‪TYPO3CMS  10.4
FileExtensionFilter.php
Go to the documentation of this file.
1 <?php
2 
3 /*
4  * This file is part of the TYPO3 CMS project.
5  *
6  * It is free software; you can redistribute it and/or modify it under
7  * the terms of the GNU General Public License, either version 2
8  * of the License, or any later version.
9  *
10  * For the full copyright and license information, please read the
11  * LICENSE.txt file that was distributed with this source code.
12  *
13  * The TYPO3 project - inspiring people to share!
14  */
15 
17 
23 
28 {
34  protected ‪$allowedFileExtensions;
35 
42 
50  public function ‪filterInlineChildren(array $parameters, ‪DataHandler $dataHandler)
51  {
52  $values = $parameters['values'];
53  if ($parameters['allowedFileExtensions']) {
54  $this->‪setAllowedFileExtensions($parameters['allowedFileExtensions']);
55  }
56  if ($parameters['disallowedFileExtensions']) {
57  $this->‪setDisallowedFileExtensions($parameters['disallowedFileExtensions']);
58  }
59  $cleanValues = [];
60  if (is_array($values)) {
61  foreach ($values as $value) {
62  if (empty($value)) {
63  continue;
64  }
65  $parts = ‪GeneralUtility::revExplode('_', $value, 2);
66  $fileReferenceUid = $parts[count($parts) - 1];
67  try {
68  $fileReference = GeneralUtility::makeInstance(ResourceFactory::class)->getFileReferenceObject($fileReferenceUid);
69  $file = $fileReference->getOriginalFile();
70  if ($this->‪isAllowed($file->getExtension())) {
71  $cleanValues[] = $value;
72  } else {
73  // Remove the erroneously created reference record again
74  $dataHandler->‪deleteAction('sys_file_reference', $fileReferenceUid);
75  }
76  } catch (‪FileDoesNotExistException $e) {
77  // do nothing
78  }
79  }
80  }
81  return $cleanValues;
82  }
83 
97  public function ‪filterFileList($itemName, $itemIdentifier, $parentIdentifier, array $additionalInformation, ‪DriverInterface $driver)
98  {
99  $returnCode = true;
100  // Early return in case no file filters are set at all
101  if ($this->allowedFileExtensions === null && $this->disallowedFileExtensions === null) {
102  return $returnCode;
103  }
104  // Check that this is a file and not a folder
105  if ($driver->‪fileExists($itemIdentifier)) {
106  try {
107  $fileInfo = $driver->‪getFileInfoByIdentifier($itemIdentifier, ['extension']);
108  } catch (\InvalidArgumentException $e) {
109  $fileInfo = [];
110  }
111  if (!$this->‪isAllowed($fileInfo['extension'] ?? '')) {
112  $returnCode = -1;
113  }
114  }
115  return $returnCode;
116  }
117 
124  protected function ‪isAllowed($fileExt)
125  {
126  $fileExt = strtolower($fileExt);
127  $result = true;
128  // Check allowed file extensions
129  if ($this->allowedFileExtensions !== null && !empty($this->allowedFileExtensions) && !in_array($fileExt, $this->allowedFileExtensions)) {
130  $result = false;
131  }
132  // Check disallowed file extensions
133  if ($this->disallowedFileExtensions !== null && !empty($this->disallowedFileExtensions) && in_array($fileExt, $this->disallowedFileExtensions)) {
134  $result = false;
135  }
136  return $result;
137  }
138 
145  {
146  $this->allowedFileExtensions = $this->‪convertToLowercaseArray(‪$allowedFileExtensions);
147  }
148 
155  {
156  $this->disallowedFileExtensions = $this->‪convertToLowercaseArray(‪$disallowedFileExtensions);
157  }
158 
167  protected function ‪convertToLowercaseArray($inputArgument)
168  {
169  $returnValue = null;
170  if (is_array($inputArgument)) {
171  $returnValue = $inputArgument;
172  } elseif ((string)$inputArgument !== '') {
173  $returnValue = ‪GeneralUtility::trimExplode(',', $inputArgument);
174  }
175 
176  if (is_array($returnValue)) {
177  $returnValue = array_map('strtolower', $returnValue);
178  }
179 
180  return $returnValue;
181  }
182 }
‪TYPO3\CMS\Core\DataHandling\DataHandler
Definition: DataHandler.php:84
‪TYPO3\CMS\Core\Resource\Filter\FileExtensionFilter\isAllowed
‪bool isAllowed($fileExt)
Definition: FileExtensionFilter.php:122
‪TYPO3\CMS\Core\Resource\Driver\DriverInterface
Definition: DriverInterface.php:23
‪TYPO3\CMS\Core\Resource\Exception\FileDoesNotExistException
Definition: FileDoesNotExistException.php:22
‪TYPO3\CMS\Core\Resource\Filter\FileExtensionFilter\$allowedFileExtensions
‪array $allowedFileExtensions
Definition: FileExtensionFilter.php:33
‪TYPO3\CMS\Core\DataHandling\DataHandler\deleteAction
‪deleteAction($table, $id)
Definition: DataHandler.php:4747
‪TYPO3\CMS\Core\Resource\Filter\FileExtensionFilter\$disallowedFileExtensions
‪array $disallowedFileExtensions
Definition: FileExtensionFilter.php:39
‪TYPO3\CMS\Core\Resource\Filter\FileExtensionFilter\convertToLowercaseArray
‪array convertToLowercaseArray($inputArgument)
Definition: FileExtensionFilter.php:165
‪TYPO3\CMS\Core\Resource\ResourceFactory
Definition: ResourceFactory.php:41
‪TYPO3\CMS\Core\Resource\Driver\DriverInterface\getFileInfoByIdentifier
‪array getFileInfoByIdentifier($fileIdentifier, array $propertiesToExtract=[])
‪TYPO3\CMS\Core\Resource\Filter\FileExtensionFilter
Definition: FileExtensionFilter.php:28
‪TYPO3\CMS\Core\Resource\Filter\FileExtensionFilter\setAllowedFileExtensions
‪setAllowedFileExtensions($allowedFileExtensions)
Definition: FileExtensionFilter.php:142
‪TYPO3\CMS\Core\Utility\GeneralUtility\trimExplode
‪static string[] trimExplode($delim, $string, $removeEmptyValues=false, $limit=0)
Definition: GeneralUtility.php:1059
‪TYPO3\CMS\Core\Utility\GeneralUtility\revExplode
‪static string[] revExplode($delimiter, $string, $count=0)
Definition: GeneralUtility.php:1025
‪TYPO3\CMS\Core\Resource\Filter
Definition: FileExtensionFilter.php:16
‪TYPO3\CMS\Core\Resource\Filter\FileExtensionFilter\filterInlineChildren
‪array filterInlineChildren(array $parameters, DataHandler $dataHandler)
Definition: FileExtensionFilter.php:48
‪TYPO3\CMS\Core\Utility\GeneralUtility
Definition: GeneralUtility.php:46
‪TYPO3\CMS\Core\Resource\Driver\DriverInterface\fileExists
‪bool fileExists($fileIdentifier)
‪TYPO3\CMS\Core\Resource\Filter\FileExtensionFilter\filterFileList
‪bool int filterFileList($itemName, $itemIdentifier, $parentIdentifier, array $additionalInformation, DriverInterface $driver)
Definition: FileExtensionFilter.php:95
‪TYPO3\CMS\Core\Resource\Filter\FileExtensionFilter\setDisallowedFileExtensions
‪setDisallowedFileExtensions($disallowedFileExtensions)
Definition: FileExtensionFilter.php:152