TYPO3CMS  8
 All Classes Namespaces Files Functions Variables Pages
FileExtensionFilter.php
Go to the documentation of this file.
1 <?php
2 namespace TYPO3\CMS\Core\Resource\Filter;
3 
4 /*
5  * This file is part of the TYPO3 CMS project.
6  *
7  * It is free software; you can redistribute it and/or modify it under
8  * the terms of the GNU General Public License, either version 2
9  * of the License, or any later version.
10  *
11  * For the full copyright and license information, please read the
12  * LICENSE.txt file that was distributed with this source code.
13  *
14  * The TYPO3 project - inspiring people to share!
15  */
16 
21 
26 {
32  protected $allowedFileExtensions = null;
33 
39  protected $disallowedFileExtensions = null;
40 
48  public function filterInlineChildren(array $parameters, DataHandler $dataHandler)
49  {
50  $values = $parameters['values'];
51  if ($parameters['allowedFileExtensions']) {
52  $this->setAllowedFileExtensions($parameters['allowedFileExtensions']);
53  }
54  if ($parameters['disallowedFileExtensions']) {
55  $this->setDisallowedFileExtensions($parameters['disallowedFileExtensions']);
56  }
57  $cleanValues = [];
58  if (is_array($values)) {
59  foreach ($values as $value) {
60  if (empty($value)) {
61  continue;
62  }
63  $parts = GeneralUtility::revExplode('_', $value, 2);
64  $fileReferenceUid = $parts[count($parts) - 1];
65  $fileReference = ResourceFactory::getInstance()->getFileReferenceObject($fileReferenceUid);
66  $file = $fileReference->getOriginalFile();
67  if ($this->isAllowed($file->getName())) {
68  $cleanValues[] = $value;
69  } else {
70  // Remove the erroneously created reference record again
71  $dataHandler->deleteAction('sys_file_reference', $fileReferenceUid);
72  }
73  }
74  }
75  return $cleanValues;
76  }
77 
91  public function filterFileList($itemName, $itemIdentifier, $parentIdentifier, array $additionalInformation, DriverInterface $driver)
92  {
93  $returnCode = true;
94  // Early return in case no file filters are set at all
95  if ($this->allowedFileExtensions === null && $this->disallowedFileExtensions === null) {
96  return $returnCode;
97  }
98  // Check that this is a file and not a folder
99  if ($driver->fileExists($itemIdentifier)) {
100  if (!$this->isAllowed($itemName)) {
101  $returnCode = -1;
102  }
103  }
104  return $returnCode;
105  }
106 
113  protected function isAllowed($fileName)
114  {
115  $result = true;
116  $fileExt = strtolower(pathinfo($fileName, PATHINFO_EXTENSION));
117  // Check allowed file extensions
118  if ($this->allowedFileExtensions !== null && !empty($this->allowedFileExtensions) && !in_array($fileExt, $this->allowedFileExtensions)) {
119  $result = false;
120  }
121  // Check disallowed file extensions
122  if ($this->disallowedFileExtensions !== null && !empty($this->disallowedFileExtensions) && in_array($fileExt, $this->disallowedFileExtensions)) {
123  $result = false;
124  }
125  return $result;
126  }
127 
134  {
135  $this->allowedFileExtensions = $this->convertToLowercaseArray($allowedFileExtensions);
136  }
137 
144  {
145  $this->disallowedFileExtensions = $this->convertToLowercaseArray($disallowedFileExtensions);
146  }
147 
156  protected function convertToLowercaseArray($inputArgument)
157  {
158  $returnValue = null;
159  if (is_array($inputArgument)) {
160  $returnValue = $inputArgument;
161  } elseif ((string)$inputArgument !== '') {
162  $returnValue = GeneralUtility::trimExplode(',', $inputArgument);
163  }
164 
165  if (is_array($returnValue)) {
166  $returnValue = array_map('strtolower', $returnValue);
167  }
168 
169  return $returnValue;
170  }
171 }
static trimExplode($delim, $string, $removeEmptyValues=false, $limit=0)
filterInlineChildren(array $parameters, DataHandler $dataHandler)
filterFileList($itemName, $itemIdentifier, $parentIdentifier, array $additionalInformation, DriverInterface $driver)
static revExplode($delimiter, $string, $count=0)