Lanmikeman/openvk
Lanmikeman/openvk
1
1
Fork 0
mirror of https://github.com/openvk/openvk synced 2024-09-21 08:36:17 +03:00
Code Issues Projects Releases Packages Wiki Activity

Videos: Implement checks to prevent uploads of non-video files or mediacontainers without vstreams

Browse source 
Resolves #234
Sorry, Beatrice
This commit is contained in:
Celestora 2021-10-15 12:34:59 +03:00
parent cb8038590c
commit ad878474ce
4 changed files with 33 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
Web/Models/Entities/Video.php
View file

@ -1,8 +1,7 @@
<?php declare(strict_types=1);
namespace openvk\Web\Models\Entities;
use openvk\Web\Util\Shell\Shell;
use openvk\Web\Util\Shell\Shell\Exceptions\ShellUnavailableException;
use openvk\Web\Util\Shell\Shell\Exceptions\UnknownCommandException;
use openvk\Web\Util\Shell\Shell\Exceptions\{ShellUnavailableException, UnknownCommandException};
use openvk\Web\Models\VideoDrivers\VideoDriver;
use Nette\InvalidStateException as ISE;
@ -18,7 +17,24 @@ class Video extends Media
protected function saveFile(string $filename, string $hash): bool
{
if(!Shell::commandAvailable("ffmpeg")) exit(VIDEOS_FRIENDLY_ERROR);
if(!Shell::commandAvailable("ffmpeg") || !Shell::commandAvailable("ffprobe"))
exit(VIDEOS_FRIENDLY_ERROR);
$error = NULL;
$streams = Shell::ffprobe("-i", $filename, "-show_streams", "-select_streams v", "-loglevel error")->execute($error);
if($error !== 0)
throw new \DomainException("$filename is not a valid video file");
else if(empty($streams) || ctype_space($streams))
throw new \DomainException("$filename does not contain any video streams");
$durations = [];
preg_match('%duration=([0-9\.]++)%', $streams, $durations);
if(sizeof($durations[1]) === 0)
throw new \DomainException("$filename does not contain any meaningful video streams");
foreach($durations[1] as $duration)
if(floatval($duration) < 1.0)
throw new \DomainException("$filename does not contain any meaningful video streams");
try {
if(!is_dir($dirId = $this->pathFromHash($hash)))

2
Web/Presenters/VideosPresenter.php
View file

@ -68,6 +68,8 @@ final class VideosPresenter extends OpenVKPresenter
$video->setLink($this->postParam("link"));
else
$this->flashFail("err", "Нету видеозаписи", "Выберите файл или укажите ссылку.");
} catch(\DomainException $ex) {
$this->flashFail("err", "Произошла ошибка", "Файл повреждён или не содержит видео." );
} catch(ISE $ex) {
$this->flashFail("err", "Произошла ошибка", "Возможно, ссылка некорректна.");
}

2
Web/Presenters/WallPresenter.php
View file

@ -200,6 +200,8 @@ final class WallPresenter extends OpenVKPresenter
if($_FILES["_vid_attachment"]["error"] === UPLOAD_ERR_OK) {
$video = Video::fastMake($this->user->id, $this->postParam("text"), $_FILES["_vid_attachment"]);
}
} catch(\DomainException $ex) {
$this->flashFail("err", "Не удалось опубликовать пост", "Файл медиаконтента повреждён.");
} catch(ISE $ex) {
$this->flashFail("err", "Не удалось опубликовать пост", "Файл медиаконтента повреждён или слишком велик.");
}

15
Web/Util/Shell/Shell.php
View file

@ -16,14 +16,16 @@ class Shell
static function commandAvailable(string $name): bool
{
if(!Shell::shellAvailable()) throw new Exceptions\ShellUnavailableException;
if(!Shell::shellAvailable())
throw new Exceptions\ShellUnavailableException;
return !is_null(`command -v $name`);
}
static function __callStatic(string $name, array $arguments): object
{
if(!Shell::commandAvailable($name)) throw new Exceptions\UnknownCommandException($name);
if(!Shell::commandAvailable($name))
throw new Exceptions\UnknownCommandException($name);
$command = implode(" ", array_merge([$name], $arguments));
@ -36,14 +38,17 @@ class Shell
$this->command = $cmd;
}
function execute(): string
function execute(?int &$result = nullptr): string
{
return shell_exec($this->command);
$stdout = [];
exec($this->command, $stdout, $result);
return implode(PHP_EOL, $stdout);
}
function start(): string
{
shell_exec("nohup " . $this->command . " > /dev/null 2>/dev/null &");
system("nohup " . $this->command . " > /dev/null 2>/dev/null &");
return $this->command;
}