Movatterモバイル変換

UploadStash.php

Go to the documentation of this file.

1<?php

9useMediaWiki\Context\RequestContext;

10useMediaWiki\FileRepo\File\File;

11useMediaWiki\FileRepo\LocalRepo;

12useMediaWiki\MainConfigNames;

13useMediaWiki\MediaWikiServices;

14useMediaWiki\User\UserIdentity;

46classUploadStash {

47// Format of the key for files -- has to be suitable as a filename itself (e.g. ab12cd34ef.jpg)

48publicconstKEY_FORMAT_REGEX ='/^[\w\-\.]+\.\w*$/';

49privateconst MAX_US_PROPS_SIZE = 65535;

57public$repo;

60protected$files = [];

63protected$fileMetadata = [];

66protected$fileProps = [];

69private $user;

79publicfunction__construct(LocalRepo $repo, ?UserIdentity $user =null ) {

80// this might change based on wiki's configuration.

81 $this->repo = $repo;

83// if a user was passed, use it. otherwise, attempt to use the global request context.

84// this keeps LocalRepo from breaking when it creates an UploadStash object

85 $this->user = $user ?? RequestContext::getMain()->getUser();

86 }

101publicfunctiongetFile( $key, $noAuth =false ) {

102if ( !preg_match( self::KEY_FORMAT_REGEX, $key ) ) {

103thrownewUploadStashBadPathException(

104wfMessage('uploadstash-bad-path-bad-format', $key )

105 );

106 }

107

108if ( !$noAuth && !$this->user->isRegistered() ) {

109thrownewUploadStashNotLoggedInException(

110wfMessage('uploadstash-not-logged-in' )

111 );

112 }

113

114if ( !isset( $this->fileMetadata[$key] ) ) {

115if ( !$this->fetchFileMetadata( $key ) ) {

116// If nothing was received, it's likely due to replication lag.

117// Check the primary DB to see if the record is there.

118 $this->fetchFileMetadata( $key,DB_PRIMARY );

119 }

120

121if ( !isset( $this->fileMetadata[$key] ) ) {

122thrownewUploadStashFileNotFoundException(

123wfMessage('uploadstash-file-not-found', $key )

124 );

125 }

126

127// create $this->files[$key]

128 $this->initFile( $key );

129

130// fetch fileprops

131if (

132 isset( $this->fileMetadata[$key]['us_props'] ) && strlen( $this->fileMetadata[$key]['us_props'] )

133 ) {

134 $this->fileProps[$key] = unserialize( $this->fileMetadata[$key]['us_props'] );

135 }else {// b/c for rows with no us_props

136wfDebug( __METHOD__ ." fetched props for $key from file" );

137$path = $this->fileMetadata[$key]['us_path'];

138 $this->fileProps[$key] = $this->repo->getFileProps($path );

139 }

140 }

141

142if ( !$this->files[$key]->exists() ) {

143wfDebug( __METHOD__ ." tried to get file at $key, but it doesn't exist" );

144// @todo Is this not an UploadStashFileNotFoundException case?

145thrownewUploadStashBadPathException(

146wfMessage('uploadstash-bad-path' )

147 );

148 }

149

150if ( !$noAuth && $this->fileMetadata[$key]['us_user'] != $this->user->getId() ) {

151thrownewUploadStashWrongOwnerException(

152wfMessage('uploadstash-wrong-owner', $key )

153 );

154 }

155

156return $this->files[$key];

157 }

158

165publicfunctiongetMetadata( $key ) {

166 $this->getFile( $key );

167

168return $this->fileMetadata[$key];

169 }

170

177publicfunctiongetFileProps( $key ) {

178 $this->getFile( $key );

179

180return $this->fileProps[$key];

181 }

182

196publicfunctionstashFile($path, $sourceType =null, $fileProps =null ) {

197if ( !is_file($path ) ) {

198wfDebug( __METHOD__ ." tried to stash file at '$path', but it doesn't exist" );

199thrownewUploadStashBadPathException(

200wfMessage('uploadstash-bad-path' )

201 );

202 }

203

204// File props is expensive to generate for large files, so reuse if possible.

205if ( !$fileProps ) {

206 $mwProps =newMWFileProps( MediaWikiServices::getInstance()->getMimeAnalyzer() );

207$fileProps = $mwProps->getPropsFromPath($path,true );

208 }

209wfDebug( __METHOD__ ." stashing file at '$path'" );

210

211// we will be initializing from some tmpnam files that don't have extensions.

212// most of MediaWiki assumes all uploaded files have good extensions. So, we fix this.

213 $extension = self::getExtensionForPath($path );

214if ( !preg_match("/\\.\\Q$extension\\E$/",$path ) ) {

215 $pathWithGoodExtension ="$path.$extension";

216 }else {

217 $pathWithGoodExtension =$path;

218 }

219

220// If no key was supplied, make one. a mysql insertid would be totally

221// reasonable here, except that for historical reasons, the key is this

222// random thing instead. At least it's not guessable.

223// Some things that when combined will make a suitably unique key.

224// see: http://www.jwz.org/doc/mid.html

225 [ $usec, $sec ] = explode(' ', microtime() );

226 $usec = substr( $usec, 2 );

227 $key = Wikimedia\base_convert( $sec . $usec, 10, 36 ) .'.' .

228 Wikimedia\base_convert( (string)mt_rand(), 10, 36 ) .'.' .

229 $this->user->getId() .'.' .

230 $extension;

231

232 $this->fileProps[$key] =$fileProps;

233

234if ( !preg_match( self::KEY_FORMAT_REGEX, $key ) ) {

235thrownewUploadStashBadPathException(

236wfMessage('uploadstash-bad-path-bad-format', $key )

237 );

238 }

239

240wfDebug( __METHOD__ ." key for '$path': $key" );

241

242// if not already in a temporary area, put it there

243 $storeStatus = $this->repo->storeTemp( basename( $pathWithGoodExtension ),$path );

244

245if ( !$storeStatus->isOK() ) {

246// It is a convention in MediaWiki to only return one error per API

247// exception, even if multiple errors are available.[citation needed]

248// Pick the "first" thing that was wrong, preferring errors to warnings.

249// This is a bit lame, as we may have more info in the

250// $storeStatus and we're throwing it away, but to fix it means

251// redesigning API errors significantly.

252// $storeStatus->value just contains the virtual URL (if anything)

253// which is probably useless to the caller.

254foreach ( $storeStatus->getMessages('error' ) as $msg ) {

255thrownewUploadStashFileException( $msg );

256 }

257foreach ( $storeStatus->getMessages('warning' ) as $msg ) {

258thrownewUploadStashFileException( $msg );

259 }

260// XXX: This isn't a real message, hopefully this case is unreachable

261thrownewUploadStashFileException( ['unknown','no error recorded' ] );

262 }

263 $stashPath = $storeStatus->value;

264

265// fetch the current user ID

266if ( !$this->user->isRegistered() ) {

267thrownewUploadStashNotLoggedInException(

268wfMessage('uploadstash-not-logged-in' )

269 );

270 }

271

272// insert the file metadata into the db.

273wfDebug( __METHOD__ ." inserting $stashPath under $key" );

274 $dbw = $this->repo->getPrimaryDB();

275

276 $serializedFileProps = serialize($fileProps );

277if ( strlen( $serializedFileProps ) > self::MAX_US_PROPS_SIZE ) {

278// Database is going to truncate this and make the field invalid.

279// Prioritize important metadata over file handler metadata.

280// File handler should be prepared to regenerate invalid metadata if needed.

281$fileProps['metadata'] = [];

282 $serializedFileProps = serialize($fileProps );

283 }

284

285 $insertRow = [

286'us_user' => $this->user->getId(),

287'us_key' => $key,

288'us_orig_path' =>$path,

289'us_path' => $stashPath,// virtual URL

290'us_props' => $dbw->encodeBlob( $serializedFileProps ),

291'us_size' =>$fileProps['size'],

292'us_sha1' =>$fileProps['sha1'],

293'us_mime' =>$fileProps['mime'],

294'us_media_type' =>$fileProps['media_type'],

295'us_image_width' =>$fileProps['width'],

296'us_image_height' =>$fileProps['height'],

297'us_image_bits' =>$fileProps['bits'],

298'us_source_type' => $sourceType,

299'us_timestamp' => $dbw->timestamp(),

300'us_status' =>'finished'

301 ];

302

303 $dbw->newInsertQueryBuilder()

304 ->insertInto('uploadstash' )

305 ->row( $insertRow )

306 ->caller( __METHOD__ )->execute();

307

308// store the insertid in the class variable so immediate retrieval

309// (possibly laggy) isn't necessary.

310 $insertRow['us_id'] = $dbw->insertId();

311

312 $this->fileMetadata[$key] = $insertRow;

313

314 # create the UploadStashFile object for this file.

315 $this->initFile( $key );

316

317return $this->getFile( $key );

318 }

319

327publicfunctionclear() {

328if ( !$this->user->isRegistered() ) {

329thrownewUploadStashNotLoggedInException(

330wfMessage('uploadstash-not-logged-in' )

331 );

332 }

333

334wfDebug( __METHOD__ .' clearing all rows for user ' . $this->user->getId() );

335 $dbw = $this->repo->getPrimaryDB();

336 $dbw->newDeleteQueryBuilder()

337 ->deleteFrom('uploadstash' )

338 ->where( ['us_user' => $this->user->getId() ] )

339 ->caller( __METHOD__ )->execute();

340

341 # destroy objects.

342 $this->files = [];

343 $this->fileMetadata = [];

344

345returntrue;

346 }

347

356publicfunctionremoveFile( $key ) {

357if ( !$this->user->isRegistered() ) {

358thrownewUploadStashNotLoggedInException(

359wfMessage('uploadstash-not-logged-in' )

360 );

361 }

362

363 $dbw = $this->repo->getPrimaryDB();

364

365// this is a cheap query. it runs on the primary DB so that this function

366// still works when there's lag. It won't be called all that often.

367 $row = $dbw->newSelectQueryBuilder()

368 ->select('us_user' )

369 ->from('uploadstash' )

370 ->where( ['us_key' => $key ] )

371 ->caller( __METHOD__ )->fetchRow();

372

373if ( !$row ) {

374thrownewUploadStashNoSuchKeyException(

375wfMessage('uploadstash-no-such-key', $key )

376 );

377 }

378

379if ( $row->us_user != $this->user->getId() ) {

380thrownewUploadStashWrongOwnerException(

381wfMessage('uploadstash-wrong-owner', $key )

382 );

383 }

384

385return $this->removeFileNoAuth( $key );

386 }

387

394publicfunctionremoveFileNoAuth( $key ) {

395wfDebug( __METHOD__ ." clearing row $key" );

396

397// Ensure we have the UploadStashFile loaded for this key

398 $this->getFile( $key,true );

399

400 $dbw = $this->repo->getPrimaryDB();

401

402 $dbw->newDeleteQueryBuilder()

403 ->deleteFrom('uploadstash' )

404 ->where( ['us_key' => $key ] )

405 ->caller( __METHOD__ )->execute();

406

410 $this->files[$key]->remove();

411

412 unset( $this->files[$key] );

413 unset( $this->fileMetadata[$key] );

414

415returntrue;

416 }

417

424publicfunctionlistFiles() {

425if ( !$this->user->isRegistered() ) {

426thrownewUploadStashNotLoggedInException(

427wfMessage('uploadstash-not-logged-in' )

428 );

429 }

430

431 $res = $this->repo->getReplicaDB()->newSelectQueryBuilder()

432 ->select('us_key' )

433 ->from('uploadstash' )

434 ->where( ['us_user' => $this->user->getId() ] )

435 ->caller( __METHOD__ )->fetchResultSet();

436

437if ( $res->numRows() == 0 ) {

438// nothing to do.

439returnfalse;

440 }

441

442// finish the read before starting writes.

443 $keys = [];

444foreach ( $res as $row ) {

445 $keys[] = $row->us_key;

446 }

447

448return $keys;

449 }

450

460publicstaticfunctiongetExtensionForPath($path ) {

461 $prohibitedFileExtensions = MediaWikiServices::getInstance()

462 ->getMainConfig()->get( MainConfigNames::ProhibitedFileExtensions );

463// Does this have an extension?

464 $n = strrpos($path,'.' );

465

466if ( $n !==false ) {

467 $extension = $n ? substr($path, $n + 1 ) :'';

468 }else {

469// If not, assume that it should be related to the MIME type of the original file.

470 $magic = MediaWikiServices::getInstance()->getMimeAnalyzer();

471 $mimeType = $magic->guessMimeType($path );

472 $extension = $magic->getExtensionFromMimeTypeOrNull( $mimeType ) ??'';

473 }

474

475 $extension = File::normalizeExtension( $extension );

476if ( in_array( $extension, $prohibitedFileExtensions ) ) {

477// The file should already be checked for being evil.

478// However, if somehow we got here, we definitely

479// don't want to give it an extension of .php and

480// put it in a web accessible directory.

481return'';

482 }

483

484return $extension;

485 }

486

494protectedfunctionfetchFileMetadata( $key, $readFromDB =DB_REPLICA ) {

495// populate $fileMetadata[$key]

496if ( $readFromDB ===DB_PRIMARY ) {

497// sometimes reading from the primary DB is necessary, if there's replication lag.

498 $dbr = $this->repo->getPrimaryDB();

499 }else {

500 $dbr = $this->repo->getReplicaDB();

501 }

502

503 $row = $dbr->newSelectQueryBuilder()

504 ->select( [

505'us_user','us_key','us_orig_path','us_path','us_props',

506'us_size','us_sha1','us_mime','us_media_type',

507'us_image_width','us_image_height','us_image_bits',

508'us_source_type','us_timestamp','us_status',

509 ] )

510 ->from('uploadstash' )

511 ->where( ['us_key' => $key ] )

512 ->caller( __METHOD__ )->fetchRow();

513

514if ( !is_object( $row ) ) {

515// key wasn't present in the database. this will happen sometimes.

516returnfalse;

517 }

518

519 $this->fileMetadata[$key] = (array)$row;

520 $this->fileMetadata[$key]['us_props'] = $dbr->decodeBlob( $row->us_props );

521

522returntrue;

523 }

524

532protectedfunctioninitFile( $key ) {

533 $file =newUploadStashFile(

534 $this->repo,

535 $this->fileMetadata[$key]['us_path'],

536 $key,

537 $this->fileMetadata[$key]['us_sha1'],

538 $this->fileMetadata[$key]['us_mime'] ??false

539 );

540if ( $file->getSize() === 0 ) {

541thrownewUploadStashZeroLengthFileException(

542wfMessage('uploadstash-zero-length' )

543 );

544 }

545 $this->files[$key] = $file;

546

547returntrue;

548 }

549}

wfDebug

wfDebug( $text, $dest='all', array $context=[])

Sends a line to the debug log if enabled or, optionally, to a comment in output.

DefinitionGlobalFunctions.php:632

wfMessage

wfMessage( $key,... $params)

This is the function for getting translated interface messages.

DefinitionGlobalFunctions.php:820

$path

DefinitionNoLocalSettings.php:14

DB_REPLICA

const DB_REPLICA

Definitiondefines.php:26

DB_PRIMARY

const DB_PRIMARY

Definitiondefines.php:28

MWFileProps

MimeMagic helper wrapper.

DefinitionMWFileProps.php:19

MediaWiki\Context\RequestContext

Group all the pieces relevant to the context of a request into one instance.

DefinitionRequestContext.php:53

MediaWiki\FileRepo\File\File

Implements some public methods and some protected utility functions which are required by multiple ch...

DefinitionFile.php:79

MediaWiki\FileRepo\LocalRepo

Local repository that stores files in the local filesystem and registers them in the wiki's own datab...

DefinitionLocalRepo.php:45

MediaWiki\MainConfigNames

A class containing constants representing the names of configuration variables.

DefinitionMainConfigNames.php:22

MediaWiki\MediaWikiServices

Service locator for MediaWiki core services.

DefinitionMediaWikiServices.php:256

UploadStashBadPathException

DefinitionUploadStashBadPathException.php:11

UploadStashFileException

DefinitionUploadStashFileException.php:11

UploadStashFileNotFoundException

DefinitionUploadStashFileNotFoundException.php:11

UploadStashFile

DefinitionUploadStashFile.php:15

UploadStashNoSuchKeyException

DefinitionUploadStashNoSuchKeyException.php:11

UploadStashNotLoggedInException

DefinitionUploadStashNotLoggedInException.php:11

UploadStashWrongOwnerException

DefinitionUploadStashWrongOwnerException.php:11

UploadStashZeroLengthFileException

DefinitionUploadStashZeroLengthFileException.php:11

UploadStash

UploadStash is intended to accomplish a few things:

DefinitionUploadStash.php:46

UploadStash\getExtensionForPath

static getExtensionForPath( $path)

Find or guess extension – ensuring that our extension matches our MIME type.

DefinitionUploadStash.php:460

UploadStash\removeFile

removeFile( $key)

Remove a particular file from the stash.

DefinitionUploadStash.php:356

UploadStash\KEY_FORMAT_REGEX

const KEY_FORMAT_REGEX

DefinitionUploadStash.php:48

UploadStash\fetchFileMetadata

fetchFileMetadata( $key, $readFromDB=DB_REPLICA)

Helper function: do the actual database query to fetch file metadata.

DefinitionUploadStash.php:494

UploadStash\getFileProps

getFileProps( $key)

Getter for fileProps.

DefinitionUploadStash.php:177

UploadStash\clear

clear()

Remove all files from the stash.

DefinitionUploadStash.php:327

UploadStash\$fileMetadata

array $fileMetadata

cache of the file metadata that's stored in the database

DefinitionUploadStash.php:63

UploadStash\$fileProps

array $fileProps

fileprops cache

DefinitionUploadStash.php:66

UploadStash\listFiles

listFiles()

List all files in the stash.

DefinitionUploadStash.php:424

UploadStash\getMetadata

getMetadata( $key)

Getter for file metadata.

DefinitionUploadStash.php:165

UploadStash\removeFileNoAuth

removeFileNoAuth( $key)

Remove a file (see removeFile), but doesn't check ownership first.

DefinitionUploadStash.php:394

UploadStash\initFile

initFile( $key)

Helper function: Initialize the UploadStashFile for a given file.

DefinitionUploadStash.php:532

UploadStash\__construct

__construct(LocalRepo $repo, ?UserIdentity $user=null)

Represents a temporary filestore, with metadata in the database.

DefinitionUploadStash.php:79

UploadStash\stashFile

stashFile( $path, $sourceType=null, $fileProps=null)

Stash a file in a temp directory and record that we did this in the database, along with other metada...

DefinitionUploadStash.php:196

UploadStash\getFile

getFile( $key, $noAuth=false)

Get a file and its metadata from the stash.

DefinitionUploadStash.php:101

UploadStash\$repo

LocalRepo $repo

repository that this uses to store temp files public because we sometimes need to get a LocalFile wit...

DefinitionUploadStash.php:57

UploadStash\$files

array $files

array of initialized repo objects

DefinitionUploadStash.php:60

MediaWiki\User\UserIdentity

Interface for objects representing user identity.

DefinitionUserIdentity.php:24