function _services_file_check_destination_scheme in Services 7.3

Sanitizes a user-input file scheme.

Parameters

string $scheme: The user-provided file scheme.

Return value

string The user-provided scheme if it is valid and a safe destination to save files. Otherwise the default scheme, usually "public://".

1 call to _services_file_check_destination_scheme()

_services_file_check_destination_uri in resources/file_resource.inc

Sanitizes a user-input file URI.

File

resources/file_resource.inc, line 527

File resource.

Code

function _services_file_check_destination_scheme($scheme) {

  // Untrusted users should not be able to write to certain schemes.
  // @todo Use a white list instead?
  // @todo Make this list configurable?
  $unsafe = array(
    'temporary',
    'file',
    'http',
    'https',
    'ftp',
  );
  if (!empty($scheme) && !in_array($scheme, $unsafe) && file_stream_wrapper_valid_scheme($scheme)) {
    return $scheme;
  }
  return file_default_scheme();
}