Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
| Total | |
0.00% |
0 / 32 |
|
0.00% |
0 / 8 |
CRAP | |
0.00% |
0 / 1 |
| WebRequestUpload | |
0.00% |
0 / 31 |
|
0.00% |
0 / 8 |
306 | |
0.00% |
0 / 1 |
| __construct | |
0.00% |
0 / 4 |
|
0.00% |
0 / 1 |
6 | |||
| exists | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| getName | |
0.00% |
0 / 7 |
|
0.00% |
0 / 1 |
6 | |||
| getSize | |
0.00% |
0 / 3 |
|
0.00% |
0 / 1 |
6 | |||
| getTempName | |
0.00% |
0 / 3 |
|
0.00% |
0 / 1 |
6 | |||
| getType | |
0.00% |
0 / 3 |
|
0.00% |
0 / 1 |
6 | |||
| getError | |
0.00% |
0 / 3 |
|
0.00% |
0 / 1 |
6 | |||
| isIniSizeOverflow | |
0.00% |
0 / 7 |
|
0.00% |
0 / 1 |
20 | |||
| 1 | <?php |
| 2 | /** |
| 3 | * Object to access the $_FILES array |
| 4 | * |
| 5 | * This program is free software; you can redistribute it and/or modify |
| 6 | * it under the terms of the GNU General Public License as published by |
| 7 | * the Free Software Foundation; either version 2 of the License, or |
| 8 | * (at your option) any later version. |
| 9 | * |
| 10 | * This program is distributed in the hope that it will be useful, |
| 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 13 | * GNU General Public License for more details. |
| 14 | * |
| 15 | * You should have received a copy of the GNU General Public License along |
| 16 | * with this program; if not, write to the Free Software Foundation, Inc., |
| 17 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
| 18 | * http://www.gnu.org/copyleft/gpl.html |
| 19 | * |
| 20 | * @file |
| 21 | */ |
| 22 | |
| 23 | namespace MediaWiki\Request; |
| 24 | |
| 25 | use MediaWiki\MediaWikiServices; |
| 26 | use MediaWiki\Parser\Sanitizer; |
| 27 | |
| 28 | // The point of this class is to be a wrapper around super globals |
| 29 | // phpcs:disable MediaWiki.Usage.SuperGlobalsUsage.SuperGlobals |
| 30 | |
| 31 | /** |
| 32 | * Object to access the $_FILES array |
| 33 | * |
| 34 | * @ingroup HTTP |
| 35 | */ |
| 36 | class WebRequestUpload { |
| 37 | /** All keys a fileinfo has to specific to work with this class */ |
| 38 | public const REQUIRED_FILEINFO_KEYS = [ 'name', 'size', 'tmp_name', 'type', 'error', ]; |
| 39 | /** @var WebRequest */ |
| 40 | protected $request; |
| 41 | /** @var bool */ |
| 42 | protected $doesExist; |
| 43 | /** @var array|null */ |
| 44 | protected $fileInfo; |
| 45 | |
| 46 | /** |
| 47 | * Constructor. Should only be called by WebRequest |
| 48 | * |
| 49 | * @param WebRequest $request The associated request |
| 50 | * @param string $key Key in $_FILES array (name of form field) |
| 51 | */ |
| 52 | public function __construct( $request, $key ) { |
| 53 | $this->request = $request; |
| 54 | $this->doesExist = isset( $_FILES[$key] ); |
| 55 | if ( $this->doesExist ) { |
| 56 | $this->fileInfo = $_FILES[$key]; |
| 57 | } |
| 58 | } |
| 59 | |
| 60 | /** |
| 61 | * Return whether a file with this name was uploaded. |
| 62 | * |
| 63 | * @return bool |
| 64 | */ |
| 65 | public function exists() { |
| 66 | return $this->doesExist; |
| 67 | } |
| 68 | |
| 69 | /** |
| 70 | * Return the original filename of the uploaded file |
| 71 | * |
| 72 | * @return string|null Filename or null if non-existent |
| 73 | */ |
| 74 | public function getName() { |
| 75 | if ( !$this->exists() ) { |
| 76 | return null; |
| 77 | } |
| 78 | |
| 79 | // @phan-suppress-next-line PhanTypeArraySuspiciousNullable Okay after exists check |
| 80 | $name = $this->fileInfo['name']; |
| 81 | |
| 82 | # Safari sends filenames in HTML-encoded Unicode form D... |
| 83 | # Horrid and evil! Let's try to make some kind of sense of it. |
| 84 | $name = Sanitizer::decodeCharReferences( $name ); |
| 85 | $name = MediaWikiServices::getInstance()->getContentLanguage()->normalize( $name ); |
| 86 | // @phan-suppress-next-line PhanTypeArraySuspiciousNullable Okay after exists check |
| 87 | wfDebug( __METHOD__ . ": {$this->fileInfo['name']} normalized to '$name'" ); |
| 88 | return $name; |
| 89 | } |
| 90 | |
| 91 | /** |
| 92 | * Return the file size of the uploaded file |
| 93 | * |
| 94 | * @return int File size or zero if non-existent |
| 95 | */ |
| 96 | public function getSize() { |
| 97 | if ( !$this->exists() ) { |
| 98 | return 0; |
| 99 | } |
| 100 | |
| 101 | // @phan-suppress-next-line PhanTypeArraySuspiciousNullable Okay after exists check |
| 102 | return $this->fileInfo['size']; |
| 103 | } |
| 104 | |
| 105 | /** |
| 106 | * Return the path to the temporary file |
| 107 | * |
| 108 | * @return string|null Path or null if non-existent |
| 109 | */ |
| 110 | public function getTempName() { |
| 111 | if ( !$this->exists() ) { |
| 112 | return null; |
| 113 | } |
| 114 | |
| 115 | // @phan-suppress-next-line PhanTypeArraySuspiciousNullable Okay after exists check |
| 116 | return $this->fileInfo['tmp_name']; |
| 117 | } |
| 118 | |
| 119 | /** |
| 120 | * Return the client specified content type |
| 121 | * |
| 122 | * @return string|null Type or null if non-existent |
| 123 | * @since 1.35 |
| 124 | */ |
| 125 | public function getType() { |
| 126 | if ( !$this->exists() ) { |
| 127 | return null; |
| 128 | } |
| 129 | |
| 130 | // @phan-suppress-next-line PhanTypeArraySuspiciousNullable Okay after exists check |
| 131 | return $this->fileInfo['type']; |
| 132 | } |
| 133 | |
| 134 | /** |
| 135 | * Return the upload error. See link for explanation |
| 136 | * https://www.php.net/manual/en/features.file-upload.errors.php |
| 137 | * |
| 138 | * @return int One of the UPLOAD_ constants, 0 if non-existent |
| 139 | */ |
| 140 | public function getError() { |
| 141 | if ( !$this->exists() ) { |
| 142 | return 0; # UPLOAD_ERR_OK |
| 143 | } |
| 144 | |
| 145 | // @phan-suppress-next-line PhanTypeArraySuspiciousNullable Okay after exists check |
| 146 | return $this->fileInfo['error']; |
| 147 | } |
| 148 | |
| 149 | /** |
| 150 | * Returns whether this upload failed because of overflow of a maximum set |
| 151 | * in php.ini |
| 152 | * |
| 153 | * @return bool |
| 154 | */ |
| 155 | public function isIniSizeOverflow() { |
| 156 | if ( $this->getError() == UPLOAD_ERR_INI_SIZE ) { |
| 157 | # PHP indicated that upload_max_filesize is exceeded |
| 158 | return true; |
| 159 | } |
| 160 | |
| 161 | $contentLength = $this->request->getHeader( 'Content-Length' ); |
| 162 | $maxPostSize = wfShorthandToInteger( ini_get( 'post_max_size' ), 0 ); |
| 163 | |
| 164 | if ( $maxPostSize && $contentLength > $maxPostSize ) { |
| 165 | # post_max_size is exceeded |
| 166 | return true; |
| 167 | } |
| 168 | |
| 169 | return false; |
| 170 | } |
| 171 | } |
| 172 | |
| 173 | /** @deprecated class alias since 1.40 */ |
| 174 | class_alias( WebRequestUpload::class, 'WebRequestUpload' ); |