UploadBase Class Reference

Inherited by UploadFromFile, UploadFromStash, and UploadFromUrl.

List of all members.

Public Member Functions

 __construct ()
 initializePathInfo ($name, $tempPath, $fileSize, $removeTempFile=false)
 Initialize the path information.
 initializeFromRequest (&$request)
 Initialize from a WebRequest.
 fetchFile ()
 Fetch the file.
 isEmptyFile ()
 Return the file size.
 getRealPath ($srcPath)
 verifyUpload ()
 Verify whether the upload is sane.
 verifyPermissions ($user)
 Check whether the user can edit, upload and create the image.
 checkWarnings ()
 Check for non fatal problems with the file.
 performUpload ($comment, $pageText, $watch, $user)
 Really perform the upload.
 getTitle ()
 Returns the title of the file to be uploaded.
 getLocalFile ()
 Return the local file and initializes if necessary.
 stashSession ()
 Stash a file in a temporary directory for later processing, and save the necessary descriptive info into the session.
 cleanupTempFile ()
 If we've modified the upload file we need to manually remove it on exit to clean up.
 getTempPath ()
 checkSvgScriptCallback ($element, $attribs)
 getImageInfo ($result)

Static Public Member Functions

static isEnabled ()
 Returns true if uploads are enabled.
static isAllowed ($user)
 Returns true if the user can use this upload module or else a string identifying the missing permission.
static createFromRequest (&$request, $type=null)
 Create a form of UploadBase depending on wpSourceType and initializes it.
static isValidRequest ($request)
 Check whether a request if valid for this handler.
static splitExtensions ($filename)
 Split a file into a base name and all dot-delimited 'extensions' on the end.
static checkFileExtension ($ext, $list)
 Perform case-insensitive match against a list of file extensions.
static checkFileExtensionList ($ext, $list)
 Perform case-insensitive match against a list of file extensions.
static verifyExtension ($mime, $extension)
 Checks if the mime type of the uploaded file matches the file extension.
static detectScript ($file, $mime, $extension)
 Heuristic for detecting files that *could* contain JavaScript instructions or things that may look like HTML to a browser and are thus potentially harmful.
static detectVirus ($file)
 Generic wrapper function for a virus scanner program.
static userCanReUpload (User $user, $img)
 Check if a user is the last uploader.
static getExistsWarning ($file)
 Helper function that does various existence checks for a file.
static isThumbName ($filename)
 Helper function that checks whether the filename looks like a thumbnail.
static getFilenamePrefixBlacklist ()
 Get a list of blacklisted filename prefixes from [[MediaWiki:Filename-prefix-blacklist]].

Public Attributes

const SUCCESS = 0
const OK = 0
const EMPTY_FILE = 3
const MIN_LENGTH_PARTNAME = 4
const ILLEGAL_FILENAME = 5
const OVERWRITE_EXISTING_FILE = 7
const FILETYPE_MISSING = 8
const FILETYPE_BADTYPE = 9
const VERIFICATION_ERROR = 10
const UPLOAD_VERIFICATION_ERROR = 11
const HOOK_ABORTED = 11
const SESSION_VERSION = 2

Static Public Attributes

static $uploadHandlers = array( 'Stash', 'File', 'Url' )

Protected Member Functions

 verifyFile ()
 Verifies that it's ok to include the uploaded file.
 saveTempUploadedFile ($saveName, $tempSrc)
 Stash a file in a temporary directory for later processing after the user has confirmed it.
 getSessionKey ()
 Generate a random session key from stash in cases where we want to start an upload without much information.
 detectScriptInSvg ($filename)

Protected Attributes

 $mTempPath
 $mDesiredDestName
 $mDestName
 $mRemoveTempFile
 $mSourceType
 $mTitle = false
 $mTitleError = 0
 $mFilteredName
 $mFinalExtension
 $mLocalFile

Private Member Functions

 stripXmlNamespace ($name)
 checkMacBinary ()
 Check if the temporary file is MacBinary-encoded, as some uploads from Internet Explorer on Mac OS Classic and Mac OS X will be.
 checkOverwrite ()
 Check if there's an overwrite conflict and, if so, if restrictions forbid this user from performing the upload.


Detailed Description

Definition at line 16 of file UploadBase.php.


Constructor & Destructor Documentation

UploadBase::__construct (  ) 

Definition at line 116 of file UploadBase.php.


Member Function Documentation

static UploadBase::checkFileExtension ( ext,
list 
) [static]

Perform case-insensitive match against a list of file extensions.

Returns true if the extension is in the list.

Parameters:
string $ext
array $list
Returns:
bool

Definition at line 578 of file UploadBase.php.

References $ext.

Referenced by checkWarnings(), getTitle(), and verifyFile().

static UploadBase::checkFileExtensionList ( ext,
list 
) [static]

Perform case-insensitive match against a list of file extensions.

Returns true if any of the extensions are in the list.

Parameters:
array $ext
array $list
Returns:
bool

Definition at line 590 of file UploadBase.php.

References $ext.

Referenced by getTitle(), and wfGetType().

UploadBase::checkMacBinary (  )  [private]

Check if the temporary file is MacBinary-encoded, as some uploads from Internet Explorer on Mac OS Classic and Mac OS X will be.

If so, the data fork will be extracted to a second temporary file, which will then be checked for validity and either kept or discarded.

Definition at line 888 of file UploadBase.php.

Referenced by verifyFile().

UploadBase::checkOverwrite (  )  [private]

Check if there's an overwrite conflict and, if so, if restrictions forbid this user from performing the upload.

Returns:
mixed true on success, error string on failure

Definition at line 912 of file UploadBase.php.

Referenced by verifyUpload().

UploadBase::checkSvgScriptCallback ( element,
attribs 
)

Todo:
Replace this with a whitelist filter!

Definition at line 761 of file UploadBase.php.

References $attrib, stripXmlNamespace(), and wfDebug().

UploadBase::checkWarnings (  ) 

Check for non fatal problems with the file.

Returns:
array Array of warnings

Definition at line 318 of file UploadBase.php.

References $filename, $n, $title, $wgCheckFileExtensions, $wgFileExtensions, $wgUploadSizeWarning, Title::capitalize(), checkFileExtension(), getExistsWarning(), getLocalFile(), getTitle(), File::sha1Base36(), and RepoGroup::singleton().

UploadBase::cleanupTempFile (  ) 

If we've modified the upload file we need to manually remove it on exit to clean up.

Definition at line 545 of file UploadBase.php.

References wfDebug().

static UploadBase::createFromRequest ( &$  request,
type = null 
) [static]

Create a form of UploadBase depending on wpSourceType and initializes it.

Definition at line 72 of file UploadBase.php.

References wfDebug(), and wfRunHooks().

Referenced by SpecialUpload::loadRequest().

static UploadBase::detectScript ( file,
mime,
extension 
) [static]

Heuristic for detecting files that *could* contain JavaScript instructions or things that may look like HTML to a browser and are thus potentially harmful.

The present implementation will produce false positives in some situations.

Parameters:
string $file Pathname to the temporary upload file
string $mime The mime type of the file
string $extension The extension of the file
Returns:
bool true if the file contains something looking like embedded scripts

Definition at line 648 of file UploadBase.php.

References $wgAllowTitlesInSVG, Sanitizer::decodeCharReferences(), and wfDebug().

UploadBase::detectScriptInSvg ( filename  )  [protected]

Definition at line 753 of file UploadBase.php.

References $filename.

static UploadBase::detectVirus ( file  )  [static]

Generic wrapper function for a virus scanner program.

This relies on the $wgAntivirus and $wgAntivirusSetup variables. $wgAntivirusRequired may be used to deny upload if the scan fails.

Parameters:
string $file Pathname to the temporary upload file
Returns:
mixed false if not virus is found, NULL if the scan fails or is disabled, or a string containing feedback from the virus scanner if a virus was found. If textual feedback is missing but a virus was found, this function returns true.

Definition at line 798 of file UploadBase.php.

References $command, $output, $wgAntivirus, $wgAntivirusRequired, $wgAntivirusSetup, $wgOut, wfDebug(), wfEscapeShellArg(), wfMsg(), and wfShellExec().

Referenced by verifyFile().

UploadBase::fetchFile (  ) 

Fetch the file.

Usually a no-op

Reimplemented in UploadFromUrl.

Definition at line 141 of file UploadBase.php.

References Status::newGood().

static UploadBase::getExistsWarning ( file  )  [static]

Helper function that does various existence checks for a file.

The following checks are performed:

  • The file exists
  • Article with the same name as the file exists
  • File exists with normalized extension
  • The file looks like a thumbnail and the original exists

Parameters:
File $file The file to check
Returns:
mixed False if the file does not exists, else an array

Definition at line 970 of file UploadBase.php.

Referenced by checkWarnings().

static UploadBase::getFilenamePrefixBlacklist (  )  [static]

Get a list of blacklisted filename prefixes from [[MediaWiki:Filename-prefix-blacklist]].

Returns:
array list of prefixes

Definition at line 1063 of file UploadBase.php.

References wfEmptyMsg(), and wfMsgForContent().

UploadBase::getImageInfo ( result  ) 

UploadBase::getLocalFile (  ) 

Return the local file and initializes if necessary.

Definition at line 480 of file UploadBase.php.

References getTitle(), and wfLocalFile().

Referenced by checkWarnings(), getImageInfo(), performUpload(), and verifyUpload().

UploadBase::getRealPath ( srcPath  ) 

Parameters:
string $srcPath the source path
Returns:
the real path if it was a virtual URL

Definition at line 156 of file UploadBase.php.

References RepoGroup::singleton().

Referenced by UploadFromStash::initialize().

UploadBase::getSessionKey (  )  [protected]

Generate a random session key from stash in cases where we want to start an upload without much information.

Definition at line 535 of file UploadBase.php.

Referenced by stashSession().

UploadBase::getTempPath (  ) 

Definition at line 552 of file UploadBase.php.

UploadBase::getTitle (  ) 

Returns the title of the file to be uploaded.

Sets mTitleError in case the name was illegal.

Returns:
Title The title of the file or null in case the name was illegal

Definition at line 410 of file UploadBase.php.

References $ext, $i, $wgCheckFileExtensions, $wgFileBlacklist, $wgFileExtensions, $wgStrictFileExtensions, checkFileExtension(), checkFileExtensionList(), Title::makeTitleSafe(), splitExtensions(), and wfStripIllegalFilenameChars().

Referenced by checkWarnings(), getLocalFile(), performUpload(), verifyPermissions(), and verifyUpload().

UploadBase::initializeFromRequest ( &$  request  )  [abstract]

Initialize from a WebRequest.

Override this in a subclass.

Reimplemented in UploadFromFile, UploadFromStash, and UploadFromUrl.

UploadBase::initializePathInfo ( name,
tempPath,
fileSize,
removeTempFile = false 
)

Initialize the path information.

Parameters:
$name string the desired destination name
$tempPath string the temporary path
$fileSize int the file size
$removeTempFile bool (false) remove the temporary file?
Returns:
null

Definition at line 126 of file UploadBase.php.

References $name.

Referenced by UploadFromUrl::initialize(), UploadFromStash::initialize(), UploadFromFile::initialize(), and UploadFromFile::initializeFromRequest().

static UploadBase::isAllowed ( user  )  [static]

Returns true if the user can use this upload module or else a string identifying the missing permission.

Can be overriden by subclasses.

Reimplemented in UploadFromUrl.

Definition at line 59 of file UploadBase.php.

UploadBase::isEmptyFile (  ) 

Return the file size.

Definition at line 148 of file UploadBase.php.

Referenced by verifyUpload().

static UploadBase::isEnabled (  )  [static]

Returns true if uploads are enabled.

Can be override by subclasses.

Reimplemented in UploadFromUrl.

Definition at line 41 of file UploadBase.php.

References $wgEnableUploads, and wfIniGetBool().

Referenced by SpecialUpload::execute(), ApiUpload::execute(), and SpecialUpload::userCanExecute().

static UploadBase::isThumbName ( filename  )  [static]

Helper function that checks whether the filename looks like a thumbnail.

Definition at line 1048 of file UploadBase.php.

References $filename, and $n.

static UploadBase::isValidRequest ( request  )  [static]

Check whether a request if valid for this handler.

Reimplemented in UploadFromFile, UploadFromStash, and UploadFromUrl.

Definition at line 112 of file UploadBase.php.

UploadBase::performUpload ( comment,
pageText,
watch,
user 
)

Really perform the upload.

Stores the file in the local repo, watches if necessary and runs the UploadComplete hook.

Returns:
mixed Status indicating the whether the upload succeeded.

Definition at line 388 of file UploadBase.php.

References File::DELETE_SOURCE, getLocalFile(), getTitle(), wfDebug(), and wfRunHooks().

UploadBase::saveTempUploadedFile ( saveName,
tempSrc 
) [protected]

Stash a file in a temporary directory for later processing after the user has confirmed it.

If the user doesn't explicitly cancel or accept, these files can accumulate in the temp directory.

Parameters:
string $saveName - the destination filename
string $tempSrc - the source temporary file to save
Returns:
string - full path the stashed file, or false on failure

Definition at line 499 of file UploadBase.php.

References RepoGroup::singleton().

Referenced by stashSession().

static UploadBase::splitExtensions ( filename  )  [static]

Split a file into a base name and all dot-delimited 'extensions' on the end.

Some web server configurations will fall back to earlier pseudo-'extensions' to determine type and execute scripts, so the blacklist needs to check them all.

Returns:
array

Definition at line 564 of file UploadBase.php.

References $filename.

Referenced by getTitle(), and wfGetType().

UploadBase::stashSession (  ) 

Stash a file in a temporary directory for later processing, and save the necessary descriptive info into the session.

Returns a key value which will be passed through a form to pick up the path info on a later invocation.

Returns:
int Session key

Reimplemented in UploadFromStash.

Definition at line 513 of file UploadBase.php.

References getSessionKey(), and saveTempUploadedFile().

UploadBase::stripXmlNamespace ( name  )  [private]

Definition at line 782 of file UploadBase.php.

References $name.

Referenced by checkSvgScriptCallback().

static UploadBase::userCanReUpload ( User user,
img 
) [static]

Check if a user is the last uploader.

Parameters:
User $user
string $img, image name
Returns:
bool

Definition at line 942 of file UploadBase.php.

Referenced by ImagePage::uploadLinksBox().

static UploadBase::verifyExtension ( mime,
extension 
) [static]

Checks if the mime type of the uploaded file matches the file extension.

Parameters:
string $mime the mime type of the uploaded file
string $extension The filename extension that the file is to be served with
Returns:
bool

Definition at line 606 of file UploadBase.php.

References MimeMagic::singleton(), and wfDebug().

Referenced by verifyFile().

UploadBase::verifyFile (  )  [protected]

Verifies that it's ok to include the uploaded file.

Returns:
mixed true of the file is verified, a string or array otherwise.

Reimplemented in UploadFromStash.

Definition at line 231 of file UploadBase.php.

References $wgMimeTypeBlacklist, $wgVerifyMimeType, checkFileExtension(), checkMacBinary(), detectVirus(), File::getPropsFromPath(), MimeMagic::singleton(), verifyExtension(), and wfDebug().

Referenced by verifyUpload().

UploadBase::verifyPermissions ( user  ) 

Check whether the user can edit, upload and create the image.

Parameters:
User $user the user to verify the permissions against
Returns:
mixed An array as returned by getUserPermissionsErrors or true in case the user has proper permissions.

Definition at line 293 of file UploadBase.php.

References getTitle(), and wfArrayDiff2().

UploadBase::verifyUpload (  ) 

Verify whether the upload is sane.

Returns self::OK or else an array with error information

Definition at line 168 of file UploadBase.php.

References $result, checkOverwrite(), getLocalFile(), getTitle(), isEmptyFile(), verifyFile(), and wfRunHooks().


Member Data Documentation

UploadBase::$mDesiredDestName [protected]

Definition at line 18 of file UploadBase.php.

UploadBase::$mDestName [protected]

Definition at line 18 of file UploadBase.php.

UploadBase::$mFilteredName [protected]

Definition at line 20 of file UploadBase.php.

UploadBase::$mFinalExtension [protected]

Definition at line 20 of file UploadBase.php.

UploadBase::$mLocalFile [protected]

Definition at line 21 of file UploadBase.php.

UploadBase::$mRemoveTempFile [protected]

Definition at line 18 of file UploadBase.php.

UploadBase::$mSourceType [protected]

Definition at line 18 of file UploadBase.php.

UploadBase::$mTempPath [protected]

Definition at line 17 of file UploadBase.php.

UploadBase::$mTitle = false [protected]

Definition at line 19 of file UploadBase.php.

UploadBase::$mTitleError = 0 [protected]

Definition at line 19 of file UploadBase.php.

UploadBase::$uploadHandlers = array( 'Stash', 'File', 'Url' ) [static]

Definition at line 67 of file UploadBase.php.

const UploadBase::OK = 0

Definition at line 24 of file UploadBase.php.

Referenced by ApiUpload::performUpload(), and SpecialUpload::processUpload().

Definition at line 35 of file UploadBase.php.

Definition at line 23 of file UploadBase.php.

Definition at line 32 of file UploadBase.php.


The documentation for this class was generated from the following file:

Generated on Sat Apr 30 22:57:51 2011 for MediaWiki by  doxygen 1.5.9