2012-10-14 21:38:32 +02:00
|
|
|
<?php
|
|
|
|
/**
|
|
|
|
* Class Minify_Controller_MinApp
|
|
|
|
* @package Minify
|
|
|
|
*/
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Controller class for requests to /min/index.php
|
|
|
|
*
|
|
|
|
* @package Minify
|
|
|
|
* @author Stephen Clay <steve@mrclay.org>
|
|
|
|
*/
|
|
|
|
class Minify_Controller_MinApp extends Minify_Controller_Base {
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Set up groups of files as sources
|
|
|
|
*
|
|
|
|
* @param array $options controller and Minify options
|
|
|
|
*
|
|
|
|
* @return array Minify options
|
|
|
|
*/
|
|
|
|
public function setupSources($options) {
|
2014-01-11 17:39:17 +01:00
|
|
|
// PHP insecure by default: realpath() and other FS functions can't handle null bytes.
|
|
|
|
foreach (array('g', 'b', 'f') as $key) {
|
|
|
|
if (isset($_GET[$key])) {
|
|
|
|
$_GET[$key] = str_replace("\x00", '', (string)$_GET[$key]);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2012-10-14 21:38:32 +02:00
|
|
|
// filter controller options
|
|
|
|
$cOptions = array_merge(
|
|
|
|
array(
|
|
|
|
'allowDirs' => '//'
|
|
|
|
,'groupsOnly' => false
|
|
|
|
,'groups' => array()
|
|
|
|
,'noMinPattern' => '@[-\\.]min\\.(?:js|css)$@i' // matched against basename
|
|
|
|
)
|
|
|
|
,(isset($options['minApp']) ? $options['minApp'] : array())
|
|
|
|
);
|
|
|
|
unset($options['minApp']);
|
|
|
|
$sources = array();
|
|
|
|
$this->selectionId = '';
|
|
|
|
$firstMissingResource = null;
|
|
|
|
if (isset($_GET['g'])) {
|
|
|
|
// add group(s)
|
|
|
|
$this->selectionId .= 'g=' . $_GET['g'];
|
|
|
|
$keys = explode(',', $_GET['g']);
|
|
|
|
if ($keys != array_unique($keys)) {
|
|
|
|
$this->log("Duplicate group key found.");
|
|
|
|
return $options;
|
|
|
|
}
|
|
|
|
$keys = explode(',', $_GET['g']);
|
|
|
|
foreach ($keys as $key) {
|
|
|
|
if (! isset($cOptions['groups'][$key])) {
|
|
|
|
$this->log("A group configuration for \"{$key}\" was not found");
|
|
|
|
return $options;
|
|
|
|
}
|
|
|
|
$files = $cOptions['groups'][$key];
|
|
|
|
// if $files is a single object, casting will break it
|
|
|
|
if (is_object($files)) {
|
|
|
|
$files = array($files);
|
|
|
|
} elseif (! is_array($files)) {
|
|
|
|
$files = (array)$files;
|
|
|
|
}
|
|
|
|
foreach ($files as $file) {
|
|
|
|
if ($file instanceof Minify_Source) {
|
|
|
|
$sources[] = $file;
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
if (0 === strpos($file, '//')) {
|
|
|
|
$file = $_SERVER['DOCUMENT_ROOT'] . substr($file, 1);
|
|
|
|
}
|
|
|
|
$realpath = realpath($file);
|
|
|
|
if ($realpath && is_file($realpath)) {
|
|
|
|
$sources[] = $this->_getFileSource($realpath, $cOptions);
|
|
|
|
} else {
|
|
|
|
$this->log("The path \"{$file}\" (realpath \"{$realpath}\") could not be found (or was not a file)");
|
|
|
|
if (null === $firstMissingResource) {
|
|
|
|
$firstMissingResource = basename($file);
|
|
|
|
continue;
|
|
|
|
} else {
|
|
|
|
$secondMissingResource = basename($file);
|
|
|
|
$this->log("More than one file was missing: '$firstMissingResource', '$secondMissingResource'");
|
|
|
|
return $options;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if ($sources) {
|
|
|
|
try {
|
|
|
|
$this->checkType($sources[0]);
|
|
|
|
} catch (Exception $e) {
|
|
|
|
$this->log($e->getMessage());
|
|
|
|
return $options;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (! $cOptions['groupsOnly'] && isset($_GET['f'])) {
|
|
|
|
// try user files
|
|
|
|
// The following restrictions are to limit the URLs that minify will
|
|
|
|
// respond to.
|
|
|
|
if (// verify at least one file, files are single comma separated,
|
|
|
|
// and are all same extension
|
|
|
|
! preg_match('/^[^,]+\\.(css|js)(?:,[^,]+\\.\\1)*$/', $_GET['f'], $m)
|
|
|
|
// no "//"
|
|
|
|
|| strpos($_GET['f'], '//') !== false
|
|
|
|
// no "\"
|
|
|
|
|| strpos($_GET['f'], '\\') !== false
|
|
|
|
) {
|
|
|
|
$this->log("GET param 'f' was invalid");
|
|
|
|
return $options;
|
|
|
|
}
|
|
|
|
$ext = ".{$m[1]}";
|
|
|
|
try {
|
|
|
|
$this->checkType($m[1]);
|
|
|
|
} catch (Exception $e) {
|
|
|
|
$this->log($e->getMessage());
|
|
|
|
return $options;
|
|
|
|
}
|
|
|
|
$files = explode(',', $_GET['f']);
|
|
|
|
if ($files != array_unique($files)) {
|
|
|
|
$this->log("Duplicate files were specified");
|
|
|
|
return $options;
|
|
|
|
}
|
|
|
|
if (isset($_GET['b'])) {
|
|
|
|
// check for validity
|
|
|
|
if (preg_match('@^[^/]+(?:/[^/]+)*$@', $_GET['b'])
|
|
|
|
&& false === strpos($_GET['b'], '..')
|
|
|
|
&& $_GET['b'] !== '.') {
|
|
|
|
// valid base
|
|
|
|
$base = "/{$_GET['b']}/";
|
|
|
|
} else {
|
|
|
|
$this->log("GET param 'b' was invalid");
|
|
|
|
return $options;
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
$base = '/';
|
|
|
|
}
|
|
|
|
$allowDirs = array();
|
|
|
|
foreach ((array)$cOptions['allowDirs'] as $allowDir) {
|
|
|
|
$allowDirs[] = realpath(str_replace('//', $_SERVER['DOCUMENT_ROOT'] . '/', $allowDir));
|
|
|
|
}
|
2012-10-15 18:22:42 +02:00
|
|
|
$base_path = $_SERVER['DOCUMENT_ROOT'].$base;
|
|
|
|
// check base against symlinks to support aliases configured via symlinks
|
2014-07-21 10:22:31 +02:00
|
|
|
if (!(@file_exists($base_path) && is_dir($base_path) && realpath($base_path) !== false) &&
|
2012-10-15 18:22:42 +02:00
|
|
|
isset($options['minifierOptions']['text/css']['symlinks'][$t='//'.trim($base, '/')]) &&
|
|
|
|
($base_path = realpath($options['minifierOptions']['text/css']['symlinks'][$t]))) {
|
|
|
|
$base_path .= '/';
|
|
|
|
$allowDirs[] = $base_path;
|
|
|
|
}
|
2012-10-14 21:38:32 +02:00
|
|
|
$basenames = array(); // just for cache id
|
|
|
|
foreach ($files as $file) {
|
|
|
|
$uri = $base . $file;
|
2012-10-15 18:22:42 +02:00
|
|
|
$path = $base_path . $file;
|
2012-10-14 21:38:32 +02:00
|
|
|
$realpath = realpath($path);
|
|
|
|
if (false === $realpath || ! is_file($realpath)) {
|
|
|
|
$this->log("The path \"{$path}\" (realpath \"{$realpath}\") could not be found (or was not a file)");
|
|
|
|
if (null === $firstMissingResource) {
|
|
|
|
$firstMissingResource = $uri;
|
|
|
|
continue;
|
|
|
|
} else {
|
|
|
|
$secondMissingResource = $uri;
|
|
|
|
$this->log("More than one file was missing: '$firstMissingResource', '$secondMissingResource`'");
|
|
|
|
return $options;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
try {
|
|
|
|
parent::checkNotHidden($realpath);
|
|
|
|
parent::checkAllowDirs($realpath, $allowDirs, $uri);
|
|
|
|
} catch (Exception $e) {
|
|
|
|
$this->log($e->getMessage());
|
|
|
|
return $options;
|
|
|
|
}
|
|
|
|
$sources[] = $this->_getFileSource($realpath, $cOptions);
|
|
|
|
$basenames[] = basename($realpath, $ext);
|
|
|
|
}
|
|
|
|
if ($this->selectionId) {
|
|
|
|
$this->selectionId .= '_f=';
|
|
|
|
}
|
|
|
|
$this->selectionId .= implode(',', $basenames) . $ext;
|
|
|
|
}
|
|
|
|
if ($sources) {
|
|
|
|
if (null !== $firstMissingResource) {
|
|
|
|
array_unshift($sources, new Minify_Source(array(
|
|
|
|
'id' => 'missingFile'
|
|
|
|
// should not cause cache invalidation
|
|
|
|
,'lastModified' => 0
|
|
|
|
// due to caching, filename is unreliable.
|
|
|
|
,'content' => "/* Minify: at least one missing file. See " . Minify::URL_DEBUG . " */\n"
|
|
|
|
,'minifier' => ''
|
|
|
|
)));
|
|
|
|
}
|
|
|
|
$this->sources = $sources;
|
|
|
|
} else {
|
|
|
|
$this->log("No sources to serve");
|
|
|
|
}
|
|
|
|
return $options;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @param string $file
|
|
|
|
*
|
|
|
|
* @param array $cOptions
|
|
|
|
*
|
|
|
|
* @return Minify_Source
|
|
|
|
*/
|
|
|
|
protected function _getFileSource($file, $cOptions)
|
|
|
|
{
|
|
|
|
$spec['filepath'] = $file;
|
2014-01-11 17:39:17 +01:00
|
|
|
if ($cOptions['noMinPattern'] && preg_match($cOptions['noMinPattern'], basename($file))) {
|
|
|
|
if (preg_match('~\.css$~i', $file)) {
|
|
|
|
$spec['minifyOptions']['compress'] = false;
|
|
|
|
} else {
|
|
|
|
$spec['minifier'] = '';
|
|
|
|
}
|
2012-10-14 21:38:32 +02:00
|
|
|
}
|
|
|
|
return new Minify_Source($spec);
|
|
|
|
}
|
|
|
|
|
|
|
|
protected $_type = null;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Make sure that only source files of a single type are registered
|
|
|
|
*
|
|
|
|
* @param string $sourceOrExt
|
|
|
|
*
|
|
|
|
* @throws Exception
|
|
|
|
*/
|
|
|
|
public function checkType($sourceOrExt)
|
|
|
|
{
|
|
|
|
if ($sourceOrExt === 'js') {
|
|
|
|
$type = Minify::TYPE_JS;
|
|
|
|
} elseif ($sourceOrExt === 'css') {
|
|
|
|
$type = Minify::TYPE_CSS;
|
|
|
|
} elseif ($sourceOrExt->contentType !== null) {
|
|
|
|
$type = $sourceOrExt->contentType;
|
|
|
|
} else {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
if ($this->_type === null) {
|
|
|
|
$this->_type = $type;
|
|
|
|
} elseif ($this->_type !== $type) {
|
|
|
|
throw new Exception('Content-Type mismatch');
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|