Classes in this File | Line Coverage | Branch Coverage | Complexity | ||||
UtilsFile |
|
| 3.125;3,125 |
1 | /* | |
2 | * FCKeditor - The text editor for Internet - http://www.fckeditor.net | |
3 | * Copyright (C) 2004-2009 Frederico Caldeira Knabben | |
4 | * | |
5 | * == BEGIN LICENSE == | |
6 | * | |
7 | * Licensed under the terms of any of the following licenses at your | |
8 | * choice: | |
9 | * | |
10 | * - GNU General Public License Version 2 or later (the "GPL") | |
11 | * http://www.gnu.org/licenses/gpl.html | |
12 | * | |
13 | * - GNU Lesser General Public License Version 2.1 or later (the "LGPL") | |
14 | * http://www.gnu.org/licenses/lgpl.html | |
15 | * | |
16 | * - Mozilla Public License Version 1.1 or later (the "MPL") | |
17 | * http://www.mozilla.org/MPL/MPL-1.1.html | |
18 | * | |
19 | * == END LICENSE == | |
20 | */ | |
21 | package net.fckeditor.tool; | |
22 | ||
23 | import java.io.File; | |
24 | import java.io.InputStream; | |
25 | ||
26 | import net.fckeditor.handlers.PropertiesLoader; | |
27 | ||
28 | import org.apache.commons.io.FilenameUtils; | |
29 | import org.devlib.schmidt.imageinfo.ImageInfo; | |
30 | ||
31 | /** | |
32 | * Static helper methods for files. | |
33 | * | |
34 | * @version $Id: UtilsFile.java 3695 2009-06-18 20:18:38Z mosipov $ | |
35 | */ | |
36 | 0 | public class UtilsFile { |
37 | ||
38 | /** | |
39 | * Sanitizes a filename from certain chars.<br /> | |
40 | * | |
41 | * This method enforces the <code>forceSingleExtension</code> property and | |
42 | * then replaces all occurrences of \, /, |, :, ?, *, ", <, >, | |
43 | * control chars by _ (underscore). | |
44 | * | |
45 | * @param filename | |
46 | * a potentially 'malicious' filename | |
47 | * @return sanitized filename | |
48 | */ | |
49 | public static String sanitizeFileName(final String filename) { | |
50 | ||
51 | 3 | if (Utils.isEmpty(filename)) |
52 | 0 | return filename; |
53 | ||
54 | 3 | String name = (PropertiesLoader.isForceSingleExtension()) ? UtilsFile |
55 | .forceSingleExtension(filename) : filename; | |
56 | ||
57 | // Remove \ / | : ? * " < > 'Control Chars' with _ | |
58 | 3 | return name.replaceAll("\\\\|/|\\||:|\\?|\\*|\"|<|>|\\p{Cntrl}", "_"); |
59 | } | |
60 | ||
61 | /** | |
62 | * Sanitizes a folder name from certain chars.<br /> | |
63 | * | |
64 | * This method replaces all occurrences of \, /, |, :, ?, *, ", <, | |
65 | * >, control chars by _ (underscore). | |
66 | * | |
67 | * @param folderName | |
68 | * a potentially 'malicious' folder name | |
69 | * @return sanitized folder name | |
70 | */ | |
71 | public static String sanitizeFolderName(final String folderName) { | |
72 | ||
73 | 2 | if (Utils.isEmpty(folderName)) |
74 | 0 | return folderName; |
75 | ||
76 | // Remove . \ / | : ? * " < > 'Control Chars' with _ | |
77 | 2 | return folderName.replaceAll( |
78 | "\\.|\\\\|/|\\||:|\\?|\\*|\"|<|>|\\p{Cntrl}", "_"); | |
79 | } | |
80 | ||
81 | /** | |
82 | * Checks if the underlying input stream contains an image. | |
83 | * | |
84 | * @param in | |
85 | * input stream of an image | |
86 | * @return <code>true</code> if the underlying input stream contains an | |
87 | * image, else <code>false</code> | |
88 | */ | |
89 | public static boolean isImage(final InputStream in) { | |
90 | 0 | ImageInfo ii = new ImageInfo(); |
91 | 0 | ii.setInput(in); |
92 | 0 | return ii.check(); |
93 | } | |
94 | ||
95 | /** | |
96 | * Checks whether a path complies with the FCKeditor File Browser <a href="http://docs.fckeditor.net/FCKeditor_2.x/Developers_Guide/Server_Side_Integration#File_Browser_Requests" | |
97 | * target="_blank">rules</a>. | |
98 | * | |
99 | * @param path | |
100 | * a potentially 'malicious' path | |
101 | * @return <code>true</code> if path complies with the rules, else | |
102 | * <code>false</code> | |
103 | */ | |
104 | public static boolean isValidPath(final String path) { | |
105 | 12 | if (Utils.isEmpty(path)) |
106 | 1 | return false; |
107 | 11 | if (!path.startsWith("/")) |
108 | 1 | return false; |
109 | 10 | if (!path.endsWith("/")) |
110 | 3 | return false; |
111 | ||
112 | 7 | if (!path.equals(FilenameUtils.separatorsToUnix(FilenameUtils |
113 | .normalize(path)))) | |
114 | 5 | return false; |
115 | ||
116 | 2 | return true; |
117 | } | |
118 | ||
119 | /** | |
120 | * Replaces all dots in a filename with underscores except the last one. | |
121 | * | |
122 | * @param filename | |
123 | * filename to sanitize | |
124 | * @return string with a single dot only | |
125 | */ | |
126 | public static String forceSingleExtension(final String filename) { | |
127 | 7 | return filename.replaceAll("\\.(?![^.]+$)", "_"); |
128 | } | |
129 | ||
130 | /** | |
131 | * Checks if a filename contains more than one dot. | |
132 | * | |
133 | * @param filename | |
134 | * filename to check | |
135 | * @return <code>true</code> if filename contains severals dots, else | |
136 | * <code>false</code> | |
137 | */ | |
138 | public static boolean isSingleExtension(final String filename) { | |
139 | 5 | return filename.matches("[^\\.]+\\.[^\\.]+"); |
140 | } | |
141 | ||
142 | /** | |
143 | * Checks a directory for existence and creates it if non-existent. | |
144 | * | |
145 | * @param dir | |
146 | * directory to check/create | |
147 | */ | |
148 | public static void checkDirAndCreate(File dir) { | |
149 | 0 | if (!dir.exists()) |
150 | 0 | dir.mkdirs(); |
151 | 0 | } |
152 | ||
153 | /** | |
154 | * Iterates over a base name and returns the first non-existent file.<br /> | |
155 | * This method extracts a file's base name, iterates over it until the first | |
156 | * non-existent appearance with <code>basename(n).ext</code>. Where n is a | |
157 | * positive integer starting from one. | |
158 | * | |
159 | * @param file | |
160 | * base file | |
161 | * @return first non-existent file | |
162 | */ | |
163 | public static File getUniqueFile(final File file) { | |
164 | 0 | if (!file.exists()) |
165 | 0 | return file; |
166 | ||
167 | 0 | File tmpFile = new File(file.getAbsolutePath()); |
168 | 0 | File parentDir = tmpFile.getParentFile(); |
169 | 0 | int count = 1; |
170 | 0 | String extension = FilenameUtils.getExtension(tmpFile.getName()); |
171 | 0 | String baseName = FilenameUtils.getBaseName(tmpFile.getName()); |
172 | do { | |
173 | 0 | tmpFile = new File(parentDir, baseName + "(" + count++ + ")." |
174 | + extension); | |
175 | 0 | } while (tmpFile.exists()); |
176 | 0 | return tmpFile; |
177 | } | |
178 | } |