dd/dc3/class_8ilQtiMatImageSecurity_8php_source.html

 <?php
 /* Copyright (c) 1998-2013 ILIAS open source, Extended GPL, see docs/LICENSE */

 require_once 'Modules/TestQuestionPool/classes/class.assQuestion.php';
 require_once 'Services/Utilities/classes/class.ilFileUtils.php';
 require_once 'Services/QTI/exceptions/class.ilQtiException.php';

 class ilQtiMatImageSecurity
 {
         protected $imageMaterial;

         protected $detectedMimeType;

         public function __construct(ilQTIMatimage $imageMaterial)
         {
                 $this->setImageMaterial($imageMaterial);

                 if( !strlen($this->getImageMaterial()->getRawContent()) )
                 {
                         throw new ilQtiException('cannot import image without content');
                 }

                 $this->setDetectedMimeType(
                         $this->determineMimeType($this->getImageMaterial()->getRawContent())
                 );
         }

         public function getImageMaterial()
         {
                 return $this->imageMaterial;
         }

         public function setImageMaterial($imageMaterial)
         {
                 $this->imageMaterial = $imageMaterial;
         }

         protected function getDetectedMimeType()
         {
                 return $this->detectedMimeType;
         }

         protected function setDetectedMimeType($detectedMimeType)
         {
                 $this->detectedMimeType = $detectedMimeType;
         }

         public function validate()
         {
                 if( !$this->validateLabel() )
                 {
                         return false;
                 }

                 if( !$this->validateContent() )
                 {
                         return false;
                 }

                 return true;
         }

         protected function validateContent()
         {
                 if($this->getImageMaterial()->getImagetype() && !assQuestion::isAllowedImageMimeType($this->getImageMaterial()->getImagetype()) )
                 {
                         return false;
                 }

                 if( !assQuestion::isAllowedImageMimeType($this->getDetectedMimeType()) )
                 {
                         return false;
                 }

                 if ($this->getImageMaterial()->getImagetype())
                 {
                         $declaredMimeType = assQuestion::fetchMimeTypeIdentifier($this->getImageMaterial()->getImagetype());
                         $detectedMimeType = assQuestion::fetchMimeTypeIdentifier($this->getDetectedMimeType());

                         if( $declaredMimeType != $detectedMimeType )
                         {
                                 // since ilias exports jpeg declared pngs itself, we skip this validation ^^
                                 // return false;

                                 /* @var ilComponentLogger $log */
                                 $log = $GLOBALS['DIC'] ? $GLOBALS['DIC']['ilLog'] : $GLOBALS['ilLog'];
                                 $log->log(
                                         'QPL: imported image with declared mime ('.$declaredMimeType.') '
                                         .'and detected mime ('.$detectedMimeType.')'
                                 );
                         }
                 }

                 return true;
         }

         protected function validateLabel()
         {
                 if ($this->getImageMaterial()->getUri())
                 {
                         $extension = $this->determineFileExtension($this->getImageMaterial()->getUri());
                 }
                 else
                 {
                         $extension = $this->determineFileExtension($this->getImageMaterial()->getLabel());
                 }

                 return assQuestion::isAllowedImageFileExtension($this->getDetectedMimeType(), $extension);
         }

         public function sanitizeLabel()
         {
                 $label = $this->getImageMaterial()->getLabel();

                 $label = basename($label);
                 $label = ilUtil::stripSlashes($label);
                 $label = ilUtil::getASCIIFilename($label);

                 $this->getImageMaterial()->setLabel($label);
         }

         protected function determineMimeType($content)
         {
                 return ilFileUtils::lookupContentMimeType($content);
         }

         protected function determineFileExtension($label)
         {
                 list($dirname, $basename, $extension, $filename) = array_values( pathinfo($label) );
                 return $extension;
         }
 }
ilQtiMatImageSecurity\determineMimeType
determineMimeType($content)
Definition: class.ilQtiMatImageSecurity.php:146

ilQtiMatImageSecurity
Definition: class.ilQtiMatImageSecurity.php:14

ilUtil\getASCIIFilename
static getASCIIFilename($a_filename)
convert utf8 to ascii filename
Definition: class.ilUtil.php:2334

ilQtiMatImageSecurity\validateLabel
validateLabel()
Definition: class.ilQtiMatImageSecurity.php:121

assQuestion\isAllowedImageMimeType
static isAllowedImageMimeType($mimeType)
Definition: class.assQuestion.php:335

ilQtiMatImageSecurity\getImageMaterial
getImageMaterial()
Definition: class.ilQtiMatImageSecurity.php:43

ilQtiMatImageSecurity\setImageMaterial
setImageMaterial($imageMaterial)
Definition: class.ilQtiMatImageSecurity.php:51

ilQtiMatImageSecurity\determineFileExtension
determineFileExtension($label)
Definition: class.ilQtiMatImageSecurity.php:151

ilQtiMatImageSecurity\getDetectedMimeType
getDetectedMimeType()
Definition: class.ilQtiMatImageSecurity.php:59

ilQtiMatImageSecurity\sanitizeLabel
sanitizeLabel()
Definition: class.ilQtiMatImageSecurity.php:135

ilQTIMatimage
Definition: class.ilQTIMatimage.php:32

ilQtiException
Definition: class.ilQtiException.php:12

ilUtil\stripSlashes
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
Definition: class.ilUtil.php:2691

ilQtiMatImageSecurity\$detectedMimeType
$detectedMimeType
Definition: class.ilQtiMatImageSecurity.php:24

ilQtiMatImageSecurity\validateContent
validateContent()
Definition: class.ilQtiMatImageSecurity.php:87

$filename
$filename
Definition: buildRTE.php:89

assQuestion\isAllowedImageFileExtension
static isAllowedImageFileExtension($mimeType, $fileExtension)
Definition: class.assQuestion.php:365

ilQtiMatImageSecurity\$imageMaterial
$imageMaterial
Definition: class.ilQtiMatImageSecurity.php:19

ilQtiMatImageSecurity\__construct
__construct(ilQTIMatimage $imageMaterial)
Definition: class.ilQtiMatImageSecurity.php:26

ilQtiMatImageSecurity\validate
validate()
Definition: class.ilQtiMatImageSecurity.php:72

ilFileUtils\lookupContentMimeType
static lookupContentMimeType($content)
Definition: class.ilFileUtils.php:503

assQuestion\fetchMimeTypeIdentifier
static fetchMimeTypeIdentifier($contentTypeString)
Definition: class.assQuestion.php:340

$GLOBALS
$GLOBALS['PHPCAS_CLIENT']
This global variable is used by the interface class phpCAS.
Definition: CAS.php:276

ilQtiMatImageSecurity\setDetectedMimeType
setDetectedMimeType($detectedMimeType)
Definition: class.ilQtiMatImageSecurity.php:67

$log
$log
Definition: inc.setup_header.php:135