app/Plugin/TabaHtmlEditor2/Controller/AdminController.php line 44

Open in your IDE?
  1. <?php
  2. /*
  3.  * Copyright (C) SPREAD WORKS Inc. All Rights Reserved.
  4.  *
  5.  * For the full copyright and license information, please view the LICENSE
  6.  * file that was distributed with this source code.
  7.  */
  8. namespace Plugin\TabaHtmlEditor2\Controller;
  10. use Eccube\Controller\AbstractController;
  11. use Plugin\TabaHtmlEditor2\Common\Constants;
  13. use Symfony\Component\HttpFoundation\BinaryFileResponse;
  14. use Symfony\Component\HttpFoundation\Request;
  15. use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
  17. use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
  19. /**
  20.  * 管理画面用コントローラー
  21.  *
  22.  * @Route(Plugin\TabaHtmlEditor2\Common\Constants::ADMIN_URI_PREFIX,name=Plugin\TabaHtmlEditor2\Common\Constants::ADMIN_BIND_PREFIX)
  23.  */
  24. class AdminController extends AbstractController
  25. {
  27.     /**
  28.      * コンストラクタ
  29.      */
  30.     public function __construct()
  31.     {
  32.     }
  34.     /**
  35.      * 各種ファイルを出力します。
  36.      *
  37.      * @param Request $request
  38.      * @param string $file
  39.      * @throws NotFoundHttpException
  40.      * @return BinaryFileResponse
  41.      *
  42.      * @Route("/assets/{file}",name="_assets",requirements={"file"="[a-zA-Z0-9-_/\s.]+"})
  43.      */
  44.     public function assets(Request $request,$file) {
  45.         if ($this->container->has('profiler')) $this->container->get('profiler')->disable();
  47.         if (strpos($file,'..')) {
  48.             log_critical("ディレクトリトラバーサル攻撃の可能性があります。 [FILE] " $file);
  49.             throw new NotFoundHttpException();
  50.         }
  52.         $file Constants::TEMPLATE_PATH DIRECTORY_SEPARATOR .  "admin" DIRECTORY_SEPARATOR "assets" .  DIRECTORY_SEPARATOR $file;
  53.         if (file_exists($this->eccubeConfig['plugin_realdir'] . DIRECTORY_SEPARATOR $file)) {
  54.             log_debug("[ASSETS] [FILE] " $file);
  56.             // 拡張子によりMIMEを設定します。
  57.             $suffixes explode(".",$file);
  58.             $suffix end($suffixes);
  59.             $suffix_def = array(
  60.                 "jpeg" => "image/jpg",
  61.                 "jpg" => "image/jpg",
  62.                 "gif" => "image/gif",
  63.                 "png" => "image/png",
  64.                 "svg" => "image/svg+xml",
  65.                 "js" => "application/x-javascript",
  66.                 "css" => "text/css",
  67.                 "html" => "text/html",
  68.                 "map" => "application/json",
  69.             );
  70.             if (in_array($suffix,array_keys($suffix_def))) {
  71.                 $fileObject = new \SplFileInfo($this->eccubeConfig['plugin_realdir'] . DIRECTORY_SEPARATOR $file);
  72.                 $response = new BinaryFileResponse($fileObject);
  73.                 $response->headers->set('Content-Type',$suffix_def[$suffix]);
  74.                 // キャッシュするヘッダーを出力する設定をします
  75.                 if ($this->container->has(Constants::CONTAINER_KEY_NAME)) {
  76.                     $this->container->get(Constants::CONTAINER_KEY_NAME)->set(Constants::HTTP_CACHE_STATUS,true);
  77.                 }
  78.                 return $response;
  79.             } else {
  80.                 throw new NotFoundHttpException();
  81.             }
  82.         } else {
  83.             throw new NotFoundHttpException();
  84.         }
  85.     }
  87. }