From 256f576f1e0743a01d0cb1170e9e782cddfcb668 Mon Sep 17 00:00:00 2001 From: Pantelis Roditis Date: Tue, 19 Mar 2024 14:33:23 +0200 Subject: [PATCH 1/8] handle file uploads more gracefully --- .../controllers/ChallengeController.php | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/backend/modules/gameplay/controllers/ChallengeController.php b/backend/modules/gameplay/controllers/ChallengeController.php index d1d26cdcd..7695e7df4 100644 --- a/backend/modules/gameplay/controllers/ChallengeController.php +++ b/backend/modules/gameplay/controllers/ChallengeController.php @@ -100,7 +100,14 @@ public function actionCreate() try { if($model->file) - $model->file->saveAs('uploads/'.$model->id); + { + if(trim($model->filename)==='') + { + $model->filename=$model->id; + $model->updateAttributes(['filename'=>$model->id]); + } + $model->file->saveAs('uploads/'.$model->filename); + } Yii::$app->session->addFlash('success', Yii::t('app','Challenge [{name}] created',['name'=>Html::encode($model->name)])); Yii::$app->session->addFlash('warning', Yii::t('app','Don\'t forget to create a question for the challenge.')); } @@ -131,7 +138,15 @@ public function actionUpdate($id) { $model->file=UploadedFile::getInstance($model, 'file'); if($model->file !== null) - $model->file->saveAs('uploads/'.$model->id); + { + if(trim($model->filename)==='') + { + $model->filename=$model->id; + $model->updateAttributes(['filename'=>$model->id]); + } + $model->file->saveAs('uploads/'.$model->filename); + } + Yii::$app->session->addFlash('success', Yii::t('app','Challenge [{name}] updated',['name'=>Html::encode($model->name)])); return $this->redirect(['view', 'id' => $model->id]); } From b29bb9c095cb690557d91a6f4e20f4d53639aff8 Mon Sep 17 00:00:00 2001 From: Pantelis Roditis Date: Tue, 19 Mar 2024 14:33:45 +0200 Subject: [PATCH 2/8] update validator for actual filename --- backend/modules/gameplay/models/Challenge.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/backend/modules/gameplay/models/Challenge.php b/backend/modules/gameplay/models/Challenge.php index c036fd079..c3b0a1e03 100644 --- a/backend/modules/gameplay/models/Challenge.php +++ b/backend/modules/gameplay/models/Challenge.php @@ -15,7 +15,7 @@ * @property string $description * @property string $player_type * @property string $filename The filename that will be provided to participants - * @property string $file The filename that will be provided to participants + * @property object $file The file upload handler * @property boolean $active Is challenge active? * @property boolean $timer Keep timer for solving? * @property boolean $public Is challenge public? @@ -44,6 +44,7 @@ public function rules() [['active','timer','public'], 'boolean'], [['file'], 'file'], [['name', 'category', 'difficulty', 'filename'], 'string', 'max' => 255], + [['filename'], 'trim'], [['name'], 'unique'], [['player_type'],'default', 'value'=>'offense'], ['player_type', 'in', 'range' => ['offense', 'defense','both']], From 7bea7b7ea61a1153e295f578fc1b5950d9d5531a Mon Sep 17 00:00:00 2001 From: Pantelis Roditis Date: Tue, 19 Mar 2024 14:45:02 +0200 Subject: [PATCH 3/8] dont use hardcoded folder name for uploads --- .../themes/material/modules/challenge/views/default/view.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/frontend/themes/material/modules/challenge/views/default/view.php b/frontend/themes/material/modules/challenge/views/default/view.php index 507bf847f..b4e470978 100644 --- a/frontend/themes/material/modules/challenge/views/default/view.php +++ b/frontend/themes/material/modules/challenge/views/default/view.php @@ -24,7 +24,7 @@

name.' (ID#'.$model->id.')'?> completed):?> \Yii::t('app','Hey check this out, I completed the challenge ').Html::encode($model->name)]);?>\Yii::t('app','I currently grinding the challenge ').Html::encode($model->name)]);?>

category);?> / difficulty)?> / points));?>pts

- filename) !== '' ? '

'.\Yii::t('app','Challenge file:').' '.Html::a($model->filename, ['/uploads/'.$model->filename], ['data-pjax'=>"0"]).'

' : ''?> + filename) !== '' ? '

'.\Yii::t('app','Challenge file:').' '.Html::a($model->filename, [\Yii::$app->sys->challenge_root.$model->filename], ['data-pjax'=>"0"]).'

' : ''?> completed):?>
$solver,'id'=>$model->id,'action'=>['/game/default/rate-solver','id'=>$model->id]]);?>
From aac02c954f3be5d635e773970f84794f4980837a Mon Sep 17 00:00:00 2001 From: Pantelis Roditis Date: Tue, 19 Mar 2024 14:45:34 +0200 Subject: [PATCH 4/8] update sysconfigs --- docs/Sysconfig-Keys.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/Sysconfig-Keys.md b/docs/Sysconfig-Keys.md index 5fbfa3e85..837229fd0 100644 --- a/docs/Sysconfig-Keys.md +++ b/docs/Sysconfig-Keys.md @@ -38,7 +38,8 @@ * `offense_scenario` A scenario displayed to the users once they have signed into the frontend. * `spins_per_day` Limit allowed restarts per day per player * `online_timeout` Timeout in seconds that a user is no longer considered online on the platform -* `challenge_home` Web accessible folder that the challenges can be downloaded from. (default: `uploads/`) +* `challenge_home` Full path to folder that the challenges will be uploaded to. (default: `@web/uploads/`) +* `challenge_root` Web accessible folder that the challenges can be downloaded from. (default: `/uploads/`) * `offense_registered_tag` PF tag used for registered offense users * `defense_registered_tag` PF tag used for registered defense users * `footer_logos`: HTML code to display logos for the event on the footer of the page. (PENDING) From da92a4444bd70845df0f436fb60dbcf251a0556b Mon Sep 17 00:00:00 2001 From: Pantelis Roditis Date: Tue, 19 Mar 2024 15:22:01 +0200 Subject: [PATCH 5/8] respect the defined path for challenge home --- .../modules/gameplay/controllers/ChallengeController.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/backend/modules/gameplay/controllers/ChallengeController.php b/backend/modules/gameplay/controllers/ChallengeController.php index 7695e7df4..893a293c5 100644 --- a/backend/modules/gameplay/controllers/ChallengeController.php +++ b/backend/modules/gameplay/controllers/ChallengeController.php @@ -106,8 +106,8 @@ public function actionCreate() $model->filename=$model->id; $model->updateAttributes(['filename'=>$model->id]); } - $model->file->saveAs('uploads/'.$model->filename); - } + $model->file->saveAs(Yii::getAlias(Yii::$app->sys->challenge_home).'/'.$model->filename); + } Yii::$app->session->addFlash('success', Yii::t('app','Challenge [{name}] created',['name'=>Html::encode($model->name)])); Yii::$app->session->addFlash('warning', Yii::t('app','Don\'t forget to create a question for the challenge.')); } @@ -144,7 +144,7 @@ public function actionUpdate($id) $model->filename=$model->id; $model->updateAttributes(['filename'=>$model->id]); } - $model->file->saveAs('uploads/'.$model->filename); + $model->file->saveAs(Yii::getAlias(Yii::$app->sys->challenge_home).'/'.$model->filename); } Yii::$app->session->addFlash('success', Yii::t('app','Challenge [{name}] updated',['name'=>Html::encode($model->name)])); return $this->redirect(['view', 'id' => $model->id]); From dd03874419e21e115c7e197d27979d8b5dec8ee9 Mon Sep 17 00:00:00 2001 From: Pantelis Roditis Date: Tue, 19 Mar 2024 15:23:44 +0200 Subject: [PATCH 6/8] add challenge_home and challenge_root to the configure form --- backend/modules/settings/models/ConfigureForm.php | 7 ++++++- backend/modules/settings/views/sysconfig/configure.php | 7 +++++-- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/backend/modules/settings/models/ConfigureForm.php b/backend/modules/settings/models/ConfigureForm.php index 02ca03389..d89f692c4 100644 --- a/backend/modules/settings/models/ConfigureForm.php +++ b/backend/modules/settings/models/ConfigureForm.php @@ -29,7 +29,8 @@ class ConfigureForm extends Model public $twitter_hashtags; public $registrations_start; public $registrations_end; - public $challenge_home; + public $challenge_home='@web/uploads'; + public $challenge_root='/uploads/'; public $offense_registered_tag; public $defense_registered_tag; public $offense_domain; @@ -94,6 +95,7 @@ class ConfigureForm extends Model 'registrations_start', 'registrations_end', 'challenge_home', + 'challenge_root', 'offense_registered_tag', 'defense_registered_tag', 'vpngw', @@ -220,6 +222,8 @@ public function rules() 'target_days_new', 'target_days_updated', ], 'required'], + ['challenge_home','default','value'=>'@web/uploads'], + ['challenge_root','default','value'=>'/uploads/'], [['dn_countryName'],'default','value'=>\Yii::$app->sys->dn_countryName], [['dn_stateOrProvinceName'],'default','value'=>\Yii::$app->sys->dn_stateOrProvinceName], [['dn_localityName'],'default','value'=>\Yii::$app->sys->dn_localityName], @@ -276,6 +280,7 @@ public function attributeLabels() 'defense_domain' => 'Defense domain', 'moderator_domain' => 'Moderator domain', 'challenge_home' => 'Challenge home', + 'challenge_root' => 'Challenge root', 'approved_avatar' => 'Approved Avatar', 'offense_vether_network' => 'Offense vether network', 'offense_vether_netmask' => 'Offense vether netmask', diff --git a/backend/modules/settings/views/sysconfig/configure.php b/backend/modules/settings/views/sysconfig/configure.php index 220dc1d47..9827644fe 100644 --- a/backend/modules/settings/views/sysconfig/configure.php +++ b/backend/modules/settings/views/sysconfig/configure.php @@ -50,8 +50,11 @@

Targets and Challenges properties

-
field($model, 'target_days_new')->textInput()->hint('How many days are targets considered new?') ?>
-
field($model, 'target_days_updated')->textInput()->hint('How many days are targets considered updated?') ?>
+
field($model, 'target_days_new')->textInput()->hint('How many days are targets considered new?') ?>
+
field($model, 'target_days_updated')->textInput()->hint('How many days are targets considered updated?') ?>
+
field($model, 'challenge_home')->textInput()->hint('Web accessible path for downloading challenge files?') ?>
+
field($model, 'challenge_root')->textInput()->hint('Folder that challenge files will be uploaded to?') ?>
+
From 94a25f9a2dd29a826c3477ede8dfb7d94f4a93a9 Mon Sep 17 00:00:00 2001 From: Pantelis Roditis Date: Tue, 19 Mar 2024 15:33:17 +0200 Subject: [PATCH 7/8] fix proper @web and @webroot refs --- backend/modules/settings/models/ConfigureForm.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/backend/modules/settings/models/ConfigureForm.php b/backend/modules/settings/models/ConfigureForm.php index d89f692c4..31d8b3d3f 100644 --- a/backend/modules/settings/models/ConfigureForm.php +++ b/backend/modules/settings/models/ConfigureForm.php @@ -29,8 +29,8 @@ class ConfigureForm extends Model public $twitter_hashtags; public $registrations_start; public $registrations_end; - public $challenge_home='@web/uploads'; - public $challenge_root='/uploads/'; + public $challenge_home='@webroot/uploads'; + public $challenge_root='@web/uploads'; public $offense_registered_tag; public $defense_registered_tag; public $offense_domain; From b7a191dc6c0620504d934da919b7223b60959437 Mon Sep 17 00:00:00 2001 From: Pantelis Roditis Date: Tue, 19 Mar 2024 15:33:34 +0200 Subject: [PATCH 8/8] use the proper alias --- .../themes/material/modules/challenge/views/default/view.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/frontend/themes/material/modules/challenge/views/default/view.php b/frontend/themes/material/modules/challenge/views/default/view.php index b4e470978..98c4bf986 100644 --- a/frontend/themes/material/modules/challenge/views/default/view.php +++ b/frontend/themes/material/modules/challenge/views/default/view.php @@ -24,7 +24,7 @@

name.' (ID#'.$model->id.')'?> completed):?> \Yii::t('app','Hey check this out, I completed the challenge ').Html::encode($model->name)]);?>\Yii::t('app','I currently grinding the challenge ').Html::encode($model->name)]);?>

category);?> / difficulty)?> / points));?>pts

- filename) !== '' ? '

'.\Yii::t('app','Challenge file:').' '.Html::a($model->filename, [\Yii::$app->sys->challenge_root.$model->filename], ['data-pjax'=>"0"]).'

' : ''?> + filename) !== '' ? '

'.\Yii::t('app','Challenge file:').' '.Html::a($model->filename, [Yii::getAlias(\Yii::$app->sys->challenge_root).'/'.$model->filename], ['data-pjax'=>"0"]).'

' : ''?> completed):?>
$solver,'id'=>$model->id,'action'=>['/game/default/rate-solver','id'=>$model->id]]);?>