search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix #49; prevent readdir infinite loop when cache directory not listable.
[htmlpurifier.git] / library / HTMLPurifier / DefinitionCache / Serializer.php
blob4686fcff595322d7abe6ccda4aac4a5ba092fd29
1 <?php
2
3 class HTMLPurifier_DefinitionCache_Serializer extends HTMLPurifier_DefinitionCache
4 {
5
6 /**
7 * @param HTMLPurifier_Definition $def
8 * @param HTMLPurifier_Config $config
9 * @return int|bool
10 */
11 public function add($def, $config)
12 {
13 if (!$this->checkDefType($def)) {
14 return;
15 }
16 $file = $this->generateFilePath($config);
17 if (file_exists($file)) {
18 return false;
19 }
20 if (!$this->_prepareDir($config)) {
21 return false;
22 }
23 return $this->_write($file, serialize($def), $config);
24 }
25
26 /**
27 * @param HTMLPurifier_Definition $def
28 * @param HTMLPurifier_Config $config
29 * @return int|bool
30 */
31 public function set($def, $config)
32 {
33 if (!$this->checkDefType($def)) {
34 return;
35 }
36 $file = $this->generateFilePath($config);
37 if (!$this->_prepareDir($config)) {
38 return false;
39 }
40 return $this->_write($file, serialize($def), $config);
41 }
42
43 /**
44 * @param HTMLPurifier_Definition $def
45 * @param HTMLPurifier_Config $config
46 * @return int|bool
47 */
48 public function replace($def, $config)
49 {
50 if (!$this->checkDefType($def)) {
51 return;
52 }
53 $file = $this->generateFilePath($config);
54 if (!file_exists($file)) {
55 return false;
56 }
57 if (!$this->_prepareDir($config)) {
58 return false;
59 }
60 return $this->_write($file, serialize($def), $config);
61 }
62
63 /**
64 * @param HTMLPurifier_Config $config
65 * @return bool|HTMLPurifier_Config
66 */
67 public function get($config)
68 {
69 $file = $this->generateFilePath($config);
70 if (!file_exists($file)) {
71 return false;
72 }
73 return unserialize(file_get_contents($file));
74 }
75
76 /**
77 * @param HTMLPurifier_Config $config
78 * @return bool
79 */
80 public function remove($config)
81 {
82 $file = $this->generateFilePath($config);
83 if (!file_exists($file)) {
84 return false;
85 }
86 return unlink($file);
87 }
88
89 /**
90 * @param HTMLPurifier_Config $config
91 * @return bool
92 */
93 public function flush($config)
94 {
95 if (!$this->_prepareDir($config)) {
96 return false;
97 }
98 $dir = $this->generateDirectoryPath($config);
99 $dh = opendir($dir);
100 // Apparently, on some versions of PHP, readdir will return
101 // an empty string if you pass an invalid argument to readdir.
102 // So you need this test. See #49.
103 if (false === $dh) {
104 return false;
105 }
106 while (false !== ($filename = readdir($dh))) {
107 if (empty($filename)) {
108 continue;
109 }
110 if ($filename[0] === '.') {
111 continue;
112 }
113 unlink($dir . '/' . $filename);
114 }
115 return true;
116 }
117
118 /**
119 * @param HTMLPurifier_Config $config
120 * @return bool
121 */
122 public function cleanup($config)
123 {
124 if (!$this->_prepareDir($config)) {
125 return false;
126 }
127 $dir = $this->generateDirectoryPath($config);
128 $dh = opendir($dir);
129 // See #49 (and above).
130 if (false === $dh) {
131 return false;
132 }
133 while (false !== ($filename = readdir($dh))) {
134 if (empty($filename)) {
135 continue;
136 }
137 if ($filename[0] === '.') {
138 continue;
139 }
140 $key = substr($filename, 0, strlen($filename) - 4);
141 if ($this->isOld($key, $config)) {
142 unlink($dir . '/' . $filename);
143 }
144 }
145 return true;
146 }
147
148 /**
149 * Generates the file path to the serial file corresponding to
150 * the configuration and definition name
151 * @param HTMLPurifier_Config $config
152 * @return string
153 * @todo Make protected
154 */
155 public function generateFilePath($config)
156 {
157 $key = $this->generateKey($config);
158 return $this->generateDirectoryPath($config) . '/' . $key . '.ser';
159 }
160
161 /**
162 * Generates the path to the directory contain this cache's serial files
163 * @param HTMLPurifier_Config $config
164 * @return string
165 * @note No trailing slash
166 * @todo Make protected
167 */
168 public function generateDirectoryPath($config)
169 {
170 $base = $this->generateBaseDirectoryPath($config);
171 return $base . '/' . $this->type;
172 }
173
174 /**
175 * Generates path to base directory that contains all definition type
176 * serials
177 * @param HTMLPurifier_Config $config
178 * @return mixed|string
179 * @todo Make protected
180 */
181 public function generateBaseDirectoryPath($config)
182 {
183 $base = $config->get('Cache.SerializerPath');
184 $base = is_null($base) ? HTMLPURIFIER_PREFIX . '/HTMLPurifier/DefinitionCache/Serializer' : $base;
185 return $base;
186 }
187
188 /**
189 * Convenience wrapper function for file_put_contents
190 * @param string $file File name to write to
191 * @param string $data Data to write into file
192 * @param HTMLPurifier_Config $config
193 * @return int|bool Number of bytes written if success, or false if failure.
194 */
195 private function _write($file, $data, $config)
196 {
197 $result = file_put_contents($file, $data);
198 if ($result !== false) {
199 // set permissions of the new file (no execute)
200 $chmod = $config->get('Cache.SerializerPermissions');
201 if (!$chmod) {
202 $chmod = 0644; // invalid config or simpletest
203 }
204 $chmod = $chmod & 0666;
205 chmod($file, $chmod);
206 }
207 return $result;
208 }
209
210 /**
211 * Prepares the directory that this type stores the serials in
212 * @param HTMLPurifier_Config $config
213 * @return bool True if successful
214 */
215 private function _prepareDir($config)
216 {
217 $directory = $this->generateDirectoryPath($config);
218 $chmod = $config->get('Cache.SerializerPermissions');
219 if (!$chmod) {
220 $chmod = 0755; // invalid config or simpletest
221 }
222 if (!is_dir($directory)) {
223 $base = $this->generateBaseDirectoryPath($config);
224 if (!is_dir($base)) {
225 trigger_error(
226 'Base directory ' . $base . ' does not exist,
227 please create or change using %Cache.SerializerPath',
228 E_USER_WARNING
229 );
230 return false;
231 } elseif (!$this->_testPermissions($base, $chmod)) {
232 return false;
233 }
234 mkdir($directory, $chmod);
235 if (!$this->_testPermissions($directory, $chmod)) {
236 trigger_error(
237 'Base directory ' . $base . ' does not exist,
238 please create or change using %Cache.SerializerPath',
239 E_USER_WARNING
240 );
241 return false;
242 }
243 } elseif (!$this->_testPermissions($directory, $chmod)) {
244 return false;
245 }
246 return true;
247 }
248
249 /**
250 * Tests permissions on a directory and throws out friendly
251 * error messages and attempts to chmod it itself if possible
252 * @param string $dir Directory path
253 * @param int $chmod Permissions
254 * @return bool True if directory is writable
255 */
256 private function _testPermissions($dir, $chmod)
257 {
258 // early abort, if it is writable, everything is hunky-dory
259 if (is_writable($dir)) {
260 return true;
261 }
262 if (!is_dir($dir)) {
263 // generally, you'll want to handle this beforehand
264 // so a more specific error message can be given
265 trigger_error(
266 'Directory ' . $dir . ' does not exist',
267 E_USER_WARNING
268 );
269 return false;
270 }
271 if (function_exists('posix_getuid')) {
272 // POSIX system, we can give more specific advice
273 if (fileowner($dir) === posix_getuid()) {
274 // we can chmod it ourselves
275 $chmod = $chmod | 0700;
276 if (chmod($dir, $chmod)) {
277 return true;
278 }
279 } elseif (filegroup($dir) === posix_getgid()) {
280 $chmod = $chmod | 0070;
281 } else {
282 // PHP's probably running as nobody, so we'll
283 // need to give global permissions
284 $chmod = $chmod | 0777;
285 }
286 trigger_error(
287 'Directory ' . $dir . ' not writable, ' .
288 'please chmod to ' . decoct($chmod),
289 E_USER_WARNING
290 );
291 } else {
292 // generic error message
293 trigger_error(
294 'Directory ' . $dir . ' not writable, ' .
295 'please alter file permissions',
296 E_USER_WARNING
297 );
298 }
299 return false;
300 }
301 }
302
303 // vim: et sw=4 sts=4
Standards-compliant HTML filter written in PHP