package com.ckfinder.connector.handlers.command;

import com.ckfinder.connector.configuration.Constants;
import com.ckfinder.connector.configuration.Events;
import com.ckfinder.connector.configuration.IConfiguration;
import com.ckfinder.connector.data.AfterFileUploadEventArgs;
import com.ckfinder.connector.data.ResourceType;
import com.ckfinder.connector.errors.ConnectorException;
import com.ckfinder.connector.errors.ErrorUtils;
import com.ckfinder.connector.utils.AccessControlUtil;
import com.ckfinder.connector.utils.FileUtils;
import com.ckfinder.connector.utils.ImageUtils;
import java.io.File;
import java.io.IOException;
import java.io.OutputStream;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.fileupload.FileItem;
import org.apache.commons.fileupload.FileUploadBase;
import org.apache.commons.fileupload.disk.DiskFileItemFactory;
import org.apache.commons.fileupload.servlet.ServletFileUpload;

/* loaded from: input_file:com/ckfinder/connector/handlers/command/FileUploadCommand.class */
public class FileUploadCommand extends Command implements IPostCommand {
    protected String ckEditorFuncNum;
    protected String responseType;
    protected String ckFinderFuncNum;
    private String langCode;
    protected boolean uploaded;
    protected String customErrorMsg;
    private static final char[] UNSAFE_FILE_NAME_CHARS = {':', '*', '?', '|', '/'};
    protected int errorCode = 0;
    protected String fileName = "";
    protected String newFileName = "";

    public FileUploadCommand() {
        this.type = "";
        this.uploaded = false;
    }

    @Override // com.ckfinder.connector.handlers.command.Command
    public void execute(OutputStream outputStream) throws ConnectorException {
        if (this.configuration.isDebugMode() && this.exception != null) {
            throw new ConnectorException(this.errorCode, this.exception);
        }
        try {
            String replaceAll = (this.errorCode == 0 ? "" : this.errorCode == 1 ? this.customErrorMsg : ErrorUtils.getInstance().getErrorMsgByLangAndCode(this.langCode, this.errorCode, this.configuration)).replaceAll("%1", Matcher.quoteReplacement(this.newFileName));
            String str = "";
            if (this.uploaded) {
                str = this.configuration.getTypes().get(this.type).getUrl() + this.currentFolder;
            } else {
                this.newFileName = "";
                this.currentFolder = "";
            }
            if (this.responseType != null && this.responseType.equals("txt")) {
                outputStream.write((this.newFileName + "|" + replaceAll).getBytes(IConfiguration.DEFAULT_URI_ENCODING));
            } else if (checkFuncNum()) {
                handleOnUploadCompleteCallFuncResponse(outputStream, replaceAll, str);
            } else {
                handleOnUploadCompleteResponse(outputStream, replaceAll);
            }
        } catch (IOException e) {
            throw new ConnectorException(Constants.Errors.CKFINDER_CONNECTOR_ERROR_ACCESS_DENIED, e);
        }
    }

    protected boolean checkFuncNum() {
        return this.ckFinderFuncNum != null;
    }

    protected void handleOnUploadCompleteCallFuncResponse(OutputStream outputStream, String str, String str2) throws IOException {
        this.ckFinderFuncNum = this.ckFinderFuncNum.replaceAll("[^\\d]", "");
        outputStream.write("<script type=\"text/javascript\">".getBytes(IConfiguration.DEFAULT_URI_ENCODING));
        outputStream.write(("window.parent.CKFinder.tools.callFunction(" + this.ckFinderFuncNum + ", '" + str2 + FileUtils.backupWithBackSlash(this.newFileName, "'") + "', '" + str + "');").getBytes(IConfiguration.DEFAULT_URI_ENCODING));
        outputStream.write("</script>".getBytes(IConfiguration.DEFAULT_URI_ENCODING));
    }

    protected void handleOnUploadCompleteResponse(OutputStream outputStream, String str) throws IOException {
        outputStream.write("<script type=\"text/javascript\">".getBytes(IConfiguration.DEFAULT_URI_ENCODING));
        outputStream.write("window.parent.OnUploadCompleted(".getBytes(IConfiguration.DEFAULT_URI_ENCODING));
        outputStream.write(("'" + FileUtils.backupWithBackSlash(this.newFileName, "'") + "'").getBytes(IConfiguration.DEFAULT_URI_ENCODING));
        outputStream.write((", '" + (this.errorCode != 0 ? str : "") + "'").getBytes(IConfiguration.DEFAULT_URI_ENCODING));
        outputStream.write(");".getBytes(IConfiguration.DEFAULT_URI_ENCODING));
        outputStream.write("</script>".getBytes(IConfiguration.DEFAULT_URI_ENCODING));
    }

    @Override // com.ckfinder.connector.handlers.command.Command
    public void initParams(HttpServletRequest httpServletRequest, IConfiguration iConfiguration, Object... objArr) throws ConnectorException {
        super.initParams(httpServletRequest, iConfiguration, objArr);
        this.ckFinderFuncNum = httpServletRequest.getParameter("CKFinderFuncNum");
        this.ckEditorFuncNum = httpServletRequest.getParameter("CKEditorFuncNum");
        this.responseType = httpServletRequest.getParameter("response_type") != null ? httpServletRequest.getParameter("response_type") : httpServletRequest.getParameter("responseType");
        this.langCode = httpServletRequest.getParameter("langCode");
        if (this.errorCode == 0) {
            this.uploaded = uploadFile(httpServletRequest);
        }
    }

    private boolean uploadFile(HttpServletRequest httpServletRequest) {
        if (AccessControlUtil.getInstance().checkFolderACL(this.type, this.currentFolder, this.userRole, 32)) {
            return fileUpload(httpServletRequest);
        }
        this.errorCode = Constants.Errors.CKFINDER_CONNECTOR_ERROR_UNAUTHORIZED;
        return false;
    }

    private boolean fileUpload(HttpServletRequest httpServletRequest) {
        try {
            for (FileItem fileItem : new ServletFileUpload(new DiskFileItemFactory()).parseRequest(httpServletRequest)) {
                if (!fileItem.isFormField()) {
                    String str = this.configuration.getTypes().get(this.type).getPath() + this.currentFolder;
                    this.fileName = getFileItemName(fileItem);
                    try {
                        if (validateUploadItem(fileItem, str)) {
                            boolean saveTemporaryFile = saveTemporaryFile(str, fileItem);
                            fileItem.delete();
                            return saveTemporaryFile;
                        }
                        fileItem.delete();
                    } catch (Throwable th) {
                        fileItem.delete();
                        throw th;
                    }
                }
            }
            return false;
        } catch (ConnectorException e) {
            this.errorCode = e.getErrorCode();
            if (this.errorCode != 1) {
                return false;
            }
            this.customErrorMsg = e.getErrorMsg();
            return false;
        } catch (Exception e2) {
            if (this.configuration.isDebugMode()) {
                this.exception = e2;
            }
            this.errorCode = Constants.Errors.CKFINDER_CONNECTOR_ERROR_ACCESS_DENIED;
            return false;
        } catch (FileUploadBase.IOFileUploadException e3) {
            if (this.configuration.isDebugMode()) {
                this.exception = e3;
            }
            this.errorCode = Constants.Errors.CKFINDER_CONNECTOR_ERROR_ACCESS_DENIED;
            return false;
        } catch (FileUploadBase.FileSizeLimitExceededException e4) {
            this.errorCode = Constants.Errors.CKFINDER_CONNECTOR_ERROR_UPLOADED_TOO_BIG;
            return false;
        } catch (FileUploadBase.SizeLimitExceededException e5) {
            this.errorCode = Constants.Errors.CKFINDER_CONNECTOR_ERROR_UPLOADED_TOO_BIG;
            return false;
        } catch (FileUploadBase.InvalidContentTypeException e6) {
            if (this.configuration.isDebugMode()) {
                this.exception = e6;
            }
            this.errorCode = Constants.Errors.CKFINDER_CONNECTOR_ERROR_UPLOADED_CORRUPT;
            return false;
        }
    }

    private boolean saveTemporaryFile(String str, FileItem fileItem) throws Exception {
        File file = new File(str, this.newFileName);
        AfterFileUploadEventArgs afterFileUploadEventArgs = new AfterFileUploadEventArgs();
        afterFileUploadEventArgs.setCurrentFolder(this.currentFolder);
        afterFileUploadEventArgs.setFile(file);
        afterFileUploadEventArgs.setFileContent(fileItem.get());
        if (!ImageUtils.isImage(file)) {
            fileItem.write(file);
            if (this.configuration.getEvents() == null) {
                return true;
            }
            this.configuration.getEvents().run(Events.EventTypes.AfterFileUpload, afterFileUploadEventArgs, this.configuration);
            return true;
        }
        if (!ImageUtils.checkImageSize(fileItem.getInputStream(), this.configuration) && !this.configuration.checkSizeAfterScaling()) {
            this.errorCode = Constants.Errors.CKFINDER_CONNECTOR_ERROR_UPLOADED_TOO_BIG;
            return false;
        }
        ImageUtils.createTmpThumb(fileItem.getInputStream(), file, getFileItemName(fileItem), this.configuration);
        if (this.configuration.checkSizeAfterScaling() && !FileUtils.checkFileSize(this.configuration.getTypes().get(this.type), file.length())) {
            file.delete();
            this.errorCode = Constants.Errors.CKFINDER_CONNECTOR_ERROR_UPLOADED_TOO_BIG;
            return false;
        }
        if (this.configuration.getEvents() == null) {
            return true;
        }
        this.configuration.getEvents().run(Events.EventTypes.AfterFileUpload, afterFileUploadEventArgs, this.configuration);
        return true;
    }

    private String getFinalFileName(String str, String str2) {
        File file = new File(str, str2);
        int i = 0;
        boolean find = Pattern.compile("^(AUX|COM\\d|CLOCK\\$|CON|NUL|PRN|LPT\\d)$", 2).matcher(FileUtils.getFileNameWithoutExtension(str2, false)).find();
        while (true) {
            boolean z = find;
            if (!file.exists() && !z) {
                return this.newFileName;
            }
            i++;
            StringBuilder sb = new StringBuilder();
            sb.append(FileUtils.getFileNameWithoutExtension(str2, false));
            sb.append("(").append(i).append(").");
            sb.append(FileUtils.getFileExtension(str2, false));
            this.newFileName = sb.toString();
            file = new File(str, this.newFileName);
            this.errorCode = Constants.Errors.CKFINDER_CONNECTOR_ERROR_UPLOADED_FILE_RENAMED;
            find = false;
        }
    }

    private boolean validateUploadItem(FileItem fileItem, String str) {
        if (fileItem.getName() == null || fileItem.getName().length() <= 0) {
            this.errorCode = Constants.Errors.CKFINDER_CONNECTOR_ERROR_UPLOADED_INVALID;
            return false;
        }
        this.fileName = getFileItemName(fileItem);
        this.newFileName = this.fileName;
        for (char c : UNSAFE_FILE_NAME_CHARS) {
            this.newFileName = this.newFileName.replace(c, '_');
        }
        if (this.configuration.isDisallowUnsafeCharacters()) {
            this.newFileName = this.newFileName.replace(';', '_');
        }
        if (this.configuration.forceASCII()) {
            this.newFileName = FileUtils.convertToASCII(this.newFileName);
        }
        if (!this.newFileName.equals(this.fileName)) {
            this.errorCode = Constants.Errors.CKFINDER_CONNECTOR_ERROR_UPLOADED_INVALID_NAME_RENAMED;
        }
        if (FileUtils.checkIfDirIsHidden(this.currentFolder, this.configuration)) {
            this.errorCode = Constants.Errors.CKFINDER_CONNECTOR_ERROR_INVALID_REQUEST;
            return false;
        }
        if (!FileUtils.checkFileName(this.newFileName) || FileUtils.checkIfFileIsHidden(this.newFileName, this.configuration)) {
            this.errorCode = Constants.Errors.CKFINDER_CONNECTOR_ERROR_INVALID_NAME;
            return false;
        }
        ResourceType resourceType = this.configuration.getTypes().get(this.type);
        if (FileUtils.checkFileExtension(this.newFileName, resourceType) == 1) {
            this.errorCode = Constants.Errors.CKFINDER_CONNECTOR_ERROR_INVALID_EXTENSION;
            return false;
        }
        if (this.configuration.ckeckDoubleFileExtensions()) {
            this.newFileName = FileUtils.renameFileWithBadExt(resourceType, this.newFileName);
        }
        try {
            File file = new File(str, getFinalFileName(str, this.newFileName));
            if ((!ImageUtils.isImage(file) || !this.configuration.checkSizeAfterScaling()) && !FileUtils.checkFileSize(resourceType, fileItem.getSize())) {
                this.errorCode = Constants.Errors.CKFINDER_CONNECTOR_ERROR_UPLOADED_TOO_BIG;
                return false;
            }
            if (this.configuration.getSecureImageUploads() && ImageUtils.isImage(file) && !ImageUtils.checkImageFile(fileItem)) {
                this.errorCode = Constants.Errors.CKFINDER_CONNECTOR_ERROR_UPLOADED_CORRUPT;
                return false;
            }
            if (FileUtils.checkIfFileIsHtmlFile(file.getName(), this.configuration) || !FileUtils.detectHtml(fileItem)) {
                return true;
            }
            this.errorCode = Constants.Errors.CKFINDER_CONNECTOR_ERROR_UPLOADED_WRONG_HTML_FILE;
            return false;
        } catch (IOException e) {
            if (this.configuration.isDebugMode()) {
                this.exception = e;
            }
            this.errorCode = Constants.Errors.CKFINDER_CONNECTOR_ERROR_ACCESS_DENIED;
            return false;
        } catch (SecurityException e2) {
            if (this.configuration.isDebugMode()) {
                this.exception = e2;
            }
            this.errorCode = Constants.Errors.CKFINDER_CONNECTOR_ERROR_ACCESS_DENIED;
            return false;
        }
    }

    @Override // com.ckfinder.connector.handlers.command.Command
    public void setResponseHeader(HttpServletResponse httpServletResponse, ServletContext servletContext) {
        httpServletResponse.setCharacterEncoding("utf-8");
        httpServletResponse.setContentType("text/html");
    }

    private String getFileItemName(FileItem fileItem) {
        Matcher matcher = Pattern.compile("[^\\\\/]+$").matcher(fileItem.getName());
        return matcher.find() ? matcher.group(0) : "";
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.ckfinder.connector.handlers.command.Command
    public boolean checkParam(String str) throws ConnectorException {
        if (str == null || str.equals("") || !Pattern.compile(Constants.INVALID_PATH_REGEX).matcher(str).find()) {
            return true;
        }
        this.errorCode = Constants.Errors.CKFINDER_CONNECTOR_ERROR_INVALID_NAME;
        return false;
    }

    @Override // com.ckfinder.connector.handlers.command.Command
    protected boolean checkHidden() throws ConnectorException {
        if (!FileUtils.checkIfDirIsHidden(this.currentFolder, this.configuration)) {
            return false;
        }
        this.errorCode = Constants.Errors.CKFINDER_CONNECTOR_ERROR_INVALID_REQUEST;
        return true;
    }

    @Override // com.ckfinder.connector.handlers.command.Command
    protected boolean checkConnector(HttpServletRequest httpServletRequest) throws ConnectorException {
        if (this.configuration.enabled() && this.configuration.checkAuthentication(httpServletRequest)) {
            return true;
        }
        this.errorCode = 500;
        return false;
    }

    @Override // com.ckfinder.connector.handlers.command.Command
    protected boolean checkIfCurrFolderExists(HttpServletRequest httpServletRequest) throws ConnectorException {
        String parameter = getParameter(httpServletRequest, "type");
        if (!checkIfTypeExists(parameter)) {
            return false;
        }
        File file = new File(this.configuration.getTypes().get(parameter).getPath() + this.currentFolder);
        if (file.exists() && file.isDirectory()) {
            return true;
        }
        this.errorCode = Constants.Errors.CKFINDER_CONNECTOR_ERROR_FOLDER_NOT_FOUND;
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.ckfinder.connector.handlers.command.Command
    public boolean checkIfTypeExists(String str) {
        if (this.configuration.getTypes().get(str) != null) {
            return true;
        }
        this.errorCode = 12;
        return false;
    }
}
