ecommun / owncloud_ynh

Blame view

sources/apps/files_sharing/ajax/publicpreview.php 2.87 KB
edit raw normal view history
31b7f2792   Kload   Upgrade to ownclo... 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
 
  <?php
  /**
   * Copyright (c) 2013 Georg Ehrke georg@ownCloud.com
   * This file is licensed under the Affero General Public License version 3 or
   * later.
   * See the COPYING-README file.
   */
  if(!\OC_App::isEnabled('files_sharing')){
  	exit;
  }
  
  \OC_User::setIncognitoMode(true);
  
  $file = array_key_exists('file', $_GET) ? (string) urldecode($_GET['file']) : '';
  $maxX = array_key_exists('x', $_GET) ? (int) $_GET['x'] : '36';
  $maxY = array_key_exists('y', $_GET) ? (int) $_GET['y'] : '36';
  $scalingUp = array_key_exists('scalingup', $_GET) ? (bool) $_GET['scalingup'] : true;
  $token = array_key_exists('t', $_GET) ? (string) $_GET['t'] : '';
  
  if($token === ''){
  	\OC_Response::setStatus(400); //400 Bad Request
  	\OC_Log::write('core-preview', 'No token parameter was passed', \OC_Log::DEBUG);
  	exit;
  }
  
  $linkedItem = \OCP\Share::getShareByToken($token);
  if($linkedItem === false || ($linkedItem['item_type'] !== 'file' && $linkedItem['item_type'] !== 'folder')) {
  	\OC_Response::setStatus(404);
  	\OC_Log::write('core-preview', 'Passed token parameter is not valid', \OC_Log::DEBUG);
  	exit;
  }
  
  if(!isset($linkedItem['uid_owner']) || !isset($linkedItem['file_source'])) {
  	\OC_Response::setStatus(500);
  	\OC_Log::write('core-preview', 'Passed token seems to be valid, but it does not contain all necessary information . ("' . $token . '")', \OC_Log::WARN);
  	exit;
  }
a293d369c   Kload   Update sources to... 
38
39
40
41
 
  $rootLinkItem = OCP\Share::resolveReShare($linkedItem);
  $userId = $rootLinkItem['uid_owner'];
  
  OCP\JSON::checkUserExists($rootLinkItem['uid_owner']);
31b7f2792   Kload   Upgrade to ownclo... 
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
 
  \OC_Util::setupFS($userId);
  \OC\Files\Filesystem::initMountPoints($userId);
  $view = new \OC\Files\View('/' . $userId . '/files');
  
  $pathId = $linkedItem['file_source'];
  $path = $view->getPath($pathId);
  $pathInfo = $view->getFileInfo($path);
  $sharedFile = null;
  
  if($linkedItem['item_type'] === 'folder') {
  	$isvalid = \OC\Files\Filesystem::isValidPath($file);
  	if(!$isvalid) {
  		\OC_Response::setStatus(400); //400 Bad Request
  		\OC_Log::write('core-preview', 'Passed filename is not valid, might be malicious (file:"' . $file . '";ip:"' . $_SERVER['REMOTE_ADDR'] . '")', \OC_Log::WARN);
  		exit;
  	}
  	$sharedFile = \OC\Files\Filesystem::normalizePath($file);
  }
  
  if($linkedItem['item_type'] === 'file') {
  	$parent = $pathInfo['parent'];
  	$path = $view->getPath($parent);
  	$sharedFile = $pathInfo['name'];
  }
  
  $path = \OC\Files\Filesystem::normalizePath($path, false);
  if(substr($path, 0, 1) === '/') {
  	$path = substr($path, 1);
  }
  
  if($maxX === 0 || $maxY === 0) {
  	\OC_Response::setStatus(400); //400 Bad Request
  	\OC_Log::write('core-preview', 'x and/or y set to 0', \OC_Log::DEBUG);
  	exit;
  }
  
  $root = 'files/' . $path;
  
  try{
  	$preview = new \OC\Preview($userId, $root);
  	$preview->setFile($sharedFile);
  	$preview->setMaxX($maxX);
  	$preview->setMaxY($maxY);
  	$preview->setScalingUp($scalingUp);
  
  	$preview->show();
  } catch (\Exception $e) {
  	\OC_Response::setStatus(500);
  	\OC_Log::write('core', $e->getmessage(), \OC_Log::DEBUG);
a293d369c   Kload   Update sources to... 
91
 
  }