<?php
/*
* Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
- * Copyright (C) 2002-2006 The Nucleus Group
+ * Copyright (C) 2002-2007 The Nucleus Group
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* Media classes for nucleus
*
* @license http://nucleuscms.org/license.txt GNU General Public License
- * @copyright Copyright (C) 2002-2006 The Nucleus Group
- * @version $Id: MEDIA.php,v 1.5 2006-07-17 20:03:44 kimitake Exp $
- * $NucleusJP: MEDIA.php,v 1.4 2005/08/13 07:33:02 kimitake Exp $
+ * @copyright Copyright (C) 2002-2007 The Nucleus Group
+ * @version $Id: MEDIA.php,v 1.6 2007-02-04 06:28:46 kimitake Exp $
+ * $NucleusJP: MEDIA.php,v 1.5 2006/07/17 20:03:44 kimitake Exp $
*/
* checks if a collection exists with the given name, and if it's
* allowed for the currently logged in member to upload files to it
*/
- function isValidCollection($collectionName) {
- global $member, $DIR_MEDIA;
-
- // private collections only accept uploads from their owners
- if (is_numeric($collectionName))
- return ($member->getID() == $collectionName);
-
- // other collections should exists and be writable
- $collectionDir = $DIR_MEDIA . $collectionName;
- return (@is_dir($collectionDir) || @is_writable($collectionDir));
- }
+ function isValidCollection($collectionName) {\r
+ global $member, $DIR_MEDIA;\r
+\r
+ // allow creating new private directory\r
+ if (preg_match('#^[0-9]+[/\\\\]?$#',$collectionName))\r
+ return ((int)$member->getID() == (int)$collectionName);\r
+\r
+ // avoid directory traversal\r
+ // note that preg_replace() is requred to remove the last "/" or "\" if exists\r
+ $media = realpath($DIR_MEDIA);\r
+ $media = preg_replace('#[/\\\\]+$#','',$media);\r
+ $collectionDir = realpath( $DIR_MEDIA . $collectionName );\r
+ $collectionDir = preg_replace('#[/\\\\]+$#','',$collectionDir);\r
+ if (strpos($collectionDir,$media)!==0 || $collectionDir == $media) return false;\r
+\r
+ // private collections only accept uploads from their owners\r
+ // The "+1" of "strlen($media)+1" corresponds to "/" or "\".\r
+ $collectionName=substr($collectionDir,strlen($media)+1);\r
+ if (preg_match('/^[0-9]+$/',$collectionName))\r
+ return ((int)$member->getID() == (int)$collectionName);\r
+\r
+ // other collections should exists and be writable\r
+ return (@is_dir($collectionDir) && @is_writable($collectionDir));\r
+ }\r
/**
* Adds an uploaded file to the media archive
* (date prefix should be already added here)
*/
function addMediaObject($collection, $uploadfile, $filename) {
- global $DIR_MEDIA;
+ global $DIR_MEDIA, $manager;
+
+ $manager->notify('PreMediaUpload',array('collection' => &$collection, 'uploadfile' => $uploadfile, 'filename' => &$filename));
// don't allow uploads to unknown or forbidden collections
if (!MEDIA::isValidCollection($collection))
@chmod($mediadir . $filename, 0644);
umask($oldumask);
+ $manager->notify('PostMediaUpload',array('collection' => $collection, 'mediadir' => $mediadir, 'filename' => $filename));
+
return '';
}
return ($a->timestamp > $b->timestamp) ? -1 : 1;
}
-?>
\ No newline at end of file
+?>