This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace Kunstmaan\MediaBundle\Controller; |
||
4 | |||
5 | use Exception; |
||
6 | use Kunstmaan\AdminBundle\FlashMessages\FlashTypes; |
||
7 | use Kunstmaan\MediaBundle\Entity\Folder; |
||
8 | use Kunstmaan\MediaBundle\Entity\Media; |
||
9 | use Kunstmaan\MediaBundle\Form\BulkMoveMediaType; |
||
10 | use Kunstmaan\MediaBundle\Helper\MediaManager; |
||
11 | use Symfony\Component\Routing\Annotation\Route; |
||
12 | use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template; |
||
13 | use Symfony\Bundle\FrameworkBundle\Controller\Controller; |
||
14 | use Symfony\Component\HttpFoundation\File\File; |
||
15 | use Symfony\Component\HttpFoundation\JsonResponse; |
||
16 | use Symfony\Component\HttpFoundation\RedirectResponse; |
||
17 | use Symfony\Component\HttpFoundation\Request; |
||
18 | use Symfony\Component\HttpFoundation\Response; |
||
19 | |||
20 | /** |
||
21 | * MediaController |
||
22 | */ |
||
23 | class MediaController extends Controller |
||
24 | { |
||
25 | /** |
||
26 | * @param Request $request |
||
27 | * @param int $mediaId |
||
28 | * |
||
29 | * @Route("/{mediaId}", requirements={"mediaId" = "\d+"}, name="KunstmaanMediaBundle_media_show") |
||
30 | * |
||
31 | * @return Response |
||
32 | */ |
||
33 | public function showAction(Request $request, $mediaId) |
||
34 | { |
||
35 | $em = $this->getDoctrine()->getManager(); |
||
36 | |||
37 | /* @var Media $media */ |
||
38 | $media = $em->getRepository(Media::class)->getMedia($mediaId); |
||
39 | $folder = $media->getFolder(); |
||
40 | |||
41 | /* @var MediaManager $mediaManager */ |
||
42 | $mediaManager = $this->get('kunstmaan_media.media_manager'); |
||
43 | $handler = $mediaManager->getHandler($media); |
||
44 | $helper = $handler->getFormHelper($media); |
||
45 | |||
46 | $form = $this->createForm($handler->getFormType(), $helper, $handler->getFormTypeOptions()); |
||
47 | |||
48 | if ($request->isMethod('POST')) { |
||
49 | $form->handleRequest($request); |
||
50 | if ($form->isSubmitted() && $form->isValid()) { |
||
51 | $media = $helper->getMedia(); |
||
52 | $em->getRepository(Media::class)->save($media); |
||
53 | |||
54 | return new RedirectResponse( |
||
55 | $this->generateUrl( |
||
56 | 'KunstmaanMediaBundle_media_show', |
||
57 | ['mediaId' => $media->getId()] |
||
58 | ) |
||
59 | ); |
||
60 | } |
||
61 | } |
||
62 | $showTemplate = $mediaManager->getHandler($media)->getShowTemplate($media); |
||
63 | |||
64 | return $this->render( |
||
65 | $showTemplate, |
||
66 | [ |
||
67 | 'handler' => $handler, |
||
68 | 'foldermanager' => $this->get('kunstmaan_media.folder_manager'), |
||
69 | 'mediamanager' => $this->get('kunstmaan_media.media_manager'), |
||
70 | 'editform' => $form->createView(), |
||
71 | 'media' => $media, |
||
72 | 'helper' => $helper, |
||
73 | 'folder' => $folder, |
||
74 | ] |
||
75 | ); |
||
76 | } |
||
77 | |||
78 | /** |
||
79 | * @param Request $request |
||
80 | * @param int $mediaId |
||
81 | * |
||
82 | * @Route("/delete/{mediaId}", requirements={"mediaId" = "\d+"}, name="KunstmaanMediaBundle_media_delete") |
||
83 | * |
||
84 | * @return RedirectResponse |
||
85 | */ |
||
86 | public function deleteAction(Request $request, $mediaId) |
||
87 | { |
||
88 | $em = $this->getDoctrine()->getManager(); |
||
89 | |||
90 | /* @var Media $media */ |
||
91 | $media = $em->getRepository(Media::class)->getMedia($mediaId); |
||
92 | $medianame = $media->getName(); |
||
93 | $folder = $media->getFolder(); |
||
94 | |||
95 | $em->getRepository(Media::class)->delete($media); |
||
96 | |||
97 | $this->addFlash( |
||
98 | FlashTypes::SUCCESS, |
||
99 | $this->get('translator')->trans( |
||
100 | 'kuma_admin.media.flash.deleted_success.%medianame%', |
||
101 | [ |
||
102 | '%medianame%' => $medianame, |
||
103 | ] |
||
104 | ) |
||
105 | ); |
||
106 | |||
107 | // If the redirect url is passed via the url we use it |
||
108 | $redirectUrl = $request->query->get('redirectUrl'); |
||
109 | if (empty($redirectUrl) || (\strpos($redirectUrl, $request->getSchemeAndHttpHost()) !== 0 && strncmp($redirectUrl, '/', 1) !== 0)) { |
||
110 | $redirectUrl = $this->generateUrl( |
||
111 | 'KunstmaanMediaBundle_folder_show', |
||
112 | ['folderId' => $folder->getId()] |
||
113 | ); |
||
114 | } |
||
115 | |||
116 | return new RedirectResponse($redirectUrl); |
||
117 | } |
||
118 | |||
119 | /** |
||
120 | * @param int $folderId |
||
121 | * |
||
122 | * @Route("bulkupload/{folderId}", requirements={"folderId" = "\d+"}, name="KunstmaanMediaBundle_media_bulk_upload") |
||
123 | * @Template("@KunstmaanMedia/Media/bulkUpload.html.twig") |
||
124 | * |
||
125 | * @return array|RedirectResponse |
||
126 | */ |
||
127 | public function bulkUploadAction($folderId) |
||
128 | { |
||
129 | $em = $this->getDoctrine()->getManager(); |
||
130 | |||
131 | /* @var Folder $folder */ |
||
132 | $folder = $em->getRepository(Folder::class)->getFolder($folderId); |
||
133 | |||
134 | return ['folder' => $folder]; |
||
135 | } |
||
136 | |||
137 | /** |
||
138 | * @param Request $request |
||
139 | * @param int $folderId |
||
140 | * |
||
141 | * @Route("bulkuploadsubmit/{folderId}", requirements={"folderId" = "\d+"}, name="KunstmaanMediaBundle_media_bulk_upload_submit", methods={"POST"}) |
||
142 | * |
||
143 | * @return JsonResponse |
||
144 | */ |
||
145 | public function bulkUploadSubmitAction(Request $request, $folderId) |
||
146 | { |
||
147 | // Settings |
||
148 | if (\ini_get('upload_tmp_dir')) { |
||
149 | $tempDir = \ini_get('upload_tmp_dir'); |
||
150 | } else { |
||
151 | $tempDir = \sys_get_temp_dir(); |
||
152 | } |
||
153 | $targetDir = \rtrim($tempDir, '/').DIRECTORY_SEPARATOR.'plupload'; |
||
154 | $cleanupTargetDir = true; // Remove old files |
||
155 | $maxFileAge = 5 * 60 * 60; // Temp file age in seconds |
||
156 | |||
157 | // Create target dir |
||
158 | if (!\file_exists($targetDir)) { |
||
159 | @\mkdir($targetDir); |
||
160 | } |
||
161 | |||
162 | $submittedToken = $request->headers->get('x-upload-token'); |
||
163 | if (!$this->isCsrfTokenValid('bulk-upload-media', $submittedToken)) { |
||
164 | return $this->returnJsonError('105', 'Could not verify token'); |
||
165 | } |
||
166 | |||
167 | // Get a file name |
||
168 | if ($request->request->has('name')) { |
||
169 | $fileName = $request->request->get('name'); |
||
170 | } elseif (0 !== $request->files->count()) { |
||
171 | $fileName = $request->files->get('file')['name']; |
||
172 | } else { |
||
173 | $fileName = \uniqid('file_', false); |
||
174 | } |
||
175 | $filePath = $targetDir.DIRECTORY_SEPARATOR.$fileName; |
||
176 | |||
177 | $chunk = 0; |
||
178 | $chunks = 0; |
||
179 | // Chunking might be enabled |
||
180 | if ($request->request->has('chunk')) { |
||
181 | $chunk = $request->request->getInt('chunk'); |
||
182 | } |
||
183 | if ($request->request->has('chunks')) { |
||
184 | $chunks = $request->request->getInt('chunks'); |
||
185 | } |
||
186 | |||
187 | // Remove old temp files |
||
188 | if ($cleanupTargetDir) { |
||
189 | if (!\is_dir($targetDir) || !$dir = \opendir($targetDir)) { |
||
190 | return $this->returnJsonError('100', 'Failed to open temp directory.'); |
||
191 | } |
||
192 | |||
193 | while (($file = \readdir($dir)) !== false) { |
||
194 | $tmpFilePath = $targetDir.DIRECTORY_SEPARATOR.$file; |
||
195 | |||
196 | // If temp file is current file proceed to the next |
||
197 | if ($tmpFilePath === "{$filePath}.part") { |
||
198 | continue; |
||
199 | } |
||
200 | |||
201 | // Remove temp file if it is older than the max age and is not the current file |
||
202 | if (\preg_match('/\.part$/', $file) && (\filemtime($tmpFilePath) < \time() - $maxFileAge)) { |
||
203 | $success = @\unlink($tmpFilePath); |
||
204 | if ($success !== true) { |
||
205 | return $this->returnJsonError('106', 'Could not remove temp file: '.$filePath); |
||
206 | } |
||
207 | } |
||
208 | } |
||
209 | \closedir($dir); |
||
210 | } |
||
211 | |||
212 | // Open temp file |
||
213 | if (!$out = @\fopen("{$filePath}.part", $chunks ? 'ab' : 'wb')) { |
||
214 | return $this->returnJsonError('102', 'Failed to open output stream.'); |
||
215 | } |
||
216 | |||
217 | if (0 !== $request->files->count()) { |
||
218 | $_file = $request->files->get('file'); |
||
219 | if ($_file->getError() > 0 || !\is_uploaded_file($_file->getRealPath())) { |
||
220 | return $this->returnJsonError('103', 'Failed to move uploaded file.'); |
||
221 | } |
||
222 | |||
223 | // Read binary input stream and append it to temp file |
||
224 | if (!$input = @\fopen($_file->getRealPath(), 'rb')) { |
||
225 | return $this->returnJsonError('101', 'Failed to open input stream.'); |
||
226 | } |
||
227 | } else { |
||
228 | if (!$input = @\fopen('php://input', 'rb')) { |
||
229 | return $this->returnJsonError('101', 'Failed to open input stream.'); |
||
230 | } |
||
231 | } |
||
232 | |||
233 | while ($buff = \fread($input, 4096)) { |
||
234 | \fwrite($out, $buff); |
||
235 | } |
||
236 | |||
237 | @\fclose($out); |
||
238 | @\fclose($input); |
||
239 | |||
240 | // Check if file has been uploaded |
||
241 | if (!$chunks || $chunk === $chunks - 1) { |
||
242 | // Strip the temp .part suffix off |
||
243 | \rename("{$filePath}.part", $filePath); |
||
244 | } |
||
245 | |||
246 | $em = $this->getDoctrine()->getManager(); |
||
247 | /* @var Folder $folder */ |
||
248 | $folder = $em->getRepository(Folder::class)->getFolder($folderId); |
||
249 | $file = new File($filePath); |
||
250 | |||
251 | try { |
||
252 | /* @var Media $media */ |
||
253 | $media = $this->get('kunstmaan_media.media_manager')->getHandler($file)->createNew($file); |
||
254 | $media->setFolder($folder); |
||
255 | $em->getRepository(Media::class)->save($media); |
||
0 ignored issues
–
show
|
|||
256 | } catch (Exception $e) { |
||
257 | return $this->returnJsonError('104', 'Failed performing save on media-manager'); |
||
258 | } |
||
259 | |||
260 | $success = \unlink($filePath); |
||
261 | if ($success !== true) { |
||
262 | return $this->returnJsonError('105', 'Could not remove temp file: '.$filePath); |
||
263 | } |
||
264 | |||
265 | // Send headers making sure that the file is not cached (as it happens for example on iOS devices) |
||
266 | $response = new JsonResponse( |
||
267 | [ |
||
268 | 'jsonrpc' => '2.0', |
||
269 | 'result' => '', |
||
270 | 'id' => 'id', |
||
271 | ], JsonResponse::HTTP_OK, [ |
||
272 | 'Expires' => 'Mon, 26 Jul 1997 05:00:00 GMT', |
||
273 | 'Last-Modified' => \gmdate('D, d M Y H:i:s').' GMT', |
||
274 | 'Cache-Control' => 'no-store, no-cache, must-revalidate, post-check=0, pre-check=0', |
||
275 | 'Pragma' => 'no-cache', |
||
276 | ] |
||
277 | ); |
||
278 | |||
279 | return $response; |
||
280 | } |
||
281 | |||
282 | private function returnJsonError($code, $message) |
||
283 | { |
||
284 | return new JsonResponse( |
||
285 | [ |
||
286 | 'jsonrpc' => '2.0', |
||
287 | 'error ' => [ |
||
288 | 'code' => $code, |
||
289 | 'message' => $message, |
||
290 | ], |
||
291 | 'id' => 'id', |
||
292 | ] |
||
293 | ); |
||
294 | } |
||
295 | |||
296 | /** |
||
297 | * @param Request $request |
||
298 | * @param int $folderId |
||
299 | * |
||
300 | * @Route("drop/{folderId}", requirements={"folderId" = "\d+"}, name="KunstmaanMediaBundle_media_drop_upload", methods={"GET", "POST"}) |
||
301 | * |
||
302 | * @return JsonResponse |
||
303 | */ |
||
304 | public function dropAction(Request $request, $folderId) |
||
305 | { |
||
306 | $em = $this->getDoctrine()->getManager(); |
||
307 | |||
308 | /* @var Folder $folder */ |
||
309 | $folder = $em->getRepository(Folder::class)->getFolder($folderId); |
||
310 | |||
311 | $drop = null; |
||
312 | |||
313 | if ($request->files->has('files') && $request->files->get('files')['error'] === 0) { |
||
314 | $drop = $request->files->get('files'); |
||
315 | } else { |
||
316 | if ($request->files->get('file')) { |
||
317 | $drop = $request->files->get('file'); |
||
318 | } else { |
||
319 | $drop = $request->get('text'); |
||
320 | } |
||
321 | } |
||
322 | $media = $this->get('kunstmaan_media.media_manager')->createNew($drop); |
||
323 | if ($media) { |
||
324 | $media->setFolder($folder); |
||
325 | $em->getRepository(Media::class)->save($media); |
||
326 | |||
327 | return new JsonResponse(['status' => $this->get('translator')->trans('kuma_admin.media.flash.drop_success')]); |
||
328 | } |
||
329 | |||
330 | $request->getSession()->getFlashBag()->add( |
||
331 | FlashTypes::DANGER, |
||
332 | $this->get('translator')->trans('kuma_admin.media.flash.drop_unrecognized') |
||
333 | ); |
||
334 | |||
335 | return new JsonResponse(['status' => $this->get('translator')->trans('kuma_admin.media.flash.drop_unrecognized')]); |
||
336 | } |
||
337 | |||
338 | /** |
||
339 | * @param Request $request |
||
340 | * @param int $folderId The folder id |
||
341 | * @param string $type The type |
||
342 | * |
||
343 | * @Route("create/{folderId}/{type}", requirements={"folderId" = "\d+", "type" = ".+"}, name="KunstmaanMediaBundle_media_create", methods={"GET", "POST"}) |
||
344 | * @Template("@KunstmaanMedia/Media/create.html.twig") |
||
345 | * |
||
346 | * @return array|RedirectResponse |
||
347 | */ |
||
348 | public function createAction(Request $request, $folderId, $type) |
||
349 | { |
||
350 | return $this->createAndRedirect($request, $folderId, $type, 'KunstmaanMediaBundle_folder_show'); |
||
351 | } |
||
352 | |||
353 | /** |
||
354 | * @param Request $request |
||
355 | * @param int $folderId The folder Id |
||
356 | * @param string $type The type |
||
357 | * @param string $redirectUrl The url where we want to redirect to on success |
||
358 | * @param array $extraParams The extra parameters that will be passed wen redirecting |
||
359 | * |
||
360 | * @return array|RedirectResponse |
||
361 | */ |
||
362 | private function createAndRedirect(Request $request, $folderId, $type, $redirectUrl, $extraParams = [], $isInModal = false) |
||
363 | { |
||
364 | $em = $this->getDoctrine()->getManager(); |
||
365 | |||
366 | /* @var Folder $folder */ |
||
367 | $folder = $em->getRepository(Folder::class)->getFolder($folderId); |
||
368 | |||
369 | /* @var MediaManager $mediaManager */ |
||
370 | $mediaManager = $this->get('kunstmaan_media.media_manager'); |
||
371 | $handler = $mediaManager->getHandlerForType($type); |
||
372 | $media = new Media(); |
||
373 | $helper = $handler->getFormHelper($media); |
||
374 | |||
375 | $form = $this->createForm($handler->getFormType(), $helper, $handler->getFormTypeOptions()); |
||
376 | |||
377 | if ($request->isMethod('POST')) { |
||
378 | $params = ['folderId' => $folder->getId()]; |
||
379 | $params = \array_merge($params, $extraParams); |
||
380 | |||
381 | $form->handleRequest($request); |
||
382 | |||
383 | if ($form->isSubmitted() && $form->isValid()) { |
||
384 | $media = $helper->getMedia(); |
||
385 | $media->setFolder($folder); |
||
386 | $em->getRepository(Media::class)->save($media); |
||
387 | |||
388 | $this->addFlash( |
||
389 | FlashTypes::SUCCESS, |
||
390 | $this->get('translator')->trans( |
||
391 | 'media.flash.created', |
||
392 | [ |
||
393 | '%medianame%' => $media->getName(), |
||
394 | ] |
||
395 | ) |
||
396 | ); |
||
397 | |||
398 | return new RedirectResponse($this->generateUrl($redirectUrl, $params)); |
||
399 | } |
||
400 | |||
401 | if ($isInModal) { |
||
402 | $this->addFlash( |
||
403 | FlashTypes::DANGER, |
||
404 | $this->get('translator')->trans( |
||
405 | 'media.flash.not_created', |
||
406 | [ |
||
407 | '%mediaerrors%' => $form->getErrors(true, true), |
||
408 | ] |
||
409 | ) |
||
410 | ); |
||
411 | |||
412 | return new RedirectResponse($this->generateUrl($redirectUrl, $params)); |
||
413 | } |
||
414 | } |
||
415 | |||
416 | return [ |
||
417 | 'type' => $type, |
||
418 | 'form' => $form->createView(), |
||
419 | 'folder' => $folder, |
||
420 | ]; |
||
421 | } |
||
422 | |||
423 | /** |
||
424 | * @param Request $request |
||
425 | * @param int $folderId The folder id |
||
426 | * @param string $type The type |
||
427 | * |
||
428 | * @Route("create/modal/{folderId}/{type}", requirements={"folderId" = "\d+", "type" = ".+"}, name="KunstmaanMediaBundle_media_modal_create", methods={"POST"}) |
||
429 | * |
||
430 | * @return array|RedirectResponse |
||
431 | */ |
||
432 | public function createModalAction(Request $request, $folderId, $type) |
||
433 | { |
||
434 | $cKEditorFuncNum = $request->get('CKEditorFuncNum'); |
||
435 | $linkChooser = $request->get('linkChooser'); |
||
436 | |||
437 | $extraParams = []; |
||
438 | if (!empty($cKEditorFuncNum)) { |
||
439 | $extraParams['CKEditorFuncNum'] = $cKEditorFuncNum; |
||
440 | } |
||
441 | if (!empty($linkChooser)) { |
||
442 | $extraParams['linkChooser'] = $linkChooser; |
||
443 | } |
||
444 | |||
445 | return $this->createAndRedirect( |
||
446 | $request, |
||
447 | $folderId, |
||
448 | $type, |
||
449 | 'KunstmaanMediaBundle_chooser_show_folder', |
||
450 | $extraParams, |
||
451 | true |
||
452 | ); |
||
453 | } |
||
454 | |||
455 | /** |
||
456 | * @param Request $request |
||
457 | * |
||
458 | * @Route("move/", name="KunstmaanMediaBundle_media_move", methods={"POST"}) |
||
459 | * |
||
460 | * @return string |
||
461 | */ |
||
462 | public function moveMedia(Request $request) |
||
463 | { |
||
464 | @trigger_error(sprintf('The "%s" controller action is deprecated in KunstmaanMediaBundle 5.1 and will be removed in KunstmaanMediaBundle 6.0.', __METHOD__), E_USER_DEPRECATED); |
||
465 | |||
466 | $mediaId = $request->request->get('mediaId'); |
||
467 | $folderId = $request->request->get('folderId'); |
||
468 | |||
469 | if (empty($mediaId) || empty($folderId)) { |
||
470 | return new JsonResponse(['error' => ['title' => 'Missing media id or folder id']], 400); |
||
471 | } |
||
472 | |||
473 | $em = $this->getDoctrine()->getManager(); |
||
474 | $mediaRepo = $em->getRepository(Media::class); |
||
475 | |||
476 | $media = $mediaRepo->getMedia($mediaId); |
||
477 | $folder = $em->getRepository(Folder::class)->getFolder($folderId); |
||
478 | |||
479 | $media->setFolder($folder); |
||
480 | $mediaRepo->save($media); |
||
481 | |||
482 | return new JsonResponse(); |
||
483 | } |
||
484 | |||
485 | /** |
||
486 | * @Route("/bulk-move", name="KunstmaanMediaBundle_media_bulk_move") |
||
487 | * |
||
488 | * @param Request $request |
||
489 | * |
||
490 | * @return JsonResponse|Response |
||
491 | * |
||
492 | * @throws \Doctrine\DBAL\DBALException |
||
493 | */ |
||
494 | public function bulkMoveAction(Request $request) |
||
495 | { |
||
496 | $em = $this->getDoctrine()->getManager(); |
||
497 | $mediaRepo = $em->getRepository(Media::class); |
||
498 | $form = $this->createForm(BulkMoveMediaType::class); |
||
499 | |||
500 | $form->handleRequest($request); |
||
501 | |||
502 | if ($form->isSubmitted() && $form->isValid()) { |
||
503 | /** @var Folder $folder */ |
||
504 | $folder = $form->getData()['folder']; |
||
505 | $mediaIds = explode(',', $form->getData()['media']); |
||
506 | |||
507 | $mediaRepo->createQueryBuilder('m') |
||
508 | ->update() |
||
509 | ->set('m.folder', $folder->getId()) |
||
510 | ->where('m.id in (:mediaIds)') |
||
511 | ->setParameter('mediaIds', $mediaIds) |
||
512 | ->getQuery() |
||
513 | ->execute(); |
||
514 | |||
515 | $this->addFlash(FlashTypes::SUCCESS, $this->get('translator')->trans('media.folder.bulk_move.success.text')); |
||
516 | |||
517 | return new JsonResponse( |
||
518 | [ |
||
519 | 'Success' => 'The media is moved', |
||
520 | ] |
||
521 | ); |
||
522 | } |
||
523 | |||
524 | return $this->render( |
||
525 | '@KunstmaanMedia/Folder/bulk-move-modal_form.html.twig', |
||
526 | [ |
||
527 | 'form' => $form->createView(), |
||
528 | ] |
||
529 | ); |
||
530 | } |
||
531 | } |
||
532 |
Let’s take a look at an example:
In the above example, the authenticate() method works fine as long as you just pass instances of MyUser. However, if you now also want to pass a different implementation of User which does not have a getDisplayName() method, the code will break.
Available Fixes
Change the type-hint for the parameter:
Add an additional type-check:
Add the method to the interface: