FilemanagerMediafile.php 4.78 KB
Newer Older
Marcello Pivanti's avatar
Marcello Pivanti committed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
<?php

/**
 * Art-ER Attrattività, ricerca e territorio dell’Emilia-Romagna
 * OPEN 2.0
 *
 *
 * @package    elitedivision\amos\upload
 * @category   CategoryName
 * @author     Elite Division S.r.l.
 */

namespace elitedivision\amos\upload\models;

use pendalf89\filemanager\models\Mediafile;
use Yii;
use yii\db\Exception;
use yii\helpers\Inflector;
use yii\helpers\ArrayHelper;
use yii\web\UploadedFile;

class FilemanagerMediafile extends Mediafile {

    /**
     * Save just uploaded file
     * @param array $routes routes from module settings
     * @param bool $rename
     * @return bool
     */


    public function saveUploadedFile(array $routes, $rename = false)
    {
        
         $year = date('Y', time());
        $month = date('m', time());
        $structure = "$routes[baseUrl]/$routes[uploadPath]/$year/$month";
        $basePath = Yii::getAlias($routes['basePath']);
        $absolutePath = "$basePath/$structure";

        // create actual directory structure "yyyy/mm"
        if (!file_exists($absolutePath)) {
            mkdir($absolutePath, 0777, true);
        }

        // get file instance
        $this->file = UploadedFile::getInstance($this, 'file');
        //if a file with the same name already exist append a number
        $counter = 0;
        do{
            if($counter==0)
                $filename = Inflector::slug($this->file->baseName).'.'. $this->file->extension;
            else{
                //if we don't want to rename we finish the call here
                if($rename == false)
                    return false;
                $filename = Inflector::slug($this->file->baseName). $counter.'.'. $this->file->extension;
            }
            $url = "$structure/$filename";
            $counter++;
        } while(self::findByUrl($url)); // checks for existing url in db
        
        $this->evaluateBlackList(NULL, NULL);
        
        // save original uploaded file
        $this->file->saveAs("$absolutePath/$filename");
        $this->filename = $filename;
        $this->type = $this->file->type;
        $this->size = $this->file->size;
        $this->url = $url;

        $return = $this->save();


        if ($return && $this->isImage()) {
            $this->createThumbs($routes, \Yii::$app->getModule('upload')->thumbs);
        }

        return $return;
    }

    public function saveInstanceFiles(array $routes, $rename = false, $uploadedFile)
    {
        $year = date('Y', time());
        $month = date('m', time());
        $structure = "$routes[baseUrl]/$routes[uploadPath]/$year/$month";
        $basePath = Yii::getAlias($routes['basePath']);
        $absolutePath = "$basePath/$structure";

        // create actual directory structure "yyyy/mm"
        if (!file_exists($absolutePath)) {
            mkdir($absolutePath, 0777, true);
        }

        // get file instance
        $this->file = $uploadedFile;
        //if a file with the same name already exist append a number
        $counter = 0;
        do{
            if($counter==0)
                $filename = Inflector::slug($this->file->baseName).'.'. $this->file->extension;
            else{
                //if we don't want to rename we finish the call here
                if($rename == false)
                    return false;
                $filename = Inflector::slug($this->file->baseName). $counter.'.'. $this->file->extension;
            }
            $url = "$structure/$filename";
            $counter++;
        } while(self::findByUrl($url)); // checks for existing url in db

        // save original uploaded file
        //$this->file->saveAs("$absolutePath/$filename");

        $ret = copy($this->file->tempName, "$absolutePath/$filename");
        if ($ret){
            unlink($this->file->tempName);
        }

        $this->filename = $filename;
        $this->type = $this->file->type;
        $this->size = $this->file->size;
        $this->url = $url;

        return $this->save();
    }

    /**
     * @return array
     */
    public function rules()
    {
        return ArrayHelper::merge(parent::rules(),[
            ['file',  'evaluateBlackList'],
        ]);
    }

    /**
     * @param $attribute
     * @param $params
     */
    public function evaluateBlackList($attribute, $params)
    {

        $upload_white_list_file_exts = isset(Yii::$app->params['upload_white_list_file_exts']) ? Yii::$app->params['upload_white_list_file_exts']: [];
        $upload_black_list_file_mimes  = isset(Yii::$app->params['upload_black_list_file_mimes']) ? Yii::$app->params['upload_black_list_file_mimes'] : [];

        $file_ext = explode('.',$this->filename);
        if(!in_array(end($file_ext),$upload_white_list_file_exts)
            || in_array($this->file->type,$upload_black_list_file_mimes))
        {
            throw  new Exception('Uploading potentially damaging files');
        }

    }
}