[ Index ]

PHP Cross Reference of phpBB-3.3.2-deutsch

title

Body

[close]

/phpbb/avatar/driver/ -> remote.php (source)

   1  <?php
   2  /**
   3  *
   4  * This file is part of the phpBB Forum Software package.
   5  *
   6  * @copyright (c) phpBB Limited <https://www.phpbb.com>
   7  * @license GNU General Public License, version 2 (GPL-2.0)
   8  *
   9  * For full copyright and license information, please see
  10  * the docs/CREDITS.txt file.
  11  *
  12  */
  13  
  14  namespace phpbb\avatar\driver;
  15  
  16  /**
  17  * Handles avatars hosted remotely
  18  */
  19  class remote extends \phpbb\avatar\driver\driver
  20  {
  21      /**
  22      * {@inheritdoc}
  23      */
  24  	public function get_data($row)
  25      {
  26          return array(
  27              'src' => $row['avatar'],
  28              'width' => $row['avatar_width'],
  29              'height' => $row['avatar_height'],
  30          );
  31      }
  32  
  33      /**
  34      * {@inheritdoc}
  35      */
  36  	public function prepare_form($request, $template, $user, $row, &$error)
  37      {
  38          $template->assign_vars(array(
  39              'AVATAR_REMOTE_WIDTH' => ((in_array($row['avatar_type'], array(AVATAR_REMOTE, $this->get_name(), 'remote'))) && $row['avatar_width']) ? $row['avatar_width'] : $request->variable('avatar_remote_width', ''),
  40              'AVATAR_REMOTE_HEIGHT' => ((in_array($row['avatar_type'], array(AVATAR_REMOTE, $this->get_name(), 'remote'))) && $row['avatar_height']) ? $row['avatar_height'] : $request->variable('avatar_remote_width', ''),
  41              'AVATAR_REMOTE_URL' => ((in_array($row['avatar_type'], array(AVATAR_REMOTE, $this->get_name(), 'remote'))) && $row['avatar']) ? $row['avatar'] : '',
  42          ));
  43  
  44          return true;
  45      }
  46  
  47      /**
  48      * {@inheritdoc}
  49      */
  50  	public function process_form($request, $template, $user, $row, &$error)
  51      {
  52          global $phpbb_dispatcher;
  53  
  54          $url = $request->variable('avatar_remote_url', '');
  55          $width = $request->variable('avatar_remote_width', 0);
  56          $height = $request->variable('avatar_remote_height', 0);
  57  
  58          if (empty($url))
  59          {
  60              return false;
  61          }
  62  
  63          if (!preg_match('#^(http|https|ftp)://#i', $url))
  64          {
  65              $url = 'http://' . $url;
  66          }
  67  
  68          if (!function_exists('validate_data'))
  69          {
  70              require($this->phpbb_root_path . 'includes/functions_user.' . $this->php_ext);
  71          }
  72  
  73          $validate_array = validate_data(
  74              array(
  75                  'url' => $url,
  76              ),
  77              array(
  78                  'url' => array('string', true, 5, 255),
  79              )
  80          );
  81  
  82          $error = array_merge($error, $validate_array);
  83  
  84          if (!empty($error))
  85          {
  86              return false;
  87          }
  88  
  89          /**
  90           * Event to make custom validation of avatar upload
  91           *
  92           * @event core.ucp_profile_avatar_upload_validation
  93           * @var    string    url        Image url
  94           * @var    string    width    Image width
  95           * @var    string    height    Image height
  96           * @var    array    error    Error message array
  97           * @since 3.2.9-RC1
  98           */
  99          $vars = array('url', 'width', 'height', 'error');
 100          extract($phpbb_dispatcher->trigger_event('core.ucp_profile_avatar_upload_validation', compact($vars)));
 101  
 102          if (!empty($error))
 103          {
 104              return false;
 105          }
 106  
 107          // Check if this url looks alright
 108          // Do not allow specifying the port (see RFC 3986) or IP addresses
 109          if (!preg_match('#^(http|https|ftp)://(?:(.*?\.)*?[a-z0-9\-]+?\.[a-z]{2,4}|(?:\d{1,3}\.){3,5}\d{1,3}):?([0-9]*?).*?\.('. implode('|', $this->allowed_extensions) . ')$#i', $url) ||
 110              preg_match('@^(http|https|ftp)://[^/:?#]+:[0-9]+[/:?#]@i', $url) ||
 111              preg_match('#^(http|https|ftp)://(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])#i', $url) ||
 112              preg_match('#^(http|https|ftp)://(?:(?:(?:[\dA-F]{1,4}:){6}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:::(?:[\dA-F]{1,4}:){0,5}(?:[\dA-F]{1,4}(?::[\dA-F]{1,4})?|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:):(?:[\dA-F]{1,4}:){4}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,2}:(?:[\dA-F]{1,4}:){3}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,3}:(?:[\dA-F]{1,4}:){2}(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,4}:(?:[\dA-F]{1,4}:)(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,5}:(?:[\dA-F]{1,4}:[\dA-F]{1,4}|(?:(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.){3}(?:\d{1,2}|1\d\d|2[0-4]\d|25[0-5])))|(?:(?:[\dA-F]{1,4}:){1,6}:[\dA-F]{1,4})|(?:(?:[\dA-F]{1,4}:){1,7}:)|(?:::))#i', $url))
 113          {
 114              $error[] = 'AVATAR_URL_INVALID';
 115              return false;
 116          }
 117  
 118          // Get image dimensions
 119          if (($width <= 0 || $height <= 0) && (($image_data = $this->imagesize->getImageSize($url)) === false))
 120          {
 121              $error[] = 'UNABLE_GET_IMAGE_SIZE';
 122              return false;
 123          }
 124  
 125          if (!empty($image_data) && ($image_data['width'] <= 0 || $image_data['height'] <= 0))
 126          {
 127              $error[] = 'AVATAR_NO_SIZE';
 128              return false;
 129          }
 130  
 131          $width = ($width && $height) ? $width : $image_data['width'];
 132          $height = ($width && $height) ? $height : $image_data['height'];
 133  
 134          if ($width <= 0 || $height <= 0)
 135          {
 136              $error[] = 'AVATAR_NO_SIZE';
 137              return false;
 138          }
 139  
 140          $types = \phpbb\files\upload::image_types();
 141          $extension = strtolower(\phpbb\files\filespec::get_extension($url));
 142  
 143          // Check if this is actually an image
 144          if ($file_stream = @fopen($url, 'r'))
 145          {
 146              // Timeout after 1 second
 147              stream_set_timeout($file_stream, 1);
 148              // read some data to ensure headers are present
 149              fread($file_stream, 1024);
 150              $meta = stream_get_meta_data($file_stream);
 151  
 152              if (isset($meta['wrapper_data']['headers']) && is_array($meta['wrapper_data']['headers']))
 153              {
 154                  $headers = $meta['wrapper_data']['headers'];
 155              }
 156              else if (isset($meta['wrapper_data']) && is_array($meta['wrapper_data']))
 157              {
 158                  $headers = $meta['wrapper_data'];
 159              }
 160              else
 161              {
 162                  $headers = array();
 163              }
 164  
 165              foreach ($headers as $header)
 166              {
 167                  $header = preg_split('/ /', $header, 2);
 168                  if (strtr(strtolower(trim($header[0], ':')), '_', '-') === 'content-type')
 169                  {
 170                      if (strpos($header[1], 'image/') !== 0)
 171                      {
 172                          $error[] = 'AVATAR_URL_INVALID';
 173                          fclose($file_stream);
 174                          return false;
 175                      }
 176                      else
 177                      {
 178                          fclose($file_stream);
 179                          break;
 180                      }
 181                  }
 182              }
 183          }
 184          else
 185          {
 186              $error[] = 'AVATAR_URL_INVALID';
 187              return false;
 188          }
 189  
 190          if (!empty($image_data) && (!isset($types[$image_data['type']]) || !in_array($extension, $types[$image_data['type']])))
 191          {
 192              if (!isset($types[$image_data['type']]))
 193              {
 194                  $error[] = 'UNABLE_GET_IMAGE_SIZE';
 195              }
 196              else
 197              {
 198                  $error[] = array('IMAGE_FILETYPE_MISMATCH', $types[$image_data['type']][0], $extension);
 199              }
 200  
 201              return false;
 202          }
 203  
 204          if ($this->config['avatar_max_width'] || $this->config['avatar_max_height'])
 205          {
 206              if ($width > $this->config['avatar_max_width'] || $height > $this->config['avatar_max_height'])
 207              {
 208                  $error[] = array('AVATAR_WRONG_SIZE', $this->config['avatar_min_width'], $this->config['avatar_min_height'], $this->config['avatar_max_width'], $this->config['avatar_max_height'], $width, $height);
 209                  return false;
 210              }
 211          }
 212  
 213          if ($this->config['avatar_min_width'] || $this->config['avatar_min_height'])
 214          {
 215              if ($width < $this->config['avatar_min_width'] || $height < $this->config['avatar_min_height'])
 216              {
 217                  $error[] = array('AVATAR_WRONG_SIZE', $this->config['avatar_min_width'], $this->config['avatar_min_height'], $this->config['avatar_max_width'], $this->config['avatar_max_height'], $width, $height);
 218                  return false;
 219              }
 220          }
 221  
 222          return array(
 223              'avatar' => $url,
 224              'avatar_width' => $width,
 225              'avatar_height' => $height,
 226          );
 227      }
 228  
 229      /**
 230      * {@inheritdoc}
 231      */
 232  	public function get_template_name()
 233      {
 234          return 'ucp_avatar_options_remote.html';
 235      }
 236  }


Generated: Wed Nov 11 20:28:18 2020 Cross-referenced by PHPXref 0.7.1