2009-05-15 20:04:58 +01:00
|
|
|
<?php
|
2021-04-11 21:53:23 +01:00
|
|
|
|
|
|
|
// {{{ License
|
2019-10-19 01:57:36 +01:00
|
|
|
// This file is part of GNU social - https://www.gnu.org/software/social
|
|
|
|
//
|
|
|
|
// GNU social is free software: you can redistribute it and/or modify
|
|
|
|
// it under the terms of the GNU Affero General Public License as published by
|
|
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
|
|
// (at your option) any later version.
|
|
|
|
//
|
|
|
|
// GNU social is distributed in the hope that it will be useful,
|
|
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
// GNU Affero General Public License for more details.
|
|
|
|
//
|
|
|
|
// You should have received a copy of the GNU Affero General Public License
|
|
|
|
// along with GNU social. If not, see <http://www.gnu.org/licenses/>.
|
2021-04-11 21:53:23 +01:00
|
|
|
// }}}
|
|
|
|
|
|
|
|
namespace Plugin\Media\Controller;
|
2019-10-19 01:57:36 +01:00
|
|
|
|
2021-04-11 21:53:23 +01:00
|
|
|
use App\Core\Controller;
|
|
|
|
use Symfony\Component\HttpFoundation\Request;
|
2009-05-15 20:04:58 +01:00
|
|
|
|
|
|
|
/**
|
2021-04-11 21:53:23 +01:00
|
|
|
* Show note attachments
|
|
|
|
*
|
|
|
|
* @author Evan Prodromou <evan@status.net>
|
|
|
|
* @author Hugo Sales <hugo@hsal.es>
|
|
|
|
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
|
2009-05-15 20:04:58 +01:00
|
|
|
*
|
2021-04-11 21:53:23 +01:00
|
|
|
* @see http://status.net/
|
2009-05-15 20:04:58 +01:00
|
|
|
*/
|
2021-04-11 21:53:23 +01:00
|
|
|
class Attachment extends Controller
|
2009-05-15 20:04:58 +01:00
|
|
|
{
|
2021-04-11 21:53:23 +01:00
|
|
|
public function handle(Request $request)
|
|
|
|
{
|
|
|
|
return [
|
|
|
|
'_template' => 'doc/tos.html.twig',
|
|
|
|
];
|
|
|
|
}
|
|
|
|
|
2009-05-15 20:04:58 +01:00
|
|
|
/**
|
[MEDIA] File downloader now in PHP, added proper name in the UI and changed the format for new attachment file names
The file downloader was changed from a simple redirect to the file to one
implemented in PHP, which should make it safer, by making it possible disallow
direct access to the file, to prevent executing of atttachments
The filename has a new format:
bin2hex("{$original_name}")."-{$filehash}"
This format should be respected. Notice the dash, which is important to distinguish it from the previous
format, which was "{$hash}.{$ext}"
This change was made to both make the experience more user friendly, by
providing a readable name for files, as opposed to it's hash. This name is taken
from the upload filename, but, clearly, as this wasn't done before, it's
impossible to have a proper name for older files, so those are displayed as
"untitled.{$ext}".
This new name is displayed in the UI, instead of the previous name.
2019-06-11 02:42:33 +01:00
|
|
|
* Attachment File object to show
|
2009-05-15 20:04:58 +01:00
|
|
|
*/
|
2021-04-11 21:53:23 +01:00
|
|
|
public $attachment;
|
2019-10-19 01:57:36 +01:00
|
|
|
|
2021-04-11 21:53:23 +01:00
|
|
|
public $filehash;
|
|
|
|
public $filepath;
|
|
|
|
public $filesize;
|
|
|
|
public $mimetype;
|
|
|
|
public $filename;
|
2009-05-15 20:04:58 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Load attributes based on database arguments
|
|
|
|
*
|
|
|
|
* Loads all the DB stuff
|
|
|
|
*
|
|
|
|
* @param array $args $_REQUEST array
|
|
|
|
*
|
2019-10-19 01:57:36 +01:00
|
|
|
* @throws ClientException
|
|
|
|
* @throws FileNotFoundException
|
|
|
|
* @throws FileNotStoredLocallyException
|
|
|
|
* @throws InvalidFilenameException
|
|
|
|
* @throws ServerException
|
2021-04-11 21:53:23 +01:00
|
|
|
*
|
|
|
|
* @return bool flag
|
2009-05-15 20:04:58 +01:00
|
|
|
*/
|
2019-10-19 01:57:36 +01:00
|
|
|
protected function prepare(array $args = [])
|
2009-05-15 20:04:58 +01:00
|
|
|
{
|
2021-04-11 21:53:23 +01:00
|
|
|
// parent::prepare($args);
|
2009-05-15 20:04:58 +01:00
|
|
|
|
2019-06-28 00:18:27 +01:00
|
|
|
try {
|
|
|
|
if (!empty($id = $this->trimmed('attachment'))) {
|
2020-09-21 21:54:23 +01:00
|
|
|
$this->attachment = File::getByID((int) $id);
|
2019-10-19 01:57:36 +01:00
|
|
|
} elseif (!empty($this->filehash = $this->trimmed('filehash'))) {
|
2020-09-21 21:54:23 +01:00
|
|
|
$file = File::getByHash($this->filehash);
|
|
|
|
$file->fetch();
|
|
|
|
$this->attachment = $file;
|
2019-06-28 00:18:27 +01:00
|
|
|
}
|
|
|
|
} catch (Exception $e) {
|
|
|
|
// Not found
|
2009-05-24 09:43:34 +01:00
|
|
|
}
|
2014-05-18 11:57:46 +01:00
|
|
|
if (!$this->attachment instanceof File) {
|
2010-10-30 23:58:35 +01:00
|
|
|
// TRANS: Client error displayed trying to get a non-existing attachment.
|
2019-10-19 01:57:36 +01:00
|
|
|
$this->clientError(_m('No such attachment.'), 404);
|
2019-06-29 20:10:20 +01:00
|
|
|
}
|
|
|
|
|
2020-09-21 21:54:23 +01:00
|
|
|
$this->filesize = $this->attachment->size;
|
|
|
|
$this->mimetype = $this->attachment->mimetype;
|
|
|
|
$this->filename = $this->attachment->filename;
|
|
|
|
|
2021-02-16 18:30:21 +00:00
|
|
|
if ($this->attachment->isLocal() || $this->attachment->isFetchedRemoteFile()) {
|
2020-09-21 21:54:23 +01:00
|
|
|
$this->filesize = $this->attachment->getFileOrThumbnailSize();
|
|
|
|
$this->mimetype = $this->attachment->getFileOrThumbnailMimetype();
|
|
|
|
$this->filename = MediaFile::getDisplayName($this->attachment);
|
2009-05-15 20:04:58 +01:00
|
|
|
}
|
2019-10-19 01:57:36 +01:00
|
|
|
|
2009-05-15 20:04:58 +01:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Is this action read-only?
|
|
|
|
*
|
2021-04-11 21:53:23 +01:00
|
|
|
* @param mixed $args
|
|
|
|
*
|
2019-10-19 01:57:36 +01:00
|
|
|
* @return bool true
|
2009-05-15 20:04:58 +01:00
|
|
|
*/
|
2019-10-19 01:57:36 +01:00
|
|
|
public function isReadOnly($args): bool
|
2009-05-15 20:04:58 +01:00
|
|
|
{
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Title of the page
|
|
|
|
*
|
|
|
|
* @return string title of the page
|
|
|
|
*/
|
2019-10-19 01:57:36 +01:00
|
|
|
public function title(): string
|
2009-05-15 20:04:58 +01:00
|
|
|
{
|
2021-04-11 21:53:23 +01:00
|
|
|
$a = new self($this->attachment);
|
2009-05-15 20:04:58 +01:00
|
|
|
return $a->title();
|
|
|
|
}
|
|
|
|
|
2019-10-19 01:57:36 +01:00
|
|
|
public function showPage(): void
|
2009-05-15 20:04:58 +01:00
|
|
|
{
|
2021-04-11 21:53:23 +01:00
|
|
|
if (empty($this->filepath)) {
|
|
|
|
// if it's not a local file, gtfo
|
|
|
|
common_redirect($this->attachment->getUrl(), 303);
|
|
|
|
}
|
|
|
|
|
|
|
|
// parent::showPage();
|
2009-05-15 20:04:58 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Fill the content area of the page
|
|
|
|
*
|
|
|
|
* Shows a single notice list item.
|
|
|
|
*
|
|
|
|
* @return void
|
|
|
|
*/
|
2019-10-19 01:57:36 +01:00
|
|
|
public function showContent(): void
|
2009-05-15 20:04:58 +01:00
|
|
|
{
|
2021-04-11 21:53:23 +01:00
|
|
|
$ali = new self($this->attachment, $this);
|
2019-10-19 01:57:36 +01:00
|
|
|
$ali->show();
|
2009-05-15 20:04:58 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Don't show page notice
|
|
|
|
*
|
|
|
|
* @return void
|
|
|
|
*/
|
2019-10-19 01:57:36 +01:00
|
|
|
public function showPageNoticeBlock(): void
|
2009-05-15 20:04:58 +01:00
|
|
|
{
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Show aside: this attachments appears in what notices
|
|
|
|
*
|
|
|
|
* @return void
|
|
|
|
*/
|
2019-10-19 01:57:36 +01:00
|
|
|
public function showSections(): void
|
|
|
|
{
|
2009-05-18 03:06:08 +01:00
|
|
|
$ns = new AttachmentNoticeSection($this);
|
|
|
|
$ns->show();
|
2009-05-15 20:04:58 +01:00
|
|
|
}
|
2019-06-26 03:25:59 +01:00
|
|
|
|
2019-06-26 03:39:39 +01:00
|
|
|
/**
|
|
|
|
* Last-modified date for file
|
|
|
|
*
|
2019-10-19 01:57:36 +01:00
|
|
|
* @throws ServerException
|
2021-04-11 21:53:23 +01:00
|
|
|
*
|
|
|
|
* @return int last-modified date as unix timestamp
|
2019-06-26 03:39:39 +01:00
|
|
|
*/
|
2019-10-19 01:57:36 +01:00
|
|
|
public function lastModified(): ?int
|
2019-06-26 03:39:39 +01:00
|
|
|
{
|
|
|
|
if (common_config('site', 'use_x_sendfile')) {
|
|
|
|
return null;
|
|
|
|
}
|
2019-10-19 01:57:36 +01:00
|
|
|
$path = $this->filepath;
|
2019-06-29 20:10:20 +01:00
|
|
|
if (!empty($path)) {
|
|
|
|
return filemtime($path);
|
|
|
|
} else {
|
2019-06-28 00:18:27 +01:00
|
|
|
return null;
|
|
|
|
}
|
2019-06-26 03:39:39 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* etag header for file
|
|
|
|
*
|
|
|
|
* This returns the same data (inode, size, mtime) as Apache would,
|
|
|
|
* but in decimal instead of hex.
|
|
|
|
*
|
2019-10-19 01:57:36 +01:00
|
|
|
* @throws ServerException
|
2021-04-11 21:53:23 +01:00
|
|
|
*
|
|
|
|
* @return string etag http header
|
2019-06-26 03:39:39 +01:00
|
|
|
*/
|
2020-06-27 22:39:09 +01:00
|
|
|
public function etag(): ?string
|
2019-06-26 03:39:39 +01:00
|
|
|
{
|
|
|
|
if (common_config('site', 'use_x_sendfile')) {
|
|
|
|
return null;
|
|
|
|
}
|
|
|
|
|
2019-10-19 01:57:36 +01:00
|
|
|
$path = $this->filepath;
|
2019-06-29 20:10:20 +01:00
|
|
|
|
2019-06-26 03:39:39 +01:00
|
|
|
$cache = Cache::instance();
|
2019-10-19 01:57:36 +01:00
|
|
|
if ($cache) {
|
2019-06-29 20:10:20 +01:00
|
|
|
if (empty($path)) {
|
2019-06-28 00:18:27 +01:00
|
|
|
return null;
|
2019-06-26 03:39:39 +01:00
|
|
|
}
|
2021-04-11 21:53:23 +01:00
|
|
|
$key = Cache::key('attachments:etag:' . $path);
|
2019-06-29 20:10:20 +01:00
|
|
|
$etag = $cache->get($key);
|
2019-10-19 01:57:36 +01:00
|
|
|
if ($etag === false) {
|
2019-06-29 20:10:20 +01:00
|
|
|
$etag = crc32(file_get_contents($path));
|
2019-10-19 01:57:36 +01:00
|
|
|
$cache->set($key, $etag);
|
2019-06-29 20:10:20 +01:00
|
|
|
}
|
2019-06-26 03:39:39 +01:00
|
|
|
return $etag;
|
|
|
|
}
|
|
|
|
|
2019-06-29 20:10:20 +01:00
|
|
|
if (!empty($path)) {
|
|
|
|
$stat = stat($path);
|
|
|
|
return '"' . $stat['ino'] . '-' . $stat['size'] . '-' . $stat['mtime'] . '"';
|
|
|
|
} else {
|
|
|
|
return null;
|
|
|
|
}
|
2019-06-26 03:39:39 +01:00
|
|
|
}
|
2009-05-15 20:04:58 +01:00
|
|
|
}
|