archive/phabricator
1
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity
Files
dfa2e29a012f5e9c9aad8266fc6b27c9578606c2
phabricator/src/applications/files/storage/file/PhabricatorFile.php

325 lines
8.9 KiB
PHP
Raw Normal View History

Phabricator file upload application.
2011-01-22 18:33:00 -08:00
<?php
/*
* Copyright 2011 Facebook, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
class PhabricatorFile extends PhabricatorFileDAO {
const STORAGE_FORMAT_RAW = 'raw';
protected $phid;
protected $name;
protected $mimeType;
protected $byteSize;
Drag-drop file upload. Summary: - have files be uploaded by drag+drop instead of browse. - Files are named by their uploaded filename, the user isn't given a chance to enter a file name. Is this bad? - Store author PHID now with files - Allow an ?author=<username> to limit the /files/ list by author. - If one file is uploaded, the user is taken to its info page. - If several are uploaded, they are taken to a list of their files. Test Plan: - Quickly tested everything and it still worked, I'd recommend some people try this out before it gets committed though. It's a rather huge revision. Reviewers: epriestley, Ttech CC: Differential Revision: 612
2011-07-08 00:17:00 -04:00
protected $authorPHID;
Phabricator file upload application.
2011-01-22 18:33:00 -08:00
protected $storageEngine;
protected $storageFormat;
protected $storageHandle;
public function getConfiguration() {
return array(
self::CONFIG_AUX_PHID => true,
) + parent::getConfiguration();
}
public function generatePHID() {
Change hard-coded PHID types to constants. Summary: add a constants module src/applications/phid/constants/PhabricatorPHIDConstants. Test Plan: Execute applications which were using the hard-coded string. Differential Revision: 44 Reviewed By: epriestley Reviewers: epriestley CC: epriestley
2011-03-02 18:58:21 -08:00
return PhabricatorPHID::generateNewPHID(
PhabricatorPHIDConstants::PHID_TYPE_FILE);
Phabricator file upload application.
2011-01-22 18:33:00 -08:00
}
public static function newFromPHPUpload($spec, array $params = array()) {
if (!$spec) {
throw new Exception("No file was uploaded!");
}
$err = idx($spec, 'error');
if ($err) {
Improve error messages when hitting PHP file upload issues Summary: See T429. When you hit certain errors, you get less-than-helpful messages like "upload error 3". Instead, produce human-readable errors. Test Plan: Simulated errors, verified user receives decent error messages. Reviewed By: aran Reviewers: jungejason, tuomaspelkonen, aran, startupguy CC: aran Differential Revision: 816
2011-08-16 12:37:50 -07:00
throw new PhabricatorFileUploadException($err);
Phabricator file upload application.
2011-01-22 18:33:00 -08:00
}
$tmp_name = idx($spec, 'tmp_name');
$is_valid = @is_uploaded_file($tmp_name);
if (!$is_valid) {
throw new Exception("File is not an uploaded file.");
}
$file_data = Filesystem::readFile($tmp_name);
$file_size = idx($spec, 'size');
if (strlen($file_data) != $file_size) {
throw new Exception("File size disagrees with uploaded size.");
}
$file_name = nonempty(
idx($params, 'name'),
idx($spec, 'name'));
$params = array(
'name' => $file_name,
) + $params;
return self::newFromFileData($file_data, $params);
}
public static function newFromFileData($data, array $params = array()) {
Allow Phabricator storage engines to be extended and configured Summary: See T344. Currently, there's a hard-coded 12MB filesize limit and some awkward interactions with MySQL's max_allowed_packet. Make this system generally more robust: - Move the upload limit to configuration. - Add setup steps which reconcile max_allowed_packet vs MySQL file storage limits. - Add a layer of indirection between uploading files and storage engines. - Allow the definition of new storage engines. - Define a local disk storage engine. - Add a "storage engine selector" class which manages choosing which storage engines to put files in. - Document storage engines. - Document file storage classes. Test Plan: Setup mode: - Disabled MySQL storage engine, misconfigured it, configured it correctly. - Disabled file storage engine, set it to something invalid, set it to something valid. - Verified max_allowed_packet is read correctly. Application mode: - Configured local file storage. - Uploaded large and small files. - Verified larger files were written to local storage. - Verified smaller files were written to MySQL blob storage. Documentation: - Read documentation. Reviewed By: jungejason Reviewers: jungejason, tuomaspelkonen, aran CC: aran, epriestley, jungejason Differential Revision: 695
2011-07-19 22:48:38 -07:00
$selector_class = PhabricatorEnv::getEnvConfig('storage.engine-selector');
$selector = newv($selector_class, array());
$engines = $selector->selectStorageEngines($data, $params);
if (!$engines) {
throw new Exception("No valid storage engines are available!");
}
$data_handle = null;
$engine_identifier = null;
foreach ($engines as $engine) {
try {
// Perform the actual write.
$data_handle = $engine->writeFile($data, $params);
if (!$data_handle || strlen($data_handle) > 255) {
// This indicates an improperly implemented storage engine.
throw new Exception(
"Storage engine '{$engine}' executed writeFile() but did not ".
"return a valid handle ('{$data_handle}') to the data: it must ".
"be nonempty and no longer than 255 characters.");
}
$engine_identifier = $engine->getEngineIdentifier();
if (!$engine_identifier || strlen($engine_identifier) > 32) {
throw new Exception(
"Storage engine '{$engine}' returned an improper engine ".
"identifier '{$engine_identifier}': it must be nonempty ".
"and no longer than 32 characters.");
}
// We stored the file somewhere so stop trying to write it to other
// places.
break;
} catch (Exception $ex) {
// If an engine doesn't work, keep trying all the other valid engines
// in case something else works.
phlog($ex);
}
}
if (!$data_handle) {
throw new Exception("All storage engines failed to write file!");
Phabricator file upload application.
2011-01-22 18:33:00 -08:00
}
$file_name = idx($params, 'name');
$file_name = self::normalizeFileName($file_name);
Drag-drop file upload. Summary: - have files be uploaded by drag+drop instead of browse. - Files are named by their uploaded filename, the user isn't given a chance to enter a file name. Is this bad? - Store author PHID now with files - Allow an ?author=<username> to limit the /files/ list by author. - If one file is uploaded, the user is taken to its info page. - If several are uploaded, they are taken to a list of their files. Test Plan: - Quickly tested everything and it still worked, I'd recommend some people try this out before it gets committed though. It's a rather huge revision. Reviewers: epriestley, Ttech CC: Differential Revision: 612
2011-07-08 00:17:00 -04:00
// If for whatever reason, authorPHID isn't passed as a param
// (always the case with newFromFileDownload()), store a ''
$authorPHID = idx($params, 'authorPHID');
Phabricator file upload application.
2011-01-22 18:33:00 -08:00
$file = new PhabricatorFile();
$file->setName($file_name);
$file->setByteSize(strlen($data));
Drag-drop file upload. Summary: - have files be uploaded by drag+drop instead of browse. - Files are named by their uploaded filename, the user isn't given a chance to enter a file name. Is this bad? - Store author PHID now with files - Allow an ?author=<username> to limit the /files/ list by author. - If one file is uploaded, the user is taken to its info page. - If several are uploaded, they are taken to a list of their files. Test Plan: - Quickly tested everything and it still worked, I'd recommend some people try this out before it gets committed though. It's a rather huge revision. Reviewers: epriestley, Ttech CC: Differential Revision: 612
2011-07-08 00:17:00 -04:00
$file->setAuthorPHID($authorPHID);
Phabricator file upload application.
2011-01-22 18:33:00 -08:00
Allow Phabricator storage engines to be extended and configured Summary: See T344. Currently, there's a hard-coded 12MB filesize limit and some awkward interactions with MySQL's max_allowed_packet. Make this system generally more robust: - Move the upload limit to configuration. - Add setup steps which reconcile max_allowed_packet vs MySQL file storage limits. - Add a layer of indirection between uploading files and storage engines. - Allow the definition of new storage engines. - Define a local disk storage engine. - Add a "storage engine selector" class which manages choosing which storage engines to put files in. - Document storage engines. - Document file storage classes. Test Plan: Setup mode: - Disabled MySQL storage engine, misconfigured it, configured it correctly. - Disabled file storage engine, set it to something invalid, set it to something valid. - Verified max_allowed_packet is read correctly. Application mode: - Configured local file storage. - Uploaded large and small files. - Verified larger files were written to local storage. - Verified smaller files were written to MySQL blob storage. Documentation: - Read documentation. Reviewed By: jungejason Reviewers: jungejason, tuomaspelkonen, aran CC: aran, epriestley, jungejason Differential Revision: 695
2011-07-19 22:48:38 -07:00
$file->setStorageEngine($engine_identifier);
$file->setStorageHandle($data_handle);
Phabricator file upload application.
2011-01-22 18:33:00 -08:00
Allow Phabricator storage engines to be extended and configured Summary: See T344. Currently, there's a hard-coded 12MB filesize limit and some awkward interactions with MySQL's max_allowed_packet. Make this system generally more robust: - Move the upload limit to configuration. - Add setup steps which reconcile max_allowed_packet vs MySQL file storage limits. - Add a layer of indirection between uploading files and storage engines. - Allow the definition of new storage engines. - Define a local disk storage engine. - Add a "storage engine selector" class which manages choosing which storage engines to put files in. - Document storage engines. - Document file storage classes. Test Plan: Setup mode: - Disabled MySQL storage engine, misconfigured it, configured it correctly. - Disabled file storage engine, set it to something invalid, set it to something valid. - Verified max_allowed_packet is read correctly. Application mode: - Configured local file storage. - Uploaded large and small files. - Verified larger files were written to local storage. - Verified smaller files were written to MySQL blob storage. Documentation: - Read documentation. Reviewed By: jungejason Reviewers: jungejason, tuomaspelkonen, aran CC: aran, epriestley, jungejason Differential Revision: 695
2011-07-19 22:48:38 -07:00
// TODO: This is probably YAGNI, but allows for us to do encryption or
// compression later if we want.
Phabricator file upload application.
2011-01-22 18:33:00 -08:00
$file->setStorageFormat(self::STORAGE_FORMAT_RAW);
Very rough cut of DarkConsole + XHProf
2011-02-02 13:48:52 -08:00
if (isset($params['mime-type'])) {
$file->setMimeType($params['mime-type']);
} else {
try {
$tmp = new TempFile();
Filesystem::writeFile($tmp, $data);
list($stdout) = execx('file -b --mime %s', $tmp);
$file->setMimeType($stdout);
} catch (Exception $ex) {
// Be robust here since we don't really care that much about mime types.
}
Phabricator file upload application.
2011-01-22 18:33:00 -08:00
}
$file->save();
return $file;
}
Image macros for Phabricator! Summary: Added long waited image macro support for differential and others. Test Plan: Tried a couple of different macros and made sure they appear nicely in the comment preview. Made sure that the normal comments are shown correctly. Reviewed By: epriestley Reviewers: epriestley CC: jungejason, tuomaspelkonen, epriestley Differential Revision: 129
2011-04-13 15:15:48 -07:00
public static function newFromFileDownload($uri, $name) {
$uri = new PhutilURI($uri);
Restore image proxying to Remarkup Summary: Previously, Remarkup allowed you to paste in an image URI and get an inline image. However, it did this by hotlinking the image which isn't so hot in an open source product. Restore this feature, but use image proxying instead. The existing image macro code does most of the work. There is a mild security risk depending on the network setup so I've left this default-disabled and made a note about it. It should be safe to enable for Facebook. Test Plan: Pasted in image and non-image links, got reasonable behavior. Verified proxying appears to work. Verified that file:// shenanigans produce 400. Reviewed By: tuomaspelkonen Reviewers: aran, jungejason, tuomaspelkonen Commenters: cpiro CC: aran, cpiro, tuomaspelkonen Differential Revision: 214
2011-05-02 14:20:24 -07:00
$protocol = $uri->getProtocol();
switch ($protocol) {
case 'http':
case 'https':
break;
default:
// Make sure we are not accessing any file:// URIs or similar.
return null;
}
Image macros for Phabricator! Summary: Added long waited image macro support for differential and others. Test Plan: Tried a couple of different macros and made sure they appear nicely in the comment preview. Made sure that the normal comments are shown correctly. Reviewed By: epriestley Reviewers: epriestley CC: jungejason, tuomaspelkonen, epriestley Differential Revision: 129
2011-04-13 15:15:48 -07:00
$timeout = stream_context_create(
array(
'http' => array(
'timeout' => 5,
),
));
$file_data = @file_get_contents($uri, false, $timeout);
if ($file_data === false) {
return null;
}
return self::newFromFileData($file_data, array('name' => $name));
}
Phabricator file upload application.
2011-01-22 18:33:00 -08:00
public static function normalizeFileName($file_name) {
return preg_replace('/[^a-zA-Z0-9.~_-]/', '_', $file_name);
}
public function delete() {
Allow Phabricator storage engines to be extended and configured Summary: See T344. Currently, there's a hard-coded 12MB filesize limit and some awkward interactions with MySQL's max_allowed_packet. Make this system generally more robust: - Move the upload limit to configuration. - Add setup steps which reconcile max_allowed_packet vs MySQL file storage limits. - Add a layer of indirection between uploading files and storage engines. - Allow the definition of new storage engines. - Define a local disk storage engine. - Add a "storage engine selector" class which manages choosing which storage engines to put files in. - Document storage engines. - Document file storage classes. Test Plan: Setup mode: - Disabled MySQL storage engine, misconfigured it, configured it correctly. - Disabled file storage engine, set it to something invalid, set it to something valid. - Verified max_allowed_packet is read correctly. Application mode: - Configured local file storage. - Uploaded large and small files. - Verified larger files were written to local storage. - Verified smaller files were written to MySQL blob storage. Documentation: - Read documentation. Reviewed By: jungejason Reviewers: jungejason, tuomaspelkonen, aran CC: aran, epriestley, jungejason Differential Revision: 695
2011-07-19 22:48:38 -07:00
$engine = $this->instantiateStorageEngine();
$ret = parent::delete();
$engine->deleteFile($this->getStorageHandle());
Phabricator file upload application.
2011-01-22 18:33:00 -08:00
return $ret;
}
public function loadFileData() {
Allow Phabricator storage engines to be extended and configured Summary: See T344. Currently, there's a hard-coded 12MB filesize limit and some awkward interactions with MySQL's max_allowed_packet. Make this system generally more robust: - Move the upload limit to configuration. - Add setup steps which reconcile max_allowed_packet vs MySQL file storage limits. - Add a layer of indirection between uploading files and storage engines. - Allow the definition of new storage engines. - Define a local disk storage engine. - Add a "storage engine selector" class which manages choosing which storage engines to put files in. - Document storage engines. - Document file storage classes. Test Plan: Setup mode: - Disabled MySQL storage engine, misconfigured it, configured it correctly. - Disabled file storage engine, set it to something invalid, set it to something valid. - Verified max_allowed_packet is read correctly. Application mode: - Configured local file storage. - Uploaded large and small files. - Verified larger files were written to local storage. - Verified smaller files were written to MySQL blob storage. Documentation: - Read documentation. Reviewed By: jungejason Reviewers: jungejason, tuomaspelkonen, aran CC: aran, epriestley, jungejason Differential Revision: 695
2011-07-19 22:48:38 -07:00
$engine = $this->instantiateStorageEngine();
$data = $engine->readFile($this->getStorageHandle());
Phabricator file upload application.
2011-01-22 18:33:00 -08:00
switch ($this->getStorageFormat()) {
case self::STORAGE_FORMAT_RAW:
$data = $data;
break;
default:
throw new Exception("Unknown storage format.");
}
return $data;
}
PhabricatorObjectHandles
2011-01-26 09:02:09 -08:00
public function getViewURI() {
Provide a setting which forces all file views to be served from an alternate domain Summary: See D758, D759. - Provide a strongly recommended setting which permits configuration of an alternate domain. - Lock cookies down better: set them on the exact domain, and use SSL-only if the configuration is HTTPS. - Prevent Phabriator from setting cookies on other domains. This assumes D759 will land, it is not effective without that change. Test Plan: - Attempted to login from a different domain and was rejected. - Logged out, logged back in normally. - Put install in setup mode and verified it revealed a warning. - Configured an alterate domain. - Tried to view an image with an old URI, got a 400. - Went to /files/ and verified links rendered to the alternate domain. - Viewed an alternate domain file. - Tried to view an alternate domain file without the secret key, got a 404. Reviewers: andrewjcg, erling, aran, tuomaspelkonen, jungejason, codeblock CC: aran Differential Revision: 760
2011-08-01 22:24:00 -07:00
$alt = PhabricatorEnv::getEnvConfig('security.alternate-file-domain');
if ($alt) {
$path = '/file/alt/'.$this->generateSecretKey().'/'.$this->getPHID().'/';
$uri = new PhutilURI($alt);
$uri->setPath($path);
return (string)$uri;
} else {
return '/file/view/'.$this->getPHID().'/';
}
PhabricatorObjectHandles
2011-01-26 09:02:09 -08:00
}
Lint slop and some cleanup. Summary: Test Plan: Reviewers: CC:
2011-02-22 09:22:57 -08:00
Add a 'file.info' Conduit method Summary: Need this for 'arc upload' and 'arc download'. Given a file PHID or ID, provides information about it. Test Plan: - Implemented 'arc upload' and 'arc download' based on 'file.info'. - Used Conduit API console to test method. Reviewed By: codeblock Reviewers: codeblock, jungejason, tuomaspelkonen, aran CC: aran, codeblock, epriestley Differential Revision: 741
2011-07-29 10:00:16 -07:00
public function getInfoURI() {
return '/file/info/'.$this->getPHID().'/';
}
public function getBestURI() {
if ($this->isViewableInBrowser()) {
return $this->getViewURI();
} else {
return $this->getInfoURI();
}
}
Improve drag-and-drop uploader Summary: Make it discoverable, show uploading progress, show file thumbnails, allow you to remove files, make it a generic form component. Test Plan: Uploaded ducks Reviewed By: tomo Reviewers: aran, tomo, jungejason, tuomaspelkonen CC: anjali, aran, epriestley, tomo Differential Revision: 334
2011-05-22 16:11:41 -07:00
public function getThumb60x45URI() {
return '/file/xform/thumb-60x45/'.$this->getPHID().'/';
}
Improve file preview in Maniphest Summary: Show large thumbnails of attached files in Maniphest. Test Plan: Looked at large thumbnails in Maniphest. Reviewed By: jungejason Reviewers: tomo, aran, jungejason, tuomaspelkonen CC: anjali, aran, epriestley, jungejason Differential Revision: 335
2011-05-22 17:06:42 -07:00
public function getThumb160x120URI() {
return '/file/xform/thumb-160x120/'.$this->getPHID().'/';
}
Security: tighten up the File tool against clowning around. Summary: Test Plan: Reviewers: CC:
2011-02-22 09:19:14 -08:00
public function isViewableInBrowser() {
return ($this->getViewableMimeType() !== null);
}
Lint slop and some cleanup. Summary: Test Plan: Reviewers: CC:
2011-02-22 09:22:57 -08:00
Basic image thumbnailing Summary: This is still very rough but provides basic support for generating image thumbnails. I need to separate stuff out a bit but I'm going to integrate into Maniphest before I hit the profile stuff so this seems like a reasonable starting point. Test Plan: Generated some image thumbnails in various sizes. Reviewed By: aran Reviewers: jungejason, tuomaspelkonen, aran CC: aran Differential Revision: 333
2011-05-22 14:40:51 -07:00
public function isTransformableImage() {
Support thumbnailing non-image files and straighten out setup for 'gd' Summary: Make 'gd' an explicit optional dependency, test for it in setup, and make the software behave correctly if it is not available. When generating file thumnails, provide reasonable defaults and behavior for non-image files. Test Plan: Uploaded text files, pdf files, etc., and got real thumbnails instead of a broken image. Simulated setup and gd failures and walked through setup process and image fallback for thumbnails. Reviewed By: aran Reviewers: toulouse, jungejason, tuomaspelkonen, aran CC: aran, epriestley Differential Revision: 446
2011-06-13 08:43:42 -07:00
// NOTE: The way the 'gd' extension works in PHP is that you can install it
// with support for only some file types, so it might be able to handle
// PNG but not JPEG. Try to generate thumbnails for whatever we can. Setup
// warns you if you don't have complete support.
$matches = null;
$ok = preg_match(
'@^image/(gif|png|jpe?g)@',
$this->getViewableMimeType(),
$matches);
if (!$ok) {
return false;
}
switch ($matches[1]) {
case 'jpg';
case 'jpeg':
return function_exists('imagejpeg');
break;
case 'png':
return function_exists('imagepng');
break;
case 'gif':
return function_exists('imagegif');
break;
default:
throw new Exception('Unknown type matched as image MIME type.');
}
Basic image thumbnailing Summary: This is still very rough but provides basic support for generating image thumbnails. I need to separate stuff out a bit but I'm going to integrate into Maniphest before I hit the profile stuff so this seems like a reasonable starting point. Test Plan: Generated some image thumbnails in various sizes. Reviewed By: aran Reviewers: jungejason, tuomaspelkonen, aran CC: aran Differential Revision: 333
2011-05-22 14:40:51 -07:00
}
Allow Phabricator storage engines to be extended and configured Summary: See T344. Currently, there's a hard-coded 12MB filesize limit and some awkward interactions with MySQL's max_allowed_packet. Make this system generally more robust: - Move the upload limit to configuration. - Add setup steps which reconcile max_allowed_packet vs MySQL file storage limits. - Add a layer of indirection between uploading files and storage engines. - Allow the definition of new storage engines. - Define a local disk storage engine. - Add a "storage engine selector" class which manages choosing which storage engines to put files in. - Document storage engines. - Document file storage classes. Test Plan: Setup mode: - Disabled MySQL storage engine, misconfigured it, configured it correctly. - Disabled file storage engine, set it to something invalid, set it to something valid. - Verified max_allowed_packet is read correctly. Application mode: - Configured local file storage. - Uploaded large and small files. - Verified larger files were written to local storage. - Verified smaller files were written to MySQL blob storage. Documentation: - Read documentation. Reviewed By: jungejason Reviewers: jungejason, tuomaspelkonen, aran CC: aran, epriestley, jungejason Differential Revision: 695
2011-07-19 22:48:38 -07:00
protected function instantiateStorageEngine() {
$engines = id(new PhutilSymbolLoader())
->setType('class')
->setAncestorClass('PhabricatorFileStorageEngine')
->selectAndLoadSymbols();
foreach ($engines as $engine_class) {
$engine = newv($engine_class['name'], array());
if ($engine->getEngineIdentifier() == $this->getStorageEngine()) {
return $engine;
}
}
throw new Exception("File's storage engine could be located!");
}
Security: tighten up the File tool against clowning around. Summary: Test Plan: Reviewers: CC:
2011-02-22 09:19:14 -08:00
public function getViewableMimeType() {
$mime_map = PhabricatorEnv::getEnvConfig('files.viewable-mime-types');
$mime_type = $this->getMimeType();
$mime_parts = explode(';', $mime_type);
Further OAuth modularization.
2011-02-28 10:15:42 -08:00
$mime_type = trim(reset($mime_parts));
Lint slop and some cleanup. Summary: Test Plan: Reviewers: CC:
2011-02-22 09:22:57 -08:00
Security: tighten up the File tool against clowning around. Summary: Test Plan: Reviewers: CC:
2011-02-22 09:19:14 -08:00
return idx($mime_map, $mime_type);
}
PhabricatorObjectHandles
2011-01-26 09:02:09 -08:00
Provide a setting which forces all file views to be served from an alternate domain Summary: See D758, D759. - Provide a strongly recommended setting which permits configuration of an alternate domain. - Lock cookies down better: set them on the exact domain, and use SSL-only if the configuration is HTTPS. - Prevent Phabriator from setting cookies on other domains. This assumes D759 will land, it is not effective without that change. Test Plan: - Attempted to login from a different domain and was rejected. - Logged out, logged back in normally. - Put install in setup mode and verified it revealed a warning. - Configured an alterate domain. - Tried to view an image with an old URI, got a 400. - Went to /files/ and verified links rendered to the alternate domain. - Viewed an alternate domain file. - Tried to view an alternate domain file without the secret key, got a 404. Reviewers: andrewjcg, erling, aran, tuomaspelkonen, jungejason, codeblock CC: aran Differential Revision: 760
2011-08-01 22:24:00 -07:00
public function validateSecretKey($key) {
return ($key == $this->generateSecretKey());
}
private function generateSecretKey() {
$file_key = PhabricatorEnv::getEnvConfig('phabricator.file-key');
$hash = sha1($this->phid.$this->storageHandle.$file_key);
return substr($hash, 0, 20);
}
Phabricator file upload application.
2011-01-22 18:33:00 -08:00
}
Reference in New Issue Copy Permalink