[pLog-svn] r6276 - in plog/branches/lifetype-1.2/class: data/validator misc template test/tests/misc

Jon Daley plogworld at jon.limedaley.com
Sat Mar 29 13:12:23 EDT 2008


 	Correct, but how do we specify the $flags parameter - do we want 
to have all case-insensitive matching?  From my quick look through the 
code, that would probably be okay.  That is certainly an easier fix.

On Sun, 30 Mar 2008, Mark Wu wrote:

> Mmmm ... I don't think we need to use the fnmatch in 4.3...
>
> The easiest way is the use strtolower to both file name and pattern to check
> it is match or not ..
>
> We can add a default option in uploadvalidator to work around this problem.
>
> So, we can keep the compatability.
>
> Mark
>
>> -----Original Message-----
>> From: plog-svn-bounces at devel.lifetype.net
>> [mailto:plog-svn-bounces at devel.lifetype.net] On Behalf Of Jon Daley
>> Sent: Sunday, March 30, 2008 12:59 AM
>> To: LifeType Developer List
>> Subject: Re: [pLog-svn] r6276 - in
>> plog/branches/lifetype-1.2/class: data/validator misc
>> template test/tests/misc
>>
>>  	Ok.  This works on my system.  The comments in the
>> documentation of fnmatch are strange - ie. it accepts
>> constants that aren't defined on non-POSIX systems?  I don't
>> particularly want to define my own version of the constants.
>> It'd probably better to not use fnmatch than do that.
>>  	Can people update to this version and let me know what
>> version and OS you tested it on?  It'd be good to release
>> this now.  I'll add a post to the forums to tell them to add
>> *.PHP *.PHP5 etc to their forbidden lists.
>>
>> On Sat, 29 Mar 2008, jondaley at devel.lifetype.net wrote:
>>
>>> Author: jondaley
>>> Date: 2008-03-29 12:57:04 -0400 (Sat, 29 Mar 2008) New
>> Revision: 6276
>>>
>>> Modified:
>>>
>> plog/branches/lifetype-1.2/class/data/validator/uploadvalidato
>> r.class.php
>>>   plog/branches/lifetype-1.2/class/misc/integritychecker.class.php
>>>
>> plog/branches/lifetype-1.2/class/template/templatesandbox.class.php
>>>
>> plog/branches/lifetype-1.2/class/test/tests/misc/glob_test.class.php
>>> Log:
>>> added case insensitive checking.  Might not work on windows (ie. is
>>> FNM_CASEFOLD defined?)
>>>
>>> Modified:
>>>
>> plog/branches/lifetype-1.2/class/data/validator/uploadvalidator.class.
>>> php
>>> ===================================================================
>>> ---
>> plog/branches/lifetype-1.2/class/data/validator/uploadvalidato
>> r.class.php	2008-03-29 16:50:12 UTC (rev 6275)
>>> +++
>> plog/branches/lifetype-1.2/class/data/validator/uploadvalidato
>> r.class.php	2008-03-29 16:57:04 UTC (rev 6276)
>>> @@ -81,7 +81,7 @@
>>>             // check if the filename extension is forbidden or not
>>>             $fileName = basename($upload->getFileName());
>>>             foreach( explode( " ", $forbiddenFilesStr ) as $file ) {
>>> -            	if( Glob::myFnmatch( $file, $fileName )) {
>>> +            	if( Glob::myFnmatch( $file, $fileName,
>> FNM_CASEFOLD )) {
>>>                 	return
>> UPLOAD_VALIDATOR_ERROR_FORBIDDEN_EXTENSION;
>>>                 }
>>>             }
>>> @@ -99,7 +99,7 @@
>>>             // check if the filename extension is one of
>> the allowed ones or not
>>>             $fileName = basename($upload->getFileName());
>>>             foreach( explode( " ", $allowedFilesStr ) as $file ) {
>>> -            	if( Glob::myFnmatch( $file, $fileName )) {
>>> +            	if( Glob::myFnmatch( $file, $fileName,
>> FNM_CASEFOLD )) {
>>> //					print("it's a valid file!");
>>>                 	return true;
>>>                 }
>>>
>>> Modified:
>>> plog/branches/lifetype-1.2/class/misc/integritychecker.class.php
>>> ===================================================================
>>> ---
>> plog/branches/lifetype-1.2/class/misc/integritychecker.cl
>> ass.php	2008-03-29 16:50:12 UTC (rev 6275)
>>> +++
>> plog/branches/lifetype-1.2/class/misc/integritychecker.cl
>> ass.php	2008-03-29 16:57:04 UTC (rev 6276)
>>> @@ -84,7 +84,7 @@
>>>
>>> 			$result = false;
>>> 			foreach( $ignore as $pattern ) {
>>> -				if( Glob::myFnMatch( $pattern,
>> $file )) {
>>> +				if( Glob::myFnMatch( $pattern,
>> $file, FNM_CASEFOLD )) {
>>> 					$result = true;
>>> 					break;
>>> 				}
>>>
>>> Modified:
>>> plog/branches/lifetype-1.2/class/template/templatesandbox.class.php
>>> ===================================================================
>>> ---
>> plog/branches/lifetype-1.2/class/template/templatesandbox.cl
>> ass.php	2008-03-29 16:50:12 UTC (rev 6275)
>>> +++
>> plog/branches/lifetype-1.2/class/template/templatesandbox.cl
>> ass.php	2008-03-29 16:57:04 UTC (rev 6276)
>>> @@ -48,7 +48,7 @@
>>>             // otherwise, turn the thing into an array and
>> go through all of them
>>> 			lt_include(
>> PLOG_CLASS_PATH.'class/misc/glob.class.php' );
>>>             foreach( explode( " ", $forbiddenFilesStr ) as $file ) {
>>> -                $files = Glob::myGlob( $folder, $file );
>>> +                $files = Glob::myGlob( $folder, $file,
>> FNM_CASEFOLD
>>> + );
>>>                 if( count($files) > 0 )
>>>                 	return false;
>>>             }
>>>
>>> Modified:
>>> plog/branches/lifetype-1.2/class/test/tests/misc/glob_test.class.php
>>> ===================================================================
>>> ---
>> plog/branches/lifetype-1.2/class/test/tests/misc/glob_test.cl
>> ass.php	2008-03-29 16:50:12 UTC (rev 6275)
>>> +++
>> plog/branches/lifetype-1.2/class/test/tests/misc/glob_test.cl
>> ass.php	2008-03-29 16:57:04 UTC (rev 6276)
>>> @@ -17,6 +17,10 @@
>>>
>>> 			// valid match
>>> 			$this->assertTrue( Glob::myFnMatch(
>> "*index.template.*",
>>> "index.template.php" ));
>>> +
>>> +                // case sensitive checking
>>> +			$this->assertTrue( Glob::myFnMatch(
>> "*index.template.PHP", "index.template.php", FNM_CASEFOLD ));
>>> +			$this->assertFalse( Glob::myFnMatch(
>> "*index.template.PHP",
>>> +"index.template.php"));
>>> 		}
>>> 	}
>>> ?>
>>> \ No newline at end of file
>>>
>>> _______________________________________________
>>> pLog-svn mailing list
>>> pLog-svn at devel.lifetype.net
>>> http://limedaley.com/mailman/listinfo/plog-svn
>>>
>>
>> --
>> Jon Daley
>> http://jon.limedaley.com/
>>
>> Everything takes longer than you think.
>> -- Murphy's Second Law
>> _______________________________________________
>> pLog-svn mailing list
>> pLog-svn at devel.lifetype.net
>> http://limedaley.com/mailman/listinfo/plog-svn
>
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://limedaley.com/mailman/listinfo/plog-svn
>

-- 
Jon Daley
http://jon.limedaley.com/

Isn't it unnerving that doctors call what they do "practice"?


More information about the pLog-svn mailing list