This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace Irazasyed\VideoDownloader\Providers; |
||
4 | |||
5 | use GuzzleHttp\Client; |
||
6 | use GuzzleHttp\Exception\RequestException; |
||
7 | use GuzzleHttp\Promise; |
||
8 | use GuzzleHttp\Promise\PromiseInterface; |
||
9 | use GuzzleHttp\RequestOptions; |
||
10 | use Irazasyed\VideoDownloader\Exceptions\VideoDownloaderException; |
||
11 | |||
12 | /** |
||
13 | * Abstract Provider. |
||
14 | */ |
||
15 | abstract class Provider implements ProviderInterface |
||
16 | { |
||
17 | /** |
||
18 | * @var Client |
||
19 | */ |
||
20 | protected $client; |
||
21 | |||
22 | /** |
||
23 | * @var PromiseInterface[] |
||
24 | */ |
||
25 | private static $promises = []; |
||
26 | |||
27 | /** |
||
28 | * @var string |
||
29 | */ |
||
30 | protected $body; |
||
31 | |||
32 | /** |
||
33 | * VideoLinkGenerator constructor. |
||
34 | * |
||
35 | * @param Client|null $client |
||
36 | */ |
||
37 | public function __construct(Client $client = null) |
||
38 | { |
||
39 | $this->client = $client ?: new Client(); |
||
40 | } |
||
41 | |||
42 | /** |
||
43 | * Unwrap Promises. |
||
44 | */ |
||
45 | public function __destruct() |
||
46 | { |
||
47 | Promise\unwrap(self::$promises); |
||
48 | } |
||
49 | |||
50 | /** |
||
51 | * @param $url |
||
52 | */ |
||
53 | abstract public function getVideoInfo($url); |
||
54 | |||
55 | /** |
||
56 | * Sets HTTP client. |
||
57 | * |
||
58 | * @param $client |
||
59 | * |
||
60 | * @return $this |
||
61 | */ |
||
62 | public function setClient($client) |
||
63 | { |
||
64 | $this->client = $client; |
||
65 | |||
66 | return $this; |
||
67 | } |
||
68 | |||
69 | /** |
||
70 | * Gets HTTP client for internal class use. |
||
71 | * |
||
72 | * @return Client |
||
73 | */ |
||
74 | public function getClient() |
||
75 | { |
||
76 | return $this->client; |
||
77 | } |
||
78 | |||
79 | /** |
||
80 | * Returns Raw Response Body. |
||
81 | * |
||
82 | * @return string |
||
83 | */ |
||
84 | public function getBody() |
||
85 | { |
||
86 | return $this->body; |
||
87 | } |
||
88 | |||
89 | /** |
||
90 | * Get Page Source Code. |
||
91 | * |
||
92 | * @param $url |
||
93 | * |
||
94 | * @throws VideoDownloaderException |
||
95 | */ |
||
96 | public function getSourceCode($url) |
||
97 | { |
||
98 | $response = $this->httpRequest($url); |
||
99 | |||
100 | $status = $response->getStatusCode(); |
||
101 | |||
102 | if ($status === 200) { |
||
103 | return $this->body = $response->getBody(); |
||
104 | } |
||
105 | |||
106 | throw new VideoDownloaderException('Something went wrong, HTTP Status Code Returned: '.$status); |
||
107 | } |
||
108 | |||
109 | /** |
||
110 | * Download remote file from server |
||
111 | * and save it locally using HTTP Client. |
||
112 | * |
||
113 | * @param string $url The URL to Remote File to Download. |
||
114 | * @param string $dstFilename Destination Filename (Accepts File Path too). |
||
115 | * @param bool $isAsyncRequest |
||
116 | * |
||
117 | * @return string |
||
118 | */ |
||
119 | public function download($url, $dstFilename, $isAsyncRequest = false) |
||
120 | { |
||
121 | $baseDir = dirname($dstFilename); |
||
122 | if (!is_writable($baseDir)) { |
||
123 | @mkdir($baseDir, 0755, true); |
||
0 ignored issues
–
show
|
|||
124 | } |
||
125 | |||
126 | $this->httpRequest($url, ['sink' => $dstFilename], $isAsyncRequest); |
||
127 | |||
128 | return ['file_path' => $dstFilename]; |
||
129 | } |
||
130 | |||
131 | /** |
||
132 | * Make a HTTP Request. |
||
133 | * |
||
134 | * @param $url |
||
135 | * @param array $options |
||
136 | * @param bool|false $isAsyncRequest |
||
137 | * |
||
138 | * @return mixed |
||
139 | */ |
||
140 | private function httpRequest($url, array $options = [], $isAsyncRequest = false) |
||
141 | { |
||
142 | if ($url == null || trim($url) == '') { |
||
143 | return 'URL was invalid.'; |
||
144 | } |
||
145 | |||
146 | $options = $this->getOptions($this->defaultHeaders(), $options, $isAsyncRequest); |
||
147 | |||
148 | try { |
||
149 | $response = $this->client->getAsync($url, $options); |
||
150 | |||
151 | if ($isAsyncRequest) { |
||
152 | self::$promises[] = $response; |
||
153 | } else { |
||
154 | $response = $response->wait(); |
||
155 | } |
||
156 | } catch (RequestException $e) { |
||
157 | return 'There was an error while processing the request'; |
||
158 | } |
||
159 | |||
160 | return $response; |
||
161 | } |
||
162 | |||
163 | /** |
||
164 | * Prepares and returns request options. |
||
165 | * |
||
166 | * @param array $headers |
||
167 | * @param $options |
||
168 | * @param $isAsyncRequest |
||
169 | * |
||
170 | * @return array |
||
171 | */ |
||
172 | private function getOptions(array $headers, $options = [], $isAsyncRequest = false) |
||
173 | { |
||
174 | $default_options = [ |
||
175 | RequestOptions::HEADERS => $headers, |
||
176 | RequestOptions::SYNCHRONOUS => !$isAsyncRequest, |
||
177 | ]; |
||
178 | |||
179 | return array_merge($default_options, $options); |
||
180 | } |
||
181 | |||
182 | /** |
||
183 | * Returns Default Headers for HTTP Client. |
||
184 | * |
||
185 | * @return array |
||
186 | */ |
||
187 | protected function defaultHeaders() |
||
188 | { |
||
189 | return [ |
||
190 | 'User-Agent' => 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36', |
||
191 | 'Accept-Language' => 'en-US,en;q=0.8,sr;q=0.6,pt;q=0.4', |
||
192 | ]; |
||
193 | } |
||
194 | |||
195 | /** |
||
196 | * Decode Unicode Sequences. |
||
197 | * |
||
198 | * @param $str |
||
199 | * |
||
200 | * @return mixed |
||
201 | */ |
||
202 | protected function decodeUnicode($str) |
||
203 | { |
||
204 | return preg_replace_callback( |
||
205 | '/\\\\u([0-9a-f]{4})/i', |
||
206 | [$this, 'replace_unicode_escape_sequence'], |
||
207 | $str |
||
208 | ); |
||
209 | } |
||
210 | |||
211 | /** |
||
212 | * Cleanup string to readible text. |
||
213 | * |
||
214 | * @param string $str |
||
215 | * |
||
216 | * @return string |
||
217 | */ |
||
218 | protected function cleanStr($str) |
||
219 | { |
||
220 | return html_entity_decode(strip_tags($str), ENT_QUOTES, 'UTF-8'); |
||
221 | } |
||
222 | |||
223 | /** |
||
224 | * @param $uni |
||
225 | * |
||
226 | * @return bool|mixed|string |
||
227 | */ |
||
228 | protected function replace_unicode_escape_sequence($uni) |
||
229 | { |
||
230 | return mb_convert_encoding(pack('H*', $uni[1]), 'UTF-8', 'UCS-2BE'); |
||
231 | } |
||
232 | } |
||
233 |
If you suppress an error, we recommend checking for the error condition explicitly: