Although the file that you uploaded appears to be an image, $settings->sitename has been unable to determine it's dimensions. The uploaded file has been discarded. Go back to try again.
You may wish to consider opening an issue against Pepperminty Wiki (the software that powers $settings->sitename) if this isn't the first time that you have seen this message.
")); } - break; } @@ -2839,7 +2840,10 @@ register_module([ $filepath = $env->storage_prefix . $pageindex->{$env->page}->uploadedfilepath; $mime_type = $pageindex->{$env->page}->uploadedfilemime; - if(isset($_GET["size"]) and $_GET["size"] == "original") + // If the size is set or original, then send (or redirect to) the original image + // Also do the same for SVGs if svg rendering is disabled. + if(isset($_GET["size"]) and $_GET["size"] == "original" or + (empty($settings->render_svg_previews) && $mime_type == "image/svg+xml")) { // Get the file size $filesize = filesize($filepath); @@ -2989,7 +2993,7 @@ register_module([ // We are looking at a page that is paired with an uploaded file $filepath = $pageindex->{$env->page}->uploadedfilepath; $mime_type = $pageindex->{$env->page}->uploadedfilemime; - $dimensions = getimagesize($env->storage_prefix . $filepath); + $dimensions = $mime_type !== "image/svg+xml" ? getimagesize($env->storage_prefix . $filepath) : getsvgsize($env->storage_prefix . $filepath); $fileTypeDisplay = substr($mime_type, 0, strpos($mime_type, "/")); $previewUrl = "?action=preview&size=$settings->default_preview_size&page=" . rawurlencode($env->page); @@ -3000,14 +3004,17 @@ register_module([ case "image": $preview_sizes = [ 256, 512, 768, 1024, 1440 ]; $preview_html .= "\t\t\t$settings->sitename detected that you uploaded an SVG image and performed some extra security checks on your file. Whilst performing these checks it was discovered that the file you uploaded contains some Javascript, which could be dangerous. The uploaded file has been discarded. Go back to try again.
+You may wish to consider opening an issue against Pepperminty Wiki (the software that powers $settings->sitename) if this isn't the first time that you have seen this message.
")); + } + + // Find and return the size of the SVG image + return getsvgsize($temp_filename); +} + +function getsvgsize($svgFilename) +{ + $svg = simplexml_load_file($svgFilename); // Load it as XML + if($svg === false) + { + http_response_code(415); + exit(page_renderer::render("Upload Error - $settings->sitename", "When $settings->sitename tried to open your SVG file for checking, it found some invalid syntax. The uploaded file has been discarded. Go back to try again.
")); + } + $rootAttrs = $svg->attributes(); + $imageSize = false; + if(isset($rootAttrs->width) and isset($rootAttrs->height)) + $imageSize = [ intval($rootAttrs->width), intval($rootAttrs->height) ]; + else if(isset($rootAttrs->viewBox)) + $imageSize = array_map("intval", array_slice(explode(" ", $rootAttrs->viewBox), -2, 2)); + + return $imageSize; +} + function errorimage($text, $target_size) { $width = 640; diff --git a/module_index.json b/module_index.json index 4c79bd7..971b98c 100644 --- a/module_index.json +++ b/module_index.json @@ -77,7 +77,7 @@ "author": "Starbeamrainbowlabs", "description": "Adds the ability to upload files to Pepperminty Wiki. Uploaded files act as pages and have the special 'File\/' prefix.", "id": "feature-upload", - "lastupdate": 1465038166, + "lastupdate": 1465043339, "optional": false }, { diff --git a/modules/feature-upload.php b/modules/feature-upload.php index 331708b..76a2f5d 100644 --- a/modules/feature-upload.php +++ b/modules/feature-upload.php @@ -87,7 +87,9 @@ register_module([ { case "image": $extra_data = []; - $imagesize = getimagesize($temp_filename, $extra_data); + // Check SVG uploads with a special function + $imagesize = $mime_type !== "image/svg+xml" ? getimagesize($temp_filename, $extra_data) : upload_check_svg($temp_filename); + // Make sure that the image size is defined if(!is_int($imagesize[0]) or !is_int($imagesize[1])) { @@ -95,7 +97,6 @@ register_module([ exit(page_renderer::render("Upload Error - $settings->sitename", "Although the file that you uploaded appears to be an image, $settings->sitename has been unable to determine it's dimensions. The uploaded file has been discarded. Go back to try again.
You may wish to consider opening an issue against Pepperminty Wiki (the software that powers $settings->sitename) if this isn't the first time that you have seen this message.
")); } - break; } @@ -193,7 +194,10 @@ register_module([ $filepath = $env->storage_prefix . $pageindex->{$env->page}->uploadedfilepath; $mime_type = $pageindex->{$env->page}->uploadedfilemime; - if(isset($_GET["size"]) and $_GET["size"] == "original") + // If the size is set or original, then send (or redirect to) the original image + // Also do the same for SVGs if svg rendering is disabled. + if(isset($_GET["size"]) and $_GET["size"] == "original" or + (empty($settings->render_svg_previews) && $mime_type == "image/svg+xml")) { // Get the file size $filesize = filesize($filepath); @@ -343,7 +347,7 @@ register_module([ // We are looking at a page that is paired with an uploaded file $filepath = $pageindex->{$env->page}->uploadedfilepath; $mime_type = $pageindex->{$env->page}->uploadedfilemime; - $dimensions = getimagesize($env->storage_prefix . $filepath); + $dimensions = $mime_type !== "image/svg+xml" ? getimagesize($env->storage_prefix . $filepath) : getsvgsize($env->storage_prefix . $filepath); $fileTypeDisplay = substr($mime_type, 0, strpos($mime_type, "/")); $previewUrl = "?action=preview&size=$settings->default_preview_size&page=" . rawurlencode($env->page); @@ -354,14 +358,17 @@ register_module([ case "image": $preview_sizes = [ 256, 512, 768, 1024, 1440 ]; $preview_html .= "\t\t\t$settings->sitename detected that you uploaded an SVG image and performed some extra security checks on your file. Whilst performing these checks it was discovered that the file you uploaded contains some Javascript, which could be dangerous. The uploaded file has been discarded. Go back to try again.
+You may wish to consider opening an issue against Pepperminty Wiki (the software that powers $settings->sitename) if this isn't the first time that you have seen this message.
")); + } + + // Find and return the size of the SVG image + return getsvgsize($temp_filename); +} + +function getsvgsize($svgFilename) +{ + $svg = simplexml_load_file($svgFilename); // Load it as XML + if($svg === false) + { + http_response_code(415); + exit(page_renderer::render("Upload Error - $settings->sitename", "When $settings->sitename tried to open your SVG file for checking, it found some invalid syntax. The uploaded file has been discarded. Go back to try again.
")); + } + $rootAttrs = $svg->attributes(); + $imageSize = false; + if(isset($rootAttrs->width) and isset($rootAttrs->height)) + $imageSize = [ intval($rootAttrs->width), intval($rootAttrs->height) ]; + else if(isset($rootAttrs->viewBox)) + $imageSize = array_map("intval", array_slice(explode(" ", $rootAttrs->viewBox), -2, 2)); + + return $imageSize; +} + function errorimage($text, $target_size) { $width = 640;