Controllers refactoring

app/Controllers/ClientController.php

@@ -0,0 +1,78 @@
+<?php
+
+
+namespace App\Controllers;
+
+
+use Psr\Http\Message\ResponseInterface as Response;
+use Psr\Http\Message\ServerRequestInterface as Request;
+use Slim\Exception\HttpNotFoundException;
+use Slim\Exception\HttpUnauthorizedException;
+
+class ClientController extends Controller
+{
+    /**
+     * @param  Request  $request
+     * @param  Response  $response
+     * @param  int  $id
+     * @return Response
+     * @throws HttpNotFoundException
+     * @throws HttpUnauthorizedException
+     */
+    public function getShareXConfig(Request $request, Response $response, int $id): Response
+    {
+        $user = $this->getUser($request, $id, true);
+
+        if ($user->token === null || $user->token === '') {
+            $this->session->alert(lang('no_upload_token'), 'danger');
+            return redirect($response, $request->getHeaderLine('Referer'));
+        }
+
+        $json = [
+            'DestinationType' => 'ImageUploader, TextUploader, FileUploader',
+            'RequestURL' => route('upload'),
+            'FileFormName' => 'upload',
+            'Arguments' => [
+                'file' => '$filename$',
+                'text' => '$input$',
+                'token' => $user->token,
+            ],
+            'URL' => '$json:url$',
+            'ThumbnailURL' => '$json:url$/raw',
+            'DeletionURL' => '$json:url$/delete/'.$user->token,
+        ];
+
+        return json($response, $json, 200, JSON_UNESCAPED_SLASHES | JSON_PRETTY_PRINT)
+            ->withHeader('Content-Disposition', 'attachment;filename="'.$user->username.'-ShareX.sxcu"');
+    }
+
+    /**
+     * @param  Request  $request
+     * @param  Response  $response
+     * @param  int  $id
+     * @return Response
+     * @throws HttpNotFoundException
+     * @throws HttpUnauthorizedException
+     * @throws \Twig\Error\LoaderError
+     * @throws \Twig\Error\RuntimeError
+     * @throws \Twig\Error\SyntaxError
+     */
+    public function getBashScript(Request $request, Response $response, int $id): Response
+    {
+        $user = $this->getUser($request, $id, true);
+
+        if ($user->token === null || $user->token === '') {
+            $this->session->alert(lang('no_upload_token'), 'danger');
+            return redirect($response, $request->getHeaderLine('Referer'));
+        }
+
+        return view()->render($response->withHeader('Content-Disposition', 'attachment;filename="xbackbone_uploader_'.$user->username.'.sh"'),
+            'scripts/xbackbone_uploader.sh.twig',
+            [
+                'username' => $user->username,
+                'upload_url' => route('upload'),
+                'token' => $user->token,
+            ]
+        );
+    }
+}

app/Controllers/MediaController.php

@@ -0,0 +1,380 @@
+<?php
+
+
+namespace App\Controllers;
+
+
+use GuzzleHttp\Psr7\Stream;
+use Intervention\Image\Constraint;
+use Intervention\Image\ImageManagerStatic as Image;
+use League\Flysystem\FileNotFoundException;
+use League\Flysystem\Filesystem;
+use Psr\Http\Message\ResponseInterface as Response;
+use Psr\Http\Message\ServerRequestInterface as Request;
+use Slim\Exception\HttpBadRequestException;
+use Slim\Exception\HttpNotFoundException;
+use Slim\Exception\HttpUnauthorizedException;
+
+class MediaController extends Controller
+{
+    /**
+     * @param  Request  $request
+     * @param  Response  $response
+     * @param  string  $userCode
+     * @param  string  $mediaCode
+     * @param  string|null  $token
+     * @return Response
+     * @throws HttpNotFoundException
+     * @throws \Twig\Error\LoaderError
+     * @throws \Twig\Error\RuntimeError
+     * @throws \Twig\Error\SyntaxError
+     * @throws FileNotFoundException
+     */
+    public function show(Request $request, Response $response, string $userCode, string $mediaCode, string $token = null): Response
+    {
+        $media = $this->getMedia($userCode, $mediaCode);
+
+        if (!$media || (!$media->published && $this->session->get('user_id') !== $media->user_id && !$this->session->get('admin', false))) {
+            throw new HttpNotFoundException($request);
+        }
+
+        $filesystem = $this->storage;
+
+        if (isBot($request->getHeaderLine('User-Agent'))) {
+            return $this->streamMedia($request, $response, $filesystem, $media);
+        } else {
+            try {
+                $media->mimetype = $filesystem->getMimetype($media->storage_path);
+                $size = $filesystem->getSize($media->storage_path);
+
+                $type = explode('/', $media->mimetype)[0];
+                if ($type === 'image' && !isDisplayableImage($media->mimetype)) {
+                    $type = 'application';
+                    $media->mimetype = 'application/octet-stream';
+                }
+                if ($type === 'text') {
+                    if ($size <= (200 * 1024)) { // less than 200 KB
+                        $media->text = $filesystem->read($media->storage_path);
+                    } else {
+                        $type = 'application';
+                        $media->mimetype = 'application/octet-stream';
+                    }
+                }
+                $media->size = humanFileSize($size);
+
+            } catch (FileNotFoundException $e) {
+                throw new HttpNotFoundException($request);
+            }
+
+            return view()->render($response, 'upload/public.twig', [
+                'delete_token' => $token,
+                'media' => $media,
+                'type' => $type,
+                'extension' => pathinfo($media->filename, PATHINFO_EXTENSION),
+            ]);
+        }
+    }
+
+    /**
+     * @param  Request  $request
+     * @param  Response  $response
+     * @param  int  $id
+     * @return Response
+     * @throws FileNotFoundException
+     * @throws HttpNotFoundException
+     */
+    public function getRawById(Request $request, Response $response, int $id): Response
+    {
+        $media = $this->database->query('SELECT * FROM `uploads` WHERE `id` = ? LIMIT 1', $id)->fetch();
+
+        if (!$media) {
+            throw new HttpNotFoundException($request);
+        }
+
+        return $this->streamMedia($request, $response, $this->storage, $media);
+    }
+
+    /**
+     * @param  Request  $request
+     * @param  Response  $response
+     * @param  string  $userCode
+     * @param  string  $mediaCode
+     * @param  string|null  $ext
+     * @return Response
+     * @throws FileNotFoundException
+     * @throws HttpBadRequestException
+     * @throws HttpNotFoundException
+     */
+    public function getRaw(Request $request, Response $response, string $userCode, string $mediaCode, ?string $ext = null): Response
+    {
+        $media = $this->getMedia($userCode, $mediaCode);
+
+        if (!$media || !$media->published && $this->session->get('user_id') !== $media->user_id && !$this->session->get('admin', false)) {
+            throw new HttpNotFoundException($request);
+        }
+
+        if ($ext !== null && pathinfo($media->filename, PATHINFO_EXTENSION) !== $ext) {
+            throw new HttpBadRequestException($request);
+        }
+
+        return $this->streamMedia($request, $response, $this->storage, $media);
+    }
+
+
+    /**
+     * @param  Request  $request
+     * @param  Response  $response
+     * @param  string  $userCode
+     * @param  string  $mediaCode
+     * @return Response
+     * @throws FileNotFoundException
+     * @throws HttpNotFoundException
+     */
+    public function download(Request $request, Response $response, string $userCode, string $mediaCode): Response
+    {
+        $media = $this->getMedia($userCode, $mediaCode);
+
+        if (!$media || !$media->published && $this->session->get('user_id') !== $media->user_id && !$this->session->get('admin', false)) {
+            throw new HttpNotFoundException($request);
+        }
+        return $this->streamMedia($request, $response, $this->storage, $media, 'attachment');
+    }
+
+    /**
+     * @param  Request  $request
+     * @param  Response  $response
+     * @param  int  $id
+     * @return Response
+     * @throws HttpNotFoundException
+     */
+    public function togglePublish(Request $request, Response $response, int $id): Response
+    {
+        if ($this->session->get('admin')) {
+            $media = $this->database->query('SELECT * FROM `uploads` WHERE `id` = ? LIMIT 1', $id)->fetch();
+        } else {
+            $media = $this->database->query('SELECT * FROM `uploads` WHERE `id` = ? AND `user_id` = ? LIMIT 1', [$id, $this->session->get('user_id')])->fetch();
+        }
+
+        if (!$media) {
+            throw new HttpNotFoundException($request);
+        }
+
+        $this->database->query('UPDATE `uploads` SET `published`=? WHERE `id`=?', [$media->published ? 0 : 1, $media->id]);
+
+        return $response;
+    }
+
+    /**
+     * @param  Request  $request
+     * @param  Response  $response
+     * @param  int  $id
+     * @return Response
+     * @throws HttpNotFoundException
+     * @throws HttpUnauthorizedException
+     */
+    public function delete(Request $request, Response $response, int $id): Response
+    {
+        $media = $this->database->query('SELECT * FROM `uploads` WHERE `id` = ? LIMIT 1', $id)->fetch();
+
+        if (!$media) {
+            throw new HttpNotFoundException($request);
+        }
+
+        if ($this->session->get('admin', false) || $media->user_id === $this->session->get('user_id')) {
+            $this->deleteMedia($request, $media->storage_path, $id);
+            $this->logger->info('User '.$this->session->get('username').' deleted a media.', [$id]);
+            $this->session->set('used_space', humanFileSize($this->getUsedSpaceByUser($this->session->get('user_id'))));
+        } else {
+            throw new HttpUnauthorizedException($request);
+        }
+
+        return $response;
+    }
+
+    /**
+     * @param  Request  $request
+     * @param  Response  $response
+     * @param  string  $userCode
+     * @param  string  $mediaCode
+     * @param  string  $token
+     * @return Response
+     * @throws HttpNotFoundException
+     * @throws HttpUnauthorizedException
+     */
+    public function deleteByToken(Request $request, Response $response, string $userCode, string $mediaCode, string $token): Response
+    {
+        $media = $this->getMedia($userCode, $mediaCode);
+
+        if (!$media) {
+            throw new HttpNotFoundException($request);
+        }
+
+        $user = $this->database->query('SELECT `id`, `active` FROM `users` WHERE `token` = ? LIMIT 1', $token)->fetch();
+
+        if (!$user) {
+            $this->session->alert(lang('token_not_found'), 'danger');
+            return redirect($response, $request->getHeaderLine('Referer'));
+        }
+
+        if (!$user->active) {
+            $this->session->alert(lang('account_disabled'), 'danger');
+            return redirect($response, $request->getHeaderLine('Referer'));
+        }
+
+        if ($this->session->get('admin', false) || $user->id === $media->user_id) {
+            $this->deleteMedia($request, $media->storage_path, $media->mediaId);
+            $this->logger->info('User '.$user->username.' deleted a media via token.', [$media->mediaId]);
+        } else {
+            throw new HttpUnauthorizedException($request);
+        }
+
+        return redirect($response, route('home'));
+    }
+
+    /**
+     * @param  Request  $request
+     * @param  string  $storagePath
+     * @param  int  $id
+     * @throws HttpNotFoundException
+     */
+    protected function deleteMedia(Request $request, string $storagePath, int $id)
+    {
+        try {
+            $this->storage->delete($storagePath);
+        } catch (FileNotFoundException $e) {
+            throw new HttpNotFoundException($request);
+        } finally {
+            $this->database->query('DELETE FROM `uploads` WHERE `id` = ?', $id);
+        }
+    }
+
+    /**
+     * @param $userCode
+     * @param $mediaCode
+     * @return mixed
+     */
+    protected function getMedia($userCode, $mediaCode)
+    {
+        $mediaCode = pathinfo($mediaCode)['filename'];
+
+        $media = $this->database->query('SELECT `uploads`.*, `users`.*, `users`.`id` AS `userId`, `uploads`.`id` AS `mediaId` FROM `uploads` INNER JOIN `users` ON `uploads`.`user_id` = `users`.`id` WHERE `user_code` = ? AND `uploads`.`code` = ? LIMIT 1', [
+            $userCode,
+            $mediaCode,
+        ])->fetch();
+
+        return $media;
+    }
+
+    /**
+     * @param  Request  $request
+     * @param  Response  $response
+     * @param  Filesystem  $storage
+     * @param $media
+     * @param  string  $disposition
+     * @return Response
+     * @throws FileNotFoundException
+     */
+    protected function streamMedia(Request $request, Response $response, Filesystem $storage, $media, string $disposition = 'inline'): Response
+    {
+        set_time_limit(0);
+        $mime = $storage->getMimetype($media->storage_path);
+
+        if (param($request, 'width') !== null && explode('/', $mime)[0] === 'image') {
+            return $this->makeThumbnail($storage, $media, param($request, 'width'), param($request, 'height'), $disposition);
+        } else {
+            $stream = new Stream($storage->readStream($media->storage_path));
+
+            if (!in_array(explode('/', $mime)[0], ['image', 'video', 'audio']) || $disposition === 'attachment') {
+                return $response->withHeader('Content-Type', $mime)
+                    ->withHeader('Content-Disposition', $disposition.'; filename="'.$media->filename.'"')
+                    ->withHeader('Content-Length', $stream->getSize())
+                    ->withBody($stream);
+            }
+
+            if (isset($request->getServerParams()['HTTP_RANGE'])) {
+                return $this->handlePartialRequest($response, $stream, $request->getServerParams()['HTTP_RANGE'], $disposition, $media, $mime);
+            }
+
+            return $response->withHeader('Content-Type', $mime)
+                ->withHeader('Content-Length', $stream->getSize())
+                ->withHeader('Accept-Ranges', 'bytes')
+                ->withBody($stream);
+        }
+    }
+
+    /**
+     * @param  Filesystem  $storage
+     * @param $media
+     * @param  null  $width
+     * @param  null  $height
+     * @param  string  $disposition
+     * @return Response
+     * @throws FileNotFoundException
+     */
+    protected function makeThumbnail(Filesystem $storage, $media, $width = null, $height = null, string $disposition = 'inline')
+    {
+        return Image::make($storage->readStream($media->storage_path))
+            ->resize($width, $height, function (Constraint $constraint) {
+                $constraint->aspectRatio();
+            })
+            ->resizeCanvas($width, $height, 'center')
+            ->psrResponse('png')
+            ->withHeader('Content-Disposition', $disposition.';filename="scaled-'.pathinfo($media->filename, PATHINFO_FILENAME).'.png"');
+    }
+
+    /**
+     * @param  Response  $response
+     * @param  Stream  $stream
+     * @param  string  $range
+     * @param  string  $disposition
+     * @param $media
+     * @param $mime
+     * @return Response
+     */
+    protected function handlePartialRequest(Response $response, Stream $stream, string $range, string $disposition, $media, $mime)
+    {
+        $end = $stream->getSize() - 1;
+        list(, $range) = explode('=', $range, 2);
+
+        if (strpos($range, ',') !== false) {
+            return $response->withHeader('Content-Type', $mime)
+                ->withHeader('Content-Disposition', $disposition.'; filename="'.$media->filename.'"')
+                ->withHeader('Content-Length', $stream->getSize())
+                ->withHeader('Accept-Ranges', 'bytes')
+                ->withHeader('Content-Range', "0,{$stream->getSize()}")
+                ->withStatus(416)
+                ->withBody($stream);
+        }
+
+        if ($range === '-') {
+            $start = $stream->getSize() - (int)substr($range, 1);
+        } else {
+            $range = explode('-', $range);
+            $start = (int)$range[0];
+            $end = (isset($range[1]) && is_numeric($range[1])) ? (int)$range[1] : $stream->getSize();
+        }
+
+        $end = ($end > $stream->getSize() - 1) ? $stream->getSize() - 1 : $end;
+        $stream->seek($start);
+
+        header("Content-Type: $mime");
+        header('Content-Length: '.($end - $start + 1));
+        header('Accept-Ranges: bytes');
+        header("Content-Range: bytes $start-$end/{$stream->getSize()}");
+
+        http_response_code(206);
+        ob_end_clean();
+
+        $buffer = 16348;
+        $readed = $start;
+        while ($readed < $end) {
+            if ($readed + $buffer > $end) {
+                $buffer = $end - $readed + 1;
+            }
+            echo $stream->read($buffer);
+            $readed += $buffer;
+        }
+
+        exit(0);
+    }
+}

app/Controllers/UploadController.php

@@ -2,17 +2,9 @@
 
 namespace App\Controllers;
 
-use GuzzleHttp\Psr7\Stream;
-use Intervention\Image\Constraint;
-use Intervention\Image\ImageManagerStatic as Image;
 use League\Flysystem\FileExistsException;
-use League\Flysystem\FileNotFoundException;
-use League\Flysystem\Filesystem;
 use Psr\Http\Message\ResponseInterface as Response;
 use Psr\Http\Message\ServerRequestInterface as Request;
-use Slim\Exception\HttpBadRequestException;
-use Slim\Exception\HttpNotFoundException;
-use Slim\Exception\HttpUnauthorizedException;
 
 class UploadController extends Controller
 {
@@ -116,342 +108,4 @@ class UploadController extends Controller
 
         return json($response, $json, 201);
     }
-
-    /**
-     * @param  Request  $request
-     * @param  Response  $response
-     * @param  string  $userCode
-     * @param  string  $mediaCode
-     * @param  string|null  $token
-     * @return Response
-     * @throws HttpNotFoundException
-     * @throws \Twig\Error\LoaderError
-     * @throws \Twig\Error\RuntimeError
-     * @throws \Twig\Error\SyntaxError
-     * @throws FileNotFoundException
-     */
-    public function show(Request $request, Response $response, string $userCode, string $mediaCode, string $token = null): Response
-    {
-        $media = $this->getMedia($userCode, $mediaCode);
-
-        if (!$media || (!$media->published && $this->session->get('user_id') !== $media->user_id && !$this->session->get('admin', false))) {
-            throw new HttpNotFoundException($request);
-        }
-
-        $filesystem = $this->storage;
-
-        if (isBot($request->getHeaderLine('User-Agent'))) {
-            return $this->streamMedia($request, $response, $filesystem, $media);
-        } else {
-            try {
-                $media->mimetype = $filesystem->getMimetype($media->storage_path);
-                $size = $filesystem->getSize($media->storage_path);
-
-                $type = explode('/', $media->mimetype)[0];
-                if ($type === 'image' && !isDisplayableImage($media->mimetype)) {
-                    $type = 'application';
-                    $media->mimetype = 'application/octet-stream';
-                }
-                if ($type === 'text') {
-                    if ($size <= (200 * 1024)) { // less than 200 KB
-                        $media->text = $filesystem->read($media->storage_path);
-                    } else {
-                        $type = 'application';
-                        $media->mimetype = 'application/octet-stream';
-                    }
-                }
-                $media->size = humanFileSize($size);
-
-            } catch (FileNotFoundException $e) {
-                throw new HttpNotFoundException($request);
-            }
-
-            return view()->render($response, 'upload/public.twig', [
-                'delete_token' => $token,
-                'media' => $media,
-                'type' => $type,
-                'extension' => pathinfo($media->filename, PATHINFO_EXTENSION),
-            ]);
-        }
-    }
-
-    /**
-     * @param  Request  $request
-     * @param  Response  $response
-     * @param  string  $userCode
-     * @param  string  $mediaCode
-     * @param  string  $token
-     * @return Response
-     * @throws HttpNotFoundException
-     * @throws HttpUnauthorizedException
-     */
-    public function deleteByToken(Request $request, Response $response, string $userCode, string $mediaCode, string $token): Response
-    {
-        $media = $this->getMedia($userCode, $mediaCode);
-
-        if (!$media) {
-            throw new HttpNotFoundException($request);
-        }
-
-        $user = $this->database->query('SELECT `id`, `active` FROM `users` WHERE `token` = ? LIMIT 1', $token)->fetch();
-
-        if (!$user) {
-            $this->session->alert(lang('token_not_found'), 'danger');
-            return redirect($response, $request->getHeaderLine('Referer'));
-        }
-
-        if (!$user->active) {
-            $this->session->alert(lang('account_disabled'), 'danger');
-            return redirect($response, $request->getHeaderLine('Referer'));
-        }
-
-        if ($this->session->get('admin', false) || $user->id === $media->user_id) {
-
-            try {
-                $this->storage->delete($media->storage_path);
-            } catch (FileNotFoundException $e) {
-                throw new HttpNotFoundException($request);
-            } finally {
-                $this->database->query('DELETE FROM `uploads` WHERE `id` = ?', $media->mediaId);
-                $this->logger->info('User '.$user->username.' deleted a media via token.', [$media->mediaId]);
-            }
-        } else {
-            throw new HttpUnauthorizedException($request);
-        }
-
-        return redirect($response, route('home'));
-    }
-
-    /**
-     * @param  Request  $request
-     * @param  Response  $response
-     * @param  int  $id
-     * @return Response
-     * @throws FileNotFoundException
-     * @throws HttpNotFoundException
-     */
-    public function getRawById(Request $request, Response $response, int $id): Response
-    {
-
-        $media = $this->database->query('SELECT * FROM `uploads` WHERE `id` = ? LIMIT 1', $id)->fetch();
-
-        if (!$media) {
-            throw new HttpNotFoundException($request);
-        }
-
-        return $this->streamMedia($request, $response, $this->storage, $media);
-    }
-
-    /**
-     * @param  Request  $request
-     * @param  Response  $response
-     * @param  string  $userCode
-     * @param  string  $mediaCode
-     * @param  string|null  $ext
-     * @return Response
-     * @throws FileNotFoundException
-     * @throws HttpBadRequestException
-     * @throws HttpNotFoundException
-     */
-    public function showRaw(Request $request, Response $response, string $userCode, string $mediaCode, ?string $ext = null): Response
-    {
-        $media = $this->getMedia($userCode, $mediaCode);
-
-        if (!$media || !$media->published && $this->session->get('user_id') !== $media->user_id && !$this->session->get('admin', false)) {
-            throw new HttpNotFoundException($request);
-        }
-
-        if ($ext !== null && pathinfo($media->filename, PATHINFO_EXTENSION) !== $ext) {
-            throw new HttpBadRequestException($request);
-        }
-
-        return $this->streamMedia($request, $response, $this->storage, $media);
-    }
-
-
-    /**
-     * @param  Request  $request
-     * @param  Response  $response
-     * @param  string  $userCode
-     * @param  string  $mediaCode
-     * @return Response
-     * @throws FileNotFoundException
-     * @throws HttpNotFoundException
-     */
-    public function download(Request $request, Response $response, string $userCode, string $mediaCode): Response
-    {
-        $media = $this->getMedia($userCode, $mediaCode);
-
-        if (!$media || !$media->published && $this->session->get('user_id') !== $media->user_id && !$this->session->get('admin', false)) {
-            throw new HttpNotFoundException($request);
-        }
-        return $this->streamMedia($request, $response, $this->storage, $media, 'attachment');
-    }
-
-    /**
-     * @param  Request  $request
-     * @param  Response  $response
-     * @param  int  $id
-     * @return Response
-     * @throws HttpNotFoundException
-     */
-    public function togglePublish(Request $request, Response $response, int $id): Response
-    {
-        if ($this->session->get('admin')) {
-            $media = $this->database->query('SELECT * FROM `uploads` WHERE `id` = ? LIMIT 1', $id)->fetch();
-        } else {
-            $media = $this->database->query('SELECT * FROM `uploads` WHERE `id` = ? AND `user_id` = ? LIMIT 1', [$id, $this->session->get('user_id')])->fetch();
-        }
-
-        if (!$media) {
-            throw new HttpNotFoundException($request);
-        }
-
-        $this->database->query('UPDATE `uploads` SET `published`=? WHERE `id`=?', [$media->published ? 0 : 1, $media->id]);
-
-        return $response->withStatus(200);
-    }
-
-    /**
-     * @param  Request  $request
-     * @param  Response  $response
-     * @param  int  $id
-     * @return Response
-     * @throws HttpNotFoundException
-     * @throws HttpUnauthorizedException
-     */
-    public function delete(Request $request, Response $response, int $id): Response
-    {
-        $media = $this->database->query('SELECT * FROM `uploads` WHERE `id` = ? LIMIT 1', $id)->fetch();
-
-        if (!$media) {
-            throw new HttpNotFoundException($request);
-        }
-
-        if ($this->session->get('admin', false) || $media->user_id === $this->session->get('user_id')) {
-
-            try {
-                $this->storage->delete($media->storage_path);
-            } catch (FileNotFoundException $e) {
-                throw new HttpNotFoundException($request);
-            } finally {
-                $this->database->query('DELETE FROM `uploads` WHERE `id` = ?', $id);
-                $this->logger->info('User '.$this->session->get('username').' deleted a media.', [$id]);
-                $this->session->set('used_space', humanFileSize($this->getUsedSpaceByUser($this->session->get('user_id'))));
-            }
-        } else {
-            throw new HttpUnauthorizedException($request);
-        }
-
-        return $response->withStatus(200);
-    }
-
-    /**
-     * @param $userCode
-     * @param $mediaCode
-     * @return mixed
-     */
-    protected function getMedia($userCode, $mediaCode)
-    {
-        $mediaCode = pathinfo($mediaCode)['filename'];
-
-        $media = $this->database->query('SELECT `uploads`.*, `users`.*, `users`.`id` AS `userId`, `uploads`.`id` AS `mediaId` FROM `uploads` INNER JOIN `users` ON `uploads`.`user_id` = `users`.`id` WHERE `user_code` = ? AND `uploads`.`code` = ? LIMIT 1', [
-            $userCode,
-            $mediaCode,
-        ])->fetch();
-
-        return $media;
-    }
-
-    /**
-     * @param  Request  $request
-     * @param  Response  $response
-     * @param  Filesystem  $storage
-     * @param $media
-     * @param  string  $disposition
-     * @return Response
-     * @throws FileNotFoundException
-     */
-    protected function streamMedia(Request $request, Response $response, Filesystem $storage, $media, string $disposition = 'inline'): Response
-    {
-        set_time_limit(0);
-        $mime = $storage->getMimetype($media->storage_path);
-
-        if (param($request, 'width') !== null && explode('/', $mime)[0] === 'image') {
-
-            $response = Image::make($storage->readStream($media->storage_path))
-                ->resize(
-                    param($request, 'width'),
-                    param($request, 'height'),
-                    function (Constraint $constraint) {
-                        $constraint->aspectRatio();
-                    })
-                ->resizeCanvas(param($request, 'width'),
-                    param($request, 'height'), 'center')
-                ->psrResponse('png');
-
-            return $response->withHeader('Content-Disposition', $disposition.';filename="scaled-'.pathinfo($media->filename, PATHINFO_FILENAME).'.png"');
-        } else {
-            $stream = new Stream($storage->readStream($media->storage_path));
-
-            if (!in_array(explode('/', $mime)[0], ['image', 'video', 'audio']) || $disposition === 'attachment') {
-                return $response->withHeader('Content-Type', $mime)
-                    ->withHeader('Content-Disposition', $disposition.'; filename="'.$media->filename.'"')
-                    ->withHeader('Content-Length', $stream->getSize())
-                    ->withBody($stream);
-            }
-
-            $end = $stream->getSize() - 1;
-            if (isset($request->getServerParams()['HTTP_RANGE'])) {
-                list(, $range) = explode('=', $request->getServerParams()['HTTP_RANGE'], 2);
-
-                if (strpos($range, ',') !== false) {
-                    return $response->withHeader('Content-Type', $mime)
-                        ->withHeader('Content-Disposition', $disposition.'; filename="'.$media->filename.'"')
-                        ->withHeader('Content-Length', $stream->getSize())
-                        ->withHeader('Accept-Ranges', 'bytes')
-                        ->withHeader('Content-Range', "0,{$stream->getSize()}")
-                        ->withStatus(416)
-                        ->withBody($stream);
-                }
-
-                if ($range === '-') {
-                    $start = $stream->getSize() - (int)substr($range, 1);
-                } else {
-                    $range = explode('-', $range);
-                    $start = (int)$range[0];
-                    $end = (isset($range[1]) && is_numeric($range[1])) ? (int)$range[1] : $stream->getSize();
-                }
-
-                $end = ($end > $stream->getSize() - 1) ? $stream->getSize() - 1 : $end;
-                $stream->seek($start);
-
-                header("Content-Type: $mime");
-                header('Content-Length: '.($end - $start + 1));
-                header('Accept-Ranges: bytes');
-                header("Content-Range: bytes $start-$end/{$stream->getSize()}");
-
-                http_response_code(206);
-                ob_end_clean();
-
-                $buffer = 16348;
-                $readed = $start;
-                while ($readed < $end) {
-                    if ($readed + $buffer > $end) {
-                        $buffer = $end - $readed + 1;
-                    }
-                    echo $stream->read($buffer);
-                    $readed += $buffer;
-                }
-
-                exit(0);
-            }
-
-            return $response->withHeader('Content-Type', $mime)
-                ->withHeader('Content-Length', $stream->getSize())
-                ->withHeader('Accept-Ranges', 'bytes')
-                ->withStatus(200)
-                ->withBody($stream);
-        }
-    }
 }

app/Controllers/UserController.php

@@ -247,13 +247,13 @@ class UserController extends Controller
      */
     public function profileEdit(Request $request, Response $response, int $id): Response
     {
-        $user = $this->getUser($request, $id, true);
-
         if (param($request, 'email') === null) {
             $this->session->alert(lang('email_required'), 'danger');
             return redirect($response, route('profile'));
         }
 
+        $user = $this->getUser($request, $id, true);
+
         if ($this->database->query('SELECT COUNT(*) AS `count` FROM `users` WHERE `email` = ? AND `email` <> ?', [param($request, 'email'), $user->email])->fetch()->count > 0) {
             $this->session->alert(lang('email_taken'), 'danger');
             return redirect($response, route('profile'));
@@ -304,71 +304,6 @@ class UserController extends Controller
         return $response;
     }
 
-    /**
-     * @param  Request  $request
-     * @param  Response  $response
-     * @param  int  $id
-     * @return Response
-     * @throws HttpNotFoundException
-     * @throws HttpUnauthorizedException
-     */
-    public function getShareXconfigFile(Request $request, Response $response, int $id): Response
-    {
-        $user = $this->getUser($request, $id, true);
-
-        if ($user->token === null || $user->token === '') {
-            $this->session->alert(lang('no_upload_token'), 'danger');
-            return redirect($response, $request->getHeaderLine('Referer'));
-        }
-
-        $json = [
-            'DestinationType' => 'ImageUploader, TextUploader, FileUploader',
-            'RequestURL' => route('upload'),
-            'FileFormName' => 'upload',
-            'Arguments' => [
-                'file' => '$filename$',
-                'text' => '$input$',
-                'token' => $user->token,
-            ],
-            'URL' => '$json:url$',
-            'ThumbnailURL' => '$json:url$/raw',
-            'DeletionURL' => '$json:url$/delete/'.$user->token,
-        ];
-
-        return json($response, $json, 200, JSON_UNESCAPED_SLASHES | JSON_PRETTY_PRINT)
-            ->withHeader('Content-Disposition', 'attachment;filename="'.$user->username.'-ShareX.sxcu"');
-    }
-
-    /**
-     * @param  Request  $request
-     * @param  Response  $response
-     * @param  int  $id
-     * @return Response
-     * @throws HttpNotFoundException
-     * @throws HttpUnauthorizedException
-     * @throws \Twig\Error\LoaderError
-     * @throws \Twig\Error\RuntimeError
-     * @throws \Twig\Error\SyntaxError
-     */
-    public function getUploaderScriptFile(Request $request, Response $response, int $id): Response
-    {
-        $user = $this->getUser($request, $id, true);
-
-        if ($user->token === null || $user->token === '') {
-            $this->session->alert(lang('no_upload_token'), 'danger');
-            return redirect($response, $request->getHeaderLine('Referer'));
-        }
-
-        return view()->render($response->withHeader('Content-Disposition', 'attachment;filename="xbackbone_uploader_'.$user->username.'.sh"'),
-            'scripts/xbackbone_uploader.sh.twig',
-            [
-                'username' => $user->username,
-                'upload_url' => route('upload'),
-                'token' => $user->token,
-            ]
-        );
-    }
-
     /**
      * @return string
      */

app/routes.php

@@ -1,8 +1,10 @@
 <?php
 // Auth routes
 use App\Controllers\AdminController;
+use App\Controllers\ClientController;
 use App\Controllers\DashboardController;
 use App\Controllers\LoginController;
+use App\Controllers\MediaController;
 use App\Controllers\ThemeController;
 use App\Controllers\UpgradeController;
 use App\Controllers\UploadController;
@@ -49,13 +51,13 @@ $app->group('', function (RouteCollectorProxy $group) {
     $group->get('/profile', [UserController::class, 'profile'])->setName('profile');
     $group->post('/profile/{id}', [UserController::class, 'profileEdit'])->setName('profile.update');
     $group->post('/user/{id}/refreshToken', [UserController::class, 'refreshToken'])->setName('refreshToken');
-    $group->get('/user/{id}/config/sharex', [UserController::class, 'getShareXconfigFile'])->setName('config.sharex');
-    $group->get('/user/{id}/config/script', [UserController::class, 'getUploaderScriptFile'])->setName('config.script');
+    $group->get('/user/{id}/config/sharex', [ClientController::class, 'getShareXConfig'])->setName('config.sharex');
+    $group->get('/user/{id}/config/script', [ClientController::class, 'getBashScript'])->setName('config.script');
 
-    $group->post('/upload/{id}/publish', [UploadController::class, 'togglePublish'])->setName('upload.publish');
-    $group->post('/upload/{id}/unpublish', [UploadController::class, 'togglePublish'])->setName('upload.unpublish');
-    $group->get('/upload/{id}/raw', [UploadController::class, 'getRawById'])->add(AdminMiddleware::class)->setName('upload.raw');
-    $group->post('/upload/{id}/delete', [UploadController::class, 'delete'])->setName('upload.delete');
+    $group->post('/upload/{id}/publish', [MediaController::class, 'togglePublish'])->setName('upload.publish');
+    $group->post('/upload/{id}/unpublish', [MediaController::class, 'togglePublish'])->setName('upload.unpublish');
+    $group->get('/upload/{id}/raw', [MediaController::class, 'getRawById'])->add(AdminMiddleware::class)->setName('upload.raw');
+    $group->post('/upload/{id}/delete', [MediaController::class, 'delete'])->setName('upload.delete');
 
 })->add(App\Middleware\CheckForMaintenanceMiddleware::class)->add(AuthMiddleware::class);
 
@@ -66,8 +68,8 @@ $app->map(['GET', 'POST'], '/logout', [LoginController::class, 'logout'])->setNa
 
 $app->post('/upload', [UploadController::class, 'upload'])->setName('upload');
 
-$app->get('/{userCode}/{mediaCode}', [UploadController::class, 'show'])->setName('public');
-$app->get('/{userCode}/{mediaCode}/delete/{token}', [UploadController::class, 'show'])->setName('public.delete.show')->add(CheckForMaintenanceMiddleware::class);
-$app->post('/{userCode}/{mediaCode}/delete/{token}', [UploadController::class, 'deleteByToken'])->setName('public.delete')->add(CheckForMaintenanceMiddleware::class);
-$app->get('/{userCode}/{mediaCode}/raw[.{ext}]', [UploadController::class, 'showRaw'])->setName('public.raw');
-$app->get('/{userCode}/{mediaCode}/download', [UploadController::class, 'download'])->setName('public.download');
+$app->get('/{userCode}/{mediaCode}', [MediaController::class, 'show'])->setName('public');
+$app->get('/{userCode}/{mediaCode}/delete/{token}', [MediaController::class, 'show'])->setName('public.delete.show')->add(CheckForMaintenanceMiddleware::class);
+$app->post('/{userCode}/{mediaCode}/delete/{token}', [MediaController::class, 'deleteByToken'])->setName('public.delete')->add(CheckForMaintenanceMiddleware::class);
+$app->get('/{userCode}/{mediaCode}/raw[.{ext}]', [MediaController::class, 'getRaw'])->setName('public.raw');
+$app->get('/{userCode}/{mediaCode}/download', [MediaController::class, 'download'])->setName('public.download');

src/css/app.css

@@ -98,7 +98,7 @@ body {
     }
 
     .media-audio {
-        margin-top: 50vh;
+        margin-top: 40vh;
     }
 }