Congegni
/
libretime
mirror of https://github.com/libretime/libretime.git
7
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Move file extension check to before database object insertion

This commit is contained in:
Duncan Sommerville 2015-09-24 12:57:19 -04:00
parent 778b67982b
commit dcb30b3aa7
1 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
airtime_mvc/application/models/airtime/CcFiles.php
View File

@ -135,6 +135,13 @@ class CcFiles extends BaseCcFiles {
try try
{ {
//Only accept files with a file extension that we support.
// Let the analyzer do the heavy lifting in terms of mime verification and playability
$fileExtension = pathinfo($originalFilename, PATHINFO_EXTENSION);
if (!in_array(strtolower($fileExtension), array_values(FileDataHelper::getAudioMimeTypeArray()))) {
throw new Exception("Bad file extension.");
}
$fileArray = self::removeBlacklistedFields($fileArray); $fileArray = self::removeBlacklistedFields($fileArray);
self::validateFileArray($fileArray); self::validateFileArray($fileArray);
@ -147,12 +154,6 @@ class CcFiles extends BaseCcFiles {
$file->setDbHidden(true); $file->setDbHidden(true);
$file->save(); $file->save();
//Only accept files with a file extension that we support.
$fileExtension = pathinfo($originalFilename, PATHINFO_EXTENSION);
if (!in_array(strtolower($fileExtension), array_values(FileDataHelper::getAudioMimeTypeArray()))) {
throw new Exception("Bad file extension.");
}
$callbackUrl = Application_Common_HTTPHelper::getStationUrl() . "/rest/media/" . $file->getPrimaryKey(); $callbackUrl = Application_Common_HTTPHelper::getStationUrl() . "/rest/media/" . $file->getPrimaryKey();
Application_Service_MediaService::importFileToLibrary($callbackUrl, $filePath, Application_Service_MediaService::importFileToLibrary($callbackUrl, $filePath,