f824c4bc7c9c05383570b85820a10d0c57ef8331
[Packages/TYPO3.CMS.git] / typo3 / sysext / frontend / Classes / Controller / ShowImageController.php
1 <?php
2 namespace TYPO3\CMS\Frontend\Controller;
3
4 /*
5 * This file is part of the TYPO3 CMS project.
6 *
7 * It is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License, either version 2
9 * of the License, or any later version.
10 *
11 * For the full copyright and license information, please read the
12 * LICENSE.txt file that was distributed with this source code.
13 *
14 * The TYPO3 project - inspiring people to share!
15 */
16
17 use TYPO3\CMS\Core\Resource\ResourceFactory;
18 use TYPO3\CMS\Core\Utility\HttpUtility;
19 use TYPO3\CMS\Core\Utility\GeneralUtility;
20 use TYPO3\CMS\Core\Utility\MathUtility;
21
22 /**
23 * Script Class, generating the page output.
24 * Instantiated in the bottom of this script.
25 */
26 class ShowImageController {
27
28 /**
29 * Parameters loaded into these internal variables:
30 *
31 * @var \TYPO3\CMS\Core\Resource\File
32 */
33 protected $file;
34
35 /**
36 * @var int
37 */
38 protected $width;
39
40 /**
41 * @var int
42 */
43 protected $height;
44
45 /**
46 * @var string
47 */
48 protected $sample;
49
50 /**
51 * @var string
52 */
53 protected $effects;
54
55 /**
56 * @var int
57 */
58 protected $frame;
59
60 /**
61 * @var string
62 */
63 protected $hmac;
64
65 /**
66 * @var string
67 */
68 protected $bodyTag = '<body>';
69
70 /**
71 * @var string
72 */
73 protected $wrap = '|';
74
75 /**
76 * @var string
77 */
78 protected $title = 'Image';
79
80 /**
81 * @var string
82 */
83 protected $content = <<<EOF
84 <!DOCTYPE html>
85 <html>
86 <head>
87 <title>###TITLE###</title>
88 <meta name="robots" content="noindex,follow" />
89 </head>
90 ###BODY###
91 ###IMAGE###
92 </body>
93 </html>
94 EOF;
95
96 /**
97 * @var string
98 */
99 protected $imageTag = '<img src="###publicUrl###" alt="###alt###" title="###title###" width="###width###" height="###height###" />';
100
101 /**
102 * Init function, setting the input vars in the global space.
103 *
104 * @return void
105 */
106 public function init() {
107 // Loading internal vars with the GET/POST parameters from outside:
108 $fileUid = GeneralUtility::_GP('file');
109 $this->frame = GeneralUtility::_GP('frame');
110 /* For backwards compatibility the HMAC is transported within the md5 param */
111 $this->hmac = GeneralUtility::_GP('md5');
112
113 $parametersArray = GeneralUtility::_GP('parameters');
114
115 // If no file-param or parameters are given, we must exit
116 if (!$fileUid || !isset($parametersArray) || !is_array($parametersArray)) {
117 HttpUtility::setResponseCodeAndExit(HttpUtility::HTTP_STATUS_410);
118 }
119
120 // rebuild the parameter array and check if the HMAC is correct
121 $parametersEncoded = implode('', $parametersArray);
122 $hmac = GeneralUtility::hmac(implode('|', array($fileUid, $parametersEncoded)));
123 if ($hmac !== $this->hmac) {
124 HttpUtility::setResponseCodeAndExit(HttpUtility::HTTP_STATUS_410);
125
126 }
127
128 // decode the parameters Array
129 $parameters = unserialize(base64_decode($parametersEncoded));
130 foreach ($parameters as $parameterName => $parameterValue) {
131 $this->{$parameterName} = $parameterValue;
132 }
133
134 try {
135 if (MathUtility::canBeInterpretedAsInteger($fileUid)) {
136 $this->file = ResourceFactory::getInstance()->getFileObject((int)$fileUid);
137 } else {
138 $this->file = ResourceFactory::getInstance()->retrieveFileOrFolderObject($fileUid);
139 }
140 } catch (\TYPO3\CMS\Core\Exception $e) {
141 HttpUtility::setResponseCodeAndExit(HttpUtility::HTTP_STATUS_404);
142 }
143 }
144
145 /**
146 * Main function which creates the image if needed and outputs the HTML code for the page displaying the image.
147 * Accumulates the content in $this->content
148 *
149 * @return void
150 */
151 public function main() {
152 $processedImage = $this->processImage();
153 $imageTagMarkers = array(
154 '###publicUrl###' => htmlspecialchars($processedImage->getPublicUrl()),
155 '###alt###' => htmlspecialchars($this->file->getProperty('alternative') ?: $this->title),
156 '###title###' => htmlspecialchars($this->file->getProperty('title') ?: $this->title),
157 '###width###' => $processedImage->getProperty('width'),
158 '###height###' => $processedImage->getProperty('height')
159 );
160 $this->imageTag = str_replace(array_keys($imageTagMarkers), array_values($imageTagMarkers), $this->imageTag);
161 if ($this->wrap !== '|') {
162 $wrapParts = explode('|', $this->wrap, 2);
163 $this->imageTag = $wrapParts[0] . $this->imageTag . $wrapParts[1];
164 }
165 $markerArray = array(
166 '###TITLE###' => ($this->file->getProperty('title') ?: $this->title),
167 '###IMAGE###' => $this->imageTag,
168 '###BODY###' => $this->bodyTag
169 );
170
171 $this->content = str_replace(array_keys($markerArray), array_values($markerArray), $this->content);
172
173 }
174
175 /**
176 * Does the actual image processing
177 *
178 * @return \TYPO3\CMS\Core\Resource\ProcessedFile
179 */
180 protected function processImage() {
181 if (strstr($this->width . $this->height, 'm')) {
182 $max = 'm';
183 } else {
184 $max = '';
185 }
186 $this->height = MathUtility::forceIntegerInRange($this->height, 0);
187 $this->width = MathUtility::forceIntegerInRange($this->width, 0) . $max;
188
189 $processingConfiguration = array(
190 'width' => $this->width,
191 'height' => $this->height,
192 'frame' => $this->frame,
193
194 );
195 return $this->file->process('Image.CropScaleMask', $processingConfiguration);
196 }
197 /**
198 * Outputs the content from $this->content
199 *
200 * @return void
201 */
202 public function printContent() {
203 echo $this->content;
204 HttpUtility::setResponseCodeAndExit(HttpUtility::HTTP_STATUS_200);
205 }
206
207 /**
208 * Execute
209 *
210 * @return void
211 */
212 public function execute() {
213 $this->init();
214 $this->main();
215 $this->printContent();
216 }
217
218 }