Index: includes/bootstrap.inc
===================================================================
RCS file: /cvs/drupal/drupal/includes/bootstrap.inc,v
retrieving revision 1.271
diff -u -9 -p -r1.271 bootstrap.inc
--- includes/bootstrap.inc 1 Mar 2009 09:32:17 -0000 1.271
+++ includes/bootstrap.inc 17 Mar 2009 20:57:07 -0000
@@ -521,18 +521,22 @@ function conf_init() {
}
$cookie_domain = explode(':', $cookie_domain);
$cookie_domain = '.' . $cookie_domain[0];
// Per RFC 2109, cookie domains must contain at least one dot other than the
// first. For hosts such as 'localhost' or IP Addresses we don't set a cookie domain.
if (count(explode('.', $cookie_domain)) > 2 && !is_numeric(str_replace('.', '', $cookie_domain))) {
ini_set('session.cookie_domain', $cookie_domain);
}
session_name('SESS' . md5($session_name));
+ if (preg_match("/^simpletest\d+$/", $_SERVER['HTTP_USER_AGENT'])) {
+ require_once DRUPAL_ROOT . '/includes/dummy_stream_wrapper.inc';
+ stream_wrapper_register('simpletest', 'DummyStreamWrapper');
+ }
}
/**
* Returns and optionally sets the filename for a system item (module,
* theme, etc.). The filename, whether provided, cached, or retrieved
* from the database, is only returned if the file exists.
*
* This function plays a key role in allowing Drupal's resources (modules
* and themes) to be located in different places depending on a site's
Index: includes/dummy_stream_wrapper.inc
===================================================================
RCS file: includes/dummy_stream_wrapper.inc
diff -N includes/dummy_stream_wrapper.inc
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ includes/dummy_stream_wrapper.inc 17 Mar 2009 20:57:07 -0000
@@ -0,0 +1,287 @@
+fileHandle = fopen($nestedPath, $mode);
+ }
+ else {
+ $this->fileHandle = @fopen($nestedPath, $mode);
+ }
+ return (bool)$this->fileHandle;
+ }
+
+ /**
+ * Support for fread(), file_get_contents() etc.
+ *
+ * @param $count
+ * Maximum number of bytes to be read.
+ * @return
+ * The string that was read, or FALSE in case of an error.
+ */
+ public function stream_read($count) {
+ return fread($this->fileHandle, $count);
+ }
+
+ /**
+ * Support for fwrite(), file_put_contents() etc.
+ *
+ * @param $data
+ * The string to be written.
+ * @return
+ * The number of bytes written.
+ */
+ public function stream_write($data) {
+ return fwrite($this->fileHandle, $data);
+ }
+
+ /**
+ * Support for feof().
+ *
+ * @return
+ * TRUE if end-of-file has been reached.
+ */
+ public function stream_eof() {
+ return feof($this->fileHandle);
+ }
+
+ /**
+ * Support for fseek().
+ *
+ * @param $offset
+ * The byte offset to got to.
+ * @param $whence
+ * SEEK_SET, SEEK_CUR, or SEEK_END.
+ * @return
+ * TRUE on success
+ */
+ public function stream_seek($offset, $whence) {
+ return fseek($this->fileHandle, $offset, $whence);
+ }
+
+ /**
+ * Support for fflush().
+ *
+ * @return
+ * TRUE if data was successfully stored (or there was no data to store).
+ */
+ public function stream_flush() {
+ return fflush($this->fileHandle);
+ }
+
+ /**
+ * Support for ftell().
+ *
+ * @return
+ * The current offset in bytes from the beginning of file.
+ */
+ public function stream_tell() {
+ return ftell($this->fileHandle);
+ }
+
+ /**
+ * Support for fstat().
+ *
+ * @return
+ * An array with file status, or FALSE in case of an error - see fstat()
+ * for a description of this array.
+ */
+ public function stream_stat() {
+ return fstat($this->fileHandle);
+ }
+
+ /**
+ * Support for fclose().
+ *
+ * @return
+ * TRUE if stream was successfully closed.
+ */
+ public function stream_close() {
+ return fclose($this->fileHandle);
+ }
+
+ /**
+ * Support for unlink().
+ *
+ * @param $path
+ * A string containing the path to the file to delete.
+ * @return
+ * TRUE if file was successfully deleted.
+ */
+ public function unlink($path) {
+ return unlink(self::getNestedPath($path));
+ }
+
+ /**
+ * Support for rename().
+ *
+ * @param $fromPath
+ * The path to the file to rename.
+ * @param $toPath
+ * The new path to the file.
+ *
+ * @return
+ * TRUE if file was successfully renamed.
+ */
+ public function rename($fromPath, $toPath) {
+ return rename(self::getNestedPath($fromPath), self::getNestedPath($toPath));
+ }
+
+ /**
+ * Support for mkdir().
+ *
+ * @param $path
+ * A string containing the path to the directory to create.
+ * @param $mode
+ * Permission flags - see mkdir().
+ * @param $options
+ * A bit mask of STREAM_REPORT_ERRORS and STREAM_MKDIR_RECURSIVE.
+ * @return
+ * TRUE if directory was successfully created.
+ */
+ public function mkdir($path, $mode, $options) {
+ $nestedPath = self::getNestedPath($path);
+ $recursive = (bool)($options & STREAM_MKDIR_RECURSIVE);
+ if ($options & STREAM_REPORT_ERRORS) {
+ return mkdir($nestedPath, $mode, $recursive);
+ }
+ else {
+ return @mkdir($nestedPath, $mode, $recursive);
+ }
+ }
+
+ /**
+ * Support for rmdir().
+ *
+ * @param $path
+ * A string containing the path to the directory to delete.
+ * @param $options
+ * A bit mask of STREAM_REPORT_ERRORS.
+ * @return
+ * TRUE if directory was successfully removed.
+ */
+ public function rmdir($path, $options) {
+ $nestedPath = self::getNestedPath($path);
+ if ($options & STREAM_REPORT_ERRORS) {
+ return rmdir($nestedPath);
+ }
+ else {
+ return @rmdir($nestedPath);
+ }
+ }
+
+ /**
+ * Support for stat().
+ *
+ * @param $path
+ * A string containing the path to get information about.
+ * @param $flags
+ * A bit mask of STREAM_URL_STAT_LINK and STREAM_URL_STAT_QUIET.
+ * @return
+ * An array with file status, or FALSE in case of an error - see fstat()
+ * for a description of this array.
+ */
+ public function url_stat($path, $flags) {
+ $nestedPath = self::getNestedPath($path);
+ return ($flags & STREAM_URL_STAT_QUIET) ? (file_exists($nestedPath) ? stat($nestedPath) : FALSE) : stat($nestedPath);
+ }
+
+ /**
+ * Support for opendir().
+ *
+ * @param $path
+ * A string containing the path to the directory to open.
+ * @param $options
+ * Unknown (parameter is not documented in PHP Manual).
+ * @return
+ * TRUE on success.
+ */
+ public function dir_opendir($path, $options) {
+ $this->dirHandle = opendir(self::getNestedPath($path));
+ return (bool)$this->dirHandle;
+ }
+
+ /**
+ * Support for readdir().
+ *
+ * @return
+ * The next filename, or FALSE if there are no more files in the directory.
+ */
+ public function dir_readdir() {
+ return readdir($this->dirHandle);
+ }
+
+ /**
+ * Support for rewinddir().
+ *
+ * @return
+ * TRUE on success.
+ */
+ public function dir_rewinddir() {
+ return rewinddir($this->dirHandle);
+ }
+
+ /**
+ * Support for closedir().
+ *
+ * @return
+ * TRUE on success.
+ */
+ public function dir_closedir() {
+ return closedir($this->dirHandle);
+ }
+
+ /**
+ * Strip the stream wrapper prefix from the specified path.
+ *
+ * @param $path
+ * A string containing a path with a stream wrapper prefix.
+ * @return
+ * The without a stream wrapper prefix.
+ */
+ private static function getNestedPath($path) {
+ return preg_replace('@^([a-z0-9.+-]{2,})://@i', '', $path);
+ }
+}
+
Index: includes/file.inc
===================================================================
RCS file: /cvs/drupal/drupal/includes/file.inc,v
retrieving revision 1.164
diff -u -9 -p -r1.164 file.inc
--- includes/file.inc 10 Mar 2009 09:47:42 -0000 1.164
+++ includes/file.inc 17 Mar 2009 20:57:07 -0000
@@ -150,22 +150,19 @@ function file_create_path($destination =
* will be set preventing them from saving the settings.
* @return
* FALSE when directory not found, or TRUE when directory exists.
*/
function file_check_directory(&$directory, $mode = 0, $form_item = NULL) {
$directory = rtrim($directory, '/\\');
// Check if directory exists.
if (!is_dir($directory)) {
- if (($mode & FILE_CREATE_DIRECTORY) && @mkdir($directory)) {
- @chmod($directory, 0775); // Necessary for non-webserver users.
- }
- else {
+ if (!($mode & FILE_CREATE_DIRECTORY) || !@mkdir($directory, 0775)) {
if ($form_item) {
form_set_error($form_item, t('The directory %directory does not exist.', array('%directory' => $directory)));
watchdog('file system', 'The directory %directory does not exist.', array('%directory' => $directory), WATCHDOG_ERROR);
}
return FALSE;
}
}
// Check to see if the directory is writable.
@@ -179,19 +176,19 @@ function file_check_directory(&$director
}
return FALSE;
}
}
if ((file_directory_path() == $directory || file_directory_temp() == $directory) && !is_file("$directory/.htaccess")) {
$htaccess_lines = "SetHandler Drupal_Security_Do_Not_Remove_See_SA_2006_006\nOptions None\nOptions +FollowSymLinks";
if (($fp = fopen("$directory/.htaccess", 'w')) && fputs($fp, $htaccess_lines)) {
fclose($fp);
- chmod($directory . '/.htaccess', 0664);
+ @chmod($directory . '/.htaccess', 0664);
}
else {
$variables = array('%directory' => $directory, '!htaccess' => '
' . nl2br(check_plain($htaccess_lines)));
form_set_error($form_item, t("Security warning: Couldn't write .htaccess file. Please create a .htaccess file in your %directory directory which contains the following lines: !htaccess", $variables));
watchdog('security', "Security warning: Couldn't write .htaccess file. Please create a .htaccess file in your %directory directory which contains the following lines: !htaccess", $variables, WATCHDOG_ERROR);
}
}
return TRUE;
@@ -237,27 +234,32 @@ function file_check_path(&$path) {
* @param $source
* A string set to the file to check.
* @param $directory
* A string where the file should be located.
* @return
* FALSE if the path does not exist in the directory; otherwise, the real
* path of the source.
*/
function file_check_location($source, $directory = '') {
- $check = realpath($source);
+ $check = drupal_realpath($source);
if ($check) {
$source = $check;
}
else {
+ // drupal_realpath() does not always resolve '/..'
+ $basename = basename($source);
+ if ($basename == '..') {
+ return FALSE;
+ }
// This file does not yet exist.
- $source = realpath(dirname($source)) . '/' . basename($source);
+ $source = drupal_realpath(dirname($source)) . '/' . $basename;
}
- $directory = realpath($directory);
+ $directory = drupal_realpath($directory);
if ($directory && strpos($source, $directory) !== 0) {
return FALSE;
}
return $source;
}
/**
* Load file objects from the database.
*
@@ -440,19 +442,19 @@ function file_copy($source, $destination
* - FILE_EXISTS_RENAME - Append _{incrementing number} until the filename is
* unique.
* - FILE_EXISTS_ERROR - Do nothing and return FALSE.
* @return
* The path to the new file, or FALSE in the event of an error.
*
* @see file_copy()
*/
function file_unmanaged_copy($source, $destination = NULL, $replace = FILE_EXISTS_RENAME) {
- $source = realpath($source);
+ $source = drupal_realpath($source);
if (!file_exists($source)) {
drupal_set_message(t('The specified file %file could not be copied, because no file by that name exists. Please check that you supplied the correct filename.', array('%file' => $source)), 'error');
return FALSE;
}
$destination = file_create_path($destination);
$directory = $destination;
$basename = file_check_path($directory);
@@ -468,19 +470,19 @@ function file_unmanaged_copy($source, $d
$destination = file_destination($directory . '/' . $basename, $replace);
if ($destination === FALSE) {
drupal_set_message(t('The specified file %file could not be copied because a file by that name already exists in the destination.', array('%file' => $source)), 'error');
return FALSE;
}
// Make sure source and destination filenames are not the same, makes no
// sense to copy it if they are. In fact copying the file will most likely
// result in a 0 byte file. Which is bad. Real bad.
- if ($source == realpath($destination)) {
+ if ($source == drupal_realpath($destination)) {
drupal_set_message(t('The specified file %file was not copied because it would overwrite itself.', array('%file' => $source)), 'error');
return FALSE;
}
if (!@copy($source, $destination)) {
drupal_set_message(t('The specified file %file could not be copied.', array('%file' => $source)), 'error');
return FALSE;
}
// Give everyone read access so that FTP'd users or
@@ -1447,18 +1449,22 @@ function file_scan_directory($dir, $mask
closedir($handle);
}
return $files;
}
/**
* Determine the default temporary directory.
*
+ * This may be used for storing temporary files within a single request. If a
+ * temporary file is to be used in multiple requests, it should be saved in
+ * file_directory_path with its status set to FILE_STATUS_TEMPORARY.
+ *
* @return
* A string containing a temp directory.
*/
function file_directory_temp() {
$temporary_directory = variable_get('file_directory_temp');
if (is_null($temporary_directory)) {
$directories = array();
@@ -1884,11 +1890,79 @@ function file_get_mimetype($filename, $m
foreach ($mapping as $ext_preg => $mime_match) {
if (preg_match('!\.('. $ext_preg .')$!i', $filename)) {
return $mime_match;
}
}
return 'application/octet-stream';
}
/**
+ * Get the stream wrapper prefix from of path.
+ *
+ * @param $path
+ * A string containing a path to a file or directory.
+ * @return
+ * The wrapper prefix, e.g. "foo" for the path "foo://bar.txt", or FALSE is
+ * $path is a regular filesystem path.
+ */
+function file_get_wrapper($path) {
+ // A wrapper prefix is at least two characters so that it can be distinguished
+ // from a Windows drive letter, "C:/temp".
+ preg_match('@^(?[a-z0-9.+-]{2,})://@i', $path, $matches);
+ return $matches ? $matches['wrapper'] : FALSE;
+}
+
+/**
+ * Get canonicalized absolute path of a file or directory.
+ *
+ * Consecutive directory separator characters ("/" or "\") are stripped. If path
+ * is a directory, the trailing directory separator is stripped.
+ *
+ * For regular files:
+ * - Symbolic links are expanded.
+ * - "/./" and "/../" segments are resolved.
+ * For paths with protocol/wrapper prefix (e.g. "mywrapper://foo/bar.txt"):
+ * - Paths containing "/../" are blocked (FALSE is returned).
+ * - Paths are assumed to be case-sensitive (no case normalization is done).
+ * - On Windows, "\" is normalized to "/".
+ *
+ * @code
+ * // Returns "/foo/bar/boo", or FALSE if the file does not exist:
+ * drupal_realpath('/foo//bar/./baz/..\\boo');
+ *
+ * // Returns FALSE due to "/../":
+ * drupal_realpath('mywrapper://foo/bar/../baz');
+ * @endcode
+ *
+ * @param $path
+ * A string containing a path to a file or directory.
+ * @return
+ * A string containing the absolute path to the file/directory, or FALSE if
+ * the file/directory does not exist.
+ */
+function drupal_realpath($path) {
+ // Does $path include an explicit protocol/wrapper prefix "foo://" (not a
+ // Windows drive letter "C:/temp")?
+ if (preg_match('@^([a-z0-9.+-]{2,})://(.*)@i', $path, $matches)) {
+ $wrappedPath = $matches[2];
+ // Replace platform-specific directory separator with "/".
+ if (DIRECTORY_SEPARATOR != '/') {
+ $wrappedPath = strtr($wrappedPath, DIRECTORY_SEPARATOR, '/');
+ }
+ // Replace "//" with "/", except when "//" is preceded by a colon (this
+ // indicates a nested stream wrapper prefix, e.g. "foo://bar://".
+ $wrappedPath = preg_replace('@(?originalFileDirectory . '/simpletest';
+ // When useStreamWrapper() has been called, also return test files with
+ // a wrapper prefix.
+ if (file_get_wrapper(file_directory_path()) == 'simpletest') {
+ $path = 'simpletest://' . $path;
+ }
$files = file_scan_directory($path, '/' . $type . '\-.*/');
// If size is set then remove any files that are not of that size.
if ($size !== NULL) {
foreach ($files as $file) {
$stats = stat($file->filepath);
if ($stats['size'] != $size) {
unset($files[$file->filepath]);
}
@@ -810,18 +815,20 @@ class DrupalWebTestCase {
* @param ...
* List of modules to enable for the duration of the test.
*/
protected function setUp() {
global $db_prefix, $user;
// Store necessary current values before switching to prefixed database.
$this->originalPrefix = $db_prefix;
$clean_url_original = variable_get('clean_url', 0);
+ $file_downloads_original = variable_get('file_downloads', FILE_DOWNLOADS_PUBLIC);
+ $this->originalFileDirectory = file_directory_path();
// Generate temporary prefixed database to ensure that tests have a clean starting point.
$db_prefix = Database::getConnection()->prefixTables('{simpletest' . mt_rand(1000, 1000000) . '}');
include_once DRUPAL_ROOT . '/includes/install.inc';
drupal_install_system();
$this->preloadRegistry();
@@ -849,29 +856,45 @@ class DrupalWebTestCase {
// Log in with a clean $user.
$this->originalUser = $user;
drupal_save_session(FALSE);
$user = user_load(1);
// Restore necessary variables.
variable_set('install_profile', 'default');
variable_set('install_task', 'profile-finished');
variable_set('clean_url', $clean_url_original);
+ variable_set('file_downloads', $file_downloads_original);
variable_set('site_mail', 'simpletest@example.com');
// Use temporary files directory with the same prefix as database.
- $this->originalFileDirectory = file_directory_path();
- variable_set('file_directory_path', file_directory_path() . '/' . $db_prefix);
- $directory = file_directory_path();
+ $directory = $this->originalFileDirectory . '/' . $db_prefix;
+ variable_set('file_directory_path', $directory);
file_check_directory($directory, FILE_CREATE_DIRECTORY); // Create the files directory.
set_time_limit($this->timeLimit);
}
/**
+ * Register "simpletest://" stream wrapper and set file_directory_path to a
+ * path with this wrapper prefix, and set file_downloads to
+ * FILE_DOWNLOADS_PRIVATE.
+ */
+ function useStreamWrapper($register = TRUE) {
+ if (!in_array('simpletest', stream_get_wrappers())) {
+ stream_wrapper_register('simpletest', 'DummyStreamWrapper');
+ }
+ variable_set('file_directory_path', 'simpletest://' . file_directory_path());
+ variable_set('file_downloads', FILE_DOWNLOADS_PRIVATE);
+ // Clear the node cache to get rid of cached references to files in the
+ // old file_directory_path.
+ node_load_multiple(array(), array(), TRUE);
+ }
+
+ /**
* This method is called by DrupalWebTestCase::setUp, and preloads the
* registry from the testing site to cut down on the time it takes to
* setup a clean environment for the current test run.
*/
protected function preloadRegistry() {
db_query('INSERT INTO {registry} SELECT * FROM ' . $this->originalPrefix . 'registry');
db_query('INSERT INTO {registry_file} SELECT * FROM ' . $this->originalPrefix . 'registry_file');
}
@@ -1127,32 +1150,48 @@ class DrupalWebTestCase {
if ($this->parse()) {
$edit_save = $edit;
// Let's iterate over all the forms.
$forms = $this->xpath('//form');
foreach ($forms as $form) {
// We try to set the fields of this form as specified in $edit.
$edit = $edit_save;
$post = array();
$upload = array();
+ $temp_dir = FALSE;
$submit_matches = $this->handleForm($post, $edit, $upload, $submit, $form);
$action = isset($form['action']) ? $this->getAbsoluteUrl($form['action']) : $this->getUrl();
// We post only if we managed to handle every field in edit and the
// submit button matches.
if (!$edit && $submit_matches) {
if ($upload) {
// TODO: cURL handles file uploads for us, but the implementation
// is broken. This is a less than elegant workaround. Alternatives
// are being explored at #253506.
foreach ($upload as $key => $file) {
- $file = realpath($file);
- if ($file && is_file($file)) {
- $post[$key] = '@' . $file;
+ // cURL does not support stream wrappers
+ if (file_get_wrapper($file)) {
+ $temp_dir = file_directory_temp() . '/simpletest_drupal_web_test_case';
+ if (!is_dir($temp_dir)) {
+ mkdir($temp_dir);
+ }
+ $upload_file = $temp_dir . '/' . basename($file);
+ copy($file, $upload_file);
+ if (!is_file($upload_file)) {
+ $this->fail(t('Failed to create temporary file @file', array('@file' => $upload_file)));
+ return;
+ }
+ }
+ else {
+ $upload_file = realpath($file);
+ }
+ if ($upload_file && is_file($upload_file)) {
+ $post[$key] = '@' . $upload_file;
}
}
}
else {
foreach ($post as $key => $value) {
// Encode according to application/x-www-form-urlencoded
// Both names and values needs to be urlencoded, according to
// http://www.w3.org/TR/html4/interact/forms.html#h-17.13.4.1
$post[$key] = urlencode($key) . '=' . urlencode($value);
Index: modules/simpletest/tests/file.test
===================================================================
RCS file: /cvs/drupal/drupal/modules/simpletest/tests/file.test,v
retrieving revision 1.26
diff -u -9 -p -r1.26 file.test
--- modules/simpletest/tests/file.test 14 Mar 2009 23:01:37 -0000 1.26
+++ modules/simpletest/tests/file.test 17 Mar 2009 20:57:07 -0000
@@ -95,18 +95,22 @@ class FileTestCase extends DrupalWebTest
*
* @param $filepath
* String file path.
* @param $expected_mode
* Octal integer like 0664 or 0777.
* @param $message
* Optional message.
*/
function assertFilePermissions($filepath, $expected_mode, $message = NULL) {
+ // File permissions are not supported by stream wrappers
+ if (file_get_wrapper($filepath)) {
+ return;
+ }
// Mask out all but the last three octets.
$actual_mode = fileperms($filepath) & 511;
if (is_null($message)) {
if ($actual_mode == $expected_mode) {
$message = t('File permissions set correctly.');
}
else {
$message = t('Expected file permission to be %expected, actually were %actual.', array('%actual' => decoct($actual_mode), '%expected' => decoct($expected_mode)));
}
@@ -314,25 +318,21 @@ class FileValidatorTest extends DrupalWe
'name' => t('File validator tests'),
'description' => t('Tests the functions used to validate uploaded files.'),
'group' => t('File'),
);
}
function setUp() {
parent::setUp();
- $this->image = new stdClass();
- $this->image->filepath = 'misc/druplicon.png';
- $this->image->filename = basename($this->image->filepath);
-
- $this->non_image = new stdClass();
- $this->non_image->filepath = 'misc/jquery.js';
- $this->non_image->filename = basename($this->non_image->filepath);
+ $this->image = current($this->drupalGetTestFiles('image'));
+
+ $this->non_image = current($this->drupalGetTestFiles('text'));
}
/**
* Test the file_validate_extensions() function.
*/
function testFileValidateExtensions() {
$file = new stdClass();
$file->filename = 'asdf.txt';
$errors = file_validate_extensions($file, 'asdf txt pork');
@@ -364,40 +364,40 @@ class FileValidatorTest extends DrupalWe
// Non-images.
$errors = file_validate_image_resolution($this->non_image);
$this->assertEqual(count($errors), 0, t("Shouldn't get any errors for a non-image file."), 'File');
$errors = file_validate_image_resolution($this->non_image, '50x50', '100x100');
$this->assertEqual(count($errors), 0, t("Don't check the resolution on non files."), 'File');
// Minimum size.
$errors = file_validate_image_resolution($this->image);
$this->assertEqual(count($errors), 0, t('No errors for an image when there is no minimum or maximum resolution.'), 'File');
- $errors = file_validate_image_resolution($this->image, 0, '200x1');
+ $errors = file_validate_image_resolution($this->image, 0, '400x1');
$this->assertEqual(count($errors), 1, t("Got an error for an image that wasn't wide enough."), 'File');
- $errors = file_validate_image_resolution($this->image, 0, '1x200');
+ $errors = file_validate_image_resolution($this->image, 0, '1x400');
$this->assertEqual(count($errors), 1, t("Got an error for an image that wasn't tall enough."), 'File');
- $errors = file_validate_image_resolution($this->image, 0, '200x200');
+ $errors = file_validate_image_resolution($this->image, 0, '400x400');
$this->assertEqual(count($errors), 1, t('Small images report an error.'), 'File');
// Maximum size.
if (image_get_toolkit()) {
// Copy the image so that the original doesn't get resized.
$temp_dir = file_directory_temp();
- copy(realpath('misc/druplicon.png'), realpath($temp_dir) . '/druplicon.png');
+ copy('misc/druplicon.png', $temp_dir . '/druplicon.png');
$this->image->filepath = $temp_dir . '/druplicon.png';
$errors = file_validate_image_resolution($this->image, '10x5');
$this->assertEqual(count($errors), 0, t('No errors should be reported when an oversized image can be scaled down.'), 'File');
$info = image_get_info($this->image->filepath);
$this->assertTrue($info['width'] <= 10, t('Image scaled to correct width.'), 'File');
$this->assertTrue($info['height'] <= 5, t('Image scaled to correct height.'), 'File');
- unlink(realpath($temp_dir . '/druplicon.png'));
+ unlink($temp_dir . '/druplicon.png');
}
else {
// TODO: should check that the error is returned if no toolkit is available.
$errors = file_validate_image_resolution($this->image, '5x10');
$this->assertEqual(count($errors), 1, t("Oversize images that can't be scaled get an error."), 'File');
}
}
/**
@@ -455,19 +455,36 @@ class FileValidatorTest extends DrupalWe
$this->assertEqual(count($errors), 1, t('Error for the user being over their limit.'), 'File');
$errors = file_validate_size($file, 1, 1);
$this->assertEqual(count($errors), 2, t('Errors for both the file and their limit.'), 'File');
$user = $original_user;
drupal_save_session(TRUE);
}
}
+/**
+ * This will run tests against the file validation functions (file_validate_*)
+ * using stream wrappers.
+ */
+class FileValidatorStreamWrapperTest extends FileValidatorTest {
+ function getInfo() {
+ return array(
+ 'name' => t('File validator tests – with stream wrappers'),
+ 'description' => t('Tests the functions used to validate uploaded files.'),
+ 'group' => t('File'),
+ );
+ }
+ function setUp() {
+ parent::setUp();
+ $this->useStreamWrapper();
+ }
+}
/**
* Tests the file_unmanaged_save_data() function.
*/
class FileUnmanagedSaveDataTest extends FileTestCase {
function getInfo() {
return array(
'name' => t('Unmanaged file save data'),
'description' => t('Tests the unmanaged file save data function.'),
@@ -479,31 +496,49 @@ class FileUnmanagedSaveDataTest extends
* Test the file_unmanaged_save_data() function.
*/
function testFileSaveData() {
$contents = $this->randomName(8);
// No filename.
$filepath = file_unmanaged_save_data($contents);
$this->assertTrue($filepath, t('Unnamed file saved correctly.'));
$this->assertEqual(file_directory_path(), dirname($filepath), t("File was placed in Drupal's files directory."));
- $this->assertEqual($contents, file_get_contents(realpath($filepath)), t('Contents of the file are correct.'));
+ $this->assertEqual($contents, file_get_contents($filepath), t('Contents of the file are correct.'));
// Provide a filename.
$filepath = file_unmanaged_save_data($contents, 'asdf.txt', FILE_EXISTS_REPLACE);
$this->assertTrue($filepath, t('Unnamed file saved correctly.'));
$this->assertEqual(file_directory_path(), dirname($filepath), t("File was placed in Drupal's files directory."));
$this->assertEqual('asdf.txt', basename($filepath), t('File was named correctly.'));
- $this->assertEqual($contents, file_get_contents(realpath($filepath)), t('Contents of the file are correct.'));
+ $this->assertEqual($contents, file_get_contents($filepath), t('Contents of the file are correct.'));
$this->assertFilePermissions($filepath, 0664);
}
}
/**
+ * Tests the file_unmanaged_save_data() function.
+ */
+class FileUnmanagedSaveDataStreamWrapperTest extends FileUnmanagedSaveDataTest {
+ function getInfo() {
+ return array(
+ 'name' => t('Unmanaged file save data – with stream wrappers'),
+ 'description' => t('Tests the unmanaged file save data function.'),
+ 'group' => t('File'),
+ );
+ }
+
+ function setUp() {
+ parent::setUp();
+ $this->useStreamWrapper();
+ }
+}
+
+/**
* Test the file_save_upload() function.
*/
class FileSaveUploadTest extends FileHookTestCase {
/**
* An image file path for uploading.
*/
var $image;
/**
@@ -526,19 +561,19 @@ class FileSaveUploadTest extends FileHoo
$this->image = current($this->drupalGetTestFiles('image'));
$this->assertTrue(is_file($this->image->filepath), t("The file we're going to upload exists."));
$this->maxFidBefore = db_query('SELECT MAX(fid) AS fid FROM {files}')->fetchField();
// Upload with replace to gurantee there's something there.
$edit = array(
'file_test_replace' => FILE_EXISTS_REPLACE,
- 'files[file_test_upload]' => realpath($this->image->filepath)
+ 'files[file_test_upload]' => $this->image->filepath,
);
$this->drupalPost('file-test/upload', $edit, t('Submit'));
$this->assertResponse(200, t('Received a 200 response for posted test file.'));
$this->assertRaw(t('You WIN!'), t('Found the success message.'));
// Check that the correct hooks were called then clean out the hook
// counters.
$this->assertFileHooksCalled(array('validate', 'insert'));
file_test_reset();
@@ -553,19 +588,19 @@ class FileSaveUploadTest extends FileHoo
$file1 = file_load($max_fid_after);
$this->assertTrue($file1, t('Loaded the file.'));
// Reset the hook counters to get rid of the 'load' we just called.
file_test_reset();
// Upload a second file.
$max_fid_before = db_query('SELECT MAX(fid) AS fid FROM {files}')->fetchField();
$image2 = current($this->drupalGetTestFiles('image'));
- $edit = array('files[file_test_upload]' => realpath($image2->filepath));
+ $edit = array('files[file_test_upload]' => $image2->filepath);
$this->drupalPost('file-test/upload', $edit, t('Submit'));
$this->assertResponse(200, t('Received a 200 response for posted test file.'));
$this->assertRaw(t('You WIN!'));
$max_fid_after = db_query('SELECT MAX(fid) AS fid FROM {files}')->fetchField();
// Check that the correct hooks were called.
$this->assertFileHooksCalled(array('validate', 'insert'));
$file2 = file_load($max_fid_after);
@@ -630,18 +665,37 @@ class FileSaveUploadTest extends FileHoo
* Test for no failures when not uploading a file.
*/
function testNoUpload() {
$this->drupalPost('file-test/upload', array(), t('Submit'));
$this->assertNoRaw(t('Epic upload FAIL!'), t('Failure message not found.'));
}
}
/**
+ * Test the file_save_upload() function when file_directory_path contains a
+ * stream wrapper prefix.
+ */
+class FileSaveUploadStreamWrapperTest extends FileSaveUploadTest {
+ function getInfo() {
+ return array(
+ 'name' => t('File uploading – with stream wrappers'),
+ 'description' => t('Tests the file uploading functions.'),
+ 'group' => t('File'),
+ );
+ }
+
+ function setUp() {
+ parent::setUp();
+ $this->useStreamWrapper();
+ }
+}
+
+/**
* Directory related tests.
*/
class FileDirectoryTest extends FileTestCase {
function getInfo() {
return array(
'name' => t('File paths and directories'),
'description' => t('Tests operations dealing with directories.'),
'group' => t('File'),
);
@@ -663,26 +717,29 @@ class FileDirectoryTest extends FileTest
$errors = form_get_errors();
$this->assertEqual($errors[$form_element], t('The directory %directory does not exist.', array('%directory' => $directory)), t('Properly generated an error for the passed form element.'), 'File');
// Make a directory.
$this->assertTrue(file_check_directory($directory, FILE_CREATE_DIRECTORY), t('No error reported when creating a new directory.'), 'File');
// Make sure directory actually exists.
$this->assertTrue(is_dir($directory), t('Directory actually exists.'), 'File');
- // Make directory read only.
- @chmod($directory, 0444);
- $form_element = $this->randomName();
- $this->assertFalse(file_check_directory($directory, 0, $form_element), t('Error reported for a non-writeable directory.'), 'File');
-
- // Check if form error was set.
- $errors = form_get_errors();
- $this->assertEqual($errors[$form_element], t('The directory %directory is not writable', array('%directory' => $directory)), t('Properly generated an error for the passed form element.'), 'File');
+ // chmod() does not support stream wrappers.
+ if (!file_get_wrapper($directory)) {
+ // Make directory read only.
+ @chmod($directory, 0444);
+ $form_element = $this->randomName();
+ $this->assertFalse(file_check_directory($directory, 0, $form_element), t('Error reported for a non-writeable directory.'), 'File');
+
+ // Check if form error was set.
+ $errors = form_get_errors();
+ $this->assertEqual($errors[$form_element], t('The directory %directory is not writable', array('%directory' => $directory)), t('Properly generated an error for the passed form element.'), 'File');
+ }
// Test directory permission modification.
$this->assertTrue(file_check_directory($directory, FILE_MODIFY_PERMISSIONS), t('No error reported when making directory writeable.'), 'File');
// Verify directory actually is writeable.
$this->assertTrue(is_writeable($directory), t('Directory is writeable.'), 'File');
// Remove .htaccess file to then test that it gets re-created.
@unlink(file_directory_path() .'/.htaccess');
@@ -735,38 +792,65 @@ class FileDirectoryTest extends FileTest
$this->assertFalse($result, t('Existing file fails validation when it exists outside the directory path, using a /../ exploit.'), 'File');
$source = 'misc/druplicon.png';
$directory = 'misc';
$result = file_check_location($source, $directory);
$this->assertTrue($result, t('Existing file passes validation when checked for location in directory path, and filepath contains a subfolder of the checked path.'), 'File');
$result = file_check_location($source, $directory);
$this->assertTrue($result, t('Existing file passes validation, returning the source when checked for location in directory.'), 'File');
- }
+ $this->useStreamWrapper();
+ mkdir(file_directory_path() . '/foo');
+ $this->createFile(file_directory_path() . '/abc.txt');
+ $this->createFile(file_directory_path() . '/foo/def.txt');
+ $this->assertTrue(is_dir(file_directory_path() . '/foo'), t('Directory was created successfully.'), 'File');
+
+ $source = file_directory_path() . '/foo/xyz.txt';
+ $directory = file_directory_path() . '/foo';
+ $result = file_check_location($source, $directory);
+ $this->assertTrue($result, t('Non-existent file validates when checked for location in existing directory.'), 'File');
+
+ $source = file_directory_path() . '/xyz.txt';
+ $directory = file_directory_path() . '/fake';
+ $result = file_check_location($source, $directory);
+ $this->assertTrue($result, t('Non-existent file validates when checked for location in non-existing directory.'), 'File');
+
+ $source = file_directory_path() . '/foo/../abc.txt';
+ $directory = file_directory_path() . '/foo';
+ $this->assertTrue(is_file($source), t('File exists outside the directory path.'), 'File');
+ $result = file_check_location($source, $directory);
+ $this->assertFalse($result, t('Existing file fails validation when it exists outside the directory path, using a /../ exploit.'), 'File');
+
+ $source = file_directory_path() . '/foo/def.txt';
+ $directory = file_directory_path() . '/foo';
+ $result = file_check_location($source, $directory);
+ $this->assertTrue($result, t('Existing file passes validation when checked for location in directory path, and filepath contains a subfolder of the checked path.'), 'File');
+ }
/**
* This will take a directory and path, and find a valid filepath that is not
* taken by another file.
*/
function testFileCreateNewFilepath() {
// First we test against an imaginary file that does not exist in a
// directory.
$basename = 'xyz.txt';
- $directory = 'misc';
+ $directory = file_directory_path();
$original = $directory .'/'. $basename;
$path = file_create_filename($basename, $directory);
$this->assertEqual($path, $original, t('New filepath %new equals %original.', array('%new' => $path, '%original' => $original)), 'File');
// Then we test against a file that already exists within that directory.
- $basename = 'druplicon.png';
- $original = $directory .'/'. $basename;
- $expected = $directory .'/druplicon_0.png';
+ $basename = 'abc.txt';
+ $original = $directory . '/' . $basename;
+ $expected = $directory . '/abc_0.txt';
+ $this->createFile($original);
$path = file_create_filename($basename, $directory);
$this->assertEqual($path, $expected, t('Creating a new filepath from %original equals %new.', array('%new' => $path, '%original' => $original)), 'File');
// @TODO: Finally we copy a file into a directory several times, to ensure a properly iterating filename suffix.
}
/**
* This will test the filepath for a destination based on passed flags and
* whether or not the file exists.
@@ -775,36 +859,54 @@ class FileDirectoryTest extends FileTest
* return:
* - the existing filepath, if $replace is FILE_EXISTS_REPLACE
* - a new filepath if FILE_EXISTS_RENAME
* - an error (returning FALSE) if FILE_EXISTS_ERROR.
* If the file doesn't currently exist, then it will simply return the
* filepath.
*/
function testFileDestination() {
// First test for non-existent file.
- $destination = 'misc/xyz.txt';
+ $destination = file_directory_path() . '/xyz.txt';
$path = file_destination($destination, FILE_EXISTS_REPLACE);
$this->assertEqual($path, $destination, t('Non-existing filepath destination is correct with FILE_EXISTS_REPLACE.'), 'File');
$path = file_destination($destination, FILE_EXISTS_RENAME);
$this->assertEqual($path, $destination, t('Non-existing filepath destination is correct with FILE_EXISTS_RENAME.'), 'File');
$path = file_destination($destination, FILE_EXISTS_ERROR);
$this->assertEqual($path, $destination, t('Non-existing filepath destination is correct with FILE_EXISTS_ERROR.'), 'File');
- $destination = 'misc/druplicon.png';
+ $destination = file_directory_path() . '/abc.txt';
+ $this->createFile($destination);
$path = file_destination($destination, FILE_EXISTS_REPLACE);
$this->assertEqual($path, $destination, t('Existing filepath destination remains the same with FILE_EXISTS_REPLACE.'), 'File');
$path = file_destination($destination, FILE_EXISTS_RENAME);
$this->assertNotEqual($path, $destination, t('A new filepath destination is created when filepath destination already exists with FILE_EXISTS_RENAME.'), 'File');
$path = file_destination($destination, FILE_EXISTS_ERROR);
$this->assertEqual($path, FALSE, t('An error is returned when filepath destination already exists with FILE_EXISTS_ERROR.'), 'File');
}
}
+/**
+ * Directory related tests with stream wrapper prefixes.
+ */
+class FileDirectoryStreamWrapperTest extends FileDirectoryTest {
+ function getInfo() {
+ return array(
+ 'name' => t('File paths and directories – with stream wrappers'),
+ 'description' => t('Tests operations dealing with directories.'),
+ 'group' => t('File'),
+ );
+ }
+
+ function setUp() {
+ parent::setUp();
+ $this->useStreamWrapper();
+ }
+}
/**
* Tests the file_scan_directory() function.
*/
class FileScanDirectoryTest extends FileTestCase {
function getInfo() {
return array(
'name' => t('File scan directory'),
'description' => t('Tests the file_scan_directory() function.'),
@@ -858,24 +960,28 @@ class FileScanDirectoryTest extends File
$this->assertEqual(2, count($all_files), t('Found two, expected javascript files.'));
$results = file_test_file_scan_callback(NULL, TRUE);
$this->assertEqual(2, count($results), t('Files were passed to the callback.'));
}
/**
* Check that the no-mask parameter is honored.
*/
function testOptionNoMask() {
- // Grab a listing of all the JavaSscript files.
- $all_files = file_scan_directory($this->path, '/^javascript-/');
- $this->assertEqual(2, count($all_files), t('Found two, expected javascript files.'));
+ $path = file_directory_path();
+ $this->createFile($path . '/abc.txt');
+ $this->createFile($path . '/def.txt');
+
+ // Grab a listing of all .txt files.
+ $all_files = file_scan_directory($path, '/\.txt$/');
+ $this->assertEqual(2, count($all_files), t('Found two, expected txt files.'));
- // Now use the nomast parameter to filter out the .script file.
- $filtered_files = file_scan_directory($this->path, '/^javascript-/', array('nomask' => '/.script$/'));
+ // Now use the nomast parameter to filter out abc.txt.
+ $filtered_files = file_scan_directory($path, '/\.txt$/', array('nomask' => '/^abc/'));
$this->assertEqual(1, count($filtered_files), t('Filtered correctly.'));
}
/**
* Check that key parameter sets the return value's key.
*/
function testOptionKey() {
// "filename", for the path starting with $dir.
$expected = array($this->path . '/javascript-1.txt', $this->path . '/javascript-2.script');
@@ -967,18 +1073,35 @@ class FileUnmanagedDeleteTest extends Fi
// A directory to operate on.
$directory = $this->createDirectory();
// Try to delete a directory
$this->assertFalse(file_unmanaged_delete($directory), t('Could not delete the delete directory.'));
$this->assertTrue(file_exists($directory), t('Directory has not been deleted.'));
}
}
+/**
+ * Deletion related tests using stream wrappers.
+ */
+class FileUnmanagedDeleteStreamWrapperTest extends FileUnmanagedDeleteTest {
+ function getInfo() {
+ return array(
+ 'name' => t('Unmanaged file delete – with stream wrappers'),
+ 'description' => t('Tests the unmanaged file delete function.'),
+ 'group' => t('File'),
+ );
+ }
+
+ function setUp() {
+ parent::setUp();
+ $this->useStreamWrapper();
+ }
+}
/**
* Deletion related tests.
*/
class FileUnmanagedDeleteRecursiveTest extends FileTestCase {
function getInfo() {
return array(
'name' => t('Unmanaged recursive file delete'),
'description' => t('Tests the unmanaged file delete recursive function.'),
@@ -1202,19 +1325,35 @@ class FileUnmanagedCopyTest extends File
// Copy the file into same directory with renaming works.
$new_filepath = file_unmanaged_copy($file->filepath, dirname($file->filepath), FILE_EXISTS_RENAME);
$this->assertTrue($new_filepath, t('Copying into same directory works.'));
$this->assertNotEqual($new_filepath, $file->filepath, t('Copied file has a new name.'));
$this->assertTrue(file_exists($file->filepath), t('Original file exists after copying onto itself.'));
$this->assertTrue(file_exists($new_filepath), t('Copied file exists after copying onto itself.'));
}
}
+/**
+ * Unmanaged copy related tests using stream wrappers.
+ */
+class FileUnmanagedCopyStreamWrapperTest extends FileUnmanagedCopyTest {
+ function getInfo() {
+ return array(
+ 'name' => t('Unmanaged file copying –with stream wrappers'),
+ 'description' => t('Tests the unmanaged file copy function.'),
+ 'group' => t('File'),
+ );
+ }
+ function setUp() {
+ parent::setUp();
+ $this->useStreamWrapper();
+ }
+}
/**
* Deletion related tests.
*/
class FileDeleteTest extends FileHookTestCase {
function getInfo() {
return array(
'name' => t('File delete'),
'description' => t('Tests the file delete function.'),
@@ -1583,23 +1722,24 @@ class FileLoadTest extends FileHookTestC
$this->assertFalse(reset(file_load_multiple(array(), array('status' => -99))), t("Trying to load a file with an invalid status fails."));
$this->assertFileHooksCalled(array());
}
/**
* Load a single file and ensure that the correct values are returned.
*/
function testSingleValues() {
// Create a new file object from scratch so we know the values.
+ $temp_file = current($this->drupalGetTestFiles('text'));
$file = array(
'uid' => 1,
- 'filename' => 'druplicon.png',
- 'filepath' => 'misc/druplicon.png',
- 'filemime' => 'image/png',
+ 'filename' => $temp_file->filename,
+ 'filepath' => $temp_file->filepath,
+ 'filemime' => 'text/plain',
'timestamp' => 1,
'status' => FILE_STATUS_PERMANENT,
);
$file = file_save($file);
$by_fid_file = file_load($file->fid);
$this->assertFileHookCalled('load');
$this->assertTrue(is_object($by_fid_file), t('file_load() returned an object.'));
$this->assertEqual($by_fid_file->fid, $file->fid, t("Loading by fid got the same fid."), 'File');
@@ -1609,23 +1749,24 @@ class FileLoadTest extends FileHookTestC
$this->assertEqual($by_fid_file->status, $file->status, t("Loading by fid got the correct status."), 'File');
$this->assertTrue($by_fid_file->file_test['loaded'], t('file_test_file_load() was able to modify the file during load.'));
}
/**
* This will test loading file data from the database.
*/
function testMultiple() {
// Create a new file object.
+ $temp_file = current($this->drupalGetTestFiles('text'));
$file = array(
'uid' => 1,
- 'filename' => 'druplicon.png',
- 'filepath' => 'misc/druplicon.png',
- 'filemime' => 'image/png',
+ 'filename' => $temp_file->filename,
+ 'filepath' => $temp_file->filepath,
+ 'filemime' => 'text/plain',
'timestamp' => 1,
'status' => FILE_STATUS_PERMANENT,
);
$file = file_save($file);
// Load by path.
file_test_reset();
$by_path_files = file_load_multiple(array(), array('filepath' => $file->filepath));
$this->assertFileHookCalled('load');
@@ -1651,25 +1792,29 @@ class FileLoadTest extends FileHookTestC
class FileSaveTest extends FileHookTestCase {
function getInfo() {
return array(
'name' => t('File saving'),
'description' => t('Tests the file_save() function.'),
'group' => t('File'),
);
}
- function testFileSave() {
- // Create a new file object.
+ /**
+ * Save a file to the database.
+ */
+ function testFileSave() {
+ $temp_file = current($this->drupalGetTestFiles('text'));
+ // Create a new file object.
$file = array(
'uid' => 1,
- 'filename' => 'druplicon.png',
- 'filepath' => 'misc/druplicon.png',
- 'filemime' => 'image/png',
+ 'filename' => $temp_file->filename,
+ 'filepath' => $temp_file->filepath,
+ 'filemime' => 'text/plain',
'timestamp' => 1,
'status' => FILE_STATUS_PERMANENT,
);
$file = (object) $file;
// Save it, inserting a new record.
$saved_file = file_save($file);
// Check that the correct hooks were called.
@@ -1694,18 +1839,35 @@ class FileSaveTest extends FileHookTestC
$this->assertEqual($resaved_file->fid, $saved_file->fid, t("The file ID of an existing file is not changed when updating the database."), 'File');
$this->assertTrue($resaved_file->timestamp >= $saved_file->timestamp, t("Timestamp didn't go backwards."), 'File');
$loaded_file = db_query('SELECT * FROM {files} f WHERE f.fid = :fid', array(':fid' => $saved_file->fid))->fetch(PDO::FETCH_OBJ);
$this->assertNotNull($loaded_file, t("Record still exists in the database."), 'File');
$this->assertEqual($loaded_file->status, $saved_file->status, t("Status was saved correctly."));
}
}
+/**
+ * Tests the file_save() function using stream wrappers.
+ */
+class FileSaveStreamWrapperTest extends FileSaveTest {
+ function getInfo() {
+ return array(
+ 'name' => t('File saving – with stream wrappers'),
+ 'description' => t('Tests the file_save() function.'),
+ 'group' => t('File'),
+ );
+ }
+
+ function setUp() {
+ parent::setUp();
+ $this->useStreamWrapper();
+ }
+}
/**
* Tests the file_validate() function..
*/
class FileValidateTest extends FileHookTestCase {
function getInfo() {
return array(
'name' => t('File validate'),
'description' => t('Tests the file_validate() function.'),
@@ -1971,9 +2133,110 @@ class FileNameMungingTest extends FileTe
*/
function testUnMunge() {
$munged_name = file_munge_filename($this->name, '', FALSE);
$unmunged_name = file_unmunge_filename($munged_name);
// @TODO uncomment when this tests passes reliably, see
// http://drupal.org/node/368502
// $this->assertIdentical($unmunged_name, $this->name, t('The unmunged (%unmunged) filename matches the original (%original)', array('%unmunged' => $unmunged_name, '%original' => $this->name)));
}
}
+
+/**
+ * Test the file_get_wrapper() function.
+ */
+class FileGetWrapperUnitTest extends DrupalWebTestCase {
+ function getInfo() {
+ return array(
+ 'name' => t('Stream wrapper support'),
+ 'description' => t('Tests the file_get_wrapper() function.'),
+ 'group' => t('File'),
+ );
+ }
+
+ /**
+ * Test the file_get_wrapper() function.
+ */
+ function testFileGetWrapper() {
+ // Array containing path => expected_wrapper pairs.
+ $paths = array(
+ 'C:\\' => FALSE,
+ 'C:/' => FALSE,
+ 'C:\Windows' => FALSE,
+ 'C:/Windows' => FALSE,
+ '/tmp' => FALSE,
+ '' => FALSE,
+ '.' => FALSE,
+ '..' => FALSE,
+ 'foo:' => FALSE,
+ 'foo:/' => FALSE,
+ 'foo://' => 'foo',
+ 'foo://bar' => 'foo',
+ 'f-o-o://bar' => 'f-o-o',
+ );
+ foreach ($paths as $path => $expected_wrapper) {
+ $this->assertIdentical(file_get_wrapper($path), $expected_wrapper, t('Found expected wrapper prefix on %file.', array('%file' => $path)));
+ }
+ }
+}
+
+/**
+ * Test the drupal_realpath() function.
+ */
+class DrupalRealpathUnitTest extends DrupalWebTestCase {
+ function getInfo() {
+ return array(
+ 'name' => t('Realpath resolving'),
+ 'description' => t('Tests the drupal_realpath() function.'),
+ 'group' => t('File'),
+ );
+ }
+
+ /**
+ * Test the drupal_realpath() function.
+ */
+ function testDrupalRealpath() {
+ $this->assertEqual(drupal_realpath('includes/./bootstrap.inc'), DRUPAL_ROOT . DIRECTORY_SEPARATOR . 'includes' . DIRECTORY_SEPARATOR . 'bootstrap.inc', t('"." segment was resolved.'));
+ $this->assertEqual(drupal_realpath('includes/database/../bootstrap.inc'), DRUPAL_ROOT . DIRECTORY_SEPARATOR . 'includes' . DIRECTORY_SEPARATOR . 'bootstrap.inc', t('".." segment was resolved.'));
+ $this->assertEqual(drupal_realpath('includes/database/'), DRUPAL_ROOT . DIRECTORY_SEPARATOR . 'includes' . DIRECTORY_SEPARATOR . 'database', t('Trailing slash in directory was removed.'));
+ $this->assertEqual(drupal_realpath('includes///database//database.inc'), DRUPAL_ROOT . DIRECTORY_SEPARATOR . 'includes' . DIRECTORY_SEPARATOR . 'database' . DIRECTORY_SEPARATOR . 'database.inc', t('Duplicate slashes in path were removed.'));
+ }
+}
+
+/**
+ * Test the drupal_realpath() function with stream wrappers.
+ */
+class DrupalRealpathStreamWrapperUnitTest extends DrupalWebTestCase {
+ function getInfo() {
+ return array(
+ 'name' => t('Realpath resolving – with stream wrappers'),
+ 'description' => t('Tests the drupal_realpath() function.'),
+ 'group' => t('File'),
+ );
+ }
+
+ /**
+ * Test the drupal_realpath() function.
+ */
+ function testDrupalRealpath() {
+ $original_file_directory_path = file_directory_path();
+ $this->useStreamWrapper();
+
+ // These tests exploit that "simpletest://" is a dummy wrapper that maps to
+ // the filesystem, i.e. the same file is accessible with and without the
+ // stream wrapper prefix.
+ $original_file_directory_realpath = drupal_realpath($original_file_directory_path);
+ $this->assertTrue($original_file_directory_realpath, t('%path exists.', array('%path' => $original_file_directory_realpath)));
+ mkdir($original_file_directory_realpath . '/foo/bar', 0775, TRUE);
+
+ $this->assertTrue(is_dir($original_file_directory_realpath . '/foo/bar'), t('Directory was created successfully.'));
+ $this->assertTrue(is_dir('simpletest://' . $original_file_directory_path . '/foo/bar'), t('Directory was accessible through dummy stream wrapper.'));
+ $this->assertEqual(drupal_realpath('simpletest://' . $original_file_directory_path . '/foo/bar/'), 'simpletest://' . $original_file_directory_path . '/foo/bar', t('Trailingslash in directory was removed.'));
+
+ file_put_contents($original_file_directory_path . '/foo/baz', 'Lorem ipsum.');
+ $this->assertTrue(is_file($original_file_directory_realpath . '/foo/baz'), t('File was created successfully.'));
+ $this->assertTrue(is_file('simpletest://' . $original_file_directory_path . '/foo/baz'), t('File was found through dummy stream wrapper.'));
+ $this->assertEqual(drupal_realpath('simpletest://' . $original_file_directory_path . '///foo//baz'), 'simpletest://' . $original_file_directory_path . '/foo/baz', t('Duplicate slashes were removed.'));
+
+ // "/../" segments are not supported with stream wrappers.
+ $this->assertFalse(drupal_realpath('simpletest://' . $original_file_directory_path . '/foo/bar/../1'), t('".." segments are rejected.'));
+ }
+}
Index: modules/system/image.gd.inc
===================================================================
RCS file: /cvs/drupal/drupal/modules/system/image.gd.inc,v
retrieving revision 1.5
diff -u -9 -p -r1.5 image.gd.inc
--- modules/system/image.gd.inc 10 Mar 2009 09:43:01 -0000 1.5
+++ modules/system/image.gd.inc 17 Mar 2009 20:57:07 -0000
@@ -253,29 +253,36 @@ function image_gd_load(stdClass $image)
*
* @see image_save()
*/
function image_gd_save(stdClass $image, $destination) {
$extension = str_replace('jpg', 'jpeg', $image->info['extension']);
$function = 'image'. $extension;
if (!function_exists($function)) {
return FALSE;
}
+ // These functions do not support stream wrappers.
+ $output_file = file_get_wrapper($destination) ? tempnam(drupal_realpath(file_directory_temp()), 'image') : $destination;
if ($extension == 'jpeg') {
- return $function($image->resource, $destination, variable_get('image_jpeg_quality', 75));
+ $result = $function($image->resource, $output_file, variable_get('image_jpeg_quality', 75));
}
else {
// Always save PNG images with full transparency.
if ($extension == 'png') {
imagealphablending($image->resource, FALSE);
imagesavealpha($image->resource, TRUE);
}
- return $function($image->resource, $destination);
+ $result = $function($image->resource, $output_file);
}
+
+ if ($result && $destination != $output_file) {
+ $result = file_unmanaged_move($output_file, $destination, FILE_EXISTS_REPLACE);
+ }
+ return $result;
}
/**
* Create a truecolor image preserving transparency from a provided image.
*
* @param $image
* An image object.
* @param $width
* The new width of the new image, in pixels.
Index: modules/system/system.admin.inc
===================================================================
RCS file: /cvs/drupal/drupal/modules/system/system.admin.inc,v
retrieving revision 1.131
diff -u -9 -p -r1.131 system.admin.inc
--- modules/system/system.admin.inc 17 Mar 2009 15:26:29 -0000 1.131
+++ modules/system/system.admin.inc 17 Mar 2009 20:57:07 -0000
@@ -1433,19 +1433,19 @@ function system_file_system_settings() {
'#description' => t('A file system path where the files will be stored. This directory must exist and be writable by Drupal. If the download method is set to public, this directory must be relative to the Drupal installation directory and be accessible over the web. If the download method is set to private, this directory should not be accessible over the web. Changing this location will modify all download paths and may cause unexpected problems on an existing site.'),
'#after_build' => array('system_check_directory'),
);
$form['file_directory_temp'] = array(
'#type' => 'textfield',
'#title' => t('Temporary directory'),
'#default_value' => file_directory_temp(),
'#maxlength' => 255,
- '#description' => t('A file system path where uploaded files will be stored during previews.'),
+ '#description' => t('A file system path where temporary files may be stored.'),
'#after_build' => array('system_check_directory'),
);
$form['file_downloads'] = array(
'#type' => 'radios',
'#title' => t('Download method'),
'#default_value' => FILE_DOWNLOADS_PUBLIC,
'#options' => array(FILE_DOWNLOADS_PUBLIC => t('Public - files are available using HTTP directly.'), FILE_DOWNLOADS_PRIVATE => t('Private - files are transferred by Drupal.')),
'#description' => t('Choose the Public download method unless you wish to enforce fine-grained access controls over file downloads. Changing the download method will modify all download paths and may cause unexpected problems on an existing site.')
Index: modules/upload/upload.test
===================================================================
RCS file: /cvs/drupal/drupal/modules/upload/upload.test,v
retrieving revision 1.13
diff -u -9 -p -r1.13 upload.test
--- modules/upload/upload.test 22 Feb 2009 17:55:30 -0000 1.13
+++ modules/upload/upload.test 17 Mar 2009 20:57:07 -0000
@@ -69,27 +69,36 @@ class UploadTestCase extends DrupalWebTe
$this->assertNoText($upload->description, $upload->description . ' not found on node.');
// Delete a file.
$edit = array();
$edit['files[' . $upload->fid . '][remove]'] = TRUE;
$this->drupalPost('node/' . $node->nid . '/edit', $edit, t('Save'));
$this->assertRaw(t('Page %title has been updated.', array('%title' => $node->title)), 'File deleted successfully.');
$this->assertNoText($new_name, $new_name . ' not found on node.');
- $this->drupalGet($base_url . '/' . file_directory_path() . '/' . $upload->description, array('external' => TRUE));
+ $this->drupalGet(file_create_url($upload->description), array('external' => TRUE));
$this->assertResponse(array(404), 'Uploaded ' . $upload->description . ' is not accessible.');
}
else {
$this->fail('File upload record not found in database.');
}
}
/**
+ * Create node; upload files to node; and edit, and delete uploads, when
+ * file_directory_path contains a stream wrapper prefix.
+ */
+ function testNodeUploadWithStreamWrappers() {
+ $this->useStreamWrapper();
+ $this->testNodeUpload();
+ }
+
+ /**
* Ensure the the file filter works correctly by attempting to upload a non-allowed file extension.
*/
function testFilesFilter() {
$admin_user = $this->drupalCreateUser(array('administer site configuration'));
$web_user = $this->drupalCreateUser(array('access content', 'edit any page content', 'upload files', 'view uploaded files'));
$this->drupalLogin($admin_user);
// Setup upload settings.
@@ -189,20 +198,20 @@ class UploadTestCase extends DrupalWebTe
}
/**
* Check that uploaded file is accessible and verify the contents against the original.
*
* @param string $filename Name of file to verify.
*/
function checkUploadedFile($filename) {
global $base_url;
- $file = realpath(file_directory_path() . '/' . $filename);
- $this->drupalGet($base_url . '/' . file_directory_path() . '/' . $filename, array('external' => TRUE));
+ $file = file_directory_path() . '/' . $filename;
+ $this->drupalGet(file_create_url($file), array('external' => TRUE));
$this->assertResponse(array(200), 'Uploaded ' . $filename . ' is accessible.');
$this->assertEqual(file_get_contents($file), $this->drupalGetContent(), 'Uploaded contents of ' . $filename . ' verified.');
}
/**
* Get the role id of the 'simpletest' role associated with a SimpleTest test user.
*
* @param object $user User object.
* @return integer SimpleTest role id.
Index: modules/user/user.test
===================================================================
RCS file: /cvs/drupal/drupal/modules/user/user.test,v
retrieving revision 1.31
diff -u -9 -p -r1.31 user.test
--- modules/user/user.test 14 Mar 2009 23:01:38 -0000 1.31
+++ modules/user/user.test 17 Mar 2009 20:57:07 -0000
@@ -560,18 +560,30 @@ class UserPictureTestCase extends Drupal
// Check if file is located in proper directory.
$this->assertTrue(is_file($pic_path), t("File is located in proper directory"));
}
}
/**
* Do the test:
* GD Toolkit is installed
+ * Picture has invalid dimension
+ *
+ * results: The image should be uploaded because ImageGDToolkit resizes the picture
+ */
+ function testWithGDinvalidDimensionWithStreamWrapper() {
+ $this->useStreamWrapper();
+ $this->testWithGDinvalidDimension();
+ }
+
+ /**
+ * Do the test:
+ * GD Toolkit is installed
* Picture has invalid size
*
* results: The image should be uploaded because ImageGDToolkit resizes the picture
*/
function testWithGDinvalidSize() {
if ($this->_directory_test)
if (image_get_toolkit()) {
$this->drupalLogin($this->user);
@@ -596,19 +608,31 @@ class UserPictureTestCase extends Drupal
$this->assertRaw($text, t('File size cited as reason for failure.'));
// Check if file is not uploaded.
$this->assertFalse(is_file($pic_path), t('File was not uploaded.'));
}
}
/**
* Do the test:
- * GD Toolkit is not installed
+ * GD Toolkit is installed
+ * Picture has invalid size
+ *
+ * results: The image should be uploaded because ImageGDToolkit resizes the picture
+ */
+ function testWithGDinvalidSizeWithStreamWrapper() {
+ $this->useStreamWrapper();
+ $this->testWithGDinvalidSize();
+ }
+
+ /**
+ * Do the test:
+ * GD Toolkit is installed
* Picture has invalid size
*
* results: The image shouldn't be uploaded
*/
function testWithoutGDinvalidDimension() {
if ($this->_directory_test)
if (!image_get_toolkit()) {
$this->drupalLogin($this->user);
@@ -684,27 +708,39 @@ class UserPictureTestCase extends Drupal
// Set new variables: valid dimensions, valid filesize (0 = no limit).
$test_dim = ($info['width'] + 10) . 'x' . ($info['height'] + 10);
variable_set('user_picture_dimensions', $test_dim);
variable_set('user_picture_file_size', 0);
$pic_path = $this->saveUserPicture($image);
// Check if image is displayed in user's profile page.
$this->drupalGet('user');
- $this->assertRaw($pic_path, t("Image is displayed in user's profile page"));
+ $this->assertRaw(basename($pic_path), t("Image is displayed in user's profile page"));
// Check if file is located in proper directory.
$this->assertTrue(is_file($pic_path), t('File is located in proper directory'));
}
}
+
+ /**
+ * Do the test:
+ * Picture is valid (proper size and dimension)
+ *
+ * results: The image should be uploaded
+ */
+ function testPictureIsValidWithStreamWrapper() {
+ $this->useStreamWrapper();
+ $this->testPictureIsValid();
+ }
+
function saveUserPicture($image) {
- $edit = array('files[picture_upload]' => realpath($image->filepath));
+ $edit = array('files[picture_upload]' => $image->filepath);
$this->drupalPost('user/' . $this->user->uid.'/edit', $edit, t('Save'));
$img_info = image_get_info($image->filepath);
$picture_dir = variable_get('user_picture_path', 'pictures');
$pic_path = file_directory_path() . '/' . $picture_dir . '/picture-' . $this->user->uid . '.' . $img_info['extension'];
return $pic_path;
}
}