|
static | _checkSVG ($fp, $from, $to) |
|
static | _checkXML ($fp, $from, $to) |
|
static | _checkHTML ($fp, $from, $to) |
|
static | _matchStream ($regexp, $fp, $from, $to, $block_size=16384, $overlap_size=1024) |
|
- Copyright
- Rhymix Developers and Contributors https://github.com/rhymix/rhymix
Definition at line 6 of file UploadFileFilter.class.php.
static UploadFileFilter::_checkHTML |
( |
|
$fp, |
|
|
|
$from, |
|
|
|
$to |
|
) |
| |
|
staticprotected |
Check HTML file for PHP code, server-side includes, and other nastiness.
- Parameters
-
resource | $fp | |
int | $from | |
int | $to | |
- Returns
- bool
Definition at line 111 of file UploadFileFilter.class.php.
static UploadFileFilter::_checkSVG |
( |
|
$fp, |
|
|
|
$from, |
|
|
|
$to |
|
) |
| |
|
staticprotected |
Check SVG file for XSS or SSRF vulnerabilities (#1088, #1089)
- Parameters
-
resource | $fp | |
int | $from | |
int | $to | |
- Returns
- bool
Definition at line 71 of file UploadFileFilter.class.php.
static UploadFileFilter::_checkXML |
( |
|
$fp, |
|
|
|
$from, |
|
|
|
$to |
|
) |
| |
|
staticprotected |
Check XML file for external entity inclusion.
- Parameters
-
resource | $fp | |
int | $from | |
int | $to | |
- Returns
- bool
Definition at line 93 of file UploadFileFilter.class.php.
static UploadFileFilter::_matchStream |
( |
|
$regexp, |
|
|
|
$fp, |
|
|
|
$from, |
|
|
|
$to, |
|
|
|
$block_size = 16384 , |
|
|
|
$overlap_size = 1024 |
|
) |
| |
|
staticprotected |
Match a stream against a regular expression.
This method is useful when dealing with large files, because we don't need to load the entire file into memory. We allow a generous overlap in case the matching string occurs across a block boundary.
- Parameters
-
string | $regexp | |
resource | $fp | |
int | $from | |
int | $to | |
int | $block_size | (optional) |
int | $overlap_size | (optional) |
- Returns
- bool
Definition at line 137 of file UploadFileFilter.class.php.
static UploadFileFilter::check |
( |
|
$file, |
|
|
|
$filename = null |
|
) |
| |
|
static |
The documentation for this class was generated from the following file: