standardebooks/web
1
0
Fork 0
mirror of https://github.com/standardebooks/web.git synced 2025-07-21 14:55:13 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Some type safety checks and rearrange file upload and mime type check code

Browse source
This commit is contained in:
Alex Cabal 2024-01-11 13:08:02 -06:00
parent 362fb52d7d
commit a2de3c3ecb
3 changed files with 16 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

9
lib/Artwork.php
View file

@ -32,7 +32,7 @@ class Artwork extends PropertiesBase{
public ?int $ArtworkId = null;
public ?int $ArtistId = null;
public ?int $CompletedYear = null;
public ?bool $CompletedYearIsCirca = null;
public bool $CompletedYearIsCirca = false;
public ?DateTime $Created = null;
public ?DateTime $Updated = null;
public ?string $Status = null;
@ -439,10 +439,6 @@ class Artwork extends PropertiesBase{
$error->Add(new Exceptions\InvalidImageUploadException($message));
}
if(!is_uploaded_file($uploadedFile['tmp_name'])){
$error->Add(new Exceptions\InvalidImageUploadException());
}
// Check for minimum dimensions
list($imageWidth, $imageHeight) = getimagesize($uploadedFile['tmp_name']);
if(!$imageWidth || !$imageHeight || $imageWidth < COVER_ARTWORK_IMAGE_MINIMUM_WIDTH || $imageHeight < COVER_ARTWORK_IMAGE_MINIMUM_HEIGHT){
@ -553,7 +549,10 @@ class Artwork extends PropertiesBase{
* @throws \Exceptions\InvalidImageUploadException
*/
public function Create(array $uploadedFile): void{
$this->MimeType = ImageMimeType::FromFile($uploadedFile['tmp_name'] ?? null);
$this->Validate($uploadedFile);
$this->Created = new DateTime();
// Can't assign directly to $this->Tags because it's hidden behind a getter

6
lib/Museum.php
View file

@ -1,4 +1,6 @@
<?
use function Safe\parse_url;
class Museum extends PropertiesBase{
public int $MuseumId;
public string $Name;
@ -16,6 +18,10 @@ class Museum extends PropertiesBase{
throw new Exceptions\InvalidUrlException($url);
}
if(!isset($parsedUrl['host'])){
throw new Exceptions\InvalidUrlException($url);
}
$result = Db::Query('
SELECT *
from Museums

8
www/artworks/post.php
View file

@ -29,7 +29,7 @@ try{
$artwork->Name = HttpInput::Str(POST, 'artwork-name', false);
$artwork->CompletedYear = HttpInput::Int(POST, 'artwork-year');
$artwork->CompletedYearIsCirca = HttpInput::Bool(POST, 'artwork-year-is-circa', false);
$artwork->CompletedYearIsCirca = HttpInput::Bool(POST, 'artwork-year-is-circa', false) ?? false;
$artwork->Tags = HttpInput::Str(POST, 'artwork-tags', false) ?? [];
$artwork->Status = HttpInput::Str(POST, 'artwork-status', false, COVER_ARTWORK_STATUS_UNVERIFIED);
$artwork->EbookWwwFilesystemPath = HttpInput::Str(POST, 'artwork-ebook-www-filesystem-path', false);
@ -40,7 +40,6 @@ try{
$artwork->CopyrightPageUrl = HttpInput::Str(POST, 'artwork-copyright-page-url', false);
$artwork->ArtworkPageUrl = HttpInput::Str(POST, 'artwork-artwork-page-url', false);
$artwork->MuseumUrl = HttpInput::Str(POST, 'artwork-museum-url', false);
$artwork->MimeType = ImageMimeType::FromFile($_FILES['artwork-image']['tmp_name'] ?? null);
$artwork->Exception = HttpInput::Str(POST, 'artwork-exception', false);
$artwork->Notes = HttpInput::Str(POST, 'artwork-notes', false);
@ -54,6 +53,11 @@ try{
$artwork->ReviewerUserId = $GLOBALS['User']->UserId;
}
// Confirm that the files came from POST
if(!is_uploaded_file($_FILES['artwork-image'])){
throw new Exceptions\InvalidImageUploadException();
}
$artwork->Create($_FILES['artwork-image'] ?? []);
$_SESSION['artwork'] = $artwork;