Commit bd8e5620 authored by Richard Mansfield's avatar Richard Mansfield
Browse files

Remove allowed filetypes list (bug 3107)

parent 0b7c2fd6
......@@ -157,27 +157,12 @@ class PluginBlocktypeInternalmedia extends PluginBlocktype {
$filetypes = array();
$currenttypes = self::get_allowed_filetypes();
if (!$plugindisabled = get_column_sql('SELECT description
FROM {artefact_file_file_types}
WHERE enabled = 0')) {
$plugindisabled = array();
}
foreach (self::get_all_filetypes() as $filetype) {
if (in_array($filetype, $plugindisabled)) {
$filetypes[$filetype] = array(
'type' => 'checkbox',
'title' => get_string($filetype, 'artefact.file'),
'value' => false,
'disabled' => true,
);
}
else {
$filetypes[$filetype] = array(
'type' => 'checkbox',
'title' => get_string($filetype, 'artefact.file'),
'defaultvalue' => in_array($filetype, $currenttypes),
);
}
$filetypes[$filetype] = array(
'type' => 'checkbox',
'title' => get_string($filetype, 'artefact.file'),
'defaultvalue' => in_array($filetype, $currenttypes),
);
}
uasort($filetypes, create_function('$a, $b', 'return $a["title"] > $b["title"];'));
$filetypes = array_merge(
......
......@@ -26,15 +26,6 @@
<KEY NAME="artefactfk" TYPE="foreign" FIELDS="artefact" REFTABLE="artefact" REFFIELDS="id" />
</KEYS>
</TABLE>
<TABLE NAME="artefact_file_file_types">
<FIELDS>
<FIELD NAME="description" TYPE="char" LENGTH="32" NOTNULL="true"/>
<FIELD NAME="enabled" TYPE="int" LENGTH="1" NOTNULL="true" DEFAULT="1"/>
</FIELDS>
<KEYS>
<KEY NAME="primary" TYPE="primary" FIELDS="description"/>
</KEYS>
</TABLE>
<TABLE NAME="artefact_file_mime_types">
<FIELDS>
<FIELD NAME="mimetype" TYPE="char" LENGTH="128" NOTNULL="true"/>
......@@ -42,7 +33,6 @@
</FIELDS>
<KEYS>
<KEY NAME="primary" TYPE="primary" FIELDS="mimetype"/>
<KEY NAME="descriptionfk" TYPE="foreign" FIELDS="description" REFTABLE="artefact_file_file_types" REFFIELDS="description"/>
</KEY>
</TABLE>
</TABLES>
......
......@@ -194,8 +194,17 @@ function xmldb_artefact_file_upgrade($oldversion=0) {
}
}
if ($oldversion < 2009021200) {
$table = new XMLDBTable('artefact_file_mime_types');
$key = new XMLDBKey('artefilemimetype_des_fk');
$key->setAttributes(XMLDB_KEY_FOREIGN, array('description'), 'artefact_file_file_types', array('description'));
drop_key($table, $key);
$table = new XMLDBTable('artefact_file_file_types');
drop_table($table);
PluginArtefactFile::resync_filetype_list();
}
// everything up to here we pre mysql support.
return $status;
}
......
......@@ -3,42 +3,36 @@
<!-- Text based formats -->
<filetype>
<description>txt</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>text/plain</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>html</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>text/html</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>xml</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>text/xml</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>js</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>application/x-javascript</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>rtf</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>text/rtf</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>sh</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>application/x-sh</mimetype>
</mimetypes>
......@@ -47,7 +41,6 @@
<!-- Archive/compression formats -->
<filetype>
<description>zip</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>application/zip</mimetype>
<mimetype>application/x-zip</mimetype>
......@@ -55,7 +48,6 @@
</filetype>
<filetype>
<description>tar</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>application/x-tar</mimetype>
<mimetype>application/x-gtar</mimetype>
......@@ -63,14 +55,12 @@
</filetype>
<filetype>
<description>gz</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>application/g-zip</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>bz2</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>application/x-bzip2</mimetype>
</mimetypes>
......@@ -79,28 +69,24 @@
<!-- Image formats -->
<filetype>
<description>jpeg</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>image/jpeg</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>gif</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>image/gif</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>png</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>image/png</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>bmp</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>image/bmp</mimetype>
<mimetype>image/x-bmp</mimetype>
......@@ -112,7 +98,6 @@
<!-- Movie formats -->
<filetype>
<description>avi</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>video/x-ms-wm</mimetype>
<mimetype>video/x-ms-wmv</mimetype>
......@@ -122,56 +107,48 @@
</filetype>
<filetype>
<description>quicktime</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>video/quicktime</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>sgi_movie</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>video/x-sgi-movie</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>m3u</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>audio/x-mpegurl</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>mpeg</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>video/mpeg</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>mp4_video</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>video/mp4</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>wmv</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>video/ms-wmv</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>swf</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>application/x-shockwave-flash</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>flv</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>application/x-flash-video</mimetype>
</mimetypes>
......@@ -180,28 +157,24 @@
<!-- Audio types -->
<filetype>
<description>aiff</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>audio/x-aiff</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>au</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>audio/au</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>dss</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>video/unknown</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>mp3</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>audio/mp3</mimetype>
<mimetype>audio/mpeg</mimetype>
......@@ -209,14 +182,12 @@
</filetype>
<filetype>
<description>mp4_audio</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>audio/mp4</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>ra</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>audio/x-realaudio</mimetype>
<mimetype>audio/x-pn-realaudio</mimetype>
......@@ -224,7 +195,6 @@
</filetype>
<filetype>
<description>wav</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>audio/wav</mimetype>
</mimetypes>
......@@ -233,112 +203,96 @@
<!-- Office document/presentation formats -->
<filetype>
<description>odt</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>application/vnd.oasis.opendocument.text</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>ott</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>application/vnd.oasis.opendocument.text-template</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>oth</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>application/vnd.oasis.opendocument.text-web</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>odm</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>application/vnd.oasis.opendocument.text-master</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>odg</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>application/vnd.oasis.opendocument.graphics</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>odp</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>application/vnd.oasis.opendocument.presentation</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>ods</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>application/vnd.oasis.opendocument.spreadsheet</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>odc</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>application/vnd.oasis.opendocument.chart</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>odf</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>application/vnd.oasis.opendocument.formula</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>odb</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>application/vnd.oasis.opendocument.database</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>odi</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>application/vnd.oasis.opendocument.image</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>doc</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>application/msword</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>ppt</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>application/vnd.ms-powerpoint</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>ai</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>application/postscript</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>latex</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>application/x-latex</mimetype>
</mimetypes>
</filetype>
<filetype>
<description>pdf</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>application/pdf</mimetype>
</mimetypes>
......@@ -347,7 +301,6 @@
<!-- General types -->
<filetype>
<description>application</description>
<enabled>1</enabled>
<mimetypes>
<mimetype>application/octet-stream</mimetype>
</mimetypes>
......
......@@ -62,8 +62,6 @@ $string['filemoved'] = 'File moved successfully';
$string['filenamefieldisrequired'] = 'The file field is required';
$string['fileinstructions'] = 'Upload your images, documents, or other files for inclusion in views. To move a file or folder, drag and drop it onto a folder.';
$string['filethingdeleted'] = '%s deleted';
$string['filetypes'] = 'Configure Uploadable File Types';
$string['filetypedescription'] = '<p>You may configure the allowed file types that users can upload here. This grants you more control over what can be uploaded. This checking is performed in addition to virus checking, if you have virus checking turned on.</p><p>Note that &quot;Unknown Application&quot; may be necessary for some movies and archive files (such as gzip) to work.<p>';
$string['folder'] = 'Folder';
$string['Folders'] = 'Folders';
$string['foldercreated'] = 'Folder created';
......
......@@ -195,84 +195,44 @@ class PluginArtefactFile extends PluginArtefact {
db_begin();
log_info('Beginning resync of filetype list');
$currentlist = get_column('artefact_file_file_types', 'description');
$currentlist = get_records_assoc('artefact_file_mime_types');
$newlist = xmlize(file_get_contents(get_config('docroot') . 'artefact/file/filetypes.xml'));
$filetypes = $newlist['filetypes']['#']['filetype'];
$newfiletypes = array();
$filetypes = $newlist['filetypes']['#']['filetype'];
$newtypes = array();
// Step one: if a filetype is in the new list that is not in the current
// Step one: if a mimetype is in the new list that is not in the current
// list, add it to the current list.
foreach ($filetypes as $filetype) {
$type = $filetype['#']['description'][0]['#'];
if (!in_array($type, $currentlist)) {
log_debug('Adding filetype: ' . $type);
$currentlist[] = $type;
$record = new StdClass;
$record->description = $type;
$record->enabled = $filetype['#']['enabled'][0]['#'];
insert_record('artefact_file_file_types', $record);
$description = $filetype['#']['description'][0]['#'];
foreach ($filetype['#']['mimetypes'][0]['#']['mimetype'] as $type) {
$mimetype = $type['#'];
if (!isset($currentlist[$mimetype])) {
log_debug('Adding mimetype: ' . $mimetype . ' (' . $description . ')');
execute_sql("INSERT INTO {artefact_file_mime_types} (mimetype, description) VALUES (?,?)", array($mimetype, $description));
$newtypes[$mimetype] = true;
}
else if ($currentlist[$mimetype]->description != $description) {
log_debug('Updating mimetype: ' . $mimetype . ' (' . $description . ')');
execute_sql("UPDATE {artefact_file_mime_types} SET description = ? WHERE mimetype = ?", array($description, $mimetype));
$newtypes[$mimetype] = true;
}
$currentlist[$mimetype] = (object) array(
'mimetype' => $mimetype,
'description' => $description,
);
}
$newfiletypes[] = $type;
}
// Step two: If a filetype is in the current list that is not in the
// Step two: If a mimetype is in the current list that is not in the
// new list, remove it from the current list.
foreach ($currentlist as $key => $type) {
if (!in_array($type, $newfiletypes)) {
log_debug('Removing filetype: ' . $type);
unset($currentlist[$key]);
delete_records('artefact_file_mime_types', 'description', $type);
delete_records('artefact_file_file_types', 'description', $type);
}
}
// Get a list of all current mimetypes for each file type
$currentmimetypes = array();
$dbmimetypes = get_records_array('artefact_file_mime_types');
if ($dbmimetypes) {
foreach ($dbmimetypes as $mimetype) {
$currentmimetypes[$mimetype->description][] = $mimetype->mimetype;
}
}
unset($dbmimetypes);
// Step three: For each filetype in the current list, update the mime
// types allowed for it if necessary
foreach ($currentlist as $description) {
// Get the new mime types
$newmimetypes = array();
foreach ($filetypes as $filetype) {
if ($filetype['#']['description'][0]['#'] == $description) {
foreach ($filetype['#']['mimetypes'][0]['#']['mimetype'] as $mimetype) {
$newmimetypes[] = $mimetype['#'];
}
}
}
// Roll up roll up to see the famous array_equals implementation!
// You'd think PHP would have a way to do this, but I couldn't find
// it...
sort($newmimetypes);
if (isset($currentmimetypes[$description])) {
sort($currentmimetypes[$description]);
}
if ((!isset($currentmimetypes[$description]) && $newmimetypes)
|| ((join('', $currentmimetypes[$description]) != join('', $newmimetypes)))) {
log_debug('Updating mime types for ' . $description);
delete_records('artefact_file_mime_types', 'description', $description);
foreach ($newmimetypes as $newmimetype) {
$record = new StdClass;
$record->mimetype = $newmimetype;
$record->description = $description;
insert_record('artefact_file_mime_types', $record);
}
foreach ($currentlist as $mimetype => $type) {
if (!isset($newtypes[$mimetype])) {
log_debug('Removing mimetype: ' . $mimetype);
delete_records('artefact_file_mime_types', 'mimetype', $mimetype);
}
}
db_commit();
//db_rollback();
}
}
......@@ -968,30 +928,6 @@ class ArtefactTypeFile extends ArtefactTypeFileBase {
'collapsible' => true
);
// Allowed file types
$filetypes = array();
foreach (get_records_array('artefact_file_file_types', null, null, 'description') as $filetype) {
$filetype->description = preg_replace('/[^a-zA-Z0-9_]/', '_', $filetype->description);
$filetypes[$filetype->description] = array(
'type' => 'checkbox',
'title' => get_string($filetype->description, 'artefact.file'),
'defaultvalue' => $filetype->enabled
);
}
uasort($filetypes, create_function('$a, $b', 'return $a["title"] > $b["title"];'));
$filetypes = array_merge(array(
'filetypedescription' => array(
'value' => '<tr><td colspan="2">' . get_string('filetypedescription', 'artefact.file') . '</td></tr>'
)
), $filetypes);
$elements['filetypes'] = array(
'type' => 'fieldset',
'legend' => get_string('filetypes', 'artefact.file'),
'elements' => $filetypes,
'collapsible' => true,
'collapsed' => true
);
return array(
'elements' => $elements,
'renderer' => 'table'
......@@ -1002,11 +938,6 @@ class ArtefactTypeFile extends ArtefactTypeFileBase {
set_config_plugin('artefact', 'file', 'defaultquota', $values['defaultquota']);
set_config_plugin('artefact', 'file', 'profileiconwidth', $values['profileiconwidth']);
set_config_plugin('artefact', 'file', 'profileiconheight', $values['profileiconheight']);
foreach (get_records_array('artefact_file_file_types') as $filetype) {
$key = preg_replace('/[^a-zA-Z0-9_]/', '_', $filetype->description);
$filetype->enabled = intval($values[$key]);
update_record('artefact_file_file_types', $filetype, 'description');
}
}
public function describe_size() {
......
......@@ -27,7 +27,7 @@
defined('INTERNAL') || die();
$config = new StdClass;
$config->version = 2009011200;
$config->version = 2009021300;
$config->release = '0.4.3';
?>
......@@ -515,7 +515,6 @@ $string['uploadedfiletoobig'] = 'The file was too big. Please ask your administr
$string['notphpuploadedfile'] = 'The file was lost in the upload process. This should not happen, please contact your administrator for more information.';
$string['virusfounduser'] = 'The file you have uploaded, %s, has been scanned by a virus checker and found to be infected! Your file upload was NOT successful.';
$string['fileunknowntype'] = 'The type of your uploaded file could not be determined. Your file may be corrupted, or it could be a configuration problem. Please contact your administrator.';
$string['filetypenotallowed'] = 'You are not allowed to upload files of this type. Please contact your administrator for more information.';
$string['virusrepeatsubject'] = 'Warning: %s is a repeat virus uploader.';
$string['virusrepeatmessage'] = 'The user %s has uploaded multiple files which have been scanned by a virus checker and found to be infected.';
......
......@@ -83,20 +83,6 @@ class upload_manager {
return get_string('notphpuploadedfile');
}
// Check the file type is allowed.
$type = $file['type'];
if ($type) {
if ($type != 'application/x-empty' && substr($type, 0, 5) != 'text/') {
$validtypes = get_column_sql('SELECT mimetype
FROM {artefact_file_mime_types} m
LEFT JOIN {artefact_file_file_types} f ON (m.description = f.description)
WHERE f.enabled = 1');
if (!in_array($type, $validtypes)) {
return get_string('filetypenotallowed');
}
}
}
if (get_config('viruschecking') && ($errormsg = clam_scan_file($file))) {
return $errormsg;
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please