path = $path;
$this->code = $code;
}
public function call(Router $router, array $params): string {
http_response_code($this->code);
$this->serveStatic($this->path, $router);
return "";
}
protected function getArgs(): array {
return array_merge(parent::getArgs(), [$this->path, $this->code]);
}
public static function serveStatic(string $path, ?Router $router = null) {
$path = realpath(WEBROOT . DIRECTORY_SEPARATOR . $path);
if (!startsWith($path, WEBROOT . DIRECTORY_SEPARATOR)) {
http_response_code(406);
echo "Access restricted, requested file outside web root: " . htmlspecialchars($path);
}
if (!file_exists($path) || !is_file($path) || !is_readable($path)) {
http_response_code(500);
echo "Unable to read file: " . htmlspecialchars($path);
}
$pathInfo = pathinfo($path);
if ($router !== null && ($user = $router->getUser()) !== null) {
$ext = $pathInfo["extension"] ?? "";
if (!$user->getConfiguration()->getSettings()->isExtensionAllowed($ext)) {
http_response_code(406);
echo "Access restricted: Extension '" . htmlspecialchars($ext) . "' not allowed to serve.";
}
}
$size = filesize($path);
$mimeType = mime_content_type($path);
header("Content-Type: $mimeType");
header("Content-Length: $size");
header('Accept-Ranges: bytes');
if (strcasecmp($_SERVER["REQUEST_METHOD"], "HEAD") !== 0) {
$handle = fopen($path, "rb");
if ($handle === false) {
http_response_code(500);
echo "Unable to read file: " . htmlspecialchars($path);
}
$offset = 0;
$length = $size;
if (isset($_SERVER['HTTP_RANGE'])) {
preg_match('/bytes=(\d+)-(\d+)?/', $_SERVER['HTTP_RANGE'], $matches);
$offset = intval($matches[1]);
$length = intval($matches[2]) - $offset;
http_response_code(206);
header('Content-Range: bytes ' . $offset . '-' . ($offset + $length) . '/' . $size);
}
downloadFile($handle, $offset, $length);
}
}
}