r53272 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r53271‎ \| r53272 \| r53273 >
Date:	21:49, 14 July 2009
Author:	brion
Status:	deferred
Tags:
Comment:	Commit little UploadBlacklist extension we've had live for a few years but apparently forgot to commit. ;) It's pretty hacky, requiring sysadmins to add SHA-1 hashes to an array (haha! yeah that's scalable) Should get rewritten with a DB and a UI and integrated to core at some point.
Modified paths:	/trunk/extensions/UploadBlacklist (added) (history) /trunk/extensions/UploadBlacklist/UploadBlacklist.php (added) (history)

Diff [purge]

Index: trunk/extensions/UploadBlacklist/UploadBlacklist.php
—	—	@@ -0,0 +1,64 @@
	2	+<?php
	3	+
	4	+if( !defined( 'MEDIAWIKI' ) )
	5	+ die();
	6	+if( !function_exists( 'sha1_file' ) )
	7	+ die( "UploadBlacklist extension requires PHP 4.3.0 or higher." );
	8	+
	9	+$ubUploadBlacklist = array();
	10	+$wgHooks['UploadVerification'][] = 'ubVerifyHash';
	11	+
	12	+/**
	13	+ * Callback for UploadVerification hook; calculates the file's
	14	+ * MD5 hash and checks it against a list of blacklisted files.
	15	+ * If it matches, the upload will be denied.
	16	+ *
	17	+ * @param string $saveName Destination filename
	18	+ * @param string $tempName Filesystem path to temporary upload file
	19	+ * @param string $error Set to HTML message if failure
	20	+ * @return bool true if passes this check, false if blocked
	21	+ */
	22	+function ubVerifyHash( $saveName, $tempName, &$error ) {
	23	+ $error = '';
	24	+
	25	+ wfSuppressWarnings();
	26	+ $hash = sha1_file( $tempName );
	27	+ wfRestoreWarnings();
	28	+
	29	+ if( $hash === false ) {
	30	+ $error = "Failed to calculate file hash; may be missing or damaged.";
	31	+ $error .= " Filename: " . htmlspecialchars( $tempName );
	32	+ ubLog( 'ERROR', $hash, $saveName, $tempName );
	33	+ return false;
	34	+ }
	35	+
	36	+ global $ubUploadBlacklist;
	37	+ if( in_array( $hash, $ubUploadBlacklist ) ) {
	38	+ $error = "File appears to be corrupt.";
	39	+ ubLog( 'HIT', $hash, $saveName, $tempName );
	40	+ return false;
	41	+ } else {
	42	+ ubLog( 'MISS', $hash, $saveName, $tempName );
	43	+ return true;
	44	+ }
	45	+}
	46	+
	47	+/**
	48	+ * Set $wgDebugLogGroups['UploadBlacklist'] to direct logging to a particular
	49	+ * file instead of the debug log.
	50	+ *
	51	+ * @param string $action
	52	+ * @param string $hash
	53	+ * @param string $saveName
	54	+ * @param string $tempName
	55	+ * @access private
	56	+ */
	57	+function ubLog( $action, $hash, $saveName, $tempName ) {
	58	+ global $wgUser;
	59	+ $user = $wgUser->getName();
	60	+ $ip = wfGetIP();
	61	+ $ts = wfTimestamp( TS_DB );
	62	+ wfDebugLog( 'UploadBlacklist', "$ts $action [$hash] name:$saveName file:$tempName user:$user ip:$ip" );
	63	+}
	64	+
	65	+?>
Property changes on: trunk/extensions/UploadBlacklist/UploadBlacklist.php
___________________________________________________________________
Name: svn:eol-style
1	66	+ native

Status & tagging log

00:20, 14 September 2011 Meno25 (talk | contribs) changed the status of r53272 [removed: old added: deferred]
01:02, 14 November 2010 Reedy (talk | contribs) changed the status of r53272 [removed: new added: old]