d1/db2/FilePathSanitizer_8php_source.html

<?php


namespace ILIAS\File\Sanitation;


use DirectoryIterator;

use Exception;

use ilFileUtils;

use ILIAS\Filesystem\Util\LegacyPathHelper;

use ilObjFile;


class FilePathSanitizer

{


    private $file_object;

    private $relative_path;

    private $fs;

    private $absolute_path;


    public function __construct(ilObjFile $file_object)

    {

        $this->file_object = $file_object;

        $this->absolute_path = $this->file_object->getDirectory($this->file_object->getVersion()) . "/" . $this->file_object->getFileName();

        $this->relative_path = LegacyPathHelper::createRelativePath($this->absolute_path);

        $this->fs = LegacyPathHelper::deriveFilesystemFrom($this->absolute_path);

    }


    public function needsSanitation() /* : bool*/

    {

        try {

            $fs_relative_path_existing = $this->fs->has($this->relative_path);

            $fs_valid_relative_path_existing = $this->fs->has(ilFileUtils::getValidFilename($this->relative_path));

            $native_absolute_path_exists = file_exists($this->absolute_path);

            $native_valid_absolute_path_existing = file_exists(ilFileUtils::getValidFilename($this->absolute_path));


            return (

                !$fs_relative_path_existing

                || !$fs_valid_relative_path_existing

                || !$native_absolute_path_exists

                || !$native_valid_absolute_path_existing

            );

        } catch (Exception $e) {

            return false;

        }

    }


    private function log(/*string*/ $message)

    {

        global $DIC;

        $DIC->logger()->root()->debug("FilePathSanitizer: " . $message);

    }


    public function sanitizeIfNeeded() /* : void */

    {

        if ($this->needsSanitation()) {

            // First Try: using FileSystemService

            $dirname = dirname($this->relative_path);

            if (!$this->fs->has($dirname)) {

                $this->log("FAILED: Sanitizing File Path: {$this->file_object->getFile()}. Message: Directory not found");


                return false;

            }

            $first_file = reset($this->fs->listContents($dirname));

            if ($first_file instanceof \ILIAS\Filesystem\DTO\Metadata) {

                try {

                    $valid_filename = $this->santitizeFilename($first_file->getPath());

                    // rename file in filesystem

                    if (!$this->fs->has($valid_filename)) {

                        $this->fs->rename($first_file->getPath(), $valid_filename);

                        // rename file object


                        $this->log("Sanitized File Path: {$valid_filename}");

                    }

                    $this->saveNewNameForFileObject($valid_filename);


                    return true;

                } catch (Exception $e) {

                    $this->log("FAILED: Sanitizing File Path: {$this->file_object->getFile()}. Message: {$e->getMessage()}. Will try using native PHP");


                    try {

                        // Second try: use native php

                        $scandir = scandir(dirname($this->absolute_path));

                        if (isset($scandir[2])) {

                            $first_file = $scandir[2];

                            if (is_file($first_file)) {

                                $valid_filename = $this->santitizeFilename($first_file);

                                if (rename($first_file, $valid_filename)) {

                                    $this->saveNewNameForFileObject($valid_filename);

                                    $this->log("Sanitized File Path: {$valid_filename}");

                                }

                            } else {

                                throw new Exception("is not a file: " . $first_file);

                            }

                        } else {

                            throw new Exception("no File found in " . dirname($this->absolute_path));

                        }

                    } catch (Exception $e) {

                        $this->log("FAILED AGAIN: Sanitizing File Path: {$this->file_object->getFile()}. Message: {$e->getMessage()}");


                        try {

                            foreach (new DirectoryIterator(dirname($this->absolute_path)) as $item) {

                                if ($item->isDot()) {

                                    continue;

                                }

                                if ($item->isFile()) {

                                    $valid_filename = $this->santitizeFilename($item->getPathname());

                                    if (rename($item->getPathname(), $valid_filename)) {

                                        $this->saveNewNameForFileObject($valid_filename);

                                        $this->log("Sanitized File Path: {$valid_filename}");

                                    }

                                    break;

                                }

                            }

                        } catch (Exception $e) {

                            $this->log("FAILED AGAIN and AGAIN: Sanitizing File Path: {$this->file_object->getFile()}. Message: {$e->getMessage()}");

                        }

                    }


                    return false;

                }

            }


            return false;

        }


        return true;

    }


    private function santitizeFilename($first_file)

    {

        $valid_filename = $first_file;


        while (preg_match('#\p{C}+|^\./#u', $valid_filename)) {

            $valid_filename = preg_replace('#\p{C}+|^\./#u', '', $valid_filename);

        }


        $valid_filename = preg_replace('/[\x00-\x1F\x7F-\xFF]/', '', $valid_filename); // removes all non printable characters (ASCII 7 Bit)


        // $valid_filename = \League\Flysystem\Util::normalizeRelativePath($valid_filename);

        // $valid_filename = preg_replace('/[\x00-\x1F\x7F-\xA0\xAD]/u', '', $valid_filename);

        // $valid_filename = iconv(mb_detect_encoding($valid_filename, mb_detect_order(), true), "UTF-8", $valid_filename);

        // $valid_filename = utf8_encode($valid_filename);


        $valid_filename = ilFileUtils::getValidFilename($valid_filename);


        return $valid_filename;

    }


    private function saveNewNameForFileObject($valid_filename)

    {

        $sanitized_filename = basename($valid_filename);

        $this->file_object->setFileName($sanitized_filename);

        $this->file_object->update();

    }

}

php
An exception for terminatinating execution or to throw for unit testing.

ILIAS\File\Sanitation\FilePathSanitizer
Class FilePathSanitizer.
Definition: FilePathSanitizer.php:17

ILIAS\File\Sanitation\FilePathSanitizer\$relative_path
$relative_path
Definition: FilePathSanitizer.php:26

ILIAS\File\Sanitation\FilePathSanitizer\sanitizeIfNeeded
sanitizeIfNeeded()
Definition: FilePathSanitizer.php:88

ILIAS\File\Sanitation\FilePathSanitizer\saveNewNameForFileObject
saveNewNameForFileObject($valid_filename)
Definition: FilePathSanitizer.php:195

ILIAS\File\Sanitation\FilePathSanitizer\needsSanitation
needsSanitation()
Definition: FilePathSanitizer.php:54

ILIAS\File\Sanitation\FilePathSanitizer\__construct
__construct(ilObjFile $file_object)
FilePathSanitizer constructor.
Definition: FilePathSanitizer.php:42

ILIAS\File\Sanitation\FilePathSanitizer\santitizeFilename
santitizeFilename($first_file)
Definition: FilePathSanitizer.php:171

ILIAS\File\Sanitation\FilePathSanitizer\$fs
$fs
Definition: FilePathSanitizer.php:30

ILIAS\File\Sanitation\FilePathSanitizer\log
log( $message)
Definition: FilePathSanitizer.php:77

ILIAS\File\Sanitation\FilePathSanitizer\$absolute_path
$absolute_path
Definition: FilePathSanitizer.php:34

ILIAS\File\Sanitation\FilePathSanitizer\$file_object
$file_object
Definition: FilePathSanitizer.php:22

ILIAS\Filesystem\Util\LegacyPathHelper
Class LegacyPathHelper.
Definition: LegacyPathHelper.php:19

ILIAS\Filesystem\Util\LegacyPathHelper\deriveFilesystemFrom
static deriveFilesystemFrom($absolute_path)
Tries to fetch the filesystem responsible for the absolute path.
Definition: LegacyPathHelper.php:36

ILIAS\Filesystem\Util\LegacyPathHelper\createRelativePath
static createRelativePath($absolute_path)
Creates a relative path from an absolute path which starts with a valid storage location.
Definition: LegacyPathHelper.php:80

ilFileUtils
Class ilFileUtils.
Definition: class.ilFileUtils.php:39

ilFileUtils\getValidFilename
static getValidFilename($a_filename)
Get valid filename.
Definition: class.ilFileUtils.php:836

ilObjFile
Class ilObjFile.
Definition: class.ilObjFile.php:21

$message
catch(Exception $e) $message
Definition: saml2-logout.php:34

Filesystem
Class FlySystemFileAccessTest.

ILIAS\File\Sanitation
Definition: FilePathSanitizer.php:3

ILIAS
Class BaseForm.

$DIC
global $DIC
Definition: saml.php:7