1
|
<cfsetting enablecfoutputonly="Yes">
|
2
|
<!---
|
3
|
* FCKeditor - The text editor for Internet - http://www.fckeditor.net
|
4
|
* Copyright (C) 2003-2009 Frederico Caldeira Knabben
|
5
|
*
|
6
|
* == BEGIN LICENSE ==
|
7
|
*
|
8
|
* Licensed under the terms of any of the following licenses at your
|
9
|
* choice:
|
10
|
*
|
11
|
* - GNU General Public License Version 2 or later (the "GPL")
|
12
|
* http://www.gnu.org/licenses/gpl.html
|
13
|
*
|
14
|
* - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
|
15
|
* http://www.gnu.org/licenses/lgpl.html
|
16
|
*
|
17
|
* - Mozilla Public License Version 1.1 or later (the "MPL")
|
18
|
* http://www.mozilla.org/MPL/MPL-1.1.html
|
19
|
*
|
20
|
* == END LICENSE ==
|
21
|
*
|
22
|
* This file include generic functions used by the ColdFusion Connector (MX 6.0 and above).
|
23
|
--->
|
24
|
|
25
|
<cffunction name="RemoveFromStart" output="false" returntype="String">
|
26
|
<cfargument name="sourceString" type="String">
|
27
|
<cfargument name="charToRemove" type="String">
|
28
|
|
29
|
<cfif left(ARGUMENTS.sourceString, 1) eq ARGUMENTS.charToRemove>
|
30
|
<cfreturn mid( ARGUMENTS.sourceString, 2, len(ARGUMENTS.sourceString) -1 )>
|
31
|
</cfif>
|
32
|
|
33
|
<cfreturn ARGUMENTS.sourceString>
|
34
|
</cffunction>
|
35
|
|
36
|
<cffunction name="RemoveFromEnd" output="false" returntype="String">
|
37
|
<cfargument name="sourceString" type="String">
|
38
|
<cfargument name="charToRemove" type="String">
|
39
|
|
40
|
<cfif right(ARGUMENTS.sourceString, 1) eq ARGUMENTS.charToRemove>
|
41
|
<cfreturn mid( ARGUMENTS.sourceString, 1, len(ARGUMENTS.sourceString) -1 )>
|
42
|
</cfif>
|
43
|
|
44
|
<cfreturn ARGUMENTS.sourceString>
|
45
|
</cffunction>
|
46
|
|
47
|
<!---
|
48
|
Check file content.
|
49
|
Currently this function validates only image files.
|
50
|
Returns false if file is invalid.
|
51
|
detectionLevel:
|
52
|
0 = none
|
53
|
1 = check image size for images,
|
54
|
2 = use DetectHtml for images
|
55
|
---->
|
56
|
<cffunction name="IsImageValid" returntype="boolean" output="true">
|
57
|
<cfargument name="filePath" required="true" type="String">
|
58
|
<cfargument name="extension" required="true" type="String">
|
59
|
|
60
|
<cfset var imageCFC = "">
|
61
|
<cfset var imageInfo = "">
|
62
|
|
63
|
<cfif not ListFindNoCase("gif,jpeg,jpg,png,swf,psd,bmp,iff,tiff,tif,swc,jpc,jp2,jpx,jb2,xmb,wbmp", ARGUMENTS.extension)>
|
64
|
<cfreturn true>
|
65
|
</cfif>
|
66
|
|
67
|
<cftry>
|
68
|
<cfif REQUEST.CFVersion gte 8>
|
69
|
<cfset objImage = ImageRead(ARGUMENTS.filePath) >
|
70
|
<cfset imageInfo = ImageInfo(objImage)>
|
71
|
<!--- <cfimage action="info" source="#ARGUMENTS.filePath#" structName="imageInfo" /> --->
|
72
|
<cfelse>
|
73
|
<cfset imageCFC = createObject("component", "image")>
|
74
|
<cfset imageInfo = imageCFC.getImageInfo("", ARGUMENTS.filePath)>
|
75
|
</cfif>
|
76
|
|
77
|
<cfif imageInfo.height lte 0 or imageInfo.width lte 0>
|
78
|
<cfreturn false>
|
79
|
</cfif>
|
80
|
<cfcatch type="any">
|
81
|
<cfreturn false>
|
82
|
</cfcatch>
|
83
|
</cftry>
|
84
|
|
85
|
<cfreturn true>
|
86
|
</cffunction>
|
87
|
|
88
|
<!---
|
89
|
Detect HTML in the first KB to prevent against potential security issue with
|
90
|
IE/Safari/Opera file type auto detection bug.
|
91
|
Returns true if file contain insecure HTML code at the beginning.
|
92
|
--->
|
93
|
<cffunction name="DetectHtml" output="false" returntype="boolean">
|
94
|
<cfargument name="filePath" required="true" type="String">
|
95
|
|
96
|
<cfset var tags = "<body,<head,<html,<img,<pre,<script,<table,<title">
|
97
|
<cfset var chunk = lcase( Trim( BinaryFileRead( ARGUMENTS.filePath, 1024 ) ) )>
|
98
|
|
99
|
<cfif not Len(chunk)>
|
100
|
<cfreturn false>
|
101
|
</cfif>
|
102
|
|
103
|
<cfif refind('<!doctype\W*x?html', chunk)>
|
104
|
<cfreturn true>
|
105
|
</cfif>
|
106
|
|
107
|
<cfloop index = "tag" list = "#tags#">
|
108
|
<cfif find( tag, chunk )>
|
109
|
<cfreturn true>
|
110
|
</cfif>
|
111
|
</cfloop>
|
112
|
|
113
|
<!--- type = javascript --->
|
114
|
<cfif refind('type\s*=\s*[''"]?\s*(?:\w*/)?(?:ecma|java)', chunk)>
|
115
|
<cfreturn true>
|
116
|
</cfif> >
|
117
|
|
118
|
<!--- href = javascript --->
|
119
|
<!--- src = javascript --->
|
120
|
<!--- data = javascript --->
|
121
|
<cfif refind('(?:href|src|data)\s*=\s*[\''"]?\s*(?:ecma|java)script:', chunk)>
|
122
|
<cfreturn true>
|
123
|
</cfif>
|
124
|
|
125
|
<!--- url(javascript --->
|
126
|
<cfif refind('url\s*\(\s*[\''"]?\s*(?:ecma|java)script:', chunk)>
|
127
|
<cfreturn true>
|
128
|
</cfif>
|
129
|
|
130
|
<cfreturn false>
|
131
|
</cffunction>
|