Page Menu
Home
c4science
Search
Configure Global Search
Log In
Files
F103185645
Test_File_Format.php.wml
No One
Temporary
Actions
Download File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Subscribers
None
File Metadata
Details
File Info
Storage
Attached
Created
Fri, Feb 28, 00:40
Size
6 KB
Mime Type
text/html
Expires
Sun, Mar 2, 00:40 (2 d)
Engine
blob
Format
Raw Data
Handle
24513379
Attached To
R3600 invenio-infoscience
Test_File_Format.php.wml
View Options
## $Id$
## This file is part of the CERN Document Server Software (CDSware).
## Copyright (C) 2002 CERN.
##
## The CDSware is free software; you can redistribute it and/or
## modify it under the terms of the GNU General Public License as
## published by the Free Software Foundation; either version 2 of the
## License, or (at your option) any later version.
##
## The CDSware is distributed in the hope that it will be useful, but
## WITHOUT ANY WARRANTY; without even the implied warranty of
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
## General Public License for more details.
##
## You should have received a copy of the GNU General Public License
## along with CDSware; if not, write to the Free Software Foundation, Inc.,
## 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA.
<?
<protect>
## $Id$
## DO NOT EDIT THIS FILE! IT WAS AUTOMATICALLY GENERATED FROM CDSware WML SOURCES.
## Description: function Test_File_Format
## This function checks if the file format indicated by
## the user is the same as the actual format of the file
## which was transfered
## Author: T.Baron
## PARAMETERS: formatFTT
function Test_File_Format($param_array,$MAINPATH)
{
global $STORAGE,$GFILE;
// If $GFILE is not set, the function returns TRUE by default
if ($GFILE == "")
{
// the formatfTT parameter stores the name of the file in which the
// format of the last uploaded file has been stored.
$formatfile = $param_array['formatFTT'];
//get the details concerning the last uploaded file
if (file_exists("$MAINPATH/lastuploadedfile"))
{
$fp = fopen("$MAINPATH/lastuploadedfile","r");
$file_name = fread($fp,filesize("$MAINPATH/lastuploadedfile"));
fclose($fp);
//set command variable for system call
$cmd ="$GFILE $MAINPATH/files/$file_name";
// Unix system call to gfile program using popen so output not echoed
// to the screen
$gfile = popen("$cmd","r");
$result = fgets($gfile,1000);
pclose($gfile);
//output for supervisor mode
Request_Print("S","Result from gfile on uploaded file is :$result");
//test is not an .exe file.
if(eregi("executable",$result))
{
// exe file detected, delete the file
print "<SCRIPT>alert(\"The file you have just uploaded was an"
. " EXECUTABLE FILE.\\nIt has been deleted\");</SCRIPT>";
unlink("$MAINPATH/files/$file_name");
unlink("$MAINPATH/lastuploadedfile");
}
//Get the format
chdir("$MAINPATH");
//get Format of last uploaded file
if (is_file("FormatHTML"))
{
$fd = fopen( "FormatHTML", "r" );
$file_format = fread( $fd, filesize( "FormatHTML" ));
fclose( $fd );
}
elseif (is_file("JPEGFormat"))
{
$fd = fopen( "JPEGFormat", "r" );
$file_format = fread( $fd, filesize( "JPEGFormat" ));
fclose( $fd );
}
elseif (is_file("FormatMMD"))
{
$fd = fopen( "FormatMMD", "r" );
$file_format = fread( $fd, filesize( "FormatMMD" ));
fclose( $fd );
}
elseif (is_file("PrepFormat"))
{
$fd = fopen( "PrepFormat", "r" );
$file_format = fread( $fd, filesize( "PrepFormat" ));
fclose( $fd );
}
elseif (is_file("PFormat"))
{
$fd = fopen( "PFormat", "r" );
$file_format = fread( $fd, filesize( "PFormat" ));
fclose( $fd );
}
elseif (is_file("Format"))
{
$fd = fopen( "Format", "r" );
$file_format = fread( $fd, filesize( "Format" ));
fclose( $fd );
}
elseif (is_file("PhotoFormat"))
{
$fd = fopen( "PhotoFormat", "r" );
$file_format = fread( $fd, filesize( "PhotoFormat" ));
fclose( $fd );
}
elseif (is_file("$formatfile"))
{
$fd = fopen( "$formatfile", "r" );
$file_format = fread( $fd, filesize( "$formatfile" ));
fclose( $fd );
}
else
$file_format = "unknown";
// call database for expected text from result of gfile call on the
// document
// query database
$db_result = mysql_query("
SELECT result
FROM sbmGFILERESULT
WHERE FORMAT = '$file_format'");
$expected_result = mysql_fetch_row($db_result);
$checked_results=$expected_result[0];
while($expected_result[0]!="")
{
// if a result was found compare expected result from actual
// result of gfile on uploaded file
if(strstr($result, $expected_result[0]))
{
// if there is a match as expected then ok
Request_Print("s","\n<BR>File was a $file_format file as ".
"expected");
$testflag = 1;
}
$expected_result = mysql_fetch_row($db_result);
$checked_results = "$checked_results\n$expected_result[0]";
}
if($testflag != 1)
{
// if not correct expected format inform CDS Support
// of possible error.
$mail_alert="\nA strange file format has been uploaded to".
" the CDS WebSubmit system".
"\n\nThe file:$STORAGE/$file_path$file_name".
"\nClaimed to be a $file_format file.".
"\n\nGfile program gave the result:$result \n\nChecked Results".
" from Table sbmGFILERESULT\n\n$checked_results ".
"\n\nPlease check this file and if the format is correct add".
" the new result to the".
"\nTable sbmGFILERESULT";
mail(ADMIN_EMAIL,"Bad File Format Submitted via CDS WebSubmit",$mail_alert,
"From: ".SUPPORTEMAIL.
"\nX-Mailer: PHP/" . phpversion());
}
}
}
}
</protect>
?>
Event Timeline
Log In to Comment