Luca/thetool
1
0
Fork 0
Code Issues 5 Pull Requests 5 Actions Packages Projects Releases Wiki Activity

Added PDF validation in OrderController::save

Browse Source
This commit is contained in:
Frank Schubert
2022-05-03 15:40:18 +02:00
parent fc17d1069a
commit 60c7718ecc
3 changed files with 155 additions and 73 deletions
Download Patch File Download Diff File Expand all files Collapse all files

69
application/Order/OrderController.php
View File

@@ -768,37 +768,60 @@ class OrderController extends mfBaseController {
//var_dump($_FILES['OrderFileUpload']);exit;
// handle file upload
if(array_key_exists("OrderFileUpload", $_FILES) && !$_FILES['OrderFileUpload']['error']) {
$upload_error = false;
//var_dump($_FILES);exit;
$upload = new mfUpload("OrderFileUpload");
$upload->setSavepath(MFUPLOAD_FILE_SAVE_PATH."/documents");
$upload->save();
$file_data = [];
$file_data['name'] = ($r->file_name) ? $r->file_name : $upload->getOriginalFilename();
$file_data['filename'] = ($r->file_filename) ? $r->file_filename : $upload->getOriginalFilename();
$file_data['subfolder'] = "documents";
$file_data['store_filename'] = $upload->getFilename();
$file_data['orig_filename'] = $upload->getOriginalFilename();
if(!$upload->getSize()) {
$this->layout()->setFlash("Dateiupload fehlgeschlagen: Dokument darf nicht leer sein!", "warn");
$upload_error = true;
}
$file = FileModel::create($file_data);
$file_id = $file->save();
if(!$file_id) {
$this->layout()->setFlash("Dateiupload fehlgeschlagen", "warn");
unlink($upload->getSavepath()."/".$upload->getFilename());
} else {
$of = [];
$of['order_id'] = $new_id;
$of['file_id'] = $file_id;
$of['name'] = $file->name;
$of['description'] = $file->description;
$orderfile = OrderFileModel::create($of);
if(!$orderfile->save()) {
$file->delete();
unlink($upload->getSavepath()."/".$upload->getFilename());
if(substr(strtolower($upload->getFilename()), -3, 3) == "pdf" && !$upload->validatePDF()) {
$this->layout()->setFlash("Dateiupload fehlgeschlagen: PDF-Validierung fehlgeschlagen!", "warn");
$upload_error = true;
}
if(!$upload_error) {
try {
$upload->save();
} catch(Exception $e) {
$this->layout()->setFlash("Dateiupload fehlgeschlagen", "warn");
$upload_error = true;
}
}
if(!$upload_error) {
$file_data = [];
$file_data['name'] = ($r->file_name) ? $r->file_name : $upload->getOriginalFilename();
$file_data['filename'] = ($r->file_filename) ? $r->file_filename : $upload->getOriginalFilename();
$file_data['subfolder'] = "documents";
$file_data['store_filename'] = $upload->getFilename();
$file_data['orig_filename'] = $upload->getOriginalFilename();
$file = FileModel::create($file_data);
$file_id = $file->save();
if(!$file_id) {
$this->layout()->setFlash("Dateiupload fehlgeschlagen", "warn");
unlink($upload->getSavepath()."/".$upload->getFilename());
} else {
$of = [];
$of['order_id'] = $new_id;
$of['file_id'] = $file_id;
$of['name'] = $file->name;
$of['description'] = $file->description;
$orderfile = OrderFileModel::create($of);
if(!$orderfile->save()) {
$file->delete();
unlink($upload->getSavepath()."/".$upload->getFilename());
$this->layout()->setFlash("Dateiupload fehlgeschlagen", "warn");
}
}
}
}

117
lib/mvcfronk/mfUpload/mfUpload.php
View File

@@ -2,6 +2,7 @@
require_once(LIBDIR."/mvcfronk/mfUpload/mfUpload_TmpFile.php");
class mfUpload {
private $log;
private $upload;
private $size;
private $savepath;
@@ -25,66 +26,26 @@ class mfUpload {
$this->filemode = MFUPLOAD_FILEMODE;
}
if(!$this->upload=new mfUpload_TmpFile($uplName)) {
if(!$this->upload = new mfUpload_TmpFile($uplName)) {
throw new Exception($this->upload->errormessage);
}
$this->original_filename = $this->upload->filename;
if(!$this->filename=$this->upload->getFilename()){
if(!$this->filename = $this->upload->getFilename()){
throw new Exception($this->upload->errormessage);
}
if($randomFileName) {
$this->filename=$this->getRandomFilename().'-'.$this->filename;
$this->filename = $this->getRandomFilename().'-'.$this->filename;
}
$this->size=$this->upload->getFileSize();
$this->size = $this->upload->getFileSize();
if($this->size > MFUPLOAD_FILE_MAX_SIZE) {
throw new Exception('File is too big. Maximum allowed filesize is '.(MFUPLOAD_FILE_MAX_SIZE).' MB');
}
}
public function getSavepath() {
return $this->savepath;
}
public function setSavepath($path) {
$this->savepath = $path;
return true;
}
public function getOriginalFilename() {
return $this->original_filename;
}
public function getFilename() {
return $this->filename;
}
public function setFilename($name) {
$this->filename = $name;
}
public function getSize() {
return $this->size;
}
public function getDirmode() {
return $this->dirmode;
}
public function setDirmode($mode) {
$this->dirmode=$mode;
}
public function getFilemode() {
return $this->filemode;
}
public function setFilemode($mode) {
$this->filemode = $mode;
}
public function save() {
if(!$this->savepath) {
@@ -143,4 +104,72 @@ class mfUpload {
$string=$rand.$string;
return $string;
}
public function validatePDF() {
if(!$this->upload) {
return false;
}
if(!$this->size) {
return false;
}
$this->log->debug("upload size: ".$this->size);
$mime = $this->upload->getMimetype();
$this->log->debug("upload mime: $mime");
if(!stripos($mime, "pdf")) {
return false;
}
$pdftext = $this->upload->pdftotext();
//$this->log->debug("text: ".$pdftext);
if(strlen($pdftext) < 100) {
$this->log->warn("pdftotext less than 100 bytes (".$this->filename.")");
return false;
}
//$this->log->debug("upload text: $pdftext");
return true;
}
public function getSavepath() {
return $this->savepath;
}
public function setSavepath($path) {
$this->savepath = $path;
return true;
}
public function getOriginalFilename() {
return $this->original_filename;
}
public function getFilename() {
return $this->filename;
}
public function setFilename($name) {
$this->filename = $name;
}
public function getSize() {
return $this->size;
}
public function getDirmode() {
return $this->dirmode;
}
public function setDirmode($mode) {
$this->dirmode=$mode;
}
public function getFilemode() {
return $this->filemode;
}
public function setFilemode($mode) {
$this->filemode = $mode;
}
}

42
lib/mvcfronk/mfUpload/mfUpload_TmpFile.php
View File

@@ -2,6 +2,7 @@
class mfUpload_TmpFile {
private $log;
private $_file;
public $filename;
public $error;
@@ -12,19 +13,21 @@ class mfUpload_TmpFile {
public function __construct($_file) {
$this->log = mfLoghandler::singleton();
if(count($_FILES[$_file])) {
$this->_file=$_FILES[$_file];
$this->_file = $_FILES[$_file];
} else {
$this->errormessage="Upload not found";
$this->errormessage = "Upload not found";
return false;
}
$this->filename=$this->_file['name'];
$this->error=$this->_file['error'];
$this->tmp_name=$this->_file['tmp_name'];
$this->filename = $this->_file['name'];
$this->error = $this->_file['error'];
$this->tmp_name = $this->_file['tmp_name'];
if(!file_exists($this->tmp_name)) {
$this->errormessage="An error occured during file upload. Please try again.";
$this->errormessage = "An error occured during file upload. Please try again.";
return false;
}
@@ -83,5 +86,32 @@ class mfUpload_TmpFile {
return $filename;
}
public function getMimetype() {
$finfo = new finfo(FILEINFO_MIME_TYPE);
$mime = $finfo->file($this->tmp_name);
return $mime;
}
public function pdftotext() {
$cmd .= PDFTOTEXT_BIN_PATH." ".$this->tmp_name." -";
$lines = [];
$retval = 0;
if(exec($cmd, $lines, $retval) === false) {
$this->log->error("Error running pdftotext, return code: $retval");
return false;
}
$text = implode("\n", $lines);
if($retval !== 0) {
$this->log->error("pdftotext returned $retval");
return false;
}
return $text;
}
}