[FEATURE] Allow Storages outside the webroot
[Packages/TYPO3.CMS.git] / typo3 / sysext / core / Resources / PHP / FileDumpEID.php
1 <?php
2
3 /***************************************************************
4 * Copyright notice
5 *
6 * (c) 2014 Steffen Ritter <steffen.ritter@typo3.org>
7 * All rights reserved
8 *
9 * This script is part of the TYPO3 project. The TYPO3 project is
10 * free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * The GNU General Public License can be found at
16 * http://www.gnu.org/copyleft/gpl.html.
17 * A copy is found in the textfile GPL.txt and important notices to the license
18 * from the author is found in LICENSE.txt distributed with these scripts.
19 *
20 *
21 * This script is distributed in the hope that it will be useful,
22 * but WITHOUT ANY WARRANTY; without even the implied warranty of
23 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24 * GNU General Public License for more details.
25 *
26 * This copyright notice MUST APPEAR in all copies of the script!
27 ***************************************************************/
28 $parameters = array('eID' => 'dumpFile');
29 if (\TYPO3\CMS\Core\Utility\GeneralUtility::_GP('t')) {
30 $parameters['t'] = \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('t');
31 }
32 if (\TYPO3\CMS\Core\Utility\GeneralUtility::_GP('f')) {
33 $parameters['f'] = (int)\TYPO3\CMS\Core\Utility\GeneralUtility::_GP('f');
34 }
35 if (\TYPO3\CMS\Core\Utility\GeneralUtility::_GP('p')) {
36 $parameters['p'] = (int)\TYPO3\CMS\Core\Utility\GeneralUtility::_GP('p');
37 }
38
39 if (\TYPO3\CMS\Core\Utility\GeneralUtility::hmac(implode('|', $parameters), 'resourceStorageDumpFile') === \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('token')) {
40 if (isset($parameters['f'])) {
41 $file = \TYPO3\CMS\Core\Resource\ResourceFactory::getInstance()->getFileObject($parameters['f']);
42 if ($file->isDeleted() || $file->isMissing()) {
43 $file = NULL;
44 }
45 } else {
46 $file = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\Resource\\ProcessedFileRepository')->findByUid($parameters['p']);
47 if ($file->isDeleted()) {
48 $file = NULL;
49 }
50 }
51
52 if ($file === NULL) {
53 \TYPO3\CMS\Core\Utility\HttpUtility::setResponseCodeAndExit(\TYPO3\CMS\Core\Utility\HttpUtility::HTTP_STATUS_404);
54 }
55
56 // Hook: allow some other process to do some security/access checks. Hook should issue 403 if access is rejected
57 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['FileDumpEID.php']['checkFileAccess'])) {
58 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['FileDumpEID.php']['checkFileAccess'] as $classRef) {
59 $hookObject = \TYPO3\CMS\Core\Utility\GeneralUtility::getUserObj($classRef);
60 if (!$hookObject instanceof \TYPO3\CMS\Core\Resource\Hook\FileDumpEIDHookInterface) {
61 throw new \UnexpectedValueException('$hookObject must implement interface TYPO3\\CMS\\Core\\Resource\\FileDumpEIDHookInterface', 1394442417);
62 }
63 $hookObject->checkFileAccess($file);
64 }
65 }
66 $file->getStorage()->dumpFileContents($file);
67 } else {
68 \TYPO3\CMS\Core\Utility\HttpUtility::setResponseCodeAndExit(\TYPO3\CMS\Core\Utility\HttpUtility::HTTP_STATUS_403);
69 }