PHP Bitrix\Disk\Security ParameterSigner::validateImageSignature Examples

Example #1

File: downloadcontroller.php Project: mrdeadmouse/u136006

 protected function processActionShowFile()
 {
     $fileName = $this->file->getName();
     $fileData = $this->file->getFile();
     if (!$fileData) {
         $this->end();
     }
     $isImage = TypeFile::isImage($fileData["ORIGINAL_NAME"]);
     $cacheTime = $isImage ? 86400 : 0;
     $width = $this->request->getQuery('width');
     $height = $this->request->getQuery('height');
     if ($isImage && ($width > 0 || $height > 0)) {
         $signature = $this->request->getQuery('signature');
         if (!$signature) {
             $this->sendJsonInvalidSignResponse('Empty signature');
         }
         if (!ParameterSigner::validateImageSignature($signature, $this->file->getId(), $width, $height)) {
             $this->sendJsonInvalidSignResponse('Invalid signature');
         }
         /** @noinspection PhpDynamicAsStaticMethodCallInspection */
         $tmpFile = \CFile::resizeImageGet($fileData, array("width" => $width, "height" => $height), $this->request->getQuery('exact') == "Y" ? BX_RESIZE_IMAGE_EXACT : BX_RESIZE_IMAGE_PROPORTIONAL, true, false, true);
         $fileData["FILE_SIZE"] = $tmpFile["size"];
         $fileData["SRC"] = $tmpFile["src"];
     }
     \CFile::viewByUser($fileData, array('force_download' => false, 'cache_time' => $cacheTime, 'attachment_name' => $fileName));
 }

Example #2

File: controller.php Project: DarneoStudio/bitrix

 protected function processActionDownloadFile()
 {
     $this->checkRequiredGetParams(array('attachedId'));
     if ($this->errorCollection->hasErrors()) {
         $this->sendJsonErrorResponse();
     }
     $fileModel = null;
     list($type, $realValue) = FileUserType::detectType($this->request->getQuery('attachedId'));
     if ($type == FileUserType::TYPE_NEW_OBJECT) {
         /** @var File $fileModel */
         $fileModel = File::loadById((int) $realValue, array('STORAGE'));
         if (!$fileModel) {
             $this->errorCollection->add(array(new Error("Could not find file")));
             $this->sendJsonErrorResponse();
         }
         if (!$fileModel->canRead($fileModel->getStorage()->getCurrentUserSecurityContext())) {
             $this->errorCollection->add(array(new Error("Bad permission. Could not read this file")));
             $this->sendJsonErrorResponse();
         }
         $fileName = $fileModel->getName();
         $fileData = $fileModel->getFile();
         if (!$fileData) {
             $this->end();
         }
         $cacheTime = 0;
         $width = $this->request->getQuery('width');
         $height = $this->request->getQuery('height');
         if (TypeFile::isImage($fileData["ORIGINAL_NAME"]) && ($width > 0 || $height > 0)) {
             $signature = $this->request->getQuery('signature');
             if (!$signature) {
                 $this->sendJsonInvalidSignResponse('Empty signature');
             }
             if (!ParameterSigner::validateImageSignature($signature, $fileModel->getId(), $width, $height)) {
                 $this->sendJsonInvalidSignResponse('Invalid signature');
             }
             /** @noinspection PhpDynamicAsStaticMethodCallInspection */
             $tmpFile = \CFile::resizeImageGet($fileData, array("width" => $width, "height" => $height), $this->request->getQuery('exact') == "Y" ? BX_RESIZE_IMAGE_EXACT : BX_RESIZE_IMAGE_PROPORTIONAL, true, false, true);
             $fileData["FILE_SIZE"] = $tmpFile["size"];
             $fileData["SRC"] = $tmpFile["src"];
             $cacheTime = 86400;
         }
         \CFile::viewByUser($fileData, array("force_download" => false, "cache_time" => $cacheTime, 'attachment_name' => $fileName));
     } else {
         $this->errorCollection->add(array(new Error('Could not find attached object')));
         $this->sendJsonErrorResponse();
     }
 }