From b0f7ac5be3634db2c52db93ca28635a72819e81d Mon Sep 17 00:00:00 2001 From: Erik Amaru Ortiz Date: Fri, 14 Feb 2014 13:08:56 -0400 Subject: [PATCH] adding a extension class UploadFormat for Restler, that now permits upload files with more mimetypes --- gulliver/system/class.bootstrap.php | 7 +- .../src/Extension/Restler/UploadFormat.php | 155 ++++++++++++++++++ 2 files changed, 160 insertions(+), 2 deletions(-) create mode 100644 workflow/engine/src/Extension/Restler/UploadFormat.php diff --git a/gulliver/system/class.bootstrap.php b/gulliver/system/class.bootstrap.php index d2465cf60..af37fe47d 100644 --- a/gulliver/system/class.bootstrap.php +++ b/gulliver/system/class.bootstrap.php @@ -1132,9 +1132,12 @@ class Bootstrap // Setting default OAuth Client id, for local PM Web Designer \Services\Api\OAuth2\Server::setPmClientId($pmOauthClientId); - $rest->setSupportedFormats('JsonFormat', 'XmlFormat'); + require_once PATH_CORE . "src/Extension/Restler/UploadFormat.php"; + //require_once PATH_CORE + + //$rest->setSupportedFormats('JsonFormat', 'XmlFormat', 'UploadFormat'); //$rest->setOverridingFormats('UploadFormat', 'JsonFormat', 'XmlFormat', 'HtmlFormat'); - $rest->setOverridingFormats('HtmlFormat', 'JsonFormat', 'UploadFormat'); + $rest->setOverridingFormats('JsonFormat', 'UploadFormat'); // Override $_SERVER['REQUEST_URI'] to Restler handles the current url correctly diff --git a/workflow/engine/src/Extension/Restler/UploadFormat.php b/workflow/engine/src/Extension/Restler/UploadFormat.php new file mode 100644 index 000000000..feb03b9e1 --- /dev/null +++ b/workflow/engine/src/Extension/Restler/UploadFormat.php @@ -0,0 +1,155 @@ + + */ +class UploadFormat extends Format +{ + const MIME = 'multipart/form-data'; + const EXTENSION = 'post'; + /** + * use it if you need to restrict uploads based on file type + * setting it as an empty array allows all file types + * default is to allow only png and jpeg images + * + * @var array + */ + public static $allowedMimeTypes = array( + 'image/jpeg', + 'image/png', + 'image/png', + 'application/octet-stream', + 'text/plain', + 'text/xml', + 'text/html', + 'text/css' + ); + /** + * use it to restrict uploads based on file size + * set it to 0 to allow all sizes + * please note that it upload restrictions in the server + * takes precedence so it has to be lower than or equal to that + * default value is 1MB (1024x1024)bytes + * usual value for the server is 8388608 + * + * @var int + */ + public static $maximumFileSize = 1048576; + /** + * Your own validation function for validating each uploaded file + * it can return false or throw an exception for invalid file + * use anonymous function / closure in PHP 5.3 and above + * use function name in other cases + * + * @var Callable + */ + public static $customValidationFunction; + /** + * Since exceptions are triggered way before at the `get` stage + * + * @var bool + */ + public static $suppressExceptionsAsError = false; + + protected static function checkFile(& $file, $doMimeCheck = false, $doSizeCheck = false) + { + try { + if ($file['error']) { + //server is throwing an error + //assume that the error is due to maximum size limit + throw new RestException(413, "Uploaded file ({$file['name']}) is too big."); + } + if ($doMimeCheck && !in_array($file['type'], + self::$allowedMimeTypes) + ) { + throw new RestException(403, "File type ({$file['type']}) is not supported."); + } + if ($doSizeCheck && $file['size'] > self::$maximumFileSize) { + throw new RestException(413, "Uploaded file ({$file['name']}) is too big."); + } + if (self::$customValidationFunction) { + if (!call_user_func(self::$customValidationFunction, $file)) { + throw new RestException(403, "File ({$file['name']}) is not supported."); + } + } + } catch (RestException $e) { + if (static::$suppressExceptionsAsError) { + $file['error'] = true; + $file['exception'] = $e; + } else { + throw $e; + } + } + } + + public function encode($data, $humanReadable = false) + { + throw new RestException(500, 'UploadFormat is read only'); + } + + public function decode($data) + { + $doMimeCheck = !empty(self::$allowedMimeTypes); + $doSizeCheck = self::$maximumFileSize ? TRUE : FALSE; + //validate + foreach ($_FILES as & $file) { + if (is_array($file['error'])) { + foreach ($file['error'] as $i => $error) { + $innerFile = array(); + foreach ($file as $property => $value) { + $innerFile[$property] = $value[$i]; + } + if ($innerFile['name']) + static::checkFile($innerFile, $doMimeCheck, $doSizeCheck); + if (isset($innerFile['exception'])) { + $file['error'] = true; + $file['exception'] = $innerFile['exception']; + break; + } + } + } else { + if ($file['name']) + static::checkFile($file, $doMimeCheck, $doSizeCheck); + if (isset($innerFile['exception'])) { + break; + } + } + } + //sort file order if needed; + return $_FILES + $_POST; + } + + function isWritable() + { + return false; + } + +} + + + +///** +// * Extending UploadFormat Support for Multi Part Form Data and File Uploads +// * +// * @category Framework +// * @author Erik Amaru Ortiz +// */ +//class UploadFormat extends \Luracast\Restler\Format\UploadFormat +//{ +// protected static function checkFile(& $file, $doMimeCheck = false, $doSizeCheck = false) +// { +// self::$allowedMimeTypes = array( +// 'image/jpeg', +// 'image/png', +// 'application/octet-stream' +// ); +// +// parent::checkFile($file, $doMimeCheck, $doSizeCheck); +// } +//}