Issues in MediaController.php - All Issues - Inspection of "update webpack + add kunstmaan linters + cleanup g..." - Kunstmaan/KunstmaanBundlesCMS - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 91fdab...75a7b9 )

unknown

created 2018-11-22 13:42 UTC

MediaBundle/Controller/MediaController.php (2 issues)

Labels

Severity

Major 2

Kristof Jochmans 2

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

namespace Kunstmaan\MediaBundle\Controller;

use Exception;
use Kunstmaan\AdminBundle\FlashMessages\FlashTypes;
use Kunstmaan\MediaBundle\Entity\Folder;
use Kunstmaan\MediaBundle\Entity\Media;
use Kunstmaan\MediaBundle\Form\BulkMoveMediaType;
use Kunstmaan\MediaBundle\Helper\MediaManager;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\HttpFoundation\File\File;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;

/**
 * MediaController
 */
class MediaController extends Controller
{

    /**
     * @param Request $request
     * @param int     $mediaId
     *
     * @Route("/{mediaId}", requirements={"mediaId" = "\d+"}, name="KunstmaanMediaBundle_media_show")
     *
     * @return Response
     */
    public function showAction(Request $request, $mediaId)
    {
        $em = $this->getDoctrine()->getManager();

        /* @var Media $media */
        $media = $em->getRepository('KunstmaanMediaBundle:Media')->getMedia($mediaId);
        $folder = $media->getFolder();

        /* @var MediaManager $mediaManager */
        $mediaManager = $this->get('kunstmaan_media.media_manager');
        $handler = $mediaManager->getHandler($media);
        $helper = $handler->getFormHelper($media);

        $form = $this->createForm($handler->getFormType(), $helper, $handler->getFormTypeOptions());

        if ($request->isMethod('POST')) {
            $form->handleRequest($request);
            if ($form->isSubmitted() && $form->isValid()) {
                $media = $helper->getMedia();
                $em->getRepository('KunstmaanMediaBundle:Media')->save($media);

                return new RedirectResponse(
                    $this->generateUrl(
                        'KunstmaanMediaBundle_media_show',
                        ['mediaId' => $media->getId()]
                    )
                );
            }
        }
        $showTemplate = $mediaManager->getHandler($media)->getShowTemplate($media);

        return $this->render(
            $showTemplate,
            [
                'handler' => $handler,
                'foldermanager' => $this->get('kunstmaan_media.folder_manager'),
                'mediamanager' => $this->get('kunstmaan_media.media_manager'),
                'editform' => $form->createView(),
                'media' => $media,
                'helper' => $helper,
                'folder' => $folder,
            ]
        );
    }

    /**
     * @param Request $request
     * @param int     $mediaId
     *
     * @Route("/delete/{mediaId}", requirements={"mediaId" = "\d+"}, name="KunstmaanMediaBundle_media_delete")
     *
     * @return RedirectResponse
     */
    public function deleteAction(Request $request, $mediaId)
    {
        $em = $this->getDoctrine()->getManager();

        /* @var Media $media */
        $media = $em->getRepository('KunstmaanMediaBundle:Media')->getMedia($mediaId);
        $medianame = $media->getName();
        $folder = $media->getFolder();

        $em->getRepository('KunstmaanMediaBundle:Media')->delete($media);

        $this->addFlash(
            FlashTypes::SUCCESS,
            $this->get('translator')->trans(
                'kuma_admin.media.flash.deleted_success.%medianame%',
                [
                    '%medianame%' => $medianame,
                ]
            )
        );

        // If the redirect url is passed via the url we use it
        $redirectUrl = $request->query->get('redirectUrl');
        if (empty($redirectUrl) || (\strpos($redirectUrl, $request->getSchemeAndHttpHost()) !== 0 && \strpos($redirectUrl, '/') !== 0)) {
            $redirectUrl = $this->generateUrl(
                'KunstmaanMediaBundle_folder_show',
                ['folderId' => $folder->getId()]
            );
        }

        return new RedirectResponse($redirectUrl);
    }

    /**
     * @param int $folderId
     *
     * @Route("bulkupload/{folderId}", requirements={"folderId" = "\d+"}, name="KunstmaanMediaBundle_media_bulk_upload")
     * @Template("@KunstmaanMedia/Media/bulkUpload.html.twig")
     *
     * @return array|RedirectResponse
     */
    public function bulkUploadAction($folderId)
    {
        $em = $this->getDoctrine()->getManager();

        /* @var Folder $folder */
        $folder = $em->getRepository('KunstmaanMediaBundle:Folder')->getFolder($folderId);

        return ['folder' => $folder];
    }

    /**
     * @param Request $request
     * @param int     $folderId
     *
     * @Route("bulkuploadsubmit/{folderId}", requirements={"folderId" = "\d+"}, name="KunstmaanMediaBundle_media_bulk_upload_submit")
     *
     * @return JsonResponse
     */
    public function bulkUploadSubmitAction(Request $request, $folderId)
    {
        // Settings
        if (\ini_get('upload_tmp_dir')) {
            $tempDir = \ini_get('upload_tmp_dir');
        } else {
            $tempDir = \sys_get_temp_dir();
        }
        $targetDir = \rtrim($tempDir, '/').DIRECTORY_SEPARATOR.'plupload';
        $cleanupTargetDir = true; // Remove old files
        $maxFileAge = 5 * 60 * 60; // Temp file age in seconds

        // Create target dir
        if (!\file_exists($targetDir)) {
            @\mkdir($targetDir);
// For example instead of
@mkdir($dir);

// Better use
if (@mkdir($dir) === false) {
    throw new \RuntimeException('The directory '.$dir.' could not be created.');
}
        }

        // Get a file name
        if ($request->request->has('name')) {
            $fileName = $request->request->get('name');
        } elseif (0 !== $request->files->count()) {
            $fileName = $request->files->get('file')['name'];
        } else {
            $fileName = \uniqid('file_', false);
        }
        $filePath = $targetDir.DIRECTORY_SEPARATOR.$fileName;

        $chunk = 0;
        $chunks = 0;
        // Chunking might be enabled
        if ($request->request->has('chunk')) {
            $chunk = $request->request->getInt('chunk');
        }
        if ($request->request->has('chunks')) {
            $chunks = $request->request->getInt('chunks');
        }

        // Remove old temp files
        if ($cleanupTargetDir) {
            if (!\is_dir($targetDir) || !$dir = \opendir($targetDir)) {

                return $this->returnJsonError('100', 'Failed to open temp directory.');
            }

            while (($file = \readdir($dir)) !== false) {
                $tmpFilePath = $targetDir.DIRECTORY_SEPARATOR.$file;

                // If temp file is current file proceed to the next
                if ($tmpFilePath === "{$filePath}.part") {

                    continue;
                }

                // Remove temp file if it is older than the max age and is not the current file
                if (\preg_match('/\.part$/', $file) && (\filemtime($tmpFilePath) < \time() - $maxFileAge)) {
                    $success = @\unlink($tmpFilePath);
                    if ($success !== true) {

                        return $this->returnJsonError('106', 'Could not remove temp file: '.$filePath);
                    }
                }
            }
            \closedir($dir);
        }

        // Open temp file
        if (!$out = @\fopen("{$filePath}.part", $chunks ? 'ab' : 'wb')) {

            return $this->returnJsonError('102', 'Failed to open output stream.');
        }

        if (0 !== $request->files->count()) {

            $_file = $request->files->get('file');
            if ($_file->getError() > 0 || !\is_uploaded_file($_file->getRealPath())) {
                return $this->returnJsonError('103', 'Failed to move uploaded file.');
            }

            // Read binary input stream and append it to temp file
            if (!$input = @\fopen($_file->getRealPath(), 'rb')) {

                return $this->returnJsonError('101', 'Failed to open input stream.');
            }
        } else {
            if (!$input = @\fopen('php://input', 'rb')) {

                return $this->returnJsonError('101', 'Failed to open input stream.');
            }
        }

        while ($buff = \fread($input, 4096)) {
            \fwrite($out, $buff);
        }

        @\fclose($out);
// For example instead of
@mkdir($dir);

// Better use
if (@mkdir($dir) === false) {
    throw new \RuntimeException('The directory '.$dir.' could not be created.');
}
        @\fclose($input);

        // Check if file has been uploaded
        if (!$chunks || $chunk === $chunks - 1) {
            // Strip the temp .part suffix off
            \rename("{$filePath}.part", $filePath);
        }


        $em = $this->getDoctrine()->getManager();
        /* @var Folder $folder */
        $folder = $em->getRepository('KunstmaanMediaBundle:Folder')->getFolder($folderId);
        $file = new File($filePath);

        try {
            /* @var Media $media */
            $media = $this->get('kunstmaan_media.media_manager')->getHandler($file)->createNew($file);
            $media->setFolder($folder);
            $em->getRepository(Media::class)->save($media);
        } catch (Exception $e) {
            return $this->returnJsonError('104', 'Failed performing save on media-manager');
        }

        $success = \unlink($filePath);
        if ($success !== true) {

            return $this->returnJsonError('105', 'Could not remove temp file: '.$filePath);
        }


        // Send headers making sure that the file is not cached (as it happens for example on iOS devices)
        $response = new JsonResponse(
            [
                'jsonrpc' => '2.0',
                'result' => '',
                'id' => 'id',
            ], JsonResponse::HTTP_OK, [
                'Expires' => 'Mon, 26 Jul 1997 05:00:00 GMT',
                'Last-Modified' => \gmdate('D, d M Y H:i:s').' GMT',
                'Cache-Control' => 'no-store, no-cache, must-revalidate, post-check=0, pre-check=0',
                'Pragma' => 'no-cache',
            ]
        );

        return $response;
    }

    private function returnJsonError($code, $message)
    {

        return new JsonResponse(
            [
                'jsonrpc' => '2.0',
                'error ' => [
                    'code' => $code,
                    'message' => $message,
                ],
                'id' => 'id',
            ]
        );
    }

    /**
     * @param Request $request
     * @param int     $folderId
     *
     * @Route("drop/{folderId}", requirements={"folderId" = "\d+"}, name="KunstmaanMediaBundle_media_drop_upload")
     * @Method({"GET", "POST"})
     *
     * @return JsonResponse
     */
    public function dropAction(Request $request, $folderId)
    {
        $em = $this->getDoctrine()->getManager();

        /* @var Folder $folder */
        $folder = $em->getRepository('KunstmaanMediaBundle:Folder')->getFolder($folderId);

        $drop = null;

        if ($request->files->has('files') && $request->files->get('files')['error'] === 0) {
            $drop = $request->files->get('files');
        } else {
            if ($request->files->get('file')) {
                $drop = $request->files->get('file');
            } else {
                $drop = $request->get('text');
            }
        }
        $media = $this->get('kunstmaan_media.media_manager')->createNew($drop);
        if ($media) {
            $media->setFolder($folder);
            $em->getRepository('KunstmaanMediaBundle:Media')->save($media);

            return new JsonResponse(['status' => $this->get('translator')->trans('kuma_admin.media.flash.drop_success')]);
        }

        $request->getSession()->getFlashBag()->add(
            FlashTypes::DANGER,
            $this->get('translator')->trans('kuma_admin.media.flash.drop_unrecognized')
        );

        return new JsonResponse(['status' => $this->get('translator')->trans('kuma_admin.media.flash.drop_unrecognized')]);
    }

    /**
     * @param Request $request
     * @param int     $folderId The folder id
     * @param string  $type     The type
     *
     * @Route("create/{folderId}/{type}", requirements={"folderId" = "\d+", "type" = ".+"}, name="KunstmaanMediaBundle_media_create")
     * @Method({"GET", "POST"})
     * @Template("@KunstmaanMedia/Media/create.html.twig")
     *
     * @return array|RedirectResponse
     */
    public function createAction(Request $request, $folderId, $type)
    {
        return $this->createAndRedirect($request, $folderId, $type, 'KunstmaanMediaBundle_folder_show');
    }

    /**
     * @param Request $request
     * @param int     $folderId    The folder Id
     * @param string  $type        The type
     * @param string  $redirectUrl The url where we want to redirect to on success
     * @param array   $extraParams The extra parameters that will be passed wen redirecting
     *
     * @return array|RedirectResponse
     */
    private function createAndRedirect(Request $request, $folderId, $type, $redirectUrl, $extraParams = [], $isInModal = false)
    {
        $em = $this->getDoctrine()->getManager();

        /* @var Folder $folder */
        $folder = $em->getRepository('KunstmaanMediaBundle:Folder')->getFolder($folderId);

        /* @var MediaManager $mediaManager */
        $mediaManager = $this->get('kunstmaan_media.media_manager');
        $handler = $mediaManager->getHandlerForType($type);
        $media = new Media();
        $helper = $handler->getFormHelper($media);

        $form = $this->createForm($handler->getFormType(), $helper, $handler->getFormTypeOptions());

        if ($request->isMethod('POST')) {
            $params = ['folderId' => $folder->getId()];
            $params = \array_merge($params, $extraParams);

            $form->handleRequest($request);

            if ($form->isSubmitted() && $form->isValid()) {
                $media = $helper->getMedia();
                $media->setFolder($folder);
                $em->getRepository('KunstmaanMediaBundle:Media')->save($media);

                $this->addFlash(
                    FlashTypes::SUCCESS,
                    $this->get('translator')->trans(
                        'media.flash.created',
                        [
                            '%medianame%' => $media->getName(),
                        ]
                    )
                );

                return new RedirectResponse($this->generateUrl($redirectUrl, $params));
            }

            if ($isInModal) {
                $this->addFlash(
                    FlashTypes::ERROR,
                    $this->get('translator')->trans(
                        'media.flash.not_created',
                        [
                            '%mediaerrors%' => $form->getErrors(true, true),
                        ]
                    )
                );

                return new RedirectResponse($this->generateUrl($redirectUrl, $params));
            }
        }

        return [
            'type' => $type,
            'form' => $form->createView(),
            'folder' => $folder,
        ];
    }

    /**
     * @param Request $request
     * @param int     $folderId The folder id
     * @param string  $type     The type
     *
     * @Route("create/modal/{folderId}/{type}", requirements={"folderId" = "\d+", "type" = ".+"}, name="KunstmaanMediaBundle_media_modal_create")
     * @Method({"POST"})
     *
     * @return array|RedirectResponse
     */
    public function createModalAction(Request $request, $folderId, $type)
    {
        $cKEditorFuncNum = $request->get('CKEditorFuncNum');
        $linkChooser = $request->get('linkChooser');

        $extraParams = [];
        if (!empty($cKEditorFuncNum)) {
            $extraParams['CKEditorFuncNum'] = $cKEditorFuncNum;
        }
        if (!empty($linkChooser)) {
            $extraParams['linkChooser'] = $linkChooser;
        }

        return $this->createAndRedirect(
            $request,
            $folderId,
            $type,
            'KunstmaanMediaBundle_chooser_show_folder',
            $extraParams,
            true
        );
    }

    /**
     * @param Request $request
     *
     * @Route("move/", name="KunstmaanMediaBundle_media_move")
     * @Method({"POST"})
     *
     * @return string
     */
    public function moveMedia(Request $request)
    {
        @trigger_error(sprintf('The "%s" controller action is deprecated in KunstmaanMediaBundle 5.1 and will be removed in KunstmaanMediaBundle 6.0.', __METHOD__), E_USER_DEPRECATED);

        $mediaId = $request->request->get('mediaId');
        $folderId = $request->request->get('folderId');

        if (empty($mediaId) || empty($folderId)) {
            return new JsonResponse(['error' => ['title' => 'Missing media id or folder id']], 400);
        }

        $em = $this->getDoctrine()->getManager();
        $mediaRepo = $em->getRepository('KunstmaanMediaBundle:Media');

        $media = $mediaRepo->getMedia($mediaId);
        $folder = $em->getRepository('KunstmaanMediaBundle:Folder')->getFolder($folderId);

        $media->setFolder($folder);
        $mediaRepo->save($media);

        return new JsonResponse();
    }

    /**
     * @Route("/bulk-move", name="KunstmaanMediaBundle_media_bulk_move")
     *
     * @param Request $request
     *
     * @return JsonResponse|Response
     * @throws \Doctrine\DBAL\DBALException
     */
    public function bulkMoveAction(Request $request)
    {
        $em = $this->getDoctrine()->getManager();
        $mediaRepo = $em->getRepository('KunstmaanMediaBundle:Media');
        $form = $this->createForm(BulkMoveMediaType::class);

        $form->handleRequest($request);

        if ($form->isSubmitted() && $form->isValid()) {
            /** @var Folder $folder */
            $folder = $form->getData()['folder'];
            $mediaIds = explode(',', $form->getData()['media']);

            $mediaRepo->createQueryBuilder('m')
                ->update()
                ->set('m.folder', $folder->getId())
                ->where('m.id in (:mediaIds)')
                ->setParameter('mediaIds', $mediaIds)
                ->getQuery()
                ->execute();

            $this->addFlash(FlashTypes::SUCCESS, $this->get('translator')->trans('media.folder.bulk_move.success.text'));

            return new JsonResponse(
                [
                    'Success' => 'The media is moved',
                ]
            );
        }

        return $this->render(
            '@KunstmaanMedia/Folder/bulk-move-modal_form.html.twig',
            [
                'form' => $form->createView(),
            ]
        );
    }
}


1			<?php
2
3			namespace Kunstmaan\MediaBundle\Controller;
4
5			use Exception;
6			use Kunstmaan\AdminBundle\FlashMessages\FlashTypes;
7			use Kunstmaan\MediaBundle\Entity\Folder;
8			use Kunstmaan\MediaBundle\Entity\Media;
9			use Kunstmaan\MediaBundle\Form\BulkMoveMediaType;
10			use Kunstmaan\MediaBundle\Helper\MediaManager;
11			use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method;
12			use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
13			use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
14			use Symfony\Bundle\FrameworkBundle\Controller\Controller;
15			use Symfony\Component\HttpFoundation\File\File;
16			use Symfony\Component\HttpFoundation\JsonResponse;
17			use Symfony\Component\HttpFoundation\RedirectResponse;
18			use Symfony\Component\HttpFoundation\Request;
19			use Symfony\Component\HttpFoundation\Response;
20
21			/**
22			* MediaController
23			*/
24			class MediaController extends Controller
25			{
26
27			/**
28			* @param Request $request
29			* @param int $mediaId
30			*
31			* @Route("/{mediaId}", requirements={"mediaId" = "\d+"}, name="KunstmaanMediaBundle_media_show")
32			*
33			* @return Response
34			*/
35			public function showAction(Request $request, $mediaId)
36			{
37			$em = $this->getDoctrine()->getManager();
38
39			/* @var Media $media */
40			$media = $em->getRepository('KunstmaanMediaBundle:Media')->getMedia($mediaId);
41			$folder = $media->getFolder();
42
43			/* @var MediaManager $mediaManager */
44			$mediaManager = $this->get('kunstmaan_media.media_manager');
45			$handler = $mediaManager->getHandler($media);
46			$helper = $handler->getFormHelper($media);
47
48			$form = $this->createForm($handler->getFormType(), $helper, $handler->getFormTypeOptions());
49
50			if ($request->isMethod('POST')) {
51			$form->handleRequest($request);
52			if ($form->isSubmitted() && $form->isValid()) {
53			$media = $helper->getMedia();
54			$em->getRepository('KunstmaanMediaBundle:Media')->save($media);
55
56			return new RedirectResponse(
57			$this->generateUrl(
58			'KunstmaanMediaBundle_media_show',
59			['mediaId' => $media->getId()]
60			)
61			);
62			}
63			}
64			$showTemplate = $mediaManager->getHandler($media)->getShowTemplate($media);
65
66			return $this->render(
67			$showTemplate,
68			[
69			'handler' => $handler,
70			'foldermanager' => $this->get('kunstmaan_media.folder_manager'),
71			'mediamanager' => $this->get('kunstmaan_media.media_manager'),
72			'editform' => $form->createView(),
73			'media' => $media,
74			'helper' => $helper,
75			'folder' => $folder,
76			]
77			);
78			}
79
80			/**
81			* @param Request $request
82			* @param int $mediaId
83			*
84			* @Route("/delete/{mediaId}", requirements={"mediaId" = "\d+"}, name="KunstmaanMediaBundle_media_delete")
85			*
86			* @return RedirectResponse
87			*/
88			public function deleteAction(Request $request, $mediaId)
89			{
90			$em = $this->getDoctrine()->getManager();
91
92			/* @var Media $media */
93			$media = $em->getRepository('KunstmaanMediaBundle:Media')->getMedia($mediaId);
94			$medianame = $media->getName();
95			$folder = $media->getFolder();
96
97			$em->getRepository('KunstmaanMediaBundle:Media')->delete($media);
98
99			$this->addFlash(
100			FlashTypes::SUCCESS,
101			$this->get('translator')->trans(
102			'kuma_admin.media.flash.deleted_success.%medianame%',
103			[
104			'%medianame%' => $medianame,
105			]
106			)
107			);
108
109			// If the redirect url is passed via the url we use it
110			$redirectUrl = $request->query->get('redirectUrl');
111			if (empty($redirectUrl) \|\| (\strpos($redirectUrl, $request->getSchemeAndHttpHost()) !== 0 && \strpos($redirectUrl, '/') !== 0)) {
112			$redirectUrl = $this->generateUrl(
113			'KunstmaanMediaBundle_folder_show',
114			['folderId' => $folder->getId()]
115			);
116			}
117
118			return new RedirectResponse($redirectUrl);
119			}
120
121			/**
122			* @param int $folderId
123			*
124			* @Route("bulkupload/{folderId}", requirements={"folderId" = "\d+"}, name="KunstmaanMediaBundle_media_bulk_upload")
125			* @Template("@KunstmaanMedia/Media/bulkUpload.html.twig")
126			*
127			* @return array\|RedirectResponse
128			*/
129			public function bulkUploadAction($folderId)
130			{
131			$em = $this->getDoctrine()->getManager();
132
133			/* @var Folder $folder */
134			$folder = $em->getRepository('KunstmaanMediaBundle:Folder')->getFolder($folderId);
135
136			return ['folder' => $folder];
137			}
138
139			/**
140			* @param Request $request
141			* @param int $folderId
142			*
143			* @Route("bulkuploadsubmit/{folderId}", requirements={"folderId" = "\d+"}, name="KunstmaanMediaBundle_media_bulk_upload_submit")
144			*
145			* @return JsonResponse
146			*/
147			public function bulkUploadSubmitAction(Request $request, $folderId)
148			{
149			// Settings
150			if (\ini_get('upload_tmp_dir')) {
151			$tempDir = \ini_get('upload_tmp_dir');
152			} else {
153			$tempDir = \sys_get_temp_dir();
154			}
155			$targetDir = \rtrim($tempDir, '/').DIRECTORY_SEPARATOR.'plupload';
156			$cleanupTargetDir = true; // Remove old files
157			$maxFileAge = 5 * 60 * 60; // Temp file age in seconds
158
159			// Create target dir
160			if (!\file_exists($targetDir)) {
161			@\mkdir($targetDir);
			0 ignored issues – show Security Best Practice introduced 2017-11-21 06:15 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like you do not handle an error condition here. This can introduce security issues, and is generally not recommended. If you suppress an error, we recommend checking for the error condition explicitly: // For example instead of @mkdir($dir); // Better use if (@mkdir($dir) === false) { throw new \RuntimeException('The directory '.$dir.' could not be created.'); } Loading history...
162			}
163
164			// Get a file name
165			if ($request->request->has('name')) {
166			$fileName = $request->request->get('name');
167			} elseif (0 !== $request->files->count()) {
168			$fileName = $request->files->get('file')['name'];
169			} else {
170			$fileName = \uniqid('file_', false);
171			}
172			$filePath = $targetDir.DIRECTORY_SEPARATOR.$fileName;
173
174			$chunk = 0;
175			$chunks = 0;
176			// Chunking might be enabled
177			if ($request->request->has('chunk')) {
178			$chunk = $request->request->getInt('chunk');
179			}
180			if ($request->request->has('chunks')) {
181			$chunks = $request->request->getInt('chunks');
182			}
183
184			// Remove old temp files
185			if ($cleanupTargetDir) {
186			if (!\is_dir($targetDir) \|\| !$dir = \opendir($targetDir)) {
187
188			return $this->returnJsonError('100', 'Failed to open temp directory.');
189			}
190
191			while (($file = \readdir($dir)) !== false) {
192			$tmpFilePath = $targetDir.DIRECTORY_SEPARATOR.$file;
193
194			// If temp file is current file proceed to the next
195			if ($tmpFilePath === "{$filePath}.part") {
196
197			continue;
198			}
199
200			// Remove temp file if it is older than the max age and is not the current file
201			if (\preg_match('/\.part$/', $file) && (\filemtime($tmpFilePath) < \time() - $maxFileAge)) {
202			$success = @\unlink($tmpFilePath);
203			if ($success !== true) {
204
205			return $this->returnJsonError('106', 'Could not remove temp file: '.$filePath);
206			}
207			}
208			}
209			\closedir($dir);
210			}
211
212			// Open temp file
213			if (!$out = @\fopen("{$filePath}.part", $chunks ? 'ab' : 'wb')) {
214
215			return $this->returnJsonError('102', 'Failed to open output stream.');
216			}
217
218			if (0 !== $request->files->count()) {
219
220			$_file = $request->files->get('file');
221			if ($_file->getError() > 0 \|\| !\is_uploaded_file($_file->getRealPath())) {
222			return $this->returnJsonError('103', 'Failed to move uploaded file.');
223			}
224
225			// Read binary input stream and append it to temp file
226			if (!$input = @\fopen($_file->getRealPath(), 'rb')) {
227
228			return $this->returnJsonError('101', 'Failed to open input stream.');
229			}
230			} else {
231			if (!$input = @\fopen('php://input', 'rb')) {
232
233			return $this->returnJsonError('101', 'Failed to open input stream.');
234			}
235			}
236
237			while ($buff = \fread($input, 4096)) {
238			\fwrite($out, $buff);
239			}
240
241			@\fclose($out);
			0 ignored issues – show Security Best Practice introduced 2017-11-21 06:15 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like you do not handle an error condition here. This can introduce security issues, and is generally not recommended. If you suppress an error, we recommend checking for the error condition explicitly: // For example instead of @mkdir($dir); // Better use if (@mkdir($dir) === false) { throw new \RuntimeException('The directory '.$dir.' could not be created.'); } Loading history...
242			@\fclose($input);
243
244			// Check if file has been uploaded
245			if (!$chunks \|\| $chunk === $chunks - 1) {
246			// Strip the temp .part suffix off
247			\rename("{$filePath}.part", $filePath);
248			}
249
250
251			$em = $this->getDoctrine()->getManager();
252			/* @var Folder $folder */
253			$folder = $em->getRepository('KunstmaanMediaBundle:Folder')->getFolder($folderId);
254			$file = new File($filePath);
255
256			try {
257			/* @var Media $media */
258			$media = $this->get('kunstmaan_media.media_manager')->getHandler($file)->createNew($file);
259			$media->setFolder($folder);
260			$em->getRepository(Media::class)->save($media);
261			} catch (Exception $e) {
262			return $this->returnJsonError('104', 'Failed performing save on media-manager');
263			}
264
265			$success = \unlink($filePath);
266			if ($success !== true) {
267
268			return $this->returnJsonError('105', 'Could not remove temp file: '.$filePath);
269			}
270
271
272			// Send headers making sure that the file is not cached (as it happens for example on iOS devices)
273			$response = new JsonResponse(
274			[
275			'jsonrpc' => '2.0',
276			'result' => '',
277			'id' => 'id',
278			], JsonResponse::HTTP_OK, [
279			'Expires' => 'Mon, 26 Jul 1997 05:00:00 GMT',
280			'Last-Modified' => \gmdate('D, d M Y H:i:s').' GMT',
281			'Cache-Control' => 'no-store, no-cache, must-revalidate, post-check=0, pre-check=0',
282			'Pragma' => 'no-cache',
283			]
284			);
285
286			return $response;
287			}
288
289			private function returnJsonError($code, $message)
290			{
291
292			return new JsonResponse(
293			[
294			'jsonrpc' => '2.0',
295			'error ' => [
296			'code' => $code,
297			'message' => $message,
298			],
299			'id' => 'id',
300			]
301			);
302			}
303
304			/**
305			* @param Request $request
306			* @param int $folderId
307			*
308			* @Route("drop/{folderId}", requirements={"folderId" = "\d+"}, name="KunstmaanMediaBundle_media_drop_upload")
309			* @Method({"GET", "POST"})
310			*
311			* @return JsonResponse
312			*/
313			public function dropAction(Request $request, $folderId)
314			{
315			$em = $this->getDoctrine()->getManager();
316
317			/* @var Folder $folder */
318			$folder = $em->getRepository('KunstmaanMediaBundle:Folder')->getFolder($folderId);
319
320			$drop = null;
321
322			if ($request->files->has('files') && $request->files->get('files')['error'] === 0) {
323			$drop = $request->files->get('files');
324			} else {
325			if ($request->files->get('file')) {
326			$drop = $request->files->get('file');
327			} else {
328			$drop = $request->get('text');
329			}
330			}
331			$media = $this->get('kunstmaan_media.media_manager')->createNew($drop);
332			if ($media) {
333			$media->setFolder($folder);
334			$em->getRepository('KunstmaanMediaBundle:Media')->save($media);
335
336			return new JsonResponse(['status' => $this->get('translator')->trans('kuma_admin.media.flash.drop_success')]);
337			}
338
339			$request->getSession()->getFlashBag()->add(
340			FlashTypes::DANGER,
341			$this->get('translator')->trans('kuma_admin.media.flash.drop_unrecognized')
342			);
343
344			return new JsonResponse(['status' => $this->get('translator')->trans('kuma_admin.media.flash.drop_unrecognized')]);
345			}
346
347			/**
348			* @param Request $request
349			* @param int $folderId The folder id
350			* @param string $type The type
351			*
352			* @Route("create/{folderId}/{type}", requirements={"folderId" = "\d+", "type" = ".+"}, name="KunstmaanMediaBundle_media_create")
353			* @Method({"GET", "POST"})
354			* @Template("@KunstmaanMedia/Media/create.html.twig")
355			*
356			* @return array\|RedirectResponse
357			*/
358			public function createAction(Request $request, $folderId, $type)
359			{
360			return $this->createAndRedirect($request, $folderId, $type, 'KunstmaanMediaBundle_folder_show');
361			}
362
363			/**
364			* @param Request $request
365			* @param int $folderId The folder Id
366			* @param string $type The type
367			* @param string $redirectUrl The url where we want to redirect to on success
368			* @param array $extraParams The extra parameters that will be passed wen redirecting
369			*
370			* @return array\|RedirectResponse
371			*/
372			private function createAndRedirect(Request $request, $folderId, $type, $redirectUrl, $extraParams = [], $isInModal = false)
373			{
374			$em = $this->getDoctrine()->getManager();
375
376			/* @var Folder $folder */
377			$folder = $em->getRepository('KunstmaanMediaBundle:Folder')->getFolder($folderId);
378
379			/* @var MediaManager $mediaManager */
380			$mediaManager = $this->get('kunstmaan_media.media_manager');
381			$handler = $mediaManager->getHandlerForType($type);
382			$media = new Media();
383			$helper = $handler->getFormHelper($media);
384
385			$form = $this->createForm($handler->getFormType(), $helper, $handler->getFormTypeOptions());
386
387			if ($request->isMethod('POST')) {
388			$params = ['folderId' => $folder->getId()];
389			$params = \array_merge($params, $extraParams);
390
391			$form->handleRequest($request);
392
393			if ($form->isSubmitted() && $form->isValid()) {
394			$media = $helper->getMedia();
395			$media->setFolder($folder);
396			$em->getRepository('KunstmaanMediaBundle:Media')->save($media);
397
398			$this->addFlash(
399			FlashTypes::SUCCESS,
400			$this->get('translator')->trans(
401			'media.flash.created',
402			[
403			'%medianame%' => $media->getName(),
404			]
405			)
406			);
407
408			return new RedirectResponse($this->generateUrl($redirectUrl, $params));
409			}
410
411			if ($isInModal) {
412			$this->addFlash(
413			FlashTypes::ERROR,
414			$this->get('translator')->trans(
415			'media.flash.not_created',
416			[
417			'%mediaerrors%' => $form->getErrors(true, true),
418			]
419			)
420			);
421
422			return new RedirectResponse($this->generateUrl($redirectUrl, $params));
423			}
424			}
425
426			return [
427			'type' => $type,
428			'form' => $form->createView(),
429			'folder' => $folder,
430			];
431			}
432
433			/**
434			* @param Request $request
435			* @param int $folderId The folder id
436			* @param string $type The type
437			*
438			* @Route("create/modal/{folderId}/{type}", requirements={"folderId" = "\d+", "type" = ".+"}, name="KunstmaanMediaBundle_media_modal_create")
439			* @Method({"POST"})
440			*
441			* @return array\|RedirectResponse
442			*/
443			public function createModalAction(Request $request, $folderId, $type)
444			{
445			$cKEditorFuncNum = $request->get('CKEditorFuncNum');
446			$linkChooser = $request->get('linkChooser');
447
448			$extraParams = [];
449			if (!empty($cKEditorFuncNum)) {
450			$extraParams['CKEditorFuncNum'] = $cKEditorFuncNum;
451			}
452			if (!empty($linkChooser)) {
453			$extraParams['linkChooser'] = $linkChooser;
454			}
455
456			return $this->createAndRedirect(
457			$request,
458			$folderId,
459			$type,
460			'KunstmaanMediaBundle_chooser_show_folder',
461			$extraParams,
462			true
463			);
464			}
465
466			/**
467			* @param Request $request
468			*
469			* @Route("move/", name="KunstmaanMediaBundle_media_move")
470			* @Method({"POST"})
471			*
472			* @return string
473			*/
474			public function moveMedia(Request $request)
475			{
476			@trigger_error(sprintf('The "%s" controller action is deprecated in KunstmaanMediaBundle 5.1 and will be removed in KunstmaanMediaBundle 6.0.', __METHOD__), E_USER_DEPRECATED);
477
478			$mediaId = $request->request->get('mediaId');
479			$folderId = $request->request->get('folderId');
480
481			if (empty($mediaId) \|\| empty($folderId)) {
482			return new JsonResponse(['error' => ['title' => 'Missing media id or folder id']], 400);
483			}
484
485			$em = $this->getDoctrine()->getManager();
486			$mediaRepo = $em->getRepository('KunstmaanMediaBundle:Media');
487
488			$media = $mediaRepo->getMedia($mediaId);
489			$folder = $em->getRepository('KunstmaanMediaBundle:Folder')->getFolder($folderId);
490
491			$media->setFolder($folder);
492			$mediaRepo->save($media);
493
494			return new JsonResponse();
495			}
496
497			/**
498			* @Route("/bulk-move", name="KunstmaanMediaBundle_media_bulk_move")
499			*
500			* @param Request $request
501			*
502			* @return JsonResponse\|Response
503			* @throws \Doctrine\DBAL\DBALException
504			*/
505			public function bulkMoveAction(Request $request)
506			{
507			$em = $this->getDoctrine()->getManager();
508			$mediaRepo = $em->getRepository('KunstmaanMediaBundle:Media');
509			$form = $this->createForm(BulkMoveMediaType::class);
510
511			$form->handleRequest($request);
512
513			if ($form->isSubmitted() && $form->isValid()) {
514			/** @var Folder $folder */
515			$folder = $form->getData()['folder'];
516			$mediaIds = explode(',', $form->getData()['media']);
517
518			$mediaRepo->createQueryBuilder('m')
519			->update()
520			->set('m.folder', $folder->getId())
521			->where('m.id in (:mediaIds)')
522			->setParameter('mediaIds', $mediaIds)
523			->getQuery()
524			->execute();
525
526			$this->addFlash(FlashTypes::SUCCESS, $this->get('translator')->trans('media.folder.bulk_move.success.text'));
527
528			return new JsonResponse(
529			[
530			'Success' => 'The media is moved',
531			]
532			);
533			}
534
535			return $this->render(
536			'@KunstmaanMedia/Folder/bulk-move-modal_form.html.twig',
537			[
538			'form' => $form->createView(),
539			]
540			);
541			}
542			}
543

Kunstmaan / KunstmaanBundlesCMS

Push — master ( 91fdab...75a7b9 )

MediaBundle/Controller/MediaController.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like