rosell-dk /
webp-convert
@@ -15,22 +15,22 @@ |
||
| 15 | 15 | class PathChecker |
| 16 | 16 | { |
| 17 | 17 | |
| 18 | - /** |
|
| 19 | - * Check absolute file path to prevent attacks. |
|
| 20 | - * |
|
| 21 | - * - Prevents non printable characters |
|
| 22 | - * - Prevents stream wrappers |
|
| 23 | - * - Prevents directory traversal |
|
| 24 | - * |
|
| 25 | - * Preventing non printable characters is especially done to prevent the NUL character, which can be used |
|
| 26 | - * to bypass other tests. See https://st-g.de/2011/04/doing-filename-checks-securely-in-PHP. |
|
| 27 | - * |
|
| 28 | - * Preventeng stream wrappers is especially done to protect against Phar Deserialization. |
|
| 29 | - * See https://blog.ripstech.com/2018/new-php-exploitation-technique/ |
|
| 30 | - * |
|
| 31 | - * @param string $absFilePath |
|
| 32 | - * @return void |
|
| 33 | - */ |
|
| 18 | + /** |
|
| 19 | + * Check absolute file path to prevent attacks. |
|
| 20 | + * |
|
| 21 | + * - Prevents non printable characters |
|
| 22 | + * - Prevents stream wrappers |
|
| 23 | + * - Prevents directory traversal |
|
| 24 | + * |
|
| 25 | + * Preventing non printable characters is especially done to prevent the NUL character, which can be used |
|
| 26 | + * to bypass other tests. See https://st-g.de/2011/04/doing-filename-checks-securely-in-PHP. |
|
| 27 | + * |
|
| 28 | + * Preventeng stream wrappers is especially done to protect against Phar Deserialization. |
|
| 29 | + * See https://blog.ripstech.com/2018/new-php-exploitation-technique/ |
|
| 30 | + * |
|
| 31 | + * @param string $absFilePath |
|
| 32 | + * @return void |
|
| 33 | + */ |
|
| 34 | 34 | public static function checkAbsolutePath($absFilePath, $text = 'file') |
| 35 | 35 | { |
| 36 | 36 | if (empty($absFilePath)) { |
@@ -277,7 +277,7 @@ discard block |
||
| 277 | 277 | // otherwise encoding=auto would not work as expected |
| 278 | 278 | |
| 279 | 279 | if ($options['encoding'] == 'lossless') { |
| 280 | - $cmdOptions[] ='-near_lossless ' . $options['near-lossless']; |
|
| 280 | + $cmdOptions[] = '-near_lossless ' . $options['near-lossless']; |
|
| 281 | 281 | } else { |
| 282 | 282 | $this->logLn( |
| 283 | 283 | 'The near-lossless option ignored for lossy' |
@@ -427,7 +427,7 @@ discard block |
||
| 427 | 427 | } else { |
| 428 | 428 | $this->log('. Result: '); |
| 429 | 429 | if ($returnCode == 127) { |
| 430 | - $this->logLn('*Exec failed* (the cwebp binary was not found at path: ' . $binary. ')'); |
|
| 430 | + $this->logLn('*Exec failed* (the cwebp binary was not found at path: ' . $binary . ')'); |
|
| 431 | 431 | } else { |
| 432 | 432 | if ($returnCode == 126) { |
| 433 | 433 | $this->logLn( |
@@ -443,7 +443,7 @@ discard block |
||
| 443 | 443 | } |
| 444 | 444 | return $returnCode; |
| 445 | 445 | } |
| 446 | - return ''; // Will not happen. Just so phpstan doesn't complain |
|
| 446 | + return ''; // Will not happen. Just so phpstan doesn't complain |
|
| 447 | 447 | } |
| 448 | 448 | |
| 449 | 449 | /** |
@@ -683,7 +683,7 @@ discard block |
||
| 683 | 683 | 'Binaries ordered by version number.' |
| 684 | 684 | ); |
| 685 | 685 | foreach ($binaryVersions as $binary => $version) { |
| 686 | - $this->logLn('- ' . $binary . ': (version: ' . $version .')'); |
|
| 686 | + $this->logLn('- ' . $binary . ': (version: ' . $version . ')'); |
|
| 687 | 687 | } |
| 688 | 688 | |
| 689 | 689 | // Execute! |
