Introduced isReachableFilePath() and isReadableFile().
authorRoland Haeder <roland@mxchange.org>
Tue, 26 May 2015 19:33:07 +0000 (21:33 +0200)
committerRoland Haeder <roland@mxchange.org>
Tue, 26 May 2015 19:33:07 +0000 (21:33 +0200)
Signed-off-by: Roland H├Ąder <roland@mxchange.org>
inc/classes/main/class_BaseFrameworkSystem.php
inc/classes/main/file_directories/input/raw/class_FrameworkRawFileInputPointer.php
inc/classes/main/file_directories/input/text/class_FrameworkTextFileInputPointer.php
inc/classes/main/file_directories/io/class_FrameworkFileInputOutputPointer.php
inc/classes/main/images/extended/class_PngImage.php
inc/classes/main/scrypt/class_Scrypt.php
inc/database.php
inc/loader/class_ClassLoader.php
inc/selector.php

index 026a06b..f4d7d67 100644 (file)
@@ -346,9 +346,11 @@ class BaseFrameworkSystem extends stdClass implements FrameworkInterface {
        const EXCEPTION_FATAL_ERROR                  = 0x035;
        const EXCEPTION_FILE_NOT_FOUND               = 0x036;
        const EXCEPTION_ASSERTION_FAILED             = 0x037;
-       const EXCEPTION_FILE_CANNOT_BE_READ          = 0x038;
-       const EXCEPTION_DATABASE_UPDATED_NOT_ALLOWED = 0x039;
-       const EXCEPTION_FILTER_CHAIN_INTERCEPTED     = 0x03a;
+       const EXCEPTION_FILE_NOT_REACHABLE           = 0x038;
+       const EXCEPTION_FILE_CANNOT_BE_READ          = 0x039;
+       const EXCEPTION_FILE_CANNOT_BE_WRITTEN       = 0x03a;
+       const EXCEPTION_DATABASE_UPDATED_NOT_ALLOWED = 0x03b;
+       const EXCEPTION_FILTER_CHAIN_INTERCEPTED     = 0x03c;
 
        /**
         * Hexadecimal->Decimal translation array
@@ -3225,6 +3227,55 @@ class BaseFrameworkSystem extends stdClass implements FrameworkInterface {
                //* NOISY-DEBUG */ self::createDebugInstance(__CLASS__)->debugOutput('packed=' . $packed . ' - EXIT!');
                return $packed;
        }
+
+       /**
+        * Checks whether the given file/path is in open_basedir(). This does not
+        * gurantee that the file is actually readable and/or writeable. If you need
+        * such gurantee then please use isReadableFile() instead.
+        *
+        * @param       $filePathName   Name of the file/path to be checked
+        * @return      $isReachable    Whether it is within open_basedir()
+        */
+       public static function isReachableFilePath ($filePathName) {
+               // Is not reachable by default
+               $isReachable = FALSE;
+
+               // Get open_basedir parameter
+               $openBaseDir = ini_get('open_basedir');
+
+               // Is it set?
+               if (!empty($openBaseDir)) {
+                       // Check all entries
+                       foreach (explode(PATH_SEPARATOR, $openBaseDir) as $dir) {
+                               // Check on existence
+                               if (substr($filePathName, 0, strlen($dir)) == $dir) {
+                                       // Is reachable
+                                       $isReachable = TRUE;
+                               } // END - if
+                       } // END - foreach
+               } // END - if
+
+               // Return status
+               return $isReachable;
+       }
+
+       /**
+        * Checks whether the give file is within open_basedir() (done by
+        * isReachableFilePath()), is actually a file and is readable.
+        *
+        * @param       $fileName               Name of the file to be checked
+        * @return      $isReadable             Whether the file is readable (and therefor exists)
+        */
+       public static function isReadableFile ($fileName) {
+               // Default is not readable
+               $isReadable = FALSE;
+
+               // Is within parameters, so check if it is a file and readable
+               $isReadable = ((self::isReachableFilePath($fileName)) && (is_file($fileName)) && (is_readable($fileName)));
+
+               // Return status
+               return $isReadable;
+       }
 }
 
 // [EOF]
index 37f5adb..a3b3702 100644 (file)
@@ -37,8 +37,9 @@ class FrameworkRawFileInputPointer extends BaseFileIo implements InputPointer {
         * be verified here.
         *
         * @param       $fileName       The file name we shall pass to fopen()
-        * @throws      FileIsEmptyException    If the provided file name is empty.
-        * @throws      FileIoException                 If fopen() returns not a file resource
+        * @throws      FileIsEmptyException            If the provided file name is empty.
+        * @throws      FileIoException                         If the file is not reachable
+        * @throws      FileReadProtectedException      If the file is not found or cannot be read
         * @return      void
         */
        public static final function createFrameworkRawFileInputPointer ($fileName) {
@@ -46,10 +47,10 @@ class FrameworkRawFileInputPointer extends BaseFileIo implements InputPointer {
                if ((is_null($fileName)) || (empty($fileName))) {
                        // No filename given
                        throw new FileIsEmptyException(NULL, self::EXCEPTION_UNEXPECTED_EMPTY_STRING);
-               } elseif (!file_exists($fileName)) {
+               } elseif (!BaseFrameworkSystem::isReachableFilePath($fileName)) {
                        // File does not exist!
-                       throw new FileIoException($fileName, self::EXCEPTION_FILE_NOT_FOUND);
-               } elseif (!is_readable($fileName)) {
+                       throw new FileIoException($fileName, self::EXCEPTION_FILE_NOT_REACHABLE);
+               } elseif (!BaseFrameworkSystem::isReadableFile($fileName)) {
                        // File does not exist!
                        throw new FileReadProtectedException($fileName, self::EXCEPTION_FILE_CANNOT_BE_READ);
                }
index 5338fe3..fa238a5 100644 (file)
@@ -37,8 +37,9 @@ class FrameworkTextFileInputPointer extends BaseFileIo implements InputPointer {
         * be verified here.
         *
         * @param       $fileName       The file name we shall pass to fopen()
-        * @throws      FileIsEmptyException    If the provided file name is empty.
-        * @throws      FileIoException                 If fopen() returns not a file resource
+        * @throws      FileIsEmptyException            If the provided file name is empty.
+        * @throws      FileIoException                         If the file is not reachable
+        * @throws      FileReadProtectedException      If the file cannot be read from
         * @return      void
         */
        public static final function createFrameworkTextFileInputPointer ($fileName) {
@@ -46,10 +47,10 @@ class FrameworkTextFileInputPointer extends BaseFileIo implements InputPointer {
                if ((is_null($fileName)) || (empty($fileName))) {
                        // No filename given
                        throw new FileIsEmptyException(NULL, self::EXCEPTION_UNEXPECTED_EMPTY_STRING);
-               } elseif (!file_exists($fileName)) {
+               } elseif (!BaseFrameworkSystem::isReachableFilePath($fileName)) {
                        // File does not exist!
-                       throw new FileIoException($fileName, self::EXCEPTION_FILE_NOT_FOUND);
-               } elseif (!is_readable($fileName)) {
+                       throw new FileIoException($fileName, self::EXCEPTION_FILE_NOT_REACHABLE);
+               } elseif (!BaseFrameworkSystem::isReadableFile($fileName)) {
                        // File does not exist!
                        throw new FileReadProtectedException($fileName, self::EXCEPTION_FILE_CANNOT_BE_READ);
                }
index fc4d780..edf9f57 100644 (file)
@@ -48,12 +48,15 @@ class FrameworkFileInputOutputPointer extends BaseFileIo implements InputOutputP
                if ((is_null($fileName)) || (empty($fileName))) {
                        // No filename given
                        throw new FileIsEmptyException(NULL, self::EXCEPTION_UNEXPECTED_EMPTY_STRING);
-               } elseif ((file_exists($fileName)) && (!is_readable($fileName))) {
+               } elseif (!BaseFrameworkSystem::isReachableFilePath($fileName)) {
+                       // File exists but cannot be read
+                       throw new FileIoException($fileName, self::EXCEPTION_FILE_NOT_REACHABLE);
+               } elseif (!BaseFrameworkSystem::isReadableFile($fileName)) {
                        // File exists but cannot be read
                        throw new FileReadProtectedException($fileName, self::EXCEPTION_FILE_CANNOT_BE_READ);
-               } elseif ((file_exists($fileName)) && (!is_writable($fileName))) {
+               } elseif (!is_writable($fileName)) {
                        // File exists but cannot be written
-                       throw new FileWriteProtectedException($fileName, self::EXCEPTION_FILE_CANNOT_BE_READ);
+                       throw new FileWriteProtectedException($fileName, self::EXCEPTION_FILE_CANNOT_BE_WRITTEN);
                }
 
                // Try to open a handler
index 74f70fb..ec0b89f 100644 (file)
@@ -65,7 +65,7 @@ class PngImage extends BaseImage {
                $cacheFile = $this->getTemplateInstance()->getImageCacheFqfn();
 
                // Does it exist?
-               if (file_exists($cacheFile)) {
+               if (BaseFrameworkSystem::isReadableFile($cacheFile)) {
                        // Remove it
                        @unlink($cacheFile);
                } // END - if
index bcbc5b3..3bc5d76 100644 (file)
@@ -90,7 +90,7 @@ abstract class Scrypt extends BaseFrameworkSystem
                 $buffer_valid = true;
             }
         }
-        if (!$buffer_valid && is_readable('/dev/urandom')) {
+        if (!$buffer_valid && BaseFrameworkSystem::isReadableFile('/dev/urandom')) {
             $f = fopen('/dev/urandom', 'r');
             $read = static::strlen($buffer);
             while ($read < $length) {
index dded169..6b028d3 100644 (file)
@@ -31,12 +31,12 @@ $databaseInstance = NULL;
 $fqfn = FrameworkConfiguration::getSelfInstance()->getConfigEntry('base_path') . 'inc/database/lib-' . FrameworkConfiguration::getSelfInstance()->getConfigEntry('db_type') . '.php';
 
 // Load the database layer include
-if ((file_exists($fqfn)) && (is_file($fqfn)) && (is_readable($fqfn))) {
+if (BaseFrameworkSystem::isReadableFile($fqfn)) {
        // Load the layer
        require($fqfn);
 } else {
        // Layer is missing!
-       ApplicationEntryPoint::app_exit(sprintf("[Main:] Database layer is missing! (%s) -&gt; R.I.P.",
+       ApplicationEntryPoint::app_exit(sprintf('[Main:] Database layer is missing! (%s) -&gt; R.I.P.',
                FrameworkConfiguration::getSelfInstance()->getConfigEntry('db_type')
        ));
 }
index 31fc9de..11683c4 100644 (file)
@@ -235,7 +235,7 @@ class ClassLoader {
                } // END - if
 
                // IS the cache there?
-               if (file_exists($this->listCacheFQFN)) {
+               if (BaseFrameworkSystem::isReadableFile($this->listCacheFQFN)) {
                        // Get content
                        $cacheContent = file_get_contents($this->listCacheFQFN);
 
@@ -247,7 +247,7 @@ class ClassLoader {
                } // END - if
 
                // Does the class cache exist?
-               if (file_exists($this->classCacheFQFN)) {
+               if (BaseFrameworkSystem::isReadableFile($this->listCacheFQFN)) {
                        // Then include it
                        require($this->classCacheFQFN);
 
index 1010386..e8dffb2 100644 (file)
@@ -59,7 +59,7 @@ foreach ($configAppIncludes as $appInc) {
        $appFqFn = $basePathFile . '/' . $appInc . '.php';
 
        // Does the include file exists?
-       if ((file_exists($appFqFn)) && (is_file($appFqFn)) && (is_readable($appFqFn))) {
+       if (BaseFrameworkSystem::isReadableFile($appFqFn)) {
                // Load it
                //* DEBUG: */ print basename(__FILE__)."[".__LINE__."]: Loading ".basename($appFqFn)." - START\n";
                require($appFqFn);