Cchost/developer/tutorial/Replacing the File Verifier
Revision as of 20:21, 6 November 2008 by Fourstones (talk | contribs) (New page: Category:ccHost Category:ccMixter Category:Developer Category:Software Category:Technology {{draft}} {{lowercase}} {{Infobox|NOTE: This code is untested. It is only the...)
This article describes a DRAFT under discussion; contents, specifications and recommendations may change until the public discussion is complete.
NOTE: This code is untested. It is only theoretical until someone can verify it works as advertised.
The ccHost philosophy for file verifying is a whitelist - a list of file types to be accepted, all others rejected. At least one installation has chosen to implement a blacklist instead. The portable way to do this is to use ccHost's verify hook - basically a global variable.
The following code is a skeleton of how to hook the system. The actual blacklisting algorithm is left as an exercise for the reader. Put this code into a file <local_files>/lib/blacklist_validator.php:
<?
// the uploader looks for this variable:
global $CC_UPLOAD_VALIDATOR;
// set the global to our validator factory...
$CC_UPLOAD_VALIDATOR = 'make_blacklist_validator';
function make_blacklist_validator()
{
return new Blacklist_Validator(true); // set this to false if you don't want to
// delegate to the system's validator
}
/**
* Blacklist_Validator
*
* Replace (or override) the existing whitelist base verifier
* with an alternate version
*
*/
class Blacklist_Validator
{
var $old_validator; // store a pointer to the system validator
var $do_delegation; // flag as to whether to delegate to the system.
function Blacklist_Validator($do_delegation=true)
{
$this->do_delegation = $do_delegation;
if( $this->do_delegation )
{
require_once('cchost_lib/ccextras/cc-pseudo-verify.inc');
$this->old_validator = new CCPseudoVerifyAPI();
}
}
function GetValidFileTypes(&$types)
{
if( $this->do_delegation )
{
$retval = $this->old_validator->GetValidFileTypes($types);
}
else
{
$retval = true;
}
$types[] = '*.*';
return $retval;
}
function FileValidate(&$formatinfo)
{
if( $this->do_delegation )
{
$retval = $this->old_validator->FileValidate($formatinfo);
if( $retval )
return true;
}
else
{
if( !is_array( $types ) )
$types = array();
$retval = false;
}
$path = $formatinfo->GetFilePath();
// things really break down if we don't have a
// file extension so we just reject them out
// of hand
$got_ext = preg_match( '/\.([a-z0-9]+)$/', strtolower($path), $m );
if( !$got_ext )
{
$formatinfo->SetErrors( _('Cannot determine file type'));
return false;
}
/***********************************
* Edit the code below here... *
***********************************/
$retval = 1 ? true : false; // <<<---- your verification code goes here
if( $retval )
{
$FI['tags'] = 'archive,' . $m[0]; // tags here will be added to
$FI['default-ext'] = $m[0]; // your default extension goes here
$FI['media-type'] = 'archive'; // media type (e.g. video, audio, image, archive, etc.)
$FI['mime_type'] = 'octect/stream'; // or whatever you think
$formatinfo->SetData( $FI );
$formatinfo->_errors = '';
}
return $retval;
}
}
?>
