        $host = parse_url($url, PHP_URL_HOST);
+        foreach ($this->domain_blacklist as $regex => $provider) {
+            if (preg_match("/$regex/", $host)) {
+                return false;
+            }
         }
 
+        return true;
+    }
+
+    /***
+     * @return boolean          true if given url passes whitelist check
+     */
+    protected function checkWhiteList($url)
+    {
+        if (!$this->check_whitelist) {
+            return true;
+        }
         $host = parse_url($url, PHP_URL_HOST);
         foreach ($this->domain_whitelist as $regex => $provider) {
             if (preg_match("/$regex/", $host)) {
-                return $provider;    // we trust this source, return provider name
+                return true;
             }
         }
 
-        throw new ServerException(sprintf(_('Domain not in remote source whitelist: %s'), $host));
+        return false;
     }
 
     public function onPluginVersion(array &$versions)