mirror of
https://github.com/getgrav/grav-plugin-admin.git
synced 2025-10-28 00:36:36 +01:00
Made path handling unicode-safe, use new Utils::basename() and Utils::pathinfo() everywhere
This commit is contained in:
Matias Griese
@@ -1,3 +1,9 @@
|
||||
# v1.10.29
|
||||
## mm/dd/2022
|
||||
|
||||
3. [](#improved)
|
||||
* Made path handling unicode-safe, use new `Utils::basename()` and `Utils::pathinfo()` everywhere
|
||||
|
||||
# v1.10.28
|
||||
## 01/24/2022
|
||||
|
||||
|
||||
10
admin.php
10
admin.php
@@ -480,7 +480,7 @@ class AdminPlugin extends Plugin
|
||||
Admin::DEBUG && Admin::addDebugMessage("Admin page: {$this->template}");
|
||||
|
||||
$page->init(new \SplFileInfo(__DIR__ . "/pages/admin/{$this->template}.md"));
|
||||
$page->slug(basename($this->template));
|
||||
$page->slug(Utils::basename($this->template));
|
||||
|
||||
return $page;
|
||||
}
|
||||
@@ -501,7 +501,7 @@ class AdminPlugin extends Plugin
|
||||
Admin::DEBUG && Admin::addDebugMessage("Admin page: plugin {$plugin->name}/{$this->template}");
|
||||
|
||||
$page->init(new \SplFileInfo($path));
|
||||
$page->slug(basename($this->template));
|
||||
$page->slug(Utils::basename($this->template));
|
||||
|
||||
return $page;
|
||||
}
|
||||
@@ -525,7 +525,7 @@ class AdminPlugin extends Plugin
|
||||
$error_file = $this->grav['locator']->findResource('plugins://admin/pages/admin/error.md');
|
||||
$page = new Page();
|
||||
$page->init(new \SplFileInfo($error_file));
|
||||
$page->slug(basename($this->route));
|
||||
$page->slug(Utils::basename($this->route));
|
||||
$page->routable(true);
|
||||
}
|
||||
|
||||
@@ -537,7 +537,7 @@ class AdminPlugin extends Plugin
|
||||
$login_file = $this->grav['locator']->findResource('plugins://admin/pages/admin/login.md');
|
||||
$page = new Page();
|
||||
$page->init(new \SplFileInfo($login_file));
|
||||
$page->slug(basename($this->route));
|
||||
$page->slug(Utils::basename($this->route));
|
||||
unset($this->grav['page']);
|
||||
$this->grav['page'] = $page;
|
||||
}
|
||||
@@ -1304,7 +1304,7 @@ class AdminPlugin extends Plugin
|
||||
$options = [];
|
||||
$theme_files = glob(__dir__ . '/themes/grav/css/codemirror/themes/*.css');
|
||||
foreach ($theme_files as $theme_file) {
|
||||
$theme = basename(basename($theme_file, '.css'));
|
||||
$theme = Utils::basename(Utils::basename($theme_file, '.css'));
|
||||
$options[$theme] = Inflector::titleize($theme);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -980,7 +980,7 @@ class Admin
|
||||
$obj->file = $file;
|
||||
$obj->page = $pages->get(dirname($obj->path));
|
||||
|
||||
$fileInfo = pathinfo($obj->title);
|
||||
$fileInfo = Utils::pathinfo($obj->title);
|
||||
$filename = str_replace(['@3x', '@2x'], '', $fileInfo['filename']);
|
||||
if (isset($fileInfo['extension'])) {
|
||||
$filename .= '.' . $fileInfo['extension'];
|
||||
@@ -1979,7 +1979,7 @@ class Admin
|
||||
$page = $path ? $pages->find($path, true) : $pages->root();
|
||||
|
||||
if (!$page) {
|
||||
$slug = basename($path);
|
||||
$slug = Utils::basename($path);
|
||||
|
||||
if ($slug === '') {
|
||||
return null;
|
||||
|
||||
@@ -374,7 +374,7 @@ class AdminBaseController
|
||||
// since php removes it from the upload location
|
||||
$tmp_dir = Admin::getTempDir();
|
||||
$tmp_file = $upload->file->tmp_name;
|
||||
$tmp = $tmp_dir . '/uploaded-files/' . basename($tmp_file);
|
||||
$tmp = $tmp_dir . '/uploaded-files/' . Utils::basename($tmp_file);
|
||||
|
||||
Folder::create(dirname($tmp));
|
||||
if (!move_uploaded_file($tmp_file, $tmp)) {
|
||||
@@ -423,7 +423,7 @@ class AdminBaseController
|
||||
|
||||
// Generate random name if required
|
||||
if ($settings->random_name) { // TODO: document
|
||||
$extension = pathinfo($upload->file->name, PATHINFO_EXTENSION);
|
||||
$extension = Utils::pathinfo($upload->file->name, PATHINFO_EXTENSION);
|
||||
$upload->file->name = Utils::generateRandomString(15) . '.' . $extension;
|
||||
}
|
||||
|
||||
@@ -929,7 +929,7 @@ class AdminBaseController
|
||||
$type = $uri->param('type');
|
||||
$field = $uri->param('field');
|
||||
|
||||
$filename = basename($this->post['filename'] ?? '');
|
||||
$filename = Utils::basename($this->post['filename'] ?? '');
|
||||
if ($filename === '') {
|
||||
$this->admin->json_response = [
|
||||
'status' => 'error',
|
||||
@@ -1068,7 +1068,7 @@ class AdminBaseController
|
||||
if ($file->exists()) {
|
||||
$resultRemoveMedia = $file->delete();
|
||||
|
||||
$fileParts = pathinfo($filename);
|
||||
$fileParts = Utils::pathinfo($filename);
|
||||
|
||||
foreach (scandir($fileParts['dirname']) as $file) {
|
||||
$regex_pattern = '/' . preg_quote($fileParts['filename'], '/') . "@\d+x\." . $fileParts['extension'] . "(?:\.meta\.yaml)?$|" . preg_quote($fileParts['basename'], '/') . "\.meta\.yaml$/";
|
||||
|
||||
@@ -521,7 +521,7 @@ class AdminController extends AdminBaseController
|
||||
|
||||
try {
|
||||
if ($download) {
|
||||
$filename = basename(base64_decode(urldecode($download)));
|
||||
$filename = Utils::basename(base64_decode(urldecode($download)));
|
||||
$file = $this->grav['locator']->findResource("backup://{$filename}", true);
|
||||
if (!$file || !Utils::endsWith($filename, '.zip', false)) {
|
||||
header('HTTP/1.1 401 Unauthorized');
|
||||
@@ -584,7 +584,7 @@ class AdminController extends AdminBaseController
|
||||
$backup = $this->grav['uri']->param('backup', null);
|
||||
|
||||
if (null !== $backup) {
|
||||
$filename = basename(base64_decode(urldecode($backup)));
|
||||
$filename = Utils::basename(base64_decode(urldecode($backup)));
|
||||
$file = $this->grav['locator']->findResource("backup://{$filename}", true);
|
||||
|
||||
if ($file && Utils::endsWith($filename, '.zip', false)) {
|
||||
@@ -2244,7 +2244,7 @@ class AdminController extends AdminBaseController
|
||||
|
||||
|
||||
// Check extension
|
||||
$extension = strtolower(pathinfo($filename, PATHINFO_EXTENSION));
|
||||
$extension = strtolower(Utils::pathinfo($filename, PATHINFO_EXTENSION));
|
||||
|
||||
// If not a supported type, return
|
||||
if (!$extension || !$config->get("media.types.{$extension}")) {
|
||||
@@ -2293,7 +2293,7 @@ class AdminController extends AdminBaseController
|
||||
|
||||
// Add metadata if needed
|
||||
$include_metadata = Grav::instance()['config']->get('system.media.auto_metadata_exif', false);
|
||||
$basename = str_replace(['@3x', '@2x'], '', pathinfo($filename, PATHINFO_BASENAME));
|
||||
$basename = str_replace(['@3x', '@2x'], '', Utils::pathinfo($filename, PATHINFO_BASENAME));
|
||||
|
||||
$metadata = [];
|
||||
|
||||
@@ -2423,7 +2423,7 @@ class AdminController extends AdminBaseController
|
||||
return false;
|
||||
}
|
||||
|
||||
$filename = !empty($this->post['filename']) ? basename($this->post['filename']) : null;
|
||||
$filename = !empty($this->post['filename']) ? Utils::basename($this->post['filename']) : null;
|
||||
|
||||
// Handle bad filenames.
|
||||
if (!$filename || !Utils::checkFilename($filename)) {
|
||||
@@ -2442,7 +2442,7 @@ class AdminController extends AdminBaseController
|
||||
if ($locator->isStream($targetPath)) {
|
||||
$targetPath = $locator->findResource($targetPath, true, true);
|
||||
}
|
||||
$fileParts = pathinfo($filename);
|
||||
$fileParts = Utils::pathinfo($filename);
|
||||
|
||||
$found = false;
|
||||
|
||||
@@ -2626,7 +2626,7 @@ class AdminController extends AdminBaseController
|
||||
$payload = [
|
||||
'name' => $file_page ? $file_page->title() : $fileName,
|
||||
'value' => $file_page ? $file_page->rawRoute() : $file_path,
|
||||
'item-key' => basename($file_page ? $file_page->route() : $file_path),
|
||||
'item-key' => Utils::basename($file_page ? $file_page->route() : $file_path),
|
||||
'filename' => $fileName,
|
||||
'extension' => $type === 'dir' ? '' : $fileInfo->getExtension(),
|
||||
'type' => $type,
|
||||
|
||||
@@ -15,6 +15,7 @@ use Grav\Common\Page\Pages;
|
||||
use Grav\Common\Uri;
|
||||
use Grav\Common\User\Interfaces\UserCollectionInterface;
|
||||
use Grav\Common\User\Interfaces\UserInterface;
|
||||
use Grav\Common\Utils;
|
||||
use Grav\Framework\RequestHandler\Exception\PageExpiredException;
|
||||
use Grav\Framework\RequestHandler\Exception\RequestException;
|
||||
use Grav\Plugin\Admin\Admin;
|
||||
@@ -111,7 +112,7 @@ class LoginController extends AdminController
|
||||
{
|
||||
$uri = (string)$this->getRequest()->getUri();
|
||||
|
||||
$ext = pathinfo($uri, PATHINFO_EXTENSION);
|
||||
$ext = Utils::pathinfo($uri, PATHINFO_EXTENSION);
|
||||
$accept = $this->getAccept(['application/json', 'text/html']);
|
||||
if ($ext === 'json' || $accept === 'application/json') {
|
||||
return $this->createErrorResponse(new RequestException($this->getRequest(), $this->translate('PLUGIN_ADMIN.LOGGED_OUT'), 401));
|
||||
|
||||
@@ -316,7 +316,7 @@ class Gpm
|
||||
|
||||
$bad_chars = array_merge(array_map('chr', range(0, 31)), ['<', '>', ':', '"', '/', '\\', '|', '?', '*']);
|
||||
|
||||
$filename = $package->slug . str_replace($bad_chars, '', basename($package->zipball_url));
|
||||
$filename = $package->slug . str_replace($bad_chars, '', \Grav\Common\Utils::basename($package->zipball_url));
|
||||
$filename = preg_replace('/[\\\\\/:"*?&<>|]+/m', '-', $filename);
|
||||
|
||||
file_put_contents($tmp_dir . DS . $filename . '.zip', $contents);
|
||||
|
||||
Reference in New Issue
Block a user