function _services_file_check_destination_scheme in Services 7.3
Sanitizes a user-input file scheme.
Parameters
string $scheme: The user-provided file scheme.
Return value
string The user-provided scheme if it is valid and a safe destination to save files. Otherwise the default scheme, usually "public://".
1 call to _services_file_check_destination_scheme()
- _services_file_check_destination_uri in resources/
file_resource.inc - Sanitizes a user-input file URI.
File
- resources/
file_resource.inc, line 527 - File resource.
Code
function _services_file_check_destination_scheme($scheme) {
// Untrusted users should not be able to write to certain schemes.
// @todo Use a white list instead?
// @todo Make this list configurable?
$unsafe = array(
'temporary',
'file',
'http',
'https',
'ftp',
);
if (!empty($scheme) && !in_array($scheme, $unsafe) && file_stream_wrapper_valid_scheme($scheme)) {
return $scheme;
}
return file_default_scheme();
}