1<cfsetting enablecfoutputonly="Yes"> 2<!--- 3 * FCKeditor - The text editor for Internet - http://www.fckeditor.net 4 * Copyright (C) 2003-2007 Frederico Caldeira Knabben 5 * 6 * == BEGIN LICENSE == 7 * 8 * Licensed under the terms of any of the following licenses at your 9 * choice: 10 * 11 * - GNU General Public License Version 2 or later (the "GPL") 12 * http://www.gnu.org/licenses/gpl.html 13 * 14 * - GNU Lesser General Public License Version 2.1 or later (the "LGPL") 15 * http://www.gnu.org/licenses/lgpl.html 16 * 17 * - Mozilla Public License Version 1.1 or later (the "MPL") 18 * http://www.mozilla.org/MPL/MPL-1.1.html 19 * 20 * == END LICENSE == 21 * 22 * This file include generic functions used by the ColdFusion Connector (MX 6.0 and above). 23---> 24 25<cffunction name="RemoveFromStart" output="false" returntype="String"> 26 <cfargument name="sourceString" type="String"> 27 <cfargument name="charToRemove" type="String"> 28 29 <cfif left(ARGUMENTS.sourceString, 1) eq ARGUMENTS.charToRemove> 30 <cfreturn mid( ARGUMENTS.sourceString, 2, len(ARGUMENTS.sourceString) -1 )> 31 </cfif> 32 33 <cfreturn ARGUMENTS.sourceString> 34</cffunction> 35 36<cffunction name="RemoveFromEnd" output="false" returntype="String"> 37 <cfargument name="sourceString" type="String"> 38 <cfargument name="charToRemove" type="String"> 39 40 <cfif right(ARGUMENTS.sourceString, 1) eq ARGUMENTS.charToRemove> 41 <cfreturn mid( ARGUMENTS.sourceString, 1, len(ARGUMENTS.sourceString) -1 )> 42 </cfif> 43 44 <cfreturn ARGUMENTS.sourceString> 45</cffunction> 46 47<!--- 48Check file content. 49Currently this function validates only image files. 50Returns false if file is invalid. 51detectionLevel: 52 0 = none 53 1 = check image size for images, 54 2 = use DetectHtml for images 55----> 56<cffunction name="IsImageValid" returntype="boolean" output="true"> 57 <cfargument name="filePath" required="true" type="String"> 58 <cfargument name="extension" required="true" type="String"> 59 60 <cfset var imageCFC = ""> 61 <cfset var imageInfo = ""> 62 63 <cfif not ListFindNoCase("gif,jpeg,jpg,png,swf,psd,bmp,iff,tiff,tif,swc,jpc,jp2,jpx,jb2,xmb,wbmp", ARGUMENTS.extension)> 64 <cfreturn true> 65 </cfif> 66 67 <cftry> 68 <cfif REQUEST.CFVersion gte 8> 69 <cfset objImage = ImageRead(ARGUMENTS.filePath) > 70 <cfset imageInfo = ImageInfo(objImage)> 71 <!--- <cfimage action="info" source="#ARGUMENTS.filePath#" structName="imageInfo" /> ---> 72 <cfelse> 73 <cfset imageCFC = createObject("component", "image")> 74 <cfset imageInfo = imageCFC.getImageInfo("", ARGUMENTS.filePath)> 75 </cfif> 76 77 <cfif imageInfo.height lte 0 or imageInfo.width lte 0> 78 <cfreturn false> 79 </cfif> 80 <cfcatch type="any"> 81 <cfreturn false> 82 </cfcatch> 83 </cftry> 84 85 <cfreturn true> 86</cffunction> 87 88<!--- 89 Detect HTML in the first KB to prevent against potential security issue with 90 IE/Safari/Opera file type auto detection bug. 91 Returns true if file contain insecure HTML code at the beginning. 92---> 93<cffunction name="DetectHtml" output="false" returntype="boolean"> 94 <cfargument name="filePath" required="true" type="String"> 95 96 <cfset var tags = "<body,<head,<html,<img,<pre,<script,<table,<title"> 97 <cfset var chunk = lcase( Trim( BinaryFileRead( ARGUMENTS.filePath, 1024 ) ) )> 98 99 <cfif not Len(chunk)> 100 <cfreturn false> 101 </cfif> 102 103 <cfif refind('<!doctype\W*x?html', chunk)> 104 <cfreturn true> 105 </cfif> 106 107 <cfloop index = "tag" list = "#tags#"> 108 <cfif find( tag, chunk )> 109 <cfreturn true> 110 </cfif> 111 </cfloop> 112 113 <!--- type = javascript ---> 114 <cfif refind('type\s*=\s*[''"]?\s*(?:\w*/)?(?:ecma|java)', chunk)> 115 <cfreturn true> 116 </cfif> > 117 118 <!--- href = javascript ---> 119 <!--- src = javascript ---> 120 <!--- data = javascript ---> 121 <cfif refind('(?:href|src|data)\s*=\s*[\''"]?\s*(?:ecma|java)script:', chunk)> 122 <cfreturn true> 123 </cfif> 124 125 <!--- url(javascript ---> 126 <cfif refind('url\s*\(\s*[\''"]?\s*(?:ecma|java)script:', chunk)> 127 <cfreturn true> 128 </cfif> 129 130 <cfreturn false> 131</cffunction> 132 133