5 files changed, 42 insertions, 5 deletions

diff --git a/modules/gallery/helpers/gallery_graphics.php b/modules/gallery/helpers/gallery_graphics.php
index b78bd9a7..eb76353f 100644
--- a/modules/gallery/helpers/gallery_graphics.php
+++ b/modules/gallery/helpers/gallery_graphics.php
@@ -172,6 +172,11 @@ class gallery_graphics_Core {
 
       module::event("graphics_composite_completed", $input_file, $output_file, $options, $item);
     } catch (ErrorException $e) {
+      // Unlike rotate and resize, composite catches its exceptions here.  This is because
+      // composite is typically called for watermarks.  If during thumb/resize generation
+      // the watermark fails, we'd still like the image resized, just without its watermark.
+      // If the exception isn't caught here, graphics::generate will replace it with a
+      // placeholder.
       Kohana_Log::add("error", $e->getMessage());
     }
   }
diff --git a/modules/gallery/helpers/graphics.php b/modules/gallery/helpers/graphics.php
index e8df56ed..e66908c4 100644
--- a/modules/gallery/helpers/graphics.php
+++ b/modules/gallery/helpers/graphics.php
@@ -237,7 +237,16 @@ class graphics_Core {
         graphics::_replace_image_with_placeholder($item, "resize");
       }
       graphics::_replace_image_with_placeholder($item, "thumb");
-      graphics::_update_item_dimensions($item);
+      try {
+        graphics::_update_item_dimensions($item);
+      } catch (Exception $e) {
+        // Looks like get_file_metadata couldn't identify our placeholders.  We should never get
+        // here, but in the odd case we do, we need to do something.  Let's put in hardcoded values.
+        if ($item->is_photo()) {
+          list ($item->resize_width, $item->resize_height) = array(200, 200);
+        }
+        list ($item->thumb_width, $item->thumb_height) = array(200, 200);
+      }
       $item->save();
       throw $e;
     }
diff --git a/modules/gallery/helpers/legal_file.php b/modules/gallery/helpers/legal_file.php
index ab9047c8..9ed564a1 100644
--- a/modules/gallery/helpers/legal_file.php
+++ b/modules/gallery/helpers/legal_file.php
@@ -24,6 +24,8 @@ class legal_file_Core {
   private static $movie_extensions;
   private static $photo_types;
   private static $movie_types;
+  private static $blacklist = array("php", "php3", "php4", "php5", "phtml", "phtm", "shtml", "shtm",
+                                    "pl", "cgi", "asp", "sh", "py", "c", "js");
 
   /**
    * Create a default list of allowed photo MIME types paired with their extensions and then let
@@ -38,6 +40,9 @@ class legal_file_Core {
       $types_by_extension_wrapper->types_by_extension = array(
         "jpg" => "image/jpeg", "jpeg" => "image/jpeg", "gif" => "image/gif", "png" => "image/png");
       module::event("photo_types_by_extension", $types_by_extension_wrapper);
+      foreach (self::$blacklist as $key) {
+        unset($types_by_extension_wrapper->types_by_extension[$key]);
+      }
       self::$photo_types_by_extension = $types_by_extension_wrapper->types_by_extension;
     }
     if ($extension) {
@@ -67,6 +72,9 @@ class legal_file_Core {
       $types_by_extension_wrapper->types_by_extension = array(
         "flv" => "video/x-flv", "mp4" => "video/mp4", "m4v" => "video/x-m4v");
       module::event("movie_types_by_extension", $types_by_extension_wrapper);
+      foreach (self::$blacklist as $key) {
+        unset($types_by_extension_wrapper->types_by_extension[$key]);
+      }
       self::$movie_types_by_extension = $types_by_extension_wrapper->types_by_extension;
     }
     if ($extension) {
@@ -118,7 +126,7 @@ class legal_file_Core {
       $extensions_wrapper = new stdClass();
       $extensions_wrapper->extensions = array_keys(legal_file::get_photo_types_by_extension());
       module::event("legal_photo_extensions", $extensions_wrapper);
-      self::$photo_extensions = $extensions_wrapper->extensions;
+      self::$photo_extensions = array_diff($extensions_wrapper->extensions, self::$blacklist);
     }
     if ($extension) {
       // return true if in array, false if not
@@ -139,7 +147,7 @@ class legal_file_Core {
       $extensions_wrapper = new stdClass();
       $extensions_wrapper->extensions = array_keys(legal_file::get_movie_types_by_extension());
       module::event("legal_movie_extensions", $extensions_wrapper);
-      self::$movie_extensions = $extensions_wrapper->extensions;
+      self::$movie_extensions = array_diff($extensions_wrapper->extensions, self::$blacklist);
     }
     if ($extension) {
       // return true if in array, false if not
diff --git a/modules/gallery/helpers/movie.php b/modules/gallery/helpers/movie.php
index 6844771b..d4b907a2 100644
--- a/modules/gallery/helpers/movie.php
+++ b/modules/gallery/helpers/movie.php
@@ -192,8 +192,16 @@ class movie_Core {
       $metadata->extension = strtolower($extension);
     }
 
-    // Run movie_get_file_metadata events which can modify the class, then return results.
+    // Run movie_get_file_metadata events which can modify the class.
     module::event("movie_get_file_metadata", $file_path, $metadata);
+
+    // If the post-events results are invalid, throw an exception.  Note that, unlike photos, having
+    // zero width and height isn't considered invalid (as is the case when FFmpeg isn't installed).
+    if (!$metadata->mime_type || !$metadata->extension ||
+        ($metadata->mime_type != legal_file::get_movie_types_by_extension($metadata->extension))) {
+      throw new Exception("@todo ILLEGAL_OR_UNINDENTIFIABLE_FILE");
+    }
+
     return array($metadata->width, $metadata->height, $metadata->mime_type,
                  $metadata->extension, $metadata->duration);
   }
diff --git a/modules/gallery/helpers/photo.php b/modules/gallery/helpers/photo.php
index 51e51507..2d32f0d3 100644
--- a/modules/gallery/helpers/photo.php
+++ b/modules/gallery/helpers/photo.php
@@ -133,8 +133,15 @@ class photo_Core {
       $metadata->height = 0;
     }
 
-    // Run photo_get_file_metadata events which can modify the class, then return results.
+    // Run photo_get_file_metadata events which can modify the class.
     module::event("photo_get_file_metadata", $file_path, $metadata);
+
+    // If the post-events results are invalid, throw an exception.
+    if (!$metadata->width || !$metadata->height || !$metadata->mime_type || !$metadata->extension ||
+        ($metadata->mime_type != legal_file::get_photo_types_by_extension($metadata->extension))) {
+      throw new Exception("@todo ILLEGAL_OR_UNINDENTIFIABLE_FILE");
+    }
+
     return array($metadata->width, $metadata->height, $metadata->mime_type, $metadata->extension);
   }
 }