mirror of
https://github.com/openvk/openvk
synced 2024-11-14 11:09:12 +03:00
6159262026
* Reports: [INDEV] Undone implementation of reports
* Reports: Backend is done
* Reports: Still makin it...
* Reports: Added report window
* Reports: Corrected the content type
* Reports: Make it work
* Reports: Minor fixes and localization
* Reports: Ability to hide Share and Like buttons
Also renamed the .sql file
* Revent some changes from 8f8d7bb
I will move them to the master branch
* Reports: Only for those who can access Helpdesk
* Reports: Modified the route
* Reports: Change the routes
* Reports: Show reports count
* Report: Fix URL
* Обновление репортов (#715)
* Репорты живы
* 2
* Better reports
* Логи
* Update DBEntity.updated.php
* noSpam
* Сбор IP и UserAgent + фикс логирования в IPs
* Новые поля для поиска etc.
* Fixes
* Fixes and enhancements
* Поиск по нескольким разделам
* Reports enhancements
* Совместимость с новыми логами
* Совместимость с новыми логами
* Update Logs.xml
* Update Logs.xml
* Logs i18n
* Update Logs.xml
* Update AdminPresenter.php
---------
Co-authored-by: veselcraft <veselcraft@icloud.com>
Co-authored-by: Ilya Prokopenko <55238545+Xenforce@users.noreply.github.com>
Co-authored-by: n1rwana <aydashkin@vk.com>
41 lines
1.4 KiB
PHP
41 lines
1.4 KiB
PHP
<?php declare(strict_types=1);
|
|
namespace openvk\Web\Presenters;
|
|
|
|
final class BlobPresenter extends OpenVKPresenter
|
|
{
|
|
protected $banTolerant = true;
|
|
|
|
private function getDirName($dir): string
|
|
{
|
|
if(gettype($dir) === "integer") {
|
|
$dir = (string) $dir;
|
|
if(strlen($dir) < 2) #Must have been a number with 1 digit
|
|
$dir = "0$dir";
|
|
}
|
|
|
|
return $dir;
|
|
}
|
|
|
|
function renderFile(/*string*/ $dir, string $name, string $format)
|
|
{
|
|
$dir = $this->getDirName($dir);
|
|
$base = realpath(OPENVK_ROOT . "/storage/$dir");
|
|
$path = realpath(OPENVK_ROOT . "/storage/$dir/$name.$format");
|
|
if(!$path) # Will also check if file exists since realpath fails on ENOENT
|
|
$this->notFound();
|
|
else if(strpos($path, $path) !== 0) # Prevent directory traversal and storage container escape
|
|
$this->notFound();
|
|
|
|
if(isset($_SERVER["HTTP_IF_NONE_MATCH"]))
|
|
exit(header("HTTP/1.1 304 Not Modified"));
|
|
|
|
header("Content-Type: " . mime_content_type($path));
|
|
header("Content-Size: " . filesize($path));
|
|
header("Cache-Control: public, max-age=1210000");
|
|
header("X-Accel-Expires: 1210000");
|
|
header("ETag: W/\"" . hash_file("snefru", $path) . "\"");
|
|
|
|
readfile($path);
|
|
exit;
|
|
}
|
|
}
|