1.5.2: html functions, DB Row Iterator, and more
This commit is contained in:
@@ -7,18 +7,22 @@ use Objects\User;
|
||||
|
||||
class Router {
|
||||
|
||||
private User $user;
|
||||
private ?User $user;
|
||||
private Logger $logger;
|
||||
protected array $routes;
|
||||
protected array $statusCodeRoutes;
|
||||
|
||||
public function __construct(User $user) {
|
||||
public function __construct(?User $user = null) {
|
||||
$this->user = $user;
|
||||
$this->logger = new Logger("Router", $user->getSQL());
|
||||
$this->routes = [];
|
||||
$this->statusCodeRoutes = [];
|
||||
|
||||
$this->addRoute(new ApiRoute());
|
||||
if ($user) {
|
||||
$this->addRoute(new ApiRoute());
|
||||
$this->logger = new Logger("Router", $user->getSQL());
|
||||
} else {
|
||||
$this->logger = new Logger("Router");
|
||||
}
|
||||
}
|
||||
|
||||
public function run(string $url): string {
|
||||
|
||||
@@ -15,10 +15,61 @@ class StaticFileRoute extends AbstractRoute {
|
||||
|
||||
public function call(Router $router, array $params): string {
|
||||
http_response_code($this->code);
|
||||
return serveStatic(WEBROOT, $this->path);
|
||||
$this->serveStatic($this->path, $router);
|
||||
return "";
|
||||
}
|
||||
|
||||
protected function getArgs(): array {
|
||||
return array_merge(parent::getArgs(), [$this->path, $this->code]);
|
||||
}
|
||||
|
||||
public static function serveStatic(string $path, ?Router $router = null) {
|
||||
|
||||
$path = realpath(WEBROOT . DIRECTORY_SEPARATOR . $path);
|
||||
if (!startsWith($path, WEBROOT . DIRECTORY_SEPARATOR)) {
|
||||
http_response_code(406);
|
||||
echo "<b>Access restricted, requested file outside web root:</b> " . htmlspecialchars($path);
|
||||
}
|
||||
|
||||
if (!file_exists($path) || !is_file($path) || !is_readable($path)) {
|
||||
http_response_code(500);
|
||||
echo "<b>Unable to read file:</b> " . htmlspecialchars($path);
|
||||
}
|
||||
|
||||
$pathInfo = pathinfo($path);
|
||||
if ($router !== null && ($user = $router->getUser()) !== null) {
|
||||
$ext = $pathInfo["extension"] ?? "";
|
||||
if (!$user->getConfiguration()->getSettings()->isExtensionAllowed($ext)) {
|
||||
http_response_code(406);
|
||||
echo "<b>Access restricted:</b> Extension '" . htmlspecialchars($ext) . "' not allowed to serve.";
|
||||
}
|
||||
}
|
||||
|
||||
$size = filesize($path);
|
||||
$mimeType = mime_content_type($path);
|
||||
header("Content-Type: $mimeType");
|
||||
header("Content-Length: $size");
|
||||
header('Accept-Ranges: bytes');
|
||||
|
||||
if (strcasecmp($_SERVER["REQUEST_METHOD"], "HEAD") !== 0) {
|
||||
$handle = fopen($path, "rb");
|
||||
if ($handle === false) {
|
||||
http_response_code(500);
|
||||
echo "<b>Unable to read file:</b> " . htmlspecialchars($path);
|
||||
}
|
||||
|
||||
$offset = 0;
|
||||
$length = $size;
|
||||
|
||||
if (isset($_SERVER['HTTP_RANGE'])) {
|
||||
preg_match('/bytes=(\d+)-(\d+)?/', $_SERVER['HTTP_RANGE'], $matches);
|
||||
$offset = intval($matches[1]);
|
||||
$length = intval($matches[2]) - $offset;
|
||||
http_response_code(206);
|
||||
header('Content-Range: bytes ' . $offset . '-' . ($offset + $length) . '/' . $size);
|
||||
}
|
||||
|
||||
downloadFile($handle, $offset, $length);
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user