PluginProbe ʕ •ᴥ•ʔ
JetFormBuilder — Dynamic Blocks Form Builder / 3.6.2
JetFormBuilder — Dynamic Blocks Form Builder v3.6.2
3.6.3.1 3.6.3 3.6.2.2 3.6.2.1 3.6.2 3.6.1.1 3.6.1 3.6.0.1 trunk 1.0.0 1.0.1 1.0.2 1.0.3 1.1.0 1.1.1 1.1.2 1.1.3 1.1.4 1.1.5 1.1.6 1.1.7 1.2.0 1.2.1 1.2.2 1.2.3 1.2.4 1.2.5 1.2.6 1.2.7 1.3.0 1.3.1 1.3.2 1.3.3 1.4.0 1.4.1 1.4.2 1.4.3 1.5.0 1.5.1 1.5.2 1.5.3 1.5.4 1.5.5 2.0.0 2.0.1 2.0.2 2.0.3 2.0.4 2.0.5 2.0.6 2.1.0 2.1.1 2.1.10 2.1.11 2.1.2 2.1.3 2.1.4 2.1.5 2.1.6 2.1.7 2.1.8 2.1.9 3.0.0 3.0.0.1 3.0.0.2 3.0.0.3 3.0.1 3.0.1.1 3.0.2 3.0.3 3.0.4 3.0.5 3.0.6 3.0.7 3.0.8 3.0.9 3.1.0 3.1.0.1 3.1.1 3.1.2 3.1.3 3.1.4 3.1.5 3.1.6 3.1.7 3.1.8 3.1.9 3.2.0 3.2.1 3.2.2 3.2.3 3.3.0 3.3.1 3.3.2 3.3.3 3.3.3.1 3.3.4 3.3.4.1 3.3.4.2 3.4.0 3.4.1 3.4.2 3.4.3 3.4.4 3.4.5 3.4.5.1 3.4.5.2 3.4.6 3.4.7 3.4.7.1 3.5.0 3.5.1 3.5.1.1 3.5.1.2 3.5.2 3.5.2.1 3.5.3 3.5.4 3.5.5 3.5.6 3.5.6.1 3.5.6.2 3.5.6.3 3.6.0
jetformbuilder / includes / classes / resources / uploaded-file.php
jetformbuilder / includes / classes / resources Last commit date
file-collection.php 1 year ago file-tools.php 3 months ago file.php 1 year ago has-error-file.php 2 years ago media-block-value.php 1 year ago sanitize-file-exception.php 2 years ago upload-dir.php 1 year ago upload-exception.php 2 years ago upload-permission-exception.php 2 years ago uploaded-collection.php 1 year ago uploaded-file-path.php 2 years ago uploaded-file.php 2 months ago
uploaded-file.php
265 lines
1 <?php
2
3
4 namespace Jet_Form_Builder\Classes\Resources;
5
6 // If this file is called directly, abort.
7 if ( ! defined( 'WPINC' ) ) {
8 die;
9 }
10
11 class Uploaded_File implements Media_Block_Value, Uploaded_File_Path {
12
13 protected $file = '';
14 protected $url = '';
15 protected $type = '';
16 protected $attachment_id = '';
17
18 /**
19 * @param File $file
20 *
21 * @throws Upload_Exception
22 */
23 public function upload( File $file ) {
24 if ( ! function_exists( 'wp_handle_upload' ) ) {
25 include_once ABSPATH . 'wp-admin/includes/file.php';
26 include_once ABSPATH . 'wp-admin/includes/media.php';
27 }
28
29 add_filter( 'upload_dir', array( Upload_Dir::class, 'apply_upload_dir' ) );
30
31 $file_array = $file->to_array();
32 $this->upload_file( $file_array );
33
34 remove_filter( 'upload_dir', array( Upload_Dir::class, 'apply_upload_dir' ) );
35 }
36
37 /**
38 * @param array $file
39 *
40 * @throws Upload_Exception
41 */
42 protected function upload_file( array $file ) {
43 $upload = wp_handle_upload(
44 $file,
45 array(
46 'test_form' => false,
47 )
48 );
49
50 if ( ! empty( $upload['error'] ) ) {
51 throw new Upload_Exception( esc_html( $upload['error'] ) );
52 }
53
54 $this->set_from_array( $upload );
55 }
56
57 /**
58 * @throws Upload_Exception
59 */
60 public function add_attachment() {
61 if ( ! function_exists( 'wp_generate_attachment_metadata' ) ) {
62 require_once ABSPATH . 'wp-admin/includes/image.php';
63 }
64
65 if ( ! function_exists( 'wp_read_video_metadata' ) ) {
66 require_once ABSPATH . 'wp-admin/includes/media.php';
67 }
68
69 $attachment = wp_insert_attachment(
70 array(
71 'guid' => $this->get_url(),
72 'post_mime_type' => $this->get_type(),
73 'post_title' => preg_replace( '/\.[^.]+$/', '', basename( $this->get_file() ) ),
74 'post_content' => '',
75 'post_status' => 'publish',
76 ),
77 $this->get_file(),
78 0,
79 true
80 );
81
82 if ( is_wp_error( $attachment ) ) {
83 throw new Upload_Exception( esc_html( $attachment->get_error_message() ) );
84 }
85
86 wp_update_attachment_metadata(
87 $attachment,
88 wp_generate_attachment_metadata( $attachment, $this->get_file() )
89 );
90
91 $this->set_attachment_id( (string) $attachment );
92
93 // Update file url for performance plugins compatibility
94 $this->set_url( wp_get_attachment_url( $attachment ) );
95 }
96
97 public function set_from_array( array $upload ): Uploaded_File {
98 if ( isset( $upload['file'] ) ) {
99 $file = wp_normalize_path( (string) $upload['file'] );
100
101 // Validate the path against uploads, but keep the original non-realpath
102 // value so WordPress can correctly relativize symlinked upload paths.
103 if ( '' !== self::normalize_allowed_upload_file_path( $file ) ) {
104 $this->file = $file;
105 }
106 }
107 if ( isset( $upload['url'] ) ) {
108 $this->url = esc_url_raw( (string) $upload['url'] );
109 }
110 if ( isset( $upload['type'] ) ) {
111 $this->type = sanitize_mime_type( (string) $upload['type'] );
112 }
113 if ( isset( $upload['id'] ) ) {
114
115 $this->set_attachment_id( (string) absint( $upload['id'] ) );
116 }
117
118 return $this;
119 }
120
121 public function set_attachment_id( string $attachment_id ): Uploaded_File {
122 $this->attachment_id = $attachment_id;
123
124 return $this;
125 }
126
127 /**
128 * @return string
129 */
130 public function get_type(): string {
131 return $this->type;
132 }
133
134 /**
135 * @return string
136 */
137 public function get_file(): string {
138 return $this->file;
139 }
140
141 /**
142 * @return string
143 */
144 public function get_url(): string {
145 return $this->url;
146 }
147
148 /*
149 * Realisation of
150 * \Jet_Form_Builder\Classes\Resources\Media_Block_Value
151 */
152
153 /**
154 * @return string
155 */
156 public function get_attachment_id(): string {
157 return $this->attachment_id;
158 }
159
160
161 /**
162 * @return string
163 */
164 public function get_attachment_url(): string {
165 return $this->get_url();
166 }
167
168 /**
169 * @return array
170 */
171 public function get_attachment_both(): array {
172 return array(
173 'id' => $this->get_attachment_id(),
174 'url' => $this->get_attachment_url(),
175 );
176 }
177
178 public function get_attachment_ids(): array {
179 return array( $this->get_attachment_id() );
180 }
181
182 /*
183 * Realisation of
184 * \Jet_Form_Builder\Classes\Resources\Uploaded_File_Path
185 */
186
187 /**
188 * @return string
189 */
190 public function get_attachment_file(): string {
191 $file = $this->get_file();
192
193 if ( $file ) {
194 $file = self::normalize_allowed_upload_file_path( $file );
195 if ( $file ) {
196 return $file;
197 }
198 }
199
200 $id = $this->get_attachment_id();
201 $url = $this->get_attachment_url();
202
203 if ( ( empty( $id ) || ! is_numeric( $id ) ) && ! empty( $url ) ) {
204 $id = attachment_url_to_postid( $url );
205 }
206
207 $file = get_attached_file( $id );
208
209 if ( ! is_string( $file ) ) {
210 return '';
211 }
212
213 return self::normalize_allowed_upload_file_path( $file );
214 }
215
216 /**
217 * @param string $url
218 */
219 public function set_url( string $url ) {
220 $this->url = esc_url_raw( $url );
221 }
222
223 /**
224 * Normalize path and allow only existing files inside wp-content uploads directory.
225 *
226 * @return string Normalized realpath to a file in uploads, or empty string.
227 */
228 public static function normalize_allowed_upload_file_path( string $file ): string {
229 if ( '' === $file ) {
230 return '';
231 }
232
233 $path = wp_normalize_path( $file );
234 $real = realpath( $path );
235
236 if ( false === $real ) {
237 return '';
238 }
239
240 $real = wp_normalize_path( $real );
241 $real = untrailingslashit( $real );
242
243 $uploads = wp_get_upload_dir();
244 $base = (string) ( $uploads['basedir'] ?? '' );
245
246 if ( '' === $base ) {
247 return '';
248 }
249
250 $base_real = realpath( $base );
251 if ( false === $base_real ) {
252 return '';
253 }
254
255 $base = wp_normalize_path( $base_real );
256 $base = untrailingslashit( $base );
257
258 if ( 0 === strpos( $real, $base . '/' ) && is_file( $real ) ) {
259 return $real;
260 }
261
262 return '';
263 }
264 }
265