Merge pull request #18 from MayMeow/dev/version-2-patch3

May · web-flow · commit 3fac02586a0b · 2023-12-26T16:39:52.000+01:00
Removedrestricted characters from filenames before uploading
diff --git a/README.md b/README.md
@@ -1,9 +1,14 @@
 # 🆙 FileUpload plugin for CakePHP
 
-Cakephp plugin to upload files to storage and download them. Currently are supported:
+:warning: This is readme for version 2.x. For 1.x go to [v1.1.2](https://github.com/MayMeow/cakephp-fileupload/tree/v1.1.2) release.
 
-- Local storage
-- S3 Compatible storage
+### :stop_sign: Breaking changes (read before use)
+
+Version 2.x is not compatibile with cakephp lower than 5.x and it is not backward compatibile with previous releases of this plugins.
+
+- S3 storage support was removed (will be added in future relases)
+- Bunny CND storage support was added
+- All components and Managers was rewritten.
 
 And supported actions are upload and download.
 
@@ -16,152 +21,92 @@ The recommended way to install composer packages is:
 ## 🐘 From packagist
 
 ```
-composer require maymeow/file-upload
+composer require maymeow/file-upload "^2.0.0"
 ```
 
 ## Usage
 
-To load plugin addd to `Application.php`
+Add configuration somewhere to your config files
 
 ```php
-$this->addPlugin('FileUpload');
+'Storage' => [
+    'defaultStorageType' => env('STORAGE_DEFAULT_STORAGE_TYPE', 'local'),
+    'local' => [
+        'managerClass' => LocalStorageManager::class,
+        'storagePath' => env('STORAGE_LOCAL_STORAGE_PATH', ROOT . DS . 'storage' . DS),
+    ],
+    'bunny' => [
+        'managerClass' => BunnyStorageManager::class,
+        'cdnDomain' => env('BUNNY_STORAGE_CDN_DOMAIN', ''), // your cnd url
+        'region' => env('BUNNY_STORAGE_REGION', ''), // region, empty is DE
+        'baseHostName' => 'storage.bunnycdn.com', // base host name not changeable
+        'storageZone' => env('BUNNY_STORAGE_ZONE', ''), // your storage zone name
+        'storageZonePath' => env('BUNNY_STORAGE_ZONE_PATH', ''), // folder in zono
+        'accessKey' => env('BUNNY_STORAGE_ACCESS_KEY', ''), // API key for write access
+    ]
+]
 ```
 
-Next load it in controllers where you want to use it. To use default config
+For bunny cdn minimal configuration is to have folowing keys configured
 
-```php
-public function initialize(): void
-{
-    parent::initialize();
-    $this->loadComponent('FileUpload.Upload');
-    $this->loadComponent('FileUpload.Dowmload'); // in case you wan to download files
-}
+```ini
+BUNNY_STORAGE_ACCESS_KEY=
+BUNNY_STORAGE_CDN_DOMAIN=
+BUNNY_STORAGE_ZONE=
 ```
 
-## Using local storage
+If you need/want nginx to server your static files without PHP set `STORAGE_LOCAL_STORAGE_PATH` location to whe webroot folder.
 
-Commands above are loaded with default configuration:
-- Using Local filesystem: type is set to `local`
-- Data are stored in `sotrage` folder in root of your application - This folder is not public and cannot be served directly from webserver. You need to use `DownloadComponent` to get files
-- Field name for uploading files is `uploaded_file`
-- Allowed are all file types
+Load plugin with adding
 
 ```php
-public function initialize(): void
-{
-    parent::initialize();
-    $this->loadComponent('FileUpload.Upload', [
-        'fieldName' => 'your_form_file_field',
-        'storagePath' => 'path_to_storage',
-        'allowedFileTypes' => '*'
-    ]);
-}
+$this->addPlugin('FileUpload'); // in your Application.php bootstrap function
 ```
 
-For `allowedFileTypes` use `'allowedFileTypes' => '*'` for all file types or `'allowedFileTypes' => ['type1', 'type2']` for your expected file types. If file have not allowed type Component will throw `Cake\Http\Exception\HttpException`.
-
-Using local storage (default option) you can use default config but do not forge to change allowed file types and form field nam from which you uploading file to server.
-
-## Using S3 storage
-
-For S3 storage configuration is pretty same as configuration above, but you have to change type to `s3` instead of `local` which is default as follows
+or you can add your plugin with `plugins.php` config file
 
 ```php
-public function initialize(): void
-{
-    parent::initialize();
-    $this->loadComponent('FileUpload.Upload', [
-        'fieldName' => 'your_form_file_field',
-        'storagePath' => 'bucket_name',
-        'storage_type' => 's3'
-    ]);
-}
+return [
+    // .. your other plugins
+    'FileUpload' => [],
+];
 ```
 
-:exclamation: Dont forget to change configuration for `DownloadComponent` too if you planing using it.
-
-Next add configuration for s3 server to your config file `app_local.php` for example as follows:
+Loading components
 
 ```php
-'S3' => [
-    'version' => 'latest',
-    'region'  => 'us-east-1',
-    'endpoint' => 'http://cake_minio:9000',
-    'use_path_style_endpoint' => true,
-    'credentials' => [
-        'key'    => 'minioadmin',
-        'secret' => 'minioadmin',
-    ],
-]
-```
+$config = Configure::read('Storage.local'); // or Storage.bunny
 
-Config above is for using minio with my [CakePHP starte kit](https://github.com/MayMeow/cakephp-starter-kit). Change it for your needs.
+// or by setting it with .env STORAGE_DEFAULT_STORAGE_TYPE
+$storageType = Configure::read('Storage.defaultStorageType');
+$config = Configure::read('Storage.' . $storageType); 
 
+$this->loadComponent('FileUpload.Upload', $config);
+$this->loadComponent('FileUpload.Download', $config);
+```
 
-## Uploading files
-
+Uploading files
 
 ```php
-/**
- * @throws \HttpException
- * @return \Cake\Http\Response|null|void
- */
-public function upload()
-{
-    $uploadForm = new UploadForm();
-
-    if ($this->request->is('post')) {
-        $uploadedFile = $this->Upload->getFile($this->request);
-
-        // Create new Entity and store info about uploaded file
-        $file = $this->Files->newEmptyEntity();
-
-        $file->name = $uploadedFile->getFileName();
-        $file->path = $uploadedFile->getPath();
-
-        $this->Files->save($file);
+$file = $this->Upload->getFile($this);
+// do something with file
 
-        return $this->redirect($this->referer());
-    }
-
-    $this->set(compact('uploadForm'));
-}
+// store your file name in database
+$file->getFileName(); // sanitized file name - with removed restricted characters in the name
 ```
 
-## Downloading files
-
-
 ```php
-/**
- * @param string $fileName
- * @return \Cake\Http\Response|void
- */
-public function download($fileName)
-{
-    $downloadedFile = $this->Download->getFile($fileName);
-
-    $response = $this->response;
-    $response = $response->withStringBody($downloadedFile->getFileContent());
-    $response = $response->withType($downloadedFile->getFileType());
-
-    if ($this->request->getParam('?.download') == true) {
-        $response = $response->withDownload($fileName);
-    }
-
-    return $response;
-}
+$file = $this->Download->getFile($resource->name);
+// do something with file
 ```
 
-## 🎯 Direction
+:memo: Note that the function above will read content of file and you then need to use response to push it to the viewer. If you want to do it without using PHP you will need to get URL of file and if you using local storage manager your folder need to be in webrootfolder.
 
-* [x] Configurable field name
-* [x] Configurable path to storage
-* [x] Allowed file types
-* [x] Add S3 Support
-* [ ] Multiple file upload
-* [ ] File Size
+```php
+$file->get('storagePath'); // local: /patht/to/sorage or bunny: https://cdn.your.tld/path/to/folder/
+// combine it with filename from your database go download it
+```
 
-💡 If you have more ideas then you can post issue on porect's GitHub page.
 
 ## License
 
diff --git a/src/Controller/Component/UploadComponent.php b/src/Controller/Component/UploadComponent.php
@@ -25,7 +25,7 @@ class UploadComponent extends Component
     ];
 
     /**
-     * Allowed storage types
+     * Allowed stoage types
      *
      * @var string[]
      */
diff --git a/src/File/PathUtils.php b/src/File/PathUtils.php
@@ -0,0 +1,19 @@
+<?php
+declare(strict_types=1);
+
+namespace FileUpload\File;
+
+use Cake\Utility\Text;
+
+class PathUtils
+{
+    public static function fileNameSanitize(string $filename): string
+    {
+        // get extension even if filename has multiple dots
+        $ext = pathinfo($filename, PATHINFO_EXTENSION);
+        $filename = pathinfo($filename, PATHINFO_FILENAME);
+        $filename = Text::slug($filename);
+
+        return $filename . '.' . $ext;
+    }
+}
diff --git a/src/File/UploadedFileDecorator.php b/src/File/UploadedFileDecorator.php
@@ -28,4 +28,13 @@ public function get(string $key): string
     {
         return $this->options[$key] ?? "";
     }
+
+    public function getFileName(): string
+    {
+        if (isset($this->options['fileName'])) {
+            return $this->options['fileName'];
+        }
+
+        return $this->originalData->getClientFilename();
+    }
 }
diff --git a/src/Storage/BunnyStorageManager.php b/src/Storage/BunnyStorageManager.php
@@ -3,6 +3,7 @@
 
 namespace FileUpload\Storage;
 
+use FileUpload\File\PathUtils;
 use FileUpload\File\StoredFile;
 use FileUpload\File\StoredFileInterface;
 use FileUpload\File\UploadedFileDecorator;
@@ -22,7 +23,10 @@ public function put(UploadedFileInterface $fileObject): UploadedFileDecorator
     {
         $accessKey = $this->getConfig('accessKey');
         $hostname = (!empty($this->getConfig('region'))) ? $this->getConfig('region') . '.' . $this->getConfig('baseHostName') : $this->getConfig('baseHostName');
-        $url = $this->composeUrl($hostname, $this->getConfig('storageZone'), $this->getConfig('storageZonePath'), $fileObject->getClientFilename());
+
+        $fileName = PathUtils::fileNameSanitize($fileObject->getClientFilename());
+
+        $url = $this->composeUrl($hostname, $this->getConfig('storageZone'), $this->getConfig('storageZonePath'), $fileName);
 
         $ch = curl_init();
 
@@ -49,7 +53,8 @@ public function put(UploadedFileInterface $fileObject): UploadedFileDecorator
         }
 
         $file = new UploadedFileDecorator($fileObject, self::STORAGE_TYPE, [
-            'storagePath' => $this->composeUrl($this->getConfig('cdnDomain'))
+            'storagePath' => $this->composeUrl($this->getConfig('cdnDomain'), $this->getConfig('storageZonePath')),
+            'fileName' => $fileName,
         ]);
 
         return $file;
diff --git a/src/Storage/LocalStorageManager.php b/src/Storage/LocalStorageManager.php
@@ -3,6 +3,7 @@
 
 namespace FileUpload\Storage;
 
+use FileUpload\File\PathUtils;
 use FileUpload\File\StoredFile;
 use FileUpload\File\StoredFileInterface;
 use FileUpload\File\UploadedFileDecorator;
@@ -19,10 +20,12 @@ class LocalStorageManager extends StorageManager
      */
     public function put(UploadedFileInterface $fileObject): UploadedFileDecorator
     {   
-        $fileObject->moveTo($this->getConfig('storagePath') . $fileObject->getClientFilename());
+        $fileName = PathUtils::fileNameSanitize($fileObject->getClientFilename());
+        $fileObject->moveTo($this->getConfig('storagePath') . $fileName);
 
         $uploadedFile = new UploadedFileDecorator($fileObject, self::STORAGE_TYPE, options: [
             'storagePath' => $this->getConfig('storagePath'),
+            'fileName' => $fileName,
         ]);
 
         return $uploadedFile;

Original file line number	Diff line number	Diff line change
`@@ -25,7 +25,7 @@ class UploadComponent extends Component`
`25`	`25`	`];`
`26`	`26`
`27`	`27`	`/**`
`28`		`- * Allowed storage types`
	`28`	`+ * Allowed stoage types`
`29`	`29`	`*`
`30`	`30`	`* @var string[]`
`31`	`31`	`*/`
Original file line number	Diff line number	Diff line change
`@@ -28,4 +28,13 @@ public function get(string $key): string`
`28`	`28`	`{`
`29`	`29`	`return $this->options[$key] ?? "";`
`30`	`30`	`}`
	`31`	`+`
	`32`	`+ public function getFileName(): string`
	`33`	`+ {`
	`34`	`+ if (isset($this->options['fileName'])) {`
	`35`	`+ return $this->options['fileName'];`
	`36`	`+ }`
	`37`	`+`
	`38`	`+ return $this->originalData->getClientFilename();`
	`39`	`+ }`
`31`	`40`	`}`