X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=application%2FFileUtils.php;h=3f940751ccdcc9f7b2f720ee7f04eedc40d83920;hb=refs%2Fpull%2F1604%2Fhead;hp=6a12ef0e15cf0d338895677519cff7f0cfdf6ea0;hpb=0def004963c62ff1edfce16272a87ba9f0c87e16;p=github%2Fshaarli%2FShaarli.git diff --git a/application/FileUtils.php b/application/FileUtils.php index 6a12ef0e..3f940751 100644 --- a/application/FileUtils.php +++ b/application/FileUtils.php @@ -1,19 +1,140 @@ '; + + /** + * Write data into a file (Shaarli database format). + * The data is stored in a PHP file, as a comment, in compressed base64 format. + * + * The file will be created if it doesn't exist. + * + * @param string $file File path. + * @param mixed $content Content to write. + * + * @return int|bool Number of bytes written or false if it fails. + * + * @throws IOException The destination file can't be written. + */ + public static function writeFlatDB($file, $content) + { + if (is_file($file) && !is_writeable($file)) { + // The datastore exists but is not writeable + throw new IOException($file); + } elseif (!is_file($file) && !is_writeable(dirname($file))) { + // The datastore does not exist and its parent directory is not writeable + throw new IOException(dirname($file)); + } + + return file_put_contents( + $file, + self::$phpPrefix . base64_encode(gzdeflate(serialize($content))) . self::$phpSuffix + ); + } + + /** + * Read data from a file containing Shaarli database format content. + * + * If the file isn't readable or doesn't exist, default data will be returned. + * + * @param string $file File path. + * @param mixed $default The default value to return if the file isn't readable. + * + * @return mixed The content unserialized, or default if the file isn't readable, or false if it fails. + */ + public static function readFlatDB($file, $default = null) + { + // Note that gzinflate is faster than gzuncompress. + // See: http://www.php.net/manual/en/function.gzdeflate.php#96439 + if (!is_readable($file)) { + return $default; + } + + $data = file_get_contents($file); + if ($data == '') { + return $default; + } + + return unserialize( + gzinflate( + base64_decode( + substr($data, strlen(self::$phpPrefix), -strlen(self::$phpSuffix)) + ) + ) + ); + } /** - * Construct a new IOException + * Recursively deletes a folder content, and deletes itself optionally. + * If an excluded file is found, folders won't be deleted. + * + * Additional security: raise an exception if it tries to delete a folder outside of Shaarli directory. * - * @param string $path path to the ressource that cannot be accessed + * @param string $path + * @param bool $selfDelete Delete the provided folder if true, only its content if false. + * @param array $exclude */ - public function __construct($path) + public static function clearFolder(string $path, bool $selfDelete, array $exclude = []): bool { - $this->path = $path; - $this->message = 'Error accessing '.$this->path; + $skipped = false; + + if (!is_dir($path)) { + throw new IOException(t('Provided path is not a directory.')); + } + + if (!static::isPathInShaarliFolder($path)) { + throw new IOException(t('Trying to delete a folder outside of Shaarli path.')); + } + + foreach (new \DirectoryIterator($path) as $file) { + if($file->isDot()) { + continue; + } + + if (in_array($file->getBasename(), $exclude, true)) { + $skipped = true; + continue; + } + + if ($file->isFile()) { + unlink($file->getPathname()); + } elseif($file->isDir()) { + $skipped = static::clearFolder($file->getRealPath(), true, $exclude) || $skipped; + } + } + + if ($selfDelete && !$skipped) { + rmdir($path); + } + + return $skipped; + } + + /** + * Checks that the given path is inside Shaarli directory. + */ + public static function isPathInShaarliFolder(string $path): bool + { + $rootDirectory = dirname(dirname(__FILE__)); + + return strpos(realpath($path), $rootDirectory) !== false; } }