From 1ce14a24f421dd89c87653e89f4ff0d31d1c8ace Mon Sep 17 00:00:00 2001 From: Sergio Brighenti Date: Wed, 20 Nov 2019 18:46:47 +0100 Subject: [PATCH] Controllers refactoring --- app/Controllers/ClientController.php | 78 ++++++ app/Controllers/MediaController.php | 380 +++++++++++++++++++++++++++ app/Controllers/UploadController.php | 346 ------------------------ app/Controllers/UserController.php | 69 +---- app/routes.php | 24 +- src/css/app.css | 2 +- 6 files changed, 474 insertions(+), 425 deletions(-) create mode 100644 app/Controllers/ClientController.php create mode 100644 app/Controllers/MediaController.php diff --git a/app/Controllers/ClientController.php b/app/Controllers/ClientController.php new file mode 100644 index 0000000..16f418f --- /dev/null +++ b/app/Controllers/ClientController.php @@ -0,0 +1,78 @@ +getUser($request, $id, true); + + if ($user->token === null || $user->token === '') { + $this->session->alert(lang('no_upload_token'), 'danger'); + return redirect($response, $request->getHeaderLine('Referer')); + } + + $json = [ + 'DestinationType' => 'ImageUploader, TextUploader, FileUploader', + 'RequestURL' => route('upload'), + 'FileFormName' => 'upload', + 'Arguments' => [ + 'file' => '$filename$', + 'text' => '$input$', + 'token' => $user->token, + ], + 'URL' => '$json:url$', + 'ThumbnailURL' => '$json:url$/raw', + 'DeletionURL' => '$json:url$/delete/'.$user->token, + ]; + + return json($response, $json, 200, JSON_UNESCAPED_SLASHES | JSON_PRETTY_PRINT) + ->withHeader('Content-Disposition', 'attachment;filename="'.$user->username.'-ShareX.sxcu"'); + } + + /** + * @param Request $request + * @param Response $response + * @param int $id + * @return Response + * @throws HttpNotFoundException + * @throws HttpUnauthorizedException + * @throws \Twig\Error\LoaderError + * @throws \Twig\Error\RuntimeError + * @throws \Twig\Error\SyntaxError + */ + public function getBashScript(Request $request, Response $response, int $id): Response + { + $user = $this->getUser($request, $id, true); + + if ($user->token === null || $user->token === '') { + $this->session->alert(lang('no_upload_token'), 'danger'); + return redirect($response, $request->getHeaderLine('Referer')); + } + + return view()->render($response->withHeader('Content-Disposition', 'attachment;filename="xbackbone_uploader_'.$user->username.'.sh"'), + 'scripts/xbackbone_uploader.sh.twig', + [ + 'username' => $user->username, + 'upload_url' => route('upload'), + 'token' => $user->token, + ] + ); + } +} \ No newline at end of file diff --git a/app/Controllers/MediaController.php b/app/Controllers/MediaController.php new file mode 100644 index 0000000..7b4cf4f --- /dev/null +++ b/app/Controllers/MediaController.php @@ -0,0 +1,380 @@ +getMedia($userCode, $mediaCode); + + if (!$media || (!$media->published && $this->session->get('user_id') !== $media->user_id && !$this->session->get('admin', false))) { + throw new HttpNotFoundException($request); + } + + $filesystem = $this->storage; + + if (isBot($request->getHeaderLine('User-Agent'))) { + return $this->streamMedia($request, $response, $filesystem, $media); + } else { + try { + $media->mimetype = $filesystem->getMimetype($media->storage_path); + $size = $filesystem->getSize($media->storage_path); + + $type = explode('/', $media->mimetype)[0]; + if ($type === 'image' && !isDisplayableImage($media->mimetype)) { + $type = 'application'; + $media->mimetype = 'application/octet-stream'; + } + if ($type === 'text') { + if ($size <= (200 * 1024)) { // less than 200 KB + $media->text = $filesystem->read($media->storage_path); + } else { + $type = 'application'; + $media->mimetype = 'application/octet-stream'; + } + } + $media->size = humanFileSize($size); + + } catch (FileNotFoundException $e) { + throw new HttpNotFoundException($request); + } + + return view()->render($response, 'upload/public.twig', [ + 'delete_token' => $token, + 'media' => $media, + 'type' => $type, + 'extension' => pathinfo($media->filename, PATHINFO_EXTENSION), + ]); + } + } + + /** + * @param Request $request + * @param Response $response + * @param int $id + * @return Response + * @throws FileNotFoundException + * @throws HttpNotFoundException + */ + public function getRawById(Request $request, Response $response, int $id): Response + { + $media = $this->database->query('SELECT * FROM `uploads` WHERE `id` = ? LIMIT 1', $id)->fetch(); + + if (!$media) { + throw new HttpNotFoundException($request); + } + + return $this->streamMedia($request, $response, $this->storage, $media); + } + + /** + * @param Request $request + * @param Response $response + * @param string $userCode + * @param string $mediaCode + * @param string|null $ext + * @return Response + * @throws FileNotFoundException + * @throws HttpBadRequestException + * @throws HttpNotFoundException + */ + public function getRaw(Request $request, Response $response, string $userCode, string $mediaCode, ?string $ext = null): Response + { + $media = $this->getMedia($userCode, $mediaCode); + + if (!$media || !$media->published && $this->session->get('user_id') !== $media->user_id && !$this->session->get('admin', false)) { + throw new HttpNotFoundException($request); + } + + if ($ext !== null && pathinfo($media->filename, PATHINFO_EXTENSION) !== $ext) { + throw new HttpBadRequestException($request); + } + + return $this->streamMedia($request, $response, $this->storage, $media); + } + + + /** + * @param Request $request + * @param Response $response + * @param string $userCode + * @param string $mediaCode + * @return Response + * @throws FileNotFoundException + * @throws HttpNotFoundException + */ + public function download(Request $request, Response $response, string $userCode, string $mediaCode): Response + { + $media = $this->getMedia($userCode, $mediaCode); + + if (!$media || !$media->published && $this->session->get('user_id') !== $media->user_id && !$this->session->get('admin', false)) { + throw new HttpNotFoundException($request); + } + return $this->streamMedia($request, $response, $this->storage, $media, 'attachment'); + } + + /** + * @param Request $request + * @param Response $response + * @param int $id + * @return Response + * @throws HttpNotFoundException + */ + public function togglePublish(Request $request, Response $response, int $id): Response + { + if ($this->session->get('admin')) { + $media = $this->database->query('SELECT * FROM `uploads` WHERE `id` = ? LIMIT 1', $id)->fetch(); + } else { + $media = $this->database->query('SELECT * FROM `uploads` WHERE `id` = ? AND `user_id` = ? LIMIT 1', [$id, $this->session->get('user_id')])->fetch(); + } + + if (!$media) { + throw new HttpNotFoundException($request); + } + + $this->database->query('UPDATE `uploads` SET `published`=? WHERE `id`=?', [$media->published ? 0 : 1, $media->id]); + + return $response; + } + + /** + * @param Request $request + * @param Response $response + * @param int $id + * @return Response + * @throws HttpNotFoundException + * @throws HttpUnauthorizedException + */ + public function delete(Request $request, Response $response, int $id): Response + { + $media = $this->database->query('SELECT * FROM `uploads` WHERE `id` = ? LIMIT 1', $id)->fetch(); + + if (!$media) { + throw new HttpNotFoundException($request); + } + + if ($this->session->get('admin', false) || $media->user_id === $this->session->get('user_id')) { + $this->deleteMedia($request, $media->storage_path, $id); + $this->logger->info('User '.$this->session->get('username').' deleted a media.', [$id]); + $this->session->set('used_space', humanFileSize($this->getUsedSpaceByUser($this->session->get('user_id')))); + } else { + throw new HttpUnauthorizedException($request); + } + + return $response; + } + + /** + * @param Request $request + * @param Response $response + * @param string $userCode + * @param string $mediaCode + * @param string $token + * @return Response + * @throws HttpNotFoundException + * @throws HttpUnauthorizedException + */ + public function deleteByToken(Request $request, Response $response, string $userCode, string $mediaCode, string $token): Response + { + $media = $this->getMedia($userCode, $mediaCode); + + if (!$media) { + throw new HttpNotFoundException($request); + } + + $user = $this->database->query('SELECT `id`, `active` FROM `users` WHERE `token` = ? LIMIT 1', $token)->fetch(); + + if (!$user) { + $this->session->alert(lang('token_not_found'), 'danger'); + return redirect($response, $request->getHeaderLine('Referer')); + } + + if (!$user->active) { + $this->session->alert(lang('account_disabled'), 'danger'); + return redirect($response, $request->getHeaderLine('Referer')); + } + + if ($this->session->get('admin', false) || $user->id === $media->user_id) { + $this->deleteMedia($request, $media->storage_path, $media->mediaId); + $this->logger->info('User '.$user->username.' deleted a media via token.', [$media->mediaId]); + } else { + throw new HttpUnauthorizedException($request); + } + + return redirect($response, route('home')); + } + + /** + * @param Request $request + * @param string $storagePath + * @param int $id + * @throws HttpNotFoundException + */ + protected function deleteMedia(Request $request, string $storagePath, int $id) + { + try { + $this->storage->delete($storagePath); + } catch (FileNotFoundException $e) { + throw new HttpNotFoundException($request); + } finally { + $this->database->query('DELETE FROM `uploads` WHERE `id` = ?', $id); + } + } + + /** + * @param $userCode + * @param $mediaCode + * @return mixed + */ + protected function getMedia($userCode, $mediaCode) + { + $mediaCode = pathinfo($mediaCode)['filename']; + + $media = $this->database->query('SELECT `uploads`.*, `users`.*, `users`.`id` AS `userId`, `uploads`.`id` AS `mediaId` FROM `uploads` INNER JOIN `users` ON `uploads`.`user_id` = `users`.`id` WHERE `user_code` = ? AND `uploads`.`code` = ? LIMIT 1', [ + $userCode, + $mediaCode, + ])->fetch(); + + return $media; + } + + /** + * @param Request $request + * @param Response $response + * @param Filesystem $storage + * @param $media + * @param string $disposition + * @return Response + * @throws FileNotFoundException + */ + protected function streamMedia(Request $request, Response $response, Filesystem $storage, $media, string $disposition = 'inline'): Response + { + set_time_limit(0); + $mime = $storage->getMimetype($media->storage_path); + + if (param($request, 'width') !== null && explode('/', $mime)[0] === 'image') { + return $this->makeThumbnail($storage, $media, param($request, 'width'), param($request, 'height'), $disposition); + } else { + $stream = new Stream($storage->readStream($media->storage_path)); + + if (!in_array(explode('/', $mime)[0], ['image', 'video', 'audio']) || $disposition === 'attachment') { + return $response->withHeader('Content-Type', $mime) + ->withHeader('Content-Disposition', $disposition.'; filename="'.$media->filename.'"') + ->withHeader('Content-Length', $stream->getSize()) + ->withBody($stream); + } + + if (isset($request->getServerParams()['HTTP_RANGE'])) { + return $this->handlePartialRequest($response, $stream, $request->getServerParams()['HTTP_RANGE'], $disposition, $media, $mime); + } + + return $response->withHeader('Content-Type', $mime) + ->withHeader('Content-Length', $stream->getSize()) + ->withHeader('Accept-Ranges', 'bytes') + ->withBody($stream); + } + } + + /** + * @param Filesystem $storage + * @param $media + * @param null $width + * @param null $height + * @param string $disposition + * @return Response + * @throws FileNotFoundException + */ + protected function makeThumbnail(Filesystem $storage, $media, $width = null, $height = null, string $disposition = 'inline') + { + return Image::make($storage->readStream($media->storage_path)) + ->resize($width, $height, function (Constraint $constraint) { + $constraint->aspectRatio(); + }) + ->resizeCanvas($width, $height, 'center') + ->psrResponse('png') + ->withHeader('Content-Disposition', $disposition.';filename="scaled-'.pathinfo($media->filename, PATHINFO_FILENAME).'.png"'); + } + + /** + * @param Response $response + * @param Stream $stream + * @param string $range + * @param string $disposition + * @param $media + * @param $mime + * @return Response + */ + protected function handlePartialRequest(Response $response, Stream $stream, string $range, string $disposition, $media, $mime) + { + $end = $stream->getSize() - 1; + list(, $range) = explode('=', $range, 2); + + if (strpos($range, ',') !== false) { + return $response->withHeader('Content-Type', $mime) + ->withHeader('Content-Disposition', $disposition.'; filename="'.$media->filename.'"') + ->withHeader('Content-Length', $stream->getSize()) + ->withHeader('Accept-Ranges', 'bytes') + ->withHeader('Content-Range', "0,{$stream->getSize()}") + ->withStatus(416) + ->withBody($stream); + } + + if ($range === '-') { + $start = $stream->getSize() - (int)substr($range, 1); + } else { + $range = explode('-', $range); + $start = (int)$range[0]; + $end = (isset($range[1]) && is_numeric($range[1])) ? (int)$range[1] : $stream->getSize(); + } + + $end = ($end > $stream->getSize() - 1) ? $stream->getSize() - 1 : $end; + $stream->seek($start); + + header("Content-Type: $mime"); + header('Content-Length: '.($end - $start + 1)); + header('Accept-Ranges: bytes'); + header("Content-Range: bytes $start-$end/{$stream->getSize()}"); + + http_response_code(206); + ob_end_clean(); + + $buffer = 16348; + $readed = $start; + while ($readed < $end) { + if ($readed + $buffer > $end) { + $buffer = $end - $readed + 1; + } + echo $stream->read($buffer); + $readed += $buffer; + } + + exit(0); + } +} \ No newline at end of file diff --git a/app/Controllers/UploadController.php b/app/Controllers/UploadController.php index 32863c8..c524c1c 100644 --- a/app/Controllers/UploadController.php +++ b/app/Controllers/UploadController.php @@ -2,17 +2,9 @@ namespace App\Controllers; -use GuzzleHttp\Psr7\Stream; -use Intervention\Image\Constraint; -use Intervention\Image\ImageManagerStatic as Image; use League\Flysystem\FileExistsException; -use League\Flysystem\FileNotFoundException; -use League\Flysystem\Filesystem; use Psr\Http\Message\ResponseInterface as Response; use Psr\Http\Message\ServerRequestInterface as Request; -use Slim\Exception\HttpBadRequestException; -use Slim\Exception\HttpNotFoundException; -use Slim\Exception\HttpUnauthorizedException; class UploadController extends Controller { @@ -116,342 +108,4 @@ class UploadController extends Controller return json($response, $json, 201); } - - /** - * @param Request $request - * @param Response $response - * @param string $userCode - * @param string $mediaCode - * @param string|null $token - * @return Response - * @throws HttpNotFoundException - * @throws \Twig\Error\LoaderError - * @throws \Twig\Error\RuntimeError - * @throws \Twig\Error\SyntaxError - * @throws FileNotFoundException - */ - public function show(Request $request, Response $response, string $userCode, string $mediaCode, string $token = null): Response - { - $media = $this->getMedia($userCode, $mediaCode); - - if (!$media || (!$media->published && $this->session->get('user_id') !== $media->user_id && !$this->session->get('admin', false))) { - throw new HttpNotFoundException($request); - } - - $filesystem = $this->storage; - - if (isBot($request->getHeaderLine('User-Agent'))) { - return $this->streamMedia($request, $response, $filesystem, $media); - } else { - try { - $media->mimetype = $filesystem->getMimetype($media->storage_path); - $size = $filesystem->getSize($media->storage_path); - - $type = explode('/', $media->mimetype)[0]; - if ($type === 'image' && !isDisplayableImage($media->mimetype)) { - $type = 'application'; - $media->mimetype = 'application/octet-stream'; - } - if ($type === 'text') { - if ($size <= (200 * 1024)) { // less than 200 KB - $media->text = $filesystem->read($media->storage_path); - } else { - $type = 'application'; - $media->mimetype = 'application/octet-stream'; - } - } - $media->size = humanFileSize($size); - - } catch (FileNotFoundException $e) { - throw new HttpNotFoundException($request); - } - - return view()->render($response, 'upload/public.twig', [ - 'delete_token' => $token, - 'media' => $media, - 'type' => $type, - 'extension' => pathinfo($media->filename, PATHINFO_EXTENSION), - ]); - } - } - - /** - * @param Request $request - * @param Response $response - * @param string $userCode - * @param string $mediaCode - * @param string $token - * @return Response - * @throws HttpNotFoundException - * @throws HttpUnauthorizedException - */ - public function deleteByToken(Request $request, Response $response, string $userCode, string $mediaCode, string $token): Response - { - $media = $this->getMedia($userCode, $mediaCode); - - if (!$media) { - throw new HttpNotFoundException($request); - } - - $user = $this->database->query('SELECT `id`, `active` FROM `users` WHERE `token` = ? LIMIT 1', $token)->fetch(); - - if (!$user) { - $this->session->alert(lang('token_not_found'), 'danger'); - return redirect($response, $request->getHeaderLine('Referer')); - } - - if (!$user->active) { - $this->session->alert(lang('account_disabled'), 'danger'); - return redirect($response, $request->getHeaderLine('Referer')); - } - - if ($this->session->get('admin', false) || $user->id === $media->user_id) { - - try { - $this->storage->delete($media->storage_path); - } catch (FileNotFoundException $e) { - throw new HttpNotFoundException($request); - } finally { - $this->database->query('DELETE FROM `uploads` WHERE `id` = ?', $media->mediaId); - $this->logger->info('User '.$user->username.' deleted a media via token.', [$media->mediaId]); - } - } else { - throw new HttpUnauthorizedException($request); - } - - return redirect($response, route('home')); - } - - /** - * @param Request $request - * @param Response $response - * @param int $id - * @return Response - * @throws FileNotFoundException - * @throws HttpNotFoundException - */ - public function getRawById(Request $request, Response $response, int $id): Response - { - - $media = $this->database->query('SELECT * FROM `uploads` WHERE `id` = ? LIMIT 1', $id)->fetch(); - - if (!$media) { - throw new HttpNotFoundException($request); - } - - return $this->streamMedia($request, $response, $this->storage, $media); - } - - /** - * @param Request $request - * @param Response $response - * @param string $userCode - * @param string $mediaCode - * @param string|null $ext - * @return Response - * @throws FileNotFoundException - * @throws HttpBadRequestException - * @throws HttpNotFoundException - */ - public function showRaw(Request $request, Response $response, string $userCode, string $mediaCode, ?string $ext = null): Response - { - $media = $this->getMedia($userCode, $mediaCode); - - if (!$media || !$media->published && $this->session->get('user_id') !== $media->user_id && !$this->session->get('admin', false)) { - throw new HttpNotFoundException($request); - } - - if ($ext !== null && pathinfo($media->filename, PATHINFO_EXTENSION) !== $ext) { - throw new HttpBadRequestException($request); - } - - return $this->streamMedia($request, $response, $this->storage, $media); - } - - - /** - * @param Request $request - * @param Response $response - * @param string $userCode - * @param string $mediaCode - * @return Response - * @throws FileNotFoundException - * @throws HttpNotFoundException - */ - public function download(Request $request, Response $response, string $userCode, string $mediaCode): Response - { - $media = $this->getMedia($userCode, $mediaCode); - - if (!$media || !$media->published && $this->session->get('user_id') !== $media->user_id && !$this->session->get('admin', false)) { - throw new HttpNotFoundException($request); - } - return $this->streamMedia($request, $response, $this->storage, $media, 'attachment'); - } - - /** - * @param Request $request - * @param Response $response - * @param int $id - * @return Response - * @throws HttpNotFoundException - */ - public function togglePublish(Request $request, Response $response, int $id): Response - { - if ($this->session->get('admin')) { - $media = $this->database->query('SELECT * FROM `uploads` WHERE `id` = ? LIMIT 1', $id)->fetch(); - } else { - $media = $this->database->query('SELECT * FROM `uploads` WHERE `id` = ? AND `user_id` = ? LIMIT 1', [$id, $this->session->get('user_id')])->fetch(); - } - - if (!$media) { - throw new HttpNotFoundException($request); - } - - $this->database->query('UPDATE `uploads` SET `published`=? WHERE `id`=?', [$media->published ? 0 : 1, $media->id]); - - return $response->withStatus(200); - } - - /** - * @param Request $request - * @param Response $response - * @param int $id - * @return Response - * @throws HttpNotFoundException - * @throws HttpUnauthorizedException - */ - public function delete(Request $request, Response $response, int $id): Response - { - $media = $this->database->query('SELECT * FROM `uploads` WHERE `id` = ? LIMIT 1', $id)->fetch(); - - if (!$media) { - throw new HttpNotFoundException($request); - } - - if ($this->session->get('admin', false) || $media->user_id === $this->session->get('user_id')) { - - try { - $this->storage->delete($media->storage_path); - } catch (FileNotFoundException $e) { - throw new HttpNotFoundException($request); - } finally { - $this->database->query('DELETE FROM `uploads` WHERE `id` = ?', $id); - $this->logger->info('User '.$this->session->get('username').' deleted a media.', [$id]); - $this->session->set('used_space', humanFileSize($this->getUsedSpaceByUser($this->session->get('user_id')))); - } - } else { - throw new HttpUnauthorizedException($request); - } - - return $response->withStatus(200); - } - - /** - * @param $userCode - * @param $mediaCode - * @return mixed - */ - protected function getMedia($userCode, $mediaCode) - { - $mediaCode = pathinfo($mediaCode)['filename']; - - $media = $this->database->query('SELECT `uploads`.*, `users`.*, `users`.`id` AS `userId`, `uploads`.`id` AS `mediaId` FROM `uploads` INNER JOIN `users` ON `uploads`.`user_id` = `users`.`id` WHERE `user_code` = ? AND `uploads`.`code` = ? LIMIT 1', [ - $userCode, - $mediaCode, - ])->fetch(); - - return $media; - } - - /** - * @param Request $request - * @param Response $response - * @param Filesystem $storage - * @param $media - * @param string $disposition - * @return Response - * @throws FileNotFoundException - */ - protected function streamMedia(Request $request, Response $response, Filesystem $storage, $media, string $disposition = 'inline'): Response - { - set_time_limit(0); - $mime = $storage->getMimetype($media->storage_path); - - if (param($request, 'width') !== null && explode('/', $mime)[0] === 'image') { - - $response = Image::make($storage->readStream($media->storage_path)) - ->resize( - param($request, 'width'), - param($request, 'height'), - function (Constraint $constraint) { - $constraint->aspectRatio(); - }) - ->resizeCanvas(param($request, 'width'), - param($request, 'height'), 'center') - ->psrResponse('png'); - - return $response->withHeader('Content-Disposition', $disposition.';filename="scaled-'.pathinfo($media->filename, PATHINFO_FILENAME).'.png"'); - } else { - $stream = new Stream($storage->readStream($media->storage_path)); - - if (!in_array(explode('/', $mime)[0], ['image', 'video', 'audio']) || $disposition === 'attachment') { - return $response->withHeader('Content-Type', $mime) - ->withHeader('Content-Disposition', $disposition.'; filename="'.$media->filename.'"') - ->withHeader('Content-Length', $stream->getSize()) - ->withBody($stream); - } - - $end = $stream->getSize() - 1; - if (isset($request->getServerParams()['HTTP_RANGE'])) { - list(, $range) = explode('=', $request->getServerParams()['HTTP_RANGE'], 2); - - if (strpos($range, ',') !== false) { - return $response->withHeader('Content-Type', $mime) - ->withHeader('Content-Disposition', $disposition.'; filename="'.$media->filename.'"') - ->withHeader('Content-Length', $stream->getSize()) - ->withHeader('Accept-Ranges', 'bytes') - ->withHeader('Content-Range', "0,{$stream->getSize()}") - ->withStatus(416) - ->withBody($stream); - } - - if ($range === '-') { - $start = $stream->getSize() - (int)substr($range, 1); - } else { - $range = explode('-', $range); - $start = (int)$range[0]; - $end = (isset($range[1]) && is_numeric($range[1])) ? (int)$range[1] : $stream->getSize(); - } - - $end = ($end > $stream->getSize() - 1) ? $stream->getSize() - 1 : $end; - $stream->seek($start); - - header("Content-Type: $mime"); - header('Content-Length: '.($end - $start + 1)); - header('Accept-Ranges: bytes'); - header("Content-Range: bytes $start-$end/{$stream->getSize()}"); - - http_response_code(206); - ob_end_clean(); - - $buffer = 16348; - $readed = $start; - while ($readed < $end) { - if ($readed + $buffer > $end) { - $buffer = $end - $readed + 1; - } - echo $stream->read($buffer); - $readed += $buffer; - } - - exit(0); - } - - return $response->withHeader('Content-Type', $mime) - ->withHeader('Content-Length', $stream->getSize()) - ->withHeader('Accept-Ranges', 'bytes') - ->withStatus(200) - ->withBody($stream); - } - } } \ No newline at end of file diff --git a/app/Controllers/UserController.php b/app/Controllers/UserController.php index d235e15..8f2a959 100644 --- a/app/Controllers/UserController.php +++ b/app/Controllers/UserController.php @@ -247,13 +247,13 @@ class UserController extends Controller */ public function profileEdit(Request $request, Response $response, int $id): Response { - $user = $this->getUser($request, $id, true); - if (param($request, 'email') === null) { $this->session->alert(lang('email_required'), 'danger'); return redirect($response, route('profile')); } + $user = $this->getUser($request, $id, true); + if ($this->database->query('SELECT COUNT(*) AS `count` FROM `users` WHERE `email` = ? AND `email` <> ?', [param($request, 'email'), $user->email])->fetch()->count > 0) { $this->session->alert(lang('email_taken'), 'danger'); return redirect($response, route('profile')); @@ -304,71 +304,6 @@ class UserController extends Controller return $response; } - /** - * @param Request $request - * @param Response $response - * @param int $id - * @return Response - * @throws HttpNotFoundException - * @throws HttpUnauthorizedException - */ - public function getShareXconfigFile(Request $request, Response $response, int $id): Response - { - $user = $this->getUser($request, $id, true); - - if ($user->token === null || $user->token === '') { - $this->session->alert(lang('no_upload_token'), 'danger'); - return redirect($response, $request->getHeaderLine('Referer')); - } - - $json = [ - 'DestinationType' => 'ImageUploader, TextUploader, FileUploader', - 'RequestURL' => route('upload'), - 'FileFormName' => 'upload', - 'Arguments' => [ - 'file' => '$filename$', - 'text' => '$input$', - 'token' => $user->token, - ], - 'URL' => '$json:url$', - 'ThumbnailURL' => '$json:url$/raw', - 'DeletionURL' => '$json:url$/delete/'.$user->token, - ]; - - return json($response, $json, 200, JSON_UNESCAPED_SLASHES | JSON_PRETTY_PRINT) - ->withHeader('Content-Disposition', 'attachment;filename="'.$user->username.'-ShareX.sxcu"'); - } - - /** - * @param Request $request - * @param Response $response - * @param int $id - * @return Response - * @throws HttpNotFoundException - * @throws HttpUnauthorizedException - * @throws \Twig\Error\LoaderError - * @throws \Twig\Error\RuntimeError - * @throws \Twig\Error\SyntaxError - */ - public function getUploaderScriptFile(Request $request, Response $response, int $id): Response - { - $user = $this->getUser($request, $id, true); - - if ($user->token === null || $user->token === '') { - $this->session->alert(lang('no_upload_token'), 'danger'); - return redirect($response, $request->getHeaderLine('Referer')); - } - - return view()->render($response->withHeader('Content-Disposition', 'attachment;filename="xbackbone_uploader_'.$user->username.'.sh"'), - 'scripts/xbackbone_uploader.sh.twig', - [ - 'username' => $user->username, - 'upload_url' => route('upload'), - 'token' => $user->token, - ] - ); - } - /** * @return string */ diff --git a/app/routes.php b/app/routes.php index 03ed8e6..07d137c 100644 --- a/app/routes.php +++ b/app/routes.php @@ -1,8 +1,10 @@ group('', function (RouteCollectorProxy $group) { $group->get('/profile', [UserController::class, 'profile'])->setName('profile'); $group->post('/profile/{id}', [UserController::class, 'profileEdit'])->setName('profile.update'); $group->post('/user/{id}/refreshToken', [UserController::class, 'refreshToken'])->setName('refreshToken'); - $group->get('/user/{id}/config/sharex', [UserController::class, 'getShareXconfigFile'])->setName('config.sharex'); - $group->get('/user/{id}/config/script', [UserController::class, 'getUploaderScriptFile'])->setName('config.script'); + $group->get('/user/{id}/config/sharex', [ClientController::class, 'getShareXConfig'])->setName('config.sharex'); + $group->get('/user/{id}/config/script', [ClientController::class, 'getBashScript'])->setName('config.script'); - $group->post('/upload/{id}/publish', [UploadController::class, 'togglePublish'])->setName('upload.publish'); - $group->post('/upload/{id}/unpublish', [UploadController::class, 'togglePublish'])->setName('upload.unpublish'); - $group->get('/upload/{id}/raw', [UploadController::class, 'getRawById'])->add(AdminMiddleware::class)->setName('upload.raw'); - $group->post('/upload/{id}/delete', [UploadController::class, 'delete'])->setName('upload.delete'); + $group->post('/upload/{id}/publish', [MediaController::class, 'togglePublish'])->setName('upload.publish'); + $group->post('/upload/{id}/unpublish', [MediaController::class, 'togglePublish'])->setName('upload.unpublish'); + $group->get('/upload/{id}/raw', [MediaController::class, 'getRawById'])->add(AdminMiddleware::class)->setName('upload.raw'); + $group->post('/upload/{id}/delete', [MediaController::class, 'delete'])->setName('upload.delete'); })->add(App\Middleware\CheckForMaintenanceMiddleware::class)->add(AuthMiddleware::class); @@ -66,8 +68,8 @@ $app->map(['GET', 'POST'], '/logout', [LoginController::class, 'logout'])->setNa $app->post('/upload', [UploadController::class, 'upload'])->setName('upload'); -$app->get('/{userCode}/{mediaCode}', [UploadController::class, 'show'])->setName('public'); -$app->get('/{userCode}/{mediaCode}/delete/{token}', [UploadController::class, 'show'])->setName('public.delete.show')->add(CheckForMaintenanceMiddleware::class); -$app->post('/{userCode}/{mediaCode}/delete/{token}', [UploadController::class, 'deleteByToken'])->setName('public.delete')->add(CheckForMaintenanceMiddleware::class); -$app->get('/{userCode}/{mediaCode}/raw[.{ext}]', [UploadController::class, 'showRaw'])->setName('public.raw'); -$app->get('/{userCode}/{mediaCode}/download', [UploadController::class, 'download'])->setName('public.download'); \ No newline at end of file +$app->get('/{userCode}/{mediaCode}', [MediaController::class, 'show'])->setName('public'); +$app->get('/{userCode}/{mediaCode}/delete/{token}', [MediaController::class, 'show'])->setName('public.delete.show')->add(CheckForMaintenanceMiddleware::class); +$app->post('/{userCode}/{mediaCode}/delete/{token}', [MediaController::class, 'deleteByToken'])->setName('public.delete')->add(CheckForMaintenanceMiddleware::class); +$app->get('/{userCode}/{mediaCode}/raw[.{ext}]', [MediaController::class, 'getRaw'])->setName('public.raw'); +$app->get('/{userCode}/{mediaCode}/download', [MediaController::class, 'download'])->setName('public.download'); \ No newline at end of file diff --git a/src/css/app.css b/src/css/app.css index 5b151b6..c0f9168 100644 --- a/src/css/app.css +++ b/src/css/app.css @@ -98,7 +98,7 @@ body { } .media-audio { - margin-top: 50vh; + margin-top: 40vh; } }