2016-06-06 14:13:16 +02:00
|
|
|
<?php
|
2021-11-14 16:42:21 +01:00
|
|
|
App::uses('JsonTool', 'Tools');
|
2016-06-06 14:13:16 +02:00
|
|
|
|
2018-07-19 11:48:22 +02:00
|
|
|
class FileAccessTool
|
|
|
|
{
|
2021-10-17 14:47:22 +02:00
|
|
|
/**
|
|
|
|
* @param string $path
|
|
|
|
* @param int $permissions
|
|
|
|
* @throws Exception
|
|
|
|
*/
|
|
|
|
public static function createFile($path, $permissions = 0600)
|
|
|
|
{
|
|
|
|
if (!file_exists($path)) {
|
|
|
|
if (!touch($path)) {
|
|
|
|
throw new Exception("Could not create file `$path`.");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
@chmod($path, $permissions); // hide error if current user is not file owner
|
|
|
|
}
|
|
|
|
|
2021-10-03 23:53:03 +02:00
|
|
|
/**
|
|
|
|
* Creates temporary file, but you have to delete it after use.
|
2021-10-08 12:33:09 +02:00
|
|
|
* @param string|null $dir
|
2021-10-03 23:53:03 +02:00
|
|
|
* @param string $prefix
|
|
|
|
* @return string
|
|
|
|
* @throws Exception
|
|
|
|
*/
|
2021-10-08 12:33:09 +02:00
|
|
|
public static function createTempFile($dir = null, $prefix = 'MISP')
|
2018-07-19 11:48:22 +02:00
|
|
|
{
|
2021-10-08 12:33:09 +02:00
|
|
|
if ($dir === null) {
|
2022-02-09 09:18:02 +01:00
|
|
|
$dir = Configure::read('MISP.tmpdir') ?: APP . 'tmp';
|
2021-10-08 12:33:09 +02:00
|
|
|
}
|
2018-07-19 11:48:22 +02:00
|
|
|
$tempFile = tempnam($dir, $prefix);
|
2021-10-03 23:53:03 +02:00
|
|
|
if ($tempFile === false) {
|
|
|
|
throw new Exception("An error has occurred while attempt to create a temporary file in path `$dir`.");
|
|
|
|
}
|
2018-07-19 11:48:22 +02:00
|
|
|
return $tempFile;
|
|
|
|
}
|
2016-06-06 14:13:16 +02:00
|
|
|
|
2021-10-03 23:53:03 +02:00
|
|
|
/**
|
|
|
|
* @param string $file
|
|
|
|
* @param int $fileSize
|
|
|
|
* @return string
|
|
|
|
* @throws Exception
|
|
|
|
*/
|
|
|
|
public static function readFromFile($file, $fileSize = -1)
|
2018-07-19 11:48:22 +02:00
|
|
|
{
|
2021-10-08 12:33:09 +02:00
|
|
|
if ($fileSize === -1) {
|
|
|
|
$content = file_get_contents($file);
|
|
|
|
} else {
|
|
|
|
$content = file_get_contents($file, false, null, 0, $fileSize);
|
|
|
|
}
|
2021-10-03 23:53:03 +02:00
|
|
|
if ($content === false) {
|
2021-10-09 14:43:13 +02:00
|
|
|
if (!file_exists($file)) {
|
|
|
|
$message = "file doesn't exists";
|
|
|
|
} else if (!is_readable($file)) {
|
|
|
|
$message = "file is not readable";
|
|
|
|
} else {
|
|
|
|
$message = 'unknown error';
|
|
|
|
}
|
|
|
|
throw new Exception("An error has occurred while attempt to read file `$file`: $message.");
|
2018-07-19 11:48:22 +02:00
|
|
|
}
|
2021-10-03 23:53:03 +02:00
|
|
|
return $content;
|
2018-07-19 11:48:22 +02:00
|
|
|
}
|
2016-06-06 14:13:16 +02:00
|
|
|
|
2021-11-14 16:42:21 +01:00
|
|
|
/**
|
|
|
|
* @param string $file
|
|
|
|
* @return mixed
|
|
|
|
* @throws Exception
|
|
|
|
*/
|
|
|
|
public static function readJsonFromFile($file)
|
|
|
|
{
|
|
|
|
$content = self::readFromFile($file);
|
|
|
|
try {
|
|
|
|
return JsonTool::decode($content);
|
|
|
|
} catch (Exception $e) {
|
|
|
|
throw new Exception("Could not decode JSON from file `$file`", 0, $e);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-10-12 11:09:37 +02:00
|
|
|
/**
|
|
|
|
* @param string $file
|
|
|
|
* @return string
|
|
|
|
* @throws Exception
|
|
|
|
*/
|
|
|
|
public static function readAndDelete($file)
|
|
|
|
{
|
|
|
|
$content = self::readFromFile($file);
|
|
|
|
self::deleteFile($file);
|
|
|
|
return $content;
|
|
|
|
}
|
|
|
|
|
2021-10-03 23:53:03 +02:00
|
|
|
/**
|
|
|
|
* @param string $file
|
|
|
|
* @param mixed $content
|
2021-10-09 17:16:49 +02:00
|
|
|
* @param bool $createFolder
|
2021-10-08 12:33:09 +02:00
|
|
|
* @throws Exception
|
|
|
|
*/
|
2022-07-06 15:29:21 +02:00
|
|
|
public static function writeToFile($file, $content, $createFolder = false, $append = false)
|
2021-10-08 12:33:09 +02:00
|
|
|
{
|
2021-10-09 17:16:49 +02:00
|
|
|
$dir = dirname($file);
|
|
|
|
if ($createFolder && !is_dir($dir)) {
|
|
|
|
if (!mkdir($dir, 0766, true)) {
|
|
|
|
throw new Exception("An error has occurred while attempt to create directory `$dir`.");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2022-07-06 15:29:21 +02:00
|
|
|
if (file_put_contents($file, $content, LOCK_EX | (!empty($append) ? FILE_APPEND : 0)) === false) {
|
2021-10-09 17:16:49 +02:00
|
|
|
$freeSpace = disk_free_space($dir);
|
2021-10-08 12:33:09 +02:00
|
|
|
throw new Exception("An error has occurred while attempt to write to file `$file`. Maybe not enough space? ($freeSpace bytes left)");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @param mixed $content
|
|
|
|
* @param string|null $dir
|
|
|
|
* @return string Path to temp file
|
2021-10-03 23:53:03 +02:00
|
|
|
* @throws Exception
|
|
|
|
*/
|
2021-10-08 12:33:09 +02:00
|
|
|
public static function writeToTempFile($content, $dir = null)
|
2018-07-19 11:48:22 +02:00
|
|
|
{
|
2021-10-08 12:33:09 +02:00
|
|
|
$tempFile = self::createTempFile($dir);
|
2021-10-09 17:16:49 +02:00
|
|
|
if (file_put_contents($tempFile, $content) === false) {
|
2021-10-08 12:33:09 +02:00
|
|
|
self::deleteFile($tempFile);
|
2021-10-09 17:16:49 +02:00
|
|
|
$freeSpace = disk_free_space(dirname($tempFile));
|
|
|
|
throw new Exception("An error has occurred while attempt to write to file `$tempFile`. Maybe not enough space? ($freeSpace bytes left)");
|
2021-10-03 23:53:03 +02:00
|
|
|
}
|
2021-10-08 12:33:09 +02:00
|
|
|
return $tempFile;
|
2018-07-19 11:48:22 +02:00
|
|
|
}
|
2016-06-06 14:13:16 +02:00
|
|
|
|
2021-10-03 23:53:03 +02:00
|
|
|
/**
|
|
|
|
* @param string $file
|
|
|
|
* @param mixed $content
|
|
|
|
* @throws Exception
|
|
|
|
*/
|
|
|
|
public static function writeCompressedFile($file, $content)
|
2018-07-19 11:48:22 +02:00
|
|
|
{
|
2021-10-03 23:53:03 +02:00
|
|
|
$res = gzopen($file, 'wb1');
|
|
|
|
if ($res === false) {
|
|
|
|
throw new Exception("An error has occurred while attempt to open file `$file` for writing.");
|
|
|
|
}
|
|
|
|
$result = gzwrite($res, $content);
|
2018-07-19 11:48:22 +02:00
|
|
|
if ($result === false) {
|
2021-10-03 23:53:03 +02:00
|
|
|
throw new Exception("An error has occurred while attempt to write into file `$file`.");
|
2018-07-19 11:48:22 +02:00
|
|
|
}
|
2021-10-03 23:53:03 +02:00
|
|
|
gzclose($res);
|
|
|
|
return $result;
|
2018-07-19 11:48:22 +02:00
|
|
|
}
|
new: Rework of the attachment uploader
- add attachments and upload_sample now share code
- allow the same features via upload_sample (object creation / use of advanced add attachments)
- new flag: advanced
- example:
POST to mymisp/events/upload_sample
BODY:
{"request":{"files": [{"filename": "bla.exe", "data": "U3RhckNyYWZ0IElJIGZvcmV2ZXI="}], "distribution": 1, "advanced":1, "info":"bla"}}
- this commit was brought to you by CEF and
MMMH$= - ., ,,. %H++ ,= %%$$$$X+ ;=== .= :+HHHMMMHMMM####MMH@@@@@@HHH$= HHH@HHHHH+XXX$$$$$$$$XXXXXXX+
MMH = -. . ,-,,-,. :H@H =;;++$HH+XX$%+X%+$++=:=.XH@@@HMMMMMMMMH@@@@@@@HHX$ ,X@@@@@@@HHHHHHHHHHXXXXXXXXXXXXXX
. ---, - ,,, +@ .. ;++$HH+HHH++$+++HH+++, .+%HHMHHHHHHHHH+%%%++++$+ +++HHHHHHH+++++++++HHHHHHHHHHHHHH
- -- ,,, --,. - , ,; +$XHH@@@@HHH@@@HHHH+$+$X+HH+$$+ ; ;= . % + ,+$X+++XXXXXXXXXXXXX++HH+++++++
---==,,--,-,-., : . -,,:/ $XHH@HMMMMMMMMMM@HHX$H@MHHHHX+H%%$%+H/:.%. $. @,,,. $$XXXXXXXXXXXXXXXXXXXXXXXXXX+
= - --,, , -- .. =/ +$+H@@HMMMMMMMMH+H+++HHHHHHHH@+++++H+X++X+$$ = ,,, - $$XXXXX$$$$X$$$$$$$$$$$$$$X
====== --,,,, ,= = ,==== ++$$+HHMMM####MH+$$+++HH@+HH@MHMMH@@H@@@HH+$+ ,,, ,. $$+$++$$$$$$$$$$++$$$$$$$X
:==-===-,. ,., == . :;; +++%$+H@HMMMMMMM%$%$$$+H@@+HH@MMMMMM@@@@HHH++H. .,,-,,--=/+$$%%%%%%%%$+%%$$$$$XXXXX
, = ==- - . == . =; ++++%++HHHHHHHHHH++%$$X+@@H+HHHMMMMMMHH@@@+X+ , ,,,,- , ,$$$$$$$+++++$$$$XXXXX$$
,,- , --= .. . ;/ ++++%$X+HHHHHHH ++$++X+HH+X+H@HMMHHHHHHHH+. ,, ,, , . +$$$$+%+$$$$$$$$$$
,-----=-=--, ,== ..;/ +% +%$XX+HH++HH+/+$%++H@@HHXHHH@@@@@@@@HXX . .,,,. ,,,, ,-=$$$$$$$$$$$$$$$$$
- ,- -- -, ,-= . =/++%++%+++++XXXXX$$+. +HHH@+$XHHHHHHHHH++$ -,,, ,, ,,,. ,+$$$$$$$$$$$$
---,-----, . == =/+%+++%++$$+++$X$$$$++,$$+++XXHHHHHHHH+X$+% ,-,-, ,, . . ,+$$+++++++
== --, -- =--, ,,= . ./++$$++$+X$+/++$$XXXX$$$$XXXXXXH+HH+H+X$%%/ .,,,,,, .. .. ,. ,,,-=+%+++ /++
+ -- - -,,- ., . . . = +$$++++HH+. ,+$$+++++++$XX$X$XHHH+X$$+ ..--,- .. . . ,-, = ======
MH - ---- --,,, . .. , %++$$X++++ +%++++++++%++$$$$$+H++X$$+ --, . . . = .====
MM=,-, ---,,,,, . . ...,,, =/++%$$XXXX+/+++@@H@HX$+%$$+HHHHH$$$+: ,-- . ,. .. .. ==::;=-:;;;
MM+ ,----,,,, , .. ,. +++X+HH+++++%++$++++$$+HHH+++$$ ,- , . . : ;/ +%+.
MMH ,-,-,, ,,. . -, = = +$+H@HH++++$$X$$+++HHH+++$ , .. , +++++++%%+%+
MM@,--,-,,,,,. . ,, . ,-, .=+$XHHHXXHHHHHHHH@@@@HX$%+: ,, . ..,, ..... ...%%%%++%%%%%%%%
M@@== ,,, , ++++XX++HHHHHH++HHH+, , , . .... . +$+%%%%%%+%%%%%
H@H+=,,, .. ,,+%$+H@HHHXX++, , ,, . ... . ,$$$$$%%%%%+%+%%%%
@H+,-,,..... . .,.;; ++$$X+%+:- , . .,,, . ... . XXX$$$%%%%%%+%%%%%
+++ -, . ... . .======== === , ,, . . .. . -,XXX$X$+$+%%%%%%%%%
$+ . ===:; ++++ ++++-,. , ,-, . $X+XX+XXX$$+%++%%%%%
++: ,. . ,-,,-==:; %%%%%+%$$%$$X$$$+%+:== . . ,, ..+X$XXXXXX$$$+%%$$%%%%
=: ,,, == ++++++$+$$%+++$$$++$+ . == . .,,, +$$$$$$$$$$$$$$+$%%%+
, ,---, =:;/++$$XX$$$$$$X+H@H@HHH$%%%$X$++;===== . ., .. +%%+$++$%$$$$$$%%++%+
===; +++$$$$+ +%+++%+HH@@@@HH+++ ++%+$+, === .. ,=; +++++++++.. :;;
. =:; /++%$$++, ,++HHMMHH@@@@HHHH@HH++++++ ,+$$+ . .. :=;;:;;;;;==========
.,,-==;;;+% %%+$$$$ /+++@@@@@@@@@@HH@M@MH@@@HHHHH$$% /%$XXX$X . -=====::::=========::
. =; ++++++$+++ , +%H@@@HHH@HH++HHH@MHHH@HHHHHH++++ , +%%+$ ,, - --- ==:=:
====; ++++$$+% ++H@HHHHHHH+X++X++@@@HHH@MMMMHHHHHH@HHHH+++++. ,,,,-,--- =:==;;
.,., ==;// / ++++%+%+%+++$$+@H@@@@H@HHH+XXX$%+HHHH@@HH@HMMMMMMMMMMMMMMH@+%; ...,,,,,--==;;;/;
. ...= .,+%$++%+$XXX$++%+++H@@@@HHH@HHH+++. ++++H+HHHHHHHMMMMMMMMMMMM@++: ,,, ===;;;;;
==: . ++++++++HH%H+++X++HH+H@HHHH@HHHHHHH+++++%++%%+%%++ . , = ++$H@@HMHMMH%= . ..,,=
+++%$XXHHHHHH@H@@@@@H@HH@MMM@@HH@HH+HXH@HH%%+HH+XX$$$+++/;:=== ,,,,,, = ::; % :, ...,,
%+++HHH@HHH@@HMHHHH@HHHMHMHHHHHH+XH+HHH++++HHHH@HHHHH++%+ -, = ,=== ,, ,,, .
H@HHHH#M#M#MHHHM#MMMMMMMHHHH@H@H++@H$+++HHM#MMMMHMMH@@HHHHHH%+++++%%%+++ , .
%%%%%%%%%%%%%%++++%%++ .. ... .. . +++%+++++++%++++%+++++++++%+%++%+%%++%++++++%
2017-09-25 12:22:19 +02:00
|
|
|
|
2021-10-03 23:53:03 +02:00
|
|
|
/**
|
|
|
|
* @param string $file
|
|
|
|
* @return bool
|
|
|
|
*/
|
|
|
|
public static function deleteFile($file)
|
2018-07-19 11:48:22 +02:00
|
|
|
{
|
2021-10-03 23:53:03 +02:00
|
|
|
return unlink($file);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @param string $file
|
|
|
|
* @return bool
|
|
|
|
*/
|
|
|
|
public static function deleteFileIfExists($file)
|
|
|
|
{
|
|
|
|
if (file_exists($file)) {
|
|
|
|
return unlink($file);
|
|
|
|
} else {
|
|
|
|
return true;
|
|
|
|
}
|
2018-07-19 11:48:22 +02:00
|
|
|
}
|
2022-03-17 00:41:55 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
* @param array $submittedFile
|
|
|
|
* @param string $alternate
|
|
|
|
* @return string
|
|
|
|
*/
|
|
|
|
public static function getTempUploadedFile($submittedFile, $alternate = false)
|
|
|
|
{
|
|
|
|
if ($submittedFile['name'] != '' && $alternate != '') {
|
|
|
|
throw new MethodNotAllowedException(__('Only one import field can be used'));
|
|
|
|
}
|
|
|
|
if ($submittedFile['size'] > 0) {
|
|
|
|
$filename = basename($submittedFile['name']);
|
|
|
|
if (!is_uploaded_file($submittedFile['tmp_name'])) {
|
|
|
|
throw new InternalErrorException(__('PHP says file was not uploaded. Are you attacking me?'));
|
|
|
|
}
|
|
|
|
$file = new File($submittedFile['tmp_name']);
|
|
|
|
$file_content = $file->read();
|
|
|
|
$file->close();
|
|
|
|
if ((isset($submittedFile['error']) && $submittedFile['error'] == 0) ||
|
|
|
|
(!empty($submittedFile['tmp_name']) && $submittedFile['tmp_name'] != '')
|
|
|
|
) {
|
|
|
|
if (!$file_content) {
|
|
|
|
throw new InternalErrorException(__('PHP says file was not uploaded. Are you attacking me?'));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
$text = $file_content;
|
|
|
|
} else {
|
|
|
|
$text = $alternate ? $alternate : '';
|
|
|
|
}
|
|
|
|
return $text;
|
|
|
|
}
|
2016-07-04 22:52:28 +02:00
|
|
|
}
|