Merge pull request #2182 from VikassWebkul214254/svg-senitize

SVG Sanitizer features added

Author: VikassWebkul214254

composer.json

@@ -12,6 +12,7 @@
         "barryvdh/laravel-dompdf": "^2.0.0",
         "diglactic/laravel-breadcrumbs": "^8.0",
         "doctrine/dbal": "^3.0",
+        "enshrined/svg-sanitize": "^0.21.0",
         "guzzlehttp/guzzle": "^7.0.1",
         "khaled.alshamaa/ar-php": "^6.3",
         "konekt/concord": "^1.10",

composer.lock

@@ -2,23 +2,24 @@
 
 namespace Webkul\Admin\Http\Controllers;
 
+use Illuminate\Http\JsonResponse;
+use Illuminate\Http\UploadedFile;
 use Illuminate\Support\Facades\Storage;
+use Webkul\Core\Traits\Sanitizer;
 
 class TinyMCEController extends Controller
 {
+    use Sanitizer;
+
     /**
      * Storage folder path.
-     *
-     * @var string
      */
-    private $storagePath = 'tinymce';
+    private string $storagePath = 'tinymce';
 
     /**
      * Upload file from tinymce.
-     *
-     * @return void
      */
-    public function upload()
+    public function upload(): JsonResponse
     {
         $media = $this->storeMedia();
 
@@ -33,18 +34,28 @@ public function upload()
 
     /**
      * Store media.
-     *
-     * @return array
      */
-    public function storeMedia()
+    public function storeMedia(): array
     {
         if (! request()->hasFile('file')) {
             return [];
         }
 
+        $file = request()->file('file');
+
+        if (! $file instanceof UploadedFile) {
+            return [];
+        }
+
+        $filename = md5($file->getClientOriginalName().time()).'.'.$file->getClientOriginalExtension();
+
+        $path = $file->storeAs($this->storagePath, $filename);
+
+        $this->sanitizeSVG($path, $file);
+
         return [
-            'file'      => $path = request()->file('file')->store($this->storagePath),
-            'file_name' => request()->file('file')->getClientOriginalName(),
+            'file'      => $path,
+            'file_name' => $file->getClientOriginalName(),
             'file_url'  => Storage::url($path),
         ];
     }

packages/Webkul/Admin/src/Http/Controllers/TinyMCEController.php

@@ -417,6 +417,12 @@
             'warning' => 'تحذير',
             'info'    => 'معلومات',
         ],
+
+        'tiny-mce' => [
+            'http-error'    => 'خطأ في HTTP',
+            'invalid-json'  => 'استجابة JSON غير صالحة من الخادم.',
+            'upload-failed' => 'فشل تحميل الملف. يرجى المحاولة مرة أخرى.',
+        ],
     ],
 
     'quotes' => [
@@ -2019,7 +2025,7 @@
                 'title' => 'حول الفرصة',
             ],
 
-            'quotes'=> [
+            'quotes' => [
                 'subject'         => 'الموضوع',
                 'expired-at'      => 'تنتهي في',
                 'sub-total'       => 'المجموع الفرعي',

packages/Webkul/Admin/src/Resources/lang/ar/app.php

@@ -419,6 +419,12 @@
             'warning' => 'Warning',
             'info'    => 'Info',
         ],
+
+        'tiny-mce' => [
+            'http-error'    => 'HTTP Error',
+            'invalid-json'  => 'Invalid JSON response from the server.',
+            'upload-failed' => 'File upload failed. Please try again.',
+        ],
     ],
 
     'quotes' => [

packages/Webkul/Admin/src/Resources/lang/en/app.php

@@ -421,6 +421,12 @@
             'warning' => 'Advertencia',
             'info'    => 'Información',
         ],
+
+        'tiny-mce' => [
+            'http-error'    => 'Error HTTP',
+            'invalid-json'  => 'Respuesta JSON no válida del servidor.',
+            'upload-failed' => 'Error al subir el archivo. Por favor, inténtelo de nuevo.',
+        ],
     ],
 
     'quotes' => [
@@ -2022,7 +2028,7 @@
                 'title' => 'Sobre el Lead',
             ],
 
-            'quotes'=> [
+            'quotes' => [
                 'subject'         => 'Asunto',
                 'expired-at'      => 'Expirado En',
                 'sub-total'       => 'Subtotal',

packages/Webkul/Admin/src/Resources/lang/es/app.php

@@ -421,6 +421,12 @@
             'warning' => 'هشدار',
             'info'    => 'اطلاعات',
         ],
+
+        'tiny-mce' => [
+            'http-error'    => 'خطای HTTP',
+            'invalid-json'  => 'پاسخ JSON نامعتبر از سرور.',
+            'upload-failed' => 'آپلود فایل ناموفق بود. لطفاً دوباره تلاش کنید.',
+        ],
     ],
 
     'quotes' => [
@@ -2023,7 +2029,7 @@
                 'title' => 'درباره سرنخ',
             ],
 
-            'quotes'=> [
+            'quotes' => [
                 'subject'         => 'موضوع',
                 'expired-at'      => 'تاریخ انقضا',
                 'sub-total'       => 'جمع جزئی',

packages/Webkul/Admin/src/Resources/lang/fa/app.php

@@ -415,6 +415,12 @@
             'warning' => 'Aviso',
             'info'    => 'Informação',
         ],
+
+        'tiny-mce' => [
+            'http-error'    => 'Erro HTTP',
+            'invalid-json'  => 'Resposta JSON inválida do servidor.',
+            'upload-failed' => 'Falha no upload do arquivo. Por favor, tente novamente.',
+        ],
     ],
 
     'quotes' => [
@@ -1908,7 +1914,7 @@
                 'title' => 'Sobre o Negócio',
             ],
 
-            'quotes'=> [
+            'quotes' => [
                 'subject'         => 'Assunto',
                 'expired-at'      => 'Expirado em',
                 'sub-total'       => 'Subtotal',

packages/Webkul/Admin/src/Resources/lang/pt_BR/app.php

@@ -421,6 +421,12 @@
             'warning' => 'Uyarı',
             'info'    => 'Bilgi',
         ],
+
+        'tiny-mce' => [
+            'http-error'    => 'HTTP Hatası',
+            'invalid-json'  => 'Sunucudan geçersiz JSON yanıtı.',
+            'upload-failed' => 'Dosya yüklemesi başarısız oldu. Lütfen tekrar deneyin.',
+        ],
     ],
 
     'quotes' => [

packages/Webkul/Admin/src/Resources/lang/tr/app.php

@@ -418,6 +418,12 @@
             'warning' => 'Cảnh báo',
             'info'    => 'Thông tin',
         ],
+
+        'tiny-mce' => [
+            'http-error'    => 'Lỗi HTTP',
+            'invalid-json'  => 'Phản hồi JSON không hợp lệ từ máy chủ.',
+            'upload-failed' => 'Tải tệp lên không thành công. Vui lòng thử lại.',
+        ],
     ],
 
     'quotes' => [
@@ -1916,7 +1922,7 @@
                 'title' => 'Về Khách Hàng Tiềm Năng',
             ],
 
-            'quotes'=> [
+            'quotes' => [
                 'subject'         => 'Chủ Đề',
                 'expired-at'      => 'Hết Hạn Vào',
                 'sub-total'       => 'Tạm Tính',