Simplify the metadata sanitization and bugfix it
* SAAS-376 and CC-5868
This commit is contained in:
Albert Santoni
parent
2ae921e9d7
commit
17f1d0e96d
|
|
@ -1,9 +1,4 @@
|
|||
<?php
|
||||
/**
|
||||
* Created by PhpStorm.
|
||||
* User: sourcefabric
|
||||
* Date: 17/02/15
|
||||
*/
|
||||
|
||||
class FileDataHelper {
|
||||
|
||||
|
|
@ -12,9 +7,16 @@ class FileDataHelper {
|
|||
* at all costs, so check the data and sanitize it if necessary
|
||||
* @param array $data array containing new file metadata
|
||||
*/
|
||||
public static function sanitizeData(&$data) {
|
||||
// If the track number isn't numeric, this will return 0
|
||||
$data["track_number"] = intval($data["track_number"]);
|
||||
public static function sanitizeData(&$data)
|
||||
{
|
||||
if (array_key_exists("track_number", $data)) {
|
||||
// If the track number isn't numeric, this will return 0
|
||||
$data["track_number"] = intval($data["track_number"]);
|
||||
}
|
||||
if (array_key_exists("year", $data)) {
|
||||
// If the track number isn't numeric, this will return 0
|
||||
$data["year"] = intval($data["year"]);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -443,24 +443,11 @@ class LibraryController extends Zend_Controller_Action
|
|||
$serialized[$j["name"]] = $j["value"];
|
||||
}
|
||||
|
||||
// Sanitize any wildly incorrect metadata before it goes to be validated.
|
||||
FileDataHelper::sanitizeData($serialized);
|
||||
|
||||
if ($form->isValid($serialized)) {
|
||||
// Sanitize any incorrect metadata that slipped past validation
|
||||
FileDataHelper::sanitizeData($serialized["track_number"]);
|
||||
|
||||
$formValues = $this->_getParam('data', null);
|
||||
$formdata = array();
|
||||
foreach ($formValues as $val) {
|
||||
$formdata[$val["name"]] = $val["value"];
|
||||
}
|
||||
$file->setDbColMetadata($formdata);
|
||||
|
||||
$data = $file->getMetadata();
|
||||
|
||||
// set MDATA_KEY_FILEPATH
|
||||
$data['MDATA_KEY_FILEPATH'] = $file->getFilePath();
|
||||
Logging::info($data['MDATA_KEY_FILEPATH']);
|
||||
Application_Model_RabbitMq::SendMessageToMediaMonitor("md_update", $data);
|
||||
|
||||
$file->setDbColMetadata($serialized);
|
||||
$this->_redirect('Library');
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -113,9 +113,6 @@ class Rest_MediaController extends Zend_Rest_Controller
|
|||
$file->save();
|
||||
return;
|
||||
} else {
|
||||
// Sanitize any incorrect metadata that slipped past validation
|
||||
FileDataHelper::sanitizeData($whiteList["track_number"]);
|
||||
|
||||
/* If full_path is set, the post request came from ftp.
|
||||
* Users are allowed to upload folders via ftp. If this is the case
|
||||
* we need to include the folder name with the file name, otherwise
|
||||
|
|
@ -168,8 +165,6 @@ class Rest_MediaController extends Zend_Rest_Controller
|
|||
$file->save();
|
||||
return;
|
||||
} else if ($file && isset($requestData["resource_id"])) {
|
||||
// Sanitize any incorrect metadata that slipped past validation
|
||||
FileDataHelper::sanitizeData($whiteList["track_number"]);
|
||||
|
||||
$file->fromArray($whiteList, BasePeer::TYPE_FIELDNAME);
|
||||
|
||||
|
|
@ -199,8 +194,6 @@ class Rest_MediaController extends Zend_Rest_Controller
|
|||
->setHttpResponseCode(200)
|
||||
->appendBody(json_encode(CcFiles::sanitizeResponse($file)));
|
||||
} else if ($file) {
|
||||
// Sanitize any incorrect metadata that slipped past validation
|
||||
$this->sanitizeData($file, $whiteList);
|
||||
|
||||
$file->fromArray($whiteList, BasePeer::TYPE_FIELDNAME);
|
||||
|
||||
|
|
@ -294,6 +287,9 @@ class Rest_MediaController extends Zend_Rest_Controller
|
|||
|
||||
private function validateRequestData($file, &$whiteList)
|
||||
{
|
||||
// Sanitize any wildly incorrect metadata before it goes to be validated
|
||||
FileDataHelper::sanitizeData($whiteList);
|
||||
|
||||
try {
|
||||
// EditAudioMD form is used here for validation
|
||||
$fileForm = new Application_Form_EditAudioMD();
|
||||
|
|
|
|||
Loading…
Reference in New Issue