[5146] | 1 | <?php |
---|
| 2 | /** |
---|
| 3 | * Zend Framework |
---|
| 4 | * |
---|
| 5 | * LICENSE |
---|
| 6 | * |
---|
| 7 | * This source file is subject to the new BSD license that is bundled |
---|
| 8 | * with this package in the file LICENSE.txt. |
---|
| 9 | * It is also available through the world-wide-web at this URL: |
---|
| 10 | * http://framework.zend.com/license/new-bsd |
---|
| 11 | * If you did not receive a copy of the license and are unable to |
---|
| 12 | * obtain it through the world-wide-web, please send an email |
---|
| 13 | * to license@zend.com so we can send you a copy immediately. |
---|
| 14 | * |
---|
| 15 | * @category Zend |
---|
| 16 | * @package Zend_Validate |
---|
| 17 | * @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com) |
---|
| 18 | * @license http://framework.zend.com/license/new-bsd New BSD License |
---|
| 19 | * @version $Id: MimeType.php 22832 2010-08-12 18:02:41Z thomas $ |
---|
| 20 | */ |
---|
| 21 | |
---|
| 22 | /** |
---|
| 23 | * @see Zend_Validate_Abstract |
---|
| 24 | */ |
---|
| 25 | require_once 'Zend/Validate/Abstract.php'; |
---|
| 26 | |
---|
| 27 | /** |
---|
| 28 | * Validator for the mime type of a file |
---|
| 29 | * |
---|
| 30 | * @category Zend |
---|
| 31 | * @package Zend_Validate |
---|
| 32 | * @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com) |
---|
| 33 | * @license http://framework.zend.com/license/new-bsd New BSD License |
---|
| 34 | */ |
---|
| 35 | class Zend_Validate_File_MimeType extends Zend_Validate_Abstract |
---|
| 36 | { |
---|
| 37 | /**#@+ |
---|
| 38 | * @const Error type constants |
---|
| 39 | */ |
---|
| 40 | const FALSE_TYPE = 'fileMimeTypeFalse'; |
---|
| 41 | const NOT_DETECTED = 'fileMimeTypeNotDetected'; |
---|
| 42 | const NOT_READABLE = 'fileMimeTypeNotReadable'; |
---|
| 43 | /**#@-*/ |
---|
| 44 | |
---|
| 45 | /** |
---|
| 46 | * @var array Error message templates |
---|
| 47 | */ |
---|
| 48 | protected $_messageTemplates = array( |
---|
| 49 | self::FALSE_TYPE => "File '%value%' has a false mimetype of '%type%'", |
---|
| 50 | self::NOT_DETECTED => "The mimetype of file '%value%' could not be detected", |
---|
| 51 | self::NOT_READABLE => "File '%value%' is not readable or does not exist", |
---|
| 52 | ); |
---|
| 53 | |
---|
| 54 | /** |
---|
| 55 | * @var array |
---|
| 56 | */ |
---|
| 57 | protected $_messageVariables = array( |
---|
| 58 | 'type' => '_type' |
---|
| 59 | ); |
---|
| 60 | |
---|
| 61 | /** |
---|
| 62 | * @var string |
---|
| 63 | */ |
---|
| 64 | protected $_type; |
---|
| 65 | |
---|
| 66 | /** |
---|
| 67 | * Mimetypes |
---|
| 68 | * |
---|
| 69 | * If null, there is no mimetype |
---|
| 70 | * |
---|
| 71 | * @var string|null |
---|
| 72 | */ |
---|
| 73 | protected $_mimetype; |
---|
| 74 | |
---|
| 75 | /** |
---|
| 76 | * Magicfile to use |
---|
| 77 | * |
---|
| 78 | * @var string|null |
---|
| 79 | */ |
---|
| 80 | protected $_magicfile; |
---|
| 81 | |
---|
| 82 | /** |
---|
| 83 | * Finfo object to use |
---|
| 84 | * |
---|
| 85 | * @var resource |
---|
| 86 | */ |
---|
| 87 | protected $_finfo; |
---|
| 88 | |
---|
| 89 | /** |
---|
| 90 | * If no $_ENV['MAGIC'] is set, try and autodiscover it based on common locations |
---|
| 91 | * @var array |
---|
| 92 | */ |
---|
| 93 | protected $_magicFiles = array( |
---|
| 94 | '/usr/share/misc/magic', |
---|
| 95 | '/usr/share/misc/magic.mime', |
---|
| 96 | '/usr/share/misc/magic.mgc', |
---|
| 97 | '/usr/share/mime/magic', |
---|
| 98 | '/usr/share/mime/magic.mime', |
---|
| 99 | '/usr/share/mime/magic.mgc', |
---|
| 100 | '/usr/share/file/magic', |
---|
| 101 | '/usr/share/file/magic.mime', |
---|
| 102 | '/usr/share/file/magic.mgc', |
---|
| 103 | ); |
---|
| 104 | |
---|
| 105 | /** |
---|
| 106 | * Option to allow header check |
---|
| 107 | * |
---|
| 108 | * @var boolean |
---|
| 109 | */ |
---|
| 110 | protected $_headerCheck = false; |
---|
| 111 | |
---|
| 112 | /** |
---|
| 113 | * Sets validator options |
---|
| 114 | * |
---|
| 115 | * Mimetype to accept |
---|
| 116 | * |
---|
| 117 | * @param string|array $mimetype MimeType |
---|
| 118 | * @return void |
---|
| 119 | */ |
---|
| 120 | public function __construct($mimetype) |
---|
| 121 | { |
---|
| 122 | if ($mimetype instanceof Zend_Config) { |
---|
| 123 | $mimetype = $mimetype->toArray(); |
---|
| 124 | } elseif (is_string($mimetype)) { |
---|
| 125 | $mimetype = explode(',', $mimetype); |
---|
| 126 | } elseif (!is_array($mimetype)) { |
---|
| 127 | require_once 'Zend/Validate/Exception.php'; |
---|
| 128 | throw new Zend_Validate_Exception("Invalid options to validator provided"); |
---|
| 129 | } |
---|
| 130 | |
---|
| 131 | if (isset($mimetype['magicfile'])) { |
---|
| 132 | $this->setMagicFile($mimetype['magicfile']); |
---|
| 133 | unset($mimetype['magicfile']); |
---|
| 134 | } |
---|
| 135 | |
---|
| 136 | if (isset($mimetype['headerCheck'])) { |
---|
| 137 | $this->enableHeaderCheck($mimetype['headerCheck']); |
---|
| 138 | unset($mimetype['headerCheck']); |
---|
| 139 | } |
---|
| 140 | |
---|
| 141 | $this->setMimeType($mimetype); |
---|
| 142 | } |
---|
| 143 | |
---|
| 144 | /** |
---|
| 145 | * Returns the actual set magicfile |
---|
| 146 | * |
---|
| 147 | * @return string |
---|
| 148 | */ |
---|
| 149 | public function getMagicFile() |
---|
| 150 | { |
---|
| 151 | if (null === $this->_magicfile) { |
---|
| 152 | if (!empty($_ENV['MAGIC'])) { |
---|
| 153 | $this->setMagicFile($_ENV['MAGIC']); |
---|
| 154 | } elseif (!(@ini_get("safe_mode") == 'On' || @ini_get("safe_mode") === 1)) { |
---|
| 155 | require_once 'Zend/Validate/Exception.php'; |
---|
| 156 | foreach ($this->_magicFiles as $file) { |
---|
| 157 | // supressing errors which are thrown due to openbase_dir restrictions |
---|
| 158 | try { |
---|
| 159 | $this->setMagicFile($file); |
---|
| 160 | if ($this->_magicfile !== null) { |
---|
| 161 | break; |
---|
| 162 | } |
---|
| 163 | } catch (Zend_Validate_Exception $e) { |
---|
| 164 | // Intentionally, catch and fall through |
---|
| 165 | } |
---|
| 166 | } |
---|
| 167 | } |
---|
| 168 | |
---|
| 169 | if ($this->_magicfile === null) { |
---|
| 170 | $this->_magicfile = false; |
---|
| 171 | } |
---|
| 172 | } |
---|
| 173 | |
---|
| 174 | return $this->_magicfile; |
---|
| 175 | } |
---|
| 176 | |
---|
| 177 | /** |
---|
| 178 | * Sets the magicfile to use |
---|
| 179 | * if null, the MAGIC constant from php is used |
---|
| 180 | * if the MAGIC file is errorous, no file will be set |
---|
| 181 | * |
---|
| 182 | * @param string $file |
---|
| 183 | * @throws Zend_Validate_Exception When finfo can not read the magicfile |
---|
| 184 | * @return Zend_Validate_File_MimeType Provides fluid interface |
---|
| 185 | */ |
---|
| 186 | public function setMagicFile($file) |
---|
| 187 | { |
---|
| 188 | if (empty($file)) { |
---|
| 189 | $this->_magicfile = null; |
---|
| 190 | } else if (!(class_exists('finfo', false))) { |
---|
| 191 | $this->_magicfile = null; |
---|
| 192 | require_once 'Zend/Validate/Exception.php'; |
---|
| 193 | throw new Zend_Validate_Exception('Magicfile can not be set. There is no finfo extension installed'); |
---|
| 194 | } else if (!is_file($file) || !is_readable($file)) { |
---|
| 195 | require_once 'Zend/Validate/Exception.php'; |
---|
| 196 | throw new Zend_Validate_Exception('The given magicfile can not be read'); |
---|
| 197 | } else { |
---|
| 198 | $const = defined('FILEINFO_MIME_TYPE') ? FILEINFO_MIME_TYPE : FILEINFO_MIME; |
---|
| 199 | $this->_finfo = @finfo_open($const, $file); |
---|
| 200 | if (empty($this->_finfo)) { |
---|
| 201 | $this->_finfo = null; |
---|
| 202 | require_once 'Zend/Validate/Exception.php'; |
---|
| 203 | throw new Zend_Validate_Exception('The given magicfile is not accepted by finfo'); |
---|
| 204 | } else { |
---|
| 205 | $this->_magicfile = $file; |
---|
| 206 | } |
---|
| 207 | } |
---|
| 208 | |
---|
| 209 | return $this; |
---|
| 210 | } |
---|
| 211 | |
---|
| 212 | /** |
---|
| 213 | * Returns the Header Check option |
---|
| 214 | * |
---|
| 215 | * @return boolean |
---|
| 216 | */ |
---|
| 217 | public function getHeaderCheck() |
---|
| 218 | { |
---|
| 219 | return $this->_headerCheck; |
---|
| 220 | } |
---|
| 221 | |
---|
| 222 | /** |
---|
| 223 | * Defines if the http header should be used |
---|
| 224 | * Note that this is unsave and therefor the default value is false |
---|
| 225 | * |
---|
| 226 | * @param boolean $checkHeader |
---|
| 227 | * @return Zend_Validate_File_MimeType Provides fluid interface |
---|
| 228 | */ |
---|
| 229 | public function enableHeaderCheck($headerCheck = true) |
---|
| 230 | { |
---|
| 231 | $this->_headerCheck = (boolean) $headerCheck; |
---|
| 232 | return $this; |
---|
| 233 | } |
---|
| 234 | |
---|
| 235 | /** |
---|
| 236 | * Returns the set mimetypes |
---|
| 237 | * |
---|
| 238 | * @param boolean $asArray Returns the values as array, when false an concated string is returned |
---|
| 239 | * @return string|array |
---|
| 240 | */ |
---|
| 241 | public function getMimeType($asArray = false) |
---|
| 242 | { |
---|
| 243 | $asArray = (bool) $asArray; |
---|
| 244 | $mimetype = (string) $this->_mimetype; |
---|
| 245 | if ($asArray) { |
---|
| 246 | $mimetype = explode(',', $mimetype); |
---|
| 247 | } |
---|
| 248 | |
---|
| 249 | return $mimetype; |
---|
| 250 | } |
---|
| 251 | |
---|
| 252 | /** |
---|
| 253 | * Sets the mimetypes |
---|
| 254 | * |
---|
| 255 | * @param string|array $mimetype The mimetypes to validate |
---|
| 256 | * @return Zend_Validate_File_Extension Provides a fluent interface |
---|
| 257 | */ |
---|
| 258 | public function setMimeType($mimetype) |
---|
| 259 | { |
---|
| 260 | $this->_mimetype = null; |
---|
| 261 | $this->addMimeType($mimetype); |
---|
| 262 | return $this; |
---|
| 263 | } |
---|
| 264 | |
---|
| 265 | /** |
---|
| 266 | * Adds the mimetypes |
---|
| 267 | * |
---|
| 268 | * @param string|array $mimetype The mimetypes to add for validation |
---|
| 269 | * @return Zend_Validate_File_Extension Provides a fluent interface |
---|
| 270 | */ |
---|
| 271 | public function addMimeType($mimetype) |
---|
| 272 | { |
---|
| 273 | $mimetypes = $this->getMimeType(true); |
---|
| 274 | |
---|
| 275 | if (is_string($mimetype)) { |
---|
| 276 | $mimetype = explode(',', $mimetype); |
---|
| 277 | } elseif (!is_array($mimetype)) { |
---|
| 278 | require_once 'Zend/Validate/Exception.php'; |
---|
| 279 | throw new Zend_Validate_Exception("Invalid options to validator provided"); |
---|
| 280 | } |
---|
| 281 | |
---|
| 282 | if (isset($mimetype['magicfile'])) { |
---|
| 283 | unset($mimetype['magicfile']); |
---|
| 284 | } |
---|
| 285 | |
---|
| 286 | foreach ($mimetype as $content) { |
---|
| 287 | if (empty($content) || !is_string($content)) { |
---|
| 288 | continue; |
---|
| 289 | } |
---|
| 290 | $mimetypes[] = trim($content); |
---|
| 291 | } |
---|
| 292 | $mimetypes = array_unique($mimetypes); |
---|
| 293 | |
---|
| 294 | // Sanity check to ensure no empty values |
---|
| 295 | foreach ($mimetypes as $key => $mt) { |
---|
| 296 | if (empty($mt)) { |
---|
| 297 | unset($mimetypes[$key]); |
---|
| 298 | } |
---|
| 299 | } |
---|
| 300 | |
---|
| 301 | $this->_mimetype = implode(',', $mimetypes); |
---|
| 302 | |
---|
| 303 | return $this; |
---|
| 304 | } |
---|
| 305 | |
---|
| 306 | /** |
---|
| 307 | * Defined by Zend_Validate_Interface |
---|
| 308 | * |
---|
| 309 | * Returns true if the mimetype of the file matches the given ones. Also parts |
---|
| 310 | * of mimetypes can be checked. If you give for example "image" all image |
---|
| 311 | * mime types will be accepted like "image/gif", "image/jpeg" and so on. |
---|
| 312 | * |
---|
| 313 | * @param string $value Real file to check for mimetype |
---|
| 314 | * @param array $file File data from Zend_File_Transfer |
---|
| 315 | * @return boolean |
---|
| 316 | */ |
---|
| 317 | public function isValid($value, $file = null) |
---|
| 318 | { |
---|
| 319 | if ($file === null) { |
---|
| 320 | $file = array( |
---|
| 321 | 'type' => null, |
---|
| 322 | 'name' => $value |
---|
| 323 | ); |
---|
| 324 | } |
---|
| 325 | |
---|
| 326 | // Is file readable ? |
---|
| 327 | require_once 'Zend/Loader.php'; |
---|
| 328 | if (!Zend_Loader::isReadable($value)) { |
---|
| 329 | return $this->_throw($file, self::NOT_READABLE); |
---|
| 330 | } |
---|
| 331 | |
---|
| 332 | $mimefile = $this->getMagicFile(); |
---|
| 333 | if (class_exists('finfo', false)) { |
---|
| 334 | $const = defined('FILEINFO_MIME_TYPE') ? FILEINFO_MIME_TYPE : FILEINFO_MIME; |
---|
| 335 | if (!empty($mimefile) && empty($this->_finfo)) { |
---|
| 336 | $this->_finfo = @finfo_open($const, $mimefile); |
---|
| 337 | } |
---|
| 338 | |
---|
| 339 | if (empty($this->_finfo)) { |
---|
| 340 | $this->_finfo = @finfo_open($const); |
---|
| 341 | } |
---|
| 342 | |
---|
| 343 | $this->_type = null; |
---|
| 344 | if (!empty($this->_finfo)) { |
---|
| 345 | $this->_type = finfo_file($this->_finfo, $value); |
---|
| 346 | } |
---|
| 347 | } |
---|
| 348 | |
---|
| 349 | if (empty($this->_type) && |
---|
| 350 | (function_exists('mime_content_type') && ini_get('mime_magic.magicfile'))) { |
---|
| 351 | $this->_type = mime_content_type($value); |
---|
| 352 | } |
---|
| 353 | |
---|
| 354 | if (empty($this->_type) && $this->_headerCheck) { |
---|
| 355 | $this->_type = $file['type']; |
---|
| 356 | } |
---|
| 357 | |
---|
| 358 | if (empty($this->_type)) { |
---|
| 359 | return $this->_throw($file, self::NOT_DETECTED); |
---|
| 360 | } |
---|
| 361 | |
---|
| 362 | $mimetype = $this->getMimeType(true); |
---|
| 363 | if (in_array($this->_type, $mimetype)) { |
---|
| 364 | return true; |
---|
| 365 | } |
---|
| 366 | |
---|
| 367 | $types = explode('/', $this->_type); |
---|
| 368 | $types = array_merge($types, explode('-', $this->_type)); |
---|
| 369 | $types = array_merge($types, explode(';', $this->_type)); |
---|
| 370 | foreach($mimetype as $mime) { |
---|
| 371 | if (in_array($mime, $types)) { |
---|
| 372 | return true; |
---|
| 373 | } |
---|
| 374 | } |
---|
| 375 | |
---|
| 376 | return $this->_throw($file, self::FALSE_TYPE); |
---|
| 377 | } |
---|
| 378 | |
---|
| 379 | /** |
---|
| 380 | * Throws an error of the given type |
---|
| 381 | * |
---|
| 382 | * @param string $file |
---|
| 383 | * @param string $errorType |
---|
| 384 | * @return false |
---|
| 385 | */ |
---|
| 386 | protected function _throw($file, $errorType) |
---|
| 387 | { |
---|
| 388 | $this->_value = $file['name']; |
---|
| 389 | $this->_error($errorType); |
---|
| 390 | return false; |
---|
| 391 | } |
---|
| 392 | } |
---|