PageRenderTime 18ms CodeModel.GetById 16ms app.highlight 1ms RepoModel.GetById 0ms app.codeStats 0ms

/EQT_V2/EQT/EQTWebApp/fckeditor/editor/filemanager/connectors/cfm/cf_util.cfm

http://sgsoft-las.googlecode.com/
ColdFusion | 131 lines | 70 code | 20 blank | 41 comment | 0 complexity | 0a7ea6806cdf7a5bd2cb17abc1220bc7 MD5 | raw file
Possible License(s): LGPL-2.1
  1<cfsetting enablecfoutputonly="Yes">
  2<!---
  3 * FCKeditor - The text editor for Internet - http://www.fckeditor.net
  4 * Copyright (C) 2003-2009 Frederico Caldeira Knabben
  5 *
  6 * == BEGIN LICENSE ==
  7 *
  8 * Licensed under the terms of any of the following licenses at your
  9 * choice:
 10 *
 11 *  - GNU General Public License Version 2 or later (the "GPL")
 12 *    http://www.gnu.org/licenses/gpl.html
 13 *
 14 *  - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
 15 *    http://www.gnu.org/licenses/lgpl.html
 16 *
 17 *  - Mozilla Public License Version 1.1 or later (the "MPL")
 18 *    http://www.mozilla.org/MPL/MPL-1.1.html
 19 *
 20 * == END LICENSE ==
 21 *
 22 * This file include generic functions used by the ColdFusion Connector (MX 6.0 and above).
 23--->
 24
 25<cffunction name="RemoveFromStart" output="false" returntype="String">
 26	<cfargument name="sourceString" type="String">
 27	<cfargument name="charToRemove" type="String">
 28
 29	<cfif left(ARGUMENTS.sourceString, 1) eq ARGUMENTS.charToRemove>
 30		<cfreturn mid( ARGUMENTS.sourceString, 2, len(ARGUMENTS.sourceString) -1 )>
 31	</cfif>
 32
 33	<cfreturn ARGUMENTS.sourceString>
 34</cffunction>
 35
 36<cffunction name="RemoveFromEnd" output="false" returntype="String">
 37	<cfargument name="sourceString" type="String">
 38	<cfargument name="charToRemove" type="String">
 39
 40	<cfif right(ARGUMENTS.sourceString, 1) eq ARGUMENTS.charToRemove>
 41		<cfreturn mid( ARGUMENTS.sourceString, 1, len(ARGUMENTS.sourceString) -1 )>
 42	</cfif>
 43
 44	<cfreturn ARGUMENTS.sourceString>
 45</cffunction>
 46
 47<!---
 48Check file content.
 49Currently this function validates only image files.
 50Returns false if file is invalid.
 51detectionLevel:
 52	0 = none
 53	1 = check image size for images,
 54	2 = use DetectHtml for images
 55---->
 56<cffunction name="IsImageValid" returntype="boolean" output="true">
 57	<cfargument name="filePath" required="true" type="String">
 58	<cfargument name="extension" required="true" type="String">
 59
 60	<cfset var imageCFC = "">
 61	<cfset var imageInfo = "">
 62
 63	<cfif not ListFindNoCase("gif,jpeg,jpg,png,swf,psd,bmp,iff,tiff,tif,swc,jpc,jp2,jpx,jb2,xmb,wbmp", ARGUMENTS.extension)>
 64		<cfreturn true>
 65	</cfif>
 66
 67	<cftry>
 68		<cfif REQUEST.CFVersion gte 8>
 69			<cfset objImage = ImageRead(ARGUMENTS.filePath) >
 70			<cfset imageInfo = ImageInfo(objImage)>
 71			<!--- <cfimage action="info" source="#ARGUMENTS.filePath#" structName="imageInfo" /> --->
 72		<cfelse>
 73			<cfset imageCFC = createObject("component", "image")>
 74			<cfset imageInfo = imageCFC.getImageInfo("", ARGUMENTS.filePath)>
 75		</cfif>
 76
 77		<cfif imageInfo.height lte 0 or imageInfo.width lte 0>
 78			<cfreturn false>
 79		</cfif>
 80	<cfcatch type="any">
 81		<cfreturn false>
 82	</cfcatch>
 83	</cftry>
 84
 85	<cfreturn true>
 86</cffunction>
 87
 88<!---
 89 Detect HTML in the first KB to prevent against potential security issue with
 90 IE/Safari/Opera file type auto detection bug.
 91 Returns true if file contain insecure HTML code at the beginning.
 92--->
 93<cffunction name="DetectHtml" output="false" returntype="boolean">
 94	<cfargument name="filePath" required="true" type="String">
 95
 96	<cfset var tags = "<body,<head,<html,<img,<pre,<script,<table,<title">
 97	<cfset var chunk = lcase( Trim( BinaryFileRead( ARGUMENTS.filePath, 1024 ) ) )>
 98
 99	<cfif not Len(chunk)>
100		<cfreturn false>
101	</cfif>
102
103	<cfif refind('<!doctype\W*x?html', chunk)>
104		<cfreturn true>
105	</cfif>
106
107	<cfloop index = "tag" list = "#tags#">
108     	<cfif find( tag, chunk )>
109			<cfreturn true>
110		</cfif>
111	</cfloop>
112
113	<!--- type = javascript --->
114	<cfif refind('type\s*=\s*[''"]?\s*(?:\w*/)?(?:ecma|java)', chunk)>
115		<cfreturn true>
116	</cfif> >
117
118	<!--- href = javascript --->
119	<!--- src = javascript --->
120	<!--- data = javascript --->
121	<cfif refind('(?:href|src|data)\s*=\s*[\''"]?\s*(?:ecma|java)script:', chunk)>
122		<cfreturn true>
123	</cfif>
124
125	<!--- url(javascript --->
126	<cfif refind('url\s*\(\s*[\''"]?\s*(?:ecma|java)script:', chunk)>
127		<cfreturn true>
128	</cfif>
129
130	<cfreturn false>
131</cffunction>