Code Coverage for /home/runner/work/tao-community/tao-community/generis/helpers/class.File.php

	Code Coverage
	Lines			Functions and Methods				Classes and Traits
Total	39.26% covered (danger)	39.26%	53 / 135	23.08% covered (danger)	23.08%	3 / 13	CRAP	0.00% covered (danger)	0.00%	0 / 1
helpers_File	39.26% covered (danger)	39.26%	53 / 135	23.08% covered (danger)	23.08%	3 / 13	1370.40	0.00% covered (danger)	0.00%	0 / 1
getRelPath	0.00% covered (danger)	0.00%	0 / 11	0.00% covered (danger)	0.00%	0 / 1	42
isFileInsideDirectory	100.00% covered (success)	100.00%	1 / 1	100.00% covered (success)	100.00%	1 / 1	1
isAbsoluteFileInsideDirectory	85.71% covered (warning)	85.71%	6 / 7	0.00% covered (danger)	0.00%	0 / 1	3.03
remove	75.00% covered (warning)	75.00%	12 / 16	0.00% covered (danger)	0.00%	0 / 1	7.77
emptyDirectory	0.00% covered (danger)	0.00%	0 / 9	0.00% covered (danger)	0.00%	0 / 1	56
copy	0.00% covered (danger)	0.00%	0 / 25	0.00% covered (danger)	0.00%	0 / 1	210
scandir	81.48% covered (warning)	81.48%	22 / 27	0.00% covered (danger)	0.00%	0 / 1	16.43
urlToPath	100.00% covered (success)	100.00%	2 / 2	100.00% covered (success)	100.00%	1 / 1	2
truePath	0.00% covered (danger)	0.00%	0 / 15	0.00% covered (danger)	0.00%	0 / 1	72
sanitizeInjectively	0.00% covered (danger)	0.00%	0 / 4	0.00% covered (danger)	0.00%	0 / 1	12
containsFileType	100.00% covered (success)	100.00%	10 / 10	100.00% covered (success)	100.00%	1 / 1	7
createFileName	0.00% covered (danger)	0.00%	0 / 5	0.00% covered (danger)	0.00%	0 / 1	6
isZipMimeType	0.00% covered (danger)	0.00%	0 / 3	0.00% covered (danger)	0.00%	0 / 1	2

1	<?php
2
3	/**
4	* This program is free software; you can redistribute it and/or
5	* modify it under the terms of the GNU General Public License
6	* as published by the Free Software Foundation; under version 2
7	* of the License (non-upgradable).
8	*
9	* This program is distributed in the hope that it will be useful,
10	* but WITHOUT ANY WARRANTY; without even the implied warranty of
11	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12	* GNU General Public License for more details.
13	*
14	* You should have received a copy of the GNU General Public License
15	* along with this program; if not, write to the Free Software
16	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17	*
18	* Copyright (c) 2002-2008 (original work) Public Research Centre Henri Tudor & University of Luxembourg
19	* (under the project TAO & TAO2);
20	* 2008-2010 (update and modification) Deutsche Institut für Internationale Pädagogische Forschung
21	* (under the project TAO-TRANSFER);
22	* 2009-2012 (update and modification) Public Research Centre Henri Tudor
23	* (under the project TAO-SUSTAIN & TAO-DEV);
24	* 2013 (update and modification) Open Assessment Technologies SA (under the project TAO-PRODUCT);
25	*
26	*/
27
28	/**
29	* Generis Object Oriented API - helpers/class.File.php
30	*
31	* Utilities on files
32	*
33	* @access public
34	* @author Lionel Lecaque, <lionel@taotesting.com>
35	* @package generis
36
37	*/
38	class helpers_File
39	{
40	public const SCAN_FILE = 1;
41	public const SCAN_DIRECTORY = 2;
42
43	// --- ATTRIBUTES ---
44
45	/**
46	* matches [A-Za-z] \| - \| _
47	* @var array
48	*/
49	private static $ALLOWED_CHARACTERS = [
50	'A' => '',
51	'B' => '',
52	'C' => '',
53	'D' => '',
54	'E' => '',
55	'F' => '',
56	'G' => '',
57	'H' => '',
58	'I' => '',
59	'J' => '',
60	'K' => '',
61	'L' => '',
62	'M' => '',
63	'N' => '',
64	'O' => '',
65	'P' => '',
66	'Q' => '',
67	'R' => '',
68	'S' => '',
69	'T' => '',
70	'U' => '',
71	'V' => '',
72	'W' => '',
73	'X' => '',
74	'Y' => '',
75	'Z' => '',
76	'a' => '',
77	'b' => '',
78	'c' => '',
79	'd' => '',
80	'e' => '',
81	'f' => '',
82	'g' => '',
83	'h' => '',
84	'i' => '',
85	'j' => '',
86	'k' => '',
87	'l' => '',
88	'm' => '',
89	'n' => '',
90	'o' => '',
91	'p' => '',
92	'q' => '',
93	'r' => '',
94	's' => '',
95	't' => '',
96	'u' => '',
97	'v' => '',
98	'w' => '',
99	'x' => '',
100	'y' => '',
101	'z' => '',
102	0 => '',
103	1 => '',
104	2 => '',
105	3 => '',
106	4 => '',
107	5 => '',
108	6 => '',
109	7 => '',
110	8 => '',
111	9 => '',
112	'_' => '',
113	'-' => '',
114	];
115
116	/**
117	* Directory Mode
118	*
119	* @access public
120	* @deprecated use helpers_File::SCAN_DIRECTORY
121	* @var int
122	*/
123	public static $DIR = 2;
124
125	/**
126	* File Mode
127	*
128	* @access public
129	* @deprecated use helpers_File::SCAN_FILE
130	* @var int
131	*/
132	public static $FILE = 1;
133
134	// --- OPERATIONS ---
135
136	/**
137	* returns the relative path from the file/directory 'from'
138	* to the file/directory 'to'
139	*
140	* @access public
141	* @author Lionel Lecaque, <lionel@taotesting.com>
142	* @param string from
143	* @param string to
144	* @return string
145	*/
146	public static function getRelPath($from, $to)
147	{
148	$returnValue = (string) '';
149
150	$from = is_dir($from) ? $from : dirname($from);
151	$arrFrom = explode(DIRECTORY_SEPARATOR, rtrim($from, DIRECTORY_SEPARATOR));
152	$arrTo = explode(DIRECTORY_SEPARATOR, rtrim($to, DIRECTORY_SEPARATOR));
153
154	while (count($arrFrom) && count($arrTo) && ($arrFrom[0] == $arrTo[0])) {
155	array_shift($arrFrom);
156	array_shift($arrTo);
157	}
158	foreach ($arrFrom as $dir) {
159	$returnValue .= '..' . DIRECTORY_SEPARATOR;
160	}
161	$returnValue .= implode(DIRECTORY_SEPARATOR, $arrTo);
162
163	return (string) $returnValue;
164	}
165
166	/**
167	* Helps prevent 'path traversal' attacks
168	*
169	* @param string $filename path to file relative to $directory
170	* @param string $directory absolute path to directory
171	* @return bool
172	*/
173	public static function isFileInsideDirectory($filename, $directory)
174	{
175	return self::isAbsoluteFileInsideDirectory($directory . DIRECTORY_SEPARATOR . $filename, $directory);
176	}
177
178	/**
179	* Helps prevent 'path traversal' attacks
180	*
181	* @param string $filename absolute path to file
182	* @param string $directory absolute path to directory
183	* @return bool
184	*/
185	public static function isAbsoluteFileInsideDirectory($filename, $directory)
186	{
187	$canonicalDirectory = realpath($directory);
188	if (false === $canonicalDirectory) {
189	return false;
190	}
191	$canonicalFilename = realpath($filename);
192	if (false === $canonicalFilename) {
193	return false;
194	}
195
196	return 0 === strpos($canonicalFilename, $canonicalDirectory);
197	}
198
199	/**
200	* deletes a file or a direcstory recursively
201	*
202	* @access public
203	* @author Lionel Lecaque, <lionel@taotesting.com>
204	* @param string path
205	* @return boolean
206	*/
207	public static function remove($path)
208	{
209	$returnValue = (bool) false;
210
211	if (is_file($path)) {
212	$returnValue = unlink($path);
213	} elseif (is_dir($path)) {
214	/*
215	* It seems to raise problemes on windows, depending on the php version the resource handler is not freed
216	* with DirectoryIterator preventing from further deletions
217	* $iterator = new DirectoryIterator($path);
218	* foreach ($iterator as $fileinfo) {
219	* if (!$fileinfo->isDot()) { }
220	* }
221	*/
222	$handle = opendir($path);
223	if ($handle !== false) {
224	while (false !== ($entry = readdir($handle))) {
225	if ($entry != "." && $entry != "..") {
226	self::remove($path . DIRECTORY_SEPARATOR . $entry);
227	}
228	}
229	closedir($handle);
230	} else {
231	throw new common_exception_Error('"' . $path . '" cannot be opened for removal');
232	}
233
234	$returnValue = rmdir($path);
235	} else {
236	throw new common_exception_Error(
237	'"' . $path . '" cannot be removed since it\'s neither a file nor directory'
238	);
239	}
240
241	return (bool) $returnValue;
242	}
243
244	/**
245	* Empty a directory without deleting it
246	*
247	* @param string $path
248	* @param boolean $ignoreSystemFiles
249	* @return boolean
250	*/
251	public static function emptyDirectory($path, $ignoreSystemFiles = false)
252	{
253	$success = true;
254	$handle = opendir($path);
255	while (false !== ($entry = readdir($handle))) {
256	if ($entry != "." && $entry != "..") {
257	if ($entry[0] === '.' && $ignoreSystemFiles === true) {
258	continue;
259	}
260
261	$success = self::remove($path . DIRECTORY_SEPARATOR . $entry) ? $success : false;
262	}
263	}
264	closedir($handle);
265	return $success;
266	}
267
268	/**
269	* Copy a file from source to destination, may be done recursively and may ignore system files
270	*
271	* @access public
272	* @author Lionel Lecaque, <lionel@taotesting.com>
273	* @param string source
274	* @param string destination
275	* @param boolean recursive
276	* @param boolean ignoreSystemFiles
277	* @return boolean
278	*/
279	public static function copy($source, $destination, $recursive = true, $ignoreSystemFiles = true)
280	{
281	if (!is_readable($source)) {
282	return false;
283	}
284
285	$returnValue = (bool) false;
286
287
288	// Check for System File
289	$basename = basename($source);
290	if ($basename[0] === '.' && $ignoreSystemFiles === true) {
291	return false;
292	}
293
294	// Check for symlinks
295	if (is_link($source)) {
296	return symlink(readlink($source), $destination);
297	}
298
299	// Simple copy for a file
300	if (is_file($source)) {
301	// get path info of destination.
302	$destInfo = pathinfo($destination);
303	if (isset($destInfo['dirname']) && ! is_dir($destInfo['dirname'])) {
304	if (! mkdir($destInfo['dirname'], 0777, true)) {
305	return false;
306	}
307	}
308
309	return copy($source, $destination);
310	}
311
312	// Make destination directory
313	if ($recursive == true) {
314	if (! is_dir($destination)) {
315	// 0777 is default. See mkdir PHP Official documentation.
316	mkdir($destination, 0777, true);
317	}
318
319	// Loop through the folder
320	$dir = dir($source);
321	while (false !== $entry = $dir->read()) {
322	// Skip pointers
323	if ($entry === '.' \|\| $entry === '..') {
324	continue;
325	}
326
327	// Deep copy directories
328	self::copy("${source}/${entry}", "${destination}/${entry}", $recursive, $ignoreSystemFiles);
329	}
330
331	// Clean up
332	$dir->close();
333	return true;
334	} else {
335	return false;
336	}
337
338
339	return (bool) $returnValue;
340	}
341
342	/**
343	* Scan directory located at $path depending on given $options array.
344	*
345	* Options are the following:
346	*
347	* * 'recursive' -> boolean
348	* * 'only' -> boolean ($FILE or $DIR)
349	* * 'absolute' -> boolean (returns absolute path or file name)
350	*
351	* @access public
352	* @author Lionel Lecaque, <lionel@taotesting.com>
353	* @param string path
354	* @param array options
355	* @return array An array of paths.
356	*/
357	public static function scandir($path, $options = [])
358	{
359	$returnValue = [];
360
361	$recursive = isset($options['recursive']) ? $options['recursive'] : false;
362	$only = isset($options['only']) ? $options['only'] : null;
363	$absolute = isset($options['absolute']) ? $options['absolute'] : false;
364
365	if (is_dir($path)) {
366	$iterator = new DirectoryIterator($path);
367	foreach ($iterator as $fileinfo) {
368	$fileName = $fileinfo->getFilename();
369	if ($absolute === true) {
370	$fileName = $fileinfo->getPathname();
371	}
372
373	if (! $fileinfo->isDot()) {
374	if (! is_null($only)) {
375	if ($only == self::SCAN_DIRECTORY && $fileinfo->isDir()) {
376	array_push($returnValue, $fileName);
377	} else {
378	if ($only == self::SCAN_FILE && $fileinfo->isFile()) {
379	array_push($returnValue, $fileName);
380	}
381	}
382	} else {
383	array_push($returnValue, $fileName);
384	}
385
386	if ($fileinfo->isDir() && $recursive) {
387	$returnValue = array_merge(
388	$returnValue,
389	self::scandir(realpath($fileinfo->getPathname()), $options)
390	);
391	}
392	}
393	}
394	} else {
395	throw new common_Exception(
396	"An error occured : The function (" . __METHOD__ . ") of the class (" . __CLASS__
397	. ") is expecting a directory path as first parameter : " . $path
398	);
399	}
400
401	return (array) $returnValue;
402	}
403
404	/**
405	* Convert url to path
406	* @param string $path
407	* @return string
408	*/
409	public static function urlToPath($path)
410	{
411	$path = parse_url($path);
412	return $path === null ? null : str_replace('/', DIRECTORY_SEPARATOR, $path['path']);
413	}
414
415
416	/**
417	* An alternative way to resolve the real path of a path. The resulting
418	* path might point to something non-existant on the file system contrary to
419	* PHP's realpath function.
420	*
421	* @param string $path The original path.
422	* @return string The resolved path.
423	*/
424	public static function truePath($path)
425	{
426	// From Magento Mass Import utils (MIT)
427	// http://sourceforge.net/p/magmi/git/ci/master/tree/magmi-0.8/inc/magmi_utils.php
428
429	// whether $path is unix or not
430	$unipath = strlen($path) == 0 \|\| $path[0] != '/';
431	// attempts to detect if path is relative in which case, add cwd
432	if (strpos($path, ':') === false && $unipath) {
433	$path = getcwd() . DIRECTORY_SEPARATOR . $path;
434	}
435	// resolve path parts (single dot, double dot and double delimiters)
436	$path = str_replace([ '/', '\\' ], DIRECTORY_SEPARATOR, $path);
437	$parts = array_filter(explode(DIRECTORY_SEPARATOR, $path), 'strlen');
438	$absolutes = [];
439	foreach ($parts as $part) {
440	if ('.' == $part) {
441	continue;
442	}
443	if ('..' == $part) {
444	array_pop($absolutes);
445	} else {
446	$absolutes[ ] = $part;
447	}
448	}
449	$path = implode(DIRECTORY_SEPARATOR, $absolutes);
450	// put initial separator that could have been lost
451	$path = !$unipath ? '/' . $path : $path;
452	return $path;
453	}
454
455	/**
456	* Sanitize a string using an injective function
457	* to prevent collisions
458	*
459	* @param string $key
460	* @return string
461	*/
462	public static function sanitizeInjectively($string)
463	{
464	$sanitized = '';
465	foreach (str_split($string) as $char) {
466	$sanitized .= isset(self::$ALLOWED_CHARACTERS[$char]) ? $char : '=' . base64_encode($char);
467	}
468	return $sanitized;
469	}
470
471	/**
472	* Whether or not a given directory located at $path
473	* contains one or more files with extension $types.
474	*
475	* If $path is not readable or not a directory, false is returned.
476	*
477	* @param string $path
478	* @param string\|array $types Types to look for with no dot. e.g. 'php', 'js', ...
479	* @param boolean $recursive Whether or not scan the directory recursively.
480	* @return boolean
481	*/
482	public static function containsFileType($path, $types = [], $recursive = true)
483	{
484	if (!is_array($types)) {
485	$types = [$types];
486	}
487
488	if (!is_dir($path)) {
489	return false;
490	}
491
492	foreach (self::scandir($path, ['absolute' => true, 'recursive' => $recursive]) as $item) {
493	if (is_file($item)) {
494	$pathParts = pathinfo($item);
495
496	// if .inc.php, returns 'php' as extension, so no worries with composed types
497	// if you are looking for some php code.
498	if (isset($pathParts['extension']) && in_array($pathParts['extension'], $types)) {
499	return true;
500	}
501	}
502	}
503
504	return false;
505	}
506
507	/**
508	* Create a unique file name on basis of the original one.
509	*
510	* @access private
511	* @author Jerome Bogaerts, <jerome@taotesting.com>
512	* @param string $originalName
513	* @return string
514	*/
515	public static function createFileName($originalName)
516	{
517	$returnValue = uniqid(hash('crc32', $originalName));
518
519	$ext = @pathinfo($originalName, PATHINFO_EXTENSION);
520	if (!empty($ext)) {
521	$returnValue .= '.' . $ext;
522	}
523
524	return $returnValue;
525	}
526
527	/**
528	* @param string $type
529	* @return boolean
530	*/
531	public static function isZipMimeType($type)
532	{
533	return in_array($type, [
534	'application/zip', 'application/x-zip', 'application/x-zip-compressed', 'application/octet-stream'
535	]);
536	}
537	}