ILIAS  release_5-2 Revision v5.2.25-18-g3f80b828510
class.ilQtiMatImageSecurity.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2013 ILIAS open source, Extended GPL, see docs/LICENSE */
3 
4 require_once 'Modules/TestQuestionPool/classes/class.assQuestion.php';
5 require_once 'Services/Utilities/classes/class.ilFileUtils.php';
6 require_once 'Services/QTI/exceptions/class.ilQtiException.php';
7 
14 class ilQtiMatImageSecurity
15 {
19  protected $imageMaterial;
20 
24  protected $detectedMimeType;
25 
26  public function __construct(ilQTIMatimage $imageMaterial)
27  {
28  $this->setImageMaterial($imageMaterial);
29 
30  if( !strlen($this->getImageMaterial()->getRawContent()) )
31  {
32  throw new ilQtiException('cannot import image without content');
33  }
34 
35  $this->setDetectedMimeType(
36  $this->determineMimeType($this->getImageMaterial()->getRawContent())
37  );
38  }
39 
43  public function getImageMaterial()
44  {
45  return $this->imageMaterial;
46  }
47 
51  public function setImageMaterial($imageMaterial)
52  {
53  $this->imageMaterial = $imageMaterial;
54  }
55 
59  protected function getDetectedMimeType()
60  {
61  return $this->detectedMimeType;
62  }
63 
67  protected function setDetectedMimeType($detectedMimeType)
68  {
69  $this->detectedMimeType = $detectedMimeType;
70  }
71 
72  public function validate()
73  {
74  if( !$this->validateLabel() )
75  {
76  return false;
77  }
78 
79  if( !$this->validateContent() )
80  {
81  return false;
82  }
83 
84  return true;
85  }
86 
87  protected function validateContent()
88  {
89  if($this->getImageMaterial()->getImagetype() && !assQuestion::isAllowedImageMimeType($this->getImageMaterial()->getImagetype()) )
90  {
91  return false;
92  }
93 
94  if( !assQuestion::isAllowedImageMimeType($this->getDetectedMimeType()) )
95  {
96  return false;
97  }
98 
99  if ($this->getImageMaterial()->getImagetype())
100  {
101  $declaredMimeType = assQuestion::fetchMimeTypeIdentifier($this->getImageMaterial()->getImagetype());
102  $detectedMimeType = assQuestion::fetchMimeTypeIdentifier($this->getDetectedMimeType());
103 
104  if( $declaredMimeType != $detectedMimeType )
105  {
106  // since ilias exports jpeg declared pngs itself, we skip this validation ^^
107  // return false;
108 
109  /* @var ilComponentLogger $log */
110  $log = $GLOBALS['DIC'] ? $GLOBALS['DIC']['ilLog'] : $GLOBALS['ilLog'];
111  $log->log(
112  'QPL: imported image with declared mime ('.$declaredMimeType.') '
113  .'and detected mime ('.$detectedMimeType.')'
114  );
115  }
116  }
117 
118  return true;
119  }
120 
121  protected function validateLabel()
122  {
123  if ($this->getImageMaterial()->getUri())
124  {
125  if( !$this->hasFileExtension($this->getImageMaterial()->getUri()) )
126  {
127  return true;
128  }
129 
130  $extension = $this->determineFileExtension($this->getImageMaterial()->getUri());
131  }
132  else
133  {
134  $extension = $this->determineFileExtension($this->getImageMaterial()->getLabel());
135  }
136 
137  return assQuestion::isAllowedImageFileExtension($this->getDetectedMimeType(), $extension);
138  }
139 
140  public function sanitizeLabel()
141  {
142  $label = $this->getImageMaterial()->getLabel();
143 
144  $label = basename($label);
145  $label = ilUtil::stripSlashes($label);
146  $label = ilUtil::getASCIIFilename($label);
147 
148  $this->getImageMaterial()->setLabel($label);
149  }
150 
151  protected function determineMimeType($content)
152  {
153  return ilFileUtils::lookupContentMimeType($content);
154  }
155 
161  protected function determineFileExtension($label)
162  {
163  $pathInfo = pathinfo($label);
164 
165  if(isset($pathInfo['extension']))
166  {
167  return $pathInfo['extension'];
168  }
169 
170  return null;
171  }
172 
178  protected function hasFileExtension($label)
179  {
180  $pathInfo = pathinfo($label);
181 
182  return array_key_exists('extension', $pathInfo);
183  }
184 }
$GLOBALS
$GLOBALS['loaded']
Global hash that tracks already loaded includes.
Definition: generate-standalone.php:18
ilUtil\getASCIIFilename
static getASCIIFilename($a_filename)
convert utf8 to ascii filename
Definition: class.ilUtil.php:2282
assQuestion\isAllowedImageMimeType
static isAllowedImageMimeType($mimeType)
Definition: class.assQuestion.php:345
ilQtiMatImageSecurity\determineFileExtension
determineFileExtension($label)
Returns the determine file extension.
Definition: class.ilQtiMatImageSecurity.php:161
ilQtiMatImageSecurity\hasFileExtension
hasFileExtension($label)
Returns whether or not the passed label contains a file extension.
Definition: class.ilQtiMatImageSecurity.php:178
ilUtil\stripSlashes
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
Definition: class.ilUtil.php:2639
assQuestion\isAllowedImageFileExtension
static isAllowedImageFileExtension($mimeType, $fileExtension)
Definition: class.assQuestion.php:375
ilQtiMatImageSecurity\__construct
__construct(ilQTIMatimage $imageMaterial)
Definition: class.ilQtiMatImageSecurity.php:26
ilFileUtils\lookupContentMimeType
static lookupContentMimeType($content)
Definition: class.ilFileUtils.php:500
assQuestion\fetchMimeTypeIdentifier
static fetchMimeTypeIdentifier($contentTypeString)
Definition: class.assQuestion.php:350
ilQtiMatImageSecurity\setDetectedMimeType
setDetectedMimeType($detectedMimeType)
Definition: class.ilQtiMatImageSecurity.php:67
$log
$log
Definition: inc.setup_header.php:129