ILIAS  release_5-2 Revision v5.2.25-18-g3f80b828510
class.ilQtiMatImageSecurity.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2013 ILIAS open source, Extended GPL, see docs/LICENSE */
3
4require_once 'Modules/TestQuestionPool/classes/class.assQuestion.php';
5require_once 'Services/Utilities/classes/class.ilFileUtils.php';
6require_once 'Services/QTI/exceptions/class.ilQtiException.php';
7
14class ilQtiMatImageSecurity
15{
19 protected $imageMaterial;
20
24 protected $detectedMimeType;
25
26 public function __construct(ilQTIMatimage $imageMaterial)
27 {
28 $this->setImageMaterial($imageMaterial);
29
30 if( !strlen($this->getImageMaterial()->getRawContent()) )
31 {
32 throw new ilQtiException('cannot import image without content');
33 }
34
35 $this->setDetectedMimeType(
36 $this->determineMimeType($this->getImageMaterial()->getRawContent())
37 );
38 }
39
43 public function getImageMaterial()
44 {
45 return $this->imageMaterial;
46 }
47
51 public function setImageMaterial($imageMaterial)
52 {
53 $this->imageMaterial = $imageMaterial;
54 }
55
59 protected function getDetectedMimeType()
60 {
61 return $this->detectedMimeType;
62 }
63
67 protected function setDetectedMimeType($detectedMimeType)
68 {
69 $this->detectedMimeType = $detectedMimeType;
70 }
71
72 public function validate()
73 {
74 if( !$this->validateLabel() )
75 {
76 return false;
77 }
78
79 if( !$this->validateContent() )
80 {
81 return false;
82 }
83
84 return true;
85 }
86
87 protected function validateContent()
88 {
89 if($this->getImageMaterial()->getImagetype() && !assQuestion::isAllowedImageMimeType($this->getImageMaterial()->getImagetype()) )
90 {
91 return false;
92 }
93
94 if( !assQuestion::isAllowedImageMimeType($this->getDetectedMimeType()) )
95 {
96 return false;
97 }
98
99 if ($this->getImageMaterial()->getImagetype())
100 {
101 $declaredMimeType = assQuestion::fetchMimeTypeIdentifier($this->getImageMaterial()->getImagetype());
102 $detectedMimeType = assQuestion::fetchMimeTypeIdentifier($this->getDetectedMimeType());
103
104 if( $declaredMimeType != $detectedMimeType )
105 {
106 // since ilias exports jpeg declared pngs itself, we skip this validation ^^
107 // return false;
108
109 /* @var ilComponentLogger $log */
110 $log = $GLOBALS['DIC'] ? $GLOBALS['DIC']['ilLog'] : $GLOBALS['ilLog'];
111 $log->log(
112 'QPL: imported image with declared mime ('.$declaredMimeType.') '
113 .'and detected mime ('.$detectedMimeType.')'
114 );
115 }
116 }
117
118 return true;
119 }
120
121 protected function validateLabel()
122 {
123 if ($this->getImageMaterial()->getUri())
124 {
125 if( !$this->hasFileExtension($this->getImageMaterial()->getUri()) )
126 {
127 return true;
128 }
129
130 $extension = $this->determineFileExtension($this->getImageMaterial()->getUri());
131 }
132 else
133 {
134 $extension = $this->determineFileExtension($this->getImageMaterial()->getLabel());
135 }
136
137 return assQuestion::isAllowedImageFileExtension($this->getDetectedMimeType(), $extension);
138 }
139
140 public function sanitizeLabel()
141 {
142 $label = $this->getImageMaterial()->getLabel();
143
144 $label = basename($label);
145 $label = ilUtil::stripSlashes($label);
146 $label = ilUtil::getASCIIFilename($label);
147
148 $this->getImageMaterial()->setLabel($label);
149 }
150
151 protected function determineMimeType($content)
152 {
153 return ilFileUtils::lookupContentMimeType($content);
154 }
155
161 protected function determineFileExtension($label)
162 {
163 $pathInfo = pathinfo($label);
164
165 if(isset($pathInfo['extension']))
166 {
167 return $pathInfo['extension'];
168 }
169
170 return null;
171 }
172
178 protected function hasFileExtension($label)
179 {
180 $pathInfo = pathinfo($label);
181
182 return array_key_exists('extension', $pathInfo);
183 }
184}
php
An exception for terminatinating execution or to throw for unit testing.
assQuestion\isAllowedImageFileExtension
static isAllowedImageFileExtension($mimeType, $fileExtension)
Definition: class.assQuestion.php:375
assQuestion\fetchMimeTypeIdentifier
static fetchMimeTypeIdentifier($contentTypeString)
Definition: class.assQuestion.php:350
assQuestion\isAllowedImageMimeType
static isAllowedImageMimeType($mimeType)
Definition: class.assQuestion.php:345
ilFileUtils\lookupContentMimeType
static lookupContentMimeType($content)
Definition: class.ilFileUtils.php:500
ilQtiMatImageSecurity\__construct
__construct(ilQTIMatimage $imageMaterial)
Definition: class.ilQtiMatImageSecurity.php:26
ilQtiMatImageSecurity\hasFileExtension
hasFileExtension($label)
Returns whether or not the passed label contains a file extension.
Definition: class.ilQtiMatImageSecurity.php:178
ilQtiMatImageSecurity\determineFileExtension
determineFileExtension($label)
Returns the determine file extension.
Definition: class.ilQtiMatImageSecurity.php:161
ilQtiMatImageSecurity\setDetectedMimeType
setDetectedMimeType($detectedMimeType)
Definition: class.ilQtiMatImageSecurity.php:67
ilUtil\getASCIIFilename
static getASCIIFilename($a_filename)
convert utf8 to ascii filename
Definition: class.ilUtil.php:2282
ilUtil\stripSlashes
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
Definition: class.ilUtil.php:2639
$GLOBALS
$GLOBALS['loaded']
Global hash that tracks already loaded includes.
Definition: generate-standalone.php:18
$log
$log
Definition: inc.setup_header.php:129