]> git.wh0rd.org - tt-rss.git/blob - plugins/af_zz_imgproxy/init.php
git.wh0rd.org / tt-rss.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
update phpmd ruleset to use (subset) of cleancode
[tt-rss.git] / plugins / af_zz_imgproxy / init.php
1 <?php
2 class Af_Zz_ImgProxy extends Plugin {
3 private $host;
4
5 function about() {
6 return array(1.0,
7 "Load insecure images via built-in proxy",
8 "fox");
9 }
10
11 private $ssl_known_whitelist = "imgur.com gfycat.com i.reddituploads.com pbs.twimg.com i.redd.it i.sli.mg media.tumblr.com";
12
13 function is_public_method($method) {
14 return $method === "imgproxy";
15 }
16
17 function init($host) {
18 $this->host = $host;
19
20 $host->add_hook($host::HOOK_RENDER_ARTICLE, $this);
21 $host->add_hook($host::HOOK_RENDER_ARTICLE_CDM, $this);
22 $host->add_hook($host::HOOK_ENCLOSURE_ENTRY, $this);
23
24 $host->add_hook($host::HOOK_PREFS_TAB, $this);
25 }
26
27 function hook_enclosure_entry($enc) {
28 if (preg_match("/image/", $enc["content_type"])) {
29 $proxy_all = $this->host->get($this, "proxy_all");
30
31 $enc["content_url"] = $this->rewrite_url_if_needed($enc["content_url"], $proxy_all);
32 }
33
34 return $enc;
35 }
36
37 function hook_render_article($article) {
38 return $this->hook_render_article_cdm($article);
39 }
40
41 public function imgproxy() {
42
43 $url = rewrite_relative_url(SELF_URL_PATH, $_REQUEST["url"]);
44
45 // called without user context, let's just redirect to original URL
46 if (!$_SESSION["uid"]) {
47 header("Location: $url");
48 return;
49 }
50
51 $local_filename = CACHE_DIR . "/images/" . sha1($url);
52
53 if ($_REQUEST["debug"] == "1") { print $url . "\n" . $local_filename; die; }
54
55 header("Content-Disposition: inline; filename=\"".basename($local_filename)."\"");
56
57 if (file_exists($local_filename)) {
58 $mimetype = mime_content_type($local_filename);
59 header("Content-type: $mimetype");
60
61 $stamp = gmdate("D, d M Y H:i:s", filemtime($local_filename)). " GMT";
62 header("Last-Modified: $stamp", true);
63
64 readfile($local_filename);
65 } else {
66 $data = fetch_file_contents(array("url" => $url));
67
68 if ($data) {
69 if (file_put_contents($local_filename, $data)) {
70 $mimetype = mime_content_type($local_filename);
71 header("Content-type: $mimetype");
72 }
73
74 print $data;
75 } else {
76 global $fetch_last_error;
77 global $fetch_last_error_code;
78 global $fetch_last_error_content;
79
80 if (function_exists("imagecreate") && !isset($_REQUEST["text"])) {
81 $img = imagecreate(450, 75);
82
83 /*$bg =*/ imagecolorallocate($img, 255, 255, 255);
84 $textcolor = imagecolorallocate($img, 255, 0, 0);
85
86 imagerectangle($img, 0, 0, 450-1, 75-1, $textcolor);
87
88 imagestring($img, 5, 5, 5, "Proxy request failed", $textcolor);
89 imagestring($img, 5, 5, 30, truncate_middle($url, 46, "..."), $textcolor);
90 imagestring($img, 5, 5, 55, "HTTP Code: $fetch_last_error_code", $textcolor);
91
92 header("Content-type: image/png");
93 print imagepng($img);
94 imagedestroy($img);
95
96 } else {
97 header("Content-type: text/html");
98
99 http_response_code(400);
100
101 print "<h1>Proxy request failed.</h1>";
102 print "<p>Fetch error $fetch_last_error ($fetch_last_error_code)</p>";
103 print "<p>URL: $url</p>";
104 print "<textarea cols='80' rows='25'>" . htmlspecialchars($fetch_last_error_content) . "</textarea>";
105 }
106 }
107 }
108 }
109
110 function rewrite_url_if_needed($url, $all_remote = false) {
111 $scheme = parse_url($url, PHP_URL_SCHEME);
112
113 if ($all_remote) {
114 $host = parse_url($url, PHP_URL_HOST);
115 $self_host = parse_url(SELF_URL_PATH, PHP_URL_HOST);
116
117 $is_remote = $host != $self_host;
118 } else {
119 $is_remote = false;
120 }
121
122 if (($scheme != 'https' && $scheme != "") || $is_remote) {
123 if (strpos($url, "data:") !== 0) {
124 $parts = parse_url($url);
125
126 foreach (explode(" " , $this->ssl_known_whitelist) as $host) {
127 if (substr(strtolower($parts['host']), -strlen($host)) === strtolower($host)) {
128 $parts['scheme'] = 'https';
129 $url = build_url($parts);
130 if ($all_remote && $is_remote) {
131 break;
132 } else {
133 return $url;
134 }
135 }
136 }
137
138 return get_self_url_prefix() . "/public.php?op=pluginhandler&plugin=af_zz_imgproxy&pmethod=imgproxy&url=" .
139 urlencode($url);
140 }
141 }
142
143 return $url;
144 }
145
146 /**
147 * @SuppressWarnings(PHPMD.UnusedFormalParameter)
148 */
149 function hook_render_article_cdm($article, $api_mode = false) {
150
151 $need_saving = false;
152 $proxy_all = $this->host->get($this, "proxy_all");
153
154 $doc = new DOMDocument();
155 if (@$doc->loadHTML($article["content"])) {
156 $xpath = new DOMXPath($doc);
157 $imgs = $xpath->query("//img[@src]");
158
159 foreach ($imgs as $img) {
160 $new_src = $this->rewrite_url_if_needed($img->getAttribute("src"), $proxy_all);
161
162 if ($new_src != $img->getAttribute("src")) {
163 $img->setAttribute("src", $new_src);
164 $img->removeAttribute("srcset");
165
166 $need_saving = true;
167 }
168 }
169
170 $vids = $xpath->query("//video");
171
172 foreach ($vids as $vid) {
173 if ($vid->hasAttribute("poster")) {
174 $new_src = $this->rewrite_url_if_needed($vid->getAttribute("poster"), $proxy_all);
175
176 if ($new_src != $vid->getAttribute("poster")) {
177 $vid->setAttribute("poster", $new_src);
178
179 $need_saving = true;
180 }
181 }
182
183 $vsrcs = $xpath->query("source", $vid);
184
185 foreach ($vsrcs as $vsrc) {
186 $new_src = $this->rewrite_url_if_needed($vsrc->getAttribute("src"), $proxy_all);
187
188 if ($new_src != $vsrc->getAttribute("src")) {
189 $vid->setAttribute("src", $new_src);
190
191 $need_saving = true;
192 }
193 }
194 }
195 }
196
197 if ($need_saving) $article["content"] = $doc->saveXML();
198
199 return $article;
200 }
201
202 function hook_prefs_tab($args) {
203 if ($args != "prefFeeds") return;
204
205 print "<div dojoType=\"dijit.layout.AccordionPane\" title=\"".__('Image proxy settings (af_zz_imgproxy)')."\">";
206
207 print "<form dojoType=\"dijit.form.Form\">";
208
209 print "<script type=\"dojo/method\" event=\"onSubmit\" args=\"evt\">
210 evt.preventDefault();
211 if (this.validate()) {
212 console.log(dojo.objectToQuery(this.getValues()));
213 new Ajax.Request('backend.php', {
214 parameters: dojo.objectToQuery(this.getValues()),
215 onComplete: function(transport) {
216 notify_info(transport.responseText);
217 }
218 });
219 //this.reset();
220 }
221 </script>";
222
223 print_hidden("op", "pluginhandler");
224 print_hidden("method", "save");
225 print_hidden("plugin", "af_zz_imgproxy");
226
227 $proxy_all = $this->host->get($this, "proxy_all");
228 print_checkbox("proxy_all", $proxy_all);
229
230 print "&nbsp;<label for=\"proxy_all\">" . __("Enable proxy for all remote images.") . "</label>";
231
232 print "<p>"; print_button("submit", __("Save"));
233
234 print "</form>";
235
236 print "</div>";
237 }
238
239 function save() {
240 $proxy_all = checkbox_to_sql_bool($_POST["proxy_all"]) == "true";
241
242 $this->host->set($this, "proxy_all", $proxy_all);
243
244 echo __("Configuration saved");
245 }
246
247 function api_version() {
248 return 2;
249 }
250 }
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/