mirror of
https://github.com/openvk/openvk
synced 2025-01-12 11:03:13 +03:00
Videos: Implement checks to prevent uploads of non-video files or mediacontainers without vstreams
Resolves #234 Sorry, Beatrice
This commit is contained in:
parent
cb8038590c
commit
ad878474ce
4 changed files with 33 additions and 8 deletions
|
@ -1,8 +1,7 @@
|
|||
<?php declare(strict_types=1);
|
||||
namespace openvk\Web\Models\Entities;
|
||||
use openvk\Web\Util\Shell\Shell;
|
||||
use openvk\Web\Util\Shell\Shell\Exceptions\ShellUnavailableException;
|
||||
use openvk\Web\Util\Shell\Shell\Exceptions\UnknownCommandException;
|
||||
use openvk\Web\Util\Shell\Shell\Exceptions\{ShellUnavailableException, UnknownCommandException};
|
||||
use openvk\Web\Models\VideoDrivers\VideoDriver;
|
||||
use Nette\InvalidStateException as ISE;
|
||||
|
||||
|
@ -18,7 +17,24 @@ class Video extends Media
|
|||
|
||||
protected function saveFile(string $filename, string $hash): bool
|
||||
{
|
||||
if(!Shell::commandAvailable("ffmpeg")) exit(VIDEOS_FRIENDLY_ERROR);
|
||||
if(!Shell::commandAvailable("ffmpeg") || !Shell::commandAvailable("ffprobe"))
|
||||
exit(VIDEOS_FRIENDLY_ERROR);
|
||||
|
||||
$error = NULL;
|
||||
$streams = Shell::ffprobe("-i", $filename, "-show_streams", "-select_streams v", "-loglevel error")->execute($error);
|
||||
if($error !== 0)
|
||||
throw new \DomainException("$filename is not a valid video file");
|
||||
else if(empty($streams) || ctype_space($streams))
|
||||
throw new \DomainException("$filename does not contain any video streams");
|
||||
|
||||
$durations = [];
|
||||
preg_match('%duration=([0-9\.]++)%', $streams, $durations);
|
||||
if(sizeof($durations[1]) === 0)
|
||||
throw new \DomainException("$filename does not contain any meaningful video streams");
|
||||
|
||||
foreach($durations[1] as $duration)
|
||||
if(floatval($duration) < 1.0)
|
||||
throw new \DomainException("$filename does not contain any meaningful video streams");
|
||||
|
||||
try {
|
||||
if(!is_dir($dirId = $this->pathFromHash($hash)))
|
||||
|
|
|
@ -68,6 +68,8 @@ final class VideosPresenter extends OpenVKPresenter
|
|||
$video->setLink($this->postParam("link"));
|
||||
else
|
||||
$this->flashFail("err", "Нету видеозаписи", "Выберите файл или укажите ссылку.");
|
||||
} catch(\DomainException $ex) {
|
||||
$this->flashFail("err", "Произошла ошибка", "Файл повреждён или не содержит видео." );
|
||||
} catch(ISE $ex) {
|
||||
$this->flashFail("err", "Произошла ошибка", "Возможно, ссылка некорректна.");
|
||||
}
|
||||
|
|
|
@ -200,6 +200,8 @@ final class WallPresenter extends OpenVKPresenter
|
|||
if($_FILES["_vid_attachment"]["error"] === UPLOAD_ERR_OK) {
|
||||
$video = Video::fastMake($this->user->id, $this->postParam("text"), $_FILES["_vid_attachment"]);
|
||||
}
|
||||
} catch(\DomainException $ex) {
|
||||
$this->flashFail("err", "Не удалось опубликовать пост", "Файл медиаконтента повреждён.");
|
||||
} catch(ISE $ex) {
|
||||
$this->flashFail("err", "Не удалось опубликовать пост", "Файл медиаконтента повреждён или слишком велик.");
|
||||
}
|
||||
|
|
|
@ -16,14 +16,16 @@ class Shell
|
|||
|
||||
static function commandAvailable(string $name): bool
|
||||
{
|
||||
if(!Shell::shellAvailable()) throw new Exceptions\ShellUnavailableException;
|
||||
if(!Shell::shellAvailable())
|
||||
throw new Exceptions\ShellUnavailableException;
|
||||
|
||||
return !is_null(`command -v $name`);
|
||||
}
|
||||
|
||||
static function __callStatic(string $name, array $arguments): object
|
||||
{
|
||||
if(!Shell::commandAvailable($name)) throw new Exceptions\UnknownCommandException($name);
|
||||
if(!Shell::commandAvailable($name))
|
||||
throw new Exceptions\UnknownCommandException($name);
|
||||
|
||||
$command = implode(" ", array_merge([$name], $arguments));
|
||||
|
||||
|
@ -36,14 +38,17 @@ class Shell
|
|||
$this->command = $cmd;
|
||||
}
|
||||
|
||||
function execute(): string
|
||||
function execute(?int &$result = nullptr): string
|
||||
{
|
||||
return shell_exec($this->command);
|
||||
$stdout = [];
|
||||
exec($this->command, $stdout, $result);
|
||||
|
||||
return implode(PHP_EOL, $stdout);
|
||||
}
|
||||
|
||||
function start(): string
|
||||
{
|
||||
shell_exec("nohup " . $this->command . " > /dev/null 2>/dev/null &");
|
||||
system("nohup " . $this->command . " > /dev/null 2>/dev/null &");
|
||||
|
||||
return $this->command;
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue