<?php
-require_once 'exceptions/IOException.php';
+namespace Shaarli;
+
+use Shaarli\Exceptions\IOException;
/**
* Class FileUtils
* The file will be created if it doesn't exist.
*
* @param string $file File path.
- * @param string $content Content to write.
+ * @param mixed $content Content to write.
*
* @return int|bool Number of bytes written or false if it fails.
*
if (is_file($file) && !is_writeable($file)) {
// The datastore exists but is not writeable
throw new IOException($file);
- } else if (!is_file($file) && !is_writeable(dirname($file))) {
+ } elseif (!is_file($file) && !is_writeable(dirname($file))) {
// The datastore does not exist and its parent directory is not writeable
throw new IOException(dirname($file));
}
return file_put_contents(
$file,
- self::$phpPrefix.base64_encode(gzdeflate(serialize($content))).self::$phpSuffix
+ self::$phpPrefix . base64_encode(gzdeflate(serialize($content))) . self::$phpSuffix
);
}
/**
* Read data from a file containing Shaarli database format content.
- * If the file isn't readable or doesn't exists, default data will be returned.
+ *
+ * If the file isn't readable or doesn't exist, default data will be returned.
*
* @param string $file File path.
* @param mixed $default The default value to return if the file isn't readable.
{
// Note that gzinflate is faster than gzuncompress.
// See: http://www.php.net/manual/en/function.gzdeflate.php#96439
- if (is_readable($file)) {
- return unserialize(
- gzinflate(
- base64_decode(
- substr(file_get_contents($file), strlen(self::$phpPrefix), -strlen(self::$phpSuffix))
- )
+ if (!is_readable($file)) {
+ return $default;
+ }
+
+ $data = file_get_contents($file);
+ if ($data == '') {
+ return $default;
+ }
+
+ return unserialize(
+ gzinflate(
+ base64_decode(
+ substr($data, strlen(self::$phpPrefix), -strlen(self::$phpSuffix))
)
- );
+ )
+ );
+ }
+
+ /**
+ * Recursively deletes a folder content, and deletes itself optionally.
+ * If an excluded file is found, folders won't be deleted.
+ *
+ * Additional security: raise an exception if it tries to delete a folder outside of Shaarli directory.
+ *
+ * @param string $path
+ * @param bool $selfDelete Delete the provided folder if true, only its content if false.
+ * @param array $exclude
+ */
+ public static function clearFolder(string $path, bool $selfDelete, array $exclude = []): bool
+ {
+ $skipped = false;
+
+ if (!is_dir($path)) {
+ throw new IOException(t('Provided path is not a directory.'));
}
- return $default;
+ if (!static::isPathInShaarliFolder($path)) {
+ throw new IOException(t('Trying to delete a folder outside of Shaarli path.'));
+ }
+
+ foreach (new \DirectoryIterator($path) as $file) {
+ if($file->isDot()) {
+ continue;
+ }
+
+ if (in_array($file->getBasename(), $exclude, true)) {
+ $skipped = true;
+ continue;
+ }
+
+ if ($file->isFile()) {
+ unlink($file->getPathname());
+ } elseif($file->isDir()) {
+ $skipped = static::clearFolder($file->getRealPath(), true, $exclude) || $skipped;
+ }
+ }
+
+ if ($selfDelete && !$skipped) {
+ rmdir($path);
+ }
+
+ return $skipped;
+ }
+
+ /**
+ * Checks that the given path is inside Shaarli directory.
+ */
+ public static function isPathInShaarliFolder(string $path): bool
+ {
+ $rootDirectory = dirname(dirname(__FILE__));
+
+ return strpos(realpath($path), $rootDirectory) !== false;
}
}
projects / github / shaarli / Shaarli.git / blobdiff