TYPO3 CMS  TYPO3_6-2
FileDumpEID.php
Go to the documentation of this file.
1 <?php
2 
15 $parameters = array('eID' => 'dumpFile');
16 if (\TYPO3\CMS\Core\Utility\GeneralUtility::_GP('t')) {
18 }
19 if (\TYPO3\CMS\Core\Utility\GeneralUtility::_GP('f')) {
20  $parameters['f'] = (int)\TYPO3\CMS\Core\Utility\GeneralUtility::_GP('f');
21 }
22 if (\TYPO3\CMS\Core\Utility\GeneralUtility::_GP('p')) {
23  $parameters['p'] = (int)\TYPO3\CMS\Core\Utility\GeneralUtility::_GP('p');
24 }
25 
26 if (\TYPO3\CMS\Core\Utility\GeneralUtility::hmac(implode('|', $parameters), 'resourceStorageDumpFile') === \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('token')) {
27  if (isset($parameters['f'])) {
28  try {
30  if ($file->isDeleted() || $file->isMissing()) {
31  $file = NULL;
32  }
33  } catch (\Exception $e) {
34  $file = NULL;
35  }
36  } else {
37  $file = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\Resource\\ProcessedFileRepository')->findByUid($parameters['p']);
38  if (!$file || $file->isDeleted()) {
39  $file = NULL;
40  }
41  }
42 
43  if ($file === NULL) {
44  \TYPO3\CMS\Core\Utility\HttpUtility::setResponseCodeAndExit(\TYPO3\CMS\Core\Utility\HttpUtility::HTTP_STATUS_404);
45  }
46 
47  // Hook: allow some other process to do some security/access checks. Hook should issue 403 if access is rejected
48  if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['FileDumpEID.php']['checkFileAccess'])) {
49  foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['FileDumpEID.php']['checkFileAccess'] as $classRef) {
51  if (!$hookObject instanceof \TYPO3\CMS\Core\Resource\Hook\FileDumpEIDHookInterface) {
52  throw new \UnexpectedValueException('$hookObject must implement interface TYPO3\\CMS\\Core\\Resource\\FileDumpEIDHookInterface', 1394442417);
53  }
54  $hookObject->checkFileAccess($file);
55  }
56  }
57  $file->getStorage()->dumpFileContents($file);
58 } else {
59  \TYPO3\CMS\Core\Utility\HttpUtility::setResponseCodeAndExit(\TYPO3\CMS\Core\Utility\HttpUtility::HTTP_STATUS_403);
60 }
$parameters
Definition: FileDumpEID.php:15
static getUserObj($classRef, $checkPrefix='', $silent=FALSE)
if(!defined('TYPO3_MODE')) $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_userauth.php']['logoff_pre_processing'][]
static setResponseCodeAndExit($httpStatus=self::HTTP_STATUS_303)
Definition: HttpUtility.php:98