| /graph.php |
|---|
| @@ -0,0 +1,88 @@ |
|---|
| <?php |
| |
| ########################################################################### |
| ## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
| ########################################################################### |
| |
| require_once('php/pseudocrypt.php'); |
| require_once('php/functions.php'); |
| require_once('vendor/mustangostang/spyc/Spyc.php'); |
| require_once('vendor/chriskonnertz/open-graph/src/ChrisKonnertz/OpenGraph/OpenGraph.php'); |
| require_once('vendor/chriskonnertz/open-graph/src/ChrisKonnertz/OpenGraph/OpenGraphTag.php'); |
| use ChrisKonnertz\OpenGraph\OpenGraph as OpenGraph; |
| use ChrisKonnertz\OpenGraph\OpenGraphTag as OpenGraphTag; |
| |
| ### Load configuration. |
| $config = spyc_load_file('config.yaml'); |
| |
| ### If no file has been specified for download then return. |
| if (!isset($_GET['hash']) or empty($_GET['hash'])) { |
| http_response_code(404); |
| die('File not found.'); |
| } |
| |
| ### Find the requested file. |
| $file = array_shift( |
| preg_grep( |
| "/".$_GET['hash']."/", |
| scandir($config['STORE_FOLDER']) |
| ) |
| ); |
| |
| if (!isset($file) or empty($file)) { |
| http_response_code(404); |
| die('File not found.'); |
| } |
| |
| ### Check the path for path traversals. |
| $fileExtension = pathinfo($file, PATHINFO_EXTENSION); |
| |
| #### If the extension is not allowed then return. |
| if (!isset($fileExtension) || |
| !in_array(strtoupper($fileExtension), |
| array_map('strtoupper', $config['ALLOWED_FILE_EXTENSIONS']))) { |
| http_response_code(403); |
| die('File extension not allowed.'); |
| } |
| |
| #### Build the user path. |
| $userPath = join( |
| DIRECTORY_SEPARATOR, |
| array( |
| $config['STORE_FOLDER'], |
| $file |
| ) |
| ); |
| |
| #### Check for path traversals |
| $pathPart = pathinfo($userPath); |
| if (strcasecmp( |
| realpath($pathPart['dirname']), realpath($config['STORE_FOLDER'])) != 0) { |
| http_response_code(500); |
| die('Internal server error.'); |
| } |
| |
| #### Check if the file exists. |
| if (!file_exists($userPath)) { |
| http_response_code(404); |
| die('File not found.'); |
| } |
| |
| list($width, $height) = getimagesize($userPath); |
| |
| # Create an OpenGraph object with validation. |
| $og = new OpenGraph(); |
| |
| $og->title('Scratch Copy') |
| ->description('Asset Sharing') |
| ->url($config['URL_PATH'].$_GET['hash']) |
| ->type('movie') |
| ->image($config['URL_PATH'].$_GET['hash'], [ |
| type => 'image/png', |
| width => $width, |
| height => $height |
| ]); |
| |
| |
| echo $og->renderTags(); |
| |
