file-collection.php
1 year ago
file-tools.php
3 months ago
file.php
1 year ago
has-error-file.php
2 years ago
media-block-value.php
1 year ago
sanitize-file-exception.php
2 years ago
upload-dir.php
1 year ago
upload-exception.php
2 years ago
upload-permission-exception.php
2 years ago
uploaded-collection.php
1 year ago
uploaded-file-path.php
2 years ago
uploaded-file.php
3 months ago
uploaded-file.php
259 lines
| 1 | <?php |
| 2 | |
| 3 | |
| 4 | namespace Jet_Form_Builder\Classes\Resources; |
| 5 | |
| 6 | // If this file is called directly, abort. |
| 7 | if ( ! defined( 'WPINC' ) ) { |
| 8 | die; |
| 9 | } |
| 10 | |
| 11 | class Uploaded_File implements Media_Block_Value, Uploaded_File_Path { |
| 12 | |
| 13 | protected $file = ''; |
| 14 | protected $url = ''; |
| 15 | protected $type = ''; |
| 16 | protected $attachment_id = ''; |
| 17 | |
| 18 | /** |
| 19 | * @param File $file |
| 20 | * |
| 21 | * @throws Upload_Exception |
| 22 | */ |
| 23 | public function upload( File $file ) { |
| 24 | if ( ! function_exists( 'wp_handle_upload' ) ) { |
| 25 | include_once ABSPATH . 'wp-admin/includes/file.php'; |
| 26 | include_once ABSPATH . 'wp-admin/includes/media.php'; |
| 27 | } |
| 28 | |
| 29 | add_filter( 'upload_dir', array( Upload_Dir::class, 'apply_upload_dir' ) ); |
| 30 | |
| 31 | $file_array = $file->to_array(); |
| 32 | $this->upload_file( $file_array ); |
| 33 | |
| 34 | remove_filter( 'upload_dir', array( Upload_Dir::class, 'apply_upload_dir' ) ); |
| 35 | } |
| 36 | |
| 37 | /** |
| 38 | * @param array $file |
| 39 | * |
| 40 | * @throws Upload_Exception |
| 41 | */ |
| 42 | protected function upload_file( array $file ) { |
| 43 | $upload = wp_handle_upload( |
| 44 | $file, |
| 45 | array( |
| 46 | 'test_form' => false, |
| 47 | ) |
| 48 | ); |
| 49 | |
| 50 | if ( ! empty( $upload['error'] ) ) { |
| 51 | throw new Upload_Exception( esc_html( $upload['error'] ) ); |
| 52 | } |
| 53 | |
| 54 | $this->set_from_array( $upload ); |
| 55 | } |
| 56 | |
| 57 | /** |
| 58 | * @throws Upload_Exception |
| 59 | */ |
| 60 | public function add_attachment() { |
| 61 | if ( ! function_exists( 'wp_generate_attachment_metadata' ) ) { |
| 62 | require_once ABSPATH . 'wp-admin/includes/image.php'; |
| 63 | } |
| 64 | |
| 65 | if ( ! function_exists( 'wp_read_video_metadata' ) ) { |
| 66 | require_once ABSPATH . 'wp-admin/includes/media.php'; |
| 67 | } |
| 68 | |
| 69 | $attachment = wp_insert_attachment( |
| 70 | array( |
| 71 | 'guid' => $this->get_url(), |
| 72 | 'post_mime_type' => $this->get_type(), |
| 73 | 'post_title' => preg_replace( '/\.[^.]+$/', '', basename( $this->get_file() ) ), |
| 74 | 'post_content' => '', |
| 75 | 'post_status' => 'publish', |
| 76 | ), |
| 77 | $this->get_file(), |
| 78 | 0, |
| 79 | true |
| 80 | ); |
| 81 | |
| 82 | if ( is_wp_error( $attachment ) ) { |
| 83 | throw new Upload_Exception( esc_html( $attachment->get_error_message() ) ); |
| 84 | } |
| 85 | |
| 86 | wp_update_attachment_metadata( |
| 87 | $attachment, |
| 88 | wp_generate_attachment_metadata( $attachment, $this->get_file() ) |
| 89 | ); |
| 90 | |
| 91 | $this->set_attachment_id( (string) $attachment ); |
| 92 | |
| 93 | // Update file url for performance plugins compatibility |
| 94 | $this->set_url( wp_get_attachment_url( $attachment ) ); |
| 95 | } |
| 96 | |
| 97 | public function set_from_array( array $upload ): Uploaded_File { |
| 98 | if ( isset( $upload['file'] ) ) { |
| 99 | $this->file = self::normalize_allowed_upload_file_path( (string) $upload['file'] ); |
| 100 | } |
| 101 | if ( isset( $upload['url'] ) ) { |
| 102 | $this->url = esc_url_raw( (string) $upload['url'] ); |
| 103 | } |
| 104 | if ( isset( $upload['type'] ) ) { |
| 105 | $this->type = sanitize_mime_type( (string) $upload['type'] ); |
| 106 | } |
| 107 | if ( isset( $upload['id'] ) ) { |
| 108 | |
| 109 | $this->set_attachment_id( (string) absint( $upload['id'] ) ); |
| 110 | } |
| 111 | |
| 112 | return $this; |
| 113 | } |
| 114 | |
| 115 | public function set_attachment_id( string $attachment_id ): Uploaded_File { |
| 116 | $this->attachment_id = $attachment_id; |
| 117 | |
| 118 | return $this; |
| 119 | } |
| 120 | |
| 121 | /** |
| 122 | * @return string |
| 123 | */ |
| 124 | public function get_type(): string { |
| 125 | return $this->type; |
| 126 | } |
| 127 | |
| 128 | /** |
| 129 | * @return string |
| 130 | */ |
| 131 | public function get_file(): string { |
| 132 | return $this->file; |
| 133 | } |
| 134 | |
| 135 | /** |
| 136 | * @return string |
| 137 | */ |
| 138 | public function get_url(): string { |
| 139 | return $this->url; |
| 140 | } |
| 141 | |
| 142 | /* |
| 143 | * Realisation of |
| 144 | * \Jet_Form_Builder\Classes\Resources\Media_Block_Value |
| 145 | */ |
| 146 | |
| 147 | /** |
| 148 | * @return string |
| 149 | */ |
| 150 | public function get_attachment_id(): string { |
| 151 | return $this->attachment_id; |
| 152 | } |
| 153 | |
| 154 | |
| 155 | /** |
| 156 | * @return string |
| 157 | */ |
| 158 | public function get_attachment_url(): string { |
| 159 | return $this->get_url(); |
| 160 | } |
| 161 | |
| 162 | /** |
| 163 | * @return array |
| 164 | */ |
| 165 | public function get_attachment_both(): array { |
| 166 | return array( |
| 167 | 'id' => $this->get_attachment_id(), |
| 168 | 'url' => $this->get_attachment_url(), |
| 169 | ); |
| 170 | } |
| 171 | |
| 172 | public function get_attachment_ids(): array { |
| 173 | return array( $this->get_attachment_id() ); |
| 174 | } |
| 175 | |
| 176 | /* |
| 177 | * Realisation of |
| 178 | * \Jet_Form_Builder\Classes\Resources\Uploaded_File_Path |
| 179 | */ |
| 180 | |
| 181 | /** |
| 182 | * @return string |
| 183 | */ |
| 184 | public function get_attachment_file(): string { |
| 185 | $file = $this->get_file(); |
| 186 | |
| 187 | if ( $file ) { |
| 188 | $file = self::normalize_allowed_upload_file_path( $file ); |
| 189 | if ( $file ) { |
| 190 | return $file; |
| 191 | } |
| 192 | } |
| 193 | |
| 194 | $id = $this->get_attachment_id(); |
| 195 | $url = $this->get_attachment_url(); |
| 196 | |
| 197 | if ( ( empty( $id ) || ! is_numeric( $id ) ) && ! empty( $url ) ) { |
| 198 | $id = attachment_url_to_postid( $url ); |
| 199 | } |
| 200 | |
| 201 | $file = get_attached_file( $id ); |
| 202 | |
| 203 | if ( ! is_string( $file ) ) { |
| 204 | return ''; |
| 205 | } |
| 206 | |
| 207 | return self::normalize_allowed_upload_file_path( $file ); |
| 208 | } |
| 209 | |
| 210 | /** |
| 211 | * @param string $url |
| 212 | */ |
| 213 | public function set_url( string $url ) { |
| 214 | $this->url = esc_url_raw( $url ); |
| 215 | } |
| 216 | |
| 217 | /** |
| 218 | * Normalize path and allow only existing files inside wp-content uploads directory. |
| 219 | * |
| 220 | * @return string Normalized realpath to a file in uploads, or empty string. |
| 221 | */ |
| 222 | public static function normalize_allowed_upload_file_path( string $file ): string { |
| 223 | if ( '' === $file ) { |
| 224 | return ''; |
| 225 | } |
| 226 | |
| 227 | $path = wp_normalize_path( $file ); |
| 228 | $real = realpath( $path ); |
| 229 | |
| 230 | if ( false === $real ) { |
| 231 | return ''; |
| 232 | } |
| 233 | |
| 234 | $real = wp_normalize_path( $real ); |
| 235 | $real = untrailingslashit( $real ); |
| 236 | |
| 237 | $uploads = wp_get_upload_dir(); |
| 238 | $base = (string) ( $uploads['basedir'] ?? '' ); |
| 239 | |
| 240 | if ( '' === $base ) { |
| 241 | return ''; |
| 242 | } |
| 243 | |
| 244 | $base_real = realpath( $base ); |
| 245 | if ( false === $base_real ) { |
| 246 | return ''; |
| 247 | } |
| 248 | |
| 249 | $base = wp_normalize_path( $base_real ); |
| 250 | $base = untrailingslashit( $base ); |
| 251 | |
| 252 | if ( 0 === strpos( $real, $base . '/' ) && is_file( $real ) ) { |
| 253 | return $real; |
| 254 | } |
| 255 | |
| 256 | return ''; |
| 257 | } |
| 258 | } |
| 259 |