From: Matthias Schmidt Date: Mon, 3 Aug 2015 18:36:46 +0000 (+0200) Subject: Save state X-Git-Tag: 2.1.7~38 X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=545165e312a4391d36f6075edfe9fc4f43f55fac;p=GitHub%2FWoltLab%2FWCF.git Save state --- diff --git a/wcfsetup/install/files/lib/action/ImageProxyAction.class.php b/wcfsetup/install/files/lib/action/ImageProxyAction.class.php new file mode 100644 index 0000000000..f2d5e0a0e6 --- /dev/null +++ b/wcfsetup/install/files/lib/action/ImageProxyAction.class.php @@ -0,0 +1,90 @@ + + * @package com.woltlab.wcf + * @subpackage action + * @category Community Framework + */ +class ImageProxyAction extends AbstractAction { + /** + * hashed image proxy secret and image url + * @var string + */ + public $hash = ''; + + /** + * url-encoded image url + * @var string + */ + public $url = ''; + + /** + * @see \wcf\action\IAction::readParameters() + */ + public function readParameters() { + parent::readParameters(); + + if (isset($_REQUEST['url'])) $this->url = StringUtil::trim($_REQUEST['url']); + if (isset($_REQUEST['hash'])) $this->hash = StringUtil::trim($_REQUEST['hash']); + } + + /** + * @see \wcf\action\IAction::execute() + */ + public function execute() { + parent::execute(); + + $url = urldecode($this->url); + $hash = sha1(IMAGE_PROXY_SECRET.$url); + if ($this->hash != $hash) { + throw new IllegalLinkException(); + } + + try { + $request = new HTTPRequest($url); + $request->execute(); + $reply = $request->getReply(); + + $fileExtension = ''; + if (($position = mb_strrpos($url, '.')) !== false) { + $fileExtension = mb_strtolower(mb_substr($url, $position + 1)); + } + + // check if requested content is image + if (!isset($reply['headers']['Content-Type']) || !StringUtil::startsWith($reply['headers']['Content-Type'], 'image/')) { + throw new IllegalLinkException(); + } + + // save image + $fileLocation = WCF_DIR.'images/proxy/'.substr($hash, 0, 2).'/'.$hash.($fileExtension ? '.'.$fileExtension : ''); + $dir = dirname($fileLocation); + if (!@file_exists($dir)) { + FileUtil::makePath($dir, 0777); + } + file_put_contents($fileLocation, $reply['body']); + + // update mtime for correct expiration calculation + @touch($fileLocation); + + $this->executed(); + + @header('Content-Type: '.$reply['headers']['Content-Type']); + @readfile($fileLocation); + exit; + } + catch (SystemException $e) { + throw new IllegalLinkException(); + } + } +}