Ograniczenie dostępu do plików przez htaccess::mod_rewrite

SE/se-lib/FileStorage.php

@@ -1122,4 +1122,61 @@ CREATE TABLE IF NOT EXISTS `CRM_FILES__#DEV__#VERSIONS` (
 		return false;
 	}
 
+	public static function getMieType($file) {
+		if (!is_string($file)) return false;
+
+		$mimeTypes = [
+			'txt' => 'text/plain',
+			'htm' => 'text/html',
+			'html' => 'text/html',
+			'php' => 'text/html',
+			'css' => 'text/css',
+			'js' => 'application/javascript',
+			'json' => 'application/json',
+			'xml' => 'application/xml',
+			'swf' => 'application/x-shockwave-flash',
+			'flv' => 'video/x-flv',
+			'png' => 'image/png',
+			'jpe' => 'image/jpeg',
+			'jpeg' => 'image/jpeg',
+			'jpg' => 'image/jpeg',
+			'gif' => 'image/gif',
+			'bmp' => 'image/bmp',
+			'ico' => 'image/vnd.microsoft.icon',
+			'tiff' => 'image/tiff',
+			'tif' => 'image/tiff',
+			'svg' => 'image/svg+xml',
+			'svgz' => 'image/svg+xml',
+			'zip' => 'application/zip',
+			'rar' => 'application/x-rar-compressed',
+			'exe' => 'application/x-msdownload',
+			'msi' => 'application/x-msdownload',
+			'cab' => 'application/vnd.ms-cab-compressed',
+			'mp3' => 'audio/mpeg',
+			'qt' => 'video/quicktime',
+			'mov' => 'video/quicktime',
+			'pdf' => 'application/pdf',
+			'psd' => 'image/vnd.adobe.photoshop',
+			'ai' => 'application/postscript',
+			'eps' => 'application/postscript',
+			'ps' => 'application/postscript',
+			'doc' => 'application/msword',
+			'rtf' => 'application/rtf',
+			'xls' => 'application/vnd.ms-excel',
+			'ppt' => 'application/vnd.ms-powerpoint',
+			'odt' => 'application/vnd.oasis.opendocument.text',
+			'ods' => 'application/vnd.oasis.opendocument.spreadsheet',
+		];
+
+		$ext = pathinfo($file)['extension'];
+		if (isset($mimeTypes[$ext])) return $mimeTypes[$ext];
+
+		if (!is_file($file)) return false;
+		if (!is_readable($file)) return false;
+		$finfo = finfo_open(FILEINFO_MIME_TYPE);
+		$mimeType = finfo_file($finfo, $file);
+		finfo_close($finfo);
+		return $mimeType;
+	}
+
 }

SE/se-lib/Route/HtaccessGetFile.php

@@ -0,0 +1,48 @@
+<?php
+
+Lib::loadClass('RouteBase');
+Lib::loadClass('FoldersConfig');
+Lib::loadClass('FileStorage');
+
+class Route_HtaccessGetFile extends RouteBase {
+
+	public function handleAuth() {
+
+		if (!User::logged()) {
+			throw new HttpException('Unauthorized', 401);
+		}
+
+	}
+
+	public function defaultAction() {
+
+		try {
+
+			$file = V::get('file', '', $_GET);
+			if (!$file) throw new Exception('Empty parameter');
+			if (preg_grep('/^\./', explode('/', $file))) throw new Exception("Access denied (dot at the beginning of each path's element not allowed) - {$file}");
+			$file = FoldersConfig::getRootPoint('mount_point') . DIRECTORY_SEPARATOR . $file;
+			if (!file_exists($file)) throw new Exception("File not found - {$file}");
+			if (!is_file($file)) throw new Exception("It's not a file - {$file}");
+			if (!is_readable($file)) throw new Exception("Cannot read file - {$file}");
+
+			$fileType = FileStorage::getMimeType($file);
+			$fileName = basename($file);
+			$fileSize = filesize($file);
+
+			header("Content-Type: {$fileType}");
+			header("Content-Disposition: filename={$fileName};");
+			header("Content-Transfer-Encoding: binary");
+			header("Content-Length: {$fileSize}");
+			echo file_get_contents($file);
+
+		} catch (Exception $e) {
+
+			error_log($e->getMessage());
+			header('Location: ' . Request::getPathUri());
+
+		}
+
+	}
+
+}