File/program/lib/filelib.php

Description

/program/lib/filelib.php - utilities for manipulating files

Functions
file_available (line 168)

check availability of requested file for the current user

This checks the $filename for permissions and existence. Returns FALSE if the current user is not allowed to see the file or if the file does not exist. We remember failures in the logger.

  • return: FALSE if access denied, rewritten path if access granted etc.
bool|string file_available (string $filename)
  • string $filename: is the requested file
get_mediatype (line 148)

extract the mediatype and -subtype from a full mimetype

this extracts the mediatype and -subtype from a full mimetype, i.e. 'text/plain' from 'text/plain; charset=US-ASCII' (see also get_mimetype() and RFC2616). If $mimetype doesn't look like a mimetype, we return FALSE.

bool|string get_mediatype (string $mimetype)
  • string $mimetype: the full mimetype to examine, possibly with parameters
get_mimetype (line 82)

determine the mimetype of a file

Try to discover the mimetype of a file. First we see if getimagesize() yields results; if so we're done (0). Very efficient if there are many image files and not so many other files.

If not an image we try finfo-method (1), mime_content_type()-method (2) and finally the shell-to-file(1)-method (3) to determine the mime type.

Note that in step 3 we shell out and try to execute the file(1) command. The results are checked against a pattern to assert that we are really dealing with a mime type. The pattern is described in RFC2616 (see sections 3.7 and 2.2) (see also get_mediatype().:

     media-type     = type "/" subtype *( ";" parameter )
     type           = token
     subtype        = token
     token          = 1*<any CHAR except CTLs or separators>
     separators     = "(" | ")" | "<" | ">" | "@"
                    | "," | ";" | ":" | "\" | <">
                    | "/" | "[" | "]" | "?" | "="
                    | "{" | "}" | SP | HT
     CHAR           = <any US-ASCII character (octets 0 - 127)>
     CTL            = <any US-ASCII control character
                      (octets 0 - 31) and DEL (127)>
     SP             = <US-ASCII SP, space (32)>
     HT             = <US-ASCII HT, horizontal-tab (9)>
     <">            = <US-ASCII double-quote mark (34)>

This description means we should look for two tokens containing letters a-z or A-Z, digits 0-9 and these special characters: ! # $ % & ' * + - . ^ _ ` | or ~. That's it.

Note that some methods may return a mime type with additional parameters. e.g. 'text/plain; charset=US-ASCII'. This fits the pattern, because it starts with a token, a slash and another token.

The optional parameter $name is used to perform special handling of the text/css type: some methods (notably old versions of file(1)) return 'text/plain' instead of 'text/css'. Workaround: if we see a mimetype starting with 'text/' AND the extension is .css we assume text/css.

Note that we trust the user at least partially($name eventually originales in the $_FILES[] array). The path to the actual file to check is in $path. If $name is not specified, we extract the extension from $path (as in the case of send_file_from_datadir().

string get_mimetype (string $path, [string $name = ''])
  • string $path: fully qualified path to the file to test
  • string $name: name of the file, possibly different from $path
mime_ext_by_typ (line 279)

lookup extension in table, using mimetype as key

return the first extension associated with mimetype $typ

  • return: FALSE on error/not found, extension otherwise
  • uses: $MIME_TYP_EXT
bool|string mime_ext_by_typ (string $typ)
  • string $typ: mime type
mime_typ_by_ext (line 298)

lookup mimetype in table, using extension as key

return the first mimetype associated with filename extension $ext

  • return: FALSE on error/not found, mimetype otherwise
  • uses: $MIME_EXT_TYP
bool|string mime_typ_by_ext (string $ext)
  • string $ext: filename extension
mime_typ_ext_match (line 256)

verify the combination of filename extension and mimetype

this looks up the mimetypes associated with filename extension $ext in the global table $MIME_EXT_TYP. If any of those mimetypes matches the requested mimetype we confirm that ext and typ match.

Note 1: There is another table: $MIME_TYP_EXT that works the other way around. We could have used either table; I choose the former.

Note 2: The two tables are generated with a development tool (see /devel/tools) . This tool reads the existing table in this file filelib.php and optionally a newer version of the Apache mime.types file creating updated tables.

  • return: TRUE if both parameters match, FALSE otherwise
  • uses: $MIME_EXT_TYP
bool mime_typ_ext_match (string $typ, string $ext)
  • string $typ: mimetype
  • string $ext: filename extension

Documentation generated on Tue, 28 Jun 2016 19:09:21 +0200 by phpDocumentor 1.4.0