The current version of ImageCache uses the function file_check_directory when dealing with paths. This spits out a notice to the user whenever a directory is created, including for non-admin users. This is a request to suppress those notices.

There was an item posted to the imagefield module with the same request: [362763]. They noted that the fileframework module implemented a new function field_file_check_directory() which is a backport of the D7 code. This code does not alert the user when a directory is created, which is my desired behavior.

Here is a link to the field_file.inc file from filefield that has this function. Scroll almost all the way to the bottom to see the function and description.

My request is to consider the use of this function in imagecache - either by calling it directly, re-implementing it directly in imagecache, etc. Thanks in advance.

Comments

rjbrown99’s picture

Forgot the # in the above - here's the link to the other issue: #362763: Suppressing Image Field Directory Creation Messages.

fizk’s picture

Status: Active » Postponed
Issue tags: +ImageCache 2.x Todo

Marking as ImageCache 2.x Todo.

function field_file_check_directory(&$directory, $mode = 0, $form_item = NULL) {
  $directory = rtrim($directory, '/\\');

  // Error if the directory is a file.
  if (is_file($directory)) {
    watchdog('file system', 'The path %directory was checked as a directory, but it is a file.',  array('%directory' => $directory), WATCHDOG_ERROR);
    if ($form_item) {
      form_set_error($form_item, t('The directory %directory is a file and cannot be overwritten.', array('%directory' => $directory)));
    }
    return FALSE;
  }

  // Create the directory if it is missing.
  if (!is_dir($directory) && $mode & FILE_CREATE_DIRECTORY && !@mkdir($directory, 0775, TRUE)) {
    watchdog('file system', 'The directory %directory does not exist.', array('%directory' => $directory), WATCHDOG_ERROR);
    if ($form_item) {
      form_set_error($form_item, t('The directory %directory does not exist.', array('%directory' => $directory)));
    }
    return FALSE;
  }

  // Check to see if the directory is writable.
  if (!is_writable($directory) && $mode & FILE_MODIFY_PERMISSIONS && !@chmod($directory, 0775)) {
    watchdog('file system', 'The directory %directory is not writable, because it does not have the correct permissions set.', array('%directory' => $directory), WATCHDOG_ERROR);
    if ($form_item) {
      form_set_error($form_item, t('The directory %directory is not writable', array('%directory' => $directory)));
    }
    return FALSE;
  }

  if ((file_directory_path() == $directory || file_directory_temp() == $directory) && !is_file("$directory/.htaccess")) {
    $htaccess_lines = "SetHandler Drupal_Security_Do_Not_Remove_See_SA_2006_006\nOptions None\nOptions +FollowSymLinks";
    if (($fp = fopen("$directory/.htaccess", 'w')) && fputs($fp, $htaccess_lines)) {
      fclose($fp);
      chmod($directory .'/.htaccess', 0664);
    }
    else {
      $repl = array('%directory' => $directory, '!htaccess' => nl2br(check_plain($htaccess_lines)));
      form_set_error($form_item, t("Security warning: Couldn't write .htaccess file. Please create a .htaccess file in your %directory directory which contains the following lines:<br />!htaccess", $repl));
      watchdog('security', "Security warning: Couldn't write .htaccess file. Please create a .htaccess file in your %directory directory which contains the following lines:<br />!htaccess", $repl, WATCHDOG_ERROR);
    }
  }

  return TRUE;
}