base.php000064400000002503150732304400006165 0ustar00sanitize_file( $filename ); } /** * Validate File * * @since 3.3.0 * @access public * * @param $file * @return bool|\WP_Error */ public function validate_file( $file ) { if ( ! $this->sanitize_svg( $file['tmp_name'] ) ) { return new \WP_Error( Exceptions::FORBIDDEN, esc_html__( 'This file is not allowed for security reasons.', 'elementor' ) ); } return true; } /** * Sanitizer * * @since 3.5.0 * @access public * * @param $content * @return bool|string */ public function sanitizer( $content ) { return ( new SVG_Sanitizer() )->sanitize( $content ); } /** * WP Prepare Attachment For J * * Runs on the `wp_prepare_attachment_for_js` filter. * * @since 3.5.0 * @access public * * @param $attachment_data * @param $attachment * @param $meta * * @return mixed */ public function wp_prepare_attachment_for_js( $attachment_data, $attachment, $meta ) { if ( 'image' !== $attachment_data['type'] || 'svg+xml' !== $attachment_data['subtype'] || ! class_exists( 'SimpleXMLElement' ) ) { return $attachment_data; } $svg = self::get_inline_svg( $attachment->ID ); if ( ! $svg ) { return $attachment_data; } try { $svg = new \SimpleXMLElement( $svg ); } catch ( \Exception $e ) { return $attachment_data; } $src = $attachment_data['url']; $width = (int) $svg['width']; $height = (int) $svg['height']; // Media Gallery $attachment_data['image'] = compact( 'src', 'width', 'height' ); $attachment_data['thumb'] = compact( 'src', 'width', 'height' ); // Single Details of Image $attachment_data['sizes']['full'] = [ 'height' => $height, 'width' => $width, 'url' => $src, 'orientation' => $height > $width ? 'portrait' : 'landscape', ]; return $attachment_data; } /** * Set Svg Meta Data * * Adds dimensions metadata to uploaded SVG files, since WordPress doesn't do it. * * @since 3.5.0 * @access public * * @return mixed */ public function set_svg_meta_data( $data, $id ) { $attachment = get_post( $id ); // Filter makes sure that the post is an attachment. $mime_type = $attachment->post_mime_type; // If the attachment is an svg if ( 'image/svg+xml' === $mime_type ) { // If the svg metadata are empty or the width is empty or the height is empty. // then get the attributes from xml. if ( empty( $data ) || empty( $data['width'] ) || empty( $data['height'] ) ) { $attachment = wp_get_attachment_url( $id ); $xml = simplexml_load_file( $attachment ); if ( ! empty( $xml ) ) { $attr = $xml->attributes(); $view_box = explode( ' ', $attr->viewBox );// phpcs:ignore WordPress.NamingConventions.ValidVariableName.UsedPropertyNotSnakeCase $data['width'] = isset( $attr->width ) && preg_match( '/\d+/', $attr->width, $value ) ? (int) $value[0] : ( 4 === count( $view_box ) ? (int) $view_box[2] : null ); $data['height'] = isset( $attr->height ) && preg_match( '/\d+/', $attr->height, $value ) ? (int) $value[0] : ( 4 === count( $view_box ) ? (int) $view_box[3] : null ); } } } return $data; } /** * Delete Meta Cache * * Deletes the Inline SVG post meta entry. * * @since 3.5.0 * @access public */ public function delete_meta_cache() { delete_post_meta_by_key( self::META_KEY ); } /** * File Sanitizer Can Run * * Checks if the classes required for the file sanitizer are in memory. * * @since 3.5.0 * @access public * @static * * @return bool */ public static function file_sanitizer_can_run() { return class_exists( 'DOMDocument' ) && class_exists( 'SimpleXMLElement' ); } /** * Get Inline SVG * * @since 3.5.0 * @access public * @static * * @param $attachment_id * @return bool|mixed|string */ public static function get_inline_svg( $attachment_id ) { $svg = get_post_meta( $attachment_id, self::META_KEY, true ); if ( ! empty( $svg ) ) { $valid_svg = ( new SVG_Sanitizer() )->sanitize( $svg ); return ( false === $valid_svg ) ? '' : $valid_svg; } $attachment_file = get_attached_file( $attachment_id ); if ( ! file_exists( $attachment_file ) ) { return ''; } $svg = Utils::file_get_contents( $attachment_file ); $valid_svg = ( new SVG_Sanitizer() )->sanitize( $svg ); if ( false === $valid_svg ) { return ''; } if ( ! empty( $valid_svg ) ) { update_post_meta( $attachment_id, self::META_KEY, $valid_svg ); } return $valid_svg; } public function __construct() { add_filter( 'wp_update_attachment_metadata', [ $this, 'set_svg_meta_data' ], 10, 2 ); add_filter( 'wp_prepare_attachment_for_js', [ $this, 'wp_prepare_attachment_for_js' ], 10, 3 ); add_action( 'elementor/core/files/clear_cache', [ $this, 'delete_meta_cache' ] ); } } zip.php000064400000011142150732304400006054 0ustar00uploads_manager->create_unique_dir(); } $zip->open( $file_path ); // if an array of allowed file types is provided, get the filtered file list to extract. $allowed_files = $allowed_file_types ? $this->get_allowed_files( $zip, $allowed_file_types ) : null; $zip->extractTo( $extraction_directory, $allowed_files ); $zip->close(); return [ 'extraction_directory' => $extraction_directory, 'files' => $this->find_temp_files( $extraction_directory ), ]; } /** * Get Allowed Files * * Accepts a zipArchive instance and an array of allowed file types. Iterates over the zip archive's files and * checks if their extensions are in the list of allowed file types. Returns an array containing all valid files. * * @since 3.3.0 * * @param \ZipArchive $zip * @param array $allowed_file_types * @return array */ private function get_allowed_files( $zip, $allowed_file_types ) { $allowed_files = []; // phpcs:ignore WordPress.NamingConventions.ValidVariableName.UsedPropertyNotSnakeCase for ( $i = 0; $i < $zip->numFiles; $i++ ) { $filename = $zip->getNameIndex( $i ); $extension = pathinfo( $filename, PATHINFO_EXTENSION ); // Skip files with transversal paths. if ( strpos( $filename, '..' ) !== false ) { continue; } if ( in_array( $extension, $allowed_file_types, true ) ) { $allowed_files[] = $filename; } } return $allowed_files; } /** * Find temporary files. * * Recursively finds a list of temporary files from the extracted zip file. * * Example return data: * * [ * 0 => '/www/wp-content/uploads/elementor/tmp/5eb3a7a411d44/templates/block-2-col-marble-title.json', * 1 => '/www/wp-content/uploads/elementor/tmp/5eb3a7a411d44/templates/block-2-col-text-and-photo.json', * ] * * @since 2.9.8 * @access private * * @param string $temp_path - The temporary file path to scan for template files * * @return array An array of temporary files on the filesystem */ private function find_temp_files( $temp_path ) { $file_names = []; $possible_file_names = array_diff( scandir( $temp_path ), [ '.', '..' ] ); // Find nested files in the unzipped path. This happens for example when the user imports a Website Kit. foreach ( $possible_file_names as $possible_file_name ) { $full_possible_file_name = $temp_path . $possible_file_name; if ( is_dir( $full_possible_file_name ) ) { $file_names = array_merge( $file_names, $this->find_temp_files( $full_possible_file_name . '/' ) ); } else { $file_names[] = $full_possible_file_name; } } return $file_names; } }