Lanmikeman/openvk
Lanmikeman/openvk
1
1
Fork 0
mirror of https://github.com/openvk/openvk synced 2025-03-14 13:35:33 +03:00
Code Issues Projects Releases Packages Wiki Activity
openvk/Web/Presenters/BlobPresenter.php
Alexander Minkin def76226b7
feat(core): add phpstan for static analysis (#1223) 
* feat: add phpstan for static analysis

* ci(actions): add phpstan action

* ci(actions): do analysing inside docker container

* fix(FetchToncoinTransactions): add var declaration

* fix(ServiceAPI/Wall): add var declaration

* fix(bootstrap): remove case-insensitive false vars

* fix(VKAPI/Handlers/Board): change parameters order

* fix(VKAPIRequestHandler): set fail's return type as never

* fix(VKAPI/Handlers/Groups): add array declaration

* fix(VKAPI/Handlers/Newsfeed): add return_banned declaration

* fix(VKAPI/Handlers/Notes): move $nodez declaration up

* fix(phpstan): most of the things and stupid lines of code

* fix(lint)

* fix(phpstan): less errors

* fix(lint): again. cuz i forgot about it

* fix(stan): all errors are gone now =3

---------

Co-authored-by: veselcraft <veselcraft@icloud.com>
2025-03-09 16:03:33 +03:00

50 lines
1.4 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
namespace openvk\Web\Presenters;
final class BlobPresenter extends OpenVKPresenter
{
protected $banTolerant = true;
private function getDirName($dir): string
{
if (gettype($dir) === "integer") {
$dir = (string) $dir;
if (strlen($dir) < 2) { #Must have been a number with 1 digit
$dir = "0$dir";
}
}
return $dir;
}
public function renderFile(/*string*/ $dir, string $name, string $format)
{
header("Access-Control-Allow-Origin: *");
$dir = $this->getDirName($dir);
$base = realpath(OPENVK_ROOT . "/storage/$dir");
$path = realpath(OPENVK_ROOT . "/storage/$dir/$name.$format");
if (!$path) { # Will also check if file exists since realpath fails on ENOENT
$this->notFound();
} elseif (strpos($path, $path) !== 0) { # Prevent directory traversal and storage container escape
$this->notFound();
}
if (isset($_SERVER["HTTP_IF_NONE_MATCH"])) {
header("HTTP/1.1 304 Not Modified");
exit();
}
header("Content-Type: " . mime_content_type($path));
header("Content-Size: " . filesize($path));
header("Cache-Control: public, max-age=1210000");
header("X-Accel-Expires: 1210000");
header("ETag: W/\"" . hash_file("snefru", $path) . "\"");
readfile($path);
exit;
}
}
Reference in a new issue View git blame Copy permalink