projects / civicrm-core.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #22517 from eileenmcnaughton/skip
[civicrm-core.git] / CRM / Utils / File.php
1 <?php
2 /*
3 +--------------------------------------------------------------------+
4 | Copyright CiviCRM LLC. All rights reserved. |
5 | |
6 | This work is published under the GNU AGPLv3 license with some |
7 | permitted exceptions and without any warranty. For full license |
8 | and copyright information, see https://civicrm.org/licensing |
9 +--------------------------------------------------------------------+
10 */
11
12 /**
13 *
14 * @package CRM
15 * @copyright CiviCRM LLC https://civicrm.org/licensing
16 */
17
18 /**
19 * class to provide simple static functions for file objects
20 */
21 class CRM_Utils_File {
22
23 /**
24 * Given a file name, determine if the file contents make it an ascii file
25 *
26 * @param string $name
27 * Name of file.
28 *
29 * @return bool
30 * true if file is ascii
31 */
32 public static function isAscii($name) {
33 $fd = fopen($name, "r");
34 if (!$fd) {
35 return FALSE;
36 }
37
38 $ascii = TRUE;
39 while (!feof($fd)) {
40 $line = fgets($fd, 8192);
41 if (!CRM_Utils_String::isAscii($line)) {
42 $ascii = FALSE;
43 break;
44 }
45 }
46
47 fclose($fd);
48 return $ascii;
49 }
50
51 /**
52 * Given a file name, determine if the file contents make it an html file
53 *
54 * @param string $name
55 * Name of file.
56 *
57 * @return bool
58 * true if file is html
59 */
60 public static function isHtml($name) {
61 $fd = fopen($name, "r");
62 if (!$fd) {
63 return FALSE;
64 }
65
66 $html = FALSE;
67 $lineCount = 0;
68 while (!feof($fd) & $lineCount <= 5) {
69 $lineCount++;
70 $line = fgets($fd, 8192);
71 if (!CRM_Utils_String::isHtml($line)) {
72 $html = TRUE;
73 break;
74 }
75 }
76
77 fclose($fd);
78 return $html;
79 }
80
81 /**
82 * Create a directory given a path name, creates parent directories
83 * if needed
84 *
85 * @param string $path
86 * The path name.
87 * @param bool $abort
88 * Should we abort or just return an invalid code.
89 * @return bool|NULL
90 * NULL: Folder already exists or was not specified.
91 * TRUE: Creation succeeded.
92 * FALSE: Creation failed.
93 */
94 public static function createDir($path, $abort = TRUE) {
95 if (is_dir($path) || empty($path)) {
96 return NULL;
97 }
98
99 CRM_Utils_File::createDir(dirname($path), $abort);
100 if (@mkdir($path, 0777) == FALSE) {
101 if ($abort) {
102 $docLink = CRM_Utils_System::docURL2('Moving an Existing Installation to a New Server or Location', NULL, NULL, NULL, NULL, "wiki");
103 echo "Error: Could not create directory: $path.<p>If you have moved an existing CiviCRM installation from one location or server to another there are several steps you will need to follow. They are detailed on this CiviCRM wiki page - {$docLink}. A fix for the specific problem that caused this error message to be displayed is to set the value of the config_backend column in the civicrm_domain table to NULL. However we strongly recommend that you review and follow all the steps in that document.</p>";
104
105 CRM_Utils_System::civiExit();
106 }
107 else {
108 return FALSE;
109 }
110 }
111 return TRUE;
112 }
113
114 /**
115 * Delete a directory given a path name, delete children directories
116 * and files if needed
117 *
118 * @param string $target
119 * The path name.
120 * @param bool $rmdir
121 * @param bool $verbose
122 *
123 * @throws Exception
124 */
125 public static function cleanDir($target, $rmdir = TRUE, $verbose = TRUE) {
126 static $exceptions = ['.', '..'];
127 if ($target == '' || $target == '/' || !$target) {
128 throw new Exception("Overly broad deletion");
129 }
130
131 if ($dh = @opendir($target)) {
132 while (FALSE !== ($sibling = readdir($dh))) {
133 if (!in_array($sibling, $exceptions)) {
134 $object = $target . DIRECTORY_SEPARATOR . $sibling;
135
136 if (is_dir($object)) {
137 CRM_Utils_File::cleanDir($object, $rmdir, $verbose);
138 }
139 elseif (is_file($object)) {
140 if (!unlink($object)) {
141 CRM_Core_Session::setStatus(ts('Unable to remove file %1', [1 => $object]), ts('Warning'), 'error');
142 }
143 }
144 }
145 }
146 closedir($dh);
147
148 if ($rmdir) {
149 if (rmdir($target)) {
150 if ($verbose) {
151 CRM_Core_Session::setStatus(ts('Removed directory %1', [1 => $target]), '', 'success');
152 }
153 return TRUE;
154 }
155 else {
156 CRM_Core_Session::setStatus(ts('Unable to remove directory %1', [1 => $target]), ts('Warning'), 'error');
157 }
158 }
159 }
160 }
161
162 /**
163 * Concatenate several files.
164 *
165 * @param array $files
166 * List of file names.
167 * @param string $delim
168 * An optional delimiter to put between files.
169 * @return string
170 */
171 public static function concat($files, $delim = '') {
172 $buf = '';
173 $first = TRUE;
174 foreach ($files as $file) {
175 if (!$first) {
176 $buf .= $delim;
177 }
178 $buf .= file_get_contents($file);
179 $first = FALSE;
180 }
181 return $buf;
182 }
183
184 /**
185 * @param string $source
186 * @param string $destination
187 */
188 public static function copyDir($source, $destination) {
189 if ($dh = opendir($source)) {
190 @mkdir($destination);
191 while (FALSE !== ($file = readdir($dh))) {
192 if (($file != '.') && ($file != '..')) {
193 if (is_dir($source . DIRECTORY_SEPARATOR . $file)) {
194 CRM_Utils_File::copyDir($source . DIRECTORY_SEPARATOR . $file, $destination . DIRECTORY_SEPARATOR . $file);
195 }
196 else {
197 copy($source . DIRECTORY_SEPARATOR . $file, $destination . DIRECTORY_SEPARATOR . $file);
198 }
199 }
200 }
201 closedir($dh);
202 }
203 }
204
205 /**
206 * Given a file name, recode it (in place!) to UTF-8
207 *
208 * @param string $name
209 * Name of file.
210 *
211 * @return bool
212 * whether the file was recoded properly
213 */
214 public static function toUtf8($name) {
215 static $config = NULL;
216 static $legacyEncoding = NULL;
217 if ($config == NULL) {
218 $config = CRM_Core_Config::singleton();
219 $legacyEncoding = $config->legacyEncoding;
220 }
221
222 if (!function_exists('iconv')) {
223
224 return FALSE;
225
226 }
227
228 $contents = file_get_contents($name);
229 if ($contents === FALSE) {
230 return FALSE;
231 }
232
233 $contents = iconv($legacyEncoding, 'UTF-8', $contents);
234 if ($contents === FALSE) {
235 return FALSE;
236 }
237
238 $file = fopen($name, 'w');
239 if ($file === FALSE) {
240 return FALSE;
241 }
242
243 $written = fwrite($file, $contents);
244 $closed = fclose($file);
245 if ($written === FALSE or !$closed) {
246 return FALSE;
247 }
248
249 return TRUE;
250 }
251
252 /**
253 * Appends a slash to the end of a string if it doesn't already end with one
254 *
255 * @param string $path
256 * @param string $slash
257 *
258 * @return string
259 */
260 public static function addTrailingSlash($path, $slash = NULL) {
261 if (!$slash) {
262 // FIXME: Defaulting to backslash on windows systems can produce
263 // unexpected results, esp for URL strings which should always use forward-slashes.
264 // I think this fn should default to forward-slash instead.
265 $slash = DIRECTORY_SEPARATOR;
266 }
267 if (!in_array(substr($path, -1, 1), ['/', '\\'])) {
268 $path .= $slash;
269 }
270 return $path;
271 }
272
273 /**
274 * Save a fake file somewhere
275 *
276 * @param string $dir
277 * The directory where the file should be saved.
278 * @param string $contents
279 * Optional: the contents of the file.
280 * @param string $fileName
281 *
282 * @return string
283 * The filename saved, or FALSE on failure.
284 */
285 public static function createFakeFile($dir, $contents = 'delete me', $fileName = NULL) {
286 $dir = self::addTrailingSlash($dir);
287 if (!$fileName) {
288 $fileName = 'delete-this-' . CRM_Utils_String::createRandom(10, CRM_Utils_String::ALPHANUMERIC);
289 }
290 $success = @file_put_contents($dir . $fileName, $contents);
291
292 return ($success === FALSE) ? FALSE : $fileName;
293 }
294
295 /**
296 * @param string|null $dsn
297 * Use NULL to load the default/active connection from CRM_Core_DAO.
298 * Otherwise, give a full DSN string.
299 * @param string $fileName
300 * @param string $prefix
301 * @param bool $dieOnErrors
302 */
303 public static function sourceSQLFile($dsn, $fileName, $prefix = NULL, $dieOnErrors = TRUE) {
304 if (FALSE === file_get_contents($fileName)) {
305 // Our file cannot be found.
306 // Using 'die' here breaks this on extension upgrade.
307 throw new CRM_Core_Exception('Could not find the SQL file.');
308 }
309
310 self::runSqlQuery($dsn, file_get_contents($fileName), $prefix, $dieOnErrors);
311 }
312
313 /**
314 *
315 * @param string|null $dsn
316 * @param string $queryString
317 * @param string $prefix
318 * @param bool $dieOnErrors
319 */
320 public static function runSqlQuery($dsn, $queryString, $prefix = NULL, $dieOnErrors = TRUE) {
321 $string = $prefix . $queryString;
322
323 if ($dsn === NULL) {
324 $db = CRM_Core_DAO::getConnection();
325 }
326 else {
327 require_once 'DB.php';
328 $dsn = CRM_Utils_SQL::autoSwitchDSN($dsn);
329 try {
330 $options = CRM_Utils_SQL::isSSLDSN($dsn) ? ['ssl' => TRUE] : [];
331 $db = DB::connect($dsn, $options);
332 }
333 catch (Exception $e) {
334 die("Cannot open $dsn: " . $e->getMessage());
335 }
336 }
337
338 $db->query('SET NAMES utf8mb4');
339 $transactionId = CRM_Utils_Type::escape(CRM_Utils_Request::id(), 'String');
340 $db->query('SET @uniqueID = ' . "'$transactionId'");
341
342 // get rid of comments starting with # and --
343
344 $string = self::stripComments($string);
345
346 $queries = preg_split('/;\s*$/m', $string);
347 foreach ($queries as $query) {
348 $query = trim($query);
349 if (!empty($query)) {
350 CRM_Core_Error::debug_query($query);
351 try {
352 $res = &$db->query($query);
353 }
354 catch (Exception $e) {
355 if ($dieOnErrors) {
356 die("Cannot execute $query: " . $e->getMessage());
357 }
358 else {
359 echo "Cannot execute $query: " . $e->getMessage() . "<p>";
360 }
361 }
362 }
363 }
364 }
365
366 /**
367 *
368 * Strips comment from a possibly multiline SQL string
369 *
370 * @param string $string
371 *
372 * @return string
373 * stripped string
374 */
375 public static function stripComments($string) {
376 return preg_replace("/^(#|--).*\R*/m", "", $string);
377 }
378
379 /**
380 * @param string $ext
381 *
382 * @return bool
383 */
384 public static function isExtensionSafe($ext) {
385 static $extensions = NULL;
386 if (!$extensions) {
387 $extensions = CRM_Core_OptionGroup::values('safe_file_extension', TRUE);
388
389 // make extensions to lowercase
390 $extensions = array_change_key_case($extensions, CASE_LOWER);
391 // allow html/htm extension ONLY if the user is admin
392 // and/or has access CiviMail
393 if (!(CRM_Core_Permission::check('access CiviMail') ||
394 CRM_Core_Permission::check('administer CiviCRM') ||
395 (CRM_Mailing_Info::workflowEnabled() &&
396 CRM_Core_Permission::check('create mailings')
397 )
398 )
399 ) {
400 unset($extensions['html']);
401 unset($extensions['htm']);
402 }
403 }
404 // support lower and uppercase file extensions
405 return (bool) isset($extensions[strtolower($ext)]);
406 }
407
408 /**
409 * Determine whether a given file is listed in the PHP include path.
410 *
411 * @param string $name
412 * Name of file.
413 *
414 * @return bool
415 * whether the file can be include()d or require()d
416 */
417 public static function isIncludable($name) {
418 $full_filepath = stream_resolve_include_path($name);
419 if ($full_filepath === FALSE) {
420 return FALSE;
421 }
422 return is_readable($full_filepath);
423 }
424
425 /**
426 * Remove the 32 bit md5 we add to the fileName also remove the unknown tag if we added it.
427 *
428 * @param $name
429 *
430 * @return mixed
431 */
432 public static function cleanFileName($name) {
433 // replace the last 33 character before the '.' with null
434 $name = preg_replace('/(_[\w]{32})\./', '.', $name);
435 return $name;
436 }
437
438 /**
439 * Make a valid file name.
440 *
441 * @param string $name
442 *
443 * @return string
444 */
445 public static function makeFileName($name) {
446 $uniqID = md5(uniqid(rand(), TRUE));
447 $info = pathinfo($name);
448 $basename = substr($info['basename'],
449 0, -(strlen(CRM_Utils_Array::value('extension', $info)) + (CRM_Utils_Array::value('extension', $info) == '' ? 0 : 1))
450 );
451 if (!self::isExtensionSafe(CRM_Utils_Array::value('extension', $info))) {
452 // munge extension so it cannot have an embbeded dot in it
453 // The maximum length of a filename for most filesystems is 255 chars.
454 // We'll truncate at 240 to give some room for the extension.
455 return CRM_Utils_String::munge("{$basename}_" . CRM_Utils_Array::value('extension', $info) . "_{$uniqID}", '_', 240) . ".unknown";
456 }
457 else {
458 return CRM_Utils_String::munge("{$basename}_{$uniqID}", '_', 240) . "." . CRM_Utils_Array::value('extension', $info);
459 }
460 }
461
462 /**
463 * CRM_Utils_String::munge() doesn't handle unicode and needs to be able
464 * to generate valid database tablenames so will sometimes generate a
465 * random string. Here what we want is a human-sensible filename that might
466 * contain unicode.
467 * Note that this does filter out emojis and such, but keeps characters that
468 * are considered alphanumeric in non-english languages.
469 *
470 * @param string $input
471 * @param string $replacementString Character or string to replace invalid characters with. Can be the empty string.
472 * @param int $cutoffLength Length to truncate the result after replacements.
473 * @return string
474 */
475 public static function makeFilenameWithUnicode(string $input, string $replacementString = '_', int $cutoffLength = 63): string {
476 $filename = preg_replace('/\W/u', $replacementString, $input);
477 if ($cutoffLength) {
478 return mb_substr($filename, 0, $cutoffLength);
479 }
480 return $filename;
481 }
482
483 /**
484 * Copies a file
485 *
486 * @param $filePath
487 * @return mixed
488 */
489 public static function duplicate($filePath) {
490 $oldName = pathinfo($filePath, PATHINFO_FILENAME);
491 $uniqID = md5(uniqid(rand(), TRUE));
492 $newName = preg_replace('/(_[\w]{32})$/', '', $oldName) . '_' . $uniqID;
493 $newPath = str_replace($oldName, $newName, $filePath);
494 copy($filePath, $newPath);
495 return $newPath;
496 }
497
498 /**
499 * Get files for the extension.
500 *
501 * @param string $path
502 * @param string $ext
503 *
504 * @return array
505 */
506 public static function getFilesByExtension($path, $ext) {
507 $path = self::addTrailingSlash($path);
508 $files = [];
509 if ($dh = opendir($path)) {
510 while (FALSE !== ($elem = readdir($dh))) {
511 if (substr($elem, -(strlen($ext) + 1)) == '.' . $ext) {
512 $files[] .= $path . $elem;
513 }
514 }
515 closedir($dh);
516 }
517 return $files;
518 }
519
520 /**
521 * Restrict access to a given directory (by planting there a restrictive .htaccess file)
522 *
523 * @param string $dir
524 * The directory to be secured.
525 * @param bool $overwrite
526 */
527 public static function restrictAccess($dir, $overwrite = FALSE) {
528 // note: empty value for $dir can play havoc, since that might result in putting '.htaccess' to root dir
529 // of site, causing site to stop functioning.
530 // FIXME: we should do more checks here -
531 if (!empty($dir) && is_dir($dir)) {
532 $htaccess = <<<HTACCESS
533 <Files "*">
534 # Apache 2.2
535 <IfModule !authz_core_module>
536 Order allow,deny
537 Deny from all
538 </IfModule>
539
540 # Apache 2.4+
541 <IfModule authz_core_module>
542 Require all denied
543 </IfModule>
544 </Files>
545
546 HTACCESS;
547 $file = $dir . '.htaccess';
548 if ($overwrite || !file_exists($file)) {
549 if (file_put_contents($file, $htaccess) === FALSE) {
550 CRM_Core_Error::movedSiteError($file);
551 }
552 }
553 }
554 }
555
556 /**
557 * Restrict remote users from browsing the given directory.
558 *
559 * @param $publicDir
560 */
561 public static function restrictBrowsing($publicDir) {
562 if (!is_dir($publicDir) || !is_writable($publicDir)) {
563 return;
564 }
565
566 // base dir
567 $nobrowse = realpath($publicDir) . '/index.html';
568 if (!file_exists($nobrowse)) {
569 @file_put_contents($nobrowse, '');
570 }
571
572 // child dirs
573 $dir = new RecursiveDirectoryIterator($publicDir);
574 foreach ($dir as $name => $object) {
575 if (is_dir($name) && $name != '..') {
576 $nobrowse = realpath($name) . '/index.html';
577 if (!file_exists($nobrowse)) {
578 @file_put_contents($nobrowse, '');
579 }
580 }
581 }
582 }
583
584 /**
585 * (Deprecated) Create the file-path from which all other internal paths are
586 * computed. This implementation determines it as `dirname(CIVICRM_TEMPLATE_COMPILEDIR)`.
587 *
588 * This approach is problematic - e.g. it prevents one from authentically
589 * splitting the CIVICRM_TEMPLATE_COMPILEDIR away from other dirs. The implementation
590 * is preserved for backwards compatibility (and should only be called by
591 * CMS-adapters and by Civi\Core\Paths).
592 *
593 * Do not use it for new path construction logic. Instead, use Civi::paths().
594 *
595 * @deprecated
596 * @see \Civi::paths()
597 * @see \Civi\Core\Paths
598 */
599 public static function baseFilePath() {
600 static $_path = NULL;
601 if (!$_path) {
602 // Note: Don't rely on $config; that creates a dependency loop.
603 if (!defined('CIVICRM_TEMPLATE_COMPILEDIR')) {
604 throw new RuntimeException("Undefined constant: CIVICRM_TEMPLATE_COMPILEDIR");
605 }
606 $templateCompileDir = CIVICRM_TEMPLATE_COMPILEDIR;
607
608 $path = dirname($templateCompileDir);
609
610 //this fix is to avoid creation of upload dirs inside templates_c directory
611 $checkPath = explode(DIRECTORY_SEPARATOR, $path);
612
613 $cnt = count($checkPath) - 1;
614 if ($checkPath[$cnt] == 'templates_c') {
615 unset($checkPath[$cnt]);
616 $path = implode(DIRECTORY_SEPARATOR, $checkPath);
617 }
618
619 $_path = CRM_Utils_File::addTrailingSlash($path);
620 }
621 return $_path;
622 }
623
624 /**
625 * Determine if a path is absolute.
626 *
627 * @param string $path
628 *
629 * @return bool
630 * TRUE if absolute. FALSE if relative.
631 */
632 public static function isAbsolute($path) {
633 if (substr($path, 0, 1) === DIRECTORY_SEPARATOR) {
634 return TRUE;
635 }
636 if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
637 if (preg_match('!^[a-zA-Z]:[/\\\\]!', $path)) {
638 return TRUE;
639 }
640 }
641 return FALSE;
642 }
643
644 /**
645 * @param $directory
646 * @param string $basePath
647 * The base path when evaluating relative paths. Should include trailing slash.
648 *
649 * @return string
650 */
651 public static function absoluteDirectory($directory, $basePath) {
652 // check if directory is already absolute, if so return immediately
653 // Note: Windows PHP accepts any mix of "/" or "\", so "C:\htdocs" or "C:/htdocs" would be a valid absolute path
654 if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN' && preg_match(';^[a-zA-Z]:[/\\\\];', $directory)) {
655 return $directory;
656 }
657
658 // check if directory is already absolute, if so return immediately
659 if (substr($directory, 0, 1) == DIRECTORY_SEPARATOR) {
660 return $directory;
661 }
662
663 if ($basePath === NULL) {
664 // Previous versions interpreted `NULL` to mean "default to `self::baseFilePath()`".
665 // However, no code in the known `universe` relies on this interpretation, and
666 // the `baseFilePath()` function is problematic/deprecated.
667 throw new \RuntimeException("absoluteDirectory() requires specifying a basePath");
668 }
669
670 // ensure that $basePath has a trailing slash
671 $basePath = self::addTrailingSlash($basePath);
672 return $basePath . $directory;
673 }
674
675 /**
676 * Make a file path relative to some base dir.
677 *
678 * @param $directory
679 * @param $basePath
680 *
681 * @return string
682 */
683 public static function relativize($directory, $basePath) {
684 if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
685 $directory = strtr($directory, '\\', '/');
686 $basePath = strtr($basePath, '\\', '/');
687 }
688 if (substr($directory, 0, strlen($basePath)) == $basePath) {
689 return substr($directory, strlen($basePath));
690 }
691 else {
692 return $directory;
693 }
694 }
695
696 /**
697 * Create a path to a temporary file which can endure for multiple requests.
698 *
699 * @todo Automatic file cleanup using, eg, TTL policy
700 *
701 * @param string $prefix
702 *
703 * @return string, path to an openable/writable file
704 * @see tempnam
705 */
706 public static function tempnam($prefix = 'tmp-') {
707 // $config = CRM_Core_Config::singleton();
708 // $nonce = md5(uniqid() . $config->dsn . $config->userFrameworkResourceURL);
709 // $fileName = "{$config->configAndLogDir}" . $prefix . $nonce . $suffix;
710 $fileName = tempnam(sys_get_temp_dir(), $prefix);
711 return $fileName;
712 }
713
714 /**
715 * Create a path to a temporary directory which can endure for multiple requests.
716 *
717 * @todo Automatic file cleanup using, eg, TTL policy
718 *
719 * @param string $prefix
720 *
721 * @return string, path to an openable/writable directory; ends with '/'
722 * @see tempnam
723 */
724 public static function tempdir($prefix = 'tmp-') {
725 $fileName = self::tempnam($prefix);
726 unlink($fileName);
727 mkdir($fileName, 0700);
728 return $fileName . '/';
729 }
730
731 /**
732 * Search directory tree for files which match a glob pattern.
733 *
734 * Note: Dot-directories (like "..", ".git", or ".svn") will be ignored.
735 *
736 * @param string $dir
737 * base dir.
738 * @param string $pattern
739 * glob pattern, eg "*.txt".
740 * @param bool $relative
741 * TRUE if paths should be made relative to $dir
742 * @return array(string)
743 */
744 public static function findFiles($dir, $pattern, $relative = FALSE) {
745 if (!is_dir($dir) || !is_readable($dir)) {
746 return [];
747 }
748 // Which dirs should we exclude from our searches?
749 // If not defined, we default to excluding any dirname that begins
750 // with a . which is the old behaviour and therefore excludes .git/
751 $excludeDirsPattern = defined('CIVICRM_EXCLUDE_DIRS_PATTERN')
752 ? constant('CIVICRM_EXCLUDE_DIRS_PATTERN')
753 : '@' . preg_quote(DIRECTORY_SEPARATOR) . '\.@';
754
755 $dir = rtrim($dir, '/');
756 $todos = [$dir];
757 $result = [];
758 while (!empty($todos)) {
759 $subdir = array_shift($todos);
760 $matches = glob("$subdir/$pattern");
761 if (is_array($matches)) {
762 foreach ($matches as $match) {
763 if (!is_dir($match)) {
764 $result[] = $relative ? CRM_Utils_File::relativize($match, "$dir/") : $match;
765 }
766 }
767 }
768 // Find subdirs to recurse into.
769 if ($dh = opendir($subdir)) {
770 while (FALSE !== ($entry = readdir($dh))) {
771 $path = $subdir . DIRECTORY_SEPARATOR . $entry;
772 // Exclude . (self) and .. (parent) to avoid infinite loop.
773 // Exclude configured exclude dirs.
774 // Exclude dirs we can't read.
775 // Exclude anything that's not a dir.
776 if (
777 $entry !== '.'
778 && $entry !== '..'
779 && (empty($excludeDirsPattern) || !preg_match($excludeDirsPattern, $path))
780 && is_dir($path)
781 && is_readable($path)
782 ) {
783 $todos[] = $path;
784 }
785 }
786 closedir($dh);
787 }
788 }
789 return $result;
790 }
791
792 /**
793 * Determine if $child is a sub-directory of $parent
794 *
795 * @param string $parent
796 * @param string $child
797 * @param bool $checkRealPath
798 *
799 * @return bool
800 */
801 public static function isChildPath($parent, $child, $checkRealPath = TRUE) {
802 if ($checkRealPath) {
803 $parent = realpath($parent);
804 $child = realpath($child);
805 if ($parent === FALSE || $child === FALSE) {
806 return FALSE;
807 }
808 }
809 $parentParts = explode('/', rtrim($parent, '/'));
810 $childParts = explode('/', rtrim($child, '/'));
811 while (($parentPart = array_shift($parentParts)) !== NULL) {
812 $childPart = array_shift($childParts);
813 if ($parentPart != $childPart) {
814 return FALSE;
815 }
816 }
817 if (empty($childParts)) {
818 // same directory
819 return FALSE;
820 }
821 else {
822 return TRUE;
823 }
824 }
825
826 /**
827 * Move $fromDir to $toDir, replacing/deleting any
828 * pre-existing content.
829 *
830 * @param string $fromDir
831 * The directory which should be moved.
832 * @param string $toDir
833 * The new location of the directory.
834 * @param bool $verbose
835 *
836 * @return bool
837 * TRUE on success
838 */
839 public static function replaceDir($fromDir, $toDir, $verbose = FALSE) {
840 if (is_dir($toDir)) {
841 if (!self::cleanDir($toDir, TRUE, $verbose)) {
842 return FALSE;
843 }
844 }
845
846 // return rename($fromDir, $toDir); CRM-11987, https://bugs.php.net/bug.php?id=54097
847
848 CRM_Utils_File::copyDir($fromDir, $toDir);
849 if (!CRM_Utils_File::cleanDir($fromDir, TRUE, FALSE)) {
850 CRM_Core_Session::setStatus(ts('Failed to clean temp dir: %1', [1 => $fromDir]), '', 'alert');
851 return FALSE;
852 }
853 return TRUE;
854 }
855
856 /**
857 * Format file.
858 *
859 * @param array $param
860 * @param string $fileName
861 * @param array $extraParams
862 */
863 public static function formatFile(&$param, $fileName, $extraParams = []) {
864 if (empty($param[$fileName])) {
865 return;
866 }
867
868 $fileParams = [
869 'uri' => $param[$fileName]['name'],
870 'type' => $param[$fileName]['type'],
871 'location' => $param[$fileName]['name'],
872 'upload_date' => date('YmdHis'),
873 ] + $extraParams;
874
875 $param[$fileName] = $fileParams;
876 }
877
878 /**
879 * Return formatted file URL, like for image file return image url with image icon
880 *
881 * @param string $path
882 * Absoulte file path
883 * @param string $fileType
884 * @param string $url
885 * File preview link e.g. https://example.com/civicrm/file?reset=1&filename=image.png&mime-type=image/png
886 *
887 * @return string $url
888 */
889 public static function getFileURL($path, $fileType, $url = NULL) {
890 if (empty($path) || empty($fileType)) {
891 return '';
892 }
893 elseif (empty($url)) {
894 $fileName = basename($path);
895 $url = CRM_Utils_System::url('civicrm/file', "reset=1&filename={$fileName}&mime-type={$fileType}");
896 }
897 switch ($fileType) {
898 case 'image/jpeg':
899 case 'image/pjpeg':
900 case 'image/gif':
901 case 'image/x-png':
902 case 'image/png':
903 case 'image/jpg':
904 list($imageWidth, $imageHeight) = getimagesize($path);
905 list($imageThumbWidth, $imageThumbHeight) = CRM_Contact_BAO_Contact::getThumbSize($imageWidth, $imageHeight);
906 $url = "<a href=\"$url\" class='crm-image-popup'>
907 <img src=\"$url\" width=$imageThumbWidth height=$imageThumbHeight/>
908 </a>";
909 break;
910
911 default:
912 $url = sprintf('<a href="%s">%s</a>', $url, self::cleanFileName(basename($path)));
913 break;
914 }
915
916 return $url;
917 }
918
919 /**
920 * Return formatted image icon
921 *
922 * @param string $imageURL
923 * Contact's image url
924 *
925 * @return string $url
926 */
927 public static function getImageURL($imageURL) {
928 // retrieve image name from $imageURL
929 $imageURL = CRM_Utils_String::unstupifyUrl($imageURL);
930 parse_str(parse_url($imageURL, PHP_URL_QUERY), $query);
931
932 $url = NULL;
933 if (!empty($query['photo'])) {
934 $path = CRM_Core_Config::singleton()->customFileUploadDir . $query['photo'];
935 }
936 else {
937 $path = $url = $imageURL;
938 }
939 $fileExtension = strtolower(pathinfo($path, PATHINFO_EXTENSION));
940 //According to (https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/MIME_types/Complete_list_of_MIME_types),
941 // there are some extensions that would need translating.:
942 $translateMimeTypes = [
943 'tif' => 'tiff',
944 'jpg' => 'jpeg',
945 'svg' => 'svg+xml',
946 ];
947 $mimeType = 'image/' . CRM_Utils_Array::value(
948 $fileExtension,
949 $translateMimeTypes,
950 $fileExtension
951 );
952
953 return self::getFileURL($path, $mimeType, $url);
954 }
955
956 /**
957 * Resize an image.
958 *
959 * @param string $sourceFile
960 * Filesystem path to existing image on server
961 * @param int $targetWidth
962 * New width desired, in pixels
963 * @param int $targetHeight
964 * New height desired, in pixels
965 * @param string $suffix = ""
966 * If supplied, the image will be renamed to include this suffix. For
967 * example if the original file name is "foo.png" and $suffix = "_bar",
968 * then the final file name will be "foo_bar.png".
969 * @param bool $preserveAspect = TRUE
970 * When TRUE $width and $height will be used as a bounding box, outside of
971 * which the resized image will not extend.
972 * When FALSE, the image will be resized exactly to $width and $height, even
973 * if it means stretching it.
974 *
975 * @return string
976 * Path to image
977 * @throws \CRM_Core_Exception
978 * Under the following conditions
979 * - When GD is not available.
980 * - When the source file is not an image.
981 */
982 public static function resizeImage($sourceFile, $targetWidth, $targetHeight, $suffix = "", $preserveAspect = TRUE) {
983
984 // Check if GD is installed
985 $gdSupport = CRM_Utils_System::getModuleSetting('gd', 'GD Support');
986 if (!$gdSupport) {
987 throw new CRM_Core_Exception(ts('Unable to resize image because the GD image library is not currently compiled in your PHP installation.'));
988 }
989
990 $sourceMime = mime_content_type($sourceFile);
991 if ($sourceMime == 'image/gif') {
992 $sourceData = imagecreatefromgif($sourceFile);
993 }
994 elseif ($sourceMime == 'image/png') {
995 $sourceData = imagecreatefrompng($sourceFile);
996 }
997 elseif ($sourceMime == 'image/jpeg') {
998 $sourceData = imagecreatefromjpeg($sourceFile);
999 }
1000 else {
1001 throw new CRM_Core_Exception(ts('Unable to resize image because the file supplied was not an image.'));
1002 }
1003
1004 // get image about original image
1005 $sourceInfo = getimagesize($sourceFile);
1006 $sourceWidth = $sourceInfo[0];
1007 $sourceHeight = $sourceInfo[1];
1008
1009 // Adjust target width/height if preserving aspect ratio
1010 if ($preserveAspect) {
1011 $sourceAspect = $sourceWidth / $sourceHeight;
1012 $targetAspect = $targetWidth / $targetHeight;
1013 if ($sourceAspect > $targetAspect) {
1014 $targetHeight = $targetWidth / $sourceAspect;
1015 }
1016 if ($sourceAspect < $targetAspect) {
1017 $targetWidth = $targetHeight * $sourceAspect;
1018 }
1019 }
1020
1021 // figure out the new filename
1022 $pathParts = pathinfo($sourceFile);
1023 $targetFile = $pathParts['dirname'] . DIRECTORY_SEPARATOR
1024 . $pathParts['filename'] . $suffix . "." . $pathParts['extension'];
1025
1026 $targetData = imagecreatetruecolor($targetWidth, $targetHeight);
1027
1028 // resize
1029 imagecopyresized($targetData, $sourceData,
1030 0, 0, 0, 0,
1031 $targetWidth, $targetHeight, $sourceWidth, $sourceHeight);
1032
1033 // save the resized image
1034 $fp = fopen($targetFile, 'w+');
1035 ob_start();
1036 imagejpeg($targetData);
1037 $image_buffer = ob_get_contents();
1038 ob_end_clean();
1039 imagedestroy($targetData);
1040 fwrite($fp, $image_buffer);
1041 rewind($fp);
1042 fclose($fp);
1043
1044 // return the URL to link to
1045 $config = CRM_Core_Config::singleton();
1046 return $config->imageUploadURL . basename($targetFile);
1047 }
1048
1049 /**
1050 * Get file icon class for specific MIME Type
1051 *
1052 * @param string $mimeType
1053 * @return string
1054 */
1055 public static function getIconFromMimeType($mimeType) {
1056 if (!isset(Civi::$statics[__CLASS__]['mimeIcons'])) {
1057 Civi::$statics[__CLASS__]['mimeIcons'] = json_decode(file_get_contents(__DIR__ . '/File/mimeIcons.json'), TRUE);
1058 }
1059 $iconClasses = Civi::$statics[__CLASS__]['mimeIcons'];
1060 foreach ($iconClasses as $text => $icon) {
1061 if (strpos($mimeType, $text) === 0) {
1062 return $icon;
1063 }
1064 }
1065 return $iconClasses['*'];
1066 }
1067
1068 /**
1069 * Is the filename a safe and valid filename passed in from URL
1070 *
1071 * @param string $fileName
1072 * @return bool
1073 */
1074 public static function isValidFileName($fileName = NULL) {
1075 if ($fileName) {
1076 $check = ($fileName === basename($fileName));
1077 if ($check) {
1078 if (substr($fileName, 0, 1) == '/' || substr($fileName, 0, 1) == '.' || substr($fileName, 0, 1) == DIRECTORY_SEPARATOR) {
1079 $check = FALSE;
1080 }
1081 }
1082 return $check;
1083 }
1084 return FALSE;
1085 }
1086
1087 /**
1088 * Get the extensions that this MimeTpe is for
1089 * @param string $mimeType the mime-type we want extensions for
1090 * @return array
1091 */
1092 public static function getAcceptableExtensionsForMimeType($mimeType = []) {
1093 $mimeRepostory = new \MimeTyper\Repository\ExtendedRepository();
1094 return $mimeRepostory->findExtensions($mimeType);
1095 }
1096
1097 /**
1098 * Get the extension of a file based on its path
1099 * @param string $path path of the file to query
1100 * @return string
1101 */
1102 public static function getExtensionFromPath($path) {
1103 return pathinfo($path, PATHINFO_EXTENSION);
1104 }
1105
1106 /**
1107 * Wrapper for is_dir() to avoid flooding logs when open_basedir is used.
1108 *
1109 * Don't use this function as a swap-in replacement for is_dir() for all
1110 * situations as this might silence errors that you want to know about
1111 * and would help troubleshoot problems. It should only be used when
1112 * doing something like iterating over a set of folders where you know some
1113 * of them might not legitimately exist or might be outside open_basedir
1114 * because you're trying to find the right one. If you expect the path you're
1115 * checking to be inside open_basedir, then you should use the regular
1116 * is_dir(). (e.g. it might not exist but might be something
1117 * like a cache folder in templates_c, which can't be outside open_basedir,
1118 * so there you would use regular is_dir).
1119 *
1120 * **** Security alert ****
1121 * If you change this function so that it would be possible to return
1122 * TRUE without checking the real value of is_dir() then it opens up a
1123 * possible security issue.
1124 * It should either return FALSE, or the value returned from is_dir().
1125 *
1126 * @param string|null $dir
1127 * @return bool|null
1128 * In php8 the return value from is_dir() is always bool but in php7 it can be null.
1129 */
1130 public static function isDir(?string $dir) {
1131 set_error_handler(function($errno, $errstr) {
1132 // If this is open_basedir-related, convert it to an exception so we
1133 // can catch it.
1134 if (strpos($errstr, 'open_basedir restriction in effect') !== FALSE) {
1135 throw new \ErrorException($errstr, $errno);
1136 }
1137 // Continue with normal error handling so other errors still happen.
1138 return FALSE;
1139 });
1140 try {
1141 $is_dir = is_dir($dir);
1142 }
1143 catch (\ErrorException $e) {
1144 $is_dir = FALSE;
1145 }
1146 finally {
1147 restore_error_handler();
1148 }
1149 return $is_dir;
1150 }
1151
1152 }