openinfra
/
openstackid-resources
Code Issues Proposed changes

Fix error on multipart parsing 

Change-Id: I2d02d890ddbaf03f47c700a530b4d261027642ff
This commit is contained in:
smarcet 2019-04-25 15:22:02 -03:00
parent 06572735fd
commit eedb771250
3 changed files with 65 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
app/Http/Controllers/Apis/Protected/Summit/OAuth2PresentationApiController.php
View File

@ -11,7 +11,6 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
use libs\utils\HTMLCleaner;
use models\exceptions\EntityNotFoundException;
use models\exceptions\ValidationException;
@ -29,7 +28,6 @@ use models\utils\IEntity;
use ModelSerializers\SerializerRegistry;
use services\model\IPresentationService;
use utils\ParseMultiPartFormDataInputStream;
/**
* Class OAuth2PresentationApiController
* @package App\Http\Controllers
@ -682,18 +680,20 @@ final class OAuth2PresentationApiController extends OAuth2ProtectedController
if (false !== $pos = strpos($content_type, ';')) {
$content_type = substr($content_type, 0, $pos);
}
if(!strstr($content_type, 'multipart/form-data'))
return $this->error400();
$parser = new ParseMultiPartFormDataInputStream(file_get_contents('php://input'));
$input = $parser->getInput();
$data = $input['parameters'];
$files = $input['files'];
$file = null;
if(isset($files['file']))
$file = $files['file'];
$file = null;
$data = $request->all();
Log::debug("updatePresentationSlide: data ".var_dump($data));
if(strstr($content_type, 'multipart/form-data')) {
Log::debug("updatePresentationSlide: has multipart/form-data");
$parser = new ParseMultiPartFormDataInputStream(file_get_contents('php://input'));
$input = $parser->getInput();
Log::debug("updatePresentationSlide: input ".var_dump($input));
$data = $input['parameters'];
$files = $input['files'];
$file = null;
if (isset($files['file']))
$file = $files['file'];
}
$rules = [
'link' => 'nullable|url',

12
app/Http/Utils/ParseMultiPartFormDataInputStream.php
View File

@ -233,21 +233,19 @@ final class ParseMultiPartFormDataInputStream
*/
private function parameter($string)
{
$data = [];
$string = trim($string);
if(empty($string)) return $data;
if ( preg_match('/name=\"([^\"]*)\"[\n|\r]+([^\n\r].*)?\r$/s', $string, $match) ) {
$data = [];
if ( preg_match('/name=\"(.*)\"\n*(.*)$/s', $string, $match) ) {
if (preg_match('/^(.*)\[\]$/i', $match[1], $tmp)) {
$data[$tmp[1]][] = (count($match) >=2 && $match[2] !== NULL ? $match[2] : '');
$data[$tmp[1]][] = ($match[2] !== NULL ? $match[2] : '');
} else {
$data[$match[1]] = (count($match) >=2 && $match[2] !== NULL ? $match[2] : '');
$data[$match[1]] = ($match[2] !== NULL ? $match[2] : '');
}
}
return $data;
}
/**
* @function merge
* @param $array array

46
tests/ParseMultiPartFormDataInputStreamTest.php
View File

@ -35,4 +35,50 @@ DATA;
}
public function testParseAttributes(){
$input = <<<DATA
------WebKitFormBoundarySPB0RLYHwOEptxHU
Content-Disposition: form-data; name="file"; filename="clint-eastwood_gettyimages-119202692jpg.jpg"
Content-Type: image/jpeg
------WebKitFormBoundarySPB0RLYHwOEptxHU
Content-Disposition: form-data; name="class_name"
PresentationSlide
------WebKitFormBoundarySPB0RLYHwOEptxHU
Content-Disposition: form-data; name="name"
tets1 update update
------WebKitFormBoundarySPB0RLYHwOEptxHU
Content-Disposition: form-data; name="description"
<p>test1</p>
------WebKitFormBoundarySPB0RLYHwOEptxHU
Content-Disposition: form-data; name="featured"
false
------WebKitFormBoundarySPB0RLYHwOEptxHU
Content-Disposition: form-data; name="display_on_site"
false
------WebKitFormBoundarySPB0RLYHwOEptxHU
Content-Disposition: form-data; name="link"
https://www.google.com
------WebKitFormBoundarySPB0RLYHwOEptxHU--
DATA;
$_SERVER['CONTENT_TYPE'] = 'multipart/form-data; boundary=----WebKitFormBoundarySPB0RLYHwOEptxHU';
$parser = new \utils\ParseMultiPartFormDataInputStream($input);
$res = $parser->getInput();
$this->assertTrue(isset($res['parameters']));
$this->assertTrue(count($res['parameters']) > 0);
}
}