Mercurial > hgrepos > hgweb.cgi > s4
comparison s4-funcs.sh @ 511:f2dec8025291
Force restrict file type and file size
author | HIROSE Yuuji <yuuji@gentei.org> |
---|---|
date | Thu, 14 Mar 2019 15:38:08 +0900 |
parents | 2a70b6c7ffad |
children | 24a5010a131b |
comparison
equal
deleted
inserted
replaced
510:2a70b6c7ffad | 511:f2dec8025291 |
---|---|
27 thumbxy=96x96 | 27 thumbxy=96x96 |
28 iconxy_S=80x80 | 28 iconxy_S=80x80 |
29 iconxy_M=400x400 | 29 iconxy_M=400x400 |
30 maximagexy=1600x1600 | 30 maximagexy=1600x1600 |
31 ### maximagexy=400x400 | 31 ### maximagexy=400x400 |
32 filesize_max=$((5*1024*1024)) | |
32 file_accept='accept="image/*,text/*,audio/*,application/vnd.oasis.*,application/pdf,application/x-*"' | 33 file_accept='accept="image/*,text/*,audio/*,application/vnd.oasis.*,application/pdf,application/x-*"' |
34 file_accept_egrep='^(text/|image/|audio/|application/(vnd.oasis|pdf|[xz]-))' | |
35 file_warn=" | |
36 添付可能ファイル: 5MB以内のテキスト、画像、音声、動画、ODT、PDF、 | |
37 圧縮ファイル、データベースファイル | |
38 [編集]リンクから修正してください。" | |
33 blogreadflagrowid=0 | 39 blogreadflagrowid=0 |
34 blogcutoffflagrowid=-1 | 40 blogcutoffflagrowid=-1 |
35 querylog=$tmpdir/query.log | 41 querylog=$tmpdir/query.log |
36 searchlog=$tmpdir/search.log | 42 searchlog=$tmpdir/search.log |
37 | 43 |
1240 #v="`echo ${us#*=}|nkf -Ww -mQ|sed -e 's/\"/\"\"/g'`" | 1246 #v="`echo ${us#*=}|nkf -Ww -mQ|sed -e 's/\"/\"\"/g'`" |
1241 v="`echo ${us#*=}|unhexize|sed -e 's/\"/\"\"/g'`" | 1247 v="`echo ${us#*=}|unhexize|sed -e 's/\"/\"\"/g'`" |
1242 # err k=$k v=$v | 1248 # err k=$k v=$v |
1243 case "$k" in | 1249 case "$k" in |
1244 *:filename) | 1250 *:filename) |
1251 mimetype=`file --mime-type - < "$tmpd/$v"|cut -d' ' -f2` | |
1245 type='file'; k=${k%:filename} | 1252 type='file'; k=${k%:filename} |
1246 # DO NOT ALLOW Space and '|' in file names | 1253 # DO NOT ALLOW Space and '|' in file names |
1247 newv=`echo "$v"|sed 's/[ \|]/X/g'` | 1254 newv=`echo "$v"|sed 's/[ \|]/X/g'` |
1248 if [ x"$v" != x"$newv" ]; then | 1255 if [ x"$v" != x"$newv" ]; then |
1249 : | 1256 : |
1250 fi | 1257 fi |
1251 # (echo k=$k v="[$v]"; ls -lF "$tmpd/$v"; file --mime-type "$tmpd/$v") 1>&3 | 1258 # (echo k=$k v="[$v]"; ls -lF "$tmpd/$v"; file --mime-type "$tmpd/$v") 1>&3 |
1252 case `file --mime-type - < "$tmpd/$v"|cut -d' ' -f2` in | 1259 case "$mimetype" in |
1253 [Ii]mage/x-xcf) | 1260 [Ii]mage/x-xcf) |
1254 bzip2 "$tmpd/$v" | 1261 bzip2 "$tmpd/$v" |
1255 v=${v}.bz2 | 1262 v=${v}.bz2 |
1256 ;; | 1263 ;; |
1257 [Ii]mage/x-*|*/vnd.*) ;; | 1264 [Ii]mage/x-*|*/vnd.*) ;; |
1258 [Ii]mage/*) | 1265 [Ii]mage/*) |
1259 mogrify -resize $maximagexy'>' "$tmpd/$v" | 1266 mogrify -resize $maximagexy'>' "$tmpd/$v" |
1260 ;; | 1267 ;; |
1261 esac | 1268 esac |
1269 if ! echo "$mimetype" | egrep "$file_accept_egrep" >/dev/null 2>&1 | |
1270 then | |
1271 replpar text string " *添付できない形式です($v)* $file_warn" | |
1272 continue | |
1273 elif [ `wc -c < "$tmpd/$v"` -gt "$filesize_max" ]; then | |
1274 replpar text string \ | |
1275 " *添付ファイル($v)は${filesize_max}バイト以下にしてください* $file_warn" | |
1276 continue | |
1277 fi | |
1262 ;; | 1278 ;; |
1263 *) | 1279 *) |
1264 type='string' | 1280 type='string' |
1265 ;; | 1281 ;; |
1266 esac | 1282 esac |