]> git.mxchange.org Git - quix0rs-gnu-social.git/commitdiff
[MEDIA] Fix trying to display file wich is not available locally
authorMiguel Dantas <biodantasgs@gmail.com>
Thu, 27 Jun 2019 23:18:27 +0000 (00:18 +0100)
committerDiogo Cordeiro <diogo@fc.up.pt>
Sat, 3 Aug 2019 16:31:41 +0000 (17:31 +0100)
actions/attachment.php
actions/attachment_download.php
actions/attachment_thumbnail.php
actions/attachment_view.php
classes/File.php
lib/mediafile.php
plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php

index 04b261506bab61a0ebb732fb6275c3c8ab81530e..0f4153cbcf93cbcba7feb80a53c114bb69aad659 100644 (file)
@@ -59,15 +59,20 @@ class AttachmentAction extends ManagedAction
     {
         parent::prepare($args);
 
-        if (!empty($id = $this->trimmed('attachment'))) {
-            $this->attachment = File::getByID($id);
-        } elseif (!empty($filehash = $this->trimmed('filehash'))) {
-            $this->attachment = File::getByHash($filehash);
+        try {
+            if (!empty($id = $this->trimmed('attachment'))) {
+                $this->attachment = File::getByID($id);
+            } elseif (!empty($filehash = $this->trimmed('filehash'))) {
+                $this->attachment = File::getByHash($filehash);
+            }
+        } catch (Exception $e) {
+            // Not found
         }
-
         if (!$this->attachment instanceof File) {
             // TRANS: Client error displayed trying to get a non-existing attachment.
             $this->clientError(_('No such attachment.'), 404);
+        } elseif (empty($this->attachment->filename)) {
+            $this->clientError(_('Requested local URL for a file that is not stored locally.'), 404);
         }
         return true;
     }
@@ -145,8 +150,11 @@ class AttachmentAction extends ManagedAction
         if (common_config('site', 'use_x_sendfile')) {
             return null;
         }
-
-        return filemtime($this->attachment->getPath());
+        try {
+            return filemtime($this->attachment->getPath());
+        } catch (InvalidFilenameException $e) {
+            return null;
+        }
     }
 
     /**
@@ -165,11 +173,15 @@ class AttachmentAction extends ManagedAction
 
         $cache = Cache::instance();
         if($cache) {
-            $key = Cache::key('attachments:etag:' . $this->attachment->getPath());
-            $etag = $cache->get($key);
-            if($etag === false) {
-                $etag = crc32(file_get_contents($this->attachment->getPath()));
-                $cache->set($key,$etag);
+            try {
+                $key = Cache::key('attachments:etag:' . $this->attachment->getPath());
+                $etag = $cache->get($key);
+                if($etag === false) {
+                    $etag = crc32(file_get_contents($this->attachment->getPath()));
+                    $cache->set($key,$etag);
+                }
+            } catch (InvalidFilenameException $e) {
+                return null;
             }
             return $etag;
         }
@@ -181,22 +193,23 @@ class AttachmentAction extends ManagedAction
     /**
      * Include $filepath in the response, for viewing and downloading
      */
-    static function sendFile(string $filepath, int $size) {
+    static function sendFile(string $filepath, int $filesize) {
         if (common_config('site', 'use_x_sendfile')) {
             header('X-Sendfile: ' . $filepath);
         } else {
-            // ensure we have a file size
-            if (empty($size)) {
-                $size = filesize($filepath);
+            if (empty($filesize)) {
+                $filesize = filesize($filepath);
             }
-            header("Content-Length: {$size}");
+            header("Content-Length: {$filesize}");
             // header('Cache-Control: private, no-transform, no-store, must-revalidate');
 
             $ret = @readfile($filepath);
 
-            if ($ret === false || $ret !== $filesize) {
+            if (ret === false) {
+                common_log(LOG_ERR, "Couldn't read file at {$filepath}.");
+            } elseif ($ret !== $filesize) {
                 common_log(LOG_ERR, "The lengths of the file as recorded on the DB (or on disk) for the file " .
-                           "{$filepath}, with id={$this->attachment->id} differ from what was sent to the user.");
+                           "{$filepath} differ from what was sent to the user ({$filesize} vs {$ret}).");
             }
         }
     }
index b4b01389d8354b32bda680a5967a0cda8e51814e..6a42c29350e9fe875fd5e254954fb32db18dd06b 100644 (file)
@@ -31,6 +31,6 @@ class Attachment_downloadAction extends AttachmentAction
         header('Expires: 0');
         header('Content-Transfer-Encoding: binary'); // FIXME? Can this be different?
 
-        parent::sendFile($filepath, $filesize);
+        AttachmentAction::sendFile($filepath, $filesize);
     }
 }
index f7cc17f3470ad75de9c4eb5fb26ecc02c8ad7d7f..3e5fbf222f915188e17ea4cac6806a2c72da2fbc 100644 (file)
@@ -64,12 +64,17 @@ class Attachment_thumbnailAction extends AttachmentAction
             $file = $e->file;
         }
 
-        if (!empty($thumb)) {
-            $filepath = $thumb->getPath();
-            $filesize = 0;
-        } else {
-            $filepath = $file->getPath();
-            $filesize = $file->size;
+        try {
+            if (!empty($thumb)) {
+                $filepath = $thumb->getPath();
+                $size = 0;
+            } elseif ($file->isLocal()) {
+                $filepath = $file->getPath();
+                $size = $file->size;
+            }
+        } catch (InvalidFilenameException $e) {
+            // We don't have a file to display
+            return;
         }
 
         $filename = MediaFile::getDisplayName($file);
@@ -85,6 +90,6 @@ class Attachment_thumbnailAction extends AttachmentAction
         header('Expires: 0');
         header('Content-Transfer-Encoding: binary');
 
-        parent::sendFile($filepath, $filesize);
+        AttachmentAction::sendFile($filepath, $size);
     }
 }
index 71e1e0fd6c77ca785404a0ba95b2636f802f85f2..d75a45cb768065f1f66410fd1f193385ae9f8248 100644 (file)
@@ -34,6 +34,6 @@ class Attachment_viewAction extends AttachmentAction
         header('Expires: 0');
         header('Content-Transfer-Encoding: binary');
 
-        parrent::sendFile($filepath, $filesize);
+        AttachmentAction::sendFile($filepath, $filesize);
     }
 }
index 8ccae352e80a9a44b793bbb12a3f9b83a23ea769..2d27115678e49705e50a8c8c67ed20c4d9176dee 100644 (file)
@@ -127,11 +127,11 @@ class File extends Managed_DataObject
                 $args = $r->map(mb_substr($u['path'], 1));
                 if ($args['action'] === 'attachment') {
                     try {
-                        // $args['attachment'] should always be set if action===attachment, given our routing rules
-                        $file = File::getByID($args['attachment']);
-                        return $file;
-                    } catch (EmptyPkeyValueException $e) {
-                        // ...but $args['attachment'] can also be 0...
+                        if (!empty($args['attachment'])) {
+                            return File::getByID($args['attachment']);
+                        } elseif ($args['filehash']) {
+                            return File::getByHash($args['filehash']);
+                        }
                     } catch (NoResultException $e) {
                         // apparently this link goes to us, but is _not_ an existing attachment (File) ID?
                     }
index bbd7e31b2e08cfbe4f836692ebb9c23b3761e4d0..aebe40cb9efe4181d8efef167493864c9db22967 100644 (file)
@@ -577,6 +577,10 @@ class MediaFile
      * @returns string
      */
     public static function getDisplayName(File $file) : string {
+        if (empty($file->filename)) {
+            return _('Untitled attachment');
+        }
+
         // New file name format is "{bin2hex(original_name.ext)}-{$hash}"
         $ret = preg_match('/^([^\.-]+)-.+$/', $file->filename, $matches);
         // If there was an error in the match, something's wrong with some piece
index 89635db8b80a5780eb5687bb698136ec3fb36010..e222f4ea60fa25a33c5525a1dc06a58d7a4474cc 100644 (file)
@@ -83,6 +83,10 @@ class StoreRemoteMediaPlugin extends Plugin
 
         $remoteUrl = $file->getUrl();
 
+        if (empty($remoteUrl)) {
+            return true;
+        }
+
         if (!$this->checkWhiteList($remoteUrl) ||
             !$this->checkBlackList($remoteUrl)) {
                    return true;