source: sandbox/filemanager/tp/fckeditor/editor/filemanager/connectors/cfm/cf_util.cfm @ 1575

Revision 1575, 3.9 KB checked in by amuller, 14 years ago (diff)

Ticket #597 - Implentação, melhorias do modulo gerenciador de arquivos
  • Property svn:executable set to *
Line 
1<cfsetting enablecfoutputonly="Yes">
2<!---
3 * FCKeditor - The text editor for Internet - http://www.fckeditor.net
4 * Copyright (C) 2003-2009 Frederico Caldeira Knabben
5 *
6 * == BEGIN LICENSE ==
7 *
8 * Licensed under the terms of any of the following licenses at your
9 * choice:
10 *
11 *  - GNU General Public License Version 2 or later (the "GPL")
12 *    http://www.gnu.org/licenses/gpl.html
13 *
14 *  - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
15 *    http://www.gnu.org/licenses/lgpl.html
16 *
17 *  - Mozilla Public License Version 1.1 or later (the "MPL")
18 *    http://www.mozilla.org/MPL/MPL-1.1.html
19 *
20 * == END LICENSE ==
21 *
22 * This file include generic functions used by the ColdFusion Connector (MX 6.0 and above).
23--->
24
25<cffunction name="RemoveFromStart" output="false" returntype="String">
26        <cfargument name="sourceString" type="String">
27        <cfargument name="charToRemove" type="String">
28
29        <cfif left(ARGUMENTS.sourceString, 1) eq ARGUMENTS.charToRemove>
30                <cfreturn mid( ARGUMENTS.sourceString, 2, len(ARGUMENTS.sourceString) -1 )>
31        </cfif>
32
33        <cfreturn ARGUMENTS.sourceString>
34</cffunction>
35
36<cffunction name="RemoveFromEnd" output="false" returntype="String">
37        <cfargument name="sourceString" type="String">
38        <cfargument name="charToRemove" type="String">
39
40        <cfif right(ARGUMENTS.sourceString, 1) eq ARGUMENTS.charToRemove>
41                <cfreturn mid( ARGUMENTS.sourceString, 1, len(ARGUMENTS.sourceString) -1 )>
42        </cfif>
43
44        <cfreturn ARGUMENTS.sourceString>
45</cffunction>
46
47<!---
48Check file content.
49Currently this function validates only image files.
50Returns false if file is invalid.
51detectionLevel:
52        0 = none
53        1 = check image size for images,
54        2 = use DetectHtml for images
55---->
56<cffunction name="IsImageValid" returntype="boolean" output="true">
57        <cfargument name="filePath" required="true" type="String">
58        <cfargument name="extension" required="true" type="String">
59
60        <cfset var imageCFC = "">
61        <cfset var imageInfo = "">
62
63        <cfif not ListFindNoCase("gif,jpeg,jpg,png,swf,psd,bmp,iff,tiff,tif,swc,jpc,jp2,jpx,jb2,xmb,wbmp", ARGUMENTS.extension)>
64                <cfreturn true>
65        </cfif>
66
67        <cftry>
68                <cfif REQUEST.CFVersion gte 8>
69                        <cfset objImage = ImageRead(ARGUMENTS.filePath) >
70                        <cfset imageInfo = ImageInfo(objImage)>
71                        <!--- <cfimage action="info" source="#ARGUMENTS.filePath#" structName="imageInfo" /> --->
72                <cfelse>
73                        <cfset imageCFC = createObject("component", "image")>
74                        <cfset imageInfo = imageCFC.getImageInfo("", ARGUMENTS.filePath)>
75                </cfif>
76
77                <cfif imageInfo.height lte 0 or imageInfo.width lte 0>
78                        <cfreturn false>
79                </cfif>
80        <cfcatch type="any">
81                <cfreturn false>
82        </cfcatch>
83        </cftry>
84
85        <cfreturn true>
86</cffunction>
87
88<!---
89 Detect HTML in the first KB to prevent against potential security issue with
90 IE/Safari/Opera file type auto detection bug.
91 Returns true if file contain insecure HTML code at the beginning.
92--->
93<cffunction name="DetectHtml" output="false" returntype="boolean">
94        <cfargument name="filePath" required="true" type="String">
95
96        <cfset var tags = "<body,<head,<html,<img,<pre,<script,<table,<title">
97        <cfset var chunk = lcase( Trim( BinaryFileRead( ARGUMENTS.filePath, 1024 ) ) )>
98
99        <cfif not Len(chunk)>
100                <cfreturn false>
101        </cfif>
102
103        <cfif refind('<!doctype\W*x?html', chunk)>
104                <cfreturn true>
105        </cfif>
106
107        <cfloop index = "tag" list = "#tags#">
108        <cfif find( tag, chunk )>
109                        <cfreturn true>
110                </cfif>
111        </cfloop>
112
113        <!--- type = javascript --->
114        <cfif refind('type\s*=\s*[''"]?\s*(?:\w*/)?(?:ecma|java)', chunk)>
115                <cfreturn true>
116        </cfif> >
117
118        <!--- href = javascript --->
119        <!--- src = javascript --->
120        <!--- data = javascript --->
121        <cfif refind('(?:href|src|data)\s*=\s*[\''"]?\s*(?:ecma|java)script:', chunk)>
122                <cfreturn true>
123        </cfif>
124
125        <!--- url(javascript --->
126        <cfif refind('url\s*\(\s*[\''"]?\s*(?:ecma|java)script:', chunk)>
127                <cfreturn true>
128        </cfif>
129
130        <cfreturn false>
131</cffunction>
Note: See TracBrowser for help on using the repository browser.