Issues in MediaController.php - New Issues - Inspection of "Merge pull request #2681 from Numkil/feature/csrfP..." - Kunstmaan/KunstmaanBundlesCMS - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 947afa...ae5e03 )

by Jeroen

created 2020-07-07 14:00 UTC

MediaBundle/Controller/MediaController.php (1 issue)

Labels

Bug 1

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

namespace Kunstmaan\MediaBundle\Controller;

use Exception;
use Kunstmaan\AdminBundle\FlashMessages\FlashTypes;
use Kunstmaan\MediaBundle\Entity\Folder;
use Kunstmaan\MediaBundle\Entity\Media;
use Kunstmaan\MediaBundle\Form\BulkMoveMediaType;
use Kunstmaan\MediaBundle\Helper\MediaManager;
use Symfony\Component\Routing\Annotation\Route;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\HttpFoundation\File\File;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;

/**
 * MediaController
 */
class MediaController extends Controller
{
    /**
     * @param Request $request
     * @param int     $mediaId
     *
     * @Route("/{mediaId}", requirements={"mediaId" = "\d+"}, name="KunstmaanMediaBundle_media_show")
     *
     * @return Response
     */
    public function showAction(Request $request, $mediaId)
    {
        $em = $this->getDoctrine()->getManager();

        /* @var Media $media */
        $media = $em->getRepository(Media::class)->getMedia($mediaId);
        $folder = $media->getFolder();

        /* @var MediaManager $mediaManager */
        $mediaManager = $this->get('kunstmaan_media.media_manager');
        $handler = $mediaManager->getHandler($media);
        $helper = $handler->getFormHelper($media);

        $form = $this->createForm($handler->getFormType(), $helper, $handler->getFormTypeOptions());

        if ($request->isMethod('POST')) {
            $form->handleRequest($request);
            if ($form->isSubmitted() && $form->isValid()) {
                $media = $helper->getMedia();
                $em->getRepository(Media::class)->save($media);

                return new RedirectResponse(
                    $this->generateUrl(
                        'KunstmaanMediaBundle_media_show',
                        ['mediaId' => $media->getId()]
                    )
                );
            }
        }
        $showTemplate = $mediaManager->getHandler($media)->getShowTemplate($media);

        return $this->render(
            $showTemplate,
            [
                'handler' => $handler,
                'foldermanager' => $this->get('kunstmaan_media.folder_manager'),
                'mediamanager' => $this->get('kunstmaan_media.media_manager'),
                'editform' => $form->createView(),
                'media' => $media,
                'helper' => $helper,
                'folder' => $folder,
            ]
        );
    }

    /**
     * @param Request $request
     * @param int     $mediaId
     *
     * @Route("/delete/{mediaId}", requirements={"mediaId" = "\d+"}, name="KunstmaanMediaBundle_media_delete")
     *
     * @return RedirectResponse
     */
    public function deleteAction(Request $request, $mediaId)
    {
        $em = $this->getDoctrine()->getManager();

        /* @var Media $media */
        $media = $em->getRepository(Media::class)->getMedia($mediaId);
        $medianame = $media->getName();
        $folder = $media->getFolder();

        $em->getRepository(Media::class)->delete($media);

        $this->addFlash(
            FlashTypes::SUCCESS,
            $this->get('translator')->trans(
                'kuma_admin.media.flash.deleted_success.%medianame%',
                [
                    '%medianame%' => $medianame,
                ]
            )
        );

        // If the redirect url is passed via the url we use it
        $redirectUrl = $request->query->get('redirectUrl');
        if (empty($redirectUrl) || (\strpos($redirectUrl, $request->getSchemeAndHttpHost()) !== 0 && strncmp($redirectUrl, '/', 1) !== 0)) {
            $redirectUrl = $this->generateUrl(
                'KunstmaanMediaBundle_folder_show',
                ['folderId' => $folder->getId()]
            );
        }

        return new RedirectResponse($redirectUrl);
    }

    /**
     * @param int $folderId
     *
     * @Route("bulkupload/{folderId}", requirements={"folderId" = "\d+"}, name="KunstmaanMediaBundle_media_bulk_upload")
     * @Template("@KunstmaanMedia/Media/bulkUpload.html.twig")
     *
     * @return array|RedirectResponse
     */
    public function bulkUploadAction($folderId)
    {
        $em = $this->getDoctrine()->getManager();

        /* @var Folder $folder */
        $folder = $em->getRepository(Folder::class)->getFolder($folderId);

        return ['folder' => $folder];
    }

    /**
     * @param Request $request
     * @param int     $folderId
     *
     * @Route("bulkuploadsubmit/{folderId}", requirements={"folderId" = "\d+"}, name="KunstmaanMediaBundle_media_bulk_upload_submit", methods={"POST"})
     *
     * @return JsonResponse
     */
    public function bulkUploadSubmitAction(Request $request, $folderId)
    {
        // Settings
        if (\ini_get('upload_tmp_dir')) {
            $tempDir = \ini_get('upload_tmp_dir');
        } else {
            $tempDir = \sys_get_temp_dir();
        }
        $targetDir = \rtrim($tempDir, '/').DIRECTORY_SEPARATOR.'plupload';
        $cleanupTargetDir = true; // Remove old files
        $maxFileAge = 5 * 60 * 60; // Temp file age in seconds

        // Create target dir
        if (!\file_exists($targetDir)) {
            @\mkdir($targetDir);
        }

        $submittedToken = $request->headers->get('x-upload-token');
        if (!$this->isCsrfTokenValid('bulk-upload-media', $submittedToken)) {
/**
 * @return array|string
 */
function returnsDifferentValues($x) {
    if ($x) {
        return 'foo';
    }

    return array();
}

$x = returnsDifferentValues($y);
if (is_array($x)) {
    // $x is an array.
}
            return $this->returnJsonError('105', 'Could not verify token');
        }

        // Get a file name
        if ($request->request->has('name')) {
            $fileName = $request->request->get('name');
        } elseif (0 !== $request->files->count()) {
            $fileName = $request->files->get('file')['name'];
        } else {
            $fileName = \uniqid('file_', false);
        }
        $filePath = $targetDir.DIRECTORY_SEPARATOR.$fileName;

        $chunk = 0;
        $chunks = 0;
        // Chunking might be enabled
        if ($request->request->has('chunk')) {
            $chunk = $request->request->getInt('chunk');
        }
        if ($request->request->has('chunks')) {
            $chunks = $request->request->getInt('chunks');
        }

        // Remove old temp files
        if ($cleanupTargetDir) {
            if (!\is_dir($targetDir) || !$dir = \opendir($targetDir)) {
                return $this->returnJsonError('100', 'Failed to open temp directory.');
            }

            while (($file = \readdir($dir)) !== false) {
                $tmpFilePath = $targetDir.DIRECTORY_SEPARATOR.$file;

                // If temp file is current file proceed to the next
                if ($tmpFilePath === "{$filePath}.part") {
                    continue;
                }

                // Remove temp file if it is older than the max age and is not the current file
                if (\preg_match('/\.part$/', $file) && (\filemtime($tmpFilePath) < \time() - $maxFileAge)) {
                    $success = @\unlink($tmpFilePath);
                    if ($success !== true) {
                        return $this->returnJsonError('106', 'Could not remove temp file: '.$filePath);
                    }
                }
            }
            \closedir($dir);
        }

        // Open temp file
        if (!$out = @\fopen("{$filePath}.part", $chunks ? 'ab' : 'wb')) {
            return $this->returnJsonError('102', 'Failed to open output stream.');
        }

        if (0 !== $request->files->count()) {
            $_file = $request->files->get('file');
            if ($_file->getError() > 0 || !\is_uploaded_file($_file->getRealPath())) {
                return $this->returnJsonError('103', 'Failed to move uploaded file.');
            }

            // Read binary input stream and append it to temp file
            if (!$input = @\fopen($_file->getRealPath(), 'rb')) {
                return $this->returnJsonError('101', 'Failed to open input stream.');
            }
        } else {
            if (!$input = @\fopen('php://input', 'rb')) {
                return $this->returnJsonError('101', 'Failed to open input stream.');
            }
        }

        while ($buff = \fread($input, 4096)) {
            \fwrite($out, $buff);
        }

        @\fclose($out);
        @\fclose($input);

        // Check if file has been uploaded
        if (!$chunks || $chunk === $chunks - 1) {
            // Strip the temp .part suffix off
            \rename("{$filePath}.part", $filePath);
        }

        $em = $this->getDoctrine()->getManager();
        /* @var Folder $folder */
        $folder = $em->getRepository(Folder::class)->getFolder($folderId);
        $file = new File($filePath);

        try {
            /* @var Media $media */
            $media = $this->get('kunstmaan_media.media_manager')->getHandler($file)->createNew($file);
            $media->setFolder($folder);
            $em->getRepository(Media::class)->save($media);
        } catch (Exception $e) {
            return $this->returnJsonError('104', 'Failed performing save on media-manager');
        }

        $success = \unlink($filePath);
        if ($success !== true) {
            return $this->returnJsonError('105', 'Could not remove temp file: '.$filePath);
        }

        // Send headers making sure that the file is not cached (as it happens for example on iOS devices)
        $response = new JsonResponse(
            [
                'jsonrpc' => '2.0',
                'result' => '',
                'id' => 'id',
            ], JsonResponse::HTTP_OK, [
                'Expires' => 'Mon, 26 Jul 1997 05:00:00 GMT',
                'Last-Modified' => \gmdate('D, d M Y H:i:s').' GMT',
                'Cache-Control' => 'no-store, no-cache, must-revalidate, post-check=0, pre-check=0',
                'Pragma' => 'no-cache',
            ]
        );

        return $response;
    }

    private function returnJsonError($code, $message)
    {
        return new JsonResponse(
            [
                'jsonrpc' => '2.0',
                'error ' => [
                    'code' => $code,
                    'message' => $message,
                ],
                'id' => 'id',
            ]
        );
    }

    /**
     * @param Request $request
     * @param int     $folderId
     *
     * @Route("drop/{folderId}", requirements={"folderId" = "\d+"}, name="KunstmaanMediaBundle_media_drop_upload", methods={"GET", "POST"})
     *
     * @return JsonResponse
     */
    public function dropAction(Request $request, $folderId)
    {
        $em = $this->getDoctrine()->getManager();

        /* @var Folder $folder */
        $folder = $em->getRepository(Folder::class)->getFolder($folderId);

        $drop = null;

        if ($request->files->has('files') && $request->files->get('files')['error'] === 0) {
            $drop = $request->files->get('files');
        } else {
            if ($request->files->get('file')) {
                $drop = $request->files->get('file');
            } else {
                $drop = $request->get('text');
            }
        }
        $media = $this->get('kunstmaan_media.media_manager')->createNew($drop);
        if ($media) {
            $media->setFolder($folder);
            $em->getRepository(Media::class)->save($media);

            return new JsonResponse(['status' => $this->get('translator')->trans('kuma_admin.media.flash.drop_success')]);
        }

        $request->getSession()->getFlashBag()->add(
            FlashTypes::DANGER,
            $this->get('translator')->trans('kuma_admin.media.flash.drop_unrecognized')
        );

        return new JsonResponse(['status' => $this->get('translator')->trans('kuma_admin.media.flash.drop_unrecognized')]);
    }

    /**
     * @param Request $request
     * @param int     $folderId The folder id
     * @param string  $type     The type
     *
     * @Route("create/{folderId}/{type}", requirements={"folderId" = "\d+", "type" = ".+"}, name="KunstmaanMediaBundle_media_create", methods={"GET", "POST"})
     * @Template("@KunstmaanMedia/Media/create.html.twig")
     *
     * @return array|RedirectResponse
     */
    public function createAction(Request $request, $folderId, $type)
    {
        return $this->createAndRedirect($request, $folderId, $type, 'KunstmaanMediaBundle_folder_show');
    }

    /**
     * @param Request $request
     * @param int     $folderId    The folder Id
     * @param string  $type        The type
     * @param string  $redirectUrl The url where we want to redirect to on success
     * @param array   $extraParams The extra parameters that will be passed wen redirecting
     *
     * @return array|RedirectResponse
     */
    private function createAndRedirect(Request $request, $folderId, $type, $redirectUrl, $extraParams = [], $isInModal = false)
    {
        $em = $this->getDoctrine()->getManager();

        /* @var Folder $folder */
        $folder = $em->getRepository(Folder::class)->getFolder($folderId);

        /* @var MediaManager $mediaManager */
        $mediaManager = $this->get('kunstmaan_media.media_manager');
        $handler = $mediaManager->getHandlerForType($type);
        $media = new Media();
        $helper = $handler->getFormHelper($media);

        $form = $this->createForm($handler->getFormType(), $helper, $handler->getFormTypeOptions());

        if ($request->isMethod('POST')) {
            $params = ['folderId' => $folder->getId()];
            $params = \array_merge($params, $extraParams);

            $form->handleRequest($request);

            if ($form->isSubmitted() && $form->isValid()) {
                $media = $helper->getMedia();
                $media->setFolder($folder);
                $em->getRepository(Media::class)->save($media);

                $this->addFlash(
                    FlashTypes::SUCCESS,
                    $this->get('translator')->trans(
                        'media.flash.created',
                        [
                            '%medianame%' => $media->getName(),
                        ]
                    )
                );

                return new RedirectResponse($this->generateUrl($redirectUrl, $params));
            }

            if ($isInModal) {
                $this->addFlash(
                    FlashTypes::DANGER,
                    $this->get('translator')->trans(
                        'media.flash.not_created',
                        [
                            '%mediaerrors%' => $form->getErrors(true, true),
                        ]
                    )
                );

                return new RedirectResponse($this->generateUrl($redirectUrl, $params));
            }
        }

        return [
            'type' => $type,
            'form' => $form->createView(),
            'folder' => $folder,
        ];
    }

    /**
     * @param Request $request
     * @param int     $folderId The folder id
     * @param string  $type     The type
     *
     * @Route("create/modal/{folderId}/{type}", requirements={"folderId" = "\d+", "type" = ".+"}, name="KunstmaanMediaBundle_media_modal_create", methods={"POST"})
     *
     * @return array|RedirectResponse
     */
    public function createModalAction(Request $request, $folderId, $type)
    {
        $cKEditorFuncNum = $request->get('CKEditorFuncNum');
        $linkChooser = $request->get('linkChooser');

        $extraParams = [];
        if (!empty($cKEditorFuncNum)) {
            $extraParams['CKEditorFuncNum'] = $cKEditorFuncNum;
        }
        if (!empty($linkChooser)) {
            $extraParams['linkChooser'] = $linkChooser;
        }

        return $this->createAndRedirect(
            $request,
            $folderId,
            $type,
            'KunstmaanMediaBundle_chooser_show_folder',
            $extraParams,
            true
        );
    }

    /**
     * @param Request $request
     *
     * @Route("move/", name="KunstmaanMediaBundle_media_move", methods={"POST"})
     *
     * @return string
     */
    public function moveMedia(Request $request)
    {
        @trigger_error(sprintf('The "%s" controller action is deprecated in KunstmaanMediaBundle 5.1 and will be removed in KunstmaanMediaBundle 6.0.', __METHOD__), E_USER_DEPRECATED);

        $mediaId = $request->request->get('mediaId');
        $folderId = $request->request->get('folderId');

        if (empty($mediaId) || empty($folderId)) {
            return new JsonResponse(['error' => ['title' => 'Missing media id or folder id']], 400);
        }

        $em = $this->getDoctrine()->getManager();
        $mediaRepo = $em->getRepository(Media::class);

        $media = $mediaRepo->getMedia($mediaId);
        $folder = $em->getRepository(Folder::class)->getFolder($folderId);

        $media->setFolder($folder);
        $mediaRepo->save($media);

        return new JsonResponse();
    }

    /**
     * @Route("/bulk-move", name="KunstmaanMediaBundle_media_bulk_move")
     *
     * @param Request $request
     *
     * @return JsonResponse|Response
     *
     * @throws \Doctrine\DBAL\DBALException
     */
    public function bulkMoveAction(Request $request)
    {
        $em = $this->getDoctrine()->getManager();
        $mediaRepo = $em->getRepository(Media::class);
        $form = $this->createForm(BulkMoveMediaType::class);

        $form->handleRequest($request);

        if ($form->isSubmitted() && $form->isValid()) {
            /** @var Folder $folder */
            $folder = $form->getData()['folder'];
            $mediaIds = explode(',', $form->getData()['media']);

            $mediaRepo->createQueryBuilder('m')
                ->update()
                ->set('m.folder', $folder->getId())
                ->where('m.id in (:mediaIds)')
                ->setParameter('mediaIds', $mediaIds)
                ->getQuery()
                ->execute();

            $this->addFlash(FlashTypes::SUCCESS, $this->get('translator')->trans('media.folder.bulk_move.success.text'));

            return new JsonResponse(
                [
                    'Success' => 'The media is moved',
                ]
            );
        }

        return $this->render(
            '@KunstmaanMedia/Folder/bulk-move-modal_form.html.twig',
            [
                'form' => $form->createView(),
            ]
        );
    }
}


1			<?php
2
3			namespace Kunstmaan\MediaBundle\Controller;
4
5			use Exception;
6			use Kunstmaan\AdminBundle\FlashMessages\FlashTypes;
7			use Kunstmaan\MediaBundle\Entity\Folder;
8			use Kunstmaan\MediaBundle\Entity\Media;
9			use Kunstmaan\MediaBundle\Form\BulkMoveMediaType;
10			use Kunstmaan\MediaBundle\Helper\MediaManager;
11			use Symfony\Component\Routing\Annotation\Route;
12			use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
13			use Symfony\Bundle\FrameworkBundle\Controller\Controller;
14			use Symfony\Component\HttpFoundation\File\File;
15			use Symfony\Component\HttpFoundation\JsonResponse;
16			use Symfony\Component\HttpFoundation\RedirectResponse;
17			use Symfony\Component\HttpFoundation\Request;
18			use Symfony\Component\HttpFoundation\Response;
19
20			/**
21			* MediaController
22			*/
23			class MediaController extends Controller
24			{
25			/**
26			* @param Request $request
27			* @param int $mediaId
28			*
29			* @Route("/{mediaId}", requirements={"mediaId" = "\d+"}, name="KunstmaanMediaBundle_media_show")
30			*
31			* @return Response
32			*/
33			public function showAction(Request $request, $mediaId)
34			{
35			$em = $this->getDoctrine()->getManager();
36
37			/* @var Media $media */
38			$media = $em->getRepository(Media::class)->getMedia($mediaId);
39			$folder = $media->getFolder();
40
41			/* @var MediaManager $mediaManager */
42			$mediaManager = $this->get('kunstmaan_media.media_manager');
43			$handler = $mediaManager->getHandler($media);
44			$helper = $handler->getFormHelper($media);
45
46			$form = $this->createForm($handler->getFormType(), $helper, $handler->getFormTypeOptions());
47
48			if ($request->isMethod('POST')) {
49			$form->handleRequest($request);
50			if ($form->isSubmitted() && $form->isValid()) {
51			$media = $helper->getMedia();
52			$em->getRepository(Media::class)->save($media);
53
54			return new RedirectResponse(
55			$this->generateUrl(
56			'KunstmaanMediaBundle_media_show',
57			['mediaId' => $media->getId()]
58			)
59			);
60			}
61			}
62			$showTemplate = $mediaManager->getHandler($media)->getShowTemplate($media);
63
64			return $this->render(
65			$showTemplate,
66			[
67			'handler' => $handler,
68			'foldermanager' => $this->get('kunstmaan_media.folder_manager'),
69			'mediamanager' => $this->get('kunstmaan_media.media_manager'),
70			'editform' => $form->createView(),
71			'media' => $media,
72			'helper' => $helper,
73			'folder' => $folder,
74			]
75			);
76			}
77
78			/**
79			* @param Request $request
80			* @param int $mediaId
81			*
82			* @Route("/delete/{mediaId}", requirements={"mediaId" = "\d+"}, name="KunstmaanMediaBundle_media_delete")
83			*
84			* @return RedirectResponse
85			*/
86			public function deleteAction(Request $request, $mediaId)
87			{
88			$em = $this->getDoctrine()->getManager();
89
90			/* @var Media $media */
91			$media = $em->getRepository(Media::class)->getMedia($mediaId);
92			$medianame = $media->getName();
93			$folder = $media->getFolder();
94
95			$em->getRepository(Media::class)->delete($media);
96
97			$this->addFlash(
98			FlashTypes::SUCCESS,
99			$this->get('translator')->trans(
100			'kuma_admin.media.flash.deleted_success.%medianame%',
101			[
102			'%medianame%' => $medianame,
103			]
104			)
105			);
106
107			// If the redirect url is passed via the url we use it
108			$redirectUrl = $request->query->get('redirectUrl');
109			if (empty($redirectUrl) \|\| (\strpos($redirectUrl, $request->getSchemeAndHttpHost()) !== 0 && strncmp($redirectUrl, '/', 1) !== 0)) {
110			$redirectUrl = $this->generateUrl(
111			'KunstmaanMediaBundle_folder_show',
112			['folderId' => $folder->getId()]
113			);
114			}
115
116			return new RedirectResponse($redirectUrl);
117			}
118
119			/**
120			* @param int $folderId
121			*
122			* @Route("bulkupload/{folderId}", requirements={"folderId" = "\d+"}, name="KunstmaanMediaBundle_media_bulk_upload")
123			* @Template("@KunstmaanMedia/Media/bulkUpload.html.twig")
124			*
125			* @return array\|RedirectResponse
126			*/
127			public function bulkUploadAction($folderId)
128			{
129			$em = $this->getDoctrine()->getManager();
130
131			/* @var Folder $folder */
132			$folder = $em->getRepository(Folder::class)->getFolder($folderId);
133
134			return ['folder' => $folder];
135			}
136
137			/**
138			* @param Request $request
139			* @param int $folderId
140			*
141			* @Route("bulkuploadsubmit/{folderId}", requirements={"folderId" = "\d+"}, name="KunstmaanMediaBundle_media_bulk_upload_submit", methods={"POST"})
142			*
143			* @return JsonResponse
144			*/
145			public function bulkUploadSubmitAction(Request $request, $folderId)
146			{
147			// Settings
148			if (\ini_get('upload_tmp_dir')) {
149			$tempDir = \ini_get('upload_tmp_dir');
150			} else {
151			$tempDir = \sys_get_temp_dir();
152			}
153			$targetDir = \rtrim($tempDir, '/').DIRECTORY_SEPARATOR.'plupload';
154			$cleanupTargetDir = true; // Remove old files
155			$maxFileAge = 5 * 60 * 60; // Temp file age in seconds
156
157			// Create target dir
158			if (!\file_exists($targetDir)) {
159			@\mkdir($targetDir);
160			}
161
162			$submittedToken = $request->headers->get('x-upload-token');
163			if (!$this->isCsrfTokenValid('bulk-upload-media', $submittedToken)) {
			0 ignored issues – show Bug introduced 2020-05-27 14:14 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `$submittedToken` defined by `$request->headers->get('x-upload-token')` on line `162` can also be of type `array`; however, `Symfony\Bundle\Framework...ait::isCsrfTokenValid()` does only seem to accept `string\|null`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /** * @return array\|string */ function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history...
164			return $this->returnJsonError('105', 'Could not verify token');
165			}
166
167			// Get a file name
168			if ($request->request->has('name')) {
169			$fileName = $request->request->get('name');
170			} elseif (0 !== $request->files->count()) {
171			$fileName = $request->files->get('file')['name'];
172			} else {
173			$fileName = \uniqid('file_', false);
174			}
175			$filePath = $targetDir.DIRECTORY_SEPARATOR.$fileName;
176
177			$chunk = 0;
178			$chunks = 0;
179			// Chunking might be enabled
180			if ($request->request->has('chunk')) {
181			$chunk = $request->request->getInt('chunk');
182			}
183			if ($request->request->has('chunks')) {
184			$chunks = $request->request->getInt('chunks');
185			}
186
187			// Remove old temp files
188			if ($cleanupTargetDir) {
189			if (!\is_dir($targetDir) \|\| !$dir = \opendir($targetDir)) {
190			return $this->returnJsonError('100', 'Failed to open temp directory.');
191			}
192
193			while (($file = \readdir($dir)) !== false) {
194			$tmpFilePath = $targetDir.DIRECTORY_SEPARATOR.$file;
195
196			// If temp file is current file proceed to the next
197			if ($tmpFilePath === "{$filePath}.part") {
198			continue;
199			}
200
201			// Remove temp file if it is older than the max age and is not the current file
202			if (\preg_match('/\.part$/', $file) && (\filemtime($tmpFilePath) < \time() - $maxFileAge)) {
203			$success = @\unlink($tmpFilePath);
204			if ($success !== true) {
205			return $this->returnJsonError('106', 'Could not remove temp file: '.$filePath);
206			}
207			}
208			}
209			\closedir($dir);
210			}
211
212			// Open temp file
213			if (!$out = @\fopen("{$filePath}.part", $chunks ? 'ab' : 'wb')) {
214			return $this->returnJsonError('102', 'Failed to open output stream.');
215			}
216
217			if (0 !== $request->files->count()) {
218			$_file = $request->files->get('file');
219			if ($_file->getError() > 0 \|\| !\is_uploaded_file($_file->getRealPath())) {
220			return $this->returnJsonError('103', 'Failed to move uploaded file.');
221			}
222
223			// Read binary input stream and append it to temp file
224			if (!$input = @\fopen($_file->getRealPath(), 'rb')) {
225			return $this->returnJsonError('101', 'Failed to open input stream.');
226			}
227			} else {
228			if (!$input = @\fopen('php://input', 'rb')) {
229			return $this->returnJsonError('101', 'Failed to open input stream.');
230			}
231			}
232
233			while ($buff = \fread($input, 4096)) {
234			\fwrite($out, $buff);
235			}
236
237			@\fclose($out);
238			@\fclose($input);
239
240			// Check if file has been uploaded
241			if (!$chunks \|\| $chunk === $chunks - 1) {
242			// Strip the temp .part suffix off
243			\rename("{$filePath}.part", $filePath);
244			}
245
246			$em = $this->getDoctrine()->getManager();
247			/* @var Folder $folder */
248			$folder = $em->getRepository(Folder::class)->getFolder($folderId);
249			$file = new File($filePath);
250
251			try {
252			/* @var Media $media */
253			$media = $this->get('kunstmaan_media.media_manager')->getHandler($file)->createNew($file);
254			$media->setFolder($folder);
255			$em->getRepository(Media::class)->save($media);
256			} catch (Exception $e) {
257			return $this->returnJsonError('104', 'Failed performing save on media-manager');
258			}
259
260			$success = \unlink($filePath);
261			if ($success !== true) {
262			return $this->returnJsonError('105', 'Could not remove temp file: '.$filePath);
263			}
264
265			// Send headers making sure that the file is not cached (as it happens for example on iOS devices)
266			$response = new JsonResponse(
267			[
268			'jsonrpc' => '2.0',
269			'result' => '',
270			'id' => 'id',
271			], JsonResponse::HTTP_OK, [
272			'Expires' => 'Mon, 26 Jul 1997 05:00:00 GMT',
273			'Last-Modified' => \gmdate('D, d M Y H:i:s').' GMT',
274			'Cache-Control' => 'no-store, no-cache, must-revalidate, post-check=0, pre-check=0',
275			'Pragma' => 'no-cache',
276			]
277			);
278
279			return $response;
280			}
281
282			private function returnJsonError($code, $message)
283			{
284			return new JsonResponse(
285			[
286			'jsonrpc' => '2.0',
287			'error ' => [
288			'code' => $code,
289			'message' => $message,
290			],
291			'id' => 'id',
292			]
293			);
294			}
295
296			/**
297			* @param Request $request
298			* @param int $folderId
299			*
300			* @Route("drop/{folderId}", requirements={"folderId" = "\d+"}, name="KunstmaanMediaBundle_media_drop_upload", methods={"GET", "POST"})
301			*
302			* @return JsonResponse
303			*/
304			public function dropAction(Request $request, $folderId)
305			{
306			$em = $this->getDoctrine()->getManager();
307
308			/* @var Folder $folder */
309			$folder = $em->getRepository(Folder::class)->getFolder($folderId);
310
311			$drop = null;
312
313			if ($request->files->has('files') && $request->files->get('files')['error'] === 0) {
314			$drop = $request->files->get('files');
315			} else {
316			if ($request->files->get('file')) {
317			$drop = $request->files->get('file');
318			} else {
319			$drop = $request->get('text');
320			}
321			}
322			$media = $this->get('kunstmaan_media.media_manager')->createNew($drop);
323			if ($media) {
324			$media->setFolder($folder);
325			$em->getRepository(Media::class)->save($media);
326
327			return new JsonResponse(['status' => $this->get('translator')->trans('kuma_admin.media.flash.drop_success')]);
328			}
329
330			$request->getSession()->getFlashBag()->add(
331			FlashTypes::DANGER,
332			$this->get('translator')->trans('kuma_admin.media.flash.drop_unrecognized')
333			);
334
335			return new JsonResponse(['status' => $this->get('translator')->trans('kuma_admin.media.flash.drop_unrecognized')]);
336			}
337
338			/**
339			* @param Request $request
340			* @param int $folderId The folder id
341			* @param string $type The type
342			*
343			* @Route("create/{folderId}/{type}", requirements={"folderId" = "\d+", "type" = ".+"}, name="KunstmaanMediaBundle_media_create", methods={"GET", "POST"})
344			* @Template("@KunstmaanMedia/Media/create.html.twig")
345			*
346			* @return array\|RedirectResponse
347			*/
348			public function createAction(Request $request, $folderId, $type)
349			{
350			return $this->createAndRedirect($request, $folderId, $type, 'KunstmaanMediaBundle_folder_show');
351			}
352
353			/**
354			* @param Request $request
355			* @param int $folderId The folder Id
356			* @param string $type The type
357			* @param string $redirectUrl The url where we want to redirect to on success
358			* @param array $extraParams The extra parameters that will be passed wen redirecting
359			*
360			* @return array\|RedirectResponse
361			*/
362			private function createAndRedirect(Request $request, $folderId, $type, $redirectUrl, $extraParams = [], $isInModal = false)
363			{
364			$em = $this->getDoctrine()->getManager();
365
366			/* @var Folder $folder */
367			$folder = $em->getRepository(Folder::class)->getFolder($folderId);
368
369			/* @var MediaManager $mediaManager */
370			$mediaManager = $this->get('kunstmaan_media.media_manager');
371			$handler = $mediaManager->getHandlerForType($type);
372			$media = new Media();
373			$helper = $handler->getFormHelper($media);
374
375			$form = $this->createForm($handler->getFormType(), $helper, $handler->getFormTypeOptions());
376
377			if ($request->isMethod('POST')) {
378			$params = ['folderId' => $folder->getId()];
379			$params = \array_merge($params, $extraParams);
380
381			$form->handleRequest($request);
382
383			if ($form->isSubmitted() && $form->isValid()) {
384			$media = $helper->getMedia();
385			$media->setFolder($folder);
386			$em->getRepository(Media::class)->save($media);
387
388			$this->addFlash(
389			FlashTypes::SUCCESS,
390			$this->get('translator')->trans(
391			'media.flash.created',
392			[
393			'%medianame%' => $media->getName(),
394			]
395			)
396			);
397
398			return new RedirectResponse($this->generateUrl($redirectUrl, $params));
399			}
400
401			if ($isInModal) {
402			$this->addFlash(
403			FlashTypes::DANGER,
404			$this->get('translator')->trans(
405			'media.flash.not_created',
406			[
407			'%mediaerrors%' => $form->getErrors(true, true),
408			]
409			)
410			);
411
412			return new RedirectResponse($this->generateUrl($redirectUrl, $params));
413			}
414			}
415
416			return [
417			'type' => $type,
418			'form' => $form->createView(),
419			'folder' => $folder,
420			];
421			}
422
423			/**
424			* @param Request $request
425			* @param int $folderId The folder id
426			* @param string $type The type
427			*
428			* @Route("create/modal/{folderId}/{type}", requirements={"folderId" = "\d+", "type" = ".+"}, name="KunstmaanMediaBundle_media_modal_create", methods={"POST"})
429			*
430			* @return array\|RedirectResponse
431			*/
432			public function createModalAction(Request $request, $folderId, $type)
433			{
434			$cKEditorFuncNum = $request->get('CKEditorFuncNum');
435			$linkChooser = $request->get('linkChooser');
436
437			$extraParams = [];
438			if (!empty($cKEditorFuncNum)) {
439			$extraParams['CKEditorFuncNum'] = $cKEditorFuncNum;
440			}
441			if (!empty($linkChooser)) {
442			$extraParams['linkChooser'] = $linkChooser;
443			}
444
445			return $this->createAndRedirect(
446			$request,
447			$folderId,
448			$type,
449			'KunstmaanMediaBundle_chooser_show_folder',
450			$extraParams,
451			true
452			);
453			}
454
455			/**
456			* @param Request $request
457			*
458			* @Route("move/", name="KunstmaanMediaBundle_media_move", methods={"POST"})
459			*
460			* @return string
461			*/
462			public function moveMedia(Request $request)
463			{
464			@trigger_error(sprintf('The "%s" controller action is deprecated in KunstmaanMediaBundle 5.1 and will be removed in KunstmaanMediaBundle 6.0.', __METHOD__), E_USER_DEPRECATED);
465
466			$mediaId = $request->request->get('mediaId');
467			$folderId = $request->request->get('folderId');
468
469			if (empty($mediaId) \|\| empty($folderId)) {
470			return new JsonResponse(['error' => ['title' => 'Missing media id or folder id']], 400);
471			}
472
473			$em = $this->getDoctrine()->getManager();
474			$mediaRepo = $em->getRepository(Media::class);
475
476			$media = $mediaRepo->getMedia($mediaId);
477			$folder = $em->getRepository(Folder::class)->getFolder($folderId);
478
479			$media->setFolder($folder);
480			$mediaRepo->save($media);
481
482			return new JsonResponse();
483			}
484
485			/**
486			* @Route("/bulk-move", name="KunstmaanMediaBundle_media_bulk_move")
487			*
488			* @param Request $request
489			*
490			* @return JsonResponse\|Response
491			*
492			* @throws \Doctrine\DBAL\DBALException
493			*/
494			public function bulkMoveAction(Request $request)
495			{
496			$em = $this->getDoctrine()->getManager();
497			$mediaRepo = $em->getRepository(Media::class);
498			$form = $this->createForm(BulkMoveMediaType::class);
499
500			$form->handleRequest($request);
501
502			if ($form->isSubmitted() && $form->isValid()) {
503			/** @var Folder $folder */
504			$folder = $form->getData()['folder'];
505			$mediaIds = explode(',', $form->getData()['media']);
506
507			$mediaRepo->createQueryBuilder('m')
508			->update()
509			->set('m.folder', $folder->getId())
510			->where('m.id in (:mediaIds)')
511			->setParameter('mediaIds', $mediaIds)
512			->getQuery()
513			->execute();
514
515			$this->addFlash(FlashTypes::SUCCESS, $this->get('translator')->trans('media.folder.bulk_move.success.text'));
516
517			return new JsonResponse(
518			[
519			'Success' => 'The media is moved',
520			]
521			);
522			}
523
524			return $this->render(
525			'@KunstmaanMedia/Folder/bulk-move-modal_form.html.twig',
526			[
527			'form' => $form->createView(),
528			]
529			);
530			}
531			}
532

Kunstmaan / KunstmaanBundlesCMS

Push — master ( 947afa...ae5e03 )

MediaBundle/Controller/MediaController.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like