coderkun/questlab
1
0
Fork 0
Code Issues 15 Pull requests Projects Releases Wiki Activity

detect mimetypes on server-side instead of relying on mimetype reported by client (Issue #202)

Browse source
This commit is contained in:
coderkun 2014-05-03 16:32:26 +02:00
commit 3e37012ba0
3 changed files with 34 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

28
app/Utils.inc
View file

@ -107,6 +107,34 @@
return mail($to, $subject, $message, $header); return mail($to, $subject, $message, $header);
} }
/**
* Detect Mimetype of a file.
*
* @param string $filename Name of file to detect Mimetype of
* @param string $defaultMimetype Default Mimetype to use
* @return string Detected Mimetype of file
*/
public static function getMimetype($filename, $defaultMimetype=null)
{
$mimetype = (!is_null($defaultMimetype)) ? $defaultMimetype : 'application/octet-stream';
// Use Fileinfo
if(class_exists('\finfo'))
{
$finfo = new \finfo(FILEINFO_MIME_TYPE);
if(!is_null($finfo)) {
$mimetype = $finfo->file($filename);
}
}
// Use deprecated mime_content_type()
elseif(function_exists('mime_content_type')) {
$mimetype = mime_content_type($filename);
}
return $mimetype;
}
} }
?> ?>

5
controllers/CharactergroupsquestsController.inc
View file

@ -153,14 +153,15 @@
// Check mimetype // Check mimetype
$mediaMimetype = null; $mediaMimetype = null;
$file['mimetype'] = \hhu\z\Utils::getMimetype($file['tmp_name']);
foreach($mimetypes as &$mimetype) { foreach($mimetypes as &$mimetype) {
if($mimetype['mimetype'] == $file['type']) { if($mimetype['mimetype'] == $file['mimetype']) {
$mediaMimetype = $mimetype; $mediaMimetype = $mimetype;
break; break;
} }
} }
if(is_null($mediaMimetype)) { if(is_null($mediaMimetype)) {
$validation = $this->Validation->addValidationResult($validation, 'media', 'mimetype', $file['type']); $validation = $this->Validation->addValidationResult($validation, 'media', 'mimetype', $file['mimetype']);
} }
elseif($file['size'] > $mediaMimetype['size']) { elseif($file['size'] > $mediaMimetype['size']) {
$validation = $this->Validation->addValidationResult($validation, 'media', 'size', $mediaMimetype['size']); $validation = $this->Validation->addValidationResult($validation, 'media', 'size', $mediaMimetype['size']);

5
questtypes/submit/SubmitQuesttypeController.inc
View file

@ -56,15 +56,16 @@
// Check mimetype // Check mimetype
$mimetypes = $this->Submit->getAllowedMimetypes($seminary['id']); $mimetypes = $this->Submit->getAllowedMimetypes($seminary['id']);
$answerMimetype = null; $answerMimetype = null;
$answer['mimetype'] = \hhu\z\Utils::getMimetype($answer['tmp_name']);
foreach($mimetypes as &$mimetype) { foreach($mimetypes as &$mimetype) {
if($mimetype['mimetype'] == $answer['type']) { if($mimetype['mimetype'] == $answer['mimetype']) {
$answerMimetype = $mimetype; $answerMimetype = $mimetype;
break; break;
} }
} }
if(is_null($answerMimetype)) { if(is_null($answerMimetype)) {
throw new \hhu\z\exceptions\SubmissionNotValidException( throw new \hhu\z\exceptions\SubmissionNotValidException(
new \hhu\z\exceptions\WrongFiletypeException($answer['type']) new \hhu\z\exceptions\WrongFiletypeException($answer['mimetype'])
); );
} }