ILIAS  release_8 Revision v8.24
Public Member Functions | Protected Member Functions | Protected Attributes
ilQtiMatImageSecurity Class Reference
+ Collaboration diagram for ilQtiMatImageSecurity:

Public Member Functions

 __construct (ilQTIMatimage $imageMaterial)
 
 getImageMaterial ()
 
 setImageMaterial (ilQTIMatimage $imageMaterial)
 
 validate ()
 
 sanitizeLabel ()
 

Protected Member Functions

 getDetectedMimeType ()
 
 setDetectedMimeType (string $detectedMimeType)
 
 validateContent ()
 
 validateLabel ()
 
 determineMimeType (?string $content)
 
 determineFileExtension (string $label)
 
 hasFileExtension (string $label)
 

Protected Attributes

ilQTIMatimage $imageMaterial
 
string $detectedMimeType = ""
 

Detailed Description

Definition at line 28 of file class.ilQtiMatImageSecurity.php.

Constructor & Destructor Documentation

◆ __construct()

ilQtiMatImageSecurity::__construct ( ilQTIMatimage  $imageMaterial)

Definition at line 33 of file class.ilQtiMatImageSecurity.php.

34 {
35 $this->setImageMaterial($imageMaterial);
36
37 if (!strlen($this->getImageMaterial()->getRawContent())) {
38 throw new ilQtiException('cannot import image without content');
39 }
40
41 $this->setDetectedMimeType(
42 $this->determineMimeType($this->getImageMaterial()->getRawContent())
43 );
44 }
ilQtiMatImageSecurity\setImageMaterial
setImageMaterial(ilQTIMatimage $imageMaterial)
Definition: class.ilQtiMatImageSecurity.php:51
ilQtiMatImageSecurity\setDetectedMimeType
setDetectedMimeType(string $detectedMimeType)
Definition: class.ilQtiMatImageSecurity.php:61

References determineMimeType(), getImageMaterial(), setDetectedMimeType(), and setImageMaterial().

+ Here is the call graph for this function:

Member Function Documentation

◆ determineFileExtension()

ilQtiMatImageSecurity::determineFileExtension ( string  $label)
protected

Definition at line 142 of file class.ilQtiMatImageSecurity.php.

142 : ?string
143 {
144 $pathInfo = pathinfo($label);
145
146 if (isset($pathInfo['extension'])) {
147 return $pathInfo['extension'];
148 }
149
150 return null;
151 }

Referenced by validateLabel().

+ Here is the caller graph for this function:

◆ determineMimeType()

ilQtiMatImageSecurity::determineMimeType ( ?string  $content)
protected

Definition at line 135 of file class.ilQtiMatImageSecurity.php.

135 : string
136 {
137 $finfo = new finfo(FILEINFO_MIME);
138
139 return $finfo->buffer($content);
140 }

Referenced by __construct().

+ Here is the caller graph for this function:

◆ getDetectedMimeType()

ilQtiMatImageSecurity::getDetectedMimeType ( )
protected

Definition at line 56 of file class.ilQtiMatImageSecurity.php.

56 : string
57 {
58 return $this->detectedMimeType;
59 }

References $detectedMimeType.

Referenced by validateContent(), and validateLabel().

+ Here is the caller graph for this function:

◆ getImageMaterial()

ilQtiMatImageSecurity::getImageMaterial ( )

Definition at line 46 of file class.ilQtiMatImageSecurity.php.

46 : ilQTIMatimage
47 {
48 return $this->imageMaterial;
49 }

References $imageMaterial.

Referenced by __construct(), sanitizeLabel(), validateContent(), and validateLabel().

+ Here is the caller graph for this function:

◆ hasFileExtension()

ilQtiMatImageSecurity::hasFileExtension ( string  $label)
protected

Definition at line 153 of file class.ilQtiMatImageSecurity.php.

153 : bool
154 {
155 $pathInfo = pathinfo($label);
156
157 return array_key_exists('extension', $pathInfo);
158 }

Referenced by validateLabel().

+ Here is the caller graph for this function:

◆ sanitizeLabel()

ilQtiMatImageSecurity::sanitizeLabel ( )

Definition at line 124 of file class.ilQtiMatImageSecurity.php.

124 : void
125 {
126 $label = $this->getImageMaterial()->getLabel();
127
128 $label = basename($label);
129 $label = ilUtil::stripSlashes($label);
130 $label = ilFileUtils::getASCIIFilename($label);
131
132 $this->getImageMaterial()->setLabel($label);
133 }
ilFileUtils\getASCIIFilename
static getASCIIFilename(string $a_filename)
Definition: class.ilFileUtils.php:812
ilUtil\stripSlashes
static stripSlashes(string $a_str, bool $a_strip_html=true, string $a_allow="")
Definition: class.ilUtil.php:401

References ilFileUtils\getASCIIFilename(), getImageMaterial(), and ilUtil\stripSlashes().

+ Here is the call graph for this function:

◆ setDetectedMimeType()

ilQtiMatImageSecurity::setDetectedMimeType ( string  $detectedMimeType)
protected

Definition at line 61 of file class.ilQtiMatImageSecurity.php.

61 : void
62 {
63 $this->detectedMimeType = $detectedMimeType;
64 }

References $detectedMimeType.

Referenced by __construct().

+ Here is the caller graph for this function:

◆ setImageMaterial()

ilQtiMatImageSecurity::setImageMaterial ( ilQTIMatimage  $imageMaterial)

Definition at line 51 of file class.ilQtiMatImageSecurity.php.

51 : void
52 {
53 $this->imageMaterial = $imageMaterial;
54 }

References $imageMaterial.

Referenced by __construct().

+ Here is the caller graph for this function:

◆ validate()

ilQtiMatImageSecurity::validate ( )

Definition at line 66 of file class.ilQtiMatImageSecurity.php.

66 : bool
67 {
68 if (!$this->validateLabel()) {
69 return false;
70 }
71
72 if (!$this->validateContent()) {
73 return false;
74 }
75
76 return true;
77 }

References validateContent(), and validateLabel().

+ Here is the call graph for this function:

◆ validateContent()

ilQtiMatImageSecurity::validateContent ( )
protected

Definition at line 79 of file class.ilQtiMatImageSecurity.php.

79 : bool
80 {
81 if ($this->getImageMaterial()->getImagetype() && !assQuestion::isAllowedImageMimeType($this->getImageMaterial()->getImagetype())) {
82 return false;
83 }
84
85 if (!assQuestion::isAllowedImageMimeType($this->getDetectedMimeType())) {
86 return false;
87 }
88
89 if ($this->getImageMaterial()->getImagetype()) {
90 $declaredMimeType = assQuestion::fetchMimeTypeIdentifier($this->getImageMaterial()->getImagetype());
91 $detectedMimeType = assQuestion::fetchMimeTypeIdentifier($this->getDetectedMimeType());
92
93 if ($declaredMimeType != $detectedMimeType) {
94 // since ilias exports jpeg declared pngs itself, we skip this validation ^^
95 // return false;
96
97 /* @var ilComponentLogger $log */
98 $log = $GLOBALS['DIC'] ? $GLOBALS['DIC']['ilLog'] : $GLOBALS['ilLog'];
99 $log->log(
100 'QPL: imported image with declared mime (' . $declaredMimeType . ') '
101 . 'and detected mime (' . $detectedMimeType . ')'
102 );
103 }
104 }
105
106 return true;
107 }
$GLOBALS
if(!defined('PATH_SEPARATOR')) $GLOBALS['_PEAR_default_error_mode']
Definition: PEAR.php:64
assQuestion\fetchMimeTypeIdentifier
static fetchMimeTypeIdentifier(string $contentType)
Definition: class.assQuestion.php:253
assQuestion\isAllowedImageMimeType
static isAllowedImageMimeType($mimeType)
Definition: class.assQuestion.php:248
$log
$log
Definition: result.php:33

References $detectedMimeType, $GLOBALS, $log, assQuestion\fetchMimeTypeIdentifier(), getDetectedMimeType(), getImageMaterial(), and assQuestion\isAllowedImageMimeType().

Referenced by validate().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ validateLabel()

ilQtiMatImageSecurity::validateLabel ( )
protected

Definition at line 109 of file class.ilQtiMatImageSecurity.php.

109 : bool
110 {
111 if ($this->getImageMaterial()->getUri()) {
112 if (!$this->hasFileExtension($this->getImageMaterial()->getUri())) {
113 return true;
114 }
115
116 $extension = $this->determineFileExtension($this->getImageMaterial()->getUri());
117 } else {
118 $extension = $this->determineFileExtension($this->getImageMaterial()->getLabel());
119 }
120
121 return assQuestion::isAllowedImageFileExtension($this->getDetectedMimeType(), $extension);
122 }
assQuestion\isAllowedImageFileExtension
static isAllowedImageFileExtension(string $mimeType, string $fileExtension)
Definition: class.assQuestion.php:276

References determineFileExtension(), getDetectedMimeType(), getImageMaterial(), hasFileExtension(), and assQuestion\isAllowedImageFileExtension().

Referenced by validate().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

Field Documentation

◆ $detectedMimeType

string ilQtiMatImageSecurity::$detectedMimeType = ""
protected

Definition at line 31 of file class.ilQtiMatImageSecurity.php.

Referenced by getDetectedMimeType(), setDetectedMimeType(), and validateContent().

◆ $imageMaterial

ilQTIMatimage ilQtiMatImageSecurity::$imageMaterial
protected

Definition at line 30 of file class.ilQtiMatImageSecurity.php.

Referenced by getImageMaterial(), and setImageMaterial().

The documentation for this class was generated from the following file: