ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
class.ilQtiMatImageSecurity.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2013 ILIAS open source, Extended GPL, see docs/LICENSE */
3 
4 require_once 'Modules/TestQuestionPool/classes/class.assQuestion.php';
5 require_once 'Services/Utilities/classes/class.ilFileUtils.php';
6 require_once 'Services/QTI/exceptions/class.ilQtiException.php';
7 
14 class ilQtiMatImageSecurity
15 {
19  protected $imageMaterial;
20 
24  protected $detectedMimeType;
25 
26  public function __construct(ilQTIMatimage $imageMaterial)
27  {
28  $this->setImageMaterial($imageMaterial);
29 
30  if (!strlen($this->getImageMaterial()->getRawContent())) {
31  throw new ilQtiException('cannot import image without content');
32  }
33 
34  $this->setDetectedMimeType(
35  $this->determineMimeType($this->getImageMaterial()->getRawContent())
36  );
37  }
38 
42  public function getImageMaterial()
43  {
44  return $this->imageMaterial;
45  }
46 
50  public function setImageMaterial($imageMaterial)
51  {
52  $this->imageMaterial = $imageMaterial;
53  }
54 
58  protected function getDetectedMimeType()
59  {
60  return $this->detectedMimeType;
61  }
62 
66  protected function setDetectedMimeType($detectedMimeType)
67  {
68  $this->detectedMimeType = $detectedMimeType;
69  }
70 
71  public function validate()
72  {
73  if (!$this->validateLabel()) {
74  return false;
75  }
76 
77  if (!$this->validateContent()) {
78  return false;
79  }
80 
81  return true;
82  }
83 
84  protected function validateContent()
85  {
86  if ($this->getImageMaterial()->getImagetype() && !assQuestion::isAllowedImageMimeType($this->getImageMaterial()->getImagetype())) {
87  return false;
88  }
89 
90  if (!assQuestion::isAllowedImageMimeType($this->getDetectedMimeType())) {
91  return false;
92  }
93 
94  if ($this->getImageMaterial()->getImagetype()) {
95  $declaredMimeType = assQuestion::fetchMimeTypeIdentifier($this->getImageMaterial()->getImagetype());
96  $detectedMimeType = assQuestion::fetchMimeTypeIdentifier($this->getDetectedMimeType());
97 
98  if ($declaredMimeType != $detectedMimeType) {
99  // since ilias exports jpeg declared pngs itself, we skip this validation ^^
100  // return false;
101 
102  /* @var ilComponentLogger $log */
103  $log = $GLOBALS['DIC'] ? $GLOBALS['DIC']['ilLog'] : $GLOBALS['ilLog'];
104  $log->log(
105  'QPL: imported image with declared mime (' . $declaredMimeType . ') '
106  . 'and detected mime (' . $detectedMimeType . ')'
107  );
108  }
109  }
110 
111  return true;
112  }
113 
114  protected function validateLabel()
115  {
116  if ($this->getImageMaterial()->getUri()) {
117  if (!$this->hasFileExtension($this->getImageMaterial()->getUri())) {
118  return true;
119  }
120 
121  $extension = $this->determineFileExtension($this->getImageMaterial()->getUri());
122  } else {
123  $extension = $this->determineFileExtension($this->getImageMaterial()->getLabel());
124  }
125 
126  return assQuestion::isAllowedImageFileExtension($this->getDetectedMimeType(), $extension);
127  }
128 
129  public function sanitizeLabel()
130  {
131  $label = $this->getImageMaterial()->getLabel();
132 
133  $label = basename($label);
134  $label = ilUtil::stripSlashes($label);
135  $label = ilUtil::getASCIIFilename($label);
136 
137  $this->getImageMaterial()->setLabel($label);
138  }
139 
140  protected function determineMimeType($content)
141  {
142  return ilFileUtils::lookupContentMimeType($content);
143  }
144 
150  protected function determineFileExtension($label)
151  {
152  $pathInfo = pathinfo($label);
153 
154  if (isset($pathInfo['extension'])) {
155  return $pathInfo['extension'];
156  }
157 
158  return null;
159  }
160 
166  protected function hasFileExtension($label)
167  {
168  $pathInfo = pathinfo($label);
169 
170  return array_key_exists('extension', $pathInfo);
171  }
172 }
$GLOBALS
$GLOBALS['loaded']
Global hash that tracks already loaded includes.
Definition: generate-standalone.php:18
ilUtil\getASCIIFilename
static getASCIIFilename($a_filename)
convert utf8 to ascii filename
Definition: class.ilUtil.php:2085
assQuestion\isAllowedImageMimeType
static isAllowedImageMimeType($mimeType)
Definition: class.assQuestion.php:342
ilQtiMatImageSecurity\determineFileExtension
determineFileExtension($label)
Returns the determine file extension.
Definition: class.ilQtiMatImageSecurity.php:150
ilQtiMatImageSecurity\hasFileExtension
hasFileExtension($label)
Returns whether or not the passed label contains a file extension.
Definition: class.ilQtiMatImageSecurity.php:166
ilUtil\stripSlashes
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
Definition: class.ilUtil.php:2441
assQuestion\isAllowedImageFileExtension
static isAllowedImageFileExtension($mimeType, $fileExtension)
Definition: class.assQuestion.php:370
ilQtiMatImageSecurity\__construct
__construct(ilQTIMatimage $imageMaterial)
Definition: class.ilQtiMatImageSecurity.php:26
ilFileUtils\lookupContentMimeType
static lookupContentMimeType($content)
Definition: class.ilFileUtils.php:507
assQuestion\fetchMimeTypeIdentifier
static fetchMimeTypeIdentifier($contentTypeString)
Definition: class.assQuestion.php:347
ilQtiMatImageSecurity\setDetectedMimeType
setDetectedMimeType($detectedMimeType)
Definition: class.ilQtiMatImageSecurity.php:66
$log
$log
Definition: inc.setup_header.php:128