From 71e82bc861cd1ee7750bcb8aa33000049649b65b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Roland=20H=C3=A4der?= Date: Sun, 25 Sep 2022 18:15:28 +0200 Subject: [PATCH 1/3] Changed: - added logger for any reason when upload is aborted - renamed variables a bit to camel-case style --- mod/wall_attach.php | 57 +++++++++++++++++++++++---------------------- 1 file changed, 29 insertions(+), 28 deletions(-) diff --git a/mod/wall_attach.php b/mod/wall_attach.php index 83d5338da..82eb05008 100644 --- a/mod/wall_attach.php +++ b/mod/wall_attach.php @@ -27,21 +27,23 @@ use Friendica\Model\Attach; use Friendica\Model\User; use Friendica\Util\Strings; -function wall_attach_post(App $a) { - - $r_json = (!empty($_GET['response']) && $_GET['response']=='json'); +function wall_attach_post(App $a) +{ + $isJson = (!empty($_GET['response']) && $_GET['response'] == 'json'); if (DI::args()->getArgc() > 1) { $nick = DI::args()->getArgv()[1]; $owner = User::getOwnerDataByNick($nick); if (!DBA::isResult($owner)) { - if ($r_json) { + DI::logger()->warning('owner is not a valid record:', ['owner' => $owner]); + if ($isJson) { System::jsonExit(['error' => DI::l10n()->t('Invalid request.')]); } return; } } else { - if ($r_json) { + DI::logger()->warning('Argument count is zero'); + if ($isJson) { System::jsonExit(['error' => DI::l10n()->t('Invalid request.')]); } @@ -62,7 +64,7 @@ function wall_attach_post(App $a) { } if (!$can_post) { - if ($r_json) { + if ($isJson) { System::jsonExit(['error' => DI::l10n()->t('Permission denied.')]); } DI::sysmsg()->addNotice(DI::l10n()->t('Permission denied.')); @@ -70,28 +72,27 @@ function wall_attach_post(App $a) { } if (empty($_FILES['userfile'])) { - if ($r_json) { + DI::logger()->warning('No file uploaded (empty userfile)'); + if ($isJson) { System::jsonExit(['error' => DI::l10n()->t('Invalid request.')]); } System::exit(); } - $src = $_FILES['userfile']['tmp_name']; - $filename = basename($_FILES['userfile']['name']); - $filesize = intval($_FILES['userfile']['size']); + $tempFileName = $_FILES['userfile']['tmp_name']; + $fileName = basename($_FILES['userfile']['name']); + $fileSize = intval($_FILES['userfile']['size']); + $maxFileSize = DI::config()->get('system', 'maxfilesize'); - $maxfilesize = DI::config()->get('system','maxfilesize'); - - /* Found html code written in text field of form, - * when trying to upload a file with filesize - * greater than upload_max_filesize. Cause is unknown. + /* + * Found html code written in text field of form, when trying to upload a + * file with filesize greater than upload_max_filesize. Cause is unknown. * Then Filesize gets <= 0. */ - - if ($filesize <= 0) { - $msg = DI::l10n()->t('Sorry, maybe your upload is bigger than the PHP configuration allows') . '
' . (DI::l10n()->t('Or - did you try to upload an empty file?')); - @unlink($src); - if ($r_json) { + if ($fileSize <= 0) { + $msg = DI::l10n()->t('Sorry, maybe your upload is bigger than the PHP configuration allows') . '
' .(DI::l10n()->t('Or - did you try to upload an empty file?')); + @unlink($tempFileName); + if ($isJson) { System::jsonExit(['error' => $msg]); } else { DI::sysmsg()->addNotice($msg); @@ -99,10 +100,10 @@ function wall_attach_post(App $a) { System::exit(); } - if ($maxfilesize && $filesize > $maxfilesize) { - $msg = DI::l10n()->t('File exceeds size limit of %s', Strings::formatBytes($maxfilesize)); - @unlink($src); - if ($r_json) { + if ($maxFileSize && $fileSize > $maxFileSize) { + $msg = DI::l10n()->t('File exceeds size limit of %s', Strings::formatBytes($maxFileSize)); + @unlink($tempFileName); + if ($isJson) { System::jsonExit(['error' => $msg]); } else { echo $msg . '
'; @@ -110,13 +111,13 @@ function wall_attach_post(App $a) { System::exit(); } - $newid = Attach::storeFile($src, $page_owner_uid, $filename, '<' . $page_owner_cid . '>'); + $newid = Attach::storeFile($tempFileName, $page_owner_uid, $fileName, '<' . $page_owner_cid . '>'); - @unlink($src); + @unlink($tempFileName); if ($newid === false) { $msg = DI::l10n()->t('File upload failed.'); - if ($r_json) { + if ($isJson) { System::jsonExit(['error' => $msg]); } else { echo $msg . '
'; @@ -124,7 +125,7 @@ function wall_attach_post(App $a) { System::exit(); } - if ($r_json) { + if ($isJson) { System::jsonExit(['ok' => true, 'id' => $newid]); } From ceffd0ef6cab3611fc647efe707bac0ec096a3f2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Roland=20H=C3=A4der?= Date: Sun, 25 Sep 2022 18:43:00 +0200 Subject: [PATCH 2/3] Changed: - here `Logger::level()` is okay to use - added more logging in wall_upload.php - formatted array and put all $array['foo'] = $foo; into a single statement - are all no functions, but keywords --- mod/update_notes.php | 8 ++-- mod/wall_attach.php | 11 ++++-- mod/wall_upload.php | 89 ++++++++++++++++++++++++++------------------ 3 files changed, 64 insertions(+), 44 deletions(-) diff --git a/mod/update_notes.php b/mod/update_notes.php index 71650fe21..f195b5362 100644 --- a/mod/update_notes.php +++ b/mod/update_notes.php @@ -24,11 +24,11 @@ use Friendica\App; use Friendica\Core\System; use Friendica\DI; -require_once("mod/notes.php"); +require_once 'mod/notes.php'; -function update_notes_content(App $a) { - - $profile_uid = intval($_GET["p"]); +function update_notes_content(App $a) +{ + $profile_uid = intval($_GET['p']); /** * diff --git a/mod/wall_attach.php b/mod/wall_attach.php index 82eb05008..690427489 100644 --- a/mod/wall_attach.php +++ b/mod/wall_attach.php @@ -20,6 +20,7 @@ */ use Friendica\App; +use Friendica\Core\Logger; use Friendica\Core\System; use Friendica\Database\DBA; use Friendica\DI; @@ -35,14 +36,14 @@ function wall_attach_post(App $a) $nick = DI::args()->getArgv()[1]; $owner = User::getOwnerDataByNick($nick); if (!DBA::isResult($owner)) { - DI::logger()->warning('owner is not a valid record:', ['owner' => $owner]); + Logger::warning('owner is not a valid record:', ['owner' => $owner, 'nick' => $nick]); if ($isJson) { System::jsonExit(['error' => DI::l10n()->t('Invalid request.')]); } return; } } else { - DI::logger()->warning('Argument count is zero'); + Logger::warning('Argument count is zero or one (invalid)'); if ($isJson) { System::jsonExit(['error' => DI::l10n()->t('Invalid request.')]); } @@ -64,6 +65,7 @@ function wall_attach_post(App $a) } if (!$can_post) { + Logger::warning('User does not have required permissions', ['contact_id' => $contact_id, 'page_owner_uid' => $page_owner_uid]); if ($isJson) { System::jsonExit(['error' => DI::l10n()->t('Permission denied.')]); } @@ -72,7 +74,7 @@ function wall_attach_post(App $a) } if (empty($_FILES['userfile'])) { - DI::logger()->warning('No file uploaded (empty userfile)'); + Logger::warning('No file uploaded (empty userfile)'); if ($isJson) { System::jsonExit(['error' => DI::l10n()->t('Invalid request.')]); } @@ -91,6 +93,7 @@ function wall_attach_post(App $a) */ if ($fileSize <= 0) { $msg = DI::l10n()->t('Sorry, maybe your upload is bigger than the PHP configuration allows') . '
' .(DI::l10n()->t('Or - did you try to upload an empty file?')); + Logger::warning($msg, ['fileSize' => $fileSize]); @unlink($tempFileName); if ($isJson) { System::jsonExit(['error' => $msg]); @@ -102,6 +105,7 @@ function wall_attach_post(App $a) if ($maxFileSize && $fileSize > $maxFileSize) { $msg = DI::l10n()->t('File exceeds size limit of %s', Strings::formatBytes($maxFileSize)); + Logger::warning($msg, ['fileSize' => $fileSize]); @unlink($tempFileName); if ($isJson) { System::jsonExit(['error' => $msg]); @@ -117,6 +121,7 @@ function wall_attach_post(App $a) if ($newid === false) { $msg = DI::l10n()->t('File upload failed.'); + Logger::warning($msg); if ($isJson) { System::jsonExit(['error' => $msg]); } else { diff --git a/mod/wall_upload.php b/mod/wall_upload.php index c5575da97..b72f75932 100644 --- a/mod/wall_upload.php +++ b/mod/wall_upload.php @@ -39,17 +39,18 @@ use Friendica\Util\Strings; function wall_upload_post(App $a, $desktopmode = true) { - Logger::info("wall upload: starting new upload"); + Logger::info('wall upload: starting new upload'); - $r_json = (!empty($_GET['response']) && $_GET['response'] == 'json'); + $isJson = (!empty($_GET['response']) && $_GET['response'] == 'json'); $album = trim($_GET['album'] ?? ''); if (DI::args()->getArgc() > 1) { if (empty($_FILES['media'])) { - $nick = DI::args()->getArgv()[1]; + $nick = DI::args()->getArgv()[1]; $user = DBA::selectFirst('owner-view', ['id', 'uid', 'nickname', 'page-flags'], ['nickname' => $nick, 'blocked' => false]); if (!DBA::isResult($user)) { - if ($r_json) { + Logger::warning('wall upload: user instance is not valid', ['user' => $user, 'nickname' => $nick]); + if ($isJson) { System::jsonExit(['error' => DI::l10n()->t('Invalid request.')]); } return; @@ -58,7 +59,8 @@ function wall_upload_post(App $a, $desktopmode = true) $user = DBA::selectFirst('owner-view', ['id', 'uid', 'nickname', 'page-flags'], ['uid' => BaseApi::getCurrentUserID(), 'blocked' => false]); } } else { - if ($r_json) { + Logger:warning('Argument count is zero or one (invalid)'); + if ($isJson) { System::jsonExit(['error' => DI::l10n()->t('Invalid request.')]); } return; @@ -73,7 +75,7 @@ function wall_upload_post(App $a, $desktopmode = true) $page_owner_uid = $user['uid']; $default_cid = $user['id']; $page_owner_nick = $user['nickname']; - $community_page = (($user['page-flags'] == User::PAGE_FLAGS_COMMUNITY) ? true : false); + $community_page = ($user['page-flags'] == User::PAGE_FLAGS_COMMUNITY); if ((DI::userSession()->getLocalUserId()) && (DI::userSession()->getLocalUserId() == $page_owner_uid)) { $can_post = true; @@ -84,15 +86,18 @@ function wall_upload_post(App $a, $desktopmode = true) } if (!$can_post) { - if ($r_json) { - System::jsonExit(['error' => DI::l10n()->t('Permission denied.')]); + Logger::warning('No permission to upload files', ['contact_id' => $contact_id, 'page_owner_uid' => $page_owner_uid]); + $msg = DI::l10n()->t('Permission denied.'); + if ($isJson) { + System::jsonExit(['error' => $msg]); } - DI::sysmsg()->addNotice(DI::l10n()->t('Permission denied.')); + DI::sysmsg()->addNotice($msg); System::exit(); } if (empty($_FILES['userfile']) && empty($_FILES['media'])) { - if ($r_json) { + Logger::warning('Empty "userfile" and "media" field'); + if ($isJson) { System::jsonExit(['error' => DI::l10n()->t('Invalid request.')]); } System::exit(); @@ -102,12 +107,12 @@ function wall_upload_post(App $a, $desktopmode = true) $filename = ''; $filesize = 0; $filetype = ''; + if (!empty($_FILES['userfile'])) { $src = $_FILES['userfile']['tmp_name']; $filename = basename($_FILES['userfile']['name']); $filesize = intval($_FILES['userfile']['size']); $filetype = $_FILES['userfile']['type']; - } elseif (!empty($_FILES['media'])) { if (!empty($_FILES['media']['tmp_name'])) { if (is_array($_FILES['media']['tmp_name'])) { @@ -142,29 +147,36 @@ function wall_upload_post(App $a, $desktopmode = true) } } - if ($src == "") { - if ($r_json) { - System::jsonExit(['error' => DI::l10n()->t('Invalid request.')]); + if ($src == '') { + Logger::warning('File source (temporary file) cannot be determined'); + $msg = DI::l10n()->t('Invalid request.'); + if ($isJson) { + System::jsonExit(['error' => $msg]); } - DI::sysmsg()->addNotice(DI::l10n()->t('Invalid request.')); + DI::sysmsg()->addNotice($msg); System::exit(); } $filetype = Images::getMimeTypeBySource($src, $filename, $filetype); - Logger::info("File upload src: " . $src . " - filename: " . $filename . - " - size: " . $filesize . " - type: " . $filetype); + Logger::info('File upload:', [ + 'src' => $src, + 'filename' => $filename, + 'filesize' => $filesize, + 'filetype' => $filetype, + ]); $imagedata = @file_get_contents($src); $image = new Image($imagedata, $filetype); if (!$image->isValid()) { $msg = DI::l10n()->t('Unable to process image.'); + Logger::warning($msg, ['imagedata[]' => gettype($imagedata), 'filetype' => $filetype]); @unlink($src); - if ($r_json) { + if ($isJson) { System::jsonExit(['error' => $msg]); } else { - echo $msg . '
'; + echo $msg . '
'; } System::exit(); } @@ -176,7 +188,7 @@ function wall_upload_post(App $a, $desktopmode = true) if ($max_length > 0) { $image->scaleDown($max_length); $filesize = strlen($image->asString()); - Logger::info("File upload: Scaling picture to new size " . $max_length); + Logger::info('File upload: Scaling picture to new size', ['max_length' => $max_length]); } $width = $image->getWidth(); @@ -199,7 +211,7 @@ function wall_upload_post(App $a, $desktopmode = true) Logger::notice('Image size is too big', ['size' => $filesize, 'max' => $maximagesize]); $msg = DI::l10n()->t('Image exceeds size limit of %s', Strings::formatBytes($maximagesize)); @unlink($src); - if ($r_json) { + if ($isJson) { System::jsonExit(['error' => $msg]); } else { echo $msg . '
'; @@ -223,7 +235,8 @@ function wall_upload_post(App $a, $desktopmode = true) if (!$r) { $msg = DI::l10n()->t('Image upload failed.'); - if ($r_json) { + Logger::warning('Photo::store() failed', ['r' => $r]); + if ($isJson) { System::jsonExit(['error' => $msg]); } else { echo $msg . '
'; @@ -250,32 +263,34 @@ function wall_upload_post(App $a, $desktopmode = true) if (!$desktopmode) { $photo = Photo::selectFirst(['id', 'datasize', 'width', 'height', 'type'], ['resource-id' => $resource_id], ['order' => ['width']]); if (!$photo) { - if ($r_json) { - System::jsonExit(['error' => '']); + Logger::warning('Cannot find photo in database', ['resource-id' => $resource_id]); + if ($isJson) { + System::jsonExit(['error' => 'Cannot find photo']); } return false; } - $picture = []; - $picture["id"] = $photo["id"]; - $picture["size"] = $photo["datasize"]; - $picture["width"] = $photo["width"]; - $picture["height"] = $photo["height"]; - $picture["type"] = $photo["type"]; - $picture["albumpage"] = DI::baseUrl() . '/photos/' . $page_owner_nick . '/image/' . $resource_id; - $picture["picture"] = DI::baseUrl() . "/photo/{$resource_id}-0." . $image->getExt(); - $picture["preview"] = DI::baseUrl() . "/photo/{$resource_id}-{$smallest}." . $image->getExt(); + $picture = [ + 'id' => $photo['id'], + 'size' => $photo['datasize'], + 'width' => $photo['width'], + 'height' => $photo['height'], + 'type' => $photo['type'], + 'albumpage' => DI::baseUrl() . '/photos/' . $page_owner_nick . '/image/' . $resource_id, + 'picture' => DI::baseUrl() . "/photo/{$resource_id}-0." . $image->getExt(), + 'preview' => DI::baseUrl() . "/photo/{$resource_id}-{$smallest}." . $image->getExt(), + ]; - if ($r_json) { + if ($isJson) { System::jsonExit(['picture' => $picture]); } - Logger::info("upload done"); + Logger::info('upload done'); return $picture; } - Logger::info("upload done"); + Logger::info('upload done'); - if ($r_json) { + if ($isJson) { System::jsonExit(['ok' => true]); } From 039a4b8c72a4112c1b608bddf0d294abd5ec5e81 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Roland=20H=C3=A4der?= Date: Tue, 25 Oct 2022 23:07:49 +0200 Subject: [PATCH 3/3] Fixed issues by `php-cs` --- mod/wall_attach.php | 10 +++++----- mod/wall_upload.php | 30 +++++++++++++++--------------- 2 files changed, 20 insertions(+), 20 deletions(-) diff --git a/mod/wall_attach.php b/mod/wall_attach.php index 690427489..289c024df 100644 --- a/mod/wall_attach.php +++ b/mod/wall_attach.php @@ -33,7 +33,7 @@ function wall_attach_post(App $a) $isJson = (!empty($_GET['response']) && $_GET['response'] == 'json'); if (DI::args()->getArgc() > 1) { - $nick = DI::args()->getArgv()[1]; + $nick = DI::args()->getArgv()[1]; $owner = User::getOwnerDataByNick($nick); if (!DBA::isResult($owner)) { Logger::warning('owner is not a valid record:', ['owner' => $owner, 'nick' => $nick]); @@ -51,7 +51,7 @@ function wall_attach_post(App $a) return; } - $can_post = false; + $can_post = false; $page_owner_uid = $owner['uid']; $page_owner_cid = $owner['id']; @@ -61,7 +61,7 @@ function wall_attach_post(App $a) $can_post = true; } elseif ($community_page && !empty(DI::userSession()->getRemoteContactID($page_owner_uid))) { $contact_id = DI::userSession()->getRemoteContactID($page_owner_uid); - $can_post = DBA::exists('contact', ['blocked' => false, 'pending' => false, 'id' => $contact_id, 'uid' => $page_owner_uid]); + $can_post = DBA::exists('contact', ['blocked' => false, 'pending' => false, 'id' => $contact_id, 'uid' => $page_owner_uid]); } if (!$can_post) { @@ -92,7 +92,7 @@ function wall_attach_post(App $a) * Then Filesize gets <= 0. */ if ($fileSize <= 0) { - $msg = DI::l10n()->t('Sorry, maybe your upload is bigger than the PHP configuration allows') . '
' .(DI::l10n()->t('Or - did you try to upload an empty file?')); + $msg = DI::l10n()->t('Sorry, maybe your upload is bigger than the PHP configuration allows') . '
' . DI::l10n()->t('Or - did you try to upload an empty file?'); Logger::warning($msg, ['fileSize' => $fileSize]); @unlink($tempFileName); if ($isJson) { @@ -120,7 +120,7 @@ function wall_attach_post(App $a) @unlink($tempFileName); if ($newid === false) { - $msg = DI::l10n()->t('File upload failed.'); + $msg = DI::l10n()->t('File upload failed.'); Logger::warning($msg); if ($isJson) { System::jsonExit(['error' => $msg]); diff --git a/mod/wall_upload.php b/mod/wall_upload.php index b72f75932..bdb317048 100644 --- a/mod/wall_upload.php +++ b/mod/wall_upload.php @@ -42,7 +42,7 @@ function wall_upload_post(App $a, $desktopmode = true) Logger::info('wall upload: starting new upload'); $isJson = (!empty($_GET['response']) && $_GET['response'] == 'json'); - $album = trim($_GET['album'] ?? ''); + $album = trim($_GET['album'] ?? ''); if (DI::args()->getArgc() > 1) { if (empty($_FILES['media'])) { @@ -69,20 +69,20 @@ function wall_upload_post(App $a, $desktopmode = true) /* * Setup permissions structures */ - $can_post = false; - $visitor = 0; + $can_post = false; + $visitor = 0; - $page_owner_uid = $user['uid']; - $default_cid = $user['id']; - $page_owner_nick = $user['nickname']; - $community_page = ($user['page-flags'] == User::PAGE_FLAGS_COMMUNITY); + $page_owner_uid = $user['uid']; + $default_cid = $user['id']; + $page_owner_nick = $user['nickname']; + $community_page = ($user['page-flags'] == User::PAGE_FLAGS_COMMUNITY); if ((DI::userSession()->getLocalUserId()) && (DI::userSession()->getLocalUserId() == $page_owner_uid)) { $can_post = true; } elseif ($community_page && !empty(DI::userSession()->getRemoteContactID($page_owner_uid))) { $contact_id = DI::userSession()->getRemoteContactID($page_owner_uid); - $can_post = DBA::exists('contact', ['blocked' => false, 'pending' => false, 'id' => $contact_id, 'uid' => $page_owner_uid]); - $visitor = $contact_id; + $can_post = DBA::exists('contact', ['blocked' => false, 'pending' => false, 'id' => $contact_id, 'uid' => $page_owner_uid]); + $visitor = $contact_id; } if (!$can_post) { @@ -103,7 +103,7 @@ function wall_upload_post(App $a, $desktopmode = true) System::exit(); } - $src = ''; + $src = ''; $filename = ''; $filesize = 0; $filetype = ''; @@ -160,14 +160,14 @@ function wall_upload_post(App $a, $desktopmode = true) $filetype = Images::getMimeTypeBySource($src, $filename, $filetype); Logger::info('File upload:', [ - 'src' => $src, + 'src' => $src, 'filename' => $filename, 'filesize' => $filesize, 'filetype' => $filetype, ]); $imagedata = @file_get_contents($src); - $image = new Image($imagedata, $filetype); + $image = new Image($imagedata, $filetype); if (!$image->isValid()) { $msg = DI::l10n()->t('Unable to process image.'); @@ -191,7 +191,7 @@ function wall_upload_post(App $a, $desktopmode = true) Logger::info('File upload: Scaling picture to new size', ['max_length' => $max_length]); } - $width = $image->getWidth(); + $width = $image->getWidth(); $height = $image->getHeight(); $maximagesize = DI::config()->get('system', 'maximagesize'); @@ -203,8 +203,8 @@ function wall_upload_post(App $a, $desktopmode = true) Logger::info('Resize', ['size' => $filesize, 'width' => $width, 'height' => $height, 'max' => $maximagesize, 'pixels' => $pixels]); $image->scaleDown($pixels); $filesize = strlen($image->asString()); - $width = $image->getWidth(); - $height = $image->getHeight(); + $width = $image->getWidth(); + $height = $image->getHeight(); } } if ($filesize > $maximagesize) {