1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99
<?php
MainFactory::load_class('HttpViewController');
class ImageRequestController extends HttpViewController
{
public function actionDefault()
{
try
{
$requestedImagePath = trim($this->_getQueryParameter('requested_image'));
if(empty($requestedImagePath))
{
throw new RuntimeException('Image path required.');
}
elseif(strpos($requestedImagePath, '..') !== false)
{
throw new RuntimeException('Relative image path is not allowed.');
}
$requestedImagePath = $this->_getRequestedImagePath(new NonEmptyStringType($requestedImagePath));
$productWriteService = StaticGXCoreLoader::getService('ProductWrite');
$productWriteService->processProductImage(new FilenameStringType(basename($requestedImagePath)));
return MainFactory::create('HttpControllerResponse', readfile($requestedImagePath), array(
'Content-Type: image/' . $this->_getContentType(new NonEmptyStringType($requestedImagePath))
));
}
catch(FileNotFoundException $e)
{
return MainFactory::create('HttpControllerResponse', $e->getMessage(),
array('HTTP/1.1 404 File not found'));
}
catch(Exception $e)
{
return MainFactory::create('HttpControllerResponse', $e->getMessage(),
array('HTTP/1.1 500 Internal Server Error'));
}
}
protected function _getRequestedImagePath(NonEmptyStringType $requestedImagePath)
{
if(DIR_WS_CATALOG == '/')
{
$requestedImagePath = substr($requestedImagePath->asString(), 1);
}
else
{
$requestedImagePath = str_replace(DIR_WS_CATALOG, '', $requestedImagePath->asString());
}
$requestedImagePath = DIR_FS_CATALOG . $requestedImagePath;
return $requestedImagePath;
}
protected function _getContentType(NonEmptyStringType $requestedImagePath)
{
$contentType = preg_replace('/.*\.(png|jp(e)?g|gif)$/', '\\1', $requestedImagePath->asString());
$contentType = (strcmp($contentType, 'jpg') == 0) ? 'jpeg' : $contentType;
return $contentType;
}
}