ILIAS  release_10 Revision v10.1-43-ga1241a92c2f
Public Member Functions | Protected Member Functions | Protected Attributes
ilQtiMatImageSecurity Class Reference
+ Collaboration diagram for ilQtiMatImageSecurity:

Public Member Functions

 __construct (protected ilQTIMatimage $image_material, private QuestionFiles $question_files)
 
 getImageMaterial ()
 
 setImageMaterial (ilQTIMatimage $image_material)
 
 validate ()
 
 sanitizeLabel ()
 

Protected Member Functions

 getDetectedMimeType ()
 
 setDetectedMimeType (string $detectedMimeType)
 
 validateContent ()
 
 validateLabel ()
 
 determineMimeType (?string $content)
 
 determineFileExtension (string $label)
 
 hasFileExtension (string $label)
 

Protected Attributes

string $detectedMimeType = ""
 

Detailed Description

Definition at line 30 of file class.ilQtiMatImageSecurity.php.

Constructor & Destructor Documentation

◆ __construct()

ilQtiMatImageSecurity::__construct ( protected ilQTIMatimage  $image_material,
private QuestionFiles  $question_files 
)

Definition at line 34 of file class.ilQtiMatImageSecurity.php.

References determineMimeType(), getImageMaterial(), and setDetectedMimeType().

37  {
38  if (!strlen($this->getImageMaterial()->getRawContent())) {
39  throw new ilQtiException('cannot import image without content');
40  }
41 
42  $this->setDetectedMimeType(
43  $this->determineMimeType($this->getImageMaterial()->getRawContent())
44  );
45  }
ilQtiMatImageSecurity\setDetectedMimeType
setDetectedMimeType(string $detectedMimeType)
Definition: class.ilQtiMatImageSecurity.php:62
+ Here is the call graph for this function:

Member Function Documentation

◆ determineFileExtension()

ilQtiMatImageSecurity::determineFileExtension ( string  $label)
protected

Definition at line 143 of file class.ilQtiMatImageSecurity.php.

Referenced by validateLabel().

143  : ?string
144  {
145  $pathInfo = pathinfo($label);
146 
147  if (isset($pathInfo['extension'])) {
148  return $pathInfo['extension'];
149  }
150 
151  return null;
152  }
+ Here is the caller graph for this function:

◆ determineMimeType()

ilQtiMatImageSecurity::determineMimeType ( ?string  $content)
protected

Definition at line 136 of file class.ilQtiMatImageSecurity.php.

Referenced by __construct().

136  : string
137  {
138  $finfo = new finfo(FILEINFO_MIME);
139 
140  return $finfo->buffer($content);
141  }
+ Here is the caller graph for this function:

◆ getDetectedMimeType()

ilQtiMatImageSecurity::getDetectedMimeType ( )
protected

Definition at line 57 of file class.ilQtiMatImageSecurity.php.

References $detectedMimeType.

Referenced by validateContent(), and validateLabel().

57  : string
58  {
59  return $this->detectedMimeType;
60  }
+ Here is the caller graph for this function:

◆ getImageMaterial()

ilQtiMatImageSecurity::getImageMaterial ( )

Definition at line 47 of file class.ilQtiMatImageSecurity.php.

Referenced by __construct(), sanitizeLabel(), validateContent(), and validateLabel().

47  : ilQTIMatimage
48  {
49  return $this->image_material;
50  }
+ Here is the caller graph for this function:

◆ hasFileExtension()

ilQtiMatImageSecurity::hasFileExtension ( string  $label)
protected

Definition at line 154 of file class.ilQtiMatImageSecurity.php.

Referenced by validateLabel().

154  : bool
155  {
156  $pathInfo = pathinfo($label);
157 
158  return array_key_exists('extension', $pathInfo);
159  }
+ Here is the caller graph for this function:

◆ sanitizeLabel()

ilQtiMatImageSecurity::sanitizeLabel ( )

Definition at line 125 of file class.ilQtiMatImageSecurity.php.

References ilFileUtils\getASCIIFilename(), getImageMaterial(), and ilUtil\stripSlashes().

125  : void
126  {
127  $label = $this->getImageMaterial()->getLabel();
128 
129  $label = basename($label);
130  $label = ilUtil::stripSlashes($label);
131  $label = ilFileUtils::getASCIIFilename($label);
132 
133  $this->getImageMaterial()->setLabel($label);
134  }
ilUtil\stripSlashes
static stripSlashes(string $a_str, bool $a_strip_html=true, string $a_allow="")
Definition: class.ilUtil.php:391
ilFileUtils\getASCIIFilename
static getASCIIFilename(string $a_filename)
Definition: class.ilFileUtils.php:662
+ Here is the call graph for this function:

◆ setDetectedMimeType()

ilQtiMatImageSecurity::setDetectedMimeType ( string  $detectedMimeType)
protected

Definition at line 62 of file class.ilQtiMatImageSecurity.php.

References $detectedMimeType.

Referenced by __construct().

62  : void
63  {
64  $this->detectedMimeType = $detectedMimeType;
65  }
+ Here is the caller graph for this function:

◆ setImageMaterial()

ilQtiMatImageSecurity::setImageMaterial ( ilQTIMatimage  $image_material)

Definition at line 52 of file class.ilQtiMatImageSecurity.php.

52  : void
53  {
54  $this->image_material = $image_material;
55  }

◆ validate()

ilQtiMatImageSecurity::validate ( )

Definition at line 67 of file class.ilQtiMatImageSecurity.php.

References validateContent(), and validateLabel().

67  : bool
68  {
69  if (!$this->validateLabel()) {
70  return false;
71  }
72 
73  if (!$this->validateContent()) {
74  return false;
75  }
76 
77  return true;
78  }
+ Here is the call graph for this function:

◆ validateContent()

ilQtiMatImageSecurity::validateContent ( )
protected

Definition at line 80 of file class.ilQtiMatImageSecurity.php.

References $GLOBALS, $log, getDetectedMimeType(), and getImageMaterial().

Referenced by validate().

80  : bool
81  {
82  if ($this->getImageMaterial()->getImagetype() && !$this->question_files->isAllowedImageMimeType($this->getImageMaterial()->getImagetype())) {
83  return false;
84  }
85 
86  if (!$this->question_files->isAllowedImageMimeType($this->getDetectedMimeType())) {
87  return false;
88  }
89 
90  if ($this->getImageMaterial()->getImagetype()) {
91  $declaredMimeType = current(explode(';', $this->getImageMaterial()->getImagetype()));
92  $detectedMimeType = current(explode(';', $this->getDetectedMimeType()));
93 
94  if ($declaredMimeType != $detectedMimeType) {
95  // since ilias exports jpeg declared pngs itself, we skip this validation ^^
96  // return false;
97 
98  /* @var ilComponentLogger $log */
99  $log = $GLOBALS['DIC'] ? $GLOBALS['DIC']['ilLog'] : $GLOBALS['ilLog'];
100  $log->log(
101  'QPL: imported image with declared mime (' . $declaredMimeType . ') '
102  . 'and detected mime (' . $detectedMimeType . ')'
103  );
104  }
105  }
106 
107  return true;
108  }
$GLOBALS
$GLOBALS["DIC"]
Definition: wac.php:30
$log
$log
Definition: ltiresult.php:34
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ validateLabel()

ilQtiMatImageSecurity::validateLabel ( )
protected

Definition at line 110 of file class.ilQtiMatImageSecurity.php.

References determineFileExtension(), getDetectedMimeType(), getImageMaterial(), ILIAS\Test\Questions\Presentation\getLabel, and hasFileExtension().

Referenced by validate().

110  : bool
111  {
112  if ($this->getImageMaterial()->getUri()) {
113  if (!$this->hasFileExtension($this->getImageMaterial()->getUri())) {
114  return true;
115  }
116 
117  $extension = $this->determineFileExtension($this->getImageMaterial()->getUri());
118  } else {
119  $extension = $this->determineFileExtension($this->getImageMaterial()->getLabel());
120  }
121 
122  return $this->question_files->isAllowedImageFileExtension($this->getDetectedMimeType(), $extension);
123  }
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

Field Documentation

◆ $detectedMimeType

string ilQtiMatImageSecurity::$detectedMimeType = ""
protected

Definition at line 32 of file class.ilQtiMatImageSecurity.php.

Referenced by getDetectedMimeType(), and setDetectedMimeType().

The documentation for this class was generated from the following file: