Resources/Documents/_show_image_controller_8php_source.html

<?php

namespace TYPO3\CMS\Frontend\Controller;


/*

 * This file is part of the TYPO3 CMS project.

 *

 * It is free software; you can redistribute it and/or modify it under

 * the terms of the GNU General Public License, either version 2

 * of the License, or any later version.

 *

 * For the full copyright and license information, please read the

 * LICENSE.txt file that was distributed with this source code.

 *

 * The TYPO3 project - inspiring people to share!

 */


use Psr\Http\Message\ServerRequestInterface;

use Psr\Http\Message\ResponseInterface;

use TYPO3\CMS\Core\Exception;

use TYPO3\CMS\Core\Resource\ResourceFactory;

use TYPO3\CMS\Core\Utility\GeneralUtility;

use TYPO3\CMS\Core\Utility\MathUtility;


class ShowImageController

{

    protected $request;


    protected $file;


    protected $width;


    protected $height;


    protected $frame;


    protected $bodyTag = '<body>';


    protected $title = 'Image';


    protected $content = <<<EOF

<!DOCTYPE html>

<html>

<head>

        <title>###TITLE###</title>

        <meta name="robots" content="noindex,follow" />

</head>

###BODY###

        ###IMAGE###

</body>

</html>

EOF;


    protected $imageTag = '<img src="###publicUrl###" alt="###alt###" title="###title###" width="###width###" height="###height###" />';


    public function initialize()

    {

        $fileUid = isset($this->request->getQueryParams()['file']) ? $this->request->getQueryParams()['file'] : null;

        $parametersArray = isset($this->request->getQueryParams()['parameters']) ? $this->request->getQueryParams()['parameters'] : null;


        // If no file-param or parameters are given, we must exit

        if (!$fileUid || !isset($parametersArray) || !is_array($parametersArray)) {

            throw new \InvalidArgumentException('No valid fileUid given');

        }


        // rebuild the parameter array and check if the HMAC is correct

        $parametersEncoded = implode('', $parametersArray);


        /* For backwards compatibility the HMAC is transported within the md5 param */

        $hmacParameter = isset($this->request->getQueryParams()['md5']) ? $this->request->getQueryParams()['md5'] : null;

        $hmac = GeneralUtility::hmac(implode('|', array($fileUid, $parametersEncoded)));

        if ($hmac !== $hmacParameter) {

            throw new \InvalidArgumentException('hash does not match');

        }


        // decode the parameters Array

        $parameters = unserialize(base64_decode($parametersEncoded));

        foreach ($parameters as $parameterName => $parameterValue) {

            $this->{$parameterName} = $parameterValue;

        }


        if (MathUtility::canBeInterpretedAsInteger($fileUid)) {

            $this->file = ResourceFactory::getInstance()->getFileObject((int)$fileUid);

        } else {

            $this->file = ResourceFactory::getInstance()->retrieveFileOrFolderObject($fileUid);

        }

        $this->frame = isset($this->request->getQueryParams()['frame']) ? $this->request->getQueryParams()['frame'] : null;

    }


    public function main()

    {

        $processedImage = $this->processImage();

        $imageTagMarkers = array(

            '###publicUrl###' => htmlspecialchars($processedImage->getPublicUrl()),

            '###alt###' => htmlspecialchars($this->file->getProperty('alternative') ?: $this->title),

            '###title###' => htmlspecialchars($this->file->getProperty('title') ?: $this->title),

            '###width###' => $processedImage->getProperty('width'),

            '###height###' => $processedImage->getProperty('height')

        );

        $this->imageTag = str_replace(array_keys($imageTagMarkers), array_values($imageTagMarkers), $this->imageTag);

        $markerArray = array(

            '###TITLE###' => ($this->file->getProperty('title') ?: $this->title),

            '###IMAGE###' => $this->imageTag,

            '###BODY###' => $this->bodyTag

        );


        $this->content = str_replace(array_keys($markerArray), array_values($markerArray), $this->content);

    }


    protected function processImage()

    {

        if (strstr($this->width . $this->height, 'm')) {

            $max = 'm';

        } else {

            $max = '';

        }

        $this->height = MathUtility::forceIntegerInRange($this->height, 0);

        $this->width = MathUtility::forceIntegerInRange($this->width, 0) . $max;


        $processingConfiguration = array(

            'width' => $this->width,

            'height' => $this->height,

            'frame' => $this->frame,


        );

        return $this->file->process('Image.CropScaleMask', $processingConfiguration);

    }


    public function processRequest(ServerRequestInterface $request, ResponseInterface $response)

    {

        $this->request = $request;


        try {

            $this->initialize();

            $this->main();

            $response->getBody()->write($this->content);

            return $response;

        } catch (\InvalidArgumentException $e) {

            // add a 410 "gone" if invalid parameters given

            return $response->withStatus(410);

        } catch (Exception $e) {

            return $response->withStatus(404);

        }

    }

}