This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace NwLaravel\FileStorage; |
||
4 | |||
5 | use \Exception; |
||
6 | use \RuntimeException; |
||
7 | use Symfony\Component\HttpFoundation\File\UploadedFile; |
||
8 | use Illuminate\Contracts\Filesystem\Filesystem as Storage; |
||
9 | use Intervention\Image\Image; |
||
10 | |||
11 | /** |
||
12 | * Class StorageManager |
||
13 | */ |
||
14 | class StorageManager |
||
15 | { |
||
16 | /** |
||
17 | * @var Storage |
||
18 | */ |
||
19 | protected $storage; |
||
20 | |||
21 | /** |
||
22 | * @var ImagineFactory |
||
23 | */ |
||
24 | protected $imagineFactory; |
||
25 | |||
26 | /** |
||
27 | * Construct |
||
28 | * |
||
29 | * @param Storage $storage |
||
30 | * @param ImagineFactory $imagineFactory |
||
31 | */ |
||
32 | public function __construct(Storage $storage, ImagineFactory $imagineFactory = null) |
||
33 | { |
||
34 | $this->storage = $storage; |
||
35 | $this->imagineFactory = $imagineFactory; |
||
36 | } |
||
37 | |||
38 | /** |
||
39 | * File Exists |
||
40 | * |
||
41 | * @param string $filename Path File |
||
42 | * |
||
43 | * @return bool |
||
44 | */ |
||
45 | public function exists($filename) |
||
46 | { |
||
47 | try { |
||
48 | return $this->storage->exists($filename); |
||
49 | |||
50 | } catch (\Exception $e) { |
||
51 | return false; |
||
52 | } |
||
53 | } |
||
54 | |||
55 | /** |
||
56 | * Get Size |
||
57 | * |
||
58 | * @param string $filename Path File |
||
59 | * |
||
60 | * @return bool |
||
61 | */ |
||
62 | public function size($filename) |
||
63 | { |
||
64 | try { |
||
65 | return intval($this->storage->size($filename)); |
||
66 | |||
67 | } catch (\Exception $e) { |
||
68 | return 0; |
||
69 | } |
||
70 | } |
||
71 | |||
72 | /** |
||
73 | * Get MimeType File |
||
74 | * |
||
75 | * @param string $filename Path File |
||
76 | * |
||
77 | * @return bool |
||
78 | */ |
||
79 | public function mimeType($filename) |
||
80 | { |
||
81 | try { |
||
82 | return $this->storage->mimeType($filename); |
||
83 | |||
84 | } catch (\Exception $e) { |
||
85 | return null; |
||
86 | } |
||
87 | } |
||
88 | |||
89 | /** |
||
90 | * Path is Directory |
||
91 | * |
||
92 | * @param string $path Path Directory |
||
93 | * |
||
94 | * @return bool |
||
95 | */ |
||
96 | public function isDir($path) |
||
97 | { |
||
98 | $mimeType = $this->mimeType($path); |
||
99 | |||
100 | if ($this->exists($path) && (!$mimeType || $mimeType == 'directory')) { |
||
101 | return true; |
||
102 | } |
||
103 | |||
104 | return false; |
||
105 | } |
||
106 | |||
107 | /** |
||
108 | * Is File |
||
109 | * |
||
110 | * @param string $filename Path File |
||
111 | * |
||
112 | * @return bool |
||
113 | */ |
||
114 | public function isFile($filename) |
||
115 | { |
||
116 | return !$this->isDir($filename); |
||
117 | } |
||
118 | |||
119 | /** |
||
120 | * Get Meta Data |
||
121 | * |
||
122 | * @param string $filename Path File |
||
123 | * |
||
124 | * @return bool |
||
125 | */ |
||
126 | public function metaData($filename) |
||
127 | { |
||
128 | try { |
||
129 | return $this->storage->getMetadata($filename); |
||
0 ignored issues
–
show
|
|||
130 | |||
131 | } catch (\Exception $e) { |
||
132 | return null; |
||
133 | } |
||
134 | } |
||
135 | |||
136 | /** |
||
137 | * Read Content File |
||
138 | * |
||
139 | * @param string $filename Path File |
||
140 | * |
||
141 | * @return string |
||
142 | */ |
||
143 | public function readFile($filename) |
||
144 | { |
||
145 | return $this->storage->get($filename); |
||
146 | } |
||
147 | |||
148 | /** |
||
149 | * Delete File |
||
150 | * |
||
151 | * @param string $filename Path File |
||
152 | * |
||
153 | * @return bool |
||
154 | */ |
||
155 | public function deleteFile($filename) |
||
156 | { |
||
157 | if ($this->isDir($filename)) { |
||
158 | return false; |
||
159 | } |
||
160 | |||
161 | return $this->storage->delete($filename); |
||
162 | } |
||
163 | |||
164 | /** |
||
165 | * Delete Folder |
||
166 | * |
||
167 | * @param string $folder |
||
168 | * |
||
169 | * @return bool |
||
170 | */ |
||
171 | public function deleteFolder($folder) |
||
172 | { |
||
173 | if ($this->isFile($folder)) { |
||
174 | return false; |
||
175 | } |
||
176 | |||
177 | return $this->storage->deleteDirectory($folder); |
||
178 | } |
||
179 | |||
180 | /** |
||
181 | * Files in Folder |
||
182 | * |
||
183 | * @param string $path |
||
184 | * @param bool $recursive |
||
185 | * |
||
186 | * @return array |
||
187 | */ |
||
188 | public function files($path, $recursive = false) |
||
189 | { |
||
190 | if ($this->isFile($path)) { |
||
191 | return null; |
||
192 | } |
||
193 | |||
194 | return $this->storage->files($path, (bool) $recursive); |
||
195 | } |
||
196 | |||
197 | /** |
||
198 | * UploadFile |
||
199 | * |
||
200 | * @param UploadedFile|string $file Uploaded File |
||
201 | * @param string $folder String Folder |
||
202 | * @param string $name String Name |
||
203 | * @param bool $override Boolean Over Ride |
||
204 | * @param array $config Array Config Upload |
||
205 | * |
||
206 | * @return bool |
||
207 | */ |
||
208 | public function uploadFile($file, $folder = null, $name = null, $override = false, array $config = []) |
||
209 | { |
||
210 | $data = $this->parseFile($file, $folder, $name, $override); |
||
211 | |||
212 | $success = (bool) $this->storage->put($data['filename'], file_get_contents($file), $config); |
||
213 | |||
214 | if ($success) { |
||
215 | return $data; |
||
216 | } |
||
217 | |||
218 | return false; |
||
219 | } |
||
220 | |||
221 | /** |
||
222 | * Upload Image |
||
223 | * |
||
224 | * @param UploadedFile $file Uploaded File |
||
225 | * @param string $folder String Folder |
||
226 | * @param string $name String Name |
||
227 | * @param array $options Array Options |
||
228 | * @param bool $override Boolean Over Ride |
||
229 | * @param array $config Array Config Upload |
||
230 | * |
||
231 | * @return bool |
||
232 | */ |
||
233 | public function uploadImage( |
||
234 | $file, |
||
235 | $folder = null, |
||
236 | $name = null, |
||
237 | array $options = [], |
||
238 | $override = false, |
||
239 | array $config = [] |
||
240 | ) { |
||
241 | $data = $this->parseFile($file, $folder, $name, $override); |
||
242 | |||
243 | if ($this->imagineFactory) { |
||
244 | if ($file instanceof UploadedFile) { |
||
245 | $pathImage = $file->getPathname(); |
||
246 | } else { |
||
247 | $pathImage = $file; |
||
248 | } |
||
249 | |||
250 | $width = isset($options['width']) ? intval($options['width']) : 0; |
||
251 | $height = isset($options['height']) ? intval($options['height']) : 0; |
||
252 | $scale = isset($options['scale']) ? (bool) $options['scale'] : true; |
||
253 | $opacity = isset($options['opacity']) ? (float) $options['opacity'] : null; |
||
254 | $watermark = isset($options['watermark']) ? $options['watermark'] : null; |
||
255 | $quality = isset($options['quality']) ? intval($options['quality']) : 85; // Quality Deufault: 85; |
||
0 ignored issues
–
show
$quality is not used, you could remove the assignment.
This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value';
$higher = false;
if (rand(1, 6) > 3) {
$higher = true;
} else {
$higher = false;
}
Both the
Loading history...
|
|||
256 | |||
257 | $imagine = $this->imagineFactory->make($pathImage); |
||
258 | $imagine->stripProfiles(); |
||
259 | $imagine->resize($width, $height, !$scale); |
||
260 | $imagine->opacity($opacity); |
||
261 | $imagine->watermark($watermark); |
||
262 | // $imagine = $imagine->save($pathImage.'.'.$data['extension'], $quality); |
||
263 | $data['size'] = $imagine->filesize(); |
||
264 | $content = $imagine->encode(); |
||
265 | } else { |
||
266 | $content = file_get_contents($file); |
||
267 | } |
||
268 | |||
269 | $success = $this->storage->put($data['filename'], $content, $config); |
||
270 | |||
271 | if ($success) { |
||
272 | return $data; |
||
273 | } |
||
274 | |||
275 | return false; |
||
276 | } |
||
277 | |||
278 | /** |
||
279 | * Parse Filename |
||
280 | * |
||
281 | * @param UploadedFile|string $file Uploaded File |
||
282 | * @param string $name String Name |
||
283 | * @param string $folder String Folder |
||
284 | * @param bool $override Boolean Over Ride |
||
285 | * |
||
286 | * @return bool|array |
||
287 | */ |
||
288 | protected function parseFile($file, $folder = null, $name = null, $override = false) |
||
289 | { |
||
290 | if (!$file instanceof UploadedFile && !file_exists($file)) { |
||
291 | throw new RuntimeException("File invalid"); |
||
292 | } |
||
293 | |||
294 | $folder = trim((string) $folder, '/'); |
||
295 | $folder = $folder ? "{$folder}/" : ""; |
||
296 | $this->storage->makeDirectory($folder); |
||
297 | |||
298 | if ($file instanceof UploadedFile) { |
||
299 | $clientOriginalName = $file->getClientOriginalName(); |
||
300 | $extension = $file->getClientOriginalExtension(); |
||
301 | $size = $file->getClientSize(); |
||
302 | $mime = $file->getClientMimeType(); |
||
303 | } else { |
||
304 | $info = pathinfo($file); |
||
305 | $clientOriginalName = $info['filename']; |
||
306 | $extension = $info['extension']; |
||
307 | $size = filesize($file); |
||
308 | $mime = mime_content_type($file); |
||
309 | } |
||
310 | |||
311 | $name = $name ?: $clientOriginalName; |
||
312 | $nameOriginal = str_slug(pathinfo($name, PATHINFO_FILENAME)); |
||
313 | |||
314 | if (empty($nameOriginal)) { |
||
315 | $nameOriginal = str_random(10); |
||
316 | } |
||
317 | |||
318 | $sufix = ''; |
||
319 | $count = 1; |
||
320 | do { |
||
321 | $name = "{$nameOriginal}{$sufix}.{$extension}"; |
||
322 | $filename = "{$folder}{$name}"; |
||
323 | $sufix = "({$count})"; |
||
324 | $count++; |
||
325 | |||
326 | } while (!$override && $this->storage->exists($filename)); |
||
327 | |||
328 | return compact('filename', 'name', 'extension', 'size', 'mime'); |
||
329 | } |
||
330 | |||
331 | /** |
||
332 | * Crop Image |
||
333 | * |
||
334 | * @param string $filename |
||
335 | * @param int $width |
||
336 | * @param int $height |
||
337 | * @param int $x |
||
338 | * @param int $y |
||
339 | * |
||
340 | * @return bool |
||
341 | */ |
||
342 | public function cropImage( |
||
343 | $filename, |
||
344 | $width, |
||
345 | $height, |
||
346 | $x, |
||
347 | $y, |
||
348 | $target = null |
||
349 | ) { |
||
350 | if (!$this->imagineFactory) { |
||
351 | return false; |
||
352 | } |
||
353 | |||
354 | $image = $this->storage->get($filename); |
||
355 | $imagine = $this->imagineFactory->make($image); |
||
356 | $imagine->crop($width, $height, $x, $y); |
||
357 | |||
358 | if (!$target) { |
||
359 | $target = $filename; |
||
360 | } |
||
361 | |||
362 | return $this->storage->put($target, $imagine->encode()); |
||
363 | } |
||
364 | |||
365 | /** |
||
366 | * Watermark Image |
||
367 | * |
||
368 | * @param string $filename |
||
369 | * @param int $width |
||
370 | * @param int $height |
||
371 | * @param int $x |
||
372 | * @param int $y |
||
373 | * |
||
374 | * @return bool |
||
375 | */ |
||
376 | public function watermarkImage( |
||
377 | $filename, |
||
378 | $watermark, |
||
379 | $position = 'center', |
||
380 | $opacity = null, |
||
381 | $target = null |
||
382 | ) { |
||
383 | if (!$this->imagineFactory) { |
||
384 | return false; |
||
385 | } |
||
386 | |||
387 | $filename = $bemArquivo->file; |
||
0 ignored issues
–
show
|
|||
388 | |||
389 | $pathTmp = tempnam(sys_get_temp_dir(), $name); |
||
0 ignored issues
–
show
|
|||
390 | file_put_contents($pathTmp, $this->storage->get($filename)); |
||
391 | $imagine = $this->imagineFactory->make($pathTmp); |
||
392 | @unlink($pathTmp); |
||
0 ignored issues
–
show
It seems like you do not handle an error condition here. This can introduce security issues, and is generally not recommended.
If you suppress an error, we recommend checking for the error condition explicitly: // For example instead of
@mkdir($dir);
// Better use
if (@mkdir($dir) === false) {
throw new \RuntimeException('The directory '.$dir.' could not be created.');
}
Loading history...
|
|||
393 | |||
394 | // Se o watermark existe |
||
395 | if (file_exists($watermark)) { |
||
396 | $imagine->watermark($watermark, $position, $opacity); |
||
397 | } |
||
398 | |||
399 | if (!$target) { |
||
400 | $target = $filename; |
||
401 | } |
||
402 | |||
403 | return $this->storage->put($target, $imagine->encode()); |
||
404 | } |
||
405 | |||
406 | /** |
||
407 | * Dynamically handle calls into the query instance. |
||
408 | * |
||
409 | * @param string $method |
||
410 | * @param array $parameters |
||
411 | * @return mixed |
||
412 | */ |
||
413 | public function __call($method, $parameters) |
||
414 | { |
||
415 | return $this->storage->{$method}(...$parameters); |
||
416 | } |
||
417 | } |
||
418 |
This check looks for calls to methods that do not seem to exist on a given type. It looks for the method on the type itself as well as in inherited classes or implemented interfaces.
This is most likely a typographical error or the method has been renamed.