mirror of
https://github.com/openvk/openvk
synced 2025-01-12 11:03:13 +03:00
Videos: Implement checks to prevent uploads of non-video files or mediacontainers without vstreams
Resolves #234 Sorry, Beatrice
This commit is contained in:
Celestora
parent
cb8038590c
commit
ad878474ce
4 changed files with 33 additions and 8 deletions
|
|
@ -1,8 +1,7 @@
|
||||||
<?php declare(strict_types=1);
|
<?php declare(strict_types=1);
|
||||||
namespace openvk\Web\Models\Entities;
|
namespace openvk\Web\Models\Entities;
|
||||||
use openvk\Web\Util\Shell\Shell;
|
use openvk\Web\Util\Shell\Shell;
|
||||||
use openvk\Web\Util\Shell\Shell\Exceptions\ShellUnavailableException;
|
use openvk\Web\Util\Shell\Shell\Exceptions\{ShellUnavailableException, UnknownCommandException};
|
||||||
use openvk\Web\Util\Shell\Shell\Exceptions\UnknownCommandException;
|
|
||||||
use openvk\Web\Models\VideoDrivers\VideoDriver;
|
use openvk\Web\Models\VideoDrivers\VideoDriver;
|
||||||
use Nette\InvalidStateException as ISE;
|
use Nette\InvalidStateException as ISE;
|
||||||
|
|
||||||
|
|
@ -18,7 +17,24 @@ class Video extends Media
|
||||||
|
|
||||||
protected function saveFile(string $filename, string $hash): bool
|
protected function saveFile(string $filename, string $hash): bool
|
||||||
{
|
{
|
||||||
if(!Shell::commandAvailable("ffmpeg")) exit(VIDEOS_FRIENDLY_ERROR);
|
if(!Shell::commandAvailable("ffmpeg") || !Shell::commandAvailable("ffprobe"))
|
||||||
|
exit(VIDEOS_FRIENDLY_ERROR);
|
||||||
|
|
||||||
|
$error = NULL;
|
||||||
|
$streams = Shell::ffprobe("-i", $filename, "-show_streams", "-select_streams v", "-loglevel error")->execute($error);
|
||||||
|
if($error !== 0)
|
||||||
|
throw new \DomainException("$filename is not a valid video file");
|
||||||
|
else if(empty($streams) || ctype_space($streams))
|
||||||
|
throw new \DomainException("$filename does not contain any video streams");
|
||||||
|
|
||||||
|
$durations = [];
|
||||||
|
preg_match('%duration=([0-9\.]++)%', $streams, $durations);
|
||||||
|
if(sizeof($durations[1]) === 0)
|
||||||
|
throw new \DomainException("$filename does not contain any meaningful video streams");
|
||||||
|
|
||||||
|
foreach($durations[1] as $duration)
|
||||||
|
if(floatval($duration) < 1.0)
|
||||||
|
throw new \DomainException("$filename does not contain any meaningful video streams");
|
||||||
|
|
||||||
try {
|
try {
|
||||||
if(!is_dir($dirId = $this->pathFromHash($hash)))
|
if(!is_dir($dirId = $this->pathFromHash($hash)))
|
||||||
|
|
|
||||||
|
|
@ -68,6 +68,8 @@ final class VideosPresenter extends OpenVKPresenter
|
||||||
$video->setLink($this->postParam("link"));
|
$video->setLink($this->postParam("link"));
|
||||||
else
|
else
|
||||||
$this->flashFail("err", "Нету видеозаписи", "Выберите файл или укажите ссылку.");
|
$this->flashFail("err", "Нету видеозаписи", "Выберите файл или укажите ссылку.");
|
||||||
|
} catch(\DomainException $ex) {
|
||||||
|
$this->flashFail("err", "Произошла ошибка", "Файл повреждён или не содержит видео." );
|
||||||
} catch(ISE $ex) {
|
} catch(ISE $ex) {
|
||||||
$this->flashFail("err", "Произошла ошибка", "Возможно, ссылка некорректна.");
|
$this->flashFail("err", "Произошла ошибка", "Возможно, ссылка некорректна.");
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -200,6 +200,8 @@ final class WallPresenter extends OpenVKPresenter
|
||||||
if($_FILES["_vid_attachment"]["error"] === UPLOAD_ERR_OK) {
|
if($_FILES["_vid_attachment"]["error"] === UPLOAD_ERR_OK) {
|
||||||
$video = Video::fastMake($this->user->id, $this->postParam("text"), $_FILES["_vid_attachment"]);
|
$video = Video::fastMake($this->user->id, $this->postParam("text"), $_FILES["_vid_attachment"]);
|
||||||
}
|
}
|
||||||
|
} catch(\DomainException $ex) {
|
||||||
|
$this->flashFail("err", "Не удалось опубликовать пост", "Файл медиаконтента повреждён.");
|
||||||
} catch(ISE $ex) {
|
} catch(ISE $ex) {
|
||||||
$this->flashFail("err", "Не удалось опубликовать пост", "Файл медиаконтента повреждён или слишком велик.");
|
$this->flashFail("err", "Не удалось опубликовать пост", "Файл медиаконтента повреждён или слишком велик.");
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -16,14 +16,16 @@ class Shell
|
||||||
|
|
||||||
static function commandAvailable(string $name): bool
|
static function commandAvailable(string $name): bool
|
||||||
{
|
{
|
||||||
if(!Shell::shellAvailable()) throw new Exceptions\ShellUnavailableException;
|
if(!Shell::shellAvailable())
|
||||||
|
throw new Exceptions\ShellUnavailableException;
|
||||||
|
|
||||||
return !is_null(`command -v $name`);
|
return !is_null(`command -v $name`);
|
||||||
}
|
}
|
||||||
|
|
||||||
static function __callStatic(string $name, array $arguments): object
|
static function __callStatic(string $name, array $arguments): object
|
||||||
{
|
{
|
||||||
if(!Shell::commandAvailable($name)) throw new Exceptions\UnknownCommandException($name);
|
if(!Shell::commandAvailable($name))
|
||||||
|
throw new Exceptions\UnknownCommandException($name);
|
||||||
|
|
||||||
$command = implode(" ", array_merge([$name], $arguments));
|
$command = implode(" ", array_merge([$name], $arguments));
|
||||||
|
|
||||||
|
|
@ -36,14 +38,17 @@ class Shell
|
||||||
$this->command = $cmd;
|
$this->command = $cmd;
|
||||||
}
|
}
|
||||||
|
|
||||||
function execute(): string
|
function execute(?int &$result = nullptr): string
|
||||||
{
|
{
|
||||||
return shell_exec($this->command);
|
$stdout = [];
|
||||||
|
exec($this->command, $stdout, $result);
|
||||||
|
|
||||||
|
return implode(PHP_EOL, $stdout);
|
||||||
}
|
}
|
||||||
|
|
||||||
function start(): string
|
function start(): string
|
||||||
{
|
{
|
||||||
shell_exec("nohup " . $this->command . " > /dev/null 2>/dev/null &");
|
system("nohup " . $this->command . " > /dev/null 2>/dev/null &");
|
||||||
|
|
||||||
return $this->command;
|
return $this->command;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue