| Current Path : /var/www/html/pallets/web/core/modules/file/ |
Linux ift1.ift-informatik.de 5.4.0-216-generic #236-Ubuntu SMP Fri Apr 11 19:53:21 UTC 2025 x86_64 |
| Current File : /var/www/html/pallets/web/core/modules/file/file.post_update.php |
<?php
/**
* @file
* Post update functions for File.
*/
use Drupal\Core\Config\Entity\ConfigEntityUpdater;
use Drupal\Core\File\FileSystemInterface;
use Drupal\field\Entity\FieldConfig;
use Drupal\file\Plugin\Field\FieldType\FileItem;
/**
* Add txt to allowed extensions for all fields that allow uploads of insecure files.
*/
function file_post_update_add_txt_if_allows_insecure_extensions(&$sandbox = NULL) {
if (\Drupal::config('system.file')->get('allow_insecure_uploads')) {
return t('The system is configured to allow insecure file uploads. No file field updates are necessary.');
}
$updater = function (FieldConfig $field) {
// Determine if this field uses an item definition that extends FileItem.
if (is_subclass_of($field->getItemDefinition()->getClass(), FileItem::class)) {
$allowed_extensions_string = trim($field->getSetting('file_extensions'));
$allowed_extensions = array_filter(explode(' ', $allowed_extensions_string));
if (in_array('txt', $allowed_extensions, TRUE)) {
// Since .txt is specifically allowed, there's nothing to do.
return FALSE;
}
foreach ($allowed_extensions as $extension) {
// Allow .txt if an insecure extension is allowed.
if (preg_match(FileSystemInterface::INSECURE_EXTENSION_REGEX, 'test.' . $extension)) {
$allowed_extensions_string .= ' txt';
$field->setSetting('file_extensions', $allowed_extensions_string);
return TRUE;
}
}
return FALSE;
}
};
\Drupal::classResolver(ConfigEntityUpdater::class)->update($sandbox, 'field_config', $updater);
}