1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
|
<?php
/**
* Implements uploading from previously stored file.
*
* @ingroup Upload
* @author Bryan Tong Minh
*/
class UploadFromStash extends UploadBase {
protected $mFileKey, $mVirtualTempPath, $mFileProps, $mSourceType;
// an instance of UploadStash
private $stash;
//LocalFile repo
private $repo;
/**
* @param $user User
* @param $stash UploadStash
* @param $repo FileRepo
*/
public function __construct( $user = false, $stash = false, $repo = false ) {
// user object. sometimes this won't exist, as when running from cron.
$this->user = $user;
if( $repo ) {
$this->repo = $repo;
} else {
$this->repo = RepoGroup::singleton()->getLocalRepo();
}
if( $stash ) {
$this->stash = $stash;
} else {
if( $user ) {
wfDebug( __METHOD__ . " creating new UploadStash instance for " . $user->getId() . "\n" );
} else {
wfDebug( __METHOD__ . " creating new UploadStash instance with no user\n" );
}
$this->stash = new UploadStash( $this->repo, $this->user );
}
return true;
}
/**
* @param $key string
* @return bool
*/
public static function isValidKey( $key ) {
// this is checked in more detail in UploadStash
return (bool)preg_match( UploadStash::KEY_FORMAT_REGEX, $key );
}
/**
* @param $request WebRequest
*
* @return Boolean
*/
public static function isValidRequest( $request ) {
// this passes wpSessionKey to getText() as a default when wpFileKey isn't set.
// wpSessionKey has no default which guarantees failure if both are missing
// (though that should have been caught earlier)
return self::isValidKey( $request->getText( 'wpFileKey', $request->getText( 'wpSessionKey' ) ) );
}
/**
* @param $key string
* @param $name string
*/
public function initialize( $key, $name = 'upload_file' ) {
/**
* Confirming a temporarily stashed upload.
* We don't want path names to be forged, so we keep
* them in the session on the server and just give
* an opaque key to the user agent.
*/
$metadata = $this->stash->getMetadata( $key );
$this->initializePathInfo( $name,
$this->getRealPath ( $metadata['us_path'] ),
$metadata['us_size'],
false
);
$this->mFileKey = $key;
$this->mVirtualTempPath = $metadata['us_path'];
$this->mFileProps = $this->stash->getFileProps( $key );
$this->mSourceType = $metadata['us_source_type'];
}
/**
* @param $request WebRequest
*/
public function initializeFromRequest( &$request ) {
// sends wpSessionKey as a default when wpFileKey is missing
$fileKey = $request->getText( 'wpFileKey', $request->getText( 'wpSessionKey' ) );
// chooses one of wpDestFile, wpUploadFile, filename in that order.
$desiredDestName = $request->getText( 'wpDestFile', $request->getText( 'wpUploadFile', $request->getText( 'filename' ) ) );
return $this->initialize( $fileKey, $desiredDestName );
}
/**
* @return string
*/
public function getSourceType() {
return $this->mSourceType;
}
/**
* File has been previously verified so no need to do so again.
*
* @return bool
*/
protected function verifyFile() {
return true;
}
/**
* Stash the file.
*
* @return UploadStashFile
*/
public function stashFile() {
// replace mLocalFile with an instance of UploadStashFile, which adds some methods
// that are useful for stashed files.
$this->mLocalFile = parent::stashFile();
return $this->mLocalFile;
}
/**
* This should return the key instead of the UploadStashFile instance, for backward compatibility.
* @return String
*/
public function stashSession() {
return $this->stashFile()->getFileKey();
}
/**
* Remove a temporarily kept file stashed by saveTempUploadedFile().
* @return success
*/
public function unsaveUploadedFile() {
return $this->stash->removeFile( $this->mFileKey );
}
/**
* Perform the upload, then remove the database record afterward.
* @param $comment string
* @param $pageText string
* @param $watch bool
* @param $user User
* @return Status
*/
public function performUpload( $comment, $pageText, $watch, $user ) {
$rv = parent::performUpload( $comment, $pageText, $watch, $user );
$this->unsaveUploadedFile();
return $rv;
}
}
|
