Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
Merge branch 'fix-ajaxupload-and-refactor' into doryphore
- Loading branch information
Showing
10 changed files
with
223 additions
and
113 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,89 @@ | ||
<?php | ||
|
||
namespace YesWiki\Attach; | ||
|
||
use Attach; | ||
use qqFileUploader; | ||
use YesWiki\Core\Service\AclService; | ||
use YesWiki\Core\Service\DbService; | ||
use YesWiki\Core\Service\PageManager; | ||
use YesWiki\Core\YesWikiHandler; | ||
use YesWiki\Security\Controller\SecurityController; | ||
|
||
class AjaxUploadHandler extends YesWikiHandler | ||
{ | ||
private $hasTempTag; | ||
|
||
public function run() | ||
{ | ||
if ($this->getService(SecurityController::class)->isWikiHibernated()) { | ||
throw new \Exception(_t('WIKI_IN_HIBERNATION')); | ||
}; | ||
|
||
if (!$this->hasAccesUpload($_GET)) { | ||
return $this->formatOuput(['error' => _t('NO_RIGHT_TO_WRITE_IN_THIS_PAGE')]); | ||
} | ||
|
||
// load classes | ||
require_once 'tools/attach/libs/qq.lib.php'; | ||
|
||
if (!class_exists('attach')) { | ||
include_once 'tools/attach/libs/attach.lib.php'; | ||
} | ||
$errorsMessage = ''; | ||
ob_start(); | ||
try { | ||
$att = new attach($this->wiki); | ||
|
||
// list of valid extensions, ex. array("jpeg", "xml", "bmp") | ||
$allowedExtensions = array_keys($this->params->get('authorized-extensions')); | ||
|
||
// max file size in bytes | ||
$sizeLimit = $att->attachConfig['max_file_size']; | ||
|
||
$uploader = new qqFileUploader($allowedExtensions, $sizeLimit, $this->hasTempTag); | ||
$result = $uploader->handleUpload($att->attachConfig['upload_path']); | ||
} catch (\Throwable $th) { | ||
$errorsMessage .= "{$th->getMessage()} in {$th->getFile()}, line {$th->getLine()}"; | ||
} | ||
$errorsMessage .= ob_get_contents(); | ||
ob_end_clean(); | ||
if (!empty($errorsMessage)) { | ||
$result['error'] = ($result['error'] ?? '').$errorsMessage; | ||
} | ||
return $this->formatOuput($result); | ||
} | ||
|
||
private function hasAccesUpload(array $get): bool | ||
{ | ||
$tag = $this->wiki->getPageTag(); | ||
if (empty(trim($tag))) { | ||
return false; | ||
} | ||
|
||
$this->hasTempTag = ( | ||
isset($get['tempTag']) | ||
&& preg_match("/^{$this->params->get('temp_tag_for_entry_creation')}_[A-Fa-f0-9]+$/m", $get['tempTag']) | ||
); | ||
$page = $this->getService(PageManager::class)->getOne($tag); | ||
$aclService = $this->getService(AclService::class); | ||
|
||
return (( | ||
empty($page) // new page | ||
&& $aclService->hasAccess('write', $tag) // default rights to write | ||
) || ( | ||
!empty($page) // existing page | ||
&& $aclService->hasAccess('write', $tag) | ||
) || ( | ||
!empty($page) // existing page | ||
&& $aclService->hasAccess('read', $tag) // page with cration of entries | ||
&& $this->hasTempTag | ||
) | ||
); | ||
} | ||
|
||
private function formatOuput(array $ouput): string | ||
{ | ||
return htmlspecialchars(json_encode($ouput), ENT_NOQUOTES, YW_CHARSET); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,11 @@ | ||
<?php | ||
$this->AddJavascriptFile('tools/attach/libs/fileuploader.js'); | ||
|
||
use Symfony\Component\DependencyInjection\ParameterBag\ParameterBagInterface; | ||
use YesWiki\Core\Service\AssetsManager; | ||
|
||
$this->services->get(AssetsManager::class)->AddJavascript( | ||
"var fileUploaderConfig = {attach_config:{ext_images:" | ||
.json_encode(explode("|", $this->services->get(ParameterBagInterface::class)->get("attach_config")["ext_images"])) | ||
."}};" | ||
); | ||
$this->services->get(AssetsManager::class)->AddJavascriptFile('tools/attach/libs/fileuploader.js'); |
Oops, something went wrong.