vendor/pimcore/pimcore/bundles/CoreBundle/Controller/PublicServicesController.php line 34

Open in your IDE?
  1. <?php
  3. /**
  4.  * Pimcore
  5.  *
  6.  * This source file is available under two different licenses:
  7.  * - GNU General Public License version 3 (GPLv3)
  8.  * - Pimcore Commercial License (PCL)
  9.  * Full copyright and license information is available in
  10.  * LICENSE.md which is distributed with this source code.
  11.  *
  12.  *  @copyright  Copyright (c) Pimcore GmbH (http://www.pimcore.org)
  13.  *  @license    http://www.pimcore.org/license     GPLv3 and PCL
  14.  */
  16. namespace Pimcore\Bundle\CoreBundle\Controller;
  18. use Pimcore\Config;
  19. use Pimcore\Controller\Controller;
  20. use Pimcore\File;
  21. use Pimcore\Logger;
  22. use Pimcore\Model\Asset;
  23. use Pimcore\Model\Site;
  24. use Pimcore\Model\Tool;
  25. use Pimcore\Model\Tool\TmpStore;
  26. use Symfony\Component\HttpFoundation\BinaryFileResponse;
  27. use Symfony\Component\HttpFoundation\Cookie;
  28. use Symfony\Component\HttpFoundation\RedirectResponse;
  29. use Symfony\Component\HttpFoundation\Request;
  30. use Symfony\Component\HttpFoundation\Response;
  31. use Symfony\Component\HttpKernel\EventListener\AbstractSessionListener;
  32. use Symfony\Component\HttpKernel\EventListener\SessionListener;
  34. class PublicServicesController extends Controller
  35. {
  36.     /**
  37.      * @param Request $request
  38.      * @param SessionListener $sessionListener
  39.      *
  40.      * @return BinaryFileResponse
  41.      */
  42.     public function thumbnailAction(Request $requestSessionListener $sessionListener)
  43.     {
  44.         $errorImage PIMCORE_WEB_ROOT '/bundles/pimcoreadmin/img/filetype-not-supported.svg';
  45.         $assetId $request->get('assetId');
  46.         $thumbnailName $request->get('thumbnailName');
  47.         $filename $request->get('filename');
  48.         $requestedFileExtension strtolower(File::getFileExtension($filename));
  49.         $asset Asset::getById($assetId);
  51.         $prefix preg_replace('@^cache-buster\-[\d]+\/@'''$request->get('prefix'));
  53.         if ($asset && $asset->getPath() == ('/' $prefix)) {
  54.             // we need to check the path as well, this is important in the case you have restricted the public access to
  55.             // assets via rewrite rules
  56.             try {
  57.                 $imageThumbnail null;
  58.                 $thumbnailFile null;
  59.                 $thumbnailConfig null;
  61.                 // just check if the thumbnail exists -> throws exception otherwise
  62.                 $thumbnailConfig Asset\Image\Thumbnail\Config::getByName($thumbnailName);
  64.                 if (!$thumbnailConfig) {
  65.                     // check if there's an item in the TmpStore
  66.                     // remove an eventually existing cache-buster prefix first (eg. when using with a CDN)
  67.                     $pathInfo preg_replace('@^/cache-buster\-[\d]+@'''$request->getPathInfo());
  68.                     $deferredConfigId 'thumb_' $assetId '__' md5(urldecode($pathInfo));
  69.                     if ($thumbnailConfigItem TmpStore::get($deferredConfigId)) {
  70.                         $thumbnailConfig $thumbnailConfigItem->getData();
  71.                         TmpStore::delete($deferredConfigId);
  73.                         if (!$thumbnailConfig instanceof Asset\Image\Thumbnail\Config) {
  74.                             throw new \Exception("Deferred thumbnail config file doesn't contain a valid \\Asset\\Image\\Thumbnail\\Config object");
  75.                         }
  76.                     }
  77.                 }
  79.                 if (!$thumbnailConfig) {
  80.                     throw $this->createNotFoundException("Thumbnail '" $thumbnailName "' file doesn't exist");
  81.                 }
  83.                 if (strcasecmp($thumbnailConfig->getFormat(), 'SOURCE') === 0) {
  84.                     $formatOverride $requestedFileExtension;
  85.                     if (in_array($requestedFileExtension, ['jpg''jpeg'])) {
  86.                         $formatOverride 'pjpeg';
  87.                     }
  88.                     $thumbnailConfig->setFormat($formatOverride);
  89.                 }
  91.                 if ($asset instanceof Asset\Video) {
  92.                     $time 1;
  93.                     if (preg_match("|~\-~time\-(\d+)\.|"$filename$matchesThumbs)) {
  94.                         $time = (int)$matchesThumbs[1];
  95.                     }
  97.                     $imageThumbnail $asset->getImageThumbnail($thumbnailConfig$time);
  98.                     $thumbnailFile $imageThumbnail->getFileSystemPath();
  99.                 } elseif ($asset instanceof Asset\Document) {
  100.                     $page 1;
  101.                     if (preg_match("|~\-~page\-(\d+)\.|"$filename$matchesThumbs)) {
  102.                         $page = (int)$matchesThumbs[1];
  103.                     }
  105.                     $thumbnailConfig->setName(preg_replace("/\-[\d]+/"''$thumbnailConfig->getName()));
  106.                     $thumbnailConfig->setName(str_replace('document_'''$thumbnailConfig->getName()));
  108.                     $imageThumbnail $asset->getImageThumbnail($thumbnailConfig$page);
  109.                     $thumbnailFile $imageThumbnail->getFileSystemPath();
  110.                 } elseif ($asset instanceof Asset\Image) {
  111.                     //check if high res image is called
  113.                     preg_match("@([^\@]+)(\@[0-9.]+x)?\.([a-zA-Z]{2,5})@"$filename$matches);
  115.                     if (array_key_exists(2$matches) && $matches[2]) {
  116.                         $highResFactor = (float) str_replace(['@''x'], ''$matches[2]);
  117.                         $thumbnailConfig->setHighResolution($highResFactor);
  118.                     }
  120.                     // check if a media query thumbnail was requested
  121.                     if (preg_match("#~\-~media\-\-(.*)\-\-query#"$matches[1], $mediaQueryResult)) {
  122.                         $thumbnailConfig->selectMedia($mediaQueryResult[1]);
  123.                     }
  125.                     $imageThumbnail $asset->getThumbnail($thumbnailConfig);
  126.                     $thumbnailFile $imageThumbnail->getFileSystemPath();
  127.                 }
  129.                 if ($imageThumbnail && $thumbnailFile && file_exists($thumbnailFile)) {
  130.                     $actualFileExtension File::getFileExtension($thumbnailFile);
  132.                     if ($actualFileExtension !== $requestedFileExtension && $thumbnailFile != $errorImage) {
  133.                         // create a copy/symlink to the file with the original file extension
  134.                         // this can be e.g. the case when the thumbnail is called as foo.png but the thumbnail config
  135.                         // is set to auto-optimized format so the resulting thumbnail can be jpeg
  136.                         $requestedFile preg_replace('/\.' $actualFileExtension '$/''.' $requestedFileExtension$thumbnailFile);
  137.                         $linked is_link($requestedFile) || symlink($thumbnailFile$requestedFile);
  138.                         if (false === $linked) {
  139.                             // create a hard copy
  140.                             copy($thumbnailFile$requestedFile);
  141.                         }
  142.                     }
  144.                     // set appropriate caching headers
  145.                     // see also: https://github.com/pimcore/pimcore/blob/1931860f0aea27de57e79313b2eb212dcf69ef13/.htaccess#L86-L86
  146.                     $lifetime 86400 7// 1 week lifetime, same as direct delivery in .htaccess
  148.                     $headers = [
  149.                         'Cache-Control' => 'public, max-age=' $lifetime,
  150.                         'Expires' => date('D, d M Y H:i:s T'time() + $lifetime),
  151.                         'Content-Type' => $imageThumbnail->getMimeType(),
  152.                     ];
  154.                     // in certain cases where an event listener starts a session (e.g. when there's a firewall
  155.                     // configured for the entire site /*) the session event listener shouldn't modify the
  156.                     // cache control headers of this response
  157.                     if (defined('Symfony\Component\HttpKernel\EventListener\AbstractSessionListener::NO_AUTO_CACHE_CONTROL_HEADER')) {
  158.                         // this method of bypassing the session listener was introduced in Symfony 4, so we need
  159.                         // to check for the constant first
  160.                         $headers[AbstractSessionListener::NO_AUTO_CACHE_CONTROL_HEADER] = true;
  161.                     } else {
  162.                         // @TODO to be removed in Pimcore 10
  163.                         // Symfony 3.4 doesn't support bypassing the session listener, so we just remove it
  164.                         \Pimcore::getEventDispatcher()->removeSubscriber($sessionListener);
  165.                     }
  167.                     return new BinaryFileResponse($thumbnailFile200$headers);
  168.                 }
  169.             } catch (\Exception $e) {
  170.                 $message "Thumbnail with name '" $thumbnailName "' doesn't exist";
  171.                 Logger::error($message);
  173.                 throw $this->createNotFoundException($message$e);
  174.             }
  175.         } else {
  176.             throw $this->createNotFoundException('Asset not found');
  177.         }
  179.         throw $this->createNotFoundException('Unable to create image thumbnail');
  180.     }
  182.     /**
  183.      * @param Request $request
  184.      *
  185.      * @return Response
  186.      */
  187.     public function robotsTxtAction(Request $request)
  188.     {
  189.         // check for site
  190.         $domain = \Pimcore\Tool::getHostname();
  191.         $site Site::getByDomain($domain);
  193.         $config Config::getRobotsConfig()->toArray();
  195.         $siteId 'default';
  196.         if ($site instanceof Site) {
  197.             $siteId $site->getId();
  198.         }
  200.         // send correct headers
  201.         header('Content-Type: text/plain; charset=utf8');
  202.         while (@ob_end_flush()) ;
  204.         // check for configured robots.txt in pimcore
  205.         $content '';
  206.         if (array_key_exists($siteId$config)) {
  207.             $content $config[$siteId];
  208.         }
  210.         if (empty($content)) {
  211.             // default behavior, allow robots to index everything
  212.             $content "User-agent: *\nDisallow:";
  213.         }
  215.         return new Response($contentResponse::HTTP_OK, [
  216.             'Content-Type' => 'text/plain',
  217.         ]);
  218.     }
  220.     /**
  221.      * @param Request $request
  222.      *
  223.      * @return Response
  224.      */
  225.     public function commonFilesAction(Request $request)
  226.     {
  227.         return new Response("HTTP/1.1 404 Not Found\nFiltered by common files filter"404);
  228.     }
  230.     /**
  231.      * @param Request $request
  232.      *
  233.      * @deprecated
  234.      */
  235.     public function hybridauthAction(Request $request)
  236.     {
  237.         \Pimcore\Tool\HybridAuth::process();
  238.     }
  240.     /**
  241.      * @deprecated
  242.      *
  243.      * @param Request $request
  244.      *
  245.      * @return \Symfony\Component\HttpFoundation\RedirectResponse
  246.      */
  247.     public function qrcodeAction(Request $request)
  248.     {
  249.         $code Tool\Qrcode\Config::getByName($request->get('key'));
  250.         if ($code) {
  251.             $url $code->getUrl();
  252.             if ($code->getGoogleAnalytics()) {
  253.                 $glue '?';
  254.                 if (strpos($url'?')) {
  255.                     $glue '&';
  256.                 }
  258.                 $url .= $glue;
  259.                 $url .= 'utm_source=Mobile&utm_medium=QR-Code&utm_campaign=' $code->getName();
  260.             }
  262.             return $this->redirect($url);
  263.         } else {
  264.             Logger::error("called an QR code but '" $request->get('key') . ' is not a code in the system.');
  265.         }
  266.     }
  268.     /**
  269.      * @param Request $request
  270.      *
  271.      * @return \Symfony\Component\HttpFoundation\RedirectResponse
  272.      */
  273.     public function customAdminEntryPointAction(Request $request)
  274.     {
  275.         $params $request->query->all();
  276.         if (isset($params['token'])) {
  277.             $url $this->generateUrl('pimcore_admin_login_check'$params);
  278.         } else {
  279.             $url $this->generateUrl('pimcore_admin_login'$params);
  280.         }
  282.         $redirect = new RedirectResponse($url);
  284.         $customAdminPathIdentifier $this->getParameter('pimcore_admin.custom_admin_path_identifier');
  285.         if (!empty($customAdminPathIdentifier) && $request->cookies->get('pimcore_custom_admin') != $customAdminPathIdentifier) {
  286.             $redirect->headers->setCookie(new Cookie('pimcore_custom_admin'$customAdminPathIdentifierstrtotime('+1 year'), '/'nullfalsetrue));
  287.         }
  289.         return $redirect;
  290.     }
  291. }