scratch – Blame information for rev 123

Subversion Repositories:

?pathlinks?

Rev 115 – Go to most recent revision – Details – Compare with Previous – Last modification – View Log

Rev	Author	Line No.	Line
86	office	1	`<?php`
		2
		3	`###########################################################################`
		4	`## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ##`
		5	`###########################################################################`
		6
		7	`require_once('php/pseudocrypt.php');`
		8	`require_once('php/functions.php');`
87	office	9	`require_once('vendor/autoload.php');`
123	office	10
		11	`### FFMpeg`
110	office	12	`require_once('vendor/php-ffmpeg/php-ffmpeg/src/FFMpeg/FFMpeg.php');`
86	office	13
123	office	14	`### Aura URI`
		15	`require_once('vendor/aura/uri/src/Aura/Uri/PublicSuffixList.php');`
		16	`require_once('vendor/aura/uri/src/Aura/Uri/Url/Factory.php');`
		17	`require_once('vendor/aura/uri/src/Aura/Uri/Query.php');`
		18	`require_once('vendor/aura/uri/src/Aura/Uri/Host.php');`
		19	`require_once('vendor/aura/uri/src/Aura/Uri/Url.php');`
		20	`require_once('vendor/aura/uri/src/Aura/Uri/Path.php');`
		21	`use Aura\Uri\Url\Factory as UrlFactory;`
		22	`use Aura\Uri\PublicSuffixList;`
		23
86	office	24	`### Load configuration.`
		25	`$config = spyc_load_file('config.yaml');`
		26
		27	`### If no file has been specified for download then return.`
		28	`if (!isset($_GET['hash']) or empty($_GET['hash'])) {`
		29	`http_response_code(404);`
		30	`die('File not found.');`
		31	`}`
		32
		33	`### Find the requested file.`
		34	`$file = array_shift(`
		35	`preg_grep(`
		36	`"/".$_GET['hash']."/",`
		37	`scandir($config['STORE_FOLDER'])`
		38	`)`
		39	`);`
		40
		41	`if (!isset($file) or empty($file)) {`
		42	`http_response_code(404);`
		43	`die('File not found.');`
		44	`}`
		45
		46	`### Check the path for path traversals.`
		47	`$fileExtension = pathinfo($file, PATHINFO_EXTENSION);`
		48
		49	`#### If the extension is not allowed then return.`
		50	`if (!isset($fileExtension) \|\|`
		51	`!in_array(strtoupper($fileExtension),`
		52	`array_map('strtoupper', $config['ALLOWED_FILE_EXTENSIONS']))) {`
		53	`http_response_code(403);`
		54	`die('File extension not allowed.');`
		55	`}`
		56
		57	`#### Build the user path.`
		58	`$userPath = join(`
		59	`DIRECTORY_SEPARATOR,`
		60	`array(`
		61	`$config['STORE_FOLDER'],`
		62	`$file`
		63	`)`
		64	`);`
		65
		66	`#### Check for path traversals`
		67	`$pathPart = pathinfo($userPath);`
		68	`if (strcasecmp(`
		69	`realpath($pathPart['dirname']), realpath($config['STORE_FOLDER'])) != 0) {`
		70	`http_response_code(500);`
		71	`die('Internal server error.');`
		72	`}`
		73
		74	`#### Check if the file exists.`
		75	`if (!file_exists($userPath)) {`
		76	`http_response_code(404);`
		77	`die('File not found.');`
		78	`}`
		79
123	office	80	`### Extract the server path.`
		81	`$URLFactory = new UrlFactory(`
		82	`$_SERVER,`
		83	`new PublicSuffixList(require 'vendor/aura/uri/data/public-suffix-list.php')`
		84	`);`
		85	`$URL = $URLFactory->newCurrent();`
86	office	86
123	office	87	`### HTTPs has to be enforced for opengraph sharing.`
		88	`if(strtoupper($URL->scheme) != 'HTTPS')`
		89	`$URL->setScheme('https');`
		90
		91	`$URL_PATH = array_shift(`
		92	`explode(`
		93	`'og/'.$_GET['hash'],`
		94	`$URL->getFull()`
		95	`)`
		96	`);`
		97
		98	`$GRAPH_URL = $URL_PATH.'og/'.$_GET['hash'];`
		99	`$CANON_URL = $URL_PATH.'file.php?hash='.$_GET['hash'];`
		100	`$BASIC_URL = $URL_PATH.$_GET['hash'];`
		101
90	office	102	`switch(strtoupper($fileExtension)) {`
		103	`case 'GIF':`
		104	`list($width, $height) = getimagesize($userPath);`
		105	`echo <<<END`
88	office	106	`<html>`
		107	`<head>`
		108	`<meta property="og:site_name" content="Scratch Copy">`
110	office	109	`<meta property="og:url" content="$BASIC_URL">`
88	office	110	`<meta property="og:title" content="Scratch Copy">`
		111	`<meta property="og:type" content="video.other">`
110	office	112	`<meta property="og:image" content="$BASIC_URL">`
88	office	113	`<meta property="og:image:width" content="$width">`
		114	`<meta property="og:image:height" content="$height">`
		115	`</head>`
86	office	116
88	office	117	`<body>`
		118	`<p>`
111	office	119	`<img src="$BASIC_URL">`
88	office	120	`</p>`
		121	`</body>`
86	office	122
88	office	123	`</html>`
		124	`END;`
107	office	125	`break;`
103	office	126	`case 'MP4':`
110	office	127	`### Create a thumbnail for the video.`
		128	`$file = strtolower(`
		129	`PseudoCrypt::hash(`
		130	`preg_replace(`
		131	`'/\D/',`
		132	`'',`
		133	`hash(`
		134	`'sha512',`
		135	`$_GET['hash']`
		136	`)`
		137	`),`
		138	`$config['ASSET_HASH_SIZE']`
		139	`)`
		140	`);`
		141
		142	`#### Build the user path.`
		143	`$userPath = join(`
		144	`DIRECTORY_SEPARATOR,`
		145	`array(`
		146	`$config['STORE_FOLDER'],`
		147	`$file`
		148	`)`
		149	`);`
		150
115	office	151	`### Do not re-create the thumbnail if it already exists.`
		152	`if(!file_exists($userPath.'.'.'jpg')) {`
		153	`### Extract thumbnail.`
		154	`$ffmpeg = FFMpeg\FFMpeg::create();`
		155	`$video = $ffmpeg->open($CANON_URL);`
		156	`$frame = $video->frame(`
		157	`FFMpeg\Coordinate\TimeCode::fromSeconds(`
		158	`$config['VIDEO_PREVIEW_IMAGE_FRAME_SECOND']`
		159	`)`
		160	`);`
		161	`$frame->save($userPath.'.'.'jpg');`
		162	`}`
		163
		164	`### Get preview image size.`
112	office	165	`list($imageWidth, $imageHeight) = getimagesize($userPath.'.'.'jpg');`
111	office	166
112	office	167	`### Probe video for width and height.`
		168	`$ffprobe = FFMpeg\FFProbe::create();`
		169	`$dimension = $ffprobe`
		170	`->streams($CANON_URL)`
		171	`->videos()`
		172	`->first()`
		173	`->getDimensions();`
		174
		175	`$videoWidth = $dimension->getWidth();`
		176	`$videoHeight = $dimension->getHeight();`
		177
		178	`### Build paths.`
123	office	179	`$PREVIEW_IMAGE_URL = $URL_PATH.$file;`
		180	`$FLOW_PLAYER_VIDEO_URL = $URL_PATH.'flowplayer/flowplayer.swf?config={"clip":"'.$BASIC_URL.'"}';`
		181	`$FLOW_PLAYER = $URL_PATH.'flowplayer/flowplayer.swf';`
111	office	182
107	office	183	`echo <<<END`
103	office	184	`<html>`
		185	`<head>`
108	office	186	`<meta property="og:type" content="video.other">`
		187	`<meta property="og:title" content="Scratch Copy">`
103	office	188	`<meta property="og:site_name" content="Scratch Copy">`
108	office	189
104	office	190	`<meta property="og:url" content="$GRAPH_URL">`
108	office	191
111	office	192	`<meta property="og:image" content="$PREVIEW_IMAGE_URL">`
		193	`<meta property="og:video" content='$FLOW_PLAYER_VIDEO_URL'>`
		194	`<meta property="og:video:secure_url" content='$FLOW_PLAYER_VIDEO_URL'>`
103	office	195	`<meta property="og:video:type" content="application/x-shockwave-flash">`
112	office	196	`<meta property="og:video:width" content="$videoWidth">`
		197	`<meta property="og:video:height" content="$videoHeight">`
		198
		199	`<meta property="og:image:width" content="$imageWidth">`
		200	`<meta property="og:image:height" content="$imageHeight">`
103	office	201	`</head>`
		202
		203	`<body>`
		204	`<p>`
112	office	205	`<object width="$videoWidth" height="$videoHeight" id="Scratch Copy" name="Scratch Copy" data="$FLOW_PLAYER" type="application/x-shockwave-flash"><param name="movie" value="$FLOW_PLAYER" /><param name="allowfullscreen" value="true" /><param name="allowscriptaccess" value="always" /><param name="flashvars" value='config={"clip":"$BASIC_URL"}' /></object>`
103	office	206	`</p>`
		207	`</body>`
		208
		209	`</html>`
		210	`END;`
107	office	211	`break;`
90	office	212	`}`
		213
		214
		215