[pLog-svn] r6276 - in plog/branches/lifetype-1.2/class: data/validator misc template test/tests/misc
Jon Daley
plogworld at jon.limedaley.com
Sat Mar 29 13:12:23 EDT 2008
Correct, but how do we specify the $flags parameter - do we want
to have all case-insensitive matching? From my quick look through the
code, that would probably be okay. That is certainly an easier fix.
On Sun, 30 Mar 2008, Mark Wu wrote:
> Mmmm ... I don't think we need to use the fnmatch in 4.3...
>
> The easiest way is the use strtolower to both file name and pattern to check
> it is match or not ..
>
> We can add a default option in uploadvalidator to work around this problem.
>
> So, we can keep the compatability.
>
> Mark
>
>> -----Original Message-----
>> From: plog-svn-bounces at devel.lifetype.net
>> [mailto:plog-svn-bounces at devel.lifetype.net] On Behalf Of Jon Daley
>> Sent: Sunday, March 30, 2008 12:59 AM
>> To: LifeType Developer List
>> Subject: Re: [pLog-svn] r6276 - in
>> plog/branches/lifetype-1.2/class: data/validator misc
>> template test/tests/misc
>>
>> Ok. This works on my system. The comments in the
>> documentation of fnmatch are strange - ie. it accepts
>> constants that aren't defined on non-POSIX systems? I don't
>> particularly want to define my own version of the constants.
>> It'd probably better to not use fnmatch than do that.
>> Can people update to this version and let me know what
>> version and OS you tested it on? It'd be good to release
>> this now. I'll add a post to the forums to tell them to add
>> *.PHP *.PHP5 etc to their forbidden lists.
>>
>> On Sat, 29 Mar 2008, jondaley at devel.lifetype.net wrote:
>>
>>> Author: jondaley
>>> Date: 2008-03-29 12:57:04 -0400 (Sat, 29 Mar 2008) New
>> Revision: 6276
>>>
>>> Modified:
>>>
>> plog/branches/lifetype-1.2/class/data/validator/uploadvalidato
>> r.class.php
>>> plog/branches/lifetype-1.2/class/misc/integritychecker.class.php
>>>
>> plog/branches/lifetype-1.2/class/template/templatesandbox.class.php
>>>
>> plog/branches/lifetype-1.2/class/test/tests/misc/glob_test.class.php
>>> Log:
>>> added case insensitive checking. Might not work on windows (ie. is
>>> FNM_CASEFOLD defined?)
>>>
>>> Modified:
>>>
>> plog/branches/lifetype-1.2/class/data/validator/uploadvalidator.class.
>>> php
>>> ===================================================================
>>> ---
>> plog/branches/lifetype-1.2/class/data/validator/uploadvalidato
>> r.class.php 2008-03-29 16:50:12 UTC (rev 6275)
>>> +++
>> plog/branches/lifetype-1.2/class/data/validator/uploadvalidato
>> r.class.php 2008-03-29 16:57:04 UTC (rev 6276)
>>> @@ -81,7 +81,7 @@
>>> // check if the filename extension is forbidden or not
>>> $fileName = basename($upload->getFileName());
>>> foreach( explode( " ", $forbiddenFilesStr ) as $file ) {
>>> - if( Glob::myFnmatch( $file, $fileName )) {
>>> + if( Glob::myFnmatch( $file, $fileName,
>> FNM_CASEFOLD )) {
>>> return
>> UPLOAD_VALIDATOR_ERROR_FORBIDDEN_EXTENSION;
>>> }
>>> }
>>> @@ -99,7 +99,7 @@
>>> // check if the filename extension is one of
>> the allowed ones or not
>>> $fileName = basename($upload->getFileName());
>>> foreach( explode( " ", $allowedFilesStr ) as $file ) {
>>> - if( Glob::myFnmatch( $file, $fileName )) {
>>> + if( Glob::myFnmatch( $file, $fileName,
>> FNM_CASEFOLD )) {
>>> // print("it's a valid file!");
>>> return true;
>>> }
>>>
>>> Modified:
>>> plog/branches/lifetype-1.2/class/misc/integritychecker.class.php
>>> ===================================================================
>>> ---
>> plog/branches/lifetype-1.2/class/misc/integritychecker.cl
>> ass.php 2008-03-29 16:50:12 UTC (rev 6275)
>>> +++
>> plog/branches/lifetype-1.2/class/misc/integritychecker.cl
>> ass.php 2008-03-29 16:57:04 UTC (rev 6276)
>>> @@ -84,7 +84,7 @@
>>>
>>> $result = false;
>>> foreach( $ignore as $pattern ) {
>>> - if( Glob::myFnMatch( $pattern,
>> $file )) {
>>> + if( Glob::myFnMatch( $pattern,
>> $file, FNM_CASEFOLD )) {
>>> $result = true;
>>> break;
>>> }
>>>
>>> Modified:
>>> plog/branches/lifetype-1.2/class/template/templatesandbox.class.php
>>> ===================================================================
>>> ---
>> plog/branches/lifetype-1.2/class/template/templatesandbox.cl
>> ass.php 2008-03-29 16:50:12 UTC (rev 6275)
>>> +++
>> plog/branches/lifetype-1.2/class/template/templatesandbox.cl
>> ass.php 2008-03-29 16:57:04 UTC (rev 6276)
>>> @@ -48,7 +48,7 @@
>>> // otherwise, turn the thing into an array and
>> go through all of them
>>> lt_include(
>> PLOG_CLASS_PATH.'class/misc/glob.class.php' );
>>> foreach( explode( " ", $forbiddenFilesStr ) as $file ) {
>>> - $files = Glob::myGlob( $folder, $file );
>>> + $files = Glob::myGlob( $folder, $file,
>> FNM_CASEFOLD
>>> + );
>>> if( count($files) > 0 )
>>> return false;
>>> }
>>>
>>> Modified:
>>> plog/branches/lifetype-1.2/class/test/tests/misc/glob_test.class.php
>>> ===================================================================
>>> ---
>> plog/branches/lifetype-1.2/class/test/tests/misc/glob_test.cl
>> ass.php 2008-03-29 16:50:12 UTC (rev 6275)
>>> +++
>> plog/branches/lifetype-1.2/class/test/tests/misc/glob_test.cl
>> ass.php 2008-03-29 16:57:04 UTC (rev 6276)
>>> @@ -17,6 +17,10 @@
>>>
>>> // valid match
>>> $this->assertTrue( Glob::myFnMatch(
>> "*index.template.*",
>>> "index.template.php" ));
>>> +
>>> + // case sensitive checking
>>> + $this->assertTrue( Glob::myFnMatch(
>> "*index.template.PHP", "index.template.php", FNM_CASEFOLD ));
>>> + $this->assertFalse( Glob::myFnMatch(
>> "*index.template.PHP",
>>> +"index.template.php"));
>>> }
>>> }
>>> ?>
>>> \ No newline at end of file
>>>
>>> _______________________________________________
>>> pLog-svn mailing list
>>> pLog-svn at devel.lifetype.net
>>> http://limedaley.com/mailman/listinfo/plog-svn
>>>
>>
>> --
>> Jon Daley
>> http://jon.limedaley.com/
>>
>> Everything takes longer than you think.
>> -- Murphy's Second Law
>> _______________________________________________
>> pLog-svn mailing list
>> pLog-svn at devel.lifetype.net
>> http://limedaley.com/mailman/listinfo/plog-svn
>
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://limedaley.com/mailman/listinfo/plog-svn
>
--
Jon Daley
http://jon.limedaley.com/
Isn't it unnerving that doctors call what they do "practice"?
More information about the pLog-svn
mailing list