MediaWiki REL1_33
|
UploadBase and subclasses are the backend of MediaWiki's file uploads. More...
Public Member Functions | |
__construct () | |
checkSvgScriptCallback ( $element, $attribs, $data=null) | |
checkWarnings () | |
Check for non fatal problems with the file. | |
cleanupTempFile () | |
If we've modified the upload file we need to manually remove it on exit to clean up. | |
convertVerifyErrorToStatus ( $error) | |
fetchFile () | |
Fetch the file. | |
getFileSize () | |
Return the file size. | |
getImageInfo ( $result) | |
Gets image info about the file just uploaded. | |
getLocalFile () | |
Return the local file and initializes if necessary. | |
getRealPath ( $srcPath) | |
getSourceType () | |
Returns the upload type. | |
getStashFile () | |
getTempFileSha1Base36 () | |
Get the base 36 SHA1 of the file. | |
getTempPath () | |
getTitle () | |
Returns the title of the file to be uploaded. | |
getVerificationErrorCode ( $error) | |
initializeFromRequest (&$request) | |
Initialize from a WebRequest. | |
initializePathInfo ( $name, $tempPath, $fileSize, $removeTempFile=false) | |
Initialize the path information. | |
isEmptyFile () | |
Return true if the file is empty. | |
performUpload ( $comment, $pageText, $watch, $user, $tags=[]) | |
Really perform the upload. | |
postProcessUpload () | |
Perform extra steps after a successful upload. | |
stashFile (User $user=null) | |
If the user does not supply all necessary information in the first upload form submission (either by accident or by design) then we may want to stash the file temporarily, get more information, and publish the file later. | |
stashFileGetKey () | |
Stash a file in a temporary directory, returning a key which can be used to find the file again. | |
stashSession () | |
alias for stashFileGetKey, for backwards compatibility | |
tryStashFile (User $user, $isPartial=false) | |
Like stashFile(), but respects extensions' wishes to prevent the stashing. | |
validateName () | |
Verify that the name is valid and, if necessary, that we can overwrite. | |
verifyPermissions ( $user) | |
Alias for verifyTitlePermissions. | |
verifyTitlePermissions ( $user) | |
Check whether the user can edit, upload and create the image. | |
verifyUpload () | |
Verify whether the upload is sane. | |
zipEntryCallback ( $entry) | |
Callback for ZipDirectoryReader to detect Java class files. | |
Static Public Member Functions | |
static | checkFileExtension ( $ext, $list) |
Perform case-insensitive match against a list of file extensions. | |
static | checkFileExtensionList ( $ext, $list) |
Perform case-insensitive match against a list of file extensions. | |
static | checkSvgExternalDTD ( $type, $publicId, $systemId) |
Verify that DTD urls referenced are only the standard dtds. | |
static | checkSvgPICallback ( $target, $data) |
Callback to filter SVG Processing Instructions. | |
static | checkXMLEncodingMissmatch ( $file) |
Check a whitelist of xml encodings that are known not to be interpreted differently by the server's xml parser (expat) and some common browsers. | |
static | createFromRequest (&$request, $type=null) |
Create a form of UploadBase depending on wpSourceType and initializes it. | |
static | detectScript ( $file, $mime, $extension) |
Heuristic for detecting files that could contain JavaScript instructions or things that may look like HTML to a browser and are thus potentially harmful. | |
static | detectVirus ( $file) |
Generic wrapper function for a virus scanner program. | |
static | getExistsWarning ( $file) |
Helper function that does various existence checks for a file. | |
static | getFilenamePrefixBlacklist () |
Get a list of blacklisted filename prefixes from [[MediaWiki:Filename-prefix-blacklist]]. | |
static | getMaxPhpUploadSize () |
Get the PHP maximum uploaded file size, based on ini settings. | |
static | getMaxUploadSize ( $forType=null) |
Get the MediaWiki maximum uploaded file size for given type of upload, based on $wgMaxUploadSize. | |
static | getSessionStatus (User $user, $statusKey) |
Get the current status of a chunked upload (used for polling) | |
static | isAllowed ( $user) |
Returns true if the user can use this upload module or else a string identifying the missing permission. | |
static | isEnabled () |
Returns true if uploads are enabled. | |
static | isThrottled ( $user) |
Returns true if the user has surpassed the upload rate limit, false otherwise. | |
static | isThumbName ( $filename) |
Helper function that checks whether the filename looks like a thumbnail. | |
static | isValidRequest ( $request) |
Check whether a request if valid for this handler. | |
static | setSessionStatus (User $user, $statusKey, $value) |
Set the current status of a chunked upload (used for polling) | |
static | splitExtensions ( $filename) |
Split a file into a base name and all dot-delimited 'extensions' on the end. | |
static | userCanReUpload (User $user, File $img) |
Check if a user is the last uploader. | |
static | verifyExtension ( $mime, $extension) |
Checks if the MIME type of the uploaded file matches the file extension. | |
Public Attributes | |
const | EMPTY_FILE = 3 |
const | FILE_TOO_LARGE = 12 |
const | FILENAME_TOO_LONG = 14 |
const | FILETYPE_BADTYPE = 9 |
const | FILETYPE_MISSING = 8 |
const | HOOK_ABORTED = 11 |
const | ILLEGAL_FILENAME = 5 |
const | MIN_LENGTH_PARTNAME = 4 |
const | OK = 0 |
const | OVERWRITE_EXISTING_FILE = 7 |
const | SUCCESS = 0 |
const | VERIFICATION_ERROR = 10 |
const | WINDOWS_NONASCII_FILENAME = 13 |
Protected Member Functions | |
detectScriptInSvg ( $filename, $partial) | |
doStashFile (User $user=null) | |
Implementation for stashFile() and tryStashFile(). | |
runUploadStashFileHook (User $user) | |
setTempFile ( $tempPath, $fileSize=null) | |
verifyFile () | |
Verifies that it's ok to include the uploaded file. | |
verifyMimeType ( $mime) | |
Verify the MIME type. | |
verifyPartialFile () | |
A verification routine suitable for partial files. | |
Protected Attributes | |
$mBlackListedExtensions | |
$mDesiredDestName | |
$mDestName | |
$mFileProps | |
$mFileSize | |
$mFilteredName | |
$mFinalExtension | |
$mJavaDetected | |
$mLocalFile | |
$mRemoveTempFile | |
$mSourceType | |
$mStashFile | |
$mSVGNSError | |
string | $mTempPath |
Local file system path to the file to upload (or a local copy) | |
$mTitle = false | |
$mTitleError = 0 | |
TempFSFile null | $tempFileObj |
Wrapper to handle deleting the temp file. | |
Static Protected Attributes | |
static | $safeXmlEncodings |
Private Member Functions | |
checkAgainstArchiveDupes ( $hash) | |
checkAgainstExistingDupes ( $hash, $ignoreLocalDupes) | |
checkBadFileName ( $filename, $desiredFileName) | |
Check whether the resulting filename is different from the desired one, but ignore things like ucfirst() and spaces/underscore things. | |
checkFileSize ( $fileSize) | |
checkLocalFileExists (LocalFile $localFile, $hash) | |
checkLocalFileWasDeleted (LocalFile $localFile) | |
checkOverwrite ( $user) | |
Check if there's an overwrite conflict and, if so, if restrictions forbid this user from performing the upload. | |
checkUnwantedFileExtensions ( $fileExtension) | |
stripXmlNamespace ( $name) | |
Static Private Member Functions | |
static | checkCssFragment ( $value) |
Check a block of CSS or CSS fragment for anything that looks like it is bringing in remote code. | |
static | splitXmlNamespace ( $element) |
Divide the element name passed by the xml parser to the callback into URI and prifix. | |
Static Private Attributes | |
static | $uploadHandlers = [ 'Stash', 'File', 'Url' ] |
UploadBase and subclasses are the backend of MediaWiki's file uploads.
The frontends are formed by ApiUpload and SpecialUpload.
Definition at line 40 of file UploadBase.php.
UploadBase::__construct | ( | ) |
Definition at line 207 of file UploadBase.php.
|
private |
string | $hash | sha1 hash of the file to check |
Definition at line 818 of file UploadBase.php.
References File\DELETED_FILE.
Referenced by checkWarnings().
|
private |
string | $hash | sha1 hash of the file to check |
bool | $ignoreLocalDupes | True to ignore local duplicates |
Definition at line 796 of file UploadBase.php.
References and(), getTitle(), and RepoGroup\singleton().
Referenced by checkWarnings().
|
private |
Check whether the resulting filename is different from the desired one, but ignore things like ucfirst() and spaces/underscore things.
string | $filename | |
string | $desiredFileName |
Definition at line 699 of file UploadBase.php.
References and(), and NS_FILE.
Referenced by checkWarnings().
|
staticprivate |
Check a block of CSS or CSS fragment for anything that looks like it is bringing in remote code.
string | $value | a string of CSS |
bool | $propOnly | only check css properties (start regex with :) |
Definition at line 1764 of file UploadBase.php.
|
static |
Perform case-insensitive match against a list of file extensions.
Returns true if the extension is in the list.
string | $ext | |
array | $list |
Definition at line 1188 of file UploadBase.php.
Referenced by checkUnwantedFileExtensions(), getTitle(), and verifyMimeType().
|
static |
Perform case-insensitive match against a list of file extensions.
Returns an array of matching extensions.
string[] | $ext | |
string[] | $list |
Definition at line 1200 of file UploadBase.php.
Referenced by StreamFile\contentTypeFromPath(), and getTitle().
|
private |
int | $fileSize |
Definition at line 740 of file UploadBase.php.
References $wgUploadSizeWarning, and and().
Referenced by checkWarnings().
|
private |
LocalFile | $localFile | |
string | $hash | sha1 hash of the file to check |
Definition at line 762 of file UploadBase.php.
References and(), and getExistsWarning().
Referenced by checkWarnings().
|
private |
Definition at line 786 of file UploadBase.php.
Referenced by checkWarnings().
|
private |
Check if there's an overwrite conflict and, if so, if restrictions forbid this user from performing the upload.
User | $user |
Definition at line 1937 of file UploadBase.php.
Referenced by verifyTitlePermissions().
|
static |
Verify that DTD urls referenced are only the standard dtds.
Browsers seem to ignore external dtds. However just to be on the safe side, only allow dtds from the svg standard.
string | $type | PUBLIC or SYSTEM |
string | $publicId | The well-known public identifier for the dtd |
string | $systemId | The url for the external dtd |
Definition at line 1503 of file UploadBase.php.
|
static |
Callback to filter SVG Processing Instructions.
string | $target | Processing instruction name |
string | $data | Processing instruction attribute and value |
Definition at line 1483 of file UploadBase.php.
References and().
UploadBase::checkSvgScriptCallback | ( | $element, | |
$attribs, | |||
$data = null ) |
string | $element | |
array | $attribs | |
array | null | $data |
Definition at line 1530 of file UploadBase.php.
References $attribs, $data, $value, and(), list, splitXmlNamespace(), stripXmlNamespace(), and wfDebug().
|
private |
string | $fileExtension | The file extension to check |
Definition at line 718 of file UploadBase.php.
References $wgCheckFileExtensions, $wgFileExtensions, $wgLang, and(), and checkFileExtension().
Referenced by checkWarnings().
UploadBase::checkWarnings | ( | ) |
Check for non fatal problems with the file.
This should not assume that mTempPath is set.
Definition at line 642 of file UploadBase.php.
References and(), checkAgainstArchiveDupes(), checkAgainstExistingDupes(), checkBadFileName(), checkFileSize(), checkLocalFileExists(), checkLocalFileWasDeleted(), checkUnwantedFileExtensions(), getLocalFile(), and getTempFileSha1Base36().
|
static |
Check a whitelist of xml encodings that are known not to be interpreted differently by the server's xml parser (expat) and some common browsers.
string | $file | Pathname to the temporary upload file |
Definition at line 1393 of file UploadBase.php.
References $matches, $wgSVGMetadataCutoff, and(), and wfDebug().
Referenced by UploadBaseTest\testCheckXMLEncodingMissmatch().
UploadBase::cleanupTempFile | ( | ) |
If we've modified the upload file we need to manually remove it on exit to clean up.
Definition at line 1152 of file UploadBase.php.
References wfDebug().
UploadBase::convertVerifyErrorToStatus | ( | $error | ) |
array | $error |
Definition at line 2153 of file UploadBase.php.
References $code, and(), and getVerificationErrorCode().
|
static |
Create a form of UploadBase depending on wpSourceType and initializes it.
WebRequest | &$request | |
string | null | $type |
Definition at line 159 of file UploadBase.php.
References $handler, $request, $type, and(), and wfDebug().
Referenced by SpecialUpload\loadRequest().
|
static |
Heuristic for detecting files that could contain JavaScript instructions or things that may look like HTML to a browser and are thus potentially harmful.
The present implementation will produce false positives in some situations.
string | $file | Pathname to the temporary upload file |
string | $mime | The MIME type of the file |
string | $extension | The extension of the file |
Definition at line 1264 of file UploadBase.php.
References $wgAllowTitlesInSVG, and(), and wfDebug().
|
protected |
string | $filename | |
bool | $partial |
Reimplemented in UploadTestHandler.
Definition at line 1451 of file UploadBase.php.
References $mSVGNSError, and(), and false.
Referenced by verifyFile(), and verifyPartialFile().
|
static |
Generic wrapper function for a virus scanner program.
This relies on the $wgAntivirus and $wgAntivirusSetup variables. $wgAntivirusRequired may be used to deny upload if the scan fails.
string | $file | Pathname to the temporary upload file |
Definition at line 1843 of file UploadBase.php.
References $command, $output, $wgAntivirus, $wgAntivirusRequired, $wgAntivirusSetup, $wgOut, and(), AV_NO_VIRUS, AV_SCAN_ABORTED, AV_SCAN_FAILED, wfDebug(), wfMessage(), and wfShellExecWithStderr().
Referenced by verifyPartialFile().
Implementation for stashFile() and tryStashFile().
User | null | $user |
Reimplemented in UploadFromChunks.
Definition at line 1117 of file UploadBase.php.
References $file, getSourceType(), and RepoGroup\singleton().
Referenced by stashFile(), stashFileGetKey(), stashSession(), and tryStashFile().
UploadBase::fetchFile | ( | ) |
|
static |
Helper function that does various existence checks for a file.
The following checks are performed:
Definition at line 1994 of file UploadBase.php.
Referenced by checkLocalFileExists(), and ApiQueryImageInfo\getInfo().
|
static |
Get a list of blacklisted filename prefixes from [[MediaWiki:Filename-prefix-blacklist]].
Definition at line 2099 of file UploadBase.php.
References $line, $lines, and(), and wfMessage().
UploadBase::getFileSize | ( | ) |
Return the file size.
Definition at line 282 of file UploadBase.php.
References $mFileSize.
UploadBase::getImageInfo | ( | $result | ) |
Gets image info about the file just uploaded.
Also has the effect of setting metadata to be an 'indexed tag name' in returned API result if 'metadata' was requested. Oddly, we have to pass the "result" object down just so it can do that with the appropriate format, presumably.
ApiResult | $result |
Definition at line 2133 of file UploadBase.php.
References and(), ApiQueryImageInfo\getInfo(), getLocalFile(), ApiQueryImageInfo\getPropertyNames(), and getStashFile().
UploadBase::getLocalFile | ( | ) |
Return the local file and initializes if necessary.
Definition at line 1032 of file UploadBase.php.
References $mLocalFile, and(), getTitle(), null, and wfLocalFile().
Referenced by checkWarnings(), getImageInfo(), performUpload(), and validateName().
|
static |
Get the PHP maximum uploaded file size, based on ini settings.
If there is no limit or the limit can't be guessed, returns a very large number (PHP_INT_MAX).
Definition at line 2188 of file UploadBase.php.
References and(), and wfShorthandToInteger().
Referenced by UploadForm\getSourceSection().
|
static |
Get the MediaWiki maximum uploaded file size for given type of upload, based on $wgMaxUploadSize.
null | string | $forType |
Definition at line 2167 of file UploadBase.php.
References $wgMaxUploadSize, and and().
Referenced by UploadFromChunks\addChunk(), UploadForm\addUploadJS(), ApiQuerySiteinfo\appendGeneralInfo(), ApiUpload\execute(), ApiUpload\getAllowedParams(), UploadForm\getSourceSection(), and verifyUpload().
UploadBase::getRealPath | ( | $srcPath | ) |
string | $srcPath | The source path |
Definition at line 298 of file UploadBase.php.
References $path, and(), FileRepo\isVirtualUrl(), and RepoGroup\singleton().
Referenced by UploadFromChunks\continueChunks(), and UploadFromStash\initialize().
|
static |
Get the current status of a chunked upload (used for polling)
The value will be read from cache.
User | $user | |
string | $statusKey |
Definition at line 2209 of file UploadBase.php.
Referenced by ApiUpload\getChunkResult(), ApiUpload\performUpload(), and ApiUpload\selectUploadModule().
UploadBase::getSourceType | ( | ) |
Returns the upload type.
Should be overridden by child classes
Reimplemented in UploadFromFile, UploadFromStash, and UploadFromUrl.
Definition at line 216 of file UploadBase.php.
Referenced by doStashFile(), and verifyUpload().
UploadBase::getStashFile | ( | ) |
Definition at line 1044 of file UploadBase.php.
References $mStashFile.
Referenced by getImageInfo().
UploadBase::getTempFileSha1Base36 | ( | ) |
Get the base 36 SHA1 of the file.
Reimplemented in UploadFromStash.
Definition at line 290 of file UploadBase.php.
References FSFile\getSha1Base36FromPath().
Referenced by checkWarnings().
UploadBase::getTempPath | ( | ) |
Definition at line 1160 of file UploadBase.php.
References $mTempPath.
UploadBase::getTitle | ( | ) |
Returns the title of the file to be uploaded.
Sets mTitleError in case the name was illegal.
Definition at line 900 of file UploadBase.php.
References $ext, $mDesiredDestName, $mFinalExtension, $mTitle, $wgCheckFileExtensions, $wgFileBlacklist, $wgFileExtensions, $wgStrictFileExtensions, and(), checkFileExtension(), checkFileExtensionList(), FILENAME_TOO_LONG, FILETYPE_BADTYPE, FILETYPE_MISSING, ILLEGAL_FILENAME, list, MIN_LENGTH_PARTNAME, NS_FILE, RepoGroup\singleton(), splitExtensions(), wfStripIllegalFilenameChars(), and WINDOWS_NONASCII_FILENAME.
Referenced by checkAgainstExistingDupes(), getLocalFile(), SpamBlacklistHooks\onUploadVerifyUpload(), performUpload(), UploadTestHandler\testTitleValidation(), validateName(), verifyPartialFile(), and verifyTitlePermissions().
UploadBase::getVerificationErrorCode | ( | $error | ) |
int | $error |
Definition at line 88 of file UploadBase.php.
Referenced by UploadFromChunks\concatenateChunks(), and convertVerifyErrorToStatus().
|
abstract |
Initialize from a WebRequest.
Override this in a subclass.
WebRequest | &$request |
Reimplemented in UploadFromFile, UploadFromStash, UploadFromUrl, and UploadTestHandler.
UploadBase::initializePathInfo | ( | $name, | |
$tempPath, | |||
$fileSize, | |||
$removeTempFile = false ) |
Initialize the path information.
string | $name | The desired destination name |
string | $tempPath | The temporary path |
int | $fileSize | The file size |
bool | $removeTempFile | (false) remove the temporary file? |
MWException |
Definition at line 228 of file UploadBase.php.
References $name, and(), FileBackend\isStoragePath(), and setTempFile().
Referenced by UploadFromChunks\continueChunks(), UploadFromStash\initialize(), UploadFromUrl\initialize(), and UploadFromFile\initialize().
|
static |
Returns true if the user can use this upload module or else a string identifying the missing permission.
Can be overridden by subclasses.
User | $user |
Reimplemented in UploadFromUrl.
Definition at line 129 of file UploadBase.php.
Referenced by SkinTemplate\buildNavUrls(), and SpecialUpload\execute().
UploadBase::isEmptyFile | ( | ) |
Return true if the file is empty.
Definition at line 274 of file UploadBase.php.
Referenced by verifyUpload(), and UploadFromFile\verifyUpload().
|
static |
Returns true if uploads are enabled.
Can be override by subclasses.
Reimplemented in UploadFromUrl.
Definition at line 110 of file UploadBase.php.
References $wgEnableUploads, wfIniGetBool(), and wfIsHHVM().
Referenced by ApiQuerySiteinfo\appendGeneralInfo(), SkinTemplate\buildNavUrls(), SpecialUpload\execute(), ApiUpload\execute(), and SpecialUpload\userCanExecute().
|
static |
Returns true if the user has surpassed the upload rate limit, false otherwise.
User | $user |
Definition at line 145 of file UploadBase.php.
Referenced by ApiUpload\getContextResult(), and SpecialUpload\processUpload().
|
static |
Helper function that checks whether the filename looks like a thumbnail.
string | $filename |
Definition at line 2083 of file UploadBase.php.
References and().
|
static |
Check whether a request if valid for this handler.
WebRequest | $request |
Reimplemented in UploadFromFile, UploadFromStash, and UploadFromUrl.
Definition at line 203 of file UploadBase.php.
UploadBase::performUpload | ( | $comment, | |
$pageText, | |||
$watch, | |||
$user, | |||
$tags = [] ) |
Really perform the upload.
Stores the file in the local repo, watches if necessary and runs the UploadComplete hook.
string | $comment | |
string | $pageText | |
bool | $watch | Whether the file page should be added to user's watchlist. (This doesn't check $user's permissions.) |
User | $user | |
string[] | $tags | Change tags to add to the log entry and page revision. (This doesn't check $user's permissions.) |
Definition at line 844 of file UploadBase.php.
References $mFileProps, and(), File\DELETE_SOURCE, WatchAction\doWatch(), getLocalFile(), getTitle(), User\IGNORE_USER_RIGHTS, and postProcessUpload().
UploadBase::postProcessUpload | ( | ) |
Perform extra steps after a successful upload.
Reimplemented in UploadFromStash.
Definition at line 891 of file UploadBase.php.
Referenced by performUpload().
|
protected |
User | $user |
Definition at line 1078 of file UploadBase.php.
References $mFileProps, and and().
Referenced by UploadFromChunks\concatenateChunks(), and tryStashFile().
|
static |
Set the current status of a chunked upload (used for polling)
The value will be set in cache for 1 day
User | $user | |
string | $statusKey | |
array | bool | $value |
Definition at line 2226 of file UploadBase.php.
References $cache, $value, and and().
Referenced by ApiUpload\getChunkResult(), ApiUpload\performUpload(), AssembleUploadChunksJob\run(), and PublishStashedFileJob\run().
|
protected |
string | $tempPath | File system path to temporary file containing the upload |
int | null | $fileSize |
Definition at line 249 of file UploadBase.php.
References and().
Referenced by UploadFromChunks\concatenateChunks(), and initializePathInfo().
|
static |
Split a file into a base name and all dot-delimited 'extensions' on the end.
Some web server configurations will fall back to earlier pseudo-'extensions' to determine type and execute scripts, so the blacklist needs to check them all.
string | $filename |
Definition at line 1173 of file UploadBase.php.
References and().
Referenced by StreamFile\contentTypeFromPath(), and getTitle().
|
staticprivate |
Divide the element name passed by the xml parser to the callback into URI and prifix.
string | $element |
Definition at line 1813 of file UploadBase.php.
Referenced by checkSvgScriptCallback().
If the user does not supply all necessary information in the first upload form submission (either by accident or by design) then we may want to stash the file temporarily, get more information, and publish the file later.
This method will stash a file in a temporary directory for later processing, and save the necessary descriptive info into the database. This method returns the file object, which also has a 'fileKey' property which can be passed through a form or API request to find this stashed file again.
User | null | $user |
Reimplemented in UploadFromChunks.
Definition at line 1107 of file UploadBase.php.
References doStashFile().
UploadBase::stashFileGetKey | ( | ) |
Stash a file in a temporary directory, returning a key which can be used to find the file again.
See stashFile().
Reimplemented in UploadFromChunks.
Definition at line 1132 of file UploadBase.php.
References doStashFile(), and wfDeprecated().
UploadBase::stashSession | ( | ) |
alias for stashFileGetKey, for backwards compatibility
Reimplemented in UploadFromChunks.
Definition at line 1143 of file UploadBase.php.
References doStashFile(), and wfDeprecated().
|
private |
string | $name |
Definition at line 1826 of file UploadBase.php.
References and().
Referenced by checkSvgScriptCallback().
UploadBase::tryStashFile | ( | User | $user, |
$isPartial = false ) |
Like stashFile(), but respects extensions' wishes to prevent the stashing.
verifyUpload() must be called before calling this method (unless $isPartial is true).
Upload stash exceptions are also caught and converted to an error status.
User | $user | |
bool | $isPartial | Pass true if this is a part of a chunked upload (not a complete file). |
Reimplemented in UploadFromChunks.
Definition at line 1059 of file UploadBase.php.
References $e, and(), doStashFile(), and runUploadStashFileHook().
Check if a user is the last uploader.
Definition at line 1967 of file UploadBase.php.
Referenced by ImagePage\uploadLinksBox().
UploadBase::validateName | ( | ) |
Verify that the name is valid and, if necessary, that we can overwrite.
Definition at line 376 of file UploadBase.php.
References $mBlackListedExtensions, $mFilteredName, $mFinalExtension, $mTitleError, $result, and(), getLocalFile(), and getTitle().
Referenced by verifyUpload().
|
static |
Checks if the MIME type of the uploaded file matches the file extension.
string | $mime | The MIME type of the uploaded file |
string | $extension | The filename extension that the file is to be served with |
Definition at line 1211 of file UploadBase.php.
References and(), and wfDebug().
Referenced by verifyFile().
|
protected |
Verifies that it's ok to include the uploaded file.
Definition at line 438 of file UploadBase.php.
References $handler, $mFinalExtension, $wgDisableUploadScriptChecks, $wgVerifyMimeType, and(), detectScriptInSvg(), MediaHandler\getHandler(), verifyExtension(), verifyPartialFile(), and wfDebug().
Referenced by verifyUpload().
|
protected |
Verify the MIME type.
verifyFile()
that MIME type and file extension correlate. string | $mime | Representing the MIME |
Definition at line 406 of file UploadBase.php.
References $wgMimeTypeBlacklist, $wgVerifyMimeType, and(), checkFileExtension(), and wfDebug().
Referenced by verifyPartialFile().
|
protected |
A verification routine suitable for partial files.
Runs the blacklist checks, but not any checks that may assume the entire file is present.
Definition at line 499 of file UploadBase.php.
References $wgAllowJavaUploads, $wgDisableUploadScriptChecks, and(), detectScriptInSvg(), detectVirus(), getTitle(), ZipDirectoryReader\read(), and verifyMimeType().
Referenced by UploadFromChunks\verifyChunk(), and verifyFile().
UploadBase::verifyPermissions | ( | $user | ) |
Alias for verifyTitlePermissions.
The function was originally 'verifyPermissions', but that suggests it's checking the user, when it's really checking the title + user combination.
Definition at line 589 of file UploadBase.php.
References verifyTitlePermissions().
UploadBase::verifyTitlePermissions | ( | $user | ) |
Check whether the user can edit, upload and create the image.
This checks only against the current title; if it returns errors, it may very well be that another title will not give errors. Therefore isAllowed() should be called as well for generic is-user-blocked or can-user-upload checking.
Definition at line 604 of file UploadBase.php.
References and(), checkOverwrite(), getTitle(), and wfArrayDiff2().
Referenced by verifyPermissions().
UploadBase::verifyUpload | ( | ) |
Verify whether the upload is sane.
Reimplemented in UploadFromFile.
Definition at line 320 of file UploadBase.php.
References $result, and(), EMPTY_FILE, FILE_TOO_LARGE, getMaxUploadSize(), getSourceType(), HOOK_ABORTED, isEmptyFile(), OK, validateName(), VERIFICATION_ERROR, and verifyFile().
UploadBase::zipEntryCallback | ( | $entry | ) |
Callback for ZipDirectoryReader to detect Java class files.
array | $entry |
Definition at line 560 of file UploadBase.php.
References and().
|
protected |
Definition at line 50 of file UploadBase.php.
Referenced by validateName().
|
protected |
Definition at line 46 of file UploadBase.php.
Referenced by getTitle(), and UploadFromChunks\verifyChunk().
|
protected |
Definition at line 46 of file UploadBase.php.
|
protected |
Definition at line 49 of file UploadBase.php.
Referenced by performUpload(), and runUploadStashFileHook().
|
protected |
Definition at line 49 of file UploadBase.php.
Referenced by getFileSize().
|
protected |
Definition at line 48 of file UploadBase.php.
Referenced by validateName().
|
protected |
Definition at line 48 of file UploadBase.php.
Referenced by getTitle(), validateName(), and verifyFile().
|
protected |
Definition at line 51 of file UploadBase.php.
|
protected |
Definition at line 49 of file UploadBase.php.
Referenced by getLocalFile().
|
protected |
Definition at line 46 of file UploadBase.php.
|
protected |
Definition at line 46 of file UploadBase.php.
|
protected |
Definition at line 49 of file UploadBase.php.
Referenced by UploadFromChunks\doStashFile(), and getStashFile().
|
protected |
Definition at line 51 of file UploadBase.php.
Referenced by detectScriptInSvg().
|
protected |
Local file system path to the file to upload (or a local copy)
Definition at line 42 of file UploadBase.php.
Referenced by UploadFromChunks\addChunk(), and getTempPath().
|
protected |
Definition at line 47 of file UploadBase.php.
Referenced by getTitle().
|
protected |
Definition at line 47 of file UploadBase.php.
Referenced by UploadTestHandler\testTitleValidation(), and validateName().
|
staticprotected |
Definition at line 53 of file UploadBase.php.
|
protected |
Wrapper to handle deleting the temp file.
Definition at line 44 of file UploadBase.php.
|
staticprivate |
Definition at line 150 of file UploadBase.php.
const UploadBase::EMPTY_FILE = 3 |
Definition at line 72 of file UploadBase.php.
Referenced by ApiUpload\checkVerification(), SpecialUpload\processVerificationError(), UploadBaseTest\testVerifyUpload(), and verifyUpload().
const UploadBase::FILE_TOO_LARGE = 12 |
Definition at line 80 of file UploadBase.php.
Referenced by ApiUpload\checkVerification(), SpecialUpload\processVerificationError(), verifyUpload(), and UploadFromFile\verifyUpload().
const UploadBase::FILENAME_TOO_LONG = 14 |
Definition at line 82 of file UploadBase.php.
Referenced by ApiUpload\checkVerification(), getTitle(), SpecialUpload\processVerificationError(), and UploadBaseTest\provideTestTitleValidation().
const UploadBase::FILETYPE_BADTYPE = 9 |
Definition at line 77 of file UploadBase.php.
Referenced by ApiUpload\checkVerification(), getTitle(), and SpecialUpload\processVerificationError().
const UploadBase::FILETYPE_MISSING = 8 |
Definition at line 76 of file UploadBase.php.
Referenced by ApiUpload\checkVerification(), getTitle(), SpecialUpload\processVerificationError(), and UploadBaseTest\provideTestTitleValidation().
const UploadBase::HOOK_ABORTED = 11 |
Definition at line 79 of file UploadBase.php.
Referenced by ApiUpload\checkVerification(), SpecialUpload\processVerificationError(), and verifyUpload().
const UploadBase::ILLEGAL_FILENAME = 5 |
Definition at line 74 of file UploadBase.php.
Referenced by ApiUpload\checkVerification(), getTitle(), SpecialUpload\processVerificationError(), and UploadBaseTest\provideTestTitleValidation().
const UploadBase::MIN_LENGTH_PARTNAME = 4 |
Definition at line 73 of file UploadBase.php.
Referenced by ApiUpload\checkVerification(), getTitle(), SpecialUpload\processVerificationError(), and UploadBaseTest\provideTestTitleValidation().
const UploadBase::OK = 0 |
Definition at line 71 of file UploadBase.php.
Referenced by UploadFromChunks\concatenateChunks(), SpecialUpload\processUpload(), UploadBaseTest\provideTestTitleValidation(), PublishStashedFileJob\run(), UploadBaseTest\testMaxUploadSize(), UploadTestHandler\testTitleValidation(), UploadBaseTest\testTitleValidation(), ApiUpload\verifyUpload(), and verifyUpload().
const UploadBase::OVERWRITE_EXISTING_FILE = 7 |
Definition at line 75 of file UploadBase.php.
const UploadBase::SUCCESS = 0 |
Definition at line 70 of file UploadBase.php.
const UploadBase::VERIFICATION_ERROR = 10 |
Definition at line 78 of file UploadBase.php.
Referenced by ApiUpload\checkVerification(), SpecialUpload\processVerificationError(), and verifyUpload().
const UploadBase::WINDOWS_NONASCII_FILENAME = 13 |
Definition at line 81 of file UploadBase.php.
Referenced by ApiUpload\checkVerification(), getTitle(), and SpecialUpload\processVerificationError().