Collaboration diagram for ilQtiMatImageSecurity:

Public Member Functions
	__construct (ilQTIMatimage $imageMaterial)

	getImageMaterial ()

	setImageMaterial ($imageMaterial)

	validate ()

	sanitizeLabel ()

Protected Member Functions
	getDetectedMimeType ()

	setDetectedMimeType ($detectedMimeType)

	validateContent ()

	validateLabel ()

	determineMimeType ($content)

	determineFileExtension ($label)
	Returns the determine file extension. More...

	hasFileExtension ($label)
	Returns whether or not the passed label contains a file extension. More...

Protected Attributes
	$imageMaterial

	$detectedMimeType

Detailed Description

Definition at line 14 of file class.ilQtiMatImageSecurity.php.

Constructor & Destructor Documentation

◆ __construct()

ilQtiMatImageSecurity::__construct ( ilQTIMatimage $imageMaterial )

Definition at line 26 of file class.ilQtiMatImageSecurity.php.

References determineMimeType(), getImageMaterial(), setDetectedMimeType(), and setImageMaterial().

     {
         $this->setImageMaterial($imageMaterial);
         
         if (!strlen($this->getImageMaterial()->getRawContent())) {
             throw new ilQtiException('cannot import image without content');
         }
         
         $this->setDetectedMimeType(
             $this->determineMimeType($this->getImageMaterial()->getRawContent())
         );
     }

Here is the call graph for this function:

Member Function Documentation

◆ determineFileExtension()

ilQtiMatImageSecurity::determineFileExtension ( $label )

protected

Returns the determine file extension.

If no extension

Parameters

string $label

Returns: string|null

Definition at line 150 of file class.ilQtiMatImageSecurity.php.

Referenced by validateLabel().

     {
         $pathInfo = pathinfo($label);
 
         if (isset($pathInfo['extension'])) {
             return $pathInfo['extension'];
         }
 
         return null;
     }

Here is the caller graph for this function:

◆ determineMimeType()

ilQtiMatImageSecurity::determineMimeType ( $content )

protected

Definition at line 140 of file class.ilQtiMatImageSecurity.php.

References ilFileUtils\lookupContentMimeType().

Referenced by __construct().

     {
         return ilFileUtils::lookupContentMimeType($content);
     }

Here is the call graph for this function:

Here is the caller graph for this function:

◆ getDetectedMimeType()

ilQtiMatImageSecurity::getDetectedMimeType ( )

protected

Returns: string

Definition at line 58 of file class.ilQtiMatImageSecurity.php.

References $detectedMimeType.

Referenced by validateContent(), and validateLabel().

     {
         return $this->detectedMimeType;
     }

Here is the caller graph for this function:

◆ getImageMaterial()

ilQtiMatImageSecurity::getImageMaterial ( )

Returns: ilQTIMatimage

Definition at line 42 of file class.ilQtiMatImageSecurity.php.

References $imageMaterial.

Referenced by __construct(), sanitizeLabel(), validateContent(), and validateLabel().

     {
         return $this->imageMaterial;
     }

Here is the caller graph for this function:

◆ hasFileExtension()

ilQtiMatImageSecurity::hasFileExtension ( $label )

protected

Returns whether or not the passed label contains a file extension.

Parameters

string $label

Returns: bool

Definition at line 166 of file class.ilQtiMatImageSecurity.php.

Referenced by validateLabel().

     {
         $pathInfo = pathinfo($label);
 
         return array_key_exists('extension', $pathInfo);
     }

Here is the caller graph for this function:

◆ sanitizeLabel()

ilQtiMatImageSecurity::sanitizeLabel ( )

Definition at line 129 of file class.ilQtiMatImageSecurity.php.

References ilUtil\getASCIIFilename(), getImageMaterial(), and ilUtil\stripSlashes().

     {
         $label = $this->getImageMaterial()->getLabel();
         
         $label = basename($label);
         $label = ilUtil::stripSlashes($label);
         $label = ilUtil::getASCIIFilename($label);
         
         $this->getImageMaterial()->setLabel($label);
     }

Here is the call graph for this function:

◆ setDetectedMimeType()

ilQtiMatImageSecurity::setDetectedMimeType ( $detectedMimeType )

protected

Parameters

string $detectedMimeType

Definition at line 66 of file class.ilQtiMatImageSecurity.php.

References $detectedMimeType.

Referenced by __construct().

     {
         $this->detectedMimeType = $detectedMimeType;
     }

Here is the caller graph for this function:

◆ setImageMaterial()

ilQtiMatImageSecurity::setImageMaterial ( $imageMaterial )

Parameters

ilQTIMatimage $imageMaterial

Definition at line 50 of file class.ilQtiMatImageSecurity.php.

References $imageMaterial.

Referenced by __construct().

     {
         $this->imageMaterial = $imageMaterial;
     }

Here is the caller graph for this function:

◆ validate()

ilQtiMatImageSecurity::validate ( )

Definition at line 71 of file class.ilQtiMatImageSecurity.php.

References validateContent(), and validateLabel().

     {
         if (!$this->validateLabel()) {
             return false;
         }
         
         if (!$this->validateContent()) {
             return false;
         }
         
         return true;
     }

Here is the call graph for this function:

◆ validateContent()

ilQtiMatImageSecurity::validateContent ( )

protected

Definition at line 84 of file class.ilQtiMatImageSecurity.php.

References $detectedMimeType, $GLOBALS, $log, assQuestion\fetchMimeTypeIdentifier(), getDetectedMimeType(), getImageMaterial(), and assQuestion\isAllowedImageMimeType().

Referenced by validate().

     {
         if ($this->getImageMaterial()->getImagetype() && !assQuestion::isAllowedImageMimeType($this->getImageMaterial()->getImagetype())) {
             return false;
         }
 
         if (!assQuestion::isAllowedImageMimeType($this->getDetectedMimeType())) {
             return false;
         }
 
         if ($this->getImageMaterial()->getImagetype()) {
             $declaredMimeType = assQuestion::fetchMimeTypeIdentifier($this->getImageMaterial()->getImagetype());
             $detectedMimeType = assQuestion::fetchMimeTypeIdentifier($this->getDetectedMimeType());
 
             if ($declaredMimeType != $detectedMimeType) {
                 // since ilias exports jpeg declared pngs itself, we skip this validation ^^
                 // return false;
                 
                 /* @var ilComponentLogger $log */
                 $log = $GLOBALS['DIC'] ? $GLOBALS['DIC']['ilLog'] : $GLOBALS['ilLog'];
                 $log->log(
                     'QPL: imported image with declared mime (' . $declaredMimeType . ') '
                     . 'and detected mime (' . $detectedMimeType . ')'
                 );
             }
         }
 
         return true;
     }

Here is the call graph for this function:

Here is the caller graph for this function:

◆ validateLabel()

ilQtiMatImageSecurity::validateLabel ( )

protected

Definition at line 114 of file class.ilQtiMatImageSecurity.php.

References determineFileExtension(), getDetectedMimeType(), getImageMaterial(), hasFileExtension(), and assQuestion\isAllowedImageFileExtension().

Referenced by validate().

     {
         if ($this->getImageMaterial()->getUri()) {
             if (!$this->hasFileExtension($this->getImageMaterial()->getUri())) {
                 return true;
             }
 
             $extension = $this->determineFileExtension($this->getImageMaterial()->getUri());
         } else {
             $extension = $this->determineFileExtension($this->getImageMaterial()->getLabel());
         }
 
         return assQuestion::isAllowedImageFileExtension($this->getDetectedMimeType(), $extension);
     }