FileStorage.php 7.41 KB
Newer Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
<?php

namespace Drupal\Component\PhpStorage;

/**
 * Stores the code as regular PHP files.
 */
class FileStorage implements PhpStorageInterface {

  /**
   * The directory where the files should be stored.
   *
   * @var string
   */
  protected $directory;

  /**
   * Constructs this FileStorage object.
   *
20
   * @param array $configuration
21
22
   *   An associative array, containing at least these two keys:
   *   - directory: The directory where the files should be stored.
23
24
   *   - bin: The storage bin. Multiple storage objects can be instantiated with
   *     the same configuration, but for different bins..
25
26
27
28
29
30
   */
  public function __construct(array $configuration) {
    $this->directory = $configuration['directory'] . '/' . $configuration['bin'];
  }

  /**
31
   * {@inheritdoc}
32
33
34
35
36
37
   */
  public function exists($name) {
    return file_exists($this->getFullPath($name));
  }

  /**
38
   * {@inheritdoc}
39
40
41
42
43
44
45
46
   */
  public function load($name) {
    // The FALSE returned on failure is enough for the caller to handle this,
    // we do not want a warning too.
    return (@include_once $this->getFullPath($name)) !== FALSE;
  }

  /**
47
   * {@inheritdoc}
48
49
50
   */
  public function save($name, $code) {
    $path = $this->getFullPath($name);
51
    $directory = dirname($path);
52
    $this->ensureDirectory($directory);
53
54
55
    return (bool) file_put_contents($path, $code);
  }

56
57
58
59
  /**
   * Returns the standard .htaccess lines that Drupal writes to file directories.
   *
   * @param bool $private
60
   *   (optional) Set to FALSE to return the .htaccess lines for an open and
61
62
63
64
65
   *   public directory. The default is TRUE, which returns the .htaccess lines
   *   for a private and protected directory.
   *
   * @return string
   *   The desired contents of the .htaccess file.
66
67
   *
   * @see file_create_htaccess()
68
69
70
71
   */
  public static function htaccessLines($private = TRUE) {
    $lines = <<<EOF
# Turn off all options we don't need.
72
Options -Indexes -ExecCGI -Includes -MultiViews
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87

# Set the catch-all handler to prevent scripts from being executed.
SetHandler Drupal_Security_Do_Not_Remove_See_SA_2006_006
<Files *>
  # Override the handler again if we're run later in the evaluation list.
  SetHandler Drupal_Security_Do_Not_Remove_See_SA_2013_003
</Files>

# If we know how to do it safely, disable the PHP engine entirely.
<IfModule mod_php5.c>
  php_flag engine off
</IfModule>
EOF;

    if ($private) {
88
89
90
91
92
93
94
95
96
97
      $lines = <<<EOF
# Deny all requests from Apache 2.4+.
<IfModule mod_authz_core.c>
  Require all denied
</IfModule>

# Deny all requests from Apache 2.0-2.2.
<IfModule !mod_authz_core.c>
  Deny from all
</IfModule>
98
99
$lines
EOF;
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
    }

    return $lines;
  }

  /**
   * Ensures the directory exists, has the right permissions, and a .htaccess.
   *
   * For compatibility with open_basedir, the requested directory is created
   * using a recursion logic that is based on the relative directory path/tree:
   * It works from the end of the path recursively back towards the root
   * directory, until an existing parent directory is found. From there, the
   * subdirectories are created.
   *
   * @param string $directory
   *   The directory path.
   * @param int $mode
   *   The mode, permissions, the directory should have.
   */
  protected function ensureDirectory($directory, $mode = 0777) {
    if ($this->createDirectory($directory, $mode)) {
121
      $htaccess_path = $directory . '/.htaccess';
122
123
124
125
126
127
      if (!file_exists($htaccess_path) && file_put_contents($htaccess_path, static::htaccessLines())) {
        @chmod($htaccess_path, 0444);
      }
    }
  }

128
  /**
129
130
131
132
133
134
135
   * Ensures the requested directory exists and has the right permissions.
   *
   * For compatibility with open_basedir, the requested directory is created
   * using a recursion logic that is based on the relative directory path/tree:
   * It works from the end of the path recursively back towards the root
   * directory, until an existing parent directory is found. From there, the
   * subdirectories are created.
136
137
138
139
140
   *
   * @param string $directory
   *   The directory path.
   * @param int $mode
   *   The mode, permissions, the directory should have.
141
142
143
144
145
   * @param bool $is_backwards_recursive
   *   Internal use only.
   *
   * @return bool
   *   TRUE if the directory exists or has been created, FALSE otherwise.
146
   */
147
  protected function createDirectory($directory, $mode = 0777, $is_backwards_recursive = FALSE) {
148
149
150
151
152
153
154
155
156
157
158
159
160
161
    // If the directory exists already, there's nothing to do.
    if (is_dir($directory)) {
      return TRUE;
    }
    // Otherwise, try to create the directory and ensure to set its permissions,
    // because mkdir() obeys the umask of the current process.
    if (is_dir($parent = dirname($directory))) {
      // If the parent directory exists, then the backwards recursion must end,
      // regardless of whether the subdirectory could be created.
      if ($status = mkdir($directory)) {
        // Only try to chmod() if the subdirectory could be created.
        $status = chmod($directory, $mode);
      }
      return $is_backwards_recursive ? TRUE : $status;
162
    }
163
164
165
166
167
    // If the parent directory and the requested directory does not exist and
    // could not be created above, walk the requested directory path back up
    // until an existing directory is hit, and from there, recursively create
    // the sub-directories. Only if that recursion succeeds, create the final,
    // originally requested subdirectory.
168
    return $this->createDirectory($parent, $mode, TRUE) && mkdir($directory) && chmod($directory, $mode);
169
170
  }

171
  /**
172
   * {@inheritdoc}
173
174
175
   */
  public function delete($name) {
    $path = $this->getFullPath($name);
176
177
178
179
    if (file_exists($path)) {
      return $this->unlink($path);
    }
    return FALSE;
180
181
182
  }

  /**
183
   * {@inheritdoc}
184
   */
185
  public function getFullPath($name) {
186
187
    return $this->directory . '/' . $name;
  }
188
189

  /**
190
   * {@inheritdoc}
191
   */
192
  public function writeable() {
193
194
195
196
    return TRUE;
  }

  /**
197
   * {@inheritdoc}
198
   */
199
200
  public function deleteAll() {
    return $this->unlink($this->directory);
201
202
203
  }

  /**
204
205
206
207
208
209
210
211
212
   * Deletes files and/or directories in the specified path.
   *
   * If the specified path is a directory the method will
   * call itself recursively to process the contents. Once the contents have
   * been removed the directory will also be removed.
   *
   * @param string $path
   *   A string containing either a file or directory path.
   *
213
   * @return bool
214
215
   *   TRUE for success or if path does not exist, FALSE in the event of an
   *   error.
216
   */
217
  protected function unlink($path) {
218
    if (file_exists($path)) {
219
      if (is_dir($path)) {
220
        // Ensure the folder is writable.
221
222
223
224
        @chmod($path, 0777);
        foreach (new \DirectoryIterator($path) as $fileinfo) {
          if (!$fileinfo->isDot()) {
            $this->unlink($fileinfo->getPathName());
225
226
227
228
          }
        }
        return @rmdir($path);
      }
229
230
      // Windows needs the file to be writable.
      @chmod($path, 0700);
231
      return @unlink($path);
232
    }
233
234
    // If there's nothing to delete return TRUE anyway.
    return TRUE;
235
  }
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254

  /**
   * {@inheritdoc}
   */
  public function listAll() {
    $names = array();
    if (file_exists($this->directory)) {
      foreach (new \DirectoryIterator($this->directory) as $fileinfo) {
        if (!$fileinfo->isDot()) {
          $name = $fileinfo->getFilename();
          if ($name != '.htaccess') {
            $names[] = $name;
          }
        }
      }
    }
    return $names;
  }

255
256
257
258
259
260
  /**
   * {@inheritdoc}
   */
  public function garbageCollection() {
  }

261
}