From 78caedff1e7179f9d2a40a2689b9db2395df112f Mon Sep 17 00:00:00 2001 From: joshuaruesweg Date: Wed, 1 Jul 2020 21:09:52 +0200 Subject: [PATCH] Deprecation of UploadHandler::isValidImage() Resolves #3380 --- .../lib/action/AJAXFileUploadAction.class.php | 3 ++- .../file/upload/UploadHandler.class.php | 20 +++++-------------- .../builder/field/UploadFormField.class.php | 3 ++- 3 files changed, 9 insertions(+), 17 deletions(-) diff --git a/wcfsetup/install/files/lib/action/AJAXFileUploadAction.class.php b/wcfsetup/install/files/lib/action/AJAXFileUploadAction.class.php index 19ebab3027..cfba6300a9 100644 --- a/wcfsetup/install/files/lib/action/AJAXFileUploadAction.class.php +++ b/wcfsetup/install/files/lib/action/AJAXFileUploadAction.class.php @@ -6,6 +6,7 @@ use wcf\system\file\upload\UploadFile; use wcf\system\file\upload\UploadHandler; use wcf\system\WCF; use wcf\util\FileUtil; +use wcf\util\ImageUtil; use wcf\util\JSON; /** @@ -87,7 +88,7 @@ class AJAXFileUploadAction extends AbstractSecureAction { $field = UploadHandler::getInstance()->getFieldByInternalId($this->internalId); foreach ($_FILES['__files']['tmp_name'] as $id => $tmpName) { - if ($field->isImageOnly() && !UploadHandler::isValidImage($tmpName, $_FILES['__files']['name'][$id], $field->svgImageAllowed())) { + if ($field->isImageOnly() && !ImageUtil::isImage($tmpName, $_FILES['__files']['name'][$id], $field->svgImageAllowed())) { $response['error'][$i++] = [ 'filename' => $_FILES['__files']['name'][$id], 'errorMessage' => WCF::getLanguage()->get('wcf.upload.error.noImage') diff --git a/wcfsetup/install/files/lib/system/file/upload/UploadHandler.class.php b/wcfsetup/install/files/lib/system/file/upload/UploadHandler.class.php index 80465ff79b..a9b92a1d27 100644 --- a/wcfsetup/install/files/lib/system/file/upload/UploadHandler.class.php +++ b/wcfsetup/install/files/lib/system/file/upload/UploadHandler.class.php @@ -3,7 +3,7 @@ namespace wcf\system\file\upload; use wcf\system\exception\ImplementationException; use wcf\system\SingletonFactory; use wcf\system\WCF; -use wcf\util\FileUtil; +use wcf\util\ImageUtil; use wcf\util\StringUtil; /** @@ -24,7 +24,8 @@ class UploadHandler extends SingletonFactory { /** * Contains the valid image extensions w/o svg. - * var string + * @var string + * @deprecated 5.3 Use \wcf\util\ImageUtil::$imageExtensions instead (direct replacement). */ const VALID_IMAGE_EXTENSIONS = ['jpeg', 'jpg', 'png', 'gif']; @@ -437,20 +438,9 @@ class UploadHandler extends SingletonFactory { * @param string $imageName * @param bool $svgImageAllowed * @return bool + * @deprecated 5.3 Use \wcf\util\ImageUtil::isImage() instead (direct replacement). */ public static function isValidImage($location, $imageName, $svgImageAllowed) { - if (!file_exists($location)) { - return false; - } - - if (@getimagesize($location) === false && (!$svgImageAllowed || !in_array(FileUtil::getMimeType($location), ['image/svg', 'image/svg+xml']))) { - return false; - } - - if (!in_array(pathinfo($imageName, PATHINFO_EXTENSION), array_merge(self::VALID_IMAGE_EXTENSIONS, $svgImageAllowed ? ['svg'] : []))) { - return false; - } - - return true; + return ImageUtil::isImage($location, $imageName, $svgImageAllowed); } } diff --git a/wcfsetup/install/files/lib/system/form/builder/field/UploadFormField.class.php b/wcfsetup/install/files/lib/system/form/builder/field/UploadFormField.class.php index ec8239f4b9..0f1e944269 100644 --- a/wcfsetup/install/files/lib/system/form/builder/field/UploadFormField.class.php +++ b/wcfsetup/install/files/lib/system/form/builder/field/UploadFormField.class.php @@ -7,6 +7,7 @@ use wcf\system\file\upload\UploadHandler; use wcf\system\form\builder\data\processor\CustomFormDataProcessor; use wcf\system\form\builder\field\validation\FormFieldValidationError; use wcf\system\form\builder\IFormDocument; +use wcf\util\ImageUtil; /** * Implementation of a form field for to uploads. @@ -313,7 +314,7 @@ class UploadFormField extends AbstractFormField { if (!is_string($v) || !file_exists($v)) { throw new \InvalidArgumentException("The " . $method . " must return an array of strings with the file locations."); } - return new UploadFile($v, basename($v), UploadHandler::isValidImage($v, basename($v), $this->svgImageAllowed()), true, $this->svgImageAllowed()); + return new UploadFile($v, basename($v), ImageUtil::isImage($v, basename($v), $this->svgImageAllowed()), true, $this->svgImageAllowed()); }, $value); $this->value($value); -- 2.20.1