diff --git a/application/Order/OrderController.php b/application/Order/OrderController.php index 2f478e54e..eeef60189 100644 --- a/application/Order/OrderController.php +++ b/application/Order/OrderController.php @@ -768,37 +768,60 @@ class OrderController extends mfBaseController { //var_dump($_FILES['OrderFileUpload']);exit; // handle file upload if(array_key_exists("OrderFileUpload", $_FILES) && !$_FILES['OrderFileUpload']['error']) { + $upload_error = false; + //var_dump($_FILES);exit; $upload = new mfUpload("OrderFileUpload"); $upload->setSavepath(MFUPLOAD_FILE_SAVE_PATH."/documents"); - $upload->save(); - $file_data = []; - $file_data['name'] = ($r->file_name) ? $r->file_name : $upload->getOriginalFilename(); - $file_data['filename'] = ($r->file_filename) ? $r->file_filename : $upload->getOriginalFilename(); - $file_data['subfolder'] = "documents"; - $file_data['store_filename'] = $upload->getFilename(); - $file_data['orig_filename'] = $upload->getOriginalFilename(); + if(!$upload->getSize()) { + $this->layout()->setFlash("Dateiupload fehlgeschlagen: Dokument darf nicht leer sein!", "warn"); + $upload_error = true; + } - $file = FileModel::create($file_data); - $file_id = $file->save(); - if(!$file_id) { - $this->layout()->setFlash("Dateiupload fehlgeschlagen", "warn"); - unlink($upload->getSavepath()."/".$upload->getFilename()); - } else { - $of = []; - $of['order_id'] = $new_id; - $of['file_id'] = $file_id; - $of['name'] = $file->name; - $of['description'] = $file->description; - - $orderfile = OrderFileModel::create($of); - if(!$orderfile->save()) { - $file->delete(); - unlink($upload->getSavepath()."/".$upload->getFilename()); + if(substr(strtolower($upload->getFilename()), -3, 3) == "pdf" && !$upload->validatePDF()) { + $this->layout()->setFlash("Dateiupload fehlgeschlagen: PDF-Validierung fehlgeschlagen!", "warn"); + $upload_error = true; + } + + if(!$upload_error) { + try { + $upload->save(); + } catch(Exception $e) { $this->layout()->setFlash("Dateiupload fehlgeschlagen", "warn"); + $upload_error = true; } } + + if(!$upload_error) { + $file_data = []; + $file_data['name'] = ($r->file_name) ? $r->file_name : $upload->getOriginalFilename(); + $file_data['filename'] = ($r->file_filename) ? $r->file_filename : $upload->getOriginalFilename(); + $file_data['subfolder'] = "documents"; + $file_data['store_filename'] = $upload->getFilename(); + $file_data['orig_filename'] = $upload->getOriginalFilename(); + + $file = FileModel::create($file_data); + $file_id = $file->save(); + if(!$file_id) { + $this->layout()->setFlash("Dateiupload fehlgeschlagen", "warn"); + unlink($upload->getSavepath()."/".$upload->getFilename()); + } else { + $of = []; + $of['order_id'] = $new_id; + $of['file_id'] = $file_id; + $of['name'] = $file->name; + $of['description'] = $file->description; + + $orderfile = OrderFileModel::create($of); + if(!$orderfile->save()) { + $file->delete(); + unlink($upload->getSavepath()."/".$upload->getFilename()); + $this->layout()->setFlash("Dateiupload fehlgeschlagen", "warn"); + } + } + } + } diff --git a/lib/mvcfronk/mfUpload/mfUpload.php b/lib/mvcfronk/mfUpload/mfUpload.php index c9a2bd3fe..13db352b7 100644 --- a/lib/mvcfronk/mfUpload/mfUpload.php +++ b/lib/mvcfronk/mfUpload/mfUpload.php @@ -2,6 +2,7 @@ require_once(LIBDIR."/mvcfronk/mfUpload/mfUpload_TmpFile.php"); class mfUpload { + private $log; private $upload; private $size; private $savepath; @@ -25,66 +26,26 @@ class mfUpload { $this->filemode = MFUPLOAD_FILEMODE; } - if(!$this->upload=new mfUpload_TmpFile($uplName)) { + if(!$this->upload = new mfUpload_TmpFile($uplName)) { throw new Exception($this->upload->errormessage); } $this->original_filename = $this->upload->filename; - if(!$this->filename=$this->upload->getFilename()){ + if(!$this->filename = $this->upload->getFilename()){ throw new Exception($this->upload->errormessage); } if($randomFileName) { - $this->filename=$this->getRandomFilename().'-'.$this->filename; + $this->filename = $this->getRandomFilename().'-'.$this->filename; } - $this->size=$this->upload->getFileSize(); + $this->size = $this->upload->getFileSize(); if($this->size > MFUPLOAD_FILE_MAX_SIZE) { throw new Exception('File is too big. Maximum allowed filesize is '.(MFUPLOAD_FILE_MAX_SIZE).' MB'); } } - public function getSavepath() { - return $this->savepath; - } - - public function setSavepath($path) { - $this->savepath = $path; - return true; - } - - public function getOriginalFilename() { - return $this->original_filename; - } - - public function getFilename() { - return $this->filename; - } - - public function setFilename($name) { - $this->filename = $name; - } - - public function getSize() { - return $this->size; - } - - public function getDirmode() { - return $this->dirmode; - } - - public function setDirmode($mode) { - $this->dirmode=$mode; - } - - public function getFilemode() { - return $this->filemode; - } - - public function setFilemode($mode) { - $this->filemode = $mode; - } public function save() { if(!$this->savepath) { @@ -143,4 +104,72 @@ class mfUpload { $string=$rand.$string; return $string; } + + public function validatePDF() { + if(!$this->upload) { + return false; + } + + if(!$this->size) { + return false; + } + $this->log->debug("upload size: ".$this->size); + + $mime = $this->upload->getMimetype(); + $this->log->debug("upload mime: $mime"); + if(!stripos($mime, "pdf")) { + return false; + } + + $pdftext = $this->upload->pdftotext(); + //$this->log->debug("text: ".$pdftext); + if(strlen($pdftext) < 100) { + $this->log->warn("pdftotext less than 100 bytes (".$this->filename.")"); + return false; + } + + //$this->log->debug("upload text: $pdftext"); + return true; + } + + public function getSavepath() { + return $this->savepath; + } + + public function setSavepath($path) { + $this->savepath = $path; + return true; + } + + public function getOriginalFilename() { + return $this->original_filename; + } + + public function getFilename() { + return $this->filename; + } + + public function setFilename($name) { + $this->filename = $name; + } + + public function getSize() { + return $this->size; + } + + public function getDirmode() { + return $this->dirmode; + } + + public function setDirmode($mode) { + $this->dirmode=$mode; + } + + public function getFilemode() { + return $this->filemode; + } + + public function setFilemode($mode) { + $this->filemode = $mode; + } } diff --git a/lib/mvcfronk/mfUpload/mfUpload_TmpFile.php b/lib/mvcfronk/mfUpload/mfUpload_TmpFile.php index 5d71049de..1e858fce2 100644 --- a/lib/mvcfronk/mfUpload/mfUpload_TmpFile.php +++ b/lib/mvcfronk/mfUpload/mfUpload_TmpFile.php @@ -2,6 +2,7 @@ class mfUpload_TmpFile { + private $log; private $_file; public $filename; public $error; @@ -12,19 +13,21 @@ class mfUpload_TmpFile { public function __construct($_file) { + $this->log = mfLoghandler::singleton(); + if(count($_FILES[$_file])) { - $this->_file=$_FILES[$_file]; + $this->_file = $_FILES[$_file]; } else { - $this->errormessage="Upload not found"; + $this->errormessage = "Upload not found"; return false; } - $this->filename=$this->_file['name']; - $this->error=$this->_file['error']; - $this->tmp_name=$this->_file['tmp_name']; + $this->filename = $this->_file['name']; + $this->error = $this->_file['error']; + $this->tmp_name = $this->_file['tmp_name']; if(!file_exists($this->tmp_name)) { - $this->errormessage="An error occured during file upload. Please try again."; + $this->errormessage = "An error occured during file upload. Please try again."; return false; } @@ -83,5 +86,32 @@ class mfUpload_TmpFile { return $filename; } + + public function getMimetype() { + $finfo = new finfo(FILEINFO_MIME_TYPE); + $mime = $finfo->file($this->tmp_name); + + return $mime; + } + + public function pdftotext() { + $cmd .= PDFTOTEXT_BIN_PATH." ".$this->tmp_name." -"; + + $lines = []; + $retval = 0; + if(exec($cmd, $lines, $retval) === false) { + $this->log->error("Error running pdftotext, return code: $retval"); + return false; + } + + $text = implode("\n", $lines); + + if($retval !== 0) { + $this->log->error("pdftotext returned $retval"); + return false; + } + + return $text; + } }