1 | <cfsetting enablecfoutputonly="Yes"> |
---|
2 | <!--- |
---|
3 | * FCKeditor - The text editor for Internet - http://www.fckeditor.net |
---|
4 | * Copyright (C) 2003-2009 Frederico Caldeira Knabben |
---|
5 | * |
---|
6 | * == BEGIN LICENSE == |
---|
7 | * |
---|
8 | * Licensed under the terms of any of the following licenses at your |
---|
9 | * choice: |
---|
10 | * |
---|
11 | * - GNU General Public License Version 2 or later (the "GPL") |
---|
12 | * http://www.gnu.org/licenses/gpl.html |
---|
13 | * |
---|
14 | * - GNU Lesser General Public License Version 2.1 or later (the "LGPL") |
---|
15 | * http://www.gnu.org/licenses/lgpl.html |
---|
16 | * |
---|
17 | * - Mozilla Public License Version 1.1 or later (the "MPL") |
---|
18 | * http://www.mozilla.org/MPL/MPL-1.1.html |
---|
19 | * |
---|
20 | * == END LICENSE == |
---|
21 | * |
---|
22 | * This file include generic functions used by the ColdFusion Connector (MX 6.0 and above). |
---|
23 | ---> |
---|
24 | |
---|
25 | <cffunction name="RemoveFromStart" output="false" returntype="String"> |
---|
26 | <cfargument name="sourceString" type="String"> |
---|
27 | <cfargument name="charToRemove" type="String"> |
---|
28 | |
---|
29 | <cfif left(ARGUMENTS.sourceString, 1) eq ARGUMENTS.charToRemove> |
---|
30 | <cfreturn mid( ARGUMENTS.sourceString, 2, len(ARGUMENTS.sourceString) -1 )> |
---|
31 | </cfif> |
---|
32 | |
---|
33 | <cfreturn ARGUMENTS.sourceString> |
---|
34 | </cffunction> |
---|
35 | |
---|
36 | <cffunction name="RemoveFromEnd" output="false" returntype="String"> |
---|
37 | <cfargument name="sourceString" type="String"> |
---|
38 | <cfargument name="charToRemove" type="String"> |
---|
39 | |
---|
40 | <cfif right(ARGUMENTS.sourceString, 1) eq ARGUMENTS.charToRemove> |
---|
41 | <cfreturn mid( ARGUMENTS.sourceString, 1, len(ARGUMENTS.sourceString) -1 )> |
---|
42 | </cfif> |
---|
43 | |
---|
44 | <cfreturn ARGUMENTS.sourceString> |
---|
45 | </cffunction> |
---|
46 | |
---|
47 | <!--- |
---|
48 | Check file content. |
---|
49 | Currently this function validates only image files. |
---|
50 | Returns false if file is invalid. |
---|
51 | detectionLevel: |
---|
52 | 0 = none |
---|
53 | 1 = check image size for images, |
---|
54 | 2 = use DetectHtml for images |
---|
55 | ----> |
---|
56 | <cffunction name="IsImageValid" returntype="boolean" output="true"> |
---|
57 | <cfargument name="filePath" required="true" type="String"> |
---|
58 | <cfargument name="extension" required="true" type="String"> |
---|
59 | |
---|
60 | <cfset var imageCFC = ""> |
---|
61 | <cfset var imageInfo = ""> |
---|
62 | |
---|
63 | <cfif not ListFindNoCase("gif,jpeg,jpg,png,swf,psd,bmp,iff,tiff,tif,swc,jpc,jp2,jpx,jb2,xmb,wbmp", ARGUMENTS.extension)> |
---|
64 | <cfreturn true> |
---|
65 | </cfif> |
---|
66 | |
---|
67 | <cftry> |
---|
68 | <cfif REQUEST.CFVersion gte 8> |
---|
69 | <cfset objImage = ImageRead(ARGUMENTS.filePath) > |
---|
70 | <cfset imageInfo = ImageInfo(objImage)> |
---|
71 | <!--- <cfimage action="info" source="#ARGUMENTS.filePath#" structName="imageInfo" /> ---> |
---|
72 | <cfelse> |
---|
73 | <cfset imageCFC = createObject("component", "image")> |
---|
74 | <cfset imageInfo = imageCFC.getImageInfo("", ARGUMENTS.filePath)> |
---|
75 | </cfif> |
---|
76 | |
---|
77 | <cfif imageInfo.height lte 0 or imageInfo.width lte 0> |
---|
78 | <cfreturn false> |
---|
79 | </cfif> |
---|
80 | <cfcatch type="any"> |
---|
81 | <cfreturn false> |
---|
82 | </cfcatch> |
---|
83 | </cftry> |
---|
84 | |
---|
85 | <cfreturn true> |
---|
86 | </cffunction> |
---|
87 | |
---|
88 | <!--- |
---|
89 | Detect HTML in the first KB to prevent against potential security issue with |
---|
90 | IE/Safari/Opera file type auto detection bug. |
---|
91 | Returns true if file contain insecure HTML code at the beginning. |
---|
92 | ---> |
---|
93 | <cffunction name="DetectHtml" output="false" returntype="boolean"> |
---|
94 | <cfargument name="filePath" required="true" type="String"> |
---|
95 | |
---|
96 | <cfset var tags = "<body,<head,<html,<img,<pre,<script,<table,<title"> |
---|
97 | <cfset var chunk = lcase( Trim( BinaryFileRead( ARGUMENTS.filePath, 1024 ) ) )> |
---|
98 | |
---|
99 | <cfif not Len(chunk)> |
---|
100 | <cfreturn false> |
---|
101 | </cfif> |
---|
102 | |
---|
103 | <cfif refind('<!doctype\W*x?html', chunk)> |
---|
104 | <cfreturn true> |
---|
105 | </cfif> |
---|
106 | |
---|
107 | <cfloop index = "tag" list = "#tags#"> |
---|
108 | <cfif find( tag, chunk )> |
---|
109 | <cfreturn true> |
---|
110 | </cfif> |
---|
111 | </cfloop> |
---|
112 | |
---|
113 | <!--- type = javascript ---> |
---|
114 | <cfif refind('type\s*=\s*[''"]?\s*(?:\w*/)?(?:ecma|java)', chunk)> |
---|
115 | <cfreturn true> |
---|
116 | </cfif> > |
---|
117 | |
---|
118 | <!--- href = javascript ---> |
---|
119 | <!--- src = javascript ---> |
---|
120 | <!--- data = javascript ---> |
---|
121 | <cfif refind('(?:href|src|data)\s*=\s*[\''"]?\s*(?:ecma|java)script:', chunk)> |
---|
122 | <cfreturn true> |
---|
123 | </cfif> |
---|
124 | |
---|
125 | <!--- url(javascript ---> |
---|
126 | <cfif refind('url\s*\(\s*[\''"]?\s*(?:ecma|java)script:', chunk)> |
---|
127 | <cfreturn true> |
---|
128 | </cfif> |
---|
129 | |
---|
130 | <cfreturn false> |
---|
131 | </cffunction> |
---|