ILIAS  trunk Revision v11.0_alpha-2662-g519ff7d528f
Public Member Functions | Protected Member Functions | Protected Attributes
ilQtiMatImageSecurity Class Reference
+ Collaboration diagram for ilQtiMatImageSecurity:

Public Member Functions

 __construct (protected ilQTIMatimage $image_material, private QuestionFiles $question_files)
 
 getImageMaterial ()
 
 setImageMaterial (ilQTIMatimage $image_material)
 
 validate ()
 
 sanitizeLabel ()
 

Protected Member Functions

 getDetectedMimeType ()
 
 setDetectedMimeType (string $detectedMimeType)
 
 validateContent ()
 
 validateLabel ()
 
 determineMimeType (?string $content)
 
 determineFileExtension (string $label)
 
 hasFileExtension (string $label)
 

Protected Attributes

string $detectedMimeType = ""
 

Detailed Description

Definition at line 29 of file class.ilQtiMatImageSecurity.php.

Constructor & Destructor Documentation

◆ __construct()

ilQtiMatImageSecurity::__construct ( protected ilQTIMatimage  $image_material,
private QuestionFiles  $question_files 
)

Definition at line 33 of file class.ilQtiMatImageSecurity.php.

References determineMimeType(), getImageMaterial(), and setDetectedMimeType().

36  {
37  if (!strlen($this->getImageMaterial()->getRawContent())) {
38  throw new ilQtiException('cannot import image without content');
39  }
40 
41  $this->setDetectedMimeType(
42  $this->determineMimeType($this->getImageMaterial()->getRawContent())
43  );
44  }
ilQtiMatImageSecurity\setDetectedMimeType
setDetectedMimeType(string $detectedMimeType)
Definition: class.ilQtiMatImageSecurity.php:61
+ Here is the call graph for this function:

Member Function Documentation

◆ determineFileExtension()

ilQtiMatImageSecurity::determineFileExtension ( string  $label)
protected

Definition at line 142 of file class.ilQtiMatImageSecurity.php.

References null.

Referenced by validateLabel().

142  : ?string
143  {
144  $pathInfo = pathinfo($label);
145 
146  if (isset($pathInfo['extension'])) {
147  return $pathInfo['extension'];
148  }
149 
150  return null;
151  }
null
while($session_entry=$r->fetchRow(ilDBConstants::FETCHMODE_ASSOC)) return null
Definition: shib_logout.php:144
+ Here is the caller graph for this function:

◆ determineMimeType()

ilQtiMatImageSecurity::determineMimeType ( ?string  $content)
protected

Definition at line 135 of file class.ilQtiMatImageSecurity.php.

Referenced by __construct().

135  : string
136  {
137  $finfo = new finfo(FILEINFO_MIME);
138 
139  return $finfo->buffer($content);
140  }
+ Here is the caller graph for this function:

◆ getDetectedMimeType()

ilQtiMatImageSecurity::getDetectedMimeType ( )
protected

Definition at line 56 of file class.ilQtiMatImageSecurity.php.

References $detectedMimeType.

Referenced by validateContent(), and validateLabel().

56  : string
57  {
58  return $this->detectedMimeType;
59  }
+ Here is the caller graph for this function:

◆ getImageMaterial()

ilQtiMatImageSecurity::getImageMaterial ( )

Definition at line 46 of file class.ilQtiMatImageSecurity.php.

Referenced by __construct(), sanitizeLabel(), validateContent(), and validateLabel().

46  : ilQTIMatimage
47  {
48  return $this->image_material;
49  }
+ Here is the caller graph for this function:

◆ hasFileExtension()

ilQtiMatImageSecurity::hasFileExtension ( string  $label)
protected

Definition at line 153 of file class.ilQtiMatImageSecurity.php.

Referenced by validateLabel().

153  : bool
154  {
155  $pathInfo = pathinfo($label);
156 
157  return array_key_exists('extension', $pathInfo);
158  }
+ Here is the caller graph for this function:

◆ sanitizeLabel()

ilQtiMatImageSecurity::sanitizeLabel ( )

Definition at line 124 of file class.ilQtiMatImageSecurity.php.

References ilFileUtils\getASCIIFilename(), getImageMaterial(), and ilUtil\stripSlashes().

124  : void
125  {
126  $label = $this->getImageMaterial()->getLabel();
127 
128  $label = basename($label);
129  $label = ilUtil::stripSlashes($label);
130  $label = ilFileUtils::getASCIIFilename($label);
131 
132  $this->getImageMaterial()->setLabel($label);
133  }
ilUtil\stripSlashes
static stripSlashes(string $a_str, bool $a_strip_html=true, string $a_allow="")
Definition: class.ilUtil.php:392
ilFileUtils\getASCIIFilename
static getASCIIFilename(string $a_filename)
Definition: class.ilFileUtils.php:662
+ Here is the call graph for this function:

◆ setDetectedMimeType()

ilQtiMatImageSecurity::setDetectedMimeType ( string  $detectedMimeType)
protected

Definition at line 61 of file class.ilQtiMatImageSecurity.php.

References $detectedMimeType.

Referenced by __construct().

61  : void
62  {
63  $this->detectedMimeType = $detectedMimeType;
64  }
+ Here is the caller graph for this function:

◆ setImageMaterial()

ilQtiMatImageSecurity::setImageMaterial ( ilQTIMatimage  $image_material)

Definition at line 51 of file class.ilQtiMatImageSecurity.php.

51  : void
52  {
53  $this->image_material = $image_material;
54  }

◆ validate()

ilQtiMatImageSecurity::validate ( )

Definition at line 66 of file class.ilQtiMatImageSecurity.php.

References validateContent(), and validateLabel().

66  : bool
67  {
68  if (!$this->validateLabel()) {
69  return false;
70  }
71 
72  if (!$this->validateContent()) {
73  return false;
74  }
75 
76  return true;
77  }
+ Here is the call graph for this function:

◆ validateContent()

ilQtiMatImageSecurity::validateContent ( )
protected

Definition at line 79 of file class.ilQtiMatImageSecurity.php.

References $GLOBALS, $log, getDetectedMimeType(), and getImageMaterial().

Referenced by validate().

79  : bool
80  {
81  if ($this->getImageMaterial()->getImagetype() && !$this->question_files->isAllowedImageMimeType($this->getImageMaterial()->getImagetype())) {
82  return false;
83  }
84 
85  if (!$this->question_files->isAllowedImageMimeType($this->getDetectedMimeType())) {
86  return false;
87  }
88 
89  if ($this->getImageMaterial()->getImagetype()) {
90  $declaredMimeType = current(explode(';', $this->getImageMaterial()->getImagetype()));
91  $detectedMimeType = current(explode(';', $this->getDetectedMimeType()));
92 
93  if ($declaredMimeType != $detectedMimeType) {
94  // since ilias exports jpeg declared pngs itself, we skip this validation ^^
95  // return false;
96 
97  /* @var ilComponentLogger $log */
98  $log = $GLOBALS['DIC'] ? $GLOBALS['DIC']['ilLog'] : $GLOBALS['ilLog'];
99  $log->log(
100  'QPL: imported image with declared mime (' . $declaredMimeType . ') '
101  . 'and detected mime (' . $detectedMimeType . ')'
102  );
103  }
104  }
105 
106  return true;
107  }
$GLOBALS
$GLOBALS["DIC"]
Definition: wac.php:54
$log
$log
Definition: result.php:32
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ validateLabel()

ilQtiMatImageSecurity::validateLabel ( )
protected

Definition at line 109 of file class.ilQtiMatImageSecurity.php.

References determineFileExtension(), getDetectedMimeType(), getImageMaterial(), ILIAS\Test\Questions\Presentation\getLabel, and hasFileExtension().

Referenced by validate().

109  : bool
110  {
111  if ($this->getImageMaterial()->getUri()) {
112  if (!$this->hasFileExtension($this->getImageMaterial()->getUri())) {
113  return true;
114  }
115 
116  $extension = $this->determineFileExtension($this->getImageMaterial()->getUri());
117  } else {
118  $extension = $this->determineFileExtension($this->getImageMaterial()->getLabel());
119  }
120 
121  return $this->question_files->isAllowedImageFileExtension($this->getDetectedMimeType(), $extension);
122  }
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

Field Documentation

◆ $detectedMimeType

string ilQtiMatImageSecurity::$detectedMimeType = ""
protected

Definition at line 31 of file class.ilQtiMatImageSecurity.php.

Referenced by getDetectedMimeType(), and setDetectedMimeType().

The documentation for this class was generated from the following file: