From 2167b04d3404db7e5b8786fb30e9e7872af74bf5 Mon Sep 17 00:00:00 2001
From: Tobias Reich <tobias.reich.ich@gmail.com>
Date: Mon, 13 Apr 2015 21:09:28 +0200
Subject: [PATCH] Block import of invalid photo types and extensions

---
 php/modules/Import.php | 14 +++++++++++++-
 php/modules/Photo.php  | 14 ++++++++++----
 2 files changed, 23 insertions(+), 5 deletions(-)

diff --git a/php/modules/Import.php b/php/modules/Import.php
index 799cc4a..7543b1a 100644
--- a/php/modules/Import.php
+++ b/php/modules/Import.php
@@ -11,6 +11,9 @@ class Import extends Module {
 
 	static function photo($database, $plugins, $settings, $path, $albumID = 0, $description = '', $tags = '') {
 
+		# No need to validate photo type and extension in this function.
+		# $photo->add will take care of it.
+
 		$info	= getimagesize($path);
 		$size	= filesize($path);
 		$photo	= new Photo($database, $plugins, $settings, null);
@@ -37,7 +40,16 @@ class Import extends Module {
 
 		foreach ($urls as &$url) {
 
-			if (@exif_imagetype($url)===false) {
+			# Verify extension
+			$extension = getExtension($url);
+			if (!in_array(strtolower($extension), Photo::$validExtensions, true)) {
+				$error = true;
+				continue;
+			}
+
+			# Verify image
+			$type = @exif_imagetype($url);
+			if (!in_array($type, Photo::$validTypes, true)) {
 				$error = true;
 				continue;
 			}
diff --git a/php/modules/Photo.php b/php/modules/Photo.php
index 1dfdab4..e8713ae 100755
--- a/php/modules/Photo.php
+++ b/php/modules/Photo.php
@@ -13,12 +13,12 @@ class Photo extends Module {
 	private $settings	= null;
 	private $photoIDs	= null;
 
-	private $allowedTypes = array(
+	public static $validTypes = array(
 		IMAGETYPE_JPEG,
 		IMAGETYPE_GIF,
 		IMAGETYPE_PNG
 	);
-	private $validExtensions = array(
+	public static $validExtensions = array(
 		'.jpg',
 		'.jpeg',
 		'.png',
@@ -87,11 +87,17 @@ class Photo extends Module {
 
 			# Verify extension
 			$extension = getExtension($file['name']);
-			if (!in_array(strtolower($extension), $this->validExtensions, true)) continue;
+			if (!in_array(strtolower($extension), Photo::$validExtensions, true)) {
+				Log::error($this->database, __METHOD__, __LINE__, 'Photo format not supported');
+				exit('Error: Photo format not supported!');
+			}
 
 			# Verify image
 			$type = @exif_imagetype($file['tmp_name']);
-			if (!in_array($type, $this->allowedTypes, true)) continue;
+			if (!in_array($type, Photo::$validTypes, true)) {
+				Log::error($this->database, __METHOD__, __LINE__, 'Photo type not supported');
+				exit('Error: Photo type not supported!');
+			}
 
 			# Generate id
 			$id = str_replace('.', '', microtime(true));