TYPO3 CMS  TYPO3_7-6
ImageManipulationWizard.php
Go to the documentation of this file.
1 <?php
3 
4 /*
5  * This file is part of the TYPO3 CMS project.
6  *
7  * It is free software; you can redistribute it and/or modify it under
8  * the terms of the GNU General Public License, either version 2
9  * of the License, or any later version.
10  *
11  * For the full copyright and license information, please read the
12  * LICENSE.txt file that was distributed with this source code.
13  *
14  * The TYPO3 project - inspiring people to share!
15  */
16 
24 
29 {
33  protected $templatePath = 'EXT:backend/Resources/Private/Templates/';
34 
42  public function getWizardAction(ServerRequestInterface $request, ResponseInterface $response)
43  {
44  if ($this->isValidToken($request)) {
45  $queryParams = $request->getQueryParams();
46  $fileUid = isset($request->getParsedBody()['file']) ? $request->getParsedBody()['file'] : $queryParams['file'];
47  $image = null;
49  try {
50  $image = ResourceFactory::getInstance()->getFileObject($fileUid);
51  } catch (FileDoesNotExistException $e) {
52  }
53  }
54 
55  $view = $this->getFluidTemplateObject($this->templatePath . 'Wizards/ImageManipulationWizard.html');
56  $view->assign('image', $image);
57  $view->assign('zoom', (bool)$queryParams['zoom']);
58  $view->assign('ratios', $this->getAvailableRatios($request));
59  $content = $view->render();
60 
61  $response->getBody()->write($content);
62  return $response;
63  } else {
64  return $response->withStatus(403);
65  }
66  }
67 
74  protected function isValidToken(ServerRequestInterface $request)
75  {
76  $parameters = [
77  'zoom' => $request->getQueryParams()['zoom'] ? '1' : '0',
78  'ratios' => $request->getQueryParams()['ratios'] ?: '',
79  'file' => $request->getQueryParams()['file'] ?: '',
80  ];
81 
82  $token = GeneralUtility::hmac(implode('|', $parameters), 'ImageManipulationWizard');
83  return $token === $request->getQueryParams()['token'];
84  }
85 
92  protected function getAvailableRatios(ServerRequestInterface $request)
93  {
94  $ratios = json_decode($request->getQueryParams()['ratios']);
95  // Json transforms an array with string keys to an array,
96  // we need to transform this to an array for the fluid ForViewHelper
97  if (is_object($ratios)) {
98  $ratios = get_object_vars($ratios);
99  }
100  return $ratios;
101  }
102 
109  protected function getFluidTemplateObject($templatePathAndFileName = null)
110  {
111  $view = GeneralUtility::makeInstance(StandaloneView::class);
112  if ($templatePathAndFileName) {
113  $view->setTemplatePathAndFilename(GeneralUtility::getFileAbsFileName($templatePathAndFileName));
114  }
115  return $view;
116  }
117 }
getWizardAction(ServerRequestInterface $request, ResponseInterface $response)
static hmac($input, $additionalSecret='')
static getFileAbsFileName($filename, $onlyRelative=true, $relToTYPO3_mainDir=false)