1 | <cfsetting enablecfoutputonly="Yes">
|
---|
2 | <!---
|
---|
3 | * FCKeditor - The text editor for Internet - http://www.fckeditor.net
|
---|
4 | * Copyright (C) 2003-2009 Frederico Caldeira Knabben
|
---|
5 | *
|
---|
6 | * == BEGIN LICENSE ==
|
---|
7 | *
|
---|
8 | * Licensed under the terms of any of the following licenses at your
|
---|
9 | * choice:
|
---|
10 | *
|
---|
11 | * - GNU General Public License Version 2 or later (the "GPL")
|
---|
12 | * http://www.gnu.org/licenses/gpl.html
|
---|
13 | *
|
---|
14 | * - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
|
---|
15 | * http://www.gnu.org/licenses/lgpl.html
|
---|
16 | *
|
---|
17 | * - Mozilla Public License Version 1.1 or later (the "MPL")
|
---|
18 | * http://www.mozilla.org/MPL/MPL-1.1.html
|
---|
19 | *
|
---|
20 | * == END LICENSE ==
|
---|
21 | *
|
---|
22 | * This file include generic functions used by the ColdFusion Connector (MX 6.0 and above).
|
---|
23 | --->
|
---|
24 |
|
---|
25 | <cffunction name="RemoveFromStart" output="false" returntype="String">
|
---|
26 | <cfargument name="sourceString" type="String">
|
---|
27 | <cfargument name="charToRemove" type="String">
|
---|
28 |
|
---|
29 | <cfif left(ARGUMENTS.sourceString, 1) eq ARGUMENTS.charToRemove>
|
---|
30 | <cfreturn mid( ARGUMENTS.sourceString, 2, len(ARGUMENTS.sourceString) -1 )>
|
---|
31 | </cfif>
|
---|
32 |
|
---|
33 | <cfreturn ARGUMENTS.sourceString>
|
---|
34 | </cffunction>
|
---|
35 |
|
---|
36 | <cffunction name="RemoveFromEnd" output="false" returntype="String">
|
---|
37 | <cfargument name="sourceString" type="String">
|
---|
38 | <cfargument name="charToRemove" type="String">
|
---|
39 |
|
---|
40 | <cfif right(ARGUMENTS.sourceString, 1) eq ARGUMENTS.charToRemove>
|
---|
41 | <cfreturn mid( ARGUMENTS.sourceString, 1, len(ARGUMENTS.sourceString) -1 )>
|
---|
42 | </cfif>
|
---|
43 |
|
---|
44 | <cfreturn ARGUMENTS.sourceString>
|
---|
45 | </cffunction>
|
---|
46 |
|
---|
47 | <!---
|
---|
48 | Check file content.
|
---|
49 | Currently this function validates only image files.
|
---|
50 | Returns false if file is invalid.
|
---|
51 | detectionLevel:
|
---|
52 | 0 = none
|
---|
53 | 1 = check image size for images,
|
---|
54 | 2 = use DetectHtml for images
|
---|
55 | ---->
|
---|
56 | <cffunction name="IsImageValid" returntype="boolean" output="true">
|
---|
57 | <cfargument name="filePath" required="true" type="String">
|
---|
58 | <cfargument name="extension" required="true" type="String">
|
---|
59 |
|
---|
60 | <cfset var imageCFC = "">
|
---|
61 | <cfset var imageInfo = "">
|
---|
62 |
|
---|
63 | <cfif not ListFindNoCase("gif,jpeg,jpg,png,swf,psd,bmp,iff,tiff,tif,swc,jpc,jp2,jpx,jb2,xmb,wbmp", ARGUMENTS.extension)>
|
---|
64 | <cfreturn true>
|
---|
65 | </cfif>
|
---|
66 |
|
---|
67 | <cftry>
|
---|
68 | <cfif REQUEST.CFVersion gte 8>
|
---|
69 | <cfset objImage = ImageRead(ARGUMENTS.filePath) >
|
---|
70 | <cfset imageInfo = ImageInfo(objImage)>
|
---|
71 | <!--- <cfimage action="info" source="#ARGUMENTS.filePath#" structName="imageInfo" /> --->
|
---|
72 | <cfelse>
|
---|
73 | <cfset imageCFC = createObject("component", "image")>
|
---|
74 | <cfset imageInfo = imageCFC.getImageInfo("", ARGUMENTS.filePath)>
|
---|
75 | </cfif>
|
---|
76 |
|
---|
77 | <cfif imageInfo.height lte 0 or imageInfo.width lte 0>
|
---|
78 | <cfreturn false>
|
---|
79 | </cfif>
|
---|
80 | <cfcatch type="any">
|
---|
81 | <cfreturn false>
|
---|
82 | </cfcatch>
|
---|
83 | </cftry>
|
---|
84 |
|
---|
85 | <cfreturn true>
|
---|
86 | </cffunction>
|
---|
87 |
|
---|
88 | <!---
|
---|
89 | Detect HTML in the first KB to prevent against potential security issue with
|
---|
90 | IE/Safari/Opera file type auto detection bug.
|
---|
91 | Returns true if file contain insecure HTML code at the beginning.
|
---|
92 | --->
|
---|
93 | <cffunction name="DetectHtml" output="false" returntype="boolean">
|
---|
94 | <cfargument name="filePath" required="true" type="String">
|
---|
95 |
|
---|
96 | <cfset var tags = "<body,<head,<html,<img,<pre,<script,<table,<title">
|
---|
97 | <cfset var chunk = lcase( Trim( BinaryFileRead( ARGUMENTS.filePath, 1024 ) ) )>
|
---|
98 |
|
---|
99 | <cfif not Len(chunk)>
|
---|
100 | <cfreturn false>
|
---|
101 | </cfif>
|
---|
102 |
|
---|
103 | <cfif refind('<!doctype\W*x?html', chunk)>
|
---|
104 | <cfreturn true>
|
---|
105 | </cfif>
|
---|
106 |
|
---|
107 | <cfloop index = "tag" list = "#tags#">
|
---|
108 | <cfif find( tag, chunk )>
|
---|
109 | <cfreturn true>
|
---|
110 | </cfif>
|
---|
111 | </cfloop>
|
---|
112 |
|
---|
113 | <!--- type = javascript --->
|
---|
114 | <cfif refind('type\s*=\s*[''"]?\s*(?:\w*/)?(?:ecma|java)', chunk)>
|
---|
115 | <cfreturn true>
|
---|
116 | </cfif> >
|
---|
117 |
|
---|
118 | <!--- href = javascript --->
|
---|
119 | <!--- src = javascript --->
|
---|
120 | <!--- data = javascript --->
|
---|
121 | <cfif refind('(?:href|src|data)\s*=\s*[\''"]?\s*(?:ecma|java)script:', chunk)>
|
---|
122 | <cfreturn true>
|
---|
123 | </cfif>
|
---|
124 |
|
---|
125 | <!--- url(javascript --->
|
---|
126 | <cfif refind('url\s*\(\s*[\''"]?\s*(?:ecma|java)script:', chunk)>
|
---|
127 | <cfreturn true>
|
---|
128 | </cfif>
|
---|
129 |
|
---|
130 | <cfreturn false>
|
---|
131 | </cffunction>
|
---|